d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge from vmcontention

Browse Source
This commit is contained in:
attilio 2013-02-24 17:11:10 +00:00
commit 69d25b60d5
419 changed files with 15832 additions and 8150 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
bin/sh/eval.c
View File

@ -174,6 +174,7 @@ evalstring(char *s, int flags)
any = 1;
}
popstackmark(&smark);
setstackmark(&smark);
}
popfile();
popstackmark(&smark);
@ -296,10 +297,11 @@ evaltree(union node *n, int flags)
}
n = next;
popstackmark(&smark);
setstackmark(&smark);
} while (n != NULL);
out:
popstackmark(&smark);
if (pendingsigs)
if (pendingsig)
dotrap();
if (eflag && exitstatus != 0 && do_etest)
exitshell(exitstatus);

2
bin/sh/jobs.c
View File

@ -521,7 +521,7 @@ waitcmd(int argc, char **argv)
} while (dowait(DOWAIT_BLOCK | DOWAIT_SIG, (struct job *)NULL) != -1);
in_waitcmd--;
return 0;
return pendingsig + 128;
}

2
bin/sh/main.c
View File

@ -196,7 +196,7 @@ cmdloop(int top)
TRACE(("cmdloop(%d) called\n", top));
setstackmark(&smark);
for (;;) {
if (pendingsigs)
if (pendingsig)
dotrap();
inter = 0;
if (iflag && top) {

35
bin/sh/trap.c
View File

@ -73,7 +73,7 @@ __FBSDID("$FreeBSD$");
MKINIT char sigmode[NSIG]; /* current value of signal */
int pendingsigs; /* indicates some signal received */
volatile sig_atomic_t pendingsig; /* indicates some signal received */
int in_dotrap; /* do we execute in a trap handler? */
static char *volatile trap[NSIG]; /* trap handler commands */
static volatile sig_atomic_t gotsig[NSIG];
@ -388,22 +388,25 @@ onsig(int signo)
return;
}
if (signo != SIGCHLD || !ignore_sigchld)
gotsig[signo] = 1;
pendingsigs++;
/* If we are currently in a wait builtin, prepare to break it */
if ((signo == SIGINT || signo == SIGQUIT) && in_waitcmd != 0)
breakwaitcmd = 1;
/*
* If a trap is set, not ignored and not the null command, we need
* to make sure traps are executed even when a child blocks signals.
*/
if (Tflag &&
trap[signo] != NULL &&
! (trap[signo][0] == '\0') &&
! (trap[signo][0] == ':' && trap[signo][1] == '\0'))
if ((signo == SIGINT || signo == SIGQUIT) && in_waitcmd != 0) {
breakwaitcmd = 1;
pendingsig = signo;
}
if (trap[signo] != NULL && trap[signo][0] != '\0' &&
(signo != SIGCHLD || !ignore_sigchld)) {
gotsig[signo] = 1;
pendingsig = signo;
/*
* If a trap is set, not ignored and not the null command, we
* need to make sure traps are executed even when a child
* blocks signals.
*/
if (Tflag && !(trap[signo][0] == ':' && trap[signo][1] == '\0'))
breakwaitcmd = 1;
}
#ifndef NO_HISTORY
if (signo == SIGWINCH)
@ -424,7 +427,7 @@ dotrap(void)
in_dotrap++;
for (;;) {
pendingsigs = 0;
pendingsig = 0;
for (i = 1; i < NSIG; i++) {
if (gotsig[i]) {
gotsig[i] = 0;

2
bin/sh/trap.h
View File

@ -33,7 +33,7 @@
* $FreeBSD$
*/
extern int pendingsigs;
extern volatile sig_atomic_t pendingsig;
extern int in_dotrap;
extern volatile sig_atomic_t gotwinch;

7
cddl/contrib/opensolaris/cmd/dtrace/dtrace.c
View File

@ -195,6 +195,13 @@ fatal(const char *fmt, ...)
verror(fmt, ap);
va_end(ap);
/*
* Close the DTrace handle to ensure that any controlled processes are
* correctly restored and continued.
*/
if (g_dtp)
dtrace_close(g_dtp);
exit(E_ERROR);
}

4
contrib/binutils/gas/config/tc-i386.c
View File

@ -3981,7 +3981,7 @@ output_insn (void)
SSE4 instructions have 3 bytes. We may use one more higher
byte to specify a prefix the instruction requires. Exclude
instructions which are in both SSE4 and ABM. */
if ((i.tm.cpu_flags & (CpuSSSE3 | CpuSSE4)) != 0
if ((i.tm.cpu_flags & (CpuSSSE3 | CpuSSE4 | CpuAES | CpuPCLMUL)) != 0
&& (i.tm.cpu_flags & CpuABM) == 0)
{
if (i.tm.base_opcode & 0xff000000)
@ -4033,7 +4033,7 @@ output_insn (void)
}
else
{
if ((i.tm.cpu_flags & (CpuSSSE3 | CpuSSE4)) != 0
if ((i.tm.cpu_flags & (CpuSSSE3 | CpuSSE4 | CpuAES | CpuPCLMUL)) != 0
&& (i.tm.cpu_flags & CpuABM) == 0)
{
p = frag_more (3);

83
contrib/binutils/opcodes/i386-dis.c
View File

@ -543,6 +543,13 @@ fetch_data (struct disassemble_info *info, bfd_byte *addr)
#define PREGRP97 NULL, { { NULL, USE_PREFIX_USER_TABLE }, { NULL, 97 } }
#define PREGRP98 NULL, { { NULL, USE_PREFIX_USER_TABLE }, { NULL, 98 } }
#define PREGRP99 NULL, { { NULL, USE_PREFIX_USER_TABLE }, { NULL, 99 } }
#define PREGRP100 NULL, { { NULL, USE_PREFIX_USER_TABLE }, { NULL, 100 } }
#define PREGRP101 NULL, { { NULL, USE_PREFIX_USER_TABLE }, { NULL, 101 } }
#define PREGRP102 NULL, { { NULL, USE_PREFIX_USER_TABLE }, { NULL, 102 } }
#define PREGRP103 NULL, { { NULL, USE_PREFIX_USER_TABLE }, { NULL, 103 } }
#define PREGRP104 NULL, { { NULL, USE_PREFIX_USER_TABLE }, { NULL, 104 } }
#define PREGRP105 NULL, { { NULL, USE_PREFIX_USER_TABLE }, { NULL, 105 } }
#define PREGRP106 NULL, { { NULL, USE_PREFIX_USER_TABLE }, { NULL, 106 } }
#define X86_64_0 NULL, { { NULL, X86_64_SPECIAL }, { NULL, 0 } }
@ -1319,7 +1326,7 @@ static const unsigned char threebyte_0x38_uses_DATA_prefix[256] = {
/* a0 */ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* af */
/* b0 */ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* bf */
/* c0 */ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* cf */
/* d0 */ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* df */
/* d0 */ 0,0,0,0,0,0,0,0,0,0,0,1,1,1,1,1, /* df */
/* e0 */ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* ef */
/* f0 */ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* ff */
/* ------------------------------- */
@ -1382,7 +1389,7 @@ static const unsigned char threebyte_0x3a_uses_DATA_prefix[256] = {
/* 10 */ 0,0,0,0,1,1,1,1,0,0,0,0,0,0,0,0, /* 1f */
/* 20 */ 1,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0, /* 2f */
/* 30 */ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* 3f */
/* 40 */ 1,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0, /* 4f */
/* 40 */ 1,1,1,0,1,0,0,0,0,0,0,0,0,0,0,0, /* 4f */
/* 50 */ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* 5f */
/* 60 */ 1,1,1,1,0,0,0,0,0,0,0,0,0,0,0,0, /* 6f */
/* 70 */ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* 7f */
@ -1391,7 +1398,7 @@ static const unsigned char threebyte_0x3a_uses_DATA_prefix[256] = {
/* a0 */ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* af */
/* b0 */ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* bf */
/* c0 */ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* cf */
/* d0 */ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* df */
/* d0 */ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1, /* df */
/* e0 */ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* ef */
/* f0 */ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* ff */
/* ------------------------------- */
@ -2605,6 +2612,62 @@ static const struct dis386 prefix_user_table[][4] = {
{ "invvpid",{ Gm, Mo } },
{ "(bad)", { XX } },
},
/* PREGRP100 */
{
{ "(bad)", { XX } },
{ "(bad)", { XX } },
{ "aesimc", { XM, EXx } },
{ "(bad)", { XX } },
},
/* PREGRP101 */
{
{ "(bad)", { XX } },
{ "(bad)", { XX } },
{ "aesenc",{ XM, EXx } },
{ "(bad)", { XX } },
},
/* PREGRP102 */
{
{ "(bad)", { XX } },
{ "(bad)", { XX } },
{ "aesenclast", { XM, EXx } },
{ "(bad)", { XX } },
},
/* PREGRP103 */
{
{ "(bad)", { XX } },
{ "(bad)", { XX } },
{ "aesdec", { XM, EXx } },
{ "(bad)", { XX } },
},
/* PREGRP104 */
{
{ "(bad)", { XX } },
{ "(bad)", { XX } },
{ "aesdeclast", { XM, EXx } },
{ "(bad)", { XX } },
},
/* PREGRP105 */
{
{ "(bad)", { XX } },
{ "(bad)", { XX } },
{ "aeskeygenassist", { XM, EXx, Ib } },
{ "(bad)", { XX } },
},
/* PREGRP106 */
{
{ "(bad)", { XX } },
{ "(bad)", { XX } },
{ "pclmulqdq", { XM, EXx, Ib } },
{ "(bad)", { XX } },
},
};
static const struct dis386 x86_64_table[][2] = {
@ -2876,11 +2939,11 @@ static const struct dis386 three_byte_table[][256] = {
{ "(bad)", { XX } },
{ "(bad)", { XX } },
{ "(bad)", { XX } },
{ "(bad)", { XX } },
{ "(bad)", { XX } },
{ "(bad)", { XX } },
{ "(bad)", { XX } },
{ "(bad)", { XX } },
{ PREGRP100 },
{ PREGRP101 },
{ PREGRP102 },
{ PREGRP103 },
{ PREGRP104 },
/* e0 */
{ "(bad)", { XX } },
{ "(bad)", { XX } },
@ -2997,7 +3060,7 @@ static const struct dis386 three_byte_table[][256] = {
{ PREGRP84 },
{ PREGRP85 },
{ "(bad)", { XX } },
{ "(bad)", { XX } },
{ PREGRP106 },
{ "(bad)", { XX } },
{ "(bad)", { XX } },
{ "(bad)", { XX } },
@ -3171,7 +3234,7 @@ static const struct dis386 three_byte_table[][256] = {
{ "(bad)", { XX } },
{ "(bad)", { XX } },
{ "(bad)", { XX } },
{ "(bad)", { XX } },
{ PREGRP105 },
/* e0 */
{ "(bad)", { XX } },
{ "(bad)", { XX } },

13
contrib/binutils/opcodes/i386-opc.h
View File

@ -72,19 +72,22 @@ typedef struct template
#define CpuSSE4_1 0x400000 /* SSE4.1 Instructions required */
#define CpuSSE4_2 0x800000 /* SSE4.2 Instructions required */
#define CpuXSAVE 0x1000000 /* XSAVE Instructions required */
/* SSE4.1/4.2 Instructions required */
#define CpuSSE4 (CpuSSE4_1|CpuSSE4_2)
#define CpuAES 0x2000000 /* AES Instructions required */
/* These flags are set by gas depending on the flag_code. */
#define Cpu64 0x4000000 /* 64bit support required */
#define CpuNo64 0x8000000 /* Not supported in the 64bit mode */
#define CpuPCLMUL 0x10000000 /* Carry-less Multiplication extensions */
/* SSE4.1/4.2 Instructions required */
#define CpuSSE4 (CpuSSE4_1|CpuSSE4_2)
/* The default value for unknown CPUs - enable all features to avoid problems. */
#define CpuUnknownFlags (Cpu186|Cpu286|Cpu386|Cpu486|Cpu586|Cpu686 \
|CpuP4|CpuSledgehammer|CpuMMX|CpuMMX2|CpuSSE|CpuSSE2|CpuSSE3|CpuVMX \
|Cpu3dnow|Cpu3dnowA|CpuK6|CpuPadLock|CpuSVME|CpuSSSE3|CpuSSE4_1 \
|CpuSSE4_2|CpuABM|CpuSSE4a|CpuXSAVE)
|CpuSSE4_2|CpuABM|CpuSSE4a|CpuXSAVE|CpuAES|CpuPCLMUL)
/* the bits in opcode_modifier are used to generate the final opcode from
the base_opcode. These bits also are used to detect alternate forms of
@ -126,6 +129,8 @@ typedef struct template
#define Rex64 0x10000000 /* instruction require Rex64 prefix. */
#define Ugh 0x20000000 /* deprecated fp insn, gets a warning */
#define NoSuf (No_bSuf|No_wSuf|No_lSuf|No_sSuf|No_qSuf|No_xSuf)
/* operand_types[i] describes the type of operand i. This is made
by OR'ing together all of the possible type masks. (e.g.
'operand_types[i] = Reg|Imm' specifies that operand i can be

48
contrib/binutils/opcodes/i386-tbl.h
View File

@ -4319,6 +4319,54 @@ const template i386_optab[] =
{ "xrstor", 1, 0xfae, 0x5, CpuXSAVE,
Modrm|No_bSuf|No_wSuf|No_lSuf|No_sSuf|No_xSuf,
{ BaseIndex|Disp8|Disp16|Disp32|Disp32S } },
/* Intel AES extensions */
{"aesdec", 2, 0x660f38de, None, CpuAES,
Modrm|IgnoreSize|NoSuf,
{ RegXMM|LLongMem,
RegXMM } },
{"aesdeclast", 2, 0x660f38df, None, CpuAES,
Modrm|IgnoreSize|NoSuf,
{ RegXMM|LLongMem,
RegXMM } },
{"aesenc", 2, 0x660f38dc, None, CpuAES,
Modrm|IgnoreSize|NoSuf,
{ RegXMM|LLongMem,
RegXMM } },
{"aesenclast", 2, 0x660f38dd, None, CpuAES,
Modrm|IgnoreSize|NoSuf,
{ RegXMM|LLongMem,
RegXMM } },
{"aesimc", 2, 0x660f38db, None, CpuAES,
Modrm|IgnoreSize|NoSuf,
{ RegXMM|LLongMem,
RegXMM } },
{"aeskeygenassist", 3, 0x660f3adf, None, CpuAES,
Modrm|IgnoreSize|NoSuf,
{ Imm8, RegXMM|LLongMem,
RegXMM } },
/* Intel Carry-less Multiplication extensions */
{"pclmulqdq", 3, 0x660f3a44, None, CpuPCLMUL,
Modrm|IgnoreSize|NoSuf,
{ Imm8, RegXMM|LLongMem,
RegXMM } },
{"pclmullqlqdq", 2, 0x660f3a44, 0x0, CpuPCLMUL,
Modrm|IgnoreSize|NoSuf|ImmExt,
{ RegXMM|LLongMem,
RegXMM } },
{"pclmulhqlqdq", 2, 0x660f3a44, 0x1, CpuPCLMUL,
Modrm|IgnoreSize|NoSuf|ImmExt,
{ RegXMM|LLongMem,
RegXMM } },
{"pclmullqhqdq", 2, 0x660f3a44, 0x10, CpuPCLMUL,
Modrm|IgnoreSize|NoSuf|ImmExt,
{ RegXMM|LLongMem,
RegXMM } },
{"pclmulhqhqdq", 2, 0x660f3a44, 0x11, CpuPCLMUL,
Modrm|IgnoreSize|NoSuf|ImmExt,
{ RegXMM|LLongMem,
RegXMM } },
{ NULL, 0, 0, 0, 0, 0, { 0 } }
};

48
contrib/ldns/Changelog
View File

@ -1,3 +1,51 @@
1.6.16 2012-11-13
* Fix Makefile to build pyldns with BSD make
* Fix typo in exporting b32_* symbols to make pyldns load again
* Allow leaving the RR owner name empty in ldns-testns datafiles.
* Fix fail to create NSEC3 bitmap for empty non-terminal (bug
introduced in 1.6.14).
1.6.15 2012-10-25
* Remove LDNS_STATUS_EXISTS_ERR from ldns/error.h to make ldns
binary compatible with earlier releases again.
1.6.14 2012-10-23
* DANE support (RFC6698), including ldns-dane example tool.
* Configurable default CA certificate repository for ldns-dane with
--with-ca-file=CAFILE and --with-ca-path=CAPATH
* Configurable default trust anchor with --with-trust-anchor=FILE
for drill, ldns-verify-zone and ldns-dane
* bugfix #474: Define socklen_t when undefined (like in Win32)
* bugfix #473: Dead code removal and resource leak fix in drill
* bugfix #471: Let ldns_resolver_push_dnssec_anchor accept DS RR's too.
* Various bugfixes from code reviews from CZ.NIC and Paul Wouters
* ldns-notify TSIG option argument checking
* Let ldns_resolver_nameservers_randomize keep nameservers and rtt's
in sync.
* Let ldns_pkt_push_rr now return false on (memory) errors.
* Make buffer_export comply to documentation and fix buffer2str
* Various improvements and fixes of pyldns from Katel Slany
now documented in their own Changelog.
* bugfix: Make ldns_resolver_pop_nameserver clear the array when
there was only one.
* bugfix #459: Remove ldns_symbols and export symbols based on regex
* bugfix #458: Track all newly created signatures when signing.
* bugfix #454: Only set -g and -O2 CFLAGS when no CFLAGS was given.
* bugfix #457: Memory leak fix for ldns_key_new_frm_algorithm.
* pyldns memory handling fixes and the python3/ldns-signzone.py
examples script contribution from Karel Slany.
* bugfix #450: Base # bytes for P, G and Y (T) on the guaranteed
to be bigger (or equal) P in ldns_key_dsa2bin.
* bugfix #449: Deep free cloned rdf's in ldns_tsig_mac_new.
* bugfix #448: Copy nameserver value (in stead of reference) of the
answering nameserver to the answer packet in ldns_send_buffer, so
the original value may be deep freed with the ldns_resolver struct.
* New -0 option for ldns-read-zone to replace inception, expiration
and signature rdata fields with (null). Thanks Paul Wouters.
* New -p option for ldns-read-zone to prepend-pad SOA serial to take
up ten characters.
* Return error if printing RR fails due to unknown/null RDATA.
1.6.13 2012-05-21
* New -S option for ldns-verify-zone to chase signatures online.
* New -k option for ldns-verify-zone to validate using a trusted key.

955
contrib/ldns/Makefile.in
View File

File diff suppressed because it is too large Load Diff

3
contrib/ldns/buffer.c
View File

@ -140,7 +140,8 @@ ldns_buffer_free(ldns_buffer *buffer)
return;
}
LDNS_FREE(buffer->_data);
if (!buffer->_fixed)
LDNS_FREE(buffer->_data);
LDNS_FREE(buffer);
}

153
contrib/ldns/configure vendored
View File

@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.68 for ldns 1.6.13.
# Generated by GNU Autoconf 2.68 for ldns 1.6.16.
#
# Report bugs to <libdns@nlnetlabs.nl>.
#
@ -570,8 +570,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='ldns'
PACKAGE_TARNAME='libdns'
PACKAGE_VERSION='1.6.13'
PACKAGE_STRING='ldns 1.6.13'
PACKAGE_VERSION='1.6.16'
PACKAGE_STRING='ldns 1.6.16'
PACKAGE_BUGREPORT='libdns@nlnetlabs.nl'
PACKAGE_URL=''
@ -613,17 +613,23 @@ ac_includes_default="\
#endif"
ac_subst_vars='LTLIBOBJS
CONFIG_FILES
ldns_build_config_have_attr_unused
ldns_build_config_have_attr_format
ldns_build_config_have_ssl
DEFAULT_CAPATH
DEFAULT_CAFILE
LDNS_TRUST_ANCHOR_FILE
WINDRES
LIBOBJS
ldns_build_config_have_socklen_t
LIBPCAP_LIBS
include_unistd_h
include_systypes_h
include_inttypes_h
ldns_build_config_have_inttypes_h
include_sys_socket_h
LIBSSL_SSL_LIBS
LIBSSL_LIBS
LIBSSL_LDFLAGS
LIBSSL_CPPFLAGS
@ -767,6 +773,9 @@ enable_sha2
enable_gost
enable_ecdsa
enable_rpath
with_trust_anchor
with_ca_file
with_ca_path
'
ac_precious_vars='build_alias
host_alias
@ -1320,7 +1329,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
\`configure' configures ldns 1.6.13 to adapt to many kinds of systems.
\`configure' configures ldns 1.6.16 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@ -1385,7 +1394,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
short | recursive ) echo "Configuration of ldns 1.6.13:";;
short | recursive ) echo "Configuration of ldns 1.6.16:";;
esac
cat <<\_ACEOF
@ -1421,6 +1430,12 @@ Optional Packages:
--with-ssl=pathname enable SSL (will check /usr/local/ssl /usr/lib/ssl
/usr/ssl /usr/pkg /usr/local /opt/local /usr/sfw
/usr)
--with-trust-anchor=KEYFILE
Default location of the trust anchor file for drill
and ldns-dane. [default=SYSCONFDIR/unbound/root.key]
--with-ca-file=CAFILE File containing CA certificates for ldns-dane
--with-ca-path=CAPATH Directory containing CA certificate files for
ldns-dane
Some influential environment variables:
CC C compiler command
@ -1502,7 +1517,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
ldns configure 1.6.13
ldns configure 1.6.16
generated by GNU Autoconf 2.68
Copyright (C) 2010 Free Software Foundation, Inc.
@ -2206,7 +2221,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
It was created by ldns $as_me 1.6.13, which was
It was created by ldns $as_me 1.6.16, which was
generated by GNU Autoconf 2.68. Invocation command line was
$ $0 $@
@ -2556,13 +2571,13 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
# needed to build correct soname
LIBTOOL_VERSION_INFO=1:6:13
LIBTOOL_VERSION_INFO=1:6:16
LDNS_VERSION_MAJOR=1
LDNS_VERSION_MINOR=6
LDNS_VERSION_MICRO=13
LDNS_VERSION_MICRO=16
OURCPPFLAGS=''
@ -4684,6 +4699,7 @@ ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
ac_compiler_gnu=$ac_cv_c_compiler_gnu
if test "x$CFLAGS" = "x" ; then
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC supports -g" >&5
@ -4707,7 +4723,7 @@ if eval "test \"`echo '$cv_prog_cc_flag_'$cache`\" = yes"; then
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
:
CFLAGS="-g $CFLAGS"
CFLAGS="-g"
else
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
@ -4746,6 +4762,7 @@ $as_echo "no" >&6; }
fi
fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC supports -Wall" >&5
@ -5931,6 +5948,7 @@ This does not work with the --with-drill option.
Please remove the config.h from the drill subdirectory
or do not use the --with-drill option." "$LINENO" 5
fi
DRILL_CONFIG=" drill/drill.1"
else
DRILL=""
@ -5942,6 +5960,7 @@ else
LINT_DRILL=""
DRILL_CONFIG=""
fi
@ -5971,6 +5990,7 @@ This does not work with the --with-examples option.
Please remove the config.h from the examples subdirectory
or do not use the --with-examples option." "$LINENO" 5
fi
EXAMPLES_CONFIG=" examples/ldns-dane.1 examples/ldns-verify-zone.1"
else
EXAMPLES=""
@ -5982,6 +6002,7 @@ else
LINT_EXAMPLES=""
EXAMPLES_CONFIG=""
fi
# add option to disable installation of ldns-config script
@ -6981,7 +7002,6 @@ else
fi
# Use libtool
# skip these tests, we do not need them.
@ -14706,6 +14726,10 @@ esac
if test "x$HAVE_SSL" = "xyes"; then
LIBSSL_SSL_LIBS="$LIBSSL_LIBS -lssl"
fi
CPPFLAGS=$tmp_CPPFLAGS
LDFLAGS=$tmp_LDFLAGS
LIBS=$tmp_LIBS
@ -15452,6 +15476,13 @@ $as_echo "#define socklen_t int" >>confdefs.h
fi
if test "x$ac_cv_type_socklen_t" = xyes; then
ldns_build_config_have_socklen_t=1
else
ldns_build_config_have_socklen_t=0
fi
ac_fn_c_check_type "$LINENO" "size_t" "ac_cv_type_size_t" "$ac_includes_default"
if test "x$ac_cv_type_size_t" = xyes; then :
@ -16514,6 +16545,91 @@ $as_echo "#define SYSCONFDIR sysconfdir" >>confdefs.h
# Check whether --with-trust-anchor was given.
if test "${with_trust_anchor+set}" = set; then :
withval=$with_trust_anchor;
LDNS_TRUST_ANCHOR_FILE="$withval"
else
if test "x$LDNS_TRUST_ANCHOR_FILE" = "x"; then
if test "x$sysconfdir" = 'x${prefix}/etc' ; then
if test "x$prefix" = 'xNONE' ; then
LDNS_TRUST_ANCHOR_FILE="/etc/unbound/root.key"
else
LDNS_TRUST_ANCHOR_FILE="${prefix}/etc/unbound/root.key"
fi
else
LDNS_TRUST_ANCHOR_FILE="${sysconfdir}/unbound/root.key"
fi
fi
fi
cat >>confdefs.h <<_ACEOF
#define LDNS_TRUST_ANCHOR_FILE "$LDNS_TRUST_ANCHOR_FILE"
_ACEOF
{ $as_echo "$as_me:${as_lineno-$LINENO}: Default trust anchor: $LDNS_TRUST_ANCHOR_FILE" >&5
$as_echo "$as_me: Default trust anchor: $LDNS_TRUST_ANCHOR_FILE" >&6;}
# Check whether --with-ca-file was given.
if test "${with_ca_file+set}" = set; then :
withval=$with_ca_file;
$as_echo "#define HAVE_DANE_CA_FILE 1" >>confdefs.h
cat >>confdefs.h <<_ACEOF
#define LDNS_DANE_CA_FILE "$withval"
_ACEOF
{ $as_echo "$as_me:${as_lineno-$LINENO}: Using CAfile: $withval" >&5
$as_echo "$as_me: Using CAfile: $withval" >&6;}
DEFAULT_CAFILE="Default is $withval"
else
$as_echo "#define HAVE_DANE_CA_FILE 0" >>confdefs.h
fi
# Check whether --with-ca-path was given.
if test "${with_ca_path+set}" = set; then :
withval=$with_ca_path;
$as_echo "#define HAVE_DANE_CA_PATH 1" >>confdefs.h
cat >>confdefs.h <<_ACEOF
#define LDNS_DANE_CA_PATH "$withval"
_ACEOF
{ $as_echo "$as_me:${as_lineno-$LINENO}: Using CApath: $withval" >&5
$as_echo "$as_me: Using CApath: $withval" >&6;}
DEFAULT_CAPATH="Default is $withval"
else
$as_echo "#define HAVE_DANE_CA_PATH 0" >>confdefs.h
fi
@ -16539,7 +16655,9 @@ else
fi
ac_config_files="$ac_config_files Makefile ldns/common.h ldns/net.h ldns/util.h packaging/libldns.pc packaging/ldns-config"
CONFIG_FILES="Makefile ldns/common.h ldns/net.h ldns/util.h packaging/libldns.pc packaging/ldns-config $DRILL_CONFIG $EXAMPLES_CONFIG"
ac_config_files="$ac_config_files $CONFIG_FILES"
ac_config_headers="$ac_config_headers ldns/config.h"
@ -17063,7 +17181,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
This file was extended by ldns $as_me 1.6.13, which was
This file was extended by ldns $as_me 1.6.16, which was
generated by GNU Autoconf 2.68. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@ -17129,7 +17247,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
ldns config.status 1.6.13
ldns config.status 1.6.16
configured by $0, generated by GNU Autoconf 2.68,
with options \\"\$ac_cs_config\\"
@ -17534,12 +17652,7 @@ do
case $ac_config_target in
"libtool") CONFIG_COMMANDS="$CONFIG_COMMANDS libtool" ;;
"disable-rpath") CONFIG_COMMANDS="$CONFIG_COMMANDS disable-rpath" ;;
"Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;;
"ldns/common.h") CONFIG_FILES="$CONFIG_FILES ldns/common.h" ;;
"ldns/net.h") CONFIG_FILES="$CONFIG_FILES ldns/net.h" ;;
"ldns/util.h") CONFIG_FILES="$CONFIG_FILES ldns/util.h" ;;
"packaging/libldns.pc") CONFIG_FILES="$CONFIG_FILES packaging/libldns.pc" ;;
"packaging/ldns-config") CONFIG_FILES="$CONFIG_FILES packaging/ldns-config" ;;
"$CONFIG_FILES") CONFIG_FILES="$CONFIG_FILES $CONFIG_FILES" ;;
"ldns/config.h") CONFIG_HEADERS="$CONFIG_HEADERS ldns/config.h" ;;
*) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;;

62
contrib/ldns/configure.ac
View File

@ -6,7 +6,7 @@ sinclude(acx_nlnetlabs.m4)
# must be numbers. ac_defun because of later processing.
m4_define([VERSION_MAJOR],[1])
m4_define([VERSION_MINOR],[6])
m4_define([VERSION_MICRO],[13])
m4_define([VERSION_MICRO],[16])
AC_INIT(ldns, m4_defn([VERSION_MAJOR]).m4_defn([VERSION_MINOR]).m4_defn([VERSION_MICRO]), libdns@nlnetlabs.nl, libdns)
AC_CONFIG_SRCDIR([packet.c])
# needed to build correct soname
@ -63,8 +63,10 @@ COPY_FILES($srcdir/$1/*.h, $2)
# Checks for typedefs, structures, and compiler characteristics.
AC_C_CONST
AC_LANG_C
ACX_CHECK_COMPILER_FLAG(g, [CFLAGS="-g $CFLAGS"])
if test "x$CFLAGS" = "x" ; then
ACX_CHECK_COMPILER_FLAG(g, [CFLAGS="-g"])
ACX_CHECK_COMPILER_FLAG(O2, [CFLAGS="-O2 $CFLAGS"])
fi
ACX_CHECK_COMPILER_FLAG(Wall, [CFLAGS="-Wall $CFLAGS"])
ACX_CHECK_COMPILER_FLAG(W, [CFLAGS="-W $CFLAGS"])
ACX_CHECK_COMPILER_FLAG(Wwrite-strings, [CFLAGS="-Wwrite-strings $CFLAGS"])
@ -112,12 +114,14 @@ This does not work with the --with-drill option.
Please remove the config.h from the drill subdirectory
or do not use the --with-drill option.])
fi
DRILL_CONFIG=" drill/drill.1"
else
AC_SUBST(DRILL,[""])
AC_SUBST(INSTALL_DRILL,[""])
AC_SUBST(UNINSTALL_DRILL,[""])
AC_SUBST(CLEAN_DRILL,[""])
AC_SUBST(LINT_DRILL,[""])
DRILL_CONFIG=""
fi
@ -137,12 +141,14 @@ This does not work with the --with-examples option.
Please remove the config.h from the examples subdirectory
or do not use the --with-examples option.])
fi
EXAMPLES_CONFIG=" examples/ldns-dane.1 examples/ldns-verify-zone.1"
else
AC_SUBST(EXAMPLES,[""])
AC_SUBST(INSTALL_EXAMPLES,[""])
AC_SUBST(UNINSTALL_EXAMPLES,[""])
AC_SUBST(CLEAN_EXAMPLES,[""])
AC_SUBST(LINT_EXAMPLES,[""])
EXAMPLES_CONFIG=""
fi
# add option to disable installation of ldns-config script
@ -249,7 +255,6 @@ else
AC_SUBST(PYLDNSXUNINST, "")
fi
# Use libtool
ACX_LIBTOOL_C_ONLY
@ -318,6 +323,9 @@ esac
AC_SUBST(LIBSSL_CPPFLAGS)
AC_SUBST(LIBSSL_LDFLAGS)
AC_SUBST(LIBSSL_LIBS)
if test "x$HAVE_SSL" = "xyes"; then
AC_SUBST(LIBSSL_SSL_LIBS, ["$LIBSSL_LIBS -lssl"])
fi
CPPFLAGS=$tmp_CPPFLAGS
LDFLAGS=$tmp_LDFLAGS
LIBS=$tmp_LIBS
@ -444,6 +452,11 @@ AC_INCLUDES_DEFAULT
fi
ACX_TYPE_SOCKLEN_T
if test "x$ac_cv_type_socklen_t" = xyes; then
AC_SUBST(ldns_build_config_have_socklen_t, 1)
else
AC_SUBST(ldns_build_config_have_socklen_t, 0)
fi
AC_TYPE_SIZE_T
AC_TYPE_SSIZE_T
AC_TYPE_INTPTR_T
@ -507,6 +520,45 @@ fi
AC_DEFINE([SYSCONFDIR], [sysconfdir], [System configuration dir])
AC_ARG_WITH(trust-anchor, AC_HELP_STRING([--with-trust-anchor=KEYFILE], [Default location of the trust anchor file for drill and ldns-dane. [default=SYSCONFDIR/unbound/root.key]]), [
LDNS_TRUST_ANCHOR_FILE="$withval"
],[
if test "x$LDNS_TRUST_ANCHOR_FILE" = "x"; then
if test "x$sysconfdir" = 'x${prefix}/etc' ; then
if test "x$prefix" = 'xNONE' ; then
LDNS_TRUST_ANCHOR_FILE="/etc/unbound/root.key"
else
LDNS_TRUST_ANCHOR_FILE="${prefix}/etc/unbound/root.key"
fi
else
LDNS_TRUST_ANCHOR_FILE="${sysconfdir}/unbound/root.key"
fi
fi
])
AC_DEFINE_UNQUOTED([LDNS_TRUST_ANCHOR_FILE], ["$LDNS_TRUST_ANCHOR_FILE"], [Default trust anchor file])
AC_SUBST(LDNS_TRUST_ANCHOR_FILE)
AC_MSG_NOTICE([Default trust anchor: $LDNS_TRUST_ANCHOR_FILE])
AC_ARG_WITH(ca-file, AC_HELP_STRING([--with-ca-file=CAFILE], [File containing CA certificates for ldns-dane]), [
AC_DEFINE([HAVE_DANE_CA_FILE], [1], [Is a CAFILE given at configure time])
AC_DEFINE_UNQUOTED([LDNS_DANE_CA_FILE], ["$withval"], [Is a CAFILE given at configure time])
AC_MSG_NOTICE([Using CAfile: $withval])
AC_SUBST(DEFAULT_CAFILE, ["Default is $withval"])
],[
AC_DEFINE([HAVE_DANE_CA_FILE], [0], [Is a CAFILE given at configure time])
AC_SUBST(DEFAULT_CAFILE, [])
])
AC_ARG_WITH(ca-path, AC_HELP_STRING([--with-ca-path=CAPATH], [Directory containing CA certificate files for ldns-dane]), [
AC_DEFINE([HAVE_DANE_CA_PATH], [1], [Is a CAPATH given at configure time])
AC_DEFINE_UNQUOTED([LDNS_DANE_CA_PATH], ["$withval"], [Is a CAPATH given at configure time])
AC_MSG_NOTICE([Using CApath: $withval])
AC_SUBST(DEFAULT_CAPATH, ["Default is $withval"])
],[
AC_DEFINE([HAVE_DANE_CA_PATH], [0], [Is a CAPATH given at configure time])
AC_SUBST(DEFAULT_CAPATH, [])
])
AH_BOTTOM([
#include <stdio.h>
#include <string.h>
@ -663,7 +715,9 @@ else
AC_SUBST(ldns_build_config_have_attr_unused, 0)
fi
AC_CONFIG_FILES([Makefile ldns/common.h ldns/net.h ldns/util.h packaging/libldns.pc packaging/ldns-config])
CONFIG_FILES="Makefile ldns/common.h ldns/net.h ldns/util.h packaging/libldns.pc packaging/ldns-config $DRILL_CONFIG $EXAMPLES_CONFIG"
AC_SUBST(CONFIG_FILES)
AC_CONFIG_FILES([$CONFIG_FILES])
AC_CONFIG_HEADER([ldns/config.h])
AC_OUTPUT

