[-]
[+]
|
Changed |
ldns.changes
|
|
[-]
[+]
|
Changed |
ldns.spec
^
|
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/Changelog
^
|
@@ -1,3 +1,35 @@
+1.6.10
+ * New example tool added: ldns-gen-zone.
+ * bugfix #359: Serial-arithmetic for the inception and expiration
+ fields of a RRSIG and correctly converting them to broken-out time
+ information.
+ * bugfix #364: Slight performance increase of ldns-verifyzone.
+ * bugfix #367: Fix to allow glue records with the same name as the
+ delegation.
+ * Fix ldns-verifyzone to allow NSEC3-less records for NS rrsets *and*
+ glue when the zone is opt-out.
+ * bugfix #376: Adapt ldns_nsec3_salt, ldns_nsec3_iterations,
+ ldns_nsec3_flags and ldns_nsec3_algorithm to work for NSEC3PARAMS too.
+ * pyldns memory leaks fixed by Bedrich Kosata (at the cost of a bit
+ performance)
+ * Better handling of reference variables in ldns_rr_new_frm_fp_l from
+ pyldns, with a very nice generator function by Bedrich Kosata.
+ * Decoupling of the rdfs in rrs in the python wrappers to enable
+ the python garbage collector by Bedrich Kosata.
+ * bugfix #380: Minimizing effect of discrepancies in sizeof(bool) at
+ build time and when used.
+ * bugfix #383: Fix detection of empty nonterminals of multiple labels.
+ * Fixed the ommission of rrsets in nsec(3)s and rrsigs to all occluded
+ names (in stead of just the ones that contain glue only) and all
+ occluded records on the delegation points (in stead of just the glue).
+ * Clarify the operation of ldns_dnssec_mark_glue and the usage of
+ ldns_dnssec_node_next_nonglue functions in the documentation.
+ * Added function ldns_dnssec_mark_and_get_glue as an real fast
+ alternative for ldns_zone_glue_rr_list.
+ * Fix parse buffer overflow for max length domain names.
+ * Fix Makefile for U in environment, since wrong U is more common than
+ deansification necessity.
+
1.6.9 2011-03-16
* Fix creating NSEC(3) bitmaps: make array size 65536,
don't add doubles.
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/Makefile.in
^
|
@@ -32,6 +32,10 @@
libtool = $(glibtool)
endif
+# override $U variable which is used by autotools for deansification (for
+# K&R C compilers), but causes problems if $U is defined in the env).
+U=
+
CC = @CC@
ifeq "$(srcdir)" "."
CPPFLAGS = $(strip -I. @CPPFLAGS@ @DEFS@)
@@ -44,6 +48,7 @@
LIBOBJS = @LIBOBJS@
PYTHON_CPPFLAGS = @PYTHON_CPPFLAGS@
PYTHON_LDFLAGS = @PYTHON_LDFLAGS@
+PYTHON_X_CFLAGS = @PYTHON_X_CFLAGS@
LIBSSL_CPPFLAGS = @LIBSSL_CPPFLAGS@
LIBSSL_LDFLAGS = @LIBSSL_LDFLAGS@
LIBSSL_LIBS = @LIBSSL_LIBS@
@@ -56,7 +61,7 @@
LINTFLAGS=+quiet -weak -warnposix -unrecog -Din_addr_t=uint32_t -Du_int=unsigned -Du_char=uint8_t -preproc -Drlimit=rlimit64 -D__gnuc_va_list=va_list
#-Dglob64=glob -Dglobfree64=globfree
# compat with openssl linux edition.
-LINTFLAGS+="-DBN_ULONG=unsigned long" -Dkrb5_int32=int "-Dkrb5_ui_4=unsigned int" -DPQ_64BIT=uint64_t -DRC4_INT=unsigned -fixedformalarray -D"ENGINE=unsigned" -D"RSA=unsigned" -D"DSA=unsigned" -D"EVP_PKEY=unsigned" -D"EVP_MD=unsigned" -D"SSL=unsigned" -D"SSL_CTX=unsigned" -D"X509=unsigned" -D"RC4_KEY=unsigned" -D"EVP_MD_CTX=unsigned" -D"EC_KEY=unsigned" -D"EC_POINT=unsigned" -D"EC_GROUP=unsigned"
+LINTFLAGS+="-DBN_ULONG=unsigned long" -Dkrb5_int32=int "-Dkrb5_ui_4=unsigned int" -DPQ_64BIT=uint64_t -DRC4_INT=unsigned -fixedformalarray -D"ENGINE=unsigned" -D"RSA=unsigned" -D"DSA=unsigned" -D"EVP_PKEY=unsigned" -D"EVP_MD=unsigned" -D"SSL=unsigned" -D"SSL_CTX=unsigned" -D"X509=unsigned" -D"RC4_KEY=unsigned" -D"EVP_MD_CTX=unsigned" -D"EC_KEY=unsigned" -D"EC_POINT=unsigned" -D"EC_GROUP=unsigned" -D"EVP_PKEY_ASN1_METHOD=struct evp_pkey_asn1_method_st" -D"EVP_PKEY_CTX=struct evp_pkey_ctx_st"
# compat with NetBSD
ifeq "$(shell uname)" "NetBSD"
LINTFLAGS+="-D__RENAME(x)=" -D_NETINET_IN_H_
@@ -76,7 +81,6 @@
sha1.c sha2.c
LIBDNS_HEADERS = $(srcdir)/ldns/error.h \
$(srcdir)/ldns/packet.h \
- $(srcdir)/ldns/common.h \
$(srcdir)/ldns/rdata.h \
$(srcdir)/ldns/rr.h \
$(srcdir)/ldns/wire2host.h \
@@ -111,7 +115,7 @@
LINK = $(CC) $(strip $(CFLAGS) $(LDFLAGS) $(LIBS))
LINK_LIB = $(LIBTOOL) --mode=link $(CC) $(strip $(CFLAGS) $(LDFLAGS) $(LIBS) -version-number $(version_info) -no-undefined)
-%.o: $(srcdir)/%.c $(LIBDNS_HEADERS) ldns/net.h ldns/util.h ldns/config.h
+%.o: $(srcdir)/%.c $(LIBDNS_HEADERS) ldns/common.h ldns/net.h ldns/util.h ldns/config.h
$(COMP_LIB) $(LIBSSL_CPPFLAGS) -c $<
.PHONY: clean realclean docclean manpages doc lint all lib pyldns test
@@ -120,7 +124,7 @@
all: copy-headers lib linktest manpages @PYLDNS@
-linktest: $(srcdir)/linktest.c $(LIBDNS_HEADERS) ldns/net.h ldns/util.h ldns/config.h libldns.la
+linktest: $(srcdir)/linktest.c $(LIBDNS_HEADERS) ldns/common.h ldns/net.h ldns/util.h ldns/config.h libldns.la
$(LIBTOOL) --mode=link $(CC) $(srcdir)/linktest.c $(CPPFLAGS) $(LIBSSL_CPPFLAGS) $(CFLAGS) -lldns $(LIBS) -o linktest
lib: libldns.la
@@ -140,12 +144,12 @@
@if [ ! -d include/ldns ] ; then (cd include; ln -s ../ldns ./ldns || echo "include/ldns exists") ; fi ;
$(INSTALL) -c -m 644 $< ./include/ldns/
-include/ldns/util.h include/ldns/net.h include/ldns/config.h: include/ldns/%.h: ./ldns/%.h
+include/ldns/util.h include/ldns/common.h include/ldns/net.h include/ldns/config.h: include/ldns/%.h: ./ldns/%.h
@if [ ! -d include ] ; then ($(INSTALL) -d include || echo "include exists") ; fi ;
@if [ ! -d include/ldns ] ; then (cd include; ln -s ../ldns ./ldns || echo "include/ldns exists") ; fi ;
$(INSTALL) -c -m 644 $< ./include/ldns/
-copy-headers: $(addprefix include/ldns/, $(notdir $(LIBDNS_HEADERS))) include/ldns/util.h include/ldns/net.h include/ldns/config.h
+copy-headers: $(addprefix include/ldns/, $(notdir $(LIBDNS_HEADERS))) include/ldns/common.h include/ldns/util.h include/ldns/net.h include/ldns/config.h
mancheck:
sh -c 'find . -name \*.\[13\] -exec troff -z {} \;' 2>&1 | sed "s/^\.\///" | sed "s/\(:[0\-9]\+:\)/\1 warning:/g"
@@ -167,18 +171,18 @@
pyldns: _ldns.la
-$(pywrapdir)/ldns_wrapper.c: $(pywrapdir)/ldns.i $(wildcard $(pywrapdir)/*.i) $(LIBDNS_HEADERS) ldns/util.h ldns/config.h
+$(pywrapdir)/ldns_wrapper.c: $(pywrapdir)/ldns.i $(wildcard $(pywrapdir)/*.i) $(LIBDNS_HEADERS) ldns/common.h ldns/util.h ldns/config.h
$(swig) -python -o $@ $(CPPFLAGS) $(PYTHON_CPPFLAGS) $<
-ldns_wrapper.lo: $(pywrapdir)/ldns_wrapper.c $(LIBDNS_HEADERS) ldns/util.h ldns/config.h
- $(COMP_LIB) -I./include/ldns $(PYTHON_CPPFLAGS) -c $< -o $@
+ldns_wrapper.lo: $(pywrapdir)/ldns_wrapper.c $(LIBDNS_HEADERS) ldns/common.h ldns/util.h ldns/config.h
+ $(COMP_LIB) -I./include/ldns $(PYTHON_CPPFLAGS) $(PYTHON_X_CFLAGS) -c $< -o $@
_ldns.la: ldns_wrapper.lo libldns.la
$(LIBTOOL) --tag=CC --mode=link $(CC) $(strip $(CFLAGS) $(PYTHON_CFLAGS) $(LDFLAGS) $(PYTHON_LDFLAGS) -module -version-number $(version_info) -no-undefined -o $@ $< -rpath $(python_site) -L. -L.libs -lldns $(LIBS))
install: install-h install-lib install-config install-manpages $(pyldns_inst)
-uninstall: uninstall-manpages uninstall-h uninstall-lib $(pyldns_uninst)
+uninstall: uninstall-manpages uninstall-config uninstall-h uninstall-lib $(pyldns_uninst)
destclean: uninstall
@@ -188,6 +192,12 @@
$(INSTALL) -c -m 755 packaging/ldns-config $(DESTDIR)$(bindir)/; \
fi
+uninstall-config:
+ if [ $(INSTALL_LDNS_CONFIG) = "yes" ] ; then \
+ rm -f $(DESTDIR)$(bindir)/ldns-config; \
+ [ ! -d $(DESTDIR)$(bindir) ] || rmdir -p $(DESTDIR)$(bindir) || echo "ok, dir already gone"; \
+ fi
+
install-manpages: manpages
${INSTALL} -d $(DESTDIR)$(mandir)/man3
for f in doc/man/man3/*; do \
@@ -203,12 +213,16 @@
$(INSTALL) -m 755 -d $(DESTDIR)$(includedir)/ldns
for i in $(LIBDNS_HEADERS); do \
$(INSTALL) -c -m 644 $$i $(DESTDIR)$(includedir)/ldns/; done
+ $(INSTALL) -c -m 644 include/ldns/common.h $(DESTDIR)$(includedir)/ldns/
$(INSTALL) -c -m 644 include/ldns/util.h $(DESTDIR)$(includedir)/ldns/
$(INSTALL) -c -m 644 include/ldns/net.h $(DESTDIR)$(includedir)/ldns/
uninstall-h:
for i in $(LIBDNS_HEADERS); do \
rm -f $(DESTDIR)$(includedir)/$$i; done
+ rm -f $(DESTDIR)$(includedir)/ldns/net.h
+ rm -f $(DESTDIR)$(includedir)/ldns/util.h
+ rm -f $(DESTDIR)$(includedir)/ldns/common.h
[ ! -d $(DESTDIR)$(includedir)/ldns ] || rmdir -p $(DESTDI)$(includedir)/ldns || echo "ok, dir already gone"
exit 0
@@ -255,6 +269,7 @@
rm -f ldns/config.h.in
rm -f ldns/config.h
rm -f ldns/util.h
+ rm -f ldns/common.h
rm -f config.h.in
rm -f configure
rm -f config.sub
@@ -275,7 +290,7 @@
$(LIBTOOL) --mode clean rm -f libldns.so
$(LIBTOOL) --mode clean rm -f libldns.so.*
$(LIBTOOL) --mode clean rm -f _ldns.la
- rm -rf ldns/net.h ldns/util.h ldns/config.h
+ rm -rf ldns/net.h ldns/util.h ldns/config.h ldns/common.h
rm -rf *.lo
rm -rf .libs
rm -rf libtool
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/README
^
|
@@ -8,6 +8,8 @@
INFORMATION FOR SPECIFIC OPERATING SYSTEMS
Mac OS X
Solaris
+ KNOWN ISSUES
+ pyldns
Your Support
Project page:
@@ -65,6 +67,7 @@
* Developers
ldns is developed by the ldns team at NLnet Labs. This team currently
consists of:
+ o Willem Toorop
o Wouter Wijngaards
o Matthijs Mekking
@@ -74,6 +77,7 @@
* Credits
We have received patches from the following people, thanks!
+ o Bedrich Kosata
o Erik Rozendaal
o Håkan Olsson
o Jakob Schlyter
@@ -82,7 +86,7 @@
o Ondřej Surý
-IFORMATION FOR SPECIFIC OPERATING SYSTEMS
+INFORMATION FOR SPECIFIC OPERATING SYSTEMS
MAC OS X
@@ -103,6 +107,17 @@
script that sets the right build and link options. You can find it in
contrib/build-solaris.sh
+KNOWN ISSUES
+
+A complete list of currently known open issues can be found here:
+http://www.nlnetlabs.nl/projects/ldns/bugs
+
+* pyldns
+Compiling pyldns produces many ``unused parameter'' warnings. Those are
+harmless and may safely be ignored.
+Also when building with Swig which version is before 2.0.4, compiling
+pyldns produces many ``missing initializer'' warnings. Those are harmless
+too.
Your Support
NLnet Labs offers all of its software products as open source, most are
|
[-]
[+]
|
Added |
ldns-1.6.10.tar.gz/compat/calloc.c
^
|
@@ -0,0 +1,24 @@
+/* Just a replacement, if the original malloc is not
+ GNU-compliant. See autoconf documentation. */
+
+#if HAVE_CONFIG_H
+#include <ldns/config.h>
+#endif
+
+void *calloc();
+
+#if !HAVE_BZERO && HAVE_MEMSET
+# define bzero(buf, bytes) ((void) memset (buf, 0, bytes))
+#endif
+
+void *
+calloc(size_t num, size_t size)
+{
+ void *new = malloc(num * size);
+ if (!new) {
+ return NULL;
+ }
+ bzero(new, num * size);
+ return new;
+}
+
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/configure
^
|
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.68 for ldns 1.6.9.
+# Generated by GNU Autoconf 2.68 for ldns 1.6.10.
#
# Report bugs to <libdns@nlnetlabs.nl>.
#
@@ -570,8 +570,8 @@
# Identity of this package.
PACKAGE_NAME='ldns'
PACKAGE_TARNAME='libdns'
-PACKAGE_VERSION='1.6.9'
-PACKAGE_STRING='ldns 1.6.9'
+PACKAGE_VERSION='1.6.10'
+PACKAGE_STRING='ldns 1.6.10'
PACKAGE_BUGREPORT='libdns@nlnetlabs.nl'
PACKAGE_URL=''
@@ -615,16 +615,21 @@
enable_option_checking=no
ac_subst_vars='subdirs
LTLIBOBJS
+ldns_build_config_have_attr_unused
+ldns_build_config_have_attr_format
+ldns_build_config_have_ssl
WINDRES
LIBOBJS
include_unistd_h
include_systypes_h
include_inttypes_h
+ldns_build_config_have_inttypes_h
include_sys_socket_h
INSTALL_LDNS_CONFIG
LIBSSL_LIBS
LIBSSL_LDFLAGS
LIBSSL_CPPFLAGS
+ldns_build_config_use_ecdsa
RUNTIME_PATH
HAVE_SSL
OTOOL64
@@ -657,6 +662,7 @@
build_cpu
build
libtool
+PYTHON_X_CFLAGS
swig
PYLDNS
SWIG_LIB
@@ -1297,7 +1303,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures ldns 1.6.9 to adapt to many kinds of systems.
+\`configure' configures ldns 1.6.10 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1362,7 +1368,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of ldns 1.6.9:";;
+ short | recursive ) echo "Configuration of ldns 1.6.10:";;
esac
cat <<\_ACEOF
@@ -1475,7 +1481,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-ldns configure 1.6.9
+ldns configure 1.6.10
generated by GNU Autoconf 2.68
Copyright (C) 2010 Free Software Foundation, Inc.
@@ -1941,6 +1947,184 @@
} # ac_fn_c_check_decl
+# ac_fn_c_compute_int LINENO EXPR VAR INCLUDES
+# --------------------------------------------
+# Tries to find the compile-time value of EXPR in a program that includes
+# INCLUDES, setting VAR accordingly. Returns whether the value could be
+# computed
+ac_fn_c_compute_int ()
+{
+ as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+ if test "$cross_compiling" = yes; then
+ # Depending upon the size, compute the lo and hi bounds.
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$4
+int
+main ()
+{
+static int test_array [1 - 2 * !(($2) >= 0)];
+test_array [0] = 0
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+ ac_lo=0 ac_mid=0
+ while :; do
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$4
+int
+main ()
+{
+static int test_array [1 - 2 * !(($2) <= $ac_mid)];
+test_array [0] = 0
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+ ac_hi=$ac_mid; break
+else
+ as_fn_arith $ac_mid + 1 && ac_lo=$as_val
+ if test $ac_lo -le $ac_mid; then
+ ac_lo= ac_hi=
+ break
+ fi
+ as_fn_arith 2 '*' $ac_mid + 1 && ac_mid=$as_val
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ done
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$4
+int
+main ()
+{
+static int test_array [1 - 2 * !(($2) < 0)];
+test_array [0] = 0
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+ ac_hi=-1 ac_mid=-1
+ while :; do
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$4
+int
+main ()
+{
+static int test_array [1 - 2 * !(($2) >= $ac_mid)];
+test_array [0] = 0
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+ ac_lo=$ac_mid; break
+else
+ as_fn_arith '(' $ac_mid ')' - 1 && ac_hi=$as_val
+ if test $ac_mid -le $ac_hi; then
+ ac_lo= ac_hi=
+ break
+ fi
+ as_fn_arith 2 '*' $ac_mid && ac_mid=$as_val
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ done
+else
+ ac_lo= ac_hi=
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+# Binary search between lo and hi bounds.
+while test "x$ac_lo" != "x$ac_hi"; do
+ as_fn_arith '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo && ac_mid=$as_val
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$4
+int
+main ()
+{
+static int test_array [1 - 2 * !(($2) <= $ac_mid)];
+test_array [0] = 0
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+ ac_hi=$ac_mid
+else
+ as_fn_arith '(' $ac_mid ')' + 1 && ac_lo=$as_val
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+done
+case $ac_lo in #((
+?*) eval "$3=\$ac_lo"; ac_retval=0 ;;
+'') ac_retval=1 ;;
+esac
+ else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$4
+static long int longval () { return $2; }
+static unsigned long int ulongval () { return $2; }
+#include <stdio.h>
+#include <stdlib.h>
+int
+main ()
+{
+
+ FILE *f = fopen ("conftest.val", "w");
+ if (! f)
+ return 1;
+ if (($2) < 0)
+ {
+ long int i = longval ();
+ if (i != ($2))
+ return 1;
+ fprintf (f, "%ld", i);
+ }
+ else
+ {
+ unsigned long int i = ulongval ();
+ if (i != ($2))
+ return 1;
+ fprintf (f, "%lu", i);
+ }
+ /* Do not output a trailing newline, as this causes \r\n confusion
+ on some platforms. */
+ return ferror (f) || fclose (f) != 0;
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_run "$LINENO"; then :
+ echo >>conftest.val; read $3 <conftest.val; ac_retval=0
+else
+ ac_retval=1
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+ conftest.$ac_objext conftest.beam conftest.$ac_ext
+rm -f conftest.val
+
+ fi
+ eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+ as_fn_set_status $ac_retval
+
+} # ac_fn_c_compute_int
+
# ac_fn_c_check_member LINENO AGGR MEMBER VAR INCLUDES
# ----------------------------------------------------
# Tries to find if the field MEMBER exists in type AGGR, after including
@@ -2001,7 +2185,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by ldns $as_me 1.6.9, which was
+It was created by ldns $as_me 1.6.10, which was
generated by GNU Autoconf 2.68. Invocation command line was
$ $0 $@
@@ -2351,13 +2535,13 @@
# needed to build correct soname
-LIBTOOL_VERSION_INFO=1:6:9
+LIBTOOL_VERSION_INFO=1:6:10
LDNS_VERSION_MAJOR=1
LDNS_VERSION_MINOR=6
-LDNS_VERSION_MICRO=9
+LDNS_VERSION_MICRO=10
OURCPPFLAGS=''
@@ -5564,6 +5748,7 @@
# check for python
+PYTHON_X_CFLAGS=""
