FreeBSD/src
1
0
Fork 0
mirror of https://git.FreeBSD.org/src.git synced 2026-06-02 11:24:32 +00:00
Code Issues Projects Releases Wiki Activity

import ldns 1.9.0

Browse Source
This commit is contained in:
Dag-Erling Smørgrav
2026-05-22 15:37:52 +02:00
parent 3dcfa5af41
commit 5eb18e8576
59 changed files with 1782 additions and 710 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Changelog
+46
View File
@@ -1,3 +1,49 @@
1.9.0 2025-12-04
* PR #246: Make ldns_calc_keytag() available for CDNSKEY RR
Thanks tgreenx and pnax
* PR #247: Make ldns_key_rr2ds() available for CDNSKEY RR
Thanks tgreenx
* PR #248: Make ldns_rr_compare_{ds,ds_dnskey}() available for
CDS and CDNSKEY RRs. Thanks tgreenx
* PR #245: Make drill trace use IPv6 when used with -6
Thanks Paul Radford
* Fix #254: Unquoted "value" rdata for CAA records fail to validate.
Follows the long string unquoted syntax from RFC8659, section 4.1.1.
* Fix #266: ldns-read-zone -u fails if a type is the only type in a
window and the type modulo 256 is equal to zero.
* Fix #271: Intermittent build failure with multi-job
builds (make -j).
* Add ldns-verify-zone -s option. It checks all signature results,
instead of passing by when one RRSIG validates. That prints output
for spurious RRSIGs, the failures for them.
* Fix RR types NSAP-PTR, GPOS and RESINFO to print unquoted strings.
* Fix memory leak when trying to read zones that have equal RRs.
the ldns_dnssec_*_add_rr() functions now return LDNS_STATUS_EQUAL_RR
when an already existing RR is tried to be added. This is a API
change, hence this also bumps the version to 1.9.0
* PR #282: ensure returning pkt with LDNS_STATUS_OK. Thanks grobian.
* PR #286: Fix RR Type AMTRELAY type nogateway, to print relay '.',
and memory leaks in parsing it.
* DSYNC is no longer a draft RR type and compiled by default
* RFC 9824 support: Compact Denial of Existence in DNSSEC
* The HHIT and BRID draft RR types
* PR #249: If RNG is already seeded, return early.
Thanks crrodriguez
* PR #221: Improve error messages. Thanks jschauma
* PR #256: Use SWIG_AppendOutput to support swig 4.3
Thanks pemensik
* PR #188: Homogenize paths for source files during compilation
Thanks duthils
* Fix #283: ldns-walk fails after update from 1.8.3 to 1.8.4
Thanks jschauma
* PR #200: Allow compiled tests to link to ldns statically via
environment variable. Thanks FGasper and pemensik
* PR #220: Optionally exclude ZONEMD RRs in ldns-compare-zone
Thanks gjherbiet
* Fix #285: A WALLET RR breaks TXT signing. Thanks bortzmeyer
* Fix #287: ldns-verify-zone hangs with missing NSEC3 RRs.
Thanks Roy Arends
1.8.4 2024-07-19
* Fix building documentation in build directory.
Thanks Michael Tokarev
Makefile.in
+29 -29
View File
@@ -132,11 +132,11 @@ all: setup-builddir lib linktest manpages @P5_DNS_LDNS@ @PYLDNS@ @DRILL@ @EXAMPL
.SUFFIXES: .c .o .a .lo .h .i
.c.lo:
$(COMP_LIB) $(LIBSSL_CPPFLAGS) -c $< -o $@
$(COMP_LIB) $(LIBSSL_CPPFLAGS) -c $(srcdir)/$< -o $@
# Need libtool compile
.c.o:
$(COMP_LIB) $(LIBSSL_CPPFLAGS) -c $< -o $@
$(COMP_LIB) $(LIBSSL_CPPFLAGS) -c $(srcdir)/$< -o $@
$(LDNS_LOBJS) $(LIBLOBJS) $(DRILL_LOBJS) $(EXAMPLE_LOBJS):
$(COMP_LIB) $(LIBSSL_CPPFLAGS) -c $(srcdir)/$(@:.lo=.c) -o $@
@@ -571,9 +571,9 @@ depend:
done; \
done
for p in $(EXAMPLE_PROGS) $(LDNS_DPA) $(LDNS_DANE) $(EX_SSL_PROGS); do \
echo "$$p: $$p.lo $$p.o \$$(LIB)" >> $(DEPEND_TMP) ; done
echo "$$p: $$p.lo \$$(LIB)" >> $(DEPEND_TMP) ; done
echo "$(TESTNS): `for o in $(TESTNS_LOBJS) ; do \
echo -n "$$o $${o%lo}o " ; done` \$$(LIB)" \
echo -n "$$o " ; done`\$$(LIB)" \
>> $(DEPEND_TMP)
cp $(DEPEND_TARGET) $(DEPEND_TMP2)
head -`egrep -n "# Dependencies" $(DEPEND_TARGET) | tail -1 | sed -e 's/:.*$$//'` $(DEPEND_TMP2) > $(DEPEND_TARGET)
@@ -1114,28 +1114,28 @@ drill/work.lo drill/work.o: $(srcdir)/drill/work.c $(srcdir)/drill/drill.h ldns/
$(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \
$(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \
$(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h
examples/ldns-chaos: examples/ldns-chaos.lo examples/ldns-chaos.o $(LIB)
examples/ldns-compare-zones: examples/ldns-compare-zones.lo examples/ldns-compare-zones.o $(LIB)
examples/ldnsd: examples/ldnsd.lo examples/ldnsd.o $(LIB)
examples/ldns-gen-zone: examples/ldns-gen-zone.lo examples/ldns-gen-zone.o $(LIB)
examples/ldns-key2ds: examples/ldns-key2ds.lo examples/ldns-key2ds.o $(LIB)
examples/ldns-keyfetcher: examples/ldns-keyfetcher.lo examples/ldns-keyfetcher.o $(LIB)
examples/ldns-keygen: examples/ldns-keygen.lo examples/ldns-keygen.o $(LIB)
examples/ldns-mx: examples/ldns-mx.lo examples/ldns-mx.o $(LIB)
examples/ldns-notify: examples/ldns-notify.lo examples/ldns-notify.o $(LIB)
examples/ldns-read-zone: examples/ldns-read-zone.lo examples/ldns-read-zone.o $(LIB)
examples/ldns-resolver: examples/ldns-resolver.lo examples/ldns-resolver.o $(LIB)
examples/ldns-rrsig: examples/ldns-rrsig.lo examples/ldns-rrsig.o $(LIB)
examples/ldns-test-edns: examples/ldns-test-edns.lo examples/ldns-test-edns.o $(LIB)
examples/ldns-update: examples/ldns-update.lo examples/ldns-update.o $(LIB)
examples/ldns-version: examples/ldns-version.lo examples/ldns-version.o $(LIB)
examples/ldns-walk: examples/ldns-walk.lo examples/ldns-walk.o $(LIB)
examples/ldns-zcat: examples/ldns-zcat.lo examples/ldns-zcat.o $(LIB)
examples/ldns-zsplit: examples/ldns-zsplit.lo examples/ldns-zsplit.o $(LIB)
examples/ldns-dpa: examples/ldns-dpa.lo examples/ldns-dpa.o $(LIB)
examples/ldns-dane: examples/ldns-dane.lo examples/ldns-dane.o $(LIB)
examples/ldns-nsec3-hash: examples/ldns-nsec3-hash.lo examples/ldns-nsec3-hash.o $(LIB)
examples/ldns-revoke: examples/ldns-revoke.lo examples/ldns-revoke.o $(LIB)
examples/ldns-signzone: examples/ldns-signzone.lo examples/ldns-signzone.o $(LIB)
examples/ldns-verify-zone: examples/ldns-verify-zone.lo examples/ldns-verify-zone.o $(LIB)
examples/ldns-testns: examples/ldns-testns.lo examples/ldns-testns.o examples/ldns-testpkts.lo examples/ldns-testpkts.o $(LIB)
examples/ldns-chaos: examples/ldns-chaos.lo $(LIB)
examples/ldns-compare-zones: examples/ldns-compare-zones.lo $(LIB)
examples/ldnsd: examples/ldnsd.lo $(LIB)
examples/ldns-gen-zone: examples/ldns-gen-zone.lo $(LIB)
examples/ldns-key2ds: examples/ldns-key2ds.lo $(LIB)
examples/ldns-keyfetcher: examples/ldns-keyfetcher.lo $(LIB)
examples/ldns-keygen: examples/ldns-keygen.lo $(LIB)
examples/ldns-mx: examples/ldns-mx.lo $(LIB)
examples/ldns-notify: examples/ldns-notify.lo $(LIB)
examples/ldns-read-zone: examples/ldns-read-zone.lo $(LIB)
examples/ldns-resolver: examples/ldns-resolver.lo $(LIB)
examples/ldns-rrsig: examples/ldns-rrsig.lo $(LIB)
examples/ldns-test-edns: examples/ldns-test-edns.lo $(LIB)
examples/ldns-update: examples/ldns-update.lo $(LIB)
examples/ldns-version: examples/ldns-version.lo $(LIB)
examples/ldns-walk: examples/ldns-walk.lo $(LIB)
examples/ldns-zcat: examples/ldns-zcat.lo $(LIB)
examples/ldns-zsplit: examples/ldns-zsplit.lo $(LIB)
examples/ldns-dpa: examples/ldns-dpa.lo $(LIB)
examples/ldns-dane: examples/ldns-dane.lo $(LIB)
examples/ldns-nsec3-hash: examples/ldns-nsec3-hash.lo $(LIB)
examples/ldns-revoke: examples/ldns-revoke.lo $(LIB)
examples/ldns-signzone: examples/ldns-signzone.lo $(LIB)
examples/ldns-verify-zone: examples/ldns-verify-zone.lo $(LIB)
examples/ldns-testns: examples/ldns-testns.lo examples/ldns-testpkts.lo $(LIB)
README
+18 -1
View File
@@ -1,3 +1,21 @@
DEVELOPMENT VISION
Note: ldns has been in maintenance mode since 2020, with no plans for major
features. We welcome PRs from contributors who want to add new functionality.
We also actively fix bugs, so users can continue to rely on ldns if its
current features meet their needs.
We will continue to make occasional use of ldns in an experimental
setting, such as during an IETF Hackathon to build a proof of concept for an
Internet Draft.
The natural successor to the ldns library is the domain library for Rust:
https://github.com/NLnetLabs/domain
We offer drop-in replacements for commonly used ldns example tools in dnst:
https://github.com/NLnetLabs/dnst
---
Contents:
REQUIREMENTS
@@ -10,7 +28,6 @@ Contents:
Solaris
KNOWN ISSUES
pyldns
Your Support
Project page:
http://www.nlnetlabs.nl/ldns/
config.guess
Vendored
+16 -10
View File
@@ -1,10 +1,10 @@
#! /bin/sh
# Attempt to guess a canonical system name.
# Copyright 1992-2024 Free Software Foundation, Inc.
# Copyright 1992-2025 Free Software Foundation, Inc.
# shellcheck disable=SC2006,SC2268 # see below for rationale
timestamp='2024-01-01'
timestamp='2025-07-10'
# This file is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
@@ -60,7 +60,7 @@ version="\
GNU config.guess ($timestamp)
Originally written by Per Bothner.
Copyright 1992-2024 Free Software Foundation, Inc.
Copyright 1992-2025 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
@@ -123,7 +123,7 @@ set_cc_for_build() {
dummy=$tmp/dummy
case ${CC_FOR_BUILD-},${HOST_CC-},${CC-} in
,,) echo "int x;" > "$dummy.c"
for driver in cc gcc c89 c99 ; do
for driver in cc gcc c17 c99 c89 ; do
if ($driver -c -o "$dummy.o" "$dummy.c") >/dev/null 2>&1 ; then
CC_FOR_BUILD=$driver
break
@@ -634,7 +634,8 @@ EOF
sed 's/^ //' << EOF > "$dummy.c"
#include <sys/systemcfg.h>
main()
int
main ()
{
if (!__power_pc())
exit(1);
@@ -718,7 +719,8 @@ EOF
#include <stdlib.h>
#include <unistd.h>
int main ()
int
main ()
{
#if defined(_SC_KERNEL_BITS)
long bits = sysconf(_SC_KERNEL_BITS);
@@ -1595,8 +1597,11 @@ EOF
*:Unleashed:*:*)
GUESS=$UNAME_MACHINE-unknown-unleashed$UNAME_RELEASE
;;
*:Ironclad:*:*)
GUESS=$UNAME_MACHINE-unknown-ironclad
x86_64:[Ii]ronclad:*:*|i?86:[Ii]ronclad:*:*)
GUESS=$UNAME_MACHINE-pc-ironclad-mlibc
;;
*:[Ii]ronclad:*:*)
GUESS=$UNAME_MACHINE-unknown-ironclad-mlibc
;;
esac
@@ -1621,6 +1626,7 @@ cat > "$dummy.c" <<EOF
#endif
#endif
#endif
int
main ()
{
#if defined (sony)
@@ -1805,8 +1811,8 @@ fi
exit 1
# Local variables:
# eval: (add-hook 'before-save-hook 'time-stamp)
# eval: (add-hook 'before-save-hook 'time-stamp nil t)
# time-stamp-start: "timestamp='"
# time-stamp-format: "%:y-%02m-%02d"
# time-stamp-format: "%Y-%02m-%02d"
# time-stamp-end: "'"
# End:
config.sub
Vendored
+571 -178
View File
File diff suppressed because it is too large Load Diff
configure
Vendored
+82 -12
View File
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.71 for ldns 1.8.4.
# Generated by GNU Autoconf 2.71 for ldns 1.9.0.
#
# Report bugs to <dns-team@nlnetlabs.nl>.
#
@@ -621,8 +621,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='ldns'
PACKAGE_TARNAME='libdns'
PACKAGE_VERSION='1.8.4'
PACKAGE_STRING='ldns 1.8.4'
PACKAGE_VERSION='1.9.0'
PACKAGE_STRING='ldns 1.9.0'
PACKAGE_BUGREPORT='dns-team@nlnetlabs.nl'
PACKAGE_URL=''
@@ -851,6 +851,7 @@ enable_dane_ta_usage
enable_full_dane
enable_no_dane_ta_usage
enable_no_dane_verify
enable_draft_rrtypes
enable_rrtype_ninfo
enable_rrtype_rkey
enable_rrtype_openpgpkey
@@ -860,6 +861,9 @@ enable_rrtype_doa
enable_rrtype_amtrelay
enable_rrtype_svcb_https
enable_rrtype_resinfo
enable_rrtype_dsync
enable_rrtypes_cla_ipn
enable_rrtypes_hhit_brid
enable_rpath
with_xcode_sdk
with_trust_anchor
@@ -1424,7 +1428,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
\`configure' configures ldns 1.8.4 to adapt to many kinds of systems.
\`configure' configures ldns 1.9.0 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1490,7 +1494,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
short | recursive ) echo "Configuration of ldns 1.8.4:";;
short | recursive ) echo "Configuration of ldns 1.9.0:";;
esac
cat <<\_ACEOF
@@ -1520,6 +1524,7 @@ Optional Features:
--disable-dane-verify Disable DANE verify support
--disable-dane-ta-usage Disable DANE-TA usage type support
--enable-draft-rrtypes Enable all draft RR types.
--enable-rrtype-ninfo Enable draft RR type ninfo.
--enable-rrtype-rkey Enable draft RR type rkey.
--disable-rrtype-openpgpkey
@@ -1531,7 +1536,13 @@ Optional Features:
Disable RR type AMTRELAY.
--disable-rrtype-svcb-https
Disable RR types SVCB and HTTPS.
--enable-rrtype-resinfo Disable RR type RESINFO.
--disable-rrtype-resinfo
Disable RR type RESINFO.
--disable-rrtype-dsync Disable RR type DSYNC.
--enable-rrtypes-cla-ipn
Enable draft RR types CLA and IPN.
--enable-rrtypes-hhit-brid
Enable draft RR types HHIT and BRID.
--disable-rpath disable hardcoded rpath (default=enabled)
Optional Packages:
@@ -1645,7 +1656,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
ldns configure 1.8.4
ldns configure 1.9.0
generated by GNU Autoconf 2.71
Copyright (C) 2021 Free Software Foundation, Inc.
