diff options
| author | dougb <dougb@FreeBSD.org> | 2011-02-06 22:46:07 +0000 |
|---|---|---|
| committer | dougb <dougb@FreeBSD.org> | 2011-02-06 22:46:07 +0000 |
| commit | 31eda3d2ca1e9ed626d5939e944ccfbf3544cc85 (patch) | |
| tree | 29f19579e118cac909f58ae061a7319418f2e0ed /contrib/bind9/lib | |
| parent | 3364c35469daaa167b9e79a0d6e1983ed75c616e (diff) | |
| parent | 8287cb3f73a2d36684fdf69f4009f28e17dd3800 (diff) | |
| download | FreeBSD-src-31eda3d2ca1e9ed626d5939e944ccfbf3544cc85.zip FreeBSD-src-31eda3d2ca1e9ed626d5939e944ccfbf3544cc85.tar.gz | |
Update to BIND 9.6.3, the latest from ISC on the 9.6 branch.
All 9.6 users with DNSSEC validation enabled should upgrade to this
version, or the latest version in the 9.7 branch, prior to 2011-03-31
in order to avoid validation failures for names in .COM as described
here:
https://www.isc.org/announcement/bind-9-dnssec-validation-fails-new-ds-record
In addition the fixes for this and other bugs, there are also the
following:
* Various fixes to kerberos support, including GSS-TSIG
* Various fixes to avoid leaking memory, and to problems that could
prevent a clean shutdown of named
Diffstat (limited to 'contrib/bind9/lib')
77 files changed, 964 insertions, 438 deletions
diff --git a/contrib/bind9/lib/bind9/api b/contrib/bind9/lib/bind9/api index fbbf923..f3b0f9f 100644 --- a/contrib/bind9/lib/bind9/api +++ b/contrib/bind9/lib/bind9/api @@ -1,3 +1,3 @@ LIBINTERFACE = 50 -LIBREVISION = 3 +LIBREVISION = 4 LIBAGE = 0 diff --git a/contrib/bind9/lib/bind9/check.c b/contrib/bind9/lib/bind9/check.c index 753db9c..76ca510 100644 --- a/contrib/bind9/lib/bind9/check.c +++ b/contrib/bind9/lib/bind9/check.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: check.c,v 1.95.12.4 2009/06/03 00:06:01 marka Exp $ */ +/* $Id: check.c,v 1.95.12.6 2010-03-04 23:47:53 tbox Exp $ */ /*! \file */ @@ -23,6 +23,7 @@ #include <stdlib.h> +#include <isc/base64.h> #include <isc/buffer.h> #include <isc/log.h> #include <isc/mem.h> @@ -41,6 +42,8 @@ #include <dns/rdatatype.h> #include <dns/secalg.h> +#include <dst/dst.h> + #include <isccfg/aclconf.h> #include <isccfg/cfg.h> @@ -1667,13 +1670,70 @@ check_servers(const cfg_obj_t *config, const cfg_obj_t *voptions, } static isc_result_t +check_trusted_key(const cfg_obj_t *key, isc_log_t *logctx) +{ + const char *keystr, *keynamestr; + dns_fixedname_t fkeyname; + dns_name_t *keyname; + isc_buffer_t keydatabuf; + isc_region_t r; + isc_result_t result = ISC_R_SUCCESS; + isc_result_t tresult; + isc_uint32_t flags, proto, alg; + unsigned char keydata[4096]; + + flags = cfg_obj_asuint32(cfg_tuple_get(key, "flags")); + proto = cfg_obj_asuint32(cfg_tuple_get(key, "protocol")); + alg = cfg_obj_asuint32(cfg_tuple_get(key, "algorithm")); + keyname = dns_fixedname_name(&fkeyname); + keynamestr = cfg_obj_asstring(cfg_tuple_get(key, "name")); + + if (flags > 0xffff) { + cfg_obj_log(key, logctx, ISC_LOG_WARNING, + "flags too big: %u\n", flags); + result = ISC_R_FAILURE; + } + if (proto > 0xff) { + cfg_obj_log(key, logctx, ISC_LOG_WARNING, + "protocol too big: %u\n", proto); + result = ISC_R_FAILURE; + } + if (alg > 0xff) { + cfg_obj_log(key, logctx, ISC_LOG_WARNING, + "algorithm too big: %u\n", alg); + result = ISC_R_FAILURE; + } + + isc_buffer_init(&keydatabuf, keydata, sizeof(keydata)); + + keystr = cfg_obj_asstring(cfg_tuple_get(key, "key")); + tresult = isc_base64_decodestring(keystr, &keydatabuf); + + if (tresult != ISC_R_SUCCESS) { + cfg_obj_log(key, logctx, ISC_LOG_ERROR, + "%s", isc_result_totext(tresult)); + result = ISC_R_FAILURE; + } else { + isc_buffer_usedregion(&keydatabuf, &r); + + if ((alg == DST_ALG_RSASHA1 || alg == DST_ALG_RSAMD5) && + r.length > 1 && r.base[0] == 1 && r.base[1] == 3) + cfg_obj_log(key, logctx, ISC_LOG_WARNING, + "trusted key '%s' has a weak exponent", + keynamestr); + } + + return (result); +} + +static isc_result_t check_viewconf(const cfg_obj_t *config, const cfg_obj_t *voptions, const char *viewname, dns_rdataclass_t vclass, isc_log_t *logctx, isc_mem_t *mctx) { const cfg_obj_t *zones = NULL; const cfg_obj_t *keys = NULL; - const cfg_listelt_t *element; + const cfg_listelt_t *element, *element2; isc_symtab_t *symtab = NULL; isc_result_t result = ISC_R_SUCCESS; isc_result_t tresult = ISC_R_SUCCESS; @@ -1814,6 +1874,33 @@ check_viewconf(const cfg_obj_t *config, const cfg_obj_t *voptions, cfg_obj_log(obj, logctx, ISC_LOG_WARNING, "'dnssec-validation yes;' and 'dnssec-enable no;'"); + /* + * Check trusted-keys and managed-keys. + */ + keys = NULL; + if (voptions != NULL) + (void)cfg_map_get(voptions, "trusted-keys", &keys); + if (keys == NULL) + (void)cfg_map_get(config, "trusted-keys", &keys); + + for (element = cfg_list_first(keys); + element != NULL; + element = cfg_list_next(element)) + { + const cfg_obj_t *keylist = cfg_listelt_value(element); + for (element2 = cfg_list_first(keylist); + element2 != NULL; + element2 = cfg_list_next(element2)) { + obj = cfg_listelt_value(element2); + tresult = check_trusted_key(obj, logctx); + if (tresult != ISC_R_SUCCESS) + result = tresult; + } + } + + /* + * Check options. + */ if (voptions != NULL) tresult = check_options(voptions, logctx, mctx); else diff --git a/contrib/bind9/lib/dns/Makefile.in b/contrib/bind9/lib/dns/Makefile.in index ef5c12a..dfb8d7f 100644 --- a/contrib/bind9/lib/dns/Makefile.in +++ b/contrib/bind9/lib/dns/Makefile.in @@ -1,4 +1,4 @@ -# Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004-2008, 2010 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 1998-2003 Internet Software Consortium. # # Permission to use, copy, modify, and/or distribute this software for any @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: Makefile.in,v 1.163 2008/09/24 02:46:22 marka Exp $ +# $Id: Makefile.in,v 1.163.50.2 2010-06-09 23:48:16 tbox Exp $ srcdir = @srcdir@ VPATH = @srcdir@ @@ -47,11 +47,12 @@ LIBS = @LIBS@ # Alphabetically -DSTOBJS = @DST_EXTRA_OBJS@ \ +OPENSSLLINKOBJS = openssl_link.@O@ openssldh_link.@O@ openssldsa_link.@O@ \ + opensslrsa_link.@O@ + +DSTOBJS = @DST_EXTRA_OBJS@ @OPENSSLLINKOBJS@ \ dst_api.@O@ dst_lib.@O@ dst_parse.@O@ dst_result.@O@ \ - gssapi_link.@O@ gssapictx.@O@ hmac_link.@O@ key.@O@ \ - openssl_link.@O@ openssldh_link.@O@ openssldsa_link.@O@ \ - opensslrsa_link.@O@ + gssapi_link.@O@ gssapictx.@O@ hmac_link.@O@ key.@O@ # Alphabetically DNSOBJS = acache.@O@ acl.@O@ adb.@O@ byaddr.@O@ \ @@ -73,12 +74,13 @@ DNSOBJS = acache.@O@ acl.@O@ adb.@O@ byaddr.@O@ \ OBJS= ${DNSOBJS} ${OTHEROBJS} ${DSTOBJS} # Alphabetically -DSTSRCS = @DST_EXTRA_SRCS@ \ +OPENSSLLINKSRCS = openssl_link.c openssldh_link.c \ + openssldsa_link.c opensslrsa_link.c + +DSTSRCS = @DST_EXTRA_SRCS@ @OPENSSLLINKSRCS@ \ dst_api.c dst_lib.c dst_parse.c \ dst_result.c gssapi_link.c gssapictx.c \ - hmac_link.c key.c \ - openssl_link.c openssldh_link.c \ - openssldsa_link.c opensslrsa_link.c + hmac_link.c key.c DNSSRCS = acache.c acl.c adb.c byaddr.c \ cache.c callbacks.c compress.c \ diff --git a/contrib/bind9/lib/dns/adb.c b/contrib/bind9/lib/dns/adb.c index 28121a7..cd9cadf 100644 --- a/contrib/bind9/lib/dns/adb.c +++ b/contrib/bind9/lib/dns/adb.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: adb.c,v 1.243.42.4.24.2 2010/08/12 23:46:24 tbox Exp $ */ +/* $Id: adb.c,v 1.243.42.6 2010-08-11 23:45:49 tbox Exp $ */ /*! \file * diff --git a/contrib/bind9/lib/dns/api b/contrib/bind9/lib/dns/api index 82e6786..29ebff2 100644 --- a/contrib/bind9/lib/dns/api +++ b/contrib/bind9/lib/dns/api @@ -1,3 +1,3 @@ -LIBINTERFACE = 58 -LIBREVISION = 0 -LIBAGE = 0 +LIBINTERFACE = 59 +LIBREVISION = 2 +LIBAGE = 1 diff --git a/contrib/bind9/lib/dns/dst_api.c b/contrib/bind9/lib/dns/dst_api.c index bbb0a09..97d2657 100644 --- a/contrib/bind9/lib/dns/dst_api.c +++ b/contrib/bind9/lib/dns/dst_api.c @@ -31,7 +31,7 @@ /* * Principal Author: Brian Wellington - * $Id: dst_api.c,v 1.16.12.10 2010/01/15 19:38:53 each Exp $ + * $Id: dst_api.c,v 1.16.12.12 2010-12-09 01:12:55 marka Exp $ */ /*! \file */ @@ -49,6 +49,7 @@ #include <isc/mem.h> #include <isc/once.h> #include <isc/print.h> +#include <isc/refcount.h> #include <isc/random.h> #include <isc/string.h> #include <isc/time.h> @@ -503,6 +504,7 @@ dst_key_fromnamedfile(const char *filename, int type, isc_mem_t *mctx, *keyp = key; return (ISC_R_SUCCESS); + out: if (newfilename != NULL) isc_mem_put(mctx, newfilename, newfilenamelen); @@ -800,9 +802,21 @@ dst_key_paramcompare(const dst_key_t *key1, const dst_key_t *key2) { } void +dst_key_attach(dst_key_t *source, dst_key_t **target) { + + REQUIRE(dst_initialized == ISC_TRUE); + REQUIRE(target != NULL && *target == NULL); + REQUIRE(VALID_KEY(source)); + + isc_refcount_increment(&source->refs, NULL); + *target = source; +} + +void dst_key_free(dst_key_t **keyp) { isc_mem_t *mctx; dst_key_t *key; + unsigned int refs; REQUIRE(dst_initialized == ISC_TRUE); REQUIRE(keyp != NULL && VALID_KEY(*keyp)); @@ -810,6 +824,11 @@ dst_key_free(dst_key_t **keyp) { key = *keyp; mctx = key->mctx; + isc_refcount_decrement(&key->refs, &refs); + if (refs != 0) + return; + + isc_refcount_destroy(&key->refs); if (key->keydata.generic != NULL) { INSIST(key->func->destroy != NULL); key->func->destroy(key); @@ -927,14 +946,22 @@ get_key_struct(dns_name_t *name, unsigned int alg, memset(key, 0, sizeof(dst_key_t)); key->magic = KEY_MAGIC; + result = isc_refcount_init(&key->refs, 1); + if (result != ISC_R_SUCCESS) { + isc_mem_put(mctx, key, sizeof(dst_key_t)); + return (NULL); + } + key->key_name = isc_mem_get(mctx, sizeof(dns_name_t)); if (key->key_name == NULL) { + isc_refcount_destroy(&key->refs); isc_mem_put(mctx, key, sizeof(dst_key_t)); return (NULL); } dns_name_init(key->key_name, NULL); result = dns_name_dup(name, mctx, key->key_name); if (result != ISC_R_SUCCESS) { + isc_refcount_destroy(&key->refs); isc_mem_put(mctx, key->key_name, sizeof(dns_name_t)); isc_mem_put(mctx, key, sizeof(dst_key_t)); return (NULL); diff --git a/contrib/bind9/lib/dns/dst_internal.h b/contrib/bind9/lib/dns/dst_internal.h index 1669648..01bf1f2 100644 --- a/contrib/bind9/lib/dns/dst_internal.h +++ b/contrib/bind9/lib/dns/dst_internal.h @@ -29,7 +29,7 @@ * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: dst_internal.h,v 1.11.120.2 2010/01/15 23:47:33 tbox Exp $ */ +/* $Id: dst_internal.h,v 1.11.120.3 2010-12-09 01:12:55 marka Exp $ */ #ifndef DST_DST_INTERNAL_H #define DST_DST_INTERNAL_H 1 @@ -41,6 +41,7 @@ #include <isc/region.h> #include <isc/types.h> #include <isc/md5.h> +#include <isc/refcount.h> #include <isc/sha1.h> #include <isc/sha2.h> #include <isc/hmacmd5.h> @@ -83,6 +84,7 @@ typedef struct dst_hmacsha512_key dst_hmacsha512_key_t; /*% DST Key Structure */ struct dst_key { unsigned int magic; + isc_refcount_t refs; dns_name_t * key_name; /*%< name of the key */ unsigned int key_size; /*%< size of the key in bits */ unsigned int key_proto; /*%< protocols this key is used for */ diff --git a/contrib/bind9/lib/dns/gssapictx.c b/contrib/bind9/lib/dns/gssapictx.c index 11eadb9..f365a64 100644 --- a/contrib/bind9/lib/dns/gssapictx.c +++ b/contrib/bind9/lib/dns/gssapictx.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: gssapictx.c,v 1.12 2008/04/03 06:09:04 tbox Exp $ */ +/* $Id: gssapictx.c,v 1.12.118.5 2010-12-22 02:37:55 marka Exp $ */ #include <config.h> @@ -29,6 +29,7 @@ #include <isc/mem.h> #include <isc/once.h> #include <isc/print.h> +#include <isc/platform.h> #include <isc/random.h> #include <isc/string.h> #include <isc/time.h> @@ -66,6 +67,7 @@ * we include SPNEGO's OID. */ #if defined(GSSAPI) +#include ISC_PLATFORM_KRB5HEADER static unsigned char krb5_mech_oid_bytes[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x01, 0x02, 0x02 @@ -130,7 +132,7 @@ name_to_gbuffer(dns_name_t *name, isc_buffer_t *buffer, namep = &tname; } - result = dns_name_totext(namep, ISC_FALSE, buffer); + result = dns_name_toprincipal(namep, buffer); isc_buffer_putuint8(buffer, 0); isc_buffer_usedregion(buffer, &r); REGION_TO_GBUFFER(r, *gbuffer); @@ -191,6 +193,54 @@ log_cred(const gss_cred_id_t cred) { } #endif +#ifdef GSSAPI +/* + * check for the most common configuration errors. + * + * The errors checked for are: + * - tkey-gssapi-credential doesn't start with DNS/ + * - the default realm in /etc/krb5.conf and the + * tkey-gssapi-credential bind config option don't match + */ +static void +dst_gssapi_check_config(const char *gss_name) { + const char *p; + krb5_context krb5_ctx; + char *krb5_realm = NULL; + + if (strncasecmp(gss_name, "DNS/", 4) != 0) { + gss_log(ISC_LOG_ERROR, "tkey-gssapi-credential (%s) " + "should start with 'DNS/'", gss_name); + return; + } + + if (krb5_init_context(&krb5_ctx) != 0) { + gss_log(ISC_LOG_ERROR, "Unable to initialise krb5 context"); + return; + } + if (krb5_get_default_realm(krb5_ctx, &krb5_realm) != 0) { + gss_log(ISC_LOG_ERROR, "Unable to get krb5 default realm"); + krb5_free_context(krb5_ctx); + return; + } + p = strchr(gss_name, '/'); + if (p == NULL) { + gss_log(ISC_LOG_ERROR, "badly formatted " + "tkey-gssapi-credentials (%s)", gss_name); + krb5_free_context(krb5_ctx); + return; + } + if (strcasecmp(p + 1, krb5_realm) != 0) { + gss_log(ISC_LOG_ERROR, "default realm from krb5.conf (%s) " + "does not match tkey-gssapi-credential (%s)", + krb5_realm, gss_name); + krb5_free_context(krb5_ctx); + return; + } + krb5_free_context(krb5_ctx); +} +#endif + isc_result_t dst_gssapi_acquirecred(dns_name_t *name, isc_boolean_t initiate, gss_cred_id_t *cred) @@ -223,6 +273,8 @@ dst_gssapi_acquirecred(dns_name_t *name, isc_boolean_t initiate, gret = gss_import_name(&minor, &gnamebuf, GSS_C_NO_OID, &gname); if (gret != GSS_S_COMPLETE) { + dst_gssapi_check_config((char *)array); + gss_log(3, "failed gss_import_name: %s", gss_error_tostring(gret, minor, buf, sizeof(buf))); @@ -254,6 +306,7 @@ dst_gssapi_acquirecred(dns_name_t *name, isc_boolean_t initiate, initiate ? "initiate" : "accept", (char *)gnamebuf.value, gss_error_tostring(gret, minor, buf, sizeof(buf))); + dst_gssapi_check_config((char *)array); return (ISC_R_FAILURE); } @@ -283,12 +336,15 @@ dst_gssapi_identitymatchesrealmkrb5(dns_name_t *signer, dns_name_t *name, char rbuf[DNS_NAME_FORMATSIZE]; char *sname; char *rname; + isc_buffer_t buffer; /* * It is far, far easier to write the names we are looking at into * a string, and do string operations on them. */ - dns_name_format(signer, sbuf, sizeof(sbuf)); + isc_buffer_init(&buffer, sbuf, sizeof(sbuf)); + dns_name_toprincipal(signer, &buffer); + isc_buffer_putuint8(&buffer, 0); if (name != NULL) dns_name_format(name, nbuf, sizeof(nbuf)); dns_name_format(realm, rbuf, sizeof(rbuf)); @@ -298,11 +354,11 @@ dst_gssapi_identitymatchesrealmkrb5(dns_name_t *signer, dns_name_t *name, * does not exist, we don't have something we like, so we fail our * compare. */ - rname = strstr(sbuf, "\\@"); + rname = strchr(sbuf, '@'); if (rname == NULL) return (isc_boolean_false); *rname = '\0'; - rname += 2; + rname++; /* * Find the host portion of the signer's name. We do this by @@ -352,12 +408,15 @@ dst_gssapi_identitymatchesrealmms(dns_name_t *signer, dns_name_t *name, char *sname; char *nname; char *rname; + isc_buffer_t buffer; /* * It is far, far easier to write the names we are looking at into * a string, and do string operations on them. */ - dns_name_format(signer, sbuf, sizeof(sbuf)); + isc_buffer_init(&buffer, sbuf, sizeof(sbuf)); + dns_name_toprincipal(signer, &buffer); + isc_buffer_putuint8(&buffer, 0); if (name != NULL) dns_name_format(name, nbuf, sizeof(nbuf)); dns_name_format(realm, rbuf, sizeof(rbuf)); @@ -367,17 +426,17 @@ dst_gssapi_identitymatchesrealmms(dns_name_t *signer, dns_name_t *name, * does not exist, we don't have something we like, so we fail our * compare. */ - rname = strstr(sbuf, "\\@"); + rname = strchr(sbuf, '@'); if (rname == NULL) return (isc_boolean_false); - sname = strstr(sbuf, "\\$"); + sname = strchr(sbuf, '$'); if (sname == NULL) return (isc_boolean_false); /* * Verify that the $ and @ follow one another. */ - if (rname - sname != 2) + if (rname - sname != 1) return (isc_boolean_false); /* @@ -389,8 +448,7 @@ dst_gssapi_identitymatchesrealmms(dns_name_t *signer, dns_name_t *name, * machinename$@EXAMPLE.COM * format. */ - *rname = '\0'; - rname += 2; + rname++; *sname = '\0'; sname = sbuf; @@ -488,8 +546,12 @@ dst_gssapi_initctx(dns_name_t *name, isc_buffer_t *intoken, gintokenp = NULL; } + /* + * Note that we don't set GSS_C_SEQUENCE_FLAG as Windows DNS + * servers don't like it. + */ flags = GSS_C_REPLAY_FLAG | GSS_C_MUTUAL_FLAG | GSS_C_DELEG_FLAG | - GSS_C_SEQUENCE_FLAG | GSS_C_INTEG_FLAG; + GSS_C_INTEG_FLAG; gret = gss_init_sec_context(&minor, GSS_C_NO_CREDENTIAL, gssctx, gname, GSS_SPNEGO_MECHANISM, flags, diff --git a/contrib/bind9/lib/dns/include/dns/diff.h b/contrib/bind9/lib/dns/include/dns/diff.h index 32886c5..f5e25ee 100644 --- a/contrib/bind9/lib/dns/include/dns/diff.h +++ b/contrib/bind9/lib/dns/include/dns/diff.