# Copyright 2009, Wouter Wijngaards, NLnet Labs.
# BSD licensed.
#
-# Version 5
+# Version 4
# Changelog
-# 2009-08-07 Added openssl/conf.h header detection.
# 2009-07-14 U_CHAR detection improved for windows crosscompile.
# added ACX_FUNC_MALLOC
# fixup some #if to #ifdef
AC_CHECK_HEADERS([openssl/ssl.h],,, [AC_INCLUDES_DEFAULT])
AC_CHECK_HEADERS([openssl/err.h],,, [AC_INCLUDES_DEFAULT])
AC_CHECK_HEADERS([openssl/rand.h],,, [AC_INCLUDES_DEFAULT])
-AC_CHECK_HEADERS([openssl/conf.h],,, [AC_INCLUDES_DEFAULT])
])dnl End of ACX_SSL_CHECKS
dnl Check for SSL, where SSL is mandatory
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008
# Free Software Foundation, Inc.
-timestamp='2008-11-15'
+timestamp='2009-04-27'
# This file is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
case `/usr/bin/uname -p` in
sparc) echo sparc-icl-nx7; exit ;;
esac ;;
+ s390x:SunOS:*:*)
+ echo ${UNAME_MACHINE}-ibm-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+ exit ;;
sun4H:SunOS:5.*:*)
echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
exit ;;
# Note that the Sun cc does not turn __LP64__ into 1 like gcc does.
# This test works for both compilers.
if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then
- if echo '\n#ifdef __amd64\nIS_64BIT_ARCH\n#endif' | \
+ if (echo '#ifdef __amd64'; echo IS_64BIT_ARCH; echo '#endif') | \
(CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \
grep IS_64BIT_ARCH >/dev/null
then
pc:*:*:*)
# Left here for compatibility:
# uname -m prints for DJGPP always 'pc', but it prints nothing about
- # the processor, so we play safe by assuming i386.
- echo i386-pc-msdosdjgpp
+ # the processor, so we play safe by assuming i586.
+ # Note: whatever this is, it MUST be the same as what config.sub
+ # prints for the "djgpp" host, or else GDB configury will decide that
+ # this is a cross-build.
+ echo i586-pc-msdosdjgpp
exit ;;
Intel:Mach:3*:*)
echo i386-pc-mach3
3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*)
/bin/uname -p 2>/dev/null | grep 86 >/dev/null \
&& { echo i486-ncr-sysv4; exit; } ;;
+ NCR*:*:4.2:* | MPRAS*:*:4.2:*)
+ OS_REL='.3'
+ test -r /etc/.relid \
+ && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid`
+ /bin/uname -p 2>/dev/null | grep 86 >/dev/null \
+ && { echo i486-ncr-sysv4.3${OS_REL}; exit; }
+ /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \
+ && { echo i586-ncr-sysv4.3${OS_REL}; exit; }
+ /bin/uname -p 2>/dev/null | /bin/grep pteron >/dev/null \
+ && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;;
m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*)
echo m68k-unknown-lynxos${UNAME_RELEASE}
exit ;;
i*86:rdos:*:*)
echo ${UNAME_MACHINE}-pc-rdos
exit ;;
+ i*86:AROS:*:*)
+ echo ${UNAME_MACHINE}-pc-aros
+ exit ;;
esac
#echo '(No uname command or uname output not recognized.)' 1>&2
/* Define to 1 if you have the <openssl/conf.h> header file. */
#undef HAVE_OPENSSL_CONF_H
+/* Define to 1 if you have the <openssl/engine.h> header file. */
+#undef HAVE_OPENSSL_ENGINE_H
+
/* Define to 1 if you have the <openssl/err.h> header file. */
#undef HAVE_OPENSSL_ERR_H
#include <openssl/conf.h>
#endif
+#ifdef HAVE_OPENSSL_ENGINE_H
+#include <openssl/engine.h>
+#endif
+
#ifdef HAVE_ATTR_FORMAT
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008
# Free Software Foundation, Inc.
-timestamp='2008-09-08'
+timestamp='2009-04-17'
