MFH (r266114, r266138): upgrade to latest ldns and unbound

MFH (r266139-r266143, r266145, r266149, r266150): fix props MFH (r266179, r266180, r266193, r266238, r266777): misc cleanup MFH (r266863): create and use /var/unbound/conf.d MFH (r268839): import unblock-lan-zones patch from upstream MFH (r268840): fix reverse lookups on private networks MFH (r268883): avoid spamming source tree during build PR: 190739 (for r268883)
author: des <des@FreeBSD.org> 2014-07-29 20:57:38 +0000
committer: des <des@FreeBSD.org> 2014-07-29 20:57:38 +0000
commit: fe6d9379787eb938c503444ce243caa89cc7b08c (patch)
tree: 5cc01e837e3c2f3dfb21ef0136ca69be1f957059 /contrib/ldns/ldns
parent: 1f52ac9340be3979c9bf100fe65c551bcd870cc6 (diff)
download: FreeBSD-src-fe6d9379787eb938c503444ce243caa89cc7b08c.zip
FreeBSD-src-fe6d9379787eb938c503444ce243caa89cc7b08c.tar.gz
21 files changed, 866 insertions, 150 deletions
diff --git a/contrib/ldns/ldns/common.h b/contrib/ldns/ldns/common.h
index 0767bc6..82b46a0 100644
--- a/contrib/ldns/ldns/common.h
+++ b/contrib/ldns/ldns/common.h
@@ -24,6 +24,9 @@
 #define LDNS_BUILD_CONFIG_HAVE_ATTR_FORMAT 1
 #define LDNS_BUILD_CONFIG_HAVE_ATTR_UNUSED 1
 #define LDNS_BUILD_CONFIG_HAVE_SOCKLEN_T   1
+#define LDNS_BUILD_CONFIG_USE_DANE         1
+#define LDNS_BUILD_CONFIG_HAVE_B32_PTON    0
+#define LDNS_BUILD_CONFIG_HAVE_B32_NTOP    0
 
 /*
  * HAVE_STDBOOL_H is not available when distributed as a library, but no build 
diff --git a/contrib/ldns/ldns/common.h.in b/contrib/ldns/ldns/common.h.in
index aedfc96..8bf9654 100644
--- a/contrib/ldns/ldns/common.h.in
+++ b/contrib/ldns/ldns/common.h.in
@@ -24,6 +24,9 @@
 #define LDNS_BUILD_CONFIG_HAVE_ATTR_FORMAT @ldns_build_config_have_attr_format@
 #define LDNS_BUILD_CONFIG_HAVE_ATTR_UNUSED @ldns_build_config_have_attr_unused@
 #define LDNS_BUILD_CONFIG_HAVE_SOCKLEN_T   @ldns_build_config_have_socklen_t@
+#define LDNS_BUILD_CONFIG_USE_DANE         @ldns_build_config_use_dane@
+#define LDNS_BUILD_CONFIG_HAVE_B32_PTON    @ldns_build_config_have_b32_pton@
+#define LDNS_BUILD_CONFIG_HAVE_B32_NTOP    @ldns_build_config_have_b32_ntop@
 
 /*
  * HAVE_STDBOOL_H is not available when distributed as a library, but no build 
diff --git a/contrib/ldns/ldns/config.h b/contrib/ldns/ldns/config.h
index aef1ee6..1eb094d 100644
--- a/contrib/ldns/ldns/config.h
+++ b/contrib/ldns/ldns/config.h
@@ -87,9 +87,6 @@
 /* Define to 1 if you have the `inet_pton' function. */
 #define HAVE_INET_PTON 1
 
-/* Define to 1 if the system has the type `intptr_t'. */
-#define HAVE_INTPTR_T 1
-
 /* define if you have inttypes.h */
 #define HAVE_INTTYPES_H 1
 
@@ -277,7 +274,7 @@
 #define PACKAGE_NAME "ldns"
 
 /* Define to the full name and version of this package. */
-#define PACKAGE_STRING "ldns 1.6.16"
+#define PACKAGE_STRING "ldns 1.6.17"
 
 /* Define to the one symbol short name of this package. */
 #define PACKAGE_TARNAME "libdns"
@@ -286,7 +283,22 @@
 #define PACKAGE_URL ""
 
 /* Define to the version of this package. */
-#define PACKAGE_VERSION "1.6.16"
+#define PACKAGE_VERSION "1.6.17"
+
+/* Define this to enable RR type CDS. */
+/* #undef RRTYPE_CDS */
+
+/* Define this to enable RR type NINFO. */
+/* #undef RRTYPE_NINFO */
+
+/* Define this to enable RR type RKEY. */
+/* #undef RRTYPE_RKEY */
+
+/* Define this to enable RR type TA. */
+/* #undef RRTYPE_TA */
+
+/* Define this to enable RR type URI. */
+/* #undef RRTYPE_URI */
 
 /* The size of `time_t', as computed by sizeof. */
 #define SIZEOF_TIME_T 8
@@ -294,9 +306,15 @@
 /* Define to 1 if you have the ANSI C header files. */
 #define STDC_HEADERS 1
 
+/* Define this to enable messages to stderr. */
+/* #undef STDERR_MSGS */
+
 /* System configuration dir */
 #define SYSCONFDIR sysconfdir
 
+/* Define this to enable DANE support. */
+#define USE_DANE 1
+
 /* Define this to enable ECDSA support. */
 #define USE_ECDSA 1
 
@@ -383,8 +401,7 @@
 /* Define to `char' if <sys/types.h> does not define. */
 /* #undef int8_t */
 
-/* Define to the type of a signed integer type wide enough to hold a pointer,
-   if such a type exists, and if the system does not define it. */
+/* Define to `size_t' if <sys/types.h> does not define. */
 /* #undef intptr_t */
 
 /* Define to rpl_malloc if the replacement function should be used. */
@@ -489,6 +506,32 @@
 extern "C" {
 #endif
 
+int ldns_b64_ntop(uint8_t const *src, size_t srclength,
+	 	  char *target, size_t targsize);
+/**
+ * calculates the size needed to store the result of b64_ntop
+ */
+/*@unused@*/
+static inline size_t ldns_b64_ntop_calculate_size(size_t srcsize)
+{
+	return ((((srcsize + 2) / 3) * 4) + 1);
+}
+int ldns_b64_pton(char const *src, uint8_t *target, size_t targsize);
+/**
+ * calculates the size needed to store the result of ldns_b64_pton
+ */
+/*@unused@*/
+static inline size_t ldns_b64_pton_calculate_size(size_t srcsize)
+{
+	return (((((srcsize + 3) / 4) * 3)) + 1);
+}
+
+/**
+ * Given in dnssec_zone.c, also used in dnssec_sign.c:w
+
+ */
+int ldns_dname_compare_v(const void *a, const void *b);
+
 #ifndef HAVE_SLEEP
 /* use windows sleep, in millisecs, instead */
 #define sleep(x) Sleep((x)*1000)
diff --git a/contrib/ldns/ldns/config.h.in b/contrib/ldns/ldns/config.h.in
index 98cf357..b41af23 100644
--- a/contrib/ldns/ldns/config.h.in
+++ b/contrib/ldns/ldns/config.h.in
@@ -86,9 +86,6 @@
 /* Define to 1 if you have the `inet_pton' function. */
 #undef HAVE_INET_PTON
 
-/* Define to 1 if the system has the type `intptr_t'. */
-#undef HAVE_INTPTR_T
-
 /* define if you have inttypes.h */
 #undef HAVE_INTTYPES_H
 
@@ -287,15 +284,36 @@
 /* Define to the version of this package. */
 #undef PACKAGE_VERSION
 
+/* Define this to enable RR type CDS. */
+#undef RRTYPE_CDS
+
+/* Define this to enable RR type NINFO. */
+#undef RRTYPE_NINFO
+
+/* Define this to enable RR type RKEY. */
+#undef RRTYPE_RKEY
+
+/* Define this to enable RR type TA. */
+#undef RRTYPE_TA
+
+/* Define this to enable RR type URI. */
+#undef RRTYPE_URI
+
 /* The size of `time_t', as computed by sizeof. */
 #undef SIZEOF_TIME_T
 
 /* Define to 1 if you have the ANSI C header files. */
 #undef STDC_HEADERS
 
+/* Define this to enable messages to stderr. */
+#undef STDERR_MSGS
+
 /* System configuration dir */
 #undef SYSCONFDIR
 
+/* Define this to enable DANE support. */
+#undef USE_DANE
+
 /* Define this to enable ECDSA support. */
 #undef USE_ECDSA
 
@@ -382,8 +400,7 @@
 /* Define to `char' if <sys/types.h> does not define. */
 #undef int8_t
 
