diff options
author | dougb <dougb@FreeBSD.org> | 2010-03-02 19:49:55 +0000 |
---|---|---|
committer | dougb <dougb@FreeBSD.org> | 2010-03-02 19:49:55 +0000 |
commit | 78d3ed4dabea80d9111600a39b8d15b94f74c1ed (patch) | |
tree | c470abc978aa6ca4f6b0033d7e09c8b7b09cd629 /lib | |
parent | 1f8512873050d11ecd5684a4118f041b6158e9b7 (diff) | |
download | FreeBSD-src-78d3ed4dabea80d9111600a39b8d15b94f74c1ed.zip FreeBSD-src-78d3ed4dabea80d9111600a39b8d15b94f74c1ed.tar.gz |
Vendor import of BIND 9.6.2
Diffstat (limited to 'lib')
92 files changed, 1467 insertions, 613 deletions
diff --git a/lib/dns/api b/lib/dns/api index 4bcf883..1505071 100644 --- a/lib/dns/api +++ b/lib/dns/api @@ -1,3 +1,3 @@ -LIBINTERFACE = 53 -LIBREVISION = 0 +LIBINTERFACE = 55 +LIBREVISION = 1 LIBAGE = 0 diff --git a/lib/dns/db.c b/lib/dns/db.c index a4c2864..02ea6b5 100644 --- a/lib/dns/db.c +++ b/lib/dns/db.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007-2009 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: db.c,v 1.88 2008/09/24 02:46:22 marka Exp $ */ +/* $Id: db.c,v 1.88.50.2 2009/06/23 00:19:34 tbox Exp $ */ /*! \file */ @@ -854,12 +854,14 @@ dns_db_unregister(dns_dbimplementation_t **dbimp) { RUNTIME_CHECK(isc_once_do(&once, initialize) == ISC_R_SUCCESS); imp = *dbimp; + *dbimp = NULL; RWLOCK(&implock, isc_rwlocktype_write); ISC_LIST_UNLINK(implementations, imp, link); mctx = imp->mctx; isc_mem_put(mctx, imp, sizeof(dns_dbimplementation_t)); isc_mem_detach(&mctx); RWUNLOCK(&implock, isc_rwlocktype_write); + ENSURE(*dbimp == NULL); } isc_result_t diff --git a/lib/dns/dispatch.c b/lib/dns/dispatch.c index 9b4e968..1d04961 100644 --- a/lib/dns/dispatch.c +++ b/lib/dns/dispatch.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: dispatch.c,v 1.155.12.7 2009/04/28 21:39:45 jinmei Exp $ */ +/* $Id: dispatch.c,v 1.155.12.11 2009/12/02 23:26:28 marka Exp $ */ /*! \file */ @@ -746,13 +746,19 @@ new_portentry(dns_dispatch_t *disp, in_port_t port) { return (portentry); } +/*% + * The caller must not hold the qid->lock. + */ static void deref_portentry(dns_dispatch_t *disp, dispportentry_t **portentryp) { dispportentry_t *portentry = *portentryp; + dns_qid_t *qid; REQUIRE(disp->port_table != NULL); REQUIRE(portentry != NULL && portentry->refs > 0); + qid = DNS_QID(disp); + LOCK(&qid->lock); portentry->refs--; if (portentry->refs == 0) { ISC_LIST_UNLINK(disp->port_table[portentry->port % @@ -762,6 +768,7 @@ deref_portentry(dns_dispatch_t *disp, dispportentry_t **portentryp) { } *portentryp = NULL; + UNLOCK(&qid->lock); } /*% @@ -779,8 +786,9 @@ socket_search(dns_qid_t *qid, isc_sockaddr_t *dest, in_port_t port, dispsock = ISC_LIST_HEAD(qid->sock_table[bucket]); while (dispsock != NULL) { - if (isc_sockaddr_equal(dest, &dispsock->host) && - dispsock->portentry->port == port) + if (dispsock->portentry != NULL && + dispsock->portentry->port == port && + isc_sockaddr_equal(dest, &dispsock->host)) return (dispsock); dispsock = ISC_LIST_NEXT(dispsock, blink); } @@ -2048,8 +2056,18 @@ dns_dispatchmgr_setudp(dns_dispatchmgr_t *mgr, /* Create or adjust buffer pool */ if (mgr->bpool != NULL) { - isc_mempool_setmaxalloc(mgr->bpool, maxbuffers); - mgr->maxbuffers = maxbuffers; + /* + * We only increase the maxbuffers to avoid accidental buffer + * shortage. Ideally we'd separate the manager-wide maximum + * from per-dispatch limits and respect the latter within the + * global limit. But at this moment that's deemed to be + * overkilling and isn't worth additional implementation + * complexity. + */ + if (maxbuffers > mgr->maxbuffers) { + isc_mempool_setmaxalloc(mgr->bpool, maxbuffers); + mgr->maxbuffers = maxbuffers; + } } else { result = isc_mempool_create(mgr->mctx, buffersize, &mgr->bpool); if (result != ISC_R_SUCCESS) { diff --git a/lib/dns/dnssec.c b/lib/dns/dnssec.c index baf3ec5..8ae29bc 100644 --- a/lib/dns/dnssec.c +++ b/lib/dns/dnssec.c @@ -16,7 +16,7 @@ */ /* - * $Id: dnssec.c,v 1.93.12.4 2009/06/08 23:47:00 tbox Exp $ + * $Id: dnssec.c,v 1.93.12.6 2009/06/22 23:47:18 tbox Exp $ */ /*! \file */ @@ -93,6 +93,7 @@ rdataset_to_sortedarray(dns_rdataset_t *set, isc_mem_t *mctx, isc_result_t ret; int i = 0, n; dns_rdata_t *data; + dns_rdataset_t rdataset; n = dns_rdataset_count(set); @@ -100,8 +101,11 @@ rdataset_to_sortedarray(dns_rdataset_t *set, isc_mem_t *mctx, if (data == NULL) return (ISC_R_NOMEMORY); - ret = dns_rdataset_first(set); + dns_rdataset_init(&rdataset); + dns_rdataset_clone(set, &rdataset); + ret = dns_rdataset_first(&rdataset); if (ret != ISC_R_SUCCESS) { + dns_rdataset_disassociate(&rdataset); isc_mem_put(mctx, data, n * sizeof(dns_rdata_t)); return (ret); } @@ -111,8 +115,8 @@ rdataset_to_sortedarray(dns_rdataset_t *set, isc_mem_t *mctx, */ do { dns_rdata_init(&data[i]); - dns_rdataset_current(set, &data[i++]); - } while (dns_rdataset_next(set) == ISC_R_SUCCESS); + dns_rdataset_current(&rdataset, &data[i++]); + } while (dns_rdataset_next(&rdataset) == ISC_R_SUCCESS); /* * Sort the array. @@ -120,6 +124,7 @@ rdataset_to_sortedarray(dns_rdataset_t *set, isc_mem_t *mctx, qsort(data, n, sizeof(dns_rdata_t), rdata_compare_wrapper); *rdata = data; *nrdata = n; + dns_rdataset_disassociate(&rdataset); return (ISC_R_SUCCESS); } @@ -890,3 +895,59 @@ failure: return (result); } + +/*% + * Does this key ('rdata') self sign the rrset ('rdataset')? + */ +isc_boolean_t +dns_dnssec_selfsigns(dns_rdata_t *rdata, dns_name_t *name, + dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset, + isc_boolean_t ignoretime, isc_mem_t *mctx) +{ + dst_key_t *dstkey = NULL; + dns_keytag_t keytag; + dns_rdata_dnskey_t key; + dns_rdata_rrsig_t sig; + dns_rdata_t sigrdata = DNS_RDATA_INIT; + isc_result_t result; + + INSIST(rdataset->type == dns_rdatatype_key || + rdataset->type == dns_rdatatype_dnskey); + if (rdataset->type == dns_rdatatype_key) { + INSIST(sigrdataset->type == dns_rdatatype_sig); + INSIST(sigrdataset->covers == dns_rdatatype_key); + } else { + INSIST(sigrdataset->type == dns_rdatatype_rrsig); + INSIST(sigrdataset->covers == dns_rdatatype_dnskey); + } + + result = dns_dnssec_keyfromrdata(name, rdata, mctx, &dstkey); + if (result != ISC_R_SUCCESS) + return (ISC_FALSE); + result = dns_rdata_tostruct(rdata, &key, NULL); + RUNTIME_CHECK(result == ISC_R_SUCCESS); + + keytag = dst_key_id(dstkey); + for (result = dns_rdataset_first(sigrdataset); + result == ISC_R_SUCCESS; + result = dns_rdataset_next(sigrdataset)) + { + dns_rdata_reset(&sigrdata); + dns_rdataset_current(sigrdataset, &sigrdata); + result = dns_rdata_tostruct(&sigrdata, &sig, NULL); + RUNTIME_CHECK(result == ISC_R_SUCCESS); + + if (sig.algorithm == key.algorithm && + sig.keyid == keytag) { + result = dns_dnssec_verify2(name, rdataset, dstkey, + ignoretime, mctx, + &sigrdata, NULL); + if (result == ISC_R_SUCCESS) { + dst_key_free(&dstkey); + return (ISC_TRUE); + } + } + } + dst_key_free(&dstkey); + return (ISC_FALSE); +} diff --git a/lib/dns/dst_api.c b/lib/dns/dst_api.c index 144c685..bbb0a09 100644 --- a/lib/dns/dst_api.c +++ b/lib/dns/dst_api.c @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -31,7 +31,7 @@ /* * Principal Author: Brian Wellington - * $Id: dst_api.c,v 1.16.12.3 2009/03/02 02:00:34 marka Exp $ + * $Id: dst_api.c,v 1.16.12.10 2010/01/15 19:38:53 each Exp $ */ /*! \file */ @@ -183,9 +183,16 @@ dst_lib_init(isc_mem_t *mctx, isc_entropy_t *ectx, unsigned int eflags) { RETERR(dst__hmacsha512_init(&dst_t_func[DST_ALG_HMACSHA512])); #ifdef OPENSSL RETERR(dst__openssl_init()); - RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSAMD5])); - RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSASHA1])); - RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_NSEC3RSASHA1])); + RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSAMD5], + DST_ALG_RSAMD5)); + RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSASHA1], + DST_ALG_RSASHA1)); + RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_NSEC3RSASHA1], + DST_ALG_NSEC3RSASHA1)); + RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSASHA256], + DST_ALG_RSASHA256)); + RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSASHA512], + DST_ALG_RSASHA512)); #ifdef HAVE_OPENSSL_DSA RETERR(dst__openssldsa_init(&dst_t_func[DST_ALG_DSA])); RETERR(dst__openssldsa_init(&dst_t_func[DST_ALG_NSEC3DSA])); @@ -848,6 +855,8 @@ dst_key_sigsize(const dst_key_t *key, unsigned int *n) { case DST_ALG_RSAMD5: case DST_ALG_RSASHA1: case DST_ALG_NSEC3RSASHA1: + case DST_ALG_RSASHA256: + case DST_ALG_RSASHA512: *n = (key->key_size + 7) / 8; break; case DST_ALG_DSA: @@ -1017,6 +1026,9 @@ dst_key_read_public(const char *filename, int type, /* Read the next word: either TTL, class, or 'KEY' */ NEXTTOKEN(lex, opt, &token); + if (token.type != isc_tokentype_string) + BADTOKEN(); + /* If it's a TTL, read the next one */ result = dns_ttl_fromtext(&token.value.as_textregion, &ttl); if (result == ISC_R_SUCCESS) @@ -1072,6 +1084,8 @@ issymmetric(const dst_key_t *key) { case DST_ALG_RSAMD5: case DST_ALG_RSASHA1: case DST_ALG_NSEC3RSASHA1: + case DST_ALG_RSASHA256: + case DST_ALG_RSASHA512: case DST_ALG_DSA: case DST_ALG_NSEC3DSA: case DST_ALG_DH: @@ -1152,7 +1166,7 @@ write_public_key(const dst_key_t *key, int type, const char *directory) { fprintf(fp, " "); isc_buffer_usedregion(&classb, &r); - fwrite(r.base, 1, r.length, fp); + isc_util_fwrite(r.base, 1, r.length, fp); if ((type & DST_TYPE_KEY) != 0) fprintf(fp, " KEY "); @@ -1160,7 +1174,7 @@ write_public_key(const dst_key_t *key, int type, const char *directory) { fprintf(fp, " DNSKEY "); isc_buffer_usedregion(&textb, &r); - fwrite(r.base, 1, r.length, fp); + isc_util_fwrite(r.base, 1, r.length, fp); fputc('\n', fp); fflush(fp); @@ -1275,7 +1289,8 @@ algorithm_status(unsigned int alg) { if (alg == DST_ALG_RSAMD5 || alg == DST_ALG_RSASHA1 || alg == DST_ALG_DSA || alg == DST_ALG_DH || alg == DST_ALG_HMACMD5 || alg == DST_ALG_NSEC3DSA || - alg == DST_ALG_NSEC3RSASHA1) + alg == DST_ALG_NSEC3RSASHA1 || + alg == DST_ALG_RSASHA256 || alg == DST_ALG_RSASHA512) return (DST_R_NOCRYPTO); #endif return (DST_R_UNSUPPORTEDALG); @@ -1297,6 +1312,8 @@ addsuffix(char *filename, unsigned int len, const char *ofilename, n = snprintf(filename, len, "%.*s%s", olen, ofilename, suffix); if (n < 0) + return (ISC_R_FAILURE); + if ((unsigned int)n >= len) return (ISC_R_NOSPACE); return (ISC_R_SUCCESS); } @@ -1304,6 +1321,9 @@ addsuffix(char *filename, unsigned int len, const char *ofilename, isc_result_t dst__entropy_getdata(void *buf, unsigned int len, isc_boolean_t pseudo) { unsigned int flags = dst_entropy_flags; + + if (len == 0) + return (ISC_R_SUCCESS); if (pseudo) flags &= ~ISC_ENTROPY_GOODONLY; return (isc_entropy_getdata(dst_entropy_pool, buf, len, NULL, flags)); @@ -1311,5 +1331,22 @@ dst__entropy_getdata(void *buf, unsigned int len, isc_boolean_t pseudo) { unsigned int dst__entropy_status(void) { +#ifdef GSSAPI + unsigned int flags = dst_entropy_flags; + isc_result_t ret; + unsigned char buf[32]; + static isc_boolean_t first = ISC_TRUE; + + if (first) { + /* Someone believes RAND_status() initializes the PRNG */ + flags &= ~ISC_ENTROPY_GOODONLY; + ret = isc_entropy_getdata(dst_entropy_pool, buf, + sizeof(buf), NULL, flags); + INSIST(ret == ISC_R_SUCCESS); + isc_entropy_putdata(dst_entropy_pool, buf, + sizeof(buf), 2 * sizeof(buf)); + first = ISC_FALSE; + } +#endif return (isc_entropy_status(dst_entropy_pool)); } diff --git a/lib/dns/dst_internal.h b/lib/dns/dst_internal.h index 0c1a71c..1669648 100644 --- a/lib/dns/dst_internal.h +++ b/lib/dns/dst_internal.h @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004-2008, 2010 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 2000-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -29,7 +29,7 @@ * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: dst_internal.h,v 1.11 2008/04/01 23:47:10 tbox Exp $ */ +/* $Id: dst_internal.h,v 1.11.120.2 2010/01/15 23:47:33 tbox Exp $ */ #ifndef DST_DST_INTERNAL_H #define DST_DST_INTERNAL_H 1 @@ -42,6 +42,7 @@ #include <isc/types.h> #include <isc/md5.h> #include <isc/sha1.h> +#include <isc/sha2.h> #include <isc/hmacmd5.h> #include <isc/hmacsha.h> @@ -97,7 +98,7 @@ struct dst_key { void *generic; gss_ctx_id_t gssctx; #ifdef OPENSSL -#if USE_EVP_RSA +#if !defined(USE_EVP) || !USE_EVP RSA *rsa; #endif DSA *dsa; @@ -124,6 +125,8 @@ struct dst_context { dst_gssapi_signverifyctx_t *gssctx; isc_md5_t *md5ctx; isc_sha1_t *sha1ctx; + isc_sha256_t *sha256ctx; + isc_sha512_t *sha512ctx; isc_hmacmd5_t *hmacmd5ctx; isc_hmacsha1_t *hmacsha1ctx; isc_hmacsha224_t *hmacsha224ctx; @@ -183,7 +186,8 @@ isc_result_t dst__hmacsha224_init(struct dst_func **funcp); isc_result_t dst__hmacsha256_init(struct dst_func **funcp); isc_result_t dst__hmacsha384_init(struct dst_func **funcp); isc_result_t dst__hmacsha512_init(struct dst_func **funcp); -isc_result_t dst__opensslrsa_init(struct dst_func **funcp); +isc_result_t dst__opensslrsa_init(struct dst_func **funcp, + unsigned char algorithm); isc_result_t dst__openssldsa_init(struct dst_func **funcp); isc_result_t dst__openssldh_init(struct dst_func **funcp); isc_result_t dst__gssapi_init(struct dst_func **funcp); diff --git a/lib/dns/dst_parse.c b/lib/dns/dst_parse.c index 2da72ae..e8ab34f 100644 --- a/lib/dns/dst_parse.c +++ b/lib/dns/dst_parse.c @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -31,7 +31,7 @@ /*% * Principal Author: Brian Wellington - * $Id: dst_parse.c,v 1.14.120.2 2009/03/02 23:47:11 tbox Exp $ + * $Id: dst_parse.c,v 1.14.120.6 2010/01/15 19:38:53 each Exp $ */ #include <config.h> @@ -480,6 +480,18 @@ dst__privstruct_writefile(const dst_key_t *key, const dst_private_t *priv, case DST_ALG_RSASHA1: fprintf(fp, "(RSASHA1)\n"); break; + case DST_ALG_NSEC3DSA: + fprintf(fp, "(NSEC3DSA)\n"); + break; + case DST_ALG_NSEC3RSASHA1: + fprintf(fp, "(NSEC3RSASHA1)\n"); + break; + case DST_ALG_RSASHA256: + fprintf(fp, "(RSASHA256)\n"); + break; + case DST_ALG_RSASHA512: + fprintf(fp, "(RSASHA512)\n"); + break; case DST_ALG_HMACMD5: fprintf(fp, "(HMAC_MD5)\n"); break; @@ -521,7 +533,7 @@ dst__privstruct_writefile(const dst_key_t *key, const dst_private_t *priv, isc_buffer_usedregion(&b, &r); fprintf(fp, "%s ", s); - fwrite(r.base, 1, r.length, fp); + isc_util_fwrite(r.base, 1, r.length, fp); fprintf(fp, "\n"); } diff --git a/lib/dns/include/dns/db.h b/lib/dns/include/dns/db.h index c75c774..9a1126d 100644 --- a/lib/dns/include/dns/db.h +++ b/lib/dns/include/dns/db.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: db.h,v 1.93.50.3.12.1 2009/12/31 21:44:37 each Exp $ */ +/* $Id: db.h,v 1.93.50.5 2009/11/25 23:48:42 tbox Exp $ */ #ifndef DNS_DB_H #define DNS_DB_H 1 @@ -695,6 +695,10 @@ dns_db_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version, * For cache databases, glue is any rdataset with a trust of * dns_trust_glue. * + * \li If 'options' does not have #DNS_DBFIND_ADDITIONALOK set, then no + * additional records will be returned. Only caches can have + * rdataset with trust dns_trust_additional. + * * \li If 'options' does not have #DNS_DBFIND_PENDINGOK set, then no * pending data will be returned. This option is only meaningful for * cache databases. diff --git a/lib/dns/include/dns/dnssec.h b/lib/dns/include/dns/dnssec.h index c5206be..1446266 100644 --- a/lib/dns/include/dns/dnssec.h +++ b/lib/dns/include/dns/dnssec.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: dnssec.h,v 1.32.332.4 2009/06/08 23:47:00 tbox Exp $ */ +/* $Id: dnssec.h,v 1.32.332.6 2009/06/22 23:47:18 tbox Exp $ */ #ifndef DNS_DNSSEC_H #define DNS_DNSSEC_H 1 @@ -178,6 +178,12 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg, *\li DST_R_* */ +isc_boolean_t +dns_dnssec_selfsigns(dns_rdata_t *rdata, dns_name_t *name, + dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset, + isc_boolean_t ignoretime, isc_mem_t *mctx); + + ISC_LANG_ENDDECLS #endif /* DNS_DNSSEC_H */ diff --git a/lib/dns/include/dns/journal.h b/lib/dns/include/dns/journal.h index 3917d8d..a1e16e4 100644 --- a/lib/dns/include/dns/journal.h +++ b/lib/dns/include/dns/journal.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: journal.h,v 1.33.120.2 2009/01/18 23:47:41 tbox Exp $ */ +/* $Id: journal.h,v 1.33.120.4 2009/11/04 23:47:25 tbox Exp $ */ #ifndef DNS_JOURNAL_H #define DNS_JOURNAL_H 1 @@ -232,12 +232,19 @@ dns_journal_current_rr(dns_journal_t *j, dns_name_t **name, isc_uint32_t *ttl, isc_result_t dns_journal_rollforward(isc_mem_t *mctx, dns_db_t *db, unsigned int options, const char *filename); + +isc_result_t +dns_journal_rollforward2(isc_mem_t *mctx, dns_db_t *db, unsigned int options, + isc_uint32_t resign, const char *filename); /*%< * Roll forward (play back) the journal file "filename" into the * database "db". This should be called when the server starts - * after a shutdown or crash. + * after a shutdown or crash. 'resign' is how many seconds before + * a RRSIG is due to expire it should be scheduled to be regenerated. * * Requires: + *\li dns_journal_rollforward() requires that DNS_JOURNALOPT_RESIGN + * is not set. *\li 'mctx' is a valid memory context. *\li 'db' is a valid database which does not have a version * open for writing. diff --git a/lib/dns/include/dns/keyvalues.h b/lib/dns/include/dns/keyvalues.h index 7f509e6..f4a50fa 100644 --- a/lib/dns/include/dns/keyvalues.h +++ b/lib/dns/include/dns/keyvalues.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: keyvalues.h,v 1.23.48.2 2009/06/04 02:56:14 tbox Exp $ */ +/* $Id: keyvalues.h,v 1.23.48.4 2010/01/15 23:47:33 tbox Exp $ */ #ifndef DNS_KEYVALUES_H #define DNS_KEYVALUES_H 1 @@ -69,6 +69,8 @@ #define DNS_KEYALG_ECC 4 #define DNS_KEYALG_RSASHA1 5 #define DNS_KEYALG_NSEC3RSASHA1 7 +#define DNS_KEYALG_RSASHA256 8 +#define DNS_KEYALG_RSASHA512 10 #define DNS_KEYALG_INDIRECT 252 #define DNS_KEYALG_PRIVATEDNS 253 #define DNS_KEYALG_PRIVATEOID 254 /*%< Key begins with OID giving alg */ diff --git a/lib/dns/include/dns/name.h b/lib/dns/include/dns/name.h index 0149301..dc6e525 100644 --- a/lib/dns/include/dns/name.h +++ b/lib/dns/include/dns/name.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: name.h,v 1.126.332.2 2009/01/18 23:47:41 tbox Exp $ */ +/* $Id: name.h,v 1.126.332.3 2009/12/24 00:34:59 each Exp $ */ #ifndef DNS_NAME_H #define DNS_NAME_H 1 @@ -99,12 +99,6 @@ ISC_LANG_BEGINDECLS *****/ /*** - *** Compression pointer chaining limit - ***/ - -#define DNS_POINTER_MAXHOPS 16 - -/*** *** Types ***/ diff --git a/lib/dns/include/dns/ncache.h b/lib/dns/include/dns/ncache.h index d61684d..0677211 100644 --- a/lib/dns/include/dns/ncache.h +++ b/lib/dns/include/dns/ncache.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: ncache.h,v 1.25.142.1 2009/12/31 20:29:21 each Exp $ */ +/* $Id: ncache.h,v 1.25.48.2 2009/12/30 23:47:31 tbox Exp $ */ #ifndef DNS_NCACHE_H #define DNS_NCACHE_H 1 diff --git a/lib/dns/include/dns/nsec3.h b/lib/dns/include/dns/nsec3.h index 2d6a8dd..6243fdb 100644 --- a/lib/dns/include/dns/nsec3.h +++ b/lib/dns/include/dns/nsec3.h @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: nsec3.h,v 1.5.48.2 2009/01/18 23:47:41 tbox Exp $ */ +/* $Id: nsec3.h,v 1.5.48.3 2009/10/06 21:20:18 each Exp $ */ #ifndef DNS_NSEC3_H #define DNS_NSEC3_H 1 @@ -28,6 +28,8 @@ #include <dns/rdatastruct.h> #include <dns/types.h> +#define DNS_NSEC3_SALTSIZE 255 + /* * hash = 1, flags =1, iterations = 2, salt length = 1, salt = 255 (max) * hash length = 1, hash = 255 (max), bitmap = 8192 + 512 (max) diff --git a/lib/dns/include/dns/rbt.h b/lib/dns/include/dns/rbt.h index 6eea787..2615596 100644 --- a/lib/dns/include/dns/rbt.h +++ b/lib/dns/include/dns/rbt.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rbt.h,v 1.71.48.2 2009/01/18 23:47:41 tbox Exp $ */ +/* $Id: rbt.h,v 1.71.48.3 2009/10/20 05:06:04 marka Exp $ */ #ifndef DNS_RBT_H #define DNS_RBT_H 1 @@ -105,11 +105,11 @@ struct dns_rbtnode { unsigned int is_root : 1; /*%< range is 0..1 */ unsigned int color : 1; /*%< range is 0..1 */ unsigned int find_callback : 1; /*%< range is 0..1 */ - unsigned int attributes : 3; /*%< range is 0..2 */ + unsigned int attributes : 4; /*%< range is 0..2 */ unsigned int nsec3 : 1; /*%< range is 0..1 */ unsigned int namelen : 8; /*%< range is 1..255 */ unsigned int offsetlen : 8; /*%< range is 1..128 */ - unsigned int padbytes : 9; /*%< range is 0..380 */ + unsigned int oldnamelen : 8; /*%< range is 1..255 */ /*@}*/ #ifdef DNS_RBT_USEHASH diff --git a/lib/dns/include/dns/types.h b/lib/dns/include/dns/types.h index 525dd8d..10ce229 100644 --- a/lib/dns/include/dns/types.h +++ b/lib/dns/include/dns/types.