# This file is (in principle) common to ALL GNU software.
# The presence of a machine in this file suggests that SOME GNU software
case $maybe_os in
nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \
uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \
+ kopensolaris*-gnu* | \
storm-chaos* | os2-emx* | rtmk-nova*)
os=-$maybe_os
basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
| h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
| i370 | i860 | i960 | ia64 \
| ip2k | iq2000 \
+ | lm32 \
| m32c | m32r | m32rle | m68000 | m68k | m88k \
| maxq | mb | microblaze | mcore | mep | metag \
| mips | mipsbe | mipseb | mipsel | mipsle \
| mipsisa64sr71k | mipsisa64sr71kel \
| mipstx39 | mipstx39el \
| mn10200 | mn10300 \
+ | moxie \
| mt \
| msp430 \
| nios | nios2 \
| powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \
| pyramid \
| score \
- | sh | sh[1234] | sh[24]a | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \
+ | sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \
| sh64 | sh64le \
| sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \
| sparcv8 | sparcv9 | sparcv9b | sparcv9v \
| hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \
| i*86-* | i860-* | i960-* | ia64-* \
| ip2k-* | iq2000-* \
+ | lm32-* \
| m32c-* | m32r-* | m32rle-* \
| m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \
| m88110-* | m88k-* | maxq-* | mcore-* | metag-* \
| powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \
| pyramid-* \
| romp-* | rs6000-* \
- | sh-* | sh[1234]-* | sh[24]a-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \
+ | sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \
| shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
| sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \
| sparclite-* \
basic_machine=m68k-apollo
os=-bsd
;;
+ aros)
+ basic_machine=i386-pc
+ os=-aros
+ ;;
aux)
basic_machine=m68k-apple
os=-aux
we32k)
basic_machine=we32k-att
;;
- sh[1234] | sh[24]a | sh[34]eb | sh[1234]le | sh[23]ele)
+ sh[1234] | sh[24]a | sh[24]aeb | sh[34]eb | sh[1234]le | sh[23]ele)
basic_machine=sh-unknown
;;
sparc | sparcv8 | sparcv9 | sparcv9b | sparcv9v)
-gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \
| -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\
| -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \
+ | -kopensolaris* \
| -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \
- | -aos* \
+ | -aos* | -aros* \
| -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \
| -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \
| -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \
done
-for ac_header in openssl/conf.h
-do
-as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
-{ $as_echo "$as_me:$LINENO: checking for $ac_header" >&5
-$as_echo_n "checking for $ac_header... " >&6; }
-if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
- $as_echo_n "(cached) " >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-
-#include <$ac_header>
-_ACEOF
-rm -f conftest.$ac_objext
-if { (ac_try="$ac_compile"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
-$as_echo "$ac_try_echo") >&5
- (eval "$ac_compile") 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } && {
- test -z "$ac_c_werror_flag" ||
- test ! -s conftest.err
- } && test -s conftest.$ac_objext; then
- eval "$as_ac_Header=yes"
-else
- $as_echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- eval "$as_ac_Header=no"
-fi
-
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-ac_res=`eval 'as_val=${'$as_ac_Header'}
- $as_echo "$as_val"'`
- { $as_echo "$as_me:$LINENO: result: $ac_res" >&5
-$as_echo "$ac_res" >&6; }
-as_val=`eval 'as_val=${'$as_ac_Header'}
- $as_echo "$as_val"'`
- if test "x$as_val" = x""yes; then
- cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-
# check if libssl needs libdl
rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
conftest$ac_exeext conftest.$ac_ext
+for ac_header in openssl/conf.h
+do
+as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
+{ $as_echo "$as_me:$LINENO: checking for $ac_header" >&5
+$as_echo_n "checking for $ac_header... " >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
+ $as_echo_n "(cached) " >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+
+#include <$ac_header>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
+$as_echo "$ac_try_echo") >&5
+ (eval "$ac_compile") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ eval "$as_ac_Header=yes"
+else
+ $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ eval "$as_ac_Header=no"
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+ac_res=`eval 'as_val=${'$as_ac_Header'}
+ $as_echo "$as_val"'`
+ { $as_echo "$as_me:$LINENO: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+as_val=`eval 'as_val=${'$as_ac_Header'}
+ $as_echo "$as_val"'`
+ if test "x$as_val" = x""yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+
+for ac_header in openssl/engine.h
+do
+as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
+{ $as_echo "$as_me:$LINENO: checking for $ac_header" >&5
+$as_echo_n "checking for $ac_header... " >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
+ $as_echo_n "(cached) " >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+
+#include <$ac_header>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
+$as_echo "$ac_try_echo") >&5
+ (eval "$ac_compile") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ eval "$as_ac_Header=yes"
+else
+ $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ eval "$as_ac_Header=no"
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+ac_res=`eval 'as_val=${'$as_ac_Header'}
+ $as_echo "$as_val"'`
+ { $as_echo "$as_me:$LINENO: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+as_val=`eval 'as_val=${'$as_ac_Header'}
+ $as_echo "$as_val"'`
+ if test "x$as_val" = x""yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+