# Check whether --with-pyldns was given.
if test "${with_pyldns+set}" = set; then :
@@ -6060,9 +6245,45 @@
fi
else
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: *** don't have Python, skipping Swig, no pyldns ***" >&5
-$as_echo "*** don't have Python, skipping Swig, no pyldns ***" >&6; }
+$as_echo "*** don't have Python, skipping Swig, no pyldns ***" >&6; } # '
fi
+
+ # xtra cflags for pyldns
+ if test x_$ldns_have_python != x_no; then
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC supports -fno-strict-aliasing" >&5
+$as_echo_n "checking whether $CC supports -fno-strict-aliasing... " >&6; }
+cache=`echo fno-strict-aliasing | sed 'y%.=/+-%___p_%'`
+if eval \${cv_prog_cc_flag_$cache+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+
+echo 'void f(){}' >conftest.c
+if test -z "`$CC $CPPFLAGS $CFLAGS -fno-strict-aliasing -c conftest.c 2>&1`"; then
+eval "cv_prog_cc_flag_$cache=yes"
+else
+eval "cv_prog_cc_flag_$cache=no"
fi
+rm -f conftest conftest.o conftest.c
+
+fi
+
+if eval "test \"`echo '$cv_prog_cc_flag_'$cache`\" = yes"; then
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+:
+PYTHON_X_CFLAGS="-fno-strict-aliasing"
+else
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+:
+
+fi
+
+ fi
+fi
+
# Use libtool
ac_aux_dir=
@@ -13811,6 +14032,8 @@
#define USE_ECDSA 1
_ACEOF
+ ldns_build_config_use_ecdsa=1
+
{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING:
*****************************************************************
*** YOU HAVE ENABLED ECDSA WHICH IS EXPERIMENTAL AT THIS TIME ***
@@ -13823,8 +14046,12 @@
*****************************************************************" >&2;}
;;
no)
+ ldns_build_config_use_ecdsa=0
+
;;
*)
+ ldns_build_config_use_ecdsa=0
+
;;
esac
@@ -14219,10 +14446,102 @@
fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for stdbool.h that conforms to C99" >&5
+$as_echo_n "checking for stdbool.h that conforms to C99... " >&6; }
+if ${ac_cv_header_stdbool_h+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+#include <stdbool.h>
+#ifndef bool
+ "error: bool is not defined"
+#endif
+#ifndef false
+ "error: false is not defined"
+#endif
+#if false
+ "error: false is not 0"
+#endif
+#ifndef true
+ "error: true is not defined"
+#endif
+#if true != 1
+ "error: true is not 1"
+#endif
+#ifndef __bool_true_false_are_defined
+ "error: __bool_true_false_are_defined is not defined"
+#endif
+
+ struct s { _Bool s: 1; _Bool t; } s;
+
+ char a[true == 1 ? 1 : -1];
+ char b[false == 0 ? 1 : -1];
+ char c[__bool_true_false_are_defined == 1 ? 1 : -1];
+ char d[(bool) 0.5 == true ? 1 : -1];
+ /* See body of main program for 'e'. */
+ char f[(_Bool) 0.0 == false ? 1 : -1];
+ char g[true];
+ char h[sizeof (_Bool)];
+ char i[sizeof s.t];
+ enum { j = false, k = true, l = false * true, m = true * 256 };
+ /* The following fails for
+ HP aC++/ANSI C B3910B A.05.55 [Dec 04 2003]. */
+ _Bool n[m];
+ char o[sizeof n == m * sizeof n[0] ? 1 : -1];
+ char p[-1 - (_Bool) 0 < 0 && -1 - (bool) 0 < 0 ? 1 : -1];
+ /* Catch a bug in an HP-UX C compiler. See
+ http://gcc.gnu.org/ml/gcc-patches/2003-12/msg02303.html
+ http://lists.gnu.org/archive/html/bug-coreutils/2005-11/msg00161.html
+ */
+ _Bool q = true;
+ _Bool *pq = &q;
+
+int
+main ()
+{
+
+ bool e = &s;
+ *pq |= q;
+ *pq |= ! q;
+ /* Refer to every declared value, to avoid compiler optimizations. */
+ return (!a + !b + !c + !d + !e + !f + !g + !h + !i + !!j + !k + !!l
+ + !m + !n + !o + !p + !q + !pq);
+
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+ ac_cv_header_stdbool_h=yes
+else
+ ac_cv_header_stdbool_h=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdbool_h" >&5
+$as_echo "$ac_cv_header_stdbool_h" >&6; }
+ac_fn_c_check_type "$LINENO" "_Bool" "ac_cv_type__Bool" "$ac_includes_default"
+if test "x$ac_cv_type__Bool" = xyes; then :
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE__BOOL 1
+_ACEOF
+
+
+fi
+
+if test $ac_cv_header_stdbool_h = yes; then
+
+$as_echo "#define HAVE_STDBOOL_H 1" >>confdefs.h
+
+fi
+
#AC_HEADER_SYS_WAIT
#AC_CHECK_HEADERS([getopt.h fcntl.h stdlib.h string.h strings.h unistd.h])
# do the very minimum - we can always extend this
-for ac_header in getopt.h stdarg.h stdbool.h openssl/ssl.h netinet/in.h time.h arpa/inet.h netdb.h
+for ac_header in getopt.h stdarg.h openssl/ssl.h netinet/in.h time.h arpa/inet.h netdb.h
do :
as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default
@@ -14288,10 +14607,14 @@
$as_echo "#define HAVE_INTTYPES_H 1" >>confdefs.h
+ldns_build_config_have_inttypes_h=1
+
else
include_inttypes_h=''
+ldns_build_config_have_inttypes_h=0
+
fi
@@ -14334,6 +14657,53 @@
+# The cast to long int works around a bug in the HP C Compiler
+# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
+# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
+# This bug is HP SR number 8606223364.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of time_t" >&5
+$as_echo_n "checking size of time_t... " >&6; }
+if ${ac_cv_sizeof_time_t+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (time_t))" "ac_cv_sizeof_time_t" "
+$ac_includes_default
+#ifdef TIME_WITH_SYS_TIME
+# include <sys/time.h>
+# include <time.h>
+#else
+# ifdef HAVE_SYS_TIME_H
+# include <sys/time.h>
+# else
+# include <time.h>
+# endif
+#endif
+
+"; then :
+
+else
+ if test "$ac_cv_type_time_t" = yes; then
+ { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error 77 "cannot compute sizeof (time_t)
+See \`config.log' for more details" "$LINENO" 5; }
+ else
+ ac_cv_sizeof_time_t=0
+ fi
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_time_t" >&5
+$as_echo "$ac_cv_sizeof_time_t" >&6; }
+
+
+
+cat >>confdefs.h <<_ACEOF
+#define SIZEOF_TIME_T $ac_cv_sizeof_time_t
+_ACEOF
+
+
+
ac_fn_c_check_type "$LINENO" "socklen_t" "ac_cv_type_socklen_t" "
$ac_includes_default
@@ -14633,6 +15003,20 @@
fi
+ac_fn_c_check_func "$LINENO" "calloc" "ac_cv_func_calloc"
+if test "x$ac_cv_func_calloc" = xyes; then :
+ $as_echo "#define HAVE_CALLOC 1" >>confdefs.h
+
+else
+ case " $LIBOBJS " in
+ *" calloc.$ac_objext "* ) ;;
+ *) LIBOBJS="$LIBOBJS calloc.$ac_objext"
+ ;;
+esac
+
+fi
+
+
ac_fn_c_check_func "$LINENO" "timegm" "ac_cv_func_timegm"
if test "x$ac_cv_func_timegm" = xyes; then :
$as_echo "#define HAVE_TIMEGM 1" >>confdefs.h
@@ -14787,7 +15171,7 @@
fi
-for ac_func in endprotoent endservent sleep random fcntl strtoul
+for ac_func in endprotoent endservent sleep random fcntl strtoul bzero memset
do :
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
@@ -15112,7 +15496,29 @@
-ac_config_files="$ac_config_files Makefile ldns/net.h ldns/util.h packaging/libldns.pc packaging/ldns-config"
+if test "x$HAVE_SSL" = "xyes"; then
+ ldns_build_config_have_ssl=1
+
+else
+ ldns_build_config_have_ssl=0
+
+fi
+if test "x$ac_cv_c_format_attribute" = "xyes"; then
+ ldns_build_config_have_attr_format=1
+
+else
+ ldns_build_config_have_attr_format=0
+
+fi
+if test "x$ac_cv_c_unused_attribute" = "xyes"; then
+ ldns_build_config_have_attr_unused=1
+
+else
+ ldns_build_config_have_attr_unused=0
+
+fi
+
+ac_config_files="$ac_config_files Makefile ldns/common.h ldns/net.h ldns/util.h packaging/libldns.pc packaging/ldns-config"
ac_config_headers="$ac_config_headers ldns/config.h"
@@ -15636,7 +16042,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by ldns $as_me 1.6.9, which was
+This file was extended by ldns $as_me 1.6.10, which was
generated by GNU Autoconf 2.68. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -15702,7 +16108,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-ldns config.status 1.6.9
+ldns config.status 1.6.10
configured by $0, generated by GNU Autoconf 2.68,
with options \\"\$ac_cs_config\\"
@@ -16108,6 +16514,7 @@
"libtool") CONFIG_COMMANDS="$CONFIG_COMMANDS libtool" ;;
"disable-rpath") CONFIG_COMMANDS="$CONFIG_COMMANDS disable-rpath" ;;
"Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;;
+ "ldns/common.h") CONFIG_FILES="$CONFIG_FILES ldns/common.h" ;;
"ldns/net.h") CONFIG_FILES="$CONFIG_FILES ldns/net.h" ;;
"ldns/util.h") CONFIG_FILES="$CONFIG_FILES ldns/util.h" ;;
"packaging/libldns.pc") CONFIG_FILES="$CONFIG_FILES packaging/libldns.pc" ;;
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/configure.ac
^
|
@@ -6,7 +6,7 @@
# must be numbers. ac_defun because of later processing.
m4_define([VERSION_MAJOR],[1])
m4_define([VERSION_MINOR],[6])
-m4_define([VERSION_MICRO],[9])
+m4_define([VERSION_MICRO],[10])
AC_INIT(ldns, m4_defn([VERSION_MAJOR]).m4_defn([VERSION_MINOR]).m4_defn([VERSION_MICRO]), libdns@nlnetlabs.nl, libdns)
AC_CONFIG_SRCDIR([packet.c])
# needed to build correct soname
@@ -84,6 +84,7 @@
AC_SEARCH_LIBS([inet_pton], [nsl])
# check for python
+PYTHON_X_CFLAGS=""
AC_ARG_WITH(pyldns, AC_HELP_STRING([--with-pyldns],
[generate python library, or --without-pyldns to disable Python support.]),
[],[ withval="no" ])
@@ -113,9 +114,15 @@
AC_SUBST(swig, "$SWIG")
fi
else
- AC_MSG_RESULT([*** don't have Python, skipping Swig, no pyldns ***])
+ AC_MSG_RESULT([*** don't have Python, skipping Swig, no pyldns ***]) # '
+ fi
+
+ # xtra cflags for pyldns
+ if test x_$ldns_have_python != x_no; then
+ ACX_CHECK_COMPILER_FLAG(fno-strict-aliasing, [PYTHON_X_CFLAGS="-fno-strict-aliasing"])
fi
fi
+AC_SUBST(PYTHON_X_CFLAGS)
# Use libtool
ACX_LIBTOOL_C_ONLY
@@ -177,6 +184,7 @@
])
# we now know we have ECDSA and the required curves.
AC_DEFINE_UNQUOTED([USE_ECDSA], [1], [Define this to enable ECDSA support.])
+ AC_SUBST(ldns_build_config_use_ecdsa, 1)
AC_WARN([
*****************************************************************
*** YOU HAVE ENABLED ECDSA WHICH IS EXPERIMENTAL AT THIS TIME ***
@@ -184,8 +192,10 @@
*****************************************************************])
;;
no)
+ AC_SUBST(ldns_build_config_use_ecdsa, 0)
;;
*)
+ AC_SUBST(ldns_build_config_use_ecdsa, 0)
;;
esac
@@ -229,10 +239,11 @@
# Checks for header files.
AC_HEADER_STDC
+AC_HEADER_STDBOOL
#AC_HEADER_SYS_WAIT
#AC_CHECK_HEADERS([getopt.h fcntl.h stdlib.h string.h strings.h unistd.h])
# do the very minimum - we can always extend this
-AC_CHECK_HEADERS([getopt.h stdarg.h stdbool.h openssl/ssl.h netinet/in.h time.h arpa/inet.h netdb.h],,, [AC_INCLUDES_DEFAULT])
+AC_CHECK_HEADERS([getopt.h stdarg.h openssl/ssl.h netinet/in.h time.h arpa/inet.h netdb.h],,, [AC_INCLUDES_DEFAULT])
AC_CHECK_HEADERS(sys/param.h sys/mount.h,,,
[AC_INCLUDES_DEFAULT
[
@@ -259,8 +270,10 @@
[
include_inttypes_h='#include <inttypes.h>'
AC_DEFINE(HAVE_INTTYPES_H, 1, [define if you have inttypes.h])
+AC_SUBST(ldns_build_config_have_inttypes_h, 1)
],[
include_inttypes_h=''
+AC_SUBST(ldns_build_config_have_inttypes_h, 0)
],[AC_INCLUDES_DEFAULT
])
AC_SUBST(include_inttypes_h)
@@ -283,6 +296,20 @@
])
AC_SUBST(include_unistd_h)
+AC_CHECK_SIZEOF(time_t,,[
+AC_INCLUDES_DEFAULT
+#ifdef TIME_WITH_SYS_TIME
+# include <sys/time.h>
+# include <time.h>
+#else
+# ifdef HAVE_SYS_TIME_H
+# include <sys/time.h>
+# else
+# include <time.h>
+# endif
+#endif
+])
+
ACX_TYPE_SOCKLEN_T
AC_CHECK_TYPE(ssize_t, int)
AC_CHECK_TYPE(in_addr_t, [], [AC_DEFINE([in_addr_t], [uint32_t], [in_addr_t])], [
@@ -308,6 +335,7 @@
AC_REPLACE_FUNCS(b64_ntop)
AC_REPLACE_FUNCS(b32_pton)
AC_REPLACE_FUNCS(b32_ntop)
+AC_REPLACE_FUNCS(calloc)
AC_REPLACE_FUNCS(timegm)
AC_REPLACE_FUNCS(gmtime_r)
AC_REPLACE_FUNCS(ctime_r)
@@ -319,7 +347,7 @@
AC_REPLACE_FUNCS(snprintf)
AC_REPLACE_FUNCS(strlcpy)
AC_REPLACE_FUNCS(memmove)
-AC_CHECK_FUNCS([endprotoent endservent sleep random fcntl strtoul])
+AC_CHECK_FUNCS([endprotoent endservent sleep random fcntl strtoul bzero memset])
ACX_CHECK_GETADDRINFO_WITH_INCLUDES
if test $ac_cv_func_getaddrinfo = no; then
@@ -479,7 +507,23 @@
#endif
])
-AC_CONFIG_FILES([Makefile ldns/net.h ldns/util.h packaging/libldns.pc packaging/ldns-config])
+if test "x$HAVE_SSL" = "xyes"; then
+ AC_SUBST(ldns_build_config_have_ssl, 1)
+else
+ AC_SUBST(ldns_build_config_have_ssl, 0)
+fi
+if test "x$ac_cv_c_format_attribute" = "xyes"; then
+ AC_SUBST(ldns_build_config_have_attr_format, 1)
+else
+ AC_SUBST(ldns_build_config_have_attr_format, 0)
+fi
+if test "x$ac_cv_c_unused_attribute" = "xyes"; then
+ AC_SUBST(ldns_build_config_have_attr_unused, 1)
+else
+ AC_SUBST(ldns_build_config_have_attr_unused, 0)
+fi
+
+AC_CONFIG_FILES([Makefile ldns/common.h ldns/net.h ldns/util.h packaging/libldns.pc packaging/ldns-config])
AC_CONFIG_HEADER([ldns/config.h])
AC_OUTPUT
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/contrib/python/Makefile
^
|
@@ -62,6 +62,6 @@
#for development only
swig: ldns.i
swig -python -o ldns_wrapper.c -I../.. ldns.i
- gcc -c ldns_wrapper.c -O9 -fPIC -I../.. -I../../ldns -I/usr/include/python2.5 -I. -o ldns_wrapper.o
+ gcc -c ldns_wrapper.c -O9 -fPIC -I../.. -I../../ldns -I/usr/local/include/python2.6 -I. -o ldns_wrapper.o
ld -shared ldns_wrapper.o -L../../.libs -lldns -o _ldns.so
|
[-]
[+]
|
Added |
ldns-1.6.10.tar.gz/contrib/python/examples/ldns_rr_iter_frm_fp_l.demo.py
^
|
@@ -0,0 +1,15 @@
+import ldns
+import sys
+
+if len(sys.argv) <= 1:
+ print "Usage: %s zone_file" % sys.argv[0]
+ sys.exit()
+
+inp = open(sys.argv[1],"r");
+for rr in ldns.ldns_rr_iter_frm_fp_l(inp):
+ print rr
+
+inp.close()
+
+
+
|
[-]
[+]
|
Added |
ldns-1.6.10.tar.gz/contrib/python/examples/ldns_rr_new_frm_fp_l.demo.py
^
|
@@ -0,0 +1,43 @@
+import ldns
+import sys
+
+if len(sys.argv) <= 1:
+ print "Usage: %s zone_file" % sys.argv[0]
+ sys.exit()
+
+inp = open(sys.argv[1],"r");
+# variables that preserve the parsers state
+my_ttl = 3600;
+my_origin = None
+my_prev = None
+# additional state variables
+last_pos = 0
+line_nr = 0
+
+while True:
+ ret = ldns.ldns_rr_new_frm_fp_l_(inp, my_ttl, my_origin, my_prev)
+ s, rr, line_inc, new_ttl, new_origin, new_prev = ret # unpack the result
+ line_nr += line_inc # increase number of parsed lines
+ my_prev = new_prev # update ref to previous owner
+
+ if s == ldns.LDNS_STATUS_SYNTAX_TTL:
+ my_ttl = new_ttl # update default TTL
+ print "$TTL:", my_ttl
+ elif s == ldns.LDNS_STATUS_SYNTAX_ORIGIN:
+ my_origin = new_origin # update reference to origin
+ print "$ORIGIN:", my_origin
+ elif s == ldns.LDNS_STATUS_SYNTAX_EMPTY:
+ if last_pos == inp.tell():
+ break # no advance since last read - EOF
+ last_pos = inp.tell()
+ elif s != ldns.LDNS_STATUS_OK:
+ print "! parse error in line", line_nr
+ else:
+ # we are sure to have LDNS_STATUS_OK
+ print rr
+
+inp.close()
+print "--------------------"
+print "Read %d lines" % line_nr
+
+
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/contrib/python/ldns.i
^
|
@@ -95,6 +95,9 @@
%apply int *OUTPUT { int *line_nr};
%apply uint32_t *OUTPUT { uint32_t *default_ttl};
+// wire2pkt
+%apply (char *STRING, int LENGTH) { (const char *str, int len) };
+
%include "ldns_packet.i"
%include "ldns_resolver.i"
%include "ldns_rr.i"
@@ -144,6 +147,14 @@
{
PyObject* tuple;
+ /* origin and prev have to be cloned in order to decouple the data
+ * from the python wrapper
+ */
+ if (origin != NULL)
+ origin = ldns_rdf_clone(origin);
+ if (prev != NULL)
+ prev = ldns_rdf_clone(prev);
+
ldns_rdf *p_prev = prev;
ldns_rdf **pp_prev = &p_prev;
if (p_prev == 0) pp_prev = 0;
@@ -157,14 +168,14 @@
PyTuple_SetItem(tuple, 0, SWIG_From_int(st));
PyTuple_SetItem(tuple, 1, (st == LDNS_STATUS_OK) ?
SWIG_NewPointerObj(SWIG_as_voidptr(p_rr), SWIGTYPE_p_ldns_struct_rr, SWIG_POINTER_OWN | 0 ) :
- Py_None);
+ (Py_INCREF(Py_None), Py_None));
PyTuple_SetItem(tuple, 2, (p_prev != prev) ?
SWIG_NewPointerObj(SWIG_as_voidptr(p_prev), SWIGTYPE_p_ldns_struct_rdf, SWIG_POINTER_OWN | 0 ) :
- Py_None);
+ (Py_INCREF(Py_None), Py_None));
return tuple;
}
- PyObject* ldns_rr_new_frm_fp_l_(FILE *fp, uint32_t default_ttl, ldns_rdf* origin, ldns_rdf* prev, int ret_linenr)
+ PyObject* ldns_rr_new_frm_fp_l_(FILE *fp, uint32_t default_ttl, ldns_rdf* origin, ldns_rdf* prev)
//returns tuple (status, ldns_rr, [line if ret_linenr], ttl, origin, prev)
{
int linenr = 0;
@@ -174,13 +185,21 @@
uint32_t *p_defttl = &defttl;
if (defttl == 0) p_defttl = 0;
+ /* origin and prev have to be cloned in order to decouple the data
+ * from the python wrapper
+ */
+ if (origin != NULL)
+ origin = ldns_rdf_clone(origin);
+ if (prev != NULL)
+ prev = ldns_rdf_clone(prev);
+
ldns_rdf *p_origin = origin;
ldns_rdf **pp_origin = &p_origin;
- if (p_origin == 0) pp_origin = 0;
+ //if (p_origin == 0) pp_origin = 0;
ldns_rdf *p_prev = prev;
ldns_rdf **pp_prev = &p_prev;
- if (p_prev == 0) pp_prev = 0;
+ //if (p_prev == 0) pp_prev = 0;
ldns_rr *p_rr = 0;
ldns_rr **pp_rr = &p_rr;
@@ -188,35 +207,38 @@
ldns_status st = ldns_rr_new_frm_fp_l(pp_rr, fp, p_defttl, pp_origin, pp_prev, p_linenr);
PyObject* tuple;
- tuple = PyTuple_New(ret_linenr ? 6 : 5);
+ tuple = PyTuple_New(6);
int idx = 0;
PyTuple_SetItem(tuple, idx, SWIG_From_int(st));
idx++;
PyTuple_SetItem(tuple, idx, (st == LDNS_STATUS_OK) ?
SWIG_NewPointerObj(SWIG_as_voidptr(p_rr), SWIGTYPE_p_ldns_struct_rr, SWIG_POINTER_OWN | 0 ) :
- Py_None);
+ (Py_INCREF(Py_None), Py_None));
idx++;
- if (ret_linenr) {
- PyTuple_SetItem(tuple, idx, SWIG_From_int(linenr));
- idx++;
- }
- PyTuple_SetItem(tuple, idx, (defttl != default_ttl) ? SWIG_From_int(defttl) : Py_None);
+ PyTuple_SetItem(tuple, idx, SWIG_From_int(linenr));
idx++;
- PyTuple_SetItem(tuple, idx, (p_origin != origin) ?
- SWIG_NewPointerObj(SWIG_as_voidptr(p_origin), SWIGTYPE_p_ldns_struct_rdf, SWIG_POINTER_OWN | 0 ) :
- Py_None);
+ PyTuple_SetItem(tuple, idx, SWIG_From_int(defttl));
idx++;
- PyTuple_SetItem(tuple, idx, (p_prev != prev) ?
- SWIG_NewPointerObj(SWIG_as_voidptr(p_prev), SWIGTYPE_p_ldns_struct_rdf, SWIG_POINTER_OWN | 0 ) :
- Py_None);
+ PyTuple_SetItem(tuple, idx, SWIG_NewPointerObj(SWIG_as_voidptr(p_origin), SWIGTYPE_p_ldns_struct_rdf, SWIG_POINTER_OWN | 0 ));
+ idx++;
+ PyTuple_SetItem(tuple, idx, SWIG_NewPointerObj(SWIG_as_voidptr(p_prev), SWIGTYPE_p_ldns_struct_rdf, SWIG_POINTER_OWN | 0 ));
return tuple;
}
- PyObject* ldns_rr_new_question_frm_str_(const char *str, ldns_rdf* origin, ldns_rdf* prev)
+
+PyObject* ldns_rr_new_question_frm_str_(const char *str, ldns_rdf* origin, ldns_rdf* prev)
//returns tuple (status, ldns_rr, prev)
{
PyObject* tuple;
+ /* origin and prev have to be cloned in order to decouple the data
+ * from the python wrapper
+ */
+ if (origin != NULL)
+ origin = ldns_rdf_clone(origin);
+ if (prev != NULL)
+ prev = ldns_rdf_clone(prev);
+
ldns_rdf *p_prev = prev;
ldns_rdf **pp_prev = &p_prev;
if (p_prev == 0) pp_prev = 0;
@@ -230,10 +252,10 @@
PyTuple_SetItem(tuple, 0, SWIG_From_int(st));
PyTuple_SetItem(tuple, 1, (st == LDNS_STATUS_OK) ?
SWIG_NewPointerObj(SWIG_as_voidptr(p_rr), SWIGTYPE_p_ldns_struct_rr, SWIG_POINTER_OWN | 0 ) :
- Py_None);
+ (Py_INCREF(Py_None), Py_None));
PyTuple_SetItem(tuple, 2, (p_prev != prev) ?