@@ -2264,7 +2275,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
It was created by ldns $as_me 1.8.4, which was
It was created by ldns $as_me 1.9.0, which was
generated by GNU Autoconf 2.71. Invocation command line was
$ $0$ac_configure_args_raw
@@ -3028,9 +3039,9 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
# needed to build correct soname
LDNS_VERSION_MAJOR=1
LDNS_VERSION_MINOR=8
LDNS_VERSION_MINOR=9
LDNS_VERSION_MICRO=4
LDNS_VERSION_MICRO=0
# Library version
@@ -3052,6 +3063,7 @@ LDNS_VERSION_MICRO=4
# ldns-1.8.1 had libversion 6:0:3
# ldns-1.8.2 had libversion 7:0:4
# ldns-1.8.3 has libversion 8:0:5
# ldns-1.9.0 will have libversion 9:0:6 (new behaviour for dnssec_rrs_add_rr)
#
VERSION_INFO=9:0:6
@@ -17560,12 +17572,19 @@ printf "%s\n" "#define USE_DANE_TA_USAGE 1" >>confdefs.h
;;
esac
# Check whether --enable-draft-rrtypes was given.
if test ${enable_draft_rrtypes+y}
then :
enableval=$enable_draft_rrtypes;
fi
# Check whether --enable-rrtype-ninfo was given.
if test ${enable_rrtype_ninfo+y}
then :
enableval=$enable_rrtype_ninfo;
fi
if test "x$enable_draft_rrtypes" = "xyes"; then enable_rrtype_ninfo="yes"; fi
case "$enable_rrtype_ninfo" in
yes)
@@ -17581,6 +17600,7 @@ then :
enableval=$enable_rrtype_rkey;
fi
if test "x$enable_draft_rrtypes" = "xyes"; then enable_rrtype_rkey="yes"; fi
case "$enable_rrtype_rkey" in
yes)
@@ -17611,6 +17631,7 @@ then :
enableval=$enable_rrtype_ta;
fi
if test "x$enable_draft_rrtypes" = "xyes"; then enable_rrtype_ta="yes"; fi
case "$enable_rrtype_ta" in
yes)
@@ -17626,6 +17647,7 @@ then :
enableval=$enable_rrtype_avc;
fi
if test "x$enable_draft_rrtypes" = "xyes"; then enable_rrtype_avc="yes"; fi
case "$enable_rrtype_avc" in
yes)
@@ -17641,6 +17663,7 @@ then :
enableval=$enable_rrtype_doa;
fi
if test "x$enable_draft_rrtypes" = "xyes"; then enable_rrtype_doa="yes"; fi
case "$enable_rrtype_doa" in
yes)
@@ -17695,6 +17718,53 @@ printf "%s\n" "#define RRTYPE_RESINFO /**/" >>confdefs.h
;;
esac
# Check whether --enable-rrtype-dsync was given.
if test ${enable_rrtype_dsync+y}
then :
enableval=$enable_rrtype_dsync;
fi
case "$enable_rrtype_dsync" in
no)
;;
yes|*)
printf "%s\n" "#define RRTYPE_DSYNC /**/" >>confdefs.h
;;
esac
# Check whether --enable-rrtypes-cla-ipn was given.
if test ${enable_rrtypes_cla_ipn+y}
then :
enableval=$enable_rrtypes_cla_ipn;
fi
if test "x$enable_draft_rrtypes" = "xyes"; then enable_rrtypes_cla_ipn="yes"; fi
case "$enable_rrtypes_cla_ipn" in
yes)
printf "%s\n" "#define RRTYPE_CLA_IPN /**/" >>confdefs.h
;;
no|*)
;;
esac
# Check whether --enable-rrtypes-hhit-brid was given.
if test ${enable_rrtypes_hhit_brid+y}
then :
enableval=$enable_rrtypes_hhit_brid;
fi
if test "x$enable_draft_rrtypes" = "xyes"; then enable_rrtypes_hhit_brid="yes"; fi
case "$enable_rrtypes_hhit_brid" in
yes)
printf "%s\n" "#define RRTYPE_HHIT_BRID /**/" >>confdefs.h
;;
no|*)
;;
esac
if echo "$tmp_LIBS" | grep "ws2_32" >/dev/null; then
@@ -20467,7 +20537,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
This file was extended by ldns $as_me 1.8.4, which was
This file was extended by ldns $as_me 1.9.0, which was
generated by GNU Autoconf 2.71. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -20535,7 +20605,7 @@ ac_cs_config_escaped=`printf "%s\n" "$ac_cs_config" | sed "s/^ //; s/'/'\\\\\\\\
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config='$ac_cs_config_escaped'
ac_cs_version="\\
ldns config.status 1.8.4
ldns config.status 1.9.0
configured by $0, generated by GNU Autoconf 2.71,
with options \\"\$ac_cs_config\\"
configure.ac
+37 -4
View File
@@ -5,8 +5,8 @@ sinclude(acx_nlnetlabs.m4)
# must be numbers. ac_defun because of later processing.
m4_define([VERSION_MAJOR],[1])
m4_define([VERSION_MINOR],[8])
m4_define([VERSION_MICRO],[4])
m4_define([VERSION_MINOR],[9])
m4_define([VERSION_MICRO],[0])
AC_INIT([ldns],m4_defn([VERSION_MAJOR]).m4_defn([VERSION_MINOR]).m4_defn([VERSION_MICRO]),[dns-team@nlnetlabs.nl],[libdns])
AC_CONFIG_SRCDIR([packet.c])
# needed to build correct soname
@@ -33,6 +33,7 @@ AC_SUBST(LDNS_VERSION_MICRO, [VERSION_MICRO])
# ldns-1.8.1 had libversion 6:0:3
# ldns-1.8.2 had libversion 7:0:4
# ldns-1.8.3 has libversion 8:0:5
# ldns-1.9.0 will have libversion 9:0:6 (new behaviour for dnssec_rrs_add_rr)
#
AC_SUBST(VERSION_INFO, [9:0:6])
@@ -667,7 +668,9 @@ case "$enable_dane" in
;;
esac
AC_ARG_ENABLE(draft-rrtypes, AS_HELP_STRING([--enable-draft-rrtypes],[Enable all draft RR types.]))
AC_ARG_ENABLE(rrtype-ninfo, AS_HELP_STRING([--enable-rrtype-ninfo],[Enable draft RR type ninfo.]))
if test "x$enable_draft_rrtypes" = "xyes"; then enable_rrtype_ninfo="yes"; fi
case "$enable_rrtype_ninfo" in
yes)
AC_DEFINE_UNQUOTED([RRTYPE_NINFO], [], [Define this to enable RR type NINFO.])
@@ -676,6 +679,7 @@ case "$enable_rrtype_ninfo" in
;;
esac
AC_ARG_ENABLE(rrtype-rkey, AS_HELP_STRING([--enable-rrtype-rkey],[Enable draft RR type rkey.]))
if test "x$enable_draft_rrtypes" = "xyes"; then enable_rrtype_rkey="yes"; fi
case "$enable_rrtype_rkey" in
yes)
AC_DEFINE_UNQUOTED([RRTYPE_RKEY], [], [Define this to enable RR type RKEY.])
@@ -692,6 +696,7 @@ case "$enable_rrtype_openpgpkey" in
;;
esac
AC_ARG_ENABLE(rrtype-ta, AS_HELP_STRING([--enable-rrtype-ta],[Enable draft RR type ta.]))
if test "x$enable_draft_rrtypes" = "xyes"; then enable_rrtype_ta="yes"; fi
case "$enable_rrtype_ta" in
yes)
AC_DEFINE_UNQUOTED([RRTYPE_TA], [], [Define this to enable RR type TA.])
@@ -700,6 +705,7 @@ case "$enable_rrtype_ta" in
;;
esac
AC_ARG_ENABLE(rrtype-avc, AS_HELP_STRING([--enable-rrtype-avc],[Enable draft RR type avc.]))
if test "x$enable_draft_rrtypes" = "xyes"; then enable_rrtype_avc="yes"; fi
case "$enable_rrtype_avc" in
yes)
AC_DEFINE_UNQUOTED([RRTYPE_AVC], [], [Define this to enable RR type AVC.])
@@ -708,6 +714,7 @@ case "$enable_rrtype_avc" in
;;
esac
AC_ARG_ENABLE(rrtype-doa, AS_HELP_STRING([--enable-rrtype-doa],[Enable draft RR type DOA.]))
if test "x$enable_draft_rrtypes" = "xyes"; then enable_rrtype_doa="yes"; fi
case "$enable_rrtype_doa" in
yes)
AC_DEFINE_UNQUOTED([RRTYPE_DOA], [], [Define this to enable RR type DOA.])
@@ -731,7 +738,7 @@ case "$enable_rrtype_svcb_https" in
AC_DEFINE_UNQUOTED([RRTYPE_SVCB_HTTPS], [], [Define this to enable RR types SVCB and HTTPS.])
;;
esac
AC_ARG_ENABLE(rrtype-resinfo, AS_HELP_STRING([--enable-rrtype-resinfo],[Disable RR type RESINFO.]))
AC_ARG_ENABLE(rrtype-resinfo, AS_HELP_STRING([--disable-rrtype-resinfo],[Disable RR type RESINFO.]))
case "$enable_rrtype_resinfo" in
no)
;;
@@ -739,6 +746,32 @@ case "$enable_rrtype_resinfo" in
AC_DEFINE_UNQUOTED([RRTYPE_RESINFO], [], [Define this to enable RR type RESINFO.])
;;
esac
AC_ARG_ENABLE(rrtype-dsync, AS_HELP_STRING([--disable-rrtype-dsync],[Disable RR type DSYNC.]))
case "$enable_rrtype_dsync" in
no)
;;
yes|*)
AC_DEFINE_UNQUOTED([RRTYPE_DSYNC], [], [Define this to enable RR type DSYNC.])
;;
esac
AC_ARG_ENABLE(rrtypes-cla-ipn, AS_HELP_STRING([--enable-rrtypes-cla-ipn],[Enable draft RR types CLA and IPN.]))
if test "x$enable_draft_rrtypes" = "xyes"; then enable_rrtypes_cla_ipn="yes"; fi
case "$enable_rrtypes_cla_ipn" in
yes)
AC_DEFINE_UNQUOTED([RRTYPE_CLA_IPN], [], [Define this to enable RR types CLA and IPN.])
;;
no|*)
;;
esac
AC_ARG_ENABLE(rrtypes-hhit-brid, AS_HELP_STRING([--enable-rrtypes-hhit-brid],[Enable draft RR types HHIT and BRID.]))
if test "x$enable_draft_rrtypes" = "xyes"; then enable_rrtypes_hhit_brid="yes"; fi
case "$enable_rrtypes_hhit_brid" in
yes)
AC_DEFINE_UNQUOTED([RRTYPE_HHIT_BRID], [], [Define this to enable RR types HHIT and BRID.])
;;
no|*)
;;
esac
if echo "$tmp_LIBS" | grep "ws2_32" >/dev/null; then
@@ -1193,7 +1226,7 @@ size_t strlcpy(char *dst, const char *src, size_t siz);
#define close_socket(_s) do { if (_s != SOCK_INVALID) {closesocket(_s); _s = -1;} } while(0)
#else
#define SOCK_INVALID -1
#define close_socket(_s) do { if (_s != SOCK_INVALID) {close(_s); _s = -1;} } while(0)
#define close_socket(_s) do { if (_s != SOCK_INVALID) {close(_s >= -1 ? _s : -1); _s = -1;} } while(0)
#endif
#ifdef __cplusplus
contrib/python/ldns_buffer.i
+1 -1
View File
@@ -45,7 +45,7 @@
/* Result generation, appends (ldns_buffer *) after the result. */
%typemap(argout, noblock=1) (ldns_buffer **)
{
$result = SWIG_Python_AppendOutput($result,
$result = SWIG_AppendOutput($result,
SWIG_NewPointerObj(SWIG_as_voidptr($1_buf),
SWIGTYPE_p_ldns_struct_buffer, SWIG_POINTER_OWN | 0));
}
contrib/python/ldns_key.i
+1 -1
View File
@@ -38,7 +38,7 @@
/* result generation */
%typemap(argout,noblock=1) (ldns_key **)
{
$result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(SWIG_as_voidptr($1_key), SWIGTYPE_p_ldns_struct_key, SWIG_POINTER_OWN | 0 ));
$result = SWIG_AppendOutput($result, SWIG_NewPointerObj(SWIG_as_voidptr($1_key), SWIGTYPE_p_ldns_struct_key, SWIG_POINTER_OWN | 0 ));
}
%typemap(argout) ldns_rdf *r "Py_INCREF($input);"
contrib/python/ldns_packet.i
+1 -1
View File
@@ -45,7 +45,7 @@
/* Result generation, appends (ldns_pkt *) after the result. */
%typemap(argout,noblock=1) (ldns_pkt **)
{
$result = SWIG_Python_AppendOutput($result,
$result = SWIG_AppendOutput($result,
SWIG_NewPointerObj(SWIG_as_voidptr($1_pkt),
SWIGTYPE_p_ldns_struct_pkt, SWIG_POINTER_OWN | 0 ));
}
contrib/python/ldns_rdf.i
+1 -1
View File
@@ -45,7 +45,7 @@
/* Result generation, appends (ldns_rdf *) after the result. */
%typemap(argout, noblock=1) (ldns_rdf **)
{
$result = SWIG_Python_AppendOutput($result,
$result = SWIG_AppendOutput($result,
SWIG_NewPointerObj(SWIG_as_voidptr($1_rdf),
SWIGTYPE_p_ldns_struct_rdf, SWIG_POINTER_OWN | 0));
}
contrib/python/ldns_resolver.i
+1 -1
View File
@@ -45,7 +45,7 @@
/* Result generation, appends (ldns_resolver *) after the result. */
%typemap(argout,noblock=1) (ldns_resolver **r)
{
$result = SWIG_Python_AppendOutput($result,
$result = SWIG_AppendOutput($result,
SWIG_NewPointerObj(SWIG_as_voidptr($1_res),
SWIGTYPE_p_ldns_struct_resolver, SWIG_POINTER_OWN | 0 ));
}
contrib/python/ldns_rr.i
+1 -1
View File
@@ -45,7 +45,7 @@
/* Result generation, appends (ldns_rr *) after the result. */
%typemap(argout, noblock=1) (ldns_rr **)
{
$result = SWIG_Python_AppendOutput($result,
$result = SWIG_AppendOutput($result,
SWIG_NewPointerObj(SWIG_as_voidptr($1_rr),
SWIGTYPE_p_ldns_struct_rr, SWIG_POINTER_OWN | 0 ));
}
contrib/python/ldns_zone.i
+1 -1
View File
@@ -39,7 +39,7 @@
/* result generation */
%typemap(argout,noblock=1) (ldns_zone **)
{
$result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(SWIG_as_voidptr($1_zone), SWIGTYPE_p_ldns_struct_zone, SWIG_POINTER_OWN | 0 ));
$result = SWIG_AppendOutput($result, SWIG_NewPointerObj(SWIG_as_voidptr($1_zone), SWIGTYPE_p_ldns_struct_zone, SWIG_POINTER_OWN | 0 ));
}
%nodefaultctor ldns_struct_zone; //no default constructor & destructor
dnssec.c
+3 -1
View File
@@ -285,6 +285,7 @@ ldns_calc_keytag(const ldns_rr *key)
}
if (ldns_rr_get_type(key) != LDNS_RR_TYPE_DNSKEY &&
ldns_rr_get_type(key) != LDNS_RR_TYPE_CDNSKEY &&
ldns_rr_get_type(key) != LDNS_RR_TYPE_KEY
) {
return 0;
@@ -517,7 +518,8 @@ ldns_key_rr2ds(const ldns_rr *key, ldns_hash h)
const EVP_MD* md = NULL;
#endif
if (ldns_rr_get_type(key) != LDNS_RR_TYPE_DNSKEY) {
if (ldns_rr_get_type(key) != LDNS_RR_TYPE_DNSKEY &&
ldns_rr_get_type(key) != LDNS_RR_TYPE_CDNSKEY) {
return NULL;
}
dnssec_zone.c
+35 -15
View File
@@ -71,8 +71,9 @@ ldns_dnssec_rrs_add_rr(ldns_dnssec_rrs *rrs, ldns_rr *rr)
new_rrs->next = rrs->next;
rrs->rr = rr;
rrs->next = new_rrs;
}
/* Silently ignore equal rr's */
} else
return LDNS_STATUS_EQUAL_RR;
return LDNS_STATUS_OK;
}
@@ -732,25 +733,37 @@ ldns_dnssec_zone_new_frm_fp_l(ldns_dnssec_zone** z, FILE* fp, const ldns_rdf* or
*/
ldns_rr_set_ttl(cur_rr, ldns_rr_ttl(prev_rr));
prev_rr = cur_rr;
#endif
status = ldns_dnssec_zone_add_rr(newzone, cur_rr);
if (status ==
LDNS_STATUS_DNSSEC_NSEC3_ORIGINAL_NOT_FOUND) {
switch(status) {
case LDNS_STATUS_DNSSEC_NSEC3_ORIGINAL_NOT_FOUND:
if (rr_is_rrsig_covering(cur_rr,
LDNS_RR_TYPE_NSEC3)){
ldns_rr_list_push_rr(todo_nsec3_rrsigs,
cur_rr);
} else {
ldns_rr_list_push_rr(todo_nsec3s,
cur_rr);
cur_rr);
}
status = LDNS_STATUS_OK;
} else if (status != LDNS_STATUS_OK)
break;
case LDNS_STATUS_EQUAL_RR:
ldns_rr_free(cur_rr);
#ifndef FASTER_DNSSEC_ZONE_NEW_FRM_FP
cur_rr = prev_rr;
#else
cur_rr = NULL;
#endif
status = LDNS_STATUS_OK;
break;
case LDNS_STATUS_OK:
break;
default:
goto error;
}
#ifndef FASTER_DNSSEC_ZONE_NEW_FRM_FP
prev_rr = cur_rr;
#endif
break;
case LDNS_STATUS_SYNTAX_TTL: /* the ttl was set*/
@@ -1510,11 +1523,18 @@ dnssec_zone_rr_iter_first(dnssec_zone_rr_iter *i, ldns_dnssec_zone *zone)
: (ldns_dnssec_name *)i->node->data;
if (zone->hashed_names) {
do {
i->nsec3_node = ldns_rbtree_first(zone->hashed_names);
i->nsec3_name = i->nsec3_node == LDNS_RBTREE_NULL ?NULL
: (ldns_dnssec_name*)i->nsec3_node->data;
} while (i->nsec3_name && !i->nsec3_name->nsec);
i->nsec3_node = ldns_rbtree_first(zone->hashed_names);
i->nsec3_name = i->nsec3_node == LDNS_RBTREE_NULL ? NULL
: (ldns_dnssec_name*)i->nsec3_node->data;
/* While there is no NSEC3 RR present at this hashed name,
* skip to the next hashed name.