# Checks for libraries.
ACX_WITH_SSL
ACX_LIB_SSL
+AC_CHECK_HEADERS([openssl/conf.h],,, [AC_INCLUDES_DEFAULT])
+AC_CHECK_HEADERS([openssl/engine.h],,, [AC_INCLUDES_DEFAULT])
AC_CHECK_FUNCS([OPENSSL_config EVP_sha1 EVP_sha256 EVP_sha512])
AC_ARG_ENABLE(sha2, AC_HELP_STRING([--enable-sha2], [Enable SHA256 and SHA512 RRSIG support, experimental]))
#ifdef HAVE_OPENSSL_CONF_H
#include <openssl/conf.h>
#endif
+
+#ifdef HAVE_OPENSSL_ENGINE_H
+#include <openssl/engine.h>
+#endif
]
AHX_CONFIG_FORMAT_ATTRIBUTE
/* libcrypto cleanup */
#ifdef HAVE_OPENSSL_CONFIG
EVP_cleanup();
- /*ENGINE_cleanup();*/
+ ENGINE_cleanup();
CONF_modules_free();
#endif
CRYPTO_cleanup_all_ex_data(); /* safe, no more threads right now */
+24 August 2009: Wouter
+ - cleaner memory allocation on exit. autotrust test routines.
+
21 August 2009: Wouter
- autotrust: debug routines. Read,write and conversions work.
#include "util/data/msgparse.h"
#include "util/data/msgreply.h"
#include "util/data/msgencode.h"
+#include "util/config_file.h"
#include "services/listen_dnsport.h"
#include "services/outside_network.h"
#include "testcode/replay.h"
#endif
}
+void
+fake_temp_file(const char* adj, const char* id, char* buf, size_t len)
+{
+#ifdef USE_WINSOCK
+ snprintf(buf, len, "testbound_%u%s%s.tmp",
+ (unsigned)getpid(), adj, id);
+#else
+ snprintf(buf, len, "/tmp/testbound_%u%s%s.tmp",
+ (unsigned)getpid(), adj, id);
+#endif
+}
+
void
fake_event_init(struct replay_scenario* scen)
{
case repevt_time_passes: return "TIME_PASSES";
case repevt_back_reply: return "REPLY";
case repevt_back_query: return "CHECK_OUT_QUERY";
+ case repevt_autotrust_check: return "CHECK_AUTOTRUST";
case repevt_error: return "ERROR";
default: return "UNKNOWN";
}
#endif
}
+/** check autotrust file contents */
+static void
+autotrust_check(struct replay_moment* mom)
+{
+ char name[1024], line[1024];
+ FILE *in;
+ int lineno = 0, oke=1;
+ struct config_strlist* p;
+ line[sizeof(line)-1] = 0;
+ log_assert(mom->autotrust_id);
+ fake_temp_file("_auto_", mom->autotrust_id, name, sizeof(name));
+ in = fopen(name, "r");
+ if(!in) fatal_exit("could not open %s: %s", name, strerror(errno));
+ for(p=mom->file_content; p; p=p->next) {
+ lineno++;
+ if(!fgets(line, (int)sizeof(line)-1, in)) {
+ log_err("autotrust check failed, could not read line");
+ log_err("file %s, line %d", name, lineno);
+ log_err("should be: %s", p->str);
+ fatal_exit("autotrust_check failed");
+ }
+ if(line[0]) line[strlen(line)-1] = 0; /* remove newline */
+ if(strcmp(p->str, line) != 0) {
+ log_err("mismatch in file %s, line %d", name, lineno);
+ log_err("file has : %s", line);
+ log_err("should be: %s", p->str);
+ oke = 0;
+ continue;
+ }
+ fprintf(stderr, "%s:%2d ok : %s\n", name, lineno, line);
+ }
+ if(fgets(line, (int)sizeof(line)-1, in)) {
+ log_err("autotrust check failed, extra lines in %s after %d",
+ name, lineno);
+ do {
+ fprintf(stderr, "file has: %s", line);
+ } while(fgets(line, (int)sizeof(line)-1, in));
+ oke = 0;
+ }
+ fclose(in);
+ if(!oke)
+ fatal_exit("autotrust_check STEP %d failed", mom->time_step);
+ log_info("autotrust %s is OK", mom->autotrust_id);
+}
+
/**
* Advance to the next moment.