-/* Define to the type of a signed integer type wide enough to hold a pointer,
-   if such a type exists, and if the system does not define it. */
+/* Define to `size_t' if <sys/types.h> does not define. */
 #undef intptr_t
 
 /* Define to rpl_malloc if the replacement function should be used. */
@@ -488,7 +505,6 @@
 extern "C" {
 #endif
 
-#ifndef B64_PTON
 int ldns_b64_ntop(uint8_t const *src, size_t srclength,
 	 	  char *target, size_t targsize);
 /**
@@ -499,8 +515,6 @@ static inline size_t ldns_b64_ntop_calculate_size(size_t srcsize)
 {
 	return ((((srcsize + 2) / 3) * 4) + 1);
 }
-#endif /* !B64_PTON */
-#ifndef B64_NTOP
 int ldns_b64_pton(char const *src, uint8_t *target, size_t targsize);
 /**
  * calculates the size needed to store the result of ldns_b64_pton
@@ -510,7 +524,12 @@ static inline size_t ldns_b64_pton_calculate_size(size_t srcsize)
 {
 	return (((((srcsize + 3) / 4) * 3)) + 1);
 }
-#endif /* !B64_NTOP */
+
+/**
+ * Given in dnssec_zone.c, also used in dnssec_sign.c:w
+
+ */
+int ldns_dname_compare_v(const void *a, const void *b);
 
 #ifndef HAVE_SLEEP
 /* use windows sleep, in millisecs, instead */
diff --git a/contrib/ldns/ldns/dane.h b/contrib/ldns/ldns/dane.h
index c1c4e2d..6adecd5 100644
--- a/contrib/ldns/ldns/dane.h
+++ b/contrib/ldns/ldns/dane.h
@@ -22,6 +22,7 @@
 
 #ifndef LDNS_DANE_H
 #define LDNS_DANE_H
+#if LDNS_BUILD_CONFIG_USE_DANE
 
 #include <ldns/common.h>
 #include <ldns/rdata.h>
@@ -240,5 +241,6 @@ ldns_status ldns_dane_verify(ldns_rr_list* tlsas,
 }
 #endif
 
+#endif /* LDNS_BUILD_CONFIG_USE_DANE */
 #endif /* LDNS_DANE_H */
 
diff --git a/contrib/ldns/ldns/dnssec.h b/contrib/ldns/ldns/dnssec.h
index 34f6371..f4cdafb 100644
--- a/contrib/ldns/ldns/dnssec.h
+++ b/contrib/ldns/ldns/dnssec.h
@@ -364,12 +364,30 @@ ldns_rdf *ldns_nsec3_bitmap(const ldns_rr *nsec3_rr);
 ldns_rdf *ldns_nsec3_hash_name_frm_nsec3(const ldns_rr *nsec, ldns_rdf *name);
 
 /**
- * Checks coverage of NSEC RR type bitmap
- * \param[in] nsec_bitmap The NSEC bitmap rdata field to check
- * \param[in] type The type to check
- * \return true if the NSEC RR covers the type
+ * Check if RR type t is enumerated and set in the RR type bitmap rdf.
+ * \param[in] bitmap the RR type bitmap rdf to look in
+ * \param[in] type the type to check for
+ * \return true when t is found and set, otherwise return false
  */
-bool ldns_nsec_bitmap_covers_type(const ldns_rdf *nsec_bitmap, ldns_rr_type type);
+bool ldns_nsec_bitmap_covers_type(const ldns_rdf* bitmap, ldns_rr_type type);
+
+/**
+ * Checks if RR type t is enumerated in the type bitmap rdf and sets the bit.
+ * \param[in] bitmap the RR type bitmap rdf to look in
+ * \param[in] type the type to for which the bit to set
+ * \return LDNS_STATUS_OK on success. LDNS_STATUS_TYPE_NOT_IN_BITMAP is 
+ *         returned when the bitmap does not contain the bit to set.
+ */
+ldns_status ldns_nsec_bitmap_set_type(ldns_rdf* bitmap, ldns_rr_type type);
+
+/**
+ * Checks if RR type t is enumerated in the type bitmap rdf and clears the bit.
+ * \param[in] bitmap the RR type bitmap rdf to look in
+ * \param[in] type the type to for which the bit to clear
+ * \return LDNS_STATUS_OK on success. LDNS_STATUS_TYPE_NOT_IN_BITMAP is 
+ *         returned when the bitmap does not contain the bit to clear.
+ */
+ldns_status ldns_nsec_bitmap_clear_type(ldns_rdf* bitmap, ldns_rr_type type);
 
 /**
  * Checks coverage of NSEC(3) RR name span
diff --git a/contrib/ldns/ldns/dnssec_sign.h b/contrib/ldns/ldns/dnssec_sign.h
index e77cb69..f51c7fb 100644
--- a/contrib/ldns/ldns/dnssec_sign.h
+++ b/contrib/ldns/ldns/dnssec_sign.h
@@ -87,7 +87,7 @@ ldns_rdf *ldns_sign_public_rsamd5(ldns_buffer *to_sign, RSA *key);
  * when walking the tree with the ldns_dnssec_name_node_next_nonglue()
  * function. But watch out! Names that are partially occluded (like glue with
  * the same name as the delegation) will not be marked and should specifically 
- * be taken into account seperately.
+ * be taken into account separately.
  *
  * When glue_list is given (not NULL), in the process of marking the names, all
  * glue resource records will be pushed to that list, even glue at the delegation name.
@@ -105,7 +105,7 @@ ldns_dnssec_zone_mark_and_get_glue(
  * when walking the tree with the ldns_dnssec_name_node_next_nonglue()
  * function. But watch out! Names that are partially occluded (like glue with
  * the same name as the delegation) will not be marked and should specifically 
- * be taken into account seperately.
+ * be taken into account separately.
  *
  * \param[in] zone the zone in which to mark the names
  * \return LDNS_STATUS_OK on succesful completion
diff --git a/contrib/ldns/ldns/dnssec_zone.h b/contrib/ldns/ldns/dnssec_zone.h
index 257bfba..b794f94 100644
--- a/contrib/ldns/ldns/dnssec_zone.h
+++ b/contrib/ldns/ldns/dnssec_zone.h
@@ -93,6 +93,13 @@ struct ldns_struct_dnssec_zone {
 	ldns_dnssec_name *soa;
 	/** tree of ldns_dnssec_names */
 	ldns_rbtree_t *names;
+	/** tree of ldns_dnssec_names by nsec3 hashes (when applicible) */
+	ldns_rbtree_t *hashed_names;
+	/** points to the first added NSEC3 rr whose parameters will be 
+	 *  assumed for all subsequent NSEC3 rr's and which will be used
+	 *  to calculate hashed names
+	 */
+	ldns_rr *_nsec3params;
 };
 typedef struct ldns_struct_dnssec_zone ldns_dnssec_zone;
 
@@ -119,7 +126,8 @@ void ldns_dnssec_rrs_free(ldns_dnssec_rrs *rrs);
 void ldns_dnssec_rrs_deep_free(ldns_dnssec_rrs *rrs);
 
 /**
- * Adds an RR to the list of RRs. The list will remain ordered
+ * Adds an RR to the list of RRs. The list will remain ordered.
+ * If an equal RR already exists, this RR will not be added.
  *
  * \param[in] rrs the list to add to
  * \param[in] rr the RR to add
diff --git a/contrib/ldns/ldns/error.h b/contrib/ldns/ldns/error.h
index bac38ff..41b99ad 100644
--- a/contrib/ldns/ldns/error.h
+++ b/contrib/ldns/ldns/error.h
@@ -117,7 +117,16 @@ enum ldns_enum_status {
 	LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH,
 	LDNS_STATUS_DANE_NON_CA_CERTIFICATE,
 	LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE,
-	LDNS_STATUS_DANE_PKIX_NO_SELF_SIGNED_TRUST_ANCHOR
+	LDNS_STATUS_DANE_PKIX_NO_SELF_SIGNED_TRUST_ANCHOR,
+	LDNS_STATUS_EXISTS_ERR,
+	LDNS_STATUS_INVALID_ILNP64,
+	LDNS_STATUS_INVALID_EUI48,
+	LDNS_STATUS_INVALID_EUI64,
+	LDNS_STATUS_WIRE_RDATA_ERR,
+	LDNS_STATUS_INVALID_TAG,
+	LDNS_STATUS_TYPE_NOT_IN_BITMAP,
+	LDNS_STATUS_INVALID_RDF_TYPE,
+	LDNS_STATUS_RDATA_OVERFLOW,
 };
 typedef enum ldns_enum_status ldns_status;
 
diff --git a/contrib/ldns/ldns/host2str.h b/contrib/ldns/ldns/host2str.h
index bbf9327..e69389e 100644
--- a/contrib/ldns/ldns/host2str.h
+++ b/contrib/ldns/ldns/host2str.h
@@ -40,32 +40,38 @@ extern "C" {
 #define LDNS_APL_NEGATION       0x80
 