SWIG_NewPointerObj(SWIG_as_voidptr(p_prev), SWIGTYPE_p_ldns_struct_rdf, SWIG_POINTER_OWN | 0 ) :
- Py_None);
+ (Py_INCREF(Py_None), Py_None));
return tuple;
}
@@ -254,14 +276,70 @@
PyTuple_SetItem(tuple, 0, SWIG_From_int(st));
PyTuple_SetItem(tuple, 1, (st == LDNS_STATUS_OK) ?
SWIG_NewPointerObj(SWIG_as_voidptr(rrl), SWIGTYPE_p_ldns_struct_rr_list, SWIG_POINTER_OWN | 0 ) :
- Py_None);
+ (Py_INCREF(Py_None), Py_None));
return tuple;
}
+PyObject* ldns_wire2pkt_(const char *str, int len)
+ //returns tuple (status, result)
+ {
+ PyObject *resultobj = 0;
+ ldns_pkt *arg1 = NULL;
+ uint8_t *arg2 = (uint8_t *) str;
+ size_t arg3 = (size_t) len;
+ ldns_status result;
+ PyObject* tuple;
+
+ result = (ldns_status)ldns_wire2pkt(&arg1,arg2,arg3);
+ tuple = PyTuple_New(2);
+ PyTuple_SetItem(tuple, 0, SWIG_From_int(result));
+ if (result == LDNS_STATUS_OK)
+ PyTuple_SetItem(tuple, 1, SWIG_NewPointerObj(SWIG_as_voidptr(arg1), SWIGTYPE_p_ldns_struct_pkt, SWIG_POINTER_OWN | 0 ));
+ else {
+ Py_INCREF(Py_None);
+ PyTuple_SetItem(tuple, 1, Py_None);
+ }
+ return tuple;
+}
+
%}
%pythoncode %{
def ldns_fetch_valid_domain_keys(res, domain, keys):
return _ldns.ldns_fetch_valid_domain_keys_(res, domain, keys)
-%}
+def ldns_wire2pkt(data):
+ return _ldns.ldns_wire2pkt_(data)
+
+def ldns_rr_iter_frm_fp_l(input_file):
+ """Creates an iterator (generator) that returns individual parsed
+ RRs from an open zone file."""
+ # variables that preserve the parsers state
+ my_ttl = 0;
+ my_origin = None
+ my_prev = None
+ # additional state variables
+ last_pos = 0
+ line_nr = 0
+
+ while True:
+ ret = _ldns.ldns_rr_new_frm_fp_l_(input_file, my_ttl, my_origin, my_prev)
+ s, rr, line_inc, new_ttl, new_origin, new_prev = ret # unpack the result
+ line_nr += line_inc # increase number of parsed lines
+ my_prev = new_prev # update ref to previous owner
+
+ if s == _ldns.LDNS_STATUS_SYNTAX_TTL:
+ my_ttl = new_ttl # update default TTL
+ elif s == _ldns.LDNS_STATUS_SYNTAX_ORIGIN:
+ my_origin = new_origin # update reference to origin
+ elif s == _ldns.LDNS_STATUS_SYNTAX_EMPTY:
+ if last_pos == input_file.tell():
+ break # no advance since last read - EOF
+ last_pos = input_file.tell()
+ elif s != _ldns.LDNS_STATUS_OK:
+ raise ValueError("Parse error in line %d" % line_nr)
+ else:
+ # we are sure to have LDNS_STATUS_OK
+ yield rr
+
+%}
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/contrib/python/ldns_buffer.i
^
|
@@ -51,6 +51,10 @@
%newobject ldns_dname_new_frm_data;
%newobject ldns_dname_label;
+# limit the number of arguments to 2 and
+# deal with variable number of arguments the Python way
+%varargs(2, char *arg = NULL) ldns_buffer_printf;
+
%rename(ldns_buffer) ldns_struct_buffer;
#ifdef LDNS_DEBUG
@@ -232,14 +236,15 @@
#parameters: ldns_buffer *,
#retvals: size_t
- def printf(self,*str):
+ def printf(self, str, *args):
"""Prints to the buffer, increasing the capacity if required using buffer_reserve().
The buffer's position is set to the terminating '\0'. Returns the number of characters written (not including the terminating '\0') or -1 on failure.
:param str: a string
:returns: (int)
"""
- return _ldns.ldns_buffer_printf(self,*str)
+ data = str % args
+ return _ldns.ldns_buffer_printf(self,data)
#parameters: ldns_buffer *,const char *,...
#retvals: int
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/contrib/python/ldns_packet.i
^
|
@@ -41,12 +41,14 @@
$result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(SWIG_as_voidptr($1_pkt), SWIGTYPE_p_ldns_struct_pkt, SWIG_POINTER_OWN | 0 ));
}
+%newobject ldns_pkt_new;
%newobject ldns_pkt_clone;
%newobject ldns_pkt_rr_list_by_type;
%newobject ldns_pkt_rr_list_by_name_and_type;
%newobject ldns_pkt_rr_list_by_name;
%newobject ldns_update_pkt_new;
+
%nodefaultctor ldns_struct_pkt; //no default constructor & destructor
%nodefaultdtor ldns_struct_pkt;
@@ -69,9 +71,57 @@
%newobject ldns_pkt_algorithm2str;
%newobject ldns_pkt_cert_algorithm2str;
-%exception ldns_pkt_push_rr(ldns_pkt *packet, ldns_pkt_section section, ldns_rr *rr) %{ $action if (result) Py_INCREF(obj2); %}
-%exception ldns_pkt_push_rr_list(ldns_pkt *packet, ldns_pkt_section section, ldns_rr_list *list) %{ $action if (result) Py_INCREF(obj2); %}
+/* cloning of packet_lists to make them independent of the original packet */
+
+%newobject _ldns_pkt_additional;
+%newobject _ldns_pkt_answer;
+%newobject _ldns_pkt_authority;
+%newobject _ldns_pkt_question;
+
+%rename(__ldns_pkt_additional) ldns_pkt_additional;
+%inline %{
+ldns_rr_list* _ldns_pkt_additional(ldns_pkt* p) {
+ return ldns_rr_list_clone(ldns_pkt_additional(p));
+}
+%}
+
+%rename(__ldns_pkt_answer) ldns_pkt_answer;
+%inline %{
+ldns_rr_list* _ldns_pkt_answer(ldns_pkt* p) {
+ return ldns_rr_list_clone(ldns_pkt_answer(p));
+}
+%}
+
+%rename(__ldns_pkt_authority) ldns_pkt_authority;
+%inline %{
+ldns_rr_list* _ldns_pkt_authority(ldns_pkt* p) {
+ return ldns_rr_list_clone(ldns_pkt_authority(p));
+}
+%}
+
+%rename(__ldns_pkt_question) ldns_pkt_question;
+%inline %{
+ldns_rr_list* _ldns_pkt_question(ldns_pkt* p) {
+ return ldns_rr_list_clone(ldns_pkt_question(p));
+}
+%}
+
+/* clone data when pushed in */
+
+%rename(__ldns_pkt_push_rr) ldns_pkt_push_rr;
+%inline %{
+bool _ldns_pkt_push_rr(ldns_pkt* p, ldns_pkt_section sec, ldns_rr *rr) {
+ return ldns_pkt_push_rr(p, sec, ldns_rr_clone(rr));
+}
+%}
+
+%rename(__ldns_pkt_push_rr_list) ldns_pkt_push_rr_list;
+%inline %{
+bool _ldns_pkt_push_rr_list(ldns_pkt* p, ldns_pkt_section sec, ldns_rr_list *rrl) {
+ return ldns_pkt_push_rr_list(p, sec, ldns_rr_list_clone(rrl));
+}
+%}
%feature("docstring") ldns_struct_pkt "LDNS packet object.
@@ -224,7 +274,7 @@
:returns: (ldns_rr_list \*) the section
"""
- return _ldns.ldns_pkt_additional(self)
+ return _ldns._ldns_pkt_additional(self)
#parameters: const ldns_pkt *,
#retvals: ldns_rr_list *
@@ -252,7 +302,7 @@
:returns: (ldns_rr_list \*) the section
"""
- return _ldns.ldns_pkt_answer(self)
+ return _ldns._ldns_pkt_answer(self)
#parameters: const ldns_pkt *,
#retvals: ldns_rr_list *
@@ -279,7 +329,7 @@
:returns: (ldns_rr_list \*) the section
"""
- return _ldns.ldns_pkt_authority(self)
+ return _ldns._ldns_pkt_authority(self)
#parameters: const ldns_pkt *,
#retvals: ldns_rr_list *
@@ -433,7 +483,7 @@
rr to push
:returns: (bool) a boolean which is true when the rr was added
"""
- return _ldns.ldns_pkt_push_rr(self,section,rr)
+ return _ldns._ldns_pkt_push_rr(self,section,rr)
#parameters: ldns_pkt *,ldns_pkt_section,ldns_rr *,
#retvals: bool
@@ -446,7 +496,7 @@
the rr_list to push
:returns: (bool) a boolean which is true when the rr was added
"""
- return _ldns.ldns_pkt_push_rr_list(self,section,list)
+ return _ldns._ldns_pkt_push_rr_list(self,section,list)
#parameters: ldns_pkt *,ldns_pkt_section,ldns_rr_list *,
#retvals: bool
@@ -482,7 +532,7 @@
:returns: (ldns_rr_list \*) the section
"""
- return _ldns.ldns_pkt_question(self)
+ return _ldns._ldns_pkt_question(self)
#parameters: const ldns_pkt *,
#retvals: ldns_rr_list *
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/contrib/python/ldns_rdf.i
^
|
@@ -66,6 +66,10 @@
%newobject ldns_dname_new_frm_str;
%newobject ldns_dname_new_frm_data;
+%newobject ldns_rdf_new;
+%newobject ldns_rdf_new_frm_str;
+%newobject ldns_rdf_new_frm_data;
+
%delobject ldns_rdf_deep_free;
%delobject ldns_rdf_free;
@@ -141,7 +145,7 @@
def __init__(self):
raise Exception("This class can't be created directly. Please use: ldns_rdf_new, ldns_rdf_new_frm_data, ldns_rdf_new_frm_str, ldns_rdf_new_frm_fp, ldns_rdf_new_frm_fp_l")
- __swig_destroy__ = _ldns._ldns_rdf_free
+ __swig_destroy__ = _ldns._ldns_rdf_deep_free
#LDNS_RDF_CONSTRUCTORS_#
@staticmethod
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/contrib/python/ldns_resolver.i
^
|
@@ -166,7 +166,10 @@
www.l.google.com. 300 IN A 74.125.43.147
"""
- return _ldns.ldns_get_rr_list_addr_by_name(self, name, aclass, flags)
+ rdf = name
+ if isinstance(name, str):
+ rdf = _ldns.ldns_dname_new_frm_str(name)
+ return _ldns.ldns_get_rr_list_addr_by_name(self, rdf, aclass, flags)
def get_name_by_addr(self, addr, aclass = _ldns.LDNS_RR_CLASS_IN, flags = _ldns.LDNS_RD):
"""Ask the resolver about the address and return the name
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/contrib/python/ldns_rr.i
^
|
@@ -48,6 +48,7 @@
%ignore ldns_struct_rr::_rdata_fields;
%newobject ldns_rr_clone;
+%newobject ldns_rr_new;
%newobject ldns_rr_pop_rdf;
%delobject ldns_rr_free;
@@ -70,6 +71,299 @@
%newobject ldns_rr_class2str;
%newobject ldns_read_anchor_file;
+
+// clone rdf data on pull
+
+%newobject _ldns_rr_rdf;
+%rename(__ldns_rr_rdf) ldns_rr_rdf;
+%inline %{
+ldns_rdf* _ldns_rr_rdf(ldns_rr* rr, size_t i) {
+ return ldns_rdf_clone(ldns_rr_rdf(rr, i));
+}
+%}
+
+%newobject _ldns_rr_rrsig_algorithm;
+%rename(__ldns_rr_rrsig_algorithm) ldns_rr_rrsig_algorithm;
+%inline %{
+ldns_rdf* _ldns_rr_rrsig_algorithm(ldns_rr* rr) {
+ return ldns_rdf_clone(ldns_rr_rrsig_algorithm(rr));
+}
+%}
+
+%newobject _ldns_rr_dnskey_algorithm;
+%rename(__ldns_rr_dnskey_algorithm) ldns_rr_dnskey_algorithm;
+%inline %{
+ldns_rdf* _ldns_rr_dnskey_algorithm(ldns_rr* rr) {
+ return ldns_rdf_clone(ldns_rr_dnskey_algorithm(rr));
+}
+%}
+
+%newobject _ldns_rr_dnskey_flags;
+%rename(__ldns_rr_dnskey_flags) ldns_rr_dnskey_flags;
+%inline %{
+ldns_rdf* _ldns_rr_dnskey_flags(ldns_rr* rr) {
+ return ldns_rdf_clone(ldns_rr_dnskey_flags(rr));
+}
+%}
+
+%newobject _ldns_rr_dnskey_key;
+%rename(__ldns_rr_dnskey_key) ldns_rr_dnskey_key;
+%inline %{
+ldns_rdf* _ldns_rr_dnskey_key(ldns_rr* rr) {
+ return ldns_rdf_clone(ldns_rr_dnskey_key(rr));
+}
+%}
+
+%newobject _ldns_rr_dnskey_protocol;
+%rename(__ldns_rr_dnskey_protocol) ldns_rr_dnskey_protocol;
+%inline %{
+ldns_rdf* _ldns_rr_dnskey_protocol(ldns_rr* rr) {
+ return ldns_rdf_clone(ldns_rr_dnskey_protocol(rr));
+}
+%}
+
+
+%newobject _ldns_rr_owner;
+%rename(__ldns_rr_owner) ldns_rr_owner;
+%inline %{
+ldns_rdf* _ldns_rr_owner(ldns_rr* rr) {
+ return ldns_rdf_clone(ldns_rr_owner(rr));
+}
+%}
+
+
+%newobject _ldns_rr_a_address;
+%rename(__ldns_rr_a_address) ldns_rr_a_address;
+%inline %{
+ldns_rdf* _ldns_rr_a_address(ldns_rr* rr) {
+ return ldns_rdf_clone(ldns_rr_a_address(rr));
+}
+%}
+
+
+%newobject _ldns_rr_mx_exchange;
+%rename(__ldns_rr_mx_exchange) ldns_rr_mx_exchange;
+%inline %{
+ldns_rdf* _ldns_rr_mx_exchange(ldns_rr* rr) {
+ return ldns_rdf_clone(ldns_rr_mx_exchange(rr));
+}
+%}
+
+
+%newobject _ldns_rr_mx_preference;
+%rename(__ldns_rr_mx_preference) ldns_rr_mx_preference;
+%inline %{
+ldns_rdf* _ldns_rr_mx_preference(ldns_rr* rr) {
+ return ldns_rdf_clone(ldns_rr_mx_preference(rr));
+}
+%}
+
+
+%newobject _ldns_rr_ns_nsdname;
+%rename(__ldns_rr_ns_nsdname) ldns_rr_ns_nsdname;
+%inline %{
+ldns_rdf* _ldns_rr_ns_nsdname(ldns_rr* rr) {
+ return ldns_rdf_clone(ldns_rr_ns_nsdname(rr));
+}
+%}
+
+
+%newobject _ldns_rr_rrsig_expiration;
+%rename(__ldns_rr_rrsig_expiration) ldns_rr_rrsig_expiration;
+%inline %{
+ldns_rdf* _ldns_rr_rrsig_expiration(ldns_rr* rr) {
+ return ldns_rdf_clone(ldns_rr_rrsig_expiration(rr));
+}
+%}
+
+
+%newobject _ldns_rr_rrsig_inception;
+%rename(__ldns_rr_rrsig_inception) ldns_rr_rrsig_inception;
+%inline %{
+ldns_rdf* _ldns_rr_rrsig_inception(ldns_rr* rr) {
+ return ldns_rdf_clone(ldns_rr_rrsig_inception(rr));
+}
+%}
+
+
+%newobject _ldns_rr_rrsig_keytag;
+%rename(__ldns_rr_rrsig_keytag) ldns_rr_rrsig_keytag;
+%inline %{
+ldns_rdf* _ldns_rr_rrsig_keytag(ldns_rr* rr) {
+ return ldns_rdf_clone(ldns_rr_rrsig_keytag(rr));
+}
+%}
+
+
+%newobject _ldns_rr_rrsig_labels;
+%rename(__ldns_rr_rrsig_labels) ldns_rr_rrsig_labels;
+%inline %{
+ldns_rdf* _ldns_rr_rrsig_labels(ldns_rr* rr) {
+ return ldns_rdf_clone(ldns_rr_rrsig_labels(rr));
+}
+%}
+
+
+%newobject _ldns_rr_rrsig_origttl;
+%rename(__ldns_rr_rrsig_origttl) ldns_rr_rrsig_origttl;
+%inline %{
+ldns_rdf* _ldns_rr_rrsig_origttl(ldns_rr* rr) {
+ return ldns_rdf_clone(ldns_rr_rrsig_origttl(rr));
+}
+%}
+
+
+%newobject _ldns_rr_rrsig_sig;
+%rename(__ldns_rr_rrsig_sig) ldns_rr_rrsig_sig;
+%inline %{
+ldns_rdf* _ldns_rr_rrsig_sig(ldns_rr* rr) {
+ return ldns_rdf_clone(ldns_rr_rrsig_sig(rr));
+}
+%}
+
+
+%newobject _ldns_rr_rrsig_signame;
+%rename(__ldns_rr_rrsig_signame) ldns_rr_rrsig_signame;
+%inline %{
+ldns_rdf* _ldns_rr_rrsig_signame(ldns_rr* rr) {
+ return ldns_rdf_clone(ldns_rr_rrsig_signame(rr));
+}
+%}
+
+
+%newobject _ldns_rr_rrsig_typecovered;
+%rename(__ldns_rr_rrsig_typecovered) ldns_rr_rrsig_typecovered;
+%inline %{
+ldns_rdf* _ldns_rr_rrsig_typecovered(ldns_rr* rr) {
+ return ldns_rdf_clone(ldns_rr_rrsig_typecovered(rr));
+}
+%}
+
+// end of pull cloning
+
+// clone rdf data on push
+
+%rename(__ldns_rr_a_set_address) ldns_rr_a_set_address;
+%inline %{
+bool _ldns_rr_a_set_address(ldns_rr* rr, ldns_rdf* rdf) {
+ return ldns_rr_a_set_address(rr, ldns_rdf_clone(rdf));
+}
+%}
+
+%rename(__ldns_rr_dnskey_set_algorithm) ldns_rr_dnskey_set_algorithm;
+%inline %{
+bool _ldns_rr_dnskey_set_algorithm(ldns_rr* rr, ldns_rdf* rdf) {
+ return ldns_rr_dnskey_set_algorithm(rr, ldns_rdf_clone(rdf));
+}
+%}
+
+%rename(__ldns_rr_dnskey_set_flags) ldns_rr_dnskey_set_flags;
+%inline %{
+bool _ldns_rr_dnskey_set_flags(ldns_rr* rr, ldns_rdf* rdf) {
+ return ldns_rr_dnskey_set_flags(rr, ldns_rdf_clone(rdf));
+}
+%}
+
+%rename(__ldns_rr_dnskey_set_key) ldns_rr_dnskey_set_key;
+%inline %{
+bool _ldns_rr_dnskey_set_key(ldns_rr* rr, ldns_rdf* rdf) {
+ return ldns_rr_dnskey_set_key(rr, ldns_rdf_clone(rdf));
+}
+%}
+
+%rename(__ldns_rr_dnskey_set_protocol) ldns_rr_dnskey_set_protocol;
+%inline %{
+bool _ldns_rr_dnskey_set_protocol(ldns_rr* rr, ldns_rdf* rdf) {
+ return ldns_rr_dnskey_set_protocol(rr, ldns_rdf_clone(rdf));
+}
+%}
+
+%rename(__ldns_rr_push_rdf) ldns_rr_push_rdf;
+%inline %{
+bool _ldns_rr_push_rdf(ldns_rr* rr, ldns_rdf* rdf) {
+ return ldns_rr_push_rdf(rr, ldns_rdf_clone(rdf));
+}
+%}
+
+%rename(__ldns_rr_rrsig_set_algorithm) ldns_rr_rrsig_set_algorithm;
+%inline %{
+bool _ldns_rr_rrsig_set_algorithm(ldns_rr* rr, ldns_rdf* rdf) {
+ return ldns_rr_rrsig_set_algorithm(rr, ldns_rdf_clone(rdf));
+}
+%}
+
+%rename(__ldns_rr_rrsig_set_expiration) ldns_rr_rrsig_set_expiration;
+%inline %{
+bool _ldns_rr_rrsig_set_expiration(ldns_rr* rr, ldns_rdf* rdf) {
+ return ldns_rr_rrsig_set_expiration(rr, ldns_rdf_clone(rdf));
+}
+%}
+
+%rename(__ldns_rr_rrsig_set_inception) ldns_rr_rrsig_set_inception;
+%inline %{
+bool _ldns_rr_rrsig_set_inception(ldns_rr* rr, ldns_rdf* rdf) {
+ return ldns_rr_rrsig_set_inception(rr, ldns_rdf_clone(rdf));
+}
+%}
+
+%rename(__ldns_rr_rrsig_set_keytag) ldns_rr_rrsig_set_keytag;
+%inline %{
+bool _ldns_rr_rrsig_set_keytag(ldns_rr* rr, ldns_rdf* rdf) {
+ return ldns_rr_rrsig_set_keytag(rr, ldns_rdf_clone(rdf));
+}
+%}
+
+%rename(__ldns_rr_rrsig_set_labels) ldns_rr_rrsig_set_labels;
+%inline %{
+bool _ldns_rr_rrsig_set_labels(ldns_rr* rr, ldns_rdf* rdf) {
+ return ldns_rr_rrsig_set_labels(rr, ldns_rdf_clone(rdf));
+}
+%}
+
+%rename(__ldns_rr_rrsig_set_origttl) ldns_rr_rrsig_set_origttl;
+%inline %{
+bool _ldns_rr_rrsig_set_origttl(ldns_rr* rr, ldns_rdf* rdf) {
+ return ldns_rr_rrsig_set_origttl(rr, ldns_rdf_clone(rdf));
+}
+%}
+
+%rename(__ldns_rr_rrsig_set_sig) ldns_rr_rrsig_set_sig;
+%inline %{
+bool _ldns_rr_rrsig_set_sig(ldns_rr* rr, ldns_rdf* rdf) {
+ return ldns_rr_rrsig_set_sig(rr, ldns_rdf_clone(rdf));
+}
+%}
+
+%rename(__ldns_rr_rrsig_set_signame) ldns_rr_rrsig_set_signame;
+%inline %{
+bool _ldns_rr_rrsig_set_signame(ldns_rr* rr, ldns_rdf* rdf) {
+ return ldns_rr_rrsig_set_signame(rr, ldns_rdf_clone(rdf));
+}
+%}
+
+%rename(__ldns_rr_rrsig_set_typecovered) ldns_rr_rrsig_set_typecovered;
+%inline %{
+bool _ldns_rr_rrsig_set_typecovered(ldns_rr* rr, ldns_rdf* rdf) {
+ return ldns_rr_rrsig_set_typecovered(rr, ldns_rdf_clone(rdf));
+}
+%}
+
+%rename(__ldns_rr_set_owner) ldns_rr_set_owner;
+%inline %{
+void _ldns_rr_set_owner(ldns_rr* rr, ldns_rdf* rdf) {
+ return ldns_rr_set_owner(rr, ldns_rdf_clone(rdf));
+}
+%}
+
+%rename(__ldns_rr_set_rdf) ldns_rr_set_rdf;
+%inline %{
+ ldns_rdf* _ldns_rr_set_rdf(ldns_rr* rr, ldns_rdf* rdf, size_t pos) {
+ return ldns_rr_set_rdf(rr, ldns_rdf_clone(rdf), pos);
+}
+%}
+
+// end of push cloning
+
%rename(_ldns_rr_new_frm_str) ldns_rr_new_frm_str;
%rename(_ldns_rr_new_frm_fp_l) ldns_rr_new_frm_fp_l;
%rename(_ldns_rr_new_frm_fp) ldns_rr_new_frm_fp;
@@ -227,18 +521,6 @@
for i in range(0,self.rd_count()):
yield self.rdf(i)
- def get_function(self,rtype,pos):
- """return a specific rdf"""
- return _ldns.ldns_rr_function(rtype,self,pos)
- #parameters: ldns_rr_type,const ldns_rr *,size_t,
- #retvals: ldns_rdf *
-
- def set_function(self,rtype,rdf,pos):
- """set a specific rdf"""
- return _ldns.ldns_rr_set_function(rtype,self,rdf,pos)
- #parameters: ldns_rr_type,ldns_rr *,ldns_rdf *,size_t,
- #retvals: bool
-
def print_to_file(self,output):
"""Prints the data in the resource record to the given file stream (in presentation format)."""