*/
time_passes(runtime, runtime->now);
advance_moment(runtime);
break;
+ case repevt_autotrust_check:
+ autotrust_check(runtime->now);
+ advance_moment(runtime);
+ break;
default:
fatal_exit("testbound: unknown event type %d",
runtime->now->evt_type);
*/
void fake_event_cleanup();
+/**
+ * Get filename to store temporary config stuff. The pid is added. in /tmp.
+ * @param adj: adjective, like "_cfg_", "_auto_"
+ * @param id: identifier, like "example.com".
+ * @param buf: where to store.
+ * @param len: length of buf.
+ */
+void fake_temp_file(const char* adj, const char* id, char* buf, size_t len);
+
#endif /* TESTCODE_FAKE_EVENT_H */
#include "config.h"
#include "util/log.h"
#include "util/net_help.h"
+#include "util/config_file.h"
#include "testcode/replay.h"
#include "testcode/ldns-testpkts.h"
if(mom->match) {
delete_entry(mom->match);
}
+ free(mom->autotrust_id);
+ config_delstrlist(mom->file_content);
free(mom);
}
return NULL;
}
+/** Read FILE match content */
+static void
+read_file_content(FILE* in, int* lineno, struct replay_moment* mom)
+{
+ char line[MAX_LINE_LEN];
+ char* remain = line;
+ struct config_strlist** last = &mom->file_content;
+ line[MAX_LINE_LEN-1]=0;
+ if(!fgets(line, MAX_LINE_LEN-1, in))
+ fatal_exit("FILE_BEGIN expected at line %d", *lineno);
+ if(!parse_keyword(&remain, "FILE_BEGIN"))
+ fatal_exit("FILE_BEGIN expected at line %d", *lineno);
+ while(fgets(line, MAX_LINE_LEN-1, in)) {
+ (*lineno)++;
+ if(strncmp(line, "FILE_END", 8) == 0) {
+ return;
+ }
+ if(line[0]) line[strlen(line)-1] = 0; /* remove newline */
+ if(!cfg_strlist_insert(last, strdup(line)))
+ fatal_exit("malloc failure");
+ last = &( (*last)->next );
+ }
+ fatal_exit("no FILE_END in input file");
+}
+
/**
* Read a replay moment 'STEP' from file.
* @param remain: Rest of line (after STEP keyword).
mom->evt_type = repevt_timeout;
} else if(parse_keyword(&remain, "TIME_PASSES")) {
mom->evt_type = repevt_time_passes;
+ } else if(parse_keyword(&remain, "CHECK_AUTOTRUST")) {
+ mom->evt_type = repevt_autotrust_check;
+ while(isspace((int)*remain))
+ remain++;
+ if(strlen(remain)>0 && remain[strlen(remain)-1]=='\n')
+ remain[strlen(remain)-1] = 0;
+ mom->autotrust_id = strdup(remain);
+ read_file_content(in, lineno, mom);
} else if(parse_keyword(&remain, "ERROR")) {
mom->evt_type = repevt_error;
} else {
* <pre>
* File format for replay files.
*
+ * ; unbound.conf options.
+ * ; ...
+ * ; additional commandline options to pass to unbound
+ * COMMANDLINE cmdline_option
+ * ; autotrust key file contents, also adds auto-trust-anchor-file: "x" to cfg
+ * AUTOTRUST_FILE id
+ * ; contents of that file
+ * AUTOTRUST_END
+ * CONFIG_END
* ; comment line.