 /** 
- * Represent a NULL pointer (in stead of a pointer to a ldns_rr as "; (null)" 
+ * Represent a NULL pointer (instead of a pointer to a ldns_rr as "; (null)" 
  * as opposed to outputting nothing at all in such a case.
  */
-#define LDNS_COMMENT_NULLS		0x0001
+/*	Flag Name			Flag Nr.	Has data associated
+	---------------------------------------------------------------------*/
+#define LDNS_COMMENT_NULLS		(1 <<  0)
 /** Show key id with DNSKEY RR's as comment */
-#define LDNS_COMMENT_KEY_ID		0x0002
+#define LDNS_COMMENT_KEY_ID		(1 <<  1)
 /** Show if a DNSKEY is a ZSK or KSK as comment */
-#define LDNS_COMMENT_KEY_TYPE		0x0004
+#define LDNS_COMMENT_KEY_TYPE		(1 <<  2)
 /** Show DNSKEY key size as comment */
-#define LDNS_COMMENT_KEY_SIZE		0x0008
-/** Show key id, type and size as comment for DNSKEY RR's */
-#define LDNS_COMMENT_KEY		(LDNS_COMMENT_KEY_ID  \
-					|LDNS_COMMENT_KEY_TYPE\
-					|LDNS_COMMENT_KEY_SIZE)
+#define LDNS_COMMENT_KEY_SIZE		(1 <<  3)
 /** Provide bubblebabble representation for DS RR's as comment */
-#define LDNS_COMMENT_BUBBLEBABBLE	0x0010
+#define LDNS_COMMENT_BUBBLEBABBLE	(1 <<  4)
 /** Show when a NSEC3 RR has the optout flag set as comment */
-#define LDNS_COMMENT_FLAGS		0x0020
+#define LDNS_COMMENT_FLAGS		(1 <<  5)
 /** Show the unhashed owner and next owner names for NSEC3 RR's as comment */
-#define LDNS_COMMENT_NSEC3_CHAIN	0x0040
+#define LDNS_COMMENT_NSEC3_CHAIN	(1 <<  6)	/* yes */
 /** Print mark up */
-#define LDNS_COMMENT_LAYOUT		0x0080
+#define LDNS_COMMENT_LAYOUT		(1 <<  7)
 /** Also comment KEY_ID with RRSIGS **/
-#define LDNS_COMMENT_RRSIGS		0x0100
-#define LDNS_FMT_ZEROIZE_RRSIGS		0x0200
-#define LDNS_FMT_PAD_SOA_SERIAL		0x0400
+#define LDNS_COMMENT_RRSIGS		(1 <<  8)
+#define LDNS_FMT_ZEROIZE_RRSIGS		(1 <<  9)
+#define LDNS_FMT_PAD_SOA_SERIAL		(1 << 10)
+#define LDNS_FMT_RFC3597		(1 << 11)	/* yes */
+
+#define LDNS_FMT_FLAGS_WITH_DATA			    2
+
+/** Show key id, type and size as comment for DNSKEY RR's */
+#define LDNS_COMMENT_KEY		(LDNS_COMMENT_KEY_ID  \
+					|LDNS_COMMENT_KEY_TYPE\
+					|LDNS_COMMENT_KEY_SIZE)
 
 /**
  * Output format specifier
@@ -87,6 +93,18 @@ struct ldns_struct_output_format
 typedef struct ldns_struct_output_format ldns_output_format;
 
 /**
+ * Output format struct with additional data for flags that use them.
+ * This struct may not be initialized directly. Use ldns_output_format_init
+ * to initialize.
+ */
+struct ldns_struct_output_format_storage
+{	int   flags;
+	ldns_rbtree_t* hashmap;    /* for LDNS_COMMENT_NSEC3_CHAIN */
+	ldns_rdf*      bitmap;     /* for LDNS_FMT_RFC3597     */
+};
+typedef struct ldns_struct_output_format_storage ldns_output_format_storage;
+
+/**
  * Standard output format record that disables commenting in the textual 
  * representation of Resource Records completely.
  */
@@ -108,6 +126,55 @@ extern const ldns_output_format *ldns_output_format_default;
 extern const ldns_output_format *ldns_output_format_bubblebabble;
 
 /**
+ * Initialize output format storage to the default value.
+ * \param[in] fmt A reference to an output_format_ storage struct
+ * \return The initialized storage struct typecasted to ldns_output_format
+ */
+INLINE
+ldns_output_format* ldns_output_format_init(ldns_output_format_storage* fmt) {
+	fmt->flags   = ldns_output_format_default->flags;
+	fmt->hashmap = NULL;
+	fmt->bitmap  = NULL;
+	return (ldns_output_format*)fmt;
+}
+
+/**
+ * Set an ouput format flag.
+ */
+INLINE void ldns_output_format_set(ldns_output_format* fmt, int flag) {
+        fmt->flags |= flag;
+}
+
+/**
+ * Clear an ouput format flag.
+ */
+INLINE void ldns_output_format_clear(ldns_output_format* fmt, int flag) {
+        fmt->flags &= !flag;
+}
+
+/**
+ * Makes sure the LDNS_FMT_RFC3597 is set in the output format.
+ * Marks the type to be printed in RFC3597 format.
+ * /param[in] fmt the output format to update
+ * /param[in] the type to be printed in RFC3597 format
+ * /return LDNS_STATUS_OK on success
+ */
+ldns_status
+ldns_output_format_set_type(ldns_output_format* fmt, ldns_rr_type type);
+
+/**
+ * Makes sure the LDNS_FMT_RFC3597 is set in the output format.
+ * Marks the type to not be printed in RFC3597 format. When no other types
+ * have been marked before, all known types (except the given one) will be
+ * marked for printing in RFC3597 format.
+ * /param[in] fmt the output format to update
+ * /param[in] the type not to be printed in RFC3597 format
+ * /return LDNS_STATUS_OK on success
+ */
+ldns_status
+ldns_output_format_clear_type(ldns_output_format* fmt, ldns_rr_type type);
+
+/**
  * Converts an ldns packet opcode value to its mnemonic, and adds that
  * to the output buffer
  * \param[in] *output the buffer to add the data to
@@ -399,15 +466,6 @@ ldns_status ldns_rdf2buffer_str_int16_data(ldns_buffer *output, const ldns_rdf *
  */
 ldns_status ldns_rdf2buffer_str_ipseckey(ldns_buffer *output, const ldns_rdf *rdf);
 
-/** 
- * Converts an LDNS_RDF_TYPE_TSIG rdata element to string format and adds it to the output buffer 
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_tsig(ldns_buffer *output, const ldns_rdf *rdf);
-
-
 /**
  * Converts the data in the rdata field to presentation
  * format (as char *) and appends it to the given buffer
@@ -518,6 +576,66 @@ ldns_status ldns_rdf2buffer_str_int32(ldns_buffer *output, const ldns_rdf *rdf);
  */
 ldns_status ldns_rdf2buffer_str_time(ldns_buffer *output, const ldns_rdf *rdf);
 
+/** 
+ * Converts an LDNS_RDF_TYPE_ILNP64 rdata element to 4 hexadecimal numbers
+ * separated by colons and adds it to the output buffer 
+ * \param[in] *rdf The rdata to convert
+ * \param[in] *output The buffer to add the data to
+ * \return LDNS_STATUS_OK on success, and error status on failure
+ */
+ldns_status ldns_rdf2buffer_str_ilnp64(ldns_buffer *output,
+		const ldns_rdf *rdf);
+
+/** 
+ * Converts an LDNS_RDF_TYPE_EUI48 rdata element to 6 hexadecimal numbers
+ * separated by dashes and adds it to the output buffer 
+ * \param[in] *rdf The rdata to convert
+ * \param[in] *output The buffer to add the data to
+ * \return LDNS_STATUS_OK on success, and error status on failure
+ */
+ldns_status ldns_rdf2buffer_str_eui48(ldns_buffer *output,
+		const ldns_rdf *rdf);
+
+/** 
+ * Converts an LDNS_RDF_TYPE_EUI64 rdata element to 8 hexadecimal numbers
+ * separated by dashes and adds it to the output buffer 
+ * \param[in] *rdf The rdata to convert
+ * \param[in] *output The buffer to add the data to
+ * \return LDNS_STATUS_OK on success, and error status on failure
+ */
+ldns_status ldns_rdf2buffer_str_eui64(ldns_buffer *output,
+		const ldns_rdf *rdf);
+
+/** 
+ * Adds the LDNS_RDF_TYPE_TAG rdata to the output buffer,
+ * provided it contains only alphanumeric characters.
+ * \param[in] *rdf The rdata to convert
+ * \param[in] *output The buffer to add the data to
+ * \return LDNS_STATUS_OK on success, and error status on failure
+ */
+ldns_status ldns_rdf2buffer_str_tag(ldns_buffer *output,
+		const ldns_rdf *rdf);
+
+/** 
+ * Adds the LDNS_RDF_TYPE_LONG_STR rdata to the output buffer, in-between 
+ * double quotes and all non printable characters properly escaped.
+ * \param[in] *rdf The rdata to convert
+ * \param[in] *output The buffer to add the data to
+ * \return LDNS_STATUS_OK on success, and error status on failure
+ */
+ldns_status ldns_rdf2buffer_str_long_str(ldns_buffer *output,
+	       	const ldns_rdf *rdf);
+
+/** 
+ * Converts an LDNS_RDF_TYPE_HIP rdata element to presentation format for
+ * the algorithm, HIT and Public Key and adds it the output buffer .
+ * \param[in] *rdf The rdata to convert
+ * \param[in] *output The buffer to add the data to
+ * \return LDNS_STATUS_OK on success, and error status on failure
+ */
+ldns_status ldns_rdf2buffer_str_hip(ldns_buffer *output,
+		const ldns_rdf *rdf);
+
 /**
  * Converts the data in the rdata field to presentation format and
  * returns that as a char *.
diff --git a/contrib/ldns/ldns/ldns.h b/contrib/ldns/ldns/ldns.h
index a41e032..60663ef 100644
--- a/contrib/ldns/ldns/ldns.h
+++ b/contrib/ldns/ldns/ldns.h
@@ -26,7 +26,7 @@ faster than Perl.
 