_ldns.ldns_rr_print(output,self)
@@ -313,7 +595,7 @@
:returns: (ldns_rdf \*) a ldns_rdf* with the address or NULL on failure
"""
- return _ldns.ldns_rr_a_address(self)
+ return _ldns._ldns_rr_a_address(self)
#parameters: const ldns_rr *,
#retvals: ldns_rdf *
@@ -324,7 +606,7 @@
the address to set
:returns: (bool) true on success, false otherwise
"""
- return _ldns.ldns_rr_a_set_address(self,f)
+ return _ldns._ldns_rr_a_set_address(self,f)
#parameters: ldns_rr *,ldns_rdf *,
#retvals: bool
@@ -366,7 +648,7 @@
:returns: (ldns_rdf \*) a ldns_rdf* with the algorithm or NULL on failure
"""
- return _ldns.ldns_rr_dnskey_algorithm(self)
+ return _ldns._ldns_rr_dnskey_algorithm(self)
#parameters: const ldns_rr *,
#retvals: ldns_rdf *
@@ -375,7 +657,7 @@
:returns: (ldns_rdf \*) a ldns_rdf* with the flags or NULL on failure
"""
- return _ldns.ldns_rr_dnskey_flags(self)
+ return _ldns._ldns_rr_dnskey_flags(self)
#parameters: const ldns_rr *,
#retvals: ldns_rdf *
@@ -384,7 +666,7 @@
:returns: (ldns_rdf \*) a ldns_rdf* with the key data or NULL on failure
"""
- return _ldns.ldns_rr_dnskey_key(self)
+ return _ldns._ldns_rr_dnskey_key(self)
#parameters: const ldns_rr *,
#retvals: ldns_rdf *
@@ -402,7 +684,7 @@
:returns: (ldns_rdf \*) a ldns_rdf* with the protocol or NULL on failure
"""
- return _ldns.ldns_rr_dnskey_protocol(self)
+ return _ldns._ldns_rr_dnskey_protocol(self)
#parameters: const ldns_rr *,
#retvals: ldns_rdf *
@@ -413,7 +695,7 @@
the algorithm to set
:returns: (bool) true on success, false otherwise
"""
- return _ldns.ldns_rr_dnskey_set_algorithm(self,f)
+ return _ldns._ldns_rr_dnskey_set_algorithm(self,f)
#parameters: ldns_rr *,ldns_rdf *,
#retvals: bool
@@ -424,7 +706,7 @@
the flags to set
:returns: (bool) true on success, false otherwise
"""
- return _ldns.ldns_rr_dnskey_set_flags(self,f)
+ return _ldns._ldns_rr_dnskey_set_flags(self,f)
#parameters: ldns_rr *,ldns_rdf *,
#retvals: bool
@@ -435,7 +717,7 @@
the key data to set
:returns: (bool) true on success, false otherwise
"""
- return _ldns.ldns_rr_dnskey_set_key(self,f)
+ return _ldns._ldns_rr_dnskey_set_key(self,f)
#parameters: ldns_rr *,ldns_rdf *,
#retvals: bool
@@ -446,7 +728,7 @@
the protocol to set
:returns: (bool) true on success, false otherwise
"""
- return _ldns.ldns_rr_dnskey_set_protocol(self,f)
+ return _ldns._ldns_rr_dnskey_set_protocol(self,f)
#parameters: ldns_rr *,ldns_rdf *,
#retvals: bool
@@ -482,7 +764,7 @@
:returns: (ldns_rdf \*) a ldns_rdf* with the name of the MX host or NULL on failure
"""
- return _ldns.ldns_rr_mx_exchange(self)
+ return _ldns._ldns_rr_mx_exchange(self)
#parameters: const ldns_rr *,
#retvals: ldns_rdf *
@@ -493,7 +775,7 @@
:returns: (ldns_rdf \*) a ldns_rdf* with the preference or NULL on failure
"""
- return _ldns.ldns_rr_mx_preference(self)
+ return _ldns._ldns_rr_mx_preference(self)
#parameters: const ldns_rr *,
#retvals: ldns_rdf *
@@ -502,7 +784,7 @@
:returns: (ldns_rdf \*) a ldns_rdf* with the name or NULL on failure
"""
- return _ldns.ldns_rr_ns_nsdname(self)
+ return _ldns._ldns_rr_ns_nsdname(self)
#parameters: const ldns_rr *,
#retvals: ldns_rdf *
@@ -511,7 +793,7 @@
:returns: (ldns_rdf \*) ldns_rdf *
"""
- return _ldns.ldns_rr_owner(self)
+ return _ldns._ldns_rr_owner(self)
#parameters: const ldns_rr *,
#retvals: ldns_rdf *
@@ -530,7 +812,7 @@
:param f:
:returns: (bool) bool
"""
- return _ldns.ldns_rr_push_rdf(self,f)
+ return _ldns._ldns_rr_push_rdf(self,f)
#parameters: ldns_rr *,const ldns_rdf *,
#retvals: bool
@@ -550,7 +832,7 @@
the number of the rdf to return
:returns: (ldns_rdf \*) ldns_rdf *
"""
- return _ldns.ldns_rr_rdf(self,nr)
+ return _ldns._ldns_rr_rdf(self,nr)
#parameters: const ldns_rr *,size_t,
#retvals: ldns_rdf *
@@ -559,7 +841,7 @@
:returns: (ldns_rdf \*) a ldns_rdf* with the algorithm or NULL on failure
"""
- return _ldns.ldns_rr_rrsig_algorithm(self)
+ return _ldns._ldns_rr_rrsig_algorithm(self)
#parameters: const ldns_rr *,
#retvals: ldns_rdf *
@@ -568,7 +850,7 @@
:returns: (ldns_rdf \*) a ldns_rdf* with the expiration time or NULL on failure
"""
- return _ldns.ldns_rr_rrsig_expiration(self)
+ return _ldns._ldns_rr_rrsig_expiration(self)
#parameters: const ldns_rr *,
#retvals: ldns_rdf *
@@ -577,7 +859,7 @@
:returns: (ldns_rdf \*) a ldns_rdf* with the inception time or NULL on failure
"""
- return _ldns.ldns_rr_rrsig_inception(self)
+ return _ldns._ldns_rr_rrsig_inception(self)
#parameters: const ldns_rr *,
#retvals: ldns_rdf *
@@ -586,7 +868,7 @@
:returns: (ldns_rdf \*) a ldns_rdf* with the keytag or NULL on failure
"""
- return _ldns.ldns_rr_rrsig_keytag(self)
+ return _ldns._ldns_rr_rrsig_keytag(self)
#parameters: const ldns_rr *,
#retvals: ldns_rdf *
@@ -595,7 +877,7 @@
:returns: (ldns_rdf \*) a ldns_rdf* with the number of labels or NULL on failure
"""
- return _ldns.ldns_rr_rrsig_labels(self)
+ return _ldns._ldns_rr_rrsig_labels(self)
#parameters: const ldns_rr *,
#retvals: ldns_rdf *
@@ -604,7 +886,7 @@
:returns: (ldns_rdf \*) a ldns_rdf* with the original TTL or NULL on failure
"""
- return _ldns.ldns_rr_rrsig_origttl(self)
+ return _ldns._ldns_rr_rrsig_origttl(self)
#parameters: const ldns_rr *,
#retvals: ldns_rdf *
@@ -615,7 +897,7 @@
the algorithm to set
:returns: (bool) true on success, false otherwise
"""
- return _ldns.ldns_rr_rrsig_set_algorithm(self,f)
+ return _ldns._ldns_rr_rrsig_set_algorithm(self,f)
#parameters: ldns_rr *,ldns_rdf *,
#retvals: bool
@@ -626,7 +908,7 @@
the expireation date to set
:returns: (bool) true on success, false otherwise
"""
- return _ldns.ldns_rr_rrsig_set_expiration(self,f)
+ return _ldns._ldns_rr_rrsig_set_expiration(self,f)
#parameters: ldns_rr *,ldns_rdf *,
#retvals: bool
@@ -637,7 +919,7 @@
the inception date to set
:returns: (bool) true on success, false otherwise
"""
- return _ldns.ldns_rr_rrsig_set_inception(self,f)
+ return _ldns._ldns_rr_rrsig_set_inception(self,f)
#parameters: ldns_rr *,ldns_rdf *,
#retvals: bool
@@ -648,7 +930,7 @@
the keytag to set
:returns: (bool) true on success, false otherwise
"""
- return _ldns.ldns_rr_rrsig_set_keytag(self,f)
+ return _ldns._ldns_rr_rrsig_set_keytag(self,f)
#parameters: ldns_rr *,ldns_rdf *,
#retvals: bool
@@ -659,7 +941,7 @@
the number of labels to set
:returns: (bool) true on success, false otherwise
"""
- return _ldns.ldns_rr_rrsig_set_labels(self,f)
+ return _ldns._ldns_rr_rrsig_set_labels(self,f)
#parameters: ldns_rr *,ldns_rdf *,
#retvals: bool
@@ -670,7 +952,7 @@
the original TTL to set
:returns: (bool) true on success, false otherwise
"""
- return _ldns.ldns_rr_rrsig_set_origttl(self,f)
+ return _ldns._ldns_rr_rrsig_set_origttl(self,f)
#parameters: ldns_rr *,ldns_rdf *,
#retvals: bool
@@ -681,7 +963,7 @@
the signature data to set
:returns: (bool) true on success, false otherwise
"""
- return _ldns.ldns_rr_rrsig_set_sig(self,f)
+ return _ldns._ldns_rr_rrsig_set_sig(self,f)
#parameters: ldns_rr *,ldns_rdf *,
#retvals: bool
@@ -692,7 +974,7 @@
the signers name to set
:returns: (bool) true on success, false otherwise
"""
- return _ldns.ldns_rr_rrsig_set_signame(self,f)
+ return _ldns._ldns_rr_rrsig_set_signame(self,f)
#parameters: ldns_rr *,ldns_rdf *,
#retvals: bool
@@ -703,7 +985,7 @@
the typecovered to set
:returns: (bool) true on success, false otherwise
"""
- return _ldns.ldns_rr_rrsig_set_typecovered(self,f)
+ return _ldns._ldns_rr_rrsig_set_typecovered(self,f)
#parameters: ldns_rr *,ldns_rdf *,
#retvals: bool
@@ -712,7 +994,7 @@
:returns: (ldns_rdf \*) a ldns_rdf* with the signature data or NULL on failure
"""
- return _ldns.ldns_rr_rrsig_sig(self)
+ return _ldns._ldns_rr_rrsig_sig(self)
#parameters: const ldns_rr *,
#retvals: ldns_rdf *
@@ -721,7 +1003,7 @@
:returns: (ldns_rdf \*) a ldns_rdf* with the signers name or NULL on failure
"""
- return _ldns.ldns_rr_rrsig_signame(self)
+ return _ldns._ldns_rr_rrsig_signame(self)
#parameters: const ldns_rr *,
#retvals: ldns_rdf *
@@ -730,7 +1012,7 @@
:returns: (ldns_rdf \*) a ldns_rdf* with the type covered or NULL on failure
"""
- return _ldns.ldns_rr_rrsig_typecovered(self)
+ return _ldns._ldns_rr_rrsig_typecovered(self)
#parameters: const ldns_rr *,
#retvals: ldns_rdf *
@@ -749,7 +1031,7 @@
:param owner:
"""
- _ldns.ldns_rr_set_owner(self,owner)
+ _ldns._ldns_rr_set_owner(self,owner)
#parameters: ldns_rr *,ldns_rdf *,
#retvals:
@@ -773,7 +1055,7 @@
the position the set the rdf
:returns: (ldns_rdf \*) the old value in the rr, NULL on failyre
"""
- return _ldns.ldns_rr_set_rdf(self,f,position)
+ return _ldns._ldns_rr_set_rdf(self,f,position)
#parameters: ldns_rr *,const ldns_rdf *,size_t,
#retvals: ldns_rdf *
@@ -828,6 +1110,8 @@
%newobject ldns_rr_list_pop_rr;
%newobject ldns_rr_list_pop_rr_list;
%newobject ldns_rr_list_pop_rrset;
+%newobject ldns_rr_list_rr;
+%newobject ldns_rr_list_new;
%delobject ldns_rr_list_deep_free;
%delobject ldns_rr_list_free;
@@ -846,11 +1130,49 @@
%rename(_ldns_rr_list_free) ldns_rr_list_free;
#endif
-%exception ldns_rr_list_push_rr(ldns_rr_list *rr_list, const ldns_rr *rr) %{ $action if (result) Py_INCREF(obj1); %}
-%exception ldns_rr_list_push_rr_list(ldns_rr_list *rr_list, const ldns_rr_list *push_list) %{ $action if (result) Py_INCREF(obj1); %}
+/* clone data on push */
+
+%rename(__ldns_rr_list_push_rr) ldns_rr_list_push_rr;
+%inline %{
+void _ldns_rr_list_push_rr(ldns_rr_list* r, ldns_rr *rr) {
+ ldns_rr_list_push_rr(r, ldns_rr_clone(rr));
+}
+%}
+
+%rename(__ldns_rr_list_push_rr_list) ldns_rr_list_push_rr_list;
+%inline %{
+void _ldns_rr_list_push_rr_list(ldns_rr_list* r, ldns_rr_list *r2) {
+ ldns_rr_list_push_rr_list(r, ldns_rr_list_clone(r2));
+}
+%}
+
+%rename(__ldns_rr_list_cat) ldns_rr_list_cat;
+%inline %{
+void _ldns_rr_list_cat(ldns_rr_list* r, ldns_rr_list *r2) {
+ ldns_rr_list_cat(r, ldns_rr_list_clone(r2));
+}
+%}
+
+
+/* clone data on pull */
+
+%newobject _ldns_rr_list_rr;
+
+%rename(__ldns_rr_list_rr) ldns_rr_list_rr;
+%inline %{
+ldns_rr* _ldns_rr_list_rr(ldns_rr_list* r, int i) {
+ return ldns_rr_clone(ldns_rr_list_rr(r, i));
+}
+%}
%newobject ldns_rr_list2str;
+%rename(__ldns_rr_list_owner) ldns_rr_list_owner;
+%inline %{
+ldns_rdf* _ldns_rr_list_owner(ldns_rr_list* r) {
+ return ldns_rdf_clone(ldns_rr_list_owner(r));
+}
+%}
@@ -867,7 +1189,7 @@
if not self.this:
raise Exception("Can't create new RR_LIST")
- __swig_destroy__ = _ldns._ldns_rr_list_free
+ __swig_destroy__ = _ldns._ldns_rr_list_deep_free
#LDNS_RR_LIST_CONSTRUCTORS_#
@staticmethod
@@ -942,7 +1264,7 @@
the rightside
:returns: (bool) a left with right concatenated to it
"""
- return _ldns.ldns_rr_list_cat(self,right)
+ return _ldns._ldns_rr_list_cat(self,right)
#parameters: ldns_rr_list *,ldns_rr_list *,
#retvals: bool
@@ -982,7 +1304,7 @@
:returns: (ldns_rdf \*) dname of the first element, or NULL if the list is empty
"""
- return _ldns.ldns_rr_list_owner(self)
+ return _ldns._ldns_rr_list_owner(self)
#parameters: const ldns_rr_list *,
#retvals: ldns_rdf *
@@ -991,7 +1313,10 @@
:returns: (ldns_rr \*) NULL if nothing to pop. Otherwise the popped RR
"""
- return _ldns.ldns_rr_list_pop_rr(self)
+ rr = _ldns.ldns_rr_list_pop_rr(self)
+ #if hasattr(self, "_python_rr_refs") and rr in self._python_rr_refs:
+ # self._python_rr_refs.remove(rr)
+ return rr
#parameters: ldns_rr_list *,
#retvals: ldns_rr *
@@ -1022,7 +1347,11 @@
the rr to push
:returns: (bool) false on error, otherwise true
"""
- return _ldns.ldns_rr_list_push_rr(self,rr)
+ #if hasattr(self, "_python_rr_refs"):
+ # self._python_rr_refs.add(rr)
+ #else:
+ # self._python_rr_refs = set([rr])
+ return _ldns._ldns_rr_list_push_rr(self,rr)
#parameters: ldns_rr_list *,const ldns_rr *,
#retvals: bool
@@ -1033,7 +1362,7 @@
the rr_list to push
:returns: (bool) false on error, otherwise true
"""
- return _ldns.ldns_rr_list_push_rr_list(self,push_list)
+ return _ldns._ldns_rr_list_push_rr_list(self,push_list)
#parameters: ldns_rr_list *,const ldns_rr_list *,
#retvals: bool
@@ -1044,7 +1373,7 @@
return this rr
:returns: (ldns_rr \*) the rr at position nr
"""
- return _ldns.ldns_rr_list_rr(self,nr)
+ return _ldns._ldns_rr_list_rr(self,nr)
#parameters: const ldns_rr_list *,size_t,
#retvals: ldns_rr *
@@ -1126,7 +1455,6 @@
%feature("docstring") ldns_struct_rr_descriptor "Resource Record descriptor
-
This structure contains, for all rr types, the rdata fields that are defined."
%extend ldns_struct_rr_descriptor {
@@ -1166,4 +1494,91 @@
#_LDNS_RR_DESCRIPTOR_METHODS#
%}
}
-
+
+/*
+
+rrsig checking wrappers
+
+ copying of rr pointers into the good_keys list leads to double free
+ problems, therefore we provide two options - either ignore the keys
+ or get list of indexes of the keys. The latter allows fetching of the
+ keys later on from the original key set
+*/
+
+%rename(__ldns_verify_rrsig_keylist) ldns_verify_rrsig_keylist;
+%inline %{
+ldns_status ldns_verify_rrsig_keylist_status_only(ldns_rr_list *rrset,
+ ldns_rr *rrsig,
+ const ldns_rr_list *keys) {
+ ldns_rr_list *good_keys = ldns_rr_list_new();
+ ldns_status status = ldns_verify_rrsig_keylist(rrset, rrsig, keys, good_keys);
+ ldns_rr_list_free(good_keys);
+ return status;
+}
+%}
+
+%rename(__ldns_verify_rrsig_keylist) ldns_verify_rrsig_keylist;
+%inline %{
+PyObject* ldns_verify_rrsig_keylist_(ldns_rr_list *rrset,
+ ldns_rr *rrsig,
+ const ldns_rr_list *keys) {
+ PyObject* tuple;
+ PyObject* keylist;
+ ldns_rr_list *good_keys = ldns_rr_list_new();
+ ldns_status status = ldns_verify_rrsig_keylist(rrset, rrsig, keys, good_keys);
+
+ tuple = PyTuple_New(2);
+ PyTuple_SetItem(tuple, 0, SWIG_From_int(status));
+ keylist = PyList_New(0);
+ if (status == LDNS_STATUS_OK) {
+ unsigned int i;
+ for (i = 0; i < ldns_rr_list_rr_count(keys); i++)
+ if (ldns_rr_list_contains_rr(good_keys, ldns_rr_list_rr(keys, i)))
+ PyList_Append(keylist, SWIG_From_int(i));
+ }
+ PyTuple_SetItem(tuple, 1, keylist);
+ ldns_rr_list_free(good_keys);
+ return tuple;
+ }
+%}
+
+
+%rename(__ldns_verify_rrsig_keylist_notime) ldns_verify_rrsig_keylist_notime;
+%inline %{
+ldns_status ldns_verify_rrsig_keylist_notime_status_only(ldns_rr_list *rrset,
+ ldns_rr *rrsig,
+ const ldns_rr_list *keys) {
+ ldns_rr_list *good_keys = ldns_rr_list_new();
+ ldns_status status = ldns_verify_rrsig_keylist_notime(rrset, rrsig, keys, good_keys);
+ ldns_rr_list_free(good_keys);
+ return status;
+}
+%}
+
+%rename(__ldns_verify_rrsig_keylist_notime) ldns_verify_rrsig_keylist_notime;
+%inline %{
+PyObject* ldns_verify_rrsig_keylist_notime_(ldns_rr_list *rrset,
+ ldns_rr *rrsig,
+ const ldns_rr_list *keys) {
+ PyObject* tuple;
+ PyObject* keylist;
+ ldns_rr_list *good_keys = ldns_rr_list_new();
+ ldns_status status = ldns_verify_rrsig_keylist_notime(rrset, rrsig, keys, good_keys);
+
+ tuple = PyTuple_New(2);
+ PyTuple_SetItem(tuple, 0, SWIG_From_int(status));
+ keylist = PyList_New(0);
+ if (status == LDNS_STATUS_OK) {
+ unsigned int i;
+ for (i = 0; i < ldns_rr_list_rr_count(keys); i++)
+ if (ldns_rr_list_contains_rr(good_keys, ldns_rr_list_rr(keys, i)))
+ PyList_Append(keylist, SWIG_From_int(i));
+ }
+ PyTuple_SetItem(tuple, 1, keylist);
+ ldns_rr_list_free(good_keys);
+ return tuple;
+ }
+%}
+
+/* -- end of rrsig checking wrappers */
+
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/dnssec.c
^
|
@@ -764,20 +764,6 @@
return 0;
}
-/* returns true if the current dnssec_rrset from the given list of rrsets
- * is glue */
-static int
-is_glue(ldns_dnssec_rrsets *cur_rrsets, ldns_dnssec_rrsets *orig_rrsets)
-{
- /* only glue if a or aaaa if there are no ns, unless there is soa */
- return (cur_rrsets->type == LDNS_RR_TYPE_A ||
- cur_rrsets->type == LDNS_RR_TYPE_AAAA) &&
- (ldns_dnssec_rrsets_contains_type(orig_rrsets,
- LDNS_RR_TYPE_NS) &&
- !ldns_dnssec_rrsets_contains_type(orig_rrsets,
- LDNS_RR_TYPE_SOA));
-}
-
ldns_rr *
ldns_dnssec_create_nsec(ldns_dnssec_name *from,
ldns_dnssec_name *to,
@@ -787,6 +773,7 @@
ldns_rr_type types[65536];
size_t type_count = 0;
ldns_dnssec_rrsets *cur_rrsets;
+ int on_delegation_point;
if (!from || !to || (nsec_type != LDNS_RR_TYPE_NSEC &&
nsec_type != LDNS_RR_TYPE_NSEC3)) {
@@ -798,14 +785,22 @@
ldns_rr_set_owner(nsec_rr, ldns_rdf_clone(ldns_dnssec_name_name(from)));
ldns_rr_push_rdf(nsec_rr, ldns_rdf_clone(ldns_dnssec_name_name(to)));
+ on_delegation_point = ldns_dnssec_rrsets_contains_type(
+ from->rrsets, LDNS_RR_TYPE_NS)
+ && !ldns_dnssec_rrsets_contains_type(
+ from->rrsets, LDNS_RR_TYPE_SOA);
+
cur_rrsets = from->rrsets;
while (cur_rrsets) {
- if (is_glue(cur_rrsets, from->rrsets)) {
- cur_rrsets = cur_rrsets->next;
- continue;
- }
- if (cur_rrsets->type != LDNS_RR_TYPE_RRSIG &&
- cur_rrsets->type != LDNS_RR_TYPE_NSEC) {
+ /* Do not include non-authoritative rrsets on the delegation point
+ * in the type bitmap */
+ if ((on_delegation_point && (
+ cur_rrsets->type == LDNS_RR_TYPE_NS
+ || cur_rrsets->type == LDNS_RR_TYPE_DS))
+ || (!on_delegation_point &&
+ cur_rrsets->type != LDNS_RR_TYPE_RRSIG
+ && cur_rrsets->type != LDNS_RR_TYPE_NSEC)) {
+
types[type_count] = cur_rrsets->type;
type_count++;
}
@@ -839,6 +834,7 @@
size_t type_count = 0;
ldns_dnssec_rrsets *cur_rrsets;
ldns_status status;
+ int on_delegation_point;
flags = flags;
@@ -865,13 +861,24 @@
salt_length,
salt);
+ on_delegation_point = ldns_dnssec_rrsets_contains_type(
+ from->rrsets, LDNS_RR_TYPE_NS)
+ && !ldns_dnssec_rrsets_contains_type(
+ from->rrsets, LDNS_RR_TYPE_SOA);
cur_rrsets = from->rrsets;
while (cur_rrsets) {
- if (is_glue(cur_rrsets, from->rrsets)) {
- cur_rrsets = cur_rrsets->next;
- continue;
- }
- if (cur_rrsets->type != LDNS_RR_TYPE_RRSIG) {
+ /* Do not include non-authoritative rrsets on the delegation point
+ * in the type bitmap. Potentionally not skipping insecure
+ * delegation should have been done earlier, in function
+ * ldns_dnssec_zone_create_nsec3s, or even earlier in:
+ * ldns_dnssec_zone_sign_nsec3_flg .