742
contrib/ldns/dane.c Normal file
View File

@ -0,0 +1,742 @@
/*
* Verify or create TLS authentication with DANE (RFC6698)
*
* (c) NLnetLabs 2012
*
* See the file LICENSE for the license.
*
*/
#include <ldns/config.h>
#include <ldns/ldns.h>
#include <ldns/dane.h>
#include <unistd.h>
#include <stdlib.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netdb.h>
#ifdef HAVE_SSL
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/x509v3.h>
#endif
ldns_status
ldns_dane_create_tlsa_owner(ldns_rdf** tlsa_owner, const ldns_rdf* name,
uint16_t port, ldns_dane_transport transport)
{
char buf[LDNS_MAX_DOMAINLEN];
size_t s;
assert(tlsa_owner != NULL);
assert(name != NULL);
assert(ldns_rdf_get_type(name) == LDNS_RDF_TYPE_DNAME);
s = (size_t)snprintf(buf, LDNS_MAX_DOMAINLEN, "X_%d", (int)port);
buf[0] = (char)(s - 1);
switch(transport) {
case LDNS_DANE_TRANSPORT_TCP:
s += snprintf(buf + s, LDNS_MAX_DOMAINLEN - s, "\004_tcp");
break;
case LDNS_DANE_TRANSPORT_UDP:
s += snprintf(buf + s, LDNS_MAX_DOMAINLEN - s, "\004_udp");
break;
case LDNS_DANE_TRANSPORT_SCTP:
s += snprintf(buf + s, LDNS_MAX_DOMAINLEN - s, "\005_sctp");
break;
default:
return LDNS_STATUS_DANE_UNKNOWN_TRANSPORT;
}
if (s + ldns_rdf_size(name) > LDNS_MAX_DOMAINLEN) {
return LDNS_STATUS_DOMAINNAME_OVERFLOW;
}
memcpy(buf + s, ldns_rdf_data(name), ldns_rdf_size(name));
*tlsa_owner = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_DNAME,
s + ldns_rdf_size(name), buf);
if (*tlsa_owner == NULL) {
return LDNS_STATUS_MEM_ERR;
}
return LDNS_STATUS_OK;
}
#ifdef HAVE_SSL
ldns_status
ldns_dane_cert2rdf(ldns_rdf** rdf, X509* cert,
ldns_tlsa_selector selector,
ldns_tlsa_matching_type matching_type)
{
unsigned char* buf = NULL;
size_t len;
X509_PUBKEY* xpubkey;
EVP_PKEY* epubkey;
unsigned char* digest;
assert(rdf != NULL);
assert(cert != NULL);
switch(selector) {
case LDNS_TLSA_SELECTOR_FULL_CERTIFICATE:
len = (size_t)i2d_X509(cert, &buf);
break;
case LDNS_TLSA_SELECTOR_SUBJECTPUBLICKEYINFO:
#ifndef S_SPLINT_S
xpubkey = X509_get_X509_PUBKEY(cert);
#endif
if (! xpubkey) {
return LDNS_STATUS_SSL_ERR;
}
epubkey = X509_PUBKEY_get(xpubkey);
if (! epubkey) {
return LDNS_STATUS_SSL_ERR;
}
len = (size_t)i2d_PUBKEY(epubkey, &buf);
break;
default:
return LDNS_STATUS_DANE_UNKNOWN_SELECTOR;
}
switch(matching_type) {
case LDNS_TLSA_MATCHING_TYPE_NO_HASH_USED:
*rdf = ldns_rdf_new(LDNS_RDF_TYPE_HEX, len, buf);
return *rdf ? LDNS_STATUS_OK : LDNS_STATUS_MEM_ERR;
break;
case LDNS_TLSA_MATCHING_TYPE_SHA256:
digest = LDNS_XMALLOC(unsigned char, SHA256_DIGEST_LENGTH);
if (digest == NULL) {
LDNS_FREE(buf);
return LDNS_STATUS_MEM_ERR;
}
(void) ldns_sha256(buf, (unsigned int)len, digest);
*rdf = ldns_rdf_new(LDNS_RDF_TYPE_HEX, SHA256_DIGEST_LENGTH,
digest);
LDNS_FREE(buf);
return *rdf ? LDNS_STATUS_OK : LDNS_STATUS_MEM_ERR;
break;
case LDNS_TLSA_MATCHING_TYPE_SHA512:
digest = LDNS_XMALLOC(unsigned char, SHA512_DIGEST_LENGTH);
if (digest == NULL) {
LDNS_FREE(buf);
return LDNS_STATUS_MEM_ERR;
}
(void) ldns_sha512(buf, (unsigned int)len, digest);
*rdf = ldns_rdf_new(LDNS_RDF_TYPE_HEX, SHA512_DIGEST_LENGTH,
digest);
LDNS_FREE(buf);
return *rdf ? LDNS_STATUS_OK : LDNS_STATUS_MEM_ERR;
break;
default:
LDNS_FREE(buf);
return LDNS_STATUS_DANE_UNKNOWN_MATCHING_TYPE;
}
}
/* Ordinary PKIX validation of cert (with extra_certs to help)
* against the CA's in store
*/
static ldns_status
ldns_dane_pkix_validate(X509* cert, STACK_OF(X509)* extra_certs,
X509_STORE* store)
{
X509_STORE_CTX* vrfy_ctx;
ldns_status s;
if (! store) {
return LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE;
}
vrfy_ctx = X509_STORE_CTX_new();
if (! vrfy_ctx) {
return LDNS_STATUS_SSL_ERR;
} else if (X509_STORE_CTX_init(vrfy_ctx, store,
cert, extra_certs) != 1) {
s = LDNS_STATUS_SSL_ERR;
} else if (X509_verify_cert(vrfy_ctx) == 1) {
s = LDNS_STATUS_OK;
} else {
s = LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE;
}
X509_STORE_CTX_free(vrfy_ctx);
return s;
}
/* Orinary PKIX validation of cert (with extra_certs to help)
* against the CA's in store, but also return the validation chain.
*/
static ldns_status
ldns_dane_pkix_validate_and_get_chain(STACK_OF(X509)** chain, X509* cert,
STACK_OF(X509)* extra_certs, X509_STORE* store)
{
ldns_status s;
X509_STORE* empty_store = NULL;
X509_STORE_CTX* vrfy_ctx;
assert(chain != NULL);
if (! store) {
store = empty_store = X509_STORE_new();
}
s = LDNS_STATUS_SSL_ERR;
vrfy_ctx = X509_STORE_CTX_new();
if (! vrfy_ctx) {
goto exit_free_empty_store;
} else if (X509_STORE_CTX_init(vrfy_ctx, store,
cert, extra_certs) != 1) {
goto exit_free_vrfy_ctx;
} else if (X509_verify_cert(vrfy_ctx) == 1) {
s = LDNS_STATUS_OK;
} else {
s = LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE;
}
*chain = X509_STORE_CTX_get1_chain(vrfy_ctx);
if (! *chain) {
s = LDNS_STATUS_SSL_ERR;
}
exit_free_vrfy_ctx:
X509_STORE_CTX_free(vrfy_ctx);
exit_free_empty_store:
if (empty_store) {
X509_STORE_free(empty_store);
}
return s;
}
/* Return the validation chain that can be build out of cert, with extra_certs.
*/
static ldns_status
ldns_dane_pkix_get_chain(STACK_OF(X509)** chain,
X509* cert, STACK_OF(X509)* extra_certs)
{
ldns_status s;
X509_STORE* empty_store = NULL;
X509_STORE_CTX* vrfy_ctx;
assert(chain != NULL);
empty_store = X509_STORE_new();
s = LDNS_STATUS_SSL_ERR;
vrfy_ctx = X509_STORE_CTX_new();
if (! vrfy_ctx) {
goto exit_free_empty_store;
} else if (X509_STORE_CTX_init(vrfy_ctx, empty_store,
cert, extra_certs) != 1) {
goto exit_free_vrfy_ctx;
}
(void) X509_verify_cert(vrfy_ctx);
*chain = X509_STORE_CTX_get1_chain(vrfy_ctx);
if (! *chain) {
s = LDNS_STATUS_SSL_ERR;
} else {
s = LDNS_STATUS_OK;
}
exit_free_vrfy_ctx:
X509_STORE_CTX_free(vrfy_ctx);
exit_free_empty_store:
X509_STORE_free(empty_store);
return s;
}
/* Pop n+1 certs and return the last popped.
*/
static ldns_status
ldns_dane_get_nth_cert_from_validation_chain(
X509** cert, STACK_OF(X509)* chain, int n, bool ca)
{
if (n >= sk_X509_num(chain) || n < 0) {
return LDNS_STATUS_DANE_OFFSET_OUT_OF_RANGE;
}
*cert = sk_X509_pop(chain);
while (n-- > 0) {
X509_free(*cert);
*cert = sk_X509_pop(chain);
}
if (ca && ! X509_check_ca(*cert)) {
return LDNS_STATUS_DANE_NON_CA_CERTIFICATE;
}
return LDNS_STATUS_OK;
}
/* Create validation chain with cert and extra_certs and returns the last
* self-signed (if present).
*/
static ldns_status
ldns_dane_pkix_get_last_self_signed(X509** out_cert,
X509* cert, STACK_OF(X509)* extra_certs)
{
ldns_status s;
X509_STORE* empty_store = NULL;
X509_STORE_CTX* vrfy_ctx;
assert(out_cert != NULL);
empty_store = X509_STORE_new();
s = LDNS_STATUS_SSL_ERR;
vrfy_ctx = X509_STORE_CTX_new();
if (! vrfy_ctx) {
goto exit_free_empty_store;
} else if (X509_STORE_CTX_init(vrfy_ctx, empty_store,
cert, extra_certs) != 1) {
goto exit_free_vrfy_ctx;
}
(void) X509_verify_cert(vrfy_ctx);
if (vrfy_ctx->error == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN ||
vrfy_ctx->error == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT){
*out_cert = X509_STORE_CTX_get_current_cert( vrfy_ctx);
s = LDNS_STATUS_OK;
} else {
s = LDNS_STATUS_DANE_PKIX_NO_SELF_SIGNED_TRUST_ANCHOR;
}
exit_free_vrfy_ctx:
X509_STORE_CTX_free(vrfy_ctx);
exit_free_empty_store:
X509_STORE_free(empty_store);
return s;
}
ldns_status
ldns_dane_select_certificate(X509** selected_cert,
X509* cert, STACK_OF(X509)* extra_certs,
X509_STORE* pkix_validation_store,
ldns_tlsa_certificate_usage cert_usage, int offset)
{
ldns_status s;
STACK_OF(X509)* pkix_validation_chain = NULL;
assert(selected_cert != NULL);
assert(cert != NULL);
/* With PKIX validation explicitely turned off (pkix_validation_store
* == NULL), treat the "CA constraint" and "Service certificate
* constraint" the same as "Trust anchor assertion" and "Domain issued
* certificate" respectively.
*/
if (pkix_validation_store == NULL) {
switch (cert_usage) {
case LDNS_TLSA_USAGE_CA_CONSTRAINT:
cert_usage = LDNS_TLSA_USAGE_TRUST_ANCHOR_ASSERTION;
break;
case LDNS_TLSA_USAGE_SERVICE_CERTIFICATE_CONSTRAINT:
cert_usage = LDNS_TLSA_USAGE_DOMAIN_ISSUED_CERTIFICATE;
break;
default:
break;
}
}
/* Now what to do with each Certificate usage...
*/
switch (cert_usage) {
case LDNS_TLSA_USAGE_CA_CONSTRAINT:
s = ldns_dane_pkix_validate_and_get_chain(
&pkix_validation_chain,
cert, extra_certs,
pkix_validation_store);
if (! pkix_validation_chain) {
return s;
}
if (s == LDNS_STATUS_OK) {
if (offset == -1) {
offset = 0;
}
s = ldns_dane_get_nth_cert_from_validation_chain(
selected_cert, pkix_validation_chain,
offset, true);
}
sk_X509_pop_free(pkix_validation_chain, X509_free);
return s;
break;
case LDNS_TLSA_USAGE_SERVICE_CERTIFICATE_CONSTRAINT:
*selected_cert = cert;
return ldns_dane_pkix_validate(cert, extra_certs,
pkix_validation_store);
break;
case LDNS_TLSA_USAGE_TRUST_ANCHOR_ASSERTION:
if (offset == -1) {
s = ldns_dane_pkix_get_last_self_signed(
selected_cert, cert, extra_certs);
return s;
} else {
s = ldns_dane_pkix_get_chain(
&pkix_validation_chain,
cert, extra_certs);
if (s == LDNS_STATUS_OK) {
s =
ldns_dane_get_nth_cert_from_validation_chain(
selected_cert, pkix_validation_chain,
offset, false);
} else if (! pkix_validation_chain) {
return s;
}
sk_X509_pop_free(pkix_validation_chain, X509_free);
return s;
}
break;
case LDNS_TLSA_USAGE_DOMAIN_ISSUED_CERTIFICATE:
*selected_cert = cert;
return LDNS_STATUS_OK;
break;
default:
return LDNS_STATUS_DANE_UNKNOWN_CERTIFICATE_USAGE;
break;
}
}
ldns_status
ldns_dane_create_tlsa_rr(ldns_rr** tlsa,
ldns_tlsa_certificate_usage certificate_usage,
ldns_tlsa_selector selector,
ldns_tlsa_matching_type matching_type,
X509* cert)
{
ldns_rdf* rdf;
ldns_status s;
assert(tlsa != NULL);
assert(cert != NULL);
/* create rr */
*tlsa = ldns_rr_new_frm_type(LDNS_RR_TYPE_TLSA);
if (*tlsa == NULL) {
return LDNS_STATUS_MEM_ERR;
}
rdf = ldns_native2rdf_int8(LDNS_RDF_TYPE_INT8,
(uint8_t)certificate_usage);
if (rdf == NULL) {
goto memerror;
}
(void) ldns_rr_set_rdf(*tlsa, rdf, 0);
rdf = ldns_native2rdf_int8(LDNS_RDF_TYPE_INT8, (uint8_t)selector);
if (rdf == NULL) {
goto memerror;
}
(void) ldns_rr_set_rdf(*tlsa, rdf, 1);
rdf = ldns_native2rdf_int8(LDNS_RDF_TYPE_INT8, (uint8_t)matching_type);
if (rdf == NULL) {
goto memerror;
}
(void) ldns_rr_set_rdf(*tlsa, rdf, 2);
s = ldns_dane_cert2rdf(&rdf, cert, selector, matching_type);
if (s == LDNS_STATUS_OK) {
(void) ldns_rr_set_rdf(*tlsa, rdf, 3);
return LDNS_STATUS_OK;
}
ldns_rr_free(*tlsa);
*tlsa = NULL;
return s;
memerror:
ldns_rr_free(*tlsa);
*tlsa = NULL;
return LDNS_STATUS_MEM_ERR;
}
/* Return tlsas that actually are TLSA resource records with known values
* for the Certificate usage, Selector and Matching type rdata fields.
*/
static ldns_rr_list*
ldns_dane_filter_unusable_records(const ldns_rr_list* tlsas)
{
size_t i;
ldns_rr_list* r = ldns_rr_list_new();
ldns_rr* tlsa_rr;
if (! r) {
return NULL;
}
for (i = 0; i < ldns_rr_list_rr_count(tlsas); i++) {
tlsa_rr = ldns_rr_list_rr(tlsas, i);
if (ldns_rr_get_type(tlsa_rr) == LDNS_RR_TYPE_TLSA &&
ldns_rr_rd_count(tlsa_rr) == 4 &&
ldns_rdf2native_int8(ldns_rr_rdf(tlsa_rr, 0)) <= 3 &&
ldns_rdf2native_int8(ldns_rr_rdf(tlsa_rr, 1)) <= 1 &&
ldns_rdf2native_int8(ldns_rr_rdf(tlsa_rr, 2)) <= 2) {
if (! ldns_rr_list_push_rr(r, tlsa_rr)) {
ldns_rr_list_free(r);
return NULL;
}
}
}
return r;
}
/* Return whether cert/selector/matching_type matches data.
*/
static ldns_status
ldns_dane_match_cert_with_data(X509* cert, ldns_tlsa_selector selector,
ldns_tlsa_matching_type matching_type, ldns_rdf* data)
{
ldns_status s;
ldns_rdf* match_data;
s = ldns_dane_cert2rdf(&match_data, cert, selector, matching_type);
if (s == LDNS_STATUS_OK) {
if (ldns_rdf_compare(data, match_data) != 0) {
s = LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH;
}
ldns_rdf_free(match_data);
}
return s;
}
/* Return whether any certificate from the chain with selector/matching_type
* matches data.
* ca should be true if the certificate has to be a CA certificate too.
*/
static ldns_status
ldns_dane_match_any_cert_with_data(STACK_OF(X509)* chain,
ldns_tlsa_selector selector,
ldns_tlsa_matching_type matching_type,
ldns_rdf* data, bool ca)
{
ldns_status s = LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH;
size_t n, i;
X509* cert;
n = (size_t)sk_X509_num(chain);
for (i = 0; i < n; i++) {
cert = sk_X509_pop(chain);
if (! cert) {
s = LDNS_STATUS_SSL_ERR;
break;
}
s = ldns_dane_match_cert_with_data(cert,
selector, matching_type, data);
if (ca && s == LDNS_STATUS_OK && ! X509_check_ca(cert)) {
s = LDNS_STATUS_DANE_NON_CA_CERTIFICATE;
}
X509_free(cert);
if (s != LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH) {
break;
}
/* when s == LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH,
* try to match the next certificate
*/
}
return s;
}
ldns_status
ldns_dane_verify_rr(const ldns_rr* tlsa_rr,
X509* cert, STACK_OF(X509)* extra_certs,
X509_STORE* pkix_validation_store)
{
ldns_status s;
STACK_OF(X509)* pkix_validation_chain = NULL;
ldns_tlsa_certificate_usage cert_usage;
ldns_tlsa_selector selector;
ldns_tlsa_matching_type matching_type;
ldns_rdf* data;
if (! tlsa_rr) {
/* No TLSA, so regular PKIX validation
*/
return ldns_dane_pkix_validate(cert, extra_certs,
pkix_validation_store);
}
cert_usage = ldns_rdf2native_int8(ldns_rr_rdf(tlsa_rr, 0));
selector = ldns_rdf2native_int8(ldns_rr_rdf(tlsa_rr, 1));
matching_type = ldns_rdf2native_int8(ldns_rr_rdf(tlsa_rr, 2));
data = ldns_rr_rdf(tlsa_rr, 3) ;
switch (cert_usage) {
case LDNS_TLSA_USAGE_CA_CONSTRAINT:
s = ldns_dane_pkix_validate_and_get_chain(
&pkix_validation_chain,
cert, extra_certs,
pkix_validation_store);
if (! pkix_validation_chain) {
return s;
}
if (s == LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE) {
/*
* NO PKIX validation. We still try to match *any*
* certificate from the chain, so we return
* TLSA errors over PKIX errors.
*
* i.e. When the TLSA matches no certificate, we return
* TLSA_DID_NOT_MATCH and not PKIX_DID_NOT_VALIDATE
*/
s = ldns_dane_match_any_cert_with_data(
pkix_validation_chain,
selector, matching_type, data, true);
if (s == LDNS_STATUS_OK) {
/* A TLSA record did match a cert from the
* chain, thus the error is failed PKIX
* validation.
*/
s = LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE;
}
} else if (s == LDNS_STATUS_OK) {
/* PKIX validated, does the TLSA match too? */
s = ldns_dane_match_any_cert_with_data(
pkix_validation_chain,
selector, matching_type, data, true);
}
sk_X509_pop_free(pkix_validation_chain, X509_free);
return s;
break;
case LDNS_TLSA_USAGE_SERVICE_CERTIFICATE_CONSTRAINT:
s = ldns_dane_match_cert_with_data(cert,
selector, matching_type, data);
if (s == LDNS_STATUS_OK) {
return ldns_dane_pkix_validate(cert, extra_certs,
pkix_validation_store);
}
return s;
break;
case LDNS_TLSA_USAGE_TRUST_ANCHOR_ASSERTION:
s = ldns_dane_pkix_get_chain(&pkix_validation_chain,
cert, extra_certs);
if (s == LDNS_STATUS_OK) {
s = ldns_dane_match_any_cert_with_data(
pkix_validation_chain,
selector, matching_type, data, false);
} else if (! pkix_validation_chain) {
return s;
}
sk_X509_pop_free(pkix_validation_chain, X509_free);
return s;
break;
case LDNS_TLSA_USAGE_DOMAIN_ISSUED_CERTIFICATE:
return ldns_dane_match_cert_with_data(cert,
selector, matching_type, data);
break;
default:
break;
}
return LDNS_STATUS_DANE_UNKNOWN_CERTIFICATE_USAGE;
}
ldns_status
ldns_dane_verify(ldns_rr_list* tlsas,
X509* cert, STACK_OF(X509)* extra_certs,
X509_STORE* pkix_validation_store)
{
size_t i;
ldns_rr* tlsa_rr;
ldns_status s = LDNS_STATUS_OK, ps;
assert(cert != NULL);
if (tlsas && ldns_rr_list_rr_count(tlsas) > 0) {
tlsas = ldns_dane_filter_unusable_records(tlsas);
if (! tlsas) {
return LDNS_STATUS_MEM_ERR;
}
}
if (! tlsas || ldns_rr_list_rr_count(tlsas) == 0) {
/* No TLSA's, so regular PKIX validation
*/
return ldns_dane_pkix_validate(cert, extra_certs,
pkix_validation_store);
} else {
for (i = 0; i < ldns_rr_list_rr_count(tlsas); i++) {
tlsa_rr = ldns_rr_list_rr(tlsas, i);
ps = s;
s = ldns_dane_verify_rr(tlsa_rr, cert, extra_certs,
pkix_validation_store);
if (s != LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH &&
s != LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE) {
/* which would be LDNS_STATUS_OK (match)
* or some fatal error preventing use from
* trying the next TLSA record.
*/
break;
}
s = (s > ps ? s : ps); /* prefer PKIX_DID_NOT_VALIDATE
* over TLSA_DID_NOT_MATCH
*/
}
ldns_rr_list_free(tlsas);
}
return s;
}
#endif /* HAVE_SSL */

91
contrib/ldns/dname.c
View File

@ -30,6 +30,24 @@
#include <arpa/inet.h>
#endif
/* Returns whether the last label in the name is a root label (a empty label).
* Note that it is not enough to just test the last character to be 0,
* because it may be part of the last label itself.
*/
static bool
ldns_dname_last_label_is_root_label(const ldns_rdf* dname)
{
size_t src_pos;
size_t len = 0;
for (src_pos = 0; src_pos < ldns_rdf_size(dname); src_pos += len + 1) {
len = ldns_rdf_data(dname)[src_pos];
}
assert(src_pos == ldns_rdf_size(dname));
return src_pos > 0 && len == 0;
}
ldns_rdf *
ldns_dname_cat_clone(const ldns_rdf *rd1, const ldns_rdf *rd2)
{
@ -47,7 +65,7 @@ ldns_dname_cat_clone(const ldns_rdf *rd1, const ldns_rdf *rd2)
* rd, by reducing the size with 1
*/
left_size = ldns_rdf_size(rd1);
if (left_size > 0 &&ldns_rdf_data(rd1)[left_size - 1] == 0) {
if (ldns_dname_last_label_is_root_label(rd1)) {
left_size--;
}
@ -84,7 +102,7 @@ ldns_dname_cat(ldns_rdf *rd1, ldns_rdf *rd2)
* rd, by reducing the size with 1
*/
left_size = ldns_rdf_size(rd1);
if (left_size > 0 &&ldns_rdf_data(rd1)[left_size - 1] == 0) {
if (ldns_dname_last_label_is_root_label(rd1)) {
left_size--;
}
@ -102,36 +120,39 @@ ldns_dname_cat(ldns_rdf *rd1, ldns_rdf *rd2)
return LDNS_STATUS_OK;
}
ldns_rdf *
ldns_dname_reverse(const ldns_rdf *d)
ldns_rdf*
ldns_dname_reverse(const ldns_rdf *dname)
{
ldns_rdf *new;
ldns_rdf *tmp;
ldns_rdf *d_tmp;
ldns_status status;
size_t rd_size;
uint8_t* buf;
ldns_rdf* new;
size_t src_pos;
size_t len ;
d_tmp = ldns_rdf_clone(d);
new = ldns_dname_new_frm_str(".");
if(!new)
return NULL;
while(ldns_dname_label_count(d_tmp) > 0) {
tmp = ldns_dname_label(d_tmp, 0);
status = ldns_dname_cat(tmp, new);
if(status != LDNS_STATUS_OK) {
ldns_rdf_deep_free(new);
ldns_rdf_deep_free(d_tmp);
return NULL;
}
ldns_rdf_deep_free(new);
new = tmp;
tmp = ldns_dname_left_chop(d_tmp);
ldns_rdf_deep_free(d_tmp);
d_tmp = tmp;
assert(ldns_rdf_get_type(dname) == LDNS_RDF_TYPE_DNAME);
rd_size = ldns_rdf_size(dname);
buf = LDNS_XMALLOC(uint8_t, rd_size);
if (! buf) {
return NULL;
}
new = ldns_rdf_new(LDNS_RDF_TYPE_DNAME, rd_size, buf);
if (! new) {
LDNS_FREE(buf);
return NULL;
}
/* If dname ends in a root label, the reverse should too.
*/
if (ldns_dname_last_label_is_root_label(dname)) {
buf[rd_size - 1] = 0;
rd_size -= 1;
}
for (src_pos = 0; src_pos < rd_size; src_pos += len + 1) {
len = ldns_rdf_data(dname)[src_pos];
memcpy(&buf[rd_size - src_pos - len - 1],
&ldns_rdf_data(dname)[src_pos], len + 1);
}
ldns_rdf_deep_free(d_tmp);
return new;
}
@ -519,6 +540,18 @@ ldns_dname_str_absolute(const char *dname_str)
return 0;
}
bool
ldns_dname_absolute(const ldns_rdf *rdf)
{
char *str = ldns_rdf2str(rdf);
if (str) {
bool r = ldns_dname_str_absolute(str);
LDNS_FREE(str);
return r;
}
return false;
}
ldns_rdf *
ldns_dname_label(const ldns_rdf *rdf, uint8_t labelpos)
{

43
contrib/ldns/dnssec.c
View File

@ -743,7 +743,6 @@ ldns_dnssec_create_nsec_bitmap(ldns_rr_type rr_type_list[],
memcpy(data + cur_data_size + 2, cur_data, cur_window_max+1);
cur_data_size += cur_window_max + 3;
}
bitmap_rdf = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_NSEC,
cur_data_size,
data);
@ -1154,12 +1153,15 @@ ldns_create_nsec3(ldns_rdf *cur_owner,
salt_length,
salt);
status = ldns_dname_cat(hashed_owner, cur_zone);
if(status != LDNS_STATUS_OK)
if(status != LDNS_STATUS_OK) {
ldns_rdf_deep_free(hashed_owner);
return NULL;
}
nsec = ldns_rr_new_frm_type(LDNS_RR_TYPE_NSEC3);
if(!nsec)
if(!nsec) {
ldns_rdf_deep_free(hashed_owner);
return NULL;
}
ldns_rr_set_type(nsec, LDNS_RR_TYPE_NSEC3);
ldns_rr_set_owner(nsec, hashed_owner);
@ -1443,8 +1445,9 @@ ldns_pkt_verify_time(ldns_pkt *p, ldns_rr_type t, ldns_rdf *o,
sigs = s;
} else {
/* otherwise get them from the packet */
sigs = ldns_pkt_rr_list_by_name_and_type(p, o, LDNS_RR_TYPE_RRSIG,
LDNS_SECTION_ANY_NOQUESTION);
sigs = ldns_pkt_rr_list_by_name_and_type(p, o,
LDNS_RR_TYPE_RRSIG,
LDNS_SECTION_ANY_NOQUESTION);
if (!sigs) {
/* no sigs */
return LDNS_STATUS_ERR;
@ -1457,24 +1460,26 @@ ldns_pkt_verify_time(ldns_pkt *p, ldns_rr_type t, ldns_rdf *o,
*/
t_netorder = htons(t); /* rdf are in network order! */
/* a type identifier is a 16-bit number, so the size is 2 bytes */
rdf_t = ldns_rdf_new(LDNS_RDF_TYPE_TYPE,
2,
&t_netorder);
rdf_t = ldns_rdf_new(LDNS_RDF_TYPE_TYPE, 2, &t_netorder);
sigs_covered = ldns_rr_list_subtype_by_rdf(sigs, rdf_t, 0);
ldns_rdf_free(rdf_t);
if (! sigs_covered) {
if (! s) {
ldns_rr_list_deep_free(sigs);
}
return LDNS_STATUS_ERR;
}
ldns_rr_list_deep_free(sigs_covered);
rrset = ldns_pkt_rr_list_by_name_and_type(p,
o,
t,
LDNS_SECTION_ANY_NOQUESTION);
rrset = ldns_pkt_rr_list_by_name_and_type(p, o, t,
LDNS_SECTION_ANY_NOQUESTION);
if (!rrset) {
if (! s) {
ldns_rr_list_deep_free(sigs);
}
return LDNS_STATUS_ERR;
}
if (!sigs_covered) {
return LDNS_STATUS_ERR;
}
return ldns_verify_time(rrset, sigs, k, check_time, good_keys);
}

33
contrib/ldns/dnssec_sign.c
View File

@ -260,6 +260,8 @@ ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys)
ldns_buffer_free(sign_buf);
/* ERROR */
ldns_rr_list_deep_free(rrset_clone);
ldns_rr_free(current_sig);
ldns_rr_list_deep_free(signatures);
return NULL;
}
@ -268,6 +270,8 @@ ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys)
!= LDNS_STATUS_OK) {
ldns_buffer_free(sign_buf);
ldns_rr_list_deep_free(rrset_clone);
ldns_rr_free(current_sig);
ldns_rr_list_deep_free(signatures);
return NULL;
}
@ -276,6 +280,8 @@ ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys)
if (!b64rdf) {
/* signing went wrong */
ldns_rr_list_deep_free(rrset_clone);
ldns_rr_free(current_sig);
ldns_rr_list_deep_free(signatures);
return NULL;
}
@ -481,10 +487,7 @@ ldns_sign_public_rsasha1(ldns_buffer *to_sign, RSA *key)
(unsigned char*)ldns_buffer_begin(b64sig),
&siglen, key);
if (result != 1) {
return NULL;
}
if (result != 1) {
ldns_buffer_free(b64sig);
return NULL;
}
@ -859,16 +862,14 @@ ldns_dnssec_zone_create_nsec3s_mkmap(ldns_dnssec_zone *zone,
ldns_rbtree_next(current_name_node));
}
if (result != LDNS_STATUS_OK) {
ldns_rr_list_free(nsec3_list);
return result;
}
ldns_rr_list_sort_nsec3(nsec3_list);
result = ldns_dnssec_chain_nsec3_list(nsec3_list);
if (result != LDNS_STATUS_OK) {
return result;
}
ldns_rr_list_free(nsec3_list);
return result;
}
@ -1023,9 +1024,9 @@ ldns_key_list_filter_for_non_dnskey(ldns_key_list *key_list)
}
ldns_status
ldns_dnssec_zone_create_rrsigs_flg( ATTR_UNUSED(ldns_dnssec_zone *zone)
, ATTR_UNUSED(ldns_rr_list *new_rrs)
, ATTR_UNUSED(ldns_key_list *key_list)
ldns_dnssec_zone_create_rrsigs_flg( ldns_dnssec_zone *zone
, ldns_rr_list *new_rrs
, ldns_key_list *key_list
, int (*func)(ldns_rr *, void*)
, void *arg
, int flags
@ -1112,9 +1113,11 @@ ldns_dnssec_zone_create_rrsigs_flg( ATTR_UNUSED(ldns_dnssec_zone *zone)
cur_rrset->signatures = ldns_dnssec_rrs_new();
cur_rrset->signatures->rr =
ldns_rr_list_rr(siglist, i);
}
if (new_rrs) {
ldns_rr_list_push_rr(new_rrs,
ldns_rr_list_rr(siglist,
i));
ldns_rr_list_rr(siglist,
i));
}
}
ldns_rr_list_free(siglist);
@ -1146,8 +1149,10 @@ ldns_dnssec_zone_create_rrsigs_flg( ATTR_UNUSED(ldns_dnssec_zone *zone)
cur_name->nsec_signatures = ldns_dnssec_rrs_new();
cur_name->nsec_signatures->rr =
ldns_rr_list_rr(siglist, i);
}
if (new_rrs) {
ldns_rr_list_push_rr(new_rrs,
ldns_rr_list_rr(siglist, i));
ldns_rr_list_rr(siglist, i));
}
}

63
contrib/ldns/dnssec_verify.c
View File

@ -285,9 +285,11 @@ ldns_dnssec_build_data_chain(ldns_resolver *res,
ldns_rr_class c = 0;
bool other_rrset = false;
ldns_dnssec_data_chain *new_chain = ldns_dnssec_data_chain_new();
assert(pkt != NULL);
if (!ldns_dnssec_pkt_has_rrsigs(pkt)) {
/* hmm. no dnssec data in the packet. go up to try and deny
* DS? */
@ -402,15 +404,16 @@ ldns_dnssec_build_data_chain(ldns_resolver *res,
if (signatures && ldns_rr_list_rr_count(signatures) > 0) {
key_name = ldns_rr_rdf(ldns_rr_list_rr(signatures, 0), 7);
}
if (!key_name) {
if (signatures) {
ldns_rr_list_deep_free(signatures);
}
return ldns_dnssec_build_data_chain_nokeyname(res,
qflags,
orig_rr,
rrset,
new_chain);
}
if (type != LDNS_RR_TYPE_DNSKEY) {
ldns_dnssec_build_data_chain_dnskey(res,
qflags,
@ -419,7 +422,7 @@ ldns_dnssec_build_data_chain(ldns_resolver *res,
new_chain,
key_name,
c
);
);
} else {
ldns_dnssec_build_data_chain_other(res,
qflags,
@ -427,13 +430,11 @@ ldns_dnssec_build_data_chain(ldns_resolver *res,
key_name,
c,
dss
);
);
}
if (signatures) {
ldns_rr_list_deep_free(signatures);
}
return new_chain;
}
@ -627,6 +628,7 @@ ldns_dnssec_trust_tree_print_sm_fmt(FILE *out,
}
}
#if 0
static void
ldns_dnssec_trust_tree_print_sm(FILE *out,
ldns_dnssec_trust_tree *tree,
@ -638,6 +640,7 @@ ldns_dnssec_trust_tree_print_sm(FILE *out,
ldns_dnssec_trust_tree_print_sm_fmt(out, ldns_output_format_default,
tree, tabs, extended, sibmap, treedepth);
}
#endif
void
ldns_dnssec_trust_tree_print_fmt(FILE *out, const ldns_output_format *fmt,
@ -826,10 +829,7 @@ ldns_dnssec_derive_trust_tree_normal_rrset_time(
/* might contain different names!
sort and split */
ldns_rr_list_sort(cur_rrset);
if (tmp_rrset && tmp_rrset != cur_rrset) {
ldns_rr_list_deep_free(tmp_rrset);
tmp_rrset = NULL;
}
assert(tmp_rrset == cur_rrset);
tmp_rrset = ldns_rr_list_pop_rrset(cur_rrset);
/* with nsecs, this might be the wrong one */
@ -849,6 +849,12 @@ ldns_dnssec_derive_trust_tree_normal_rrset_time(
cur_sig_rr,
cur_parent_rr,
check_time);
if (tmp_rrset && tmp_rrset != cur_rrset
) {
ldns_rr_list_deep_free(
tmp_rrset);
tmp_rrset = NULL;
}
/* avoid dupes */
for (i = 0; i < new_tree->parent_count; i++) {
if (cur_parent_rr == new_tree->parents[i]->rr) {
@ -870,9 +876,6 @@ ldns_dnssec_derive_trust_tree_normal_rrset_time(
}
}
done:
if (tmp_rrset && tmp_rrset != cur_rrset) {
ldns_rr_list_deep_free(tmp_rrset);
}
ldns_rr_list_deep_free(cur_rrset);
}
@ -1077,7 +1080,8 @@ ldns_dnssec_trust_tree_contains_keys(ldns_dnssec_trust_tree *tree,
if (tree->parent_status[i] != LDNS_STATUS_OK) {
result = tree->parent_status[i];
} else {
if (ldns_rr_get_type(tree->rr)
if (tree->rr &&
ldns_rr_get_type(tree->rr)
== LDNS_RR_TYPE_NSEC &&
parent_result == LDNS_STATUS_OK
) {
@ -1210,8 +1214,8 @@ ldns_fetch_valid_domain_keys_time(const ldns_resolver *res,
*status = LDNS_STATUS_CRYPTO_NO_TRUSTED_DNSKEY;
parent_domain = ldns_dname_left_chop(domain);
while (ldns_rdf_size(parent_domain) > 0) {
/* Fail if we are at the root */
while (parent_domain && /* Fail if we are at the root*/
ldns_rdf_size(parent_domain) > 0) {
if ((parent_keys =
ldns_fetch_valid_domain_keys_time(res,
@ -1247,7 +1251,9 @@ ldns_fetch_valid_domain_keys_time(const ldns_resolver *res,
ldns_rdf_deep_free(prev_parent_domain);
}
}
ldns_rdf_deep_free(parent_domain);
if (parent_domain) {
ldns_rdf_deep_free(parent_domain);
}
}
}
return trusted_keys;
@ -1519,12 +1525,11 @@ ldns_dnssec_verify_denial(ldns_rr *rr,
rr_name = ldns_rr_owner(rr);
chopped_dname = ldns_dname_left_chop(rr_name);
result = ldns_dname_cat(wildcard_name, chopped_dname);
ldns_rdf_deep_free(chopped_dname);
if (result != LDNS_STATUS_OK) {
return result;
}
ldns_rdf_deep_free(chopped_dname);
for (i = 0; i < ldns_rr_list_rr_count(nsecs); i++) {
cur_nsec = ldns_rr_list_rr(nsecs, i);
if (ldns_dname_compare(rr_name, ldns_rr_owner(cur_nsec)) == 0) {
@ -1576,7 +1581,6 @@ ldns_dnssec_verify_denial(ldns_rr *rr,
return LDNS_STATUS_OK;
}
#ifdef HAVE_SSL
ldns_status
ldns_dnssec_verify_denial_nsec3_match( ldns_rr *rr
, ldns_rr_list *nsecs
@ -1612,7 +1616,7 @@ ldns_dnssec_verify_denial_nsec3_match( ldns_rr *rr
ldns_rr_get_type(rr),
nsecs);
if(!closest_encloser) {
result = LDNS_STATUS_NSEC3_ERR;
result = LDNS_STATUS_DNSSEC_NSEC_RR_NOT_COVERED;
goto done;
}
@ -1636,16 +1640,14 @@ ldns_dnssec_verify_denial_nsec3_match( ldns_rr *rr
ldns_rdf_deep_free(hashed_wildcard_name);
}
if (! wildcard_covered) {
result = LDNS_STATUS_DNSSEC_NSEC_WILDCARD_NOT_COVERED;
} else {
result = LDNS_STATUS_OK;
}
ldns_rdf_deep_free(closest_encloser);
ldns_rdf_deep_free(wildcard);
if (!wildcard_covered) {
result = LDNS_STATUS_DNSSEC_NSEC_WILDCARD_NOT_COVERED;
} else if (closest_encloser && wildcard_covered) {
result = LDNS_STATUS_OK;
} else {
result = LDNS_STATUS_DNSSEC_NSEC_RR_NOT_COVERED;
}
} else if (packet_nodata && packet_qtype != LDNS_RR_TYPE_DS) {
/* section 8.5 */
hashed_name = ldns_nsec3_hash_name_frm_nsec3(
@ -1819,9 +1821,6 @@ ldns_dnssec_verify_denial_nsec3(ldns_rr *rr,
);
}
#endif /* HAVE_SSL */
#ifdef USE_GOST
EVP_PKEY*
ldns_gost2pkey_raw(unsigned char* key, size_t keylen)

34
contrib/ldns/dnssec_zone.c
View File

@ -298,6 +298,7 @@ ldns_dnssec_rrsets_print_soa_fmt(FILE *out, const ldns_output_format *fmt,
}
}
#if 0
static void
ldns_dnssec_rrsets_print_soa(FILE *out,
ldns_dnssec_rrsets *rrsets,
@ -307,7 +308,7 @@ ldns_dnssec_rrsets_print_soa(FILE *out,
ldns_dnssec_rrsets_print_soa_fmt(out, ldns_output_format_default,
rrsets, follow, show_soa);
}
#endif
void
ldns_dnssec_rrsets_print_fmt(FILE *out, const ldns_output_format *fmt,
@ -428,6 +429,7 @@ ldns_dnssec_name_set_name(ldns_dnssec_name *rrset,
}
}
#if 0
static ldns_rr *
ldns_dnssec_name_nsec(ldns_dnssec_name *rrset)
{
@ -436,6 +438,7 @@ ldns_dnssec_name_nsec(ldns_dnssec_name *rrset)
}
return NULL;
}
#endif
void
ldns_dnssec_name_set_nsec(ldns_dnssec_name *rrset, ldns_rr *nsec)
@ -589,12 +592,14 @@ ldns_dnssec_name_print_soa_fmt(FILE *out, const ldns_output_format *fmt,
}
}
#if 0
static void
ldns_dnssec_name_print_soa(FILE *out, ldns_dnssec_name *name, bool show_soa)
{
ldns_dnssec_name_print_soa_fmt(out, ldns_output_format_default,
name, show_soa);
}
#endif
void
ldns_dnssec_name_print_fmt(FILE *out, const ldns_output_format *fmt,
@ -708,6 +713,7 @@ ldns_dnssec_zone_new_frm_fp_l(ldns_dnssec_zone** z, FILE* fp, ldns_rdf* origin,
case LDNS_STATUS_SYNTAX_EMPTY: /* empty line was seen */
case LDNS_STATUS_SYNTAX_TTL: /* the ttl was set*/
case LDNS_STATUS_SYNTAX_ORIGIN: /* the origin was set*/
status = LDNS_STATUS_OK;
break;
case LDNS_STATUS_SYNTAX_INCLUDE:/* $include not implemented */
@ -721,38 +727,42 @@ ldns_dnssec_zone_new_frm_fp_l(ldns_dnssec_zone** z, FILE* fp, ldns_rdf* origin,
if (ldns_rr_list_rr_count(todo_nsec3s) > 0) {
(void) ldns_dnssec_zone_add_empty_nonterminals(newzone);
for (i = 0; i < ldns_rr_list_rr_count(todo_nsec3s); i++) {
for (i = 0; status == LDNS_STATUS_OK &&
i < ldns_rr_list_rr_count(todo_nsec3s); i++) {
cur_rr = ldns_rr_list_rr(todo_nsec3s, i);
status = ldns_dnssec_zone_add_rr(newzone, cur_rr);
}
for (i = 0; i < ldns_rr_list_rr_count(todo_nsec3_rrsigs); i++){
for (i = 0; status == LDNS_STATUS_OK &&
i < ldns_rr_list_rr_count(todo_nsec3_rrsigs);
i++){
cur_rr = ldns_rr_list_rr(todo_nsec3_rrsigs, i);
status = ldns_dnssec_zone_add_rr(newzone, cur_rr);
}
} else if (ldns_rr_list_rr_count(todo_nsec3_rrsigs) > 0) {
for (i = 0; i < ldns_rr_list_rr_count(todo_nsec3_rrsigs); i++){
for (i = 0; status == LDNS_STATUS_OK &&
i < ldns_rr_list_rr_count(todo_nsec3_rrsigs);
i++){
cur_rr = ldns_rr_list_rr(todo_nsec3_rrsigs, i);
status = ldns_dnssec_zone_add_rr(newzone, cur_rr);
}
}
ldns_rr_list_free(todo_nsec3_rrsigs);
ldns_rr_list_free(todo_nsec3s);
if (z) {
*z = newzone;
newzone = NULL;
} else {
ldns_dnssec_zone_free(newzone);
}
return LDNS_STATUS_OK;
error:
#ifdef FASTER_DNSSEC_ZONE_NEW_FRM_FP
if (zone) {
ldns_zone_free(zone);
}
#endif
ldns_rr_list_free(todo_nsec3_rrsigs);
ldns_rr_list_free(todo_nsec3s);
if (my_origin) {
ldns_rdf_deep_free(my_origin);
}
@ -822,7 +832,6 @@ ldns_dname_compare_v(const void *a, const void *b) {
return ldns_dname_compare((ldns_rdf *)a, (ldns_rdf *)b);
}
#ifdef HAVE_SSL
static ldns_rbnode_t *
ldns_dnssec_zone_find_nsec3_original(ldns_dnssec_zone *zone,
ldns_rr *rr) {
@ -912,7 +921,6 @@ ldns_dnssec_zone_add_rr(ldns_dnssec_zone *zone, ldns_rr *rr)
return result;
}
#endif /* HAVE_SSL */
void
ldns_dnssec_zone_names_print_fmt(FILE *out, const ldns_output_format *fmt,
@ -1009,7 +1017,9 @@ ldns_dnssec_zone_add_empty_nonterminals(ldns_dnssec_zone *zone)
if (next_node == LDNS_RBTREE_NULL) {
next_node = ldns_rbtree_first(zone->names);
}
if (! cur_node->data || ! next_node->data) {
return LDNS_STATUS_ERR;
}
cur_name = ((ldns_dnssec_name *)cur_node->data)->name;
next_name = ((ldns_dnssec_name *)next_node->data)->name;
cur_label_count = ldns_dname_label_count(cur_name);