*/
while (i->nsec3_name && !i->nsec3_name->nsec) {
/* next nsec3 */
i->nsec3_node = ldns_rbtree_next(i->nsec3_node);
i->nsec3_name = i->nsec3_node == LDNS_RBTREE_NULL ? NULL
: (ldns_dnssec_name*)i->nsec3_node->data;
}
}
dnssec_zone_rr_iter_set_state_for_next_name(i);
return dnssec_zone_rr_iter_next(i);
doc/ldns_manpages
+367 -367
View File
@@ -1,15 +1,171 @@
ldns_zone_push_rr
ldns_zone_push_rr_list
ldns_rr_rdf
ldns_rr_owner
ldns_rr_rd_count
ldns_rr_ttl
ldns_rr_get_class
ldns_init_random
ldns_rr2canonical
ldns_rr_mx_preference
ldns_rr_mx_exchange
ldns_rdf2buffer_str_a
ldns_rdf2buffer_str_aaaa
ldns_rdf2buffer_str_str
ldns_rdf2buffer_str_b64
ldns_rdf2buffer_str_hex
ldns_rdf2buffer_str_type
ldns_rdf2buffer_str_class
ldns_rdf2buffer_str_alg
ldns_rdf2buffer_str_loc
ldns_rdf2buffer_str_unknown
ldns_rdf2buffer_str_nsap
ldns_rdf2buffer_str_wks
ldns_rdf2buffer_str_nsec
ldns_rdf2buffer_str_period
ldns_rdf2buffer_str_tsigtime
ldns_rdf2buffer_str_apl
ldns_rdf2buffer_str_int16_data
ldns_rdf2buffer_str_int16
ldns_rdf2buffer_str_ipseckey
ldns_rdf_address_reverse
ldns_duration_type
ldns_duration_create
ldns_duration_create_from_string
ldns_duration_cleanup
ldns_duration_compare
ldns_duration2string
ldns_duration2time
ldns_rr_descriptor
ldns_rr_descript
ldns_rr_descriptor_minimum
ldns_rr_descriptor_maximum
ldns_rr_descriptor_field_type
ldns_str2period
ldns_get_rr_class_by_name
ldns_get_rr_type_by_name
ldns_rr_list_cat
ldns_rr_list_push_rr
ldns_rr_list_pop_rr
ldns_buffer
ldns_buffer_new
ldns_buffer_new_frm_data
ldns_buffer_clear
ldns_buffer_printf
ldns_buffer_free
ldns_buffer_copy
ldns_buffer_export
ldns_buffer_export2str
ldns_buffer2str
ldns_rr_push_rdf
ldns_rr_pop_rdf
ldns_update_zocount
ldns_update_prcount
ldns_update_upcount
ldns_update_adcount
ldns_algorithm
ldns_rr_dnskey_flags
ldns_rr_dnskey_set_flags
ldns_rr_dnskey_protocol
ldns_rr_dnskey_set_protocol
ldns_rr_dnskey_algorithm
ldns_rr_dnskey_set_algorithm
ldns_rr_dnskey_key
ldns_rr_dnskey_set_key
ldns_buffer_limit
ldns_buffer_set_limit
ldns_buffer_capacity
ldns_buffer_set_capacity
ldns_buffer_reserve
ldns_buffer_at
ldns_buffer_begin
ldns_buffer_end
ldns_buffer_current
ldns_zone_rrs
ldns_zone_soa
ldns_pkt_set_flags
ldns_pkt_set_id
ldns_pkt_set_qr
ldns_pkt_set_aa
ldns_pkt_set_tc
ldns_pkt_set_rd
ldns_pkt_set_cd
ldns_pkt_set_ra
ldns_pkt_set_ad
ldns_pkt_set_opcode
ldns_pkt_set_rcode
ldns_pkt_set_qdcount
ldns_pkt_set_ancount
ldns_pkt_set_nscount
ldns_pkt_set_arcount
ldns_pkt_set_answerfrom
ldns_pkt_set_querytime
ldns_pkt_set_size
ldns_pkt_set_section_count
ldns_pkt_set_tsig
ldns_pkt_verify
ldns_rr2str
ldns_pkt2str
ldns_rdf2str
ldns_rr_list2str
ldns_key2str
ldns_fget_token
ldns_fskipcs
ldns_pkt
ldns_pkt_section
ldns_pkt_type
ldns_zone_sort
ldns_zone_glue_rr_list
ldns_rr2canonical
ldns_rdf_size
ldns_rdf_get_type
ldns_rdf_data
ldns_rdf_compare
ldns_rr_list_rr_count
ldns_rr_list_set_rr_count
ldns_dnssec_trust_tree_new
ldns_dnssec_trust_tree_free
ldns_dnssec_trust_tree_depth
ldns_dnssec_derive_trust_tree
ldns_dnssec_trust_tree_contains_keys
ldns_dnssec_trust_tree_print
ldns_dnssec_trust_tree_print_sm
ldns_dnssec_trust_tree_add_parent
ldns_dnssec_derive_trust_tree_normal_rrset
ldns_dnssec_derive_trust_tree_dnskey_rrset
ldns_dnssec_derive_trust_tree_ds_rrset
ldns_dnssec_derive_trust_tree_no_sig
ldns_rr_ns_nsdname
ldns_dname_left_chop
ldns_dname_label_count
ldns_dname_new
ldns_dname_new_frm_str
ldns_dname_new_frm_data
ldns_rr_list_new
ldns_rr_list_free
ldns_pkt_new
ldns_pkt_free
ldns_pkt_print
ldns_pkt_query_new
ldns_pkt_query_new_frm_str
ldns_pkt_reply_type
ldns_zone_set_rrs
ldns_zone_set_soa
ldns_dnssec_rrs_new
ldns_dnssec_rrs_free
ldns_dnssec_rrs_add_rr
ldns_dnssec_rrs_print
ldns_key2rr
ldns_update_pkt_new
ldns_rr_rrsig_typecovered
ldns_rr_rrsig_set_typecovered
ldns_rr_rrsig_algorithm
ldns_rr_rrsig_set_algorithm
ldns_rr_rrsig_labels
ldns_rr_rrsig_set_labels
ldns_rr_rrsig_origttl
ldns_rr_rrsig_set_origttl
ldns_rr_rrsig_expiration
ldns_rr_rrsig_set_expiration
ldns_rr_rrsig_inception
ldns_rr_rrsig_set_inception
ldns_rr_rrsig_keytag
ldns_rr_rrsig_set_keytag
ldns_rr_rrsig_signame
ldns_rr_rrsig_set_signame
ldns_rr_rrsig_sig
ldns_rr_rrsig_set_sig
ldns_buffer_write_at
ldns_buffer_write
ldns_buffer_write_string_at
@@ -28,24 +184,77 @@ ldns_buffer_read_u32_at
ldns_buffer_read_u32
ldns_buffer_write_u32
ldns_buffer_write_u32_at
ldns_update_pkt_new
ldns_update_set_zocount
ldns_update_set_prcount
ldns_update_set_upcount
ldns_update_set_adcount
ldns_key
ldns_rr_dnskey_flags
ldns_rr_dnskey_set_flags
ldns_rr_dnskey_protocol
ldns_rr_dnskey_set_protocol
ldns_rr_dnskey_algorithm
ldns_rr_dnskey_set_algorithm
ldns_rr_dnskey_key
ldns_rr_dnskey_set_key
ldns_key_list_key_count
ldns_key_list_key
ldns_key_rsa_key
ldns_key_dsa_key
ldns_key_algorithm
ldns_key_hmac_key
ldns_key_origttl
ldns_key_inception
ldns_key_expiration
ldns_key_keytag
ldns_key_pubkey_owner
ldns_key_flags
ldns_rr2wire
ldns_pkt2wire
ldns_rdf2wire
ldns_send
ldns_zone_push_rr
ldns_zone_push_rr_list
ldns_dname_cat_clone
ldns_dname_cat
ldns_key_list_push_key
ldns_key_list_pop_key
ldns_init_random
ldns_sign_public_dsa
ldns_sign_public_rsamd5
ldns_sign_public_rsasha1
ldns_buffer2pkt_wire
ldns_rr_new
ldns_rr_new_frm_type
ldns_rr_new_frm_str
ldns_rr_new_frm_fp
ldns_rr_free
ldns_rr_print
ldns_rr
ldns_rr_class
ldns_rr_type
ldns_rr_compress
ldns_rr_list
ldns_zone_sign
ldns_zone_sign_nsec3
ldns_get_rr_list_addr_by_name
ldns_get_rr_list_name_by_addr
ldns_key_rr2ds
ldns_native2rdf_int8
ldns_native2rdf_int16
ldns_native2rdf_int32
ldns_native2rdf_int16_data
ldns_rdf2native_int8
ldns_rdf2native_int16
ldns_rdf2native_int32
ldns_rdf2native_sockaddr_storage
ldns_rdf2native_time_t
ldns_zone
ldns_zone_new
ldns_zone_free
ldns_zone_deep_free
ldns_zone_new_frm_fp
ldns_zone_new_frm_fp_l
ldns_zone_print
ldns_zone_print_fmt
ldns_wire2rr
ldns_wire2pkt
ldns_wire2rdf
ldns_wire2dname
ldns_dane_verify
ldns_dane_verify_rr
ldns_verify
ldns_verify_rrsig
ldns_verify_rrsig_keylist
ldns_verify_rrsig_keylist_notime
ldns_verify_notime
ldns_zone_rr_count
ldns_key_set_algorithm
ldns_key_set_rsa_key
ldns_key_set_dsa_key
@@ -58,50 +267,76 @@ ldns_key_set_keytag
ldns_key_set_flags
ldns_key_list_set_key_count
ldns_key_algo_supported
ldns_rr
ldns_rr_class
ldns_rr_type
ldns_rr_compress
ldns_rr_list
ldns_buffer2pkt_wire
ldns_dnssec_name_new
ldns_dnssec_name_new_frm_rr
ldns_dnssec_name_free
ldns_dnssec_name_name
ldns_dnssec_name_set_name
ldns_dnssec_name_set_nsec
ldns_dnssec_name_cmp
ldns_dnssec_name_add_rr
ldns_dnssec_name_find_rrset
ldns_dnssec_name_print
ldns_bubblebabble
ldns_rr2str
ldns_pkt2str
ldns_rdf2str
ldns_rr_list2str
ldns_key2str
ldns_dname_cat_clone
ldns_dname_cat
ldns_dname_left_chop
ldns_dname_label_count
ldns_dnssec_data_chain
ldns_dnssec_data_chain_struct
ldns_dnssec_trust_tree
ldns_buffer
ldns_buffer_new
ldns_buffer_new_frm_data
ldns_buffer_clear
ldns_buffer_printf
ldns_buffer_free
ldns_buffer_copy
ldns_buffer_export
ldns_buffer_export2str
ldns_buffer2str
ldns_key
ldns_key_list_new
ldns_tcp_send_query
ldns_tcp_read_wire
ldns_tcp_connect
ldns_pkt2buffer_str
ldns_pktheader2buffer_str
ldns_rr2buffer_str
ldns_rr_list2buffer_str
ldns_rdf2buffer_str
ldns_key2buffer_str
ldns_pkt2buffer_wire
ldns_rr2buffer_wire
ldns_rdf2buffer_wire
ldns_rrsig2buffer_wire
ldns_rr_rdata2buffer_wire
ldns_send
ldns_update_pkt_tsig_add
ldns_dname_is_subdomain
ldns_dname_str_absolute
ldns_dname_label
ldns_key_buf2dsa
ldns_key_buf2rsa
ldns_key_print
ldns_dnssec_data_chain_new
ldns_dnssec_data_chain_free
ldns_dnssec_data_chain_deep_free
ldns_dnssec_build_data_chain
ldns_dnssec_data_chain_print
ldns_get_rr_list_hosts_frm_file
ldns_get_rr_list_hosts_frm_fp
ldns_get_rr_list_hosts_frm_fp_l
ldns_dnssec_rrsets_new
ldns_dnssec_rrsets_free
ldns_dnssec_rrsets_type
ldns_dnssec_rrsets_set_type
ldns_dnssec_rrsets_add_rr
ldns_dnssec_rrsets_print
ldns_dnssec_verify_denial
ldns_dnssec_verify_denial_nsec3
ldns_rr_mx_preference
ldns_rr_mx_exchange
ldns_rdf_size
ldns_rdf_get_type
ldns_rdf_data
ldns_rdf_compare
ldns_pkt_tsig_verify
ldns_pkt_tsig_sign
ldns_buffer_flip
ldns_buffer_rewind
ldns_buffer_position
ldns_buffer_set_position
ldns_buffer_skip
ldns_rdf_new
ldns_rdf_clone
ldns_rdf_new_frm_data
ldns_rdf_new_frm_str
ldns_rdf_new_frm_fp
ldns_rdf_free
ldns_rdf_deep_free
ldns_rdf_print
ldns_rr_label_count
ldns_dname2canonical
ldns_axfr_start
ldns_axfr_next
ldns_axfr_abort
ldns_axfr_complete
ldns_axfr_last_pkt
ldns_bget_token
ldns_bgetc
ldns_bskipcs
ldns_pkt_id
ldns_pkt_qr
ldns_pkt_aa
@@ -128,67 +363,47 @@ ldns_pkt_get_section_clone
ldns_pkt_rr_list_by_name
ldns_pkt_rr_list_by_type
ldns_pkt_rr_list_by_name_and_type
ldns_pkt2buffer_str
ldns_pktheader2buffer_str
ldns_rr2buffer_str
ldns_rr_list2buffer_str
ldns_rdf2buffer_str
ldns_key2buffer_str
ldns_pkt2buffer_wire
ldns_rr2buffer_wire
ldns_rdf2buffer_wire
ldns_rrsig2buffer_wire
ldns_rr_rdata2buffer_wire
ldns_rr_set_push_rr
ldns_rr_set_pop_rr
ldns_dname_compare
ldns_dname_interval
ldns_update_set_zocount
ldns_update_set_prcount
ldns_update_set_upcount
ldns_update_set_adcount
ldns_get_errorstr_by_id
ldns_status
ldns_key_free
ldns_key_deep_free
ldns_key_list_free
ldns_get_rr_list_addr_by_name
ldns_get_rr_list_name_by_addr
ldns_algorithm
ldns_key_rr2ds
ldns_rr_list_sort
ldns_dnssec_zone_sign
ldns_dnssec_zone_sign_nsec3
ldns_dnssec_zone_mark_glue
ldns_dnssec_name_node_next_nonglue
ldns_dnssec_zone_create_nsecs
ldns_dnssec_remove_signatures
ldns_dnssec_zone_create_rrsigs
ldns_key_print
ldns_buffer_remaining_at
ldns_buffer_remaining
ldns_buffer_available_at
ldns_buffer_available
ldns_buffer_status
ldns_buffer_status_ok
ldns_rdf_set_size
ldns_rdf_set_type
ldns_rdf_set_data
ldns_key_buf2dsa
ldns_key_buf2rsa
ldns_b32_ntop_calculate_size
ldns_b32_pton_calculate_size
ldns_b64_ntop_calculate_size
ldns_b64_pton_calculate_size
ldns_get_errorstr_by_id