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: diff.h,v 1.15.120.2.24.2 2010/06/04 23:49:23 tbox Exp $ */ +/* $Id: diff.h,v 1.15.120.4 2010-06-04 23:48:25 tbox Exp $ */ #ifndef DNS_DIFF_H #define DNS_DIFF_H 1 diff --git a/contrib/bind9/lib/dns/include/dns/events.h b/contrib/bind9/lib/dns/include/dns/events.h index bb61b9d..689566b 100644 --- a/contrib/bind9/lib/dns/include/dns/events.h +++ b/contrib/bind9/lib/dns/include/dns/events.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2009, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: events.h,v 1.49.332.2 2009/05/07 23:47:12 tbox Exp $ */ +/* $Id: events.h,v 1.49.332.4 2010-05-10 23:48:14 tbox Exp $ */ #ifndef DNS_EVENTS_H #define DNS_EVENTS_H 1 @@ -58,7 +58,7 @@ #define DNS_EVENT_MASTERNEXTZONE (ISC_EVENTCLASS_DNS + 28) #define DNS_EVENT_IOREADY (ISC_EVENTCLASS_DNS + 29) #define DNS_EVENT_LOOKUPDONE (ISC_EVENTCLASS_DNS + 30) -/* #define DNS_EVENT_unused (ISC_EVENTCLASS_DNS + 31) */ +#define DNS_EVENT_RBTDEADNODES (ISC_EVENTCLASS_DNS + 31) #define DNS_EVENT_DISPATCHCONTROL (ISC_EVENTCLASS_DNS + 32) #define DNS_EVENT_REQUESTCONTROL (ISC_EVENTCLASS_DNS + 33) #define DNS_EVENT_DUMPQUANTUM (ISC_EVENTCLASS_DNS + 34) diff --git a/contrib/bind9/lib/dns/include/dns/name.h b/contrib/bind9/lib/dns/include/dns/name.h index dc6e525..801c9ac 100644 --- a/contrib/bind9/lib/dns/include/dns/name.h +++ b/contrib/bind9/lib/dns/include/dns/name.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2009, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: name.h,v 1.126.332.3 2009/12/24 00:34:59 each Exp $ */ +/* $Id: name.h,v 1.126.332.5 2010-07-09 23:45:55 tbox Exp $ */ #ifndef DNS_NAME_H #define DNS_NAME_H 1 @@ -796,9 +796,18 @@ dns_name_fromtext(dns_name_t *name, isc_buffer_t *source, *\li #ISC_R_UNEXPECTEDEND */ +#define DNS_NAME_OMITFINALDOT 0x01U +#define DNS_NAME_MASTERFILE 0x02U /* escape $ and @ */ + +isc_result_t +dns_name_toprincipal(dns_name_t *name, isc_buffer_t *target); + isc_result_t dns_name_totext(dns_name_t *name, isc_boolean_t omit_final_dot, isc_buffer_t *target); + +isc_result_t +dns_name_totext2(dns_name_t *name, unsigned int options, isc_buffer_t *target); /*%< * Convert 'name' into text format, storing the result in 'target'. * @@ -806,6 +815,12 @@ dns_name_totext(dns_name_t *name, isc_boolean_t omit_final_dot, *\li If 'omit_final_dot' is true, then the final '.' in absolute * names other than the root name will be omitted. * + *\li If DNS_NAME_OMITFINALDOT is set in options, then the final '.' + * in absolute names other than the root name will be omitted. + * + *\li If DNS_NAME_MASTERFILE is set in options, '$' and '@' will also + * be escaped. + * *\li If dns_name_countlabels == 0, the name will be "@", representing the * current origin as described by RFC1035. * diff --git a/contrib/bind9/lib/dns/include/dns/ncache.h b/contrib/bind9/lib/dns/include/dns/ncache.h index 00f22a7..0c1d950 100644 --- a/contrib/bind9/lib/dns/include/dns/ncache.h +++ b/contrib/bind9/lib/dns/include/dns/ncache.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: ncache.h,v 1.25.48.2.10.2 2010/05/14 23:48:44 tbox Exp $ */ +/* $Id: ncache.h,v 1.25.48.4 2010-05-14 23:47:50 tbox Exp $ */ #ifndef DNS_NCACHE_H #define DNS_NCACHE_H 1 diff --git a/contrib/bind9/lib/dns/include/dns/rdataset.h b/contrib/bind9/lib/dns/include/dns/rdataset.h index 8104b50..b3a0c1d 100644 --- a/contrib/bind9/lib/dns/include/dns/rdataset.h +++ b/contrib/bind9/lib/dns/include/dns/rdataset.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rdataset.h,v 1.65.50.2.24.1 2010/03/03 22:06:39 marka Exp $ */ +/* $Id: rdataset.h,v 1.65.50.4 2010-02-25 10:56:41 tbox Exp $ */ #ifndef DNS_RDATASET_H #define DNS_RDATASET_H 1 diff --git a/contrib/bind9/lib/dns/include/dns/resolver.h b/contrib/bind9/lib/dns/include/dns/resolver.h index 537bf0f..c9034bf 100644 --- a/contrib/bind9/lib/dns/include/dns/resolver.h +++ b/contrib/bind9/lib/dns/include/dns/resolver.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: resolver.h,v 1.60.56.3.24.1 2010/03/03 22:06:39 marka Exp $ */ +/* $Id: resolver.h,v 1.60.56.5 2010-02-25 10:56:41 tbox Exp $ */ #ifndef DNS_RESOLVER_H #define DNS_RESOLVER_H 1 diff --git a/contrib/bind9/lib/dns/include/dns/result.h b/contrib/bind9/lib/dns/include/dns/result.h index fae43e3..74b84d6 100644 --- a/contrib/bind9/lib/dns/include/dns/result.h +++ b/contrib/bind9/lib/dns/include/dns/result.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: result.h,v 1.116.228.1 2010/03/03 22:06:39 marka Exp $ */ +/* $Id: result.h,v 1.116.48.2 2010-02-25 10:56:41 tbox Exp $ */ #ifndef DNS_RESULT_H #define DNS_RESULT_H 1 diff --git a/contrib/bind9/lib/dns/include/dns/tsig.h b/contrib/bind9/lib/dns/include/dns/tsig.h index e8c0e2c..5161fb3 100644 --- a/contrib/bind9/lib/dns/include/dns/tsig.h +++ b/contrib/bind9/lib/dns/include/dns/tsig.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: tsig.h,v 1.51 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: tsig.h,v 1.51.332.4 2010-12-09 01:12:55 marka Exp $ */ #ifndef DNS_TSIG_H #define DNS_TSIG_H 1 @@ -62,6 +62,13 @@ struct dns_tsig_keyring { unsigned int writecount; isc_rwlock_t lock; isc_mem_t *mctx; + /* + * LRU list of generated key along with a count of the keys on the + * list and a maximum size. + */ + unsigned int generated; + unsigned int maxgenerated; + ISC_LIST(dns_tsigkey_t) lru; }; struct dns_tsigkey { @@ -77,12 +84,13 @@ struct dns_tsigkey { isc_stdtime_t expire; /*%< end of validity period */ dns_tsig_keyring_t *ring; /*%< the enclosing keyring */ isc_refcount_t refs; /*%< reference counter */ + ISC_LINK(dns_tsigkey_t) link; }; #define dns_tsigkey_identity(tsigkey) \ ((tsigkey) == NULL ? NULL : \ - (tsigkey)->generated ? ((tsigkey)->creator) : \ - (&((tsigkey)->name))) + (tsigkey)->generated ? ((tsigkey)->creator) : \ + (&((tsigkey)->name))) ISC_LANG_BEGINDECLS @@ -109,12 +117,15 @@ dns_tsigkey_createfromkey(dns_name_t *name, dns_name_t *algorithm, * allows a transient key with an invalid algorithm to exist long enough * to generate a BADKEY response. * + * If dns_tsigkey_createfromkey is successful a new reference to 'dstkey' + * will have been made. + * * Requires: *\li 'name' is a valid dns_name_t *\li 'algorithm' is a valid dns_name_t *\li 'secret' is a valid pointer *\li 'length' is an integer >= 0 - *\li 'key' is a valid dst key or NULL + *\li 'dstkey' is a valid dst key or NULL *\li 'creator' points to a valid dns_name_t or is NULL *\li 'mctx' is a valid memory context *\li 'ring' is a valid TSIG keyring or NULL diff --git a/contrib/bind9/lib/dns/include/dns/types.h b/contrib/bind9/lib/dns/include/dns/types.h index 3fe8378..4e4c195 100644 --- a/contrib/bind9/lib/dns/include/dns/types.h +++ b/contrib/bind9/lib/dns/include/dns/types.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: types.h,v 1.130.50.5.10.2 2010/05/14 23:48:44 tbox Exp $ */ +/* $Id: types.h,v 1.130.50.7 2010-05-14 23:47:50 tbox Exp $ */ #ifndef DNS_TYPES_H #define DNS_TYPES_H 1 diff --git a/contrib/bind9/lib/dns/include/dns/validator.h b/contrib/bind9/lib/dns/include/dns/validator.h index 1f9ec74..fb5b834 100644 --- a/contrib/bind9/lib/dns/include/dns/validator.h +++ b/contrib/bind9/lib/dns/include/dns/validator.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: validator.h,v 1.41.48.3.24.1 2010/03/03 22:06:39 marka Exp $ */ +/* $Id: validator.h,v 1.41.48.5 2010-02-25 10:56:41 tbox Exp $ */ #ifndef DNS_VALIDATOR_H #define DNS_VALIDATOR_H 1 diff --git a/contrib/bind9/lib/dns/include/dns/view.h b/contrib/bind9/lib/dns/include/dns/view.h index 0b4dedc..ec96d4c 100644 --- a/contrib/bind9/lib/dns/include/dns/view.h +++ b/contrib/bind9/lib/dns/include/dns/view.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: view.h,v 1.111.88.4.24.2 2010/09/29 23:46:31 tbox Exp $ */ +/* $Id: view.h,v 1.111.88.6 2010-09-24 08:30:28 tbox Exp $ */ #ifndef DNS_VIEW_H #define DNS_VIEW_H 1 diff --git a/contrib/bind9/lib/dns/include/dns/zone.h b/contrib/bind9/lib/dns/include/dns/zone.h index 746b43c..96cb998 100644 --- a/contrib/bind9/lib/dns/include/dns/zone.h +++ b/contrib/bind9/lib/dns/include/dns/zone.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: zone.h,v 1.160.50.6 2009/10/05 21:57:00 each Exp $ */ +/* $Id: zone.h,v 1.160.50.8 2010-12-14 23:46:09 tbox Exp $ */ #ifndef DNS_ZONE_H #define DNS_ZONE_H 1 @@ -1654,7 +1654,7 @@ void dns_zone_setcheckmx(dns_zone_t *zone, dns_checkmxfunc_t checkmx); /*%< * Set the post load integrity callback function 'checkmx'. - * 'checkmx' will be called if the MX is not within the zone. + * 'checkmx' will be called if the MX TARGET is not within the zone. * * Require: * 'zone' to be a valid zone. @@ -1673,8 +1673,8 @@ dns_zone_setchecksrv(dns_zone_t *zone, dns_checkmxfunc_t checksrv); void dns_zone_setcheckns(dns_zone_t *zone, dns_checknsfunc_t checkns); /*%< - * Set the post load integrity callback function 'checkmx'. - * 'checkmx' will be called if the MX is not within the zone. + * Set the post load integrity callback function 'checkns'. + * 'checkns' will be called if the NS TARGET is not within the zone. * * Require: * 'zone' to be a valid zone. diff --git a/contrib/bind9/lib/dns/include/dst/dst.h b/contrib/bind9/lib/dns/include/dst/dst.h index de262bd..1a30d2b 100644 --- a/contrib/bind9/lib/dns/include/dst/dst.h +++ b/contrib/bind9/lib/dns/include/dst/dst.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: dst.h,v 1.12.50.2 2010/01/15 23:47:34 tbox Exp $ */ +/* $Id: dst.h,v 1.12.50.3 2010-12-09 01:12:55 marka Exp $ */ #ifndef DST_DST_H #define DST_DST_H 1 @@ -509,6 +509,16 @@ dst_key_paramcompare(const dst_key_t *key1, const dst_key_t *key2); */ void +dst_key_attach(dst_key_t *source, dst_key_t **target); +/* + * Attach to a existing key increasing the reference count. + * + * Requires: + *\li 'source' to be a valid key. + *\li 'target' to be non-NULL and '*target' to be NULL. + */ + +void dst_key_free(dst_key_t **keyp); /*%< * Release all memory associated with the key. diff --git a/contrib/bind9/lib/dns/journal.c b/contrib/bind9/lib/dns/journal.c index 933576f..520083e 100644 --- a/contrib/bind9/lib/dns/journal.c +++ b/contrib/bind9/lib/dns/journal.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: journal.c,v 1.103.48.6.10.2 2010/11/17 23:46:16 tbox Exp $ */ +/* $Id: journal.c,v 1.103.48.8 2010-11-17 23:45:45 tbox Exp $ */ #include <config.h> diff --git a/contrib/bind9/lib/dns/message.c b/contrib/bind9/lib/dns/message.c index 2e34120..4a01178e 100644 --- a/contrib/bind9/lib/dns/message.c +++ b/contrib/bind9/lib/dns/message.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: message.c,v 1.245.50.3 2009/11/24 03:25:53 marka Exp $ */ +/* $Id: message.c,v 1.245.50.7 2010-06-03 05:29:03 marka Exp $ */ /*! \file */ @@ -1531,6 +1531,8 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t *dctx, } else if (rdtype == dns_rdatatype_tsig && msg->tsig == NULL) { msg->tsig = rdataset; msg->tsigname = name; + /* Windows doesn't like TSIG names to be compressed. */ + msg->tsigname->attributes |= DNS_NAMEATTR_NOCOMPRESS; rdataset = NULL; free_rdataset = ISC_FALSE; free_name = ISC_FALSE; @@ -2478,7 +2480,9 @@ dns_message_reply(dns_message_t *msg, isc_boolean_t want_question_section) { if (msg->opcode != dns_opcode_query && msg->opcode != dns_opcode_notify) want_question_section = ISC_FALSE; - if (want_question_section) { + if (msg->opcode == dns_opcode_update) + first_section = DNS_SECTION_ADDITIONAL; + else if (want_question_section) { if (!msg->question_ok) return (DNS_R_FORMERR); first_section = DNS_SECTION_ANSWER; @@ -3155,7 +3159,8 @@ dns_message_pseudosectiontotext(dns_message_t *msg, ADD_STRING(target, ", flags:"); if ((ps->ttl & DNS_MESSAGEEXTFLAG_DO) != 0) ADD_STRING(target, " do"); - mbz = ps->ttl & ~DNS_MESSAGEEXTFLAG_DO & 0xffff; + mbz = ps->ttl & 0xffff; + mbz &= ~DNS_MESSAGEEXTFLAG_DO; /* Known Flags. */ if (mbz != 0) { ADD_STRING(target, "; MBZ: "); snprintf(buf, sizeof(buf), "%.4x ", mbz); @@ -3173,42 +3178,46 @@ dns_message_pseudosectiontotext(dns_message_t *msg, /* Print EDNS info, if any */ dns_rdata_init(&rdata); dns_rdataset_current(ps, &rdata); - if (rdata.length < 4) - return (ISC_R_SUCCESS); isc_buffer_init(&optbuf, rdata.data, rdata.length); isc_buffer_add(&optbuf, rdata.length); - optcode = isc_buffer_getuint16(&optbuf); - optlen = isc_buffer_getuint16(&optbuf); - - if (optcode == DNS_OPT_NSID) { - ADD_STRING(target, "; NSID"); - } else { - ADD_STRING(target, "; OPT="); - sprintf(buf, "%u", optcode); - ADD_STRING(target, buf); - } - - if (optlen != 0) { - int i; - ADD_STRING(target, ": "); - - optdata = rdata.data + 4; - for (i = 0; i < optlen; i++) { - sprintf(buf, "%02x ", optdata[i]); + while (isc_buffer_remaininglength(&optbuf) != 0) { + INSIST(isc_buffer_remaininglength(&optbuf) >= 4U); + optcode = isc_buffer_getuint16(&optbuf); + optlen = isc_buffer_getuint16(&optbuf); + INSIST(isc_buffer_remaininglength(&optbuf) >= optlen); + + if (optcode == DNS_OPT_NSID) { + ADD_STRING(target, "; NSID"); + } else { + ADD_STRING(target, "; OPT="); + sprintf(buf, "%u", optcode); ADD_STRING(target, buf); } - for (i = 0; i < optlen; i++) { - ADD_STRING(target, " ("); - if (isprint(optdata[i])) - isc_buffer_putmem(target, &optdata[i], - 1); - else - isc_buffer_putstr(target, "."); - ADD_STRING(target, ")"); + + if (optlen != 0) { + int i; + ADD_STRING(target, ": "); + + optdata = isc_buffer_current(&optbuf); + for (i = 0; i < optlen; i++) { + sprintf(buf, "%02x ", optdata[i]); + ADD_STRING(target, buf); + } + for (i = 0; i < optlen; i++) { + ADD_STRING(target, " ("); + if (isprint(optdata[i])) + isc_buffer_putmem(target, + &optdata[i], + 1); + else + isc_buffer_putstr(target, "."); + ADD_STRING(target, ")"); + } + isc_buffer_forward(&optbuf, optlen); } + ADD_STRING(target, "\n"); } - ADD_STRING(target, "\n"); return (ISC_R_SUCCESS); case DNS_PSEUDOSECTION_TSIG: ps = dns_message_gettsig(msg, &name); @@ -3258,21 +3267,26 @@ dns_message_totext(dns_message_t *msg, const dns_master_style_t *style, ADD_STRING(target, ", id: "); snprintf(buf, sizeof(buf), "%6u", msg->id); ADD_STRING(target, buf); - ADD_STRING(target, "\n;; flags: "); + ADD_STRING(target, "\n;; flags:"); if ((msg->flags & DNS_MESSAGEFLAG_QR) != 0) - ADD_STRING(target, "qr "); + ADD_STRING(target, " qr"); if ((msg->flags & DNS_MESSAGEFLAG_AA) != 0) - ADD_STRING(target, "aa "); + ADD_STRING(target, " aa"); if ((msg->flags & DNS_MESSAGEFLAG_TC) != 0) - ADD_STRING(target, "tc "); + ADD_STRING(target, " tc"); if ((msg->flags & DNS_MESSAGEFLAG_RD) != 0) - ADD_STRING(target, "rd "); + ADD_STRING(target, " rd"); if ((msg->flags & DNS_MESSAGEFLAG_RA) != 0) - ADD_STRING(target, "ra "); + ADD_STRING(target, " ra"); if ((msg->flags & DNS_MESSAGEFLAG_AD) != 0) - ADD_STRING(target, "ad "); + ADD_STRING(target, " ad"); if ((msg->flags & DNS_MESSAGEFLAG_CD) != 0) - ADD_STRING(target, "cd "); + ADD_STRING(target, " cd"); + /* + * The final unnamed flag must be zero. + */ + if ((msg->flags & 0x0040U) != 0) + ADD_STRING(target, "; MBZ: 0x4"); if (msg->opcode != dns_opcode_update) { ADD_STRING(target, "; QUESTION: "); } else { diff --git a/contrib/bind9/lib/dns/name.c b/contrib/bind9/lib/dns/name.c index f4ea3e9..80864b8 100644 --- a/contrib/bind9/lib/dns/name.c +++ b/contrib/bind9/lib/dns/name.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: name.c,v 1.165 2008/04/01 23:47:10 tbox Exp $ */ +/* $Id: name.c,v 1.165.120.3 2010-07-09 05:15:05 each Exp $ */ /*! \file */ @@ -901,7 +901,7 @@ dns_name_getlabelsequence(const dns_name_t *source, REQUIRE(VALID_NAME(source)); REQUIRE(VALID_NAME(target)); REQUIRE(first <= source->labels); - REQUIRE(first + n <= source->labels); + REQUIRE(n <= source->labels - first); /* note first+n could overflow */ REQUIRE(BINDABLE(target)); SETUP_OFFSETS(source, offsets, odata); @@ -1324,6 +1324,21 @@ isc_result_t dns_name_totext(dns_name_t *name, isc_boolean_t omit_final_dot, isc_buffer_t *target) { + unsigned int options = DNS_NAME_MASTERFILE; + + if (omit_final_dot) + options |= DNS_NAME_OMITFINALDOT; + return (dns_name_totext2(name, options, target)); +} + +isc_result_t +dns_name_toprincipal(dns_name_t *name, isc_buffer_t *target) { + return (dns_name_totext2(name, DNS_NAME_OMITFINALDOT, target)); +} + +isc_result_t +dns_name_totext2(dns_name_t *name, unsigned int options, isc_buffer_t *target) +{ unsigned char *ndata; char *tdata; unsigned int nlen, tlen; @@ -1337,6 +1352,8 @@ dns_name_totext(dns_name_t *name, isc_boolean_t omit_final_dot, dns_name_totextfilter_t totext_filter_proc = NULL; isc_result_t result; #endif + isc_boolean_t omit_final_dot = + ISC_TF(options & DNS_NAME_OMITFINALDOT); /* * This function assumes the name is in proper uncompressed @@ -1412,15 +1429,17 @@ dns_name_totext(dns_name_t *name, isc_boolean_t omit_final_dot, while (count > 0) { c = *ndata; switch (c) { + /* Special modifiers in zone files. */ + case 0x40: /* '@' */ + case 0x24: /* '$' */ + if ((options & DNS_NAME_MASTERFILE) == 0) + goto no_escape; case 0x22: /* '"' */ case 0x28: /* '(' */ case 0x29: /* ')' */ case 0x2E: /* '.' */ case 0x3B: /* ';' */ case 0x5C: /* '\\' */ - /* Special modifiers in zone files. */ - case 0x40: /* '@' */ - case 0x24: /* '$' */ if (trem < 2) return (ISC_R_NOSPACE); *tdata++ = '\\'; @@ -1430,6 +1449,7 @@ dns_name_totext(dns_name_t *name, isc_boolean_t omit_final_dot, trem -= 2; nlen--; break; + no_escape: default: if (c > 0x20 && c < 0x7f) { if (trem == 0) diff --git a/contrib/bind9/lib/dns/ncache.c b/contrib/bind9/lib/dns/ncache.c index a194084..5f24683 100644 --- a/contrib/bind9/lib/dns/ncache.c +++ b/contrib/bind9/lib/dns/ncache.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: ncache.c,v 1.43.336.5 2010/05/19 09:56:44 marka Exp $ */ +/* $Id: ncache.c,v 1.43.48.7 2010-05-19 09:53:46 marka Exp $ */ /*! \file */ diff --git a/contrib/bind9/lib/dns/openssl_link.c b/contrib/bind9/lib/dns/openssl_link.c index 2dc7d7e..081e3c6 100644 --- a/contrib/bind9/lib/dns/openssl_link.c +++ b/contrib/bind9/lib/dns/openssl_link.c @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -31,7 +31,7 @@ /* * Principal Author: Brian Wellington - * $Id: openssl_link.c,v 1.22.112.3 2009/02/11 03:07:01 jinmei Exp $ + * $Id: openssl_link.c,v 1.22.112.5 2010-09-15 12:37:35 tbox Exp $ */ #ifdef OPENSSL @@ -91,7 +91,7 @@ entropy_get(unsigned char *buf, int num) { if (num < 0) return (-1); result = dst__entropy_getdata(buf, (unsigned int) num, ISC_FALSE); - return (result == ISC_R_SUCCESS ? num : -1); + return (result == ISC_R_SUCCESS ? 1 : -1); } static int @@ -105,7 +105,7 @@ entropy_getpseudo(unsigned char *buf, int num) { if (num < 0) return (-1); result = dst__entropy_getdata(buf, (unsigned int) num, ISC_TRUE); - return (result == ISC_R_SUCCESS ? num : -1); + return (result == ISC_R_SUCCESS ? 1 : -1); } static void diff --git a/contrib/bind9/lib/dns/rbtdb.c b/contrib/bind9/lib/dns/rbtdb.c index f61b83b..8932a17 100644 --- a/contrib/bind9/lib/dns/rbtdb.c +++ b/contrib/bind9/lib/dns/rbtdb.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rbtdb.c,v 1.270.12.16.10.6 2010/11/16 07:46:23 marka Exp $ */ +/* $Id: rbtdb.c,v 1.270.12.26 2010-12-02 05:09:58 marka Exp $ */ /*! \file */ @@ -2090,6 +2090,34 @@ setnsec3parameters(dns_db_t *db, rbtdb_version_t *version, } static void +cleanup_dead_nodes_callback(isc_task_t *task, isc_event_t *event) { + dns_rbtdb_t *rbtdb = event->ev_arg; + isc_boolean_t again = ISC_FALSE; + unsigned int locknum; + unsigned int refs; + + RWLOCK(&rbtdb->tree_lock, isc_rwlocktype_write); + for (locknum = 0; locknum < rbtdb->node_lock_count; locknum++) { + NODE_LOCK(&rbtdb->node_locks[locknum].lock, + isc_rwlocktype_write); + cleanup_dead_nodes(rbtdb, locknum); + if (ISC_LIST_HEAD(rbtdb->deadnodes[locknum]) != NULL) + again = ISC_TRUE; + NODE_UNLOCK(&rbtdb->node_locks[locknum].lock, + isc_rwlocktype_write); + } + RWUNLOCK(&rbtdb->tree_lock, isc_rwlocktype_write); + if (again) + isc_task_send(task, &event); + else { + isc_event_free(&event); + isc_refcount_decrement(&rbtdb->references, &refs); + if (refs == 0) + maybe_free_rbtdb(rbtdb); + } +} + +static void closeversion(dns_db_t *db, dns_dbversion_t **versionp, isc_boolean_t commit) { dns_rbtdb_t *rbtdb = (dns_rbtdb_t *)db; rbtdb_version_t *version, *cleanup_version, *least_greater; @@ -2289,15 +2317,28 @@ closeversion(dns_db_t *db, dns_dbversion_t **versionp, isc_boolean_t commit) { } if (!EMPTY(cleanup_list)) { - /* - * We acquire a tree write lock here in order to make sure - * that stale nodes will be removed in decrement_reference(). - * If we didn't have the lock, those nodes could miss the - * chance to be removed until the server stops. The write lock - * is expensive, but this event should be rare enough to justify - * the cost. - */ - RWLOCK(&rbtdb->tree_lock, isc_rwlocktype_write); + isc_event_t *event = NULL; + isc_rwlocktype_t tlock = isc_rwlocktype_none; + + if (rbtdb->task != NULL) + event = isc_event_allocate(rbtdb->common.mctx, NULL, + DNS_EVENT_RBTDEADNODES, + cleanup_dead_nodes_callback, + rbtdb, sizeof(isc_event_t)); + if (event == NULL) { + /* + * We acquire a tree write lock here in order to make + * sure that stale nodes will be removed in + * decrement_reference(). If we didn't have the lock, + * those nodes could miss the chance to be removed + * until the server stops. The write lock is + * expensive, but this event should be rare enough + * to justify the cost. + */ + RWLOCK(&rbtdb->tree_lock, isc_rwlocktype_write); + tlock = isc_rwlocktype_write; + } + for (changed = HEAD(cleanup_list); changed != NULL; changed = next_changed) { @@ -2312,20 +2353,25 @@ closeversion(dns_db_t *db, dns_dbversion_t **versionp, isc_boolean_t commit) { * This is a good opportunity to purge any dead nodes, * so use it. */ - cleanup_dead_nodes(rbtdb, rbtnode->locknum); + if (event == NULL) + cleanup_dead_nodes(rbtdb, rbtnode->locknum); if (rollback) rollback_node(rbtnode, serial); decrement_reference(rbtdb, rbtnode, least_serial, - isc_rwlocktype_write, - isc_rwlocktype_write, ISC_FALSE); + isc_rwlocktype_write, tlock, + ISC_FALSE); NODE_UNLOCK(lock, isc_rwlocktype_write); isc_mem_put(rbtdb->common.mctx, changed, sizeof(*changed)); } - RWUNLOCK(&rbtdb->tree_lock, isc_rwlocktype_write); + if (event != NULL) { + isc_refcount_increment(&rbtdb->references, NULL); + isc_task_send(rbtdb->task, &event); + } else + RWUNLOCK(&rbtdb->tree_lock, isc_rwlocktype_write); } end: diff --git a/contrib/bind9/lib/dns/rdata.c b/contrib/bind9/lib/dns/rdata.c index ab9df8b..daaa83a 100644 --- a/contrib/bind9/lib/dns/rdata.c +++ b/contrib/bind9/lib/dns/rdata.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2009, 2011 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rdata.c,v 1.199.50.2 2009/02/16 23:47:15 tbox Exp $ */ +/* $Id: rdata.c,v 1.199.50.4 2011-01-13 04:48:21 tbox Exp $ */ /*! \file */ @@ -1135,6 +1135,11 @@ name_prefix(dns_name_t *name, dns_name_t *origin, dns_name_t *target) { if (l1 == l2) goto return_false; + /* Master files should be case preserving. */ + dns_name_getlabelsequence(name, l1 - l2, l2, target); + if (!dns_name_caseequal(origin, target)) + goto return_false; + dns_name_getlabelsequence(name, 0, l1 - l2, target); return (ISC_TRUE); diff --git a/contrib/bind9/lib/dns/rdata/generic/ipseckey_45.c b/contrib/bind9/lib/dns/rdata/generic/ipseckey_45.c index 6a58bc9..f971d49 100644 --- a/contrib/bind9/lib/dns/rdata/generic/ipseckey_45.c +++ b/contrib/bind9/lib/dns/rdata/generic/ipseckey_45.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2005, 2007, 2009, 2011 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: ipseckey_45.c,v 1.4.332.3 2009/09/18 21:55:48 jinmei Exp $ */ +/* $Id: ipseckey_45.c,v 1.4.332.5 2011-01-13 04:48:23 tbox Exp $ */ #ifndef RDATA_GENERIC_IPSECKEY_45_C #define RDATA_GENERIC_IPSECKEY_45_C @@ -120,8 +120,6 @@ static inline isc_result_t totext_ipseckey(ARGS_TOTEXT) { isc_region_t region; dns_name_t name; - dns_name_t prefix; - isc_boolean_t sub; char buf[sizeof("255 ")]; unsigned short num; unsigned short gateway; @@ -130,7 +128,6 @@ totext_ipseckey(ARGS_TOTEXT) { REQUIRE(rdata->length >= 3); dns_name_init(&name, NULL); - dns_name_init(&prefix, NULL); if (rdata->data[1] > 3U) return (ISC_R_NOTIMPLEMENTED); @@ -183,8 +180,7 @@ totext_ipseckey(ARGS_TOTEXT) { case 3: dns_name_fromregion(&name, ®ion); - sub = name_prefix(&name, tctx->origin, &prefix); - RETERR(dns_name_totext(&prefix, sub, target)); + RETERR(dns_name_totext(&name, ISC_FALSE, target)); isc_region_consume(®ion, name_length(&name)); break; } diff --git a/contrib/bind9/lib/dns/rdata/generic/nsec_47.c b/contrib/bind9/lib/dns/rdata/generic/nsec_47.c index 7e443d9..ace1035 100644 --- a/contrib/bind9/lib/dns/rdata/generic/nsec_47.c +++ b/contrib/bind9/lib/dns/rdata/generic/nsec_47.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2007, 2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2007, 2008, 2011 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: nsec_47.c,v 1.11 2008/07/15 23:47:21 tbox Exp $ */ +/* $Id: nsec_47.c,v 1.11.82.2 2011-01-13 04:48:23 tbox Exp $ */ /* reviewed: Wed Mar 15 18:21:15 PST 2000 by brister */ @@ -88,20 +88,18 @@ totext_nsec(ARGS_TOTEXT) { isc_region_t sr; unsigned int i, j, k; dns_name_t name; - dns_name_t prefix; - isc_boolean_t sub; unsigned int window, len; REQUIRE(rdata->type == 47); REQUIRE(rdata->length != 0); + UNUSED(tctx); + dns_name_init(&name, NULL); - dns_name_init(&prefix, NULL); dns_rdata_toregion(rdata, &sr); dns_name_fromregion(&name, &sr); isc_region_consume(&sr, name_length(&name)); - sub = name_prefix(&name, tctx->origin, &prefix); - RETERR(dns_name_totext(&prefix, sub, target)); + RETERR(dns_name_totext(&name, ISC_FALSE, target)); for (i = 0; i < sr.length; i += len) { diff --git a/contrib/bind9/lib/dns/rdata/generic/rrsig_46.c b/contrib/bind9/lib/dns/rdata/generic/rrsig_46.c index a9af4bd..bcbb05b 100644 --- a/contrib/bind9/lib/dns/rdata/generic/rrsig_46.c +++ b/contrib/bind9/lib/dns/rdata/generic/rrsig_46.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2011 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rrsig_46.c,v 1.10 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: rrsig_46.c,v 1.10.332.2 2011-01-13 04:48:23 tbox Exp $ */ /* Reviewed: Fri Mar 17 09:05:02 PST 2000 by gson */ @@ -134,8 +134,6 @@ totext_rrsig(ARGS_TOTEXT) { unsigned long exp; unsigned long foot; dns_name_t name; - dns_name_t prefix; - isc_boolean_t sub; REQUIRE(rdata->type == 46); REQUIRE(rdata->length != 0); @@ -217,11 +215,9 @@ totext_rrsig(ARGS_TOTEXT) { * Signer. */ dns_name_init(&name, NULL); - dns_name_init(&prefix, NULL); dns_name_fromregion(&name, &sr); isc_region_consume(&sr, name_length(&name)); - sub = name_prefix(&name, tctx->origin, &prefix); - RETERR(dns_name_totext(&prefix, sub, target)); + RETERR(dns_name_totext(&name, ISC_FALSE, target)); /* * Sig. diff --git a/contrib/bind9/lib/dns/rdatalist.c b/contrib/bind9/lib/dns/rdatalist.c index 97cef94..e8178a7 100644 --- a/contrib/bind9/lib/dns/rdatalist.c +++ b/contrib/bind9/lib/dns/rdatalist.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rdatalist.c,v 1.36.338.1 2010/03/03 22:06:39 marka Exp $ */ +/* $Id: rdatalist.c,v 1.36.50.2 2010-02-25 10:56:41 tbox Exp $ */ /*! \file */ diff --git a/contrib/bind9/lib/dns/rdataset.c b/contrib/bind9/lib/dns/rdataset.c index 4361913..c0fcde5 100644 --- a/contrib/bind9/lib/dns/rdataset.c +++ b/contrib/bind9/lib/dns/rdataset.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rdataset.c,v 1.82.50.2.24.1 2010/03/03 22:06:39 marka Exp $ */ +/* $Id: rdataset.c,v 1.82.50.4 2010-02-25 10:56:41 tbox Exp $ */ /*! \file */ diff --git a/contrib/bind9/lib/dns/rdataslab.c b/contrib/bind9/lib/dns/rdataslab.c index 8d12eb8..d1a02a0 100644 --- a/contrib/bind9/lib/dns/rdataslab.c +++ b/contrib/bind9/lib/dns/rdataslab.