* SCENARIO_BEGIN name_of_scenario
* RANGE_BEGIN start_time end_time
* o TIMEOUT
* o TIME_PASSES ELAPSE [seconds] - increase 'now' time counter, can be
* a floating point number.
+ * o CHECK_AUTOTRUST [id] - followed by FILE_BEGIN [to match] FILE_END.
* o ERROR
* ; following entry starts on the next line, ENTRY_BEGIN.
* ; more STEP items
repevt_back_reply,
/** test fails if query to the network does not match */
repevt_back_query,
+ /** check autotrust key file */
+ repevt_autotrust_check,
/** an error happens to outbound query */
repevt_error
}
* Unused at this time.
*/
ldns_rr* qname;
+
+ /** the autotrust file id to check */
+ char* autotrust_id;
+ /** file contents to match, one string per line */
+ struct config_strlist* file_content;
};
/**
#include "testcode/replay.h"
#include "testcode/fake_event.h"
#include "daemon/remote.h"
+#include "util/config_file.h"
/**
* include the main program from the unbound daemon.
/** maximum line length for lines in the replay file. */
#define MAX_LINE_LEN 1024
-/** the config file (removed at exit) */
-static char cfgfile[MAX_LINE_LEN];
+/** config files (removed at exit) */
+static struct config_strlist* cfgfiles = NULL;
/** give commandline usage for testbound. */
static void
fprintf(stderr, "\n");
}
+/** spool autotrust file */
+static void
+spool_auto_file(FILE* in, int* lineno, FILE* cfg, char* id)
+{
+ char line[MAX_LINE_LEN];
+ char* parse;
+ FILE* spool;
+ /* find filename for new file */
+ while(isspace((int)*id))
+ id++;
+ if(strlen(id)==0)
+ fatal_exit("AUTROTRUST_FILE must have id, line %d", *lineno);
+ id[strlen(id)-1]=0; /* remove newline */
+ fake_temp_file("_auto_", id, line, sizeof(line));
+ /* add option for the file */
+ fprintf(cfg, "server: auto-trust-anchor-file: \"%s\"\n", line);
+ /* open file and spool to it */
+ spool = fopen(line, "w");
+ if(!spool) fatal_exit("could not open %s: %s", line, strerror(errno));
+ fprintf(stderr, "testbound is spooling key file: %s\n", line);
+ if(!cfg_strlist_insert(&cfgfiles, strdup(line)))
+ fatal_exit("out of memory");
+ line[sizeof(line)-1] = 0;
+ while(fgets(line, MAX_LINE_LEN-1, in)) {
+ parse = line;
+ (*lineno)++;
+ while(isspace((int)*parse))
+ parse++;
+ if(strncmp(parse, "AUTOTRUST_END", 13) == 0) {
+ fclose(spool);
+ return;
+ }
+ fputs(line, spool);
+ }
+ fatal_exit("no AUTOTRUST_END in input file");
+}
+
/** process config elements */
static void
-setup_config(FILE* in, char* configfile, int* lineno,
- int* pass_argc, char* pass_argv[])
+setup_config(FILE* in, int* lineno, int* pass_argc, char* pass_argv[])
{
+ char configfile[MAX_LINE_LEN];
char line[MAX_LINE_LEN];
char* parse;
FILE* cfg;
-#ifdef USE_WINSOCK
- snprintf(configfile, MAX_LINE_LEN, "testbound_cfg_%u.tmp",
- (unsigned)getpid());
-#else
- snprintf(configfile, MAX_LINE_LEN, "/tmp/testbound_cfg_%u.tmp",
- (unsigned)getpid());
-#endif
+ fake_temp_file("_cfg", "", configfile, sizeof(configfile));
add_opts("-c", pass_argc, pass_argv);
add_opts(configfile, pass_argc, pass_argv);
cfg = fopen(configfile, "w");
if(!cfg) fatal_exit("could not open %s: %s",
configfile, strerror(errno));
- line[MAX_LINE_LEN-1] = 0;
+ if(!cfg_strlist_insert(&cfgfiles, strdup(configfile)))