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: types.h,v 1.130.50.3.12.2 2009/12/31 20:29:21 each Exp $ */ +/* $Id: types.h,v 1.130.50.5 2009/12/30 08:34:30 jinmei Exp $ */ #ifndef DNS_TYPES_H #define DNS_TYPES_H 1 diff --git a/lib/dns/include/dns/zone.h b/lib/dns/include/dns/zone.h index e2859ae..746b43c 100644 --- a/lib/dns/include/dns/zone.h +++ b/lib/dns/include/dns/zone.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: zone.h,v 1.160.50.4 2009/01/29 22:40:35 jinmei Exp $ */ +/* $Id: zone.h,v 1.160.50.6 2009/10/05 21:57:00 each Exp $ */ #ifndef DNS_ZONE_H #define DNS_ZONE_H 1 @@ -149,13 +149,24 @@ dns_zone_getclass(dns_zone_t *zone); *\li 'zone' to be a valid zone. */ +isc_result_t +dns_zone_getserial2(dns_zone_t *zone, isc_uint32_t *serialp); + isc_uint32_t dns_zone_getserial(dns_zone_t *zone); /*%< - * Returns the current serial number of the zone. + * Returns the current serial number of the zone. On success, the SOA + * serial of the zone will be copied into '*serialp'. + * dns_zone_getserial() cannot catch failure cases and is deprecated by + * dns_zone_getserial2(). * * Requires: *\li 'zone' to be a valid zone. + *\li 'serialp' to be non NULL + * + * Returns: + *\li #ISC_R_SUCCESS + *\li #DNS_R_NOTLOADED zone DB is not loaded */ void @@ -256,6 +267,9 @@ dns_zone_load(dns_zone_t *zone); isc_result_t dns_zone_loadnew(dns_zone_t *zone); + +isc_result_t +dns_zone_loadandthaw(dns_zone_t *zone); /*%< * Cause the database to be loaded from its backing store. * Confirm that the minimum requirements for the zone type are @@ -264,6 +278,8 @@ dns_zone_loadnew(dns_zone_t *zone); * dns_zone_loadnew() only loads zones that are not yet loaded. * dns_zone_load() also loads zones that are already loaded and * and whose master file has changed since the last load. + * dns_zone_loadandthaw() is similar to dns_zone_load() but will + * also re-enable DNS UPDATEs when the load completes. * * Require: *\li 'zone' to be a valid zone. diff --git a/lib/dns/include/dst/dst.h b/lib/dns/include/dst/dst.h index 702ad71..de262bd 100644 --- a/lib/dns/include/dst/dst.h +++ b/lib/dns/include/dst/dst.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: dst.h,v 1.12 2008/09/24 02:46:23 marka Exp $ */ +/* $Id: dst.h,v 1.12.50.2 2010/01/15 23:47:34 tbox Exp $ */ #ifndef DST_DST_H #define DST_DST_H 1 @@ -53,6 +53,8 @@ typedef struct dst_context dst_context_t; #define DST_ALG_RSASHA1 5 #define DST_ALG_NSEC3DSA 6 #define DST_ALG_NSEC3RSASHA1 7 +#define DST_ALG_RSASHA256 8 +#define DST_ALG_RSASHA512 10 #define DST_ALG_HMACMD5 157 #define DST_ALG_GSSAPI 160 #define DST_ALG_HMACSHA1 161 /* XXXMPA */ diff --git a/lib/dns/journal.c b/lib/dns/journal.c index 8c21f1e..638e647 100644 --- a/lib/dns/journal.c +++ b/lib/dns/journal.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: journal.c,v 1.103.48.2 2009/01/18 23:47:37 tbox Exp $ */ +/* $Id: journal.c,v 1.103.48.6 2009/11/04 23:47:25 tbox Exp $ */ #include <config.h> @@ -1218,7 +1218,9 @@ dns_journal_destroy(dns_journal_t **journalp) { /* XXX Share code with incoming IXFR? */ static isc_result_t -roll_forward(dns_journal_t *j, dns_db_t *db, unsigned int options) { +roll_forward(dns_journal_t *j, dns_db_t *db, unsigned int options, + isc_uint32_t resign) +{ isc_buffer_t source; /* Transaction data from disk */ isc_buffer_t target; /* Ditto after _fromwire check */ isc_uint32_t db_serial; /* Database SOA serial */ @@ -1235,6 +1237,7 @@ roll_forward(dns_journal_t *j, dns_db_t *db, unsigned int options) { REQUIRE(DNS_DB_VALID(db)); dns_diff_init(j->mctx, &diff); + diff.resign = resign; /* * Set up empty initial buffers for unchecked and checked @@ -1353,6 +1356,14 @@ isc_result_t dns_journal_rollforward(isc_mem_t *mctx, dns_db_t *db, unsigned int options, const char *filename) { + REQUIRE((options & DNS_JOURNALOPT_RESIGN) == 0); + return (dns_journal_rollforward2(mctx, db, options, 0, filename)); +} + +isc_result_t +dns_journal_rollforward2(isc_mem_t *mctx, dns_db_t *db, unsigned int options, + isc_uint32_t resign, const char *filename) +{ dns_journal_t *j; isc_result_t result; @@ -1371,7 +1382,7 @@ dns_journal_rollforward(isc_mem_t *mctx, dns_db_t *db, if (JOURNAL_EMPTY(&j->header)) result = DNS_R_UPTODATE; else - result = roll_forward(j, db, options); + result = roll_forward(j, db, options, resign); dns_journal_destroy(&j); @@ -1850,18 +1861,11 @@ dns_diff_subtract(dns_diff_t diff[2], dns_diff_t *r) { return (result); } -/* - * Compare the databases 'dba' and 'dbb' and generate a journal - * entry containing the changes to make 'dba' from 'dbb' (note - * the order). This journal entry will consist of a single, - * possibly very large transaction. - */ - -isc_result_t -dns_db_diff(isc_mem_t *mctx, - dns_db_t *dba, dns_dbversion_t *dbvera, - dns_db_t *dbb, dns_dbversion_t *dbverb, - const char *journal_filename) +static isc_result_t +diff_namespace(isc_mem_t *mctx, + dns_db_t *dba, dns_dbversion_t *dbvera, + dns_db_t *dbb, dns_dbversion_t *dbverb, + unsigned int options, dns_diff_t *resultdiff) { dns_db_t *db[2]; dns_dbversion_t *ver[2]; @@ -1869,30 +1873,24 @@ dns_db_diff(isc_mem_t *mctx, isc_boolean_t have[2] = { ISC_FALSE, ISC_FALSE }; dns_fixedname_t fixname[2]; isc_result_t result, itresult[2]; - dns_diff_t diff[2], resultdiff; + dns_diff_t diff[2]; int i, t; - dns_journal_t *journal = NULL; db[0] = dba, db[1] = dbb; ver[0] = dbvera, ver[1] = dbverb; dns_diff_init(mctx, &diff[0]); dns_diff_init(mctx, &diff[1]); - dns_diff_init(mctx, &resultdiff); dns_fixedname_init(&fixname[0]); dns_fixedname_init(&fixname[1]); - result = dns_journal_open(mctx, journal_filename, ISC_TRUE, &journal); + result = dns_db_createiterator(db[0], options, &dbit[0]); if (result != ISC_R_SUCCESS) return (result); - - result = dns_db_createiterator(db[0], 0, &dbit[0]); - if (result != ISC_R_SUCCESS) - goto cleanup_journal; - result = dns_db_createiterator(db[1], 0, &dbit[1]); + result = dns_db_createiterator(db[1], options, &dbit[1]); if (result != ISC_R_SUCCESS) - goto cleanup_interator0; + goto cleanup_iterator; itresult[0] = dns_dbiterator_first(dbit[0]); itresult[1] = dns_dbiterator_first(dbit[1]); @@ -1919,7 +1917,7 @@ dns_db_diff(isc_mem_t *mctx, for (i = 0; i < 2; i++) { if (! have[!i]) { - ISC_LIST_APPENDLIST(resultdiff.tuples, + ISC_LIST_APPENDLIST(resultdiff->tuples, diff[i].tuples, link); INSIST(ISC_LIST_EMPTY(diff[i].tuples)); have[i] = ISC_FALSE; @@ -1930,21 +1928,21 @@ dns_db_diff(isc_mem_t *mctx, t = dns_name_compare(dns_fixedname_name(&fixname[0]), dns_fixedname_name(&fixname[1])); if (t < 0) { - ISC_LIST_APPENDLIST(resultdiff.tuples, + ISC_LIST_APPENDLIST(resultdiff->tuples, diff[0].tuples, link); INSIST(ISC_LIST_EMPTY(diff[0].tuples)); have[0] = ISC_FALSE; continue; } if (t > 0) { - ISC_LIST_APPENDLIST(resultdiff.tuples, + ISC_LIST_APPENDLIST(resultdiff->tuples, diff[1].tuples, link); INSIST(ISC_LIST_EMPTY(diff[1].tuples)); have[1] = ISC_FALSE; continue; } INSIST(t == 0); - CHECK(dns_diff_subtract(diff, &resultdiff)); + CHECK(dns_diff_subtract(diff, resultdiff)); INSIST(ISC_LIST_EMPTY(diff[0].tuples)); INSIST(ISC_LIST_EMPTY(diff[1].tuples)); have[0] = have[1] = ISC_FALSE; @@ -1955,20 +1953,49 @@ dns_db_diff(isc_mem_t *mctx, if (itresult[1] != ISC_R_NOMORE) FAIL(itresult[1]); + INSIST(ISC_LIST_EMPTY(diff[0].tuples)); + INSIST(ISC_LIST_EMPTY(diff[1].tuples)); + + failure: + dns_dbiterator_destroy(&dbit[1]); + cleanup_iterator: + dns_dbiterator_destroy(&dbit[0]); + return (result); +} + +/* + * Compare the databases 'dba' and 'dbb' and generate a journal + * entry containing the changes to make 'dba' from 'dbb' (note + * the order). This journal entry will consist of a single, + * possibly very large transaction. + */ +isc_result_t +dns_db_diff(isc_mem_t *mctx, + dns_db_t *dba, dns_dbversion_t *dbvera, + dns_db_t *dbb, dns_dbversion_t *dbverb, + const char *journal_filename) +{ + isc_result_t result; + dns_journal_t *journal = NULL; + dns_diff_t resultdiff; + + result = dns_journal_open(mctx, journal_filename, ISC_TRUE, &journal); + if (result != ISC_R_SUCCESS) + return (result); + + dns_diff_init(mctx, &resultdiff); + + CHECK(diff_namespace(mctx, dba, dbvera, dbb, dbverb, + DNS_DB_NONSEC3, &resultdiff)); + CHECK(diff_namespace(mctx, dba, dbvera, dbb, dbverb, + DNS_DB_NSEC3ONLY, &resultdiff)); if (ISC_LIST_EMPTY(resultdiff.tuples)) { isc_log_write(JOURNAL_DEBUG_LOGARGS(3), "no changes"); } else { CHECK(dns_journal_write_transaction(journal, &resultdiff)); } - INSIST(ISC_LIST_EMPTY(diff[0].tuples)); - INSIST(ISC_LIST_EMPTY(diff[1].tuples)); - failure: dns_diff_clear(&resultdiff); - dns_dbiterator_destroy(&dbit[1]); - cleanup_interator0: - dns_dbiterator_destroy(&dbit[0]); - cleanup_journal: dns_journal_destroy(&journal); return (result); } diff --git a/lib/dns/masterdump.c b/lib/dns/masterdump.c index 1dbb1e6..314112c 100644 --- a/lib/dns/masterdump.c +++ b/lib/dns/masterdump.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: masterdump.c,v 1.94.50.2.12.1 2009/11/18 23:58:04 marka Exp $ */ +/* $Id: masterdump.c,v 1.94.50.3 2009/11/18 00:15:37 marka Exp $ */ /*! \file */ diff --git a/lib/dns/message.c b/lib/dns/message.c index b541635..2e34120 100644 --- a/lib/dns/message.c +++ b/lib/dns/message.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: message.c,v 1.245.50.2 2009/01/18 23:47:40 tbox Exp $ */ +/* $Id: message.c,v 1.245.50.3 2009/11/24 03:25:53 marka Exp $ */ /*! \file */ @@ -1888,6 +1888,8 @@ dns_message_rendersection(dns_message_t *msg, dns_section_t sectionid, msg->counts[sectionid] += total; return (result); } + if (result == ISC_R_NOSPACE) + msg->flags |= DNS_MESSAGEFLAG_TC; if (result != ISC_R_SUCCESS) { INSIST(st.used < 65536); dns_compress_rollback(msg->cctx, diff --git a/lib/dns/nsec3.c b/lib/dns/nsec3.c index f9b8cad..ea6546d 100644 --- a/lib/dns/nsec3.c +++ b/lib/dns/nsec3.c @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: nsec3.c,v 1.6.12.2 2009/06/04 02:56:14 tbox Exp $ */ +/* $Id: nsec3.c,v 1.6.12.4 2009/11/03 23:47:46 tbox Exp $ */ #include <config.h> @@ -87,6 +87,8 @@ dns_nsec3_buildrdata(dns_db_t *db, dns_dbversion_t *version, unsigned int i, window; int octet; isc_boolean_t found; + isc_boolean_t found_ns; + isc_boolean_t need_rrsig; unsigned char *nsec_bits, *bm; unsigned int max_type; @@ -140,7 +142,7 @@ dns_nsec3_buildrdata(dns_db_t *db, dns_dbversion_t *version, result = dns_db_allrdatasets(db, node, version, 0, &rdsiter); if (result != ISC_R_SUCCESS) return (result); - found = ISC_FALSE; + found = found_ns = need_rrsig = ISC_FALSE; for (result = dns_rdatasetiter_first(rdsiter); result == ISC_R_SUCCESS; result = dns_rdatasetiter_next(rdsiter)) @@ -152,13 +154,26 @@ dns_nsec3_buildrdata(dns_db_t *db, dns_dbversion_t *version, if (rdataset.type > max_type) max_type = rdataset.type; set_bit(bm, rdataset.type, 1); - /* Don't set RRSIG for insecure delegation. */ - if (rdataset.type != dns_rdatatype_ns) + /* + * Work out if we need to set the RRSIG bit for + * this node. We set the RRSIG bit if either of + * the following conditions are met: + * 1) We have a SOA or DS then we need to set + * the RRSIG bit as both always will be signed. + * 2) We set the RRSIG bit if we don't have + * a NS record but do have other data. + */ + if (rdataset.type == dns_rdatatype_soa || + rdataset.type == dns_rdatatype_ds) + need_rrsig = ISC_TRUE; + else if (rdataset.type == dns_rdatatype_ns) + found_ns = ISC_TRUE; + else found = ISC_TRUE; } dns_rdataset_disassociate(&rdataset); } - if (found) { + if ((found && !found_ns) || need_rrsig) { if (dns_rdatatype_rrsig > max_type) max_type = dns_rdatatype_rrsig; set_bit(bm, dns_rdatatype_rrsig, 1); diff --git a/lib/dns/opensslrsa_link.c b/lib/dns/opensslrsa_link.c index d557c43..95095d11 100644 --- a/lib/dns/opensslrsa_link.c +++ b/lib/dns/opensslrsa_link.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -17,21 +17,23 @@ /* * Principal Author: Brian Wellington - * $Id: opensslrsa_link.c,v 1.20.50.3 2009/01/18 23:25:16 marka Exp $ + * $Id: opensslrsa_link.c,v 1.20.50.8 2010/01/22 02:36:49 marka Exp $ */ #ifdef OPENSSL +#include <config.h> + #ifndef USE_EVP +#if !defined(HAVE_EVP_SHA256) || !defined(HAVE_EVP_SHA512) +#define USE_EVP 0 +#else #define USE_EVP 1 #endif -#if USE_EVP -#define USE_EVP_RSA 1 #endif -#include <config.h> - #include <isc/entropy.h> #include <isc/md5.h> #include <isc/sha1.h> +#include <isc/sha2.h> #include <isc/mem.h> #include <isc/string.h> #include <isc/util.h> @@ -112,23 +114,42 @@ static isc_result_t opensslrsa_createctx(dst_key_t *key, dst_context_t *dctx) { #if USE_EVP EVP_MD_CTX *evp_md_ctx; - const EVP_MD *type; + const EVP_MD *type = NULL; #endif UNUSED(key); REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 || dctx->key->key_alg == DST_ALG_RSASHA1 || - dctx->key->key_alg == DST_ALG_NSEC3RSASHA1); + dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 || + dctx->key->key_alg == DST_ALG_RSASHA256 || + dctx->key->key_alg == DST_ALG_RSASHA512); #if USE_EVP evp_md_ctx = EVP_MD_CTX_create(); if (evp_md_ctx == NULL) return (ISC_R_NOMEMORY); - if (dctx->key->key_alg == DST_ALG_RSAMD5) + switch (dctx->key->key_alg) { + case DST_ALG_RSAMD5: type = EVP_md5(); /* MD5 + RSA */ - else + break; + case DST_ALG_RSASHA1: + case DST_ALG_NSEC3RSASHA1: type = EVP_sha1(); /* SHA1 + RSA */ + break; +#ifdef HAVE_EVP_SHA256 + case DST_ALG_RSASHA256: + type = EVP_sha256(); /* SHA256 + RSA */ + break; +#endif +#ifdef HAVE_EVP_SHA512 + case DST_ALG_RSASHA512: + type = EVP_sha512(); + break; +#endif + default: + INSIST(0); + } if (!EVP_DigestInit_ex(evp_md_ctx, type, NULL)) { EVP_MD_CTX_destroy(evp_md_ctx); @@ -136,22 +157,56 @@ opensslrsa_createctx(dst_key_t *key, dst_context_t *dctx) { } dctx->ctxdata.evp_md_ctx = evp_md_ctx; #else - if (dctx->key->key_alg == DST_ALG_RSAMD5) { - isc_md5_t *md5ctx; - - md5ctx = isc_mem_get(dctx->mctx, sizeof(isc_md5_t)); - if (md5ctx == NULL) - return (ISC_R_NOMEMORY); - isc_md5_init(md5ctx); - dctx->ctxdata.md5ctx = md5ctx; - } else { - isc_sha1_t *sha1ctx; - - sha1ctx = isc_mem_get(dctx->mctx, sizeof(isc_sha1_t)); - if (sha1ctx == NULL) - return (ISC_R_NOMEMORY); - isc_sha1_init(sha1ctx); - dctx->ctxdata.sha1ctx = sha1ctx; + switch (dctx->key->key_alg) { + case DST_ALG_RSAMD5: + { + isc_md5_t *md5ctx; + + md5ctx = isc_mem_get(dctx->mctx, sizeof(isc_md5_t)); + if (md5ctx == NULL) + return (ISC_R_NOMEMORY); + isc_md5_init(md5ctx); + dctx->ctxdata.md5ctx = md5ctx; + } + break; + case DST_ALG_RSASHA1: + case DST_ALG_NSEC3RSASHA1: + { + isc_sha1_t *sha1ctx; + + sha1ctx = isc_mem_get(dctx->mctx, sizeof(isc_sha1_t)); + if (sha1ctx == NULL) + return (ISC_R_NOMEMORY); + isc_sha1_init(sha1ctx); + dctx->ctxdata.sha1ctx = sha1ctx; + } + break; + case DST_ALG_RSASHA256: + { + isc_sha256_t *sha256ctx; + + sha256ctx = isc_mem_get(dctx->mctx, + sizeof(isc_sha256_t)); + if (sha256ctx == NULL) + return (ISC_R_NOMEMORY); + isc_sha256_init(sha256ctx); + dctx->ctxdata.sha256ctx = sha256ctx; + } + break; + case DST_ALG_RSASHA512: + { + isc_sha512_t *sha512ctx; + + sha512ctx = isc_mem_get(dctx->mctx, + sizeof(isc_sha512_t)); + if (sha512ctx == NULL) + return (ISC_R_NOMEMORY); + isc_sha512_init(sha512ctx); + dctx->ctxdata.sha512ctx = sha512ctx; + } + break; + default: + INSIST(0); } #endif @@ -166,7 +221,9 @@ opensslrsa_destroyctx(dst_context_t *dctx) { REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 || dctx->key->key_alg == DST_ALG_RSASHA1 || - dctx->key->key_alg == DST_ALG_NSEC3RSASHA1); + dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 || + dctx->key->key_alg == DST_ALG_RSASHA256 || + dctx->key->key_alg == DST_ALG_RSASHA512); #if USE_EVP if (evp_md_ctx != NULL) { @@ -174,22 +231,58 @@ opensslrsa_destroyctx(dst_context_t *dctx) { dctx->ctxdata.evp_md_ctx = NULL; } #else - if (dctx->key->key_alg == DST_ALG_RSAMD5) { - isc_md5_t *md5ctx = dctx->ctxdata.md5ctx; - - if (md5ctx != NULL) { - isc_md5_invalidate(md5ctx); - isc_mem_put(dctx->mctx, md5ctx, sizeof(isc_md5_t)); - dctx->ctxdata.md5ctx = NULL; + switch (dctx->key->key_alg) { + case DST_ALG_RSAMD5: + { + isc_md5_t *md5ctx = dctx->ctxdata.md5ctx; + + if (md5ctx != NULL) { + isc_md5_invalidate(md5ctx); + isc_mem_put(dctx->mctx, md5ctx, + sizeof(isc_md5_t)); + dctx->ctxdata.md5ctx = NULL; + } } - } else { - isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx; - - if (sha1ctx != NULL) { - isc_sha1_invalidate(sha1ctx); - isc_mem_put(dctx->mctx, sha1ctx, sizeof(isc_sha1_t)); - dctx->ctxdata.sha1ctx = NULL; + break; + case DST_ALG_RSASHA1: + case DST_ALG_NSEC3RSASHA1: + { + isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx; + + if (sha1ctx != NULL) { + isc_sha1_invalidate(sha1ctx); + isc_mem_put(dctx->mctx, sha1ctx, + sizeof(isc_sha1_t)); + dctx->ctxdata.sha1ctx = NULL; + } + } + break; + case DST_ALG_RSASHA256: + { + isc_sha256_t *sha256ctx = dctx->ctxdata.sha256ctx; + + if (sha256ctx != NULL) { + isc_sha256_invalidate(sha256ctx); + isc_mem_put(dctx->mctx, sha256ctx, + sizeof(isc_sha256_t)); + dctx->ctxdata.sha256ctx = NULL; + } } + break; + case DST_ALG_RSASHA512: + { + isc_sha512_t *sha512ctx = dctx->ctxdata.sha512ctx; + + if (sha512ctx != NULL) { + isc_sha512_invalidate(sha512ctx); + isc_mem_put(dctx->mctx, sha512ctx, + sizeof(isc_sha512_t)); + dctx->ctxdata.sha512ctx = NULL; + } + } + break; + default: + INSIST(0); } #endif } @@ -202,24 +295,67 @@ opensslrsa_adddata(dst_context_t *dctx, const isc_region_t *data) { REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 || dctx->key->key_alg == DST_ALG_RSASHA1 || - dctx->key->key_alg == DST_ALG_NSEC3RSASHA1); + dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 || + dctx->key->key_alg == DST_ALG_RSASHA256 || + dctx->key->key_alg == DST_ALG_RSASHA512); #if USE_EVP if (!EVP_DigestUpdate(evp_md_ctx, data->base, data->length)) { return (ISC_R_FAILURE); } #else - if (dctx->key->key_alg == DST_ALG_RSAMD5) { - isc_md5_t *md5ctx = dctx->ctxdata.md5ctx; - isc_md5_update(md5ctx, data->base, data->length); - } else { - isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx; - isc_sha1_update(sha1ctx, data->base, data->length); + switch (dctx->key->key_alg) { + case DST_ALG_RSAMD5: + { + isc_md5_t *md5ctx = dctx->ctxdata.md5ctx; + + isc_md5_update(md5ctx, data->base, data->length); + } + break; + case DST_ALG_RSASHA1: + case DST_ALG_NSEC3RSASHA1: + { + isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx; + + isc_sha1_update(sha1ctx, data->base, data->length); + } + break; + case DST_ALG_RSASHA256: + { + isc_sha256_t *sha256ctx = dctx->ctxdata.sha256ctx; + + isc_sha256_update(sha256ctx, data->base, data->length); + } + break; + case DST_ALG_RSASHA512: + { + isc_sha512_t *sha512ctx = dctx->ctxdata.sha512ctx; + + isc_sha512_update(sha512ctx, data->base, data->length); + } + break; + default: + INSIST(0); } #endif return (ISC_R_SUCCESS); } +#if ! USE_EVP && OPENSSL_VERSION_NUMBER < 0x00908000L +/* + * Digest prefixes from RFC 5702. + */ +static unsigned char sha256_prefix[] = + { 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, + 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20}; +static unsigned char sha512_prefix[] = + { 0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, + 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40}; +#define PREFIXLEN sizeof(sha512_prefix) +#else +#define PREFIXLEN 0 +#endif + static isc_result_t opensslrsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { dst_key_t *key = dctx->key; @@ -230,20 +366,26 @@ opensslrsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { EVP_PKEY *pkey = key->keydata.pkey; #else RSA *rsa = key->keydata.rsa; - /* note: ISC_SHA1_DIGESTLENGTH > ISC_MD5_DIGESTLENGTH */ - unsigned char digest[ISC_SHA1_DIGESTLENGTH]; - int status; - int