diff options
Diffstat (limited to 'lib')
77 files changed, 964 insertions, 438 deletions
diff --git a/lib/bind9/api b/lib/bind9/api index fbbf923..f3b0f9f 100644 --- a/lib/bind9/api +++ b/lib/bind9/api @@ -1,3 +1,3 @@ LIBINTERFACE = 50 -LIBREVISION = 3 +LIBREVISION = 4 LIBAGE = 0 diff --git a/lib/bind9/check.c b/lib/bind9/check.c index 753db9c..76ca510 100644 --- a/lib/bind9/check.c +++ b/lib/bind9/check.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: check.c,v 1.95.12.4 2009/06/03 00:06:01 marka Exp $ */ +/* $Id: check.c,v 1.95.12.6 2010-03-04 23:47:53 tbox Exp $ */ /*! \file */ @@ -23,6 +23,7 @@ #include <stdlib.h> +#include <isc/base64.h> #include <isc/buffer.h> #include <isc/log.h> #include <isc/mem.h> @@ -41,6 +42,8 @@ #include <dns/rdatatype.h> #include <dns/secalg.h> +#include <dst/dst.h> + #include <isccfg/aclconf.h> #include <isccfg/cfg.h> @@ -1667,13 +1670,70 @@ check_servers(const cfg_obj_t *config, const cfg_obj_t *voptions, } static isc_result_t +check_trusted_key(const cfg_obj_t *key, isc_log_t *logctx) +{ + const char *keystr, *keynamestr; + dns_fixedname_t fkeyname; + dns_name_t *keyname; + isc_buffer_t keydatabuf; + isc_region_t r; + isc_result_t result = ISC_R_SUCCESS; + isc_result_t tresult; + isc_uint32_t flags, proto, alg; + unsigned char keydata[4096]; + + flags = cfg_obj_asuint32(cfg_tuple_get(key, "flags")); + proto = cfg_obj_asuint32(cfg_tuple_get(key, "protocol")); + alg = cfg_obj_asuint32(cfg_tuple_get(key, "algorithm")); + keyname = dns_fixedname_name(&fkeyname); + keynamestr = cfg_obj_asstring(cfg_tuple_get(key, "name")); + + if (flags > 0xffff) { + cfg_obj_log(key, logctx, ISC_LOG_WARNING, + "flags too big: %u\n", flags); + result = ISC_R_FAILURE; + } + if (proto > 0xff) { + cfg_obj_log(key, logctx, ISC_LOG_WARNING, + "protocol too big: %u\n", proto); + result = ISC_R_FAILURE; + } + if (alg > 0xff) { + cfg_obj_log(key, logctx, ISC_LOG_WARNING, + "algorithm too big: %u\n", alg); + result = ISC_R_FAILURE; + } + + isc_buffer_init(&keydatabuf, keydata, sizeof(keydata)); + + keystr = cfg_obj_asstring(cfg_tuple_get(key, "key")); + tresult = isc_base64_decodestring(keystr, &keydatabuf); + + if (tresult != ISC_R_SUCCESS) { + cfg_obj_log(key, logctx, ISC_LOG_ERROR, + "%s", isc_result_totext(tresult)); + result = ISC_R_FAILURE; + } else { + isc_buffer_usedregion(&keydatabuf, &r); + + if ((alg == DST_ALG_RSASHA1 || alg == DST_ALG_RSAMD5) && + r.length > 1 && r.base[0] == 1 && r.base[1] == 3) + cfg_obj_log(key, logctx, ISC_LOG_WARNING, + "trusted key '%s' has a weak exponent", + keynamestr); + } + + return (result); +} + +static isc_result_t check_viewconf(const cfg_obj_t *config, const cfg_obj_t *voptions, const char *viewname, dns_rdataclass_t vclass, isc_log_t *logctx, isc_mem_t *mctx) { const cfg_obj_t *zones = NULL; const cfg_obj_t *keys = NULL; - const cfg_listelt_t *element; + const cfg_listelt_t *element, *element2; isc_symtab_t *symtab = NULL; isc_result_t result = ISC_R_SUCCESS; isc_result_t tresult = ISC_R_SUCCESS; @@ -1814,6 +1874,33 @@ check_viewconf(const cfg_obj_t *config, const cfg_obj_t *voptions, cfg_obj_log(obj, logctx, ISC_LOG_WARNING, "'dnssec-validation yes;' and 'dnssec-enable no;'"); + /* + * Check trusted-keys and managed-keys. + */ + keys = NULL; + if (voptions != NULL) + (void)cfg_map_get(voptions, "trusted-keys", &keys); + if (keys == NULL) + (void)cfg_map_get(config, "trusted-keys", &keys); + + for (element = cfg_list_first(keys); + element != NULL; + element = cfg_list_next(element)) + { + const cfg_obj_t *keylist = cfg_listelt_value(element); + for (element2 = cfg_list_first(keylist); + element2 != NULL; + element2 = cfg_list_next(element2)) { + obj = cfg_listelt_value(element2); + tresult = check_trusted_key(obj, logctx); + if (tresult != ISC_R_SUCCESS) + result = tresult; + } + } + + /* + * Check options. + */ if (voptions != NULL) tresult = check_options(voptions, logctx, mctx); else diff --git a/lib/dns/Makefile.in b/lib/dns/Makefile.in index ef5c12a..dfb8d7f 100644 --- a/lib/dns/Makefile.in +++ b/lib/dns/Makefile.in @@ -1,4 +1,4 @@ -# Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004-2008, 2010 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 1998-2003 Internet Software Consortium. # # Permission to use, copy, modify, and/or distribute this software for any @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: Makefile.in,v 1.163 2008/09/24 02:46:22 marka Exp $ +# $Id: Makefile.in,v 1.163.50.2 2010-06-09 23:48:16 tbox Exp $ srcdir = @srcdir@ VPATH = @srcdir@ @@ -47,11 +47,12 @@ LIBS = @LIBS@ # Alphabetically -DSTOBJS = @DST_EXTRA_OBJS@ \ +OPENSSLLINKOBJS = openssl_link.@O@ openssldh_link.@O@ openssldsa_link.@O@ \ + opensslrsa_link.@O@ + +DSTOBJS = @DST_EXTRA_OBJS@ @OPENSSLLINKOBJS@ \ dst_api.@O@ dst_lib.@O@ dst_parse.@O@ dst_result.@O@ \ - gssapi_link.@O@ gssapictx.@O@ hmac_link.@O@ key.@O@ \ - openssl_link.@O@ openssldh_link.@O@ openssldsa_link.@O@ \ - opensslrsa_link.@O@ + gssapi_link.@O@ gssapictx.@O@ hmac_link.@O@ key.@O@ # Alphabetically DNSOBJS = acache.@O@ acl.@O@ adb.@O@ byaddr.@O@ \ @@ -73,12 +74,13 @@ DNSOBJS = acache.@O@ acl.@O@ adb.@O@ byaddr.@O@ \ OBJS= ${DNSOBJS} ${OTHEROBJS} ${DSTOBJS} # Alphabetically -DSTSRCS = @DST_EXTRA_SRCS@ \ +OPENSSLLINKSRCS = openssl_link.c openssldh_link.c \ + openssldsa_link.c opensslrsa_link.c + +DSTSRCS = @DST_EXTRA_SRCS@ @OPENSSLLINKSRCS@ \ dst_api.c dst_lib.c dst_parse.c \ dst_result.c gssapi_link.c gssapictx.c \ - hmac_link.c key.c \ - openssl_link.c openssldh_link.c \ - openssldsa_link.c opensslrsa_link.c + hmac_link.c key.c DNSSRCS = acache.c acl.c adb.c byaddr.c \ cache.c callbacks.c compress.c \ diff --git a/lib/dns/adb.c b/lib/dns/adb.c index 28121a7..cd9cadf 100644 --- a/lib/dns/adb.c +++ b/lib/dns/adb.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: adb.c,v 1.243.42.4.24.2 2010/08/12 23:46:24 tbox Exp $ */ +/* $Id: adb.c,v 1.243.42.6 2010-08-11 23:45:49 tbox Exp $ */ /*! \file * diff --git a/lib/dns/api b/lib/dns/api index 82e6786..29ebff2 100644 --- a/lib/dns/api +++ b/lib/dns/api @@ -1,3 +1,3 @@ -LIBINTERFACE = 58 -LIBREVISION = 0 -LIBAGE = 0 +LIBINTERFACE = 59 +LIBREVISION = 2 +LIBAGE = 1 diff --git a/lib/dns/dst_api.c b/lib/dns/dst_api.c index bbb0a09..97d2657 100644 --- a/lib/dns/dst_api.c +++ b/lib/dns/dst_api.c @@ -31,7 +31,7 @@ /* * Principal Author: Brian Wellington - * $Id: dst_api.c,v 1.16.12.10 2010/01/15 19:38:53 each Exp $ + * $Id: dst_api.c,v 1.16.12.12 2010-12-09 01:12:55 marka Exp $ */ /*! \file */ @@ -49,6 +49,7 @@ #include <isc/mem.h> #include <isc/once.h> #include <isc/print.h> +#include <isc/refcount.h> #include <isc/random.h> #include <isc/string.h> #include <isc/time.h> @@ -503,6 +504,7 @@ dst_key_fromnamedfile(const char *filename, int type, isc_mem_t *mctx, *keyp = key; return (ISC_R_SUCCESS); + out: if (newfilename != NULL) isc_mem_put(mctx, newfilename, newfilenamelen); @@ -800,9 +802,21 @@ dst_key_paramcompare(const dst_key_t *key1, const dst_key_t *key2) { } void +dst_key_attach(dst_key_t *source, dst_key_t **target) { + + REQUIRE(dst_initialized == ISC_TRUE); + REQUIRE(target != NULL && *target == NULL); + REQUIRE(VALID_KEY(source)); + + isc_refcount_increment(&source->refs, NULL); + *target = source; +} + +void dst_key_free(dst_key_t **keyp) { isc_mem_t *mctx; dst_key_t *key; + unsigned int refs; REQUIRE(dst_initialized == ISC_TRUE); REQUIRE(keyp != NULL && VALID_KEY(*keyp)); @@ -810,6 +824,11 @@ dst_key_free(dst_key_t **keyp) { key = *keyp; mctx = key->mctx; + isc_refcount_decrement(&key->refs, &refs); + if (refs != 0) + return; + + isc_refcount_destroy(&key->refs); if (key->keydata.generic != NULL) { INSIST(key->func->destroy != NULL); key->func->destroy(key); @@ -927,14 +946,22 @@ get_key_struct(dns_name_t *name, unsigned int alg, memset(key, 0, sizeof(dst_key_t)); key->magic = KEY_MAGIC; + result = isc_refcount_init(&key->refs, 1); + if (result != ISC_R_SUCCESS) { + isc_mem_put(mctx, key, sizeof(dst_key_t)); + return (NULL); + } + key->key_name = isc_mem_get(mctx, sizeof(dns_name_t)); if (key->key_name == NULL) { + isc_refcount_destroy(&key->refs); isc_mem_put(mctx, key, sizeof(dst_key_t)); return (NULL); } dns_name_init(key->key_name, NULL); result = dns_name_dup(name, mctx, key->key_name); if (result != ISC_R_SUCCESS) { + isc_refcount_destroy(&key->refs); isc_mem_put(mctx, key->key_name, sizeof(dns_name_t)); isc_mem_put(mctx, key, sizeof(dst_key_t)); return (NULL); diff --git a/lib/dns/dst_internal.h b/lib/dns/dst_internal.h index 1669648..01bf1f2 100644 --- a/lib/dns/dst_internal.h +++ b/lib/dns/dst_internal.h @@ -29,7 +29,7 @@ * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: dst_internal.h,v 1.11.120.2 2010/01/15 23:47:33 tbox Exp $ */ +/* $Id: dst_internal.h,v 1.11.120.3 2010-12-09 01:12:55 marka Exp $ */ #ifndef DST_DST_INTERNAL_H #define DST_DST_INTERNAL_H 1 @@ -41,6 +41,7 @@ #include <isc/region.h> #include <isc/types.h> #include <isc/md5.h> +#include <isc/refcount.h> #include <isc/sha1.h> #include <isc/sha2.h> #include <isc/hmacmd5.h> @@ -83,6 +84,7 @@ typedef struct dst_hmacsha512_key dst_hmacsha512_key_t; /*% DST Key Structure */ struct dst_key { unsigned int magic; + isc_refcount_t refs; dns_name_t * key_name; /*%< name of the key */ unsigned int key_size; /*%< size of the key in bits */ unsigned int key_proto; /*%< protocols this key is used for */ diff --git a/lib/dns/gssapictx.c b/lib/dns/gssapictx.c index 11eadb9..f365a64 100644 --- a/lib/dns/gssapictx.c +++ b/lib/dns/gssapictx.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000, 2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: gssapictx.c,v 1.12 2008/04/03 06:09:04 tbox Exp $ */ +/* $Id: gssapictx.c,v 1.12.118.5 2010-12-22 02:37:55 marka Exp $ */ #include <config.h> @@ -29,6 +29,7 @@ #include <isc/mem.h> #include <isc/once.h> #include <isc/print.h> +#include <isc/platform.h> #include <isc/random.h> #include <isc/string.h> #include <isc/time.h> @@ -66,6 +67,7 @@ * we include SPNEGO's OID. */ #if defined(GSSAPI) +#include ISC_PLATFORM_KRB5HEADER static unsigned char krb5_mech_oid_bytes[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x01, 0x02, 0x02 @@ -130,7 +132,7 @@ name_to_gbuffer(dns_name_t *name, isc_buffer_t *buffer, namep = &tname; } - result = dns_name_totext(namep, ISC_FALSE, buffer); + result = dns_name_toprincipal(namep, buffer); isc_buffer_putuint8(buffer, 0); isc_buffer_usedregion(buffer, &r); REGION_TO_GBUFFER(r, *gbuffer); @@ -191,6 +193,54 @@ log_cred(const gss_cred_id_t cred) { } #endif +#ifdef GSSAPI +/* + * check for the most common configuration errors. + * + * The errors checked for are: + * - tkey-gssapi-credential doesn't start with DNS/ + * - the default realm in /etc/krb5.conf and the + * tkey-gssapi-credential bind config option don't match + */ +static void +dst_gssapi_check_config(const char *gss_name) { + const char *p; + krb5_context krb5_ctx; + char *krb5_realm = NULL; + + if (strncasecmp(gss_name, "DNS/", 4) != 0) { + gss_log(ISC_LOG_ERROR, "tkey-gssapi-credential (%s) " + "should start with 'DNS/'", gss_name); + return; + } + + if (krb5_init_context(&krb5_ctx) != 0) { + gss_log(ISC_LOG_ERROR, "Unable to initialise krb5 context"); + return; + } + if (krb5_get_default_realm(krb5_ctx, &krb5_realm) != 0) { + gss_log(ISC_LOG_ERROR, "Unable to get krb5 default realm"); + krb5_free_context(krb5_ctx); + return; + } + p = strchr(gss_name, '/'); + if (p == NULL) { + gss_log(ISC_LOG_ERROR, "badly formatted " + "tkey-gssapi-credentials (%s)", gss_name); + krb5_free_context(krb5_ctx); + return; + } + if (strcasecmp(p + 1, krb5_realm) != 0) { + gss_log(ISC_LOG_ERROR, "default realm from krb5.conf (%s) " + "does not match tkey-gssapi-credential (%s)", + krb5_realm, gss_name); + krb5_free_context(krb5_ctx); + return; + } + krb5_free_context(krb5_ctx); +} +#endif + isc_result_t dst_gssapi_acquirecred(dns_name_t *name, isc_boolean_t initiate, gss_cred_id_t *cred) @@ -223,6 +273,8 @@ dst_gssapi_acquirecred(dns_name_t *name, isc_boolean_t initiate, gret = gss_import_name(&minor, &gnamebuf, GSS_C_NO_OID, &gname); if (gret != GSS_S_COMPLETE) { + dst_gssapi_check_config((char *)array); + gss_log(3, "failed gss_import_name: %s", gss_error_tostring(gret, minor, buf, sizeof(buf))); @@ -254,6 +306,7 @@ dst_gssapi_acquirecred(dns_name_t *name, isc_boolean_t initiate, initiate ? "initiate" : "accept", (char *)gnamebuf.value, gss_error_tostring(gret, minor, buf, sizeof(buf))); + dst_gssapi_check_config((char *)array); return (ISC_R_FAILURE); } @@ -283,12 +336,15 @@ dst_gssapi_identitymatchesrealmkrb5(dns_name_t *signer, dns_name_t *name, char rbuf[DNS_NAME_FORMATSIZE]; char *sname; char *rname; + isc_buffer_t buffer; /* * It is far, far easier to write the names we are looking at into * a string, and do string operations on them. */ - dns_name_format(signer, sbuf, sizeof(sbuf)); + isc_buffer_init(&buffer, sbuf, sizeof(sbuf)); + dns_name_toprincipal(signer, &buffer); + isc_buffer_putuint8(&buffer, 0); if (name != NULL) dns_name_format(name, nbuf, sizeof(nbuf)); dns_name_format(realm, rbuf, sizeof(rbuf)); @@ -298,11 +354,11 @@ dst_gssapi_identitymatchesrealmkrb5(dns_name_t *signer, dns_name_t *name, * does not exist, we don't have something we like, so we fail our * compare. */ - rname = strstr(sbuf, "\\@"); + rname = strchr(sbuf, '@'); if (rname == NULL) return (isc_boolean_false); *rname = '\0'; - rname += 2; + rname++; /* * Find the host portion of the signer's name. We do this by @@ -352,12 +408,15 @@ dst_gssapi_identitymatchesrealmms(dns_name_t *signer, dns_name_t *name, char *sname; char *nname; char *rname; + isc_buffer_t buffer; /* * It is far, far easier to write the names we are looking at into * a string, and do string operations on them. */ - dns_name_format(signer, sbuf, sizeof(sbuf)); + isc_buffer_init(&buffer, sbuf, sizeof(sbuf)); + dns_name_toprincipal(signer, &buffer); + isc_buffer_putuint8(&buffer, 0); if (name != NULL) dns_name_format(name, nbuf, sizeof(nbuf)); dns_name_format(realm, rbuf, sizeof(rbuf)); @@ -367,17 +426,17 @@ dst_gssapi_identitymatchesrealmms(dns_name_t *signer, dns_name_t *name, * does not exist, we don't have something we like, so we fail our * compare. */ - rname = strstr(sbuf, "\\@"); + rname = strchr(sbuf, '@'); if (rname == NULL) return (isc_boolean_false); - sname = strstr(sbuf, "\\$"); + sname = strchr(sbuf, '$'); if (sname == NULL) return (isc_boolean_false); /* * Verify that the $ and @ follow one another. */ - if (rname - sname != 2) + if (rname - sname != 1) return (isc_boolean_false); /* @@ -389,8 +448,7 @@ dst_gssapi_identitymatchesrealmms(dns_name_t *signer, dns_name_t *name, * machinename$@EXAMPLE.COM * format. */ - *rname = '\0'; - rname += 2; + rname++; *sname = '\0'; sname = sbuf; @@ -488,8 +546,12 @@ dst_gssapi_initctx(dns_name_t *name, isc_buffer_t *intoken, gintokenp = NULL; } + /* + * Note that we don't set GSS_C_SEQUENCE_FLAG as Windows DNS + * servers don't like it. + */ flags = GSS_C_REPLAY_FLAG | GSS_C_MUTUAL_FLAG | GSS_C_DELEG_FLAG | - GSS_C_SEQUENCE_FLAG | GSS_C_INTEG_FLAG; + GSS_C_INTEG_FLAG; gret = gss_init_sec_context(&minor, GSS_C_NO_CREDENTIAL, gssctx, gname, GSS_SPNEGO_MECHANISM, flags, diff --git a/lib/dns/include/dns/diff.h b/lib/dns/include/dns/diff.h index 32886c5..f5e25ee 100644 --- a/lib/dns/include/dns/diff.h +++ b/lib/dns/include/dns/diff.