+ */
+ if ((on_delegation_point && (
+ cur_rrsets->type == LDNS_RR_TYPE_NS
+ || cur_rrsets->type == LDNS_RR_TYPE_DS))
+ || (!on_delegation_point &&
+ cur_rrsets->type != LDNS_RR_TYPE_RRSIG)) {
+
types[type_count] = cur_rrsets->type;
type_count++;
}
@@ -1199,8 +1206,10 @@
uint8_t
ldns_nsec3_algorithm(const ldns_rr *nsec3_rr)
{
- if (nsec3_rr && ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3 &&
- ldns_rdf_size(ldns_rr_rdf(nsec3_rr, 0)) > 0
+ if (nsec3_rr &&
+ (ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3 ||
+ ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3PARAM)
+ && ldns_rdf_size(ldns_rr_rdf(nsec3_rr, 0)) > 0
) {
return ldns_rdf2native_int8(ldns_rr_rdf(nsec3_rr, 0));
}
@@ -1210,8 +1219,10 @@
uint8_t
ldns_nsec3_flags(const ldns_rr *nsec3_rr)
{
- if (nsec3_rr && ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3 &&
- ldns_rdf_size(ldns_rr_rdf(nsec3_rr, 1)) > 0
+ if (nsec3_rr &&
+ (ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3 ||
+ ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3PARAM)
+ && ldns_rdf_size(ldns_rr_rdf(nsec3_rr, 1)) > 0
) {
return ldns_rdf2native_int8(ldns_rr_rdf(nsec3_rr, 1));
}
@@ -1227,8 +1238,10 @@
uint16_t
ldns_nsec3_iterations(const ldns_rr *nsec3_rr)
{
- if (nsec3_rr && ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3 &&
- ldns_rdf_size(ldns_rr_rdf(nsec3_rr, 2)) > 0
+ if (nsec3_rr &&
+ (ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3 ||
+ ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3PARAM)
+ && ldns_rdf_size(ldns_rr_rdf(nsec3_rr, 2)) > 0
) {
return ldns_rdf2native_int16(ldns_rr_rdf(nsec3_rr, 2));
}
@@ -1239,7 +1252,10 @@
ldns_rdf *
ldns_nsec3_salt(const ldns_rr *nsec3_rr)
{
- if (nsec3_rr && ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3) {
+ if (nsec3_rr &&
+ (ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3 ||
+ ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3PARAM)
+ ) {
return ldns_rr_rdf(nsec3_rr, 3);
}
return NULL;
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/dnssec_sign.c
^
|
@@ -522,59 +522,148 @@
}
#endif /* HAVE_SSL */
-static int
-ldns_dnssec_name_has_only_a(ldns_dnssec_name *cur_name)
+/**
+ * Pushes all rrs from the rrsets of type A and AAAA on gluelist.
+ */
+static ldns_status
+ldns_dnssec_addresses_on_glue_list(
+ ldns_dnssec_rrsets *cur_rrset,
+ ldns_rr_list *glue_list)
{
- ldns_dnssec_rrsets *cur_rrset;
- cur_rrset = cur_name->rrsets;
+ ldns_dnssec_rrs *cur_rrs;
while (cur_rrset) {
- if (cur_rrset->type != LDNS_RR_TYPE_A &&
- cur_rrset->type != LDNS_RR_TYPE_AAAA) {
- return 0;
- } else {
- cur_rrset = cur_rrset->next;
+ if (cur_rrset->type == LDNS_RR_TYPE_A
+ || cur_rrset->type == LDNS_RR_TYPE_AAAA) {
+ for (cur_rrs = cur_rrset->rrs;
+ cur_rrs;
+ cur_rrs = cur_rrs->next) {
+ if (cur_rrs->rr) {
+ if (!ldns_rr_list_push_rr(glue_list,
+ cur_rrs->rr)) {
+ return LDNS_STATUS_MEM_ERR;
+ /* ldns_rr_list_push_rr()
+ * returns false when unable
+ * to increase the capacity
+ * of the ldsn_rr_list
+ */
+ }
+ }
+ }
}
+ cur_rrset = cur_rrset->next;
}
- return 1;
+ return LDNS_STATUS_OK;
}
+/**
+ * Marks the names in the zone that are occluded. Those names will be skipped
+ * when walking the tree with the ldns_dnssec_name_node_next_nonglue()
+ * function. But watch out! Names that are partially occluded (like glue with
+ * the same name as the delegation) will not be marked and should specifically
+ * be taken into account seperately.
+ *
+ * When glue_list is given (not NULL), in the process of marking the names, all
+ * glue resource records will be pushed to that list, even glue at delegation names.
+ *
+ * \param[in] zone the zone in which to mark the names
+ * \param[in] glue_list the list to which to push the glue rrs
+ * \return LDNS_STATUS_OK on success, an error code otherwise
+ */
ldns_status
-ldns_dnssec_zone_mark_glue(ldns_dnssec_zone *zone)
+ldns_dnssec_zone_mark_and_get_glue(ldns_dnssec_zone *zone,
+ ldns_rr_list *glue_list)
{
- ldns_rbnode_t *cur_node;
- ldns_dnssec_name *cur_name;
- ldns_rdf *cur_owner, *cur_parent;
+ ldns_rbnode_t *node;
+ ldns_dnssec_name *name;
+ ldns_rdf *owner;
+ ldns_rdf *cut = NULL; /* keeps track of zone cuts */
+ /* When the cut is caused by a delegation, below_delegation will be 1.
+ * When caused by a DNAME, below_delegation will be 0.
+ */
+ int below_delegation = -1; /* init suppresses comiler warning */
+ ldns_status s;
- cur_node = ldns_rbtree_first(zone->names);
- while (cur_node != LDNS_RBTREE_NULL) {
- cur_name = (ldns_dnssec_name *) cur_node->data;
- cur_node = ldns_rbtree_next(cur_node);
- if (ldns_dnssec_name_has_only_a(cur_name)) {
- /* assume glue XXX check for zone cur */
- cur_owner = ldns_rdf_clone(ldns_rr_owner(
- cur_name->rrsets->rrs->rr));
- while (ldns_dname_label_count(cur_owner) >
- ldns_dname_label_count(zone->soa->name)) {
- if (ldns_dnssec_zone_find_rrset(zone,
- cur_owner,
- LDNS_RR_TYPE_NS)) {
- /*
- fprintf(stderr, "[XX] Marking as glue: ");
- ldns_rdf_print(stderr, cur_name->name);
- fprintf(stderr, "\n");
- */
- cur_name->is_glue = true;
+ if (!zone || !zone->names) {
+ return LDNS_STATUS_NULL;
+ }
+ for (node = ldns_rbtree_first(zone->names);
+ node != LDNS_RBTREE_NULL;
+ node = ldns_rbtree_next(node)) {
+ name = (ldns_dnssec_name *) node->data;
+ owner = ldns_dnssec_name_name(name);
+
+ if (cut) {
+ /* The previous node was a zone cut, or a subdomain
+ * below a zone cut. Is this node (still) a subdomain
+ * below the cut? Then the name is occluded. Unless
+ * the name contains a SOA, after which we are
+ * authoritative again.
+ *
+ * FIXME! If there are labels in between the SOA and
+ * the cut, going from the authoritative space (below
+ * the SOA) up into occluded space again, will not be
+ * detected with the contruct below!
+ */
+ if (ldns_dname_is_subdomain(owner, cut) &&
+ !ldns_dnssec_rrsets_contains_type(
+ name->rrsets, LDNS_RR_TYPE_SOA)) {
+
+ if (below_delegation && glue_list) {
+ s = ldns_dnssec_addresses_on_glue_list(
+ name->rrsets, glue_list);
+ if (s != LDNS_STATUS_OK) {
+ return s;
+ }
}
- cur_parent = ldns_dname_left_chop(cur_owner);
- ldns_rdf_deep_free(cur_owner);
- cur_owner = cur_parent;
+ name->is_glue = true; /* Mark occluded name! */
+ continue;
+ } else {
+ cut = NULL;
}
- ldns_rdf_deep_free(cur_owner);
+ }
+
+ /* The node is not below a zone cut. Is it a zone cut itself?
+ * Everything below a SOA is authoritative of course; Except
+ * when the name also contains a DNAME :).
+ */
+ if (ldns_dnssec_rrsets_contains_type(
+ name->rrsets, LDNS_RR_TYPE_NS)
+ && !ldns_dnssec_rrsets_contains_type(
+ name->rrsets, LDNS_RR_TYPE_SOA)) {
+ cut = owner;
+ below_delegation = 1;
+ if (glue_list) { /* record glue on the zone cut */
+ s = ldns_dnssec_addresses_on_glue_list(
+ name->rrsets, glue_list);
+ if (s != LDNS_STATUS_OK) {
+ return s;
+ }
+ }
+ } else if (ldns_dnssec_rrsets_contains_type(
+ name->rrsets, LDNS_RR_TYPE_DNAME)) {
+ cut = owner;
+ below_delegation = 0;
}
}
return LDNS_STATUS_OK;
}
+/**
+ * Marks the names in the zone that are occluded. Those names will be skipped
+ * when walking the tree with the ldns_dnssec_name_node_next_nonglue()
+ * function. But watch out! Names that are partially occluded (like glue with
+ * the same name as the delegation) will not be marked and should specifically
+ * be taken into account seperately.
+ *
+ * \param[in] zone the zone in which to mark the names
+ * \return LDNS_STATUS_OK on success, an error code otherwise
+ */
+ldns_status
+ldns_dnssec_zone_mark_glue(ldns_dnssec_zone *zone)
+{
+ return ldns_dnssec_zone_mark_and_get_glue(zone, NULL);
+}
+
ldns_rbnode_t *
ldns_dnssec_name_node_next_nonglue(ldns_rbnode_t *node)
{
@@ -915,6 +1004,8 @@
size_t i;
+ int on_delegation_point = 0; /* handle partially occluded names */
+
ldns_rr_list *pubkey_list = ldns_rr_list_new();
zone = zone;
new_rrs = new_rrs;
@@ -930,6 +1021,10 @@
cur_name = (ldns_dnssec_name *) cur_node->data;
if (!cur_name->is_glue) {
+ on_delegation_point = ldns_dnssec_rrsets_contains_type(
+ cur_name->rrsets, LDNS_RR_TYPE_NS)
+ && !ldns_dnssec_rrsets_contains_type(
+ cur_name->rrsets, LDNS_RR_TYPE_SOA);
cur_rrset = cur_name->rrsets;
while (cur_rrset) {
/* reset keys to use */
@@ -959,20 +1054,15 @@
}
/* only sign non-delegation RRsets */
- /* (glue should have been marked earlier) */
- if ((ldns_rr_list_type(rr_list) != LDNS_RR_TYPE_NS ||
- ldns_dname_compare(ldns_rr_list_owner(rr_list),
- zone->soa->name) == 0) &&
- /* OK, there is also the possibility that the record
- * is glue, but at the same owner name as other records that
- * are not NS nor A/AAAA. Bleh, our current data structure
- * doesn't really support that... */
- !((ldns_rr_list_type(rr_list) == LDNS_RR_TYPE_A ||
- ldns_rr_list_type(rr_list) == LDNS_RR_TYPE_AAAA) &&
- !ldns_dname_compare(ldns_rr_list_owner(rr_list), zone->soa->name) == 0 &&
- ldns_dnssec_zone_find_rrset(zone, ldns_rr_list_owner(rr_list), LDNS_RR_TYPE_NS)
- )) {
-
+ /* (glue should have been marked earlier,
+ * except on the delegation points itself) */
+ if (!on_delegation_point ||
+ ldns_rr_list_type(rr_list)
+ == LDNS_RR_TYPE_DS ||
+ ldns_rr_list_type(rr_list)
+ == LDNS_RR_TYPE_NSEC ||
+ ldns_rr_list_type(rr_list)
+ == LDNS_RR_TYPE_NSEC3) {
siglist = ldns_sign_public(rr_list, key_list);
for (i = 0; i < ldns_rr_list_rr_count(siglist); i++) {
if (cur_rrset->signatures) {
@@ -1109,7 +1199,7 @@
uint8_t *salt,
int signflags)
{
- ldns_rr *nsec3, *nsec3params;
+ ldns_rr *nsec3, *nsec3param;
ldns_status result = LDNS_STATUS_OK;
/* zone is already sorted */
@@ -1134,13 +1224,13 @@
} else {
if (!ldns_dnssec_zone_find_rrset(zone,
zone->soa->name,
- LDNS_RR_TYPE_NSEC3PARAMS)) {
- /* create and add the nsec3params rr */
- nsec3params =
- ldns_rr_new_frm_type(LDNS_RR_TYPE_NSEC3PARAMS);
- ldns_rr_set_owner(nsec3params,
+ LDNS_RR_TYPE_NSEC3PARAM)) {
+ /* create and add the nsec3param rr */
+ nsec3param =
+ ldns_rr_new_frm_type(LDNS_RR_TYPE_NSEC3PARAM);
+ ldns_rr_set_owner(nsec3param,
ldns_rdf_clone(zone->soa->name));
- ldns_nsec3_add_param_rdfs(nsec3params,
+ ldns_nsec3_add_param_rdfs(nsec3param,
algorithm,
flags,
iterations,
@@ -1148,12 +1238,12 @@
salt);
/* always set bit 7 of the flags to zero, according to
* rfc5155 section 11 */
- ldns_set_bit(ldns_rdf_data(ldns_rr_rdf(nsec3params, 1)), 7, 0);
- result = ldns_dnssec_zone_add_rr(zone, nsec3params);
+ ldns_set_bit(ldns_rdf_data(ldns_rr_rdf(nsec3param, 1)), 7, 0);
+ result = ldns_dnssec_zone_add_rr(zone, nsec3param);
if (result != LDNS_STATUS_OK) {
return result;
}
- ldns_rr_list_push_rr(new_rrs, nsec3params);
+ ldns_rr_list_push_rr(new_rrs, nsec3param);
}
result = ldns_dnssec_zone_create_nsec3s(zone,
new_rrs,
@@ -1267,3 +1357,4 @@
}
#endif /* HAVE_SSL */
+
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/dnssec_verify.c
^
|
@@ -18,8 +18,11 @@
ldns_dnssec_data_chain *
ldns_dnssec_data_chain_new()
{
- ldns_dnssec_data_chain *nc = LDNS_XMALLOC(ldns_dnssec_data_chain, 1);
+ ldns_dnssec_data_chain *nc = LDNS_CALLOC(ldns_dnssec_data_chain, 1);
if(!nc) return NULL;
+ /*
+ * not needed anymore because CALLOC initalizes everything to zero.
+
nc->rrset = NULL;
nc->parent_type = 0;
nc->parent = NULL;
@@ -27,6 +30,8 @@
nc->packet_rcode = 0;
nc->packet_qtype = 0;
nc->packet_nodata = false;
+
+ */
return nc;
}
@@ -1398,12 +1403,13 @@
#ifdef HAVE_SSL
ldns_status
-ldns_dnssec_verify_denial_nsec3(ldns_rr *rr,
+ldns_dnssec_verify_denial_nsec3_match(ldns_rr *rr,
ldns_rr_list *nsecs,
ldns_rr_list *rrsigs,
ldns_pkt_rcode packet_rcode,
ldns_rr_type packet_qtype,
- bool packet_nodata)
+ bool packet_nodata,
+ ldns_rr **match)
{
ldns_rdf *closest_encloser;
ldns_rdf *wildcard;
@@ -1416,6 +1422,10 @@
rrsigs = rrsigs;
+ if (match) {
+ *match = NULL;
+ }
+
zone_name = ldns_dname_left_chop(ldns_rr_owner(ldns_rr_list_rr(nsecs,0)));
/* section 8.4 */
@@ -1442,6 +1452,9 @@
if (ldns_nsec_covers_name(ldns_rr_list_rr(nsecs, i),
hashed_wildcard_name)) {
wildcard_covered = true;
+ if (match) {
+ *match = ldns_rr_list_rr(nsecs, i);
+ }
}
ldns_rdf_deep_free(hashed_wildcard_name);
}
@@ -1474,6 +1487,9 @@
ldns_nsec3_bitmap(ldns_rr_list_rr(nsecs, i)),
LDNS_RR_TYPE_CNAME)) {
result = LDNS_STATUS_OK;
+ if (match) {
+ *match = ldns_rr_list_rr(nsecs, i);
+ }
goto done;
}
}
@@ -1500,6 +1516,9 @@
ldns_nsec3_bitmap(ldns_rr_list_rr(nsecs, i)),
LDNS_RR_TYPE_CNAME)) {
result = LDNS_STATUS_OK;
+ if (match) {
+ *match = ldns_rr_list_rr(nsecs, i);
+ }
goto done;
}
}
@@ -1513,6 +1532,22 @@
ldns_rdf_deep_free(zone_name);
return result;
}
+
+ldns_status
+ldns_dnssec_verify_denial_nsec3(ldns_rr *rr,
+ ldns_rr_list *nsecs,
+ ldns_rr_list *rrsigs,
+ ldns_pkt_rcode packet_rcode,
+ ldns_rr_type packet_qtype,
+ bool packet_nodata)
+{
+ return ldns_dnssec_verify_denial_nsec3_match(
+ rr, nsecs, rrsigs, packet_rcode,
+ packet_qtype, packet_nodata, NULL
+ );
+}
+
+
#endif /* HAVE_SSL */
#ifdef USE_GOST
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/dnssec_zone.c
^
|
@@ -297,10 +297,12 @@
{
ldns_dnssec_name *new_name;
- new_name = LDNS_MALLOC(ldns_dnssec_name);
+ new_name = LDNS_CALLOC(ldns_dnssec_name, 1);
if (!new_name) {
return NULL;
}
+ /*
+ * not needed anymore because CALLOC initalizes everything to zero.
new_name->name = NULL;
new_name->rrsets = NULL;
@@ -311,6 +313,7 @@
new_name->is_glue = false;
new_name->hashed_name = NULL;
+ */
return new_name;
}
@@ -375,6 +378,15 @@
return NULL;
}
+bool
+ldns_dnssec_name_is_glue(ldns_dnssec_name *name)
+{
+ if (name) {
+ return name->is_glue;
+ }
+ return false;
+}
+
void
ldns_dnssec_name_set_name(ldns_dnssec_name *rrset,
ldns_rdf *dname)
@@ -789,11 +801,11 @@
for (i = 1; i < next_label_count - soa_label_count; i++) {
lpos = (int)cur_label_count - (int)next_label_count + (int)i;
if (lpos >= 0) {
- l1 = ldns_dname_label(cur_name, (uint8_t)lpos);
+ l1 = ldns_dname_clone_from(cur_name, (uint8_t)lpos);
} else {
l1 = NULL;
}
- l2 = ldns_dname_label(next_name, i);
+ l2 = ldns_dname_clone_from(next_name, i);
if (!l1 || ldns_dname_compare(l1, l2) != 0) {
/* We have an empty nonterminal, add it to the
@@ -805,7 +817,7 @@
}
new_name->name = ldns_dname_clone_from(next_name,
i);
- if (!new_name) {
+ if (!new_name->name) {
ldns_dnssec_name_free(new_name);
return LDNS_STATUS_MEM_ERR;
}
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/doc/TODO
^
|
@@ -10,6 +10,9 @@
* ./configure --with-tools --with-drill (Bug #264)
* Drill: print appropriate DS RRs (relates to Bug #355)
* ldns-signzone optout to be really optout
+* Compression when generating wireformat. Preferably with a configurable
+ policy: refer only backwards, case sensitivity, only refer to other owner
+ names, etc.
Bugfixes:
* Bug #279: fix return values for net.h functions, and related: make return
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/drill/Makefile.in
^
|
@@ -37,6 +37,8 @@
# FreeBSD8
LINTFLAGS+="-D__uint16_t=uint16_t"
LINTFLAGS+=-D__signed__=signed "-D__packed=" "-D__aligned(x)="
+# Ubuntu Linux 11.04
+LINTFLAGS+="-D__u16=struct __u16" "-D__u32=struct __u32" "-D__u64=struct __u64"
OBJ=drill.o drill_util.o error.o root.o work.o chasetrace.o dnssec.o securetrace.o
SRC=$(OBJ:.o=.c)
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/drill/configure
^
|
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.68 for ldns 1.6.9.