type; - unsigned int digestlen; + /* note: ISC_SHA512_DIGESTLENGTH >= ISC_*_DIGESTLENGTH */ + unsigned char digest[PREFIXLEN + ISC_SHA512_DIGESTLENGTH]; + int status = 0; + int type = 0; + unsigned int digestlen = 0; char *message; unsigned long err; const char* file; int line; +#if OPENSSL_VERSION_NUMBER < 0x00908000L + unsigned int prefixlen = 0; + const unsigned char *prefix = NULL; +#endif #endif REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 || dctx->key->key_alg == DST_ALG_RSASHA1 || - dctx->key->key_alg == DST_ALG_NSEC3RSASHA1); + dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 || + dctx->key->key_alg == DST_ALG_RSASHA256 || + dctx->key->key_alg == DST_ALG_RSASHA512); isc_buffer_availableregion(sig, &r); @@ -258,19 +400,92 @@ opensslrsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { if (r.length < (unsigned int) RSA_size(rsa)) return (ISC_R_NOSPACE); - if (dctx->key->key_alg == DST_ALG_RSAMD5) { - isc_md5_t *md5ctx = dctx->ctxdata.md5ctx; - isc_md5_final(md5ctx, digest); - type = NID_md5; - digestlen = ISC_MD5_DIGESTLENGTH; - } else { - isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx; - isc_sha1_final(sha1ctx, digest); - type = NID_sha1; - digestlen = ISC_SHA1_DIGESTLENGTH; + switch (dctx->key->key_alg) { + case DST_ALG_RSAMD5: + { + isc_md5_t *md5ctx = dctx->ctxdata.md5ctx; + + isc_md5_final(md5ctx, digest); + type = NID_md5; + digestlen = ISC_MD5_DIGESTLENGTH; + } + break; + case DST_ALG_RSASHA1: + case DST_ALG_NSEC3RSASHA1: + { + isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx; + + isc_sha1_final(sha1ctx, digest); + type = NID_sha1; + digestlen = ISC_SHA1_DIGESTLENGTH; + } + break; + case DST_ALG_RSASHA256: + { + isc_sha256_t *sha256ctx = dctx->ctxdata.sha256ctx; + + isc_sha256_final(digest, sha256ctx); + digestlen = ISC_SHA256_DIGESTLENGTH; +#if OPENSSL_VERSION_NUMBER < 0x00908000L + prefix = sha256_prefix; + prefixlen = sizeof(sha256_prefix); +#else + type = NID_sha256; +#endif + } + break; + case DST_ALG_RSASHA512: + { + isc_sha512_t *sha512ctx = dctx->ctxdata.sha512ctx; + + isc_sha512_final(digest, sha512ctx); + digestlen = ISC_SHA512_DIGESTLENGTH; +#if OPENSSL_VERSION_NUMBER < 0x00908000L + prefix = sha512_prefix; + prefixlen = sizeof(sha512_prefix); +#else + type = NID_sha512; +#endif + } + break; + default: + INSIST(0); } +#if OPENSSL_VERSION_NUMBER < 0x00908000L + switch (dctx->key->key_alg) { + case DST_ALG_RSAMD5: + case DST_ALG_RSASHA1: + case DST_ALG_NSEC3RSASHA1: + INSIST(type != 0); + status = RSA_sign(type, digest, digestlen, r.base, + &siglen, rsa); + break; + + case DST_ALG_RSASHA256: + case DST_ALG_RSASHA512: + INSIST(prefix != NULL); + INSIST(prefixlen != 0); + INSIST(prefixlen + digestlen <= sizeof(digest)); + + memmove(digest + prefixlen, digest, digestlen); + memcpy(digest, prefix, prefixlen); + status = RSA_private_encrypt(digestlen + prefixlen, + digest, r.base, rsa, + RSA_PKCS1_PADDING); + if (status < 0) + status = 0; + else + siglen = status; + break; + + default: + INSIST(0); + } +#else + INSIST(type != 0); status = RSA_sign(type, digest, digestlen, r.base, &siglen, rsa); +#endif if (status == 0) { err = ERR_peek_error_line(&file, &line); if (err != 0U) { @@ -293,37 +508,129 @@ opensslrsa_verify(dst_context_t *dctx, const isc_region_t *sig) { EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx; EVP_PKEY *pkey = key->keydata.pkey; #else - /* note: ISC_SHA1_DIGESTLENGTH > ISC_MD5_DIGESTLENGTH */ - unsigned char digest[ISC_SHA1_DIGESTLENGTH]; - int type; - unsigned int digestlen; + /* note: ISC_SHA512_DIGESTLENGTH >= ISC_*_DIGESTLENGTH */ + unsigned char digest[ISC_SHA512_DIGESTLENGTH]; + int type = 0; + unsigned int digestlen = 0; RSA *rsa = key->keydata.rsa; +#if OPENSSL_VERSION_NUMBER < 0x00908000L + unsigned int prefixlen = 0; + const unsigned char *prefix = NULL; +#endif #endif REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 || dctx->key->key_alg == DST_ALG_RSASHA1 || - dctx->key->key_alg == DST_ALG_NSEC3RSASHA1); + dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 || + dctx->key->key_alg == DST_ALG_RSASHA256 || + dctx->key->key_alg == DST_ALG_RSASHA512); #if USE_EVP status = EVP_VerifyFinal(evp_md_ctx, sig->base, sig->length, pkey); #else - if (dctx->key->key_alg == DST_ALG_RSAMD5) { - isc_md5_t *md5ctx = dctx->ctxdata.md5ctx; - isc_md5_final(md5ctx, digest); - type = NID_md5; - digestlen = ISC_MD5_DIGESTLENGTH; - } else { - isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx; - isc_sha1_final(sha1ctx, digest); - type = NID_sha1; - digestlen = ISC_SHA1_DIGESTLENGTH; + switch (dctx->key->key_alg) { + case DST_ALG_RSAMD5: + { + isc_md5_t *md5ctx = dctx->ctxdata.md5ctx; + + isc_md5_final(md5ctx, digest); + type = NID_md5; + digestlen = ISC_MD5_DIGESTLENGTH; + } + break; + case DST_ALG_RSASHA1: + case DST_ALG_NSEC3RSASHA1: + { + isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx; + + isc_sha1_final(sha1ctx, digest); + type = NID_sha1; + digestlen = ISC_SHA1_DIGESTLENGTH; + } + break; + case DST_ALG_RSASHA256: + { + isc_sha256_t *sha256ctx = dctx->ctxdata.sha256ctx; + + isc_sha256_final(digest, sha256ctx); + digestlen = ISC_SHA256_DIGESTLENGTH; +#if OPENSSL_VERSION_NUMBER < 0x00908000L + prefix = sha256_prefix; + prefixlen = sizeof(sha256_prefix); +#else + type = NID_sha256; +#endif + } + break; + case DST_ALG_RSASHA512: + { + isc_sha512_t *sha512ctx = dctx->ctxdata.sha512ctx; + + isc_sha512_final(digest, sha512ctx); + digestlen = ISC_SHA512_DIGESTLENGTH; +#if OPENSSL_VERSION_NUMBER < 0x00908000L + prefix = sha512_prefix; + prefixlen = sizeof(sha512_prefix); +#else + type = NID_sha512; +#endif + } + break; + default: + INSIST(0); } - if (sig->length < (unsigned int) RSA_size(rsa)) + if (sig->length != (unsigned int) RSA_size(rsa)) return (DST_R_VERIFYFAILURE); +#if OPENSSL_VERSION_NUMBER < 0x00908000L + switch (dctx->key->key_alg) { + case DST_ALG_RSAMD5: + case DST_ALG_RSASHA1: + case DST_ALG_NSEC3RSASHA1: + INSIST(type != 0); + status = RSA_verify(type, digest, digestlen, sig->base, + RSA_size(rsa), rsa); + break; + + case DST_ALG_RSASHA256: + case DST_ALG_RSASHA512: + { + /* + * 1024 is big enough for all valid RSA bit sizes + * for use with DNSSEC. + */ + unsigned char original[PREFIXLEN + 1024]; + + INSIST(prefix != NULL); + INSIST(prefixlen != 0U); + + if (RSA_size(rsa) > (int)sizeof(original)) + return (DST_R_VERIFYFAILURE); + + status = RSA_public_decrypt(sig->length, sig->base, + original, rsa, + RSA_PKCS1_PADDING); + if (status <= 0) + return (DST_R_VERIFYFAILURE); + if (status != (int)(prefixlen + digestlen)) + return (DST_R_VERIFYFAILURE); + if (memcmp(original, prefix, prefixlen)) + return (DST_R_VERIFYFAILURE); + if (memcmp(original + prefixlen, digest, digestlen)) + return (DST_R_VERIFYFAILURE); + status = 1; + } + break; + + default: + INSIST(0); + } +#else + INSIST(type != 0); status = RSA_verify(type, digest, digestlen, sig->base, - RSA_size(rsa), rsa); + RSA_size(rsa), rsa); +#endif #endif if (status != 1) return (dst__openssl_toresult(DST_R_VERIFYFAILURE)); @@ -552,19 +859,20 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) { if (r.length < 1) DST_RET(ISC_R_NOSPACE); isc_buffer_putuint8(data, (isc_uint8_t) e_bytes); + isc_region_consume(&r, 1); } else { if (r.length < 3) DST_RET(ISC_R_NOSPACE); isc_buffer_putuint8(data, 0); isc_buffer_putuint16(data, (isc_uint16_t) e_bytes); + isc_region_consume(&r, 3); } if (r.length < e_bytes + mod_bytes) - return (ISC_R_NOSPACE); - isc_buffer_availableregion(data, &r); + DST_RET(ISC_R_NOSPACE); BN_bn2bin(rsa->e, r.base); - r.base += e_bytes; + isc_region_consume(&r, e_bytes); BN_bn2bin(rsa->n, r.base); isc_buffer_add(data, e_bytes + mod_bytes); @@ -805,8 +1113,8 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer) { DST_RET(DST_R_NOENGINE); pkey = ENGINE_load_private_key(e, label, NULL, NULL); if (pkey == NULL) { - ERR_print_errors_fp(stderr); - DST_RET(ISC_R_FAILURE); + /* ERR_print_errors_fp(stderr); */ + DST_RET(ISC_R_NOTFOUND); } key->engine = isc_mem_strdup(key->mctx, name); if (key->engine == NULL) @@ -924,7 +1232,7 @@ opensslrsa_fromlabel(dst_key_t *key, const char *engine, const char *label, DST_RET(DST_R_NOENGINE); pkey = ENGINE_load_private_key(e, label, NULL, NULL); if (pkey == NULL) - DST_RET(ISC_R_NOMEMORY); + DST_RET(ISC_R_NOTFOUND); key->engine = isc_mem_strdup(key->mctx, label); if (key->engine == NULL) DST_RET(ISC_R_NOMEMORY); @@ -969,10 +1277,26 @@ static dst_func_t opensslrsa_functions = { }; isc_result_t -dst__opensslrsa_init(dst_func_t **funcp) { +dst__opensslrsa_init(dst_func_t **funcp, unsigned char algorithm) { REQUIRE(funcp != NULL); - if (*funcp == NULL) - *funcp = &opensslrsa_functions; + + if (*funcp == NULL) { + switch (algorithm) { + case DST_ALG_RSASHA256: +#if defined(HAVE_EVP_SHA256) || !USE_EVP + *funcp = &opensslrsa_functions; +#endif + break; + case DST_ALG_RSASHA512: +#if defined(HAVE_EVP_SHA512) || !USE_EVP + *funcp = &opensslrsa_functions; +#endif + break; + default: + *funcp = &opensslrsa_functions; + break; + } + } return (ISC_R_SUCCESS); } diff --git a/lib/dns/rbt.c b/lib/dns/rbt.c index ff8b3a3..62a9e2b 100644 --- a/lib/dns/rbt.c +++ b/lib/dns/rbt.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rbt.c,v 1.142.50.2 2009/01/18 23:47:40 tbox Exp $ */ +/* $Id: rbt.c,v 1.142.50.3 2009/10/20 05:06:04 marka Exp $ */ /*! \file */ @@ -85,9 +85,9 @@ struct dns_rbt { #define HASHVAL(node) ((node)->hashval) #define COLOR(node) ((node)->color) #define NAMELEN(node) ((node)->namelen) +#define OLDNAMELEN(node) ((node)->oldnamelen) #define OFFSETLEN(node) ((node)->offsetlen) #define ATTRS(node) ((node)->attributes) -#define PADBYTES(node) ((node)->padbytes) #define IS_ROOT(node) ISC_TF((node)->is_root == 1) #define FINDCALLBACK(node) ISC_TF((node)->find_callback == 1) @@ -100,13 +100,23 @@ struct dns_rbt { #define LOCKNUM(node) ((node)->locknum) /*% - * The variable length stuff stored after the node. + * The variable length stuff stored after the node has the following + * structure. + * + * <name_data>{1..255}<oldoffsetlen>{1}<offsets>{1..128} + * + * <name_data> contains the name of the node when it was created. + * <oldoffsetlen> contains the length of <offsets> when the node was created. + * <offsets> contains the offets into name for each label when the node was + * created. */ + #define NAME(node) ((unsigned char *)((node) + 1)) -#define OFFSETS(node) (NAME(node) + NAMELEN(node)) +#define OFFSETS(node) (NAME(node) + OLDNAMELEN(node) + 1) +#define OLDOFFSETLEN(node) (OFFSETS(node)[-1]) #define NODE_SIZE(node) (sizeof(*node) + \ - NAMELEN(node) + OFFSETLEN(node) + PADBYTES(node)) + OLDNAMELEN(node) + OLDOFFSETLEN(node) + 1) /*% * Color management. @@ -553,11 +563,6 @@ dns_rbt_addnode(dns_rbt_t *rbt, dns_name_t *name, dns_rbtnode_t **nodep) { NAMELEN(current) = prefix->length; OFFSETLEN(current) = prefix->labels; - memcpy(OFFSETS(current), prefix->offsets, - prefix->labels); - PADBYTES(current) += - (current_name.length - prefix->length) + - (current_name.labels - prefix->labels); /* * Set up the new root of the next level. @@ -1423,7 +1428,7 @@ create_node(isc_mem_t *mctx, dns_name_t *name, dns_rbtnode_t **nodep) { * Allocate space for the node structure, the name, and the offsets. */ node = (dns_rbtnode_t *)isc_mem_get(mctx, sizeof(*node) + - region.length + labels); + region.length + labels + 1); if (node == NULL) return (ISC_R_NOMEMORY); @@ -1460,10 +1465,12 @@ create_node(isc_mem_t *mctx, dns_name_t *name, dns_rbtnode_t **nodep) { * The offsets table could be made smaller by eliminating the * first offset, which is always 0. This requires changes to * lib/dns/name.c. + * + * Note: OLDOFFSETLEN *must* be assigned *after* OLDNAMELEN is assigned + * as it uses OLDNAMELEN. */ - NAMELEN(node) = region.length; - PADBYTES(node) = 0; - OFFSETLEN(node) = labels; + OLDNAMELEN(node) = NAMELEN(node) = region.length; + OLDOFFSETLEN(node) = OFFSETLEN(node) = labels; ATTRS(node) = name->attributes; memcpy(NAME(node), region.base, region.length); diff --git a/lib/dns/rbtdb.c b/lib/dns/rbtdb.c index d5b5b5c..f841ebe 100644 --- a/lib/dns/rbtdb.c +++ b/lib/dns/rbtdb.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rbtdb.c,v 1.270.12.6.10.2 2009/12/31 21:44:36 each Exp $ */ +/* $Id: rbtdb.c,v 1.270.12.16 2009/12/30 08:34:30 jinmei Exp $ */ /*! \file */ @@ -258,21 +258,8 @@ typedef struct rdatasetheader { dns_rbtnode_t *node; isc_stdtime_t last_used; - ISC_LINK(struct rdatasetheader) lru_link; - /*%< - * Used for LRU-based cache management. We should probably make - * these cache-DB specific. We might also make it a pointer and - * ensure only the top header has a valid link to save memory. - * The linked-list is locked by the rbtdb->lrulock. - */ + ISC_LINK(struct rdatasetheader) link; - /* - * It's possible this should not be here anymore, but instead - * referenced from the bucket's heap directly. - */ -#if 0 - isc_heap_t *heap; -#endif unsigned int heap_index; /*%< * Used for TTL-based cache cleaning. @@ -396,7 +383,7 @@ typedef struct rbtdb_version { isc_uint8_t flags; isc_uint16_t iterations; isc_uint8_t salt_length; - unsigned char salt[NSEC3_MAX_HASH_LENGTH]; + unsigned char salt[DNS_NSEC3_SALTSIZE]; } rbtdb_version_t; typedef ISC_LIST(rbtdb_version_t) rbtdb_versionlist_t; @@ -1227,7 +1214,7 @@ free_noqname(isc_mem_t *mctx, struct noqname **noqname) { static inline void init_rdataset(dns_rbtdb_t *rbtdb, rdatasetheader_t *h) { - ISC_LINK_INIT(h, lru_link); + ISC_LINK_INIT(h, link); h->heap_index = 0; #if TRACE_HEADER @@ -1267,8 +1254,10 @@ free_rdataset(dns_rbtdb_t *rbtdb, isc_mem_t *mctx, rdatasetheader_t *rdataset) } idx = rdataset->node->locknum; - if (ISC_LINK_LINKED(rdataset, lru_link)) - ISC_LIST_UNLINK(rbtdb->rdatasets[idx], rdataset, lru_link); + if (ISC_LINK_LINKED(rdataset, link)) { + INSIST(IS_CACHE(rbtdb)); + ISC_LIST_UNLINK(rbtdb->rdatasets[idx], rdataset, link); + } if (rdataset->heap_index != 0) isc_heap_delete(rbtdb->heaps[idx], rdataset->heap_index); rdataset->heap_index = 0; @@ -2075,8 +2064,6 @@ setnsec3parameters(dns_db_t *db, rbtdb_version_t *version, continue; #endif - INSIST(nsec3param.salt_length <= - sizeof(version->salt)); memcpy(version->salt, nsec3param.salt, nsec3param.salt_length); version->hash = nsec3param.hash; @@ -2284,17 +2271,18 @@ closeversion(dns_db_t *db, dns_dbversion_t **versionp, isc_boolean_t commit) { for (header = HEAD(resigned_list); header != NULL; header = HEAD(resigned_list)) { - ISC_LIST_UNLINK(resigned_list, header, lru_link); - if (rollback) { - nodelock_t *lock; - lock = &rbtdb->node_locks[header->node->locknum].lock; - NODE_LOCK(lock, isc_rwlocktype_write); + nodelock_t *lock; + + ISC_LIST_UNLINK(resigned_list, header, link); + + lock = &rbtdb->node_locks[header->node->locknum].lock; + NODE_LOCK(lock, isc_rwlocktype_write); + if (rollback) resign_insert(rbtdb, header->node->locknum, header); - NODE_UNLOCK(lock, isc_rwlocktype_write); - } decrement_reference(rbtdb, header->node, least_serial, isc_rwlocktype_write, isc_rwlocktype_none, ISC_FALSE); + NODE_UNLOCK(lock, isc_rwlocktype_write); } if (!EMPTY(cleanup_list)) { @@ -3524,11 +3512,17 @@ zone_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version, /* * The node may be a zone cut itself. If it might be one, * make sure we check for it later. + * + * DS records live above the zone cut in ordinary zone so + * we want to ignore any referral. + * + * Stub zones don't have anything "above" the delgation so + * we always return a referral. */ if (node->find_callback && - (node != search.rbtdb->origin_node || - IS_STUB(search.rbtdb)) && - !dns_rdatatype_atparent(type)) + ((node != search.rbtdb->origin_node && + !dns_rdatatype_atparent(type)) || + IS_STUB(search.rbtdb))) maybe_zonecut = ISC_TRUE; } @@ -3546,8 +3540,8 @@ zone_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version, * We now go looking for rdata... */ - NODE_LOCK(&(search.rbtdb->node_locks[node->locknum].lock), - isc_rwlocktype_read); + lock = &search.rbtdb->node_locks[node->locknum].lock; + NODE_LOCK(lock, isc_rwlocktype_read); found = NULL; foundsig = NULL; @@ -3625,8 +3619,10 @@ zone_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version, * we are using behave as if it isn't here. */ if (header->type == dns_rdatatype_nsec3 && - !matchparams(header, &search)) + !matchparams(header, &search)) { + NODE_UNLOCK(lock, isc_rwlocktype_read); goto partial_match; + } /* * If we found a type we were looking for, * remember it. @@ -3705,7 +3701,6 @@ zone_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version, * we really have a partial match. */ if (!wild) { - lock = &search.rbtdb->node_locks[node->locknum].lock; NODE_UNLOCK(lock, isc_rwlocktype_read); goto partial_match; } @@ -3722,7 +3717,6 @@ zone_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version, * * Return the delegation. */ - lock = &search.rbtdb->node_locks[node->locknum].lock; NODE_UNLOCK(lock, isc_rwlocktype_read); result = setup_delegation(&search, nodep, foundname, rdataset, sigrdataset); @@ -3744,7 +3738,6 @@ zone_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version, goto node_exit; } - lock = &search.rbtdb->node_locks[node->locknum].lock; NODE_UNLOCK(lock, isc_rwlocktype_read); result = find_closest_nsec(&search, nodep, foundname, rdataset, sigrdataset, @@ -3829,7 +3822,6 @@ zone_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version, if (result == DNS_R_GLUE && (search.options & DNS_DBFIND_VALIDATEGLUE) != 0 && !valid_glue(&search, foundname, type, node)) { - lock = &search.rbtdb->node_locks[node->locknum].lock; NODE_UNLOCK(lock, isc_rwlocktype_read); result = setup_delegation(&search, nodep, foundname, rdataset, sigrdataset); @@ -3861,8 +3853,7 @@ zone_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version, foundname->attributes |= DNS_NAMEATTR_WILDCARD; node_exit: - NODE_UNLOCK(&(search.rbtdb->node_locks[node->locknum].lock), - isc_rwlocktype_read); + NODE_UNLOCK(lock, isc_rwlocktype_read); tree_exit: RWUNLOCK(&search.rbtdb->tree_lock, isc_rwlocktype_read); @@ -5408,8 +5399,10 @@ static isc_result_t resign_insert(dns_rbtdb_t *rbtdb, int idx, rdatasetheader_t *newheader) { isc_result_t result; + INSIST(!IS_CACHE(rbtdb)); INSIST(newheader->heap_index == 0); - INSIST(!ISC_LINK_LINKED(newheader, lru_link)); + INSIST(!ISC_LINK_LINKED(newheader, link)); + result = isc_heap_insert(rbtdb->heaps[idx], newheader); return (result); } @@ -5735,7 +5728,7 @@ add(dns_rbtdb_t *rbtdb, dns_rbtnode_t *rbtnode, rbtdb_version_t *rbtversion, idx = newheader->node->locknum; if (IS_CACHE(rbtdb)) { ISC_LIST_PREPEND(rbtdb->rdatasets[idx], - newheader, lru_link); + newheader, link); /* * XXXMLG We don't check the return value * here. If it fails, we will not do TTL @@ -5794,7 +5787,7 @@ add(dns_rbtdb_t *rbtdb, dns_rbtnode_t *rbtnode, rbtdb_version_t *rbtversion, idx = newheader->node->locknum; if (IS_CACHE(rbtdb)) { ISC_LIST_PREPEND(rbtdb->rdatasets[idx], - newheader, lru_link); + newheader, link); isc_heap_insert(rbtdb->heaps[idx], newheader); } else if (RESIGN(newheader)) { resign_insert(rbtdb, idx, newheader); @@ -6519,11 +6512,17 @@ static void delete_callback(void *data, void *arg) { dns_rbtdb_t *rbtdb = arg; rdatasetheader_t *current, *next; + unsigned int locknum; - for (current = data; current != NULL; current = next) { + current = data; + locknum = current->node->locknum; + NODE_LOCK(&rbtdb->node_locks[locknum].lock, isc_rwlocktype_write); + while (current != NULL) { next = current->next; free_rdataset(rbtdb, rbtdb->common.mctx, current); + current = next; } + NODE_UNLOCK(&rbtdb->node_locks[locknum].lock, isc_rwlocktype_write); } static isc_boolean_t @@ -6642,8 +6641,8 @@ getnsec3parameters(dns_db_t *db, dns_dbversion_t *version, dns_hash_t *hash, if (rbtversion->havensec3) { if (hash != NULL) *hash = rbtversion->hash; - if (salt != NULL && salt_length != 0) { - REQUIRE(*salt_length > rbtversion->salt_length); + if (salt != NULL && salt_length != NULL) { + REQUIRE(*salt_length >= rbtversion->salt_length); memcpy(salt, rbtversion->salt, rbtversion->salt_length); } if (salt_length != NULL) @@ -6707,27 +6706,35 @@ getsigningtime(dns_db_t *db, dns_rdataset_t *rdataset, rdatasetheader_t *header = NULL, *this; unsigned int i; isc_result_t result = ISC_R_NOTFOUND; + unsigned int locknum; REQUIRE(VALID_RBTDB(rbtdb)); RBTDB_LOCK(&rbtdb->lock, isc_rwlocktype_read); for (i = 0; i < rbtdb->node_lock_count; i++) { + NODE_LOCK(&rbtdb->node_locks[i].lock, isc_rwlocktype_read); this = isc_heap_element(rbtdb->heaps[i], 1); - if (this == NULL) + if (this == NULL) { + NODE_UNLOCK(&rbtdb->node_locks[i].lock, + isc_rwlocktype_read); continue; + } if (header == NULL) header = this; - else if (isc_serial_lt(this->resign, header->resign)) + else if (isc_serial_lt(this->resign, header->resign)) { + locknum = header->node->locknum; + NODE_UNLOCK(&rbtdb->node_locks[locknum].lock, + isc_rwlocktype_read); header = this; + } else + NODE_UNLOCK(&rbtdb->node_locks[i].lock, + isc_rwlocktype_read); } if (header == NULL) goto unlock; - NODE_LOCK(&rbtdb->node_locks[header->node->locknum].lock, - isc_rwlocktype_read); - bind_rdataset(rbtdb, header->node, header, 0, rdataset); if (foundname != NULL) @@ -6761,7 +6768,7 @@ resigned(dns_db_t *db, dns_rdataset_t *rdataset, dns_dbversion_t *version) header = rdataset->private3; header--; - RBTDB_LOCK(&rbtdb->lock, isc_rwlocktype_read); + RBTDB_LOCK(&rbtdb->lock, isc_rwlocktype_write); NODE_LOCK(&rbtdb->node_locks[node->locknum].lock, isc_rwlocktype_write); /* @@ -6771,11 +6778,11 @@ resigned(dns_db_t *db, dns_rdataset_t *rdataset, dns_dbversion_t *version) new_reference(rbtdb, node); isc_heap_delete(rbtdb->heaps[node->locknum], header->heap_index); header->heap_index = 0; - ISC_LIST_APPEND(rbtversion->resigned_list, header, lru_link); + ISC_LIST_APPEND(rbtversion->resigned_list, header, link); NODE_UNLOCK(&rbtdb->node_locks[node->locknum].lock, isc_rwlocktype_write); - RBTDB_UNLOCK(&rbtdb->lock, isc_rwlocktype_read); + RBTDB_UNLOCK(&rbtdb->lock, isc_rwlocktype_write); } static dns_stats_t * @@ -8497,13 +8504,11 @@ update_header(dns_rbtdb_t *rbtdb, rdatasetheader_t *header, INSIST(IS_CACHE(rbtdb)); /* To be checked: can we really assume this? XXXMLG */ - INSIST(ISC_LINK_LINKED(header, lru_link)); + INSIST(ISC_LINK_LINKED(header, link)); - ISC_LIST_UNLINK(rbtdb->rdatasets[header->node->locknum], - header, lru_link); + ISC_LIST_UNLINK(rbtdb->rdatasets[header->node->locknum], header, link); header->last_used = now; - ISC_LIST_PREPEND(rbtdb->rdatasets[header->node->locknum], - header, lru_link); + ISC_LIST_PREPEND(rbtdb->rdatasets[header->node->locknum], header, link); } /*% @@ -8539,7 +8544,7 @@ overmem_purge(dns_rbtdb_t *rbtdb, unsigned int locknum_start, for (header = ISC_LIST_TAIL(rbtdb->rdatasets[locknum]); header != NULL && purgecount > 0; header = header_prev) { - header_prev = ISC_LIST_PREV(header, lru_link); + header_prev = ISC_LIST_PREV(header, link); /* * Unlink the entry at this point to avoid checking it * again even if it's currently used someone else and @@ -8548,7 +8553,7 @@ overmem_purge(dns_rbtdb_t *rbtdb, unsigned int locknum_start, * TTL was reset to 0. */ ISC_LIST_UNLINK(rbtdb->rdatasets[locknum], header, - lru_link); + link); expire_header(rbtdb, header, tree_locked); purgecount--; } diff --git a/lib/dns/rcode.c b/lib/dns/rcode.c index 58ade85..9feaeb0 100644 --- a/lib/dns/rcode.c +++ b/lib/dns/rcode.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rcode.c,v 1.8 2008/09/25 04:02:38 tbox Exp $ */ +/* $Id: rcode.c,v 1.8.48.2 2010/01/15 23:47:33 tbox Exp $ */ #include <config.h> #include <ctype.h> @@ -100,6 +100,8 @@ { DNS_KEYALG_ECC, "ECC", 0 }, \ { DNS_KEYALG_RSASHA1, "RSASHA1", 0 }, \ { DNS_KEYALG_NSEC3RSASHA1, "NSEC3RSASHA1", 0 }, \ + { DNS_KEYALG_RSASHA256, "RSASHA256", 0 }, \ + { DNS_KEYALG_RSASHA512, "RSASHA512", 0 }, \ { DNS_KEYALG_INDIRECT, "INDIRECT", 0 }, \ { DNS_KEYALG_PRIVATEDNS, "PRIVATEDNS", 0 }, \ { DNS_KEYALG_PRIVATEOID, "PRIVATEOID", 0 }, \ diff --git a/lib/dns/rdata/generic/ipseckey_45.c b/lib/dns/rdata/generic/ipseckey_45.c index bc2b4e8..6a58bc9 100644 --- a/lib/dns/rdata/generic/ipseckey_45.c +++ b/lib/dns/rdata/generic/ipseckey_45.c @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: ipseckey_45.c,v 1.4.332.2 2009/01/18 23:47:41 tbox Exp $ */ +/* $Id: ipseckey_45.c,v 1.4.332.3 2009/09/18 21:55:48 jinmei Exp $ */ #ifndef RDATA_GENERIC_IPSECKEY_45_C #define RDATA_GENERIC_IPSECKEY_45_C @@ -243,6 +243,7 @@ fromwire_ipseckey(ARGS_FROMWIRE) { isc_buffer_forward(source, 3); RETERR(dns_name_fromwire(&name, source, dctx, options, target)); isc_buffer_activeregion(source, ®ion); + isc_buffer_forward(source, region.length); return(mem_tobuffer(target, region.base, region.length)); default: diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c index 1b4f407..02e96cd 100644 --- a/lib/dns/resolver.c +++ b/lib/dns/resolver.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: resolver.c,v 1.384.14.14.8.2 2010/01/07 17:17:19 each Exp $ */ +/* $Id: resolver.c,v 1.384.14.20 2010/01/07 23:47:36 tbox Exp $ */ /*! \file */ @@ -2534,6 +2534,16 @@ findname(fetchctx_t *fctx, dns_name_t *name, in_port_t port, } } +static isc_boolean_t +isstrictsubdomain(dns_name_t *name1, dns_name_t *name2) { + int order; + unsigned int nlabels; + dns_namereln_t namereln; + + namereln = dns_name_fullcompare(name1, name2, &order, &nlabels); + return (ISC_TF(namereln == dns_namereln_subdomain)); +} + static isc_result_t fctx_getaddresses(fetchctx_t *fctx) { dns_rdata_t rdata = DNS_RDATA_INIT; @@ -2579,23 +2589,40 @@ fctx_getaddresses(fetchctx_t *fctx) { dns_name_t *name = &fctx->name; dns_name_t suffix; unsigned int labels; + dns_fixedname_t fixed; + dns_name_t *domain; /* * DS records are found in the parent server. * Strip label to get the correct forwarder (if any). */ - if (fctx->type == dns_rdatatype_ds && + if (dns_rdatatype_atparent(fctx->type) && dns_name_countlabels(name) > 1) { dns_name_init(&suffix, NULL); labels = dns_name_countlabels(name); dns_name_getlabelsequence(name, 1, labels - 1, &suffix); name = &suffix; } - result = dns_fwdtable_find(fctx->res->view->fwdtable, name, - &forwarders); + + dns_fixedname_init(&fixed); + domain = dns_fixedname_name(&fixed); + result = dns_fwdtable_find2(fctx->res->view->fwdtable, name, + domain, &forwarders); if (result == ISC_R_SUCCESS) { sa = ISC_LIST_HEAD(forwarders->addrs); fctx->fwdpolicy = forwarders->fwdpolicy; + if (fctx->fwdpolicy == dns_fwdpolicy_only && + isstrictsubdomain(domain, &fctx->domain)) { + isc_mem_t *mctx; + + mctx = res->buckets[fctx->bucketnum].mctx; + dns_name_free(&fctx->domain, mctx); + dns_name_init(&fctx->domain, NULL); + result = dns_name_dup(domain, mctx, + &fctx->domain); + if (result != ISC_R_SUCCESS) + return (result); + } } } @@ -3477,21 +3504,22 @@ fctx_create(dns_resolver_t *res, dns_name_t *name, dns_rdatatype_t type, if (domain == NULL) { dns_forwarders_t *forwarders = NULL; unsigned int labels; + dns_name_t *fwdname = name; /* * DS records are found in the parent server. * Strip label to get the correct forwarder (if any). */ - if (fctx->type == dns_rdatatype_ds && + if (dns_rdatatype_atparent(fctx->type) && dns_name_countlabels(name) > 1) { dns_name_init(&suffix, NULL); labels = dns_name_countlabels(name); dns_name_getlabelsequence(name, 1, labels - 1, &suffix); - name = &suffix; + fwdname = &suffix; } dns_fixedname_init(&fixed); domain = dns_fixedname_name(&fixed); - result = dns_fwdtable_find2(fctx->res->view->fwdtable, name, + result = dns_fwdtable_find2(fctx->res->view->fwdtable, fwdname, domain, &forwarders); if (result == ISC_R_SUCCESS) fctx->fwdpolicy = forwarders->fwdpolicy; @@ -3502,7 +3530,7 @@ fctx_create(dns_resolver_t *res, dns_name_t *name, dns_rdatatype_t type, * nameservers, and we're not in forward-only mode, * so find the best nameservers to use. */ - if (dns_rdatatype_atparent(type)) + if (dns_rdatatype_atparent(fctx->type)) findoptions |= DNS_DBFIND_NOEXACT; result = dns_view_findzonecut(res->view, name, domain, 0, findoptions, ISC_TRUE, diff --git a/lib/dns/sdb.c b/lib/dns/sdb.c index 03fca9e..ab9ff19 100644 --- a/lib/dns/sdb.c +++ b/lib/dns/sdb.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: sdb.c,v 1.66.48.2 2009/04/21 23:47:18 tbox Exp $ */ +/* $Id: sdb.c,v 1.66.48.3 2009/06/26 06:25:44 marka Exp $ */ /*! \file */ @@ -1458,9 +1458,11 @@ dbiterator_seek(dns_dbiterator_t *iterator, dns_name_t *name) { sdb_dbiterator_t *sdbiter = (sdb_dbiterator_t *)iterator; sdbiter->current = ISC_LIST_HEAD(sdbiter->nodelist); - while (sdbiter->current != NULL) + while (sdbiter->current != NULL) { if (dns_name_equal(sdbiter->current->name, name)) return (ISC_R_SUCCESS); + sdbiter->current = ISC_LIST_NEXT(sdbiter->current, link); + } return (ISC_R_NOTFOUND); } diff --git a/lib/dns/sdlz.c b/lib/dns/sdlz.c index 89cd0ee..5e5f7e3 100644 --- a/lib/dns/sdlz.c +++ b/lib/dns/sdlz.c @@ -50,7 +50,7 @@ * USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: sdlz.c,v 1.18.50.2 2009/04/21 23:47:18 tbox Exp $ */ +/* $Id: sdlz.c,v 1.18.50.3 2009/06/26 06:25:44 marka Exp $ */ /*! \file */ @@ -1117,9 +1117,11 @@ dbiterator_seek(dns_dbiterator_t *iterator, dns_name_t *name) { sdlz_dbiterator_t *sdlziter = (sdlz_dbiterator_t *)iterator; sdlziter->current = ISC_LIST_HEAD(sdlziter->nodelist); - while (sdlziter->current != NULL) + while (sdlziter->current != NULL) { if (dns_name_equal(sdlziter->current->name, name)) return (ISC_R_SUCCESS); + sdlziter->current = ISC_LIST_NEXT(sdlziter->current, link); + } return (ISC_R_NOTFOUND); } diff --git a/lib/dns/spnego.c b/lib/dns/spnego.c index 0ae6ea2..6c94e51 100644 --- a/lib/dns/spnego.c +++ b/lib/dns/spnego.c @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: spnego.c,v 1.8.118.2 2009/01/18 23:47:40 tbox Exp $ */ +/* $Id: spnego.c,v 1.8.118.4 2009/07/21 07:27:13 marka Exp $ */ /*! \file * \brief @@ -265,8 +265,7 @@ decode_oid(const unsigned char *p, size_t len, oid * k, size_t * size); static int -decode_enumerated(const unsigned char *p, size_t len, - unsigned *num, size_t *size); +decode_enumerated(const unsigned char *p, size_t len, void *num, size_t *size); static int decode_octet_string(const unsigned char *, size_t, octet_string *, size_t *); @@ -291,8 +290,7 @@ der_put_length_and_tag(unsigned char *, size_t, size_t, Der_class, Der_type, int, size_t *); static int -encode_enumerated(unsigned char *p, size_t len, - const unsigned *data, size_t *); +encode_enumerated(unsigned char *p, size_t len, const void *data, size_t *); static int encode_octet_string(unsigned char *p, size_t len, @@ -622,7 +620,7 @@ gss_accept_sec_context_spnego(OM_uint32 *minor_status, } for (i = 0; !found && i < init_token.mechTypes.len; ++i) { - char mechbuf[17]; + unsigned char mechbuf[17]; size_t mech_len; ret = der_put_oid(mechbuf + sizeof(mechbuf) - 1, @@ -956,8 +954,7 @@ der_match_tag_and_length(const unsigned char *p, size_t len, } static int -decode_enumerated(const unsigned char *p, size_t len, - unsigned *num, size_t *size) +decode_enumerated(const unsigned char *p, size_t len, void *num, size_t *size) { size_t ret = 0; size_t l, reallen; @@ -1269,10 +1266,9 @@ der_put_length_and_tag(unsigned char *p, size_t len, size_t len_val, } static int -encode_enumerated(unsigned char *p, size_t len, const unsigned *data, - size_t *size) +encode_enumerated(unsigned char *p, size_t len, const void *data, size_t *size) { - unsigned num = *data; + unsigned num = *(const unsigned *)data; size_t ret = 0; size_t l; int e; diff --git a/lib/dns/validator.c b/lib/dns/validator.c index ce49daf..1e55a34 100644 --- a/lib/dns/validator.c +++ b/lib/dns/validator.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: validator.c,v 1.164.12.9.8.2 2009/12/31 20:29:21 each Exp $ */ +/* $Id: validator.c,v 1.164.12.11 2009/12/30 06:44:44 each Exp $ */ #include <config.h> diff --git a/lib/dns/view.c b/lib/dns/view.c index 5f1447a..961268e 100644 --- a/lib/dns/view.c +++ b/lib/dns/view.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: view.c,v 1.150.84.2 2009/01/29 23:47:44 tbox Exp $ */ +/* $Id: view.c,v 1.150.84.3 2009/11/12 23:39:23 marka Exp $ */ /*! \file */ @@ -1250,7 +1250,8 @@ dns_view_getpeertsig(dns_view_t *view, isc_netaddr_t *peeraddr, if (result != ISC_R_SUCCESS) return (result); - return (dns_view_gettsig(view, keyname, keyp)); + result = dns_view_gettsig(view, keyname, keyp); + return ((result == ISC_R_NOTFOUND) ? ISC_R_FAILURE : result); } isc_result_t diff --git a/lib/dns/zone.c b/lib/dns/zone.c index 423b005..c21b1f0 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: zone.c,v 1.483.36.6 2009/03/26 22:57:07 marka Exp $ */ +/* $Id: zone.c,v 1.483.36.17 2009/12/21 04:32:42 marka Exp $ */ /*! \file */ @@ -200,7 +200,6 @@ struct dns_zone { isc_time_t keywarntime; isc_time_t signingtime; isc_time_t nsec3chaintime; - isc_uint32_t serial; isc_uint32_t refresh; isc_uint32_t retry; isc_uint32_t expire; @@ -351,11 +350,15 @@ struct dns_zone { #define DNS_ZONEFLG_USEALTXFRSRC 0x00800000U #define DNS_ZONEFLG_SOABEFOREAXFR 0x01000000U #define DNS_ZONEFLG_NEEDCOMPACT 0x02000000U +#define DNS_ZONEFLG_REFRESHING 0x04000000U /*%< Refreshing keydata */ +#define DNS_ZONEFLG_THAW 0x08000000U #define DNS_ZONE_OPTION(z,o) (((z)->options & (o)) != 0) /* Flags for zone_load() */ #define DNS_ZONELOADFLAG_NOSTAT 0x00000001U /* Do not stat() master files */ +#define DNS_ZONELOADFLAG_THAW 0x00000002U /* Thaw the zone on successful + load. */ #define UNREACH_CHACHE_SIZE 10U #define UNREACH_HOLD_TIME 600 /* 10 minutes */ @@ -718,7 +721,6 @@ dns_zone_create(dns_zone_t **zonep, isc_mem_t *mctx) { isc_time_settoepoch(&zone->keywarntime); isc_time_settoepoch(&zone->signingtime); isc_time_settoepoch(&zone->nsec3chaintime); - zone->serial = 0; zone->refresh = DNS_ZONE_DEFAULTREFRESH; zone->retry = DNS_ZONE_DEFAULTRETRY; zone->expire = 0; @@ -967,16 +969,35 @@ dns_zone_setnotifytype(dns_zone_t *zone, dns_notifytype_t notifytype) { UNLOCK_ZONE(zone); } -isc_uint32_t -dns_zone_getserial(dns_zone_t *zone) { - isc_uint32_t serial; +isc_result_t +dns_zone_getserial2(dns_zone_t *zone, isc_uint32_t *serialp) { + isc_result_t result; REQUIRE(DNS_ZONE_VALID(zone)); + REQUIRE(serialp != NULL); LOCK_ZONE(zone); - serial = zone->serial; + ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read); + if (zone->db != NULL) { + result = zone_get_from_db(zone, zone->db, NULL, NULL, serialp, + NULL, NULL, NULL, NULL, NULL); + } else + result = DNS_R_NOTLOADED; + ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read); UNLOCK_ZONE(zone); + return (result); +} + +isc_uint32_t +dns_zone_getserial(dns_zone_t *zone) { + isc_result_t result; + isc_uint32_t serial; + + result = dns_zone_getserial2(zone, &serial); + if (result != ISC_R_SUCCESS) + serial = 0; /* XXX: not really correct, but no other choice */ + return (serial); } @@ -1314,7 +1335,9 @@ zone_load(dns_zone_t *zone, unsigned int flags) { INSIST(zone->type != dns_zone_none); if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_LOADING)) { - result = ISC_R_SUCCESS; + if ((flags & DNS_ZONELOADFLAG_THAW) != 0) + DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_THAW); + result = DNS_R_CONTINUE; goto cleanup; } @@ -1448,6 +1471,8 @@ zone_load(dns_zone_t *zone, unsigned int flags) { if (result == DNS_R_CONTINUE) { DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_LOADING); + if ((flags & DNS_ZONELOADFLAG_THAW) != 0) + DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_THAW); goto cleanup; } @@ -1470,6 +1495,30 @@ dns_zone_loadnew(dns_zone_t *zone) { return (zone_load(zone, DNS_ZONELOADFLAG_NOSTAT)); } +isc_result_t +dns_zone_loadandthaw(dns_zone_t *zone) { + isc_result_t result; + + result = zone_load(zone, DNS_ZONELOADFLAG_THAW); + switch (result) { + case DNS_R_CONTINUE: + /* Deferred thaw. */ + break; + case ISC_R_SUCCESS: + case DNS_R_UPTODATE: + case DNS_R_SEENINCLUDE: + zone->update_disabled = ISC_FALSE; + break; + case DNS_R_NOMASTERFILE: + zone->update_disabled = ISC_FALSE; + break; + default: + /* Error, remain in disabled state. */ + break; + } + return (result); +} + static unsigned int get_master_options(dns_zone_t *zone) { unsigned int options; @@ -2148,7 +2197,8 @@ resume_signingwithkey(dns_zone_t *zone) { } result = zone_signwithkey(zone, rdata.data[0], - (rdata.data[1] << 8) | rdata.data[2], ISC_TF(rdata.data[3])); + (rdata.data[1] << 8) | rdata.data[2], + ISC_TF(rdata.data[3])); if (result != ISC_R_SUCCESS) { dns_zone_log(zone, ISC_LOG_ERROR, "zone_signwithkey failed: %s", @@ -2291,7 +2341,6 @@ static void set_resigntime(dns_zone_t *zone) { dns_rdataset_t rdataset; dns_fixedname_t fixed; - char namebuf[DNS_NAME_FORMATSIZE]; unsigned int resign; isc_result_t result; isc_uint32_t nanosecs; @@ -2305,7 +2354,6 @@ set_resigntime(dns_zone_t *zone) { return; } resign = rdataset.resign; - dns_name_format(dns_fixedname_name(&fixed), namebuf, sizeof(namebuf)); dns_rdataset_disassociate(&rdataset); isc_random_get(&nanosecs); nanosecs %= 1000000000; @@ -2409,7 +2457,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, unsigned int soacount = 0; unsigned int nscount = 0; unsigned int errors = 0; - isc_uint32_t serial, refresh, retry, expire, minimum; + isc_uint32_t serial, oldserial, refresh, retry, expire, minimum; isc_time_t now; isc_boolean_t needdump = ISC_FALSE; isc_boolean_t hasinclude = DNS_ZONE_FLAG(zone, DNS_ZONEFLG_HASINCLUDE); @@ -2463,8 +2511,9 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, options = DNS_JOURNALOPT_RESIGN; else options = 0; - result = dns_journal_rollforward(zone->mctx, db, options, - zone->journal); + result = dns_journal_rollforward2(zone->mctx, db, options, + zone->sigresigninginterval, + zone->journal); if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND && result != DNS_R_UPTODATE && result != DNS_R_NOJOURNAL && result != ISC_R_RANGE) { @@ -2544,14 +2593,18 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, * This is checked in zone_replacedb() for slave zones * as they don't reload from disk. */ + result = zone_get_from_db(zone, zone->db, NULL, NULL, + &oldserial, NULL, NULL, NULL, + NULL, NULL); + RUNTIME_CHECK(result == ISC_R_SUCCESS); if (DNS_ZONE_OPTION(zone, DNS_ZONEOPT_IXFRFROMDIFFS) && - !isc_serial_gt(serial, zone->serial)) { + !isc_serial_gt(serial, oldserial)) { isc_uint32_t serialmin, serialmax; INSIST(zone->type == dns_zone_master); - serialmin = (zone->serial + 1) & 0xffffffffU; - serialmax = (zone->serial + 0x7fffffffU) & + serialmin = (oldserial + 1) & 0xffffffffU; + serialmax = (oldserial + 0x7fffffffU) & 0xffffffffU; dns_zone_log(zone, ISC_LOG_ERROR, "ixfr-from-differences: " @@ -2560,10 +2613,10 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, serialmax); result = DNS_R_BADZONE; goto cleanup; - } else if (!isc_serial_ge(serial, zone->serial)) + } else if (!isc_serial_ge(serial, oldserial)) dns_zone_log(zone, ISC_LOG_ERROR, "zone serial has gone backwards"); - else if (serial == zone->serial && !hasinclude) + else if (serial == oldserial && !hasinclude) dns_zone_log(zone, ISC_LOG_ERROR, "zone serial unchanged. " "zone may fail to transfer " @@ -2580,7 +2633,6 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, "3 * refresh."); } - zone->serial = serial; zone->refresh = RANGE(refresh, zone->minrefresh, zone->maxrefresh); zone->retry = RANGE(retry, @@ -2664,8 +2716,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, } if (! dns_db_ispersistent(db)) - dns_zone_log(zone, ISC_LOG_INFO, "loaded serial %u%s", - zone->serial, + dns_zone_log(zone, ISC_LOG_INFO, "loaded serial %u%s", serial, dns_db_issecure(db) ? " (signed)" : ""); return (result); @@ -2683,7 +2734,8 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime, if (zone->task != NULL) zone_settimer(zone, &now); result = ISC_R_SUCCESS; - } + } else if (zone->type == dns_zone_master) + dns_zone_log(zone, ISC_LOG_ERROR, "not loaded due to errors."); return (result); } @@ -4374,7 +4426,8 @@ updatesignwithkey(dns_signing_t *signing, dns_dbversion_t *version, seen_done = ISC_TRUE; else CHECK(update_one_rr(signing->db, version, diff, - DNS_DIFFOP_DEL, name, rdataset.ttl, &rdata)); + DNS_DIFFOP_DEL, name, + rdataset.ttl, &rdata)); dns_rdata_reset(&rdata); } if (result == ISC_R_NOMORE) @@ -5458,6 +5511,7 @@ zone_sign(dns_zone_t *zone) { dst_key_t *zone_keys[MAXZONEKEYS]; isc_int32_t signatures; isc_boolean_t check_ksk, is_ksk; + isc_boolean_t commit = ISC_FALSE; isc_boolean_t delegation; isc_boolean_t finishedakey = ISC_FALSE; isc_boolean_t secureupdated = ISC_FALSE; @@ -5745,6 +5799,7 @@ zone_sign(dns_zone_t *zone) { goto failure; } } + if (finishedakey) { /* * We have changed the RRset above so we need to update @@ -5770,6 +5825,15 @@ zone_sign(dns_zone_t *zone) { goto failure; } } + + /* + * Have we changed anything? + */ + if (ISC_LIST_HEAD(sig_diff.tuples) == NULL) + goto pauseall; + + commit = ISC_TRUE; + result = del_sigs(zone, db, version, &zone->origin, dns_rdatatype_soa, &sig_diff, zone_keys, nkeys, now); if (result != ISC_R_SUCCESS) { @@ -5801,6 +5865,9 @@ zone_sign(dns_zone_t *zone) { goto failure; } + /* + * Write changes to journal file. + */ journalfile = dns_zone_getjournal(zone); if (journalfile != NULL) { dns_journal_t *journal = NULL; @@ -5823,7 +5890,7 @@ zone_sign(dns_zone_t *zone) { } } - + pauseall: /* * Pause all iterators so that dns_db_closeversion() can succeed. */ @@ -5840,7 +5907,7 @@ zone_sign(dns_zone_t *zone) { /* * Everything has succeeded. Commit the changes. */ - dns_db_closeversion(db, &version, ISC_TRUE); + dns_db_closeversion(db, &version, commit); /* * Everything succeeded so we can clean these up now. @@ -5856,9 +5923,11 @@ zone_sign(dns_zone_t *zone) { set_resigntime(zone); - LOCK_ZONE(zone); - zone_needdump(zone, DNS_DUMP_DELAY); - UNLOCK_ZONE(zone); + if (commit) { + LOCK_ZONE(zone); + zone_needdump(zone, DNS_DUMP_DELAY); + UNLOCK_ZONE(zone); + } failure: /* @@ -6498,6 +6567,7 @@ notify_isself(dns_zone_t *zone, isc_sockaddr_t *dst) { isc_sockaddr_t any; isc_boolean_t isself; isc_netaddr_t dstaddr; + isc_result_t result; if (zone->view == NULL || zone->isself == NULL) return (ISC_FALSE); @@ -6523,7 +6593,9 @@ notify_isself(dns_zone_t *zone, isc_sockaddr_t *dst) { src = *dst; isc_netaddr_fromsockaddr(&dstaddr, dst); - (void)dns_view_getpeertsig(zone->view, &dstaddr, &key); + result = dns_view_getpeertsig(zone->view, &dstaddr, &key); + if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) + return (ISC_FALSE); isself = (zone->isself)(zone->view, key, &src, dst, zone->rdclass, zone->isselfarg); if (key != NULL) @@ -6725,9 +6797,14 @@ notify_send_toaddr(isc_task_t *task, isc_event_t *event) { goto cleanup; isc_netaddr_fromsockaddr(&dstip, ¬ify->dst); - (void)dns_view_getpeertsig(notify->zone->view, &dstip, &key); - isc_sockaddr_format(¬ify->dst, addrbuf, sizeof(addrbuf)); + result = dns_view_getpeertsig(notify->zone->view, &dstip, &key); + if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { + notify_log(notify->zone, ISC_LOG_ERROR, "NOTIFY to %s not " + "sent. Peer TSIG key lookup failure.", addrbuf); + goto cleanup_message; + } + notify_log(notify->zone, ISC_LOG_DEBUG(3), "sending notify to %s", addrbuf); if (notify->zone->view->peers != NULL) { @@ -6774,6 +6851,7 @@ notify_send_toaddr(isc_task_t *task, isc_event_t *event) { cleanup_key: if (key != NULL) dns_tsigkey_detach(&key); + cleanup_message: dns_message_destroy(&message); cleanup: UNLOCK_ZONE(notify->zone); @@ -7386,7 +7464,7 @@ refresh_callback(isc_task_t *task, isc_event_t *event) { dns_rdata_t rdata = DNS_RDATA_INIT; dns_rdata_soa_t soa; isc_result_t result; - isc_uint32_t serial; + isc_uint32_t serial, oldserial; unsigned int j; zone = revent->ev_arg; @@ -7609,12 +7687,17 @@ refresh_callback(isc_task_t *task, isc_event_t *event) { RUNTIME_CHECK(result == ISC_R_SUCCESS); serial = soa.serial; - - zone_debuglog(zone, me, 1, "serial: new %u, old %u", - serial, zone->serial); + if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_LOADED)) { + result = dns_zone_getserial2(zone, &oldserial); + RUNTIME_CHECK(result == ISC_R_SUCCESS); + zone_debuglog(zone, me, 1, "serial: new %u, old %u", + serial, oldserial); + } else + zone_debuglog(zone, me, 1, "serial: new %u, old not loaded", + serial); if (!DNS_ZONE_FLAG(zone, DNS_ZONEFLG_LOADED) || DNS_ZONE_FLAG(zone, DNS_ZONEFLG_FORCEXFER) || - isc_serial_gt(serial, zone->serial)) { + isc_serial_gt(serial, oldserial)) { if (dns_zonemgr_unreachable(zone->zmgr, &zone->masteraddr, &zone->sourceaddr, &now)) { dns_zone_log(zone, ISC_LOG_INFO, @@ -7638,7 +7721,7 @@ refresh_callback(isc_task_t *task, isc_event_t *event) { } if (msg != NULL) dns_message_destroy(&msg); - } else if (isc_serial_eq(soa.serial, zone->serial)) { + } else if (isc_serial_eq(soa.serial, oldserial)) { if (zone->masterfile != NULL) { result = ISC_R_FAILURE; if (zone->journal != NULL) @@ -7671,7 +7754,7 @@ refresh_callback(isc_task_t *task, isc_event_t *event) { if (!DNS_ZONE_OPTION(zone, DNS_ZONEOPT_MULTIMASTER)) dns_zone_log(zone, ISC_LOG_INFO, "serial number (%u) " "received from master %s < ours (%u)", - soa.serial, master, zone->serial); + soa.serial, master, oldserial); else zone_debuglog(zone, me, 1, "ahead"); zone->mastersok[zone->curmaster] = ISC_TRUE; @@ -7965,10 +8048,19 @@ soa_query(isc_task_t *task, isc_event_t *event) { dns_name_format(keyname, namebuf, sizeof(namebuf)); dns_zone_log(zone, ISC_LOG_ERROR, "unable to find key: %s", namebuf); + goto skip_master; + } + } + if (key == NULL) { + result = dns_view_getpeertsig(zone->view, &masterip, &key); + if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) { + char addrbuf[ISC_NETADDR_FORMATSIZE]; + isc_netaddr_format(&masterip, addrbuf, sizeof(addrbuf)); + dns_zone_log(zone, ISC_LOG_ERROR, + "unable to find TSIG key for %s", addrbuf); + goto skip_master; } } - if (key == NULL) - (void)dns_view_getpeertsig(zone->view, &masterip, &key); have_xfrsource = ISC_FALSE; reqnsid = zone->view->requestnsid; @@ -8789,13 +8881,21 @@ dns_zone_notifyreceive(dns_zone_t *zone, isc_sockaddr_t *from, if (result == ISC_R_SUCCESS) result = dns_rdataset_first(rdataset); if (result == ISC_R_SUCCESS) { - isc_uint32_t serial = 0; + isc_uint32_t serial = 0, oldserial; dns_rdataset_current(rdataset, &rdata); result = dns_rdata_tostruct(&rdata, &soa, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); serial = soa.serial; - if (isc_serial_le(serial, zone->serial)) { + /* + * The following should safely be performed without DB + * lock and succeed in this context. + */ + result = zone_get_from_db(zone, zone->db, NULL, NULL, + &oldserial, NULL, NULL, NULL, + NULL, NULL); + RUNTIME_CHECK(result == ISC_R_SUCCESS); + if (isc_serial_le(serial, oldserial)) { dns_zone_log(zone, ISC_LOG_INFO, "notify from %s: " "zone is up to date", @@ -9473,7 +9573,7 @@ zone_replacedb(dns_zone_t *zone, dns_db_t *db, isc_boolean_t dump) { if (zone->db != NULL && zone->journal != NULL && DNS_ZONE_OPTION(zone, DNS_ZONEOPT_IXFRFROMDIFFS) && !DNS_ZONE_FLAG(zone, DNS_ZONEFLG_FORCEXFER)) { - isc_uint32_t serial; + isc_uint32_t serial, oldserial; dns_zone_log(zone, ISC_LOG_DEBUG(3), "generating diffs"); @@ -9488,11 +9588,15 @@ zone_replacedb(dns_zone_t *zone, dns_db_t *db, isc_boolean_t dump) { /* * This is checked in zone_postload() for master zones. */ + result = zone_get_from_db(zone, zone->db, NULL, NULL, + &oldserial, NULL, NULL, NULL, NULL, + NULL); + RUNTIME_CHECK(result == ISC_R_SUCCESS); if (zone->type == dns_zone_slave && - !isc_serial_gt(serial, zone->serial)) { + !isc_serial_gt(serial, oldserial)) { isc_uint32_t serialmin, serialmax; - serialmin = (zone->serial + 1) & 0xffffffffU; - serialmax = (zone->serial + 0x7fffffffU) & 0xffffffffU; + serialmin = (oldserial + 1) & 0xffffffffU; + serialmax = (oldserial + 0x7fffffffU) & 0xffffffffU; dns_zone_log(zone, ISC_LOG_ERROR, "ixfr-from-differences: failed: " "new serial (%u) out of range [%u - %u]", @@ -9685,7 +9789,6 @@ zone_xfrdone(dns_zone_t *zone, isc_result_t result) { zone_unload(zone); goto next_master; } - zone->serial = serial; zone->refresh = RANGE(refresh, zone->minrefresh, zone->maxrefresh); zone->retry = RANGE(retry, zone->minretry, @@ -9723,7 +9826,7 @@ zone_xfrdone(dns_zone_t *zone, isc_result_t result) { buf[0] = '\0'; dns_zone_log(zone, ISC_LOG_INFO, "transferred serial %u%s", - zone->serial, buf); + serial, buf); } /* @@ -9873,6 +9976,13 @@ zone_loaddone(void *arg, isc_result_t result) { (void)zone_postload(load->zone, load->db, load->loadtime, result); zonemgr_putio(&load->zone->readio); DNS_ZONE_CLRFLAG(load->zone, DNS_ZONEFLG_LOADING); + /* + * Leave the zone frozen if the reload fails. + */ + if ((result == ISC_R_SUCCESS || result == DNS_R_SEENINCLUDE) && + DNS_ZONE_FLAG(load->zone, DNS_ZONEFLG_THAW)) + zone->update_disabled = ISC_FALSE; + DNS_ZONE_CLRFLAG(load->zone, DNS_ZONEFLG_THAW); UNLOCK_ZONE(load->zone); load->magic = 0; @@ -11508,7 +11618,8 @@ zone_signwithkey(dns_zone_t *zone, dns_secalg_t algorithm, isc_uint16_t keyid, cleanup: if (signing != NULL) { - dns_db_detach(&signing->db); + if (signing->db != NULL) + dns_db_detach(&signing->db); if (signing->dbiterator != NULL) dns_dbiterator_destroy(&signing->dbiterator); isc_mem_put(zone->mctx, signing, sizeof *signing); diff --git a/lib/isc/api b/lib/isc/api index 5ef8dc0..e55996b 100644 --- a/lib/isc/api +++ b/lib/isc/api @@ -1,3 +1,3 @@ -LIBINTERFACE = 51 +LIBINTERFACE = 52 LIBREVISION = 1 -LIBAGE = 1 +LIBAGE = 2 diff --git a/lib/isc/base32.c b/lib/isc/base32.c index 3000a84..d324da9 100644 --- a/lib/isc/base32.c +++ b/lib/isc/base32.c @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: base32.c,v 1.3.116.2 2009/01/18 23:47:41 tbox Exp $ */ +/* $Id: base32.c,v 1.3.116.3 2009/10/21 01:22:47 each Exp $ */ /*! \file */ @@ -112,6 +112,8 @@ base32_totext(isc_region_t *source, int wordlength, const char *wordbreak, RETERR(str_totext(wordbreak, target)); } } + if (source->length > 0) + isc_region_consume(source, source->length); return (ISC_R_SUCCESS); } diff --git a/lib/isc/base64.c b/lib/isc/base64.c index 13ed6b5..4844a4b 100644 --- a/lib/isc/base64.c +++ b/lib/isc/base64.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: base64.c,v 1.32 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: base64.c,v 1.32.332.2 2009/10/21 23:47:20 tbox Exp $ */ /*! \file */ @@ -85,11 +85,13 @@ isc_base64_totext(isc_region_t *source, int wordlength, buf[2] = base64[((source->base[1]<<2)&0x3c)]; buf[3] = '='; RETERR(str_totext(buf, target)); + isc_region_consume(source, 2); } else if (source->length == 1) { buf[0] = base64[(source->base[0]>>2)&0x3f]; buf[1] = base64[((source->base[0]<<4)&0x30)]; buf[2] = buf[3] = '='; RETERR(str_totext(buf, target)); + isc_region_consume(source, 1); } return (ISC_R_SUCCESS); } @@ -217,7 +219,7 @@ isc_base64_decodestring(const char *cstr, isc_buffer_t *target) { continue; RETERR(base64_decode_char(&ctx, c)); } - RETERR(base64_decode_finish(&ctx)); + RETERR(base64_decode_finish(&ctx)); return (ISC_R_SUCCESS); } diff --git a/lib/isc/heap.c b/lib/isc/heap.c index 91d78c0..dc32100 100644 --- a/lib/isc/heap.c +++ b/lib/isc/heap.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1997-2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: heap.c,v 1.37 2007/10/19 17:15:53 explorer Exp $ */ +/* $Id: heap.c,v 1.37.240.3 2010/02/04 23:47:46 tbox Exp $ */ /*! \file * Heap implementation of priority queues adapted from the following: @@ -186,15 +186,17 @@ sink_down(isc_heap_t *heap, unsigned int i, void *elt) { isc_result_t isc_heap_insert(isc_heap_t *heap, void *elt) { - unsigned int i; + unsigned int new_last; REQUIRE(VALID_HEAP(heap)); - i = ++heap->last; - if (heap->last >= heap->size && !resize(heap)) + new_last = heap->last + 1; + RUNTIME_CHECK(new_last > 0); /* overflow check */ + if (new_last >= heap->size && !resize(heap)) return (ISC_R_NOMEMORY); + heap->last = new_last; - float_up(heap, i, elt); + float_up(heap, new_last, elt); return (ISC_R_SUCCESS); } diff --git a/lib/isc/httpd.c b/lib/isc/httpd.c index fa31325..066939d 100644 --- a/lib/isc/httpd.c +++ b/lib/isc/httpd.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2006-2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2006-2008, 2010 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: httpd.c,v 1.16 2008/08/08 05:06:49 marka Exp $ */ +/* $Id: httpd.c,v 1.16.64.2 2010/02/04 23:47:46 tbox Exp $ */ /*! \file */ @@ -151,6 +151,7 @@ struct isc_httpdmgr { ISC_LIST(isc_httpdurl_t) urls; /*%< urls we manage */ isc_httpdaction_t *render_404; + isc_httpdaction_t *render_500; }; /*% @@ -221,6 +222,11 @@ static isc_result_t render_404(const char *, const char *, unsigned int *, const char **, const char **, isc_buffer_t *, isc_httpdfree_t **, void **); +static isc_result_t render_500(const char *, const char *, + void *, + unsigned int *, const char **, + const char **, isc_buffer_t *, + isc_httpdfree_t **, void **); static void destroy_client(isc_httpd_t **httpdp) @@ -300,6 +306,7 @@ isc_httpdmgr_create(isc_mem_t *mctx, isc_socket_t *sock, isc_task_t *task, goto cleanup; httpd->render_404 = render_404; + httpd->render_500 = render_500; *httpdp = httpd; return (ISC_R_SUCCESS); @@ -623,6 +630,30 @@ render_404(const char *url, const char *querystring, return (ISC_R_SUCCESS); } +static isc_result_t +render_500(const char *url, const char *querystring, + void *arg, + unsigned int *retcode, const char **retmsg, + const char **mimetype, isc_buffer_t *b, + isc_httpdfree_t **freecb, void **freecb_args) +{ + static char msg[] = "Internal server failure."; + + UNUSED(url); + UNUSED(querystring); + UNUSED(arg); + + *retcode = 500; + *retmsg = "Internal server failure"; + *mimetype = "text/plain"; + isc_buffer_reinit(b, msg, strlen(msg)); + isc_buffer_add(b, strlen(msg)); + *freecb = NULL; + *freecb_args = NULL; + + return (ISC_R_SUCCESS); +} + static void isc_httpd_recvdone(isc_task_t *task, isc_event_t *ev) { @@ -691,8 +722,14 @@ isc_httpd_recvdone(isc_task_t *task, isc_event_t *ev) &httpd->mimetype, &httpd->bodybuffer, &httpd->freecb, &httpd->freecb_arg); if (result != ISC_R_SUCCESS) { - destroy_client(&httpd); - goto out; + result = httpd->mgr->render_500(httpd->url, httpd->querystring, + NULL, + &httpd->retcode, + &httpd->retmsg, + &httpd->mimetype, + &httpd->bodybuffer, + &httpd->freecb, + &httpd->freecb_arg); } isc_httpd_response(httpd); diff --git a/lib/isc/ia64/include/isc/atomic.h b/lib/isc/ia64/include/isc/atomic.h index 4c46797..d825819 100644 --- a/lib/isc/ia64/include/isc/atomic.h +++ b/lib/isc/ia64/include/isc/atomic.h @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: atomic.h,v 1.4.326.2 2009/02/06 23:47:11 tbox Exp $ */ +/* $Id: atomic.h,v 1.4.326.3 2009/06/24 02:21:28 marka Exp $ */ #ifndef ISC_ATOMIC_H #define ISC_ATOMIC_H 1 @@ -31,10 +31,10 @@ * (e.g., 1 and -1)? */ static inline isc_int32_t -isc_atomic_xadd(isc_int32_t *p, isc_int32_t val) #ifdef __GNUC__ __attribute__ ((unused)) #endif +isc_atomic_xadd(isc_int32_t *p, isc_int32_t val) { isc_int32_t prev, swapped; @@ -57,10 +57,10 @@ __attribute__ ((unused)) * This routine atomically stores the value 'val' in 'p'. */ static inline void -isc_atomic_store(isc_int32_t *p, isc_int32_t val) #ifdef __GNUC__ __attribute__ ((unused)) #endif +isc_atomic_store(isc_int32_t *p, isc_int32_t val) { __asm__ volatile( "st4.rel %0=%1" @@ -76,10 +76,10 @@ __attribute__ ((unused)) * case. */ static inline isc_int32_t -isc_atomic_cmpxchg(isc_int32_t *p, isc_int32_t cmpval, isc_int32_t val) #ifdef __GNUC__ __attribute__ ((unused)) #endif +isc_atomic_cmpxchg(isc_int32_t *p, isc_int32_t cmpval, isc_int32_t val) { isc_int32_t ret; diff --git a/lib/isc/include/isc/entropy.h b/lib/isc/include/isc/entropy.h index e9e59c4..125669c 100644 --- a/lib/isc/include/isc/entropy.h +++ b/lib/isc/include/isc/entropy.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: entropy.h,v 1.32.332.2 2009/01/18 23:47:41 tbox Exp $ */ +/* $Id: entropy.h,v 1.32.332.3 2009/10/19 02:46:07 marka Exp $ */ #ifndef ISC_ENTROPY_H #define ISC_ENTROPY_H 1 @@ -182,8 +182,8 @@ isc_result_t isc_entropy_createsamplesource(isc_entropy_t *ent, isc_entropysource_t **sourcep); /*!< - * \brief Create an entropy source that consists of samples. Each sample is added - * to the source via isc_entropy_addsamples(), below. + * \brief Create an entropy source that consists of samples. Each sample is + * added to the source via isc_entropy_addsamples(), below. */ isc_result_t @@ -254,11 +254,11 @@ void isc_entropy_putdata(isc_entropy_t *ent, void *data, unsigned int length, isc_uint32_t entropy); /*!< - * \brief Add "length" bytes in "data" to the entropy pool, incrementing the pool's - * entropy count by "entropy." + * \brief Add "length" bytes in "data" to the entropy pool, incrementing the + * pool's entropy count by "entropy." * - * These bytes will prime the pseudorandom portion even no entropy is actually - * added. + * These bytes will prime the pseudorandom portion even if no entropy is + * actually added. */ void diff --git a/lib/isc/include/isc/netscope.h b/lib/isc/include/isc/netscope.h index ba4e792..0883140 100644 --- a/lib/isc/include/isc/netscope.h +++ b/lib/isc/include/isc/netscope.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2009 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: netscope.h,v 1.11 2007/06/19 23:47:18 tbox Exp $ */ +/* $Id: netscope.h,v 1.11.332.2 2009/06/25 23:47:24 tbox Exp $ */ #ifndef ISC_NETSCOPE_H #define ISC_NETSCOPE_H 1 @@ -40,4 +40,4 @@ isc_netscope_pton(int af, char *scopename, void *addr, isc_uint32_t *zoneid); ISC_LANG_ENDDECLS -#endif /* ISC_NETADDR_H */ +#endif /* ISC_NETSCOPE_H */ diff --git a/lib/isc/include/isc/portset.h b/lib/isc/include/isc/portset.h index dc1f856..a7ad3d6 100644 --- a/lib/isc/include/isc/portset.h +++ b/lib/isc/include/isc/portset.h @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: portset.h,v 1.3.90.2 2009/01/18 23:47:41 tbox Exp $ */ +/* $Id: portset.h,v 1.3.90.3 2009/06/25 05:31:51 marka Exp $ */ /*! \file isc/portset.h * \brief Transport Protocol Port Manipulation Module @@ -138,4 +138,4 @@ isc_portset_removerange(isc_portset_t *portset, in_port_t port_lo, ISC_LANG_ENDDECLS -#endif /* ISC_NETADDR_H */ +#endif /* ISC_PORTSET_H */ diff --git a/lib/isc/include/isc/sha2.h b/lib/isc/include/isc/sha2.h index 211e255..edafa61 100644 --- a/lib/isc/include/isc/sha2.h +++ b/lib/isc/include/isc/sha2.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2005-2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2005-2007, 2010 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: sha2.h,v 1.9 2007/06/19 23:47:18 tbox Exp $ */ +/* $Id: sha2.h,v 1.9.332.2 2010/01/15 23:47:34 tbox Exp $ */ /* $FreeBSD$ */ /* $KAME: sha2.h,v 1.3 2001/03/12 08:27:48 itojun Exp $ */ @@ -39,7 +39,7 @@ * 3. Neither the name of the copyright holder nor the names of contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) AND CONTRIBUTOR(S) ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -104,24 +104,28 @@ typedef isc_sha512_t isc_sha384_t; /*** SHA-224/256/384/512 Function Prototypes ******************************/ void isc_sha224_init (isc_sha224_t *); +void isc_sha224_invalidate (isc_sha224_t *); void isc_sha224_update (isc_sha224_t *, const isc_uint8_t *, size_t); void isc_sha224_final (isc_uint8_t[ISC_SHA224_DIGESTLENGTH], isc_sha224_t *); char *isc_sha224_end (isc_sha224_t *, char[ISC_SHA224_DIGESTSTRINGLENGTH]); char *isc_sha224_data (const isc_uint8_t *, size_t, char[ISC_SHA224_DIGESTSTRINGLENGTH]); void isc_sha256_init (isc_sha256_t *); +void isc_sha256_invalidate (isc_sha256_t *); void isc_sha256_update (isc_sha256_t *, const isc_uint8_t *, size_t); void isc_sha256_final (isc_uint8_t[ISC_SHA256_DIGESTLENGTH], isc_sha256_t *); char *isc_sha256_end (isc_sha256_t *, char[ISC_SHA256_DIGESTSTRINGLENGTH]); char *isc_sha256_data (const isc_uint8_t *, size_t, char[ISC_SHA256_DIGESTSTRINGLENGTH]); void isc_sha384_init (isc_sha384_t *); +void isc_sha384_invalidate (isc_sha384_t *); void isc_sha384_update (isc_sha384_t *, const isc_uint8_t *, size_t); void isc_sha384_final (isc_uint8_t[ISC_SHA384_DIGESTLENGTH], isc_sha384_t *); char *isc_sha384_end (isc_sha384_t *, char[ISC_SHA384_DIGESTSTRINGLENGTH]); char *isc_sha384_data (const isc_uint8_t *, size_t, char[ISC_SHA384_DIGESTSTRINGLENGTH]); void isc_sha512_init (isc_sha512_t *); +void isc_sha512_invalidate (isc_sha512_t *); void isc_sha512_update (isc_sha512_t *, const isc_uint8_t *, size_t); void isc_sha512_final (isc_uint8_t[ISC_SHA512_DIGESTLENGTH], isc_sha512_t *); char *isc_sha512_end (isc_sha512_t *, char[ISC_SHA512_DIGESTSTRINGLENGTH]); diff --git a/lib/isc/include/isc/util.h b/lib/isc/include/isc/util.h index 8a3b95d..85846b6 100644 --- a/lib/isc/include/isc/util.h +++ b/lib/isc/include/isc/util.