diff options
Diffstat (limited to 'contrib/unbound/smallapp')
-rw-r--r-- | contrib/unbound/smallapp/unbound-anchor.c | 10 | ||||
-rw-r--r-- | contrib/unbound/smallapp/unbound-checkconf.c | 2 | ||||
-rwxr-xr-x | contrib/unbound/smallapp/unbound-control-setup.sh | 2 | ||||
-rwxr-xr-x | contrib/unbound/smallapp/unbound-control-setup.sh.in | 2 | ||||
-rw-r--r-- | contrib/unbound/smallapp/unbound-control.c | 5 | ||||
-rw-r--r-- | contrib/unbound/smallapp/unbound-host.c | 4 |
6 files changed, 16 insertions, 9 deletions
diff --git a/contrib/unbound/smallapp/unbound-anchor.c b/contrib/unbound/smallapp/unbound-anchor.c index 9df0d95..92bfa84 100644 --- a/contrib/unbound/smallapp/unbound-anchor.c +++ b/contrib/unbound/smallapp/unbound-anchor.c @@ -116,7 +116,8 @@ #include "config.h" #include "libunbound/unbound.h" -#include "ldns/rrdef.h" +#include "sldns/rrdef.h" +#include "sldns/parseutil.h" #include <expat.h> #ifndef HAVE_EXPAT_H #error "need libexpat to parse root-anchors.xml file." @@ -915,7 +916,10 @@ read_data_chunk(SSL* ssl, size_t len) { size_t got = 0; int r; - char* data = malloc(len+1); + char* data; + if(len >= 0xfffffff0) + return NULL; /* to protect against integer overflow in malloc*/ + data = malloc(len+1); if(!data) { if(verb) printf("out of memory\n"); return NULL; @@ -1325,7 +1329,7 @@ xml_convertdate(const char* str) /* but ignore, (lenient) */ } - t = mktime(&tm); + t = sldns_mktime_from_utc(&tm); if(t == (time_t)-1) { if(verb) printf("xml_convertdate mktime failure\n"); return 0; diff --git a/contrib/unbound/smallapp/unbound-checkconf.c b/contrib/unbound/smallapp/unbound-checkconf.c index b5d7b9f..0524ede 100644 --- a/contrib/unbound/smallapp/unbound-checkconf.c +++ b/contrib/unbound/smallapp/unbound-checkconf.c @@ -53,7 +53,7 @@ #include "iterator/iter_hints.h" #include "validator/validator.h" #include "services/localzone.h" -#include "ldns/sbuffer.h" +#include "sldns/sbuffer.h" #ifdef HAVE_GETOPT_H #include <getopt.h> #endif diff --git a/contrib/unbound/smallapp/unbound-control-setup.sh b/contrib/unbound/smallapp/unbound-control-setup.sh index 010bfd4..816b4f5 100755 --- a/contrib/unbound/smallapp/unbound-control-setup.sh +++ b/contrib/unbound/smallapp/unbound-control-setup.sh @@ -46,7 +46,7 @@ CLIENTNAME=unbound-control DAYS=7200 # size of keys in bits -BITS=1536 +BITS=3072 # hash algorithm HASH=sha256 diff --git a/contrib/unbound/smallapp/unbound-control-setup.sh.in b/contrib/unbound/smallapp/unbound-control-setup.sh.in index 75e76e2..682ab26 100755 --- a/contrib/unbound/smallapp/unbound-control-setup.sh.in +++ b/contrib/unbound/smallapp/unbound-control-setup.sh.in @@ -46,7 +46,7 @@ CLIENTNAME=unbound-control DAYS=7200 # size of keys in bits -BITS=1536 +BITS=3072 # hash algorithm HASH=sha256 diff --git a/contrib/unbound/smallapp/unbound-control.c b/contrib/unbound/smallapp/unbound-control.c index 3b47d3b..571b4d0 100644 --- a/contrib/unbound/smallapp/unbound-control.c +++ b/contrib/unbound/smallapp/unbound-control.c @@ -109,6 +109,7 @@ usage() printf(" get_option opt get option value\n"); printf(" list_stubs list stub-zones and root hints in use\n"); printf(" list_forwards list forward-zones in use\n"); + printf(" list_insecure list domain-insecure zones\n"); printf(" list_local_zones list local-zones in use\n"); printf(" list_local_data list local-data RRs in use\n"); printf(" insecure_add zone add domain-insecure zone\n"); @@ -122,6 +123,8 @@ usage() printf(" forward [off | addr ...] without arg show forward setup\n"); printf(" or off to turn off root forwarding\n"); printf(" or give list of ip addresses\n"); + printf(" ratelimit_list [+a] list ratelimited domains\n"); + printf(" +a list all, also not ratelimited\n"); printf("Version %s\n", PACKAGE_VERSION); printf("BSD licensed, see LICENSE in source package for details.\n"); printf("Report bugs to %s\n", PACKAGE_BUGREPORT); @@ -158,7 +161,7 @@ setup_ctx(struct config_file* cfg) if(cfg->remote_control_use_cert) { if(!(SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3) & SSL_OP_NO_SSLv3)) ssl_err("could not set SSL_OP_NO_SSLv3"); - if(!SSL_CTX_use_certificate_file(ctx,c_cert,SSL_FILETYPE_PEM) || + if(!SSL_CTX_use_certificate_chain_file(ctx,c_cert) || !SSL_CTX_use_PrivateKey_file(ctx,c_key,SSL_FILETYPE_PEM) || !SSL_CTX_check_private_key(ctx)) ssl_err("Error setting up SSL_CTX client key and cert"); diff --git a/contrib/unbound/smallapp/unbound-host.c b/contrib/unbound/smallapp/unbound-host.c index 9597341..30fef51 100644 --- a/contrib/unbound/smallapp/unbound-host.c +++ b/contrib/unbound/smallapp/unbound-host.c @@ -60,8 +60,8 @@ #define unbound_lite_wrapstr(s) s #endif #include "libunbound/unbound.h" -#include "ldns/rrdef.h" -#include "ldns/wire2str.h" +#include "sldns/rrdef.h" +#include "sldns/wire2str.h" #ifdef HAVE_NSS /* nss3 */ #include "nss.h" |