+ fatal_exit("out of memory");
+ line[sizeof(line)-1] = 0;
/* some basic settings to not pollute the host system */
fprintf(cfg, "server: use-syslog: no\n");
fprintf(cfg, " directory: \"\"\n");
add_opts(parse+11, pass_argc, pass_argv);
continue;
}
+ if(strncmp(parse, "AUTOTRUST_FILE", 14) == 0) {
+ spool_auto_file(in, lineno, cfg, parse+14);
+ continue;
+ }
if(strncmp(parse, "CONFIG_END", 10) == 0) {
fclose(cfg);
return;
/** read playback file */
static struct replay_scenario*
-setup_playback(const char* filename, char* configfile,
- int* pass_argc, char* pass_argv[])
+setup_playback(const char* filename, int* pass_argc, char* pass_argv[])
{
struct replay_scenario* scen = NULL;
int lineno = 0;
perror(filename);
exit(1);
}
- setup_config(in, configfile, &lineno, pass_argc, pass_argv);
+ setup_config(in, &lineno, pass_argc, pass_argv);
scen = replay_scenario_read(in, filename, &lineno);
fclose(in);
if(!scen)
/** remove config file at exit */
void remove_configfile(void)
{
- unlink(cfgfile);
+ struct config_strlist* p;
+ for(p=cfgfiles; p; p=p->next)
+ unlink(p->str);
+ config_delstrlist(cfgfiles);
+ cfgfiles = NULL;
}
-
+
/**
* Main fake event test program. Setup, teardown and report errors.
* @param argc: arg count.
log_init(NULL, 0, NULL);
log_info("Start of %s testbound program.", PACKAGE_STRING);
/* determine commandline options for the daemon */
- cfgfile[0] = 0;
pass_argc = 1;
pass_argv[0] = "unbound";
add_opts("-d", &pass_argc, pass_argv);
fatal_exit("atexit() failed: %s", strerror(errno));
/* setup test environment */
- scen = setup_playback(playback_file, cfgfile, &pass_argc, pass_argv);
+ scen = setup_playback(playback_file, &pass_argc, pass_argv);
/* init fake event backend */
fake_event_init(scen);
--- /dev/null
+; config options
+server:
+ target-fetch-policy: "0 0 0 0 0"
+ log-time-ascii: yes
+stub-zone:
+ name: "."
+ stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET.
+; initial content (say from dig example.com DNSKEY > example.com.key)
+AUTOTRUST_FILE example.com
+example.com. 10800 IN DNSKEY 257 3 5 AwEAAc3Z5DQDJpH4oPdNtC4BUQHk50XMD+dHr4r8psHmivIa83hxR5CRgCtd9sENCW9Ae8OIO19xw9t/RPaEAqQa+OE= ;{id = 55582 (ksk), size = 512b}
+example.com. 10800 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b}
+AUTOTRUST_END
+CONFIG_END
+
+SCENARIO_BEGIN Test autotrust with initial trust anchor
+
+; K-ROOT
+RANGE_BEGIN 0 100
+ ADDRESS 193.0.14.129
+ENTRY_BEGIN
+MATCH opcode qname qtype
+ADJUST copy_id copy_query
+REPLY QR AA
+SECTION QUESTION
+. IN NS
+SECTION ANSWER
+. IN NS k.root-servers.net.
+SECTION ADDITIONAL
+k.root-servers.net IN A 193.0.14.129
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode subdomain
+ADJUST copy_id copy_query
+REPLY QR
+SECTION QUESTION
+com. IN NS
+SECTION AUTHORITY
+com. IN NS a.gtld-servers.net.
+SECTION ADDITIONAL
+a.gtld-servers.net. IN A 192.5.6.30
+ENTRY_END
+RANGE_END
+
+; a.gtld-servers.net.
+RANGE_BEGIN 0 100
+ ADDRESS 192.5.6.30
+ENTRY_BEGIN
+MATCH opcode subdomain
+ADJUST copy_id copy_query
+REPLY QR
+SECTION QUESTION
+example.com. IN NS
+SECTION AUTHORITY
+example.com. IN NS ns.example.com.
+SECTION ADDITIONAL
+ns.example.com. IN A 1.2.3.4
+ENTRY_END
+RANGE_END
+
+; ns.example.com.