 The first main tool to use ldns is Drill, from which part of the library was
 derived. From version 1.0.0 on, drill is included in the ldns release
-and will not be distributed seperately anymore. The library also includes some
+and will not be distributed separately anymore. The library also includes some
 other examples and tools to show how it can be used. These can be found in the
 examples/ directory in the tarball.
 
@@ -37,9 +37,9 @@ Feature list
   - TSIG support,
   - DNSSEC support; signing and verification,
   - small size,
-  - online documentation as well as manual pages. 
+  - online documentation as well as manual pages.
 
-If you want to send us patches please use the code from subversion (trunk). 
+If you want to send us patches please use the code from git.
 
 \section using_ldns Using ldns
 
@@ -119,6 +119,7 @@ Or you can just use the menu above to browse through the API docs.
 #include <ldns/parse.h>
 #include <ldns/zone.h>
 #include <ldns/dnssec_zone.h>
+#include <ldns/radix.h>
 #include <ldns/rbtree.h>
 #include <ldns/sha1.h>
 #include <ldns/sha2.h>
diff --git a/contrib/ldns/ldns/net.h b/contrib/ldns/ldns/net.h
index cd7bc4b..692a9fb 100644
--- a/contrib/ldns/ldns/net.h
+++ b/contrib/ldns/ldns/net.h
@@ -50,7 +50,6 @@ ldns_status ldns_udp_send(uint8_t **result, ldns_buffer *qbin, const struct sock
  * \param[in] timeout *unused*, was the timeout value for the network
  * \return the socket used
  */
-
 int ldns_udp_bgsend(ldns_buffer *qbin, const struct sockaddr_storage *to, socklen_t tolen, struct timeval timeout);
 
 /**
diff --git a/contrib/ldns/ldns/net.h.in b/contrib/ldns/ldns/net.h.in
index cd4cfde..e6b3618 100644
--- a/contrib/ldns/ldns/net.h.in
+++ b/contrib/ldns/ldns/net.h.in
@@ -50,7 +50,6 @@ ldns_status ldns_udp_send(uint8_t **result, ldns_buffer *qbin, const struct sock
  * \param[in] timeout *unused*, was the timeout value for the network
  * \return the socket used
  */
-
 int ldns_udp_bgsend(ldns_buffer *qbin, const struct sockaddr_storage *to, socklen_t tolen, struct timeval timeout);
 
 /**
diff --git a/contrib/ldns/ldns/packet.h b/contrib/ldns/ldns/packet.h
index ed7c327..9dca06f 100644
--- a/contrib/ldns/ldns/packet.h
+++ b/contrib/ldns/ldns/packet.h
@@ -411,6 +411,17 @@ uint32_t ldns_pkt_querytime(const ldns_pkt *p);
 size_t ldns_pkt_size(const ldns_pkt *p);
 
 /**
+ * Return the number of RRs in the given section.
+ * Returns the sum of all RRs when LDNS_SECTION_ANY is given.
+ * Returns the sum of all non-question RRs when LDNS_SECTION_ANY_NOQUESTION
+ * is given.
+ * \param[in] p the packet
+ * \param[in] s the section
+ * \return the number of RRs in the given section
+ */
+uint16_t ldns_pkt_section_count(const ldns_pkt *p, ldns_pkt_section s);
+
+/**
  * Return the packet's tsig pseudo rr's
  * \param[in] p the packet
  * \return the tsig rr
@@ -760,6 +771,18 @@ void ldns_pkt_free(ldns_pkt *packet);
 ldns_status ldns_pkt_query_new_frm_str(ldns_pkt **p, const char *rr_name, ldns_rr_type rr_type, ldns_rr_class rr_class , uint16_t flags);
 
 /**
+ * creates an IXFR request packet for the given name, class.
+ * adds the SOA record to the authority section.
+ * \param[out] p the packet to be returned
+ * \param[in] rr_name the name to query for (as string)
+ * \param[in] rr_class the class to query for
+ * \param[in] flags packet flags
+ * \param[in] soa soa record to be added to the authority section
+ * \return LDNS_STATUS_OK or a ldns_status mesg with the error
+ */
+ldns_status ldns_pkt_ixfr_request_new_frm_str(ldns_pkt **p, const char *rr_name, ldns_rr_class rr_class, uint16_t flags, ldns_rr* soa);
+
+/**
  * creates a packet with a query in it for the given name, type and class.
  * \param[in] rr_name the name to query for
  * \param[in] rr_type the type to query for
@@ -770,6 +793,17 @@ ldns_status ldns_pkt_query_new_frm_str(ldns_pkt **p, const char *rr_name, ldns_r
 ldns_pkt *ldns_pkt_query_new(ldns_rdf *rr_name, ldns_rr_type rr_type, ldns_rr_class rr_class, uint16_t flags);
 