8
contrib/ldns/drill/Makefile.in
View File

@ -9,6 +9,7 @@ exec_prefix = @exec_prefix@
bindir = @bindir@
mandir = @mandir@
includedir = @includedir@
datarootdir = @datarootdir@
CC = @CC@
CFLAGS = -I. @CFLAGS@
@ -77,7 +78,6 @@ docclean:
distclean: clean docclean
rm -f config.h
rm -f drill.h
realclean: clean docclean
rm -f tags
@ -88,9 +88,9 @@ realclean: clean docclean
rm -rf autom4te.cache
rm -f config.h
rm -f config.h.in
rm -f drill.h
rm -f configure
rm -f Makefile
rm -f drill.1
rm -f aclocal.m4
doc:
@ -99,7 +99,7 @@ doc:
install: all
$(INSTALL) -d $(DESTDIR)$(bindir)
$(INSTALL) drill $(DESTDIR)$(bindir)/drill
$(INSTALL) -m 644 $(srcdir)/drill.1 $(DESTDIR)$(mandir)/man1/drill.1
$(INSTALL) -m 644 drill.1 $(DESTDIR)$(mandir)/man1/drill.1
uninstall:
@echo
@ -116,4 +116,4 @@ lint:
done
confclean: clean
rm -rf config.log config.status config.h Makefile
rm -rf config.log config.status config.h Makefile drill.1

14
contrib/ldns/drill/chasetrace.c
View File

@ -45,7 +45,15 @@ do_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t,
p = ldns_pkt_new();
res = ldns_resolver_new();
if (!p || !res) {
if (!p) {
if (res) {
ldns_resolver_free(res);
}
error("Memory allocation failed");
return NULL;
}
if (!res) {
ldns_pkt_free(p);
error("Memory allocation failed");
return NULL;
}
@ -73,6 +81,8 @@ do_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t,
if (status != LDNS_STATUS_OK) {
fprintf(stderr, "Error adding root servers to resolver: %s\n", ldns_get_errorstr_by_id(status));
ldns_rr_list_print(stdout, global_dns_root);
ldns_resolver_free(res);
ldns_pkt_free(p);
return NULL;
}
@ -118,7 +128,7 @@ do_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t,
drill_pkt_print_footer(stdout, local_res, p);
/* remove the old nameserver from the resolver */
while((pop = ldns_resolver_pop_nameserver(res))) { /* do it */ }
while(ldns_resolver_pop_nameserver(res)) { /* do it */ }
/* also check for new_nss emptyness */

3
contrib/ldns/drill/config.h.in
View File

@ -111,6 +111,9 @@
/* Define to 1 if you have the <ws2tcpip.h> header file. */
#undef HAVE_WS2TCPIP_H
/* Default trust anchor file */
#undef LDNS_TRUST_ANCHOR_FILE
/* Define to the address where bug reports for this package should be sent. */
#undef PACKAGE_BUGREPORT

58
contrib/ldns/drill/configure vendored
View File

@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.68 for ldns 1.6.13.
# Generated by GNU Autoconf 2.68 for ldns 1.6.16.
#
# Report bugs to <libdns@nlnetlabs.nl>.
#
@ -560,8 +560,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='ldns'
PACKAGE_TARNAME='libdns'
PACKAGE_VERSION='1.6.13'
PACKAGE_STRING='ldns 1.6.13'
PACKAGE_VERSION='1.6.16'
PACKAGE_STRING='ldns 1.6.16'
PACKAGE_BUGREPORT='libdns@nlnetlabs.nl'
PACKAGE_URL=''
@ -604,6 +604,7 @@ ac_includes_default="\
ac_subst_vars='LTLIBOBJS
LIBOBJS
LDNS_TRUST_ANCHOR_FILE
LDNSDIR
LIBS_STC
RUNTIME_PATH
@ -664,6 +665,7 @@ enable_option_checking
enable_rpath
with_ssl
with_ldns
with_trust_anchor
'
ac_precious_vars='build_alias
host_alias
@ -1216,7 +1218,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
\`configure' configures ldns 1.6.13 to adapt to many kinds of systems.
\`configure' configures ldns 1.6.16 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@ -1277,7 +1279,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
short | recursive ) echo "Configuration of ldns 1.6.13:";;
short | recursive ) echo "Configuration of ldns 1.6.16:";;
esac
cat <<\_ACEOF
@ -1296,6 +1298,9 @@ Optional Packages:
--with-ldns=PATH specify prefix of path of ldns library to use
--with-trust-anchor=KEYFILE
Default location of the trust anchor file.
[default=SYSCONFDIR/unbound/root.key]
Some influential environment variables:
CC C compiler command
@ -1373,7 +1378,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
ldns configure 1.6.13
ldns configure 1.6.16
generated by GNU Autoconf 2.68
Copyright (C) 2010 Free Software Foundation, Inc.
@ -1796,7 +1801,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
It was created by ldns $as_me 1.6.13, which was
It was created by ldns $as_me 1.6.16, which was
generated by GNU Autoconf 2.68. Invocation command line was
$ $0 $@
@ -5379,7 +5384,6 @@ else
as_fn_error $? "Can't find ldns library" "$LINENO" 5
fi
fi
@ -5387,8 +5391,39 @@ fi
# Check whether --with-trust-anchor was given.
if test "${with_trust_anchor+set}" = set; then :
withval=$with_trust_anchor;
LDNS_TRUST_ANCHOR_FILE="$withval"
ac_config_files="$ac_config_files Makefile"
else
if test "x$LDNS_TRUST_ANCHOR_FILE" = "x"; then
if test "x$sysconfdir" = 'x${prefix}/etc' ; then
if test "x$prefix" = 'xNONE' ; then
LDNS_TRUST_ANCHOR_FILE="/etc/unbound/root.key"
else
LDNS_TRUST_ANCHOR_FILE="${prefix}/etc/unbound/root.key"
fi
else
LDNS_TRUST_ANCHOR_FILE="${sysconfdir}/unbound/root.key"
fi
fi
fi
cat >>confdefs.h <<_ACEOF
#define LDNS_TRUST_ANCHOR_FILE "$LDNS_TRUST_ANCHOR_FILE"
_ACEOF
{ $as_echo "$as_me:${as_lineno-$LINENO}: Default trust anchor: $LDNS_TRUST_ANCHOR_FILE" >&5
$as_echo "$as_me: Default trust anchor: $LDNS_TRUST_ANCHOR_FILE" >&6;}
ac_config_files="$ac_config_files Makefile drill.1"
ac_config_headers="$ac_config_headers config.h"
@ -5910,7 +5945,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
This file was extended by ldns $as_me 1.6.13, which was
This file was extended by ldns $as_me 1.6.16, which was
generated by GNU Autoconf 2.68. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@ -5972,7 +6007,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
ldns config.status 1.6.13
ldns config.status 1.6.16
configured by $0, generated by GNU Autoconf 2.68,
with options \\"\$ac_cs_config\\"
@ -6094,6 +6129,7 @@ for ac_config_target in $ac_config_targets
do
case $ac_config_target in
"Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;;
"drill.1") CONFIG_FILES="$CONFIG_FILES drill.1" ;;
"config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;;
*) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;;

26
contrib/ldns/drill/configure.ac
View File

@ -2,7 +2,7 @@
# Process this file with autoconf to produce a configure script.
AC_PREREQ(2.56)
AC_INIT(ldns, 1.6.13, libdns@nlnetlabs.nl,libdns)
AC_INIT(ldns, 1.6.16, libdns@nlnetlabs.nl,libdns)
AC_CONFIG_SRCDIR([drill.c])
sinclude(../acx_nlnetlabs.m4)
@ -170,13 +170,33 @@ if test -f $ldns_dev_dir/ldns/util.h && \
else
AC_MSG_RESULT([no])
AC_CHECK_LIB(ldns, ldns_rr_new, , [
AC_MSG_ERROR([Can't find ldns library])
AC_MSG_ERROR([Can't find ldns library])dnl '
]
)
fi
AC_SUBST(LDNSDIR)
AC_ARG_WITH(trust-anchor, AC_HELP_STRING([--with-trust-anchor=KEYFILE],
[Default location of the trust anchor file. [default=SYSCONFDIR/unbound/root.key]]), [
LDNS_TRUST_ANCHOR_FILE="$withval"
],[
if test "x$LDNS_TRUST_ANCHOR_FILE" = "x"; then
if test "x$sysconfdir" = 'x${prefix}/etc' ; then
if test "x$prefix" = 'xNONE' ; then
LDNS_TRUST_ANCHOR_FILE="/etc/unbound/root.key"
else
LDNS_TRUST_ANCHOR_FILE="${prefix}/etc/unbound/root.key"
fi
else
LDNS_TRUST_ANCHOR_FILE="${sysconfdir}/unbound/root.key"
fi
fi
])
AC_DEFINE_UNQUOTED([LDNS_TRUST_ANCHOR_FILE], ["$LDNS_TRUST_ANCHOR_FILE"], [Default trust anchor file])
AC_SUBST(LDNS_TRUST_ANCHOR_FILE)
AC_MSG_NOTICE([Default trust anchor: $LDNS_TRUST_ANCHOR_FILE])
AH_BOTTOM([
#include <stdio.h>
@ -254,6 +274,6 @@ extern int optind, opterr;
#endif
])
AC_CONFIG_FILES([Makefile])
AC_CONFIG_FILES([Makefile drill.1])
AC_CONFIG_HEADER([config.h])
AC_OUTPUT

107
contrib/ldns/drill/dnssec.c
View File

@ -22,12 +22,10 @@ get_rr(ldns_resolver *res, ldns_rdf *zname, ldns_rr_type t, ldns_rr_class c)
p = ldns_pkt_new();
found = NULL;
if (ldns_resolver_send(&p, res, zname, t, c, 0) != LDNS_STATUS_OK) {
/* oops */
return NULL;
} else {
if (ldns_resolver_send(&p, res, zname, t, c, 0) == LDNS_STATUS_OK) {
found = ldns_pkt_rr_list_by_type(p, t, LDNS_SECTION_ANY_NOQUESTION);
}
ldns_pkt_free(p);
return found;
}
@ -36,6 +34,7 @@ drill_pkt_print(FILE *fd, ldns_resolver *r, ldns_pkt *p)
{
ldns_rr_list *new_nss;
ldns_rr_list *hostnames;
char *answerfrom_str;
if (verbosity < 5) {
return;
@ -46,8 +45,7 @@ drill_pkt_print(FILE *fd, ldns_resolver *r, ldns_pkt *p)
new_nss = ldns_pkt_rr_list_by_type(p,
LDNS_RR_TYPE_NS, LDNS_SECTION_ANSWER);
ldns_rr_list_print(fd, new_nss);
/* new_nss can be empty.... */
ldns_rr_list_deep_free(new_nss);
fprintf(fd, ";; Received %d bytes from %s#%d(",
(int) ldns_pkt_size(p),
@ -59,7 +57,11 @@ drill_pkt_print(FILE *fd, ldns_resolver *r, ldns_pkt *p)
ldns_rr_rdf(ldns_rr_list_rr(hostnames, 0), 0));
ldns_rr_list_deep_free(hostnames);
} else {
fprintf(fd, "%s", ldns_rdf2str(ldns_pkt_answerfrom(p)));
answerfrom_str = ldns_rdf2str(ldns_pkt_answerfrom(p));
if (answerfrom_str) {
fprintf(fd, "%s", answerfrom_str);
LDNS_FREE(answerfrom_str);
}
}
fprintf(fd, ") in %u ms\n\n", (unsigned int)ldns_pkt_querytime(p));
}
@ -68,6 +70,7 @@ void
drill_pkt_print_footer(FILE *fd, ldns_resolver *r, ldns_pkt *p)
{
ldns_rr_list *hostnames;
char *answerfrom_str;
if (verbosity < 5) {
return;
@ -85,7 +88,11 @@ drill_pkt_print_footer(FILE *fd, ldns_resolver *r, ldns_pkt *p)
ldns_rr_rdf(ldns_rr_list_rr(hostnames, 0), 0));
ldns_rr_list_deep_free(hostnames);
} else {
fprintf(fd, "%s", ldns_rdf2str(ldns_pkt_answerfrom(p)));
answerfrom_str = ldns_rdf2str(ldns_pkt_answerfrom(p));
if (answerfrom_str) {
fprintf(fd, "%s", answerfrom_str);
LDNS_FREE(answerfrom_str);
}
}
fprintf(fd, ") in %u ms\n\n", (unsigned int)ldns_pkt_querytime(p));
}
@ -98,7 +105,6 @@ get_dnssec_rr(ldns_pkt *p, ldns_rdf *name, ldns_rr_type t,
ldns_rr_list **rrlist, ldns_rr_list **sig)
{
ldns_pkt_type pt = LDNS_PACKET_UNKNOWN;
ldns_rr_list *rr = NULL;
ldns_rr_list *sigs = NULL;
size_t i;
@ -111,36 +117,52 @@ get_dnssec_rr(ldns_pkt *p, ldns_rdf *name, ldns_rr_type t,
pt = ldns_pkt_reply_type(p);
if (name) {
rr = ldns_pkt_rr_list_by_name_and_type(p, name, t, LDNS_SECTION_ANSWER);
if (!rr) {
rr = ldns_pkt_rr_list_by_name_and_type(p, name, t, LDNS_SECTION_AUTHORITY);
if (rrlist) {
*rrlist = ldns_pkt_rr_list_by_name_and_type(p, name, t,
LDNS_SECTION_ANSWER);
if (!*rrlist) {
*rrlist = ldns_pkt_rr_list_by_name_and_type(
p, name, t,
LDNS_SECTION_AUTHORITY);
}
}
sigs = ldns_pkt_rr_list_by_name_and_type(p, name, LDNS_RR_TYPE_RRSIG,
LDNS_SECTION_ANSWER);
if (!sigs) {
sigs = ldns_pkt_rr_list_by_name_and_type(p, name, LDNS_RR_TYPE_RRSIG,
LDNS_SECTION_AUTHORITY);
if (sig) {
sigs = ldns_pkt_rr_list_by_name_and_type(p, name,
LDNS_RR_TYPE_RRSIG,
LDNS_SECTION_ANSWER);
if (!sigs) {
sigs = ldns_pkt_rr_list_by_name_and_type(
p, name, LDNS_RR_TYPE_RRSIG,
LDNS_SECTION_AUTHORITY);
}
}
} else {
/* A DS-referral - get the DS records if they are there */
rr = ldns_pkt_rr_list_by_type(p, t, LDNS_SECTION_AUTHORITY);
sigs = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_RRSIG,
LDNS_SECTION_AUTHORITY);
/* A DS-referral - get the DS records if they are there */
if (rrlist) {
*rrlist = ldns_pkt_rr_list_by_type(
p, t, LDNS_SECTION_AUTHORITY);
}
if (sig) {
sigs = ldns_pkt_rr_list_by_type(p,
LDNS_RR_TYPE_RRSIG,
LDNS_SECTION_AUTHORITY);
}
}
if (sig) {
*sig = ldns_rr_list_new();
for (i = 0; i < ldns_rr_list_rr_count(sigs); i++) {
/* only add the sigs that cover this type */
if (ldns_rdf2rr_type(ldns_rr_rrsig_typecovered(ldns_rr_list_rr(sigs, i))) ==
t) {
ldns_rr_list_push_rr(*sig, ldns_rr_clone(ldns_rr_list_rr(sigs, i)));
if (t == ldns_rdf2rr_type(ldns_rr_rrsig_typecovered(
ldns_rr_list_rr(sigs, i)))) {
ldns_rr_list_push_rr(*sig,
ldns_rr_clone(
ldns_rr_list_rr(
sigs, i)));
}
}
}
ldns_rr_list_deep_free(sigs);
if (rrlist) {
*rrlist = rr;
}
if (pt == LDNS_PACKET_NXDOMAIN || pt == LDNS_PACKET_NODATA) {
return pt;
@ -153,6 +175,7 @@ get_dnssec_rr(ldns_pkt *p, ldns_rdf *name, ldns_rr_type t,
ldns_status
ldns_verify_denial(ldns_pkt *pkt, ldns_rdf *name, ldns_rr_type type, ldns_rr_list **nsec_rrs, ldns_rr_list **nsec_rr_sigs)
{
#ifdef HAVE_SSL
uint16_t nsec_i;
ldns_rr_list *nsecs;
@ -216,12 +239,28 @@ ldns_verify_denial(ldns_pkt *pkt, ldns_rdf *name, ldns_rr_type type, ldns_rr_lis
ldns_rr_list* sigs = ldns_pkt_rr_list_by_type(pkt, LDNS_RR_TYPE_RRSIG, LDNS_SECTION_ANY_NOQUESTION);
ldns_rr* q = ldns_rr_new();
ldns_rr* match = NULL;
if(!sigs) return LDNS_STATUS_MEM_ERR;
if(!q) return LDNS_STATUS_MEM_ERR;
if(!sigs) {
if (q) {
ldns_rr_free(q);
}
ldns_rr_list_deep_free(nsecs);
return LDNS_STATUS_MEM_ERR;
}
if(!q) {
ldns_rr_list_deep_free(nsecs);
ldns_rr_list_deep_free(sigs);
return LDNS_STATUS_MEM_ERR;
}
ldns_rr_set_question(q, 1);
ldns_rr_set_ttl(q, 0);
ldns_rr_set_owner(q, ldns_rdf_clone(name));
if(!ldns_rr_owner(q)) return LDNS_STATUS_MEM_ERR;
if(!ldns_rr_owner(q)) {
ldns_rr_free(q);
ldns_rr_list_deep_free(sigs);
ldns_rr_list_deep_free(nsecs);
return LDNS_STATUS_MEM_ERR;
}
ldns_rr_set_type(q, type);
/* result = ldns_dnssec_verify_denial_nsec3(q, nsecs, sigs, ldns_pkt_get_rcode(pkt), type, ldns_pkt_ancount(pkt) == 0); */
@ -234,6 +273,14 @@ ldns_verify_denial(ldns_pkt *pkt, ldns_rdf *name, ldns_rr_type type, ldns_rr_lis
ldns_rr_list_deep_free(sigs);
}
return result;
#else
(void)pkt;
(void)name;
(void)type;
(void)nsec_rrs;
(void)nsec_rr_sigs;
return LDNS_STATUS_ERR;
#endif /* HAVE_SSL */
}
/* NSEC3 draft -07 */

12
contrib/ldns/drill/drill.1 → contrib/ldns/drill/drill.1.in
View File

@ -161,6 +161,11 @@ given \fBdrill\fR tries to validate the current answer with this
key. No chasing is done. When \fBdrill\fR is doing a secure trace, this
key will be used as trust anchor. Can contain a DNSKEY or a DS record.
Alternatively, when DNSSEC enabled tracing (\fB-TD\fR) or signature
chasing (\fB-S\fR), if \fB-k\fR is not specified, and a default trust anchor
(@LDNS_TRUST_ANCHOR_FILE@) exists and contains a valid DNSKEY or DS record,
it will be used as the trust anchor.
.TP
\fB\-o \fImnemonic\fR
Use this option to set or unset specific header bits. A bit is
@ -212,6 +217,13 @@ specify named base64 tsig key, and optional an algorithm (defaults to hmac-md5.s
\fB\-z \fR
don't randomize the nameserver list before sending queries.
.SH "FILES"
.TP
@LDNS_TRUST_ANCHOR_FILE@
The file from which trusted keys are loaded when no \fB-k\fR option is given.
.SH "SEE ALSO"
.LP
unbound-anchor(8)
.SH AUTHOR
Jelte Jansen and Miek Gieben. Both of NLnet Labs.

30
contrib/ldns/drill/drill.c
View File

@ -47,19 +47,25 @@ usage(FILE *stream, const char *progname)
fprintf(stream, "\t-6\t\tstay on ip6\n");
fprintf(stream, "\t-a\t\tfallback to EDNS0 and TCP if the answer is truncated\n");
fprintf(stream, "\t-b <bufsize>\tuse <bufsize> as the buffer size (defaults to 512 b)\n");
fprintf(stream, "\t-c <file>\t\tuse file for rescursive nameserver configuration (/etc/resolv.conf)\n");
fprintf(stream, "\t-k <file>\tspecify a file that contains a trusted DNSSEC key (DNSKEY|DS) [**]\n");
fprintf(stream, "\t\t\tused to verify any signatures in the current answer\n");
fprintf(stream, "\t-o <mnemonic>\tset flags to: [QR|qr][AA|aa][TC|tc][RD|rd][CD|cd][RA|ra][AD|ad]\n");
fprintf(stream, "\t-c <file>\tuse file for rescursive nameserver configuration"
"\n\t\t\t(/etc/resolv.conf)\n");
fprintf(stream, "\t-k <file>\tspecify a file that contains a trusted DNSSEC key [**]\n");
fprintf(stream, "\t\t\tUsed to verify any signatures in the current answer.\n");
fprintf(stream, "\t\t\tWhen DNSSEC enabled tracing (-TD) or signature\n"
"\t\t\tchasing (-S) and no key files are given, keys are read\n"
"\t\t\tfrom: %s\n",
LDNS_TRUST_ANCHOR_FILE);
fprintf(stream, "\t-o <mnemonic>\tset flags to:"
"\n\t\t\t[QR|qr][AA|aa][TC|tc][RD|rd][CD|cd][RA|ra][AD|ad]\n");
fprintf(stream, "\t\t\tlowercase: unset bit, uppercase: set bit\n");
fprintf(stream, "\t-p <port>\tuse <port> as remote port number\n");
fprintf(stream, "\t-s\t\tshow the DS RR for each key in a packet\n");
fprintf(stream, "\t-u\t\tsend the query with udp (the default)\n");
fprintf(stream, "\t-x\t\tdo a reverse lookup\n");
fprintf(stream, "\twhen doing a secure trace:\n");
fprintf(stream, "\t-r <file>\t\tuse file as root servers hint file\n");
fprintf(stream, "\t-r <file>\tuse file as root servers hint file\n");
fprintf(stream, "\t-t\t\tsend the query with tcp (connected)\n");
fprintf(stream, "\t-d <domain>\t\tuse domain as the start point for the trace\n");
fprintf(stream, "\t-d <domain>\tuse domain as the start point for the trace\n");
fprintf(stream, "\t-y <name:key[:algo]>\tspecify named base64 tsig key, and optional an\n\t\t\talgorithm (defaults to hmac-md5.sig-alg.reg.int)\n");
fprintf(stream, "\t-z\t\tdon't randomize the nameservers before use\n");
fprintf(stream, "\n [*] = enables/implies DNSSEC\n");
@ -272,7 +278,8 @@ main(int argc, char *argv[])
qusevc = true;
break;
case 'k':
status = read_key_file(optarg, key_list);
status = read_key_file(optarg,
key_list, false);
if (status != LDNS_STATUS_OK) {
error("Could not parse the key file %s: %s", optarg, ldns_get_errorstr_by_id(status));
}
@ -397,6 +404,15 @@ main(int argc, char *argv[])
argc -= optind;
argv += optind;
if ((PURPOSE == DRILL_CHASE || (PURPOSE == DRILL_TRACE && qdnssec)) &&
ldns_rr_list_rr_count(key_list) == 0) {
(void) read_key_file(LDNS_TRUST_ANCHOR_FILE, key_list, true);
}
if (ldns_rr_list_rr_count(key_list) > 0) {
printf(";; Number of trusted keys: %d\n",
(int) ldns_rr_list_rr_count(key_list));
}
/* do a secure trace when requested */
if (PURPOSE == DRILL_TRACE && qdnssec) {
#ifdef HAVE_SSL

1
contrib/ldns/drill/drill.h
View File

@ -85,7 +85,6 @@ ldns_status ldns_verify_denial(ldns_pkt *pkt,
ldns_rr_list **nsec_rrs,
ldns_rr_list **nsec_rr_sigs);
ldns_status read_key_file(const char *filename, ldns_rr_list *key_list);
ldns_pkt *read_hex_pkt(char *filename);
ldns_buffer *read_hex_buffer(char *filename);
void init_root(void);

32
contrib/ldns/drill/drill_util.c
View File

@ -13,14 +13,14 @@
#include <errno.h>
static size_t
static int
read_line(FILE *input, char *line, size_t len)
{
size_t i;
int i;
char c;
for (i = 0; i < len-1; i++) {
c = getc(input);
for (i = 0; i < (int)len-1; i++) {
c = (char)getc(input);
if (c == EOF) {
return -1;
} else if (c != '\n') {
@ -35,20 +35,22 @@ read_line(FILE *input, char *line, size_t len)
/* key_list must be initialized with ldns_rr_list_new() */
ldns_status
read_key_file(const char *filename, ldns_rr_list *key_list)
read_key_file(const char *filename, ldns_rr_list *key_list, bool silently)
{
int line_len = 0;
int line_nr = 0;
int key_count = 0;
char line[LDNS_MAX_PACKETLEN];
char line[LDNS_MAX_LINELEN];
ldns_status status;
FILE *input_file;
ldns_rr *rr;
input_file = fopen(filename, "r");
if (!input_file) {
fprintf(stderr, "Error opening %s: %s\n",
filename, strerror(errno));
if (! silently) {
fprintf(stderr, "Error opening %s: %s\n",
filename, strerror(errno));
}
return LDNS_STATUS_ERR;
}
while (line_len >= 0) {
@ -57,10 +59,13 @@ read_key_file(const char *filename, ldns_rr_list *key_list)
if (line_len > 0 && line[0] != ';') {
status = ldns_rr_new_frm_str(&rr, line, 0, NULL, NULL);
if (status != LDNS_STATUS_OK) {
fprintf(stderr,
"Error parsing DNSKEY RR in line %d: %s\n",
line_nr,
ldns_get_errorstr_by_id(status));
if (! silently) {
fprintf(stderr,
"Error parsing DNSKEY RR "
"in line %d: %s\n", line_nr,
ldns_get_errorstr_by_id(status)
);
}
} else if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_DNSKEY ||
ldns_rr_get_type(rr) == LDNS_RR_TYPE_DS) {
ldns_rr_list_push_rr(key_list, rr);
@ -70,7 +75,7 @@ read_key_file(const char *filename, ldns_rr_list *key_list)
}
}
}
printf(";; Number of trusted keys: %d\n", key_count);
fclose(input_file);
if (key_count > 0) {
return LDNS_STATUS_OK;
} else {
@ -132,6 +137,7 @@ print_ds_of_keys(ldns_pkt *p)
ds = ldns_key_rr2ds(ldns_rr_list_rr(keys, i), LDNS_SHA256);
local_print_ds(stdout, "; sha256: ", ds);
}
ldns_rr_list_deep_free(keys);
}
}

7
contrib/ldns/drill/drill_util.h
View File

@ -12,6 +12,13 @@
#define _DRILL_UTIL_H_
#include <ldns/ldns.h>
/**
* Read keys from filename and append to key_list.
*/
ldns_status read_key_file(const char *filename, ldns_rr_list *key_list,
bool silently);
/**
* return a address rdf, either A or AAAA
* NULL if anything goes wrong

4
contrib/ldns/drill/securetrace.c
View File

@ -231,7 +231,8 @@ do_secure_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t,
if (status != LDNS_STATUS_OK) {
printf("ERRRRR: %s\n", ldns_get_errorstr_by_id(status));
ldns_rr_list_print(stdout, global_dns_root);
return status;
result = status;
goto done;
}
labels_count = ldns_dname_label_count(name);
if (start_name) {
@ -392,7 +393,6 @@ do_secure_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t,
printf(";; There is an empty non-terminal here, continue\n");
continue;
}
goto done;
}
if (ldns_resolver_nameserver_count(res) == 0) {

26
contrib/ldns/drill/work.c
View File

@ -122,11 +122,6 @@ packetbuffromfile(char *filename, uint8_t *wire)
hexbuf[hexbufpos] = (uint8_t) c;
hexbufpos++;
break;
default:
warning("unknown state while reading %s", filename);
xfree(hexbuf);
return 0;
break;
}
c = fgetc(fp);
}
@ -178,20 +173,7 @@ read_hex_buffer(char *filename)
size_t wiresize;
ldns_buffer *result_buffer = NULL;
FILE *fp = NULL;
if (strncmp(filename, "-", 2) != 0) {
fp = fopen(filename, "r");
} else {
fp = stdin;
}
if (fp == NULL) {
perror("");
warning("Unable to open %s", filename);
return NULL;
}
wire = xmalloc(LDNS_MAX_PACKETLEN);
wiresize = packetbuffromfile(filename, wire);
@ -199,8 +181,8 @@ read_hex_buffer(char *filename)
result_buffer = LDNS_MALLOC(ldns_buffer);
ldns_buffer_new_frm_data(result_buffer, wire, wiresize);
ldns_buffer_set_position(result_buffer, ldns_buffer_capacity(result_buffer));
xfree(wire);
return result_buffer;
}
@ -236,7 +218,7 @@ read_hex_pkt(char *filename)
void
dump_hex(const ldns_pkt *pkt, const char *filename)
{
uint8_t *wire;
uint8_t *wire = NULL;
size_t size, i;
FILE *fp;
ldns_status status;
@ -252,6 +234,7 @@ dump_hex(const ldns_pkt *pkt, const char *filename)
if (status != LDNS_STATUS_OK) {
error("Unable to convert packet: error code %u", status);
LDNS_FREE(wire);
return;
}
@ -273,4 +256,5 @@ dump_hex(const ldns_pkt *pkt, const char *filename)
}
fprintf(fp, "\n");
fclose(fp);
LDNS_FREE(wire);
}

29
contrib/ldns/error.c
View File

@ -95,6 +95,35 @@ ldns_lookup_table ldns_error_str[] = {
"DNSSEC signature will expire too soon" },
{ LDNS_STATUS_CRYPTO_SIG_NOT_INCEPTED_WITHIN_MARGIN,
"DNSSEC signature not incepted long enough" },
{ LDNS_STATUS_DANE_UNKNOWN_CERTIFICATE_USAGE,
"Unknown TLSA Certificate Usage" },
{ LDNS_STATUS_DANE_UNKNOWN_SELECTOR, "Unknown TLSA Selector" },
{ LDNS_STATUS_DANE_UNKNOWN_MATCHING_TYPE,
"Unknown TLSA Matching Type" },
{ LDNS_STATUS_DANE_UNKNOWN_PROTOCOL,
"Unknown protocol. Only IPv4 and IPv6 are understood" },
{ LDNS_STATUS_DANE_UNKNOWN_TRANSPORT,
"Unknown transport. Should be one of {tcp, udp, sctp}" },
{ LDNS_STATUS_DANE_MISSING_EXTRA_CERTS, /* Trust anchor assertion */
"More than one certificate should be provided" },
{ LDNS_STATUS_DANE_EXTRA_CERTS_NOT_USED, /* Trust anchor assertion */
"Non of the extra certificates is used to sign the first" },
{ LDNS_STATUS_DANE_OFFSET_OUT_OF_RANGE, /* Trust anchor assertion */
"The offset was out of range" },
{ LDNS_STATUS_DANE_INSECURE, /* Unused by library */
"The queried resource records were insecure" },
{ LDNS_STATUS_DANE_BOGUS, /* Unused by library */
"The queried resource records were bogus" },
{ LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH,
"The TLSA record(s) "
"did not match with the server certificate (chain)" },
{ LDNS_STATUS_DANE_NON_CA_CERTIFICATE,
"The certificate was not a CA certificate" },
{ LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE,
"Could not PKIX validate" },
{ LDNS_STATUS_DANE_PKIX_NO_SELF_SIGNED_TRUST_ANCHOR,
"The validation path "
"did not end in a self-signed certificate" },
{ 0, NULL }
};

1
contrib/ldns/higher.c
View File

@ -126,6 +126,7 @@ ldns_get_rr_list_name_by_addr(ldns_resolver *res, ldns_rdf *addr, ldns_rr_class
/* add the RD flags, because we want an answer */
pkt = ldns_resolver_query(res, name, LDNS_RR_TYPE_PTR, c, flags | LDNS_RD);
ldns_rdf_deep_free(name);
if (pkt) {
/* extract the data we need */
names = ldns_pkt_rr_list_by_type(pkt,

112
contrib/ldns/host2str.c
View File

@ -123,6 +123,7 @@ const ldns_output_format *ldns_output_format_onlykeyids
= &ldns_output_format_onlykeyids_record;
const ldns_output_format *ldns_output_format_default
= &ldns_output_format_onlykeyids_record;
const ldns_output_format ldns_output_format_bubblebabble_record = {
LDNS_COMMENT_KEY | LDNS_COMMENT_BUBBLEBABBLE | LDNS_COMMENT_FLAGS, NULL
};
@ -195,7 +196,7 @@ ldns_pkt_opcode2str(ldns_pkt_opcode opcode)
str = NULL;
if (ldns_pkt_opcode2buffer_str(buf, opcode) == LDNS_STATUS_OK) {
str = ldns_buffer2str(buf);
str = ldns_buffer_export2str(buf);
}
ldns_buffer_free(buf);
@ -215,7 +216,7 @@ ldns_pkt_rcode2str(ldns_pkt_rcode rcode)
str = NULL;
if (ldns_pkt_rcode2buffer_str(buf, rcode) == LDNS_STATUS_OK) {
str = ldns_buffer2str(buf);
str = ldns_buffer_export2str(buf);
}
ldns_buffer_free(buf);
@ -236,7 +237,7 @@ ldns_pkt_algorithm2str(ldns_algorithm algorithm)
str = NULL;
if (ldns_algorithm2buffer_str(buf, algorithm)
== LDNS_STATUS_OK) {
str = ldns_buffer2str(buf);
str = ldns_buffer_export2str(buf);
}
ldns_buffer_free(buf);
@ -257,7 +258,7 @@ ldns_pkt_cert_algorithm2str(ldns_cert_algorithm cert_algorithm)
str = NULL;
if (ldns_cert_algorithm2buffer_str(buf, cert_algorithm)
== LDNS_STATUS_OK) {
str = ldns_buffer2str(buf);
str = ldns_buffer_export2str(buf);
}
ldns_buffer_free(buf);
@ -567,7 +568,7 @@ ldns_rr_type2str(const ldns_rr_type type)
str = NULL;
if (ldns_rr_type2buffer_str(buf, type) == LDNS_STATUS_OK) {
str = ldns_buffer2str(buf);
str = ldns_buffer_export2str(buf);
}
ldns_buffer_free(buf);
@ -603,7 +604,7 @@ ldns_rr_class2str(const ldns_rr_class klass)
str = NULL;
if (ldns_rr_class2buffer_str(buf, klass) == LDNS_STATUS_OK) {
str = ldns_buffer2str(buf);
str = ldns_buffer_export2str(buf);
}
ldns_buffer_free(buf);
return str;
@ -1149,8 +1150,9 @@ ldns_rdf2buffer_str(ldns_buffer *buffer, const ldns_rdf *rdf)
break;
}
} else {
/** This will write mangled RRs */
ldns_buffer_printf(buffer, "(null) ");
res = ldns_buffer_status(buffer);
res = LDNS_STATUS_ERR;
}
return res;
}
@ -1230,7 +1232,33 @@ ldns_rr2buffer_str_fmt(ldns_buffer *output,
for (i = 0; i < ldns_rr_rd_count(rr); i++) {
/* ldns_rdf2buffer_str handles NULL input fine! */
status = ldns_rdf2buffer_str(output, ldns_rr_rdf(rr, i));
if ((fmt->flags & LDNS_FMT_ZEROIZE_RRSIGS) &&
(ldns_rr_get_type(rr) == LDNS_RR_TYPE_RRSIG) &&
((/* inception */ i == 4 &&
ldns_rdf_get_type(ldns_rr_rdf(rr, 4)) ==
LDNS_RDF_TYPE_TIME) ||
(/* expiration */ i == 5 &&
ldns_rdf_get_type(ldns_rr_rdf(rr, 5)) ==
LDNS_RDF_TYPE_TIME) ||
(/* signature */ i == 8 &&
ldns_rdf_get_type(ldns_rr_rdf(rr, 8)) ==
LDNS_RDF_TYPE_B64))) {
ldns_buffer_printf(output, "(null)");
status = ldns_buffer_status(output);
} else if ((fmt->flags & LDNS_FMT_PAD_SOA_SERIAL) &&
(ldns_rr_get_type(rr) == LDNS_RR_TYPE_SOA) &&
/* serial */ i == 2 &&
ldns_rdf_get_type(ldns_rr_rdf(rr, 2)) ==
LDNS_RDF_TYPE_INT32) {
ldns_buffer_printf(output, "%10lu",
(unsigned long) ldns_read_uint32(
ldns_rdf_data(ldns_rr_rdf(rr, 2))));
status = ldns_buffer_status(output);
} else {
status = ldns_rdf2buffer_str(output,
ldns_rr_rdf(rr, i));
}
if(status != LDNS_STATUS_OK)
return status;
if (i < ldns_rr_rd_count(rr) - 1) {
@ -1633,12 +1661,12 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
{
ldns_status status = LDNS_STATUS_OK;
unsigned char *bignum;
#ifndef S_SPLINT_S
uint16_t i;
#endif
#ifdef HAVE_SSL
# ifndef S_SPLINT_S
uint16_t i;
# endif
/* not used when ssl is not defined */
/*@unused@*/
ldns_rdf *b64_bignum = NULL;
RSA *rsa;
@ -1716,6 +1744,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
}
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
ldns_rdf_deep_free(b64_bignum);
goto error;
}
ldns_rdf_deep_free(b64_bignum);
@ -1727,6 +1756,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
}
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
ldns_rdf_deep_free(b64_bignum);
goto error;
}
ldns_rdf_deep_free(b64_bignum);
@ -1740,6 +1770,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
}
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
ldns_rdf_deep_free(b64_bignum);
goto error;
}
ldns_rdf_deep_free(b64_bignum);
@ -1756,6 +1787,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
}
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
ldns_rdf_deep_free(b64_bignum);
goto error;
}
ldns_rdf_deep_free(b64_bignum);
@ -1772,6 +1804,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
}
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
ldns_rdf_deep_free(b64_bignum);
goto error;
}
ldns_rdf_deep_free(b64_bignum);
@ -1788,6 +1821,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
}
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
ldns_rdf_deep_free(b64_bignum);
goto error;
}
ldns_rdf_deep_free(b64_bignum);
@ -1804,6 +1838,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
}
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
ldns_rdf_deep_free(b64_bignum);
goto error;
}
ldns_rdf_deep_free(b64_bignum);
@ -1820,6 +1855,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
}
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
ldns_rdf_deep_free(b64_bignum);
goto error;
}
ldns_rdf_deep_free(b64_bignum);
@ -1853,6 +1889,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
}
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
ldns_rdf_deep_free(b64_bignum);
goto error;
}
ldns_rdf_deep_free(b64_bignum);
@ -1869,6 +1906,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
}
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
ldns_rdf_deep_free(b64_bignum);
goto error;
}
ldns_rdf_deep_free(b64_bignum);
@ -1885,6 +1923,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
}
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
ldns_rdf_deep_free(b64_bignum);
goto error;
}
ldns_rdf_deep_free(b64_bignum);
@ -1901,6 +1940,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
}
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
ldns_rdf_deep_free(b64_bignum);
goto error;
}
ldns_rdf_deep_free(b64_bignum);
@ -1917,6 +1957,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
}
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
ldns_rdf_deep_free(b64_bignum);
goto error;
}
ldns_rdf_deep_free(b64_bignum);
@ -1960,6 +2001,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
}
b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
ldns_rdf_deep_free(b64_bignum);
goto error;
}
ldns_rdf_deep_free(b64_bignum);
@ -1993,9 +2035,6 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
}
#endif /* HAVE_SSL */
} else {
#ifdef HAVE_SSL
LDNS_FREE(b64_bignum);
#endif
LDNS_FREE(bignum);
return ldns_buffer_status(output);
}
@ -2012,12 +2051,11 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
}
/*
* Zero terminate the buffer and fix it to the size of the string.
* Zero terminate the buffer and copy data.
*/
char *
ldns_buffer2str(ldns_buffer *buffer)
{
char *tmp_str;
char *str;
/* check if buffer ends with \0, if not, and
@ -2032,16 +2070,30 @@ ldns_buffer2str(ldns_buffer *buffer)
}
}
tmp_str = ldns_buffer_export(buffer);
str = LDNS_XMALLOC(char, strlen(tmp_str) + 1);
str = strdup((const char *)ldns_buffer_begin(buffer));
if(!str) {
return NULL;
}
memcpy(str, tmp_str, strlen(tmp_str) + 1);
return str;
}
/*
* Zero terminate the buffer and export data.
*/
char *
ldns_buffer_export2str(ldns_buffer *buffer)
{
/* Append '\0' as string terminator */
if (! ldns_buffer_reserve(buffer, 1)) {
return NULL;
}
ldns_buffer_write_u8(buffer, 0);
/* reallocate memory to the size of the string and export */
ldns_buffer_set_capacity(buffer, ldns_buffer_position(buffer));
return ldns_buffer_export(buffer);
}
char *
ldns_rdf2str(const ldns_rdf *rdf)
{
@ -2053,7 +2105,7 @@ ldns_rdf2str(const ldns_rdf *rdf)
}
if (ldns_rdf2buffer_str(tmp_buffer, rdf) == LDNS_STATUS_OK) {
/* export and return string, destroy rest */
result = ldns_buffer2str(tmp_buffer);
result = ldns_buffer_export2str(tmp_buffer);
}
ldns_buffer_free(tmp_buffer);
return result;
@ -2071,7 +2123,7 @@ ldns_rr2str_fmt(const ldns_output_format *fmt, const ldns_rr *rr)
if (ldns_rr2buffer_str_fmt(tmp_buffer, fmt, rr)
== LDNS_STATUS_OK) {
/* export and return string, destroy rest */
result = ldns_buffer2str(tmp_buffer);
result = ldns_buffer_export2str(tmp_buffer);
}
ldns_buffer_free(tmp_buffer);
return result;
@ -2095,7 +2147,7 @@ ldns_pkt2str_fmt(const ldns_output_format *fmt, const ldns_pkt *pkt)
if (ldns_pkt2buffer_str_fmt(tmp_buffer, fmt, pkt)
== LDNS_STATUS_OK) {
/* export and return string, destroy rest */
result = ldns_buffer2str(tmp_buffer);
result = ldns_buffer_export2str(tmp_buffer);
}
ldns_buffer_free(tmp_buffer);
@ -2119,7 +2171,7 @@ ldns_key2str(const ldns_key *k)
}
if (ldns_key2buffer_str(tmp_buffer, k) == LDNS_STATUS_OK) {
/* export and return string, destroy rest */
result = ldns_buffer2str(tmp_buffer);
result = ldns_buffer_export2str(tmp_buffer);
}
ldns_buffer_free(tmp_buffer);
return result;
@ -2149,7 +2201,7 @@ ldns_rr_list2str_fmt(const ldns_output_format *fmt, const ldns_rr_list *list)
}
/* export and return string, destroy rest */
result = ldns_buffer2str(tmp_buffer);
result = ldns_buffer_export2str(tmp_buffer);
ldns_buffer_free(tmp_buffer);
return result;
}
@ -2167,20 +2219,20 @@ ldns_rdf_print(FILE *output, const ldns_rdf *rdf)
if (str) {
fprintf(output, "%s", str);
} else {
fprintf(output, "Unable to convert rdf to string\n");
fprintf(output, ";Unable to convert rdf to string\n");
}
LDNS_FREE(str);
}
void
ldns_rr_print_fmt(FILE *output,
ldns_rr_print_fmt(FILE *output,
const ldns_output_format *fmt, const ldns_rr *rr)
{
char *str = ldns_rr2str_fmt(fmt, rr);
if (str) {
fprintf(output, "%s", str);
} else {
fprintf(output, "Unable to convert rr to string\n");
fprintf(output, ";Unable to convert rr to string\n");
}
LDNS_FREE(str);
}
@ -2199,7 +2251,7 @@ ldns_pkt_print_fmt(FILE *output,
if (str) {
fprintf(output, "%s", str);
} else {
fprintf(output, "Unable to convert packet to string\n");
fprintf(output, ";Unable to convert packet to string\n");
}
LDNS_FREE(str);
}