ldns_status
ldns_key_list_key_count
ldns_key_list_key
ldns_key_rsa_key
ldns_key_dsa_key
ldns_key_algorithm
ldns_key_hmac_key
ldns_key_origttl
ldns_key_inception
ldns_key_expiration
ldns_key_keytag
ldns_key_pubkey_owner
ldns_key_flags
ldns_dnssec_name_new
ldns_dnssec_name_new_frm_rr
ldns_dnssec_name_free
ldns_dnssec_name_name
ldns_dnssec_name_set_name
ldns_dnssec_name_set_nsec
ldns_dnssec_name_cmp
ldns_dnssec_name_add_rr
ldns_dnssec_name_find_rrset
ldns_dnssec_name_print
ldns_rdf_new
ldns_rdf_clone
ldns_rdf_new_frm_data
ldns_rdf_new_frm_str
ldns_rdf_new_frm_fp
ldns_rdf_free
ldns_rdf_deep_free
ldns_rdf_print
ldns_bget_token
ldns_bgetc
ldns_bskipcs
ldns_get_rr_class_by_name
ldns_get_rr_type_by_name
ldns_rr_compare
ldns_rr_compare_ds
ldns_calc_keytag
ldns_calc_keytag_raw
ldns_rdf
ldns_rdf_type
ldns_dnssec_zone_find_rrset
ldns_dnssec_zone_new
ldns_dnssec_zone_free
@@ -196,87 +411,14 @@ ldns_dnssec_zone_add_rr
ldns_dnssec_zone_names_print
ldns_dnssec_zone_print
ldns_dnssec_zone_add_empty_nonterminals
ldns_sign_public_dsa
ldns_sign_public_rsamd5
ldns_sign_public_rsasha1
ldns_rdf_address_reverse
ldns_pkt_verify
ldns_dnssec_trust_tree_new
ldns_dnssec_trust_tree_free
ldns_dnssec_trust_tree_depth
ldns_dnssec_derive_trust_tree
ldns_dnssec_trust_tree_contains_keys
ldns_dnssec_trust_tree_print
ldns_dnssec_trust_tree_print_sm
ldns_dnssec_trust_tree_add_parent
ldns_dnssec_derive_trust_tree_normal_rrset
ldns_dnssec_derive_trust_tree_dnskey_rrset
ldns_dnssec_derive_trust_tree_ds_rrset
ldns_dnssec_derive_trust_tree_no_sig
ldns_dname_compare
ldns_dname_interval
ldns_rr_new
ldns_rr_new_frm_type
ldns_rr_new_frm_str
ldns_rr_new_frm_fp
ldns_rr_free
ldns_rr_print
ldns_key_list_new
ldns_pkt
ldns_pkt_section
ldns_pkt_type
ldns_verify
ldns_verify_rrsig
ldns_verify_rrsig_keylist
ldns_verify_rrsig_keylist_notime
ldns_verify_notime
ldns_str2period
ldns_create_nsec
ldns_rr_uncompressed_size
ldns_native2rdf_int8
ldns_native2rdf_int16
ldns_native2rdf_int32
ldns_native2rdf_int16_data
ldns_rdf2native_int8
ldns_rdf2native_int16
ldns_rdf2native_int32
ldns_rdf2native_sockaddr_storage
ldns_rdf2native_time_t
ldns_dname2canonical
ldns_dnssec_zone
ldns_dnssec_name
ldns_dnssec_rrs
ldns_dnssec_rrsets
ldns_pkt_set_flags
ldns_pkt_set_id
ldns_pkt_set_qr
ldns_pkt_set_aa
ldns_pkt_set_tc
ldns_pkt_set_rd
ldns_pkt_set_cd
ldns_pkt_set_ra
ldns_pkt_set_ad
ldns_pkt_set_opcode
ldns_pkt_set_rcode
ldns_pkt_set_qdcount
ldns_pkt_set_ancount
ldns_pkt_set_nscount
ldns_pkt_set_arcount
ldns_pkt_set_answerfrom
ldns_pkt_set_querytime
ldns_pkt_set_size
ldns_pkt_set_section_count
ldns_pkt_set_tsig
ldns_zone_rr_count
ldns_rr_set_owner
ldns_rr_set_ttl
ldns_rr_set_type
ldns_rr_set_rd_count
ldns_rr_set_class
ldns_rr_set_rdf
ldns_zone_sort
ldns_zone_glue_rr_list
ldns_dane_create_tlsa_rr
ldns_dane_create_tlsa_owner
ldns_dane_cert2rdf
ldns_dane_select_certificate
ldns_getaddrinfo
ldns_rr_set_push_rr
ldns_rr_set_pop_rr
ldns_key_new
ldns_key_new_frm_algorithm
ldns_key_new_frm_fp
@@ -285,131 +427,24 @@ ldns_key_new_frm_fp_rsa
ldns_key_new_frm_fp_rsa_l
ldns_key_new_frm_fp_dsa
ldns_key_new_frm_fp_dsa_l
ldns_sign_public
ldns_rr_label_count
ldns_rr_list_cat
ldns_rr_list_push_rr
ldns_rr_list_pop_rr
ldns_fget_token
ldns_fskipcs
ldns_dane_create_tlsa_rr
ldns_dane_create_tlsa_owner
ldns_dane_cert2rdf
ldns_dane_select_certificate
ldns_rdf2buffer_str_a
ldns_rdf2buffer_str_aaaa
ldns_rdf2buffer_str_str
ldns_rdf2buffer_str_b64
ldns_rdf2buffer_str_hex
ldns_rdf2buffer_str_type
ldns_rdf2buffer_str_class
ldns_rdf2buffer_str_alg
ldns_rdf2buffer_str_loc
ldns_rdf2buffer_str_unknown
ldns_rdf2buffer_str_nsap
ldns_rdf2buffer_str_wks
ldns_rdf2buffer_str_nsec
ldns_rdf2buffer_str_period
ldns_rdf2buffer_str_tsigtime
ldns_rdf2buffer_str_apl
ldns_rdf2buffer_str_int16_data
ldns_rdf2buffer_str_int16
ldns_rdf2buffer_str_ipseckey
ldns_verify_rrsig_dsa
ldns_verify_rrsig_rsasha1
ldns_verify_rrsig_rsamd5
ldns_key_list_push_key
ldns_key_list_pop_key
ldns_zone_sign
ldns_zone_sign_nsec3
ldns_rr_push_rdf
ldns_rr_pop_rdf
ldns_dnssec_zone_sign
ldns_dnssec_zone_sign_nsec3
ldns_dnssec_zone_mark_glue
ldns_dnssec_name_node_next_nonglue
ldns_dnssec_zone_create_nsecs
ldns_dnssec_remove_signatures
ldns_dnssec_zone_create_rrsigs
ldns_key2rr
ldns_dane_verify
ldns_dane_verify_rr
ldns_version
ldns_rr_compare
ldns_rr_compare_ds
ldns_wire2rr
ldns_wire2pkt
ldns_wire2rdf
ldns_wire2dname
ldns_dnssec_rrs_new
ldns_dnssec_rrs_free
ldns_dnssec_rrs_add_rr
ldns_dnssec_rrs_print
ldns_axfr_start
ldns_axfr_next
ldns_axfr_abort
ldns_axfr_complete
ldns_axfr_last_pkt
ldns_octet
ldns_rr_list_clone
ldns_buffer_flip
ldns_buffer_rewind
ldns_buffer_position
ldns_buffer_set_position
ldns_buffer_skip
ldns_rr_list_sort
ldns_rdf
ldns_rdf_type
ldns_calc_keytag
ldns_calc_keytag_raw
ldns_dnssec_rrsets_new
ldns_dnssec_rrsets_free
ldns_dnssec_rrsets_type
ldns_dnssec_rrsets_set_type
ldns_dnssec_rrsets_add_rr
ldns_dnssec_rrsets_print
ldns_tcp_send_query
ldns_tcp_read_wire
ldns_tcp_connect
ldns_pkt_tsig_verify
ldns_pkt_tsig_sign
ldns_rdf_set_size
ldns_rdf_set_type
ldns_rdf_set_data
ldns_dnssec_data_chain_new
ldns_dnssec_data_chain_free
ldns_dnssec_data_chain_deep_free
ldns_dnssec_build_data_chain
ldns_dnssec_data_chain_print
ldns_buffer_remaining_at
ldns_buffer_remaining
ldns_buffer_available_at
ldns_buffer_available
ldns_buffer_status
ldns_buffer_status_ok
ldns_buffer_limit
ldns_buffer_set_limit
ldns_buffer_capacity
ldns_buffer_set_capacity
ldns_buffer_reserve
ldns_buffer_at
ldns_buffer_begin
ldns_buffer_end
ldns_buffer_current
ldns_get_rr_list_hosts_frm_file
ldns_get_rr_list_hosts_frm_fp
ldns_get_rr_list_hosts_frm_fp_l
ldns_dname_new
ldns_dname_new_frm_str
ldns_dname_new_frm_data
ldns_duration_type
ldns_duration_create
ldns_duration_create_from_string
ldns_duration_cleanup
ldns_duration_compare
ldns_duration2string
ldns_duration2time
ldns_rr_list_new
ldns_rr_list_free
ldns_dnssec_zone
ldns_dnssec_name
ldns_dnssec_rrs
ldns_dnssec_rrsets
ldns_version
ldns_rr_rdf
ldns_rr_owner
ldns_rr_rd_count
ldns_rr_ttl
ldns_rr_get_class
ldns_rr_set_owner
ldns_rr_set_ttl
ldns_rr_set_type
ldns_rr_set_rd_count
ldns_rr_set_class
ldns_rr_set_rdf
ldns_pkt_edns
ldns_pkt_edns_udp_size
ldns_pkt_edns_extended_rcode
@@ -421,50 +456,15 @@ ldns_pkt_set_edns_extended_rcode
ldns_pkt_set_edns_version
ldns_pkt_set_edns_z
ldns_pkt_set_edns_data
ldns_update_zocount
ldns_update_prcount
ldns_update_upcount
ldns_update_adcount
ldns_rr_list_rr_count
ldns_rr_list_set_rr_count
ldns_zone_set_rrs
ldns_zone_set_soa
ldns_sign_public
ldns_dnssec_data_chain
ldns_dnssec_data_chain_struct
ldns_dnssec_trust_tree
ldns_verify_rrsig_dsa
ldns_verify_rrsig_rsasha1
ldns_verify_rrsig_rsamd5
ldns_dname_is_subdomain
ldns_dname_str_absolute
ldns_dname_label
ldns_is_rrset
ldns_octet
ldns_zone
ldns_zone_new
ldns_zone_free
ldns_zone_deep_free
ldns_zone_new_frm_fp
ldns_zone_new_frm_fp_l
ldns_zone_print
ldns_zone_print_fmt
ldns_rr_rrsig_typecovered
ldns_rr_rrsig_set_typecovered
ldns_rr_rrsig_algorithm
ldns_rr_rrsig_set_algorithm
ldns_rr_rrsig_labels
ldns_rr_rrsig_set_labels
ldns_rr_rrsig_origttl
ldns_rr_rrsig_set_origttl
ldns_rr_rrsig_expiration
ldns_rr_rrsig_set_expiration
ldns_rr_rrsig_inception
ldns_rr_rrsig_set_inception
ldns_rr_rrsig_keytag
ldns_rr_rrsig_set_keytag
ldns_rr_rrsig_signame
ldns_rr_rrsig_set_signame
ldns_rr_rrsig_sig
ldns_rr_rrsig_set_sig
ldns_pkt_new
ldns_pkt_free
ldns_pkt_print
ldns_pkt_query_new
ldns_pkt_query_new_frm_str
ldns_pkt_reply_type
ldns_rr_descriptor
ldns_rr_descript
ldns_rr_descriptor_minimum
ldns_rr_descriptor_maximum
ldns_rr_descriptor_field_type
ldns_rr_uncompressed_size
doc/man/man3/ldns_dnssec_name_new.3
+3 -1
View File
@@ -105,7 +105,9 @@ No checking is done whether the name matches
\.br
\fBrr\fR: The \%RR to add
\.br
Returns \%LDNS_STATUS_OK on success, error code otherwise
Returns \%LDNS_STATUS_OK on success and \%LDNS_STATUS_EQUAL_ERR when and
\%RR with equal ownername, class, type and rdata already exists,
and an error code otherwise
.PP
.HP
\fIldns_dnssec_name_find_rrset\fR()
doc/man/man3/ldns_dnssec_rrs_new.3
+2 -1
View File
@@ -42,7 +42,8 @@ If an equal \%RR already exists, this \%RR will not be added.
\.br
\fBrr\fR: the \%RR to add
\.br
Returns \%LDNS_STATUS_OK on success
Returns \%LDNS_STATUS_OK on success and \%LDNS_STATUS_EQUAL_ERR when and
\%RR with equal ownername, class, type and rdata already exists.
.PP
.HP
\fIldns_dnssec_rrs_print\fR()
doc/man/man3/ldns_dnssec_rrsets_new.3
+2 -1
View File
@@ -69,7 +69,8 @@ If it is not present, add it as a new RRset with 1 record.
\.br
\fBrr\fR: the rr to add to the list of rrsets
\.br
Returns \%LDNS_STATUS_OK on success
Returns \%LDNS_STATUS_OK on success and \%LDNS_STATUS_EQUAL_ERR when and
\%RR with equal ownername, class, type and rdata already exists.
.PP
.HP
\fIldns_dnssec_rrsets_print\fR()
doc/man/man3/ldns_dnssec_zone_find_rrset.3
+3 -1
View File
@@ -65,7 +65,9 @@ Special handling of \%NSEC and \%RRSIG provided
\.br
\fBrr\fR: The \%RR to add
\.br
Returns \%LDNS_STATUS_OK on success, an error code otherwise
Returns \%LDNS_STATUS_OK on success and \%LDNS_STATUS_EQUAL_ERR when and
\%RR with equal ownername, class, type and rdata already exists,
and an error code otherwise
.PP
.HP
\fIldns_dnssec_zone_names_print\fR()
doc/man/man3/ldns_rdf.3
+14 -2
View File
@@ -74,6 +74,10 @@ enum ldns_enum_rdf_type
\fB32 bits:\fR
.br
LDNS_RDF_TYPE_INT32,
.br
\fB64 bits:\fR
.br
LDNS_RDF_TYPE_INT64,
.br
\fBA record:\fR
.br
@@ -106,6 +110,8 @@ enum ldns_enum_rdf_type
\fBnsec type codes:\fR
.br
LDNS_RDF_TYPE_NSEC,
.br
LDNS_RDF_TYPE_BITMAP = LDNS_RDF_TYPE_NSEC,
.br
\fBa RR type:\fR
.br
@@ -206,6 +212,12 @@ enum ldns_enum_rdf_type
LDNS_RDF_TYPE_EUI64,
.br
.br
\fBCharacter string without quotes.:\fR
.br
LDNS_RDF_TYPE_UNQUOTED,
.br
.br
/** A non-zero sequence of US-ASCII letters and numbers in lower case.