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rdataslab.c,v 1.48.50.2.24.1 2010/03/03 22:06:39 marka Exp $ */ +/* $Id: rdataslab.c,v 1.48.50.4 2010-02-25 10:56:41 tbox Exp $ */ /*! \file */ diff --git a/contrib/bind9/lib/dns/resolver.c b/contrib/bind9/lib/dns/resolver.c index 8803a05..290bb0f 100644 --- a/contrib/bind9/lib/dns/resolver.c +++ b/contrib/bind9/lib/dns/resolver.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2011 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: resolver.c,v 1.384.14.20.10.3 2010/06/23 23:46:25 tbox Exp $ */ +/* $Id: resolver.c,v 1.384.14.30 2011-01-27 23:45:47 tbox Exp $ */ /*! \file */ @@ -203,6 +203,7 @@ struct fetchctx { isc_sockaddrlist_t bad; isc_sockaddrlist_t edns; isc_sockaddrlist_t edns512; + isc_sockaddrlist_t bad_edns; dns_validator_t *validator; ISC_LIST(dns_validator_t) validators; dns_db_t * cache; @@ -482,7 +483,7 @@ valcreate(fetchctx_t *fctx, dns_adbaddrinfo_t *addrinfo, dns_name_t *name, inc_stats(fctx->res, dns_resstatscounter_val); if ((valoptions & DNS_VALIDATOR_DEFER) == 0) { INSIST(fctx->validator == NULL); - fctx->validator = validator; + fctx->validator = validator; } ISC_LIST_APPEND(fctx->validators, validator, link); } else @@ -1559,6 +1560,36 @@ fctx_query(fetchctx_t *fctx, dns_adbaddrinfo_t *addrinfo, } static isc_boolean_t +bad_edns(fetchctx_t *fctx, isc_sockaddr_t *address) { + isc_sockaddr_t *sa; + + for (sa = ISC_LIST_HEAD(fctx->bad_edns); + sa != NULL; + sa = ISC_LIST_NEXT(sa, link)) { + if (isc_sockaddr_equal(sa, address)) + return (ISC_TRUE); + } + + return (ISC_FALSE); +} + +static void +add_bad_edns(fetchctx_t *fctx, isc_sockaddr_t *address) { + isc_sockaddr_t *sa; + + if (bad_edns(fctx, address)) + return; + + sa = isc_mem_get(fctx->res->buckets[fctx->bucketnum].mctx, + sizeof(*sa)); + if (sa == NULL) + return; + + *sa = *address; + ISC_LIST_INITANDAPPEND(fctx->bad_edns, sa, link); +} + +static isc_boolean_t triededns(fetchctx_t *fctx, isc_sockaddr_t *address) { isc_sockaddr_t *sa; @@ -3131,6 +3162,14 @@ fctx_destroy(fetchctx_t *fctx) { isc_mem_put(res->buckets[bucketnum].mctx, sa, sizeof(*sa)); } + for (sa = ISC_LIST_HEAD(fctx->bad_edns); + sa != NULL; + sa = next_sa) { + next_sa = ISC_LIST_NEXT(sa, link); + ISC_LIST_UNLINK(fctx->bad_edns, sa, link); + isc_mem_put(res->buckets[bucketnum].mctx, sa, sizeof(*sa)); + } + isc_timer_detach(&fctx->timer); dns_message_destroy(&fctx->rmessage); dns_message_destroy(&fctx->qmessage); @@ -3501,6 +3540,7 @@ fctx_create(dns_resolver_t *res, dns_name_t *name, dns_rdatatype_t type, ISC_LIST_INIT(fctx->bad); ISC_LIST_INIT(fctx->edns); ISC_LIST_INIT(fctx->edns512); + ISC_LIST_INIT(fctx->bad_edns); ISC_LIST_INIT(fctx->validators); fctx->validator = NULL; fctx->find = NULL; @@ -3870,14 +3910,6 @@ maybe_destroy(fetchctx_t *fctx) { validator != NULL; validator = next_validator) { next_validator = ISC_LIST_NEXT(validator, link); dns_validator_cancel(validator); - /* - * If this is a active validator wait for the cancel - * to complete before calling dns_validator_destroy(). - */ - if (validator == fctx->validator) - continue; - ISC_LIST_UNLINK(fctx->validators, validator, link); - dns_validator_destroy(&validator); } bucketnum = fctx->bucketnum; @@ -6115,6 +6147,7 @@ resquery_response(isc_task_t *task, isc_event_t *event) { unsigned int findoptions; isc_result_t broken_server; badnstype_t broken_type = badns_response; + isc_boolean_t no_response; REQUIRE(VALID_QUERY(query)); fctx = query->fctx; @@ -6137,6 +6170,7 @@ resquery_response(isc_task_t *task, isc_event_t *event) { resend = ISC_FALSE; truncated = ISC_FALSE; finish = NULL; + no_response = ISC_FALSE; if (fctx->res->exiting) { result = ISC_R_SHUTTINGDOWN; @@ -6184,7 +6218,9 @@ resquery_response(isc_task_t *task, isc_event_t *event) { /* * If this is a network error on an exclusive query * socket, mark the server as bad so that we won't try - * it for this fetch again. + * it for this fetch again. Also adjust finish and + * no_response so that we penalize this address in SRTT + * adjustment later. */ if (query->exclusivesocket && (devent->result == ISC_R_HOSTUNREACH || @@ -6193,6 +6229,8 @@ resquery_response(isc_task_t *task, isc_event_t *event) { devent->result == ISC_R_CANCELED)) { broken_server = devent->result; broken_type = badns_unreachable; + finish = NULL; + no_response = ISC_TRUE; } } goto done; @@ -6324,6 +6362,25 @@ resquery_response(isc_task_t *task, isc_event_t *event) { * ensured by the dispatch code). */ + /* + * We have an affirmative response to the query and we have + * previously got a response from this server which indicated + * EDNS may not be supported so we can now cache the lack of + * EDNS support. + */ + if (opt == NULL && + (message->rcode == dns_rcode_noerror || + message->rcode == dns_rcode_nxdomain || + message->rcode == dns_rcode_refused || + message->rcode == dns_rcode_yxdomain) && + bad_edns(fctx, &query->addrinfo->sockaddr)) { + char addrbuf[ISC_SOCKADDR_FORMATSIZE]; + isc_sockaddr_format(&query->addrinfo->sockaddr, addrbuf, + sizeof(addrbuf)); + dns_adb_changeflags(fctx->adb, query->addrinfo, + DNS_FETCHOPT_NOEDNS0, + DNS_FETCHOPT_NOEDNS0); + } /* * Deal with truncated responses by retrying using TCP. @@ -6379,9 +6436,9 @@ resquery_response(isc_task_t *task, isc_event_t *event) { if (message->rcode != dns_rcode_noerror && message->rcode != dns_rcode_nxdomain) { if (((message->rcode == dns_rcode_formerr || - message->rcode == dns_rcode_notimp) || - (message->rcode == dns_rcode_servfail && - dns_message_getopt(message) == NULL)) && + message->rcode == dns_rcode_notimp) || + (message->rcode == dns_rcode_servfail && + dns_message_getopt(message) == NULL)) && (query->options & DNS_FETCHOPT_NOEDNS0) == 0) { /* * It's very likely they don't like EDNS0. @@ -6397,12 +6454,9 @@ resquery_response(isc_task_t *task, isc_event_t *event) { options |= DNS_FETCHOPT_NOEDNS0; resend = ISC_TRUE; /* - * Remember that they don't like EDNS0. + * Remember that they may not like EDNS0. */ - if (message->rcode != dns_rcode_servfail) - dns_adb_changeflags(fctx->adb, query->addrinfo, - DNS_FETCHOPT_NOEDNS0, - DNS_FETCHOPT_NOEDNS0); + add_bad_edns(fctx, &query->addrinfo->sockaddr); inc_stats(fctx->res, dns_resstatscounter_edns0fail); } else if (message->rcode == dns_rcode_formerr) { if (ISFORWARDER(query->addrinfo)) { @@ -6666,7 +6720,7 @@ resquery_response(isc_task_t *task, isc_event_t *event) { * * XXXRTH Don't cancel the query if waiting for validation? */ - fctx_cancelquery(&query, &devent, finish, ISC_FALSE); + fctx_cancelquery(&query, &devent, finish, no_response); if (keep_trying) { if (result == DNS_R_FORMERR) @@ -7389,6 +7443,13 @@ static inline isc_boolean_t fctx_match(fetchctx_t *fctx, dns_name_t *name, dns_rdatatype_t type, unsigned int options) { + /* + * Don't match fetch contexts that are shutting down. + */ + if (fctx->cloned || fctx->state == fetchstate_done || + ISC_LIST_EMPTY(fctx->events)) + return (ISC_FALSE); + if (fctx->type != type || fctx->options != options) return (ISC_FALSE); return (dns_name_equal(&fctx->name, name)); @@ -7523,17 +7584,7 @@ dns_resolver_createfetch2(dns_resolver_t *res, dns_name_t *name, } } - /* - * If we didn't have a fetch, would attach to a done fetch, this - * fetch has already cloned its results, or if the fetch has gone - * "idle" (no one was interested in it), we need to start a new - * fetch instead of joining with the existing one. - */ - if (fctx == NULL || - fctx->state == fetchstate_done || - fctx->cloned || - ISC_LIST_EMPTY(fctx->events)) { - fctx = NULL; + if (fctx == NULL) { result = fctx_create(res, name, type, domain, nameservers, options, bucketnum, &fctx); if (result != ISC_R_SUCCESS) diff --git a/contrib/bind9/lib/dns/result.c b/contrib/bind9/lib/dns/result.c index f241ded..2b0457c 100644 --- a/contrib/bind9/lib/dns/result.c +++ b/contrib/bind9/lib/dns/result.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: result.c,v 1.125.124.1 2010/03/03 22:06:39 marka Exp $ */ +/* $Id: result.c,v 1.125.48.2 2010-02-25 10:56:41 tbox Exp $ */ /*! \file */ diff --git a/contrib/bind9/lib/dns/rootns.c b/contrib/bind9/lib/dns/rootns.c index 3c50a18..d51a0d6 100644 --- a/contrib/bind9/lib/dns/rootns.c +++ b/contrib/bind9/lib/dns/rootns.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2008, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rootns.c,v 1.36 2008/09/24 02:46:22 marka Exp $ */ +/* $Id: rootns.c,v 1.36.50.4 2010-06-18 05:37:50 marka Exp $ */ /*! \file */ @@ -71,11 +71,13 @@ static char root_ns[] = "H.ROOT-SERVERS.NET. 3600000 IN A 128.63.2.53\n" "H.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:1::803F:235\n" "I.ROOT-SERVERS.NET. 3600000 IN A 192.36.148.17\n" +"I.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:7fe::53\n" "J.ROOT-SERVERS.NET. 3600000 IN A 192.58.128.30\n" "J.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:503:C27::2:30\n" "K.ROOT-SERVERS.NET. 3600000 IN A 193.0.14.129\n" "K.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:7FD::1\n" "L.ROOT-SERVERS.NET. 3600000 IN A 199.7.83.42\n" +"L.ROOT-SERVERS.NET. 604800 IN AAAA 2001:500:3::42\n" "M.ROOT-SERVERS.NET. 3600000 IN A 202.12.27.33\n" "M.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:DC3::35\n"; diff --git a/contrib/bind9/lib/dns/sdb.c b/contrib/bind9/lib/dns/sdb.c index 6ec6209..49c6430 100644 --- a/contrib/bind9/lib/dns/sdb.c +++ b/contrib/bind9/lib/dns/sdb.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: sdb.c,v 1.66.48.3.10.1 2010/03/03 22:06:39 marka Exp $ */ +/* $Id: sdb.c,v 1.66.48.6 2010-08-16 05:21:42 marka Exp $ */ /*! \file */ @@ -837,13 +837,6 @@ find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version, for (i = olabels; i <= nlabels; i++) { /* - * Unless this is an explicit lookup at the origin, don't - * look at the origin. - */ - if (i == olabels && i != nlabels) - continue; - - /* * Look up the next label. */ dns_name_getlabelsequence(name, nlabels - i, i, xname); diff --git a/contrib/bind9/lib/dns/sdlz.c b/contrib/bind9/lib/dns/sdlz.c index f2f7786..6be315a 100644 --- a/contrib/bind9/lib/dns/sdlz.c +++ b/contrib/bind9/lib/dns/sdlz.c @@ -50,7 +50,7 @@ * USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: sdlz.c,v 1.18.50.3.10.1 2010/03/03 22:06:39 marka Exp $ */ +/* $Id: sdlz.c,v 1.18.50.6 2010-08-16 05:21:42 marka Exp $ */ /*! \file */ @@ -801,13 +801,6 @@ find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version, for (i = olabels; i <= nlabels; i++) { /* - * Unless this is an explicit lookup at the origin, don't - * look at the origin. - */ - if (i == olabels && i != nlabels) - continue; - - /* * Look up the next label. */ dns_name_getlabelsequence(name, nlabels - i, i, xname); diff --git a/contrib/bind9/lib/dns/time.c b/contrib/bind9/lib/dns/time.c index 62414dd..bd8cdc3 100644 --- a/contrib/bind9/lib/dns/time.c +++ b/contrib/bind9/lib/dns/time.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2009, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: time.c,v 1.31.332.2 2009/01/18 23:47:40 tbox Exp $ */ +/* $Id: time.c,v 1.31.332.4 2010-04-21 23:48:05 tbox Exp $ */ /*! \file */ @@ -24,6 +24,7 @@ #include <stdio.h> #include <isc/string.h> /* Required for HP/UX (and others?) */ #include <time.h> +#include <ctype.h> #include <isc/print.h> #include <isc/region.h> @@ -132,6 +133,14 @@ dns_time64_fromtext(const char *source, isc_int64_t *target) { if (strlen(source) != 14U) return (DNS_R_SYNTAX); + /* + * Confirm the source only consists digits. sscanf() allows some + * minor exceptions. + */ + for (i = 0; i < 14; i++) { + if (!isdigit((unsigned char)source[i])) + return (DNS_R_SYNTAX); + } if (sscanf(source, "%4d%2d%2d%2d%2d%2d", &year, &month, &day, &hour, &minute, &second) != 6) return (DNS_R_SYNTAX); diff --git a/contrib/bind9/lib/dns/tkey.c b/contrib/bind9/lib/dns/tkey.c index 9e59dfa..7107dd5 100644 --- a/contrib/bind9/lib/dns/tkey.c +++ b/contrib/bind9/lib/dns/tkey.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -16,7 +16,7 @@ */ /* - * $Id: tkey.c,v 1.90 2008/04/03 00:45:23 marka Exp $ + * $Id: tkey.c,v 1.90.118.4 2010-12-09 01:12:55 marka Exp $ */ /*! \file */ #include <config.h> @@ -417,10 +417,9 @@ process_dhtkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name, } static isc_result_t -process_gsstkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name, - dns_rdata_tkey_t *tkeyin, dns_tkeyctx_t *tctx, - dns_rdata_tkey_t *tkeyout, - dns_tsig_keyring_t *ring, dns_namelist_t *namelist) +process_gsstkey(dns_name_t *name, dns_rdata_tkey_t *tkeyin, + dns_tkeyctx_t *tctx, dns_rdata_tkey_t *tkeyout, + dns_tsig_keyring_t *ring) { isc_result_t result = ISC_R_SUCCESS; dst_key_t *dstkey = NULL; @@ -431,9 +430,6 @@ process_gsstkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name, isc_buffer_t *outtoken = NULL; gss_ctx_id_t gss_ctx = NULL; - UNUSED(namelist); - UNUSED(signer); - if (tctx->gsscred == NULL) return (ISC_R_NOPERM); @@ -456,18 +452,15 @@ process_gsstkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name, if (result == ISC_R_SUCCESS) gss_ctx = dst_key_getgssctx(tsigkey->key); - dns_fixedname_init(&principal); result = dst_gssapi_acceptctx(tctx->gsscred, &intoken, &outtoken, &gss_ctx, dns_fixedname_name(&principal), tctx->mctx); - - if (tsigkey != NULL) - dns_tsigkey_detach(&tsigkey); - if (result == DNS_R_INVALIDTKEY) { + if (tsigkey != NULL) + dns_tsigkey_detach(&tsigkey); tkeyout->error = dns_tsigerror_badkey; tkey_log("process_gsstkey(): dns_tsigerror_badkey"); /* XXXSRA */ return (ISC_R_SUCCESS); @@ -478,20 +471,39 @@ process_gsstkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name, * XXXDCL Section 4.1.3: Limit GSS_S_CONTINUE_NEEDED to 10 times. */ + isc_stdtime_get(&now); + if (tsigkey == NULL) { - RETERR(dst_key_fromgssapi(name, gss_ctx, msg->mctx, &dstkey)); +#ifdef GSSAPI + OM_uint32 gret, minor, lifetime; +#endif + isc_uint32_t expire; + + RETERR(dst_key_fromgssapi(name, gss_ctx, ring->mctx, &dstkey)); + /* + * Limit keys to 1 hour or the context's lifetime whichever + * is smaller. + */ + expire = now + 3600; +#ifdef GSSAPI + gret = gss_context_time(&minor, gss_ctx, &lifetime); + if (gret == GSS_S_COMPLETE && now + lifetime < expire) + expire = now + lifetime; +#endif RETERR(dns_tsigkey_createfromkey(name, &tkeyin->algorithm, dstkey, ISC_TRUE, dns_fixedname_name(&principal), - tkeyin->inception, - tkeyin->expire, - ring->mctx, ring, NULL)); + now, expire, ring->mctx, ring, + NULL)); + dst_key_free(&dstkey); + tkeyout->inception = now; + tkeyout->expire = expire; + } else { + tkeyout->inception = tsigkey->inception; + tkeyout->expire = tkeyout->expire; + dns_tsigkey_detach(&tsigkey); } - isc_stdtime_get(&now); - tkeyout->inception = tkeyin->inception; - tkeyout->expire = tkeyin->expire; - if (outtoken) { tkeyout->key = isc_mem_get(tkeyout->mctx, isc_buffer_usedlength(outtoken)); @@ -520,6 +532,9 @@ process_gsstkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name, return (ISC_R_SUCCESS); failure: + if (tsigkey != NULL) + dns_tsigkey_detach(&tsigkey); + if (dstkey != NULL) dst_key_free(&dstkey); @@ -533,19 +548,14 @@ failure: } static isc_result_t -process_deletetkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name, - dns_rdata_tkey_t *tkeyin, - dns_rdata_tkey_t *tkeyout, - dns_tsig_keyring_t *ring, - dns_namelist_t *namelist) +process_deletetkey(dns_name_t *signer, dns_name_t *name, + dns_rdata_tkey_t *tkeyin, dns_rdata_tkey_t *tkeyout, + dns_tsig_keyring_t *ring) { isc_result_t result; dns_tsigkey_t *tsigkey = NULL; dns_name_t *identity; - UNUSED(msg); - UNUSED(namelist); - result = dns_tsigkey_find(&tsigkey, name, &tkeyin->algorithm, ring); if (result != ISC_R_SUCCESS) { tkeyout->error = dns_tsigerror_badname; @@ -763,16 +773,13 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, break; case DNS_TKEYMODE_GSSAPI: tkeyout.error = dns_rcode_noerror; - RETERR(process_gsstkey(msg, signer, keyname, &tkeyin, - tctx, &tkeyout, ring, - &namelist)); - + RETERR(process_gsstkey(keyname, &tkeyin, tctx, + &tkeyout, ring)); break; case DNS_TKEYMODE_DELETE: tkeyout.error = dns_rcode_noerror; - RETERR(process_deletetkey(msg, signer, keyname, - &tkeyin, &tkeyout, - ring, &namelist)); + RETERR(process_deletetkey(signer, keyname, &tkeyin, + &tkeyout, ring)); break; case DNS_TKEYMODE_SERVERASSIGNED: case DNS_TKEYMODE_RESOLVERASSIGNED: @@ -1263,7 +1270,6 @@ dns_tkey_processgssresponse(dns_message_t *qmsg, dns_message_t *rmsg, isc_buffer_init(&intoken, rtkey.key, rtkey.keylen); RETERR(dst_gssapi_initctx(gname, &intoken, outtoken, context)); - dstkey = NULL; RETERR(dst_key_fromgssapi(dns_rootname, *context, rmsg->mctx, &dstkey)); @@ -1271,7 +1277,7 @@ dns_tkey_processgssresponse(dns_message_t *qmsg, dns_message_t *rmsg, dstkey, ISC_FALSE, NULL, rtkey.inception, rtkey.expire, ring->mctx, ring, outkey)); - + dst_key_free(&dstkey); dns_rdata_freestruct(&rtkey); return (result); @@ -1279,6 +1285,8 @@ dns_tkey_processgssresponse(dns_message_t *qmsg, dns_message_t *rmsg, /* * XXXSRA This probably leaks memory from rtkey and qtkey. */ + if (dstkey != NULL) + dst_key_free(&dstkey); return (result); } @@ -1365,10 +1373,10 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, if (win2k == ISC_TRUE) RETERR(find_tkey(qmsg, &tkeyname, &qtkeyrdata, - DNS_SECTION_ANSWER)); + DNS_SECTION_ANSWER)); else RETERR(find_tkey(qmsg, &tkeyname, &qtkeyrdata, - DNS_SECTION_ADDITIONAL)); + DNS_SECTION_ADDITIONAL)); RETERR(dns_rdata_tostruct(&qtkeyrdata, &qtkey, NULL)); @@ -1389,7 +1397,6 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, if (result != DNS_R_CONTINUE && result != ISC_R_SUCCESS) return (result); - dstkey = NULL; RETERR(dst_key_fromgssapi(dns_rootname, *context, rmsg->mctx, &dstkey)); @@ -1406,7 +1413,7 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, dstkey, ISC_TRUE, NULL, rtkey.inception, rtkey.expire, ring->mctx, ring, outkey)); - + dst_key_free(&dstkey); dns_rdata_freestruct(&rtkey); return (result); @@ -1415,5 +1422,7 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, * XXXSRA This probably leaks memory from qtkey. */ dns_rdata_freestruct(&rtkey); + if (dstkey != NULL) + dst_key_free(&dstkey); return (result); } diff --git a/contrib/bind9/lib/dns/tsig.c b/contrib/bind9/lib/dns/tsig.c index 74a7af3..65d32dc 100644 --- a/contrib/bind9/lib/dns/tsig.c +++ b/contrib/bind9/lib/dns/tsig.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -16,7 +16,7 @@ */ /* - * $Id: tsig.c,v 1.136 2008/11/04 21:23:14 marka Exp $ + * $Id: tsig.c,v 1.136.18.5 2010-12-09 01:12:55 marka Exp $ */ /*! \file */ #include <config.h> @@ -26,6 +26,7 @@ #include <isc/mem.h> #include <isc/print.h> #include <isc/refcount.h> +#include <isc/serial.h> #include <isc/string.h> /* Required for HP/UX (and others?) */ #include <isc/util.h> #include <isc/time.h> @@ -47,6 +48,10 @@ #define TSIG_MAGIC ISC_MAGIC('T', 'S', 'I', 'G') #define VALID_TSIG_KEY(x) ISC_MAGIC_VALID(x, TSIG_MAGIC) +#ifndef DNS_TSIG_MAXGENERATEDKEYS +#define DNS_TSIG_MAXGENERATEDKEYS 4096 +#endif + #define is_response(msg) (msg->flags & DNS_MESSAGEFLAG_QR) #define algname_is_allocated(algname) \ ((algname) != dns_tsig_hmacmd5_name && \ @@ -86,6 +91,31 @@ static dns_name_t gsstsig = { }; LIBDNS_EXTERNAL_DATA dns_name_t *dns_tsig_gssapi_name = &gsstsig; +static void +remove_fromring(dns_tsigkey_t *tkey) { + if (tkey->generated) { + ISC_LIST_UNLINK(tkey->ring->lru, tkey, link); + tkey->ring->generated--; + } + (void)dns_rbt_deletename(tkey->ring->keys, &tkey->name, ISC_FALSE); +} + +static void +adjust_lru(dns_tsigkey_t *tkey) { + if (tkey->generated) { + RWLOCK(&tkey->ring->lock, isc_rwlocktype_write); + /* + * We may have been removed from the LRU list between + * removing the read lock and aquiring the write lock. + */ + if (ISC_LINK_LINKED(tkey, link)) { + ISC_LIST_UNLINK(tkey->ring->lru, tkey, link); + ISC_LIST_APPEND(tkey->ring->lru, tkey, link); + } + RWUNLOCK(&tkey->ring->lock, isc_rwlocktype_write); + } +} + /* * Since Microsoft doesn't follow its own standard, we will use this * alternate name as a second guess. @@ -327,7 +357,9 @@ dns_tsigkey_createfromkey(dns_name_t *name, dns_name_t *algorithm, } else tkey->creator = NULL; - tkey->key = dstkey; + tkey->key = NULL; + if (dstkey != NULL) + dst_key_attach(dstkey, &tkey->key); tkey->ring = ring; if (key != NULL) @@ -358,11 +390,24 @@ dns_tsigkey_createfromkey(dns_name_t *name, dns_name_t *algorithm, cleanup_ring(ring); ring->writecount = 0; } + ret = dns_rbt_addname(ring->keys, name, tkey); if (ret != ISC_R_SUCCESS) { RWUNLOCK(&ring->lock, isc_rwlocktype_write); goto cleanup_refs; } + + if (tkey->generated) { + /* + * Add the new key to the LRU list and remove the + * least recently used key if there are too many + * keys on the list. + */ + ISC_LIST_INITANDAPPEND(ring->lru, tkey, link); + if (ring->generated++ > ring->maxgenerated) + remove_fromring(ISC_LIST_HEAD(ring->lru)); + } + RWUNLOCK(&ring->lock, isc_rwlocktype_write); } @@ -390,6 +435,8 @@ dns_tsigkey_createfromkey(dns_name_t *name, dns_name_t *algorithm, isc_refcount_decrement(&tkey->refs, NULL); isc_refcount_destroy(&tkey->refs); cleanup_creator: + if (tkey->key != NULL) + dst_key_free(&tkey->key); if (tkey->creator != NULL) { dns_name_free(tkey->creator, mctx); isc_mem_put(mctx, tkey->creator, sizeof(dns_name_t)); @@ -452,9 +499,7 @@ cleanup_ring(dns_tsig_keyring_t *ring) tsig_log(tkey, 2, "tsig expire: deleting"); /* delete the key */ dns_rbtnodechain_invalidate(&chain); - (void)dns_rbt_deletename(ring->keys, - &tkey->name, - ISC_FALSE); + remove_fromring(tkey); goto again; } } @@ -464,7 +509,6 @@ cleanup_ring(dns_tsig_keyring_t *ring) dns_rbtnodechain_invalidate(&chain); return; } - } } @@ -572,7 +616,7 @@ dns_tsigkey_create(dns_name_t *name, dns_name_t *algorithm, result = dns_tsigkey_createfromkey(name, algorithm, dstkey, generated, creator, inception, expire, mctx, ring, key); - if (result != ISC_R_SUCCESS && dstkey != NULL) + if (dstkey != NULL) dst_key_free(&dstkey); return (result); } @@ -629,7 +673,7 @@ dns_tsigkey_setdeleted(dns_tsigkey_t *key) { REQUIRE(key->ring != NULL); RWLOCK(&key->ring->lock, isc_rwlocktype_write); - (void)dns_rbt_deletename(key->ring->keys, &key->name, ISC_FALSE); + remove_fromring(key); RWUNLOCK(&key->ring->lock, isc_rwlocktype_write); } @@ -889,6 +933,9 @@ dns_tsig_sign(dns_message_t *msg) { msg->tsig = dataset; msg->tsigname = owner; + /* Windows does not like the tsig name being compressed. */ + msg->tsigname->attributes |= DNS_NAMEATTR_NOCOMPRESS; + return (ISC_R_SUCCESS); cleanup_rdatalist: @@ -1469,19 +1516,30 @@ dns_tsigkey_find(dns_tsigkey_t **tsigkey, dns_name_t *name, RWUNLOCK(&ring->lock, isc_rwlocktype_read); return (ISC_R_NOTFOUND); } - if (key->inception != key->expire && key->expire < now) { + if (key->inception != key->expire && isc_serial_lt(key->expire, now)) { /* * The key has expired. */ RWUNLOCK(&ring->lock, isc_rwlocktype_read); RWLOCK(&ring->lock, isc_rwlocktype_write); - (void)dns_rbt_deletename(ring->keys, name, ISC_FALSE); + remove_fromring(key); RWUNLOCK(&ring->lock, isc_rwlocktype_write); return (ISC_R_NOTFOUND); } - +#if 0 + /* + * MPAXXX We really should look at the inception time. + */ + if (key->inception != key->expire && + isc_serial_lt(key->inception, now)) { + RWUNLOCK(&ring->lock, isc_rwlocktype_read); + adjust_lru(key); + return (ISC_R_NOTFOUND); + } +#endif isc_refcount_increment(&key->refs, NULL); RWUNLOCK(&ring->lock, isc_rwlocktype_read); + adjust_lru(key); *tsigkey = key; return (ISC_R_SUCCESS); } @@ -1527,6 +1585,9 @@ dns_tsigkeyring_create(isc_mem_t *mctx, dns_tsig_keyring_t **ringp) { ring->writecount = 0; ring->mctx = NULL; + ring->generated = 0; + ring->maxgenerated = DNS_TSIG_MAXGENERATEDKEYS; + ISC_LIST_INIT(ring->lru); isc_mem_attach(mctx, &ring->mctx); *ringp = ring; diff --git a/contrib/bind9/lib/dns/validator.c b/contrib/bind9/lib/dns/validator.c index fc6f454..054c5a6 100644 --- a/contrib/bind9/lib/dns/validator.c +++ b/contrib/bind9/lib/dns/validator.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: validator.c,v 1.164.12.11.10.7 2010/11/16 01:48:32 marka Exp $ */ +/* $Id: validator.c,v 1.164.12.23 2010-11-16 02:23:44 marka Exp $ */ #include <config.h> @@ -2135,7 +2135,7 @@ dlv_validatezonekey(dns_validator_t *val) { &sigrdata); result = dns_rdata_tostruct(&sigrdata, &sig, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); - if (dlv.key_tag != sig.keyid && + if (dlv.key_tag != sig.keyid || dlv.algorithm != sig.algorithm) continue; dstkey = NULL; @@ -2218,6 +2218,17 @@ validatezonekey(dns_validator_t *val) { return (dlv_validatezonekey(val)); if (val->dsset == NULL) { + + /* + * We have a dlv sep. Skip looking up the SEP from + * {trusted,managed}-keys. If the dlv sep is for the + * root then it will have been handled above so we don't + * need to check whether val->event->name is "." prior to + * looking up the DS. + */ + if (val->havedlvsep) + goto find_ds; + /* * First, see if this key was signed by a trusted key. */ @@ -2250,13 +2261,13 @@ validatezonekey(dns_validator_t *val) { val->event->name, found) != ISC_R_SUCCESS) { if (val->mustbesecure) { validator_log(val, ISC_LOG_WARNING, - "must be secure failure, " - "not beneath secure root"); + "must be secure failure, " + "not beneath secure root"); return (DNS_R_MUSTBESECURE); } else validator_log(val, ISC_LOG_DEBUG(3), - "not beneath secure root"); - if (val->view->dlv == NULL || DLVTRIED(val)) { + "not beneath secure root"); + if (val->view->dlv == NULL) { markanswer(val, "validatezonekey (1)"); return (ISC_R_SUCCESS); } @@ -2292,17 +2303,6 @@ validatezonekey(dns_validator_t *val) { } } - /* - * If this is the root name and there was no trusted key, - * give up, since there's no DS at the root. - */ - if (dns_name_equal(event->name, dns_rootname)) { - if ((val->attributes & VALATTR_TRIEDVERIFY) != 0) - return (DNS_R_NOVALIDSIG); - else - return (DNS_R_NOVALIDDS); - } - if (atsep) { /* * We have not found a key to verify this DNSKEY @@ -2323,6 +2323,22 @@ validatezonekey(dns_validator_t *val) { } /* + * If this is the root name and there was no trusted key, + * give up, since there's no DS at the root. + */ + if (dns_name_equal(event->name, dns_rootname)) { + if ((val->attributes & VALATTR_TRIEDVERIFY) != 0) { + validator_log(val, ISC_LOG_DEBUG(3), + "root key failed to validate"); + return (DNS_R_NOVALIDSIG); + } else { + validator_log(val, ISC_LOG_DEBUG(3), + "no trusted root key"); + return (DNS_R_NOVALIDDS); + } + } + find_ds: + /* * Otherwise, try to find the DS record. */ result = view_find(val, val->event->name, dns_rdatatype_ds); @@ -4038,19 +4054,19 @@ dns_validator_cancel(dns_validator_t *validator) { validator_log(validator, ISC_LOG_DEBUG(3), "dns_validator_cancel"); - if (validator->event != NULL) { - if (validator->fetch != NULL) - dns_resolver_cancelfetch(validator->fetch); - - if (validator->subvalidator != NULL) - dns_validator_cancel(validator->subvalidator); - if ((validator->options & DNS_VALIDATOR_DEFER) != 0) { - isc_task_t *task = validator->event->ev_sender; - validator->options &= ~DNS_VALIDATOR_DEFER; - isc_event_free((isc_event_t **)&validator->event); - isc_task_detach(&task); - } + if ((validator->attributes & VALATTR_CANCELED) == 0) { validator->attributes |= VALATTR_CANCELED; + if (validator->event != NULL) { + if (validator->fetch != NULL) + dns_resolver_cancelfetch(validator->fetch); + + if (validator->subvalidator != NULL) + dns_validator_cancel(validator->subvalidator); + if ((validator->options & DNS_VALIDATOR_DEFER) != 0) { + validator->options &= ~DNS_VALIDATOR_DEFER; + validator_done(validator, ISC_R_CANCELED); + } + } } UNLOCK(&validator->lock); } diff --git a/contrib/bind9/lib/dns/view.c b/contrib/bind9/lib/dns/view.c index 54f0d26..809cc15 100644 --- a/contrib/bind9/lib/dns/view.c +++ b/contrib/bind9/lib/dns/view.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: view.c,v 1.150.84.3.10.2 2010/09/29 00:03:32 marka Exp $ */ +/* $Id: view.c,v 1.150.84.6 2010-09-24 08:09:08 marka Exp $ */ /*! \file */ diff --git a/contrib/bind9/lib/dns/zone.c b/contrib/bind9/lib/dns/zone.c index c21b1f0..108aefb 100644 --- a/contrib/bind9/lib/dns/zone.c +++ b/contrib/bind9/lib/dns/zone.