48
contrib/ldns/host2wire.c
View File

@ -341,7 +341,6 @@ ldns_status
ldns_rdf2wire(uint8_t **dest, const ldns_rdf *rdf, size_t *result_size)
{
ldns_buffer *buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN);
uint8_t *result = NULL;
ldns_status status;
*result_size = 0;
*dest = NULL;
@ -350,21 +349,8 @@ ldns_rdf2wire(uint8_t **dest, const ldns_rdf *rdf, size_t *result_size)
status = ldns_rdf2buffer_wire(buffer, rdf);
if (status == LDNS_STATUS_OK) {
*result_size = ldns_buffer_position(buffer);
result = (uint8_t *) ldns_buffer_export(buffer);
} else {
ldns_buffer_free(buffer);
return status;
*dest = (uint8_t *) ldns_buffer_export(buffer);
}
if (result) {
*dest = LDNS_XMALLOC(uint8_t, ldns_buffer_position(buffer));
if(!*dest) {
ldns_buffer_free(buffer);
return LDNS_STATUS_MEM_ERR;
}
memcpy(*dest, result, ldns_buffer_position(buffer));
}
ldns_buffer_free(buffer);
return status;
}
@ -373,7 +359,6 @@ ldns_status
ldns_rr2wire(uint8_t **dest, const ldns_rr *rr, int section, size_t *result_size)
{
ldns_buffer *buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN);
uint8_t *result = NULL;
ldns_status status;
*result_size = 0;
*dest = NULL;
@ -382,21 +367,8 @@ ldns_rr2wire(uint8_t **dest, const ldns_rr *rr, int section, size_t *result_size
status = ldns_rr2buffer_wire(buffer, rr, section);
if (status == LDNS_STATUS_OK) {
*result_size = ldns_buffer_position(buffer);
result = (uint8_t *) ldns_buffer_export(buffer);
} else {
ldns_buffer_free(buffer);
return status;
*dest = (uint8_t *) ldns_buffer_export(buffer);
}
if (result) {
*dest = LDNS_XMALLOC(uint8_t, ldns_buffer_position(buffer));
if(!*dest) {
ldns_buffer_free(buffer);
return LDNS_STATUS_MEM_ERR;
}
memcpy(*dest, result, ldns_buffer_position(buffer));
}
ldns_buffer_free(buffer);
return status;
}
@ -405,7 +377,6 @@ ldns_status
ldns_pkt2wire(uint8_t **dest, const ldns_pkt *packet, size_t *result_size)
{
ldns_buffer *buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN);
uint8_t *result = NULL;
ldns_status status;
*result_size = 0;
*dest = NULL;
@ -414,21 +385,8 @@ ldns_pkt2wire(uint8_t **dest, const ldns_pkt *packet, size_t *result_size)
status = ldns_pkt2buffer_wire(buffer, packet);
if (status == LDNS_STATUS_OK) {
*result_size = ldns_buffer_position(buffer);
result = (uint8_t *) ldns_buffer_export(buffer);
} else {
ldns_buffer_free(buffer);
return status;
*dest = (uint8_t *) ldns_buffer_export(buffer);
}
if (result) {
*dest = LDNS_XMALLOC(uint8_t, ldns_buffer_position(buffer));
if(!*dest) {
ldns_buffer_free(buffer);
return LDNS_STATUS_MEM_ERR;
}
memcpy(*dest, result, ldns_buffer_position(buffer));
}
ldns_buffer_free(buffer);
return status;
}

50
contrib/ldns/keys.c
View File

@ -431,8 +431,7 @@ ldns_key_new_frm_fp_l(ldns_key **key, FILE *fp, int *line_nr)
ldns_key_free(k);
return LDNS_STATUS_ERR;
}
ldns_key_set_rsa_key(k, rsa);
RSA_free(rsa);
ldns_key_assign_rsa_key(k, rsa);
#endif /* HAVE_SSL */
break;
case LDNS_SIGN_DSA:
@ -444,8 +443,7 @@ ldns_key_new_frm_fp_l(ldns_key **key, FILE *fp, int *line_nr)
ldns_key_free(k);
return LDNS_STATUS_ERR;
}
ldns_key_set_dsa_key(k, dsa);
DSA_free(dsa);
ldns_key_assign_dsa_key(k, dsa);
#endif /* HAVE_SSL */
break;
case LDNS_SIGN_HMACMD5:
@ -505,6 +503,7 @@ ldns_key_new_frm_fp_l(ldns_key **key, FILE *fp, int *line_nr)
*key = k;
return LDNS_STATUS_OK;
}
ldns_key_free(k);
return LDNS_STATUS_ERR;
}
@ -751,28 +750,21 @@ ldns_key_new_frm_fp_hmac_l( FILE *f
, size_t *hmac_size
)
{
size_t i;
char *d;
unsigned char *buf;
d = LDNS_XMALLOC(char, LDNS_MAX_LINELEN);
buf = LDNS_XMALLOC(unsigned char, LDNS_MAX_LINELEN);
if(!d || !buf) {
goto error;
}
size_t i, bufsz;
char d[LDNS_MAX_LINELEN];
unsigned char *buf = NULL;
if (ldns_fget_keyword_data_l(f, "Key", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
goto error;
}
i = (size_t) ldns_b64_pton((const char*)d,
buf,
ldns_b64_ntop_calculate_size(strlen(d)));
bufsz = ldns_b64_ntop_calculate_size(strlen(d));
buf = LDNS_XMALLOC(unsigned char, bufsz);
i = (size_t) ldns_b64_pton((const char*)d, buf, bufsz);
*hmac_size = i;
return buf;
error:
LDNS_FREE(d);
LDNS_FREE(buf);
*hmac_size = 0;
return NULL;
@ -850,6 +842,7 @@ ldns_key_new_frm_algorithm(ldns_signing_algorithm alg, uint16_t size)
return NULL;
}
ldns_key_set_rsa_key(k, r);
RSA_free(r);
#endif /* HAVE_SSL */
break;
case LDNS_SIGN_DSA:
@ -865,6 +858,7 @@ ldns_key_new_frm_algorithm(ldns_signing_algorithm alg, uint16_t size)
return NULL;
}
ldns_key_set_dsa_key(k, d);
DSA_free(d);
#endif /* HAVE_SSL */
break;
case LDNS_SIGN_HMACMD5:
@ -1005,6 +999,22 @@ ldns_key_set_dsa_key(ldns_key *k, DSA *d)
EVP_PKEY_set1_DSA(key, d);
k->_key.key = key;
}
void
ldns_key_assign_rsa_key(ldns_key *k, RSA *r)
{
EVP_PKEY *key = EVP_PKEY_new();
EVP_PKEY_assign_RSA(key, r);
k->_key.key = key;
}
void
ldns_key_assign_dsa_key(ldns_key *k, DSA *d)
{
EVP_PKEY *key = EVP_PKEY_new();
EVP_PKEY_assign_DSA(key, d);
k->_key.key = key;
}
#endif /* splint */
#endif /* HAVE_SSL */
@ -1302,7 +1312,7 @@ ldns_key_dsa2bin(unsigned char *data, DSA *k, uint16_t *size)
}
/* See RFC2536 */
*size = (uint16_t)BN_num_bytes(k->g);
*size = (uint16_t)BN_num_bytes(k->p);
T = (*size - 64) / 8;
memcpy(data, &T, 1);
@ -1365,10 +1375,10 @@ ldns_key2rr(const ldns_key *k)
#endif
int internal_data = 0;
pubkey = ldns_rr_new();
if (!k) {
return NULL;
}
pubkey = ldns_rr_new();
switch (ldns_key_algorithm(k)) {
case LDNS_SIGN_HMACMD5:
@ -1638,7 +1648,7 @@ ldns_key_get_file_base_name(ldns_key *key)
"+%03u+%05u",
ldns_key_algorithm(key),
ldns_key_keytag(key));
file_base_name = strdup(ldns_buffer_export(buffer));
file_base_name = ldns_buffer_export(buffer);
ldns_buffer_free(buffer);
return file_base_name;
}

5
contrib/ldns/ldns/buffer.h
View File

@ -630,8 +630,9 @@ void ldns_buffer_free(ldns_buffer *buffer);
void *ldns_buffer_export(ldns_buffer *buffer);
/**
* Copy contents of the other buffer to this buffer. Silently truncated
* if this buffer is too small.
* Copy contents of the from buffer to the result buffer and then flips
* the result buffer. Data will be silently truncated if the result buffer is
* too small.
* \param[out] *result resulting buffer which is copied to.
* \param[in] *from what to copy to result.
*/

73
contrib/ldns/ldns/common.h Normal file
View File

@ -0,0 +1,73 @@
/**
* \file common.h
*
* Common definitions for LDNS
*/
/**
* a Net::DNS like library for C
*
* (c) NLnet Labs, 2004-2006
*
* See the file LICENSE for the license
*/
#ifndef LDNS_COMMON_H
#define LDNS_COMMON_H
/*
* The build configuration that is used in the distributed headers,
* as detected and determined by the auto configure script.
*/
#define LDNS_BUILD_CONFIG_HAVE_SSL 1
#define LDNS_BUILD_CONFIG_HAVE_INTTYPES_H 1
#define LDNS_BUILD_CONFIG_HAVE_ATTR_FORMAT 1
#define LDNS_BUILD_CONFIG_HAVE_ATTR_UNUSED 1
#define LDNS_BUILD_CONFIG_HAVE_SOCKLEN_T 1
/*
* HAVE_STDBOOL_H is not available when distributed as a library, but no build
* configuration variables may be used (like those above) because the header
* is sometimes only available when using special compiler flags to enable the
* c99 environment. Because we cannot force the usage of this flag, we have to
* provide a default type. Below what is suggested by the autoconf manual.
*/
/*@ignore@*/
/* splint barfs on this construct */
#ifdef HAVE_STDBOOL_H
# include <stdbool.h>
#else
# ifndef HAVE__BOOL
# ifdef __cplusplus
typedef bool _Bool;
# else
# define _Bool signed char
# endif
# endif
# define bool _Bool
# define false 0
# define true 1
# define __bool_true_false_are_defined 1
#endif
/*@end@*/
#if LDNS_BUILD_CONFIG_HAVE_ATTR_FORMAT
#define ATTR_FORMAT(archetype, string_index, first_to_check) \
__attribute__ ((format (archetype, string_index, first_to_check)))
#else /* !LDNS_BUILD_CONFIG_HAVE_ATTR_FORMAT */
#define ATTR_FORMAT(archetype, string_index, first_to_check) /* empty */
#endif /* !LDNS_BUILD_CONFIG_HAVE_ATTR_FORMAT */
#if defined(__cplusplus)
#define ATTR_UNUSED(x)
#elif LDNS_BUILD_CONFIG_HAVE_ATTR_UNUSED
#define ATTR_UNUSED(x) x __attribute__((unused))
#else /* !LDNS_BUILD_CONFIG_HAVE_ATTR_UNUSED */
#define ATTR_UNUSED(x) x
#endif /* !LDNS_BUILD_CONFIG_HAVE_ATTR_UNUSED */
#if !LDNS_BUILD_CONFIG_HAVE_SOCKLEN_T
typedef int socklen_t;
#endif
#endif /* LDNS_COMMON_H */

5
contrib/ldns/ldns/common.h.in
View File

@ -23,6 +23,7 @@
#define LDNS_BUILD_CONFIG_HAVE_INTTYPES_H @ldns_build_config_have_inttypes_h@
#define LDNS_BUILD_CONFIG_HAVE_ATTR_FORMAT @ldns_build_config_have_attr_format@
#define LDNS_BUILD_CONFIG_HAVE_ATTR_UNUSED @ldns_build_config_have_attr_unused@
#define LDNS_BUILD_CONFIG_HAVE_SOCKLEN_T @ldns_build_config_have_socklen_t@
/*
* HAVE_STDBOOL_H is not available when distributed as a library, but no build
@ -65,4 +66,8 @@ typedef bool _Bool;
#define ATTR_UNUSED(x) x
#endif /* !LDNS_BUILD_CONFIG_HAVE_ATTR_UNUSED */
#if !LDNS_BUILD_CONFIG_HAVE_SOCKLEN_T
typedef int socklen_t;
#endif
#endif /* LDNS_COMMON_H */

571
contrib/ldns/ldns/config.h Normal file
View File

@ -0,0 +1,571 @@
/* ldns/config.h. Generated from config.h.in by configure. */
/* ldns/config.h.in. Generated from configure.ac by autoheader. */
/* Define if building universal (internal helper macro) */
/* #undef AC_APPLE_UNIVERSAL_BUILD */
/* Define to 1 if you have the <arpa/inet.h> header file. */
#define HAVE_ARPA_INET_H 1
/* Whether the C compiler accepts the "format" attribute */
#define HAVE_ATTR_FORMAT 1
/* Whether the C compiler accepts the "unused" attribute */
#define HAVE_ATTR_UNUSED 1
/* Define to 1 if you have the `b32_ntop' function. */
/* #undef HAVE_B32_NTOP */
/* Define to 1 if you have the `b32_pton' function. */
/* #undef HAVE_B32_PTON */
/* Define to 1 if you have the `b64_ntop' function. */
/* #undef HAVE_B64_NTOP */
/* Define to 1 if you have the `b64_pton' function. */
/* #undef HAVE_B64_PTON */
/* Define to 1 if you have the `bzero' function. */
#define HAVE_BZERO 1
/* Define to 1 if you have the `calloc' function. */
#define HAVE_CALLOC 1
/* Define to 1 if you have the `ctime_r' function. */
#define HAVE_CTIME_R 1
/* Is a CAFILE given at configure time */
#define HAVE_DANE_CA_FILE 0
/* Is a CAPATH given at configure time */
#define HAVE_DANE_CA_PATH 0
/* Define to 1 if you have the declaration of `NID_secp384r1', and to 0 if you
don't. */
#define HAVE_DECL_NID_SECP384R1 1
/* Define to 1 if you have the declaration of `NID_X9_62_prime256v1', and to 0
if you don't. */
#define HAVE_DECL_NID_X9_62_PRIME256V1 1
/* Define to 1 if you have the <dlfcn.h> header file. */
#define HAVE_DLFCN_H 1
/* Define to 1 if you have the `endprotoent' function. */
#define HAVE_ENDPROTOENT 1
/* Define to 1 if you have the `endservent' function. */
#define HAVE_ENDSERVENT 1
/* Define to 1 if you have the `EVP_sha256' function. */
#define HAVE_EVP_SHA256 1
/* Define to 1 if you have the `fcntl' function. */
#define HAVE_FCNTL 1
/* Define to 1 if you have the `fork' function. */
#define HAVE_FORK 1
/* Whether getaddrinfo is available */
#define HAVE_GETADDRINFO 1
/* Define to 1 if you have the <getopt.h> header file. */
#define HAVE_GETOPT_H 1
/* Define to 1 if you have the `gmtime_r' function. */
#define HAVE_GMTIME_R 1
/* If you have HMAC_CTX_init */
#define HAVE_HMAC_CTX_INIT 1
/* Define to 1 if you have the `inet_aton' function. */
#define HAVE_INET_ATON 1
/* Define to 1 if you have the `inet_ntop' function. */
#define HAVE_INET_NTOP 1
/* Define to 1 if you have the `inet_pton' function. */
#define HAVE_INET_PTON 1
/* Define to 1 if the system has the type `intptr_t'. */
#define HAVE_INTPTR_T 1
/* define if you have inttypes.h */
#define HAVE_INTTYPES_H 1
/* if the function 'ioctlsocket' is available */
/* #undef HAVE_IOCTLSOCKET */
/* Define to 1 if you have the `isascii' function. */
#define HAVE_ISASCII 1
/* Define to 1 if you have the `isblank' function. */
#define HAVE_ISBLANK 1
/* Define to 1 if you have the `pcap' library (-lpcap). */
/* #undef HAVE_LIBPCAP */
/* Define to 1 if you have the `localtime_r' function. */
#define HAVE_LOCALTIME_R 1
/* Define to 1 if your system has a GNU libc compatible `malloc' function, and
to 0 otherwise. */
#define HAVE_MALLOC 1
/* Define to 1 if you have the `memmove' function. */
#define HAVE_MEMMOVE 1
/* Define to 1 if you have the <memory.h> header file. */
#define HAVE_MEMORY_H 1
/* Define to 1 if you have the `memset' function. */
#define HAVE_MEMSET 1
/* Define to 1 if you have the <netdb.h> header file. */
#define HAVE_NETDB_H 1
/* Define to 1 if you have the <netinet/if_ether.h> header file. */
/* #undef HAVE_NETINET_IF_ETHER_H */
/* Define to 1 if you have the <netinet/igmp.h> header file. */
/* #undef HAVE_NETINET_IGMP_H */
/* Define to 1 if you have the <netinet/in.h> header file. */
#define HAVE_NETINET_IN_H 1
/* Define to 1 if you have the <netinet/in_systm.h> header file. */
/* #undef HAVE_NETINET_IN_SYSTM_H */
/* Define to 1 if you have the <netinet/ip6.h> header file. */
/* #undef HAVE_NETINET_IP6_H */
/* Define to 1 if you have the <netinet/ip_compat.h> header file. */
/* #undef HAVE_NETINET_IP_COMPAT_H */
/* Define to 1 if you have the <netinet/ip.h> header file. */
/* #undef HAVE_NETINET_IP_H */
/* Define to 1 if you have the <netinet/udp.h> header file. */
/* #undef HAVE_NETINET_UDP_H */
/* Define to 1 if you have the <net/ethernet.h> header file. */
/* #undef HAVE_NET_ETHERNET_H */
/* Define to 1 if you have the <net/if.h> header file. */
/* #undef HAVE_NET_IF_H */
/* Define to 1 if you have the <openssl/err.h> header file. */
#define HAVE_OPENSSL_ERR_H 1
/* Define to 1 if you have the <openssl/rand.h> header file. */
#define HAVE_OPENSSL_RAND_H 1
/* Define to 1 if you have the <openssl/ssl.h> header file. */
#define HAVE_OPENSSL_SSL_H 1
/* Define to 1 if you have the <pcap.h> header file. */
/* #undef HAVE_PCAP_H */
/* If available, contains the Python version number currently in use. */
/* #undef HAVE_PYTHON */
/* Define to 1 if you have the `random' function. */
#define HAVE_RANDOM 1
/* Define to 1 if your system has a GNU libc compatible `realloc' function,
and to 0 otherwise. */
#define HAVE_REALLOC 1
/* Define to 1 if you have the `sleep' function. */
#define HAVE_SLEEP 1
/* Define to 1 if you have the `snprintf' function. */
#define HAVE_SNPRINTF 1
/* Define if you have the SSL libraries installed. */
#define HAVE_SSL /**/
/* Define to 1 if you have the <stdarg.h> header file. */
#define HAVE_STDARG_H 1
/* Define to 1 if stdbool.h conforms to C99. */
#define HAVE_STDBOOL_H 1
/* Define to 1 if you have the <stdint.h> header file. */
#define HAVE_STDINT_H 1
/* Define to 1 if you have the <stdlib.h> header file. */
#define HAVE_STDLIB_H 1
/* Define to 1 if you have the <strings.h> header file. */
#define HAVE_STRINGS_H 1
/* Define to 1 if you have the <string.h> header file. */
#define HAVE_STRING_H 1
/* Define to 1 if you have the `strlcpy' function. */
#define HAVE_STRLCPY 1
/* Define to 1 if you have the `strtoul' function. */
#define HAVE_STRTOUL 1
/* Define if you have SWIG libraries and header files. */
/* #undef HAVE_SWIG */
/* Define to 1 if you have the <sys/mount.h> header file. */
#define HAVE_SYS_MOUNT_H 1
/* Define to 1 if you have the <sys/param.h> header file. */
#define HAVE_SYS_PARAM_H 1
/* define if you have sys/socket.h */
#define HAVE_SYS_SOCKET_H 1
/* Define to 1 if you have the <sys/stat.h> header file. */
#define HAVE_SYS_STAT_H 1
/* define if you have sys/types.h */
#define HAVE_SYS_TYPES_H 1
/* Define to 1 if you have the `timegm' function. */
#define HAVE_TIMEGM 1
/* Define to 1 if you have the <time.h> header file. */
#define HAVE_TIME_H 1
/* define if you have unistd.h */
#define HAVE_UNISTD_H 1
/* Define to 1 if you have the `vfork' function. */
#define HAVE_VFORK 1
/* Define to 1 if you have the <vfork.h> header file. */
/* #undef HAVE_VFORK_H */
/* Define to 1 if you have the <winsock2.h> header file. */
/* #undef HAVE_WINSOCK2_H */
/* Define to 1 if `fork' works. */
#define HAVE_WORKING_FORK 1
/* Define to 1 if `vfork' works. */
#define HAVE_WORKING_VFORK 1
/* Define to 1 if you have the <ws2tcpip.h> header file. */
/* #undef HAVE_WS2TCPIP_H */
/* Define to 1 if the system has the type `_Bool'. */
#define HAVE__BOOL 1
/* Is a CAFILE given at configure time */
/* #undef LDNS_DANE_CA_FILE */
/* Is a CAPATH given at configure time */
/* #undef LDNS_DANE_CA_PATH */
/* Default trust anchor file */
#define LDNS_TRUST_ANCHOR_FILE "/etc/unbound/root.key"
/* Define to the sub-directory in which libtool stores uninstalled libraries.
*/
#define LT_OBJDIR ".libs/"
/* Define to the address where bug reports for this package should be sent. */
#define PACKAGE_BUGREPORT "libdns@nlnetlabs.nl"
/* Define to the full name of this package. */
#define PACKAGE_NAME "ldns"
/* Define to the full name and version of this package. */
#define PACKAGE_STRING "ldns 1.6.16"
/* Define to the one symbol short name of this package. */
#define PACKAGE_TARNAME "libdns"
/* Define to the home page for this package. */
#define PACKAGE_URL ""
/* Define to the version of this package. */
#define PACKAGE_VERSION "1.6.16"
/* The size of `time_t', as computed by sizeof. */
#define SIZEOF_TIME_T 8
/* Define to 1 if you have the ANSI C header files. */
#define STDC_HEADERS 1
/* System configuration dir */
#define SYSCONFDIR sysconfdir
/* Define this to enable ECDSA support. */
#define USE_ECDSA 1
/* Define this to enable GOST support. */
#define USE_GOST 1
/* Define this to enable SHA256 and SHA512 support. */
#define USE_SHA2 1
/* Enable extensions on AIX 3, Interix. */
#ifndef _ALL_SOURCE
# define _ALL_SOURCE 1
#endif
/* Enable GNU extensions on systems that have them. */
#ifndef _GNU_SOURCE
# define _GNU_SOURCE 1
#endif
/* Enable threading extensions on Solaris. */
#ifndef _POSIX_PTHREAD_SEMANTICS
# define _POSIX_PTHREAD_SEMANTICS 1
#endif
/* Enable extensions on HP NonStop. */
#ifndef _TANDEM_SOURCE
# define _TANDEM_SOURCE 1
#endif
/* Enable general extensions on Solaris. */
#ifndef __EXTENSIONS__
# define __EXTENSIONS__ 1
#endif
/* Whether the windows socket API is used */
/* #undef USE_WINSOCK */
/* the version of the windows API enabled */
#define WINVER 0x0502
/* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most
significant byte first (like Motorola and SPARC, unlike Intel). */
#if defined AC_APPLE_UNIVERSAL_BUILD
# if defined __BIG_ENDIAN__
# define WORDS_BIGENDIAN 1
# endif
#else
# ifndef WORDS_BIGENDIAN
/* # undef WORDS_BIGENDIAN */
# endif
#endif
/* Define to 1 if on MINIX. */
/* #undef _MINIX */
/* Define to 2 if the system does not provide POSIX.1 features except with
this defined. */
/* #undef _POSIX_1_SOURCE */
/* Define to 1 if you need to in order for `stat' and other things to work. */
/* #undef _POSIX_SOURCE */
/* Define to empty if `const' does not conform to ANSI C. */
/* #undef const */
/* in_addr_t */
/* #undef in_addr_t */
/* in_port_t */
/* #undef in_port_t */
/* Define to `__inline__' or `__inline' if that's what the C compiler
calls it, or to nothing if 'inline' is not supported under any name. */
#ifndef __cplusplus
/* #undef inline */
#endif
/* Define to `short' if <sys/types.h> does not define. */
/* #undef int16_t */
/* Define to `int' if <sys/types.h> does not define. */
/* #undef int32_t */
/* Define to `long long' if <sys/types.h> does not define. */
/* #undef int64_t */
/* Define to `char' if <sys/types.h> does not define. */
/* #undef int8_t */
/* Define to the type of a signed integer type wide enough to hold a pointer,
if such a type exists, and if the system does not define it. */
/* #undef intptr_t */
/* Define to rpl_malloc if the replacement function should be used. */
/* #undef malloc */
/* Define to `int' if <sys/types.h> does not define. */
/* #undef pid_t */
/* Define to rpl_realloc if the replacement function should be used. */
/* #undef realloc */
/* Define to `unsigned int' if <sys/types.h> does not define. */
/* #undef size_t */
/* Define to 'int' if not defined */
/* #undef socklen_t */
/* Fallback member name for socket family in struct sockaddr_storage */
/* #undef ss_family */
/* Define to `int' if <sys/types.h> does not define. */
/* #undef ssize_t */
/* Define to `unsigned short' if <sys/types.h> does not define. */
/* #undef uint16_t */
/* Define to `unsigned int' if <sys/types.h> does not define. */
/* #undef uint32_t */
/* Define to `unsigned long long' if <sys/types.h> does not define. */
/* #undef uint64_t */
/* Define to `unsigned char' if <sys/types.h> does not define. */
/* #undef uint8_t */
/* Define as `fork' if `vfork' does not work. */
/* #undef vfork */
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <assert.h>
#ifndef LITTLE_ENDIAN
#define LITTLE_ENDIAN 1234
#endif
#ifndef BIG_ENDIAN
#define BIG_ENDIAN 4321
#endif
#ifndef BYTE_ORDER
#ifdef WORDS_BIGENDIAN
#define BYTE_ORDER BIG_ENDIAN
#else
#define BYTE_ORDER LITTLE_ENDIAN
#endif /* WORDS_BIGENDIAN */
#endif /* BYTE_ORDER */
#if STDC_HEADERS
#include <stdlib.h>
#include <stddef.h>
#endif
#ifdef HAVE_STDINT_H
#include <stdint.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#ifdef HAVE_ARPA_INET_H
#include <arpa/inet.h>
#endif
#ifdef HAVE_WINSOCK2_H
#include <winsock2.h>
#endif
#ifdef HAVE_WS2TCPIP_H
#include <ws2tcpip.h>
#endif
/* detect if we need to cast to unsigned int for FD_SET to avoid warnings */
#ifdef HAVE_WINSOCK2_H
#define FD_SET_T (u_int)
#else
#define FD_SET_T
#endif
#ifdef __cplusplus
extern "C" {
#endif
#ifndef B64_PTON
int ldns_b64_ntop(uint8_t const *src, size_t srclength,
char *target, size_t targsize);
/**
* calculates the size needed to store the result of b64_ntop
*/
/*@unused@*/
static inline size_t ldns_b64_ntop_calculate_size(size_t srcsize)
{
return ((((srcsize + 2) / 3) * 4) + 1);
}
#endif /* !B64_PTON */
#ifndef B64_NTOP
int ldns_b64_pton(char const *src, uint8_t *target, size_t targsize);
/**
* calculates the size needed to store the result of ldns_b64_pton
*/
/*@unused@*/
static inline size_t ldns_b64_pton_calculate_size(size_t srcsize)
{
return (((((srcsize + 3) / 4) * 3)) + 1);
}
#endif /* !B64_NTOP */
#ifndef HAVE_SLEEP
/* use windows sleep, in millisecs, instead */
#define sleep(x) Sleep((x)*1000)
#endif
#ifndef HAVE_RANDOM
#define srandom(x) srand(x)
#define random(x) rand(x)
#endif
#ifndef HAVE_TIMEGM
#include <time.h>
time_t timegm (struct tm *tm);
#endif /* !TIMEGM */
#ifndef HAVE_GMTIME_R
struct tm *gmtime_r(const time_t *timep, struct tm *result);
#endif
#ifndef HAVE_LOCALTIME_R
struct tm *localtime_r(const time_t *timep, struct tm *result);
#endif
#ifndef HAVE_ISBLANK
int isblank(int c);
#endif /* !HAVE_ISBLANK */
#ifndef HAVE_ISASCII
int isascii(int c);
#endif /* !HAVE_ISASCII */
#ifndef HAVE_SNPRINTF
#include <stdarg.h>
int snprintf (char *str, size_t count, const char *fmt, ...);
int vsnprintf (char *str, size_t count, const char *fmt, va_list arg);
#endif /* HAVE_SNPRINTF */
#ifndef HAVE_INET_PTON
int inet_pton(int af, const char* src, void* dst);
#endif /* HAVE_INET_PTON */
#ifndef HAVE_INET_NTOP
const char *inet_ntop(int af, const void *src, char *dst, size_t size);
#endif
#ifndef HAVE_INET_ATON
int inet_aton(const char *cp, struct in_addr *addr);
#endif
#ifndef HAVE_MEMMOVE
void *memmove(void *dest, const void *src, size_t n);
#endif
#ifndef HAVE_STRLCPY
size_t strlcpy(char *dst, const char *src, size_t siz);
#endif
#ifdef __cplusplus
}
#endif
#ifndef HAVE_GETADDRINFO
#include "compat/fake-rfc2553.h"
#endif
#ifndef HAVE_STRTOUL
#define strtoul (unsigned long)strtol
#endif

15
contrib/ldns/ldns/config.h.in
View File

@ -33,6 +33,12 @@
/* Define to 1 if you have the `ctime_r' function. */
#undef HAVE_CTIME_R
/* Is a CAFILE given at configure time */
#undef HAVE_DANE_CA_FILE
/* Is a CAPATH given at configure time */
#undef HAVE_DANE_CA_PATH
/* Define to 1 if you have the declaration of `NID_secp384r1', and to 0 if you
don't. */
#undef HAVE_DECL_NID_SECP384R1
@ -250,6 +256,15 @@
/* Define to 1 if the system has the type `_Bool'. */
#undef HAVE__BOOL
/* Is a CAFILE given at configure time */
#undef LDNS_DANE_CA_FILE
/* Is a CAPATH given at configure time */
#undef LDNS_DANE_CA_PATH
/* Default trust anchor file */
#undef LDNS_TRUST_ANCHOR_FILE
/* Define to the sub-directory in which libtool stores uninstalled libraries.
*/
#undef LT_OBJDIR