+RANGE_BEGIN 0 100
+ ADDRESS 1.2.3.4
+ENTRY_BEGIN
+MATCH opcode qname qtype
+ADJUST copy_id
+REPLY QR AA
+SECTION QUESTION
+www.example.com. IN A
+SECTION ANSWER
+www.example.com. 3600 IN A 10.20.30.40
+www.example.com. 3600 IN RRSIG A 5 3 3600 20090924111500 20090821111500 30899 example.com. pYGxVLsWUvOp1wSf0iwPap+JnECfC5GAm1lRqy3YEqecNGld7U7x/5Imo3CerbdZrVptUQs2oH0lcjwYJXMnsw== ;{id = 30899}
+SECTION AUTHORITY
+example.com. 3600 IN NS ns.example.com.
+example.com. 3600 IN RRSIG NS 5 2 3600 20090924111500 20090821111500 30899 example.com. J5wxRq0jgwQL6yy530kvo9cHqNAUHV8IF4dvaYZL0bNraO2Oe6dVXqlJl4+cxNHI2TMsstwFPr2Zz8tv6Az2mQ== ;{id = 30899}
+SECTION ADDITIONAL
+ns.example.com. 3600 IN A 1.2.3.4
+ns.example.com. 3600 IN RRSIG A 5 3 3600 20090924111500 20090821111500 30899 example.com. JsXbS18oyc0zkVaOWGSFdIQuOsZKflT0GraT9afDPoWLCgH4ApF7jNgfJV7Pqy1sTBRajME5IUAhpANwGBuW4A== ;{id = 30899}
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qname qtype
+ADJUST copy_id
+REPLY QR AA
+SECTION QUESTION
+example.com. IN DNSKEY
+SECTION ANSWER
+; KSK 1
+example.com. 10800 IN DNSKEY 257 3 5 AwEAAc3Z5DQDJpH4oPdNtC4BUQHk50XMD+dHr4r8psHmivIa83hxR5CRgCtd9sENCW9Ae8OIO19xw9t/RPaEAqQa+OE= ;{id = 55582 (ksk), size = 512b}
+; ZSK 1
+example.com. 10800 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (ksk), size = 512b}
+; signatures
+example.com. 10800 IN RRSIG DNSKEY 5 2 10800 20090924111500 20090821111500 30899 example.com. b/HK231jIQLX8IhlZfup3r0yhpXaasbPE6LzxoEVVvWaTZWcLmeV8jDIcn0qO7Yvs7bIJN20lwVAV0GcHH3hWQ== ;{id = 30899}
+example.com. 10800 IN RRSIG DNSKEY 5 2 10800 20090924111500 20090821111500 55582 example.com. PCHme1QLoULxqjhg5tMlpR0qJlBfstEUVq18TtNoKQe9le1YhJ9caheXcTWoK+boLhXxg9u6Yyvq8FboQh0OjA== ;{id = 55582}
+
+ENTRY_END
+RANGE_END
+
+; set date/time to Aug 24 09:46:40 (2009).
+STEP 5 TIME_PASSES ELAPSE 1251100000
+
+STEP 10 QUERY
+ENTRY_BEGIN
+REPLY RD DO
+SECTION QUESTION
+www.example.com. IN A
+ENTRY_END
+
+STEP 20 CHECK_ANSWER
+ENTRY_BEGIN
+MATCH all
+REPLY QR RD RA AD NOERROR
+SECTION QUESTION
+www.example.com. IN A
+SECTION ANSWER
+www.example.com. 3600 IN A 10.20.30.40
+www.example.com. 3600 IN RRSIG A 5 3 3600 20090924111500 20090821111500 30899 example.com. pYGxVLsWUvOp1wSf0iwPap+JnECfC5GAm1lRqy3YEqecNGld7U7x/5Imo3CerbdZrVptUQs2oH0lcjwYJXMnsw== ;{id = 30899}
+SECTION AUTHORITY
+example.com. 3600 IN NS ns.example.com.