 /**
+ * creates an IXFR request packet for the given name, type and class.
+ * adds the SOA record to the authority section.
+ * \param[in] rr_name the name to query for
+ * \param[in] rr_class the class to query for
+ * \param[in] flags packet flags
+ * \param[in] soa soa record to be added to the authority section
+ * \return ldns_pkt* a pointer to the new pkt
+ */
+ldns_pkt *ldns_pkt_ixfr_request_new(ldns_rdf *rr_name, ldns_rr_class rr_class, uint16_t flags, ldns_rr* soa);
+
+/**
  * clones the given packet, creating a fully allocated copy
  *
  * \param[in] pkt the packet to clone
diff --git a/contrib/ldns/ldns/radix.h b/contrib/ldns/ldns/radix.h
new file mode 100644
index 0000000..f8833eb
--- /dev/null
+++ b/contrib/ldns/ldns/radix.h
@@ -0,0 +1,240 @@
+/*
+ * radix.h -- generic radix tree
+ *
+ * Copyright (c) 2012, NLnet Labs. All rights reserved.
+ *
+ * This software is open source.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of the NLNET LABS nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+/**
+ * \file
+ * Radix tree. Implementation taken from NSD 4, adjusted for use in ldns.
+ *
+ */
+
+#ifndef LDNS_RADIX_H_
+#define	LDNS_RADIX_H_
+
+#include <ldns/error.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef uint16_t radix_strlen_t;
+typedef struct ldns_radix_array_t ldns_radix_array_t;
+typedef struct ldns_radix_node_t ldns_radix_node_t;
+typedef struct ldns_radix_t ldns_radix_t;
+
+/** Radix node select edge array */
+struct ldns_radix_array_t {
+	/** Additional string after the selection byte for this edge. */
+	uint8_t* str;
+	/** Length of additional string for this edge. */
+	radix_strlen_t len;
+	/** Node that deals with byte+str. */
+	ldns_radix_node_t* edge;
+};
+
+/** A node in a radix tree */
+struct ldns_radix_node_t {
+	/** Key corresponding to this node. */
+	uint8_t* key;
+	/** Key length corresponding to this node. */
+	radix_strlen_t klen;
+	/** Data corresponding to this node. */
+	void* data;
+	/** Parent node. */
+	ldns_radix_node_t* parent;
+	/** Index in the the parent node select edge array. */
+	uint8_t parent_index;
+	/** Length of the array. */
+	uint16_t len;
+	/** Offset of the array. */
+	uint16_t offset;
+	/** Capacity of the array. */
+	uint16_t capacity;
+	/** Select edge array. */
+	ldns_radix_array_t* array;
+};
+
+/** An entire radix tree */
+struct ldns_radix_t {
+	/** Root. */
+	ldns_radix_node_t* root;
+	/** Number of nodes in tree. */
+	size_t count;
+};
+
+/**
+ * Create a new radix tree.
+ * @return: new radix tree.
+ *
+ */
+ldns_radix_t* ldns_radix_create(void);
+
+/**
+ * Initialize radix tree.
+ * @param tree: uninitialized radix tree.
+ *
+ */
+void ldns_radix_init(ldns_radix_t* tree);
+
+/**
+ * Free the radix tree.
+ * @param tree: radix tree.
+ *
+ */
+void ldns_radix_free(ldns_radix_t* tree);
+
+/**
+ * Insert data into the tree.
+ * @param tree: tree to insert to.
+ * @param key:  key.
+ * @param len:  length of key.
+ * @param data: data.
+ * @return: status.
+ *
+ */
+ldns_status ldns_radix_insert(ldns_radix_t* tree, uint8_t* key,
+	radix_strlen_t len, void* data);
+
+/**
+ * Delete data from the tree.
+ * @param tree: tree to insert to.
+ * @param key:  key.
+ * @param len:  length of key.
+ * @return: unlinked data or NULL if not present.
+ *
+ */
+void* ldns_radix_delete(ldns_radix_t* tree, uint8_t* key, radix_strlen_t len);
+
+/**
+ * Search data in the tree.
+ * @param tree: tree to insert to.
+ * @param key:  key.
+ * @param len:  length of key.
+ * @return: the radix node or NULL if not found.
+ *
+ */
+ldns_radix_node_t* ldns_radix_search(ldns_radix_t* tree, uint8_t* key,
+	radix_strlen_t len);
+
+/**
+ * Search data in the tree, and if not found, find the closest smaller
+ * element in the tree.
+ * @param tree: tree to insert to.
+ * @param key:  key.
+ * @param len:  length of key.
+ * @param result: the radix node with the exact or closest match. NULL if
+ *                the key is smaller than the smallest key in the tree.
+ * @return 1 if exact match, 0 otherwise.
+ *
+ */
+int ldns_radix_find_less_equal(ldns_radix_t* tree, uint8_t* key,
+	radix_strlen_t len, ldns_radix_node_t** result);
+
+/**
+ * Get the first element in the tree.
+ * @param tree: tree.
+ * @return: the radix node with the first element.
+ *
+ */
+ldns_radix_node_t* ldns_radix_first(ldns_radix_t* tree);
+
+/**
+ * Get the last element in the tree.
+ * @param tree: tree.
+ * @return: the radix node with the last element.
+ *
+ */
+ldns_radix_node_t* ldns_radix_last(ldns_radix_t* tree);
+
+/**
+ * Next element.
+ * @param node: node.
+ * @return: node with next element.
+ *
+ */
+ldns_radix_node_t* ldns_radix_next(ldns_radix_node_t* node);
+
+/**
+ * Previous element.
+ * @param node: node.
+ * @return: node with previous element.
+ *
+ */
+ldns_radix_node_t* ldns_radix_prev(ldns_radix_node_t* node);
+
+/**
+ * Split radix tree intwo.
+ * @param tree1: one tree.
+ * @param num: number of elements to split off.
+ * @param tree2: another tree.
+ * @return: status.
+ *
+ */
+ldns_status ldns_radix_split(ldns_radix_t* tree1, size_t num,
+	ldns_radix_t** tree2);
+
+/**
+ * Join two radix trees.
+ * @param tree1: one tree.
+ * @param tree2: another tree.
+ * @return: status.
+ *
+ */
+ldns_status ldns_radix_join(ldns_radix_t* tree1, ldns_radix_t* tree2);
+
+/**
+ * Call function for all nodes in the tree, such that leaf nodes are
+ * called before parent nodes.
+ * @param node: start node.
+ * @param func: function.
+ * @param arg: user argument.
+ *
+ */
+void ldns_radix_traverse_postorder(ldns_radix_node_t* node,
+        void (*func)(ldns_radix_node_t*, void*), void* arg);
+
+/**
+ * Print radix tree (for debugging purposes).
+ * @param fd: file descriptor.
+ * @param tree: tree.
+ *
+ */
+void ldns_radix_printf(FILE* fd, ldns_radix_t* tree);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* LDNS_RADIX_H_ */
diff --git a/contrib/ldns/ldns/rdata.h b/contrib/ldns/ldns/rdata.h
index 229a4d4..1866e8f 100644
--- a/contrib/ldns/ldns/rdata.h
+++ b/contrib/ldns/ldns/rdata.h
@@ -28,12 +28,13 @@
 extern "C" {
 #endif
 
-#define LDNS_MAX_RDFLEN	8192
+#define LDNS_MAX_RDFLEN	65535
 
 #define LDNS_RDF_SIZE_BYTE              1
 #define LDNS_RDF_SIZE_WORD              2
 #define LDNS_RDF_SIZE_DOUBLEWORD        4
 #define LDNS_RDF_SIZE_6BYTES            6
+#define LDNS_RDF_SIZE_8BYTES            8
 #define LDNS_RDF_SIZE_16BYTES           16
 
 #define LDNS_NSEC3_VARS_OPTOUT_MASK 0x01
@@ -85,7 +86,10 @@ enum ldns_enum_rdf_type
 	LDNS_RDF_TYPE_PERIOD,
 	/** tsig time 48 bits */
 	LDNS_RDF_TYPE_TSIGTIME,
-	LDNS_RDF_TYPE_TSIG,
+	/** Represents the Public Key Algorithm, HIT and Public Key fields
+	    for the HIP RR types.  A HIP specific rdf type is used because of
+	    the unusual layout in wireformat (see RFC 5205 Section 5) */
+	LDNS_RDF_TYPE_HIP,
 	/** variable length any type rdata where the length
 	    is specified by the first 2 bytes */
 	LDNS_RDF_TYPE_INT16_DATA,
@@ -104,7 +108,31 @@ enum ldns_enum_rdf_type
 	/** nsec3 hash salt */
 	LDNS_RDF_TYPE_NSEC3_SALT,
 	/** nsec3 base32 string (with length byte on wire */
-	LDNS_RDF_TYPE_NSEC3_NEXT_OWNER
+	LDNS_RDF_TYPE_NSEC3_NEXT_OWNER,
+
+	/** 4 shorts represented as 4 * 16 bit hex numbers
+	 *  separated by colons. For NID and L64.
+	 */
+	LDNS_RDF_TYPE_ILNP64,
+
+	/** 6 * 8 bit hex numbers separated by dashes. For EUI48. */
+	LDNS_RDF_TYPE_EUI48,
+	/** 8 * 8 bit hex numbers separated by dashes. For EUI64. */
+	LDNS_RDF_TYPE_EUI64,
+
+	/** A non-zero sequence of US-ASCII letters and numbers in lower case.
+	 *  For CAA.
+	 */
+	LDNS_RDF_TYPE_TAG,
+
+	/** A <character-string> encoding of the value field as specified 
+	 * [RFC1035], Section 5.1., encoded as remaining rdata.
+	 * For CAA.
+	 */
+	LDNS_RDF_TYPE_LONG_STR,
+
+	/* Aliases */
+	LDNS_RDF_TYPE_BITMAP = LDNS_RDF_TYPE_NSEC
 };
 typedef enum ldns_enum_rdf_type ldns_rdf_type;
 
@@ -380,6 +408,34 @@ ldns_rdf *ldns_rdf_clone(const ldns_rdf *rd);
  */
 int ldns_rdf_compare(const ldns_rdf *rd1, const ldns_rdf *rd2);
 
