Update Bind to 9.9.3-P2

Notable new features: * Elliptic Curve Digital Signature Algorithm keys and signatures in DNSSEC are now supported per RFC 6605. [RT #21918] * Introduces a new tool "dnssec-verify" that validates a signed zone, checking for the correctness of signatures and NSEC/NSEC3 chains. [RT #23673] * BIND now recognizes the TLSA resource record type, created to support IETF DANE (DNS-based Authentication of Named Entities) [RT #28989] * The new "inline-signing" option, in combination with the "auto-dnssec" option that was introduced in BIND 9.7, allows named to sign zones completely transparently. Approved by: delphij (mentor) MFC after: 3 days Sponsored by: DK Hostmaster A/S
author: erwin <erwin@FreeBSD.org> 2013-08-22 08:15:03 +0000
committer: erwin <erwin@FreeBSD.org> 2013-08-22 08:15:03 +0000
commit: 6a288ef517fece2ca5a21d081efd7b4a81da0053 (patch)
tree: 37271fd86c9be9a6bab12a7aebd85ccfbb8a7b62 /contrib/bind9/bin/check/named-checkzone.c
parent: 0b46e38a09fbccfdfd7bca0f387c66b2c64fa5b6 (diff)
parent: f32b4abce98c97ee6e51b7aa8f8fde6e4cab7f28 (diff)
download: FreeBSD-src-6a288ef517fece2ca5a21d081efd7b4a81da0053.zip
FreeBSD-src-6a288ef517fece2ca5a21d081efd7b4a81da0053.tar.gz
1 files changed, 45 insertions, 7 deletions
diff --git a/contrib/bind9/bin/check/named-checkzone.c b/contrib/bind9/bin/check/named-checkzone.c
index fdc3ddc..7e779c2 100644
--- a/contrib/bind9/bin/check/named-checkzone.c
+++ b/contrib/bind9/bin/check/named-checkzone.c
@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: named-checkzone.c,v 1.61.62.2 2011/12/22 23:45:54 tbox Exp $ */
+/* $Id: named-checkzone.c,v 1.65 2011/12/22 17:29:22 each Exp $ */
 
 /*! \file */
 
@@ -39,6 +39,7 @@
 #include <dns/db.h>
 #include <dns/fixedname.h>
 #include <dns/log.h>
+#include <dns/master.h>
 #include <dns/masterdump.h>
 #include <dns/name.h>
 #include <dns/rdataclass.h>
@@ -112,8 +113,12 @@ main(int argc, char **argv) {
 	const char *outputformatstr = NULL;
 	dns_masterformat_t inputformat = dns_masterformat_text;
 	dns_masterformat_t outputformat = dns_masterformat_text;
+	dns_masterrawheader_t header;
+	isc_uint32_t rawversion = 1, serialnum = 0;
+	isc_boolean_t snset = ISC_FALSE;
 	isc_boolean_t logdump = ISC_FALSE;
 	FILE *errout = stdout;
+	char *endp;
 
 	outputstyle = &dns_master_style_full;
 
@@ -159,7 +164,7 @@ main(int argc, char **argv) {
 	isc_commandline_errprint = ISC_FALSE;
 
 	while ((c = isc_commandline_parse(argc, argv,
-				     "c:df:hi:jk:m:n:qr:s:t:o:vw:DF:M:S:T:W:"))
+			       "c:df:hi:jk:L:m:n:qr:s:t:o:vw:DF:M:S:T:W:"))
 	       != EOF) {
 		switch (c) {
 		case 'c':
@@ -237,6 +242,17 @@ main(int argc, char **argv) {
 			}
 			break;
 
+		case 'L':
+			snset = ISC_TRUE;
+			endp = NULL;
+			serialnum = strtol(isc_commandline_argument, &endp, 0);
+			if (*endp != '\0') {
+				fprintf(stderr, "source serial number "
+						"must be numeric");
+				exit(1);
+			}
+			break;
+
 		case 'n':
 			if (ARGCMP("ignore")) {
 				zone_options &= ~(DNS_ZONEOPT_CHECKNS|
@@ -413,7 +429,11 @@ main(int argc, char **argv) {
 			inputformat = dns_masterformat_text;
 		else if (strcasecmp(inputformatstr, "raw") == 0)
 			inputformat = dns_masterformat_raw;
-		else {
+		else if (strncasecmp(inputformatstr, "raw=", 4) == 0) {
+			inputformat = dns_masterformat_raw;
+			fprintf(stderr,
+				"WARNING: input format raw, version ignored\n");
+		} else {
 			fprintf(stderr, "unknown file format: %s\n",
 			    inputformatstr);
 			exit(1);
@@ -421,11 +441,22 @@ main(int argc, char **argv) {
 	}
 
 	if (outputformatstr != NULL) {
-		if (strcasecmp(outputformatstr, "text") == 0)
+		if (strcasecmp(outputformatstr, "text") == 0) {
 			outputformat = dns_masterformat_text;
-		else if (strcasecmp(outputformatstr, "raw") == 0)
+		} else if (strcasecmp(outputformatstr, "raw") == 0) {
 			outputformat = dns_masterformat_raw;
-		else {
+		} else if (strncasecmp(outputformatstr, "raw=", 4) == 0) {
+			char *end;
+
+			outputformat = dns_masterformat_raw;
+			rawversion = strtol(outputformatstr + 4, &end, 10);
+			if (end == outputformatstr + 4 || *end != '\0' ||
+			    rawversion > 1U) {
+				fprintf(stderr,
+					"unknown raw format version\n");
+				exit(1);
+			}
+		} else {
 			fprintf(stderr, "unknown file format: %s\n",
 				outputformatstr);
 			exit(1);
@@ -480,13 +511,20 @@ main(int argc, char **argv) {
 	result = load_zone(mctx, origin, filename, inputformat, classname,
 			   &zone);
 
+	if (snset) {
+		dns_master_initrawheader(&header);
+		header.flags = DNS_MASTERRAW_SOURCESERIALSET;
+		header.sourceserial = serialnum;
+		dns_zone_setrawdata(zone, &header);
+	}
+
 	if (result == ISC_R_SUCCESS && dumpzone) {
 		if (logdump) {
 			fprintf(errout, "dump zone to %s...", output_filename);
 			fflush(errout);
 		}
 		result = dump_zone(origin, zone, output_filename,
-				   outputformat, outputstyle);
+				   outputformat, outputstyle, rawversion);
 		if (logdump)
 			fprintf(errout, "done\n");
 	}
author	erwin <erwin@FreeBSD.org>	2013-08-22 08:15:03 +0000
committer	erwin <erwin@FreeBSD.org>	2013-08-22 08:15:03 +0000
commit	6a288ef517fece2ca5a21d081efd7b4a81da0053 (patch)
tree	37271fd86c9be9a6bab12a7aebd85ccfbb8a7b62 /contrib/bind9/bin/check/named-checkzone.c
parent	0b46e38a09fbccfdfd7bca0f387c66b2c64fa5b6 (diff)
parent	f32b4abce98c97ee6e51b7aa8f8fde6e4cab7f28 (diff)
download	FreeBSD-src-6a288ef517fece2ca5a21d081efd7b4a81da0053.zip FreeBSD-src-6a288ef517fece2ca5a21d081efd7b4a81da0053.tar.gz