+example.com. 3600 IN RRSIG NS 5 2 3600 20090924111500 20090821111500 30899 example.com. J5wxRq0jgwQL6yy530kvo9cHqNAUHV8IF4dvaYZL0bNraO2Oe6dVXqlJl4+cxNHI2TMsstwFPr2Zz8tv6Az2mQ== ;{id = 30899}
+SECTION ADDITIONAL
+ns.example.com. 3600 IN A 1.2.3.4
+ns.example.com. 3600 IN RRSIG A 5 3 3600 20090924111500 20090821111500 30899 example.com. JsXbS18oyc0zkVaOWGSFdIQuOsZKflT0GraT9afDPoWLCgH4ApF7jNgfJV7Pqy1sTBRajME5IUAhpANwGBuW4A== ;{id = 30899}
+ENTRY_END
+
+; The autotrust anchor was probed due to the query.
+
+STEP 30 CHECK_AUTOTRUST example.com
+FILE_BEGIN
+; autotrust trust anchor file
+;;id: example.com. 1
+;;last_queried: 1251100000 ;;Mon Aug 24 09:46:40 2009
+;;last_success: 1251100000 ;;Mon Aug 24 09:46:40 2009
+;;next_probe_time: 0 ;;Thu Jan 1 01:00:00 1970
+;;query_failed: 0
+;;query_interval: 5400
+;;retry_time: 3600
+example.com. 10800 IN DNSKEY 257 3 5 AwEAAc3Z5DQDJpH4oPdNtC4BUQHk50XMD+dHr4r8psHmivIa83hxR5CRgCtd9sENCW9Ae8OIO19xw9t/RPaEAqQa+OE= ;{id = 55582 (ksk), size = 512b} ;;state=2 [ VALID ] ;;count=0 ;;lastchange=1251100000 ;;Mon Aug 24 09:46:40 2009
+FILE_END
+
+SCENARIO_END
return;
/* elements deleted by parent, nothing to do */
memset(global, 0, sizeof(*global));
+ free(global);
}
int probetree_cmp(const void* x, const void* y)
timestamp = atoi(comments);
}
if (pos < 0 || !timestamp)
- {
- /* Should we warn about this? It happens for key priming.
- verbose_key(ta, VERB_OPS, "has no timestamp, "
- "considered NOW");
- */
- /* cannot use event base timeptr, because not inited yet */
- ta->last_change = (uint32_t)time(NULL);
- }
+ ta->last_change = 0;
else
ta->last_change = (uint32_t)timestamp;
void autr_point_delete(struct trust_anchor* tp)
{
- struct autr_ta* p, *np;
if(!tp)
return;
lock_unprotect(&tp->lock, tp);
lock_basic_destroy(&tp->lock);
autr_rrset_delete(tp->ds_rrset);
autr_rrset_delete(tp->dnskey_rrset);
- p = tp->autr->keys;
- while(p) {
- np = p->next;
- ldns_rr_free(p->rr);
- free(p);
- p = np;
+ if(tp->autr) {
+ struct autr_ta* p = tp->autr->keys, *np;
+ while(p) {
+ np = p->next;
+ ldns_rr_free(p->rr);
+ free(p);
+ p = np;
+ }
+ free(tp->autr->file);
+ free(tp->autr);
}
- free(tp->autr);
free(tp->name);
free(tp);
}
/* KeyRem: MISSING */
else if (!anchor->fetched)
do_keyrem(env, anchor, c);
+ else if(!anchor->last_change) {
+ verbose_key(anchor, VERB_ALGO, "first prime");
+ reset_holddown(env, anchor, c);
+ }
break;
/* MISSING */
case AUTR_STATE_MISSING:
prevp = &tp->autr->keys;
while(p) {
/* do we want to remove this key? */
- if(p->s == AUTR_STATE_START || p->s == AUTR_STATE_REMOVED) {
+ if(p->s == AUTR_STATE_START || p->s == AUTR_STATE_REMOVED ||
+ !rr_is_dnskey_sep(p->rr)) {
struct autr_ta* np = p->next;
/* remove */
ldns_rr_free(p->rr);
p = np;
continue;
}
+ /* remove pending counts if no longer pending */
+ if(p->s != AUTR_STATE_ADDPEND)
+ p->pending_count = 0;
prevp = &p->next;
p = p->next;
}
*/
struct autr_point_data {
/** file to store the trust point in. chrootdir already applied. */
- const char* file;
+ char* file;
/** rbtree node for probe sort, key is struct trust_anchor */
rbnode_t pnode;
projects / thirdparty / unbound.git / commitdiff