+/**
+ * Gets the algorithm value, the HIT and Public Key data from the rdf with
+ * type LDNS_RDF_TYPE_HIP.
+ * \param[in] rdf the rdf with type LDNS_RDF_TYPE_HIP
+ * \param[out] alg      the algorithm
+ * \param[out] hit_size the size of the HIT data
+ * \param[out] hit      the hit data
+ * \param[out] pk_size  the size of the Public Key data
+ * \param[out] pk       the  Public Key data
+ * \return LDNS_STATUS_OK on success, and the error otherwise
+ */
+ldns_status ldns_rdf_hip_get_alg_hit_pk(ldns_rdf *rdf, uint8_t* alg,
+		uint8_t *hit_size, uint8_t** hit,
+		uint16_t *pk_size, uint8_t** pk);
+
+/**
+ * Creates a new LDNS_RDF_TYPE_HIP rdf from given data.
+ * \param[out] rdf      the newly created LDNS_RDF_TYPE_HIP rdf
+ * \param[in]  alg      the algorithm
+ * \param[in]  hit_size the size of the HIT data
+ * \param[in]  hit      the hit data
+ * \param[in]  pk_size  the size of the Public Key data
+ * \param[in]  pk       the  Public Key data
+ * \return LDNS_STATUS_OK on success, and the error otherwise
+ */
+ldns_status ldns_rdf_hip_new_frm_alg_hit_pk(ldns_rdf** rdf, uint8_t alg,
+		uint8_t hit_size, uint8_t *hit, uint16_t pk_size, uint8_t *pk);
+
 #ifdef __cplusplus
 }
 #endif
diff --git a/contrib/ldns/ldns/resolver.h b/contrib/ldns/ldns/resolver.h
index 7af5d40..f3f1371 100644
--- a/contrib/ldns/ldns/resolver.h
+++ b/contrib/ldns/ldns/resolver.h
@@ -138,6 +138,9 @@ struct ldns_struct_resolver
 	char *_tsig_keydata;
 	/** TSIG signing algorithm */
 	char *_tsig_algorithm;
+
+	/** Source address to query from */
+	ldns_rdf *_source;
 };
 typedef struct ldns_struct_resolver ldns_resolver;
 
@@ -152,6 +155,13 @@ typedef struct ldns_struct_resolver ldns_resolver;
 uint16_t ldns_resolver_port(const ldns_resolver *r);
 
 /**
+ * Get the source address the resolver should use
+ * \param[in] r the resolver
+ * \return the source rdf
+ */
+ldns_rdf *ldns_resolver_source(const ldns_resolver *r);
+
+/**
  * Is the resolver set to recurse
  * \param[in] r the resolver
  * \return true if so, otherwise false
@@ -338,6 +348,13 @@ size_t ldns_resolver_searchlist_count(const ldns_resolver *r);
 void ldns_resolver_set_port(ldns_resolver *r, uint16_t p);
 
 /**
+ * Set the source rdf (address) the resolver should use
+ * \param[in] r the resolver
+ * \param[in] s the source address
+ */
+void ldns_resolver_set_source(ldns_resolver *r, ldns_rdf *s);
+
+/**
  * Set the resolver recursion
  * \param[in] r the resolver
  * \param[in] b true: set to recurse, false: unset
@@ -464,9 +481,10 @@ void ldns_resolver_set_retrans(ldns_resolver *r, uint8_t re);
 void ldns_resolver_set_fallback(ldns_resolver *r, bool fallback);
 
 /**
- * Set the resolver retry interval (in seconds)
+ * Set the number of times a resolver should retry a nameserver before the
+ * next one is tried.
  * \param[in] r the resolver
- * \param[in] re the retry interval
+ * \param[in] re the number of retries
  */
 void ldns_resolver_set_retry(ldns_resolver *r, uint8_t re);
 
@@ -583,6 +601,22 @@ ldns_status ldns_resolver_push_nameserver_rr_list(ldns_resolver *r, ldns_rr_list
  */
 ldns_pkt* ldns_resolver_search(const ldns_resolver *r, const ldns_rdf *rdf, ldns_rr_type t, ldns_rr_class c, uint16_t flags);
 
+
+/**
+ * Send the query for using the resolver and take the search list into account
+ * The search algorithm is as follows:
+ * If the name is absolute, try it as-is, otherwise apply the search list
+ * \param[out] pkt a packet with the reply from the nameserver
+ * \param[in] *r operate using this resolver
+ * \param[in] *rdf query for this name
+ * \param[in] t query for this type (may be 0, defaults to A)
+ * \param[in] c query for this class (may be 0, default to IN)
+ * \param[in] flags the query flags
+ *
+ * \return ldns_status LDNS_STATUS_OK on success
+ */
+ldns_status ldns_resolver_search_status(ldns_pkt** pkt, ldns_resolver *r, const ldns_rdf *rdf, ldns_rr_type t, ldns_rr_class c, uint16_t flags);
+
 /**
  * Form a query packet from a resolver and name/type/class combo
  * \param[out] **q a pointer to a ldns_pkt pointer (initialized by this function)
@@ -619,12 +653,29 @@ ldns_status ldns_resolver_send_pkt(ldns_pkt **answer, ldns_resolver *r, ldns_pkt
 
 /**
  * Send a query to a nameserver
+ * \param[out] pkt a packet with the reply from the nameserver
  * \param[in] *r operate using this resolver
  * \param[in] *name query for this name
  * \param[in] *t query for this type (may be 0, defaults to A)
  * \param[in] *c query for this class (may be 0, default to IN)
  * \param[in] flags the query flags
  *
+ * \return ldns_status LDNS_STATUS_OK on success
+ * if _defnames is true the default domain will be added
+ */
+ldns_status ldns_resolver_query_status(ldns_pkt** pkt, ldns_resolver *r, const ldns_rdf *name, ldns_rr_type t, ldns_rr_class c, uint16_t flags);
+
+
+/**
+ * Send a query to a nameserver
+ * \param[in] *r operate using this resolver 
+ *               (despite the const in the declaration,
+ *                the struct is altered as a side-effect)
+ * \param[in] *name query for this name
+ * \param[in] *t query for this type (may be 0, defaults to A)
+ * \param[in] *c query for this class (may be 0, default to IN)
+ * \param[in] flags the query flags
+ *
  * \return ldns_pkt* a packet with the reply from the nameserver
  * if _defnames is true the default domain will be added
  */
@@ -689,6 +740,12 @@ void ldns_resolver_deep_free(ldns_resolver *res);
 ldns_rr* ldns_axfr_next(ldns_resolver *resolver);
 
 /**
+ * Abort a transfer that is in progress
+ * \param[in] resolver the resolver that is used
+ */
+void ldns_axfr_abort(ldns_resolver *resolver);
+
+/**
  * Returns true if the axfr transfer has completed (i.e. 2 SOA RRs and no errors were encountered
  * \param[in] resolver the resolver that is used
  * \return bool true if axfr transfer was completed without error
diff --git a/contrib/ldns/ldns/rr.h b/contrib/ldns/ldns/rr.h
index e42fda6..ff49939 100644
--- a/contrib/ldns/ldns/rr.h
+++ b/contrib/ldns/ldns/rr.h
@@ -36,8 +36,8 @@ extern "C" {
 /** The bytes TTL, CLASS and length use up in an rr */
 #define LDNS_RR_OVERHEAD	10
 
-/* The first fields are 'common' and can be referenced instantly */
-#define LDNS_RDATA_FIELD_DESCRIPTORS_COMMON 53
+/* The first fields are contiguous and can be referenced instantly */
+#define LDNS_RDATA_FIELD_DESCRIPTORS_COMMON 258
 
 
 
@@ -163,7 +163,7 @@ enum ldns_enum_rr_type
 	LDNS_RR_TYPE_OPT = 41,
 	/**  RFC3123 */
 	LDNS_RR_TYPE_APL = 42,
-	/**  draft-ietf-dnsext-delegation */
+	/**  RFC4034, RFC3658 */
 	LDNS_RR_TYPE_DS = 43,
 	/**  SSH Key Fingerprint */
 	LDNS_RR_TYPE_SSHFP = 44, /* RFC 4255 */
@@ -179,19 +179,35 @@ enum ldns_enum_rr_type
 	LDNS_RR_TYPE_NSEC3 = 50, /* RFC 5155 */
 	LDNS_RR_TYPE_NSEC3PARAM = 51, /* RFC 5155 */
 	LDNS_RR_TYPE_NSEC3PARAMS = 51,
-	/** draft-ietf-dane-protocol */
-	LDNS_RR_TYPE_TLSA = 52,
+	LDNS_RR_TYPE_TLSA = 52, /* RFC 6698 */
 
+	LDNS_RR_TYPE_HIP = 55, /* RFC 5205 */
+
+	/** draft-reid-dnsext-zs */
+	LDNS_RR_TYPE_NINFO = 56,
+	/** draft-reid-dnsext-rkey */
+	LDNS_RR_TYPE_RKEY = 57,
         /** draft-ietf-dnsop-trust-history */
         LDNS_RR_TYPE_TALINK = 58,
+	/** draft-barwood-dnsop-ds-publis */
+	LDNS_RR_TYPE_CDS = 59,
 