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: diff.h,v 1.15.120.2.24.2 2010/06/04 23:49:23 tbox Exp $ */ +/* $Id: diff.h,v 1.15.120.4 2010-06-04 23:48:25 tbox Exp $ */ #ifndef DNS_DIFF_H #define DNS_DIFF_H 1 diff --git a/lib/dns/include/dns/events.h b/lib/dns/include/dns/events.h index bb61b9d..689566b 100644 --- a/lib/dns/include/dns/events.h +++ b/lib/dns/include/dns/events.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2009, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: events.h,v 1.49.332.2 2009/05/07 23:47:12 tbox Exp $ */ +/* $Id: events.h,v 1.49.332.4 2010-05-10 23:48:14 tbox Exp $ */ #ifndef DNS_EVENTS_H #define DNS_EVENTS_H 1 @@ -58,7 +58,7 @@ #define DNS_EVENT_MASTERNEXTZONE (ISC_EVENTCLASS_DNS + 28) #define DNS_EVENT_IOREADY (ISC_EVENTCLASS_DNS + 29) #define DNS_EVENT_LOOKUPDONE (ISC_EVENTCLASS_DNS + 30) -/* #define DNS_EVENT_unused (ISC_EVENTCLASS_DNS + 31) */ +#define DNS_EVENT_RBTDEADNODES (ISC_EVENTCLASS_DNS + 31) #define DNS_EVENT_DISPATCHCONTROL (ISC_EVENTCLASS_DNS + 32) #define DNS_EVENT_REQUESTCONTROL (ISC_EVENTCLASS_DNS + 33) #define DNS_EVENT_DUMPQUANTUM (ISC_EVENTCLASS_DNS + 34) diff --git a/lib/dns/include/dns/name.h b/lib/dns/include/dns/name.h index dc6e525..801c9ac 100644 --- a/lib/dns/include/dns/name.h +++ b/lib/dns/include/dns/name.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2009, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: name.h,v 1.126.332.3 2009/12/24 00:34:59 each Exp $ */ +/* $Id: name.h,v 1.126.332.5 2010-07-09 23:45:55 tbox Exp $ */ #ifndef DNS_NAME_H #define DNS_NAME_H 1 @@ -796,9 +796,18 @@ dns_name_fromtext(dns_name_t *name, isc_buffer_t *source, *\li #ISC_R_UNEXPECTEDEND */ +#define DNS_NAME_OMITFINALDOT 0x01U +#define DNS_NAME_MASTERFILE 0x02U /* escape $ and @ */ + +isc_result_t +dns_name_toprincipal(dns_name_t *name, isc_buffer_t *target); + isc_result_t dns_name_totext(dns_name_t *name, isc_boolean_t omit_final_dot, isc_buffer_t *target); + +isc_result_t +dns_name_totext2(dns_name_t *name, unsigned int options, isc_buffer_t *target); /*%< * Convert 'name' into text format, storing the result in 'target'. * @@ -806,6 +815,12 @@ dns_name_totext(dns_name_t *name, isc_boolean_t omit_final_dot, *\li If 'omit_final_dot' is true, then the final '.' in absolute * names other than the root name will be omitted. * + *\li If DNS_NAME_OMITFINALDOT is set in options, then the final '.' + * in absolute names other than the root name will be omitted. + * + *\li If DNS_NAME_MASTERFILE is set in options, '$' and '@' will also + * be escaped. + * *\li If dns_name_countlabels == 0, the name will be "@", representing the * current origin as described by RFC1035. * diff --git a/lib/dns/include/dns/ncache.h b/lib/dns/include/dns/ncache.h index 00f22a7..0c1d950 100644 --- a/lib/dns/include/dns/ncache.h +++ b/lib/dns/include/dns/ncache.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: ncache.h,v 1.25.48.2.10.2 2010/05/14 23:48:44 tbox Exp $ */ +/* $Id: ncache.h,v 1.25.48.4 2010-05-14 23:47:50 tbox Exp $ */ #ifndef DNS_NCACHE_H #define DNS_NCACHE_H 1 diff --git a/lib/dns/include/dns/rdataset.h b/lib/dns/include/dns/rdataset.h index 8104b50..b3a0c1d 100644 --- a/lib/dns/include/dns/rdataset.h +++ b/lib/dns/include/dns/rdataset.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rdataset.h,v 1.65.50.2.24.1 2010/03/03 22:06:39 marka Exp $ */ +/* $Id: rdataset.h,v 1.65.50.4 2010-02-25 10:56:41 tbox Exp $ */ #ifndef DNS_RDATASET_H #define DNS_RDATASET_H 1 diff --git a/lib/dns/include/dns/resolver.h b/lib/dns/include/dns/resolver.h index 537bf0f..c9034bf 100644 --- a/lib/dns/include/dns/resolver.h +++ b/lib/dns/include/dns/resolver.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: resolver.h,v 1.60.56.3.24.1 2010/03/03 22:06:39 marka Exp $ */ +/* $Id: resolver.h,v 1.60.56.5 2010-02-25 10:56:41 tbox Exp $ */ #ifndef DNS_RESOLVER_H #define DNS_RESOLVER_H 1 diff --git a/lib/dns/include/dns/result.h b/lib/dns/include/dns/result.h index fae43e3..74b84d6 100644 --- a/lib/dns/include/dns/result.h +++ b/lib/dns/include/dns/result.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: result.h,v 1.116.228.1 2010/03/03 22:06:39 marka Exp $ */ +/* $Id: result.h,v 1.116.48.2 2010-02-25 10:56:41 tbox Exp $ */ #ifndef DNS_RESULT_H #define DNS_RESULT_H 1 diff --git a/lib/dns/include/dns/tsig.h b/lib/dns/include/dns/tsig.h index e8c0e2c..5161fb3 100644 --- a/lib/dns/include/dns/tsig.h +++ b/lib/dns/include/dns/tsig.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: tsig.h,v 1.51 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: tsig.h,v 1.51.332.4 2010-12-09 01:12:55 marka Exp $ */ #ifndef DNS_TSIG_H #define DNS_TSIG_H 1 @@ -62,6 +62,13 @@ struct dns_tsig_keyring { unsigned int writecount; isc_rwlock_t lock; isc_mem_t *mctx; + /* + * LRU list of generated key along with a count of the keys on the + * list and a maximum size. + */ + unsigned int generated; + unsigned int maxgenerated; + ISC_LIST(dns_tsigkey_t) lru; }; struct dns_tsigkey { @@ -77,12 +84,13 @@ struct dns_tsigkey { isc_stdtime_t expire; /*%< end of validity period */ dns_tsig_keyring_t *ring; /*%< the enclosing keyring */ isc_refcount_t refs; /*%< reference counter */ + ISC_LINK(dns_tsigkey_t) link; }; #define dns_tsigkey_identity(tsigkey) \ ((tsigkey) == NULL ? NULL : \ - (tsigkey)->generated ? ((tsigkey)->creator) : \ - (&((tsigkey)->name))) + (tsigkey)->generated ? ((tsigkey)->creator) : \ + (&((tsigkey)->name))) ISC_LANG_BEGINDECLS @@ -109,12 +117,15 @@ dns_tsigkey_createfromkey(dns_name_t *name, dns_name_t *algorithm, * allows a transient key with an invalid algorithm to exist long enough * to generate a BADKEY response. * + * If dns_tsigkey_createfromkey is successful a new reference to 'dstkey' + * will have been made. + * * Requires: *\li 'name' is a valid dns_name_t *\li 'algorithm' is a valid dns_name_t *\li 'secret' is a valid pointer *\li 'length' is an integer >= 0 - *\li 'key' is a valid dst key or NULL + *\li 'dstkey' is a valid dst key or NULL *\li 'creator' points to a valid dns_name_t or is NULL *\li 'mctx' is a valid memory context *\li 'ring' is a valid TSIG keyring or NULL diff --git a/lib/dns/include/dns/types.h b/lib/dns/include/dns/types.h index 3fe8378..4e4c195 100644 --- a/lib/dns/include/dns/types.h +++ b/lib/dns/include/dns/types.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: types.h,v 1.130.50.5.10.2 2010/05/14 23:48:44 tbox Exp $ */ +/* $Id: types.h,v 1.130.50.7 2010-05-14 23:47:50 tbox Exp $ */ #ifndef DNS_TYPES_H #define DNS_TYPES_H 1 diff --git a/lib/dns/include/dns/validator.h b/lib/dns/include/dns/validator.h index 1f9ec74..fb5b834 100644 --- a/lib/dns/include/dns/validator.h +++ b/lib/dns/include/dns/validator.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: validator.h,v 1.41.48.3.24.1 2010/03/03 22:06:39 marka Exp $ */ +/* $Id: validator.h,v 1.41.48.5 2010-02-25 10:56:41 tbox Exp $ */ #ifndef DNS_VALIDATOR_H #define DNS_VALIDATOR_H 1 diff --git a/lib/dns/include/dns/view.h b/lib/dns/include/dns/view.h index 0b4dedc..ec96d4c 100644 --- a/lib/dns/include/dns/view.h +++ b/lib/dns/include/dns/view.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: view.h,v 1.111.88.4.24.2 2010/09/29 23:46:31 tbox Exp $ */ +/* $Id: view.h,v 1.111.88.6 2010-09-24 08:30:28 tbox Exp $ */ #ifndef DNS_VIEW_H #define DNS_VIEW_H 1 diff --git a/lib/dns/include/dns/zone.h b/lib/dns/include/dns/zone.h index 746b43c..96cb998 100644 --- a/lib/dns/include/dns/zone.h +++ b/lib/dns/include/dns/zone.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: zone.h,v 1.160.50.6 2009/10/05 21:57:00 each Exp $ */ +/* $Id: zone.h,v 1.160.50.8 2010-12-14 23:46:09 tbox Exp $ */ #ifndef DNS_ZONE_H #define DNS_ZONE_H 1 @@ -1654,7 +1654,7 @@ void dns_zone_setcheckmx(dns_zone_t *zone, dns_checkmxfunc_t checkmx); /*%< * Set the post load integrity callback function 'checkmx'. - * 'checkmx' will be called if the MX is not within the zone. + * 'checkmx' will be called if the MX TARGET is not within the zone. * * Require: * 'zone' to be a valid zone. @@ -1673,8 +1673,8 @@ dns_zone_setchecksrv(dns_zone_t *zone, dns_checkmxfunc_t checksrv); void dns_zone_setcheckns(dns_zone_t *zone, dns_checknsfunc_t checkns); /*%< - * Set the post load integrity callback function 'checkmx'. - * 'checkmx' will be called if the MX is not within the zone. + * Set the post load integrity callback function 'checkns'. + * 'checkns' will be called if the NS TARGET is not within the zone. * * Require: * 'zone' to be a valid zone. diff --git a/lib/dns/include/dst/dst.h b/lib/dns/include/dst/dst.h index de262bd..1a30d2b 100644 --- a/lib/dns/include/dst/dst.h +++ b/lib/dns/include/dst/dst.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: dst.h,v 1.12.50.2 2010/01/15 23:47:34 tbox Exp $ */ +/* $Id: dst.h,v 1.12.50.3 2010-12-09 01:12:55 marka Exp $ */ #ifndef DST_DST_H #define DST_DST_H 1 @@ -509,6 +509,16 @@ dst_key_paramcompare(const dst_key_t *key1, const dst_key_t *key2); */ void +dst_key_attach(dst_key_t *source, dst_key_t **target); +/* + * Attach to a existing key increasing the reference count. + * + * Requires: + *\li 'source' to be a valid key. + *\li 'target' to be non-NULL and '*target' to be NULL. + */ + +void dst_key_free(dst_key_t **keyp); /*%< * Release all memory associated with the key. diff --git a/lib/dns/journal.c b/lib/dns/journal.c index 933576f..520083e 100644 --- a/lib/dns/journal.c +++ b/lib/dns/journal.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: journal.c,v 1.103.48.6.10.2 2010/11/17 23:46:16 tbox Exp $ */ +/* $Id: journal.c,v 1.103.48.8 2010-11-17 23:45:45 tbox Exp $ */ #include <config.h> diff --git a/lib/dns/message.c b/lib/dns/message.c index 2e34120..4a01178e 100644 --- a/lib/dns/message.c +++ b/lib/dns/message.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: message.c,v 1.245.50.3 2009/11/24 03:25:53 marka Exp $ */ +/* $Id: message.c,v 1.245.50.7 2010-06-03 05:29:03 marka Exp $ */ /*! \file */ @@ -1531,6 +1531,8 @@ getsection(isc_buffer_t *source, dns_message_t *msg, dns_decompress_t *dctx, } else if (rdtype == dns_rdatatype_tsig && msg->tsig == NULL) { msg->tsig = rdataset; msg->tsigname = name; + /* Windows doesn't like TSIG names to be compressed. */ + msg->tsigname->attributes |= DNS_NAMEATTR_NOCOMPRESS; rdataset = NULL; free_rdataset = ISC_FALSE; free_name = ISC_FALSE; @@ -2478,7 +2480,9 @@ dns_message_reply(dns_message_t *msg, isc_boolean_t want_question_section) { if (msg->opcode != dns_opcode_query && msg->opcode != dns_opcode_notify) want_question_section = ISC_FALSE; - if (want_question_section) { + if (msg->opcode == dns_opcode_update) + first_section = DNS_SECTION_ADDITIONAL; + else if (want_question_section) { if (!msg->question_ok) return (DNS_R_FORMERR); first_section = DNS_SECTION_ANSWER; @@ -3155,7 +3159,8 @@ dns_message_pseudosectiontotext(dns_message_t *msg, ADD_STRING(target, ", flags:"); if ((ps->ttl & DNS_MESSAGEEXTFLAG_DO) != 0) ADD_STRING(target, " do"); - mbz = ps->ttl & ~DNS_MESSAGEEXTFLAG_DO & 0xffff; + mbz = ps->ttl & 0xffff; + mbz &= ~DNS_MESSAGEEXTFLAG_DO; /* Known Flags. */ if (mbz != 0) { ADD_STRING(target, "; MBZ: "); snprintf(buf, sizeof(buf), "%.4x ", mbz); @@ -3173,42 +3178,46 @@ dns_message_pseudosectiontotext(dns_message_t *msg, /* Print EDNS info, if any */ dns_rdata_init(&rdata); dns_rdataset_current(ps, &rdata); - if (rdata.length < 4) - return (ISC_R_SUCCESS); isc_buffer_init(&optbuf, rdata.data, rdata.length); isc_buffer_add(&optbuf, rdata.length); - optcode = isc_buffer_getuint16(&optbuf); - optlen = isc_buffer_getuint16(&optbuf); - - if (optcode == DNS_OPT_NSID) { - ADD_STRING(target, "; NSID"); - } else { - ADD_STRING(target, "; OPT="); - sprintf(buf, "%u", optcode); - ADD_STRING(target, buf); - } - - if (optlen != 0) { - int i; - ADD_STRING(target, ": "); - - optdata = rdata.data + 4; - for (i = 0; i < optlen; i++) { - sprintf(buf, "%02x ", optdata[i]); + while (isc_buffer_remaininglength(&optbuf) != 0) { + INSIST(isc_buffer_remaininglength(&optbuf) >= 4U); + optcode = isc_buffer_getuint16(&optbuf); + optlen = isc_buffer_getuint16(&optbuf); + INSIST(isc_buffer_remaininglength(&optbuf) >= optlen); + + if (optcode == DNS_OPT_NSID) { + ADD_STRING(target, "; NSID"); + } else { + ADD_STRING(target, "; OPT="); + sprintf(buf, "%u", optcode); ADD_STRING(target, buf); } - for (i = 0; i < optlen; i++) { - ADD_STRING(target, " ("); - if (isprint(optdata[i])) - isc_buffer_putmem(target, &optdata[i], - 1); - else - isc_buffer_putstr(target, "."); - ADD_STRING(target, ")"); + + if (optlen != 0) { + int i; + ADD_STRING(target, ": "); + + optdata = isc_buffer_current(&optbuf); + for (i = 0; i < optlen; i++) { + sprintf(buf, "%02x ", optdata[i]); + ADD_STRING(target, buf); + } + for (i = 0; i < optlen; i++) { + ADD_STRING(target, " ("); + if (isprint(optdata[i])) + isc_buffer_putmem(target, + &optdata[i], + 1); + else + isc_buffer_putstr(target, "."); + ADD_STRING(target, ")"); + } + isc_buffer_forward(&optbuf, optlen); } + ADD_STRING(target, "\n"); } - ADD_STRING(target, "\n"); return (ISC_R_SUCCESS); case DNS_PSEUDOSECTION_TSIG: ps = dns_message_gettsig(msg, &name); @@ -3258,21 +3267,26 @@ dns_message_totext(dns_message_t *msg, const dns_master_style_t *style, ADD_STRING(target, ", id: "); snprintf(buf, sizeof(buf), "%6u", msg->id); ADD_STRING(target, buf); - ADD_STRING(target, "\n;; flags: "); + ADD_STRING(target, "\n;; flags:"); if ((msg->flags & DNS_MESSAGEFLAG_QR) != 0) - ADD_STRING(target, "qr "); + ADD_STRING(target, " qr"); if ((msg->flags & DNS_MESSAGEFLAG_AA) != 0) - ADD_STRING(target, "aa "); + ADD_STRING(target, " aa"); if ((msg->flags & DNS_MESSAGEFLAG_TC) != 0) - ADD_STRING(target, "tc "); + ADD_STRING(target, " tc"); if ((msg->flags & DNS_MESSAGEFLAG_RD) != 0) - ADD_STRING(target, "rd "); + ADD_STRING(target, " rd"); if ((msg->flags & DNS_MESSAGEFLAG_RA) != 0) - ADD_STRING(target, "ra "); + ADD_STRING(target, " ra"); if ((msg->flags & DNS_MESSAGEFLAG_AD) != 0) - ADD_STRING(target, "ad "); + ADD_STRING(target, " ad"); if ((msg->flags & DNS_MESSAGEFLAG_CD) != 0) - ADD_STRING(target, "cd "); + ADD_STRING(target, " cd"); + /* + * The final unnamed flag must be zero. + */ + if ((msg->flags & 0x0040U) != 0) + ADD_STRING(target, "; MBZ: 0x4"); if (msg->opcode != dns_opcode_update) { ADD_STRING(target, "; QUESTION: "); } else { diff --git a/lib/dns/name.c b/lib/dns/name.c index f4ea3e9..80864b8 100644 --- a/lib/dns/name.c +++ b/lib/dns/name.