.br
@@ -257,9 +269,9 @@ enum ldns_enum_rdf_type
.br
.br
/* Aliases */
\fBdraft-johnson-dns-ipn-cla-07 *:\fR
.br
LDNS_RDF_TYPE_BITMAP = LDNS_RDF_TYPE_NSEC
LDNS_RDF_TYPE_IPN
.br
};
.br
doc/man/man3/ldns_rr.3
+19 -1
View File
@@ -462,6 +462,12 @@ enum ldns_enum_rr_type
.br
LDNS_RR_TYPE_HTTPS = 65, /* RFC 9460 */
.br
LDNS_RR_TYPE_DSYNC = 66, /* RFC 9859 */
.br
LDNS_RR_TYPE_HHIT = 67, /* draft-ietf-drip-registries-28 */
.br
LDNS_RR_TYPE_BRID = 68, /* draft-ietf-drip-registries-28 */
.br
.br
LDNS_RR_TYPE_SPF = 99, /* RFC 4408 */
@@ -494,7 +500,7 @@ enum ldns_enum_rr_type
.br
.br
LDNS_RR_TYPE_NXNAME = 128, /* draft-ietf-dnsop-compact-denial-of-existence */
LDNS_RR_TYPE_NXNAME = 128, /* RFC 9824 */
.br
.br
@@ -545,6 +551,18 @@ enum ldns_enum_rr_type
LDNS_RR_TYPE_WALLET = 262,
.br
.br
\fBhttps://www.iana.org/assignments/dns-parameters/CLA/cla-completed-template:\fR
.br
LDNS_RR_TYPE_CLA = 263,
.br
.br
\fBhttps://www.iana.org/assignments/dns-parameters/IPN/ipn-completed-template:\fR
.br
LDNS_RR_TYPE_IPN = 264,
.br
.br
\fBDNSSEC Trust Authorities:\fR
.br
drill/drill.c
+1 -1
View File
@@ -855,7 +855,7 @@ main(int argc, char *argv[])
status = ldns_send_buffer(&pkt, res, query_buffer, NULL);
ldns_buffer_free(query_buffer);
if (status != LDNS_STATUS_OK) {
printf("Error: %s\n", ldns_get_errorstr_by_id(status));
fprintf(stderr, "Error: %s\n", ldns_get_errorstr_by_id(status));
exit(1);
}
} else {
drill/securetrace.c
+6 -1
View File
@@ -291,7 +291,12 @@ do_secure_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t,
/* trust glue? */
new_ns_addr = NULL;
if (ldns_dname_is_subdomain(pop, labels[i])) {
new_ns_addr = ldns_pkt_rr_list_by_name_and_type(local_p, pop, LDNS_RR_TYPE_A, LDNS_SECTION_ADDITIONAL);
if (ldns_resolver_ip6(res) == LDNS_RESOLV_INET6) {
new_ns_addr = ldns_pkt_rr_list_by_name_and_type(local_p, pop, LDNS_RR_TYPE_AAAA, LDNS_SECTION_ADDITIONAL);
} else {
/* If IPv4 is specified, or no IP version is specified, default to A record and use IPv4 */
new_ns_addr = ldns_pkt_rr_list_by_name_and_type(local_p, pop, LDNS_RR_TYPE_A, LDNS_SECTION_ADDITIONAL);
}
}
if (!new_ns_addr || ldns_rr_list_rr_count(new_ns_addr) == 0) {
new_ns_addr = ldns_get_rr_list_addr_by_name(res, pop, c, 0);
error.c
+2
View File
@@ -189,6 +189,8 @@ ldns_lookup_table ldns_error_str[] = {
{ LDNS_STATUS_EDE_OPTION_MALFORMED,
"The extended error code option is malformed, expected "
"at least 2 bytes of option data" },
{ LDNS_STATUS_EQUAL_RR,
"An identical RR already existed in the zone" },
{ 0, NULL }
};
examples/ldns-compare-zones.1
+4
View File
@@ -8,6 +8,7 @@ ldns-compare-zones \- read and compare two zonefiles and print differences
.IR [-u]
.IR [-i]
.IR [-d]
.IR [-Z]
.IR [-z]
.IR [-s]
.IR ZONEFILE1
@@ -44,6 +45,9 @@ Print resource records whose owner names are present only in ZONEFILE1 (a.k.a. d
Print all changes (except unchanged). Specifying this option is the same as specifying \-c \-i
and \-d.
.TP
\fB-Z\fR
exclude ZONEMD records from comparison
.TP
\fB-z\fR
Suppress zone sorting; this option is not recommended; it can cause records
to be incorrectly marked as changed, depending of the nature of the changes.
examples/ldns-compare-zones.c
+19 -3
View File
@@ -26,7 +26,7 @@
static void
usage(char *prog)
{
printf("Usage: %s [-v] [-i] [-d] [-c] [-u] [-s] [-e] "
printf("Usage: %s [-v] [-i] [-d] [-c] [-u] [-s] [-Z] [-e] "
"<zonefile1> <zonefile2>\n", prog);
printf(" -i - print inserted\n");
printf(" -d - print deleted\n");
@@ -35,6 +35,7 @@ usage(char *prog)
printf(" -U - print unchanged records in changed names\n");
printf(" -a - print all differences (-i -d -c)\n");
printf(" -s - do not exclude SOA record from comparison\n");
printf(" -Z - exclude ZONEMD records from comparison\n");
printf(" -z - do not sort zones\n");
printf(" -e - exit with status 2 on changed zones\n");
printf(" -h - show usage and exit\n");
@@ -60,11 +61,11 @@ main(int argc, char **argv)
int c;
bool opt_deleted = false, opt_inserted = false;
bool opt_changed = false, opt_unchanged = false, opt_Unchanged = false;
bool sort = true, inc_soa = false;
bool sort = true, inc_soa = false, exc_zonemd = false;
bool opt_exit_status = false;
char op = 0;
while ((c = getopt(argc, argv, "ahvdicuUesz")) != -1) {
while ((c = getopt(argc, argv, "ahvdicuUesZz")) != -1) {
switch (c) {
case 'h':
usage(argv[0]);
@@ -83,6 +84,9 @@ main(int argc, char **argv)
case 's':
inc_soa = true;
break;
case 'Z':
exc_zonemd = true;
break;
case 'z':
sort = false;
break;
@@ -208,6 +212,18 @@ main(int argc, char **argv)
* set the operator again.
*/
for (i = 0, j = 0; i < rrc1 || j < rrc2;) {
if (exc_zonemd) {
if (ldns_rr_get_type(ldns_rr_list_rr(rrl1, i))
== LDNS_RR_TYPE_ZONEMD) {
i += 1;
continue;
}
if (ldns_rr_get_type(ldns_rr_list_rr(rrl2, j))
== LDNS_RR_TYPE_ZONEMD) {
j += 1;
continue;
}
}
rr_cmp = 0;
if (i < rrc1 && j < rrc2) {
rr1 = ldns_rr_list_rr(rrl1, i);
examples/ldns-dpa.c
+6
View File
@@ -85,6 +85,7 @@ enum enum_match_ids {
MATCH_EDNS,
MATCH_EDNS_PACKETSIZE,
MATCH_DO,
MATCH_CO,
MATCH_QUESTION_SIZE,
MATCH_ANSWER_SIZE,
MATCH_AUTHORITY_SIZE,
@@ -237,6 +238,7 @@ const match_table matches[] = {
{ MATCH_RD, "rd", "value of rd bit", TYPE_BOOL },
{ MATCH_EDNS, "edns", "existence of edns rr", TYPE_BOOL },
{ MATCH_DO, "do", "value of do bit", TYPE_BOOL },
{ MATCH_CO, "co", "value of co bit", TYPE_BOOL },
{ MATCH_QUESTION_SIZE, "questionsize", "number of rrs in the question section", TYPE_INT },
{ MATCH_ANSWER_SIZE, "answersize", "number of rrs in the answer section", TYPE_INT },
{ MATCH_AUTHORITY_SIZE, "authoritysize", "number of rrs in the authority section", TYPE_INT },
@@ -1129,6 +1131,7 @@ value_matches(match_id id,
case MATCH_CD:
case MATCH_RD:
case MATCH_DO:
case MATCH_CO:
case MATCH_PACKETSIZE:
case MATCH_EDNS:
case MATCH_EDNS_PACKETSIZE:
@@ -1214,6 +1217,9 @@ get_string_value(match_id id, ldns_pkt *pkt, ldns_rdf *src_addr, ldns_rdf *dst_a
case MATCH_DO:
snprintf(val, valsize, "%u", (unsigned int) ldns_pkt_edns_do(pkt));
break;
case MATCH_CO:
snprintf(val, valsize, "%u", (unsigned int) ldns_pkt_edns_co(pkt));
break;
case MATCH_QUESTION_SIZE:
snprintf(val, valsize, "%u", (unsigned int) ldns_pkt_qdcount(pkt));
break;
examples/ldns-signzone.1
+6 -9
View File
@@ -16,8 +16,8 @@ KEY
.SH DESCRIPTION
\fBldns-signzone\fR is used to generate a DNSSEC signed zone. When run it
will create a new zonefile that contains RRSIG and NSEC resource records, as
specified in RFC 4033, RFC 4034 and RFC 4035.
will create a new zonefile that contains RRSIG and NSEC(3) resource records,
as specified in RFC 4033, RFC 4034 and RFC 4035.
Keys must be specified by their base name (i.e. without .private). If
the DNSKEY that belongs to the key in the .private file is not present
@@ -25,9 +25,9 @@ in the zone, it will be read from the file <base name>.key. If that
file does not exist, the DNSKEY value will be generated from the
private key.
Multiple keys can be specified, Key Signing Keys are used as such when
Multiple keys can be specified. Key Signing Keys are used as such when
they are either already present in the zone, or specified in a .key
file, and have the KSK bit set.
file, and have the SEP bit set.
.SH OPTIONS
.TP
@@ -42,10 +42,7 @@ the comment text.
.TP
\fB-d\fR
Normally, if the DNSKEY RR for a key that is used to sign the zone is
not found in the zone file, it will be read from .key, or derived from
the private key (in that order). This option turns that feature off,
so that only the signatures are added to the zone.
Do not add DNSKEY resource records for used keys to the signed zone.
.TP
\fB-e\fR \fIdate\fR
@@ -95,7 +92,7 @@ turns off the default and all keys are used to sign the DNSKEY RRset.
\fB-U\fR
Sign with every unique algorithm in the provided keys. The DNSKEY set
is signed with all the SEP keys, plus all the non\-SEP keys that have an
algorithm that was not presen in the SEP key set.
algorithm that was not present in the SEP key set.
.TP
\fB-E\fR \fIname\fR
examples/ldns-testpkts.c
+10
View File
@@ -114,6 +114,8 @@ static void matchline(char* line, struct entry* e)
e->match_ttl = true;
} else if(str_keyword(&parse, "DO")) {
e->match_do = true;
} else if(str_keyword(&parse, "CO")) {
e->match_co = true;
} else if(str_keyword(&parse, "noedns")) {
e->match_noedns = true;
} else if(str_keyword(&parse, "ednsdata")) {
@@ -202,6 +204,9 @@ static void replyline(char* line, ldns_pkt *reply)
} else if(str_keyword(&parse, "DO")) {
ldns_pkt_set_edns_udp_size(reply, 4096);
ldns_pkt_set_edns_do(reply, true);
} else if(str_keyword(&parse, "CO")) {
ldns_pkt_set_edns_udp_size(reply, 4096);
ldns_pkt_set_edns_co(reply, true);
} else {
error("could not parse REPLY: '%s'", parse);
}
@@ -246,6 +251,7 @@ static struct entry* new_entry(void)
e->match_all = false;
e->match_ttl = false;
e->match_do = false;
e->match_co = false;
e->match_noedns = false;
e->match_serial = false;
e->ixfr_soa_serial = 0;
@@ -794,6 +800,10 @@ find_match(struct entry* entries, ldns_pkt* query_pkt,
verbose(3, "no DO bit set\n");
continue;
}
if(p->match_co && !ldns_pkt_edns_co(query_pkt)) {
verbose(3, "no CO bit set\n");
continue;
}
if(p->match_noedns && ldns_pkt_edns(query_pkt)) {
verbose(3, "bad; EDNS OPT present\n");
continue;
examples/ldns-testpkts.h
+2
View File
@@ -180,6 +180,8 @@ struct entry {
bool match_ttl;
/** match DO bit */
bool match_do;
/** match CO bit */
bool match_co;
/** match absence of EDNS OPT record in query */
bool match_noedns;
/** match edns data field given in hex */
examples/ldns-verify-zone.1.in
+7
View File
@@ -48,6 +48,13 @@ Only check this percentage of the zone.
Which names to check is determined randomly.
Defaults to 100.
.TP
\fB-s\fR
Check all signature results, instead of one. Without the option one signature
that validates stops error output for the RRset. With the option, all
results from signature validations are printed. For spurious RRSIGs that
prints output for the spurious RRSIGs if they are wrong.
.TP
\fB-S\fR
Chase signature(s) to a known key.