+# Generated by GNU Autoconf 2.68 for ldns 1.6.10.
#
# Report bugs to <libdns@nlnetlabs.nl>.
#
@@ -560,8 +560,8 @@
# Identity of this package.
PACKAGE_NAME='ldns'
PACKAGE_TARNAME='libdns'
-PACKAGE_VERSION='1.6.9'
-PACKAGE_STRING='ldns 1.6.9'
+PACKAGE_VERSION='1.6.10'
+PACKAGE_STRING='ldns 1.6.10'
PACKAGE_BUGREPORT='libdns@nlnetlabs.nl'
PACKAGE_URL=''
@@ -1221,7 +1221,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures ldns 1.6.9 to adapt to many kinds of systems.
+\`configure' configures ldns 1.6.10 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1282,7 +1282,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of ldns 1.6.9:";;
+ short | recursive ) echo "Configuration of ldns 1.6.10:";;
esac
cat <<\_ACEOF
@@ -1378,7 +1378,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-ldns configure 1.6.9
+ldns configure 1.6.10
generated by GNU Autoconf 2.68
Copyright (C) 2010 Free Software Foundation, Inc.
@@ -1801,7 +1801,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by ldns $as_me 1.6.9, which was
+It was created by ldns $as_me 1.6.10, which was
generated by GNU Autoconf 2.68. Invocation command line was
$ $0 $@
@@ -5894,7 +5894,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by ldns $as_me 1.6.9, which was
+This file was extended by ldns $as_me 1.6.10, which was
generated by GNU Autoconf 2.68. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -5956,7 +5956,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-ldns config.status 1.6.9
+ldns config.status 1.6.10
configured by $0, generated by GNU Autoconf 2.68,
with options \\"\$ac_cs_config\\"
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/drill/configure.ac
^
|
@@ -2,7 +2,7 @@
# Process this file with autoconf to produce a configure script.
AC_PREREQ(2.56)
-AC_INIT(ldns, 1.6.9, libdns@nlnetlabs.nl,libdns)
+AC_INIT(ldns, 1.6.10, libdns@nlnetlabs.nl,libdns)
AC_CONFIG_SRCDIR([drill.c])
sinclude(../acx_nlnetlabs.m4)
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/drill/dnssec.c
^
|
@@ -215,6 +215,7 @@
} else if( (nsecs = ldns_pkt_rr_list_by_type(pkt, LDNS_RR_TYPE_NSEC3, LDNS_SECTION_ANY_NOQUESTION)) ) {
ldns_rr_list* sigs = ldns_pkt_rr_list_by_type(pkt, LDNS_RR_TYPE_RRSIG, LDNS_SECTION_ANY_NOQUESTION);
ldns_rr* q = ldns_rr_new();
+ ldns_rr* match = NULL;
if(!sigs) return LDNS_STATUS_MEM_ERR;
if(!q) return LDNS_STATUS_MEM_ERR;
ldns_rr_set_question(q, 1);
@@ -223,7 +224,11 @@
if(!ldns_rr_owner(q)) return LDNS_STATUS_MEM_ERR;
ldns_rr_set_type(q, type);
- result = ldns_dnssec_verify_denial_nsec3(q, nsecs, sigs, ldns_pkt_get_rcode(pkt), type, ldns_pkt_ancount(pkt) == 0);
+ /* result = ldns_dnssec_verify_denial_nsec3(q, nsecs, sigs, ldns_pkt_get_rcode(pkt), type, ldns_pkt_ancount(pkt) == 0); */
+ result = ldns_dnssec_verify_denial_nsec3_match(q, nsecs, sigs, ldns_pkt_get_rcode(pkt), type, ldns_pkt_ancount(pkt) == 0, &match);
+ if (result == LDNS_STATUS_OK && match && nsec_rrs && nsec_rr_sigs) {
+ (void) get_dnssec_rr(pkt, ldns_rr_owner(match), LDNS_RR_TYPE_NSEC3, nsec_rrs, nsec_rr_sigs);
+ }
ldns_rr_free(q);
ldns_rr_list_deep_free(nsecs);
ldns_rr_list_deep_free(sigs);
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/drill/securetrace.c
^
|
@@ -263,11 +263,6 @@
for(i = 2 ; i < (ssize_t)labels_count + 2; i++) {
labels[i] = ldns_dname_left_chop(labels[i - 1]);
}
- /* if no servers is given with @, start by asking local resolver */
- /* first part todo :) */
- for (i = 0; i < (ssize_t) ldns_resolver_nameserver_count(local_res); i++) {
- (void) ldns_resolver_push_nameserver(res, ldns_resolver_nameservers(local_res)[i]);
- }
/* get the nameserver for the label
* ask: dnskey and ds for the label
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/examples/Makefile.in
^
|
@@ -42,6 +42,8 @@
# FreeBSD8
LINTFLAGS+="-D__uint16_t=uint16_t"
LINTFLAGS+=-D__signed__=signed "-D__packed=" "-D__aligned(x)="
+# Ubuntu 11.04
+LINTFLAGS+="-D__u16=struct __u16" "-D__u32=struct __u32" "-D__u64=struct __u64"
HEADER = config.h
MAIN_SOURCES = ldns-read-zone.c \
@@ -62,6 +64,7 @@
ldns-notify.c \
ldns-testns.c \
ldns-compare-zones.c \
+ ldns-gen-zone.c \
ldnsd.c
MAIN_SSL_SOURCES = ldns-signzone.c \
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/examples/configure
^
|
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.68 for ldns 1.6.9.
+# Generated by GNU Autoconf 2.68 for ldns 1.6.10.
#
# Report bugs to <libdns@nlnetlabs.nl>.
#
@@ -560,8 +560,8 @@
# Identity of this package.
PACKAGE_NAME='ldns'
PACKAGE_TARNAME='libdns'
-PACKAGE_VERSION='1.6.9'
-PACKAGE_STRING='ldns 1.6.9'
+PACKAGE_VERSION='1.6.10'
+PACKAGE_STRING='ldns 1.6.10'
PACKAGE_BUGREPORT='libdns@nlnetlabs.nl'
PACKAGE_URL=''
@@ -1227,7 +1227,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures ldns 1.6.9 to adapt to many kinds of systems.
+\`configure' configures ldns 1.6.10 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1288,7 +1288,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of ldns 1.6.9:";;
+ short | recursive ) echo "Configuration of ldns 1.6.10:";;
esac
cat <<\_ACEOF
@@ -1387,7 +1387,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-ldns configure 1.6.9
+ldns configure 1.6.10
generated by GNU Autoconf 2.68
Copyright (C) 2010 Free Software Foundation, Inc.
@@ -1856,7 +1856,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by ldns $as_me 1.6.9, which was
+It was created by ldns $as_me 1.6.10, which was
generated by GNU Autoconf 2.68. Invocation command line was
$ $0 $@
@@ -6382,7 +6382,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by ldns $as_me 1.6.9, which was
+This file was extended by ldns $as_me 1.6.10, which was
generated by GNU Autoconf 2.68. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -6444,7 +6444,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-ldns config.status 1.6.9
+ldns config.status 1.6.10
configured by $0, generated by GNU Autoconf 2.68,
with options \\"\$ac_cs_config\\"
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/examples/configure.ac
^
|
@@ -2,7 +2,7 @@
# Process this file with autoconf to produce a configure script.
AC_PREREQ(2.56)
-AC_INIT(ldns, 1.6.9, libdns@nlnetlabs.nl,libdns)
+AC_INIT(ldns, 1.6.10, libdns@nlnetlabs.nl,libdns)
AC_CONFIG_SRCDIR([ldns-read-zone.c])
sinclude(../acx_nlnetlabs.m4)
|
[-]
[+]
|
Added |
ldns-1.6.10.tar.gz/examples/ldns-gen-zone.1
^
|
@@ -0,0 +1,98 @@
+.TH ldns-gen-zone 1 "10 June 2010"
+.SH NAME
+ldns-gen-zone \- read a zonefile and print it while adding DS records and extra RR's
+.SH SYNOPSIS
+.B ldns-gen-zone
+.IR ZONEFILE
+
+.SH DESCRIPTION
+
+\fBldns-gen-zone\fR reads a DNS zone file and prints it.
+
+It is build for speed, not for a nice formatting. The output
+has one resource record per line and no pretty-printing makeup.
+
+DNSSEC data (NSEC, NSEC3, RRSIG or DNSKEY) is not stripped. You may want to
+use \fBldns-read-zone\fR for that. Existing DS records are also not stripped.
+
+The idea is to use this tool for quickly generating a representative
+artificial zonefile from a real zonefile, to use it for testing purposes.
+
+.SH OPTIONS
+.TP
+\fB-a NUM\fR
+Adds NUM extra artificial NS RRSets to the output.
+The RRSets owner names start
+with 'xn--' in an attempt to ensure uniqueness (nl.-zone does not support
+IDN's - and this tool was written with that knowledge in mind).
+
+An artificial NS RRSet has two NS records; ns1.example.com and
+ns2.example.com.
+
+.TP
+\fB-p NUM\fR
+Add NUM% of DS RRSets to the NS RRSets (anywhere between
+1-4 DS records per RRSet).
+
+.TP
+\fB-o ORIGIN\fR
+Sets an $ORIGIN, which can be handy if the one in the zonefile
+is set to '@' for example. If there is an $ORIGIN in the zonefile,
+this option will silently be ignored.
+
+.TP
+\fB-s\fR
+This is the recommended way of processing large zones that
+are already sorted and canonicalized (ie lowercase). It skips the
+sorting and canonicalization step that is required for properly
+grouping RRSets together (before adding any DS records to them. Skipping
+this step will speed things up.
+
+It is not recommended to use this option if you want to add DS records
+to unsorted, non-canonicalized zones.
+
+.TP
+\fB-h\fR
+Show usage and exit.
+
+.TP
+\fB-v\fR
+Show version and exit.
+
+.SH EXAMPLES
+
+.TP
+\fBldns-gen-zone -a 100000 -p 10 -s ./zonefile.txt\fR
+Read a zonefile, add 100.000 artificial NS RRSets and 10% of DS records,
+print it to standard output. Don't sort (will only work well if the input
+zonefile is already sorted and canonicalized).
+
+.TP
+\fBldns-gen-zone -p 10 -s -o nl zonefile.txt | named-compilezone -s relative -i none -o zonefile_10.txt nl /dev/stdin\fR
+This creates a nicely formatted zone file with the help of \fBnamed-compilezone\fR.
+It adds 10% DS records to the .nl zone, reformats it and saves it as \fBzonefile_10.txt\fR.
+
+.SH AUTHOR
+Initially written by Marco Davids, several modifications added by Miek
+Gieben, both from SIDN.
+
+.SH REPORTING BUGS
+Report bugs to <ldns-team@nlnetlabs.nl>.
+
+.SH BUGS
+Only undiscovered ones.
+
+.SH CAVEATS
+May require a machine with a considerable amount of memory for large zone files.
+
+Fake DS records hashes are generated as digest type SHA-256 (RFC4509). Be aware not to change
+the DIGESTTYPE #define in the source code in anything else but 2 if you want
+to keep things realistic.
+
+Despite a number of efforts, this program is still not the fastest in the
+world.
+
+.SH COPYRIGHT
+Copyright (C) 2010 SIDN. This is free software. There is NO
+warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
+PURPOSE.
|
[-]
[+]
|
Added |
ldns-1.6.10.tar.gz/examples/ldns-gen-zone.c
^
|
@@ -0,0 +1,310 @@
+/*
+ * Reads a zone file from disk and prints it to stdout, one RR per line.
+ * Adds artificial DS records and RRs.
+ * For the purpose of generating a test zone file
+ *
+ * (c) SIDN 2010/2011 - Marco Davids/Miek Gieben
+ *
+ * See the LICENSE file for the license
+ */
+
+#include "config.h"
+#include <unistd.h>
+#include <stdlib.h>
+#include <ldns/ldns.h>
+#include <errno.h>
+
+#define NUM_DS 4 /* maximum of 4 DS records per delegation */
+#define ALGO 8 /* Algorithm to use for fake DS records - RSASHA256 - RFC5702 */
+#define DIGESTTYPE 2 /* Digest type to use for fake DS records - SHA-256 - RFC 4509 */
+
+
+/**
+ * Usage function.
+ *
+ */
+static void
+usage(FILE *fp, char *prog) {
+ fprintf(fp, "\n\nUsage: %s [-hsv] [-ap NUM] [-o ORIGIN] [<zonefile>]\n", prog);
+ fprintf(fp, "\tReads a zonefile and add some artificial NS RRsets and DS records.\n");
+ fprintf(fp, "\tIf no zonefile is given, the zone is read from stdin.\n");
+ fprintf(fp, "\t-a <NUM> add NUM artifical delegations (NS RRSets) to output.\n");
+ fprintf(fp, "\t-p <NUM> add NUM percent of DS RRset's to the NS RRsets (1-%d RR's per DS RRset).\n", NUM_DS);
+ fprintf(fp, "\t-o ORIGIN sets an $ORIGIN, which can be handy if the one in the zonefile is set to @.\n");
+ fprintf(fp, "\t-s if input zone file is already sorted and canonicalized (ie all lowercase),\n\t use this option to speed things up while inserting DS records.\n");
+ fprintf(fp, "\t-h show this text.\n");
+ fprintf(fp, "\t-v shows the version and exits.\n");
+ fprintf(fp, "\nif no file is given standard input is read.\n\n");
+}
+
+/**
+ * Insert the DS records, return the amount added.
+ *
+ */
+static int
+insert_ds(ldns_rdf *dsowner, uint32_t ttl)
+{
+ int d, dsrand;
+ int keytag = 0;
+ char *dsownerstr;
+ char digeststr[70];
+
+ /**
+ * Average the amount of DS records per delegation a little.
+ */
+ dsrand = 1+rand() % NUM_DS;
+ for(d = 0; d < dsrand; d++) {
+ keytag = 1+rand() % 65535;
+ /**
+ * Dynamic hashes method below is still too slow... 20% slower than a fixed string...
+ *
+ * We assume RAND_MAX is 32 bit, http://www.gnu.org/s/libc/manual/html_node/ISO-Random.html
+ * 2147483647 or 0x7FFFFFFF
+ */
+ snprintf(digeststr, 65,
+ "%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x",
+ (unsigned) rand()%RAND_MAX, (unsigned) rand()%RAND_MAX, (unsigned) rand()%RAND_MAX,
+ (unsigned) rand()%RAND_MAX, (unsigned) rand()%RAND_MAX, (unsigned) rand()%RAND_MAX,
+ (unsigned) rand()%RAND_MAX, (unsigned) rand()%RAND_MAX, (unsigned) rand()%RAND_MAX,
+ (unsigned) rand()%RAND_MAX, (unsigned) rand()%RAND_MAX, (unsigned) rand()%RAND_MAX,
+ (unsigned) rand()%RAND_MAX, (unsigned) rand()%RAND_MAX, (unsigned) rand()%RAND_MAX,
+ (unsigned) rand()%RAND_MAX);
+ dsownerstr = ldns_rdf2str(dsowner);
+ fprintf(stdout, "%s\t%u\tIN\tDS\t%d %d %d %s\n", dsownerstr, (unsigned) ttl, keytag, ALGO, DIGESTTYPE, digeststr);
+ }
+ return dsrand;
+}
+
+int
+main(int argc, char **argv) {
+ char *filename, *rrstr, *ownerstr;
+ char *classtypestr1 = "IN NS ns1.example.com.";
+ char *classtypestr2 = "IN NS ns2.example.com.";
+ const size_t classtypelen = strlen(classtypestr1);
+ /* Simply because this was developed by SIDN and we don't use xn-- for .nl :-) */
+ const char *punystr = "xn--fake-rr";
+ const size_t punylen = strlen(punystr);
+ size_t rrstrlen, ownerlen;
+ FILE *fp;
+ int c, nsrand;
+ uint32_t ttl;
+ int counta,countd,countr;
+ ldns_zone *z;
+ ldns_rdf *origin = NULL;
+ int line_nr = 0;
+ int addrrs = 0;
+ int dsperc = 0;
+ bool canonicalize = true;
+ bool sort = true;
+ bool do_ds = false;
+ ldns_status s;
+ size_t i;
+ ldns_rr_list *rrset_list;
+ ldns_rdf *owner;
+ ldns_rr_type cur_rr_type;
+ ldns_rr *cur_rr;
+ ldns_status status;
+
+ counta = countd = countr = 0;
+
+ /**
+ * Set some random seed.
+ */
+ srand((unsigned int)time(NULL));
+
+ /**
+ * Commandline options.
+ */
+ while ((c = getopt(argc, argv, "a:p:shvo:")) != -1) {
+ switch (c) {
+ case 'a':
+ addrrs = atoi(optarg);
+ if (addrrs <= 0) {
+ fprintf(stderr, "error\n");
+ exit(EXIT_FAILURE);
+ }
+ break;
+ case 'o':
+ origin = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, optarg);
+ if (!origin) {
+ fprintf(stderr, "error: creating origin from -o %s failed.\n", optarg);
+ exit(EXIT_FAILURE);
+ }
+ break;
+ case 'p':
+ dsperc = atoi(optarg);
+ if (dsperc <= 0 || dsperc > 100) {
+ fprintf(stderr, "error: percentage of signed delegations must be between [0-100].\n");
+ exit(EXIT_FAILURE);
+ }
+ do_ds = true;
+ break;
+ case 's':
+ sort = false;
+ canonicalize = false;
+ break;
+ case 'h':
+ usage(stdout, argv[0]);
+ exit(EXIT_SUCCESS);
+ case 'v':
+ fprintf(stdout, "ldns-gen-zone version %s (ldns version %s)\n", LDNS_VERSION, ldns_version());
+ exit(EXIT_SUCCESS);
+ default:
+ fprintf(stderr, "\nTry -h for more information.\n\n");
+ exit(EXIT_FAILURE);
+ }
+ }
+ argc -= optind;
+ argv += optind;
+
+ /**
+ * Read zone.
+ */
+ if (argc == 0) {
+ fp = stdin;
+ } else {
+ filename = argv[0];
+ fp = fopen(filename, "r");
+ if (!fp) {
+ fprintf(stderr, "Unable to open %s: %s\n", filename, strerror (errno));
+ exit(EXIT_FAILURE);
+ }
+ }
+ s = ldns_zone_new_frm_fp_l(&z, fp, origin, 0, LDNS_RR_CLASS_IN, &line_nr);
+ if (s != LDNS_STATUS_OK) {
+ fprintf(stderr, "%s at %d\n", ldns_get_errorstr_by_id(s), line_nr);
+ exit(EXIT_FAILURE);
+ }
+ if (!ldns_zone_soa(z)) {
+ fprintf(stderr, "No zone data seen\n");
+ exit(EXIT_FAILURE);
+ }
+
+ ttl = ldns_rr_ttl(ldns_zone_soa(z));
+ if (!origin) {
+ origin = ldns_rr_owner(ldns_zone_soa(z));
+ // Check for root (.) origin here TODO(MG)
+ }
+ ownerstr = ldns_rdf2str(origin);
+ if (!ownerstr) {
+ fprintf(stderr, "ldns_rdf2str(origin) failed\n");
+ exit(EXIT_FAILURE);
+ }
+ ownerlen = strlen(ownerstr);
+
+ ldns_rr_print(stdout, ldns_zone_soa(z));
+
+ if (addrrs > 0) {
+ while (addrrs > counta) {
+ counta++;
+ rrstrlen = punylen + ownerlen + classtypelen + 4;
+ rrstrlen *= 2; /* estimate */
+ rrstr = (char*)malloc(rrstrlen);
+ if (!rrstr) {
+ fprintf(stderr, "malloc() failed: Out of memory\n");
+ exit(EXIT_FAILURE);
+ }
+ (void)snprintf(rrstr, rrstrlen, "%s%d.%s %u %s", punystr, counta,
+ ownerstr, (unsigned) ttl, classtypestr1);
+ status = ldns_rr_new_frm_str(&cur_rr, rrstr, 0, NULL, NULL);
+ if (status == LDNS_STATUS_OK) {
+ ldns_rr_print(stdout, cur_rr);
+ ldns_rr_free(cur_rr);
+ } else {
+ fprintf(stderr, "ldns_rr_new_frm_str() failed\n");
+ exit(EXIT_FAILURE);
+ }
+
+ (void)snprintf(rrstr, rrstrlen, "%s%d.%s %u %s", punystr, counta,
+ ownerstr, (unsigned) ttl, classtypestr2);
+ status = ldns_rr_new_frm_str(&cur_rr, rrstr, 0, NULL, NULL);
+ if (status == LDNS_STATUS_OK) {
+ ldns_rr_print(stdout, cur_rr);
+ } else {
+ fprintf(stderr, "ldns_rr_new_frm_str() failed\n");
+ exit(EXIT_FAILURE);
+ }
+
+ free(rrstr);
+
+ /* may we add a DS record as well? */
+ if (do_ds) {
+ /*
+ * Per definition this may not be the same as the origin, so no
+ * check required same for NS check - so the only thing left is some
+ * randomization.
+ */
+ nsrand = rand() % 100;
+ if (nsrand < dsperc) {
+ owner = ldns_rr_owner(cur_rr);
+ ttl = ldns_rr_ttl(cur_rr);
+ countd += insert_ds(owner, ttl);
+ }
+ }
+ ldns_rr_free(cur_rr);
+ }
+ }
+
+ if (!do_ds) {
+ ldns_rr_list_print(stdout, ldns_zone_rrs(z));
+ } else {
+ /*
+ * We use dns_rr_list_pop_rrset and that requires a sorted list weird things may happen
+ * if the -s option was used on unsorted, non-canonicalized input
+ */
+ if (canonicalize) {
+ ldns_rr2canonical(ldns_zone_soa(z));
+ for (i = 0; i < ldns_rr_list_rr_count(ldns_zone_rrs(z)); i++) {
+ ldns_rr2canonical(ldns_rr_list_rr(ldns_zone_rrs(z), i));
+ }
+ }
+
+ if (sort) {
+ ldns_zone_sort(z);
+ }
+
+ /* Work on a per RRset basis for DS records - weird things will happen if the -s option
+ * was used in combination with an unsorted zone file
+ */
+ while((rrset_list = ldns_rr_list_pop_rrset(ldns_zone_rrs(z)))) {
+ owner = ldns_rr_list_owner(rrset_list);
+ cur_rr_type = ldns_rr_list_type(rrset_list);
+ /**
+ * Print them...
+ */
+ cur_rr = ldns_rr_list_pop_rr(rrset_list);
+ while (cur_rr) {
+ ttl = ldns_rr_ttl(cur_rr);
+ fprintf(stdout, "%s", ldns_rr2str(cur_rr));
+ cur_rr = ldns_rr_list_pop_rr(rrset_list);
+ }
+ /*
+ * And all the way at the end a DS record if
+ * we are dealing with an NS rrset
+ */
+ nsrand = rand() % 100;
+ if (nsrand == 0) {
+ nsrand = 100;
+ }
+
+ if ((cur_rr_type == LDNS_RR_TYPE_NS) &&
+ (ldns_rdf_compare(owner, origin) != 0) && (nsrand < dsperc)) {
+ /**
+ * No DS records for the $ORIGIN, only for delegations, obey dsperc.