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: name.c,v 1.165 2008/04/01 23:47:10 tbox Exp $ */ +/* $Id: name.c,v 1.165.120.3 2010-07-09 05:15:05 each Exp $ */ /*! \file */ @@ -901,7 +901,7 @@ dns_name_getlabelsequence(const dns_name_t *source, REQUIRE(VALID_NAME(source)); REQUIRE(VALID_NAME(target)); REQUIRE(first <= source->labels); - REQUIRE(first + n <= source->labels); + REQUIRE(n <= source->labels - first); /* note first+n could overflow */ REQUIRE(BINDABLE(target)); SETUP_OFFSETS(source, offsets, odata); @@ -1324,6 +1324,21 @@ isc_result_t dns_name_totext(dns_name_t *name, isc_boolean_t omit_final_dot, isc_buffer_t *target) { + unsigned int options = DNS_NAME_MASTERFILE; + + if (omit_final_dot) + options |= DNS_NAME_OMITFINALDOT; + return (dns_name_totext2(name, options, target)); +} + +isc_result_t +dns_name_toprincipal(dns_name_t *name, isc_buffer_t *target) { + return (dns_name_totext2(name, DNS_NAME_OMITFINALDOT, target)); +} + +isc_result_t +dns_name_totext2(dns_name_t *name, unsigned int options, isc_buffer_t *target) +{ unsigned char *ndata; char *tdata; unsigned int nlen, tlen; @@ -1337,6 +1352,8 @@ dns_name_totext(dns_name_t *name, isc_boolean_t omit_final_dot, dns_name_totextfilter_t totext_filter_proc = NULL; isc_result_t result; #endif + isc_boolean_t omit_final_dot = + ISC_TF(options & DNS_NAME_OMITFINALDOT); /* * This function assumes the name is in proper uncompressed @@ -1412,15 +1429,17 @@ dns_name_totext(dns_name_t *name, isc_boolean_t omit_final_dot, while (count > 0) { c = *ndata; switch (c) { + /* Special modifiers in zone files. */ + case 0x40: /* '@' */ + case 0x24: /* '$' */ + if ((options & DNS_NAME_MASTERFILE) == 0) + goto no_escape; case 0x22: /* '"' */ case 0x28: /* '(' */ case 0x29: /* ')' */ case 0x2E: /* '.' */ case 0x3B: /* ';' */ case 0x5C: /* '\\' */ - /* Special modifiers in zone files. */ - case 0x40: /* '@' */ - case 0x24: /* '$' */ if (trem < 2) return (ISC_R_NOSPACE); *tdata++ = '\\'; @@ -1430,6 +1449,7 @@ dns_name_totext(dns_name_t *name, isc_boolean_t omit_final_dot, trem -= 2; nlen--; break; + no_escape: default: if (c > 0x20 && c < 0x7f) { if (trem == 0) diff --git a/lib/dns/ncache.c b/lib/dns/ncache.c index a194084..5f24683 100644 --- a/lib/dns/ncache.c +++ b/lib/dns/ncache.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: ncache.c,v 1.43.336.5 2010/05/19 09:56:44 marka Exp $ */ +/* $Id: ncache.c,v 1.43.48.7 2010-05-19 09:53:46 marka Exp $ */ /*! \file */ diff --git a/lib/dns/openssl_link.c b/lib/dns/openssl_link.c index 2dc7d7e..081e3c6 100644 --- a/lib/dns/openssl_link.c +++ b/lib/dns/openssl_link.c @@ -1,5 +1,5 @@ /* - * Portions Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") + * Portions Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") * Portions Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -31,7 +31,7 @@ /* * Principal Author: Brian Wellington - * $Id: openssl_link.c,v 1.22.112.3 2009/02/11 03:07:01 jinmei Exp $ + * $Id: openssl_link.c,v 1.22.112.5 2010-09-15 12:37:35 tbox Exp $ */ #ifdef OPENSSL @@ -91,7 +91,7 @@ entropy_get(unsigned char *buf, int num) { if (num < 0) return (-1); result = dst__entropy_getdata(buf, (unsigned int) num, ISC_FALSE); - return (result == ISC_R_SUCCESS ? num : -1); + return (result == ISC_R_SUCCESS ? 1 : -1); } static int @@ -105,7 +105,7 @@ entropy_getpseudo(unsigned char *buf, int num) { if (num < 0) return (-1); result = dst__entropy_getdata(buf, (unsigned int) num, ISC_TRUE); - return (result == ISC_R_SUCCESS ? num : -1); + return (result == ISC_R_SUCCESS ? 1 : -1); } static void diff --git a/lib/dns/rbtdb.c b/lib/dns/rbtdb.c index f61b83b..8932a17 100644 --- a/lib/dns/rbtdb.c +++ b/lib/dns/rbtdb.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rbtdb.c,v 1.270.12.16.10.6 2010/11/16 07:46:23 marka Exp $ */ +/* $Id: rbtdb.c,v 1.270.12.26 2010-12-02 05:09:58 marka Exp $ */ /*! \file */ @@ -2090,6 +2090,34 @@ setnsec3parameters(dns_db_t *db, rbtdb_version_t *version, } static void +cleanup_dead_nodes_callback(isc_task_t *task, isc_event_t *event) { + dns_rbtdb_t *rbtdb = event->ev_arg; + isc_boolean_t again = ISC_FALSE; + unsigned int locknum; + unsigned int refs; + + RWLOCK(&rbtdb->tree_lock, isc_rwlocktype_write); + for (locknum = 0; locknum < rbtdb->node_lock_count; locknum++) { + NODE_LOCK(&rbtdb->node_locks[locknum].lock, + isc_rwlocktype_write); + cleanup_dead_nodes(rbtdb, locknum); + if (ISC_LIST_HEAD(rbtdb->deadnodes[locknum]) != NULL) + again = ISC_TRUE; + NODE_UNLOCK(&rbtdb->node_locks[locknum].lock, + isc_rwlocktype_write); + } + RWUNLOCK(&rbtdb->tree_lock, isc_rwlocktype_write); + if (again) + isc_task_send(task, &event); + else { + isc_event_free(&event); + isc_refcount_decrement(&rbtdb->references, &refs); + if (refs == 0) + maybe_free_rbtdb(rbtdb); + } +} + +static void closeversion(dns_db_t *db, dns_dbversion_t **versionp, isc_boolean_t commit) { dns_rbtdb_t *rbtdb = (dns_rbtdb_t *)db; rbtdb_version_t *version, *cleanup_version, *least_greater; @@ -2289,15 +2317,28 @@ closeversion(dns_db_t *db, dns_dbversion_t **versionp, isc_boolean_t commit) { } if (!EMPTY(cleanup_list)) { - /* - * We acquire a tree write lock here in order to make sure - * that stale nodes will be removed in decrement_reference(). - * If we didn't have the lock, those nodes could miss the - * chance to be removed until the server stops. The write lock - * is expensive, but this event should be rare enough to justify - * the cost. - */ - RWLOCK(&rbtdb->tree_lock, isc_rwlocktype_write); + isc_event_t *event = NULL; + isc_rwlocktype_t tlock = isc_rwlocktype_none; + + if (rbtdb->task != NULL) + event = isc_event_allocate(rbtdb->common.mctx, NULL, + DNS_EVENT_RBTDEADNODES, + cleanup_dead_nodes_callback, + rbtdb, sizeof(isc_event_t)); + if (event == NULL) { + /* + * We acquire a tree write lock here in order to make + * sure that stale nodes will be removed in + * decrement_reference(). If we didn't have the lock, + * those nodes could miss the chance to be removed + * until the server stops. The write lock is + * expensive, but this event should be rare enough + * to justify the cost. + */ + RWLOCK(&rbtdb->tree_lock, isc_rwlocktype_write); + tlock = isc_rwlocktype_write; + } + for (changed = HEAD(cleanup_list); changed != NULL; changed = next_changed) { @@ -2312,20 +2353,25 @@ closeversion(dns_db_t *db, dns_dbversion_t **versionp, isc_boolean_t commit) { * This is a good opportunity to purge any dead nodes, * so use it. */ - cleanup_dead_nodes(rbtdb, rbtnode->locknum); + if (event == NULL) + cleanup_dead_nodes(rbtdb, rbtnode->locknum); if (rollback) rollback_node(rbtnode, serial); decrement_reference(rbtdb, rbtnode, least_serial, - isc_rwlocktype_write, - isc_rwlocktype_write, ISC_FALSE); + isc_rwlocktype_write, tlock, + ISC_FALSE); NODE_UNLOCK(lock, isc_rwlocktype_write); isc_mem_put(rbtdb->common.mctx, changed, sizeof(*changed)); } - RWUNLOCK(&rbtdb->tree_lock, isc_rwlocktype_write); + if (event != NULL) { + isc_refcount_increment(&rbtdb->references, NULL); + isc_task_send(rbtdb->task, &event); + } else + RWUNLOCK(&rbtdb->tree_lock, isc_rwlocktype_write); } end: diff --git a/lib/dns/rdata.c b/lib/dns/rdata.c index ab9df8b..daaa83a 100644 --- a/lib/dns/rdata.c +++ b/lib/dns/rdata.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2009, 2011 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rdata.c,v 1.199.50.2 2009/02/16 23:47:15 tbox Exp $ */ +/* $Id: rdata.c,v 1.199.50.4 2011-01-13 04:48:21 tbox Exp $ */ /*! \file */ @@ -1135,6 +1135,11 @@ name_prefix(dns_name_t *name, dns_name_t *origin, dns_name_t *target) { if (l1 == l2) goto return_false; + /* Master files should be case preserving. */ + dns_name_getlabelsequence(name, l1 - l2, l2, target); + if (!dns_name_caseequal(origin, target)) + goto return_false; + dns_name_getlabelsequence(name, 0, l1 - l2, target); return (ISC_TRUE); diff --git a/lib/dns/rdata/generic/ipseckey_45.c b/lib/dns/rdata/generic/ipseckey_45.c index 6a58bc9..f971d49 100644 --- a/lib/dns/rdata/generic/ipseckey_45.c +++ b/lib/dns/rdata/generic/ipseckey_45.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2005, 2007, 2009, 2011 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: ipseckey_45.c,v 1.4.332.3 2009/09/18 21:55:48 jinmei Exp $ */ +/* $Id: ipseckey_45.c,v 1.4.332.5 2011-01-13 04:48:23 tbox Exp $ */ #ifndef RDATA_GENERIC_IPSECKEY_45_C #define RDATA_GENERIC_IPSECKEY_45_C @@ -120,8 +120,6 @@ static inline isc_result_t totext_ipseckey(ARGS_TOTEXT) { isc_region_t region; dns_name_t name; - dns_name_t prefix; - isc_boolean_t sub; char buf[sizeof("255 ")]; unsigned short num; unsigned short gateway; @@ -130,7 +128,6 @@ totext_ipseckey(ARGS_TOTEXT) { REQUIRE(rdata->length >= 3); dns_name_init(&name, NULL); - dns_name_init(&prefix, NULL); if (rdata->data[1] > 3U) return (ISC_R_NOTIMPLEMENTED); @@ -183,8 +180,7 @@ totext_ipseckey(ARGS_TOTEXT) { case 3: dns_name_fromregion(&name, ®ion); - sub = name_prefix(&name, tctx->origin, &prefix); - RETERR(dns_name_totext(&prefix, sub, target)); + RETERR(dns_name_totext(&name, ISC_FALSE, target)); isc_region_consume(®ion, name_length(&name)); break; } diff --git a/lib/dns/rdata/generic/nsec_47.c b/lib/dns/rdata/generic/nsec_47.c index 7e443d9..ace1035 100644 --- a/lib/dns/rdata/generic/nsec_47.c +++ b/lib/dns/rdata/generic/nsec_47.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2007, 2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2007, 2008, 2011 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: nsec_47.c,v 1.11 2008/07/15 23:47:21 tbox Exp $ */ +/* $Id: nsec_47.c,v 1.11.82.2 2011-01-13 04:48:23 tbox Exp $ */ /* reviewed: Wed Mar 15 18:21:15 PST 2000 by brister */ @@ -88,20 +88,18 @@ totext_nsec(ARGS_TOTEXT) { isc_region_t sr; unsigned int i, j, k; dns_name_t name; - dns_name_t prefix; - isc_boolean_t sub; unsigned int window, len; REQUIRE(rdata->type == 47); REQUIRE(rdata->length != 0); + UNUSED(tctx); + dns_name_init(&name, NULL); - dns_name_init(&prefix, NULL); dns_rdata_toregion(rdata, &sr); dns_name_fromregion(&name, &sr); isc_region_consume(&sr, name_length(&name)); - sub = name_prefix(&name, tctx->origin, &prefix); - RETERR(dns_name_totext(&prefix, sub, target)); + RETERR(dns_name_totext(&name, ISC_FALSE, target)); for (i = 0; i < sr.length; i += len) { diff --git a/lib/dns/rdata/generic/rrsig_46.c b/lib/dns/rdata/generic/rrsig_46.c index a9af4bd..bcbb05b 100644 --- a/lib/dns/rdata/generic/rrsig_46.c +++ b/lib/dns/rdata/generic/rrsig_46.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2011 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rrsig_46.c,v 1.10 2007/06/19 23:47:17 tbox Exp $ */ +/* $Id: rrsig_46.c,v 1.10.332.2 2011-01-13 04:48:23 tbox Exp $ */ /* Reviewed: Fri Mar 17 09:05:02 PST 2000 by gson */ @@ -134,8 +134,6 @@ totext_rrsig(ARGS_TOTEXT) { unsigned long exp; unsigned long foot; dns_name_t name; - dns_name_t prefix; - isc_boolean_t sub; REQUIRE(rdata->type == 46); REQUIRE(rdata->length != 0); @@ -217,11 +215,9 @@ totext_rrsig(ARGS_TOTEXT) { * Signer. */ dns_name_init(&name, NULL); - dns_name_init(&prefix, NULL); dns_name_fromregion(&name, &sr); isc_region_consume(&sr, name_length(&name)); - sub = name_prefix(&name, tctx->origin, &prefix); - RETERR(dns_name_totext(&prefix, sub, target)); + RETERR(dns_name_totext(&name, ISC_FALSE, target)); /* * Sig. diff --git a/lib/dns/rdatalist.c b/lib/dns/rdatalist.c index 97cef94..e8178a7 100644 --- a/lib/dns/rdatalist.c +++ b/lib/dns/rdatalist.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rdatalist.c,v 1.36.338.1 2010/03/03 22:06:39 marka Exp $ */ +/* $Id: rdatalist.c,v 1.36.50.2 2010-02-25 10:56:41 tbox Exp $ */ /*! \file */ diff --git a/lib/dns/rdataset.c b/lib/dns/rdataset.c index 4361913..c0fcde5 100644 --- a/lib/dns/rdataset.c +++ b/lib/dns/rdataset.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rdataset.c,v 1.82.50.2.24.1 2010/03/03 22:06:39 marka Exp $ */ +/* $Id: rdataset.c,v 1.82.50.4 2010-02-25 10:56:41 tbox Exp $ */ /*! \file */ diff --git a/lib/dns/rdataslab.c b/lib/dns/rdataslab.c index 8d12eb8..d1a02a0 100644 --- a/lib/dns/rdataslab.c +++ b/lib/dns/rdataslab.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rdataslab.c,v 1.48.50.2.24.1 2010/03/03 22:06:39 marka Exp $ */ +/* $Id: rdataslab.c,v 1.48.50.4 2010-02-25 10:56:41 tbox Exp $ */ /*! \file */ diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c index 8803a05..290bb0f 100644 --- a/lib/dns/resolver.c +++ b/lib/dns/resolver.