-	LDNS_RR_TYPE_SPF = 99,
+	LDNS_RR_TYPE_SPF = 99, /* RFC 4408 */
 
 	LDNS_RR_TYPE_UINFO = 100,
 	LDNS_RR_TYPE_UID = 101,
 	LDNS_RR_TYPE_GID = 102,
 	LDNS_RR_TYPE_UNSPEC = 103,
 
+	LDNS_RR_TYPE_NID = 104, /* RFC 6742 */
+	LDNS_RR_TYPE_L32 = 105, /* RFC 6742 */
+	LDNS_RR_TYPE_L64 = 106, /* RFC 6742 */
+	LDNS_RR_TYPE_LP = 107, /* RFC 6742 */
+
+	LDNS_RR_TYPE_EUI48 = 108, /* RFC 7043 */
+	LDNS_RR_TYPE_EUI64 = 109, /* RFC 7043 */
+
+	LDNS_RR_TYPE_TKEY = 249, /* RFC 2930 */
 	LDNS_RR_TYPE_TSIG = 250,
 	LDNS_RR_TYPE_IXFR = 251,
 	LDNS_RR_TYPE_AXFR = 252,
@@ -201,7 +217,12 @@ enum ldns_enum_rr_type
 	LDNS_RR_TYPE_MAILA = 254,
 	/**  any type (wildcard) */
 	LDNS_RR_TYPE_ANY = 255,
+	/** draft-faltstrom-uri-06 */
+	LDNS_RR_TYPE_URI = 256,
+	LDNS_RR_TYPE_CAA = 257, /* RFC 6844 */
 
+	/** DNSSEC Trust Authorities */
+	LDNS_RR_TYPE_TA = 32768,
 	/* RFC 4431, 5074, DNSSEC Lookaside Validation */
 	LDNS_RR_TYPE_DLV = 32769,
 
@@ -337,6 +358,23 @@ struct ldns_struct_rr_descriptor
 };
 typedef struct ldns_struct_rr_descriptor ldns_rr_descriptor;
 
+
+/**
+ * Create a rr type bitmap rdf providing enough space to set all 
+ * known (to ldns) rr types.
+ * \param[out] rdf the constructed rdf
+ * \return LDNS_STATUS_OK if all went well.
+ */
+ldns_status ldns_rdf_bitmap_known_rr_types_space(ldns_rdf** rdf);
+
+/**
+ * Create a rr type bitmap rdf with at least all known (to ldns) rr types set.
+ * \param[out] rdf the constructed rdf
+ * \return LDNS_STATUS_OK if all went well.
+ */
+ldns_status ldns_rdf_bitmap_known_rr_types(ldns_rdf** rdf);
+
+
 /**
  * creates a new rr structure.
  * \return ldns_rr *
diff --git a/contrib/ldns/ldns/str2host.h b/contrib/ldns/ldns/str2host.h
index 09416cd..341aa24 100644
--- a/contrib/ldns/ldns/str2host.h
+++ b/contrib/ldns/ldns/str2host.h
@@ -181,14 +181,6 @@ ldns_status ldns_str2rdf_alg(ldns_rdf **rd, const char *str);
 ldns_status ldns_str2rdf_unknown(ldns_rdf **rd, const char *str);
 
 /**
- * convert string with a tsig? RR into wireformat
- * \param[in] rd the rdf where to put the data
- * \param[in] str the string to be converted
- * \return ldns_status
- */
-ldns_status ldns_str2rdf_tsig(ldns_rdf **rd, const char *str);
-
-/**
  * convert string with a protocol service into wireformat
  * \param[in] rd the rdf where to put the data
  * \param[in] str the string to be converted
@@ -244,6 +236,58 @@ ldns_status ldns_str2rdf_ipseckey(ldns_rdf **rd, const char *str);
  */
 ldns_status ldns_str2rdf_dname(ldns_rdf **rd, const char *str);
 
+/**
+ * convert 4 * 16bit hex separated by colons into wireformat
+ * \param[in] rd the rdf where to put the data
+ * \param[in] str the string to be converted
+ * \return ldns_status
+ */
+ldns_status ldns_str2rdf_ilnp64(ldns_rdf **rd, const char *str);
+
+/**
+ * convert 6 hex bytes separated by dashes into wireformat
+ * \param[in] rd the rdf where to put the data
+ * \param[in] str the string to be converted
+ * \return ldns_status
+ */
+ldns_status ldns_str2rdf_eui48(ldns_rdf **rd, const char *str);
+
+/**
+ * convert 8 hex bytes separated by dashes into wireformat
+ * \param[in] rd the rdf where to put the data
+ * \param[in] str the string to be converted
+ * \return ldns_status
+ */
+ldns_status ldns_str2rdf_eui64(ldns_rdf **rd, const char *str);
+
+/**
+ * Convert a non-zero sequence of US-ASCII letters and numbers into wireformat
+ * \param[in] rd the rdf where to put the data
+ * \param[in] str the string to be converted
+ * \return ldns_status
+ */
+ldns_status ldns_str2rdf_tag(ldns_rdf **rd, const char *str);
+
+/**
+ * Convert a <character-string> encoding of the value field as specified 
+ * [RFC1035], Section 5.1., encoded as one bug chunk of data.
+ * \param[in] rd the rdf where to put the data
+ * \param[in] str the string to be converted
+ * \return ldns_status
+ */
+ldns_status ldns_str2rdf_long_str(ldns_rdf **rd, const char *str);
+
+/**
+ * Convert a "<algorithm> <hit> <pk>" encoding of the value field as specified 
+ * in Section 6. of [RFC5205], encoded as wireformat as specified in Section 5.
+ * of [RFC5205].
+ * \param[in] rd the rdf where to put the data
+ * \param[in] str the string to be converted
+ * \return ldns_status
+ */
+ldns_status ldns_str2rdf_hip(ldns_rdf **rd, const char *str);
+
+
 #ifdef __cplusplus
 }
 #endif
diff --git a/contrib/ldns/ldns/util.h b/contrib/ldns/ldns/util.h
index b30fc37..cb3806a 100644
--- a/contrib/ldns/ldns/util.h
+++ b/contrib/ldns/ldns/util.h
@@ -27,8 +27,8 @@ extern "C" {
 #define dprintf(X,Y) fprintf(stderr, (X), (Y))
 /* #define	dprintf(X, Y)  */
 
-#define LDNS_VERSION "1.6.16"
-#define LDNS_REVISION ((1<<16)|(6<<8)|(16))
+#define LDNS_VERSION "1.6.17"
+#define LDNS_REVISION ((1<<16)|(6<<8)|(17))
 
 /**
  * splint static inline workaround
@@ -70,7 +70,7 @@ INLINE uint16_t
 ldns_read_uint16(const void *src)
 {
 #ifdef ALLOW_UNALIGNED_ACCESSES
-	return ntohs(*(uint16_t *) src);
+	return ntohs(*(const uint16_t *) src);
 #else
 	const uint8_t *p = (const uint8_t *) src;
 	return ((uint16_t) p[0] << 8) | (uint16_t) p[1];
@@ -81,7 +81,7 @@ INLINE uint32_t
 ldns_read_uint32(const void *src)
 {
 #ifdef ALLOW_UNALIGNED_ACCESSES
-	return ntohl(*(uint32_t *) src);
+	return ntohl(*(const uint32_t *) src);
 #else
 	const uint8_t *p = (const uint8_t *) src;
 	return (  ((uint32_t) p[0] << 24)
@@ -325,65 +325,66 @@ uint16_t ldns_get_random(void);
  */
 char *ldns_bubblebabble(uint8_t *data, size_t len);
 