examples/ldns-verify-zone.c
+32 -4
View File
@@ -26,6 +26,7 @@ static int32_t inception_offset = 0;
static int32_t expiration_offset = 0;
static bool do_sigchase = false;
static bool no_nomatch_msg = false;
static int check_all_sigs = 0;
static FILE* myout;
static FILE* myerr;
@@ -171,23 +172,32 @@ verify_rrs(ldns_rr_list* rrset_rrs, ldns_dnssec_rrs* cur_sig,
ldns_rr_list* keys)
{
ldns_status status, result = LDNS_STATUS_OK;
int one_signature_verified = 0;
ldns_dnssec_rrs *cur_sig_bak = cur_sig;
int is_dnskey_rrset = ldns_rr_list_rr_count(rrset_rrs) > 0 &&
ldns_rr_get_type(ldns_rr_list_rr(rrset_rrs, 0)) == LDNS_RR_TYPE_DNSKEY;
/* A single valid signature validates the RRset */
while (cur_sig) {
/* With check all sigs, it skips this, except for the DNSKEY RRset. */
if(!check_all_sigs || is_dnskey_rrset) {
while (cur_sig) {
if (ldns_verify_rrsig_keylist_time( rrset_rrs, cur_sig->rr
, keys, check_time, NULL)
|| rrsig_check_time_margins(cur_sig->rr))
cur_sig = cur_sig->next;
else
return LDNS_STATUS_OK;
}
}
/* Without any valid signature, do print all errors. */
/* When checking all sigs, keep track if one is valid. */
for (cur_sig = cur_sig_bak; cur_sig; cur_sig = cur_sig->next) {
status = ldns_verify_rrsig_keylist_time(rrset_rrs,
cur_sig->rr, keys, check_time, NULL);
status = status ? status
: rrsig_check_time_margins(cur_sig->rr);
if(check_all_sigs && status == LDNS_STATUS_OK)
one_signature_verified += 1;
if (!status)
; /* pass */
else if (!no_nomatch_msg || status !=
@@ -196,6 +206,8 @@ verify_rrs(ldns_rr_list* rrset_rrs, ldns_dnssec_rrs* cur_sig,
myerr, rrset_rrs, status, cur_sig);
update_error(&result, status);
}
if(check_all_sigs && one_signature_verified)
return LDNS_STATUS_OK;
return result;
}
@@ -712,6 +724,7 @@ static void print_usage(FILE *out, const char *progname)
"\t\t\tDefault is %s\n", LDNS_TRUST_ANCHOR_FILE);
fprintf(out, "\t-p [0-100]\tonly checks this percentage of "
"the zone.\n\t\t\tDefaults to 100\n");
fprintf(out, "\t-s\t\tcheck all signature results, instead of one.\n");
fprintf(out, "\t-S\t\tchase signature(s) to a known key. "
"The network may be\n\t\t\taccessed to "
"validate the zone's DNSKEYs. (implies -k)\n");
@@ -759,13 +772,14 @@ main(int argc, char **argv)
myout = stdout;
myerr = stderr;
while ((c = getopt(argc, argv, "ae:hi:k:vV:p:St:Z")) != -1) {
while ((c = getopt(argc, argv, "ae:hi:k:vV:p:sSt:Z")) != -1) {
switch(c) {
case 'a':
apexonly = true;
break;
case 'h':
print_usage(stdout, progname);
ldns_rr_list_deep_free(keys);
exit(EXIT_SUCCESS);
break;
case 'e':
@@ -779,6 +793,7 @@ main(int argc, char **argv)
"P[n]Y[n]M[n]DT[n]H[n]M[n]S\n"
);
}
ldns_rr_list_deep_free(keys);
exit(EXIT_FAILURE);
}
if (c == 'e')
@@ -804,6 +819,7 @@ main(int argc, char **argv)
"%s: %s\n",optarg,
ldns_get_errorstr_by_id(s));
}
ldns_rr_list_deep_free(keys);
exit(EXIT_FAILURE);
}
if (ldns_rr_list_rr_count(keys) == nkeys) {
@@ -812,6 +828,7 @@ main(int argc, char **argv)
"No keys found in file %s\n",
optarg);
}
ldns_rr_list_deep_free(keys);
exit(EXIT_FAILURE);
}
nkeys = ldns_rr_list_rr_count(keys);
@@ -824,10 +841,14 @@ main(int argc, char **argv)
"percentage needs to fall "
"between 0..100\n");
}
ldns_rr_list_deep_free(keys);
exit(EXIT_FAILURE);
}
srandom(time(NULL) ^ getpid());
break;
case 's':
check_all_sigs = 1;
break;
case 'S':
do_sigchase = true;
/* may chase */
@@ -850,6 +871,7 @@ main(int argc, char **argv)
case 'v':
printf("verify-zone version %s (ldns version %s)\n",
LDNS_VERSION, ldns_version());
ldns_rr_list_deep_free(keys);
exit(EXIT_SUCCESS);
break;
case 'V':
@@ -869,6 +891,7 @@ main(int argc, char **argv)
fprintf(myerr, "Unable to chase "
"signature without keys.\n");
}
ldns_rr_list_deep_free(keys);
exit(EXIT_FAILURE);
}
}
@@ -887,10 +910,12 @@ main(int argc, char **argv)
fprintf(myerr, "Unable to open %s: %s\n",
filename, strerror(errno));
}
ldns_rr_list_deep_free(keys);
exit(EXIT_FAILURE);
}
} else {
print_usage(stderr, progname);
ldns_rr_list_deep_free(keys);
exit(EXIT_FAILURE);
}
@@ -901,6 +926,7 @@ main(int argc, char **argv)
fprintf(myerr, "%s at line %d\n",
ldns_get_errorstr_by_id(s), line_nr);
}
ldns_rr_list_deep_free(keys);
exit(EXIT_FAILURE);
}
if (!dnssec_zone->soa) {
@@ -908,6 +934,7 @@ main(int argc, char **argv)
fprintf(myerr,
"; Error: no SOA in the zone\n");
}
ldns_rr_list_deep_free(keys);
exit(EXIT_FAILURE);
}
@@ -927,9 +954,10 @@ main(int argc, char **argv)
if (zonemd_required == 1
&& !ldns_dnssec_zone_find_rrset(dnssec_zone,
dnssec_zone->soa->name, LDNS_RR_TYPE_DNSKEY))
dnssec_zone->soa->name, LDNS_RR_TYPE_DNSKEY)) {
ldns_rr_list_deep_free(keys);
result = LDNS_STATUS_OK;
else
} else
result = verify_dnssec_zone(dnssec_zone,
dnssec_zone->soa->name, keys, apexonly,
percentage, zonemd_required > 2);
examples/ldns-walk.c
+14 -13
View File
@@ -38,22 +38,24 @@ create_dname_plus_1(ldns_rdf *dname)
size_t i;
ldns_dname2canonical(dname);
labellen = ldns_rdf_data(dname)[0];
if (verbosity >= 3) {
printf("Create +e for ");
ldns_rdf_print(stdout, dname);
printf("\n");
}
if (ldns_rdf_size(dname) < LDNS_MAX_DOMAINLEN) {
wire = malloc(ldns_rdf_size(dname) + 2);
if (labellen < 63) {
wire = malloc(ldns_rdf_size(dname) + 1);
if (!wire) {
fprintf(stderr, "Malloc error: out of memory?\n");
exit(127);
}
wire[0] = (uint8_t) 1;
wire[1] = (uint8_t) '\000';
memcpy(&wire[2], ldns_rdf_data(dname), ldns_rdf_size(dname));
wire[0] = labellen + 1;
memcpy(&wire[1], ldns_rdf_data(dname) + 1, labellen);
memcpy(&wire[labellen+1], ldns_rdf_data(dname) + labellen, ldns_rdf_size(dname) - labellen);
wire[labellen+1] = (uint8_t) '\000';
pos = 0;
status = ldns_wire2dname(&newdname, wire, ldns_rdf_size(dname) + 2, &pos);
status = ldns_wire2dname(&newdname, wire, ldns_rdf_size(dname) + 1, &pos);
free(wire);
} else {
wire = malloc(ldns_rdf_size(dname));
@@ -61,7 +63,6 @@ create_dname_plus_1(ldns_rdf *dname)
fprintf(stderr, "Malloc error: out of memory?\n");
exit(127);
}
labellen = ldns_rdf_data(dname)[0];
wire[0] = labellen;
memcpy(&wire[1], ldns_rdf_data(dname) + 1, labellen);
memcpy(&wire[labellen], ldns_rdf_data(dname) + labellen, ldns_rdf_size(dname) - labellen);
@@ -323,7 +324,7 @@ main(int argc, char *argv[])
/* create a new resolver from /etc/resolv.conf */
if(!serv) {
if (ldns_resolver_new_frm_file(&res, NULL) != LDNS_STATUS_OK) {
fprintf(stderr, "%s", "Could not create resolver obj");
fprintf(stderr, "%s\n", "Could not create resolver obj.");
result = EXIT_FAILURE;
goto exit;
}
@@ -344,7 +345,7 @@ main(int argc, char *argv[])
status = ldns_resolver_new_frm_file(&cmdline_res, NULL);
if (status != LDNS_STATUS_OK) {
fprintf(stderr, "%s", "@server ip could not be converted");
fprintf(stderr, "%s\n", "@server ip could not be converted");
result = EXIT_FAILURE;
goto exit;
}
@@ -358,7 +359,7 @@ main(int argc, char *argv[])
ldns_rdf_deep_free(cmdline_dname);
ldns_resolver_deep_free(cmdline_res);
if (!cmdline_rr_list) {
fprintf(stderr, "%s %s", "could not find any address for the name: ", serv);
fprintf(stderr, "%s %s\n", "Could not find any address for the name:", serv);
result = EXIT_FAILURE;
goto exit;
} else {
@@ -366,7 +367,7 @@ main(int argc, char *argv[])
res,
cmdline_rr_list
) != LDNS_STATUS_OK) {
fprintf(stderr, "%s", "pushing nameserver");
fprintf(stderr, "%s\n", "pushing nameserver");
result = EXIT_FAILURE;
ldns_rr_list_deep_free(cmdline_rr_list);
goto exit;
@@ -375,7 +376,7 @@ main(int argc, char *argv[])
}
} else {
if (ldns_resolver_push_nameserver(res, serv_rdf) != LDNS_STATUS_OK) {
fprintf(stderr, "%s", "pushing nameserver");
fprintf(stderr, "%s\n", "pushing nameserver");
result = EXIT_FAILURE;
goto exit;
} else {
@@ -569,7 +570,7 @@ main(int argc, char *argv[])
if (!rrlist) {
fflush(stdout);
fprintf(stderr, "Zone does not seem to be DNSSEC secured,"
"or it uses NSEC3.\n");
" or it uses NSEC3.\n");
fflush(stderr);
goto exit;
}
host2str.c
+60
View File
@@ -409,6 +409,14 @@ ldns_rdf2buffer_str_int32(ldns_buffer *output, const ldns_rdf *rdf)
return ldns_buffer_status(output);
}
ldns_status
ldns_rdf2buffer_str_int64(ldns_buffer *output, const ldns_rdf *rdf)
{
uint64_t data = ldns_read_uint64(ldns_rdf_data(rdf));
ldns_buffer_printf(output, "%llu", (unsigned long long) data);
return ldns_buffer_status(output);
}
ldns_status
ldns_rdf2buffer_str_time(ldns_buffer *output, const ldns_rdf *rdf)
{
@@ -1224,6 +1232,34 @@ ldns_rdf2buffer_str_eui64(ldns_buffer *output, const ldns_rdf *rdf)
return ldns_buffer_status(output);
}
ldns_status
ldns_rdf2buffer_str_unquoted(ldns_buffer *output, const ldns_rdf *rdf)
{
size_t amount, i;
uint8_t ch;
if(ldns_rdf_size(rdf) < 1) {
return LDNS_STATUS_WIRE_RDATA_ERR;
}
if((int)ldns_rdf_size(rdf) < (int)ldns_rdf_data(rdf)[0] + 1) {
return LDNS_STATUS_WIRE_RDATA_ERR;
}
amount = ldns_rdf_data(rdf)[0];
for(i=0; i<amount; i++) {
ch = ldns_rdf_data(rdf)[1+i];
if (isprint((int)ch) || ch == '\t') {
if (ch == '\"' || ch == '\\' || ch == '\'' ||
ch == '(' || ch == ')' || isspace((int)ch))
ldns_buffer_printf(output, "\\%c", ch);
else
ldns_buffer_printf(output, "%c", ch);
} else {
ldns_buffer_printf(output, "\\%03u",
(unsigned)(uint8_t) ch);
}
}
return ldns_buffer_status(output);
}
ldns_status
ldns_rdf2buffer_str_tag(ldns_buffer *output, const ldns_rdf *rdf)
{
@@ -1386,6 +1422,8 @@ ldns_rdf2buffer_str_amtrelay(ldns_buffer *output, const ldns_rdf *rdf)
precedence, discovery_optional, relay_type);
if (relay)
(void) ldns_rdf2buffer_str(output, relay);
else
ldns_buffer_printf(output, ".");
ldns_rdf_deep_free(relay);
return ldns_buffer_status(output);
@@ -1644,6 +1682,10 @@ ldns_rdf2buffer_str_fmt(ldns_buffer *buffer,
case LDNS_RDF_TYPE_INT32:
res = ldns_rdf2buffer_str_int32(buffer, rdf);
break;
case LDNS_RDF_TYPE_INT64:
case LDNS_RDF_TYPE_IPN:
res = ldns_rdf2buffer_str_int64(buffer, rdf);
break;
case LDNS_RDF_TYPE_PERIOD:
res = ldns_rdf2buffer_str_period(buffer, rdf);
break;
@@ -1726,6 +1768,9 @@ ldns_rdf2buffer_str_fmt(ldns_buffer *buffer,
case LDNS_RDF_TYPE_EUI64:
res = ldns_rdf2buffer_str_eui64(buffer, rdf);
break;
case LDNS_RDF_TYPE_UNQUOTED:
res = ldns_rdf2buffer_str_unquoted(buffer, rdf);
break;
case LDNS_RDF_TYPE_TAG:
res = ldns_rdf2buffer_str_tag(buffer, rdf);
break;
@@ -2545,6 +2590,18 @@ ldns_edns_ede2buffer_str(ldns_buffer* output, uint8_t* data, size_t len)
case LDNS_EDE_TOO_EARLY:
ldns_buffer_printf(output, " 26 (Too Early)");
break;
case LDNS_EDE_UNSUPPORTED_NSEC3_ITERATIONS_VALUE:
ldns_buffer_printf(output, " 27 (Unsupported NSEC3 Iterations Value)");
break;
case LDNS_EDE_UNABLE_TO_CONFORM_TO_POLICY:
ldns_buffer_printf(output, " 28 (Unable to conform to policy)");
break;
case LDNS_EDE_SYNTHESIZED:
ldns_buffer_printf(output, " 29 (Synthesized)");
break;
case LDNS_EDE_INVALID_QUERY_TYPE:
ldns_buffer_printf(output, " 30 (Invalid Query Type)");
break;
default:
ldns_buffer_printf(output, " %02x", data[0]);
ldns_buffer_printf(output, " %02x", data[1]);
@@ -2773,6 +2830,9 @@ ldns_pkt2buffer_str_fmt(ldns_buffer *output,
if (ldns_pkt_edns_do(pkt)) {
ldns_buffer_printf(output, " do");
}
if (ldns_pkt_edns_co(pkt)) {
ldns_buffer_printf(output, " co");
}
/* the extended rcode is the value set, shifted four bits,
* and or'd with the original rcode */
if (ldns_pkt_edns_extended_rcode(pkt)) {
host2wire.c
+1 -1
View File
@@ -376,7 +376,7 @@ ldns_status
ldns_pkt2buffer_wire(ldns_buffer *buffer, const ldns_pkt *packet)
{
ldns_status status;
ldns_rbtree_t *compression_data = ldns_rbtree_create((int (*)(const void *, const void *))ldns_dname_compare);
ldns_rbtree_t *compression_data = ldns_rbtree_create(ldns_dname_compare_v);
status = ldns_pkt2buffer_wire_compress(buffer, packet, compression_data);
keys.c
+2
View File
@@ -1530,11 +1530,13 @@ ldns_key_hmac_key(const ldns_key *k)
size_t
ldns_key_hmac_size(const ldns_key *k)
{
#ifndef __clang_analyzer__
if (k->_key.hmac.size) {
return k->_key.hmac.size;
} else {
return 0;
}
#endif
}
void *
ldns/config.h.in
+10 -1
View File
@@ -394,9 +394,18 @@
/* Define this to enable RR type AVC. */
#undef RRTYPE_AVC
/* Define this to enable RR types CLA and IPN. */
#undef RRTYPE_CLA_IPN
/* Define this to enable RR type DOA. */
#undef RRTYPE_DOA
/* Define this to enable RR type DSYNC. */
#undef RRTYPE_DSYNC
/* Define this to enable RR types HHIT and BRID. */
#undef RRTYPE_HHIT_BRID
/* Define this to enable RR type NINFO. */
#undef RRTYPE_NINFO
@@ -772,7 +781,7 @@ size_t strlcpy(char *dst, const char *src, size_t siz);
#define close_socket(_s) do { if (_s != SOCK_INVALID) {closesocket(_s); _s = -1;} } while(0)
#else
#define SOCK_INVALID -1
#define close_socket(_s) do { if (_s != SOCK_INVALID) {close(_s); _s = -1;} } while(0)
#define close_socket(_s) do { if (_s != SOCK_INVALID) {close(_s >= -1 ? _s : -1); _s = -1;} } while(0)
#endif
#ifdef __cplusplus
ldns/dnssec_zone.h
+10 -4
View File
@@ -131,7 +131,8 @@ void ldns_dnssec_rrs_deep_free(ldns_dnssec_rrs *rrs);
*
* \param[in] rrs the list to add to
* \param[in] rr the RR to add
* \return LDNS_STATUS_OK on success
* \return LDNS_STATUS_OK on success and LDNS_STATUS_EQUAL_ERR when and
* RR with equal ownername, class, type and rdata already exists.
*/
ldns_status ldns_dnssec_rrs_add_rr(ldns_dnssec_rrs *rrs, ldns_rr *rr);
@@ -199,7 +200,8 @@ ldns_status ldns_dnssec_rrsets_set_type(ldns_dnssec_rrsets *rrsets,
*
* \param[in] rrsets the list of rrsets to add the RR to
* \param[in] rr the rr to add to the list of rrsets
* \return LDNS_STATUS_OK on success
* \return LDNS_STATUS_OK on success and LDNS_STATUS_EQUAL_ERR when and
* RR with equal ownername, class, type and rdata already exists.
*/
ldns_status ldns_dnssec_rrsets_add_rr(ldns_dnssec_rrsets *rrsets, ldns_rr *rr);
@@ -313,7 +315,9 @@ int ldns_dnssec_name_cmp(const void *a, const void *b);
*
* \param[in] name The ldns_dnssec_name to add the RR to
* \param[in] rr The RR to add
* \return LDNS_STATUS_OK on success, error code otherwise
* \return LDNS_STATUS_OK on success and LDNS_STATUS_EQUAL_ERR when and
* RR with equal ownername, class, type and rdata already exists,
* and an error code otherwise
*/
ldns_status ldns_dnssec_name_add_rr(ldns_dnssec_name *name,
ldns_rr *rr);
@@ -415,7 +419,9 @@ void ldns_dnssec_zone_deep_free(ldns_dnssec_zone *zone);
*
* \param[in] zone the zone to add the RR to
* \param[in] rr The RR to add
* \return LDNS_STATUS_OK on success, an error code otherwise
* \return LDNS_STATUS_OK on success and LDNS_STATUS_EQUAL_ERR when and
* RR with equal ownername, class, type and rdata already exists,
* and an error code otherwise
*/
ldns_status ldns_dnssec_zone_add_rr(ldns_dnssec_zone *zone,
ldns_rr *rr);
ldns/edns.h
+5 -1
View File
@@ -76,7 +76,11 @@ enum ldns_edns_enum_ede_code
LDNS_EDE_NETWORK_ERROR = 23,
LDNS_EDE_INVALID_DATA = 24,
LDNS_EDE_SIGNATURE_EXPIRED_BEFORE_VALID = 25,
LDNS_EDE_TOO_EARLY = 26
LDNS_EDE_TOO_EARLY = 26, /* RFC 9250 */
LDNS_EDE_UNSUPPORTED_NSEC3_ITERATIONS_VALUE = 27, /* RFC 9276 */
LDNS_EDE_UNABLE_TO_CONFORM_TO_POLICY = 28, /* draft-homburg-dnsop-codcp-00 */
LDNS_EDE_SYNTHESIZED = 29, /* https://github.com/PowerDNS/pdns/pull/12334 */
LDNS_EDE_INVALID_QUERY_TYPE = 30 /* RFC 9824 */
};
typedef enum ldns_edns_enum_ede_code ldns_edns_ede_code;
ldns/error.h
+2 -1
View File
@@ -143,7 +143,8 @@ enum ldns_enum_status {
LDNS_STATUS_SVCPARAM_KEY_MORE_THAN_ONCE,
LDNS_STATUS_INVALID_SVCPARAM_VALUE,
LDNS_STATUS_NOT_EDE,
LDNS_STATUS_EDE_OPTION_MALFORMED
LDNS_STATUS_EDE_OPTION_MALFORMED,
LDNS_STATUS_EQUAL_RR
};
typedef enum ldns_enum_status ldns_status;
ldns/host2str.h
+18
View File
@@ -581,6 +581,14 @@ ldns_status ldns_rdf2buffer_str_int16(ldns_buffer *output, const ldns_rdf *rdf);
*/
ldns_status ldns_rdf2buffer_str_int32(ldns_buffer *output, const ldns_rdf *rdf);
/**
* Converts an LDNS_RDF_TYPE_INT64 rdata element to presentation format.