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2011 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: resolver.c,v 1.384.14.20.10.3 2010/06/23 23:46:25 tbox Exp $ */ +/* $Id: resolver.c,v 1.384.14.30 2011-01-27 23:45:47 tbox Exp $ */ /*! \file */ @@ -203,6 +203,7 @@ struct fetchctx { isc_sockaddrlist_t bad; isc_sockaddrlist_t edns; isc_sockaddrlist_t edns512; + isc_sockaddrlist_t bad_edns; dns_validator_t *validator; ISC_LIST(dns_validator_t) validators; dns_db_t * cache; @@ -482,7 +483,7 @@ valcreate(fetchctx_t *fctx, dns_adbaddrinfo_t *addrinfo, dns_name_t *name, inc_stats(fctx->res, dns_resstatscounter_val); if ((valoptions & DNS_VALIDATOR_DEFER) == 0) { INSIST(fctx->validator == NULL); - fctx->validator = validator; + fctx->validator = validator; } ISC_LIST_APPEND(fctx->validators, validator, link); } else @@ -1559,6 +1560,36 @@ fctx_query(fetchctx_t *fctx, dns_adbaddrinfo_t *addrinfo, } static isc_boolean_t +bad_edns(fetchctx_t *fctx, isc_sockaddr_t *address) { + isc_sockaddr_t *sa; + + for (sa = ISC_LIST_HEAD(fctx->bad_edns); + sa != NULL; + sa = ISC_LIST_NEXT(sa, link)) { + if (isc_sockaddr_equal(sa, address)) + return (ISC_TRUE); + } + + return (ISC_FALSE); +} + +static void +add_bad_edns(fetchctx_t *fctx, isc_sockaddr_t *address) { + isc_sockaddr_t *sa; + + if (bad_edns(fctx, address)) + return; + + sa = isc_mem_get(fctx->res->buckets[fctx->bucketnum].mctx, + sizeof(*sa)); + if (sa == NULL) + return; + + *sa = *address; + ISC_LIST_INITANDAPPEND(fctx->bad_edns, sa, link); +} + +static isc_boolean_t triededns(fetchctx_t *fctx, isc_sockaddr_t *address) { isc_sockaddr_t *sa; @@ -3131,6 +3162,14 @@ fctx_destroy(fetchctx_t *fctx) { isc_mem_put(res->buckets[bucketnum].mctx, sa, sizeof(*sa)); } + for (sa = ISC_LIST_HEAD(fctx->bad_edns); + sa != NULL; + sa = next_sa) { + next_sa = ISC_LIST_NEXT(sa, link); + ISC_LIST_UNLINK(fctx->bad_edns, sa, link); + isc_mem_put(res->buckets[bucketnum].mctx, sa, sizeof(*sa)); + } + isc_timer_detach(&fctx->timer); dns_message_destroy(&fctx->rmessage); dns_message_destroy(&fctx->qmessage); @@ -3501,6 +3540,7 @@ fctx_create(dns_resolver_t *res, dns_name_t *name, dns_rdatatype_t type, ISC_LIST_INIT(fctx->bad); ISC_LIST_INIT(fctx->edns); ISC_LIST_INIT(fctx->edns512); + ISC_LIST_INIT(fctx->bad_edns); ISC_LIST_INIT(fctx->validators); fctx->validator = NULL; fctx->find = NULL; @@ -3870,14 +3910,6 @@ maybe_destroy(fetchctx_t *fctx) { validator != NULL; validator = next_validator) { next_validator = ISC_LIST_NEXT(validator, link); dns_validator_cancel(validator); - /* - * If this is a active validator wait for the cancel - * to complete before calling dns_validator_destroy(). - */ - if (validator == fctx->validator) - continue; - ISC_LIST_UNLINK(fctx->validators, validator, link); - dns_validator_destroy(&validator); } bucketnum = fctx->bucketnum; @@ -6115,6 +6147,7 @@ resquery_response(isc_task_t *task, isc_event_t *event) { unsigned int findoptions; isc_result_t broken_server; badnstype_t broken_type = badns_response; + isc_boolean_t no_response; REQUIRE(VALID_QUERY(query)); fctx = query->fctx; @@ -6137,6 +6170,7 @@ resquery_response(isc_task_t *task, isc_event_t *event) { resend = ISC_FALSE; truncated = ISC_FALSE; finish = NULL; + no_response = ISC_FALSE; if (fctx->res->exiting) { result = ISC_R_SHUTTINGDOWN; @@ -6184,7 +6218,9 @@ resquery_response(isc_task_t *task, isc_event_t *event) { /* * If this is a network error on an exclusive query * socket, mark the server as bad so that we won't try - * it for this fetch again. + * it for this fetch again. Also adjust finish and + * no_response so that we penalize this address in SRTT + * adjustment later. */ if (query->exclusivesocket && (devent->result == ISC_R_HOSTUNREACH || @@ -6193,6 +6229,8 @@ resquery_response(isc_task_t *task, isc_event_t *event) { devent->result == ISC_R_CANCELED)) { broken_server = devent->result; broken_type = badns_unreachable; + finish = NULL; + no_response = ISC_TRUE; } } goto done; @@ -6324,6 +6362,25 @@ resquery_response(isc_task_t *task, isc_event_t *event) { * ensured by the dispatch code). */ + /* + * We have an affirmative response to the query and we have + * previously got a response from this server which indicated + * EDNS may not be supported so we can now cache the lack of + * EDNS support. + */ + if (opt == NULL && + (message->rcode == dns_rcode_noerror || + message->rcode == dns_rcode_nxdomain || + message->rcode == dns_rcode_refused || + message->rcode == dns_rcode_yxdomain) && + bad_edns(fctx, &query->addrinfo->sockaddr)) { + char addrbuf[ISC_SOCKADDR_FORMATSIZE]; + isc_sockaddr_format(&query->addrinfo->sockaddr, addrbuf, + sizeof(addrbuf)); + dns_adb_changeflags(fctx->adb, query->addrinfo, + DNS_FETCHOPT_NOEDNS0, + DNS_FETCHOPT_NOEDNS0); + } /* * Deal with truncated responses by retrying using TCP. @@ -6379,9 +6436,9 @@ resquery_response(isc_task_t *task, isc_event_t *event) { if (message->rcode != dns_rcode_noerror && message->rcode != dns_rcode_nxdomain) { if (((message->rcode == dns_rcode_formerr || - message->rcode == dns_rcode_notimp) || - (message->rcode == dns_rcode_servfail && - dns_message_getopt(message) == NULL)) && + message->rcode == dns_rcode_notimp) || + (message->rcode == dns_rcode_servfail && + dns_message_getopt(message) == NULL)) && (query->options & DNS_FETCHOPT_NOEDNS0) == 0) { /* * It's very likely they don't like EDNS0. @@ -6397,12 +6454,9 @@ resquery_response(isc_task_t *task, isc_event_t *event) { options |= DNS_FETCHOPT_NOEDNS0; resend = ISC_TRUE; /* - * Remember that they don't like EDNS0. + * Remember that they may not like EDNS0. */ - if (message->rcode != dns_rcode_servfail) - dns_adb_changeflags(fctx->adb, query->addrinfo, - DNS_FETCHOPT_NOEDNS0, - DNS_FETCHOPT_NOEDNS0); + add_bad_edns(fctx, &query->addrinfo->sockaddr); inc_stats(fctx->res, dns_resstatscounter_edns0fail); } else if (message->rcode == dns_rcode_formerr) { if (ISFORWARDER(query->addrinfo)) { @@ -6666,7 +6720,7 @@ resquery_response(isc_task_t *task, isc_event_t *event) { * * XXXRTH Don't cancel the query if waiting for validation? */ - fctx_cancelquery(&query, &devent, finish, ISC_FALSE); + fctx_cancelquery(&query, &devent, finish, no_response); if (keep_trying) { if (result == DNS_R_FORMERR) @@ -7389,6 +7443,13 @@ static inline isc_boolean_t fctx_match(fetchctx_t *fctx, dns_name_t *name, dns_rdatatype_t type, unsigned int options) { + /* + * Don't match fetch contexts that are shutting down. + */ + if (fctx->cloned || fctx->state == fetchstate_done || + ISC_LIST_EMPTY(fctx->events)) + return (ISC_FALSE); + if (fctx->type != type || fctx->options != options) return (ISC_FALSE); return (dns_name_equal(&fctx->name, name)); @@ -7523,17 +7584,7 @@ dns_resolver_createfetch2(dns_resolver_t *res, dns_name_t *name, } } - /* - * If we didn't have a fetch, would attach to a done fetch, this - * fetch has already cloned its results, or if the fetch has gone - * "idle" (no one was interested in it), we need to start a new - * fetch instead of joining with the existing one. - */ - if (fctx == NULL || - fctx->state == fetchstate_done || - fctx->cloned || - ISC_LIST_EMPTY(fctx->events)) { - fctx = NULL; + if (fctx == NULL) { result = fctx_create(res, name, type, domain, nameservers, options, bucketnum, &fctx); if (result != ISC_R_SUCCESS) diff --git a/lib/dns/result.c b/lib/dns/result.c index f241ded..2b0457c 100644 --- a/lib/dns/result.c +++ b/lib/dns/result.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: result.c,v 1.125.124.1 2010/03/03 22:06:39 marka Exp $ */ +/* $Id: result.c,v 1.125.48.2 2010-02-25 10:56:41 tbox Exp $ */ /*! \file */ diff --git a/lib/dns/rootns.c b/lib/dns/rootns.c index 3c50a18..d51a0d6 100644 --- a/lib/dns/rootns.c +++ b/lib/dns/rootns.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2008, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rootns.c,v 1.36 2008/09/24 02:46:22 marka Exp $ */ +/* $Id: rootns.c,v 1.36.50.4 2010-06-18 05:37:50 marka Exp $ */ /*! \file */ @@ -71,11 +71,13 @@ static char root_ns[] = "H.ROOT-SERVERS.NET. 3600000 IN A 128.63.2.53\n" "H.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:1::803F:235\n" "I.ROOT-SERVERS.NET. 3600000 IN A 192.36.148.17\n" +"I.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:7fe::53\n" "J.ROOT-SERVERS.NET. 3600000 IN A 192.58.128.30\n" "J.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:503:C27::2:30\n" "K.ROOT-SERVERS.NET. 3600000 IN A 193.0.14.129\n" "K.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:7FD::1\n" "L.ROOT-SERVERS.NET. 3600000 IN A 199.7.83.42\n" +"L.ROOT-SERVERS.NET. 604800 IN AAAA 2001:500:3::42\n" "M.ROOT-SERVERS.NET. 3600000 IN A 202.12.27.33\n" "M.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:DC3::35\n"; diff --git a/lib/dns/sdb.c b/lib/dns/sdb.c index 6ec6209..49c6430 100644 --- a/lib/dns/sdb.c +++ b/lib/dns/sdb.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: sdb.c,v 1.66.48.3.10.1 2010/03/03 22:06:39 marka Exp $ */ +/* $Id: sdb.c,v 1.66.48.6 2010-08-16 05:21:42 marka Exp $ */ /*! \file */ @@ -837,13 +837,6 @@ find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version, for (i = olabels; i <= nlabels; i++) { /* - * Unless this is an explicit lookup at the origin, don't - * look at the origin. - */ - if (i == olabels && i != nlabels) - continue; - - /* * Look up the next label. */ dns_name_getlabelsequence(name, nlabels - i, i, xname); diff --git a/lib/dns/sdlz.c b/lib/dns/sdlz.c index f2f7786..6be315a 100644 --- a/lib/dns/sdlz.c +++ b/lib/dns/sdlz.c @@ -50,7 +50,7 @@ * USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: sdlz.c,v 1.18.50.3.10.1 2010/03/03 22:06:39 marka Exp $ */ +/* $Id: sdlz.c,v 1.18.50.6 2010-08-16 05:21:42 marka Exp $ */ /*! \file */ @@ -801,13 +801,6 @@ find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version, for (i = olabels; i <= nlabels; i++) { /* - * Unless this is an explicit lookup at the origin, don't - * look at the origin. - */ - if (i == olabels && i != nlabels) - continue; - - /* * Look up the next label. */ dns_name_getlabelsequence(name, nlabels - i, i, xname); diff --git a/lib/dns/time.c b/lib/dns/time.c index 62414dd..bd8cdc3 100644 --- a/lib/dns/time.c +++ b/lib/dns/time.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2009, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: time.c,v 1.31.332.2 2009/01/18 23:47:40 tbox Exp $ */ +/* $Id: time.c,v 1.31.332.4 2010-04-21 23:48:05 tbox Exp $ */ /*! \file */ @@ -24,6 +24,7 @@ #include <stdio.h> #include <isc/string.h> /* Required for HP/UX (and others?) */ #include <time.h> +#include <ctype.h> #include <isc/print.h> #include <isc/region.h> @@ -132,6 +133,14 @@ dns_time64_fromtext(const char *source, isc_int64_t *target) { if (strlen(source) != 14U) return (DNS_R_SYNTAX); + /* + * Confirm the source only consists digits. sscanf() allows some + * minor exceptions. + */ + for (i = 0; i < 14; i++) { + if (!isdigit((unsigned char)source[i])) + return (DNS_R_SYNTAX); + } if (sscanf(source, "%4d%2d%2d%2d%2d%2d", &year, &month, &day, &hour, &minute, &second) != 6) return (DNS_R_SYNTAX); diff --git a/lib/dns/tkey.c b/lib/dns/tkey.c index 9e59dfa..7107dd5 100644 --- a/lib/dns/tkey.c +++ b/lib/dns/tkey.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -16,7 +16,7 @@ */ /* - * $Id: tkey.c,v 1.90 2008/04/03 00:45:23 marka Exp $ + * $Id: tkey.c,v 1.90.118.4 2010-12-09 01:12:55 marka Exp $ */ /*! \file */ #include <config.h> @@ -417,10 +417,9 @@ process_dhtkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name, } static isc_result_t -process_gsstkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name, - dns_rdata_tkey_t *tkeyin, dns_tkeyctx_t *tctx, - dns_rdata_tkey_t *tkeyout, - dns_tsig_keyring_t *ring, dns_namelist_t *namelist) +process_gsstkey(dns_name_t *name, dns_rdata_tkey_t *tkeyin, + dns_tkeyctx_t *tctx, dns_rdata_tkey_t *tkeyout, + dns_tsig_keyring_t *ring) { isc_result_t result = ISC_R_SUCCESS; dst_key_t *dstkey = NULL; @@ -431,9 +430,6 @@ process_gsstkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name, isc_buffer_t *outtoken = NULL; gss_ctx_id_t gss_ctx = NULL; - UNUSED(namelist); - UNUSED(signer); - if (tctx->gsscred == NULL) return (ISC_R_NOPERM); @@ -456,18 +452,15 @@ process_gsstkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name, if (result == ISC_R_SUCCESS) gss_ctx = dst_key_getgssctx(tsigkey->key); - dns_fixedname_init(&principal); result = dst_gssapi_acceptctx(tctx->gsscred, &intoken, &outtoken, &gss_ctx, dns_fixedname_name(&principal), tctx->mctx); - - if (tsigkey != NULL) - dns_tsigkey_detach(&tsigkey); - if (result == DNS_R_INVALIDTKEY) { + if (tsigkey != NULL) + dns_tsigkey_detach(&tsigkey); tkeyout->error = dns_tsigerror_badkey; tkey_log("process_gsstkey(): dns_tsigerror_badkey"); /* XXXSRA */ return (ISC_R_SUCCESS); @@ -478,20 +471,39 @@ process_gsstkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name, * XXXDCL Section 4.1.3: Limit GSS_S_CONTINUE_NEEDED to 10 times. */ + isc_stdtime_get(&now); + if (tsigkey == NULL) { - RETERR(dst_key_fromgssapi(name, gss_ctx, msg->mctx, &dstkey)); +#ifdef GSSAPI + OM_uint32 gret, minor, lifetime; +#endif + isc_uint32_t expire; + + RETERR(dst_key_fromgssapi(name, gss_ctx, ring->mctx, &dstkey)); + /* + * Limit keys to 1 hour or the context's lifetime whichever + * is smaller. + */ + expire = now + 3600; +#ifdef GSSAPI + gret = gss_context_time(&minor, gss_ctx, &lifetime); + if (gret == GSS_S_COMPLETE && now + lifetime < expire) + expire = now + lifetime; +#endif RETERR(dns_tsigkey_createfromkey(name, &tkeyin->algorithm, dstkey, ISC_TRUE, dns_fixedname_name(&principal), - tkeyin->inception, - tkeyin->expire, - ring->mctx, ring, NULL)); + now, expire, ring->mctx, ring, + NULL)); + dst_key_free(&dstkey); + tkeyout->inception = now; + tkeyout->expire = expire; + } else { + tkeyout->inception = tsigkey->inception; + tkeyout->expire = tkeyout->expire; + dns_tsigkey_detach(&tsigkey); } - isc_stdtime_get(&now); - tkeyout->inception = tkeyin->inception; - tkeyout->expire = tkeyin->expire; - if (outtoken) { tkeyout->key = isc_mem_get(tkeyout->mctx, isc_buffer_usedlength(outtoken)); @@ -520,6 +532,9 @@ process_gsstkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name, return (ISC_R_SUCCESS); failure: + if (tsigkey != NULL) + dns_tsigkey_detach(&tsigkey); + if (dstkey != NULL) dst_key_free(&dstkey); @@ -533,19 +548,14 @@ failure: } static isc_result_t -process_deletetkey(dns_message_t *msg, dns_name_t *signer, dns_name_t *name, - dns_rdata_tkey_t *tkeyin, - dns_rdata_tkey_t *tkeyout, - dns_tsig_keyring_t *ring, - dns_namelist_t *namelist) +process_deletetkey(dns_name_t *signer, dns_name_t *name, + dns_rdata_tkey_t *tkeyin, dns_rdata_tkey_t *tkeyout, + dns_tsig_keyring_t *ring) { isc_result_t result; dns_tsigkey_t *tsigkey = NULL; dns_name_t *identity; - UNUSED(msg); - UNUSED(namelist); - result = dns_tsigkey_find(&tsigkey, name, &tkeyin->algorithm, ring); if (result != ISC_R_SUCCESS) { tkeyout->error = dns_tsigerror_badname; @@ -763,16 +773,13 @@ dns_tkey_processquery(dns_message_t *msg, dns_tkeyctx_t *tctx, break; case DNS_TKEYMODE_GSSAPI: tkeyout.error = dns_rcode_noerror; - RETERR(process_gsstkey(msg, signer, keyname, &tkeyin, - tctx, &tkeyout, ring, - &namelist)); - + RETERR(process_gsstkey(keyname, &tkeyin, tctx, + &tkeyout, ring)); break; case DNS_TKEYMODE_DELETE: tkeyout.error = dns_rcode_noerror; - RETERR(process_deletetkey(msg, signer, keyname, - &tkeyin, &tkeyout, - ring, &namelist)); + RETERR(process_deletetkey(signer, keyname, &tkeyin, + &tkeyout, ring)); break; case DNS_TKEYMODE_SERVERASSIGNED: case DNS_TKEYMODE_RESOLVERASSIGNED: @@ -1263,7 +1270,6 @@ dns_tkey_processgssresponse(dns_message_t *qmsg, dns_message_t *rmsg, isc_buffer_init(&intoken, rtkey.key, rtkey.keylen); RETERR(dst_gssapi_initctx(gname, &intoken, outtoken, context)); - dstkey = NULL; RETERR(dst_key_fromgssapi(dns_rootname, *context, rmsg->mctx, &dstkey)); @@ -1271,7 +1277,7 @@ dns_tkey_processgssresponse(dns_message_t *qmsg, dns_message_t *rmsg, dstkey, ISC_FALSE, NULL, rtkey.inception, rtkey.expire, ring->mctx, ring, outkey)); - + dst_key_free(&dstkey); dns_rdata_freestruct(&rtkey); return (result); @@ -1279,6 +1285,8 @@ dns_tkey_processgssresponse(dns_message_t *qmsg, dns_message_t *rmsg, /* * XXXSRA This probably leaks memory from rtkey and qtkey. */ + if (dstkey != NULL) + dst_key_free(&dstkey); return (result); } @@ -1365,10 +1373,10 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, if (win2k == ISC_TRUE) RETERR(find_tkey(qmsg, &tkeyname, &qtkeyrdata, - DNS_SECTION_ANSWER)); + DNS_SECTION_ANSWER)); else RETERR(find_tkey(qmsg, &tkeyname, &qtkeyrdata, - DNS_SECTION_ADDITIONAL)); + DNS_SECTION_ADDITIONAL)); RETERR(dns_rdata_tostruct(&qtkeyrdata, &qtkey, NULL)); @@ -1389,7 +1397,6 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, if (result != DNS_R_CONTINUE && result != ISC_R_SUCCESS) return (result); - dstkey = NULL; RETERR(dst_key_fromgssapi(dns_rootname, *context, rmsg->mctx, &dstkey)); @@ -1406,7 +1413,7 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, dstkey, ISC_TRUE, NULL, rtkey.inception, rtkey.expire, ring->mctx, ring, outkey)); - + dst_key_free(&dstkey); dns_rdata_freestruct(&rtkey); return (result); @@ -1415,5 +1422,7 @@ dns_tkey_gssnegotiate(dns_message_t *qmsg, dns_message_t *rmsg, * XXXSRA This probably leaks memory from qtkey. */ dns_rdata_freestruct(&rtkey); + if (dstkey != NULL) + dst_key_free(&dstkey); return (result); } diff --git a/lib/dns/tsig.c b/lib/dns/tsig.c index 74a7af3..65d32dc 100644 --- a/lib/dns/tsig.c +++ b/lib/dns/tsig.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -16,7 +16,7 @@ */ /* - * $Id: tsig.c,v 1.136 2008/11/04 21:23:14 marka Exp $ + * $Id: tsig.c,v 1.136.18.5 2010-12-09 01:12:55 marka Exp $ */ /*! \file */ #include <config.h> @@ -26,6 +26,7 @@ #include <isc/mem.h> #include <isc/print.h> #include <isc/refcount.h> +#include <isc/serial.h> #include <isc/string.h> /* Required for HP/UX (and others?) */ #include <isc/util.h> #include <isc/time.h> @@ -47,6 +48,10 @@ #define TSIG_MAGIC ISC_MAGIC('T', 'S', 'I', 'G') #define VALID_TSIG_KEY(x) ISC_MAGIC_VALID(x, TSIG_MAGIC) +#ifndef DNS_TSIG_MAXGENERATEDKEYS +#define DNS_TSIG_MAXGENERATEDKEYS 4096 +#endif + #define is_response(msg) (msg->flags & DNS_MESSAGEFLAG_QR) #define algname_is_allocated(algname) \ ((algname) != dns_tsig_hmacmd5_name && \ @@ -86,6 +91,31 @@ static dns_name_t gsstsig = { }; LIBDNS_EXTERNAL_DATA dns_name_t *dns_tsig_gssapi_name = &gsstsig; +static void +remove_fromring(dns_tsigkey_t *tkey) { + if (tkey->generated) { + ISC_LIST_UNLINK(tkey->ring->lru, tkey, link); + tkey->ring->generated--; + } + (void)dns_rbt_deletename(tkey->ring->keys, &tkey->name, ISC_FALSE); +} + +static void +adjust_lru(dns_tsigkey_t *tkey) { + if (tkey->generated) { + RWLOCK(&tkey->ring->lock, isc_rwlocktype_write); + /* + * We may have been removed from the LRU list between + * removing the read lock and aquiring the write lock. + */ + if (ISC_LINK_LINKED(tkey, link)) { + ISC_LIST_UNLINK(tkey->ring->lru, tkey, link); + ISC_LIST_APPEND(tkey->ring->lru, tkey, link); + } + RWUNLOCK(&tkey->ring->lock, isc_rwlocktype_write); + } +} + /* * Since Microsoft doesn't follow its own standard, we will use this * alternate name as a second guess. @@ -327,7 +357,9 @@ dns_tsigkey_createfromkey(dns_name_t *name, dns_name_t *algorithm, } else tkey->creator = NULL; - tkey->key = dstkey; + tkey->key = NULL; + if (dstkey != NULL) + dst_key_attach(dstkey, &tkey->key); tkey->ring = ring; if (key != NULL) @@ -358,11 +390,24 @@ dns_tsigkey_createfromkey(dns_name_t *name, dns_name_t *algorithm, cleanup_ring(ring); ring->writecount = 0; } + ret = dns_rbt_addname(ring->keys, name, tkey); if (ret != ISC_R_SUCCESS) { RWUNLOCK(&ring->lock, isc_rwlocktype_write); goto cleanup_refs; } + + if (tkey->generated) { + /* + * Add the new key to the LRU list and remove the + * least recently used key if there are too many + * keys on the list. + */ + ISC_LIST_INITANDAPPEND(ring->lru, tkey, link); + if (ring->generated++ > ring->maxgenerated) + remove_fromring(ISC_LIST_HEAD(ring->lru)); + } + RWUNLOCK(&ring->lock, isc_rwlocktype_write); } @@ -390,6 +435,8 @@ dns_tsigkey_createfromkey(dns_name_t *name, dns_name_t *algorithm, isc_refcount_decrement(&tkey->refs, NULL); isc_refcount_destroy(&tkey->refs); cleanup_creator: + if (tkey->key != NULL) + dst_key_free(&tkey->key); if (tkey->creator != NULL) { dns_name_free(tkey->creator, mctx); isc_mem_put(mctx, tkey->creator, sizeof(dns_name_t)); @@ -452,9 +499,7 @@ cleanup_ring(dns_tsig_keyring_t *ring) tsig_log(tkey, 2, "tsig expire: deleting"); /* delete the key */ dns_rbtnodechain_invalidate(&chain); - (void)dns_rbt_deletename(ring->keys, - &tkey->name, - ISC_FALSE); + remove_fromring(tkey); goto again; } } @@ -464,7 +509,6 @@ cleanup_ring(dns_tsig_keyring_t *ring) dns_rbtnodechain_invalidate(&chain); return; } - } } @@ -572,7 +616,7 @@ dns_tsigkey_create(dns_name_t *name, dns_name_t *algorithm, result = dns_tsigkey_createfromkey(name, algorithm, dstkey, generated, creator, inception, expire, mctx, ring, key); - if (result != ISC_R_SUCCESS && dstkey != NULL) + if (dstkey != NULL) dst_key_free(&dstkey); return (result); } @@ -629,7 +673,7 @@ dns_tsigkey_setdeleted(dns_tsigkey_t *key) { REQUIRE(key->ring != NULL); RWLOCK(&key->ring->lock, isc_rwlocktype_write); - (void)dns_rbt_deletename(key->ring->keys, &key->name, ISC_FALSE); + remove_fromring(key); RWUNLOCK(&key->ring->lock, isc_rwlocktype_write); } @@ -889,6 +933,9 @@ dns_tsig_sign(dns_message_t *msg) { msg->tsig = dataset; msg->tsigname = owner; + /* Windows does not like the tsig name being compressed. */ + msg->tsigname->attributes |= DNS_NAMEATTR_NOCOMPRESS; + return (ISC_R_SUCCESS); cleanup_rdatalist: @@ -1469,19 +1516,30 @@ dns_tsigkey_find(dns_tsigkey_t **tsigkey, dns_name_t *name, RWUNLOCK(&ring->lock, isc_rwlocktype_read); return (ISC_R_NOTFOUND); } - if (key->inception != key->expire && key->expire < now) { + if (key->inception != key->expire && isc_serial_lt(key->expire, now)) { /* * The key has expired. */ RWUNLOCK(&ring->lock, isc_rwlocktype_read); RWLOCK(&ring->lock, isc_rwlocktype_write); - (void)dns_rbt_deletename(ring->keys, name, ISC_FALSE); + remove_fromring(key); RWUNLOCK(&ring->lock, isc_rwlocktype_write); return (ISC_R_NOTFOUND); } - +#if 0 + /* + * MPAXXX We really should look at the inception time. + */ + if (key->inception != key->expire && + isc_serial_lt(key->inception, now)) { + RWUNLOCK(&ring->lock, isc_rwlocktype_read); + adjust_lru(key); + return (ISC_R_NOTFOUND); + } +#endif isc_refcount_increment(&key->refs, NULL); RWUNLOCK(&ring->lock, isc_rwlocktype_read); + adjust_lru(key); *tsigkey = key; return (ISC_R_SUCCESS); } @@ -1527,6 +1585,9 @@ dns_tsigkeyring_create(isc_mem_t *mctx, dns_tsig_keyring_t **ringp) { ring->writecount = 0; ring->mctx = NULL; + ring->generated = 0; + ring->maxgenerated = DNS_TSIG_MAXGENERATEDKEYS; + ISC_LIST_INIT(ring->lru); isc_mem_attach(mctx, &ring->mctx); *ringp = ring; diff --git a/lib/dns/validator.c b/lib/dns/validator.c index fc6f454..054c5a6 100644 --- a/lib/dns/validator.c +++ b/lib/dns/validator.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: validator.c,v 1.164.12.11.10.7 2010/11/16 01:48:32 marka Exp $ */ +/* $Id: validator.c,v 1.164.12.23 2010-11-16 02:23:44 marka Exp $ */ #include <config.h> @@ -2135,7 +2135,7 @@ dlv_validatezonekey(dns_validator_t *val) { &sigrdata); result = dns_rdata_tostruct(&sigrdata, &sig, NULL); RUNTIME_CHECK(result == ISC_R_SUCCESS); - if (dlv.key_tag != sig.keyid && + if (dlv.key_tag != sig.keyid || dlv.algorithm != sig.algorithm) continue; dstkey = NULL; @@ -2218,6 +2218,17 @@ validatezonekey(dns_validator_t *val) { return (dlv_validatezonekey(val)); if (val->dsset == NULL) { + + /* + * We have a dlv sep. Skip looking up the SEP from + * {trusted,managed}-keys. If the dlv sep is for the + * root then it will have been handled above so we don't + * need to check whether val->event->name is "." prior to + * looking up the DS. + */ + if (val->havedlvsep) + goto find_ds; + /* * First, see if this key was signed by a trusted key. */ @@ -2250,13 +2261,13 @@ validatezonekey(dns_validator_t *val) { val->event->name, found) != ISC_R_SUCCESS) { if (val->mustbesecure) { validator_log(val, ISC_LOG_WARNING, - "must be secure failure, " - "not beneath secure root"); + "must be secure failure, " + "not beneath secure root"); return (DNS_R_MUSTBESECURE); } else validator_log(val, ISC_LOG_DEBUG(3), - "not beneath secure root"); - if (val->view->dlv == NULL || DLVTRIED(val)) { + "not beneath secure root"); + if (val->view->dlv == NULL) { markanswer(val, "validatezonekey (1)"); return (ISC_R_SUCCESS); } @@ -2292,17 +2303,6 @@ validatezonekey(dns_validator_t *val) { } } - /* - * If this is the root name and there was no trusted key, - * give up, since there's no DS at the root. - */ - if (dns_name_equal(event->name, dns_rootname)) { - if ((val->attributes & VALATTR_TRIEDVERIFY) != 0) - return (DNS_R_NOVALIDSIG); - else - return (DNS_R_NOVALIDDS); - } - if (atsep) { /* * We have not found a key to verify this DNSKEY @@ -2323,6 +2323,22 @@ validatezonekey(dns_validator_t *val) { } /* + * If this is the root name and there was no trusted key, + * give up, since there's no DS at the root. + */ + if (dns_name_equal(event->name, dns_rootname)) { + if ((val->attributes & VALATTR_TRIEDVERIFY) != 0) { + validator_log(val, ISC_LOG_DEBUG(3), + "root key failed to validate"); + return (DNS_R_NOVALIDSIG); + } else { + validator_log(val, ISC_LOG_DEBUG(3), + "no trusted root key"); + return (DNS_R_NOVALIDDS); + } + } + find_ds: + /* * Otherwise, try to find the DS record. */ result = view_find(val, val->event->name, dns_rdatatype_ds); @@ -4038,19 +4054,19 @@ dns_validator_cancel(dns_validator_t *validator) { validator_log(validator, ISC_LOG_DEBUG(3), "dns_validator_cancel"); - if (validator->event != NULL) { - if (validator->fetch != NULL) - dns_resolver_cancelfetch(validator->fetch); - - if (validator->subvalidator != NULL) - dns_validator_cancel(validator->subvalidator); - if ((validator->options & DNS_VALIDATOR_DEFER) != 0) { - isc_task_t *task = validator->event->ev_sender; - validator->options &= ~DNS_VALIDATOR_DEFER; - isc_event_free((isc_event_t **)&validator->event); - isc_task_detach(&task); - } + if ((validator->attributes & VALATTR_CANCELED) == 0) { validator->attributes |= VALATTR_CANCELED; + if (validator->event != NULL) { + if (validator->fetch != NULL) + dns_resolver_cancelfetch(validator->fetch); + + if (validator->subvalidator != NULL) + dns_validator_cancel(validator->subvalidator); + if ((validator->options & DNS_VALIDATOR_DEFER) != 0) { + validator->options &= ~DNS_VALIDATOR_DEFER; + validator_done(validator, ISC_R_CANCELED); + } + } } UNLOCK(&validator->lock); } diff --git a/lib/dns/view.c b/lib/dns/view.c index 54f0d26..809cc15 100644 --- a/lib/dns/view.c +++ b/lib/dns/view.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: view.c,v 1.150.84.3.10.2 2010/09/29 00:03:32 marka Exp $ */ +/* $Id: view.c,v 1.150.84.6 2010-09-24 08:09:08 marka Exp $ */ /*! \file */ diff --git a/lib/dns/zone.c b/lib/dns/zone.c index c21b1f0..108aefb 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: zone.c,v 1.483.36.17 2009/12/21 04:32:42 marka Exp $ */ +/* $Id: zone.c,v 1.483.36.23 2010-12-14 00:48:22 marka Exp $ */ /*! \file */ @@ -1702,6 +1702,12 @@ zone_check_mx(dns_zone_t *zone, dns_db_t *db, dns_name_t *name, int level; /* + * "." means the services does not exist. + */ + if (dns_name_equal(name, dns_rootname)) + return (ISC_TRUE); + + /* * Outside of zone. */ if (!dns_name_issubdomain(name, &zone->origin)) { @@ -3656,6 +3662,7 @@ find_zone_keys(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, isc_result_t result; dns_dbnode_t *node = NULL; const char *directory = dns_zone_getkeydirectory(zone); + CHECK(dns_db_findnode(db, dns_db_origin(db), ISC_FALSE, &node)); result = dns_dnssec_findzonekeys2(db, ver, node, dns_db_origin(db), directory, mctx, maxkeys, keys, @@ -3759,7 +3766,7 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, if (type != dns_rdatatype_dnskey) { result = update_one_rr(db, ver, diff, - DNS_DIFFOP_DEL, name, + DNS_DIFFOP_DELRESIGN, name, rdataset.ttl, &rdata); dns_rdata_reset(&rdata); if (result != ISC_R_SUCCESS) @@ -3801,7 +3808,7 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, break; } result = update_one_rr(db, ver, diff, - DNS_DIFFOP_DEL, + DNS_DIFFOP_DELRESIGN, name, rdataset.ttl, &rdata); break; @@ -3812,8 +3819,9 @@ del_sigs(dns_zone_t *zone, dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, * delete the RRSIG. */ if (!found) - result = update_one_rr(db, ver, diff, DNS_DIFFOP_DEL, - name, rdataset.ttl, &rdata); + result = update_one_rr(db, ver, diff, + DNS_DIFFOP_DELRESIGN, name, + rdataset.ttl, &rdata); dns_rdata_reset(&rdata); if (result != ISC_R_SUCCESS) break; @@ -3877,6 +3885,7 @@ add_sigs(dns_db_t *db, dns_dbversion_t *ver, dns_name_t *name, CHECK(update_one_rr(db, ver, diff, DNS_DIFFOP_ADDRESIGN, name, rdataset.ttl, &sig_rdata)); dns_rdata_reset(&sig_rdata); + isc_buffer_init(&buffer, data, sizeof(data)); } failure: @@ -5475,7 +5484,7 @@ del_sig(dns_db_t *db, dns_dbversion_t *version, dns_name_t *name, rrsig.keyid != keyid) continue; CHECK(update_one_rr(db, version, diff, - DNS_DIFFOP_DEL, name, + DNS_DIFFOP_DELRESIGN, name, rdataset.ttl, &rdata)); } dns_rdataset_disassociate(&rdataset); @@ -10091,6 +10100,7 @@ got_transfer_quota(isc_task_t *task, isc_event_t *event) { isc_sockaddr_t sourceaddr; isc_sockaddr_t masteraddr; isc_time_t now; + const char *soa_before = ""; UNUSED(task); @@ -10118,6 +10128,8 @@ got_transfer_quota(isc_task_t *task, isc_event_t *event) { isc_netaddr_fromsockaddr(&masterip, &zone->masteraddr); (void)dns_peerlist_peerbyaddr(zone->view->peers, &masterip, &peer); + if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_SOABEFOREAXFR)) + soa_before = "SOA before "; /* * Decide whether we should request IXFR or AXFR. */ @@ -10128,8 +10140,12 @@ got_transfer_quota(isc_task_t *task, isc_event_t *event) { xfrtype = dns_rdatatype_axfr; } else if (DNS_ZONE_OPTION(zone, DNS_ZONEOPT_IXFRFROMDIFFS)) { dns_zone_log(zone, ISC_LOG_DEBUG(1), "ixfr-from-differences " - "set, requesting AXFR from %s", master); - xfrtype = dns_rdatatype_axfr; + "set, requesting %sAXFR from %s", soa_before, + master); + if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_SOABEFOREAXFR)) + xfrtype = dns_rdatatype_soa; + else + xfrtype = dns_rdatatype_axfr; } else if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_FORCEXFER)) { dns_zone_log(zone, ISC_LOG_DEBUG(1), "forced reload, requesting AXFR of " @@ -10154,8 +10170,8 @@ got_transfer_quota(isc_task_t *task, isc_event_t *event) { } if (use_ixfr == ISC_FALSE) { dns_zone_log(zone, ISC_LOG_DEBUG(1), - "IXFR disabled, requesting AXFR from %s", - master); + "IXFR disabled, requesting %sAXFR from %s", + soa_before, master); if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_SOABEFOREAXFR)) xfrtype = dns_rdatatype_soa; else diff --git a/lib/isc/Makefile.in b/lib/isc/Makefile.in index 6fa284b..d831fcf 100644 --- a/lib/isc/Makefile.in +++ b/lib/isc/Makefile.in @@ -1,4 +1,4 @@ -# Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 1998-2003 Internet Software Consortium. # # Permission to use, copy, modify, and/or distribute this software for any @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: Makefile.in,v 1.96.50.3 2009/02/16 01:02:58 marka Exp $ +# $Id: Makefile.in,v 1.96.50.6 2010-06-09 01:52:54 marka Exp $ srcdir = @srcdir@ VPATH = @srcdir@ @@ -42,8 +42,9 @@ UNIXOBJS = @ISC_ISCIPV6_O@ \ NLSOBJS = nls/msgcat.