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: util.h,v 1.30 2007/06/19 23:47:18 tbox Exp $ */ +/* $Id: util.h,v 1.30.332.2 2010/01/11 23:47:22 tbox Exp $ */ #ifndef ISC_UTIL_H #define ISC_UTIL_H 1 @@ -230,4 +230,14 @@ */ #define TIME_NOW(tp) RUNTIME_CHECK(isc_time_now((tp)) == ISC_R_SUCCESS) +/*% + * Prevent Linux spurious warnings + */ +#if defined(__GNUC__) && (__GNUC__ > 3) +#define isc_util_fwrite(a, b, c, d) \ + __builtin_expect(fwrite((a), (b), (c), (d)), (c)) +#else +#define isc_util_fwrite(a, b, c, d) fwrite((a), (b), (c), (d)) +#endif + #endif /* ISC_UTIL_H */ diff --git a/lib/isc/inet_ntop.c b/lib/isc/inet_ntop.c index dc053ed..c37be5c 100644 --- a/lib/isc/inet_ntop.c +++ b/lib/isc/inet_ntop.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1996-2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -19,7 +19,7 @@ #if defined(LIBC_SCCS) && !defined(lint) static char rcsid[] = - "$Id: inet_ntop.c,v 1.19 2007/06/19 23:47:17 tbox Exp $"; + "$Id: inet_ntop.c,v 1.19.332.2 2009/07/18 23:47:25 tbox Exp $"; #endif /* LIBC_SCCS and not lint */ #include <config.h> @@ -52,7 +52,7 @@ static const char *inet_ntop6(const unsigned char *src, char *dst, * convert a network format address to presentation format. * \return * pointer to presentation format address (`dst'), or NULL (see errno). - * \author + * \author * Paul Vixie, 1996. */ const char * @@ -169,8 +169,9 @@ inet_ntop6(const unsigned char *src, char *dst, size_t size) if (i != 0) *tp++ = ':'; /* Is this address an encapsulated IPv4? */ - if (i == 6 && best.base == 0 && - (best.len == 6 || (best.len == 5 && words[5] == 0xffff))) { + if (i == 6 && best.base == 0 && (best.len == 6 || + (best.len == 7 && words[7] != 0x0001) || + (best.len == 5 && words[5] == 0xffff))) { if (!inet_ntop4(src+12, tp, sizeof(tmp) - (tp - tmp))) return (NULL); diff --git a/lib/isc/powerpc/include/isc/atomic.h b/lib/isc/powerpc/include/isc/atomic.h index 765cb6d..2114767 100644 --- a/lib/isc/powerpc/include/isc/atomic.h +++ b/lib/isc/powerpc/include/isc/atomic.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2005, 2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: atomic.h,v 1.6 2007/06/18 23:47:47 tbox Exp $ */ +/* $Id: atomic.h,v 1.6.332.2 2009/10/14 23:47:14 tbox Exp $ */ #ifndef ISC_ATOMIC_H #define ISC_ATOMIC_H 1 @@ -46,25 +46,56 @@ #include <sys/atomic_op.h> -#define isc_atomic_xadd(p, v) fetch_and_add(p, v) #define isc_atomic_store(p, v) _clear_lock(p, v) #ifdef __GNUC__ +static inline isc_int32_t +#else +static isc_int32_t +#endif +isc_atomic_xadd(isc_int32_t *p, isc_int32_t val) { + int ret; + +#ifdef __GNUC__ + asm("ics"); +#else + __isync(); +#endif + + ret = fetch_and_add((atomic_p)p, (int)val); + +#ifdef __GNUC__ + asm("ics"); +#else + __isync(); +#endif + + return (ret); +} + +#ifdef __GNUC__ static inline int #else static int #endif isc_atomic_cmpxchg(atomic_p p, int old, int new) { - int orig = old; + int orig = old; #ifdef __GNUC__ - asm("ics"); + asm("ics"); #else - __isync(); + __isync(); #endif - if (compare_and_swap(p, &orig, new)) - return (old); - return (orig); + if (compare_and_swap(p, &orig, new)) + orig = old; + +#ifdef __GNUC__ + asm("ics"); +#else + __isync(); +#endif + + return (orig); } #elif defined(ISC_PLATFORM_USEGCCASM) || defined(ISC_PLATFORM_USEMACASM) @@ -76,14 +107,14 @@ isc_atomic_xadd(isc_int32_t *p, isc_int32_t val) { #ifdef ISC_PLATFORM_USEMACASM "1:" "lwarx r6, 0, %1\n" - "mr %0, r6\n" + "mr %0, r6\n" "add r6, r6, %2\n" "stwcx. r6, 0, %1\n" "bne- 1b" #else "1:" "lwarx 6, 0, %1\n" - "mr %0, 6\n" + "mr %0, 6\n" "add 6, 6, %2\n" "stwcx. 6, 0, %1\n" "bne- 1b" diff --git a/lib/isc/random.c b/lib/isc/random.c index 0329abd..84ba6a0 100644 --- a/lib/isc/random.c +++ b/lib/isc/random.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: random.c,v 1.25 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: random.c,v 1.25.332.2 2009/07/16 23:47:17 tbox Exp $ */ /*! \file */ @@ -43,7 +43,7 @@ initialize_rand(void) { #ifndef HAVE_ARC4RANDOM unsigned int pid = getpid(); - + /* * The low bits of pid generally change faster. * Xor them with the high bits of time which change slowly. @@ -84,7 +84,16 @@ isc_random_get(isc_uint32_t *val) * rand()'s lower bits are not random. * rand()'s upper bit is zero. */ +#if RAND_MAX >= 0xfffff + /* We have at least 20 bits. Use lower 16 excluding lower most 4 */ *val = ((rand() >> 4) & 0xffff) | ((rand() << 12) & 0xffff0000); +#elif RAND_MAX >= 0x7fff + /* We have at least 15 bits. Use lower 10/11 excluding lower most 4 */ + *val = ((rand() >> 4) & 0x000007ff) | ((rand() << 7) & 0x003ff800) | + ((rand() << 18) & 0xffc00000); +#else +#error RAND_MAX is too small +#endif #else *val = arc4random(); #endif @@ -92,13 +101,13 @@ isc_random_get(isc_uint32_t *val) isc_uint32_t isc_random_jitter(isc_uint32_t max, isc_uint32_t jitter) { + isc_uint32_t rnd; + REQUIRE(jitter < max); + if (jitter == 0) return (max); - else -#ifndef HAVE_ARC4RANDOM - return (max - rand() % jitter); -#else - return (max - arc4random() % jitter); -#endif + + isc_random_get(&rnd); + return (max - rnd % jitter); } diff --git a/lib/isc/sha2.c b/lib/isc/sha2.c index 70eea4f..ff19274 100644 --- a/lib/isc/sha2.c +++ b/lib/isc/sha2.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2005-2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2005-2007, 2009, 2010 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: sha2.c,v 1.13.332.2 2009/01/18 23:47:41 tbox Exp $ */ +/* $Id: sha2.c,v 1.13.332.4 2010/01/15 23:47:34 tbox Exp $ */ /* $FreeBSD$ */ /* $KAME: sha2.c,v 1.8 2001/11/08 01:07:52 itojun Exp $ */ @@ -415,6 +415,11 @@ isc_sha224_init(isc_sha224_t *context) { } void +isc_sha224_invalidate(isc_sha224_t *context) { + memset(context, 0, sizeof(isc_sha224_t)); +} + +void isc_sha224_update(isc_sha224_t *context, const isc_uint8_t* data, size_t len) { isc_sha256_update((isc_sha256_t *)context, data, len); } @@ -651,6 +656,11 @@ isc_sha256_transform(isc_sha256_t *context, const isc_uint32_t* data) { #endif /* ISC_SHA2_UNROLL_TRANSFORM */ void +isc_sha256_invalidate(isc_sha256_t *context) { + memset(context, 0, sizeof(isc_sha256_t)); +} + +void isc_sha256_update(isc_sha256_t *context, const isc_uint8_t *data, size_t len) { unsigned int freespace, usedspace; @@ -990,7 +1000,13 @@ isc_sha512_transform(isc_sha512_t *context, const isc_uint64_t* data) { #endif /* ISC_SHA2_UNROLL_TRANSFORM */ -void isc_sha512_update(isc_sha512_t *context, const isc_uint8_t *data, size_t len) { +void +isc_sha512_invalidate(isc_sha512_t *context) { + memset(context, 0, sizeof(isc_sha512_t)); +} + +void +isc_sha512_update(isc_sha512_t *context, const isc_uint8_t *data, size_t len) { unsigned int freespace, usedspace; if (len == 0U) { @@ -1164,6 +1180,11 @@ isc_sha384_init(isc_sha384_t *context) { } void +isc_sha384_invalidate(isc_sha384_t *context) { + memset(context, 0, sizeof(isc_sha384_t)); +} + +void isc_sha384_update(isc_sha384_t *context, const isc_uint8_t* data, size_t len) { isc_sha512_update((isc_sha512_t *)context, data, len); } diff --git a/lib/isc/unix/ifiter_getifaddrs.c b/lib/isc/unix/ifiter_getifaddrs.c index b576d46..87ef9ba 100644 --- a/lib/isc/unix/ifiter_getifaddrs.c +++ b/lib/isc/unix/ifiter_getifaddrs.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007-2009 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: ifiter_getifaddrs.c,v 1.11 2008/03/20 23:47:00 tbox Exp $ */ +/* $Id: ifiter_getifaddrs.c,v 1.11.120.2 2009/09/24 23:47:34 tbox Exp $ */ /*! \file * \brief @@ -181,7 +181,7 @@ internal_current(isc_interfaceiter_t *iter) { ifa->ifa_name); if (ifa->ifa_dstaddr != NULL && - (iter->current.flags & IFF_POINTOPOINT) != 0) + (iter->current.flags & INTERFACE_F_POINTTOPOINT) != 0) get_addr(family, &iter->current.dstaddress, ifa->ifa_dstaddr, ifa->ifa_name); diff --git a/lib/isc/unix/socket.c b/lib/isc/unix/socket.c index d09fe51..004a038 100644 --- a/lib/isc/unix/socket.c +++ b/lib/isc/unix/socket.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: socket.c,v 1.308.12.8 2009/04/18 01:29:26 jinmei Exp $ */ +/* $Id: socket.c,v 1.308.12.12 2010/01/31 23:47:31 tbox Exp $ */ /*! \file */ @@ -1520,12 +1520,22 @@ doio_recv(isc_socket_t *sock, isc_socketevent_t *dev) { } /* - * On TCP, zero length reads indicate EOF, while on - * UDP, zero length reads are perfectly valid, although - * strange. + * On TCP and UNIX sockets, zero length reads indicate EOF, + * while on UDP sockets, zero length reads are perfectly valid, + * although strange. */ - if ((sock->type == isc_sockettype_tcp) && (cc == 0)) - return (DOIO_EOF); + switch (sock->type) { + case isc_sockettype_tcp: + case isc_sockettype_unix: + if (cc == 0) + return (DOIO_EOF); + break; + case isc_sockettype_udp: + break; + case isc_sockettype_fdwatch: + default: + INSIST(0); + } if (sock->type == isc_sockettype_udp) { dev->address.length = msghdr.msg_namelen; @@ -3645,7 +3655,7 @@ setup_watcher(isc_mem_t *mctx, isc_socketmgr_t *manager) { manager->maxsocks); if (manager->fdpollinfo == NULL) { isc_mem_put(mctx, manager->events, - sizeof(pollinfo_t) * manager->maxsocks); + sizeof(struct pollfd) * manager->nevents); return (ISC_R_NOMEMORY); } memset(manager->fdpollinfo, 0, sizeof(pollinfo_t) * manager->maxsocks); @@ -4851,6 +4861,7 @@ isc_socket_connect(isc_socket_t *sock, isc_sockaddr_t *addr, isc_socketmgr_t *manager; int cc; char strbuf[ISC_STRERRORSIZE]; + char addrbuf[ISC_SOCKADDR_FORMATSIZE]; REQUIRE(VALID_SOCKET(sock)); REQUIRE(addr != NULL); @@ -4919,7 +4930,9 @@ isc_socket_connect(isc_socket_t *sock, isc_sockaddr_t *addr, sock->connected = 0; isc__strerror(errno, strbuf, sizeof(strbuf)); - UNEXPECTED_ERROR(__FILE__, __LINE__, "%d/%s", errno, strbuf); + isc_sockaddr_format(addr, addrbuf, sizeof(addrbuf)); + UNEXPECTED_ERROR(__FILE__, __LINE__, "connect(%s) %d/%s", + addrbuf, errno, strbuf); UNLOCK(&sock->lock); inc_stats(sock->manager->stats, diff --git a/lib/isccc/api b/lib/isccc/api index 8459d42..2240cdd 100644 --- a/lib/isccc/api +++ b/lib/isccc/api @@ -1,3 +1,3 @@ LIBINTERFACE = 50 -LIBREVISION = 0 +LIBREVISION = 1 LIBAGE = 0 diff --git a/lib/isccfg/aclconf.c b/lib/isccfg/aclconf.c index ad3d58e..92839e4 100644 --- a/lib/isccfg/aclconf.c +++ b/lib/isccfg/aclconf.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: aclconf.c,v 1.22.34.2 2009/01/18 23:47:41 tbox Exp $ */ +/* $Id: aclconf.c,v 1.22.34.4 2009/10/01 23:47:17 tbox Exp $ */ #include <config.h> @@ -168,26 +168,36 @@ convert_keyname(const cfg_obj_t *keyobj, isc_log_t *lctx, isc_mem_t *mctx, * parent. */ static int -count_acl_elements(const cfg_obj_t *caml, const cfg_obj_t *cctx) +count_acl_elements(const cfg_obj_t *caml, const cfg_obj_t *cctx, + isc_boolean_t *has_negative) { const cfg_listelt_t *elt; const cfg_obj_t *cacl = NULL; isc_result_t result; int n = 0; + if (has_negative != NULL) + *has_negative = ISC_FALSE; + for (elt = cfg_list_first(caml); elt != NULL; elt = cfg_list_next(elt)) { const cfg_obj_t *ce = cfg_listelt_value(elt); /* negated element; just get the value. */ - if (cfg_obj_istuple(ce)) + if (cfg_obj_istuple(ce)) { ce = cfg_tuple_get(ce, "value"); + if (has_negative != NULL) + *has_negative = ISC_TRUE; + } if (cfg_obj_istype(ce, &cfg_type_keyref)) { n++; } else if (cfg_obj_islist(ce)) { - n += count_acl_elements(ce, cctx); + isc_boolean_t negative; + n += count_acl_elements(ce, cctx, &negative); + if (negative) + n++; } else if (cfg_obj_isstring(ce)) { const char *name = cfg_obj_asstring(ce); if (strcasecmp(name, "localhost") == 0 || @@ -197,7 +207,8 @@ count_acl_elements(const cfg_obj_t *caml, const cfg_obj_t *cctx) strcasecmp(name, "none") != 0) { result = get_acl_def(cctx, name, &cacl); if (result == ISC_R_SUCCESS) - n += count_acl_elements(cacl, cctx) + 1; + n += count_acl_elements(cacl, cctx, + NULL) + 1; } } } @@ -246,7 +257,7 @@ cfg_acl_fromconfig(const cfg_obj_t *caml, int nelem; if (nest_level == 0) - nelem = count_acl_elements(caml, cctx); + nelem = count_acl_elements(caml, cctx, NULL); else nelem = cfg_list_length(caml, ISC_FALSE); diff --git a/lib/isccfg/api b/lib/isccfg/api index 8459d42..2240cdd 100644 --- a/lib/isccfg/api +++ b/lib/isccfg/api @@ -1,3 +1,3 @@ LIBINTERFACE = 50 -LIBREVISION = 0 +LIBREVISION = 1 LIBAGE = 0 diff --git a/lib/isccfg/include/isccfg/namedconf.h b/lib/isccfg/include/isccfg/namedconf.h index 9689a2a..55c5a81 100644 --- a/lib/isccfg/include/isccfg/namedconf.h +++ b/lib/isccfg/include/isccfg/namedconf.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2009 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: namedconf.h,v 1.9 2007/06/19 23:47:22 tbox Exp $ */ +/* $Id: namedconf.h,v 1.9.332.2 2009/06/25 23:47:28 tbox Exp $ */ #ifndef ISCCFG_NAMEDCONF_H #define ISCCFG_NAMEDCONF_H 1 @@ -42,4 +42,4 @@ LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_rndckey; LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_keyref; /*%< A key reference, used as an ACL element */ -#endif /* ISCCFG_CFG_H */ +#endif /* ISCCFG_NAMEDCONF_H */ diff --git a/lib/lwres/api b/lib/lwres/api index 39934b4..fbbf923 100644 --- a/lib/lwres/api +++ b/lib/lwres/api @@ -1,3 +1,3 @@ LIBINTERFACE = 50 -LIBREVISION = 2 +LIBREVISION = 3 LIBAGE = 0 diff --git a/lib/lwres/context.c b/lib/lwres/context.c index 464a2cf..d042c87 100644 --- a/lib/lwres/context.c +++ b/lib/lwres/context.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007-2009 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: context.c,v 1.50.332.2 2008/12/30 23:46:49 tbox Exp $ */ +/* $Id: context.c,v 1.50.332.5 2009/09/01 23:47:05 tbox Exp $ */ /*! \file context.c lwres_context_create() creates a #lwres_context_t structure for use in @@ -471,6 +471,17 @@ lwres_context_sendrecv(lwres_context_t *ctx, result = lwres_context_send(ctx, sendbase, sendlen); if (result != LWRES_R_SUCCESS) return (result); + + /* + * If this is not checked, select() can overflow, + * causing corruption elsewhere. + */ + if (ctx->sock >= (int)FD_SETSIZE) { + close(ctx->sock); + ctx->sock = -1; + return (LWRES_R_IOERROR); + } + again: FD_ZERO(&readfds); FD_SET(ctx->sock, &readfds); diff --git a/lib/lwres/getipnode.c b/lib/lwres/getipnode.c index a6c50c2..4331638 100644 --- a/lib/lwres/getipnode.c +++ b/lib/lwres/getipnode.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: getipnode.c,v 1.42 2007/06/18 23:47:51 tbox Exp $ */ +/* $Id: getipnode.c,v 1.42.332.5 2009/09/01 23:47:05 tbox Exp $ */ /*! \file */ @@ -23,7 +23,7 @@ * These functions perform thread safe, protocol independent * nodename-to-address and address-to-nodename translation as defined in * RFC2553. This use a struct hostent which is defined in namedb.h: - * + * * \code * struct hostent { * char *h_name; // official name of host @@ -34,90 +34,90 @@ * }; * #define h_addr h_addr_list[0] // address, for backward compatibility * \endcode - * + * * The members of this structure are: - * + * * \li h_name: * The official (canonical) name of the host. - * + * * \li h_aliases: * A NULL-terminated array of alternate names (nicknames) for the * host. - * + * * \li h_addrtype: * The type of address being returned - usually PF_INET or * PF_INET6. - * + * * \li h_length: * The length of the address in bytes. - * + * * \li h_addr_list: * A NULL terminated array of network addresses for the host. Host * addresses are returned in network byte order. - * + * * lwres_getipnodebyname() looks up addresses of protocol family af for * the hostname name. The flags parameter contains ORed flag bits to * specify the types of addresses that are searched for, and the types of * addresses that are returned. The flag bits are: - * + * * \li #AI_V4MAPPED: * This is used with an af of #AF_INET6, and causes IPv4 addresses * to be returned as IPv4-mapped IPv6 addresses. - * + * * \li #AI_ALL: * This is used with an af of #AF_INET6, and causes all known * addresses (IPv6 and IPv4) to be returned. If #AI_V4MAPPED is * also set, the IPv4 addresses are return as mapped IPv6 * addresses. - * + * * \li #AI_ADDRCONFIG: * Only return an IPv6 or IPv4 address if here is an active * network interface of that type. This is not currently * implemented in the BIND 9 lightweight resolver, and the flag is * ignored. - * + * * \li #AI_DEFAULT: * This default sets the #AI_V4MAPPED and #AI_ADDRCONFIG flag bits. - * + * * lwres_getipnodebyaddr() performs a reverse lookup of address src which * is len bytes long. af denotes the protocol family, typically PF_INET * or PF_INET6. - * + * * lwres_freehostent() releases all the memory associated with the struct * hostent pointer. Any memory allocated for the h_name, h_addr_list * and h_aliases is freed, as is the memory for the hostent structure * itself. - * + * * \section getipnode_return Return Values - * + * * If an error occurs, lwres_getipnodebyname() and * lwres_getipnodebyaddr() set *error_num to an appropriate error code * and the function returns a NULL pointer. The error codes and their * meanings are defined in \link netdb.h <lwres/netdb.h>\endlink: - * + * * \li #HOST_NOT_FOUND: * No such host is known. - * + * * \li #NO_ADDRESS: * The server recognised the request and the name but no address * is available. Another type of request to the name server for * the domain might return an answer. - * + * * \li #TRY_AGAIN: * A temporary and possibly transient error occurred, such as a * failure of a server to respond. The request may succeed if * retried. - * + * * \li #NO_RECOVERY: * An unexpected failure occurred, and retrying the request is * pointless. - * + * * lwres_hstrerror() translates these error codes to suitable error * messages. - * + * * \section getipnode_see See Also - * - * getaddrinfo.c, gethost.c, getnameinfo.c, herror.c, RFC2553 + * + * getaddrinfo.c, gethost.c, getnameinfo.c, herror.c, RFC2553 */ #include <config.h> @@ -146,21 +146,21 @@ LIBLWRES_EXTERNAL_DATA const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT; #ifndef IN6_IS_ADDR_V4COMPAT static const unsigned char in6addr_compat[12] = { - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; #define IN6_IS_ADDR_V4COMPAT(x) (!memcmp((x)->s6_addr, in6addr_compat, 12) && \ - ((x)->s6_addr[12] != 0 || \ - (x)->s6_addr[13] != 0 || \ - (x)->s6_addr[14] != 0 || \ - ((x)->s6_addr[15] != 0 && \ - (x)->s6_addr[15] != 1))) + ((x)->s6_addr[12] != 0 || \ + (x)->s6_addr[13] != 0 || \ + (x)->s6_addr[14] != 0 || \ + ((x)->s6_addr[15] != 0 && \ + (x)->s6_addr[15] != 1))) #endif #ifndef IN6_IS_ADDR_V4MAPPED #define IN6_IS_ADDR_V4MAPPED(x) (!memcmp((x)->s6_addr, in6addr_mapped, 12)) #endif static const unsigned char in6addr_mapped[12] = { - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xff, 0xff + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xff, 0xff }; /*** @@ -202,7 +202,7 @@ lwres_getipnodebyname(const char *name, int af, int flags, int *error_num) { struct in6_addr in6; struct hostent he, *he1 = NULL, *he2 = NULL, *he3 = NULL; int v4 = 0, v6 = 0; - int tmp_err; + int tmp_err = 0; lwres_context_t *lwrctx = NULL; lwres_gabnresponse_t *by = NULL; int n; @@ -275,7 +275,6 @@ lwres_getipnodebyname(const char *name, int af, int flags, int *error_num) { (void) lwres_conf_parse(lwrctx, lwres_resolv_conf); tmp_err = NO_RECOVERY; if (have_v6 && af == AF_INET6) { - n = lwres_getaddrsbyname(lwrctx, name, LWRES_ADDRTYPE_V6, &by); if (n == 0) { he1 = hostfromname(by, AF_INET6); @@ -285,7 +284,12 @@ lwres_getipnodebyname(const char *name, int af, int flags, int *error_num) { goto cleanup; } } else { - tmp_err = HOST_NOT_FOUND; + if (n == LWRES_R_NOTFOUND) + tmp_err = HOST_NOT_FOUND; + else { + *error_num = NO_RECOVERY; + goto cleanup; + } } } @@ -437,9 +441,15 @@ lwres_getipnodebyaddr(const void *src, size_t len, int af, int *error_num) { if (n != 0) { lwres_conf_clear(lwrctx); lwres_context_destroy(&lwrctx); - *error_num = HOST_NOT_FOUND; + + if (n == LWRES_R_NOTFOUND) + *error_num = HOST_NOT_FOUND; + else + *error_num = NO_RECOVERY; + return (NULL); } + he1 = hostfromaddr(by, AF_INET6, src); lwres_gnbaresponse_free(lwrctx, &by); if (he1 == NULL) @@ -492,7 +502,7 @@ lwres_freehostent(struct hostent *he) { */ #if defined(SIOCGLIFCONF) && defined(SIOCGLIFADDR) && \ - !defined(IRIX_EMUL_IOCTL_SIOCGIFCONF) + !defined(IRIX_EMUL_IOCTL_SIOCGIFCONF) #ifdef __hpux #define lifc_len iflc_len @@ -504,7 +514,7 @@ lwres_freehostent(struct hostent *he) { #define ISC_HAVE_LIFC_FLAGS 1 #define LIFCONF lifconf #endif - + #ifdef __hpux #define lifr_addr iflr_addr #define lifr_name iflr_name @@ -557,7 +567,7 @@ scan_interfaces6(int *have_v4, int *have_v6) { /* * Some OS's just return what will fit rather * than set EINVAL if the buffer is too small - * to fit all the interfaces in. If + * to fit all the interfaces in. If * lifc.lifc_len is too near to the end of the * buffer we will grow it just in case and * retry. @@ -619,13 +629,13 @@ scan_interfaces6(int *have_v4, int *have_v6) { if ((lifreq.lifr_flags & IFF_UP) == 0) break; *have_v4 = 1; - } + } break; case AF_INET6: if (*have_v6 == 0) { memcpy(&in6, &((struct sockaddr_in6 *) - &lifreq.lifr_addr)->sin6_addr, + &lifreq.lifr_addr)->sin6_addr, sizeof(in6)); if (memcmp(&in6, &in6addr_any, sizeof(in6)) == 0) @@ -675,7 +685,7 @@ scan_interfaces(int *have_v4, int *have_v6) { InitSockets(); #endif #if defined(SIOCGLIFCONF) && defined(SIOCGLIFADDR) && \ - !defined(IRIX_EMUL_IOCTL_SIOCGIFCONF) + !defined(IRIX_EMUL_IOCTL_SIOCGIFCONF) /* * Try to scan the interfaces using IPv6 ioctls(). */ @@ -721,7 +731,7 @@ scan_interfaces(int *have_v4, int *have_v6) { /* * Some OS's just return what will fit rather * than set EINVAL if the buffer is too small - * to fit all the interfaces in. If + * to fit all the interfaces in. If * ifc.ifc_len is too near to the end of the * buffer we will grow it just in case and * retry. @@ -786,7 +796,7 @@ scan_interfaces(int *have_v4, int *have_v6) { if ((u.ifreq.ifr_flags & IFF_UP) == 0) break; *have_v4 = 1; - } + } break; case AF_INET6: if (*have_v6 == 0) { diff --git a/lib/lwres/man/lwres.3 b/lib/lwres/man/lwres.3 index e1f8793..14c719a 100644 --- a/lib/lwres/man/lwres.3 +++ b/lib/lwres/man/lwres.3 @@ -1,7 +1,7 @@ .