244
contrib/ldns/ldns/dane.h Normal file
View File

@ -0,0 +1,244 @@
/*
* dane.h -- defines for the DNS-Based Authentication of Named Entities (DANE)
* Transport Layer Security (TLS) Protocol: TLSA
*
* Copyright (c) 2012, NLnet Labs. All rights reserved.
*
* See LICENSE for the license.
*
*/
/**
* \file
*
* This module contains base functions for creating and verifying TLSA RR's
* with PKIX certificates, certificate chains and validation stores.
* (See RFC6394 and RFC6698).
*
* Since those functions heavily rely op cryptographic operations,
* this module is dependent on openssl.
*/
#ifndef LDNS_DANE_H
#define LDNS_DANE_H
#include <ldns/common.h>
#include <ldns/rdata.h>
#include <ldns/rr.h>
#if LDNS_BUILD_CONFIG_HAVE_SSL
#include <openssl/ssl.h>
#include <openssl/err.h>
#endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
#ifdef __cplusplus
extern "C" {
#endif
/**
* The different "Certificate usage" rdata field values for a TLSA RR.
*/
enum ldns_enum_tlsa_certificate_usage
{
/** CA constraint */
LDNS_TLSA_USAGE_CA_CONSTRAINT = 0,
/** Sevice certificate constraint */
LDNS_TLSA_USAGE_SERVICE_CERTIFICATE_CONSTRAINT = 1,
/** Trust anchor assertion */
LDNS_TLSA_USAGE_TRUST_ANCHOR_ASSERTION = 2,
/** Domain issued certificate */
LDNS_TLSA_USAGE_DOMAIN_ISSUED_CERTIFICATE = 3
};
typedef enum ldns_enum_tlsa_certificate_usage ldns_tlsa_certificate_usage;
/**
* The different "Selector" rdata field values for a TLSA RR.
*/
enum ldns_enum_tlsa_selector
{
/**
* Full certificate: the Certificate binary structure
* as defined in [RFC5280]
*/
LDNS_TLSA_SELECTOR_FULL_CERTIFICATE = 0,
/**
* SubjectPublicKeyInfo: DER-encoded binary structure
* as defined in [RFC5280]
*/
LDNS_TLSA_SELECTOR_SUBJECTPUBLICKEYINFO = 1
};
typedef enum ldns_enum_tlsa_selector ldns_tlsa_selector;
/**
* The different "Matching type" rdata field values for a TLSA RR.
*/
enum ldns_enum_tlsa_matching_type
{
/** Exact match on selected content */
LDNS_TLSA_MATCHING_TYPE_NO_HASH_USED = 0,
/** SHA-256 hash of selected content [RFC6234] */
LDNS_TLSA_MATCHING_TYPE_SHA256 = 1,
/** SHA-512 hash of selected content [RFC6234] */
LDNS_TLSA_MATCHING_TYPE_SHA512 = 2
};
typedef enum ldns_enum_tlsa_matching_type ldns_tlsa_matching_type;
/**
* Known transports to use with TLSA owner names.
*/
enum ldns_enum_dane_transport
{
/** TCP */
LDNS_DANE_TRANSPORT_TCP = 0,
/** UDP */
LDNS_DANE_TRANSPORT_UDP = 1,
/** SCTP */
LDNS_DANE_TRANSPORT_SCTP = 2
};
typedef enum ldns_enum_dane_transport ldns_dane_transport;
/**
* Creates a dname consisting of the given name, prefixed by the service port
* and type of transport: _<EM>port</EM>._<EM>transport</EM>.<EM>name</EM>.
*
* \param[out] tlsa_owner The created dname.
* \param[in] name The dname that should be prefixed.
* \param[in] port The service port number for wich the name should be created.
* \param[in] transport The transport for wich the name should be created.
* \return LDNS_STATUS_OK on success or an error code otherwise.
*/
ldns_status ldns_dane_create_tlsa_owner(ldns_rdf** tlsa_owner,
const ldns_rdf* name, uint16_t port,
ldns_dane_transport transport);
#if LDNS_BUILD_CONFIG_HAVE_SSL
/**
* Creates a LDNS_RDF_TYPE_HEX type rdf based on the binary data choosen by
* the selector and encoded using matching_type.
*
* \param[out] rdf The created created rdf of type LDNS_RDF_TYPE_HEX.
* \param[in] cert The certificate from which the data is selected
* \param[in] selector The full certificate or the public key
* \param[in] matching_type The full data or the SHA256 or SHA512 hash
* of the selected data
* \return LDNS_STATUS_OK on success or an error code otherwise.
*/
ldns_status ldns_dane_cert2rdf(ldns_rdf** rdf, X509* cert,
ldns_tlsa_selector selector,
ldns_tlsa_matching_type matching_type);
/**
* Selects the certificate from cert, extra_certs or the pkix_validation_store
* based on the value of cert_usage and index.
*
* \param[out] selected_cert The selected cert.
* \param[in] cert The certificate to validate (or not)
* \param[in] extra_certs Intermediate certificates that might be necessary
* during validation. May be NULL, except when the certificate
* usage is "Trust Anchor Assertion" because the trust anchor has
* to be provided.(otherwise choose a "Domain issued certificate!"
* \param[in] pkix_validation_store Used when the certificate usage is
* "CA constraint" or "Service Certificate Constraint" to
* validate the certificate and, in case of "CA constraint",
* select the CA.
* When pkix_validation_store is NULL, validation is explicitely
* turned off and the behaviour is then the same as for "Trust
* anchor assertion" and "Domain issued certificate" respectively.
* \param[in] cert_usage Which certificate to use and how to validate.
* \param[in] index Used to select the trust anchor when certificate usage
* is "Trust Anchor Assertion". 0 is the last certificate in the
* validation chain. 1 the one but last, etc. When index is -1,
* the last certificate is used that MUST be self-signed.
* This can help to make sure that the intended (self signed)
* trust anchor is actually present in extra_certs (which is a
* DANE requirement).
*
* \return LDNS_STATUS_OK on success or an error code otherwise.
*/
ldns_status ldns_dane_select_certificate(X509** selected_cert,
X509* cert, STACK_OF(X509)* extra_certs,
X509_STORE* pkix_validation_store,
ldns_tlsa_certificate_usage cert_usage, int index);
/**
* Creates a TLSA resource record from the certificate.
* No PKIX validation is performed! The given certificate is used as data
* regardless the value of certificate_usage.
*
* \param[out] tlsa The created TLSA resource record.
* \param[in] certificate_usage The value for the Certificate Usage field
* \param[in] selector The value for the Selector field
* \param[in] matching_type The value for the Matching Type field
* \param[in] cert The certificate which data will be represented
*
* \return LDNS_STATUS_OK on success or an error code otherwise.
*/
ldns_status ldns_dane_create_tlsa_rr(ldns_rr** tlsa,
ldns_tlsa_certificate_usage certificate_usage,
ldns_tlsa_selector selector,
ldns_tlsa_matching_type matching_type,
X509* cert);
/**
* Verify if the given TLSA resource record matches the given certificate.
* Reporting on a TLSA rr mismatch (LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH)
* is preferred over PKIX failure (LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE).
* So when PKIX validation is required by the TLSA Certificate usage,
* but the TLSA data does not match, LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH
* is returned whether the PKIX validated or not.
*
* \param[in] tlsa_rr The resource record that specifies what and how to
* match the certificate. With tlsa_rr == NULL, regular PKIX
* validation is performed.
* \param[in] cert The certificate to match (and validate)
* \param[in] extra_certs Intermediate certificates that might be necessary
* creating the validation chain.
* \param[in] pkix_validation_store Used when the certificate usage is
* "CA constraint" or "Service Certificate Constraint" to
* validate the certificate.
*
* \return LDNS_STATUS_OK on success,
* LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH on TLSA data mismatch,
* LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE when TLSA matched,
* but the PKIX validation failed, or other ldns_status errors.
*/
ldns_status ldns_dane_verify_rr(const ldns_rr* tlsa_rr,
X509* cert, STACK_OF(X509)* extra_certs,
X509_STORE* pkix_validation_store);
/**
* Verify if any of the given TLSA resource records matches the given
* certificate.
*
* \param[in] tlsas The resource records that specify what and how to
* match the certificate. One must match for this function
* to succeed. With tlsas == NULL or the number of TLSA records
* in tlsas == 0, regular PKIX validation is performed.
* \param[in] cert The certificate to match (and validate)
* \param[in] extra_certs Intermediate certificates that might be necessary
* creating the validation chain.
* \param[in] pkix_validation_store Used when the certificate usage is
* "CA constraint" or "Service Certificate Constraint" to
* validate the certificate.
*
* \return LDNS_STATUS_OK on success,
* LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE when one of the TLSA's
* matched but the PKIX validation failed,
* LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH when none of the TLSA's matched,
* or other ldns_status errors.
*/
ldns_status ldns_dane_verify(ldns_rr_list* tlsas,
X509* cert, STACK_OF(X509)* extra_certs,
X509_STORE* pkix_validation_store);
#endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
#ifdef __cplusplus
}
#endif
#endif /* LDNS_DANE_H */

9
contrib/ldns/ldns/dname.h
View File

@ -111,6 +111,7 @@ ldns_rdf *ldns_dname_new_frm_str(const char *str);
* Create a new dname rdf from a string
* \param[in] s the size of the new dname
* \param[in] *data pointer to the actual data
*
* \return ldns_rdf*
*/
ldns_rdf *ldns_dname_new(uint16_t s, void *data);
@ -119,6 +120,7 @@ ldns_rdf *ldns_dname_new(uint16_t s, void *data);
* Create a new dname rdf from data (the data is copied)
* \param[in] size the size of the data
* \param[in] *data pointer to the actual data
*
* \return ldns_rdf*
*/
ldns_rdf *ldns_dname_new_frm_data(uint16_t size, const void *data);
@ -177,6 +179,13 @@ int ldns_dname_interval(const ldns_rdf *prev, const ldns_rdf *middle, const ldns
*/
bool ldns_dname_str_absolute(const char *dname_str);
/**
* Checks whether the given dname is absolute (i.e. ends with a '.')
* \param[in] *dname a rdf representing the dname
* \return true or false
*/
bool ldns_dname_absolute(const ldns_rdf *dname);
/**
* look inside the rdf and if it is an LDNS_RDF_TYPE_DNAME
* try and retrieve a specific label. The labels are numbered

1
contrib/ldns/ldns/dnssec.h
View File

@ -198,6 +198,7 @@ RSA *ldns_key_buf2rsa_raw(unsigned char* key, size_t len);
*
* \param[in] *key the key to convert
* \param[in] h the hash to use LDNS_SHA1/LDNS_SHA256
*
* \return ldns_rr* a new rr pointer to a DS
*/
ldns_rr *ldns_key_rr2ds(const ldns_rr *key, ldns_hash h);

1
contrib/ldns/ldns/dnssec_verify.h
View File

@ -367,6 +367,7 @@ void ldns_dnssec_derive_trust_tree_no_sig_time(
*
* \param *tree The trust tree so search
* \param *keys A ldns_rr_list of DNSKEY and DS rrs to look for
*
* \return LDNS_STATUS_OK if there is a trusted path to one of
* the keys, or the *first* error encountered
* if there were no paths

1
contrib/ldns/ldns/dnssec_zone.h
View File

@ -8,7 +8,6 @@
#ifndef LDNS_DNSSEC_ZONE_H
#define LDNS_DNSSEC_ZONE_H
#include <ldns/ldns.h>
#include <ldns/rbtree.h>
#include <ldns/host2str.h>

17
contrib/ldns/ldns/error.h
View File

@ -102,7 +102,22 @@ enum ldns_enum_status {
LDNS_STATUS_MISSING_RDATA_FIELDS_RRSIG,
LDNS_STATUS_MISSING_RDATA_FIELDS_KEY,
LDNS_STATUS_CRYPTO_SIG_EXPIRED_WITHIN_MARGIN,
LDNS_STATUS_CRYPTO_SIG_NOT_INCEPTED_WITHIN_MARGIN
LDNS_STATUS_CRYPTO_SIG_NOT_INCEPTED_WITHIN_MARGIN,
LDNS_STATUS_DANE_STATUS_MESSAGES,
LDNS_STATUS_DANE_UNKNOWN_CERTIFICATE_USAGE,
LDNS_STATUS_DANE_UNKNOWN_SELECTOR,
LDNS_STATUS_DANE_UNKNOWN_MATCHING_TYPE,
LDNS_STATUS_DANE_UNKNOWN_PROTOCOL,
LDNS_STATUS_DANE_UNKNOWN_TRANSPORT,
LDNS_STATUS_DANE_MISSING_EXTRA_CERTS,
LDNS_STATUS_DANE_EXTRA_CERTS_NOT_USED,
LDNS_STATUS_DANE_OFFSET_OUT_OF_RANGE,
LDNS_STATUS_DANE_INSECURE,
LDNS_STATUS_DANE_BOGUS,
LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH,
LDNS_STATUS_DANE_NON_CA_CERTIFICATE,
LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE,
LDNS_STATUS_DANE_PKIX_NO_SELF_SIGNED_TRUST_ANCHOR
};
typedef enum ldns_enum_status ldns_status;

18
contrib/ldns/ldns/host2str.h
View File

@ -64,6 +64,8 @@ extern "C" {
#define LDNS_COMMENT_LAYOUT 0x0080
/** Also comment KEY_ID with RRSIGS **/
#define LDNS_COMMENT_RRSIGS 0x0100
#define LDNS_FMT_ZEROIZE_RRSIGS 0x0200
#define LDNS_FMT_PAD_SOA_SERIAL 0x0400
/**
* Output format specifier
@ -601,14 +603,26 @@ char *ldns_rr_list2str_fmt(
const ldns_output_format *fmt, const ldns_rr_list *rr_list);
/**
* Returns the data in the buffer as a null terminated char * string
* Buffer data must be char * type, and must be freed by the caller
* Returns a copy of the data in the buffer as a null terminated
* char * string. The returned string must be freed by the caller.
* The buffer must be in write modus and may thus not have been flipped.
*
* \param[in] buffer buffer containing char * data
* \return null terminated char * data, or NULL on error
*/
char *ldns_buffer2str(ldns_buffer *buffer);
/**
* Exports and returns the data in the buffer as a null terminated
* char * string. The returned string must be freed by the caller.
* The buffer must be in write modus and may thus not have been flipped.
* The buffer is fixed after this function returns.
*
* \param[in] buffer buffer containing char * data
* \return null terminated char * data, or NULL on error
*/
char *ldns_buffer_export2str(ldns_buffer *buffer);
/**
* Prints the data in the rdata field to the given file stream
* (in presentation format)

22
contrib/ldns/ldns/keys.h
View File

@ -25,7 +25,6 @@
#if LDNS_BUILD_CONFIG_HAVE_SSL
#include <openssl/ssl.h>
#endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
#include <ldns/dnssec.h>
#include <ldns/util.h>
#include <errno.h>
@ -299,18 +298,37 @@ void ldns_key_set_algorithm(ldns_key *k, ldns_signing_algorithm l);
void ldns_key_set_evp_key(ldns_key *k, EVP_PKEY *e);
/**
* Set the key's rsa data
* Set the key's rsa data.
* The rsa data should be freed by the user.
* \param[in] k the key
* \param[in] r the rsa data
*/
void ldns_key_set_rsa_key(ldns_key *k, RSA *r);
/**
* Set the key's dsa data
* The dsa data should be freed by the user.
* \param[in] k the key
* \param[in] d the dsa data
*/
void ldns_key_set_dsa_key(ldns_key *k, DSA *d);
/**
* Assign the key's rsa data
* The rsa data will be freed automatically when the key is freed.
* \param[in] k the key
* \param[in] r the rsa data
*/
void ldns_key_assign_rsa_key(ldns_key *k, RSA *r);
/**
* Assign the key's dsa data
* The dsa data will be freed automatically when the key is freed.
* \param[in] k the key
* \param[in] d the dsa data
*/
void ldns_key_assign_dsa_key(ldns_key *k, DSA *d);
/**
* Get the PKEY id for GOST, loads GOST into openssl as a side effect.
* Only available if GOST is compiled into the library and openssl.

1
contrib/ldns/ldns/ldns.h
View File

@ -95,6 +95,7 @@ Or you can just use the menu above to browse through the API docs.
#include <ldns/util.h>
#include <ldns/buffer.h>
#include <ldns/common.h>
#include <ldns/dane.h>
#include <ldns/dname.h>
#include <ldns/dnssec.h>
#include <ldns/dnssec_verify.h>

208
contrib/ldns/ldns/net.h Normal file
View File

@ -0,0 +1,208 @@
/*
* net.h
*
* DNS Resolver definitions
*
* a Net::DNS like library for C
*
* (c) NLnet Labs, 2005-2006
*
* See the file LICENSE for the license
*/
#ifndef LDNS_NET_H
#define LDNS_NET_H
#include <ldns/ldns.h>
#include <sys/socket.h>
#ifdef __cplusplus
extern "C" {
#endif
#define LDNS_DEFAULT_TIMEOUT_SEC 5
#define LDNS_DEFAULT_TIMEOUT_USEC 0
/**
* \file
*
* Contains functions to send and receive packets over a network.
*/
/**
* Sends a buffer to an ip using udp and return the respons as a ldns_pkt
* \param[in] qbin the ldns_buffer to be send
* \param[in] to the ip addr to send to
* \param[in] tolen length of the ip addr
* \param[in] timeout the timeout value for the network
* \param[out] answersize size of the packet
* \param[out] result packet with the answer
* \return status
*/
ldns_status ldns_udp_send(uint8_t **result, ldns_buffer *qbin, const struct sockaddr_storage *to, socklen_t tolen, struct timeval timeout, size_t *answersize);
/**
* Send an udp query and don't wait for an answer but return
* the socket
* \param[in] qbin the ldns_buffer to be send
* \param[in] to the ip addr to send to
* \param[in] tolen length of the ip addr
* \param[in] timeout *unused*, was the timeout value for the network
* \return the socket used
*/
int ldns_udp_bgsend(ldns_buffer *qbin, const struct sockaddr_storage *to, socklen_t tolen, struct timeval timeout);
/**
* Send an tcp query and don't wait for an answer but return
* the socket
* \param[in] qbin the ldns_buffer to be send
* \param[in] to the ip addr to send to
* \param[in] tolen length of the ip addr
* \param[in] timeout the timeout value for the connect attempt
* \return the socket used
*/
int ldns_tcp_bgsend(ldns_buffer *qbin, const struct sockaddr_storage *to, socklen_t tolen, struct timeval timeout);
/**
* Sends a buffer to an ip using tcp and return the respons as a ldns_pkt
* \param[in] qbin the ldns_buffer to be send
* \param[in] qbin the ldns_buffer to be send
* \param[in] to the ip addr to send to
* \param[in] tolen length of the ip addr
* \param[in] timeout the timeout value for the network
* \param[out] answersize size of the packet
* \param[out] result packet with the answer
* \return status
*/
ldns_status ldns_tcp_send(uint8_t **result, ldns_buffer *qbin, const struct sockaddr_storage *to, socklen_t tolen, struct timeval timeout, size_t *answersize);
/**
* Sends ptk to the nameserver at the resolver object. Returns the data
* as a ldns_pkt
*
* \param[out] pkt packet received from the nameserver
* \param[in] r the resolver to use
* \param[in] query_pkt the query to send
* \return status
*/
ldns_status ldns_send(ldns_pkt **pkt, ldns_resolver *r, const ldns_pkt *query_pkt);
/**
* Sends and ldns_buffer (presumably containing a packet to the nameserver at the resolver object. Returns the data
* as a ldns_pkt
*
* \param[out] pkt packet received from the nameserver
* \param[in] r the resolver to use
* \param[in] qb the buffer to send
* \param[in] tsig_mac the tsig MAC to authenticate the response with (NULL to do no TSIG authentication)
* \return status
*/
ldns_status ldns_send_buffer(ldns_pkt **pkt, ldns_resolver *r, ldns_buffer *qb, ldns_rdf *tsig_mac);
/**
* Create a tcp socket to the specified address
* \param[in] to ip and family
* \param[in] tolen length of to
* \param[in] timeout timeout for the connect attempt
* \return a socket descriptor
*/
int ldns_tcp_connect(const struct sockaddr_storage *to, socklen_t tolen, struct timeval timeout);
/**
* Create a udp socket to the specified address
* \param[in] to ip and family
* \param[in] timeout *unused*, was timeout for the socket
* \return a socket descriptor
*/
int ldns_udp_connect(const struct sockaddr_storage *to, struct timeval timeout);
/**
* send a query via tcp to a server. Don't want for the answer
*
* \param[in] qbin the buffer to send
* \param[in] sockfd the socket to use
* \param[in] to which ip to send it
* \param[in] tolen socketlen
* \return number of bytes sent
*/
ssize_t ldns_tcp_send_query(ldns_buffer *qbin, int sockfd, const struct sockaddr_storage *to, socklen_t tolen);
/**
* send a query via udp to a server. Don;t want for the answer
*
* \param[in] qbin the buffer to send
* \param[in] sockfd the socket to use
* \param[in] to which ip to send it
* \param[in] tolen socketlen
* \return number of bytes sent
*/
ssize_t ldns_udp_send_query(ldns_buffer *qbin, int sockfd, const struct sockaddr_storage *to, socklen_t tolen);
/**
* Gives back a raw packet from the wire and reads the header data from the given
* socket. Allocates the data (of size size) itself, so don't forget to free
*
* \param[in] sockfd the socket to read from
* \param[out] size the number of bytes that are read
* \param[in] timeout the time allowed between packets.
* \return the data read
*/
uint8_t *ldns_tcp_read_wire_timeout(int sockfd, size_t *size, struct timeval timeout);
/**
* This routine may block. Use ldns_tcp_read_wire_timeout, it checks timeouts.
* Gives back a raw packet from the wire and reads the header data from the given
* socket. Allocates the data (of size size) itself, so don't forget to free
*
* \param[in] sockfd the socket to read from
* \param[out] size the number of bytes that are read
* \return the data read
*/
uint8_t *ldns_tcp_read_wire(int sockfd, size_t *size);
/**
* Gives back a raw packet from the wire and reads the header data from the given
* socket. Allocates the data (of size size) itself, so don't forget to free
*
* \param[in] sockfd the socket to read from
* \param[in] fr the address of the client (if applicable)
* \param[in] *frlen the lenght of the client's addr (if applicable)
* \param[out] size the number of bytes that are read
* \return the data read
*/
uint8_t *ldns_udp_read_wire(int sockfd, size_t *size, struct sockaddr_storage *fr, socklen_t *frlen);
/**
* returns the native sockaddr representation from the rdf.
* \param[in] rd the ldns_rdf to operate on
* \param[in] port what port to use. 0 means; use default (53)
* \param[out] size what is the size of the sockaddr_storage
* \return struct sockaddr* the address in the format so other
* functions can use it (sendto)
*/
struct sockaddr_storage * ldns_rdf2native_sockaddr_storage(const ldns_rdf *rd, uint16_t port, size_t *size);
/**
* returns an rdf with the sockaddr info. works for ip4 and ip6
* \param[in] sock the struct sockaddr_storage to convert
* \param[in] port what port was used. When NULL this is not set
* \return ldns_rdf* wth the address
*/
ldns_rdf * ldns_sockaddr_storage2rdf(struct sockaddr_storage *sock, uint16_t *port);
/**
* Prepares the resolver for an axfr query
* The query is sent and the answers can be read with ldns_axfr_next
* \param[in] resolver the resolver to use
* \param[in] domain the domain to exfr
* \param[in] c the class to use
* \return ldns_status the status of the transfer
*/
ldns_status ldns_axfr_start(ldns_resolver *resolver, ldns_rdf *domain, ldns_rr_class c);
#ifdef __cplusplus
}
#endif
#endif /* LDNS_NET_H */

2
contrib/ldns/ldns/rdata.h
View File

@ -194,6 +194,7 @@ ldns_rdf_type ldns_rdf_get_type(const ldns_rdf *rd);
/**
* returns the data of the rdf.
* \param[in] *rd the rdf to read from
*
* \return uint8_t* pointer to the rdf's data
*/
uint8_t *ldns_rdf_data(const ldns_rdf *rd);
@ -303,6 +304,7 @@ ldns_rdf *ldns_native2rdf_int32(ldns_rdf_type type, uint32_t value);
* The memory is copied, and an LDNS_RDF_TYPE_INT16DATA is returned
* \param[in] size the size of the data
* \param[in] *data pointer to the actual data
*
* \return ldns_rd* the rdf with the data
*/
ldns_rdf *ldns_native2rdf_int16_data(size_t size, uint8_t *data);

4
contrib/ldns/ldns/resolver.h
View File

@ -578,6 +578,7 @@ ldns_status ldns_resolver_push_nameserver_rr_list(ldns_resolver *r, ldns_rr_list
* \param[in] t query for this type (may be 0, defaults to A)
* \param[in] c query for this class (may be 0, default to IN)
* \param[in] flags the query flags
*
* \return ldns_pkt* a packet with the reply from the nameserver
*/
ldns_pkt* ldns_resolver_search(const ldns_resolver *r, const ldns_rdf *rdf, ldns_rr_type t, ldns_rr_class c, uint16_t flags);
@ -590,6 +591,7 @@ ldns_pkt* ldns_resolver_search(const ldns_resolver *r, const ldns_rdf *rdf, ldns
* \param[in] t query for this type (may be 0, defaults to A)
* \param[in] c query for this class (may be 0, default to IN)
* \param[in] f the query flags
*
* \return ldns_pkt* a packet with the reply from the nameserver
*/
ldns_status ldns_resolver_prepare_query_pkt(ldns_pkt **q, ldns_resolver *r, const ldns_rdf *name, ldns_rr_type t, ldns_rr_class c, uint16_t f);
@ -602,6 +604,7 @@ ldns_status ldns_resolver_prepare_query_pkt(ldns_pkt **q, ldns_resolver *r, cons
* \param[in] t query for this type (may be 0, defaults to A)
* \param[in] c query for this class (may be 0, default to IN)
* \param[in] flags the query flags
*
* \return ldns_pkt* a packet with the reply from the nameserver
*/
ldns_status ldns_resolver_send(ldns_pkt **answer, ldns_resolver *r, const ldns_rdf *name, ldns_rr_type t, ldns_rr_class c, uint16_t flags);
@ -621,6 +624,7 @@ ldns_status ldns_resolver_send_pkt(ldns_pkt **answer, ldns_resolver *r, ldns_pkt
* \param[in] *t query for this type (may be 0, defaults to A)
* \param[in] *c query for this class (may be 0, default to IN)
* \param[in] flags the query flags
*
* \return ldns_pkt* a packet with the reply from the nameserver
* if _defnames is true the default domain will be added
*/

4
contrib/ldns/ldns/rr.h
View File

@ -37,7 +37,7 @@ extern "C" {
#define LDNS_RR_OVERHEAD 10
/* The first fields are 'common' and can be referenced instantly */
#define LDNS_RDATA_FIELD_DESCRIPTORS_COMMON 52
#define LDNS_RDATA_FIELD_DESCRIPTORS_COMMON 53
@ -179,6 +179,8 @@ enum ldns_enum_rr_type
LDNS_RR_TYPE_NSEC3 = 50, /* RFC 5155 */
LDNS_RR_TYPE_NSEC3PARAM = 51, /* RFC 5155 */
LDNS_RR_TYPE_NSEC3PARAMS = 51,
/** draft-ietf-dane-protocol */
LDNS_RR_TYPE_TLSA = 52,
/** draft-ietf-dnsop-trust-history */
LDNS_RR_TYPE_TALINK = 58,

369
contrib/ldns/ldns/util.h Normal file
View File

@ -0,0 +1,369 @@
/*
* util.h
*
* helper function header file
*
* a Net::DNS like library for C
*
* (c) NLnet Labs, 2004
*
* See the file LICENSE for the license
*/
#ifndef _UTIL_H
#define _UTIL_H
#include <inttypes.h>
#include <sys/types.h>
#include <unistd.h>
#include <ldns/common.h>
#include <time.h>
#include <stdio.h>
#ifdef __cplusplus
extern "C" {
#endif
#define dprintf(X,Y) fprintf(stderr, (X), (Y))
/* #define dprintf(X, Y) */
#define LDNS_VERSION "1.6.16"
#define LDNS_REVISION ((1<<16)|(6<<8)|(16))
/**
* splint static inline workaround
*/
#ifdef S_SPLINT_S
# define INLINE
#else
# ifdef SWIG
# define INLINE static
# else
# define INLINE static inline
# endif
#endif
/**
* Memory management macros
*/
#define LDNS_MALLOC(type) LDNS_XMALLOC(type, 1)
#define LDNS_XMALLOC(type, count) ((type *) malloc((count) * sizeof(type)))
#define LDNS_CALLOC(type, count) ((type *) calloc((count), sizeof(type)))
#define LDNS_REALLOC(ptr, type) LDNS_XREALLOC((ptr), type, 1)
#define LDNS_XREALLOC(ptr, type, count) \
((type *) realloc((ptr), (count) * sizeof(type)))
#define LDNS_FREE(ptr) \
do { free((ptr)); (ptr) = NULL; } while (0)
#define LDNS_DEP printf("DEPRECATED FUNCTION!\n");
/*
* Copy data allowing for unaligned accesses in network byte order
* (big endian).
*/
INLINE uint16_t
ldns_read_uint16(const void *src)
{
#ifdef ALLOW_UNALIGNED_ACCESSES
return ntohs(*(uint16_t *) src);
#else
uint8_t *p = (uint8_t *) src;
return ((uint16_t) p[0] << 8) | (uint16_t) p[1];
#endif
}
INLINE uint32_t
ldns_read_uint32(const void *src)
{
#ifdef ALLOW_UNALIGNED_ACCESSES
return ntohl(*(uint32_t *) src);
#else
uint8_t *p = (uint8_t *) src;
return ( ((uint32_t) p[0] << 24)
| ((uint32_t) p[1] << 16)
| ((uint32_t) p[2] << 8)
| (uint32_t) p[3]);
#endif
}
/*
* Copy data allowing for unaligned accesses in network byte order
* (big endian).
*/
INLINE void
ldns_write_uint16(void *dst, uint16_t data)
{
#ifdef ALLOW_UNALIGNED_ACCESSES
* (uint16_t *) dst = htons(data);
#else
uint8_t *p = (uint8_t *) dst;
p[0] = (uint8_t) ((data >> 8) & 0xff);
p[1] = (uint8_t) (data & 0xff);
#endif
}
INLINE void
ldns_write_uint32(void *dst, uint32_t data)
{
#ifdef ALLOW_UNALIGNED_ACCESSES
* (uint32_t *) dst = htonl(data);
#else
uint8_t *p = (uint8_t *) dst;
p[0] = (uint8_t) ((data >> 24) & 0xff);
p[1] = (uint8_t) ((data >> 16) & 0xff);
p[2] = (uint8_t) ((data >> 8) & 0xff);
p[3] = (uint8_t) (data & 0xff);
#endif
}
/* warning. */
INLINE void
ldns_write_uint64_as_uint48(void *dst, uint64_t data)
{
uint8_t *p = (uint8_t *) dst;
p[0] = (uint8_t) ((data >> 40) & 0xff);
p[1] = (uint8_t) ((data >> 32) & 0xff);
p[2] = (uint8_t) ((data >> 24) & 0xff);
p[3] = (uint8_t) ((data >> 16) & 0xff);
p[4] = (uint8_t) ((data >> 8) & 0xff);
p[5] = (uint8_t) (data & 0xff);
}
/**
* Structure to do a Schwartzian-like transformation, for instance when
* sorting. If you need a transformation on the objects that are sorted,
* you can sue this to store the transformed values, so you do not
* need to do the transformation again for each comparison
*/
struct ldns_schwartzian_compare_struct {
void *original_object;
void *transformed_object;
};
/** A general purpose lookup table
*
* Lookup tables are arrays of (id, name) pairs,
* So you can for instance lookup the RCODE 3, which is "NXDOMAIN",
* and vice versa. The lookup tables themselves are defined wherever needed,
* for instance in \ref host2str.c
*/
struct ldns_struct_lookup_table {
int id;
const char *name;
};
typedef struct ldns_struct_lookup_table ldns_lookup_table;
/**
* Looks up the table entry by name, returns NULL if not found.
* \param[in] table the lookup table to search in
* \param[in] name what to search for
* \return the item found
*/
ldns_lookup_table *ldns_lookup_by_name(ldns_lookup_table table[],
const char *name);
/**
* Looks up the table entry by id, returns NULL if not found.
* \param[in] table the lookup table to search in
* \param[in] id what to search for
* \return the item found
*/
ldns_lookup_table *ldns_lookup_by_id(ldns_lookup_table table[], int id);
/**
* Returns the value of the specified bit
* The bits are counted from left to right, so bit #0 is the
* left most bit.
* \param[in] bits array holding the bits
* \param[in] index to the wanted bit
* \return
*/
int ldns_get_bit(uint8_t bits[], size_t index);
/**
* Returns the value of the specified bit
* The bits are counted from right to left, so bit #0 is the
* right most bit.
* \param[in] bits array holding the bits
* \param[in] index to the wanted bit
* \return 1 or 0 depending no the bit state
*/
int ldns_get_bit_r(uint8_t bits[], size_t index);
/**
* sets the specified bit in the specified byte to
* 1 if value is true, 0 if false
* The bits are counted from right to left, so bit #0 is the
* right most bit.
* \param[in] byte the bit to set the bit in
* \param[in] bit_nr the bit to set (0 <= n <= 7)
* \param[in] value whether to set the bit to 1 or 0
* \return 1 or 0 depending no the bit state
*/
void ldns_set_bit(uint8_t *byte, int bit_nr, bool value);
/**
* Returns the value of a to the power of b
* (or 1 of b < 1)
*/
/*@unused@*/
INLINE long
ldns_power(long a, long b) {
long result = 1;
while (b > 0) {
if (b & 1) {
result *= a;
if (b == 1) {
return result;
}
}
a *= a;
b /= 2;
}
return result;
}
/**
* Returns the int value of the given (hex) digit
* \param[in] ch the hex char to convert
* \return the converted decimal value
*/
int ldns_hexdigit_to_int(char ch);
/**
* Returns the char (hex) representation of the given int
* \param[in] ch the int to convert
* \return the converted hex char
*/
char ldns_int_to_hexdigit(int ch);
/**
* Converts a hex string to binary data
*
* \param[out] data The binary result is placed here.
* At least strlen(str)/2 bytes should be allocated
* \param[in] str The hex string to convert.
* This string should not contain spaces
* \return The number of bytes of converted data, or -1 if one of the arguments * is NULL, or -2 if the string length is not an even number
*/
int
ldns_hexstring_to_data(uint8_t *data, const char *str);
/**
* Show the internal library version
* \return a string with the version in it
*/
const char * ldns_version(void);
/**
* Convert TM to seconds since epoch (midnight, January 1st, 1970).
* Like timegm(3), which is not always available.
* \param[in] tm a struct tm* with the date
* \return the seconds since epoch
*/
time_t ldns_mktime_from_utc(const struct tm *tm);
time_t mktime_from_utc(const struct tm *tm);
/**
* The function interprets time as the number of seconds since epoch
* with respect to now using serial arithmitics (rfc1982).
* That number of seconds is then converted to broken-out time information.
* This is especially usefull when converting the inception and expiration
* fields of RRSIG records.
*
* \param[in] time number of seconds since epoch (midnight, January 1st, 1970)
* to be intepreted as a serial arithmitics number relative to now.
* \param[in] now number of seconds since epoch (midnight, January 1st, 1970)
* to which the time value is compared to determine the final value.
* \param[out] result the struct with the broken-out time information
* \return result on success or NULL on error
*/
struct tm * ldns_serial_arithmitics_gmtime_r(int32_t time, time_t now, struct tm *result);
/**
* Seed the random function.
* If the file descriptor is specified, the random generator is seeded with
* data from that file. If not, /dev/urandom is used.
*
* applications should call this if they need entropy data within ldns
* If openSSL is available, it is automatically seeded from /dev/urandom
* or /dev/random.
*
* If you need more entropy, or have no openssl available, this function
* MUST be called at the start of the program
*
* If openssl *is* available, this function just adds more entropy
*
* \param[in] fd a file providing entropy data for the seed
* \param[in] size the number of bytes to use as entropy data. If this is 0,
* only the minimal amount is taken (usually 4 bytes)
* \return 0 if seeding succeeds, 1 if it fails
*/
int ldns_init_random(FILE *fd, unsigned int size);
/**
* Get random number.
* \return random number.
*
*/
uint16_t ldns_get_random(void);
/**
* Encode data as BubbleBabble
*
* \param[in] data a pointer to data to be encoded
* \param[in] len size the number of bytes of data
* \return a string of BubbleBabble
*/
char *ldns_bubblebabble(uint8_t *data, size_t len);
#ifndef B32_NTOP
int ldns_b32_ntop(uint8_t const *src, size_t srclength,
char *target, size_t targsize);
int b32_ntop(uint8_t const *src, size_t srclength,
char *target, size_t targsize);
int ldns_b32_ntop_extended_hex(uint8_t const *src, size_t srclength,
char *target, size_t targsize);
int b32_ntop_extended_hex(uint8_t const *src, size_t srclength,
char *target, size_t targsize);
/**
* calculates the size needed to store the result of b32_ntop
*/
/*@unused@*/
INLINE size_t ldns_b32_ntop_calculate_size(size_t srcsize)
{
size_t result = ((((srcsize / 5) * 8) - 2) + 2);
return result;
}
#endif /* !B32_NTOP */
#ifndef B32_PTON
int ldns_b32_pton(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize);
int b32_pton(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize);
int ldns_b32_pton_extended_hex(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize);
int b32_pton_extended_hex(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize);
/**
* calculates the size needed to store the result of b32_pton
*/
/*@unused@*/
INLINE size_t ldns_b32_pton_calculate_size(size_t srcsize)
{
size_t result = ((((srcsize) / 8) * 5));
return result;
}
#endif /* !B32_PTON */
INLINE time_t ldns_time(time_t *t) { return time(t); }
#ifdef __cplusplus
}
#endif
#endif /* !_UTIL_H */

2
contrib/ldns/ldns/util.h.in
View File

@ -268,6 +268,8 @@ const char * ldns_version(void);
* \param[in] tm a struct tm* with the date
* \return the seconds since epoch
*/
time_t ldns_mktime_from_utc(const struct tm *tm);
time_t mktime_from_utc(const struct tm *tm);
/**