@O@ -THREADOBJS = @ISC_THREAD_DIR@/condition.@O@ @ISC_THREAD_DIR@/mutex.@O@ \ - @ISC_THREAD_DIR@/thread.@O@ +THREADOPTOBJS = @ISC_THREAD_DIR@/condition.@O@ @ISC_THREAD_DIR@/mutex.@O@ + +THREADOBJS = @THREADOPTOBJS@ @ISC_THREAD_DIR@/thread.@O@ WIN32OBJS = win32/condition.@O@ win32/dir.@O@ win32/file.@O@ \ win32/fsaccess.@O@ win32/once.@O@ win32/stdtime.@O@ \ @@ -80,6 +81,10 @@ SRCS = @ISC_EXTRA_SRCS@ \ LIBS = @LIBS@ +# Note: the order of SUBDIRS is important. +# Attempt to disable parallel processing. +.NOTPARALLEL: +.NO_PARALLEL: SUBDIRS = include unix nls @ISC_THREAD_DIR@ @ISC_ARCH_DIR@ TARGETS = timestamp diff --git a/lib/isc/api b/lib/isc/api index b765f45..e1f7b71 100644 --- a/lib/isc/api +++ b/lib/isc/api @@ -1,3 +1,3 @@ -LIBINTERFACE = 53 +LIBINTERFACE = 54 LIBREVISION = 1 -LIBAGE = 3 +LIBAGE = 4 diff --git a/lib/isc/entropy.c b/lib/isc/entropy.c index 25ab002..af8757f 100644 --- a/lib/isc/entropy.c +++ b/lib/isc/entropy.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2009, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: entropy.c,v 1.18.332.2 2009/01/18 23:47:41 tbox Exp $ */ +/* $Id: entropy.c,v 1.18.332.4 2010-08-10 23:46:54 tbox Exp $ */ /*! \file * \brief @@ -283,8 +283,11 @@ entropypool_add_word(isc_entropypool_t *rp, isc_uint32_t val) { val ^= rp->pool[(rp->cursor + TAP3) & (RND_POOLWORDS - 1)]; val ^= rp->pool[(rp->cursor + TAP4) & (RND_POOLWORDS - 1)]; val ^= rp->pool[(rp->cursor + TAP5) & (RND_POOLWORDS - 1)]; - rp->pool[rp->cursor++] ^= - ((val << rp->rotate) | (val >> (32 - rp->rotate))); + if (rp->rotate == 0) + rp->pool[rp->cursor++] ^= val; + else + rp->pool[rp->cursor++] ^= + ((val << rp->rotate) | (val >> (32 - rp->rotate))); /* * If we have looped around the pool, increment the rotate diff --git a/lib/isc/include/isc/mem.h b/lib/isc/include/isc/mem.h index b49d440..d13d912 100644 --- a/lib/isc/include/isc/mem.h +++ b/lib/isc/include/isc/mem.h @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: mem.h,v 1.78.120.3.24.2 2010/08/12 23:46:25 tbox Exp $ */ +/* $Id: mem.h,v 1.78.120.6 2010-08-11 23:04:21 jinmei Exp $ */ #ifndef ISC_MEM_H #define ISC_MEM_H 1 @@ -121,7 +121,7 @@ LIBISC_EXTERNAL_DATA extern unsigned int isc_mem_debugging; #if ISC_MEM_TRACKLINES #define _ISC_MEM_FILELINE , __FILE__, __LINE__ -#define _ISC_MEM_FLARG , const char *, int +#define _ISC_MEM_FLARG , const char *, unsigned int #else #define _ISC_MEM_FILELINE #define _ISC_MEM_FLARG diff --git a/lib/isc/include/isc/platform.h.in b/lib/isc/include/isc/platform.h.in index 1ed76b8..99c887b 100644 --- a/lib/isc/include/isc/platform.h.in +++ b/lib/isc/include/isc/platform.h.in @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: platform.h.in,v 1.48.84.2 2009/02/16 23:47:15 tbox Exp $ */ +/* $Id: platform.h.in,v 1.48.84.4 2010-06-03 23:47:49 tbox Exp $ */ #ifndef ISC_PLATFORM_H #define ISC_PLATFORM_H 1 @@ -215,6 +215,12 @@ @ISC_PLATFORM_GSSAPIHEADER@ /* + * Defined to <krb5.h> or <krb5/krb5.h> for how to include + * the KRB5 header. + */ +@ISC_PLATFORM_KRB5HEADER@ + +/* * Type used for resource limits. */ @ISC_PLATFORM_RLIMITTYPE@ diff --git a/lib/isc/include/isc/task.h b/lib/isc/include/isc/task.h index 8106571..a8c7569 100644 --- a/lib/isc/include/isc/task.h +++ b/lib/isc/include/isc/task.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2007, 2009, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: task.h,v 1.61.332.2 2009/01/18 23:47:41 tbox Exp $ */ +/* $Id: task.h,v 1.61.332.4 2010-12-03 23:45:47 tbox Exp $ */ #ifndef ISC_TASK_H #define ISC_TASK_H 1 @@ -535,6 +535,16 @@ isc_task_getcurrenttime(isc_task_t *task, isc_stdtime_t *t); *\li '*t' has the "current time". */ +isc_boolean_t +isc_task_exiting(isc_task_t *t); +/*%< + * Returns ISC_TRUE if the task is in the process of shutting down, + * ISC_FALSE otherwise. + * + * Requires: + *\li 'task' is a valid task. + */ + /***** ***** Task Manager. *****/ diff --git a/lib/isc/mem.c b/lib/isc/mem.c index 59f5924..aeacfc0 100644 --- a/lib/isc/mem.c +++ b/lib/isc/mem.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: mem.c,v 1.145.120.4.24.2 2010/08/12 23:46:25 tbox Exp $ */ +/* $Id: mem.c,v 1.145.120.9 2010-08-11 23:45:49 tbox Exp $ */ /*! \file */ @@ -72,7 +72,7 @@ struct debuglink { }; #define FLARG_PASS , file, line -#define FLARG , const char *file, int line +#define FLARG , const char *file, unsigned int line #else #define FLARG_PASS #define FLARG @@ -221,6 +221,7 @@ add_trace_entry(isc_mem_t *mctx, const void *ptr, unsigned int size { debuglink_t *dl; unsigned int i; + unsigned int mysize = size; if ((isc_mem_debugging & ISC_MEM_DEBUGTRACE) != 0) fprintf(stderr, isc_msgcat_get(isc_msgcat, ISC_MSGSET_MEM, @@ -232,10 +233,10 @@ add_trace_entry(isc_mem_t *mctx, const void *ptr, unsigned int size if (mctx->debuglist == NULL) return; - if (size > mctx->max_size) - size = mctx->max_size; + if (mysize > mctx->max_size) + mysize = mctx->max_size; - dl = ISC_LIST_HEAD(mctx->debuglist[size]); + dl = ISC_LIST_HEAD(mctx->debuglist[mysize]); while (dl != NULL) { if (dl->count == DEBUGLIST_COUNT) goto next; @@ -270,7 +271,7 @@ add_trace_entry(isc_mem_t *mctx, const void *ptr, unsigned int size dl->line[0] = line; dl->count = 1; - ISC_LIST_PREPEND(mctx->debuglist[size], dl, link); + ISC_LIST_PREPEND(mctx->debuglist[mysize], dl, link); mctx->debuglistcnt++; } @@ -877,13 +878,13 @@ destroy(isc_mem_t *ctx) { unsigned int i; isc_ondestroy_t ondest; - ctx->magic = 0; - LOCK(&lock); ISC_LIST_UNLINK(contexts, ctx, link); totallost += ctx->inuse; UNLOCK(&lock); + ctx->magic = 0; + INSIST(ISC_LIST_EMPTY(ctx->pools)); #if ISC_MEM_TRACKLINES diff --git a/lib/isc/nothreads/Makefile.in b/lib/isc/nothreads/Makefile.in index 75a2cb5..042cfce 100644 --- a/lib/isc/nothreads/Makefile.in +++ b/lib/isc/nothreads/Makefile.in @@ -1,4 +1,4 @@ -# Copyright (C) 2004, 2007 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004, 2007, 2010 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 2000, 2001 Internet Software Consortium. # # Permission to use, copy, modify, and/or distribute this software for any @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: Makefile.in,v 1.7 2007/06/19 23:47:18 tbox Exp $ +# $Id: Makefile.in,v 1.7.332.2 2010-06-09 23:48:16 tbox Exp $ srcdir = @srcdir@ VPATH = @srcdir@ @@ -28,9 +28,11 @@ CINCLUDES = -I${srcdir}/include \ CDEFINES = CWARNINGS = -OBJS = condition.@O@ mutex.@O@ thread.@O@ +THREADOPTOBJS = condition.@O@ mutex.@O@ +OBJS = @THREADOPTOBJS@ thread.@O@ -SRCS = condition.c mutex.c thread.c +THREADOPTSRCS = condition.c mutex.c +SRCS = @THREADOPTSRCS@ thread.c SUBDIRS = include TARGETS = ${OBJS} diff --git a/lib/isc/print.c b/lib/isc/print.c index 6b98195..5d800f3 100644 --- a/lib/isc/print.c +++ b/lib/isc/print.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: print.c,v 1.35.418.2 2010/10/18 23:46:34 tbox Exp $ */ +/* $Id: print.c,v 1.35.130.2 2010-10-18 23:46:17 tbox Exp $ */ /*! \file */ diff --git a/lib/isc/pthreads/mutex.c b/lib/isc/pthreads/mutex.c index b57d9ee..efe38db 100644 --- a/lib/isc/pthreads/mutex.c +++ b/lib/isc/pthreads/mutex.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2008, 2011 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: mutex.c,v 1.16 2008/04/04 23:47:01 tbox Exp $ */ +/* $Id: mutex.c,v 1.16.112.2 2011-01-04 23:45:43 tbox Exp $ */ /*! \file */ @@ -234,10 +234,13 @@ isc_mutex_init_errcheck(isc_mutex_t *mp) if (pthread_mutexattr_init(&attr) != 0) return (ISC_R_UNEXPECTED); - if (pthread_mutexattr_settype(&attr, PTHREAD_MUTEX_ERRORCHECK) != 0) + if (pthread_mutexattr_settype(&attr, PTHREAD_MUTEX_ERRORCHECK) != 0) { + pthread_mutexattr_destroy(&attr); return (ISC_R_UNEXPECTED); + } err = pthread_mutex_init(mp, &attr) != 0) + pthread_mutexattr_destroy(&attr); if (err == ENOMEM) return (ISC_R_NOMEMORY); return ((err == 0) ? ISC_R_SUCCESS : ISC_R_UNEXPECTED); diff --git a/lib/isc/task.c b/lib/isc/task.c index a630173..5d87f21 100644 --- a/lib/isc/task.c +++ b/lib/isc/task.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1998-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: task.c,v 1.107 2008/03/27 23:46:57 tbox Exp $ */ +/* $Id: task.c,v 1.107.120.2 2010-12-03 23:45:47 tbox Exp $ */ /*! \file * \author Principal Author: Bob Halley @@ -1292,8 +1292,15 @@ isc_task_endexclusive(isc_task_t *task) { #endif } -#ifdef HAVE_LIBXML2 +isc_boolean_t +isc_task_exiting(isc_task_t *t) { + isc_task_t *task = (isc_task_t *)t; + + REQUIRE(VALID_TASK(task)); + return (TASK_SHUTTINGDOWN(task)); +} +#ifdef HAVE_LIBXML2 void isc_taskmgr_renderxml(isc_taskmgr_t *mgr, xmlTextWriterPtr writer) { diff --git a/lib/isc/unix/socket.c b/lib/isc/unix/socket.c index 004a038..055e883 100644 --- a/lib/isc/unix/socket.c +++ b/lib/isc/unix/socket.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: socket.c,v 1.308.12.12 2010/01/31 23:47:31 tbox Exp $ */ +/* $Id: socket.c,v 1.308.12.17 2010-12-22 03:28:13 marka Exp $ */ /*! \file */ @@ -67,7 +67,11 @@ #include <sys/epoll.h> #endif #ifdef ISC_PLATFORM_HAVEDEVPOLL +#if defined(HAVE_SYS_DEVPOLL_H) #include <sys/devpoll.h> +#elif defined(HAVE_DEVPOLL_H) +#include <devpoll.h> +#endif #endif #include "errno2result.h" @@ -652,6 +656,7 @@ watch_fd(isc_socketmgr_t *manager, int fd, int msg) { event.events = EPOLLIN; else event.events = EPOLLOUT; + memset(&event.data, 0, sizeof(event.data)); event.data.fd = fd; if (epoll_ctl(manager->epoll_fd, EPOLL_CTL_ADD, fd, &event) == -1 && errno != EEXIST) { @@ -719,6 +724,7 @@ unwatch_fd(isc_socketmgr_t *manager, int fd, int msg) { event.events = EPOLLIN; else event.events = EPOLLOUT; + memset(&event.data, 0, sizeof(event.data)); event.data.fd = fd; if (epoll_ctl(manager->epoll_fd, EPOLL_CTL_DEL, fd, &event) == -1 && errno != ENOENT) { @@ -2232,6 +2238,26 @@ opensocket(isc_socketmgr_t *manager, isc_socket_t *sock) { (void *)&on, sizeof(on)); } #endif +#if defined(IPV6_MTU) + /* + * Use minimum MTU on IPv6 sockets. + */ + if (sock->pf == AF_INET6) { + int mtu = 1280; + (void)setsockopt(sock->fd, IPPROTO_IPV6, IPV6_MTU, + &mtu, sizeof(mtu)); + } +#endif +#if defined(IPV6_MTU_DISCOVER) && defined(IPV6_PMTUDISC_DONT) + /* + * Turn off Path MTU discovery on IPv6/UDP sockets. + */ + if (sock->pf == AF_INET6) { + int action = IPV6_PMTUDISC_DONT; + (void)setsockopt(sock->fd, IPPROTO_IPV6, IPV6_MTU_DISCOVER, + &action, sizeof(action)); + } +#endif #endif /* ISC_PLATFORM_HAVEIPV6 */ #endif /* defined(USE_CMSG) */ @@ -4712,9 +4738,16 @@ isc_socket_bind(isc_socket_t *sock, isc_sockaddr_t *sockaddr, return (ISC_R_SUCCESS); } +/* + * Enable this only for specific OS versions, and only when they have repaired + * their problems with it. Until then, this is is broken and needs to be + * diabled by default. See RT22589 for details. + */ +#undef ENABLE_ACCEPTFILTER + isc_result_t isc_socket_filter(isc_socket_t *sock, const char *filter) { -#ifdef SO_ACCEPTFILTER +#if defined(SO_ACCEPTFILTER) && defined(ENABLE_ACCEPTFILTER) char strbuf[ISC_STRERRORSIZE]; struct accept_filter_arg afa; #else @@ -4724,7 +4757,7 @@ isc_socket_filter(isc_socket_t *sock, const char *filter) { REQUIRE(VALID_SOCKET(sock)); -#ifdef SO_ACCEPTFILTER +#if defined(SO_ACCEPTFILTER) && defined(ENABLE_ACCEPTFILTER) bzero(&afa, sizeof(afa)); strncpy(afa.af_name, filter, sizeof(afa.af_name)); if (setsockopt(sock->fd, SOL_SOCKET, SO_ACCEPTFILTER, @@ -4829,6 +4862,12 @@ isc_socket_accept(isc_socket_t *sock, * Attach to socket and to task. */ isc_task_attach(task, &ntask); + if (isc_task_exiting(ntask)) { + isc_task_detach(&ntask); + isc_event_free(ISC_EVENT_PTR(&dev)); + UNLOCK(&sock->lock); + return (ISC_R_SHUTTINGDOWN); + } nsock->references++; nsock->statsindex = sock->statsindex; diff --git a/lib/isccfg/api b/lib/isccfg/api index 2240cdd..fbbf923 100644 --- a/lib/isccfg/api +++ b/lib/isccfg/api @@ -1,3 +1,3 @@ LIBINTERFACE = 50 -LIBREVISION = 1 +LIBREVISION = 3 LIBAGE = 0 diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c index 0610489..f291507 100644 --- a/lib/isccfg/namedconf.c +++ b/lib/isccfg/namedconf.