-#ifndef HAVE_B32_NTOP
-int ldns_b32_ntop(uint8_t const *src, size_t srclength,
-	     char *target, size_t targsize);
-int b32_ntop(uint8_t const *src, size_t srclength,
-	     char *target, size_t targsize);
-int ldns_b32_ntop_extended_hex(uint8_t const *src, size_t srclength,
-	     char *target, size_t targsize);
-int b32_ntop_extended_hex(uint8_t const *src, size_t srclength,
-	     char *target, size_t targsize);
+
+INLINE time_t ldns_time(time_t *t) { return time(t); }
+
+
 /**
  * calculates the size needed to store the result of b32_ntop
  */
 /*@unused@*/
-INLINE size_t ldns_b32_ntop_calculate_size(size_t srcsize)
-{
-	size_t result = ((((srcsize / 5) * 8) - 2) + 2);
-	return result;
-}
-#endif /* !HAVE_B32_NTOP */
-#ifndef HAVE_B32_PTON
-int ldns_b32_pton(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize);
-int b32_pton(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize);
-int ldns_b32_pton_extended_hex(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize);
-int b32_pton_extended_hex(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize);
-/**
- * calculates the size needed to store the result of b32_pton
- */
-/*@unused@*/
-INLINE size_t ldns_b32_pton_calculate_size(size_t srcsize)
+INLINE size_t ldns_b32_ntop_calculate_size(size_t src_data_length)
 {
-	size_t result = ((((srcsize) / 8) * 5));
-	return result;
+	return src_data_length == 0 ? 0 : ((src_data_length - 1) / 5 + 1) * 8;
 }
-#endif /* !HAVE_B32_PTON */
-#ifndef HAVE_B64_NTOP
-int ldns_b64_ntop(uint8_t const *src, size_t srclength,
-	 	  char *target, size_t targsize);
-/**
- * calculates the size needed to store the result of b64_ntop
- */
-/*@unused@*/
-static inline size_t ldns_b64_ntop_calculate_size(size_t srcsize)
+
+INLINE size_t ldns_b32_ntop_calculate_size_no_padding(size_t src_data_length)
 {
-	return ((((srcsize + 2) / 3) * 4) + 1);
+	return ((src_data_length + 3) * 8 / 5) - 4;
 }
-#endif /* !HAVE_B64_NTOP */
-#ifndef HAVE_B64_PTON
-int ldns_b64_pton(char const *src, uint8_t *target, size_t targsize);
+
+int ldns_b32_ntop(const uint8_t* src_data, size_t src_data_length,
+	     char* target_text_buffer, size_t target_text_buffer_size);
+
+int ldns_b32_ntop_extended_hex(const uint8_t* src_data, size_t src_data_length,
+	     char* target_text_buffer, size_t target_text_buffer_size);
+
+#if ! LDNS_BUILD_CONFIG_HAVE_B32_NTOP
+
+int b32_ntop(const uint8_t* src_data, size_t src_data_length,
+	     char* target_text_buffer, size_t target_text_buffer_size);
+
+int b32_ntop_extended_hex(const uint8_t* src_data, size_t src_data_length,
+	     char* target_text_buffer, size_t target_text_buffer_size);
+
+#endif /* ! LDNS_BUILD_CONFIG_HAVE_B32_NTOP */
+
+
 /**
- * calculates the size needed to store the result of ldns_b64_pton
+ * calculates the size needed to store the result of b32_pton
  */
 /*@unused@*/
-static inline size_t ldns_b64_pton_calculate_size(size_t srcsize)
+INLINE size_t ldns_b32_pton_calculate_size(size_t src_text_length)
 {
-	return (((((srcsize + 3) / 4) * 3)) + 1);
+	return src_text_length * 5 / 8;
 }
-#endif /* !HAVE_B64_PTON */
 
-INLINE time_t ldns_time(time_t *t) { return time(t); }
+int ldns_b32_pton(const char* src_text, size_t src_text_length,
+	       	uint8_t* target_data_buffer, size_t target_data_buffer_size);
+
+int ldns_b32_pton_extended_hex(const char* src_text, size_t src_text_length,
+		uint8_t* target_data_buffer, size_t target_data_buffer_size);
+
+#if ! LDNS_BUILD_CONFIG_HAVE_B32_PTON
+
+int b32_pton(const char* src_text, size_t src_text_length,
+	       	uint8_t* target_data_buffer, size_t target_data_buffer_size);
+
+int b32_pton_extended_hex(const char* src_text, size_t src_text_length,
+		uint8_t* target_data_buffer, size_t target_data_buffer_size);
+
+#endif /* ! LDNS_BUILD_CONFIG_HAVE_B32_PTON */
+
 
 #ifdef __cplusplus
 }
diff --git a/contrib/ldns/ldns/util.h.in b/contrib/ldns/ldns/util.h.in
index fe4ff37..0fbc4e6 100644
--- a/contrib/ldns/ldns/util.h.in
+++ b/contrib/ldns/ldns/util.h.in
@@ -70,9 +70,9 @@ INLINE uint16_t
 ldns_read_uint16(const void *src)
 {
 #ifdef ALLOW_UNALIGNED_ACCESSES
-	return ntohs(*(uint16_t *) src);
+	return ntohs(*(const uint16_t *) src);
 #else
-	uint8_t *p = (uint8_t *) src;
+	const uint8_t *p = (const uint8_t *) src;
 	return ((uint16_t) p[0] << 8) | (uint16_t) p[1];
 #endif
 }
@@ -81,9 +81,9 @@ INLINE uint32_t
 ldns_read_uint32(const void *src)
 {
 #ifdef ALLOW_UNALIGNED_ACCESSES
-	return ntohl(*(uint32_t *) src);
+	return ntohl(*(const uint32_t *) src);
 #else
-	uint8_t *p = (uint8_t *) src;
+	const uint8_t *p = (const uint8_t *) src;
 	return (  ((uint32_t) p[0] << 24)
 		| ((uint32_t) p[1] << 16)
 		| ((uint32_t) p[2] << 8)
@@ -325,42 +325,66 @@ uint16_t ldns_get_random(void);
  */
 char *ldns_bubblebabble(uint8_t *data, size_t len);
 
-#ifndef B32_NTOP
-int ldns_b32_ntop(uint8_t const *src, size_t srclength,
-	     char *target, size_t targsize);
-int b32_ntop(uint8_t const *src, size_t srclength,
-	     char *target, size_t targsize);
-int ldns_b32_ntop_extended_hex(uint8_t const *src, size_t srclength,
-	     char *target, size_t targsize);
-int b32_ntop_extended_hex(uint8_t const *src, size_t srclength,
-	     char *target, size_t targsize);
+
+INLINE time_t ldns_time(time_t *t) { return time(t); }
+
+
 /**
  * calculates the size needed to store the result of b32_ntop
  */
 /*@unused@*/
-INLINE size_t ldns_b32_ntop_calculate_size(size_t srcsize)
+INLINE size_t ldns_b32_ntop_calculate_size(size_t src_data_length)
 {
-	size_t result = ((((srcsize / 5) * 8) - 2) + 2);
-	return result;
+	return src_data_length == 0 ? 0 : ((src_data_length - 1) / 5 + 1) * 8;
+}
+
+INLINE size_t ldns_b32_ntop_calculate_size_no_padding(size_t src_data_length)
+{
+	return ((src_data_length + 3) * 8 / 5) - 4;
 }
-#endif /* !B32_NTOP */
-#ifndef B32_PTON
-int ldns_b32_pton(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize);
-int b32_pton(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize);
-int ldns_b32_pton_extended_hex(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize);
-int b32_pton_extended_hex(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize);
+
+int ldns_b32_ntop(const uint8_t* src_data, size_t src_data_length,
+	     char* target_text_buffer, size_t target_text_buffer_size);
+
+int ldns_b32_ntop_extended_hex(const uint8_t* src_data, size_t src_data_length,
+	     char* target_text_buffer, size_t target_text_buffer_size);
+
+#if ! LDNS_BUILD_CONFIG_HAVE_B32_NTOP
+
+int b32_ntop(const uint8_t* src_data, size_t src_data_length,
+	     char* target_text_buffer, size_t target_text_buffer_size);
+
+int b32_ntop_extended_hex(const uint8_t* src_data, size_t src_data_length,
+	     char* target_text_buffer, size_t target_text_buffer_size);
+
+#endif /* ! LDNS_BUILD_CONFIG_HAVE_B32_NTOP */
+
+
 /**
  * calculates the size needed to store the result of b32_pton
  */
 /*@unused@*/
-INLINE size_t ldns_b32_pton_calculate_size(size_t srcsize)
+INLINE size_t ldns_b32_pton_calculate_size(size_t src_text_length)
 {
-	size_t result = ((((srcsize) / 8) * 5));
-	return result;
+	return src_text_length * 5 / 8;
 }
-#endif /* !B32_PTON */
 
-INLINE time_t ldns_time(time_t *t) { return time(t); }
+int ldns_b32_pton(const char* src_text, size_t src_text_length,
+	       	uint8_t* target_data_buffer, size_t target_data_buffer_size);
+
+int ldns_b32_pton_extended_hex(const char* src_text, size_t src_text_length,
+		uint8_t* target_data_buffer, size_t target_data_buffer_size);
+
+#if ! LDNS_BUILD_CONFIG_HAVE_B32_PTON
+
+int b32_pton(const char* src_text, size_t src_text_length,
+	       	uint8_t* target_data_buffer, size_t target_data_buffer_size);
+
+int b32_pton_extended_hex(const char* src_text, size_t src_text_length,
+		uint8_t* target_data_buffer, size_t target_data_buffer_size);
+
+#endif /* ! LDNS_BUILD_CONFIG_HAVE_B32_PTON */
+
 
 #ifdef __cplusplus
 }
author	des <des@FreeBSD.org>	2014-07-29 20:57:38 +0000
committer	des <des@FreeBSD.org>	2014-07-29 20:57:38 +0000
commit	fe6d9379787eb938c503444ce243caa89cc7b08c (patch)
tree	5cc01e837e3c2f3dfb21ef0136ca69be1f957059 /contrib/ldns/ldns
parent	1f52ac9340be3979c9bf100fe65c551bcd870cc6 (diff)
download	FreeBSD-src-fe6d9379787eb938c503444ce243caa89cc7b08c.zip FreeBSD-src-fe6d9379787eb938c503444ce243caa89cc7b08c.tar.gz