\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" -.\" Permission to use, copy, modify, and distribute this software for any +.\" Permission to use, copy, modify, and/or distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above .\" copyright notice and this permission notice appear in all copies. .\" @@ -13,7 +13,7 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres.3,v 1.28 2007/01/30 00:24:59 marka Exp $ +.\" $Id: lwres.3,v 1.28.418.1 2009/07/11 01:55:21 tbox Exp $ .\" .hy 0 .ad l diff --git a/lib/lwres/man/lwres.html b/lib/lwres/man/lwres.html index 986918a..c90bcbd 100644 --- a/lib/lwres/man/lwres.html +++ b/lib/lwres/man/lwres.html @@ -2,7 +2,7 @@ - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres.html,v 1.23.514.1 2009/12/31 23:17:47 tbox Exp $ --> +<!-- $Id: lwres.html,v 1.23.418.1 2009/07/11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres — introduction to the lightweight resolver library</p> @@ -32,7 +32,7 @@ <div class="funcsynopsis"><pre class="funcsynopsisinfo">#include <lwres/lwres.h></pre></div> </div> <div class="refsect1" lang="en"> -<a name="id2543346"></a><h2>DESCRIPTION</h2> +<a name="id2543348"></a><h2>DESCRIPTION</h2> <p> The BIND 9 lightweight resolver library is a simple, name service independent stub resolver library. It provides hostname-to-address @@ -47,7 +47,7 @@ </p> </div> <div class="refsect1" lang="en"> -<a name="id2543358"></a><h2>OVERVIEW</h2> +<a name="id2543361"></a><h2>OVERVIEW</h2> <p> The lwresd library implements multiple name service APIs. The standard @@ -101,7 +101,7 @@ </p> </div> <div class="refsect1" lang="en"> -<a name="id2543422"></a><h2>CLIENT-SIDE LOW-LEVEL API CALL FLOW</h2> +<a name="id2543425"></a><h2>CLIENT-SIDE LOW-LEVEL API CALL FLOW</h2> <p> When a client program wishes to make an lwres request using the native low-level API, it typically performs the following @@ -149,7 +149,7 @@ </p> </div> <div class="refsect1" lang="en"> -<a name="id2543571"></a><h2>SERVER-SIDE LOW-LEVEL API CALL FLOW</h2> +<a name="id2543573"></a><h2>SERVER-SIDE LOW-LEVEL API CALL FLOW</h2> <p> When implementing the server side of the lightweight resolver protocol using the lwres library, a sequence of actions like the @@ -191,7 +191,7 @@ <p></p> </div> <div class="refsect1" lang="en"> -<a name="id2543654"></a><h2>SEE ALSO</h2> +<a name="id2543656"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">lwres_gethostent</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">lwres_getipnode</span>(3)</span>, diff --git a/lib/lwres/man/lwres_buffer.3 b/lib/lwres/man/lwres_buffer.3 index cc0959d..e8fe631 100644 --- a/lib/lwres/man/lwres_buffer.3 +++ b/lib/lwres/man/lwres_buffer.3 @@ -1,7 +1,7 @@ .\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" -.\" Permission to use, copy, modify, and distribute this software for any +.\" Permission to use, copy, modify, and/or distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above .\" copyright notice and this permission notice appear in all copies. .\" @@ -13,7 +13,7 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_buffer.3,v 1.26 2007/01/30 00:24:59 marka Exp $ +.\" $Id: lwres_buffer.3,v 1.26.418.1 2009/07/11 01:55:21 tbox Exp $ .\" .hy 0 .ad l diff --git a/lib/lwres/man/lwres_buffer.html b/lib/lwres/man/lwres_buffer.html index 7ed5407..b546bcf 100644 --- a/lib/lwres/man/lwres_buffer.html +++ b/lib/lwres/man/lwres_buffer.html @@ -2,7 +2,7 @@ - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_buffer.html,v 1.21.514.1 2009/12/31 23:17:47 tbox Exp $ --> +<!-- $Id: lwres_buffer.html,v 1.21.418.1 2009/07/11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_buffer_init, lwres_buffer_invalidate, lwres_buffer_add, lwres_buffer_subtract, lwres_buffer_clear, lwres_buffer_first, lwres_buffer_forward, lwres_buffer_back, lwres_buffer_getuint8, lwres_buffer_putuint8, lwres_buffer_getuint16, lwres_buffer_putuint16, lwres_buffer_getuint32, lwres_buffer_putuint32, lwres_buffer_putmem, lwres_buffer_getmem — lightweight resolver buffer management</p> @@ -262,7 +262,7 @@ void </div> </div> <div class="refsect1" lang="en"> -<a name="id2543890"></a><h2>DESCRIPTION</h2> +<a name="id2543892"></a><h2>DESCRIPTION</h2> <p> These functions provide bounds checked access to a region of memory where data is being read or written. diff --git a/lib/lwres/man/lwres_config.3 b/lib/lwres/man/lwres_config.3 index 6184cb2..2d3b813 100644 --- a/lib/lwres/man/lwres_config.3 +++ b/lib/lwres/man/lwres_config.3 @@ -1,7 +1,7 @@ .\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" -.\" Permission to use, copy, modify, and distribute this software for any +.\" Permission to use, copy, modify, and/or distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above .\" copyright notice and this permission notice appear in all copies. .\" @@ -13,7 +13,7 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_config.3,v 1.26 2007/01/30 00:24:59 marka Exp $ +.\" $Id: lwres_config.3,v 1.26.418.1 2009/07/11 01:55:21 tbox Exp $ .\" .hy 0 .ad l diff --git a/lib/lwres/man/lwres_config.html b/lib/lwres/man/lwres_config.html index 050fd5d..fb29b7f 100644 --- a/lib/lwres/man/lwres_config.html +++ b/lib/lwres/man/lwres_config.html @@ -2,7 +2,7 @@ - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_config.html,v 1.22.514.1 2009/12/31 23:17:47 tbox Exp $ --> +<!-- $Id: lwres_config.html,v 1.22.418.1 2009/07/11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_conf_init, lwres_conf_clear, lwres_conf_parse, lwres_conf_print, lwres_conf_get — lightweight resolver configuration</p> @@ -90,7 +90,7 @@ lwres_conf_t * </div> </div> <div class="refsect1" lang="en"> -<a name="id2543438"></a><h2>DESCRIPTION</h2> +<a name="id2543441"></a><h2>DESCRIPTION</h2> <p><code class="function">lwres_conf_init()</code> creates an empty <span class="type">lwres_conf_t</span> @@ -123,7 +123,7 @@ lwres_conf_t * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543506"></a><h2>RETURN VALUES</h2> +<a name="id2543508"></a><h2>RETURN VALUES</h2> <p><code class="function">lwres_conf_parse()</code> returns <span class="errorcode">LWRES_R_SUCCESS</span> if it successfully read and parsed @@ -142,13 +142,13 @@ lwres_conf_t * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543543"></a><h2>SEE ALSO</h2> +<a name="id2543545"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">stdio</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">resolver</span>(5)</span>. </p> </div> <div class="refsect1" lang="en"> -<a name="id2543569"></a><h2>FILES</h2> +<a name="id2543571"></a><h2>FILES</h2> <p><code class="filename">/etc/resolv.conf</code> </p> </div> diff --git a/lib/lwres/man/lwres_context.3 b/lib/lwres/man/lwres_context.3 index b1022d8..dae7ee5 100644 --- a/lib/lwres/man/lwres_context.3 +++ b/lib/lwres/man/lwres_context.3 @@ -1,7 +1,7 @@ .\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001, 2003 Internet Software Consortium. .\" -.\" Permission to use, copy, modify, and distribute this software for any +.\" Permission to use, copy, modify, and/or distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above .\" copyright notice and this permission notice appear in all copies. .\" @@ -13,7 +13,7 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_context.3,v 1.28 2007/01/30 00:24:59 marka Exp $ +.\" $Id: lwres_context.3,v 1.28.418.1 2009/07/11 01:55:21 tbox Exp $ .\" .hy 0 .ad l diff --git a/lib/lwres/man/lwres_context.html b/lib/lwres/man/lwres_context.html index d6fada9..22bdcd3 100644 --- a/lib/lwres/man/lwres_context.html +++ b/lib/lwres/man/lwres_context.html @@ -2,7 +2,7 @@ - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001, 2003 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_context.html,v 1.23.514.1 2009/12/31 23:17:47 tbox Exp $ --> +<!-- $Id: lwres_context.html,v 1.23.418.1 2009/07/11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_context_create, lwres_context_destroy, lwres_context_nextserial, lwres_context_initserial, lwres_context_freemem, lwres_context_allocmem, lwres_context_sendrecv — lightweight resolver context management</p> @@ -172,7 +172,7 @@ void * </div> </div> <div class="refsect1" lang="en"> -<a name="id2543529"></a><h2>DESCRIPTION</h2> +<a name="id2543531"></a><h2>DESCRIPTION</h2> <p><code class="function">lwres_context_create()</code> creates a <span class="type">lwres_context_t</span> structure for use in lightweight resolver operations. It holds a socket and other @@ -258,7 +258,7 @@ void * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543717"></a><h2>RETURN VALUES</h2> +<a name="id2543719"></a><h2>RETURN VALUES</h2> <p><code class="function">lwres_context_create()</code> returns <span class="errorcode">LWRES_R_NOMEMORY</span> if memory for the <span class="type">struct lwres_context</span> could not be allocated, @@ -283,7 +283,7 @@ void * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543767"></a><h2>SEE ALSO</h2> +<a name="id2543769"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">lwres_conf_init</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">malloc</span>(3)</span>, diff --git a/lib/lwres/man/lwres_gabn.3 b/lib/lwres/man/lwres_gabn.3 index 0c14384..64846d1 100644 --- a/lib/lwres/man/lwres_gabn.3 +++ b/lib/lwres/man/lwres_gabn.3 @@ -1,7 +1,7 @@ .\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" -.\" Permission to use, copy, modify, and distribute this software for any +.\" Permission to use, copy, modify, and/or distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above .\" copyright notice and this permission notice appear in all copies. .\" @@ -13,7 +13,7 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_gabn.3,v 1.27 2007/01/30 00:24:59 marka Exp $ +.\" $Id: lwres_gabn.3,v 1.27.418.1 2009/07/11 01:55:21 tbox Exp $ .\" .hy 0 .ad l diff --git a/lib/lwres/man/lwres_gabn.html b/lib/lwres/man/lwres_gabn.html index efb152a3..e5cb4d3 100644 --- a/lib/lwres/man/lwres_gabn.html +++ b/lib/lwres/man/lwres_gabn.html @@ -2,7 +2,7 @@ - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_gabn.html,v 1.24.514.1 2009/12/31 23:17:47 tbox Exp $ --> +<!-- $Id: lwres_gabn.html,v 1.24.418.1 2009/07/11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_gabnrequest_render, lwres_gabnresponse_render, lwres_gabnrequest_parse, lwres_gabnresponse_parse, lwres_gabnresponse_free, lwres_gabnrequest_free — lightweight resolver getaddrbyname message handling</p> @@ -178,7 +178,7 @@ void </div> </div> <div class="refsect1" lang="en"> -<a name="id2543520"></a><h2>DESCRIPTION</h2> +<a name="id2543522"></a><h2>DESCRIPTION</h2> <p> These are low-level routines for creating and parsing lightweight resolver name-to-address lookup request and @@ -278,7 +278,7 @@ typedef struct { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543665"></a><h2>RETURN VALUES</h2> +<a name="id2543667"></a><h2>RETURN VALUES</h2> <p> The getaddrbyname opcode functions <code class="function">lwres_gabnrequest_render()</code>, @@ -316,7 +316,7 @@ typedef struct { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543731"></a><h2>SEE ALSO</h2> +<a name="id2543733"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">lwres_packet</span>(3)</span> </p> </div> diff --git a/lib/lwres/man/lwres_gai_strerror.3 b/lib/lwres/man/lwres_gai_strerror.3 index e412b8f..46b54c0 100644 --- a/lib/lwres/man/lwres_gai_strerror.3 +++ b/lib/lwres/man/lwres_gai_strerror.3 @@ -1,7 +1,7 @@ .\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" -.\" Permission to use, copy, modify, and distribute this software for any +.\" Permission to use, copy, modify, and/or distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above .\" copyright notice and this permission notice appear in all copies. .\" @@ -13,7 +13,7 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_gai_strerror.3,v 1.27 2007/01/30 00:24:59 marka Exp $ +.\" $Id: lwres_gai_strerror.3,v 1.27.418.1 2009/07/11 01:55:21 tbox Exp $ .\" .hy 0 .ad l diff --git a/lib/lwres/man/lwres_gai_strerror.html b/lib/lwres/man/lwres_gai_strerror.html index aeb0967..994782d 100644 --- a/lib/lwres/man/lwres_gai_strerror.html +++ b/lib/lwres/man/lwres_gai_strerror.html @@ -2,7 +2,7 @@ - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_gai_strerror.html,v 1.24.514.1 2009/12/31 23:17:48 tbox Exp $ --> +<!-- $Id: lwres_gai_strerror.html,v 1.24.418.1 2009/07/11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_gai_strerror — print suitable error string</p> @@ -42,7 +42,7 @@ char * </div> </div> <div class="refsect1" lang="en"> -<a name="id2543358"></a><h2>DESCRIPTION</h2> +<a name="id2543361"></a><h2>DESCRIPTION</h2> <p><code class="function">lwres_gai_strerror()</code> returns an error message corresponding to an error code returned by <code class="function">getaddrinfo()</code>. @@ -110,7 +110,7 @@ char * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543574"></a><h2>SEE ALSO</h2> +<a name="id2543576"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">strerror</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">lwres_getaddrinfo</span>(3)</span>, diff --git a/lib/lwres/man/lwres_getaddrinfo.3 b/lib/lwres/man/lwres_getaddrinfo.3 index 7a1b5d7..edac051 100644 --- a/lib/lwres/man/lwres_getaddrinfo.3 +++ b/lib/lwres/man/lwres_getaddrinfo.3 @@ -1,7 +1,7 @@ .\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001, 2003 Internet Software Consortium. .\" -.\" Permission to use, copy, modify, and distribute this software for any +.\" Permission to use, copy, modify, and/or distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above .\" copyright notice and this permission notice appear in all copies. .\" @@ -13,7 +13,7 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_getaddrinfo.3,v 1.31 2007/01/30 00:24:59 marka Exp $ +.\" $Id: lwres_getaddrinfo.3,v 1.31.418.1 2009/07/11 01:55:21 tbox Exp $ .\" .hy 0 .ad l diff --git a/lib/lwres/man/lwres_getaddrinfo.html b/lib/lwres/man/lwres_getaddrinfo.html index ec00839..d3f6e0b 100644 --- a/lib/lwres/man/lwres_getaddrinfo.html +++ b/lib/lwres/man/lwres_getaddrinfo.html @@ -2,7 +2,7 @@ - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001, 2003 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_getaddrinfo.html,v 1.27.514.1 2009/12/31 23:17:48 tbox Exp $ --> +<!-- $Id: lwres_getaddrinfo.html,v 1.27.418.1 2009/07/11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_getaddrinfo, lwres_freeaddrinfo — socket address structure to host and service name</p> @@ -89,7 +89,7 @@ struct addrinfo { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543410"></a><h2>DESCRIPTION</h2> +<a name="id2543412"></a><h2>DESCRIPTION</h2> <p><code class="function">lwres_getaddrinfo()</code> is used to get a list of IP addresses and port numbers for host <em class="parameter"><code>hostname</code></em> and service @@ -283,7 +283,7 @@ struct addrinfo { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543787"></a><h2>RETURN VALUES</h2> +<a name="id2543789"></a><h2>RETURN VALUES</h2> <p><code class="function">lwres_getaddrinfo()</code> returns zero on success or one of the error codes listed in <span class="citerefentry"><span class="refentrytitle">gai_strerror</span>(3)</span> @@ -294,7 +294,7 @@ struct addrinfo { </p> </div> <div class="refsect1" lang="en"> -<a name="id2542118"></a><h2>SEE ALSO</h2> +<a name="id2543827"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">lwres_getaddrinfo</span>(3)</span>, diff --git a/lib/lwres/man/lwres_gethostent.3 b/lib/lwres/man/lwres_gethostent.3 index 847d882..688c618 100644 --- a/lib/lwres/man/lwres_gethostent.3 +++ b/lib/lwres/man/lwres_gethostent.3 @@ -1,7 +1,7 @@ .\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2001 Internet Software Consortium. .\" -.\" Permission to use, copy, modify, and distribute this software for any +.\" Permission to use, copy, modify, and/or distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above .\" copyright notice and this permission notice appear in all copies. .\" @@ -13,7 +13,7 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_gethostent.3,v 1.29 2007/01/30 00:24:59 marka Exp $ +.\" $Id: lwres_gethostent.3,v 1.29.418.1 2009/07/11 01:55:21 tbox Exp $ .\" .hy 0 .ad l diff --git a/lib/lwres/man/lwres_gethostent.html b/lib/lwres/man/lwres_gethostent.html index 9465440..3bccc48 100644 --- a/lib/lwres/man/lwres_gethostent.html +++ b/lib/lwres/man/lwres_gethostent.html @@ -2,7 +2,7 @@ - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_gethostent.html,v 1.24.514.1 2009/12/31 23:17:52 tbox Exp $ --> +<!-- $Id: lwres_gethostent.html,v 1.24.418.1 2009/07/11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_gethostbyname, lwres_gethostbyname2, lwres_gethostbyaddr, lwres_gethostent, lwres_sethostent, lwres_endhostent, lwres_gethostbyname_r, lwres_gethostbyaddr_r, lwres_gethostent_r, lwres_sethostent_r, lwres_endhostent_r — lightweight resolver get network host entry</p> @@ -228,7 +228,7 @@ void </div> </div> <div class="refsect1" lang="en"> -<a name="id2543606"></a><h2>DESCRIPTION</h2> +<a name="id2543608"></a><h2>DESCRIPTION</h2> <p> These functions provide hostname-to-address and address-to-hostname lookups by means of the lightweight resolver. @@ -366,7 +366,7 @@ struct hostent { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543957"></a><h2>RETURN VALUES</h2> +<a name="id2543959"></a><h2>RETURN VALUES</h2> <p> The functions <code class="function">lwres_gethostbyname()</code>, @@ -430,7 +430,7 @@ struct hostent { </p> </div> <div class="refsect1" lang="en"> -<a name="id2544190"></a><h2>SEE ALSO</h2> +<a name="id2544193"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">gethostent</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">lwres_getipnode</span>(3)</span>, @@ -439,7 +439,7 @@ struct hostent { </p> </div> <div class="refsect1" lang="en"> -<a name="id2544225"></a><h2>BUGS</h2> +<a name="id2544227"></a><h2>BUGS</h2> <p><code class="function">lwres_gethostbyname()</code>, <code class="function">lwres_gethostbyname2()</code>, <code class="function">lwres_gethostbyaddr()</code> diff --git a/lib/lwres/man/lwres_getipnode.3 b/lib/lwres/man/lwres_getipnode.3 index e5c51a9..b74b342 100644 --- a/lib/lwres/man/lwres_getipnode.3 +++ b/lib/lwres/man/lwres_getipnode.3 @@ -1,7 +1,7 @@ .