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2008, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2002, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: namedconf.c,v 1.92 2008/09/27 23:35:31 jinmei Exp $ */ +/* $Id: namedconf.c,v 1.92.44.2 2010-05-13 23:47:49 tbox Exp $ */ /*! \file */ @@ -464,7 +464,7 @@ static cfg_type_t cfg_type_transferformat = { static void print_none(cfg_printer_t *pctx, const cfg_obj_t *obj) { UNUSED(obj); - cfg_print_chars(pctx, "none", 4); + cfg_print_cstr(pctx, "none"); } static cfg_type_t cfg_type_none = { @@ -492,7 +492,7 @@ parse_qstringornone(cfg_parser_t *pctx, const cfg_type_t *type, static void doc_qstringornone(cfg_printer_t *pctx, const cfg_type_t *type) { UNUSED(type); - cfg_print_chars(pctx, "( <quoted_string> | none )", 26); + cfg_print_cstr(pctx, "( <quoted_string> | none )"); } static cfg_type_t cfg_type_qstringornone = { @@ -505,7 +505,7 @@ static cfg_type_t cfg_type_qstringornone = { static void print_hostname(cfg_printer_t *pctx, const cfg_obj_t *obj) { UNUSED(obj); - cfg_print_chars(pctx, "hostname", 4); + cfg_print_cstr(pctx, "hostname"); } static cfg_type_t cfg_type_hostname = { @@ -538,7 +538,7 @@ parse_serverid(cfg_parser_t *pctx, const cfg_type_t *type, static void doc_serverid(cfg_printer_t *pctx, const cfg_type_t *type) { UNUSED(type); - cfg_print_chars(pctx, "( <quoted_string> | none | hostname )", 26); + cfg_print_cstr(pctx, "( <quoted_string> | none | hostname )"); } static cfg_type_t cfg_type_serverid = { @@ -887,7 +887,7 @@ parse_optional_uint32(cfg_parser_t *pctx, const cfg_type_t *type, static void doc_optional_uint32(cfg_printer_t *pctx, const cfg_type_t *type) { UNUSED(type); - cfg_print_chars(pctx, "[ <integer> ]", 13); + cfg_print_cstr(pctx, "[ <integer> ]"); } static cfg_type_t cfg_type_optional_uint32 = { @@ -1626,9 +1626,9 @@ static void print_querysource(cfg_printer_t *pctx, const cfg_obj_t *obj) { isc_netaddr_t na; isc_netaddr_fromsockaddr(&na, &obj->value.sockaddr); - cfg_print_chars(pctx, "address ", 8); + cfg_print_cstr(pctx, "address "); cfg_print_rawaddr(pctx, &na); - cfg_print_chars(pctx, " port ", 6); + cfg_print_cstr(pctx, " port "); cfg_print_rawuint(pctx, isc_sockaddr_getport(&obj->value.sockaddr)); } @@ -1926,11 +1926,11 @@ static void print_logfile(cfg_printer_t *pctx, const cfg_obj_t *obj) { cfg_print_obj(pctx, obj->value.tuple[0]); /* file */ if (obj->value.tuple[1]->type->print != cfg_print_void) { - cfg_print_chars(pctx, " versions ", 10); + cfg_print_cstr(pctx, " versions "); cfg_print_obj(pctx, obj->value.tuple[1]); } if (obj->value.tuple[2]->type->print != cfg_print_void) { - cfg_print_chars(pctx, " size ", 6); + cfg_print_cstr(pctx, " size "); cfg_print_obj(pctx, obj->value.tuple[2]); } } diff --git a/lib/lwres/man/lwres.html b/lib/lwres/man/lwres.html index f7f3a9f..3844c01 100644 --- a/lib/lwres/man/lwres.html +++ b/lib/lwres/man/lwres.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres.html,v 1.23.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres.html,v 1.23.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres — introduction to the lightweight resolver library</p> @@ -32,7 +32,7 @@ <div class="funcsynopsis"><pre class="funcsynopsisinfo">#include <lwres/lwres.h></pre></div> </div> <div class="refsect1" lang="en"> -<a name="id2543346"></a><h2>DESCRIPTION</h2> +<a name="id2543348"></a><h2>DESCRIPTION</h2> <p> The BIND 9 lightweight resolver library is a simple, name service independent stub resolver library. It provides hostname-to-address @@ -47,7 +47,7 @@ </p> </div> <div class="refsect1" lang="en"> -<a name="id2543358"></a><h2>OVERVIEW</h2> +<a name="id2543361"></a><h2>OVERVIEW</h2> <p> The lwresd library implements multiple name service APIs. The standard @@ -101,7 +101,7 @@ </p> </div> <div class="refsect1" lang="en"> -<a name="id2543422"></a><h2>CLIENT-SIDE LOW-LEVEL API CALL FLOW</h2> +<a name="id2543425"></a><h2>CLIENT-SIDE LOW-LEVEL API CALL FLOW</h2> <p> When a client program wishes to make an lwres request using the native low-level API, it typically performs the following @@ -149,7 +149,7 @@ </p> </div> <div class="refsect1" lang="en"> -<a name="id2543571"></a><h2>SERVER-SIDE LOW-LEVEL API CALL FLOW</h2> +<a name="id2543573"></a><h2>SERVER-SIDE LOW-LEVEL API CALL FLOW</h2> <p> When implementing the server side of the lightweight resolver protocol using the lwres library, a sequence of actions like the @@ -191,7 +191,7 @@ <p></p> </div> <div class="refsect1" lang="en"> -<a name="id2543654"></a><h2>SEE ALSO</h2> +<a name="id2543656"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">lwres_gethostent</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">lwres_getipnode</span>(3)</span>, diff --git a/lib/lwres/man/lwres_buffer.html b/lib/lwres/man/lwres_buffer.html index 042e158..7f3934a 100644 --- a/lib/lwres/man/lwres_buffer.html +++ b/lib/lwres/man/lwres_buffer.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_buffer.html,v 1.21.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_buffer.html,v 1.21.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_buffer_init, lwres_buffer_invalidate, lwres_buffer_add, lwres_buffer_subtract, lwres_buffer_clear, lwres_buffer_first, lwres_buffer_forward, lwres_buffer_back, lwres_buffer_getuint8, lwres_buffer_putuint8, lwres_buffer_getuint16, lwres_buffer_putuint16, lwres_buffer_getuint32, lwres_buffer_putuint32, lwres_buffer_putmem, lwres_buffer_getmem — lightweight resolver buffer management</p> @@ -262,7 +262,7 @@ void </div> </div> <div class="refsect1" lang="en"> -<a name="id2543890"></a><h2>DESCRIPTION</h2> +<a name="id2543892"></a><h2>DESCRIPTION</h2> <p> These functions provide bounds checked access to a region of memory where data is being read or written. diff --git a/lib/lwres/man/lwres_config.html b/lib/lwres/man/lwres_config.html index aad6768..2cee5ef 100644 --- a/lib/lwres/man/lwres_config.html +++ b/lib/lwres/man/lwres_config.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_config.html,v 1.22.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_config.html,v 1.22.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_conf_init, lwres_conf_clear, lwres_conf_parse, lwres_conf_print, lwres_conf_get — lightweight resolver configuration</p> @@ -90,7 +90,7 @@ lwres_conf_t * </div> </div> <div class="refsect1" lang="en"> -<a name="id2543438"></a><h2>DESCRIPTION</h2> +<a name="id2543441"></a><h2>DESCRIPTION</h2> <p><code class="function">lwres_conf_init()</code> creates an empty <span class="type">lwres_conf_t</span> @@ -123,7 +123,7 @@ lwres_conf_t * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543506"></a><h2>RETURN VALUES</h2> +<a name="id2543508"></a><h2>RETURN VALUES</h2> <p><code class="function">lwres_conf_parse()</code> returns <span class="errorcode">LWRES_R_SUCCESS</span> if it successfully read and parsed @@ -142,13 +142,13 @@ lwres_conf_t * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543543"></a><h2>SEE ALSO</h2> +<a name="id2543545"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">stdio</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">resolver</span>(5)</span>. </p> </div> <div class="refsect1" lang="en"> -<a name="id2543569"></a><h2>FILES</h2> +<a name="id2543571"></a><h2>FILES</h2> <p><code class="filename">/etc/resolv.conf</code> </p> </div> diff --git a/lib/lwres/man/lwres_context.html b/lib/lwres/man/lwres_context.html index 3635b9c..d525a4b 100644 --- a/lib/lwres/man/lwres_context.html +++ b/lib/lwres/man/lwres_context.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_context.html,v 1.23.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_context.html,v 1.23.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_context_create, lwres_context_destroy, lwres_context_nextserial, lwres_context_initserial, lwres_context_freemem, lwres_context_allocmem, lwres_context_sendrecv — lightweight resolver context management</p> @@ -172,7 +172,7 @@ void * </div> </div> <div class="refsect1" lang="en"> -<a name="id2543529"></a><h2>DESCRIPTION</h2> +<a name="id2543531"></a><h2>DESCRIPTION</h2> <p><code class="function">lwres_context_create()</code> creates a <span class="type">lwres_context_t</span> structure for use in lightweight resolver operations. It holds a socket and other @@ -258,7 +258,7 @@ void * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543717"></a><h2>RETURN VALUES</h2> +<a name="id2543719"></a><h2>RETURN VALUES</h2> <p><code class="function">lwres_context_create()</code> returns <span class="errorcode">LWRES_R_NOMEMORY</span> if memory for the <span class="type">struct lwres_context</span> could not be allocated, @@ -283,7 +283,7 @@ void * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543767"></a><h2>SEE ALSO</h2> +<a name="id2543769"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">lwres_conf_init</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">malloc</span>(3)</span>, diff --git a/lib/lwres/man/lwres_gabn.html b/lib/lwres/man/lwres_gabn.html index 2b6ba85..b69f432 100644 --- a/lib/lwres/man/lwres_gabn.html +++ b/lib/lwres/man/lwres_gabn.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_gabn.html,v 1.24.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_gabn.html,v 1.24.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_gabnrequest_render, lwres_gabnresponse_render, lwres_gabnrequest_parse, lwres_gabnresponse_parse, lwres_gabnresponse_free, lwres_gabnrequest_free — lightweight resolver getaddrbyname message handling</p> @@ -178,7 +178,7 @@ void </div> </div> <div class="refsect1" lang="en"> -<a name="id2543520"></a><h2>DESCRIPTION</h2> +<a name="id2543522"></a><h2>DESCRIPTION</h2> <p> These are low-level routines for creating and parsing lightweight resolver name-to-address lookup request and @@ -278,7 +278,7 @@ typedef struct { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543665"></a><h2>RETURN VALUES</h2> +<a name="id2543667"></a><h2>RETURN VALUES</h2> <p> The getaddrbyname opcode functions <code class="function">lwres_gabnrequest_render()</code>, @@ -316,7 +316,7 @@ typedef struct { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543731"></a><h2>SEE ALSO</h2> +<a name="id2543733"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">lwres_packet</span>(3)</span> </p> </div> diff --git a/lib/lwres/man/lwres_gai_strerror.html b/lib/lwres/man/lwres_gai_strerror.html index 393efeb..616eebe 100644 --- a/lib/lwres/man/lwres_gai_strerror.html +++ b/lib/lwres/man/lwres_gai_strerror.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_gai_strerror.html,v 1.24.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_gai_strerror.html,v 1.24.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_gai_strerror — print suitable error string</p> @@ -42,7 +42,7 @@ char * </div> </div> <div class="refsect1" lang="en"> -<a name="id2543358"></a><h2>DESCRIPTION</h2> +<a name="id2543361"></a><h2>DESCRIPTION</h2> <p><code class="function">lwres_gai_strerror()</code> returns an error message corresponding to an error code returned by <code class="function">getaddrinfo()</code>. @@ -110,7 +110,7 @@ char * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543574"></a><h2>SEE ALSO</h2> +<a name="id2543576"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">strerror</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">lwres_getaddrinfo</span>(3)</span>, diff --git a/lib/lwres/man/lwres_getaddrinfo.html b/lib/lwres/man/lwres_getaddrinfo.html index ef5cd40..013e878 100644 --- a/lib/lwres/man/lwres_getaddrinfo.html +++ b/lib/lwres/man/lwres_getaddrinfo.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_getaddrinfo.html,v 1.27.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_getaddrinfo.html,v 1.27.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_getaddrinfo, lwres_freeaddrinfo — socket address structure to host and service name</p> @@ -89,7 +89,7 @@ struct addrinfo { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543410"></a><h2>DESCRIPTION</h2> +<a name="id2543412"></a><h2>DESCRIPTION</h2> <p><code class="function">lwres_getaddrinfo()</code> is used to get a list of IP addresses and port numbers for host <em class="parameter"><code>hostname</code></em> and service @@ -283,7 +283,7 @@ struct addrinfo { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543787"></a><h2>RETURN VALUES</h2> +<a name="id2543789"></a><h2>RETURN VALUES</h2> <p><code class="function">lwres_getaddrinfo()</code> returns zero on success or one of the error codes listed in <span class="citerefentry"><span class="refentrytitle">gai_strerror</span>(3)</span> @@ -294,7 +294,7 @@ struct addrinfo { </p> </div> <div class="refsect1" lang="en"> -<a name="id2542118"></a><h2>SEE ALSO</h2> +<a name="id2543827"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">lwres_getaddrinfo</span>(3)</span>, diff --git a/lib/lwres/man/lwres_gethostent.html b/lib/lwres/man/lwres_gethostent.html index 7f6a6ad..fd27dcf 100644 --- a/lib/lwres/man/lwres_gethostent.html +++ b/lib/lwres/man/lwres_gethostent.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_gethostent.html,v 1.24.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_gethostent.html,v 1.24.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_gethostbyname, lwres_gethostbyname2, lwres_gethostbyaddr, lwres_gethostent, lwres_sethostent, lwres_endhostent, lwres_gethostbyname_r, lwres_gethostbyaddr_r, lwres_gethostent_r, lwres_sethostent_r, lwres_endhostent_r — lightweight resolver get network host entry</p> @@ -228,7 +228,7 @@ void </div> </div> <div class="refsect1" lang="en"> -<a name="id2543606"></a><h2>DESCRIPTION</h2> +<a name="id2543608"></a><h2>DESCRIPTION</h2> <p> These functions provide hostname-to-address and address-to-hostname lookups by means of the lightweight resolver. @@ -366,7 +366,7 @@ struct hostent { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543957"></a><h2>RETURN VALUES</h2> +<a name="id2543959"></a><h2>RETURN VALUES</h2> <p> The functions <code class="function">lwres_gethostbyname()</code>, @@ -430,7 +430,7 @@ struct hostent { </p> </div> <div class="refsect1" lang="en"> -<a name="id2544190"></a><h2>SEE ALSO</h2> +<a name="id2544193"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">gethostent</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">lwres_getipnode</span>(3)</span>, @@ -439,7 +439,7 @@ struct hostent { </p> </div> <div class="refsect1" lang="en"> -<a name="id2544225"></a><h2>BUGS</h2> +<a name="id2544227"></a><h2>BUGS</h2> <p><code class="function">lwres_gethostbyname()</code>, <code class="function">lwres_gethostbyname2()</code>, <code class="function">lwres_gethostbyaddr()</code> diff --git a/lib/lwres/man/lwres_getipnode.html b/lib/lwres/man/lwres_getipnode.html index f20240e..20c6d30 100644 --- a/lib/lwres/man/lwres_getipnode.html +++ b/lib/lwres/man/lwres_getipnode.