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: zone.c,v 1.483.36.17 2009/12/21 04:32:42 marka Exp $ */ +/* $Id: zone.c,v 1.483.36.23 2010-12-14 00:48:22 marka Exp $ */ /*! \file */ @@ -1702,6 +1702,12 @@ zone_check_mx(dns_zone_t *zone, dns_db_t *db, dns_name_t *name, int level; /* + * "." means the services does not exist. + */ + if (dns_name_equal(name, dns_rootname)) + return (ISC_TRUE); + + /* * Outside of zone. */ if (!dns_name_issubdomain(name, &zone->origin)) { @@ -3656,6 +3662,7 @@ find_zone_keys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, isc_result_t result; dns_dbnode_t *node = NULL; const char *directory = dns_zone_getkeydirectory(zone); + CHECK(dns_db_findnode(db, dns_db_origin(db), ISC_FALSE, &node)); result = dns_dnssec_findzonekeys2(db, ver, node, dns_db_origin(db), directory, mctx, maxkeys, keys, @@ -3759,7 +3766,7 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (type != dns_rdatatype_dnskey) { result = update_one_rr(db, ver, diff, - DNS_DIFFOP_DEL, name, + DNS_DIFFOP_DELRESIGN, name, rdataset.ttl, &rdata); dns_rdata_reset(&rdata); if (result != ISC_R_SUCCESS) @@ -3801,7 +3808,7 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, break; } result = update_one_rr(db, ver, diff, - DNS_DIFFOP_DEL, + DNS_DIFFOP_DELRESIGN, name, rdataset.ttl, &rdata); break; @@ -3812,8 +3819,9 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, * delete the RRSIG. */ if (!found) - result = update_one_rr(db, ver, diff, DNS_DIFFOP_DEL, - name, rdataset.ttl, &rdata); + result = update_one_rr(db, ver, diff, + DNS_DIFFOP_DELRESIGN, name, + rdataset.ttl, &rdata); dns_rdata_reset(&rdata); if (result != ISC_R_SUCCESS) break; @@ -3877,6 +3885,7 @@ add_sigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, CHECK(update_one_rr(db, ver, diff, DNS_DIFFOP_ADDRESIGN, name, rdataset.ttl, &sig_rdata)); dns_rdata_reset(&sig_rdata); + isc_buffer_init(&buffer, data, sizeof(data)); } failure: @@ -5475,7 +5484,7 @@ del_sig(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, rrsig.keyid != keyid) continue; CHECK(update_one_rr(db, version, diff, - DNS_DIFFOP_DEL, name, + DNS_DIFFOP_DELRESIGN, name, rdataset.ttl, &rdata)); } dns_rdataset_disassociate(&rdataset); @@ -10091,6 +10100,7 @@ got_transfer_quota(isc_task_t *task, isc_event_t *event) { isc_sockaddr_t sourceaddr; isc_sockaddr_t masteraddr; isc_time_t now; + const char *soa_before = ""; UNUSED(task); @@ -10118,6 +10128,8 @@ got_transfer_quota(isc_task_t *task, isc_event_t *event) { isc_netaddr_fromsockaddr(&masterip, &zone->masteraddr); (void)dns_peerlist_peerbyaddr(zone->view->peers, &masterip, &peer); + if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_SOABEFOREAXFR)) + soa_before = "SOA before "; /* * Decide whether we should request IXFR or AXFR. */ @@ -10128,8 +10140,12 @@ got_transfer_quota(isc_task_t *task, isc_event_t *event) { xfrtype = dns_rdatatype_axfr; } else if (DNS_ZONE_OPTION(zone, DNS_ZONEOPT_IXFRFROMDIFFS)) { dns_zone_log(zone, ISC_LOG_DEBUG(1), "ixfr-from-differences " - "set, requesting AXFR from %s", master); - xfrtype = dns_rdatatype_axfr; + "set, requesting %sAXFR from %s", soa_before, + master); + if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_SOABEFOREAXFR)) + xfrtype = dns_rdatatype_soa; + else + xfrtype = dns_rdatatype_axfr; } else if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_FORCEXFER)) { dns_zone_log(zone, ISC_LOG_DEBUG(1), "forced reload, requesting AXFR of " @@ -10154,8 +10170,8 @@ got_transfer_quota(isc_task_t *task, isc_event_t *event) { } if (use_ixfr == ISC_FALSE) { dns_zone_log(zone, ISC_LOG_DEBUG(1), - "IXFR disabled, requesting AXFR from %s", - master); + "IXFR disabled, requesting %sAXFR from %s", + soa_before, master); if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_SOABEFOREAXFR)) xfrtype = dns_rdatatype_soa; else diff --git a/contrib/bind9/lib/isc/Makefile.in b/contrib/bind9/lib/isc/Makefile.in index 6fa284b..d831fcf 100644 --- a/contrib/bind9/lib/isc/Makefile.in +++ b/contrib/bind9/lib/isc/Makefile.in @@ -1,4 +1,4 @@ -# Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 1998-2003 Internet Software Consortium. # # Permission to use, copy, modify, and/or distribute this software for any @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: Makefile.in,v 1.96.50.3 2009/02/16 01:02:58 marka Exp $ +# $Id: Makefile.in,v 1.96.50.6 2010-06-09 01:52:54 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ @@ -42,8 +42,9 @@ UNIXOBJS = @ISC_ISCIPV6_O@ \ NLSOBJS = nls/msgcat.@O@ -THREADOBJS = @ISC_THREAD_DIR@/condition.@O@ @ISC_THREAD_DIR@/mutex.@O@ \ - @ISC_THREAD_DIR@/thread.@O@ +THREADOPTOBJS = @ISC_THREAD_DIR@/condition.@O@ @ISC_THREAD_DIR@/mutex.@O@ + +THREADOBJS = @THREADOPTOBJS@ @ISC_THREAD_DIR@/thread.@O@ WIN32OBJS = win32/condition.@O@ win32/dir.@O@ win32/file.@O@ \ win32/fsaccess.@O@ win32/once.@O@ win32/stdtime.@O@ \ @@ -80,6 +81,10 @@ SRCS = @ISC_EXTRA_SRCS@ \ LIBS = @LIBS@ +# Note: the order of SUBDIRS is important. +# Attempt to disable parallel processing. +.NOTPARALLEL: +.NO_PARALLEL: SUBDIRS = include unix nls @ISC_THREAD_DIR@ @ISC_ARCH_DIR@ TARGETS = timestamp diff --git a/contrib/bind9/lib/isc/api b/contrib/bind9/lib/isc/api index b765f45..e1f7b71 100644 --- a/contrib/bind9/lib/isc/api +++ b/contrib/bind9/lib/isc/api @@ -1,3 +1,3 @@ -LIBINTERFACE = 53 +LIBINTERFACE = 54 LIBREVISION = 1 -LIBAGE = 3 +LIBAGE = 4 diff --git a/contrib/bind9/lib/isc/entropy.c b/contrib/bind9/lib/isc/entropy.c index 25ab002..af8757f 100644 --- a/contrib/bind9/lib/isc/entropy.c +++ b/contrib/bind9/lib/isc/entropy.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2009, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: entropy.c,v 1.18.332.2 2009/01/18 23:47:41 tbox Exp $ */ +/* $Id: entropy.c,v 1.18.332.4 2010-08-10 23:46:54 tbox Exp $ */ /*! \file * \brief @@ -283,8 +283,11 @@ entropypool_add_word(isc_entropypool_t *rp, isc_uint32_t val) { val ^= rp->pool[(rp->cursor + TAP3) & (RND_POOLWORDS - 1)]; val ^= rp->pool[(rp->cursor + TAP4) & (RND_POOLWORDS - 1)]; val ^= rp->pool[(rp->cursor + TAP5) & (RND_POOLWORDS - 1)]; - rp->pool[rp->cursor++] ^= - ((val << rp->rotate) | (val >> (32 - rp->rotate))); + if (rp->rotate == 0) + rp->pool[rp->cursor++] ^= val; + else + rp->pool[rp->cursor++] ^= + ((val << rp->rotate) | (val >> (32 - rp->rotate))); /* * If we have looped around the pool, increment the rotate diff --git a/contrib/bind9/lib/isc/include/isc/mem.h b/contrib/bind9/lib/isc/include/isc/mem.h index b49d440..d13d912 100644 --- a/contrib/bind9/lib/isc/include/isc/mem.h +++ b/contrib/bind9/lib/isc/include/isc/mem.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: mem.h,v 1.78.120.3.24.2 2010/08/12 23:46:25 tbox Exp $ */ +/* $Id: mem.h,v 1.78.120.6 2010-08-11 23:04:21 jinmei Exp $ */ #ifndef ISC_MEM_H #define ISC_MEM_H 1 @@ -121,7 +121,7 @@ LIBISC_EXTERNAL_DATA extern unsigned int isc_mem_debugging; #if ISC_MEM_TRACKLINES #define _ISC_MEM_FILELINE , __FILE__, __LINE__ -#define _ISC_MEM_FLARG , const char *, int +#define _ISC_MEM_FLARG , const char *, unsigned int #else #define _ISC_MEM_FILELINE #define _ISC_MEM_FLARG diff --git a/contrib/bind9/lib/isc/include/isc/platform.h.in b/contrib/bind9/lib/isc/include/isc/platform.h.in index 1ed76b8..99c887b 100644 --- a/contrib/bind9/lib/isc/include/isc/platform.h.in +++ b/contrib/bind9/lib/isc/include/isc/platform.h.in @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: platform.h.in,v 1.48.84.2 2009/02/16 23:47:15 tbox Exp $ */ +/* $Id: platform.h.in,v 1.48.84.4 2010-06-03 23:47:49 tbox Exp $ */ #ifndef ISC_PLATFORM_H #define ISC_PLATFORM_H 1 @@ -215,6 +215,12 @@ @ISC_PLATFORM_GSSAPIHEADER@ /* + * Defined to <krb5.h> or <krb5/krb5.h> for how to include + * the KRB5 header. + */ +@ISC_PLATFORM_KRB5HEADER@ + +/* * Type used for resource limits. */ @ISC_PLATFORM_RLIMITTYPE@ diff --git a/contrib/bind9/lib/isc/include/isc/task.h b/contrib/bind9/lib/isc/include/isc/task.h index 8106571..a8c7569 100644 --- a/contrib/bind9/lib/isc/include/isc/task.h +++ b/contrib/bind9/lib/isc/include/isc/task.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2009, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: task.h,v 1.61.332.2 2009/01/18 23:47:41 tbox Exp $ */ +/* $Id: task.h,v 1.61.332.4 2010-12-03 23:45:47 tbox Exp $ */ #ifndef ISC_TASK_H #define ISC_TASK_H 1 @@ -535,6 +535,16 @@ isc_task_getcurrenttime(isc_task_t *task, isc_stdtime_t *t); *\li '*t' has the "current time". */ +isc_boolean_t +isc_task_exiting(isc_task_t *t); +/*%< + * Returns ISC_TRUE if the task is in the process of shutting down, + * ISC_FALSE otherwise. + * + * Requires: + *\li 'task' is a valid task. + */ + /***** ***** Task Manager. *****/ diff --git a/contrib/bind9/lib/isc/mem.c b/contrib/bind9/lib/isc/mem.c index 59f5924..aeacfc0 100644 --- a/contrib/bind9/lib/isc/mem.c +++ b/contrib/bind9/lib/isc/mem.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: mem.c,v 1.145.120.4.24.2 2010/08/12 23:46:25 tbox Exp $ */ +/* $Id: mem.c,v 1.145.120.9 2010-08-11 23:45:49 tbox Exp $ */ /*! \file */ @@ -72,7 +72,7 @@ struct debuglink { }; #define FLARG_PASS , file, line -#define FLARG , const char *file, int line +#define FLARG , const char *file, unsigned int line #else #define FLARG_PASS #define FLARG @@ -221,6 +221,7 @@ add_trace_entry(isc_mem_t *mctx, const void *ptr, unsigned int size { debuglink_t *dl; unsigned int i; + unsigned int mysize = size; if ((isc_mem_debugging & ISC_MEM_DEBUGTRACE) != 0) fprintf(stderr, isc_msgcat_get(isc_msgcat, ISC_MSGSET_MEM, @@ -232,10 +233,10 @@ add_trace_entry(isc_mem_t *mctx, const void *ptr, unsigned int size if (mctx->debuglist == NULL) return; - if (size > mctx->max_size) - size = mctx->max_size; + if (mysize > mctx->max_size) + mysize = mctx->max_size; - dl = ISC_LIST_HEAD(mctx->debuglist[size]); + dl = ISC_LIST_HEAD(mctx->debuglist[mysize]); while (dl != NULL) { if (dl->count == DEBUGLIST_COUNT) goto next; @@ -270,7 +271,7 @@ add_trace_entry(isc_mem_t *mctx, const void *ptr, unsigned int size dl->line[0] = line; dl->count = 1; - ISC_LIST_PREPEND(mctx->debuglist[size], dl, link); + ISC_LIST_PREPEND(mctx->debuglist[mysize], dl, link); mctx->debuglistcnt++; } @@ -877,13 +878,13 @@ destroy(isc_mem_t *ctx) { unsigned int i; isc_ondestroy_t ondest; - ctx->magic = 0; - LOCK(&lock); ISC_LIST_UNLINK(contexts, ctx, link); totallost += ctx->inuse; UNLOCK(&lock); + ctx->magic = 0; + INSIST(ISC_LIST_EMPTY(ctx->pools)); #if ISC_MEM_TRACKLINES diff --git a/contrib/bind9/lib/isc/nothreads/Makefile.in b/contrib/bind9/lib/isc/nothreads/Makefile.in index 75a2cb5..042cfce 100644 --- a/contrib/bind9/lib/isc/nothreads/Makefile.in +++ b/contrib/bind9/lib/isc/nothreads/Makefile.in @@ -1,4 +1,4 @@ -# Copyright (C) 2004, 2007 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004, 2007, 2010 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 2000, 2001 Internet Software Consortium. # # Permission to use, copy, modify, and/or distribute this software for any @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: Makefile.in,v 1.7 2007/06/19 23:47:18 tbox Exp $ +# $Id: Makefile.in,v 1.7.332.2 2010-06-09 23:48:16 tbox Exp $ srcdir = @srcdir@ VPATH = @srcdir@ @@ -28,9 +28,11 @@ CINCLUDES = -I${srcdir}/include \ CDEFINES = CWARNINGS = -OBJS = condition.@O@ mutex.@O@ thread.@O@ +THREADOPTOBJS = condition.@O@ mutex.@O@ +OBJS = @THREADOPTOBJS@ thread.@O@ -SRCS = condition.c mutex.c thread.c +THREADOPTSRCS = condition.c mutex.c +SRCS = @THREADOPTSRCS@ thread.c SUBDIRS = include TARGETS = ${OBJS} diff --git a/contrib/bind9/lib/isc/print.c b/contrib/bind9/lib/isc/print.c index 6b98195..5d800f3 100644 --- a/contrib/bind9/lib/isc/print.c +++ b/contrib/bind9/lib/isc/print.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: print.c,v 1.35.418.2 2010/10/18 23:46:34 tbox Exp $ */ +/* $Id: print.c,v 1.35.130.2 2010-10-18 23:46:17 tbox Exp $ */ /*! \file */ diff --git a/contrib/bind9/lib/isc/pthreads/mutex.c b/contrib/bind9/lib/isc/pthreads/mutex.c index b57d9ee..efe38db 100644 --- a/contrib/bind9/lib/isc/pthreads/mutex.c +++ b/contrib/bind9/lib/isc/pthreads/mutex.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2008, 2011 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: mutex.c,v 1.16 2008/04/04 23:47:01 tbox Exp $ */ +/* $Id: mutex.c,v 1.16.112.2 2011-01-04 23:45:43 tbox Exp $ */ /*! \file */ @@ -234,10 +234,13 @@ isc_mutex_init_errcheck(isc_mutex_t *mp) if (pthread_mutexattr_init(&attr) != 0) return (ISC_R_UNEXPECTED); - if (pthread_mutexattr_settype(&attr, PTHREAD_MUTEX_ERRORCHECK) != 0) + if (pthread_mutexattr_settype(&attr, PTHREAD_MUTEX_ERRORCHECK) != 0) { + pthread_mutexattr_destroy(&attr); return (ISC_R_UNEXPECTED); + } err = pthread_mutex_init(mp, &attr) != 0) + pthread_mutexattr_destroy(&attr); if (err == ENOMEM) return (ISC_R_NOMEMORY); return ((err == 0) ? ISC_R_SUCCESS : ISC_R_UNEXPECTED); diff --git a/contrib/bind9/lib/isc/task.c b/contrib/bind9/lib/isc/task.c index a630173..5d87f21 100644 --- a/contrib/bind9/lib/isc/task.c +++ b/contrib/bind9/lib/isc/task.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: task.c,v 1.107 2008/03/27 23:46:57 tbox Exp $ */ +/* $Id: task.c,v 1.107.120.2 2010-12-03 23:45:47 tbox Exp $ */ /*! \file * \author Principal Author: Bob Halley @@ -1292,8 +1292,15 @@ isc_task_endexclusive(isc_task_t *task) { #endif } -#ifdef HAVE_LIBXML2 +isc_boolean_t +isc_task_exiting(isc_task_t *t) { + isc_task_t *task = (isc_task_t *)t; + + REQUIRE(VALID_TASK(task)); + return (TASK_SHUTTINGDOWN(task)); +} +#ifdef HAVE_LIBXML2 void isc_taskmgr_renderxml(isc_taskmgr_t *mgr, xmlTextWriterPtr writer) { diff --git a/contrib/bind9/lib/isc/unix/socket.c b/contrib/bind9/lib/isc/unix/socket.c index 004a038..055e883 100644 --- a/contrib/bind9/lib/isc/unix/socket.c +++ b/contrib/bind9/lib/isc/unix/socket.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: socket.c,v 1.308.12.12 2010/01/31 23:47:31 tbox Exp $ */ +/* $Id: socket.c,v 1.308.12.17 2010-12-22 03:28:13 marka Exp $ */ /*! \file */ @@ -67,7 +67,11 @@ #include <sys/epoll.h> #endif #ifdef ISC_PLATFORM_HAVEDEVPOLL +#if defined(HAVE_SYS_DEVPOLL_H) #include <sys/devpoll.h> +#elif defined(HAVE_DEVPOLL_H) +#include <devpoll.h> +#endif #endif #include "errno2result.h" @@ -652,6 +656,7 @@ watch_fd(isc_socketmgr_t *manager, int fd, int msg) { event.events = EPOLLIN; else event.events = EPOLLOUT; + memset(&event.data, 0, sizeof(event.data)); event.data.fd = fd; if (epoll_ctl(manager->epoll_fd, EPOLL_CTL_ADD, fd, &event) == -1 && errno != EEXIST) { @@ -719,6 +724,7 @@ unwatch_fd(isc_socketmgr_t *manager, int fd, int msg) { event.events = EPOLLIN; else event.events = EPOLLOUT; + memset(&event.data, 0, sizeof(event.data)); event.data.fd = fd; if (epoll_ctl(manager->epoll_fd, EPOLL_CTL_DEL, fd, &event) == -1 && errno != ENOENT) { @@ -2232,6 +2238,26 @@ opensocket(isc_socketmgr_t *manager, isc_socket_t *sock) { (void *)&on, sizeof(on)); } #endif +#if defined(IPV6_MTU) + /* + * Use minimum MTU on IPv6 sockets. + */ + if (sock->pf == AF_INET6) { + int mtu = 1280; + (void)setsockopt(sock->fd, IPPROTO_IPV6, IPV6_MTU, + &mtu, sizeof(mtu)); + } +#endif +#if defined(IPV6_MTU_DISCOVER) && defined(IPV6_PMTUDISC_DONT) + /* + * Turn off Path MTU discovery on IPv6/UDP sockets. + */ + if (sock->pf == AF_INET6) { + int action = IPV6_PMTUDISC_DONT; + (void)setsockopt(sock->fd, IPPROTO_IPV6, IPV6_MTU_DISCOVER, + &action, sizeof(action)); + } +#endif #endif /* ISC_PLATFORM_HAVEIPV6 */ #endif /* defined(USE_CMSG) */ @@ -4712,9 +4738,16 @@ isc_socket_bind(isc_socket_t *sock, isc_sockaddr_t *sockaddr, return (ISC_R_SUCCESS); } +/* + * Enable this only for specific OS versions, and only when they have repaired + * their problems with it. Until then, this is is broken and needs to be + * diabled by default. See RT22589 for details. + */ +#undef ENABLE_ACCEPTFILTER + isc_result_t isc_socket_filter(isc_socket_t *sock, const char *filter) { -#ifdef SO_ACCEPTFILTER +#if defined(SO_ACCEPTFILTER) && defined(ENABLE_ACCEPTFILTER) char strbuf[ISC_STRERRORSIZE]; struct accept_filter_arg afa; #else @@ -4724,7 +4757,7 @@ isc_socket_filter(isc_socket_t *sock, const char *filter) { REQUIRE(VALID_SOCKET(sock)); -#ifdef SO_ACCEPTFILTER +#if defined(SO_ACCEPTFILTER) && defined(ENABLE_ACCEPTFILTER) bzero(&afa, sizeof(afa)); strncpy(afa.af_name, filter, sizeof(afa.af_name)); if (setsockopt(sock->fd, SOL_SOCKET, SO_ACCEPTFILTER, @@ -4829,6 +4862,12 @@ isc_socket_accept(isc_socket_t *sock, * Attach to socket and to task. */ isc_task_attach(task, &ntask); + if (isc_task_exiting(ntask)) { + isc_task_detach(&ntask); + isc_event_free(ISC_EVENT_PTR(&dev)); + UNLOCK(&sock->lock); + return (ISC_R_SHUTTINGDOWN); + } nsock->references++; nsock->statsindex = sock->statsindex; diff --git a/contrib/bind9/lib/isccfg/api b/contrib/bind9/lib/isccfg/api index 2240cdd..fbbf923 100644 --- a/contrib/bind9/lib/isccfg/api +++ b/contrib/bind9/lib/isccfg/api @@ -1,3 +1,3 @@ LIBINTERFACE = 50 -LIBREVISION = 1 +LIBREVISION = 3 LIBAGE = 0 diff --git a/contrib/bind9/lib/isccfg/namedconf.c b/contrib/bind9/lib/isccfg/namedconf.c index 0610489..f291507 100644 --- a/contrib/bind9/lib/isccfg/namedconf.c +++ b/contrib/bind9/lib/isccfg/namedconf.