* \param[in] *rdf The rdata to convert
* \param[in] *output The buffer to add the data to
* \return LDNS_STATUS_OK on success, and error status on failure
*/
ldns_status ldns_rdf2buffer_str_int64(ldns_buffer *output, const ldns_rdf *rdf);
/**
* Converts an LDNS_RDF_TYPE_TIME rdata element to string format and adds it to the output buffer
* \param[in] *rdf The rdata to convert
@@ -619,6 +627,16 @@ ldns_status ldns_rdf2buffer_str_eui48(ldns_buffer *output,
ldns_status ldns_rdf2buffer_str_eui64(ldns_buffer *output,
const ldns_rdf *rdf);
/**
* Adds the LDNS_RDF_TYPE_UNQUOTED rdata to the output buffer,
* it escapes nonprinting and special characters.
* \param[in] *rdf The rdata to convert
* \param[in] *output The buffer to add the data to
* \return LDNS_STATUS_OK on success, and error status on failure
*/
ldns_status ldns_rdf2buffer_str_unquoted(ldns_buffer *output,
const ldns_rdf *rdf);
/**
* Adds the LDNS_RDF_TYPE_TAG rdata to the output buffer,
* provided it contains only alphanumeric characters.
ldns/packet.h
+13
View File
@@ -709,6 +709,19 @@ bool ldns_pkt_edns_do(const ldns_pkt *packet);
*/
void ldns_pkt_set_edns_do(ldns_pkt *packet, bool value);
/**
* return the packet's edns co bit
* \param[in] packet the packet
* \return the bit's value
*/
bool ldns_pkt_edns_co(const ldns_pkt *packet);
/**
* Set the packet's edns co bit
* \param[in] packet the packet
* \param[in] value the bit's new value
*/
void ldns_pkt_set_edns_co(ldns_pkt *packet, bool value);
/**
* return the packet's EDNS header bits that are unassigned.
*/
ldns/rdata.h
+8 -2
View File
@@ -54,6 +54,8 @@ enum ldns_enum_rdf_type
LDNS_RDF_TYPE_INT16,
/** 32 bits */
LDNS_RDF_TYPE_INT32,
/** 64 bits */
LDNS_RDF_TYPE_INT64,
/** A record */
LDNS_RDF_TYPE_A,
/** AAAA record */
@@ -70,6 +72,7 @@ enum ldns_enum_rdf_type
LDNS_RDF_TYPE_HEX,
/** nsec type codes */
LDNS_RDF_TYPE_NSEC,
LDNS_RDF_TYPE_BITMAP = LDNS_RDF_TYPE_NSEC,
/** a RR type */
LDNS_RDF_TYPE_TYPE,
/** a class */
@@ -120,6 +123,9 @@ enum ldns_enum_rdf_type
/** 8 * 8 bit hex numbers separated by dashes. For EUI64. */
LDNS_RDF_TYPE_EUI64,
/** Character string without quotes. */
LDNS_RDF_TYPE_UNQUOTED,
/** A non-zero sequence of US-ASCII letters and numbers in lower case.
* For CAA.
*/
@@ -145,8 +151,8 @@ enum ldns_enum_rdf_type
/** draft-ietf-dnsop-svcb-https **/
LDNS_RDF_TYPE_SVCPARAMS,
/* Aliases */
LDNS_RDF_TYPE_BITMAP = LDNS_RDF_TYPE_NSEC
/** draft-johnson-dns-ipn-cla-07 **/
LDNS_RDF_TYPE_IPN
};
typedef enum ldns_enum_rdf_type ldns_rdf_type;
ldns/rr.h
+18 -2
View File
@@ -194,6 +194,9 @@ enum ldns_enum_rr_type
LDNS_RR_TYPE_ZONEMD = 63, /* RFC 8976 */
LDNS_RR_TYPE_SVCB = 64, /* RFC 9460 */
LDNS_RR_TYPE_HTTPS = 65, /* RFC 9460 */
LDNS_RR_TYPE_DSYNC = 66, /* RFC 9859 */
LDNS_RR_TYPE_HHIT = 67, /* draft-ietf-drip-registries-28 */
LDNS_RR_TYPE_BRID = 68, /* draft-ietf-drip-registries-28 */
LDNS_RR_TYPE_SPF = 99, /* RFC 4408 */
@@ -210,7 +213,7 @@ enum ldns_enum_rr_type
LDNS_RR_TYPE_EUI48 = 108, /* RFC 7043 */
LDNS_RR_TYPE_EUI64 = 109, /* RFC 7043 */
LDNS_RR_TYPE_NXNAME = 128, /* draft-ietf-dnsop-compact-denial-of-existence */
LDNS_RR_TYPE_NXNAME = 128, /* RFC 9824 */
LDNS_RR_TYPE_TKEY = 249, /* RFC 2930 */
LDNS_RR_TYPE_TSIG = 250,
@@ -236,6 +239,12 @@ enum ldns_enum_rr_type
/** https://iana.org/assignments/dns-parameters/WALLET/wallet-completed-template */
LDNS_RR_TYPE_WALLET = 262,
/** https://www.iana.org/assignments/dns-parameters/CLA/cla-completed-template */
LDNS_RR_TYPE_CLA = 263,
/** https://www.iana.org/assignments/dns-parameters/IPN/ipn-completed-template */
LDNS_RR_TYPE_IPN = 264,
/** DNSSEC Trust Authorities */
LDNS_RR_TYPE_TA = 32768,
/* RFC 4431, 5074, DNSSEC Lookaside Validation */
@@ -251,7 +260,7 @@ enum ldns_enum_rr_type
typedef enum ldns_enum_rr_type ldns_rr_type;
/* The first fields are contiguous and can be referenced instantly */
#define LDNS_RDATA_FIELD_DESCRIPTORS_COMMON (LDNS_RR_TYPE_WALLET + 1)
#define LDNS_RDATA_FIELD_DESCRIPTORS_COMMON (LDNS_RR_TYPE_IPN + 1)
/**
* Resource Record
@@ -724,6 +733,13 @@ bool ldns_rr_list_contains_rr(const ldns_rr_list *rr_list, const ldns_rr *rr);
*/
bool ldns_is_rrset(const ldns_rr_list *rr_list);
/**
* checks if an rr_list is a rrset, including checking for TTL.
* \param[in] rr_list the rr_list to check
* \return true if it is an rrset otherwise false
*/
bool ldns_is_rrset_strict(const ldns_rr_list *rr_list);
/**
* pushes an rr to an rrset (which really are rr_list's).
* \param[in] *rr_list the rrset to push the rr to
ldns/str2host.h
+10
View File
@@ -331,6 +331,16 @@ ldns_status ldns_str2rdf_amtrelay(ldns_rdf **rd, const char *str);
*/
ldns_status ldns_str2rdf_svcparams(ldns_rdf **rd, const char *str);
/**
* Convert either two unsigned 32 bit decimal numbers seperated by a '.',
* or a single unsigned 64 bit decimal number, as described in
* [draft-johnson-dns-ipn-cla-07].
* \param[out] rd the rdf where to put the data
* \param[in] str the string to be converted
* \return ldns_status
*/
ldns_status ldns_str2rdf_ipn(ldns_rdf **rd, const char *str);
#ifdef __cplusplus
}
ldns/util.h.in
+22
View File
@@ -72,8 +72,10 @@ ldns_read_uint16(const void *src)
#ifdef ALLOW_UNALIGNED_ACCESSES
return ntohs(*(const uint16_t *) src);
#else
# ifndef __clang_analyzer__
const uint8_t *p = (const uint8_t *) src;
return ((uint16_t) p[0] << 8) | (uint16_t) p[1];
# endif
#endif
}
@@ -91,6 +93,26 @@ ldns_read_uint32(const void *src)
#endif
}
INLINE uint64_t
ldns_read_uint64(const void *src)
{
#ifdef ALLOW_UNALIGNED_ACCESSES
const uint32_t *p = (const uint32_t *) src;
return ( ((uint64_t) ntohl(src[0]) << 32)
| (uint64_t) ntohl(src[1]));
#else
const uint8_t *p = (const uint8_t *) src;
return ( ((uint64_t) p[0] << 56)
| ((uint64_t) p[1] << 48)
| ((uint64_t) p[2] << 40)
| ((uint64_t) p[3] << 32)
| ((uint64_t) p[4] << 24)
| ((uint64_t) p[5] << 16)
| ((uint64_t) p[6] << 8)
| (uint64_t) p[7]);
#endif
}
/*
* Copy data allowing for unaligned accesses in network byte order
* (big endian).
net.c
+2
View File
@@ -754,6 +754,8 @@ ldns_tcp_read_wire_timeout(int sockfd, size_t *size, struct timeval timeout)
uint16_t wire_size;
ssize_t bytes = 0, rc = 0;
if(sockfd < 0)
return NULL;
wire = LDNS_XMALLOC(uint8_t, 2);
if (!wire) {
*size = 0;
packet.c
+22 -1
View File
@@ -26,7 +26,10 @@
*/
#define LDNS_EDNS_MASK_DO_BIT 0x8000
#define LDNS_EDNS_MASK_UNASSIGNED (0xFFFF & ~LDNS_EDNS_MASK_DO_BIT)
#define LDNS_EDNS_MASK_CO_BIT 0x4000
#define LDNS_EDNS_MASK_UNASSIGNED (0xFFFF & ~( LDNS_EDNS_MASK_DO_BIT \
| LDNS_EDNS_MASK_CO_BIT ))
/* TODO defines for 3600 */
/* convert to and from numerical flag values */
@@ -243,6 +246,22 @@ ldns_pkt_set_edns_do(ldns_pkt *packet, bool value)
}
}
bool
ldns_pkt_edns_co(const ldns_pkt *packet)
{
return (packet->_edns_z & LDNS_EDNS_MASK_CO_BIT);
}
void
ldns_pkt_set_edns_co(ldns_pkt *packet, bool value)
{
if (value) {
packet->_edns_z = packet->_edns_z | LDNS_EDNS_MASK_CO_BIT;
} else {
packet->_edns_z = packet->_edns_z & ~LDNS_EDNS_MASK_CO_BIT;
}
}
uint16_t
ldns_pkt_edns_unassigned(const ldns_pkt *packet)
{
@@ -753,6 +772,7 @@ ldns_pkt_edns(const ldns_pkt *pkt)
ldns_pkt_edns_extended_rcode(pkt) > 0 ||
ldns_pkt_edns_data(pkt) ||
ldns_pkt_edns_do(pkt) ||
ldns_pkt_edns_co(pkt) ||
pkt->_edns_list ||
pkt->_edns_present
);
@@ -1254,6 +1274,7 @@ ldns_pkt_clone(const ldns_pkt *pkt)
ldns_pkt_set_edns_data(new_pkt,
ldns_rdf_clone(ldns_pkt_edns_data(pkt)));
ldns_pkt_set_edns_do(new_pkt, ldns_pkt_edns_do(pkt));
ldns_pkt_set_edns_co(new_pkt, ldns_pkt_edns_co(pkt));
if (pkt->_edns_list)
ldns_pkt_set_edns_option_list(new_pkt,
ldns_edns_option_list_clone(pkt->_edns_list));
rdata.c
+6
View File
@@ -345,6 +345,9 @@ ldns_rdf_new_frm_str(ldns_rdf_type type, const char *str)
case LDNS_RDF_TYPE_EUI64:
status = ldns_str2rdf_eui64(&rdf, str);
break;
case LDNS_RDF_TYPE_UNQUOTED:
status = ldns_str2rdf_str(&rdf, str);
break;
case LDNS_RDF_TYPE_TAG:
status = ldns_str2rdf_tag(&rdf, str);
break;
@@ -366,6 +369,9 @@ ldns_rdf_new_frm_str(ldns_rdf_type type, const char *str)
case LDNS_RDF_TYPE_SVCPARAMS:
status = ldns_str2rdf_svcparams(&rdf, str);
break;
case LDNS_RDF_TYPE_IPN:
status = ldns_str2rdf_ipn(&rdf, str);
break;
case LDNS_RDF_TYPE_NONE:
default:
/* default default ??? */
resolver.c
+12 -6
View File
@@ -1062,6 +1062,8 @@ ldns_resolver_search_status(ldns_pkt** pkt,
/* query as-is */
return ldns_resolver_query_status(pkt, r, name, t, c, flags);
} else if (ldns_resolver_dnsrch(r)) {
ldns_pkt *return_pkt = NULL;
search_list = ldns_resolver_searchlist(r);
for (i = 0; i <= ldns_resolver_searchlist_count(r); i++) {
if (i == ldns_resolver_searchlist_count(r)) {
@@ -1072,21 +1074,25 @@ ldns_resolver_search_status(ldns_pkt** pkt,
search_list[i]);
}
s = ldns_resolver_query_status(pkt, r,
s = ldns_resolver_query_status(&return_pkt, r,
new_name, t, c, flags);
ldns_rdf_deep_free(new_name);
if (pkt && *pkt) {
if (return_pkt) {
if (s == LDNS_STATUS_OK &&
ldns_pkt_get_rcode(*pkt) ==
LDNS_RCODE_NOERROR) {
ldns_pkt_get_rcode(return_pkt)
== LDNS_RCODE_NOERROR) {
return LDNS_STATUS_OK;
} else if (i < ldns_resolver_searchlist_count(r)) {
ldns_pkt_free(return_pkt);
return_pkt = NULL;
}
ldns_pkt_free(*pkt);
*pkt = NULL;
}
}
if (pkt && return_pkt) {
*pkt = return_pkt;
}
}
return s;
}
rr.c
+111 -18
View File
@@ -390,12 +390,6 @@ ldns_rr_new_frm_str_internal(ldns_rr **newrr, const char *str,
ldns_buffer_skip(rd_buf, 1);
quoted = true;
}
if (!quoted && ldns_rr_descriptor_field_type(desc, r_cnt)
== LDNS_RDF_TYPE_LONG_STR) {
status = LDNS_STATUS_SYNTAX_RDATA_ERR;
goto error;
}
}
/* because number of fields can be variable, we can't rely on
@@ -411,8 +405,8 @@ ldns_rr_new_frm_str_internal(ldns_rr **newrr, const char *str,
}
pre_data_pos = ldns_buffer_position(rd_buf);
if (-1 == (c = ldns_bget_token(
rd_buf, rd, delimiters, LDNS_MAX_RDFLEN))) {
if (-1 == ldns_bget_token(
rd_buf, rd, delimiters, LDNS_MAX_RDFLEN)) {
done = true;
(void)done; /* we're breaking, so done not read anymore */
@@ -1287,7 +1281,47 @@ ldns_is_rrset(const ldns_rr_list *rr_list)
if (c != ldns_rr_get_class(tmp)) {
return false;
}
if (ldns_rdf_compare(o, ldns_rr_owner(tmp)) != 0) {
if (ldns_dname_compare(o, ldns_rr_owner(tmp)) != 0) {
return false;
}
}
return true;
}
bool
ldns_is_rrset_strict(const ldns_rr_list *rr_list)
{
ldns_rr_type t;
ldns_rr_class c;
uint32_t l;
ldns_rdf *o;
ldns_rr *tmp;
size_t i;
if (!rr_list || ldns_rr_list_rr_count(rr_list) == 0) {
return false;
}
tmp = ldns_rr_list_rr(rr_list, 0);
t = ldns_rr_get_type(tmp);
c = ldns_rr_get_class(tmp);
l = ldns_rr_ttl(tmp);
o = ldns_rr_owner(tmp);
/* compare these with the rest of the rr_list, start with 1 */
for (i = 1; i < ldns_rr_list_rr_count(rr_list); i++) {
tmp = ldns_rr_list_rr(rr_list, i);
if (t != ldns_rr_get_type(tmp)) {
return false;
}
if (c != ldns_rr_get_class(tmp)) {
return false;
}
if (l != ldns_rr_ttl(tmp)) {
return false;
}
if (ldns_dname_compare(o, ldns_rr_owner(tmp)) != 0) {
return false;
}
}
@@ -1681,8 +1715,8 @@ ldns_rr_compare(const ldns_rr *rr1, const ldns_rr *rr2)
return result;
}
/* convert dnskey to a ds with the given algorithm,
* then compare the result with the given ds */
/* convert (c)dnskey to a (c)ds with the given algorithm,
* then compare the result with the given (c)ds */
static int
ldns_rr_compare_ds_dnskey(ldns_rr *ds,
ldns_rr *dnskey)
@@ -1692,8 +1726,10 @@ ldns_rr_compare_ds_dnskey(ldns_rr *ds,
ldns_hash algo;
if (!dnskey || !ds ||
ldns_rr_get_type(ds) != LDNS_RR_TYPE_DS ||
ldns_rr_get_type(dnskey) != LDNS_RR_TYPE_DNSKEY) {