+ */
+ countr++;
+ countd += insert_ds(owner, ttl);
+ }
+ ldns_rr_list_free(rrset_list);
+ ldns_rdf_free(owner);
+ }
+ }
+
+ /**
+ * And done...
+ */
+ fclose(fp);
+ fprintf(stdout, ";; Added %d DS records (percentage was %d) to %d NS RRset's (from input-zone: %d, from added: %d)\n;; lines in original input-zone: %d\n",
+ countd, dsperc, counta + countr, countr, counta, line_nr);
+ exit(EXIT_SUCCESS);
+}
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/examples/ldns-read-zone.c
^
|
@@ -102,7 +102,7 @@
if (cur_rr_type == LDNS_RR_TYPE_RRSIG ||
cur_rr_type == LDNS_RR_TYPE_NSEC ||
cur_rr_type == LDNS_RR_TYPE_NSEC3 ||
- cur_rr_type == LDNS_RR_TYPE_NSEC3PARAMS
+ cur_rr_type == LDNS_RR_TYPE_NSEC3PARAM
) {
ldns_rr_free(cur_rr);
} else {
@@ -119,7 +119,7 @@
if (cur_rr_type == LDNS_RR_TYPE_RRSIG ||
cur_rr_type == LDNS_RR_TYPE_NSEC ||
cur_rr_type == LDNS_RR_TYPE_NSEC3 ||
- cur_rr_type == LDNS_RR_TYPE_NSEC3PARAMS
+ cur_rr_type == LDNS_RR_TYPE_NSEC3PARAM
) {
ldns_rr_list_push_rr(stripped_list, cur_rr);
} else {
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/examples/ldns-rrsig.c
^
|
@@ -34,10 +34,11 @@
uint8_t i, j;
ldns_rr_type t;
char * type_name;
- time_t incep, expir;
+ struct tm incep, expir;
char incep_buf[26];
char expir_buf[26];
ldns_status s;
+ time_t now = time(NULL);
p = NULL;
rrsig = NULL;
@@ -178,19 +179,30 @@
}
for(i = 0; i < ldns_rr_list_rr_count(rrsig_type); i++) {
- incep = ldns_rdf2native_time_t(
- ldns_rr_rrsig_inception(
- ldns_rr_list_rr(rrsig_type, i)));
- expir = ldns_rdf2native_time_t(
- ldns_rr_rrsig_expiration(
- ldns_rr_list_rr(rrsig_type, i)));
-
- /* convert to human readable */
- ctime_r(&incep, incep_buf);
- ctime_r(&expir, expir_buf);
- /* kill the newline */
- incep_buf[24] = '\0';
- expir_buf[24] = '\0';
+ memset(&incep, 0, sizeof(incep));
+ if (ldns_serial_arithmitics_gmtime_r(
+ ldns_rdf2native_time_t(
+ ldns_rr_rrsig_inception(
+ ldns_rr_list_rr(rrsig_type, i))),
+ now, &incep
+ )
+ && asctime_r(&incep, incep_buf)) {
+ incep_buf[24] = '\0';
+ } else {
+ incep_buf[0] = '\0';
+ }
+ memset(&expir, 0, sizeof(expir));
+ if (ldns_serial_arithmitics_gmtime_r(
+ ldns_rdf2native_time_t(
+ ldns_rr_rrsig_expiration(
+ ldns_rr_list_rr(rrsig_type, i))),
+ now, &expir
+ )
+ && asctime_r(&expir, expir_buf)) {
+ expir_buf[24] = '\0';
+ } else {
+ expir_buf[0] = '\0';
+ }
fprintf(stdout, "%s RRSIG(%s): %s - %s\n",
argv[1], type_name, incep_buf, expir_buf);
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/examples/ldns-test-edns.c
^
|
@@ -215,7 +215,7 @@
int
main(int argc, char **argv)
{
- int i, r, info=0, ok=0;
+ int i, r=0, info=0, ok=0;
#ifdef USE_WINSOCK
WSADATA wsa_data;
if(WSAStartup(MAKEWORD(2,2), &wsa_data) != 0) {
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/examples/ldns-verify-zone.c
^
|
@@ -21,21 +21,6 @@
int verbosity = 3;
-/* returns 1 if the list is empty, or if there are only ns rrs in the
- * list, 0 otherwise */
-static int
-only_ns_in_rrsets(ldns_dnssec_rrsets *rrsets) {
- ldns_dnssec_rrsets *cur_rrset = rrsets;
-
- while (cur_rrset) {
- if (cur_rrset->type != LDNS_RR_TYPE_NS) {
- return 0;
- }
- cur_rrset = cur_rrset->next;
- }
- return 1;
-}
-
static int
zone_is_nsec3_optout(ldns_rbtree_t *zone_nodes)
{
@@ -144,8 +129,7 @@
verify_dnssec_rrset(ldns_rdf *zone_name,
ldns_rdf *name,
ldns_dnssec_rrsets *rrset,
- ldns_rr_list *keys,
- ldns_rr_list *glue_rrs)
+ ldns_rr_list *keys)
{
ldns_rr_list *rrset_rrs;
ldns_dnssec_rrs *cur_rr, *cur_sig;
@@ -357,29 +341,10 @@
}
}
-static ldns_rbnode_t *
-next_nonglue_node(ldns_rbnode_t *node, ldns_rr_list *glue_rrs)
-{
- ldns_rbnode_t *cur_node = ldns_rbtree_next(node);
- ldns_dnssec_name *cur_name;
- while (cur_node != LDNS_RBTREE_NULL) {
- cur_name = (ldns_dnssec_name *) cur_node->data;
- if (cur_name && cur_name->name) {
- if (!ldns_rr_list_contains_name(glue_rrs, cur_name->name)) {
- return cur_node;
- }
- }
- cur_node = ldns_rbtree_next(cur_node);
- }
- return LDNS_RBTREE_NULL;
-}
-
static ldns_status
verify_nsec(ldns_rbtree_t *zone_nodes,
ldns_rbnode_t *cur_node,
- ldns_rr_list *keys,
- ldns_rr_list *glue_rrs
-)
+ ldns_rr_list *keys)
{
ldns_rbnode_t *next_node;
ldns_dnssec_name *name, *next_name;
@@ -409,10 +374,11 @@
switch (ldns_rr_get_type(name->nsec)) {
case LDNS_RR_TYPE_NSEC:
/* simply try next name */
- next_node = next_nonglue_node(cur_node, glue_rrs);
+ next_node = ldns_rbtree_next(cur_node);
if (next_node == LDNS_RBTREE_NULL) {
next_node = ldns_rbtree_first(zone_nodes);
}
+ next_node = ldns_dnssec_name_node_next_nonglue(next_node);
next_name = (ldns_dnssec_name *)next_node->data;
if (ldns_dname_compare(next_name->name,
ldns_rr_rdf(name->nsec, 0))
@@ -420,6 +386,13 @@
printf("Error: the NSEC record for ");
ldns_rdf_print(stdout, name->name);
printf(" points to the wrong next owner name\n");
+ if (verbosity >= 4) {
+ printf(" : ");
+ ldns_rdf_print(stdout,ldns_rr_rdf(name->nsec, 0));
+ printf(" i.s.o. ");
+ ldns_rdf_print(stdout, next_name->name);
+ printf(".\n");
+ }
if (result == LDNS_STATUS_OK) {
result = LDNS_STATUS_ERR;
}
@@ -442,7 +415,14 @@
} else {
/* todo; do this once and cache result? */
if (zone_is_nsec3_optout(zone_nodes) &&
- only_ns_in_rrsets(name->rrsets)) {
+ ( ldns_dnssec_name_is_glue(name)
+ || (
+ ldns_dnssec_rrsets_contains_type(
+ name->rrsets, LDNS_RR_TYPE_NS)
+ && !ldns_dnssec_rrsets_contains_type(
+ name->rrsets, LDNS_RR_TYPE_DS)
+ )
+ )) {
/* ok, no problem, but we need to remember to check
* whether the chain does not actually point to this
* name later */
@@ -460,34 +440,18 @@
return result;
}
-static int
-ldns_dnssec_name_has_only_a(ldns_dnssec_name *cur_name)
-{
- ldns_dnssec_rrsets *cur_rrset;
- cur_rrset = cur_name->rrsets;
- while (cur_rrset) {
- if (cur_rrset->type != LDNS_RR_TYPE_A &&
- cur_rrset->type != LDNS_RR_TYPE_AAAA) {
- return 0;
- } else {
- cur_rrset = cur_rrset->next;
- }
- }
- return 1;
-}
-
static ldns_status
verify_dnssec_name(ldns_rdf *zone_name,
ldns_dnssec_zone *zone,
ldns_rbtree_t *zone_nodes,
ldns_rbnode_t *cur_node,
- ldns_rr_list *keys,
- ldns_rr_list *glue_rrs)
+ ldns_rr_list *keys)
{
ldns_status result = LDNS_STATUS_OK;
ldns_status status;
ldns_dnssec_rrsets *cur_rrset;
ldns_dnssec_name *name;
+ int on_delegation_point;
/* for NSEC chain checks */
name = (ldns_dnssec_name *) cur_node->data;
@@ -497,9 +461,7 @@
printf("\n");
}
- if (ldns_rr_list_contains_name(glue_rrs, name->name) &&
- ldns_dnssec_name_has_only_a(name)
- ) {
+ if (ldns_dnssec_name_is_glue(name)) {
/* glue */
cur_rrset = name->rrsets;
while (cur_rrset) {
@@ -525,11 +487,26 @@
}
} else {
/* not glue, do real verify */
+
+ on_delegation_point = ldns_dnssec_rrsets_contains_type(
+ name->rrsets, LDNS_RR_TYPE_NS)
+ && !ldns_dnssec_rrsets_contains_type(
+ name->rrsets, LDNS_RR_TYPE_SOA);
+
cur_rrset = name->rrsets;
while(cur_rrset) {
- if (cur_rrset->type != LDNS_RR_TYPE_A ||
- !ldns_dnssec_zone_find_rrset(zone, name->name, LDNS_RR_TYPE_NS)) {
- status = verify_dnssec_rrset(zone_name, name->name, cur_rrset, keys, glue_rrs);
+
+ /* Do not check occluded rrsets
+ * on the delegation point
+ */
+ if ( ( on_delegation_point && (
+ cur_rrset->type == LDNS_RR_TYPE_NS
+ || cur_rrset->type == LDNS_RR_TYPE_DS))
+ || (!on_delegation_point &&
+ cur_rrset->type != LDNS_RR_TYPE_RRSIG
+ && cur_rrset->type != LDNS_RR_TYPE_NSEC)) {
+
+ status = verify_dnssec_rrset(zone_name, name->name, cur_rrset, keys);
if (status != LDNS_STATUS_OK && result == LDNS_STATUS_OK) {
result = status;
}
@@ -537,7 +514,7 @@
cur_rrset = cur_rrset->next;
}
- status = verify_nsec(zone_nodes, cur_node, keys, glue_rrs);
+ status = verify_nsec(zone_nodes, cur_node, keys);
if (result == LDNS_STATUS_OK) {
result = status;
}
@@ -547,9 +524,7 @@
static ldns_status
verify_dnssec_zone(ldns_dnssec_zone *dnssec_zone,
- ldns_rdf *zone_name,
- ldns_rr_list *glue_rrs)
-{
+ ldns_rdf *zone_name) {
ldns_rr_list *keys;
ldns_rbnode_t *cur_node;
ldns_dnssec_rrsets *cur_key_rrset;
@@ -591,8 +566,7 @@
dnssec_zone,
dnssec_zone->names,
cur_node,
- keys,
- glue_rrs);
+ keys);
if (status != LDNS_STATUS_OK && result == LDNS_STATUS_OK) {
result = status;
}
@@ -615,7 +589,6 @@
ldns_status s;
ldns_dnssec_zone *dnssec_zone;
ldns_status result = LDNS_STATUS_ERR;
- ldns_rr_list *glue_rrs;
while ((c = getopt(argc, argv, "hvV:")) != -1) {
switch(c) {
@@ -669,16 +642,20 @@
exit(1);
}
- glue_rrs = ldns_zone_glue_rr_list(z);
dnssec_zone = create_dnssec_zone(z);
+ result = ldns_dnssec_zone_mark_glue(dnssec_zone);
+ if (result != LDNS_STATUS_OK) {
+ if (verbosity >= 1) {
+ printf("There were errors identifying the glue in the zone\n");
+ }
+ }
if (verbosity >= 5) {
ldns_dnssec_zone_print(stdout, dnssec_zone);
}
result = verify_dnssec_zone(dnssec_zone,
- ldns_rr_owner(ldns_zone_soa(z)),
- glue_rrs);
+ ldns_rr_owner(ldns_zone_soa(z)));
if (result == LDNS_STATUS_OK) {
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/host2str.c
^
|
@@ -330,13 +330,12 @@
ldns_rdf2buffer_str_time(ldns_buffer *output, const ldns_rdf *rdf)
{
/* create a YYYYMMDDHHMMSS string if possible */
- time_t data_time = (time_t) ldns_read_uint32(ldns_rdf_data(rdf));
struct tm tm;
char date_buf[16];
memset(&tm, 0, sizeof(tm));
-
- if (gmtime_r(&data_time, &tm) && strftime(date_buf, 15, "%Y%m%d%H%M%S", &tm)) {
+ if (ldns_serial_arithmitics_gmtime_r(ldns_rdf2native_int32(rdf), time(NULL), &tm)
+ && strftime(date_buf, 15, "%Y%m%d%H%M%S", &tm)) {
ldns_buffer_printf(output, "%s", date_buf);
}
return ldns_buffer_status(output);
|
[-]
[+]
|
Added |
ldns-1.6.10.tar.gz/ldns/common.h.in
^
|
@@ -0,0 +1,69 @@
+/**
+ * \file common.h
+ *
+ * Common definitions for LDNS
+ */
+
+/**
+ * a Net::DNS like library for C
+ *
+ * (c) NLnet Labs, 2004-2006
+ *
+ * See the file LICENSE for the license
+ */
+
+#ifndef LDNS_COMMON_H
+#define LDNS_COMMON_H
+
+/*
+ * The build configuration that is used in the distributed headers,
+ * as detected and determined by the auto configure script.
+ */
+#define LDNS_BUILD_CONFIG_HAVE_SSL @ldns_build_config_have_ssl@
+#define LDNS_BUILD_CONFIG_USE_ECDSA @ldns_build_config_use_ecdsa@
+#define LDNS_BUILD_CONFIG_HAVE_INTTYPES_H @ldns_build_config_have_inttypes_h@
+#define LDNS_BUILD_CONFIG_HAVE_ATTR_FORMAT @ldns_build_config_have_attr_format@
+#define LDNS_BUILD_CONFIG_HAVE_ATTR_UNUSED @ldns_build_config_have_attr_unused@
+
+/*
+ * HAVE_STDBOOL_H is not available when distributed as a library, but no build
+ * configuration variables may be used (like those above) because the header
+ * is sometimes only available when using special compiler flags to enable the
+ * c99 environment. Because we cannot force the usage of this flag, we have to
+ * provide a default type. Below what is suggested by the autoconf manual.
+ */
+/*@ignore@*/
+/* splint barfs on this construct */
+#ifdef HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# ifndef HAVE__BOOL
+# ifdef __cplusplus
+typedef bool _Bool;
+# else
+# define _Bool signed char
+# endif
+# endif
+# define bool _Bool
+# define false 0
+# define true 1
+# define __bool_true_false_are_defined 1
+#endif
+/*@end@*/
+
+#if LDNS_BUILD_CONFIG_HAVE_ATTR_FORMAT
+#define ATTR_FORMAT(archetype, string_index, first_to_check) \
+ __attribute__ ((format (archetype, string_index, first_to_check)))
+#else /* !LDNS_BUILD_CONFIG_HAVE_ATTR_FORMAT */
+#define ATTR_FORMAT(archetype, string_index, first_to_check) /* empty */
+#endif /* !LDNS_BUILD_CONFIG_HAVE_ATTR_FORMAT */
+
+#if defined(__cplusplus)
+#define ATTR_UNUSED(x)
+#elif LDNS_BUILD_CONFIG_HAVE_ATTR_UNUSED
+#define ATTR_UNUSED(x) x __attribute__((unused))
+#else /* !LDNS_BUILD_CONFIG_HAVE_ATTR_UNUSED */
+#define ATTR_UNUSED(x) x
+#endif /* !LDNS_BUILD_CONFIG_HAVE_ATTR_UNUSED */
+
+#endif /* LDNS_COMMON_H */
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/ldns/config.h.in
^
|
@@ -24,6 +24,12 @@
/* Define to 1 if you have the `b64_pton' function. */
#undef HAVE_B64_PTON
+/* Define to 1 if you have the `bzero' function. */
+#undef HAVE_BZERO
+
+/* Define to 1 if you have the `calloc' function. */
+#undef HAVE_CALLOC
+
/* Define to 1 if you have the `ctime_r' function. */
#undef HAVE_CTIME_R
@@ -93,6 +99,9 @@
/* Define to 1 if you have the <memory.h> header file. */
#undef HAVE_MEMORY_H
+/* Define to 1 if you have the `memset' function. */
+#undef HAVE_MEMSET
+
/* Define to 1 if you have the <netdb.h> header file. */
#undef HAVE_NETDB_H
@@ -130,7 +139,7 @@
/* Define to 1 if you have the <stdarg.h> header file. */
#undef HAVE_STDARG_H
-/* Define to 1 if you have the <stdbool.h> header file. */
+/* Define to 1 if stdbool.h conforms to C99. */
#undef HAVE_STDBOOL_H
/* Define to 1 if you have the <stdint.h> header file. */
@@ -184,6 +193,9 @@
/* Define to 1 if you have the <ws2tcpip.h> header file. */
#undef HAVE_WS2TCPIP_H
+/* Define to 1 if the system has the type `_Bool'. */
+#undef HAVE__BOOL
+
/* Define to the sub-directory in which libtool stores uninstalled libraries.
*/
#undef LT_OBJDIR
@@ -206,6 +218,9 @@
/* Define to the version of this package. */
#undef PACKAGE_VERSION
+/* The size of `time_t', as computed by sizeof. */
+#undef SIZEOF_TIME_T
+
/* Define to 1 if you have the ANSI C header files. */
#undef STDC_HEADERS
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/ldns/dnssec.h
^
|
@@ -23,11 +23,11 @@
#ifndef LDNS_DNSSEC_H
#define LDNS_DNSSEC_H
-#ifdef HAVE_SSL
+#include <ldns/common.h>
+#if LDNS_BUILD_CONFIG_HAVE_SSL
#include <openssl/ssl.h>
#include <openssl/evp.h>
-#endif /* HAVE_SSL */
-#include <ldns/common.h>
+#endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
#include <ldns/packet.h>
#include <ldns/keys.h>
#include <ldns/zone.h>
@@ -127,7 +127,7 @@
*/
uint16_t ldns_calc_keytag_raw(uint8_t* key, size_t keysize);
-#ifdef HAVE_SSL
+#if LDNS_BUILD_CONFIG_HAVE_SSL
/**
* converts a buffer holding key material to a DSA key in openssl.
*
@@ -173,9 +173,9 @@
*/
EVP_PKEY* ldns_ecdsa2pkey_raw(unsigned char* key, size_t keylen, uint8_t algo);
-#endif /* HAVE_SSL */
+#endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
-#ifdef HAVE_SSL
+#if LDNS_BUILD_CONFIG_HAVE_SSL
/**
* converts a buffer holding key material to a RSA key in openssl.
*
@@ -191,7 +191,7 @@
* \return a RSA * structure with the key material
*/
RSA *ldns_key_buf2rsa_raw(unsigned char* key, size_t len);
-#endif /* HAVE_SSL */
+#endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
/**
* returns a new DS rr that represents the given key rr.
@@ -211,6 +211,16 @@
ldns_rr_type nsec_type);
/**
+ * returns whether a rrset of the given type is found in the rrsets.
+ *
+ * \param[in] rrsets the rrsets to be tested
+ * \param[in] type the type to test for
+ * \return int 1 if the type was found, 0 otherwise.
+ */
+int
+ldns_dnssec_rrsets_contains_type (ldns_dnssec_rrsets *rrsets, ldns_rr_type type);
+
+/**
* Creates NSEC
*/
ldns_rr *
@@ -372,7 +382,7 @@
*/
bool ldns_nsec_covers_name(const ldns_rr *nsec, const ldns_rdf *name);
-#ifdef HAVE_SSL
+#if LDNS_BUILD_CONFIG_HAVE_SSL
/**
* verify a packet
* \param[in] p the packet
@@ -438,7 +448,7 @@
*/
int ldns_dnssec_default_replace_signatures(ldns_rr *sig, void *n);
-#ifdef HAVE_SSL
+#if LDNS_BUILD_CONFIG_HAVE_SSL
/**
* Converts the DSA signature from ASN1 representation (RFC2459, as
* used by OpenSSL) to raw signature data as used in DNS (rfc2536)
@@ -488,7 +498,7 @@
ldns_convert_ecdsa_rrsig_rdf2asn1(ldns_buffer *target_buffer,
const ldns_rdf *sig_rdf);
-#endif /* HAVE_SSL */
+#endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
#ifdef __cplusplus
}
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/ldns/dnssec_sign.h
^
|
@@ -42,7 +42,7 @@
*/
ldns_rr_list *ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys);
-#ifdef HAVE_SSL
+#if LDNS_BUILD_CONFIG_HAVE_SSL
/**
* Sign a buffer with the DSA key (hash with SHA1)
* \param[in] to_sign buffer with the data
@@ -80,11 +80,42 @@
* \return a ldns_rdf with the signed data
*/
ldns_rdf *ldns_sign_public_rsamd5(ldns_buffer *to_sign, RSA *key);
-#endif /* HAVE_SSL */
+#endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
/**
- * Finds the first dnssec_name node in the rbtree that has not been marked
- * as glue, starting at the given node
+ * Marks the names in the zone that are occluded. Those names will be skipped
+ * when walking the tree with the ldns_dnssec_name_node_next_nonglue()
+ * function. But watch out! Names that are partially occluded (like glue with
+ * the same name as the delegation) will not be marked and should specifically
+ * be taken into account seperately.
+ *
+ * When glue_list is given (not NULL), in the process of marking the names, all
+ * glue resource records will be pushed to that list, even glue at the delegation name.
+ *
+ * \param[in] zone the zone in which to mark the names
+ * \param[in] glue_list the list to which to push the glue rrs
+ * \return LDNS_STATUS_OK on success, an error code otherwise
+ */
+ldns_status
+ldns_dnssec_zone_mark_and_get_glue(
+ ldns_dnssec_zone *zone, ldns_rr_list *glue_list);
+
+/**
+ * Marks the names in the zone that are occluded. Those names will be skipped
+ * when walking the tree with the ldns_dnssec_name_node_next_nonglue()
+ * function. But watch out! Names that are partially occluded (like glue with
+ * the same name as the delegation) will not be marked and should specifically
+ * be taken into account seperately.
