summaryrefslogtreecommitdiffstats
path: root/contrib/unbound/smallapp
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/unbound/smallapp')
-rw-r--r--contrib/unbound/smallapp/unbound-anchor.c10
-rw-r--r--contrib/unbound/smallapp/unbound-checkconf.c2
-rwxr-xr-xcontrib/unbound/smallapp/unbound-control-setup.sh2
-rwxr-xr-xcontrib/unbound/smallapp/unbound-control-setup.sh.in2
-rw-r--r--contrib/unbound/smallapp/unbound-control.c5
-rw-r--r--contrib/unbound/smallapp/unbound-host.c4
6 files changed, 16 insertions, 9 deletions
diff --git a/contrib/unbound/smallapp/unbound-anchor.c b/contrib/unbound/smallapp/unbound-anchor.c
index 9df0d95..92bfa84 100644
--- a/contrib/unbound/smallapp/unbound-anchor.c
+++ b/contrib/unbound/smallapp/unbound-anchor.c
@@ -116,7 +116,8 @@
#include "config.h"
#include "libunbound/unbound.h"
-#include "ldns/rrdef.h"
+#include "sldns/rrdef.h"
+#include "sldns/parseutil.h"
#include <expat.h>
#ifndef HAVE_EXPAT_H
#error "need libexpat to parse root-anchors.xml file."
@@ -915,7 +916,10 @@ read_data_chunk(SSL* ssl, size_t len)
{
size_t got = 0;
int r;
- char* data = malloc(len+1);
+ char* data;
+ if(len >= 0xfffffff0)
+ return NULL; /* to protect against integer overflow in malloc*/
+ data = malloc(len+1);
if(!data) {
if(verb) printf("out of memory\n");
return NULL;
@@ -1325,7 +1329,7 @@ xml_convertdate(const char* str)
/* but ignore, (lenient) */
}
- t = mktime(&tm);
+ t = sldns_mktime_from_utc(&tm);
if(t == (time_t)-1) {
if(verb) printf("xml_convertdate mktime failure\n");
return 0;
diff --git a/contrib/unbound/smallapp/unbound-checkconf.c b/contrib/unbound/smallapp/unbound-checkconf.c
index b5d7b9f..0524ede 100644
--- a/contrib/unbound/smallapp/unbound-checkconf.c
+++ b/contrib/unbound/smallapp/unbound-checkconf.c
@@ -53,7 +53,7 @@
#include "iterator/iter_hints.h"
#include "validator/validator.h"
#include "services/localzone.h"
-#include "ldns/sbuffer.h"
+#include "sldns/sbuffer.h"
#ifdef HAVE_GETOPT_H
#include <getopt.h>
#endif
diff --git a/contrib/unbound/smallapp/unbound-control-setup.sh b/contrib/unbound/smallapp/unbound-control-setup.sh
index 010bfd4..816b4f5 100755
--- a/contrib/unbound/smallapp/unbound-control-setup.sh
+++ b/contrib/unbound/smallapp/unbound-control-setup.sh
@@ -46,7 +46,7 @@ CLIENTNAME=unbound-control
DAYS=7200
# size of keys in bits
-BITS=1536
+BITS=3072
# hash algorithm
HASH=sha256
diff --git a/contrib/unbound/smallapp/unbound-control-setup.sh.in b/contrib/unbound/smallapp/unbound-control-setup.sh.in
index 75e76e2..682ab26 100755
--- a/contrib/unbound/smallapp/unbound-control-setup.sh.in
+++ b/contrib/unbound/smallapp/unbound-control-setup.sh.in
@@ -46,7 +46,7 @@ CLIENTNAME=unbound-control
DAYS=7200
# size of keys in bits
-BITS=1536
+BITS=3072
# hash algorithm
HASH=sha256
diff --git a/contrib/unbound/smallapp/unbound-control.c b/contrib/unbound/smallapp/unbound-control.c
index 3b47d3b..571b4d0 100644
--- a/contrib/unbound/smallapp/unbound-control.c
+++ b/contrib/unbound/smallapp/unbound-control.c
@@ -109,6 +109,7 @@ usage()
printf(" get_option opt get option value\n");
printf(" list_stubs list stub-zones and root hints in use\n");
printf(" list_forwards list forward-zones in use\n");
+ printf(" list_insecure list domain-insecure zones\n");
printf(" list_local_zones list local-zones in use\n");
printf(" list_local_data list local-data RRs in use\n");
printf(" insecure_add zone add domain-insecure zone\n");
@@ -122,6 +123,8 @@ usage()
printf(" forward [off | addr ...] without arg show forward setup\n");
printf(" or off to turn off root forwarding\n");
printf(" or give list of ip addresses\n");
+ printf(" ratelimit_list [+a] list ratelimited domains\n");
+ printf(" +a list all, also not ratelimited\n");
printf("Version %s\n", PACKAGE_VERSION);
printf("BSD licensed, see LICENSE in source package for details.\n");
printf("Report bugs to %s\n", PACKAGE_BUGREPORT);
@@ -158,7 +161,7 @@ setup_ctx(struct config_file* cfg)
if(cfg->remote_control_use_cert) {
if(!(SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3) & SSL_OP_NO_SSLv3))
ssl_err("could not set SSL_OP_NO_SSLv3");
- if(!SSL_CTX_use_certificate_file(ctx,c_cert,SSL_FILETYPE_PEM) ||
+ if(!SSL_CTX_use_certificate_chain_file(ctx,c_cert) ||
!SSL_CTX_use_PrivateKey_file(ctx,c_key,SSL_FILETYPE_PEM)
|| !SSL_CTX_check_private_key(ctx))
ssl_err("Error setting up SSL_CTX client key and cert");
diff --git a/contrib/unbound/smallapp/unbound-host.c b/contrib/unbound/smallapp/unbound-host.c
index 9597341..30fef51 100644
--- a/contrib/unbound/smallapp/unbound-host.c
+++ b/contrib/unbound/smallapp/unbound-host.c
@@ -60,8 +60,8 @@
#define unbound_lite_wrapstr(s) s
#endif
#include "libunbound/unbound.h"
-#include "ldns/rrdef.h"
-#include "ldns/wire2str.h"
+#include "sldns/rrdef.h"
+#include "sldns/wire2str.h"
#ifdef HAVE_NSS
/* nss3 */
#include "nss.h"
OpenPOWER on IntegriCloud