\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001, 2003 Internet Software Consortium. .\" -.\" Permission to use, copy, modify, and distribute this software for any +.\" Permission to use, copy, modify, and/or distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above .\" copyright notice and this permission notice appear in all copies. .\" @@ -13,7 +13,7 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_getipnode.3,v 1.28 2007/01/30 00:24:59 marka Exp $ +.\" $Id: lwres_getipnode.3,v 1.28.418.1 2009/07/11 01:55:21 tbox Exp $ .\" .hy 0 .ad l diff --git a/lib/lwres/man/lwres_getipnode.html b/lib/lwres/man/lwres_getipnode.html index c92c51c..5d9eb9d 100644 --- a/lib/lwres/man/lwres_getipnode.html +++ b/lib/lwres/man/lwres_getipnode.html @@ -2,7 +2,7 @@ - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001, 2003 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_getipnode.html,v 1.25.514.1 2009/12/31 23:17:52 tbox Exp $ --> +<!-- $Id: lwres_getipnode.html,v 1.25.418.1 2009/07/11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_getipnodebyname, lwres_getipnodebyaddr, lwres_freehostent — lightweight resolver nodename / address translation API</p> @@ -98,7 +98,7 @@ void </div> </div> <div class="refsect1" lang="en"> -<a name="id2543429"></a><h2>DESCRIPTION</h2> +<a name="id2543431"></a><h2>DESCRIPTION</h2> <p> These functions perform thread safe, protocol independent nodename-to-address and address-to-nodename @@ -217,7 +217,7 @@ struct hostent { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543687"></a><h2>RETURN VALUES</h2> +<a name="id2543689"></a><h2>RETURN VALUES</h2> <p> If an error occurs, <code class="function">lwres_getipnodebyname()</code> @@ -261,7 +261,7 @@ struct hostent { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543784"></a><h2>SEE ALSO</h2> +<a name="id2543786"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">RFC2553</span></span>, <span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>, diff --git a/lib/lwres/man/lwres_getnameinfo.3 b/lib/lwres/man/lwres_getnameinfo.3 index c477f79..d77776b 100644 --- a/lib/lwres/man/lwres_getnameinfo.3 +++ b/lib/lwres/man/lwres_getnameinfo.3 @@ -1,7 +1,7 @@ .\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" -.\" Permission to use, copy, modify, and distribute this software for any +.\" Permission to use, copy, modify, and/or distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above .\" copyright notice and this permission notice appear in all copies. .\" @@ -13,7 +13,7 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_getnameinfo.3,v 1.29 2007/01/30 00:24:59 marka Exp $ +.\" $Id: lwres_getnameinfo.3,v 1.29.418.1 2009/07/11 01:55:21 tbox Exp $ .\" .hy 0 .ad l diff --git a/lib/lwres/man/lwres_getnameinfo.html b/lib/lwres/man/lwres_getnameinfo.html index 7730131..200f93f 100644 --- a/lib/lwres/man/lwres_getnameinfo.html +++ b/lib/lwres/man/lwres_getnameinfo.html @@ -2,7 +2,7 @@ - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_getnameinfo.html,v 1.23.514.1 2009/12/31 23:17:52 tbox Exp $ --> +<!-- $Id: lwres_getnameinfo.html,v 1.23.418.1 2009/07/11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_getnameinfo — lightweight resolver socket address structure to hostname and @@ -82,7 +82,7 @@ int </div> </div> <div class="refsect1" lang="en"> -<a name="id2543390"></a><h2>DESCRIPTION</h2> +<a name="id2543393"></a><h2>DESCRIPTION</h2> <p> This function is equivalent to the <span class="citerefentry"><span class="refentrytitle">getnameinfo</span>(3)</span> function defined in RFC2133. @@ -149,13 +149,13 @@ int </p> </div> <div class="refsect1" lang="en"> -<a name="id2543532"></a><h2>RETURN VALUES</h2> +<a name="id2543534"></a><h2>RETURN VALUES</h2> <p><code class="function">lwres_getnameinfo()</code> returns 0 on success or a non-zero error code if an error occurs. </p> </div> <div class="refsect1" lang="en"> -<a name="id2543544"></a><h2>SEE ALSO</h2> +<a name="id2543546"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">RFC2133</span></span>, <span class="citerefentry"><span class="refentrytitle">getservbyport</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>, @@ -165,7 +165,7 @@ int </p> </div> <div class="refsect1" lang="en"> -<a name="id2543602"></a><h2>BUGS</h2> +<a name="id2543604"></a><h2>BUGS</h2> <p> RFC2133 fails to define what the nonzero return values of <span class="citerefentry"><span class="refentrytitle">getnameinfo</span>(3)</span> diff --git a/lib/lwres/man/lwres_getrrsetbyname.3 b/lib/lwres/man/lwres_getrrsetbyname.3 index 8419fff..bda5aa2 100644 --- a/lib/lwres/man/lwres_getrrsetbyname.3 +++ b/lib/lwres/man/lwres_getrrsetbyname.3 @@ -1,7 +1,7 @@ .\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" -.\" Permission to use, copy, modify, and distribute this software for any +.\" Permission to use, copy, modify, and/or distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above .\" copyright notice and this permission notice appear in all copies. .\" @@ -13,7 +13,7 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_getrrsetbyname.3,v 1.25 2007/01/30 00:24:59 marka Exp $ +.\" $Id: lwres_getrrsetbyname.3,v 1.25.418.1 2009/07/11 01:55:21 tbox Exp $ .\" .hy 0 .ad l diff --git a/lib/lwres/man/lwres_getrrsetbyname.html b/lib/lwres/man/lwres_getrrsetbyname.html index 15bfb82..be8c05a 100644 --- a/lib/lwres/man/lwres_getrrsetbyname.html +++ b/lib/lwres/man/lwres_getrrsetbyname.html @@ -2,7 +2,7 @@ - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_getrrsetbyname.html,v 1.23.514.1 2009/12/31 23:17:53 tbox Exp $ --> +<!-- $Id: lwres_getrrsetbyname.html,v 1.23.418.1 2009/07/11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_getrrsetbyname, lwres_freerrset — retrieve DNS records</p> @@ -102,7 +102,7 @@ struct rrsetinfo { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543412"></a><h2>DESCRIPTION</h2> +<a name="id2543414"></a><h2>DESCRIPTION</h2> <p><code class="function">lwres_getrrsetbyname()</code> gets a set of resource records associated with a <em class="parameter"><code>hostname</code></em>, <em class="parameter"><code>class</code></em>, @@ -150,7 +150,7 @@ struct rrsetinfo { <p></p> </div> <div class="refsect1" lang="en"> -<a name="id2543524"></a><h2>RETURN VALUES</h2> +<a name="id2543526"></a><h2>RETURN VALUES</h2> <p><code class="function">lwres_getrrsetbyname()</code> returns zero on success, and one of the following error codes if an error occurred: @@ -184,7 +184,7 @@ struct rrsetinfo { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543624"></a><h2>SEE ALSO</h2> +<a name="id2543626"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>. </p> </div> diff --git a/lib/lwres/man/lwres_gnba.3 b/lib/lwres/man/lwres_gnba.3 index 39a1b9d..e04fa8f 100644 --- a/lib/lwres/man/lwres_gnba.3 +++ b/lib/lwres/man/lwres_gnba.3 @@ -1,7 +1,7 @@ .\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" -.\" Permission to use, copy, modify, and distribute this software for any +.\" Permission to use, copy, modify, and/or distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above .\" copyright notice and this permission notice appear in all copies. .\" @@ -13,7 +13,7 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_gnba.3,v 1.27 2007/01/30 00:24:59 marka Exp $ +.\" $Id: lwres_gnba.3,v 1.27.418.1 2009/07/11 01:55:21 tbox Exp $ .\" .hy 0 .ad l diff --git a/lib/lwres/man/lwres_gnba.html b/lib/lwres/man/lwres_gnba.html index 80c909e..bd1ce60 100644 --- a/lib/lwres/man/lwres_gnba.html +++ b/lib/lwres/man/lwres_gnba.html @@ -2,7 +2,7 @@ - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_gnba.html,v 1.24.514.1 2009/12/31 23:17:47 tbox Exp $ --> +<!-- $Id: lwres_gnba.html,v 1.24.418.1 2009/07/11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_gnbarequest_render, lwres_gnbaresponse_render, lwres_gnbarequest_parse, lwres_gnbaresponse_parse, lwres_gnbaresponse_free, lwres_gnbarequest_free — lightweight resolver getnamebyaddress message handling</p> @@ -183,7 +183,7 @@ void </div> </div> <div class="refsect1" lang="en"> -<a name="id2543523"></a><h2>DESCRIPTION</h2> +<a name="id2543525"></a><h2>DESCRIPTION</h2> <p> These are low-level routines for creating and parsing lightweight resolver address-to-name lookup request and @@ -270,7 +270,7 @@ typedef struct { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543662"></a><h2>RETURN VALUES</h2> +<a name="id2543665"></a><h2>RETURN VALUES</h2> <p> The getnamebyaddr opcode functions <code class="function">lwres_gnbarequest_render()</code>, @@ -308,7 +308,7 @@ typedef struct { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543729"></a><h2>SEE ALSO</h2> +<a name="id2543731"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">lwres_packet</span>(3)</span>. </p> </div> diff --git a/lib/lwres/man/lwres_hstrerror.3 b/lib/lwres/man/lwres_hstrerror.3 index 5998238..badb5fe 100644 --- a/lib/lwres/man/lwres_hstrerror.3 +++ b/lib/lwres/man/lwres_hstrerror.3 @@ -1,7 +1,7 @@ .\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" -.\" Permission to use, copy, modify, and distribute this software for any +.\" Permission to use, copy, modify, and/or distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above .\" copyright notice and this permission notice appear in all copies. .\" @@ -13,7 +13,7 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_hstrerror.3,v 1.27 2007/01/30 00:24:59 marka Exp $ +.\" $Id: lwres_hstrerror.3,v 1.27.418.1 2009/07/11 01:55:21 tbox Exp $ .\" .hy 0 .ad l diff --git a/lib/lwres/man/lwres_hstrerror.html b/lib/lwres/man/lwres_hstrerror.html index b166e3d..fce6c31 100644 --- a/lib/lwres/man/lwres_hstrerror.html +++ b/lib/lwres/man/lwres_hstrerror.html @@ -2,7 +2,7 @@ - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_hstrerror.html,v 1.23.514.1 2009/12/31 23:17:54 tbox Exp $ --> +<!-- $Id: lwres_hstrerror.html,v 1.23.418.1 2009/07/11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_herror, lwres_hstrerror — lightweight resolver error message generation</p> @@ -50,7 +50,7 @@ const char * </div> </div> <div class="refsect1" lang="en"> -<a name="id2543377"></a><h2>DESCRIPTION</h2> +<a name="id2543379"></a><h2>DESCRIPTION</h2> <p><code class="function">lwres_herror()</code> prints the string <em class="parameter"><code>s</code></em> on <span class="type">stderr</span> followed by the string generated by @@ -84,7 +84,7 @@ const char * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543495"></a><h2>RETURN VALUES</h2> +<a name="id2543497"></a><h2>RETURN VALUES</h2> <p> The string <span class="errorname">Unknown resolver error</span> is returned by <code class="function">lwres_hstrerror()</code> @@ -94,7 +94,7 @@ const char * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543515"></a><h2>SEE ALSO</h2> +<a name="id2543517"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">herror</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">lwres_hstrerror</span>(3)</span>. diff --git a/lib/lwres/man/lwres_inetntop.3 b/lib/lwres/man/lwres_inetntop.3 index c7d3d12..1f9e097 100644 --- a/lib/lwres/man/lwres_inetntop.3 +++ b/lib/lwres/man/lwres_inetntop.3 @@ -1,7 +1,7 @@ .\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" -.\" Permission to use, copy, modify, and distribute this software for any +.\" Permission to use, copy, modify, and/or distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above .\" copyright notice and this permission notice appear in all copies. .\" @@ -13,7 +13,7 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_inetntop.3,v 1.26 2007/01/30 00:24:59 marka Exp $ +.\" $Id: lwres_inetntop.3,v 1.26.418.1 2009/07/11 01:55:21 tbox Exp $ .\" .hy 0 .ad l diff --git a/lib/lwres/man/lwres_inetntop.html b/lib/lwres/man/lwres_inetntop.html index 3522a1d..37bd95f 100644 --- a/lib/lwres/man/lwres_inetntop.html +++ b/lib/lwres/man/lwres_inetntop.html @@ -2,7 +2,7 @@ - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_inetntop.html,v 1.23.514.1 2009/12/31 23:17:48 tbox Exp $ --> +<!-- $Id: lwres_inetntop.html,v 1.23.418.1 2009/07/11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_net_ntop — lightweight resolver IP address presentation</p> @@ -62,7 +62,7 @@ const char * </div> </div> <div class="refsect1" lang="en"> -<a name="id2543377"></a><h2>DESCRIPTION</h2> +<a name="id2543379"></a><h2>DESCRIPTION</h2> <p><code class="function">lwres_net_ntop()</code> converts an IP address of protocol family <em class="parameter"><code>af</code></em> — IPv4 or IPv6 — at @@ -80,7 +80,7 @@ const char * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543409"></a><h2>RETURN VALUES</h2> +<a name="id2543411"></a><h2>RETURN VALUES</h2> <p> If successful, the function returns <em class="parameter"><code>dst</code></em>: a pointer to a string containing the presentation format of the @@ -93,7 +93,7 @@ const char * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543442"></a><h2>SEE ALSO</h2> +<a name="id2543444"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">RFC1884</span></span>, <span class="citerefentry"><span class="refentrytitle">inet_ntop</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">errno</span>(3)</span>. diff --git a/lib/lwres/man/lwres_noop.3 b/lib/lwres/man/lwres_noop.3 index 0e4ed71..6c39ce6 100644 --- a/lib/lwres/man/lwres_noop.3 +++ b/lib/lwres/man/lwres_noop.3 @@ -1,7 +1,7 @@ .\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" -.\" Permission to use, copy, modify, and distribute this software for any +.\" Permission to use, copy, modify, and/or distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above .\" copyright notice and this permission notice appear in all copies. .\" @@ -13,7 +13,7 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_noop.3,v 1.28 2007/01/30 00:24:59 marka Exp $ +.\" $Id: lwres_noop.3,v 1.28.418.1 2009/07/11 01:55:21 tbox Exp $ .\" .hy 0 .ad l diff --git a/lib/lwres/man/lwres_noop.html b/lib/lwres/man/lwres_noop.html index 18a41fa..c8fad5d 100644 --- a/lib/lwres/man/lwres_noop.html +++ b/lib/lwres/man/lwres_noop.html @@ -2,7 +2,7 @@ - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_noop.html,v 1.25.514.1 2009/12/31 23:17:54 tbox Exp $ --> +<!-- $Id: lwres_noop.html,v 1.25.418.1 2009/07/11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_nooprequest_render, lwres_noopresponse_render, lwres_nooprequest_parse, lwres_noopresponse_parse, lwres_noopresponse_free, lwres_nooprequest_free — lightweight resolver no-op message handling</p> @@ -179,7 +179,7 @@ void </div> </div> <div class="refsect1" lang="en"> -<a name="id2543520"></a><h2>DESCRIPTION</h2> +<a name="id2543522"></a><h2>DESCRIPTION</h2> <p> These are low-level routines for creating and parsing lightweight resolver no-op request and response messages. @@ -270,7 +270,7 @@ typedef struct { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543670"></a><h2>RETURN VALUES</h2> +<a name="id2543672"></a><h2>RETURN VALUES</h2> <p> The no-op opcode functions <code class="function">lwres_nooprequest_render()</code>, @@ -309,7 +309,7 @@ typedef struct { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543736"></a><h2>SEE ALSO</h2> +<a name="id2543738"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">lwres_packet</span>(3)</span> </p> </div> diff --git a/lib/lwres/man/lwres_packet.3 b/lib/lwres/man/lwres_packet.3 index 1e1f98f..068d241 100644 --- a/lib/lwres/man/lwres_packet.3 +++ b/lib/lwres/man/lwres_packet.3 @@ -1,7 +1,7 @@ .\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" -.\" Permission to use, copy, modify, and distribute this software for any +.\" Permission to use, copy, modify, and/or distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above .\" copyright notice and this permission notice appear in all copies. .\" @@ -13,7 +13,7 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_packet.3,v 1.29 2007/01/30 00:24:59 marka Exp $ +.\" $Id: lwres_packet.3,v 1.29.418.1 2009/07/11 01:55:21 tbox Exp $ .\" .hy 0 .ad l diff --git a/lib/lwres/man/lwres_packet.html b/lib/lwres/man/lwres_packet.html index 11601e8..17aed04 100644 --- a/lib/lwres/man/lwres_packet.html +++ b/lib/lwres/man/lwres_packet.html @@ -2,7 +2,7 @@ - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_packet.html,v 1.26.514.1 2009/12/31 23:17:54 tbox Exp $ --> +<!-- $Id: lwres_packet.html,v 1.26.418.1 2009/07/11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_lwpacket_renderheader, lwres_lwpacket_parseheader — lightweight resolver packet handling functions</p> @@ -66,7 +66,7 @@ lwres_result_t </div> </div> <div class="refsect1" lang="en"> -<a name="id2543387"></a><h2>DESCRIPTION</h2> +<a name="id2543389"></a><h2>DESCRIPTION</h2> <p> These functions rely on a <span class="type">struct lwres_lwpacket</span> @@ -219,7 +219,7 @@ struct lwres_lwpacket { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543704"></a><h2>RETURN VALUES</h2> +<a name="id2543706"></a><h2>RETURN VALUES</h2> <p> Successful calls to <code class="function">lwres_lwpacket_renderheader()</code> and diff --git a/lib/lwres/man/lwres_resutil.3 b/lib/lwres/man/lwres_resutil.3 index d26f77c..2297cb7 100644 --- a/lib/lwres/man/lwres_resutil.3 +++ b/lib/lwres/man/lwres_resutil.3 @@ -1,7 +1,7 @@ .\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") .\" Copyright (C) 2000, 2001 Internet Software Consortium. .\" -.\" Permission to use, copy, modify, and distribute this software for any +.\" Permission to use, copy, modify, and/or distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above .\" copyright notice and this permission notice appear in all copies. .\" @@ -13,7 +13,7 @@ .\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS SOFTWARE. .\" -.\" $Id: lwres_resutil.3,v 1.28 2007/01/30 00:24:59 marka Exp $ +.\" $Id: lwres_resutil.3,v 1.28.418.1 2009/07/11 01:55:21 tbox Exp $ .\" .hy 0 .ad l diff --git a/lib/lwres/man/lwres_resutil.html b/lib/lwres/man/lwres_resutil.html index e67ac0a..3cde25b 100644 --- a/lib/lwres/man/lwres_resutil.html +++ b/lib/lwres/man/lwres_resutil.html @@ -2,7 +2,7 @@ - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000, 2001 Internet Software Consortium. - - - Permission to use, copy, modify, and distribute this software for any + - Permission to use, copy, modify, and/or distribute this software for any - purpose with or without fee is hereby granted, provided that the above - copyright notice and this permission notice appear in all copies. - @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_resutil.html,v 1.25.514.1 2009/12/31 23:17:54 tbox Exp $ --> +<!-- $Id: lwres_resutil.html,v 1.25.418.1 2009/07/11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_string_parse, lwres_addr_parse, lwres_getaddrsbyname, lwres_getnamebyaddr — lightweight resolver utility functions</p> @@ -134,7 +134,7 @@ lwres_result_t </div> </div> <div class="refsect1" lang="en"> -<a name="id2543464"></a><h2>DESCRIPTION</h2> +<a name="id2543466"></a><h2>DESCRIPTION</h2> <p><code class="function">lwres_string_parse()</code> retrieves a DNS-encoded string starting the current pointer of lightweight resolver buffer <em class="parameter"><code>b</code></em>: i.e. @@ -210,7 +210,7 @@ typedef struct { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543603"></a><h2>RETURN VALUES</h2> +<a name="id2543605"></a><h2>RETURN VALUES</h2> <p> Successful calls to <code class="function">lwres_string_parse()</code> @@ -248,7 +248,7 @@ typedef struct { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543674"></a><h2>SEE ALSO</h2> +<a name="id2543676"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">lwres_buffer</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">lwres_gabn</span>(3)</span>. |