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_getipnode.html,v 1.25.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_getipnode.html,v 1.25.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_getipnodebyname, lwres_getipnodebyaddr, lwres_freehostent — lightweight resolver nodename / address translation API</p> @@ -98,7 +98,7 @@ void </div> </div> <div class="refsect1" lang="en"> -<a name="id2543429"></a><h2>DESCRIPTION</h2> +<a name="id2543431"></a><h2>DESCRIPTION</h2> <p> These functions perform thread safe, protocol independent nodename-to-address and address-to-nodename @@ -217,7 +217,7 @@ struct hostent { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543687"></a><h2>RETURN VALUES</h2> +<a name="id2543689"></a><h2>RETURN VALUES</h2> <p> If an error occurs, <code class="function">lwres_getipnodebyname()</code> @@ -261,7 +261,7 @@ struct hostent { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543784"></a><h2>SEE ALSO</h2> +<a name="id2543786"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">RFC2553</span></span>, <span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>, diff --git a/lib/lwres/man/lwres_getnameinfo.html b/lib/lwres/man/lwres_getnameinfo.html index 88215dd..fb7837f 100644 --- a/lib/lwres/man/lwres_getnameinfo.html +++ b/lib/lwres/man/lwres_getnameinfo.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_getnameinfo.html,v 1.23.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_getnameinfo.html,v 1.23.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_getnameinfo — lightweight resolver socket address structure to hostname and @@ -82,7 +82,7 @@ int </div> </div> <div class="refsect1" lang="en"> -<a name="id2543390"></a><h2>DESCRIPTION</h2> +<a name="id2543393"></a><h2>DESCRIPTION</h2> <p> This function is equivalent to the <span class="citerefentry"><span class="refentrytitle">getnameinfo</span>(3)</span> function defined in RFC2133. @@ -149,13 +149,13 @@ int </p> </div> <div class="refsect1" lang="en"> -<a name="id2543532"></a><h2>RETURN VALUES</h2> +<a name="id2543534"></a><h2>RETURN VALUES</h2> <p><code class="function">lwres_getnameinfo()</code> returns 0 on success or a non-zero error code if an error occurs. </p> </div> <div class="refsect1" lang="en"> -<a name="id2543544"></a><h2>SEE ALSO</h2> +<a name="id2543546"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">RFC2133</span></span>, <span class="citerefentry"><span class="refentrytitle">getservbyport</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>, @@ -165,7 +165,7 @@ int </p> </div> <div class="refsect1" lang="en"> -<a name="id2543602"></a><h2>BUGS</h2> +<a name="id2543604"></a><h2>BUGS</h2> <p> RFC2133 fails to define what the nonzero return values of <span class="citerefentry"><span class="refentrytitle">getnameinfo</span>(3)</span> diff --git a/lib/lwres/man/lwres_getrrsetbyname.html b/lib/lwres/man/lwres_getrrsetbyname.html index 8715e5f..9d9dc04 100644 --- a/lib/lwres/man/lwres_getrrsetbyname.html +++ b/lib/lwres/man/lwres_getrrsetbyname.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_getrrsetbyname.html,v 1.23.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_getrrsetbyname.html,v 1.23.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_getrrsetbyname, lwres_freerrset — retrieve DNS records</p> @@ -102,7 +102,7 @@ struct rrsetinfo { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543412"></a><h2>DESCRIPTION</h2> +<a name="id2543414"></a><h2>DESCRIPTION</h2> <p><code class="function">lwres_getrrsetbyname()</code> gets a set of resource records associated with a <em class="parameter"><code>hostname</code></em>, <em class="parameter"><code>class</code></em>, @@ -150,7 +150,7 @@ struct rrsetinfo { <p></p> </div> <div class="refsect1" lang="en"> -<a name="id2543524"></a><h2>RETURN VALUES</h2> +<a name="id2543526"></a><h2>RETURN VALUES</h2> <p><code class="function">lwres_getrrsetbyname()</code> returns zero on success, and one of the following error codes if an error occurred: @@ -184,7 +184,7 @@ struct rrsetinfo { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543624"></a><h2>SEE ALSO</h2> +<a name="id2543626"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>. </p> </div> diff --git a/lib/lwres/man/lwres_gnba.html b/lib/lwres/man/lwres_gnba.html index 476fd1f..158f4d0 100644 --- a/lib/lwres/man/lwres_gnba.html +++ b/lib/lwres/man/lwres_gnba.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_gnba.html,v 1.24.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_gnba.html,v 1.24.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_gnbarequest_render, lwres_gnbaresponse_render, lwres_gnbarequest_parse, lwres_gnbaresponse_parse, lwres_gnbaresponse_free, lwres_gnbarequest_free — lightweight resolver getnamebyaddress message handling</p> @@ -183,7 +183,7 @@ void </div> </div> <div class="refsect1" lang="en"> -<a name="id2543523"></a><h2>DESCRIPTION</h2> +<a name="id2543525"></a><h2>DESCRIPTION</h2> <p> These are low-level routines for creating and parsing lightweight resolver address-to-name lookup request and @@ -270,7 +270,7 @@ typedef struct { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543662"></a><h2>RETURN VALUES</h2> +<a name="id2543665"></a><h2>RETURN VALUES</h2> <p> The getnamebyaddr opcode functions <code class="function">lwres_gnbarequest_render()</code>, @@ -308,7 +308,7 @@ typedef struct { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543729"></a><h2>SEE ALSO</h2> +<a name="id2543731"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">lwres_packet</span>(3)</span>. </p> </div> diff --git a/lib/lwres/man/lwres_hstrerror.html b/lib/lwres/man/lwres_hstrerror.html index 2e77451..d5d25ec 100644 --- a/lib/lwres/man/lwres_hstrerror.html +++ b/lib/lwres/man/lwres_hstrerror.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_hstrerror.html,v 1.23.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_hstrerror.html,v 1.23.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_herror, lwres_hstrerror — lightweight resolver error message generation</p> @@ -50,7 +50,7 @@ const char * </div> </div> <div class="refsect1" lang="en"> -<a name="id2543377"></a><h2>DESCRIPTION</h2> +<a name="id2543379"></a><h2>DESCRIPTION</h2> <p><code class="function">lwres_herror()</code> prints the string <em class="parameter"><code>s</code></em> on <span class="type">stderr</span> followed by the string generated by @@ -84,7 +84,7 @@ const char * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543495"></a><h2>RETURN VALUES</h2> +<a name="id2543497"></a><h2>RETURN VALUES</h2> <p> The string <span class="errorname">Unknown resolver error</span> is returned by <code class="function">lwres_hstrerror()</code> @@ -94,7 +94,7 @@ const char * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543515"></a><h2>SEE ALSO</h2> +<a name="id2543517"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">herror</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">lwres_hstrerror</span>(3)</span>. diff --git a/lib/lwres/man/lwres_inetntop.html b/lib/lwres/man/lwres_inetntop.html index 4358c1b..8467e4b 100644 --- a/lib/lwres/man/lwres_inetntop.html +++ b/lib/lwres/man/lwres_inetntop.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_inetntop.html,v 1.23.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_inetntop.html,v 1.23.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_net_ntop — lightweight resolver IP address presentation</p> @@ -62,7 +62,7 @@ const char * </div> </div> <div class="refsect1" lang="en"> -<a name="id2543377"></a><h2>DESCRIPTION</h2> +<a name="id2543379"></a><h2>DESCRIPTION</h2> <p><code class="function">lwres_net_ntop()</code> converts an IP address of protocol family <em class="parameter"><code>af</code></em> — IPv4 or IPv6 — at @@ -80,7 +80,7 @@ const char * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543409"></a><h2>RETURN VALUES</h2> +<a name="id2543411"></a><h2>RETURN VALUES</h2> <p> If successful, the function returns <em class="parameter"><code>dst</code></em>: a pointer to a string containing the presentation format of the @@ -93,7 +93,7 @@ const char * </p> </div> <div class="refsect1" lang="en"> -<a name="id2543442"></a><h2>SEE ALSO</h2> +<a name="id2543444"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">RFC1884</span></span>, <span class="citerefentry"><span class="refentrytitle">inet_ntop</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">errno</span>(3)</span>. diff --git a/lib/lwres/man/lwres_noop.html b/lib/lwres/man/lwres_noop.html index 62aa19a..4a94836 100644 --- a/lib/lwres/man/lwres_noop.html +++ b/lib/lwres/man/lwres_noop.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_noop.html,v 1.25.418.1.10.1 2010/03/03 22:06:39 marka Exp $ --> +<!-- $Id: lwres_noop.html,v 1.25.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_nooprequest_render, lwres_noopresponse_render, lwres_nooprequest_parse, lwres_noopresponse_parse, lwres_noopresponse_free, lwres_nooprequest_free — lightweight resolver no-op message handling</p> @@ -179,7 +179,7 @@ void </div> </div> <div class="refsect1" lang="en"> -<a name="id2543520"></a><h2>DESCRIPTION</h2> +<a name="id2543522"></a><h2>DESCRIPTION</h2> <p> These are low-level routines for creating and parsing lightweight resolver no-op request and response messages. @@ -270,7 +270,7 @@ typedef struct { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543670"></a><h2>RETURN VALUES</h2> +<a name="id2543672"></a><h2>RETURN VALUES</h2> <p> The no-op opcode functions <code class="function">lwres_nooprequest_render()</code>, @@ -309,7 +309,7 @@ typedef struct { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543736"></a><h2>SEE ALSO</h2> +<a name="id2543738"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">lwres_packet</span>(3)</span> </p> </div> diff --git a/lib/lwres/man/lwres_packet.html b/lib/lwres/man/lwres_packet.html index 7f2f67b..096b4bb 100644 --- a/lib/lwres/man/lwres_packet.html +++ b/lib/lwres/man/lwres_packet.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_packet.html,v 1.26.418.1.10.1 2010/03/03 22:06:40 marka Exp $ --> +<!-- $Id: lwres_packet.html,v 1.26.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_lwpacket_renderheader, lwres_lwpacket_parseheader — lightweight resolver packet handling functions</p> @@ -66,7 +66,7 @@ lwres_result_t </div> </div> <div class="refsect1" lang="en"> -<a name="id2543387"></a><h2>DESCRIPTION</h2> +<a name="id2543389"></a><h2>DESCRIPTION</h2> <p> These functions rely on a <span class="type">struct lwres_lwpacket</span> @@ -219,7 +219,7 @@ struct lwres_lwpacket { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543704"></a><h2>RETURN VALUES</h2> +<a name="id2543706"></a><h2>RETURN VALUES</h2> <p> Successful calls to <code class="function">lwres_lwpacket_renderheader()</code> and diff --git a/lib/lwres/man/lwres_resutil.html b/lib/lwres/man/lwres_resutil.html index e649965..1d2aa76 100644 --- a/lib/lwres/man/lwres_resutil.html +++ b/lib/lwres/man/lwres_resutil.html @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: lwres_resutil.html,v 1.25.418.1.10.1 2010/03/03 22:06:40 marka Exp $ --> +<!-- $Id: lwres_resutil.html,v 1.25.418.1 2009-07-11 01:55:21 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -22,7 +22,7 @@ <meta name="generator" content="DocBook XSL Stylesheets V1.71.1"> </head> <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"> -<a name="id2476267"></a><div class="titlepage"></div> +<a name="id2476275"></a><div class="titlepage"></div> <div class="refnamediv"> <h2>Name</h2> <p>lwres_string_parse, lwres_addr_parse, lwres_getaddrsbyname, lwres_getnamebyaddr — lightweight resolver utility functions</p> @@ -134,7 +134,7 @@ lwres_result_t </div> </div> <div class="refsect1" lang="en"> -<a name="id2543464"></a><h2>DESCRIPTION</h2> +<a name="id2543466"></a><h2>DESCRIPTION</h2> <p><code class="function">lwres_string_parse()</code> retrieves a DNS-encoded string starting the current pointer of lightweight resolver buffer <em class="parameter"><code>b</code></em>: i.e. @@ -210,7 +210,7 @@ typedef struct { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543603"></a><h2>RETURN VALUES</h2> +<a name="id2543605"></a><h2>RETURN VALUES</h2> <p> Successful calls to <code class="function">lwres_string_parse()</code> @@ -248,7 +248,7 @@ typedef struct { </p> </div> <div class="refsect1" lang="en"> -<a name="id2543674"></a><h2>SEE ALSO</h2> +<a name="id2543676"></a><h2>SEE ALSO</h2> <p><span class="citerefentry"><span class="refentrytitle">lwres_buffer</span>(3)</span>, <span class="citerefentry"><span class="refentrytitle">lwres_gabn</span>(3)</span>. diff --git a/lib/lwres/print_p.h b/lib/lwres/print_p.h index c22b44a..e2f6ad6 100644 --- a/lib/lwres/print_p.h +++ b/lib/lwres/print_p.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2007 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2007, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2001, 2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: print_p.h,v 1.4 2007/06/19 23:47:22 tbox Exp $ */ +/* $Id: print_p.h,v 1.4.332.2 2010-08-16 23:45:48 tbox Exp $ */ #ifndef LWRES_PRINT_P_H #define LWRES_PRINT_P_H 1 @@ -47,7 +47,7 @@ #ifdef __GNUC__ #define LWRES_FORMAT_PRINTF(fmt, args) \ - __attribute__((__format__(__printf__, fmt, args))) + __attribute__((__format__(__printf__, fmt, args))) #else #define LWRES_FORMAT_PRINTF(fmt, args) #endif @@ -67,17 +67,26 @@ LWRES_LANG_BEGINDECLS int lwres__print_vsnprintf(char *str, size_t size, const char *format, va_list ap) LWRES_FORMAT_PRINTF(3, 0); +#ifdef vsnprintf +#undef vsnprintf +#endif #define vsnprintf lwres__print_vsnprintf int lwres__print_snprintf(char *str, size_t size, const char *format, ...) LWRES_FORMAT_PRINTF(3, 4); +#ifdef snprintf +#undef snprintf +#endif #define snprintf lwres__print_snprintf #endif /* LWRES_PLATFORM_NEEDVSNPRINTF */ #ifdef LWRES_PLATFORM_NEEDSPRINTF int lwres__print_sprintf(char *str, const char *format, ...) LWRES_FORMAT_PRINTF(2, 3); +#ifdef sprintf +#undef sprintf +#endif #define sprintf lwres__print_sprintf #endif |