786
contrib/ldns/ldns_symbols.def
View File

@ -1,786 +0,0 @@
ldns_algorithm2buffer_str
ldns_algorithms
ldns_axfr_complete
ldns_axfr_last_pkt
ldns_axfr_next
ldns_axfr_start
ldns_bgetc
ldns_bget_keyword_data
ldns_bget_token
ldns_bskipcs
ldns_bubblebabble
ldns_buffer2pkt_wire
ldns_buffer2str
ldns_buffer_copy
ldns_buffer_export
ldns_buffer_free
ldns_buffer_new
ldns_buffer_new_frm_data
ldns_buffer_printf
ldns_buffer_reserve
ldns_buffer_set_capacity
ldns_calc_keytag
ldns_calc_keytag_raw
ldns_cert_algorithm2buffer_str
ldns_cert_algorithms
ldns_convert_dsa_rrsig_asn12rdf
ldns_convert_dsa_rrsig_rdf2asn1
ldns_convert_ecdsa_rrsig_asn12rdf
ldns_convert_ecdsa_rrsig_rdf2asn1
ldns_create_empty_rrsig
ldns_create_nsec
ldns_create_nsec3
ldns_digest_evp
ldns_directive_types
ldns_dname2buffer_wire
ldns_dname2canonical
ldns_dname_cat
ldns_dname_cat_clone
ldns_dname_clone_from
ldns_dname_compare
ldns_dname_interval
ldns_dname_is_subdomain
ldns_dname_is_wildcard
ldns_dname_label
ldns_dname_label_count
ldns_dname_left_chop
ldns_dname_match_wildcard
ldns_dname_new
ldns_dname_new_frm_data
ldns_dname_new_frm_str
ldns_dname_reverse
ldns_dname_str_absolute
ldns_dnssec_build_data_chain
ldns_dnssec_chain_nsec3_list
ldns_dnssec_create_nsec
ldns_dnssec_create_nsec3
ldns_dnssec_create_nsec_bitmap
ldns_dnssec_data_chain_deep_free
ldns_dnssec_data_chain_free
ldns_dnssec_data_chain_new
ldns_dnssec_data_chain_print
ldns_dnssec_data_chain_print_fmt
ldns_dnssec_default_add_to_signatures
ldns_dnssec_default_delete_signatures
ldns_dnssec_default_leave_signatures
ldns_dnssec_default_replace_signatures
ldns_dnssec_derive_trust_tree
ldns_dnssec_derive_trust_tree_dnskey_rrset
ldns_dnssec_derive_trust_tree_dnskey_rrset_time
ldns_dnssec_derive_trust_tree_ds_rrset
ldns_dnssec_derive_trust_tree_ds_rrset_time
ldns_dnssec_derive_trust_tree_normal_rrset
ldns_dnssec_derive_trust_tree_normal_rrset_time
ldns_dnssec_derive_trust_tree_no_sig
ldns_dnssec_derive_trust_tree_no_sig_time
ldns_dnssec_derive_trust_tree_time
ldns_dnssec_get_dnskey_for_rrsig
ldns_dnssec_get_rrsig_for_name_and_type
ldns_dnssec_name_add_rr
ldns_dnssec_name_cmp
ldns_dnssec_name_deep_free
ldns_dnssec_name_find_rrset
ldns_dnssec_name_free
ldns_dnssec_name_is_glue
ldns_dnssec_name_name
ldns_dnssec_name_new
ldns_dnssec_name_new_frm_rr
ldns_dnssec_name_node_next_nonglue
ldns_dnssec_name_print
ldns_dnssec_name_print_fmt
ldns_dnssec_name_set_name
ldns_dnssec_name_set_nsec
ldns_dnssec_nsec3_closest_encloser
ldns_dnssec_pkt_get_rrsigs_for_name_and_type
ldns_dnssec_pkt_get_rrsigs_for_type
ldns_dnssec_pkt_has_rrsigs
ldns_dnssec_remove_signatures
ldns_dnssec_rrs_add_rr
ldns_dnssec_rrs_deep_free
ldns_dnssec_rrsets_add_rr
ldns_dnssec_rrsets_contains_type
ldns_dnssec_rrsets_deep_free
ldns_dnssec_rrsets_free
ldns_dnssec_rrsets_new
ldns_dnssec_rrsets_print
ldns_dnssec_rrsets_print_fmt
ldns_dnssec_rrsets_set_type
ldns_dnssec_rrsets_type
ldns_dnssec_rrs_free
ldns_dnssec_rrs_new
ldns_dnssec_rrs_print
ldns_dnssec_rrs_print_fmt
ldns_dnssec_trust_tree_add_parent
ldns_dnssec_trust_tree_contains_keys
ldns_dnssec_trust_tree_depth
ldns_dnssec_trust_tree_free
ldns_dnssec_trust_tree_new
ldns_dnssec_trust_tree_print
ldns_dnssec_trust_tree_print_fmt
ldns_dnssec_verify_denial
ldns_dnssec_verify_denial_nsec3
ldns_dnssec_verify_denial_nsec3_match
ldns_dnssec_zone_add_empty_nonterminals
ldns_dnssec_zone_add_rr
ldns_dnssec_zone_create_nsec3s
ldns_dnssec_zone_create_nsecs
ldns_dnssec_zone_create_rrsigs
ldns_dnssec_zone_create_rrsigs_flg
ldns_dnssec_zone_deep_free
ldns_dnssec_zone_find_rrset
ldns_dnssec_zone_free
ldns_dnssec_zone_is_nsec3_optout
ldns_dnssec_zone_mark_and_get_glue
ldns_dnssec_zone_mark_glue
ldns_dnssec_zone_names_print
ldns_dnssec_zone_names_print_fmt
ldns_dnssec_zone_new
ldns_dnssec_zone_new_frm_fp
ldns_dnssec_zone_new_frm_fp_l
ldns_dnssec_zone_print
ldns_dnssec_zone_print_fmt
ldns_dnssec_zone_sign
ldns_dnssec_zone_sign_flg
ldns_dnssec_zone_sign_nsec3
ldns_dnssec_zone_sign_nsec3_flg
ldns_dnssec_zone_sign_nsec3_flg_mkmap
ldns_duration2string
ldns_duration2time
ldns_duration_cleanup
ldns_duration_compare
ldns_duration_create
ldns_duration_create_from_string
ldns_ecdsa2pkey_raw
ldns_edns_flags
ldns_error_str
ldns_fetch_valid_domain_keys
ldns_fetch_valid_domain_keys_time
ldns_fget_keyword_data
ldns_fget_keyword_data_l
ldns_fget_token
ldns_fget_token_l
ldns_fskipcs
ldns_fskipcs_l
ldns_getaddrinfo
ldns_get_bit
ldns_get_bit_r
ldns_get_errorstr_by_id
ldns_get_random
ldns_get_rr_class_by_name
ldns_get_rr_list_addr_by_name
ldns_get_rr_list_hosts_frm_file
ldns_get_rr_list_hosts_frm_fp
ldns_get_rr_list_hosts_frm_fp_l
ldns_get_rr_list_name_by_addr
ldns_get_rr_type_by_name
ldns_get_signing_algorithm_by_name
ldns_gost2pkey_raw
ldns_hexdigit_to_int
ldns_hexstring_to_data
ldns_init_random
ldns_int_to_hexdigit
ldns_is_rrset
ldns_key2buffer_str
ldns_key2rr
ldns_key2str
ldns_key_EVP_load_gost_id
ldns_key_EVP_unload_gost
ldns_key_algorithm
ldns_key_algo_supported
ldns_key_buf2dsa
ldns_key_buf2dsa_raw
ldns_key_buf2rsa
ldns_key_buf2rsa_raw
ldns_key_deep_free
ldns_key_dsa_key
ldns_key_evp_key
ldns_key_expiration
ldns_key_external_key
ldns_key_flags
ldns_key_free
ldns_key_get_file_base_name
ldns_key_hmac_key
ldns_key_hmac_size
ldns_key_inception
ldns_key_keytag
ldns_key_list_free
ldns_key_list_key
ldns_key_list_key_count
ldns_key_list_new
ldns_key_list_pop_key
ldns_key_list_push_key
ldns_key_list_set_key_count
ldns_key_list_set_use
ldns_key_new
ldns_key_new_frm_algorithm
ldns_key_new_frm_engine
ldns_key_new_frm_fp
ldns_key_new_frm_fp_dsa
ldns_key_new_frm_fp_dsa_l
ldns_key_new_frm_fp_hmac
ldns_key_new_frm_fp_hmac_l
ldns_key_new_frm_fp_l
ldns_key_new_frm_fp_rsa
ldns_key_new_frm_fp_rsa_l
ldns_key_origttl
ldns_key_print
ldns_key_pubkey_owner
ldns_key_rr2ds
ldns_key_rsa_key
ldns_key_set_algorithm
ldns_key_set_dsa_key
ldns_key_set_evp_key
ldns_key_set_expiration
ldns_key_set_external_key
ldns_key_set_flags
ldns_key_set_hmac_key
ldns_key_set_hmac_size
ldns_key_set_inception
ldns_key_set_keytag
ldns_key_set_origttl
ldns_key_set_pubkey_owner
ldns_key_set_rsa_key
ldns_key_set_use
ldns_key_use
ldns_lookup_by_id
ldns_lookup_by_name
ldns_native2rdf_int16
ldns_native2rdf_int16_data
ldns_native2rdf_int32
ldns_native2rdf_int8
ldns_nsec3_add_param_rdfs
ldns_nsec3_algorithm
ldns_nsec3_bitmap
ldns_nsec3_flags
ldns_nsec3_hash_name
ldns_nsec3_hash_name_frm_nsec3
ldns_nsec3_iterations
ldns_nsec3_next_owner
ldns_nsec3_optout
ldns_nsec3_salt
ldns_nsec3_salt_data
ldns_nsec3_salt_length
ldns_nsec_bitmap_covers_type
ldns_nsec_covers_name
ldns_nsec_get_bitmap
ldns_nsec_type_check
ldns_octet
ldns_opcodes
ldns_output_format_bubblebabble
ldns_output_format_default
ldns_output_format_nocomments
ldns_output_format_onlykeyids
ldns_pkt2buffer_str
ldns_pkt2buffer_str_fmt
ldns_pkt2buffer_wire
ldns_pkt2str
ldns_pkt2str_fmt
ldns_pkt2wire
ldns_pkt_aa
ldns_pkt_ad
ldns_pkt_additional
ldns_pkt_algorithm2str
ldns_pkt_all
ldns_pkt_all_noquestion
ldns_pkt_ancount
ldns_pkt_answer
ldns_pkt_answerfrom
ldns_pkt_arcount
ldns_pkt_authority
ldns_pkt_cd
ldns_pkt_cert_algorithm2str
ldns_pkt_clone
ldns_pkt_edns
ldns_pkt_edns_data
ldns_pkt_edns_do
ldns_pkt_edns_extended_rcode
ldns_pkt_edns_udp_size
ldns_pkt_edns_version
ldns_pkt_edns_z
ldns_pkt_empty
ldns_pkt_free
ldns_pkt_get_opcode
ldns_pkt_get_rcode
ldns_pkt_get_section_clone
ldns_pktheader2buffer_str
ldns_pkt_id
ldns_pkt_new
ldns_pkt_nscount
ldns_pkt_opcode2buffer_str
ldns_pkt_opcode2str
ldns_pkt_print
ldns_pkt_print_fmt
ldns_pkt_push_rr
ldns_pkt_push_rr_list
ldns_pkt_qdcount
ldns_pkt_qr
ldns_pkt_query_new
ldns_pkt_query_new_frm_str
ldns_pkt_querytime
ldns_pkt_question
ldns_pkt_ra
ldns_pkt_rcode2buffer_str
ldns_pkt_rcode2str
ldns_pkt_rd
ldns_pkt_reply_type
ldns_pkt_rr
ldns_pkt_rr_list_by_name
ldns_pkt_rr_list_by_name_and_type
ldns_pkt_rr_list_by_type
ldns_pkt_safe_push_rr
ldns_pkt_safe_push_rr_list
ldns_pkt_set_aa
ldns_pkt_set_ad
ldns_pkt_set_additional
ldns_pkt_set_ancount
ldns_pkt_set_answer
ldns_pkt_set_answerfrom
ldns_pkt_set_arcount
ldns_pkt_set_authority
ldns_pkt_set_cd
ldns_pkt_set_edns_data
ldns_pkt_set_edns_do
ldns_pkt_set_edns_extended_rcode
ldns_pkt_set_edns_udp_size
ldns_pkt_set_edns_version
ldns_pkt_set_edns_z
ldns_pkt_set_flags
ldns_pkt_set_id
ldns_pkt_set_nscount
ldns_pkt_set_opcode
ldns_pkt_set_qdcount
ldns_pkt_set_qr
ldns_pkt_set_querytime
ldns_pkt_set_question
ldns_pkt_set_ra
ldns_pkt_set_random_id
ldns_pkt_set_rcode
ldns_pkt_set_rd
ldns_pkt_set_section_count
ldns_pkt_set_size
ldns_pkt_set_tc
ldns_pkt_set_timestamp
ldns_pkt_set_tsig
ldns_pkt_size
ldns_pkt_tc
ldns_pkt_timestamp
ldns_pkt_tsig
ldns_pkt_tsig_sign
ldns_pkt_tsig_sign_next
ldns_pkt_tsig_verify
ldns_pkt_tsig_verify_next
ldns_pkt_verify
ldns_pkt_verify_time
ldns_print_rr_rdf
ldns_rbtree_create
ldns_rbtree_delete
ldns_rbtree_find_less_equal
ldns_rbtree_first
ldns_rbtree_free
ldns_rbtree_init
ldns_rbtree_insert
ldns_rbtree_insert_vref
ldns_rbtree_join
ldns_rbtree_last
ldns_rbtree_next
ldns_rbtree_null_node
ldns_rbtree_previous
ldns_rbtree_search
ldns_rbtree_split
ldns_rcodes
ldns_rdf2buffer_str
ldns_rdf2buffer_str_a
ldns_rdf2buffer_str_aaaa
ldns_rdf2buffer_str_alg
ldns_rdf2buffer_str_apl
ldns_rdf2buffer_str_atma
ldns_rdf2buffer_str_b32_ext
ldns_rdf2buffer_str_b64
ldns_rdf2buffer_str_cert_alg
ldns_rdf2buffer_str_class
ldns_rdf2buffer_str_dname
ldns_rdf2buffer_str_hex
ldns_rdf2buffer_str_int16
ldns_rdf2buffer_str_int16_data
ldns_rdf2buffer_str_int32
ldns_rdf2buffer_str_int8
ldns_rdf2buffer_str_ipseckey
ldns_rdf2buffer_str_loc
ldns_rdf2buffer_str_nsap
ldns_rdf2buffer_str_nsec
ldns_rdf2buffer_str_nsec3_salt
ldns_rdf2buffer_str_period
ldns_rdf2buffer_str_str
ldns_rdf2buffer_str_time
ldns_rdf2buffer_str_tsig
ldns_rdf2buffer_str_tsigtime
ldns_rdf2buffer_str_type
ldns_rdf2buffer_str_unknown
ldns_rdf2buffer_str_wks
ldns_rdf2buffer_wire
ldns_rdf2buffer_wire_canonical
ldns_rdf2native_int16
ldns_rdf2native_int32
ldns_rdf2native_int8
ldns_rdf2native_sockaddr_storage
ldns_rdf2native_time_t
ldns_rdf2rr_type
ldns_rdf2str
ldns_rdf2wire
ldns_rdf_address_reverse
ldns_rdf_clone
ldns_rdf_compare
ldns_rdf_data
ldns_rdf_deep_free
ldns_rdf_free
ldns_rdf_get_type
ldns_rdf_new
ldns_rdf_new_frm_data
ldns_rdf_new_frm_fp
ldns_rdf_new_frm_fp_l
ldns_rdf_new_frm_str
ldns_rdf_print
ldns_rdf_set_data
ldns_rdf_set_size
ldns_rdf_set_type
ldns_rdf_size
ldns_read_anchor_file
ldns_resolver_debug
ldns_resolver_dec_nameserver_count
ldns_resolver_deep_free
ldns_resolver_defnames
ldns_resolver_dnsrch
ldns_resolver_dnssec
ldns_resolver_dnssec_anchors
ldns_resolver_dnssec_cd
ldns_resolver_domain
ldns_resolver_edns_udp_size
ldns_resolver_fail
ldns_resolver_fallback
ldns_resolver_free
ldns_resolver_igntc
ldns_resolver_incr_nameserver_count
ldns_resolver_ip6
ldns_resolver_nameserver_count
ldns_resolver_nameserver_rtt
ldns_resolver_nameservers
ldns_resolver_nameservers_randomize
ldns_resolver_new
ldns_resolver_new_frm_file
ldns_resolver_new_frm_fp
ldns_resolver_new_frm_fp_l
ldns_resolver_pop_nameserver
ldns_resolver_port
ldns_resolver_prepare_query_pkt
ldns_resolver_print
ldns_resolver_print_fmt
ldns_resolver_push_dnssec_anchor
ldns_resolver_push_nameserver
ldns_resolver_push_nameserver_rr
ldns_resolver_push_nameserver_rr_list
ldns_resolver_push_searchlist
ldns_resolver_query
ldns_resolver_random
ldns_resolver_recursive
ldns_resolver_retrans
ldns_resolver_retry
ldns_resolver_rtt
ldns_resolver_search
ldns_resolver_searchlist
ldns_resolver_searchlist_count
ldns_resolver_send
ldns_resolver_send_pkt
ldns_resolver_set_debug
ldns_resolver_set_defnames
ldns_resolver_set_dnsrch
ldns_resolver_set_dnssec
ldns_resolver_set_dnssec_anchors
ldns_resolver_set_dnssec_cd
ldns_resolver_set_domain
ldns_resolver_set_edns_udp_size
ldns_resolver_set_fail
ldns_resolver_set_fallback
ldns_resolver_set_igntc
ldns_resolver_set_ip6
ldns_resolver_set_nameserver_count
ldns_resolver_set_nameserver_rtt
ldns_resolver_set_nameservers
ldns_resolver_set_port
ldns_resolver_set_random
ldns_resolver_set_recursive
ldns_resolver_set_retrans
ldns_resolver_set_retry
ldns_resolver_set_rtt
ldns_resolver_set_timeout
ldns_resolver_set_tsig_algorithm
ldns_resolver_set_tsig_keydata
ldns_resolver_set_tsig_keyname
ldns_resolver_set_usevc
ldns_resolver_timeout
ldns_resolver_trusted_key
ldns_resolver_tsig_algorithm
ldns_resolver_tsig_keydata
ldns_resolver_tsig_keyname
ldns_resolver_usevc
ldns_rr2buffer_str
ldns_rr2buffer_str_fmt
ldns_rr2buffer_wire
ldns_rr2buffer_wire_canonical
ldns_rr2canonical
ldns_rr2str
ldns_rr2str_fmt
ldns_rr2wire
ldns_rr_a_address
ldns_rr_a_set_address
ldns_rr_class2buffer_str
ldns_rr_class2str
ldns_rr_classes
ldns_rr_clone
ldns_rr_compare
ldns_rr_compare_ds
ldns_rr_compare_no_rdata
ldns_rr_compare_wire
ldns_rr_descript
ldns_rr_descriptor_field_type
ldns_rr_descriptor_maximum
ldns_rr_descriptor_minimum
ldns_rr_dnskey_algorithm
ldns_rr_dnskey_flags
ldns_rr_dnskey_key
ldns_rr_dnskey_key_size
ldns_rr_dnskey_key_size_raw
ldns_rr_dnskey_protocol
ldns_rr_dnskey_set_algorithm
ldns_rr_dnskey_set_flags
ldns_rr_dnskey_set_key
ldns_rr_dnskey_set_protocol
ldns_rr_free
ldns_rr_get_class
ldns_rr_get_type
ldns_rr_is_question
ldns_rr_label_count
ldns_rr_list2buffer_str
ldns_rr_list2buffer_str_fmt
ldns_rr_list2buffer_wire
ldns_rr_list2canonical
ldns_rr_list2str
ldns_rr_list2str_fmt
ldns_rr_list_cat
ldns_rr_list_cat_clone
ldns_rr_list_clone
ldns_rr_list_compare
ldns_rr_list_contains_rr
ldns_rr_list_deep_free
ldns_rr_list_free
ldns_rr_list_new
ldns_rr_list_owner
ldns_rr_list_pop_rr
ldns_rr_list_pop_rr_list
ldns_rr_list_pop_rrset
ldns_rr_list_print
ldns_rr_list_print_fmt
ldns_rr_list_push_rr
ldns_rr_list_push_rr_list
ldns_rr_list_rr
ldns_rr_list_rr_count
ldns_rr_list_set_rr
ldns_rr_list_set_rr_count
ldns_rr_list_sort
ldns_rr_list_sort_nsec3
ldns_rr_list_subtype_by_rdf
ldns_rr_list_type
ldns_rr_mx_exchange
ldns_rr_mx_preference
ldns_rr_new
ldns_rr_new_frm_fp
ldns_rr_new_frm_fp_l
ldns_rr_new_frm_str
ldns_rr_new_frm_type
ldns_rr_new_question_frm_str
ldns_rr_ns_nsdname
ldns_rr_owner
ldns_rr_pop_rdf
ldns_rr_print
ldns_rr_print_fmt
ldns_rr_push_rdf
ldns_rr_rdata2buffer_wire
ldns_rr_rd_count
ldns_rr_rdf
ldns_rr_rrsig_algorithm
ldns_rr_rrsig_expiration
ldns_rr_rrsig_inception
ldns_rr_rrsig_keytag
ldns_rr_rrsig_labels
ldns_rr_rrsig_origttl
ldns_rr_rrsig_set_algorithm
ldns_rr_rrsig_set_expiration
ldns_rr_rrsig_set_inception
ldns_rr_rrsig_set_keytag
ldns_rr_rrsig_set_labels
ldns_rr_rrsig_set_origttl
ldns_rr_rrsig_set_sig
ldns_rr_rrsig_set_signame
ldns_rr_rrsig_set_typecovered
ldns_rr_rrsig_sig
ldns_rr_rrsig_signame
ldns_rr_rrsig_typecovered
ldns_rr_set_class
ldns_rr_set_owner
ldns_rr_set_pop_rr
ldns_rr_set_push_rr
ldns_rr_set_question
ldns_rr_set_rd_count
ldns_rr_set_rdf
ldns_rr_set_ttl
ldns_rr_set_type
ldns_rrsig2buffer_wire
ldns_rr_soa_increment
ldns_rr_soa_increment_func
ldns_rr_soa_increment_func_data
ldns_rr_soa_increment_func_int
ldns_rr_ttl
ldns_rr_type2buffer_str
ldns_rr_type2str
ldns_rr_uncompressed_size
ldns_send
ldns_send_buffer
ldns_serial_arithmitics_gmtime_r
ldns_set_bit
ldns_sha1
ldns_sha1_final
ldns_sha1_init
ldns_sha1_transform
ldns_sha1_update
ldns_sha256
ldns_sha256_final
ldns_sha256_init
ldns_sha256_update
ldns_sha384
ldns_sha384_final
ldns_sha384_init
ldns_sha384_update
ldns_sha512
ldns_sha512_final
ldns_sha512_init
ldns_sha512_update
ldns_signing_algorithms
ldns_sign_public
ldns_sign_public_buffer
ldns_sign_public_dsa
ldns_sign_public_evp
ldns_sign_public_rsamd5
ldns_sign_public_rsasha1
ldns_soa_serial_datecounter
ldns_soa_serial_identity
ldns_soa_serial_increment
ldns_soa_serial_increment_by
ldns_soa_serial_unixtime
ldns_sockaddr_storage2rdf
ldns_str2period
ldns_str2rdf_a
ldns_str2rdf_aaaa
ldns_str2rdf_alg
ldns_str2rdf_apl
ldns_str2rdf_atma
ldns_str2rdf_b32_ext
ldns_str2rdf_b64
ldns_str2rdf_cert_alg
ldns_str2rdf_class
ldns_str2rdf_dname
ldns_str2rdf_hex
ldns_str2rdf_int16
ldns_str2rdf_int32
ldns_str2rdf_int8
ldns_str2rdf_ipseckey
ldns_str2rdf_loc
ldns_str2rdf_nsap
ldns_str2rdf_nsec
ldns_str2rdf_nsec3_salt
ldns_str2rdf_period
ldns_str2rdf_service
ldns_str2rdf_str
ldns_str2rdf_time
ldns_str2rdf_tsig
ldns_str2rdf_type
ldns_str2rdf_unknown
ldns_str2rdf_wks
ldns_tcp_bgsend
ldns_tcp_connect
ldns_tcp_read_wire
ldns_tcp_read_wire_timeout
ldns_tcp_send
ldns_tcp_send_query
ldns_traverse_postorder
ldns_tsig_algorithm
ldns_tsig_keydata
ldns_tsig_keydata_clone
ldns_tsig_keyname
ldns_tsig_keyname_clone
ldns_udp_bgsend
ldns_udp_connect
ldns_udp_read_wire
ldns_udp_send
ldns_udp_send_query
ldns_update_ad
ldns_update_pkt_new
ldns_update_pkt_tsig_add
ldns_update_prcount
ldns_update_set_adcount
ldns_update_set_prcount
ldns_update_set_upcount
ldns_update_set_zo
ldns_update_soa_mname
ldns_update_soa_zone_mname
ldns_update_upcount
ldns_update_zocount
ldns_validate_domain_dnskey
ldns_validate_domain_dnskey_time
ldns_validate_domain_ds
ldns_validate_domain_ds_time
ldns_verify
ldns_verify_notime
ldns_verify_rrsig
ldns_verify_rrsig_buffers
ldns_verify_rrsig_buffers_raw
ldns_verify_rrsig_dsa
ldns_verify_rrsig_dsa_raw
ldns_verify_rrsig_evp
ldns_verify_rrsig_evp_raw
ldns_verify_rrsig_keylist
ldns_verify_rrsig_keylist_notime
ldns_verify_rrsig_keylist_time
ldns_verify_rrsig_rsamd5
ldns_verify_rrsig_rsamd5_raw
ldns_verify_rrsig_rsasha1
ldns_verify_rrsig_rsasha1_raw
ldns_verify_rrsig_rsasha256_raw
ldns_verify_rrsig_rsasha512_raw
ldns_verify_rrsig_time
ldns_verify_time
ldns_verify_trusted
ldns_verify_trusted_time
ldns_version
ldns_wire2dname
ldns_wire2pkt
ldns_wire2rdf
ldns_wire2rr
ldns_zone_deep_free
ldns_zone_free
ldns_zone_glue_rr_list
ldns_zone_new
ldns_zone_new_frm_fp
ldns_zone_new_frm_fp_l
ldns_zone_print
ldns_zone_print_fmt
ldns_zone_push_rr
ldns_zone_push_rr_list
ldns_zone_rr_count
ldns_zone_rrs
ldns_zone_set_rrs
ldns_zone_set_soa
ldns_zone_sign
ldns_zone_sign_nsec3
ldns_zone_soa
ldns_zone_sort
mktime_from_utc
qsort_rr_compare_nsec3

189
contrib/ldns/libdns.doxygen
View File

@ -1,4 +1,4 @@
# Doxyfile 1.7.3
# Doxyfile 1.7.6.1
# This file describes the settings to be used by the documentation system
# doxygen (www.doxygen.org) for a project.
@ -22,8 +22,9 @@
DOXYFILE_ENCODING = UTF-8
# The PROJECT_NAME tag is a single word (or a sequence of words surrounded
# by quotes) that should identify the project.
# The PROJECT_NAME tag is a single word (or sequence of words) that should
# identify the project. Note that if you do not use Doxywizard you need
# to put quotes around the project name if it contains spaces.
PROJECT_NAME = ldns
@ -33,7 +34,9 @@ PROJECT_NAME = ldns
PROJECT_NUMBER = 1.6.7
# Using the PROJECT_BRIEF tag one can provide an optional one line description for a project that appears at the top of each page and should give viewer a quick idea about the purpose of the project. Keep the description short.
# Using the PROJECT_BRIEF tag one can provide an optional one line description
# for a project that appears at the top of each page and should give viewer
# a quick idea about the purpose of the project. Keep the description short.
PROJECT_BRIEF =
@ -192,6 +195,13 @@ TAB_SIZE = 8
ALIASES =
# This tag can be used to specify a number of word-keyword mappings (TCL only).
# A mapping has the form "name=value". For example adding
# "class=itcl::class" will allow you to use the command class in the
# itcl::class meaning.
TCL_SUBST =
# Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C
# sources only. Doxygen will then generate output that is more tailored for C.
# For instance, some of the names that are used will be different. The list
@ -274,6 +284,22 @@ DISTRIBUTE_GROUP_DOC = NO
SUBGROUPING = YES
# When the INLINE_GROUPED_CLASSES tag is set to YES, classes, structs and
# unions are shown inside the group in which they are included (e.g. using
# @ingroup) instead of on a separate page (for HTML and Man pages) or
# section (for LaTeX and RTF).
INLINE_GROUPED_CLASSES = NO
# When the INLINE_SIMPLE_STRUCTS tag is set to YES, structs, classes, and
# unions with only public data fields will be shown inline in the documentation
# of the scope in which they are defined (i.e. file, namespace, or group
# documentation), provided this scope is documented. If set to NO (the default),
# structs, classes, and unions are shown on a separate page (for HTML and Man
# pages) or section (for LaTeX and RTF).
INLINE_SIMPLE_STRUCTS = NO
# When TYPEDEF_HIDES_STRUCT is enabled, a typedef of a struct, union, or enum
# is documented as struct, union, or enum with the name of the typedef. So
# typedef struct TypeS {} TypeT, will appear in the documentation as a struct
@ -296,10 +322,21 @@ TYPEDEF_HIDES_STRUCT = NO
# a logarithmic scale so increasing the size by one will roughly double the
# memory usage. The cache size is given by this formula:
# 2^(16+SYMBOL_CACHE_SIZE). The valid range is 0..9, the default is 0,
# corresponding to a cache size of 2^16 = 65536 symbols
# corresponding to a cache size of 2^16 = 65536 symbols.
SYMBOL_CACHE_SIZE = 0
# Similar to the SYMBOL_CACHE_SIZE the size of the symbol lookup cache can be
# set using LOOKUP_CACHE_SIZE. This cache is used to resolve symbols given
# their name and scope. Since this can be an expensive process and often the
# same symbol appear multiple times in the code, doxygen keeps a cache of
# pre-resolved symbols. If the cache is too small doxygen will become slower.
# If the cache is too large, memory is wasted. The cache size is given by this
# formula: 2^(16+LOOKUP_CACHE_SIZE). The valid range is 0..9, the default is 0,
# corresponding to a cache size of 2^16 = 65536 symbols.
LOOKUP_CACHE_SIZE = 0
#---------------------------------------------------------------------------
# Build related configuration options
#---------------------------------------------------------------------------
@ -449,8 +486,11 @@ SORT_GROUP_NAMES = NO
SORT_BY_SCOPE_NAME = NO
# If the STRICT_PROTO_MATCHING option is enabled and doxygen fails to do proper type resolution of all parameters of a function it will reject a
# match between the prototype and the implementation of a member function even if there is only one candidate or it is obvious which candidate to choose by doing a simple string match. By disabling STRICT_PROTO_MATCHING doxygen
# If the STRICT_PROTO_MATCHING option is enabled and doxygen fails to
# do proper type resolution of all parameters of a function it will reject a
# match between the prototype and the implementation of a member function even
# if there is only one candidate or it is obvious which candidate to choose
# by doing a simple string match. By disabling STRICT_PROTO_MATCHING doxygen
# will still accept a match between prototype and implementation in such cases.
STRICT_PROTO_MATCHING = NO
@ -538,6 +578,16 @@ FILE_VERSION_FILTER =
LAYOUT_FILE =
# The CITE_BIB_FILES tag can be used to specify one or more bib files
# containing the references data. This must be a list of .bib files. The
# .bib extension is automatically appended if omitted. Using this command
# requires the bibtex tool to be installed. See also
# http://en.wikipedia.org/wiki/BibTeX for more info. For LaTeX the style
# of the bibliography can be controlled using LATEX_BIB_STYLE. To use this
# feature you need bibtex and perl available in the search path.
CITE_BIB_FILES =
#---------------------------------------------------------------------------
# configuration options related to warning and progress messages
#---------------------------------------------------------------------------
@ -629,13 +679,15 @@ FILE_PATTERNS =
RECURSIVE = NO
# The EXCLUDE tag can be used to specify files and/or directories that should
# The EXCLUDE tag can be used to specify files and/or directories that should be
# excluded from the INPUT source files. This way you can easily exclude a
# subdirectory from a directory tree whose root is specified with the INPUT tag.
# Note that relative paths are relative to the directory from which doxygen is
# run.
EXCLUDE =
# The EXCLUDE_SYMLINKS tag can be used select whether or not files or
# The EXCLUDE_SYMLINKS tag can be used to select whether or not files or
# directories that are symbolic links (a Unix file system feature) are excluded
# from the input.
@ -821,7 +873,14 @@ HTML_FILE_EXTENSION = .html
# The HTML_HEADER tag can be used to specify a personal HTML header for
# each generated HTML page. If it is left blank doxygen will generate a
# standard header.
# standard header. Note that when using a custom header you are responsible
# for the proper inclusion of any scripts and style sheets that doxygen
# needs, which is dependent on the configuration options used.
# It is advised to generate a default header using "doxygen -w html
# header.html footer.html stylesheet.css YourConfigFile" and then modify
# that header. Note that the header is subject to change so you typically
# have to redo this when upgrading to a newer version of doxygen or when
# changing the value of configuration settings such as GENERATE_TREEVIEW!
HTML_HEADER = doc/header.html
@ -836,12 +895,21 @@ HTML_FOOTER =
# fine-tune the look of the HTML output. If the tag is left blank doxygen
# will generate a default style sheet. Note that doxygen will try to copy
# the style sheet file to the HTML output directory, so don't put your own
# stylesheet in the HTML output directory as well, or it will be erased!
# style sheet in the HTML output directory as well, or it will be erased!
HTML_STYLESHEET =
# The HTML_EXTRA_FILES tag can be used to specify one or more extra images or
# other source files which should be copied to the HTML output directory. Note
# that these files will be copied to the base HTML output directory. Use the
# $relpath$ marker in the HTML_HEADER and/or HTML_FOOTER files to load these
# files. In the HTML_STYLESHEET file, use the file name only. Also note that
# the files will be copied as-is; there are no commands or markers available.
HTML_EXTRA_FILES =
# The HTML_COLORSTYLE_HUE tag controls the color of the HTML output.
# Doxygen will adjust the colors in the stylesheet and background images
# Doxygen will adjust the colors in the style sheet and background images
# according to this color. Hue is specified as an angle on a colorwheel,
# see http://en.wikipedia.org/wiki/Hue for more information.
# For instance the value 0 represents red, 60 is yellow, 120 is green,
@ -871,12 +939,6 @@ HTML_COLORSTYLE_GAMMA = 80
HTML_TIMESTAMP = YES
# If the HTML_ALIGN_MEMBERS tag is set to YES, the members of classes,
# files or namespaces will be aligned in HTML using tables. If set to
# NO a bullet list will be used.
HTML_ALIGN_MEMBERS = YES
# If the HTML_DYNAMIC_SECTIONS tag is set to YES then the generated HTML
# documentation will contain sections that can be hidden and shown after the
# page has loaded. For this to work a browser that supports
@ -1036,18 +1098,14 @@ GENERATE_ECLIPSEHELP = NO
ECLIPSE_DOC_ID = org.doxygen.Project
# The DISABLE_INDEX tag can be used to turn on/off the condensed index at
# top of each HTML page. The value NO (the default) enables the index and
# the value YES disables it.
# The DISABLE_INDEX tag can be used to turn on/off the condensed index (tabs)
# at top of each HTML page. The value NO (the default) enables the index and
# the value YES disables it. Since the tabs have the same information as the
# navigation tree you can set this option to NO if you already set
# GENERATE_TREEVIEW to YES.
DISABLE_INDEX = NO
# This tag can be used to set the number of enum values (range [0,1..20])
# that doxygen will group on one line in the generated HTML documentation.
# Note that a value of 0 will completely suppress the enum values from appearing in the overview section.
ENUM_VALUES_PER_LINE = 4
# The GENERATE_TREEVIEW tag is used to specify whether a tree-like index
# structure should be generated to display hierarchical information.
# If the tag value is set to YES, a side panel will be generated
@ -1055,13 +1113,17 @@ ENUM_VALUES_PER_LINE = 4
# is generated for HTML Help). For this to work a browser that supports
# JavaScript, DHTML, CSS and frames is required (i.e. any modern browser).
# Windows users are probably better off using the HTML help feature.
# Since the tree basically has the same information as the tab index you
# could consider to set DISABLE_INDEX to NO when enabling this option.
GENERATE_TREEVIEW = NO
# By enabling USE_INLINE_TREES, doxygen will generate the Groups, Directories,
# and Class Hierarchy pages using a tree view instead of an ordered list.
# The ENUM_VALUES_PER_LINE tag can be used to set the number of enum values
# (range [0,1..20]) that doxygen will group on one line in the generated HTML
# documentation. Note that a value of 0 will completely suppress the enum
# values from appearing in the overview section.
USE_INLINE_TREES = NO
ENUM_VALUES_PER_LINE = 4
# If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be
# used to set the initial width (in pixels) of the frame in which the tree
@ -1103,12 +1165,18 @@ USE_MATHJAX = NO
# HTML output directory using the MATHJAX_RELPATH option. The destination
# directory should contain the MathJax.js script. For instance, if the mathjax
# directory is located at the same level as the HTML output directory, then
# MATHJAX_RELPATH should be ../mathjax. The default value points to the mathjax.org site, so you can quickly see the result without installing
# MATHJAX_RELPATH should be ../mathjax. The default value points to the
# mathjax.org site, so you can quickly see the result without installing
# MathJax, but it is strongly recommended to install a local copy of MathJax
# before deployment.
MATHJAX_RELPATH = http://www.mathjax.org/mathjax
# The MATHJAX_EXTENSIONS tag can be used to specify one or MathJax extension
# names that should be enabled during MathJax rendering.
MATHJAX_EXTENSIONS =
# When the SEARCHENGINE tag is enabled doxygen will generate a search box
# for the HTML output. The underlying search engine uses javascript
# and DHTML and should work on any modern browser. Note that when using
@ -1182,6 +1250,13 @@ EXTRA_PACKAGES =
LATEX_HEADER =
# The LATEX_FOOTER tag can be used to specify a personal LaTeX footer for
# the generated latex document. The footer should contain everything after
# the last chapter. If it is left blank doxygen will generate a
# standard footer. Notice: only use this tag if you know what you are doing!
LATEX_FOOTER =
# If the PDF_HYPERLINKS tag is set to YES, the LaTeX that is generated
# is prepared for conversion to pdf (using ps2pdf). The pdf file will
# contain links (just like the HTML output) instead of page references
@ -1215,6 +1290,12 @@ LATEX_HIDE_INDICES = NO
LATEX_SOURCE_CODE = NO
# The LATEX_BIB_STYLE tag can be used to specify the style to use for the
# bibliography, e.g. plainnat, or ieeetr. The default style is "plain". See
# http://en.wikipedia.org/wiki/BibTeX for more info.
LATEX_BIB_STYLE = plain
#---------------------------------------------------------------------------
# configuration options related to the RTF output
#---------------------------------------------------------------------------
@ -1246,7 +1327,7 @@ COMPACT_RTF = NO
RTF_HYPERLINKS = NO
# Load stylesheet definitions from file. Syntax is similar to doxygen's
# Load style sheet definitions from file. Syntax is similar to doxygen's
# config file, i.e. a series of assignments. You only have to provide
# replacements, missing definitions are set to their default value.
@ -1391,7 +1472,7 @@ MACRO_EXPANSION = YES
EXPAND_ONLY_PREDEF = NO
# If the SEARCH_INCLUDES tag is set to YES (the default) the includes files
# in the INCLUDE_PATH (see below) will be search if a #include is found.
# pointed to by INCLUDE_PATH will be searched when a #include is found.
SEARCH_INCLUDES = YES
@ -1399,7 +1480,7 @@ SEARCH_INCLUDES = YES
# contain include files that are not input files but should be processed by
# the preprocessor.
INCLUDE_PATH =
INCLUDE_PATH = .
# You can use the INCLUDE_FILE_PATTERNS tag to specify one or more wildcard
# patterns (like *.h and *.hpp) to filter out the header-files in the
@ -1421,7 +1502,8 @@ PREDEFINED = HAVE_SSL
# If the MACRO_EXPANSION and EXPAND_ONLY_PREDEF tags are set to YES then
# this tag can be used to specify a list of macro names that should be expanded.
# The macro definition that is found in the sources will be used.
# Use the PREDEFINED tag if you want to use a different macro definition that overrules the definition found in the source code.
# Use the PREDEFINED tag if you want to use a different macro definition that
# overrules the definition found in the source code.
EXPAND_AS_DEFINED =
@ -1519,13 +1601,12 @@ HAVE_DOT = NO
DOT_NUM_THREADS = 0
# By default doxygen will write a font called Helvetica to the output
# directory and reference it in all dot files that doxygen generates.
# When you want a differently looking font you can specify the font name
# using DOT_FONTNAME. You need to make sure dot is able to find the font,
# which can be done by putting it in a standard location or by setting the
# DOTFONTPATH environment variable or by setting DOT_FONTPATH to the directory
# containing the font.
# By default doxygen will use the Helvetica font for all dot files that
# doxygen generates. When you want a differently looking font you can specify
# the font name using DOT_FONTNAME. You need to make sure dot is able to find
# the font, which can be done by putting it in a standard location or by setting
# the DOTFONTPATH environment variable or by setting DOT_FONTPATH to the
# directory containing the font.
DOT_FONTNAME = Helvetica
@ -1534,17 +1615,16 @@ DOT_FONTNAME = Helvetica
DOT_FONTSIZE = 10
# By default doxygen will tell dot to use the output directory to look for the
# FreeSans.ttf font (which doxygen will put there itself). If you specify a
# different font using DOT_FONTNAME you can set the path where dot
# can find it using this tag.
# By default doxygen will tell dot to use the Helvetica font.
# If you specify a different font using DOT_FONTNAME you can use DOT_FONTPATH to
# set the path where dot can find it.
DOT_FONTPATH =
# If the CLASS_GRAPH and HAVE_DOT tags are set to YES then doxygen
# will generate a graph for each documented class showing the direct and
# indirect inheritance relations. Setting this tag to YES will force the
# the CLASS_DIAGRAMS tag to NO.
# CLASS_DIAGRAMS tag to NO.
CLASS_GRAPH = YES
@ -1614,11 +1694,22 @@ GRAPHICAL_HIERARCHY = YES
DIRECTORY_GRAPH = YES
# The DOT_IMAGE_FORMAT tag can be used to set the image format of the images
# generated by dot. Possible values are png, svg, gif or svg.
# If left blank png will be used.
# generated by dot. Possible values are svg, png, jpg, or gif.
# If left blank png will be used. If you choose svg you need to set
# HTML_FILE_EXTENSION to xhtml in order to make the SVG files
# visible in IE 9+ (other browsers do not have this requirement).
DOT_IMAGE_FORMAT = png
# If DOT_IMAGE_FORMAT is set to svg, then this option can be set to YES to
# enable generation of interactive SVG images that allow zooming and panning.
# Note that this requires a modern browser other than Internet Explorer.
# Tested and working are Firefox, Chrome, Safari, and Opera. For IE 9+ you
# need to set HTML_FILE_EXTENSION to xhtml in order to make the SVG files
# visible. Older versions of IE do not have SVG support.
INTERACTIVE_SVG = NO
# The tag DOT_PATH can be used to specify the path where the dot tool can be
# found. If left blank, it is assumed the dot tool can be found in the path.