(ldns_rr_get_type(ds) != LDNS_RR_TYPE_DS &&
ldns_rr_get_type(ds) != LDNS_RR_TYPE_CDS) ||
(ldns_rr_get_type(dnskey) != LDNS_RR_TYPE_DNSKEY &&
ldns_rr_get_type(dnskey) != LDNS_RR_TYPE_CDNSKEY)) {
return false;
}
@@ -1727,6 +1763,12 @@ ldns_rr_compare_ds(const ldns_rr *orr1, const ldns_rr *orr2)
} else if (ldns_rr_get_type(rr1) == LDNS_RR_TYPE_DNSKEY &&
ldns_rr_get_type(rr2) == LDNS_RR_TYPE_DS) {
result = ldns_rr_compare_ds_dnskey(rr2, rr1);
} else if (ldns_rr_get_type(rr1) == LDNS_RR_TYPE_CDS &&
ldns_rr_get_type(rr2) == LDNS_RR_TYPE_CDNSKEY) {
result = ldns_rr_compare_ds_dnskey(rr1, rr2);
} else if (ldns_rr_get_type(rr1) == LDNS_RR_TYPE_CDNSKEY &&
ldns_rr_get_type(rr2) == LDNS_RR_TYPE_CDS) {
result = ldns_rr_compare_ds_dnskey(rr2, rr1);
} else {
result = (ldns_rr_compare(rr1, rr2) == 0);
}
@@ -1897,7 +1939,7 @@ static const ldns_rdf_type type_nsap_wireformat[] = {
LDNS_RDF_TYPE_NSAP
};
static const ldns_rdf_type type_nsap_ptr_wireformat[] = {
LDNS_RDF_TYPE_STR
LDNS_RDF_TYPE_UNQUOTED
};
static const ldns_rdf_type type_sig_wireformat[] = {
LDNS_RDF_TYPE_TYPE, LDNS_RDF_TYPE_ALG, LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_INT32,
@@ -1911,7 +1953,7 @@ static const ldns_rdf_type type_px_wireformat[] = {
LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_DNAME, LDNS_RDF_TYPE_DNAME
};
static const ldns_rdf_type type_gpos_wireformat[] = {
LDNS_RDF_TYPE_STR, LDNS_RDF_TYPE_STR, LDNS_RDF_TYPE_STR
LDNS_RDF_TYPE_UNQUOTED, LDNS_RDF_TYPE_UNQUOTED, LDNS_RDF_TYPE_UNQUOTED
};
static const ldns_rdf_type type_aaaa_wireformat[] = { LDNS_RDF_TYPE_AAAA };
static const ldns_rdf_type type_loc_wireformat[] = { LDNS_RDF_TYPE_LOC };
@@ -1988,6 +2030,23 @@ static const ldns_rdf_type type_svcb_wireformat[] = {
LDNS_RDF_TYPE_SVCPARAMS
};
#endif
#ifdef RRTYPE_DSYNC
static const ldns_rdf_type type_dsync_wireformat[] = {
LDNS_RDF_TYPE_TYPE,
LDNS_RDF_TYPE_INT8,
LDNS_RDF_TYPE_INT16,
LDNS_RDF_TYPE_DNAME
};
#endif
#ifdef RRTYPE_HHIT_BRID
static const ldns_rdf_type type_hhit_wireformat[] = {
LDNS_RDF_TYPE_B64
};
static const ldns_rdf_type type_brid_wireformat[] = {
LDNS_RDF_TYPE_B64
};
#endif
/* nsec3 is some vars, followed by same type of data of nsec */
static const ldns_rdf_type type_nsec3_wireformat[] = {
/* LDNS_RDF_TYPE_NSEC3_VARS, LDNS_RDF_TYPE_NSEC3_NEXT_OWNER, LDNS_RDF_TYPE_NSEC*/
@@ -2081,6 +2140,12 @@ static const ldns_rdf_type type_amtrelay_wireformat[] = {
LDNS_RDF_TYPE_AMTRELAY
};
#endif
#ifdef RRTYPE_CLA_IPN
static const ldns_rdf_type type_ipn_wireformat[] = {
LDNS_RDF_TYPE_IPN
};
#endif
/** \endcond */
@@ -2248,9 +2313,21 @@ static ldns_rr_descriptor rdata_field_descriptors[] = {
{LDNS_RR_TYPE_NULL, "TYPE64", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
{LDNS_RR_TYPE_NULL, "TYPE65", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
#endif
#ifdef RRTYPE_DSYNC
/* 66 */
{LDNS_RR_TYPE_DSYNC, "DSYNC", 4, 4, type_dsync_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 },
#else
{LDNS_RR_TYPE_NULL, "TYPE66", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
#endif
#ifdef RRTYPE_HHIT_BRID
/* 67 */
{LDNS_RR_TYPE_HHIT, "HHIT", 1, 1, type_hhit_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
/* 68 */
{LDNS_RR_TYPE_BRID, "BRID", 1, 1, type_brid_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
#else
{LDNS_RR_TYPE_NULL, "TYPE67", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
{LDNS_RR_TYPE_NULL, "TYPE68", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
#endif
{LDNS_RR_TYPE_NULL, "TYPE69", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
{LDNS_RR_TYPE_NULL, "TYPE70", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
{LDNS_RR_TYPE_NULL, "TYPE71", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
@@ -2494,13 +2571,21 @@ static ldns_rr_descriptor rdata_field_descriptors[] = {
#endif
#ifdef RRTYPE_RESINFO
/* 261 */
{LDNS_RR_TYPE_RESINFO, "RESINFO", 1, 0, NULL, LDNS_RDF_TYPE_STR, LDNS_RR_NO_COMPRESS, 0 },
{LDNS_RR_TYPE_RESINFO, "RESINFO", 1, 0, NULL, LDNS_RDF_TYPE_UNQUOTED, LDNS_RR_NO_COMPRESS, 0 },
#else
{LDNS_RR_TYPE_NULL, "TYPE261", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
#endif
/* 262 */
{LDNS_RR_TYPE_WALLET, "TXT", 1, 0, NULL, LDNS_RDF_TYPE_STR, LDNS_RR_NO_COMPRESS, 0 },
{LDNS_RR_TYPE_WALLET, "WALLET", 1, 0, NULL, LDNS_RDF_TYPE_STR, LDNS_RR_NO_COMPRESS, 0 },
#ifdef RRTYPE_CLA_IPN
/* 263 */
{LDNS_RR_TYPE_CLA, "CLA", 1, 0, NULL, LDNS_RDF_TYPE_STR, LDNS_RR_NO_COMPRESS, 0 },
/* 264 */
{LDNS_RR_TYPE_IPN, "IPN", 1, 1, type_ipn_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
#else
{LDNS_RR_TYPE_NULL, "TYPE263", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
{LDNS_RR_TYPE_NULL, "TYPE264", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
#endif
/* split in array, no longer contiguous */
#ifdef RRTYPE_TA
@@ -2586,6 +2671,14 @@ ldns_rdf_bitmap_known_rr_types_set(ldns_rdf** rdf, int value)
for (d=rdata_field_descriptors; d < rdata_field_descriptors_end; d++) {
window = d->_type >> 8;
subtype = d->_type & 0xff;
/* In the code below, windows[window] == 0 means that the
* window is not in use. So subtype == 0 is a problem. The
* easiest solution is to set subtype to 1, that marks the
* window as in use and doesn't have negative effects.
*/
if (subtype == 0)
subtype = 1;
if (windows[window] < subtype) {
windows[window] = subtype;
}
sha1.c
+1 -1
View File
@@ -97,7 +97,7 @@ ldns_sha1_transform(uint32_t state[5], const unsigned char buffer[LDNS_SHA1_BLOC
state[4] += e;
/* Wipe variables */
a = b = c = d = e = 0;
(void)a;
(void)a; (void)b; (void)c; (void)d; (void)e;
}
sha2.c
+11 -7
View File
@@ -494,7 +494,8 @@ static void ldns_sha256_Transform(ldns_sha256_CTX* context,
/* Clean up */
a = b = c = d = e = f = g = h = T1 = T2 = 0;
(void)a;
(void)a; (void)b; (void)c; (void)d; (void)e; (void)f; (void)g; (void)h;
(void)T1; (void)T2;
}
#endif /* SHA2_UNROLL_TRANSFORM */
@@ -528,7 +529,7 @@ void ldns_sha256_update(ldns_sha256_CTX* context, const sha2_byte *data, size_t
context->bitcount += len << 3;
/* Clean up: */
usedspace = freespace = 0;
(void)usedspace;
(void)usedspace; (void)freespace;
return;
}
}
@@ -546,7 +547,7 @@ void ldns_sha256_update(ldns_sha256_CTX* context, const sha2_byte *data, size_t
}
/* Clean up: */
usedspace = freespace = 0;
(void)usedspace;
(void)usedspace; (void)freespace;
}
typedef union _ldns_sha2_buffer_union {
@@ -737,6 +738,7 @@ static void ldns_sha512_Transform(ldns_sha512_CTX* context,
sha2_word64 a, b, c, d, e, f, g, h, s0, s1;
sha2_word64 T1, T2, *W512 = (sha2_word64*)context->buffer;
int j;
sha2_word64 aligned;
/* initialize registers with the prev. intermediate value */
a = context->state[0];
@@ -752,7 +754,8 @@ static void ldns_sha512_Transform(ldns_sha512_CTX* context,
do {
#if BYTE_ORDER == LITTLE_ENDIAN
/* Convert TO host byte order */
REVERSE64(*data++, W512[j]);
memcpy(&aligned, data++, sizeof(aligned));
REVERSE64(aligned, W512[j]);
/* Apply the SHA-512 compression function to update a..h */
T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + W512[j];
#else /* BYTE_ORDER == LITTLE_ENDIAN */
@@ -807,7 +810,8 @@ static void ldns_sha512_Transform(ldns_sha512_CTX* context,
/* Clean up */
a = b = c = d = e = f = g = h = T1 = T2 = 0;
(void)a;
(void)a; (void)b; (void)c; (void)d; (void)e; (void)f; (void)g; (void)h;
(void)T1; (void)T2;
}
#endif /* SHA2_UNROLL_TRANSFORM */
@@ -841,7 +845,7 @@ void ldns_sha512_update(ldns_sha512_CTX* context, const sha2_byte *data, size_t
ADDINC128(context->bitcount, len << 3);
/* Clean up: */
usedspace = freespace = 0;
(void)usedspace;
(void)usedspace; (void)freespace;
return;
}
}
@@ -859,7 +863,7 @@ void ldns_sha512_update(ldns_sha512_CTX* context, const sha2_byte *data, size_t
}
/* Clean up: */
usedspace = freespace = 0;
(void)usedspace;
(void)usedspace; (void)freespace;
}
static void ldns_sha512_Last(ldns_sha512_CTX* context) {
str2host.c
+66 -2
View File
@@ -224,6 +224,69 @@ ldns_str2rdf_int32(ldns_rdf **rd, const char *longstr)
}
}
#ifdef __BYTE_ORDER__
# if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__
# define htonll(x) (x)
# define ntohll(x) (x)
# else
# define htonll(x) (((uint64_t)htonl((x) & 0xFFFFFFFF) << 32) | htonl((x) >> 32))
# define ntohll(x) (((uint64_t)ntohl((x) & 0xFFFFFFFF) << 32) | ntohl((x) >> 32))
# endif
#else
# define htonll(x) ((1==htonl(1)) ? (x) : ((uint64_t)htonl((x) & 0xFFFFFFFF) << 32) | htonl((x) >> 32))
# define ntohll(x) ((1==ntohl(1)) ? (x) : ((uint64_t)ntohl((x) & 0xFFFFFFFF) << 32) | ntohl((x) >> 32))
#endif
ldns_status
ldns_str2rdf_ipn(ldns_rdf **rd, const char *ipnstr)
{
char *end;
uint8_t r[sizeof(uint64_t)];
char left[21], *right;
if(strlen(ipnstr) > 21)
return LDNS_STATUS_SYNTAX_INTEGER_OVERFLOW;
errno = 0; /* must set to zero before call,
note race condition on errno */
if((right = strchr(ipnstr, '.'))) {
uint32_t u32 = strtoul(right + 1, &end, 10);
if(*end != 0)
return LDNS_STATUS_ERR;
if(errno == ERANGE)
return LDNS_STATUS_SYNTAX_INTEGER_OVERFLOW;
u32 = htonl(u32);
memcpy(r + sizeof(uint32_t), &u32, sizeof(uint32_t));
memcpy(left, ipnstr, right - ipnstr);
left[right - ipnstr] = 0;
u32 = strtoul(left, &end, 10);
if(*end != 0)
return LDNS_STATUS_ERR;
if(errno == ERANGE)
return LDNS_STATUS_SYNTAX_INTEGER_OVERFLOW;
u32 = htonl(u32);
memcpy(r, &u32, sizeof(uint32_t));
} else {
uint64_t u64 = strtoull(ipnstr, &end, 10);
if(*end != 0)
return LDNS_STATUS_ERR;
if(u64 == ULLONG_MAX && errno == ERANGE)
return LDNS_STATUS_SYNTAX_INTEGER_OVERFLOW;
u64 = htonll(u64);
memcpy(r, &u64, sizeof(uint64_t));
}
*rd = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_IPN, sizeof(r), r);
return *rd ? LDNS_STATUS_OK : LDNS_STATUS_MEM_ERR;
}
ldns_status
ldns_str2rdf_int8(ldns_rdf **rd, const char *bytestr)
{
@@ -1767,6 +1830,7 @@ ldns_str2rdf_amtrelay(ldns_rdf **rd, const char *str)
LDNS_FREE(relay);
LDNS_FREE(token);
ldns_buffer_free(str_buf);
ldns_rdf_deep_free(relay_rdf);
return LDNS_STATUS_INVALID_STR;
}
@@ -1782,7 +1846,7 @@ ldns_str2rdf_amtrelay(ldns_rdf **rd, const char *str)
LDNS_FREE(relay);
LDNS_FREE(token);
ldns_buffer_free(str_buf);
if (relay_rdf) ldns_rdf_free(relay_rdf);
ldns_rdf_deep_free(relay_rdf);
return LDNS_STATUS_MEM_ERR;
}
@@ -1801,7 +1865,7 @@ ldns_str2rdf_amtrelay(ldns_rdf **rd, const char *str)
LDNS_FREE(relay);
LDNS_FREE(token);
ldns_buffer_free(str_buf);
ldns_rdf_free(relay_rdf);
ldns_rdf_deep_free(relay_rdf);
LDNS_FREE(data);
if(!*rd) return LDNS_STATUS_MEM_ERR;
return LDNS_STATUS_OK;
util.c
+5
View File
@@ -346,6 +346,11 @@ ldns_init_random(FILE *fd, unsigned int size)
unsigned int seed_i;
struct timeval tv;
#ifdef HAVE_SSL
if(RAND_status() == 1)
/* already seeded */
return 0;
#endif
/* we'll need at least sizeof(unsigned int) bytes for the
standard prng seed */
if (size < (unsigned int) sizeof(seed_i)){
wire2host.c
+3
View File
@@ -223,6 +223,8 @@ ldns_wire2rdf(ldns_rr *rr, const uint8_t *wire, size_t max, size_t *pos)
break;
case LDNS_RDF_TYPE_ILNP64:
case LDNS_RDF_TYPE_EUI64:
case LDNS_RDF_TYPE_IPN:
case LDNS_RDF_TYPE_INT64:
cur_rdf_length = LDNS_RDF_SIZE_8BYTES;
break;
case LDNS_RDF_TYPE_AAAA:
@@ -230,6 +232,7 @@ ldns_wire2rdf(ldns_rr *rr, const uint8_t *wire, size_t max, size_t *pos)
break;
case LDNS_RDF_TYPE_STR:
case LDNS_RDF_TYPE_NSEC3_SALT:
case LDNS_RDF_TYPE_UNQUOTED:
case LDNS_RDF_TYPE_TAG:
/* len is stored in first byte
* it should be in the rdf too, so just
zone.c
+1 -1
View File
@@ -350,7 +350,7 @@ error:
ldns_rdf_deep_free(my_prev);
}
if (newzone) {
ldns_zone_free(newzone);
ldns_zone_deep_free(newzone);
}
return ret;
}