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2002, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: namedconf.c,v 1.92 2008/09/27 23:35:31 jinmei Exp $ */ +/* $Id: namedconf.c,v 1.92.44.2 2010-05-13 23:47:49 tbox Exp $ */ /*! \file */ @@ -464,7 +464,7 @@ static cfg_type_t cfg_type_transferformat = { static void print_none(cfg_printer_t *pctx, const cfg_obj_t *obj) { UNUSED(obj); - cfg_print_chars(pctx, "none", 4); + cfg_print_cstr(pctx, "none"); } static cfg_type_t cfg_type_none = { @@ -492,7 +492,7 @@ parse_qstringornone(cfg_parser_t *pctx, const cfg_type_t *type, static void doc_qstringornone(cfg_printer_t *pctx, const cfg_type_t *type) { UNUSED(type); - cfg_print_chars(pctx, "( <quoted_string> | none )", 26); + cfg_print_cstr(pctx, "( <quoted_string> | none )"); } static cfg_type_t cfg_type_qstringornone = { @@ -505,7 +505,7 @@ static cfg_type_t cfg_type_qstringornone = { static void print_hostname(cfg_printer_t *pctx, const cfg_obj_t *obj) { UNUSED(obj); - cfg_print_chars(pctx, "hostname", 4); + cfg_print_cstr(pctx, "hostname"); } static cfg_type_t cfg_type_hostname = { @@ -538,7 +538,7 @@ parse_serverid(cfg_parser_t *pctx, const cfg_type_t *type, static void doc_serverid(cfg_printer_t *pctx, const cfg_type_t *type) { UNUSED(type); - cfg_print_chars(pctx, "( <quoted_string> | none | hostname )", 26); + cfg_print_cstr(pctx, "( <quoted_string> | none | hostname )"); } static cfg_type_t cfg_type_serverid = { @@ -887,7 +887,7 @@ parse_optional_uint32(cfg_parser_t *pctx, const cfg_type_t *type, static void doc_optional_uint32(cfg_printer_t *pctx, const cfg_type_t *type) { UNUSED(type); - cfg_print_chars(pctx, "[ <integer> ]", 13); + cfg_print_cstr(pctx, "[ <integer> ]"); } static cfg_type_t cfg_type_optional_uint32 = { @@ -1626,9 +1626,9 @@ static void print_querysource(cfg_printer_t *pctx, const cfg_obj_t *obj) { isc_netaddr_t na; isc_netaddr_fromsockaddr(&na, &obj->value.sockaddr); - cfg_print_chars(pctx, "address ", 8); + cfg_print_cstr(pctx, "address "); cfg_print_rawaddr(pctx, &na); - cfg_print_chars(pctx, " port ", 6); + cfg_print_cstr(pctx, " port "); cfg_print_rawuint(pctx, isc_sockaddr_getport(&obj->value.sockaddr)); } @@ -1926,11 +1926,11 @@ static void print_logfile(cfg_printer_t *pctx, const cfg_obj_t *obj) { cfg_print_obj(pctx, obj->value.tuple[0]); /* file */ if (obj->value.tuple[1]->type->print != cfg_print_void) { - cfg_print_chars(pctx, " versions ", 10); + cfg_print_cstr(pctx, " versions "); cfg_print_obj(pctx, obj->value.tuple[1]); } if (obj->value.tuple[2]->type->print != cfg_print_void) { - cfg_print_chars(pctx, " size ", 6); + cfg_print_cstr(pctx, " size "); cfg_print_obj(pctx, obj->value.tuple[2]); } } diff --git a/contrib/bind9/lib/lwres/man/lwres.html b/contrib/bind9/lib/lwres/man/lwres.html index f7f3a9f..3844c01 100644 --- a/contrib/bind9/lib/lwres/man/lwres.html +++ b/contrib/bind9/lib/lwres/man/lwres.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres.html,v 1.23.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres.html,v 1.23.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres — introduction to the lightweight resolver library</p> @@ -32,7 +32,7 @@ <div class="funcsynopsis"><pre class="funcsynopsisinfo">#include <lwres/lwres.h></pre></div> </div> <div class="refsect1" lang="en"> -<a name="id2543346"></a><h2>DESCRIPTION</h2> +<a name="id2543348"></a><h2>DESCRIPTION</h2> <p> The BIND 9 lightweight resolver library is a simple, name service independent stub resolver library. It provides hostname-to-address @@ -47,7 +47,7 @@ </p> </div> <div class="refsect1" lang="en"> -<a name="id2543358"></a><h2>OVERVIEW</h2> +<a name="id2543361"></a><h2>OVERVIEW</h2> <p> The lwresd library implements multiple name service APIs. The standard @@ -101,7 +101,7 @@ </p> </div> <div class="refsect1" lang="en"> -<a name="id2543422"></a><h2>CLIENT-SIDE LOW-LEVEL API CALL FLOW</h2> +<a name="id2543425"></a><h2>CLIENT-SIDE LOW-LEVEL API CALL FLOW</h2> <p> When a client program wishes to make an lwres request using the native low-level API, it typically performs the following @@ -149,7 +149,7 @@ </p> </div> <div class="refsect1" lang="en"> -<a name="id2543571"></a><h2>SERVER-SIDE LOW-LEVEL API CALL FLOW</h2> +<a name="id2543573"></a><h2>SERVER-SIDE LOW-LEVEL API CALL FLOW</h2> <p> When implementing the server side of the lightweight resolver protocol using the lwres library, a sequence of actions like the @@ -191,7 +191,7 @@ <p></p> </div> <div class="refsect1" lang="en"> -<a name="id2543654"></a><h2>SEE ALSO</h2> +<a name="id2543656"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">lwres_gethostent</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">lwres_getipnode</span>(3)</span>, diff --git a/contrib/bind9/lib/lwres/man/lwres_buffer.html b/contrib/bind9/lib/lwres/man/lwres_buffer.html index 042e158..7f3934a 100644 --- a/contrib/bind9/lib/lwres/man/lwres_buffer.html +++ b/contrib/bind9/lib/lwres/man/lwres_buffer.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_buffer.html,v 1.21.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_buffer.html,v 1.21.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_buffer_init, lwres_buffer_invalidate, lwres_buffer_add, lwres_buffer_subtract, lwres_buffer_clear, lwres_buffer_first, lwres_buffer_forward, lwres_buffer_back, lwres_buffer_getuint8, lwres_buffer_putuint8, lwres_buffer_getuint16, lwres_buffer_putuint16, lwres_buffer_getuint32, lwres_buffer_putuint32, lwres_buffer_putmem, lwres_buffer_getmem — lightweight resolver buffer management</p> @@ -262,7 +262,7 @@ void </div> </div> <div class="refsect1" lang="en"> -<a name="id2543890"></a><h2>DESCRIPTION</h2> +<a name="id2543892"></a><h2>DESCRIPTION</h2> <p> These functions provide bounds checked access to a region of memory where data is being read or written. diff --git a/contrib/bind9/lib/lwres/man/lwres_config.html b/contrib/bind9/lib/lwres/man/lwres_config.html index aad6768..2cee5ef 100644 --- a/contrib/bind9/lib/lwres/man/lwres_config.html +++ b/contrib/bind9/lib/lwres/man/lwres_config.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_config.html,v 1.22.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_config.html,v 1.22.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_conf_init, lwres_conf_clear, lwres_conf_parse, lwres_conf_print, lwres_conf_get — lightweight resolver configuration</p> @@ -90,7 +90,7 @@ lwres_conf_t * </div> </div> <div class="refsect1" lang="en"> -<a name="id2543438"></a><h2>DESCRIPTION</h2> +<a name="id2543441"></a><h2>DESCRIPTION</h2> <p><code class="function">lwres_conf_init()</code> creates an empty <span class="type">lwres_conf_t</span> @@ -123,7 +123,7 @@ lwres_conf_t * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543506"></a><h2>RETURN VALUES</h2> +<a name="id2543508"></a><h2>RETURN VALUES</h2> <p><code class="function">lwres_conf_parse()</code> returns <span class="errorcode">LWRES_R_SUCCESS</span> if it successfully read and parsed @@ -142,13 +142,13 @@ lwres_conf_t * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543543"></a><h2>SEE ALSO</h2> +<a name="id2543545"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">stdio</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">resolver</span>(5)</span>. </p> </div> <div class="refsect1" lang="en"> -<a name="id2543569"></a><h2>FILES</h2> +<a name="id2543571"></a><h2>FILES</h2> <p><code class="filename">/etc/resolv.conf</code> </p> </div> diff --git a/contrib/bind9/lib/lwres/man/lwres_context.html b/contrib/bind9/lib/lwres/man/lwres_context.html index 3635b9c..d525a4b 100644 --- a/contrib/bind9/lib/lwres/man/lwres_context.html +++ b/contrib/bind9/lib/lwres/man/lwres_context.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_context.html,v 1.23.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_context.html,v 1.23.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_context_create, lwres_context_destroy, lwres_context_nextserial, lwres_context_initserial, lwres_context_freemem, lwres_context_allocmem, lwres_context_sendrecv — lightweight resolver context management</p> @@ -172,7 +172,7 @@ void * </div> </div> <div class="refsect1" lang="en"> -<a name="id2543529"></a><h2>DESCRIPTION</h2> +<a name="id2543531"></a><h2>DESCRIPTION</h2> <p><code class="function">lwres_context_create()</code> creates a <span class="type">lwres_context_t</span> structure for use in lightweight resolver operations. It holds a socket and other @@ -258,7 +258,7 @@ void * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543717"></a><h2>RETURN VALUES</h2> +<a name="id2543719"></a><h2>RETURN VALUES</h2> <p><code class="function">lwres_context_create()</code> returns <span class="errorcode">LWRES_R_NOMEMORY</span> if memory for the <span class="type">struct lwres_context</span> could not be allocated, @@ -283,7 +283,7 @@ void * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543767"></a><h2>SEE ALSO</h2> +<a name="id2543769"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">lwres_conf_init</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">malloc</span>(3)</span>, diff --git a/contrib/bind9/lib/lwres/man/lwres_gabn.html b/contrib/bind9/lib/lwres/man/lwres_gabn.html index 2b6ba85..b69f432 100644 --- a/contrib/bind9/lib/lwres/man/lwres_gabn.html +++ b/contrib/bind9/lib/lwres/man/lwres_gabn.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_gabn.html,v 1.24.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_gabn.html,v 1.24.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_gabnrequest_render, lwres_gabnresponse_render, lwres_gabnrequest_parse, lwres_gabnresponse_parse, lwres_gabnresponse_free, lwres_gabnrequest_free — lightweight resolver getaddrbyname message handling</p> @@ -178,7 +178,7 @@ void </div> </div> <div class="refsect1" lang="en"> -<a name="id2543520"></a><h2>DESCRIPTION</h2> +<a name="id2543522"></a><h2>DESCRIPTION</h2> <p> These are low-level routines for creating and parsing lightweight resolver name-to-address lookup request and @@ -278,7 +278,7 @@ typedef struct { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543665"></a><h2>RETURN VALUES</h2> +<a name="id2543667"></a><h2>RETURN VALUES</h2> <p> The getaddrbyname opcode functions <code class="function">lwres_gabnrequest_render()</code>, @@ -316,7 +316,7 @@ typedef struct { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543731"></a><h2>SEE ALSO</h2> +<a name="id2543733"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">lwres_packet</span>(3)</span> </p> </div> diff --git a/contrib/bind9/lib/lwres/man/lwres_gai_strerror.html b/contrib/bind9/lib/lwres/man/lwres_gai_strerror.html index 393efeb..616eebe 100644 --- a/contrib/bind9/lib/lwres/man/lwres_gai_strerror.html +++ b/contrib/bind9/lib/lwres/man/lwres_gai_strerror.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_gai_strerror.html,v 1.24.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_gai_strerror.html,v 1.24.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_gai_strerror — print suitable error string</p> @@ -42,7 +42,7 @@ char * </div> </div> <div class="refsect1" lang="en"> -<a name="id2543358"></a><h2>DESCRIPTION</h2> +<a name="id2543361"></a><h2>DESCRIPTION</h2> <p><code class="function">lwres_gai_strerror()</code> returns an error message corresponding to an error code returned by <code class="function">getaddrinfo()</code>. @@ -110,7 +110,7 @@ char * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543574"></a><h2>SEE ALSO</h2> +<a name="id2543576"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">strerror</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">lwres_getaddrinfo</span>(3)</span>, diff --git a/contrib/bind9/lib/lwres/man/lwres_getaddrinfo.html b/contrib/bind9/lib/lwres/man/lwres_getaddrinfo.html index ef5cd40..013e878 100644 --- a/contrib/bind9/lib/lwres/man/lwres_getaddrinfo.html +++ b/contrib/bind9/lib/lwres/man/lwres_getaddrinfo.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_getaddrinfo.html,v 1.27.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_getaddrinfo.html,v 1.27.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_getaddrinfo, lwres_freeaddrinfo — socket address structure to host and service name</p> @@ -89,7 +89,7 @@ struct addrinfo { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543410"></a><h2>DESCRIPTION</h2> +<a name="id2543412"></a><h2>DESCRIPTION</h2> <p><code class="function">lwres_getaddrinfo()</code> is used to get a list of IP addresses and port numbers for host <em class="parameter"><code>hostname</code></em> and service @@ -283,7 +283,7 @@ struct addrinfo { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543787"></a><h2>RETURN VALUES</h2> +<a name="id2543789"></a><h2>RETURN VALUES</h2> <p><code class="function">lwres_getaddrinfo()</code> returns zero on success or one of the error codes listed in <span class="citerefentry"><span class="refentrytitle">gai_strerror</span>(3)</span> @@ -294,7 +294,7 @@ struct addrinfo { </p> </div> <div class="refsect1" lang="en"> -<a name="id2542118"></a><h2>SEE ALSO</h2> +<a name="id2543827"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">lwres_getaddrinfo</span>(3)</span>, diff --git a/contrib/bind9/lib/lwres/man/lwres_gethostent.html b/contrib/bind9/lib/lwres/man/lwres_gethostent.html index 7f6a6ad..fd27dcf 100644 --- a/contrib/bind9/lib/lwres/man/lwres_gethostent.html +++ b/contrib/bind9/lib/lwres/man/lwres_gethostent.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_gethostent.html,v 1.24.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_gethostent.html,v 1.24.