17
contrib/ldns/net.c
View File

@ -110,12 +110,14 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf
if ((ns->ss_family == AF_INET) &&
(ldns_resolver_ip6(r) == LDNS_RESOLV_INET6)) {
/* not reachable */
LDNS_FREE(ns);
continue;
}
if ((ns->ss_family == AF_INET6) &&
(ldns_resolver_ip6(r) == LDNS_RESOLV_INET)) {
/* not reachable */
LDNS_FREE(ns);
continue;
}
#endif
@ -182,7 +184,8 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf
ldns_pkt_set_querytime(reply, (uint32_t)
((tv_e.tv_sec - tv_s.tv_sec) * 1000) +
(tv_e.tv_usec - tv_s.tv_usec) / 1000);
ldns_pkt_set_answerfrom(reply, ns_array[i]);
ldns_pkt_set_answerfrom(reply,
ldns_rdf_clone(ns_array[i]));
ldns_pkt_set_timestamp(reply, tv_s);
ldns_pkt_set_size(reply, reply_size);
break;
@ -203,7 +206,7 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf
return LDNS_STATUS_RES_NO_NS;
}
#ifdef HAVE_SSL
if (tsig_mac && reply_bytes) {
if (tsig_mac && reply && reply_bytes) {
if (!ldns_pkt_tsig_verify(reply,
reply_bytes,
reply_size,
@ -470,7 +473,7 @@ ldns_tcp_send_query(ldns_buffer *qbin, int sockfd,
sendbuf = LDNS_XMALLOC(uint8_t, ldns_buffer_position(qbin) + 2);
if(!sendbuf) return 0;
ldns_write_uint16(sendbuf, ldns_buffer_position(qbin));
memcpy(sendbuf + 2, ldns_buffer_export(qbin), ldns_buffer_position(qbin));
memcpy(sendbuf + 2, ldns_buffer_begin(qbin), ldns_buffer_position(qbin));
bytes = sendto(sockfd, (void*)sendbuf,
ldns_buffer_position(qbin) + 2, 0, (struct sockaddr *)to, tolen);
@ -669,7 +672,7 @@ ldns_tcp_send(uint8_t **result, ldns_buffer *qbin, const struct sockaddr_storag
}
/* resize accordingly */
*result = (uint8_t*)LDNS_XREALLOC(answer, uint8_t *, (size_t)*answer_size);
*result = LDNS_XREALLOC(answer, uint8_t, (size_t)*answer_size);
if(!*result) {
LDNS_FREE(answer);
return LDNS_STATUS_MEM_ERR;
@ -807,6 +810,9 @@ ldns_axfr_start(ldns_resolver *resolver, ldns_rdf *domain, ldns_rr_class class)
ns_i < ldns_resolver_nameserver_count(resolver) &&
resolver->_socket == 0;
ns_i++) {
if (ns != NULL) {
LDNS_FREE(ns);
}
ns = ldns_rdf2native_sockaddr_storage(
resolver->_nameservers[ns_i],
ldns_resolver_port(resolver), &ns_len);
@ -837,6 +843,9 @@ ldns_axfr_start(ldns_resolver *resolver, ldns_rdf *domain, ldns_rr_class class)
#endif
resolver->_socket = 0;
ldns_pkt_free(query);
LDNS_FREE(ns);
return LDNS_STATUS_CRYPTO_TSIG_ERR;
}
}

136
contrib/ldns/packet.c
View File

@ -255,7 +255,6 @@ ldns_pkt_rr_list_by_name(ldns_pkt *packet,
ldns_pkt_section sec)
{
ldns_rr_list *rrs;
ldns_rr_list *new;
ldns_rr_list *ret;
uint16_t i;
@ -264,7 +263,6 @@ ldns_pkt_rr_list_by_name(ldns_pkt *packet,
}
rrs = ldns_pkt_get_section_clone(packet, sec);
new = ldns_rr_list_new();
ret = NULL;
for(i = 0; i < ldns_rr_list_rr_count(rrs); i++) {
@ -272,8 +270,10 @@ ldns_pkt_rr_list_by_name(ldns_pkt *packet,
ldns_rr_list_rr(rrs, i)),
ownername) == 0) {
/* owner names match */
ldns_rr_list_push_rr(new, ldns_rr_list_rr(rrs, i));
ret = new;
if (ret == NULL) {
ret = ldns_rr_list_new();
}
ldns_rr_list_push_rr(ret, ldns_rr_list_rr(rrs, i));
}
}
return ret;
@ -649,19 +649,27 @@ ldns_pkt_push_rr(ldns_pkt *packet, ldns_pkt_section section, ldns_rr *rr)
{
switch(section) {
case LDNS_SECTION_QUESTION:
ldns_rr_list_push_rr(ldns_pkt_question(packet), rr);
if (!ldns_rr_list_push_rr(ldns_pkt_question(packet), rr)) {
return false;
}
ldns_pkt_set_qdcount(packet, ldns_pkt_qdcount(packet) + 1);
break;
case LDNS_SECTION_ANSWER:
ldns_rr_list_push_rr(ldns_pkt_answer(packet), rr);
if (!ldns_rr_list_push_rr(ldns_pkt_answer(packet), rr)) {
return false;
}
ldns_pkt_set_ancount(packet, ldns_pkt_ancount(packet) + 1);
break;
case LDNS_SECTION_AUTHORITY:
ldns_rr_list_push_rr(ldns_pkt_authority(packet), rr);
if (!ldns_rr_list_push_rr(ldns_pkt_authority(packet), rr)) {
return false;
}
ldns_pkt_set_nscount(packet, ldns_pkt_nscount(packet) + 1);
break;
case LDNS_SECTION_ADDITIONAL:
ldns_rr_list_push_rr(ldns_pkt_additional(packet), rr);
if (!ldns_rr_list_push_rr(ldns_pkt_additional(packet), rr)) {
return false;
}
ldns_pkt_set_arcount(packet, ldns_pkt_arcount(packet) + 1);
break;
case LDNS_SECTION_ANY:
@ -783,6 +791,7 @@ ldns_pkt_free(ldns_pkt *packet)
ldns_rr_list_deep_free(packet->_additional);
ldns_rr_free(packet->_tsig_rr);
ldns_rdf_deep_free(packet->_edns_data);
ldns_rdf_deep_free(packet->_answerfrom);
LDNS_FREE(packet);
}
}
@ -817,6 +826,86 @@ ldns_pkt_set_flags(ldns_pkt *packet, uint16_t flags)
return true;
}
static ldns_status
ldns_pkt_add_authsoa(ldns_pkt* packet, ldns_rdf* rr_name, ldns_rr_class rr_class)
{
ldns_rr* soa_rr = ldns_rr_new();
ldns_rdf *owner_rdf;
ldns_rdf *mname_rdf;
ldns_rdf *rname_rdf;
ldns_rdf *serial_rdf;
ldns_rdf *refresh_rdf;
ldns_rdf *retry_rdf;
ldns_rdf *expire_rdf;
ldns_rdf *minimum_rdf;
if (!soa_rr) {
return LDNS_STATUS_MEM_ERR;
}
owner_rdf = ldns_rdf_clone(rr_name);
if (!owner_rdf) {
ldns_rr_free(soa_rr);
return LDNS_STATUS_MEM_ERR;
}
ldns_rr_set_owner(soa_rr, owner_rdf);
ldns_rr_set_type(soa_rr, LDNS_RR_TYPE_SOA);
ldns_rr_set_class(soa_rr, rr_class);
ldns_rr_set_question(soa_rr, false);
if (ldns_str2rdf_dname(&mname_rdf, ".") != LDNS_STATUS_OK) {
ldns_rr_free(soa_rr);
return LDNS_STATUS_MEM_ERR;
} else {
ldns_rr_push_rdf(soa_rr, mname_rdf);
}
if (ldns_str2rdf_dname(&rname_rdf, ".") != LDNS_STATUS_OK) {
ldns_rr_free(soa_rr);
return LDNS_STATUS_MEM_ERR;
} else {
ldns_rr_push_rdf(soa_rr, rname_rdf);
}
serial_rdf = ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, 0);
if (!serial_rdf) {
ldns_rr_free(soa_rr);
return LDNS_STATUS_MEM_ERR;
} else {
ldns_rr_push_rdf(soa_rr, serial_rdf);
}
refresh_rdf = ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, 0);
if (!refresh_rdf) {
ldns_rr_free(soa_rr);
return LDNS_STATUS_MEM_ERR;
} else {
ldns_rr_push_rdf(soa_rr, refresh_rdf);
}
retry_rdf = ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, 0);
if (!retry_rdf) {
ldns_rr_free(soa_rr);
return LDNS_STATUS_MEM_ERR;
} else {
ldns_rr_push_rdf(soa_rr, retry_rdf);
}
expire_rdf = ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, 0);
if (!expire_rdf) {
ldns_rr_free(soa_rr);
return LDNS_STATUS_MEM_ERR;
} else {
ldns_rr_push_rdf(soa_rr, expire_rdf);
}
minimum_rdf = ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, 0);
if (!minimum_rdf) {
ldns_rr_free(soa_rr);
return LDNS_STATUS_MEM_ERR;
} else {
ldns_rr_push_rdf(soa_rr, minimum_rdf);
}
ldns_pkt_push_rr(packet, LDNS_SECTION_AUTHORITY, soa_rr);
return LDNS_STATUS_OK;
}
ldns_status
ldns_pkt_query_new_frm_str(ldns_pkt **p, const char *name, ldns_rr_type rr_type,
ldns_rr_class rr_class, uint16_t flags)
@ -851,21 +940,29 @@ ldns_pkt_query_new_frm_str(ldns_pkt **p, const char *name, ldns_rr_type rr_type,
ldns_rr_set_type(question_rr, rr_type);
ldns_rr_set_class(question_rr, rr_class);
ldns_rr_set_question(question_rr, true);
ldns_pkt_push_rr(packet, LDNS_SECTION_QUESTION, question_rr);
} else {
ldns_rr_free(question_rr);
ldns_pkt_free(packet);
return LDNS_STATUS_ERR;
}
/** IXFR? */
if (rr_type == LDNS_RR_TYPE_IXFR) {
if (ldns_pkt_add_authsoa(packet, name_rdf, rr_class) != LDNS_STATUS_OK) {
ldns_pkt_free(packet);
return LDNS_STATUS_ERR;
}
}
packet->_tsig_rr = NULL;
ldns_pkt_set_answerfrom(packet, NULL);
if (p) {
*p = packet;
return LDNS_STATUS_OK;
} else {
ldns_pkt_free(packet);
return LDNS_STATUS_NULL;
}
}
@ -888,6 +985,7 @@ ldns_pkt_query_new(ldns_rdf *rr_name, ldns_rr_type rr_type, ldns_rr_class rr_cla
question_rr = ldns_rr_new();
if (!question_rr) {
ldns_pkt_free(packet);
return NULL;
}
@ -902,11 +1000,17 @@ ldns_pkt_query_new(ldns_rdf *rr_name, ldns_rr_type rr_type, ldns_rr_class rr_cla
ldns_rr_set_type(question_rr, rr_type);
ldns_rr_set_class(question_rr, rr_class);
ldns_rr_set_question(question_rr, true);
packet->_tsig_rr = NULL;
ldns_pkt_push_rr(packet, LDNS_SECTION_QUESTION, question_rr);
/** IXFR? */
if (rr_type == LDNS_RR_TYPE_IXFR) {
if (ldns_pkt_add_authsoa(packet, rr_name, rr_class) != LDNS_STATUS_OK) {
ldns_pkt_free(packet);
return NULL;
}
}
packet->_tsig_rr = NULL;
return packet;
}
@ -980,7 +1084,9 @@ ldns_pkt_clone(ldns_pkt *pkt)
ldns_pkt_set_ancount(new_pkt, ldns_pkt_ancount(pkt));
ldns_pkt_set_nscount(new_pkt, ldns_pkt_nscount(pkt));
ldns_pkt_set_arcount(new_pkt, ldns_pkt_arcount(pkt));
ldns_pkt_set_answerfrom(new_pkt, ldns_pkt_answerfrom(pkt));
if (ldns_pkt_answerfrom(pkt))
ldns_pkt_set_answerfrom(new_pkt,
ldns_rdf_clone(ldns_pkt_answerfrom(pkt)));
ldns_pkt_set_querytime(new_pkt, ldns_pkt_querytime(pkt));
ldns_pkt_set_size(new_pkt, ldns_pkt_size(pkt));
ldns_pkt_set_tsig(new_pkt, ldns_rr_clone(ldns_pkt_tsig(pkt)));

9
contrib/ldns/parse.c
View File

@ -161,7 +161,7 @@ ldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *li
return (ssize_t)i;
tokenread:
ldns_fskipcs_l(f, delim, line_nr);
ldns_fskipcs_l(f, del, line_nr);
*t = '\0';
if (p != 0) {
return -1;
@ -331,7 +331,7 @@ ldns_bget_token(ldns_buffer *b, char *token, const char *delim, size_t limit)
return (ssize_t)i;
tokenread:
ldns_bskipcs(b, delim);
ldns_bskipcs(b, del);
*t = '\0';
if (p != 0) {
@ -340,6 +340,7 @@ ldns_bget_token(ldns_buffer *b, char *token, const char *delim, size_t limit)
return (ssize_t)i;
}
#if 0
static void
ldns_bskipc(ldns_buffer *buffer, char c)
{
@ -352,6 +353,7 @@ ldns_bskipc(ldns_buffer *buffer, char c)
}
}
}
#endif
void
ldns_bskipcs(ldns_buffer *buffer, const char *s)
@ -376,11 +378,12 @@ ldns_bskipcs(ldns_buffer *buffer, const char *s)
}
}
#if 0
static void
ldns_fskipc(ATTR_UNUSED(FILE *fp), ATTR_UNUSED(char c))
{
}
#endif
void
ldns_fskipcs(FILE *fp, const char *s)

59
contrib/ldns/resolver.c
View File

@ -253,13 +253,20 @@ ldns_resolver_pop_nameserver(ldns_resolver *r)
pop = nameservers[ns_count - 1];
nameservers = LDNS_XREALLOC(nameservers, ldns_rdf *, (ns_count - 1));
rtt = LDNS_XREALLOC(rtt, size_t, (ns_count - 1));
if (ns_count == 1) {
LDNS_FREE(nameservers);
LDNS_FREE(rtt);
ldns_resolver_set_nameservers(r, NULL);
ldns_resolver_set_rtt(r, NULL);
} else {
nameservers = LDNS_XREALLOC(nameservers, ldns_rdf *,
(ns_count - 1));
rtt = LDNS_XREALLOC(rtt, size_t, (ns_count - 1));
if(nameservers)
ldns_resolver_set_nameservers(r, nameservers);
if(rtt)
ldns_resolver_set_rtt(r, rtt);
}
/* decr the count */
ldns_resolver_dec_nameserver_count(r);
return pop;
@ -385,7 +392,9 @@ ldns_resolver_push_dnssec_anchor(ldns_resolver *r, ldns_rr *rr)
{
ldns_rr_list * trust_anchors;
if ((!rr) || (ldns_rr_get_type(rr) != LDNS_RR_TYPE_DNSKEY)) {
if ((!rr) || (ldns_rr_get_type(rr) != LDNS_RR_TYPE_DNSKEY &&
ldns_rr_get_type(rr) != LDNS_RR_TYPE_DS)) {
return LDNS_STATUS_ERR;
}
@ -800,8 +809,7 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr)
gtr -= bgtr;
if(word[0] == '#') {
expect = LDNS_RESOLV_KEYWORD;
ldns_buffer_free(b);
continue;
break;
}
tmp = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, word);
if (!tmp) {
@ -817,8 +825,10 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr)
(size_t) gtr + 1);
}
ldns_buffer_free(b);
gtr = 1;
expect = LDNS_RESOLV_KEYWORD;
if (expect != LDNS_RESOLV_KEYWORD) {
gtr = 1;
expect = LDNS_RESOLV_KEYWORD;
}
break;
case LDNS_RESOLV_SORTLIST:
gtr = ldns_fget_token_l(fp, word, LDNS_PARSE_SKIP_SPACE, 0, line_nr);
@ -885,6 +895,7 @@ ldns_resolver_new_frm_file(ldns_resolver **res, const char *filename)
*res = r;
return LDNS_STATUS_OK;
} else {
ldns_resolver_free(r);
return LDNS_STATUS_NULL;
}
}
@ -947,15 +958,12 @@ ldns_resolver_search(const ldns_resolver *r,const ldns_rdf *name,
ldns_rr_type t, ldns_rr_class c, uint16_t flags)
{
char *str_dname;
ldns_rdf *new_name;
ldns_rdf **search_list;
size_t i;
ldns_pkt *p;
str_dname = ldns_rdf2str(name);
if (ldns_dname_str_absolute(str_dname)) {
if (ldns_dname_absolute(name)) {
/* query as-is */
return ldns_resolver_query(r, name, t, c, flags);
} else if (ldns_resolver_dnsrch(r)) {
@ -1017,9 +1025,6 @@ ldns_resolver_query(const ldns_resolver *r, const ldns_rdf *name,
newname = ldns_dname_cat_clone((const ldns_rdf*)name, ldns_resolver_domain(r));
if (!newname) {
if (pkt) {
ldns_pkt_free(pkt);
}
return NULL;
}
@ -1212,9 +1217,11 @@ ldns_resolver_send(ldns_pkt **answer, ldns_resolver *r, const ldns_rdf *name,
ldns_resolver_tsig_keydata(r),
300, ldns_resolver_tsig_algorithm(r), NULL);
if (status != LDNS_STATUS_OK) {
ldns_pkt_free(query_pkt);
return LDNS_STATUS_CRYPTO_TSIG_ERR;
}
#else
ldns_pkt_free(query_pkt);
return LDNS_STATUS_CRYPTO_TSIG_ERR;
#endif /* HAVE_SSL */
}
@ -1294,7 +1301,14 @@ ldns_axfr_next(ldns_resolver *resolver)
return NULL;
} else if (ldns_pkt_get_rcode(resolver->_cur_axfr_pkt) != 0) {
rcode = ldns_lookup_by_id(ldns_rcodes, (int) ldns_pkt_get_rcode(resolver->_cur_axfr_pkt));
fprintf(stderr, "Error in AXFR: %s\n", rcode->name);
if (rcode) {
fprintf(stderr, "Error in AXFR: %s\n",
rcode->name);
} else {
fprintf(stderr, "Error in AXFR: %d\n",
(int) ldns_pkt_get_rcode(
resolver->_cur_axfr_pkt));
}
/* RoRi: we must now also close the socket, otherwise subsequent uses of the
same resolver structure will fail because the link is still open or
@ -1333,17 +1347,22 @@ void
ldns_resolver_nameservers_randomize(ldns_resolver *r)
{
uint16_t i, j;
ldns_rdf **ns, *tmp;
ldns_rdf **ns, *tmpns;
size_t *rtt, tmprtt;
/* should I check for ldns_resolver_random?? */
assert(r != NULL);
ns = ldns_resolver_nameservers(r);
rtt = ldns_resolver_rtt(r);
for (i = 0; i < ldns_resolver_nameserver_count(r); i++) {
j = ldns_get_random() % ldns_resolver_nameserver_count(r);
tmp = ns[i];
tmpns = ns[i];
ns[i] = ns[j];
ns[j] = tmp;
ns[j] = tmpns;
tmprtt = rtt[i];
rtt[i] = rtt[j];
rtt[j] = tmprtt;
}
ldns_resolver_set_nameservers(r, ns);
}

35
contrib/ldns/rr.c
View File

@ -119,7 +119,7 @@ ldns_rr_new_frm_str_internal(ldns_rr **newrr, const char *str,
char *type = NULL;
char *rdata = NULL;
char *rd = NULL;
char *b64 = NULL;
char * b64 = NULL;
size_t rd_strlen;
const char *delimiters;
ssize_t c;
@ -477,6 +477,7 @@ ldns_rr_new_frm_str_internal(ldns_rr **newrr, const char *str,
ldns_buffer_free(rr_buf);
LDNS_FREE(rdata);
ldns_rr_free(new);
LDNS_FREE(hex_data);
return s;
}
LDNS_FREE(hex_data);
@ -600,6 +601,9 @@ ldns_rr_new_frm_str_internal(ldns_rr **newrr, const char *str,
if (newrr) {
*newrr = new;
} else {
/* Maybe the caller just wanted to see if it would parse? */
ldns_rr_free(new);
}
return LDNS_STATUS_OK;
@ -724,8 +728,13 @@ ldns_rr_new_frm_fp_l(ldns_rr **newrr, FILE *fp, uint32_t *default_ttl, ldns_rdf
}
}
LDNS_FREE(line);
if (newrr && s == LDNS_STATUS_OK) {
*newrr = rr;
if (s == LDNS_STATUS_OK) {
if (newrr) {
*newrr = rr;
} else {
/* Just testing if it would parse? */
ldns_rr_free(rr);
}
}
return s;
}
@ -1156,7 +1165,8 @@ ldns_rr_list_pop_rr_list(ldns_rr_list *rr_list, size_t howmany)
i--;
}
if (i == howmany) {
if (i == howmany) { /* so i <= 0 */
ldns_rr_list_free(popped);
return NULL;
} else {
return popped;
@ -1384,7 +1394,7 @@ ldns_rr_list_clone(const ldns_rr_list *rrlist)
return new_list;
}
#if 0
static int
qsort_rr_compare(const void *a, const void *b)
{
@ -1402,6 +1412,7 @@ qsort_rr_compare(const void *a, const void *b)
}
return ldns_rr_compare(rr1, rr2);
}
#endif
static int
qsort_schwartz_rr_compare(const void *a, const void *b)
@ -1480,6 +1491,7 @@ ldns_rr_list_sort(ldns_rr_list *unsorted)
LDNS_FREE(sortables[i]);
}
/* no way to return error */
LDNS_FREE(sortables);
return;
}
sortables[i]->original_object = ldns_rr_list_rr(unsorted, i);
@ -1941,6 +1953,12 @@ static const ldns_rdf_type type_tsig_wireformat[] = {
LDNS_RDF_TYPE_INT16,
LDNS_RDF_TYPE_INT16_DATA
};
static const ldns_rdf_type type_tlsa_wireformat[] = {
LDNS_RDF_TYPE_INT8,
LDNS_RDF_TYPE_INT8,
LDNS_RDF_TYPE_INT8,
LDNS_RDF_TYPE_HEX
};
/** \endcond */
/** \cond */
@ -2048,13 +2066,14 @@ static ldns_rr_descriptor rdata_field_descriptors[] = {
/* 48 */
{LDNS_RR_TYPE_DNSKEY, "DNSKEY", 4, 4, type_dnskey_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
/* 49 */
{LDNS_RR_TYPE_DHCID, "DHCID", 1, 1, type_dhcid_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
{LDNS_RR_TYPE_DHCID, "DHCID", 1, 1, type_dhcid_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
/* 50 */
{LDNS_RR_TYPE_NSEC3, "NSEC3", 5, 6, type_nsec3_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
/* 51 */
{LDNS_RR_TYPE_NSEC3PARAM, "NSEC3PARAM", 4, 4, type_nsec3param_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
{LDNS_RR_TYPE_NSEC3PARAM, "NSEC3PARAM", 4, 4, type_nsec3param_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
/* 52 */
{LDNS_RR_TYPE_NULL, "TYPE52", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
{LDNS_RR_TYPE_TLSA, "TLSA", 4, 4, type_tlsa_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
{LDNS_RR_TYPE_NULL, "TYPE53", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
{LDNS_RR_TYPE_NULL, "TYPE54", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
{LDNS_RR_TYPE_NULL, "TYPE55", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },

5
contrib/ldns/str2host.c
View File

@ -96,7 +96,7 @@ ldns_str2rdf_time(ldns_rdf **rd, const char *time)
goto bad_format;
}
l = htonl(mktime_from_utc(&tm));
l = htonl(ldns_mktime_from_utc(&tm));
memcpy(r, &l, sizeof(uint32_t));
*rd = ldns_rdf_new_frm_data(
LDNS_RDF_TYPE_TIME, sizeof(uint32_t), r);
@ -534,6 +534,7 @@ ldns_str2rdf_apl(ldns_rdf **rd, const char *str)
data = LDNS_XMALLOC(uint8_t, 4 + afdlength);
if(!data) {
LDNS_FREE(afdpart);
LDNS_FREE(my_ip_str);
return LDNS_STATUS_INVALID_STR;
}
@ -1104,8 +1105,6 @@ ldns_str2rdf_wks(ldns_rdf **rd, const char *str)
data[0] = (uint8_t) proto->p_proto;
} else if (proto_str) {
data[0] = (uint8_t) atoi(proto_str);
} else {
data[0] = 0;
}
memcpy(data + 1, bitmap, (size_t) bm_len);

12
contrib/ldns/tsig.c
View File

@ -179,10 +179,12 @@ ldns_tsig_mac_new(ldns_rdf **tsig_mac, uint8_t *pkt_wire, size_t pkt_wire_size,
return LDNS_STATUS_NULL;
}
canonical_key_name_rdf = ldns_rdf_clone(key_name_rdf);
if (canonical_key_name_rdf == NULL) {
return LDNS_STATUS_MEM_ERR;
}
canonical_algorithm_rdf = ldns_rdf_clone(algorithm_rdf);
if (canonical_key_name_rdf == NULL
|| canonical_algorithm_rdf == NULL) {
if (canonical_algorithm_rdf == NULL) {
ldns_rdf_deep_free(canonical_key_name_rdf);
return LDNS_STATUS_MEM_ERR;
}
/*
@ -266,8 +268,8 @@ ldns_tsig_mac_new(ldns_rdf **tsig_mac, uint8_t *pkt_wire, size_t pkt_wire_size,
LDNS_FREE(key_bytes);
LDNS_FREE(algorithm_name);
ldns_buffer_free(data_buffer);
ldns_rdf_free(canonical_algorithm_rdf);
ldns_rdf_free(canonical_key_name_rdf);
ldns_rdf_deep_free(canonical_algorithm_rdf);
ldns_rdf_deep_free(canonical_key_name_rdf);
return status;
}
#endif /* HAVE_SSL */

11
contrib/ldns/util.c
View File

@ -25,6 +25,7 @@
#include <openssl/rand.h>
#endif
#if 0
/* put this here tmp. for debugging */
static void
xprintf_rdf(ldns_rdf *rd)
@ -62,6 +63,7 @@ xprintf_hex(uint8_t *data, size_t len)
}
printf("\n");
}
#endif
ldns_lookup_table *
ldns_lookup_by_name(ldns_lookup_table *table, const char *name)
@ -228,7 +230,7 @@ leap_days(int y1, int y2)
* Code adapted from Python 2.4.1 sources (Lib/calendar.py).
*/
time_t
mktime_from_utc(const struct tm *tm)
ldns_mktime_from_utc(const struct tm *tm)
{
int year = 1900 + tm->tm_year;
time_t days = 365 * ((time_t) year - 1970) + leap_days(1970, year);
@ -252,6 +254,12 @@ mktime_from_utc(const struct tm *tm)
return seconds;
}
time_t
mktime_from_utc(const struct tm *tm)
{
return ldns_mktime_from_utc(tm);
}
#if SIZEOF_TIME_T <= 4
static void
@ -399,6 +407,7 @@ ldns_init_random(FILE *fd, unsigned int size)
if (read < size) {
LDNS_FREE(seed);
if (!fd) fclose(rand_f);
return 1;
} else {
#ifdef HAVE_SSL

2
contrib/ldns/zone.c
View File

@ -56,6 +56,7 @@ ldns_zone_push_rr(ldns_zone *z, ldns_rr *rr)
return ldns_rr_list_push_rr( ldns_zone_rrs(z), rr);
}
#if 0
/* return a clone of the given rr list, without the glue records
* rr list should be the complete zone
* if present, stripped records are added to the list *glue_records
@ -153,6 +154,7 @@ ldns_zone_strip_glue_rrs(const ldns_rdf *zone_name, const ldns_rr_list *rrs, ldn
}
return NULL;
}
#endif
/*
* Get the list of glue records in a zone

4
contrib/llvm/lib/MC/MCParser/AsmParser.cpp
View File

@ -2372,6 +2372,10 @@ bool AsmParser::ParseDirectiveAlign(bool IsPow2, unsigned ValueSize) {
}
Alignment = 1ULL << Alignment;
} else {
// Reject alignments that aren't a power of two, for gas compatibility.
if (!isPowerOf2_64(Alignment))
Error(AlignmentLoc, "alignment must be a power of 2");
}
// Diagnose non-sensical max bytes to align.

14
contrib/llvm/lib/Target/X86/X86InstrCompiler.td
View File

@ -1076,12 +1076,14 @@ def : Pat<(X86cmp GR64:$src1, 0),
// inverted.
multiclass CMOVmr<PatLeaf InvertedCond, Instruction Inst16, Instruction Inst32,
Instruction Inst64> {
def : Pat<(X86cmov (loadi16 addr:$src1), GR16:$src2, InvertedCond, EFLAGS),
(Inst16 GR16:$src2, addr:$src1)>;
def : Pat<(X86cmov (loadi32 addr:$src1), GR32:$src2, InvertedCond, EFLAGS),
(Inst32 GR32:$src2, addr:$src1)>;
def : Pat<(X86cmov (loadi64 addr:$src1), GR64:$src2, InvertedCond, EFLAGS),
(Inst64 GR64:$src2, addr:$src1)>;
let Predicates = [HasCMov] in {
def : Pat<(X86cmov (loadi16 addr:$src1), GR16:$src2, InvertedCond, EFLAGS),
(Inst16 GR16:$src2, addr:$src1)>;
def : Pat<(X86cmov (loadi32 addr:$src1), GR32:$src2, InvertedCond, EFLAGS),
(Inst32 GR32:$src2, addr:$src1)>;
def : Pat<(X86cmov (loadi64 addr:$src1), GR64:$src2, InvertedCond, EFLAGS),
(Inst64 GR64:$src2, addr:$src1)>;
}
}
defm : CMOVmr<X86_COND_B , CMOVAE16rm, CMOVAE32rm, CMOVAE64rm>;

8
contrib/llvm/lib/Target/X86/X86SelectionDAGInfo.cpp
View File

@ -202,6 +202,14 @@ X86SelectionDAGInfo::EmitTargetCodeForMemcpy(SelectionDAG &DAG, DebugLoc dl,
SrcPtrInfo.getAddrSpace() >= 256)
return SDValue();
// ESI might be used as a base pointer, in that case we can't simply overwrite
// the register. Fall back to generic code.
const X86RegisterInfo *TRI =
static_cast<const X86RegisterInfo *>(DAG.getTarget().getRegisterInfo());
if (TRI->hasBasePointer(DAG.getMachineFunction()) &&
TRI->getBaseRegister() == X86::ESI)
return SDValue();
MVT AVT;
if (Align & 1)
AVT = MVT::i8;

146
contrib/llvm/tools/clang/lib/Driver/Tools.cpp
View File

@ -1114,10 +1114,59 @@ void Clang::AddSparcTargetArgs(const ArgList &Args,
}
}
static const char *getX86TargetCPU(const ArgList &Args,
const llvm::Triple &Triple) {
if (const Arg *A = Args.getLastArg(options::OPT_march_EQ)) {
if (StringRef(A->getValue()) != "native")
return A->getValue();
// FIXME: Reject attempts to use -march=native unless the target matches
// the host.
//
// FIXME: We should also incorporate the detected target features for use
// with -native.
std::string CPU = llvm::sys::getHostCPUName();
if (!CPU.empty() && CPU != "generic")
return Args.MakeArgString(CPU);
}
// Select the default CPU if none was given (or detection failed).
if (Triple.getArch() != llvm::Triple::x86_64 &&
Triple.getArch() != llvm::Triple::x86)
return 0; // This routine is only handling x86 targets.
bool Is64Bit = Triple.getArch() == llvm::Triple::x86_64;
// FIXME: Need target hooks.
if (Triple.isOSDarwin())
return Is64Bit ? "core2" : "yonah";
// Everything else goes to x86-64 in 64-bit mode.
if (Is64Bit)
return "x86-64";
if (Triple.getOSName().startswith("haiku"))
return "i586";
if (Triple.getOSName().startswith("openbsd"))
return "i486";
if (Triple.getOSName().startswith("bitrig"))
return "i686";
if (Triple.getOSName().startswith("freebsd"))
return "i486";
if (Triple.getOSName().startswith("netbsd"))
return "i486";
// All x86 devices running Android have core2 as their common
// denominator. This makes a better choice than pentium4.
if (Triple.getEnvironment() == llvm::Triple::Android)
return "core2";
// Fallback to p4.
return "pentium4";
}
void Clang::AddX86TargetArgs(const ArgList &Args,
ArgStringList &CmdArgs) const {
const bool isAndroid =
getToolChain().getTriple().getEnvironment() == llvm::Triple::Android;
if (!Args.hasFlag(options::OPT_mred_zone,
options::OPT_mno_red_zone,
true) ||
@ -1130,65 +1179,7 @@ void Clang::AddX86TargetArgs(const ArgList &Args,
false))
CmdArgs.push_back("-no-implicit-float");
const char *CPUName = 0;
if (const Arg *A = Args.getLastArg(options::OPT_march_EQ)) {
if (StringRef(A->getValue()) == "native") {
// FIXME: Reject attempts to use -march=native unless the target matches
// the host.
//
// FIXME: We should also incorporate the detected target features for use
// with -native.
std::string CPU = llvm::sys::getHostCPUName();
if (!CPU.empty() && CPU != "generic")
CPUName = Args.MakeArgString(CPU);
} else
CPUName = A->getValue();
}
// Select the default CPU if none was given (or detection failed).
if (!CPUName) {
// FIXME: Need target hooks.
if (getToolChain().getTriple().isOSDarwin()) {
if (getToolChain().getArch() == llvm::Triple::x86_64)
CPUName = "core2";
else if (getToolChain().getArch() == llvm::Triple::x86)
CPUName = "yonah";
} else if (getToolChain().getOS().startswith("haiku")) {
if (getToolChain().getArch() == llvm::Triple::x86_64)
CPUName = "x86-64";
else if (getToolChain().getArch() == llvm::Triple::x86)
CPUName = "i586";
} else if (getToolChain().getOS().startswith("openbsd")) {
if (getToolChain().getArch() == llvm::Triple::x86_64)
CPUName = "x86-64";
else if (getToolChain().getArch() == llvm::Triple::x86)
CPUName = "i486";
} else if (getToolChain().getOS().startswith("bitrig")) {
if (getToolChain().getArch() == llvm::Triple::x86_64)
CPUName = "x86-64";
else if (getToolChain().getArch() == llvm::Triple::x86)
CPUName = "i686";
} else if (getToolChain().getOS().startswith("freebsd")) {
if (getToolChain().getArch() == llvm::Triple::x86_64)
CPUName = "x86-64";
else if (getToolChain().getArch() == llvm::Triple::x86)
CPUName = "i486";
} else if (getToolChain().getOS().startswith("netbsd")) {
if (getToolChain().getArch() == llvm::Triple::x86_64)
CPUName = "x86-64";
else if (getToolChain().getArch() == llvm::Triple::x86)
CPUName = "i486";
} else {
if (getToolChain().getArch() == llvm::Triple::x86_64)
CPUName = "x86-64";
else if (getToolChain().getArch() == llvm::Triple::x86)
// All x86 devices running Android have core2 as their common
// denominator. This makes a better choice than pentium4.
CPUName = isAndroid ? "core2" : "pentium4";
}
}
if (CPUName) {
if (const char *CPUName = getX86TargetCPU(Args, getToolChain().getTriple())) {
CmdArgs.push_back("-target-cpu");
CmdArgs.push_back(CPUName);
}
@ -3091,6 +3082,15 @@ void ClangAs::AddARMTargetArgs(const ArgList &Args,
addFPMathArgs(D, A, Args, CmdArgs, getARMTargetCPU(Args, Triple));
}
void ClangAs::AddX86TargetArgs(const ArgList &Args,
ArgStringList &CmdArgs) const {
// Set the CPU based on -march=.
if (const char *CPUName = getX86TargetCPU(Args, getToolChain().getTriple())) {
CmdArgs.push_back("-target-cpu");
CmdArgs.push_back(CPUName);
}
}
/// Add options related to the Objective-C runtime/ABI.
///
/// Returns true if the runtime is non-fragile.
@ -3261,6 +3261,11 @@ void ClangAs::ConstructJob(Compilation &C, const JobAction &JA,
case llvm::Triple::thumb:
AddARMTargetArgs(Args, CmdArgs);
break;
case llvm::Triple::x86:
case llvm::Triple::x86_64:
AddX86TargetArgs(Args, CmdArgs);
break;
}
// Ignore explicit -force_cpusubtype_ALL option.
@ -6068,8 +6073,27 @@ void linuxtools::Link::ConstructJob(Compilation &C, const JobAction &JA,
CmdArgs.push_back("-plugin");
std::string Plugin = ToolChain.getDriver().Dir + "/../lib/LLVMgold.so";
CmdArgs.push_back(Args.MakeArgString(Plugin));
// Try to pass driver level flags relevant to LTO code generation down to
// the plugin.
// Handle architecture-specific flags for selecting CPU variants.
if (ToolChain.getArch() == llvm::Triple::x86 ||
ToolChain.getArch() == llvm::Triple::x86_64)
CmdArgs.push_back(
Args.MakeArgString(Twine("-plugin-opt=mcpu=") +
getX86TargetCPU(Args, ToolChain.getTriple())));
else if (ToolChain.getArch() == llvm::Triple::arm ||
ToolChain.getArch() == llvm::Triple::thumb)
CmdArgs.push_back(
Args.MakeArgString(Twine("-plugin-opt=mcpu=") +
getARMTargetCPU(Args, ToolChain.getTriple())));
// FIXME: Factor out logic for MIPS, PPC, and other targets to support this
// as well.
}
if (Args.hasArg(options::OPT_Z_Xlinker__no_demangle))
CmdArgs.push_back("--no-demangle");

1
contrib/llvm/tools/clang/lib/Driver/Tools.h
View File

@ -68,6 +68,7 @@ namespace tools {
/// \brief Clang integrated assembler tool.
class LLVM_LIBRARY_VISIBILITY ClangAs : public Tool {
void AddARMTargetArgs(const ArgList &Args, ArgStringList &CmdArgs) const;
void AddX86TargetArgs(const ArgList &Args, ArgStringList &CmdArgs) const;
public:
ClangAs(const ToolChain &TC) : Tool("clang::as",
"clang integrated assembler", TC) {}

4
contrib/nvi/ex/ex_txt.c
View File

@ -398,8 +398,8 @@ txt_dent(sp, tp)
++scno;
/* Get the previous shiftwidth column. */
cno = scno;
scno -= --scno % sw;
cno = scno--;
scno -= scno % sw;
/*
* Since we don't know what comes before the character(s) being

6
contrib/nvi/vi/v_txt.c
View File

@ -1956,8 +1956,10 @@ txt_dent(sp, tp, isindent)
target = current;
if (isindent)
target += COL_OFF(target, sw);
else
target -= --target % sw;
else {
--target;
target -= target % sw;
}
/*
* The AI characters will be turned into overwrite characters if the

2
contrib/openbsm/bin/auditdistd/token.l
View File

@ -74,7 +74,7 @@ sender { DP; return SENDER; }
source { DP; return SOURCE; }
timeout { DP; return TIMEOUT; }
[0-9]+ { DP; yylval.num = atoi(yytext); return NUM; }
\"[a-zA-Z0-9_/ !@#\$%\^\&\*\(\)\+\=\|\;\?\,\.\-\:]*\" { DP; yylval.str = strndup(yytext + 1, strlen(yytext) - 2); return STR; }
\"[a-zA-Z0-9_/ !@#\$%\^\&\*\(\)\+\=\|\;\?\,\.\[\]\-\:]*\" { DP; yylval.str = strndup(yytext + 1, strlen(yytext) - 2); return STR; }
\{ { DP; depth++; return OB; }
\} { DP; depth--; return CB; }
#.*$ /* ignore comments */;

6
contrib/opie/opiekey.c
View File

@ -109,19 +109,19 @@ static void getsecret FUNCTION((secret, promptextra, retype), char *secret AND c
if (!opiereadpass(verify, OPIE_SECRET_MAX, 0)) {
fprintf(stderr, "Error reading %ssecret pass phrase!\n", promptextra);
memset(verify, 0, sizeof(verify));
memset(secret, 0, sizeof(secret));
memset(secret, 0, OPIE_SECRET_MAX + 1);
exit(1);
}
if (verify[0] && strcmp(verify, secret)) {
fprintf(stderr, "They don't match. Try again.\n");
memset(verify, 0, sizeof(verify));
memset(secret, 0, sizeof(secret));
memset(secret, 0, OPIE_SECRET_MAX + 1);
exit(1);
}
memset(verify, 0, sizeof(verify));
}
if (!(flags & 2) && !aflag && opiepasscheck(secret)) {
memset(secret, 0, sizeof(secret));
memset(secret, 0, OPIE_SECRET_MAX + 1);
fprintf(stderr, "Secret pass phrases must be between %d and %d characters long.\n", OPIE_SECRET_MIN, OPIE_SECRET_MAX);
exit(1);
};