+ *
+ * \param[in] zone the zone in which to mark the names
+ * \return LDNS_STATUS_OK on succesful completion
+ */
+ldns_status
+ldns_dnssec_zone_mark_glue(ldns_dnssec_zone *zone);
+
+/**
+ * Finds the first dnssec_name node in the rbtree that is not occluded.
+ * It *does* return names that are partially occluded.
*
* \param[in] node the first node to check
* \return the first node that has not been marked as glue, or NULL
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/ldns/dnssec_verify.h
^
|
@@ -390,6 +390,31 @@
bool packet_nodata);
/**
+ * Same as ldns_status ldns_dnssec_verify_denial_nsec3 but also returns
+ * the nsec rr that matched.
+ *
+ * \param[in] rr The (query) RR to check the denial of existence for
+ * \param[in] nsecs The list of NSEC3 RRs that are supposed to deny the
+ * existence of the RR
+ * \param[in] rrsigs The RRSIG rr covering the NSEC RRs
+ * \param[in] packet_rcode The RCODE value of the packet that provided the
+ * NSEC3 RRs
+ * \param[in] packet_qtype The original query RR type
+ * \param[in] packet_nodata True if the providing packet had an empty ANSWER
+ * section
+ * \param[in] match On match, the given (reference to a) pointer will be set
+ * to point to the matching nsec resource record.
+ * \return LDNS_STATUS_OK if the NSEC3 RRs deny the existence, error code
+ * containing the reason they do not otherwise
+ */
+ldns_status ldns_dnssec_verify_denial_nsec3_match(ldns_rr *rr,
+ ldns_rr_list *nsecs,
+ ldns_rr_list *rrsigs,
+ ldns_pkt_rcode packet_rcode,
+ ldns_rr_type packet_qtype,
+ bool packet_nodata,
+ ldns_rr **match);
+/**
* Verifies the already processed data in the buffers
* This function should probably not be used directly.
*
@@ -465,6 +490,7 @@
ldns_rr *rrsig,
ldns_rr *key);
+#if LDNS_BUILD_CONFIG_HAVE_SSL
/**
* verifies a buffer with signature data for a buffer with rrset data
* with an EVP_PKEY
@@ -474,12 +500,10 @@
* \param[in] key the EVP key structure
* \param[in] digest_type The digest type of the signature
*/
-#ifdef HAVE_SSL
ldns_status ldns_verify_rrsig_evp(ldns_buffer *sig,
ldns_buffer *rrset,
EVP_PKEY *key,
const EVP_MD *digest_type);
-#endif
/**
* Like ldns_verify_rrsig_evp, but uses raw signature data.
@@ -489,7 +513,6 @@
* \param[in] key the EVP key structure
* \param[in] digest_type The digest type of the signature
*/
-#ifdef HAVE_SSL
ldns_status ldns_verify_rrsig_evp_raw(unsigned char *sig,
size_t siglen,
ldns_buffer *rrset,
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/ldns/dnssec_zone.h
^
|
@@ -70,8 +70,13 @@
*/
ldns_dnssec_rrs *nsec_signatures;
/**
- * Set to true if this name is glue
- * (as marked by ldns_dnssec_zone_mark_glue())
+ * Unlike what the name is_glue suggests, this field is set to true by
+ * ldns_dnssec_zone_mark_glue() or ldns_dnssec_zone_mark_and_get_glue()
+ * when the name, this dnssec_name struct represents, is occluded.
+ * Names that contain other occluded rrsets and records with glue on
+ * the delegation point will NOT have this bool set to true.
+ * This field should NOT be read directly, but only via the
+ * ldns_dnssec_name_is_glue() function!
*/
bool is_glue;
/**
@@ -237,6 +242,18 @@
*/
void ldns_dnssec_name_set_name(ldns_dnssec_name *name,
ldns_rdf *dname);
+/**
+ * Returns if dnssec_name structure is marked as glue.
+ * The ldns_dnssec_zone_mark_glue() function has to be called on a zone before
+ * using this function.
+ * Only names that have only glue rrsets will be marked.
+ * Names that have other occluded rrsets and names containing glue on the
+ * delegation point will NOT be marked!
+ *
+ * \param[in] name the dnssec name to get the domain name from
+ * \return true if the structure is marked as glue, false otherwise.
+ */
+bool ldns_dnssec_name_is_glue(ldns_dnssec_name *name);
/**
* Sets the NSEC(3) RR of the given dnssec_name structure
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/ldns/keys.h
^
|
@@ -21,9 +21,10 @@
#ifndef LDNS_KEYS_H
#define LDNS_KEYS_H
-#ifdef HAVE_SSL
+#include <ldns/common.h>
+#if LDNS_BUILD_CONFIG_HAVE_SSL
#include <openssl/ssl.h>
-#endif /* HAVE_SSL */
+#endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
#include <ldns/dnssec.h>
#include <ldns/util.h>
#include <errno.h>
@@ -53,7 +54,7 @@
LDNS_RSASHA256 = 8, /* RFC 5702 */
LDNS_RSASHA512 = 10, /* RFC 5702 */
LDNS_ECC_GOST = 12, /* RFC 5933 */
-#ifdef USE_ECDSA
+#if LDNS_BUILD_CONFIG_USE_ECDSA
/* this ifdef has to be removed once it is no longer experimental,
* to be able to use these values outside of the ldns library itself */
LDNS_ECDSAP256SHA256 = 13, /* draft-hoffman-dnssec-ecdsa */
@@ -73,7 +74,7 @@
LDNS_SHA1 = 1, /* RFC 4034 */
LDNS_SHA256 = 2, /* RFC 4509 */
LDNS_HASH_GOST = 3 /* RFC 5933 */
-#ifdef USE_ECDSA
+#if LDNS_BUILD_CONFIG_USE_ECDSA
/* this ifdef has to be removed once it is no longer experimental,
* to be able to use these values outside of the ldns library itself */
,LDNS_SHA384 = 4 /* draft-hoffman-dnssec-ecdsa EXPERIMENTAL */
@@ -94,7 +95,7 @@
LDNS_SIGN_RSASHA512 = LDNS_RSASHA512,
LDNS_SIGN_DSA_NSEC3 = LDNS_DSA_NSEC3,
LDNS_SIGN_ECC_GOST = LDNS_ECC_GOST,
-#ifdef USE_ECDSA
+#if LDNS_BUILD_CONFIG_USE_ECDSA
/* this ifdef has to be removed once it is no longer experimental,
* to be able to use these values outside of the ldns library itself */
LDNS_SIGN_ECDSAP256SHA256 = LDNS_ECDSAP256SHA256,
@@ -123,13 +124,13 @@
/** Storage pointers for the types of keys supported */
/* TODO remove unions? */
struct {
-#ifdef HAVE_SSL
+#if LDNS_BUILD_CONFIG_HAVE_SSL
#ifndef S_SPLINT_S
/* The key can be an OpenSSL EVP Key
*/
EVP_PKEY *key;
#endif
-#endif /* HAVE_SSL */
+#endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
/**
* The key can be an HMAC key
*/
@@ -220,7 +221,7 @@
*/
ldns_status ldns_key_new_frm_fp_l(ldns_key **k, FILE *fp, int *line_nr);
-#ifdef HAVE_SSL
+#if LDNS_BUILD_CONFIG_HAVE_SSL
/**
* Read the key with the given id from the given engine and store it
* in the given ldns_key structure. The algorithm type is set
@@ -235,9 +236,9 @@
* \return NULL on failure otherwise a RSA structure
*/
RSA *ldns_key_new_frm_fp_rsa(FILE *fp);
-#endif /* HAVE_SSL */
+#endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
-#ifdef HAVE_SSL
+#if LDNS_BUILD_CONFIG_HAVE_SSL
/**
* frm_fp helper function. This function parses the
* remainder of the (RSA) priv. key file generated from bind9
@@ -246,9 +247,9 @@
* \return NULL on failure otherwise a RSA structure
*/
RSA *ldns_key_new_frm_fp_rsa_l(FILE *fp, int *line_nr);
-#endif /* HAVE_SSL */
+#endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
-#ifdef HAVE_SSL
+#if LDNS_BUILD_CONFIG_HAVE_SSL
/**
* frm_fp helper function. This function parses the
* remainder of the (DSA) priv. key file
@@ -256,9 +257,9 @@
* \return NULL on failure otherwise a RSA structure
*/
DSA *ldns_key_new_frm_fp_dsa(FILE *fp);
-#endif /* HAVE_SSL */
+#endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
-#ifdef HAVE_SSL
+#if LDNS_BUILD_CONFIG_HAVE_SSL
/**
* frm_fp helper function. This function parses the
* remainder of the (DSA) priv. key file
@@ -267,9 +268,9 @@
* \return NULL on failure otherwise a RSA structure
*/
DSA *ldns_key_new_frm_fp_dsa_l(FILE *fp, int *line_nr);
-#endif /* HAVE_SSL */
+#endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
-#ifdef HAVE_SSL
+#if LDNS_BUILD_CONFIG_HAVE_SSL
/**
* frm_fp helper function. This function parses the
* remainder of the (HMAC-MD5) key file
@@ -281,7 +282,7 @@
unsigned char *ldns_key_new_frm_fp_hmac(FILE *fp, size_t *hmac_size);
#endif
-#ifdef HAVE_SSL
+#if LDNS_BUILD_CONFIG_HAVE_SSL
/**
* frm_fp helper function. This function parses the
* remainder of the (HMAC-MD5) key file
@@ -292,7 +293,7 @@
* \return NULL on failure otherwise a newly allocated char buffer
*/
unsigned char *ldns_key_new_frm_fp_hmac_l(FILE *fp, int *line_nr, size_t *hmac_size);
-#endif /* HAVE_SSL */
+#endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
/* acces write functions */
/**
@@ -301,7 +302,7 @@
* \param[in] l the algorithm
*/
void ldns_key_set_algorithm(ldns_key *k, ldns_signing_algorithm l);
-#ifdef HAVE_SSL
+#if LDNS_BUILD_CONFIG_HAVE_SSL
/**
* Set the key's evp key
* \param[in] k the key
@@ -331,7 +332,7 @@
/** Release the engine reference held for the GOST engine. */
void ldns_key_EVP_unload_gost(void);
-#endif /* HAVE_SSL */
+#endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
/**
* Set the key's hmac data
@@ -424,7 +425,7 @@
*/
ldns_key *ldns_key_list_key(const ldns_key_list *key, size_t nr);
-#ifdef HAVE_SSL
+#if LDNS_BUILD_CONFIG_HAVE_SSL
/**
* returns the (openssl) RSA struct contained in the key
* \param[in] k the key to look in
@@ -437,14 +438,14 @@
* \return the RSA * structure in the key
*/
EVP_PKEY *ldns_key_evp_key(const ldns_key *k);
-#endif /* HAVE_SSL */
+#endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
/**
* returns the (openssl) DSA struct contained in the key
*/
-#ifdef HAVE_SSL
+#if LDNS_BUILD_CONFIG_HAVE_SSL
DSA *ldns_key_dsa_key(const ldns_key *k);
-#endif /* HAVE_SSL */
+#endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
/**
* return the signing alg of the key
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/ldns/net.h.in
^
|
@@ -20,7 +20,7 @@
extern "C" {
#endif
-#define LDNS_DEFAULT_TIMEOUT_SEC 2
+#define LDNS_DEFAULT_TIMEOUT_SEC 5
#define LDNS_DEFAULT_TIMEOUT_USEC 0
/**
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/ldns/rr.h
^
|
@@ -176,6 +176,7 @@
LDNS_RR_TYPE_DHCID = 49,
LDNS_RR_TYPE_NSEC3 = 50,
+ LDNS_RR_TYPE_NSEC3PARAM = 51,
LDNS_RR_TYPE_NSEC3PARAMS = 51,
/** draft-ietf-dnsop-trust-history */
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/ldns/sha2.h
^
|
@@ -55,17 +55,14 @@
* Import u_intXX_t size_t type definitions from system headers. You
* may need to change this, or define these things yourself in this
* file.
- *
- * (include ldns/config.h so HAVE_INTTYPES is defined (or not, depending
- * on the system))
*/
#include <sys/types.h>
-#ifdef HAVE_INTTYPES_H
+#if LDNS_BUILD_CONFIG_HAVE_INTTYPES_H
#include <inttypes.h>
-#endif /* HAVE_INTTYPES_H */
+#endif /* LDNS_BUILD_CONFIG_HAVE_INTTYPES_H */
/*** SHA-256/384/512 Various Length Definitions ***********************/
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/ldns/util.h.in
^
|
@@ -50,6 +50,8 @@
#define LDNS_XMALLOC(type, count) ((type *) malloc((count) * sizeof(type)))
+#define LDNS_CALLOC(type, count) ((type *) calloc((count), sizeof(type)))
+
#define LDNS_REALLOC(ptr, type) LDNS_XREALLOC((ptr), type, 1)
#define LDNS_XREALLOC(ptr, type, count) \
@@ -269,6 +271,22 @@
time_t mktime_from_utc(const struct tm *tm);
/**
+ * The function interprets time as the number of seconds since epoch
+ * with respect to now using serial arithmitics (rfc1982).
+ * That number of seconds is then converted to broken-out time information.
+ * This is especially usefull when converting the inception and expiration
+ * fields of RRSIG records.
+ *
+ * \param[in] time number of seconds since epoch (midnight, January 1st, 1970)
+ * to be intepreted as a serial arithmitics number relative to now.
+ * \param[in] now number of seconds since epoch (midnight, January 1st, 1970)
+ * to which the time value is compared to determine the final value.
+ * \param[out] result the struct with the broken-out time information
+ * \return result on success or NULL on error
+ */
+struct tm * ldns_serial_arithmitics_gmtime_r(int32_t time, time_t now, struct tm *result);
+
+/**
* Seed the random function.
* If the file descriptor is specified, the random generator is seeded with
* data from that file. If not, /dev/urandom is used.
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/ldns/zone.h
^
|
@@ -117,7 +117,8 @@
*
* Due to the current zone implementation (as a list of rr's), this
* function is extremely slow. Another (probably better) way to do this
- * is to use an ldns_dnssec_zone structure and the mark_glue function
+ * is to use an ldns_dnssec_zone structure and the
+ * ldns_dnssec_mark_and_get_glue() function.
*
* \param[in] z the zone to look for glue
* \return the rr_list with the glue
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/ldns_symbols.def
^
|
@@ -85,6 +85,7 @@
ldns_dnssec_name_deep_free
ldns_dnssec_name_find_rrset
ldns_dnssec_name_free
+ldns_dnssec_name_is_glue
ldns_dnssec_name_name
ldns_dnssec_name_new
ldns_dnssec_name_new_frm_rr
@@ -135,6 +136,7 @@
ldns_dnssec_zone_find_nsec3_original
ldns_dnssec_zone_find_rrset
ldns_dnssec_zone_free
+ldns_dnssec_zone_mark_and_get_glue
ldns_dnssec_zone_mark_glue
ldns_dnssec_zone_names_print
ldns_dnssec_zone_new
@@ -618,6 +620,7 @@
ldns_rr_uncompressed_size
ldns_send
ldns_send_buffer
+ldns_serial_arithmitics_gmtime_r
ldns_set_bit
ldns_sha1
ldns_sha1_final
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/packaging/fedora/ldns.spec
^
|
@@ -7,7 +7,7 @@
Summary: Lowlevel DNS(SEC) library with API
Name: ldns
-Version: 1.6.9
+Version: 1.6.10
Release: 2%{?dist}
License: BSD
Url: http://www.nlnetlabs.nl/%{name}/
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/parse.c
^
|
@@ -132,13 +132,15 @@
}
}
if (c != '\0' && c != '\n') {
- *t++ = c;
i++;
}
if (limit > 0 && i >= limit) {
*t = '\0';
return -1;
}
+ if (c != '\0' && c != '\n') {
+ *t++ = c;
+ }
if (c == '\\' && prev_c == '\\')
prev_c = 0;
else prev_c = c;
@@ -302,12 +304,12 @@
}
}
- *t++ = c;
i++;
if (limit > 0 && i >= limit) {
*t = '\0';
return -1;
}
+ *t++ = c;
if (c == '\\' && lc == '\\') {
lc = 0;
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/rr.c
^
|
@@ -431,6 +431,16 @@
cur_hex_data_size = 0;
while(cur_hex_data_size < 2 * hex_data_size) {
c = ldns_bget_token(rd_buf, rd, delimiters, LDNS_MAX_RDFLEN);
+ if (c == -1) {
+ LDNS_FREE(hex_data_str);
+ LDNS_FREE(rd);
+ LDNS_FREE(b64);
+ ldns_buffer_free(rd_buf);
+ ldns_buffer_free(rr_buf);
+ LDNS_FREE(rdata);
+ ldns_rr_free(new);
+ return LDNS_STATUS_SYNTAX_RDATA_ERR;
+ }
rd_strlen = strlen(rd);
strncpy(hex_data_str + cur_hex_data_size, rd, rd_strlen);
cur_hex_data_size += rd_strlen;
@@ -1900,7 +1910,7 @@
LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_NSEC3_SALT, LDNS_RDF_TYPE_NSEC3_NEXT_OWNER, LDNS_RDF_TYPE_NSEC
};
-static const ldns_rdf_type type_nsec3params_wireformat[] = {
+static const ldns_rdf_type type_nsec3param_wireformat[] = {
/* LDNS_RDF_TYPE_NSEC3_PARAMS_VARS*/
LDNS_RDF_TYPE_INT8,
LDNS_RDF_TYPE_INT8,
@@ -2034,7 +2044,7 @@
/* 50 */
{LDNS_RR_TYPE_NSEC3, "NSEC3", 5, 6, type_nsec3_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
/* 51 */
-{LDNS_RR_TYPE_NSEC3PARAMS, "NSEC3PARAM", 4, 4, type_nsec3params_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+{LDNS_RR_TYPE_NSEC3PARAM, "NSEC3PARAM", 4, 4, type_nsec3param_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
/* 52 */
{LDNS_RR_TYPE_NULL, "TYPE52", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
{LDNS_RR_TYPE_NULL, "TYPE53", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/util.c
^
|
@@ -241,6 +241,100 @@
return seconds;
}
+#if SIZEOF_TIME_T <= 4
+
+static void
+ldns_year_and_yday_from_days_since_epoch(int64_t days, struct tm *result)
+{
+ int year = 1970;
+ int new_year;
+
+ while (days < 0 || days >= (int64_t) (is_leap_year(year) ? 366 : 365)) {
+ new_year = year + (int) (days / 366);
+ if (year == new_year) {
+ year += days < 0 ? -1 : 1;
+ }
+ days -= (new_year - year) * 365;
+ days -= leap_days(year, new_year);
+ year = new_year;
+ }
+ result->tm_year = year;
+ result->tm_yday = (int) days;
+}
+
+/* Number of days per month in a leap year. */
+static const int leap_year_mdays[] = {
+ 31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31
+};
+
+static void
+ldns_mon_and_mday_from_year_and_yday(struct tm *result)
+{
+ int idays = result->tm_yday;
+ const int *mon_lengths = is_leap_year(result->tm_year) ?
+ leap_year_mdays : mdays;
+
+ result->tm_mon = 0;
+ while (idays >= mon_lengths[result->tm_mon]) {
+ idays -= mon_lengths[result->tm_mon++];
+ }
+ result->tm_mday = idays + 1;
+}
+
+static void
+ldns_wday_from_year_and_yday(struct tm *result)
+{
+ result->tm_wday = 4 /* 1-1-1970 was a thursday */
+ + ((result->tm_year - 1970) % 7) * (365 % 7)
+ + leap_days(1970, result->tm_year)
+ + result->tm_yday;
+ result->tm_wday %= 7;
+ if (result->tm_wday < 0) {
+ result->tm_wday += 7;
+ }
+}
+
+static struct tm *
+ldns_gmtime64_r(int64_t clock, struct tm *result)
+{
+ result->tm_isdst = 0;
+ result->tm_sec = (int) (clock % 60);
+ clock /= 60;
+ result->tm_min = (int) (clock % 60);
+ clock /= 60;
+ result->tm_hour = (int) (clock % 24);
+ clock /= 24;
+
+ ldns_year_and_yday_from_days_since_epoch(clock, result);
+ ldns_mon_and_mday_from_year_and_yday(result);
+ ldns_wday_from_year_and_yday(result);
+ result->tm_year -= 1900;
+
+ return result;
+}
+
+#endif /* SIZEOF_TIME_T <= 4 */
+
+static int64_t
+ldns_serial_arithmitics_time(int32_t time, time_t now)
+{
+ int32_t offset = time - (int32_t) now;
+ return (int64_t) now + offset;
+}
+
+
+struct tm *
+ldns_serial_arithmitics_gmtime_r(int32_t time, time_t now, struct tm *result)
+{
+#if SIZEOF_TIME_T <= 4
+ int64_t secs_since_epoch = ldns_serial_arithmitics_time(time, now);
+ return ldns_gmtime64_r(secs_since_epoch, result);
+#else
+ time_t secs_since_epoch = ldns_serial_arithmitics_time(time, now);
+ return gmtime_r(&secs_since_epoch, result);
+#endif
+}
+
/**
* Init the random source
* applications should call this if they need entropy data within ldns
|
[-]
[+]
|
Changed |
ldns-1.6.10.tar.gz/zone.c
^
|
@@ -228,7 +228,8 @@
a = ldns_rr_list_rr(addr, j);
dname_a = ldns_rr_owner(a);
- if (ldns_dname_is_subdomain(dname_a, ns_owner)) {
+ if (ldns_dname_is_subdomain(dname_a, ns_owner) ||
+ ldns_dname_compare(dname_a, ns_owner) == 0) {
/* GLUE! */
if (!ldns_rr_list_push_rr(glue, a)) goto memory_error;
}
|
[-]
[+]
|
Deleted |
ldns-1.6.9.tar.gz/ldns/common.h
^
|
@@ -1,52 +0,0 @@
-/**
- * \file common.h
- *
- * Common definitions for LDNS
- */
-
-/**
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2004-2006
- *
- * See the file LICENSE for the license
- */
-
-#ifndef LDNS_COMMON_H
-#define LDNS_COMMON_H
-
-#if !defined(__cplusplus) && !defined(__bool_true_false_are_defined)
-
-#if defined(HAVE_STDBOOL_H)
-#include <stdbool.h>
-#else
-
-/*@ignore@*/
-/* splint barfs on this construct */
-typedef unsigned int bool;
-#define bool bool
-#define false 0
-#define true 1
-#define __bool_true_false_are_defined 1
-/*@end@*/
-
-#endif
-
-#endif
-
-#ifdef HAVE_ATTR_FORMAT
-#define ATTR_FORMAT(archetype, string_index, first_to_check) \
- __attribute__ ((format (archetype, string_index, first_to_check)))
-#else /* !HAVE_ATTR_FORMAT */
-#define ATTR_FORMAT(archetype, string_index, first_to_check) /* empty */
-#endif /* !HAVE_ATTR_FORMAT */
-
-#if defined(__cplusplus)
-#define ATTR_UNUSED(x)
-#elif defined(HAVE_ATTR_UNUSED)
-#define ATTR_UNUSED(x) x __attribute__((unused))
-#else /* !HAVE_ATTR_UNUSED */
-#define ATTR_UNUSED(x) x
-#endif /* !HAVE_ATTR_UNUSED */
-
-#endif /* LDNS_COMMON_H */
|