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_gethostbyname, lwres_gethostbyname2, lwres_gethostbyaddr, lwres_gethostent, lwres_sethostent, lwres_endhostent, lwres_gethostbyname_r, lwres_gethostbyaddr_r, lwres_gethostent_r, lwres_sethostent_r, lwres_endhostent_r — lightweight resolver get network host entry</p> @@ -228,7 +228,7 @@ void </div> </div> <div class="refsect1" lang="en"> -<a name="id2543606"></a><h2>DESCRIPTION</h2> +<a name="id2543608"></a><h2>DESCRIPTION</h2> <p> These functions provide hostname-to-address and address-to-hostname lookups by means of the lightweight resolver. @@ -366,7 +366,7 @@ struct hostent { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543957"></a><h2>RETURN VALUES</h2> +<a name="id2543959"></a><h2>RETURN VALUES</h2> <p> The functions <code class="function">lwres_gethostbyname()</code>, @@ -430,7 +430,7 @@ struct hostent { </p> </div> <div class="refsect1" lang="en"> -<a name="id2544190"></a><h2>SEE ALSO</h2> +<a name="id2544193"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">gethostent</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">lwres_getipnode</span>(3)</span>, @@ -439,7 +439,7 @@ struct hostent { </p> </div> <div class="refsect1" lang="en"> -<a name="id2544225"></a><h2>BUGS</h2> +<a name="id2544227"></a><h2>BUGS</h2> <p><code class="function">lwres_gethostbyname()</code>, <code class="function">lwres_gethostbyname2()</code>, <code class="function">lwres_gethostbyaddr()</code> diff --git a/contrib/bind9/lib/lwres/man/lwres_getipnode.html b/contrib/bind9/lib/lwres/man/lwres_getipnode.html index f20240e..20c6d30 100644 --- a/contrib/bind9/lib/lwres/man/lwres_getipnode.html +++ b/contrib/bind9/lib/lwres/man/lwres_getipnode.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_getipnode.html,v 1.25.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_getipnode.html,v 1.25.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_getipnodebyname, lwres_getipnodebyaddr, lwres_freehostent — lightweight resolver nodename / address translation API</p> @@ -98,7 +98,7 @@ void </div> </div> <div class="refsect1" lang="en"> -<a name="id2543429"></a><h2>DESCRIPTION</h2> +<a name="id2543431"></a><h2>DESCRIPTION</h2> <p> These functions perform thread safe, protocol independent nodename-to-address and address-to-nodename @@ -217,7 +217,7 @@ struct hostent { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543687"></a><h2>RETURN VALUES</h2> +<a name="id2543689"></a><h2>RETURN VALUES</h2> <p> If an error occurs, <code class="function">lwres_getipnodebyname()</code> @@ -261,7 +261,7 @@ struct hostent { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543784"></a><h2>SEE ALSO</h2> +<a name="id2543786"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">RFC2553</span></span>, <span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>, diff --git a/contrib/bind9/lib/lwres/man/lwres_getnameinfo.html b/contrib/bind9/lib/lwres/man/lwres_getnameinfo.html index 88215dd..fb7837f 100644 --- a/contrib/bind9/lib/lwres/man/lwres_getnameinfo.html +++ b/contrib/bind9/lib/lwres/man/lwres_getnameinfo.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_getnameinfo.html,v 1.23.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_getnameinfo.html,v 1.23.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_getnameinfo — lightweight resolver socket address structure to hostname and @@ -82,7 +82,7 @@ int </div> </div> <div class="refsect1" lang="en"> -<a name="id2543390"></a><h2>DESCRIPTION</h2> +<a name="id2543393"></a><h2>DESCRIPTION</h2> <p> This function is equivalent to the <span class="citerefentry"><span class="refentrytitle">getnameinfo</span>(3)</span> function defined in RFC2133. @@ -149,13 +149,13 @@ int </p> </div> <div class="refsect1" lang="en"> -<a name="id2543532"></a><h2>RETURN VALUES</h2> +<a name="id2543534"></a><h2>RETURN VALUES</h2> <p><code class="function">lwres_getnameinfo()</code> returns 0 on success or a non-zero error code if an error occurs. </p> </div> <div class="refsect1" lang="en"> -<a name="id2543544"></a><h2>SEE ALSO</h2> +<a name="id2543546"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">RFC2133</span></span>, <span class="citerefentry"><span class="refentrytitle">getservbyport</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>, @@ -165,7 +165,7 @@ int </p> </div> <div class="refsect1" lang="en"> -<a name="id2543602"></a><h2>BUGS</h2> +<a name="id2543604"></a><h2>BUGS</h2> <p> RFC2133 fails to define what the nonzero return values of <span class="citerefentry"><span class="refentrytitle">getnameinfo</span>(3)</span> diff --git a/contrib/bind9/lib/lwres/man/lwres_getrrsetbyname.html b/contrib/bind9/lib/lwres/man/lwres_getrrsetbyname.html index 8715e5f..9d9dc04 100644 --- a/contrib/bind9/lib/lwres/man/lwres_getrrsetbyname.html +++ b/contrib/bind9/lib/lwres/man/lwres_getrrsetbyname.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_getrrsetbyname.html,v 1.23.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_getrrsetbyname.html,v 1.23.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_getrrsetbyname, lwres_freerrset — retrieve DNS records</p> @@ -102,7 +102,7 @@ struct rrsetinfo { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543412"></a><h2>DESCRIPTION</h2> +<a name="id2543414"></a><h2>DESCRIPTION</h2> <p><code class="function">lwres_getrrsetbyname()</code> gets a set of resource records associated with a <em class="parameter"><code>hostname</code></em>, <em class="parameter"><code>class</code></em>, @@ -150,7 +150,7 @@ struct rrsetinfo { <p></p> </div> <div class="refsect1" lang="en"> -<a name="id2543524"></a><h2>RETURN VALUES</h2> +<a name="id2543526"></a><h2>RETURN VALUES</h2> <p><code class="function">lwres_getrrsetbyname()</code> returns zero on success, and one of the following error codes if an error occurred: @@ -184,7 +184,7 @@ struct rrsetinfo { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543624"></a><h2>SEE ALSO</h2> +<a name="id2543626"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>. </p> </div> diff --git a/contrib/bind9/lib/lwres/man/lwres_gnba.html b/contrib/bind9/lib/lwres/man/lwres_gnba.html index 476fd1f..158f4d0 100644 --- a/contrib/bind9/lib/lwres/man/lwres_gnba.html +++ b/contrib/bind9/lib/lwres/man/lwres_gnba.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_gnba.html,v 1.24.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_gnba.html,v 1.24.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_gnbarequest_render, lwres_gnbaresponse_render, lwres_gnbarequest_parse, lwres_gnbaresponse_parse, lwres_gnbaresponse_free, lwres_gnbarequest_free — lightweight resolver getnamebyaddress message handling</p> @@ -183,7 +183,7 @@ void </div> </div> <div class="refsect1" lang="en"> -<a name="id2543523"></a><h2>DESCRIPTION</h2> +<a name="id2543525"></a><h2>DESCRIPTION</h2> <p> These are low-level routines for creating and parsing lightweight resolver address-to-name lookup request and @@ -270,7 +270,7 @@ typedef struct { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543662"></a><h2>RETURN VALUES</h2> +<a name="id2543665"></a><h2>RETURN VALUES</h2> <p> The getnamebyaddr opcode functions <code class="function">lwres_gnbarequest_render()</code>, @@ -308,7 +308,7 @@ typedef struct { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543729"></a><h2>SEE ALSO</h2> +<a name="id2543731"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">lwres_packet</span>(3)</span>. </p> </div> diff --git a/contrib/bind9/lib/lwres/man/lwres_hstrerror.html b/contrib/bind9/lib/lwres/man/lwres_hstrerror.html index 2e77451..d5d25ec 100644 --- a/contrib/bind9/lib/lwres/man/lwres_hstrerror.html +++ b/contrib/bind9/lib/lwres/man/lwres_hstrerror.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_hstrerror.html,v 1.23.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_hstrerror.html,v 1.23.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_herror, lwres_hstrerror — lightweight resolver error message generation</p> @@ -50,7 +50,7 @@ const char * </div> </div> <div class="refsect1" lang="en"> -<a name="id2543377"></a><h2>DESCRIPTION</h2> +<a name="id2543379"></a><h2>DESCRIPTION</h2> <p><code class="function">lwres_herror()</code> prints the string <em class="parameter"><code>s</code></em> on <span class="type">stderr</span> followed by the string generated by @@ -84,7 +84,7 @@ const char * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543495"></a><h2>RETURN VALUES</h2> +<a name="id2543497"></a><h2>RETURN VALUES</h2> <p> The string <span class="errorname">Unknown resolver error</span> is returned by <code class="function">lwres_hstrerror()</code> @@ -94,7 +94,7 @@ const char * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543515"></a><h2>SEE ALSO</h2> +<a name="id2543517"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">herror</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">lwres_hstrerror</span>(3)</span>. diff --git a/contrib/bind9/lib/lwres/man/lwres_inetntop.html b/contrib/bind9/lib/lwres/man/lwres_inetntop.html index 4358c1b..8467e4b 100644 --- a/contrib/bind9/lib/lwres/man/lwres_inetntop.html +++ b/contrib/bind9/lib/lwres/man/lwres_inetntop.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_inetntop.html,v 1.23.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_inetntop.html,v 1.23.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_net_ntop — lightweight resolver IP address presentation</p> @@ -62,7 +62,7 @@ const char * </div> </div> <div class="refsect1" lang="en"> -<a name="id2543377"></a><h2>DESCRIPTION</h2> +<a name="id2543379"></a><h2>DESCRIPTION</h2> <p><code class="function">lwres_net_ntop()</code> converts an IP address of protocol family <em class="parameter"><code>af</code></em> — IPv4 or IPv6 — at @@ -80,7 +80,7 @@ const char * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543409"></a><h2>RETURN VALUES</h2> +<a name="id2543411"></a><h2>RETURN VALUES</h2> <p> If successful, the function returns <em class="parameter"><code>dst</code></em>: a pointer to a string containing the presentation format of the @@ -93,7 +93,7 @@ const char * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543442"></a><h2>SEE ALSO</h2> +<a name="id2543444"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">RFC1884</span></span>, <span class="citerefentry"><span class="refentrytitle">inet_ntop</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">errno</span>(3)</span>. diff --git a/contrib/bind9/lib/lwres/man/lwres_noop.html b/contrib/bind9/lib/lwres/man/lwres_noop.html index 62aa19a..4a94836 100644 --- a/contrib/bind9/lib/lwres/man/lwres_noop.html +++ b/contrib/bind9/lib/lwres/man/lwres_noop.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_noop.html,v 1.25.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_noop.html,v 1.25.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_nooprequest_render, lwres_noopresponse_render, lwres_nooprequest_parse, lwres_noopresponse_parse, lwres_noopresponse_free, lwres_nooprequest_free — lightweight resolver no-op message handling</p> @@ -179,7 +179,7 @@ void </div> </div> <div class="refsect1" lang="en"> -<a name="id2543520"></a><h2>DESCRIPTION</h2> +<a name="id2543522"></a><h2>DESCRIPTION</h2> <p> These are low-level routines for creating and parsing lightweight resolver no-op request and response messages. @@ -270,7 +270,7 @@ typedef struct { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543670"></a><h2>RETURN VALUES</h2> +<a name="id2543672"></a><h2>RETURN VALUES</h2> <p> The no-op opcode functions <code class="function">lwres_nooprequest_render()</code>, @@ -309,7 +309,7 @@ typedef struct { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543736"></a><h2>SEE ALSO</h2> +<a name="id2543738"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">lwres_packet</span>(3)</span> </p> </div> diff --git a/contrib/bind9/lib/lwres/man/lwres_packet.html b/contrib/bind9/lib/lwres/man/lwres_packet.html index 7f2f67b..096b4bb 100644 --- a/contrib/bind9/lib/lwres/man/lwres_packet.html +++ b/contrib/bind9/lib/lwres/man/lwres_packet.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_packet.html,v 1.26.418.1.10.1 2010/03/03 22:06:40 marka Exp $ --> +<!-- $Id: lwres_packet.html,v 1.26.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_lwpacket_renderheader, lwres_lwpacket_parseheader — lightweight resolver packet handling functions</p> @@ -66,7 +66,7 @@ lwres_result_t </div> </div> <div class="refsect1" lang="en"> -<a name="id2543387"></a><h2>DESCRIPTION</h2> +<a name="id2543389"></a><h2>DESCRIPTION</h2> <p> These functions rely on a <span class="type">struct lwres_lwpacket</span> @@ -219,7 +219,7 @@ struct lwres_lwpacket { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543704"></a><h2>RETURN VALUES</h2> +<a name="id2543706"></a><h2>RETURN VALUES</h2> <p> Successful calls to <code class="function">lwres_lwpacket_renderheader()</code> and diff --git a/contrib/bind9/lib/lwres/man/lwres_resutil.html b/contrib/bind9/lib/lwres/man/lwres_resutil.html index e649965..1d2aa76 100644 --- a/contrib/bind9/lib/lwres/man/lwres_resutil.html +++ b/contrib/bind9/lib/lwres/man/lwres_resutil.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_resutil.html,v 1.25.418.1.10.1 2010/03/03 22:06:40 marka Exp $ --> +<!-- $Id: lwres_resutil.html,v 1.25.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_string_parse, lwres_addr_parse, lwres_getaddrsbyname, lwres_getnamebyaddr — lightweight resolver utility functions</p> @@ -134,7 +134,7 @@ lwres_result_t </div> </div> <div class="refsect1" lang="en"> -<a name="id2543464"></a><h2>DESCRIPTION</h2> +<a name="id2543466"></a><h2>DESCRIPTION</h2> <p><code class="function">lwres_string_parse()</code> retrieves a DNS-encoded string starting the current pointer of lightweight resolver buffer <em class="parameter"><code>b</code></em>: i.e. @@ -210,7 +210,7 @@ typedef struct { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543603"></a><h2>RETURN VALUES</h2> +<a name="id2543605"></a><h2>RETURN VALUES</h2> <p> Successful calls to <code class="function">lwres_string_parse()</code> @@ -248,7 +248,7 @@ typedef struct { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543674"></a><h2>SEE ALSO</h2> +<a name="id2543676"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">lwres_buffer</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">lwres_gabn</span>(3)</span>. diff --git a/contrib/bind9/lib/lwres/print_p.h b/contrib/bind9/lib/lwres/print_p.h index c22b44a..e2f6ad6 100644 --- a/contrib/bind9/lib/lwres/print_p.h +++ b/contrib/bind9/lib/lwres/print_p.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2007, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: print_p.h,v 1.4 2007/06/19 23:47:22 tbox Exp $ */ +/* $Id: print_p.h,v 1.4.332.2 2010-08-16 23:45:48 tbox Exp $ */ #ifndef LWRES_PRINT_P_H #define LWRES_PRINT_P_H 1 @@ -47,7 +47,7 @@ #ifdef __GNUC__ #define LWRES_FORMAT_PRINTF(fmt, args) \ - __attribute__((__format__(__printf__, fmt, args))) + __attribute__((__format__(__printf__, fmt, args))) #else #define LWRES_FORMAT_PRINTF(fmt, args) #endif @@ -67,17 +67,26 @@ LWRES_LANG_BEGINDECLS int lwres__print_vsnprintf(char *str, size_t size, const char *format, va_list ap) LWRES_FORMAT_PRINTF(3, 0); +#ifdef vsnprintf +#undef vsnprintf +#endif #define vsnprintf lwres__print_vsnprintf int lwres__print_snprintf(char *str, size_t size, const char *format, ...) LWRES_FORMAT_PRINTF(3, 4); +#ifdef snprintf +#undef snprintf +#endif #define snprintf lwres__print_snprintf #endif /* LWRES_PLATFORM_NEEDVSNPRINTF */ #ifdef LWRES_PLATFORM_NEEDSPRINTF int lwres__print_sprintf(char *str, const char *format, ...) LWRES_FORMAT_PRINTF(2, 3); +#ifdef sprintf +#undef sprintf +#endif #define sprintf lwres__print_sprintf #endif |