2
contrib/sendmail/src/milter.c
View File

@ -4048,7 +4048,7 @@ milter_helo(helo, e, state)
}
response = milter_command(SMFIC_HELO, helo, strlen(helo) + 1,
SMFIM_EOH, e, state, "helo", false);
SMFIM_HELO, e, state, "helo", false);
milter_per_connection_check(e);
return response;
}

2
contrib/wpa/src/crypto/md5-internal.c
View File

@ -188,7 +188,7 @@ void MD5Final(unsigned char digest[16], struct MD5Context *ctx)
MD5Transform(ctx->buf, (u32 *) ctx->in);
byteReverse((unsigned char *) ctx->buf, 4);
os_memcpy(digest, ctx->buf, 16);
os_memset(ctx, 0, sizeof(ctx)); /* In case it's sensitive */
os_memset(ctx, 0, sizeof(*ctx)); /* In case it's sensitive */
}
/* The four core functions - F1 is optimized somewhat */

2
crypto/heimdal/kcm/cache.c
View File

@ -102,7 +102,7 @@ kcm_ccache_resolve_by_uuid(krb5_context context,
for (p = ccache_head; p != NULL; p = p->next) {
if ((p->flags & KCM_FLAGS_VALID) == 0)
continue;
if (memcmp(p->uuid, uuid, sizeof(uuid)) == 0) {
if (memcmp(p->uuid, uuid, sizeof(kcmuuid_t)) == 0) {
ret = 0;
break;
}

4
etc/rc.resume
View File

@ -43,10 +43,6 @@ if [ -r /var/run/rc.suspend.pid ]; then
echo 'rc.resume: killed rc.suspend that was still around'
fi
if [ -r /var/run/moused.pid ]; then
pkill -HUP -F /var/run/moused.pid
fi
# Turns on a power supply of a card in the slot inactivated.
# See also contrib/pccardq.c (only for PAO users).
# pccardq | awk -F '~' '$5 == "inactive" \

19
gnu/lib/libstdc++/config.h
View File

@ -22,7 +22,7 @@
#define HAVE_ATAN2F 1
/* Define to 1 if you have the `atan2l' function. */
/* #undef HAVE_ATAN2L */
#define HAVE_ATAN2L 1
/* Define to 1 if you have the `atanf' function. */
#define HAVE_ATANF 1
@ -67,7 +67,7 @@
#define HAVE_EXPF 1
/* Define to 1 if you have the `expl' function. */
/* #undef HAVE_EXPL */
#define HAVE_EXPL 1
/* Define to 1 if you have the `fabsf' function. */
#define HAVE_FABSF 1
@ -100,7 +100,7 @@
#define HAVE_FMODF 1
/* Define to 1 if you have the `fmodl' function. */
/* #undef HAVE_FMODL */
#define HAVE_FMODL 1
/* Define to 1 if you have the `fpclass' function. */
/* #undef HAVE_FPCLASS */
@ -134,7 +134,7 @@
#define HAVE_HYPOTF 1
/* Define to 1 if you have the `hypotl' function. */
/* #undef HAVE_HYPOTL */
#define HAVE_HYPOTL 1
/* Define to 1 if you have the `iconv' function. */
/* #undef HAVE_ICONV */
@ -293,7 +293,7 @@
#define HAVE_SQRTF 1
/* Define to 1 if you have the `sqrtl' function. */
/* #undef HAVE_SQRTL */
#define HAVE_SQRTL 1
/* Define to 1 if you have the <stdbool.h> header file. */
#define HAVE_STDBOOL_H 1
@ -304,6 +304,12 @@
/* Define to 1 if you have the <stdlib.h> header file. */
#define HAVE_STDLIB_H 1
/* Define if strerror_l is available in <string.h>. */
/* #undef HAVE_STRERROR_L */
/* Define if strerror_r is available in <string.h>. */
#define HAVE_STRERROR_R 1
/* Define to 1 if you have the <strings.h> header file. */
#define HAVE_STRINGS_H 1
@ -316,6 +322,9 @@
/* Define to 1 if you have the `strtold' function. */
#define HAVE_STRTOLD 1
/* Define if strxfrm_l is available in <string.h>. */
/* #undef HAVE_STRXFRM_L */
/* Define to 1 if you have the <sys/filio.h> header file. */
#define HAVE_SYS_FILIO_H 1

4
gnu/usr.bin/gdb/kgdb/kgdb.1
View File

@ -33,6 +33,7 @@
.Sh SYNOPSIS
.Nm
.Op Fl a | Fl f | Fl fullname
.Op Fl b Ar rate
.Op Fl q | Fl quiet
.Op Fl v
.Op Fl w
@ -62,6 +63,9 @@ The
or
.Fl fullname
options are supported for backward compatibility as well.
.It Fl b Ar rate
Set the baudrate to
.Ar rate .
.It Fl q
Suppress printing of the banner when the debugger starts.
The

2
gnu/usr.bin/gdb/kgdb/kgdb.h
View File

@ -49,6 +49,8 @@ extern struct kthr *curkthr;
void initialize_kld_target(void);
void initialize_kgdb_target(void);
void kgdb_dmesg(void);
CORE_ADDR kgdb_trgt_core_pcb(u_int);
CORE_ADDR kgdb_trgt_stop_pcb(u_int, u_int);
void kgdb_trgt_new_objfile(struct objfile *);
void kgdb_trgt_fetch_registers(int);
void kgdb_trgt_store_registers(int);

9
gnu/usr.bin/gdb/kgdb/kthr.c
View File

@ -44,12 +44,10 @@ __FBSDID("$FreeBSD$");
#include <frame-unwind.h>
#include "kgdb.h"
#include <machine/pcb.h>
static CORE_ADDR dumppcb;
static int dumptid;
static CORE_ADDR stoppcbs;
static cpuset_t stopped_cpus;
static struct kthr *first;
@ -98,10 +96,9 @@ kgdb_thr_add_procs(uintptr_t paddr)
kt->kaddr = addr;
if (td.td_tid == dumptid)
kt->pcb = dumppcb;
else if (td.td_state == TDS_RUNNING && stoppcbs != 0 &&
else if (td.td_state == TDS_RUNNING &&
CPU_ISSET(td.td_oncpu, &stopped_cpus))
kt->pcb = (uintptr_t)stoppcbs +
sizeof(struct pcb) * td.td_oncpu;
kt->pcb = kgdb_trgt_core_pcb(td.td_oncpu);
else
kt->pcb = (uintptr_t)td.td_pcb;
kt->kstack = td.td_kstack;
@ -152,8 +149,6 @@ kgdb_thr_init(void)
addr != 0)
kvm_read(kvm, addr, &stopped_cpus, cpusetsize);
stoppcbs = kgdb_lookup("stoppcbs");
kgdb_thr_add_procs(paddr);
addr = kgdb_lookup("zombproc");
if (addr != 0) {

19
gnu/usr.bin/gdb/kgdb/main.c
View File

@ -83,7 +83,7 @@ usage(void)
{
fprintf(stderr,
"usage: %s [-afqvw] [-d crashdir] [-c core | -n dumpnr | -r device]\n"
"usage: %s [-afqvw] [-b rate] [-d crashdir] [-c core | -n dumpnr | -r device]\n"
"\t[kernel [core]]\n", getprogname());
exit(1);
}
@ -338,19 +338,18 @@ main(int argc, char *argv[])
case 'a':
annotation_level++;
break;
case 'b':
{
int i;
char *p;
case 'b': {
int i;
char *p;
i = strtol (optarg, &p, 0);
if (i == 0 && p == optarg)
i = strtol(optarg, &p, 0);
if (*p != '\0' || p == optarg)
warnx("warning: could not set baud rate to `%s'.\n",
optarg);
else
baud_rate = i;
}
else
baud_rate = i;
break;
}
case 'c': /* use given core file. */
if (vmcore != NULL) {
warnx("option %c: can only be specified once",

17
gnu/usr.bin/gdb/kgdb/trgt.c
View File

@ -53,6 +53,8 @@ __FBSDID("$FreeBSD$");
#include "kgdb.h"
static CORE_ADDR stoppcbs;
static void kgdb_core_cleanup(void *);
static char *vmcore;
@ -352,3 +354,18 @@ initialize_kgdb_target(void)
add_com ("tid", class_obscure, kgdb_set_tid_cmd,
"Set current thread context");
}
CORE_ADDR
kgdb_trgt_stop_pcb(u_int cpuid, u_int pcbsz)
{
static int once = 0;
if (stoppcbs == 0 && !once) {
once = 1;
stoppcbs = kgdb_lookup("stoppcbs");
}
if (stoppcbs == 0)
return 0;
return (stoppcbs + pcbsz * cpuid);
}

6
gnu/usr.bin/gdb/kgdb/trgt_amd64.c
View File

@ -44,6 +44,12 @@ __FBSDID("$FreeBSD$");
#include "kgdb.h"
CORE_ADDR
kgdb_trgt_core_pcb(u_int cpuid)
{
return (kgdb_trgt_stop_pcb(cpuid, sizeof(struct pcb)));
}
void
kgdb_trgt_fetch_registers(int regno __unused)
{

6
gnu/usr.bin/gdb/kgdb/trgt_arm.c
View File

@ -47,6 +47,12 @@ __FBSDID("$FreeBSD$");
#include "kgdb.h"
CORE_ADDR
kgdb_trgt_core_pcb(u_int cpuid)
{
return (kgdb_trgt_stop_pcb(cpuid, sizeof(struct pcb)));
}
void
kgdb_trgt_fetch_registers(int regno __unused)
{

6
gnu/usr.bin/gdb/kgdb/trgt_i386.c
View File

@ -49,6 +49,12 @@ __FBSDID("$FreeBSD$");
static int ofs_fix;
CORE_ADDR
kgdb_trgt_core_pcb(u_int cpuid)
{
return (kgdb_trgt_stop_pcb(cpuid, sizeof(struct pcb)));
}
void
kgdb_trgt_fetch_registers(int regno __unused)
{

12
gnu/usr.bin/gdb/kgdb/trgt_ia64.c
View File

@ -52,6 +52,18 @@ __FBSDID("$FreeBSD$");
#include "kgdb.h"
CORE_ADDR
kgdb_trgt_core_pcb(u_int cpuid)
{
CORE_ADDR addr;
char *expr;
asprintf(&expr, "&cpuid_to_pcpu[%d]->pc_md.pcb", cpuid);
addr = kgdb_parse(expr);
free(expr);
return (addr);
}
void
kgdb_trgt_fetch_registers(int regno __unused)
{

6
gnu/usr.bin/gdb/kgdb/trgt_mips.c
View File

@ -52,6 +52,12 @@ __FBSDID("$FreeBSD$");
#include "kgdb.h"
CORE_ADDR
kgdb_trgt_core_pcb(u_int cpuid)
{
return (kgdb_trgt_stop_pcb(cpuid, sizeof(struct pcb)));
}
void
kgdb_trgt_fetch_registers(int regno __unused)
{

6
gnu/usr.bin/gdb/kgdb/trgt_powerpc.c
View File

@ -49,6 +49,12 @@ __FBSDID("$FreeBSD$");
#include "kgdb.h"
CORE_ADDR
kgdb_trgt_core_pcb(u_int cpuid)
{
return (kgdb_trgt_stop_pcb(cpuid, sizeof(struct pcb)));
}
void
kgdb_trgt_fetch_registers(int regno __unused)
{

6
gnu/usr.bin/gdb/kgdb/trgt_powerpc64.c
View File

@ -44,6 +44,12 @@ __FBSDID("$FreeBSD$");
#include "kgdb.h"
CORE_ADDR
kgdb_trgt_core_pcb(u_int cpuid)
{
return (kgdb_trgt_stop_pcb(cpuid, sizeof(struct pcb)));
}
void
kgdb_trgt_fetch_registers(int regno __unused)
{

6
gnu/usr.bin/gdb/kgdb/trgt_sparc64.c
View File

@ -46,6 +46,12 @@ __FBSDID("$FreeBSD$");
#include "kgdb.h"
CORE_ADDR
kgdb_trgt_core_pcb(u_int cpuid)
{
return (kgdb_trgt_stop_pcb(cpuid, sizeof(struct pcb)));
}
void
kgdb_trgt_fetch_registers(int regno __unused)
{

543
lib/libc/gen/Makefile.inc
View File

@ -4,37 +4,144 @@
# machine-independent gen sources
.PATH: ${.CURDIR}/${LIBC_ARCH}/gen ${.CURDIR}/gen
SRCS+= __getosreldate.c __xuname.c \
_once_stub.c _pthread_stubs.c _rand48.c _spinlock_stub.c \
SRCS+= __getosreldate.c \
__xuname.c \
_once_stub.c \
_pthread_stubs.c \
_rand48.c \
_spinlock_stub.c \
_thread_init.c \
alarm.c arc4random.c assert.c auxv.c basename.c check_utility_compat.c \
clock.c clock_getcpuclockid.c closedir.c confstr.c \
crypt.c ctermid.c daemon.c devname.c dirfd.c dirname.c disklabel.c \
dlfcn.c drand48.c elf_utils.c erand48.c err.c errlst.c errno.c \
exec.c fdevname.c feature_present.c fmtcheck.c fmtmsg.c fnmatch.c \
fpclassify.c frexp.c fstab.c ftok.c fts.c fts-compat.c ftw.c \
getbootfile.c getbsize.c \
getcap.c getcwd.c getdomainname.c getgrent.c getgrouplist.c \
gethostname.c getloadavg.c getlogin.c getmntinfo.c getnetgrent.c \
getosreldate.c getpagesize.c getpagesizes.c \
getpeereid.c getprogname.c getpwent.c getttyent.c \
getusershell.c getutxent.c getvfsbyname.c glob.c \
initgroups.c isatty.c isinf.c isnan.c jrand48.c lcong48.c \
alarm.c \
arc4random.c \
assert.c \
auxv.c \
basename.c \
check_utility_compat.c \
clock.c \
clock_getcpuclockid.c \
closedir.c \
confstr.c \
crypt.c \
ctermid.c \
daemon.c \
devname.c \
dirfd.c \
dirname.c \
disklabel.c \
dlfcn.c \
drand48.c \
elf_utils.c \
erand48.c \
err.c \
errlst.c \
errno.c \
exec.c \
fdevname.c \
feature_present.c \
fmtcheck.c \
fmtmsg.c \
fnmatch.c \
fpclassify.c \
frexp.c \
fstab.c \
ftok.c \
fts.c \
fts-compat.c \
ftw.c \
getbootfile.c \
getbsize.c \
getcap.c \
getcwd.c \
getdomainname.c \
getgrent.c \
getgrouplist.c \
gethostname.c \
getloadavg.c \
getlogin.c \
getmntinfo.c \
getnetgrent.c \
getosreldate.c \
getpagesize.c \
getpagesizes.c \
getpeereid.c \
getprogname.c \
getpwent.c \
getttyent.c \
getusershell.c \
getutxent.c \
getvfsbyname.c \
glob.c \
initgroups.c \
isatty.c \
isinf.c \
isnan.c \
jrand48.c \
lcong48.c \
libc_dlopen.c \
lockf.c lrand48.c mrand48.c nftw.c nice.c \
nlist.c nrand48.c opendir.c \
pause.c pmadvise.c popen.c posix_spawn.c \
psignal.c pututxline.c pw_scan.c \
raise.c readdir.c readpassphrase.c rewinddir.c \
scandir.c seed48.c seekdir.c semctl.c \
setdomainname.c sethostname.c setjmperr.c setmode.c \
setproctitle.c setprogname.c siginterrupt.c siglist.c signal.c \
sigsetops.c sleep.c srand48.c statvfs.c stringlist.c strtofflags.c \
sysconf.c sysctl.c sysctlbyname.c sysctlnametomib.c \
syslog.c telldir.c termios.c time.c times.c timezone.c tls.c \
ttyname.c ttyslot.c ualarm.c ulimit.c uname.c unvis-compat.c \
usleep.c utime.c utxdb.c valloc.c wait.c wait3.c waitpid.c \
waitid.c wordexp.c
lockf.c \
lrand48.c \
mrand48.c \
nftw.c \
nice.c \
nlist.c \
nrand48.c \
opendir.c \
pause.c \
pmadvise.c \
popen.c \
posix_spawn.c \
psignal.c \
pututxline.c \
pw_scan.c \
raise.c \
readdir.c \
readpassphrase.c \
rewinddir.c \
scandir.c \
seed48.c \
seekdir.c \
semctl.c \
setdomainname.c \
sethostname.c \
setjmperr.c \
setmode.c \
setproctitle.c \
setprogname.c \
siginterrupt.c \
siglist.c \
signal.c \
sigsetops.c \
sleep.c \
srand48.c \
statvfs.c \
stringlist.c \
strtofflags.c \
sysconf.c \
sysctl.c \
sysctlbyname.c \
sysctlnametomib.c \
syslog.c \
telldir.c \
termios.c \
time.c \
times.c \
timezone.c \
tls.c \
ttyname.c \
ttyslot.c \
ualarm.c \
ulimit.c \
uname.c \
unvis-compat.c \
usleep.c \
utime.c \
utxdb.c \
valloc.c \
wait.c \
wait3.c \
waitpid.c \
waitid.c \
wordexp.c
.PATH: ${.CURDIR}/../../contrib/libc-pwcache
SRCS+= pwcache.c pwcache.h
@ -58,101 +165,257 @@ SYM_MAPS+=${.CURDIR}/gen/Symbol.map
# machine-dependent gen sources
.sinclude "${.CURDIR}/${LIBC_ARCH}/gen/Makefile.inc"
MAN+= alarm.3 arc4random.3 \
basename.3 check_utility_compat.3 clock.3 clock_getcpuclockid.3 \
confstr.3 ctermid.3 daemon.3 devname.3 directory.3 dirname.3 \
dl_iterate_phdr.3 dladdr.3 dlinfo.3 dllockinit.3 dlopen.3 \
err.3 exec.3 \
feature_present.3 fmtcheck.3 fmtmsg.3 fnmatch.3 fpclassify.3 frexp.3 \
ftok.3 fts.3 ftw.3 \
getbootfile.3 getbsize.3 getcap.3 getcontext.3 getcwd.3 \
getdiskbyname.3 getdomainname.3 getfsent.3 \
getgrent.3 getgrouplist.3 gethostname.3 getloadavg.3 \
getmntinfo.3 getnetgrent.3 getosreldate.3 getpagesize.3 \
getpagesizes.3 getpass.3 getpeereid.3 getprogname.3 getpwent.3 \
getttyent.3 getusershell.3 getutxent.3 getvfsbyname.3 \
glob.3 initgroups.3 isgreater.3 ldexp.3 lockf.3 makecontext.3 \
MAN+= alarm.3 \
arc4random.3 \
basename.3 \
check_utility_compat.3 \
clock.3 \
clock_getcpuclockid.3 \
confstr.3 \
ctermid.3 \
daemon.3 \
devname.3 \
directory.3 \
dirname.3 \
dl_iterate_phdr.3 \
dladdr.3 \
dlinfo.3 \
dllockinit.3 \
dlopen.3 \
err.3 \
exec.3 \
feature_present.3 \
fmtcheck.3 \
fmtmsg.3 \
fnmatch.3 \
fpclassify.3 \
frexp.3 \
ftok.3 \
fts.3 \
ftw.3 \
getbootfile.3 \
getbsize.3 \
getcap.3 \
getcontext.3 \
getcwd.3 \
getdiskbyname.3 \
getdomainname.3 \
getfsent.3 \
getgrent.3 \
getgrouplist.3 \
gethostname.3 \
getloadavg.3 \
getmntinfo.3 \
getnetgrent.3 \
getosreldate.3 \
getpagesize.3 \
getpagesizes.3 \
getpass.3 \
getpeereid.3 \
getprogname.3 \
getpwent.3 \
getttyent.3 \
getusershell.3 \
getutxent.3 \
getvfsbyname.3 \
glob.3 \
initgroups.3 \
isgreater.3 \
ldexp.3 \
lockf.3 \
makecontext.3 \
modf.3 \
nice.3 nlist.3 pause.3 popen.3 \
posix_spawn.3 posix_spawn_file_actions_addopen.3 \
posix_spawn_file_actions_init.3 posix_spawnattr_getflags.3 \
posix_spawnattr_getpgroup.3 posix_spawnattr_getschedparam.3 \
posix_spawnattr_getschedpolicy.3 posix_spawnattr_init.3 \
posix_spawnattr_getsigdefault.3 posix_spawnattr_getsigmask.3 \
psignal.3 pwcache.3 \
raise.3 rand48.3 readpassphrase.3 rfork_thread.3 \
scandir.3 sem_destroy.3 sem_getvalue.3 sem_init.3 \
sem_open.3 sem_post.3 sem_timedwait.3 sem_wait.3 \
setjmp.3 setmode.3 setproctitle.3 \
siginterrupt.3 signal.3 sigsetops.3 sleep.3 \
statvfs.3 stringlist.3 \
strtofflags.3 sysconf.3 sysctl.3 syslog.3 tcgetpgrp.3 tcgetsid.3 \
tcsendbreak.3 tcsetattr.3 tcsetpgrp.3 tcsetsid.3 time.3 times.3 \
timezone.3 ttyname.3 tzset.3 ualarm.3 ucontext.3 ulimit.3 uname.3 \
unvis.3 usleep.3 utime.3 valloc.3 vis.3 wordexp.3
nice.3 \
nlist.3 \
pause.3 \
popen.3 \
posix_spawn.3 \
posix_spawn_file_actions_addopen.3 \
posix_spawn_file_actions_init.3 \
posix_spawnattr_getflags.3 \
posix_spawnattr_getpgroup.3 \
posix_spawnattr_getschedparam.3 \
posix_spawnattr_getschedpolicy.3 \
posix_spawnattr_init.3 \
posix_spawnattr_getsigdefault.3 \
posix_spawnattr_getsigmask.3 \
psignal.3 \
pwcache.3 \
raise.3 \
rand48.3 \
readpassphrase.3 \
rfork_thread.3 \
scandir.3 \
sem_destroy.3 \
sem_getvalue.3 \
sem_init.3 \
sem_open.3 \
sem_post.3 \
sem_timedwait.3 \
sem_wait.3 \
setjmp.3 \
setmode.3 \
setproctitle.3 \
siginterrupt.3 \
signal.3 \
sigsetops.3 \
sleep.3 \
statvfs.3 \
stringlist.3 \
strtofflags.3 \
sysconf.3 \
sysctl.3 \
syslog.3 \
tcgetpgrp.3 \
tcgetsid.3 \
tcsendbreak.3 \
tcsetattr.3 \
tcsetpgrp.3 \
tcsetsid.3 \
time.3 \
times.3 \
timezone.3 \
ttyname.3 \
tzset.3 \
ualarm.3 \
ucontext.3 \
ulimit.3 \
uname.3 \
unvis.3 \
usleep.3 \
utime.3 \
valloc.3 \
vis.3 \
wordexp.3
MLINKS+=arc4random.3 arc4random_addrandom.3 arc4random.3 arc4random_stir.3 \
arc4random.3 arc4random_buf.3 arc4random.3 arc4random_uniform.3
MLINKS+=arc4random.3 arc4random_addrandom.3 \
arc4random.3 arc4random_stir.3 \
arc4random.3 arc4random_buf.3 \
arc4random.3 arc4random_uniform.3
MLINKS+=basename.3 basename_r.3
MLINKS+=ctermid.3 ctermid_r.3
MLINKS+=devname.3 devname_r.3
MLINKS+=devname.3 fdevname.3
MLINKS+=devname.3 fdevname_r.3
MLINKS+=directory.3 closedir.3 directory.3 dirfd.3 directory.3 opendir.3 \
MLINKS+=directory.3 closedir.3 \
directory.3 dirfd.3 \
directory.3 opendir.3 \
directory.3 fdopendir.3 \
directory.3 readdir.3 directory.3 readdir_r.3 directory.3 rewinddir.3 \
directory.3 seekdir.3 directory.3 telldir.3
MLINKS+=dlopen.3 fdlopen.3 dlopen.3 dlclose.3 dlopen.3 dlerror.3 \
dlopen.3 dlfunc.3 dlopen.3 dlsym.3
MLINKS+=err.3 err_set_exit.3 err.3 err_set_file.3 err.3 errc.3 err.3 errx.3 \
err.3 verr.3 err.3 verrc.3 err.3 verrx.3 err.3 vwarn.3 err.3 vwarnc.3 \
err.3 vwarnx.3 err.3 warnc.3 err.3 warn.3 err.3 warnx.3
MLINKS+=exec.3 execl.3 exec.3 execle.3 exec.3 execlp.3 exec.3 exect.3 \
exec.3 execv.3 exec.3 execvP.3 exec.3 execvp.3
MLINKS+=fpclassify.3 finite.3 fpclassify.3 finitef.3 \
fpclassify.3 isfinite.3 fpclassify.3 isinf.3 fpclassify.3 isnan.3 \
directory.3 readdir.3 \
directory.3 readdir_r.3 \
directory.3 rewinddir.3 \
directory.3 seekdir.3 \
directory.3 telldir.3
MLINKS+=dlopen.3 fdlopen.3 \
dlopen.3 dlclose.3 \
dlopen.3 dlerror.3 \
dlopen.3 dlfunc.3 \
dlopen.3 dlsym.3
MLINKS+=err.3 err_set_exit.3 \
err.3 err_set_file.3 \
err.3 errc.3 \
err.3 errx.3 \
err.3 verr.3 \
err.3 verrc.3 \
err.3 verrx.3 \
err.3 vwarn.3 \
err.3 vwarnc.3 \
err.3 vwarnx.3 \
err.3 warnc.3 \
err.3 warn.3 \
err.3 warnx.3
MLINKS+=exec.3 execl.3 \
exec.3 execle.3 \
exec.3 execlp.3 \
exec.3 exect.3 \
exec.3 execv.3 \
exec.3 execvP.3 \
exec.3 execvp.3
MLINKS+=fpclassify.3 finite.3 \
fpclassify.3 finitef.3 \
fpclassify.3 isfinite.3 \
fpclassify.3 isinf.3 \
fpclassify.3 isnan.3 \
fpclassify.3 isnormal.3
MLINKS+=frexp.3 frexpf.3 frexp.3 frexpl.3
MLINKS+=fts.3 fts_children.3 fts.3 fts_close.3 fts.3 fts_open.3 \
fts.3 fts_read.3 fts.3 fts_set.3 fts.3 fts_set_clientptr.3 \
fts.3 fts_get_clientptr.3 fts.3 fts_get_stream.3
MLINKS+=frexp.3 frexpf.3 \
frexp.3 frexpl.3
MLINKS+=fts.3 fts_children.3 \
fts.3 fts_close.3 \
fts.3 fts_open.3 \
fts.3 fts_read.3 \
fts.3 fts_set.3 \
fts.3 fts_set_clientptr.3 \
fts.3 fts_get_clientptr.3 \
fts.3 fts_get_stream.3
MLINKS+=ftw.3 nftw.3
MLINKS+=getcap.3 cgetcap.3 getcap.3 cgetclose.3 getcap.3 cgetent.3 \
getcap.3 cgetfirst.3 getcap.3 cgetmatch.3 getcap.3 cgetnext.3 \
getcap.3 cgetnum.3 getcap.3 cgetset.3 getcap.3 cgetstr.3 \
MLINKS+=getcap.3 cgetcap.3 \
getcap.3 cgetclose.3 \
getcap.3 cgetent.3 \
getcap.3 cgetfirst.3 \
getcap.3 cgetmatch.3 \
getcap.3 cgetnext.3 \
getcap.3 cgetnum.3 \
getcap.3 cgetset.3 \
getcap.3 cgetstr.3 \
getcap.3 cgetustr.3
MLINKS+=getcwd.3 getwd.3
MLINKS+=getcontext.3 setcontext.3
MLINKS+=getdomainname.3 setdomainname.3
MLINKS+=getfsent.3 endfsent.3 getfsent.3 getfsfile.3 getfsent.3 getfsspec.3 \
getfsent.3 getfstype.3 getfsent.3 setfsent.3 \
getfsent.3 setfstab.3 getfsent.3 getfstab.3
MLINKS+=getgrent.3 endgrent.3 getgrent.3 getgrgid.3 getgrent.3 getgrnam.3 \
getgrent.3 setgrent.3 getgrent.3 setgroupent.3 \
getgrent.3 getgrent_r.3 getgrent.3 getgrnam_r.3 getgrent.3 getgrgid_r.3
MLINKS+=getfsent.3 endfsent.3 \
getfsent.3 getfsfile.3 \
getfsent.3 getfsspec.3 \
getfsent.3 getfstype.3 \
getfsent.3 setfsent.3 \
getfsent.3 setfstab.3 \
getfsent.3 getfstab.3
MLINKS+=getgrent.3 endgrent.3 \
getgrent.3 getgrgid.3 \
getgrent.3 getgrnam.3 \
getgrent.3 setgrent.3 \
getgrent.3 setgroupent.3 \
getgrent.3 getgrent_r.3 \
getgrent.3 getgrnam_r.3 \
getgrent.3 getgrgid_r.3
MLINKS+=gethostname.3 sethostname.3
MLINKS+=getnetgrent.3 endnetgrent.3 getnetgrent.3 innetgr.3 \
MLINKS+=getnetgrent.3 endnetgrent.3 \
getnetgrent.3 innetgr.3 \
getnetgrent.3 setnetgrent.3
MLINKS+=getprogname.3 setprogname.3
MLINKS+=getpwent.3 endpwent.3 getpwent.3 getpwnam.3 getpwent.3 getpwuid.3 \
getpwent.3 setpassent.3 getpwent.3 setpwent.3 getpwent.3 setpwfile.3 \
getpwent.3 getpwent_r.3 getpwent.3 getpwnam_r.3 \
MLINKS+=getpwent.3 endpwent.3 \
getpwent.3 getpwnam.3 \
getpwent.3 getpwuid.3 \
getpwent.3 setpassent.3 \
getpwent.3 setpwent.3 \
getpwent.3 setpwfile.3 \
getpwent.3 getpwent_r.3 \
getpwent.3 getpwnam_r.3 \
getpwent.3 getpwuid_r.3
MLINKS+=getttyent.3 endttyent.3 getttyent.3 getttynam.3 \
getttyent.3 isdialuptty.3 getttyent.3 isnettty.3 \
MLINKS+=getttyent.3 endttyent.3 \
getttyent.3 getttynam.3 \
getttyent.3 isdialuptty.3 \
getttyent.3 isnettty.3 \
getttyent.3 setttyent.3
MLINKS+=getusershell.3 endusershell.3 getusershell.3 setusershell.3
MLINKS+=getutxent.3 endutxent.3 getutxent.3 getutxid.3 \
getutxent.3 getutxline.3 getutxent.3 getutxuser.3 \
getutxent.3 pututxline.3 getutxent.3 setutxdb.3 \
getutxent.3 setutxent.3 getutxent.3 utmpx.3
MLINKS+=getusershell.3 endusershell.3 \
getusershell.3 setusershell.3
MLINKS+=getutxent.3 endutxent.3 \
getutxent.3 getutxid.3 \
getutxent.3 getutxline.3 \
getutxent.3 getutxuser.3 \
getutxent.3 pututxline.3 \
getutxent.3 setutxdb.3 \
getutxent.3 setutxent.3 \
getutxent.3 utmpx.3
MLINKS+=glob.3 globfree.3
MLINKS+=isgreater.3 isgreaterequal.3 isgreater.3 isless.3 \
isgreater.3 islessequal.3 isgreater.3 islessgreater.3 \
MLINKS+=isgreater.3 isgreaterequal.3 \
isgreater.3 isless.3 \
isgreater.3 islessequal.3 \
isgreater.3 islessgreater.3 \
isgreater.3 isunordered.3
MLINKS+=ldexp.3 ldexpf.3 ldexp.3 ldexpl.3
MLINKS+=ldexp.3 ldexpf.3 \
ldexp.3 ldexpl.3
MLINKS+=makecontext.3 swapcontext.3
MLINKS+=modf.3 modff.3 modf.3 modfl.3
MLINKS+=modf.3 modff.3 \
modf.3 modfl.3
MLINKS+=popen.3 pclose.3
MLINKS+=posix_spawn.3 posix_spawnp.3 \
posix_spawn_file_actions_addopen.3 posix_spawn_file_actions_addclose.3 \
@ -165,36 +428,66 @@ MLINKS+=posix_spawn.3 posix_spawnp.3 \
posix_spawnattr_getsigdefault.3 posix_spawnattr_setsigdefault.3 \
posix_spawnattr_getsigmask.3 posix_spawnattr_setsigmask.3 \
posix_spawnattr_init.3 posix_spawnattr_destroy.3
MLINKS+=psignal.3 strsignal.3 psignal.3 sys_siglist.3 psignal.3 sys_signame.3
MLINKS+=pwcache.3 group_from_gid.3 pwcache.3 user_from_uid.3
MLINKS+=rand48.3 _rand48.3 rand48.3 drand48.3 rand48.3 erand48.3 \
rand48.3 jrand48.3 rand48.3 lcong48.3 rand48.3 lrand48.3 \
rand48.3 mrand48.3 rand48.3 nrand48.3 rand48.3 seed48.3 \
MLINKS+=psignal.3 strsignal.3 \
psignal.3 sys_siglist.3 \
psignal.3 sys_signame.3
MLINKS+=pwcache.3 group_from_gid.3 \
pwcache.3 user_from_uid.3
MLINKS+=rand48.3 _rand48.3 \
rand48.3 drand48.3 \
rand48.3 erand48.3 \
rand48.3 jrand48.3 \
rand48.3 lcong48.3 \
rand48.3 lrand48.3 \
rand48.3 mrand48.3 \
rand48.3 nrand48.3 \
rand48.3 seed48.3 \
rand48.3 srand48.3
MLINKS+=scandir.3 alphasort.3
MLINKS+=sem_open.3 sem_close.3 sem_open.3 sem_unlink.3
MLINKS+=sem_open.3 sem_close.3 \
sem_open.3 sem_unlink.3
MLINKS+=sem_wait.3 sem_trywait.3
MLINKS+=setjmp.3 _longjmp.3 setjmp.3 _setjmp.3 setjmp.3 longjmp.3 \
setjmp.3 longjmperr.3 setjmp.3 longjmperror.3 \
setjmp.3 siglongjmp.3 setjmp.3 sigsetjmp.3
MLINKS+=setjmp.3 _longjmp.3 \
setjmp.3 _setjmp.3 \
setjmp.3 longjmp.3 \
setjmp.3 longjmperr.3 \
setjmp.3 longjmperror.3 \
setjmp.3 siglongjmp.3 \
setjmp.3 sigsetjmp.3
MLINKS+=setmode.3 getmode.3
MLINKS+=sigsetops.3 sigaddset.3 sigsetops.3 sigdelset.3 \
sigsetops.3 sigemptyset.3 sigsetops.3 sigfillset.3 \
MLINKS+=sigsetops.3 sigaddset.3 \
sigsetops.3 sigdelset.3 \
sigsetops.3 sigemptyset.3 \
sigsetops.3 sigfillset.3 \
sigsetops.3 sigismember.3
MLINKS+=statvfs.3 fstatvfs.3
MLINKS+=stringlist.3 sl_add.3 stringlist.3 sl_find.3 \
stringlist.3 sl_free.3 stringlist.3 sl_init.3
MLINKS+=stringlist.3 sl_add.3 \
stringlist.3 sl_find.3 \
stringlist.3 sl_free.3 \
stringlist.3 sl_init.3
MLINKS+=strtofflags.3 fflagstostr.3
MLINKS+=sysctl.3 sysctlbyname.3 sysctl.3 sysctlnametomib.3
MLINKS+=syslog.3 closelog.3 syslog.3 openlog.3 syslog.3 setlogmask.3 \
MLINKS+=sysctl.3 sysctlbyname.3 \
sysctl.3 sysctlnametomib.3
MLINKS+=syslog.3 closelog.3 \
syslog.3 openlog.3 \
syslog.3 setlogmask.3 \
syslog.3 vsyslog.3
MLINKS+=tcsendbreak.3 tcdrain.3 tcsendbreak.3 tcflow.3 tcsendbreak.3 tcflush.3
MLINKS+=tcsetattr.3 cfgetispeed.3 tcsetattr.3 cfgetospeed.3 \
tcsetattr.3 cfmakeraw.3 tcsetattr.3 cfmakesane.3 \
tcsetattr.3 cfsetispeed.3 tcsetattr.3 cfsetospeed.3 \
tcsetattr.3 cfsetspeed.3 tcsetattr.3 tcgetattr.3
MLINKS+=ttyname.3 isatty.3 ttyname.3 ttyname_r.3
MLINKS+=tcsendbreak.3 tcdrain.3 \
tcsendbreak.3 tcflow.3 \
tcsendbreak.3 tcflush.3
MLINKS+=tcsetattr.3 cfgetispeed.3 \
tcsetattr.3 cfgetospeed.3 \
tcsetattr.3 cfmakeraw.3 \
tcsetattr.3 cfmakesane.3 \
tcsetattr.3 cfsetispeed.3 \
tcsetattr.3 cfsetospeed.3 \
tcsetattr.3 cfsetspeed.3 \
tcsetattr.3 tcgetattr.3
MLINKS+=ttyname.3 isatty.3 \
ttyname.3 ttyname_r.3
MLINKS+=tzset.3 tzsetwall.3
MLINKS+=unvis.3 strunvis.3 unvis.3 strunvisx.3
MLINKS+=vis.3 strvis.3 vis.3 strvisx.3
MLINKS+=unvis.3 strunvis.3 \
unvis.3 strunvisx.3
MLINKS+=vis.3 strvis.3 \
vis.3 strvisx.3
MLINKS+=wordexp.3 wordfree.3

16
lib/libc/gen/sem_new.c
View File

@ -198,15 +198,11 @@ _sem_open(const char *name, int flags, ...)
goto error;
}
fd = _open(path, flags|O_RDWR|O_CLOEXEC, mode);
fd = _open(path, flags|O_RDWR|O_CLOEXEC|O_EXLOCK, mode);
if (fd == -1)
goto error;
if (flock(fd, LOCK_EX) == -1)
if (_fstat(fd, &sb))
goto error;
if (_fstat(fd, &sb)) {
flock(fd, LOCK_UN);
goto error;
}
if (sb.st_size < sizeof(sem_t)) {
sem_t tmp;
@ -214,10 +210,8 @@ _sem_open(const char *name, int flags, ...)
tmp._kern._has_waiters = 0;
tmp._kern._count = value;
tmp._kern._flags = USYNC_PROCESS_SHARED | SEM_NAMED;
if (_write(fd, &tmp, sizeof(tmp)) != sizeof(tmp)) {
flock(fd, LOCK_UN);
if (_write(fd, &tmp, sizeof(tmp)) != sizeof(tmp))
goto error;
}
}
flock(fd, LOCK_UN);
sem = (sem_t *)mmap(NULL, sizeof(sem_t), PROT_READ|PROT_WRITE,
@ -235,18 +229,18 @@ _sem_open(const char *name, int flags, ...)
ni->open_count = 1;
ni->sem = sem;
LIST_INSERT_HEAD(&sem_list, ni, next);
_pthread_mutex_unlock(&sem_llock);
_close(fd);
_pthread_mutex_unlock(&sem_llock);
return (sem);
error:
errsave = errno;
_pthread_mutex_unlock(&sem_llock);
if (fd != -1)
_close(fd);
if (sem != NULL)
munmap(sem, sizeof(sem_t));
free(ni);
_pthread_mutex_unlock(&sem_llock);
errno = errsave;
return (SEM_FAILED);
}

5
lib/libc/stdio/setbuf.3
View File

@ -32,7 +32,7 @@
.\" @(#)setbuf.3 8.1 (Berkeley) 6/4/93
.\" $FreeBSD$
.\"
.Dd February 15, 2013
.Dd February 18, 2013
.Dt SETBUF 3
.Os
.Sh NAME
@ -195,3 +195,6 @@ and
functions
conform to
.St -isoC .
.Sh BUGS
.Fn setbuf
usually uses a suboptimal buffer size and should be avoided.

Some files were not shown because too many files have changed in this diff Show More