From: Thomas Markwalder Date: Thu, 29 Jun 2017 12:50:56 +0000 (-0400) Subject: [master] Removed obsolete source directory minires. X-Git-Tag: v4_4_0b1_f1~74 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=30afd7dbfa4c60736ee926e6621631b0a3bc9523;p=thirdparty%2Fdhcp.git [master] Removed obsolete source directory minires. Merges in rt45471. --- diff --git a/RELNOTES b/RELNOTES index 1926baf1c..12be10d02 100644 --- a/RELNOTES +++ b/RELNOTES @@ -176,6 +176,11 @@ by Eric Young (eay@cryptsoft.com). [ISC-bugs #19430] [ISC-bugs #18111] +- The directory minires has been removed from the source tree. It has + long been obsolete for branches other than v4_1_esv. Additonally, + includes/minires.h was renamed includes/ns_name.h. + [ISC-bugs #45471] + Changes since 4.3.0 (bug fixes) - Tidy up several small tickets. diff --git a/common/dns.c b/common/dns.c index 2ca4ba8b4..18ad70405 100644 --- a/common/dns.c +++ b/common/dns.c @@ -608,55 +608,6 @@ ddns_cb_forget_zone(dhcp_ddns_cb_t *ddns_cb) ISC_LINK_INIT(&ddns_cb->zone_addrs[i], link); } } - -isc_result_t find_tsig_key (ns_tsig_key **key, const char *zname, - struct dns_zone *zone) -{ - ns_tsig_key *tkey; - - if (!zone) - return ISC_R_NOTFOUND; - - if (!zone -> key) { - return DHCP_R_KEY_UNKNOWN; - } - - if ((!zone -> key -> name || - strlen (zone -> key -> name) > NS_MAXDNAME) || - (!zone -> key -> algorithm || - strlen (zone -> key -> algorithm) > NS_MAXDNAME) || - (!zone -> key) || - (!zone -> key -> key) || - (zone -> key -> key -> len == 0)) { - return DHCP_R_INVALIDKEY; - } - tkey = dmalloc (sizeof *tkey, MDL); - if (!tkey) { - nomem: - return ISC_R_NOMEMORY; - } - memset (tkey, 0, sizeof *tkey); - tkey -> data = dmalloc (zone -> key -> key -> len, MDL); - if (!tkey -> data) { - dfree (tkey, MDL); - goto nomem; - } - strcpy (tkey -> name, zone -> key -> name); - strcpy (tkey -> alg, zone -> key -> algorithm); - memcpy (tkey -> data, - zone -> key -> key -> value, zone -> key -> key -> len); - tkey -> len = zone -> key -> key -> len; - *key = tkey; - return ISC_R_SUCCESS; -} - -void tkey_free (ns_tsig_key **key) -{ - if ((*key) -> data) - dfree ((*key) -> data, MDL); - dfree ((*key), MDL); - *key = (ns_tsig_key *)0; -} #endif isc_result_t remove_dns_zone (struct dns_zone *zone) diff --git a/common/ns_name.c b/common/ns_name.c index 829fe146e..8630008b3 100644 --- a/common/ns_name.c +++ b/common/ns_name.c @@ -30,7 +30,7 @@ #include #include -#include "minires.h" +#include "ns_name.h" #include "arpa/nameser.h" /* Data. */ diff --git a/common/options.c b/common/options.c index b0dcab426..ba0a6ecda 100644 --- a/common/options.c +++ b/common/options.c @@ -2059,14 +2059,14 @@ const char *pretty_print_option (option, data, len, emit_commas, emit_quotes) /* If emit_quotes, then use ISC DHCP * escapes. Otherwise, rely only on - * ns_name_ntop(). + * MRns_name_ntop(). */ if (emit_quotes) { nbp = nbuff; pretty_domain(&op, endbuf-1, &nbp, nend); } else { - /* ns_name_ntop() includes + /* MRns_name_ntop() includes * a trailing NUL in its * count. */ @@ -3259,7 +3259,7 @@ int nwip_option_space_encapsulate (result, packet, lease, client_state, return status; } -/* We don't want to use ns_name_pton()...it doesn't tell us how many bytes +/* We don't want to use MRns_name_pton()...it doesn't tell us how many bytes * it has consumed, and it plays havoc with our escapes. * * So this function does DNS encoding, and returns either the number of diff --git a/includes/Makefile.am b/includes/Makefile.am index 185b397a5..0b10bd886 100644 --- a/includes/Makefile.am +++ b/includes/Makefile.am @@ -4,7 +4,7 @@ nobase_include_HEADERS = omapip/alloc.h omapip/buffer.h omapip/convert.h \ isc-dhcp/dst.h EXTRA_DIST = cdefs.h ctrace.h dhcp.h dhcp6.h dhcpd.h dhctoken.h failover.h \ - heap.h inet.h minires.h osdep.h site.h statement.h tree.h \ + heap.h inet.h ns_name.h osdep.h site.h statement.h tree.h \ t_api.h \ ldap_casa.h ldap_krb_helper.h \ arpa/nameser.h arpa/nameser_compat.h \ diff --git a/includes/Makefile.in b/includes/Makefile.in index d28906a19..db7780267 100644 --- a/includes/Makefile.in +++ b/includes/Makefile.in @@ -297,7 +297,7 @@ nobase_include_HEADERS = omapip/alloc.h omapip/buffer.h omapip/convert.h \ isc-dhcp/dst.h EXTRA_DIST = cdefs.h ctrace.h dhcp.h dhcp6.h dhcpd.h dhctoken.h failover.h \ - heap.h inet.h minires.h osdep.h site.h statement.h tree.h \ + heap.h inet.h ns_name.h osdep.h site.h statement.h tree.h \ t_api.h \ ldap_casa.h ldap_krb_helper.h \ arpa/nameser.h arpa/nameser_compat.h \ diff --git a/includes/arpa/nameser.h b/includes/arpa/nameser.h index eaa95f9e3..d0f64b828 100644 --- a/includes/arpa/nameser.h +++ b/includes/arpa/nameser.h @@ -211,36 +211,8 @@ typedef enum __ns_update_operation { ns_uop_max = 2 } ns_update_operation; -/* - * This structure is used for TSIG authenticated messages - */ -struct ns_tsig_key { - char name[NS_MAXDNAME], alg[NS_MAXDNAME]; - unsigned char *data; - unsigned len; -}; -typedef struct ns_tsig_key ns_tsig_key; - -/* - * This structure is used for TSIG authenticated TCP messages - */ -struct ns_tcp_tsig_state { - int counter; - struct dst_key *key; - void *ctx; - unsigned char sig[NS_PACKETSZ]; - unsigned siglen; -}; -typedef struct ns_tcp_tsig_state ns_tcp_tsig_state; - -#define NS_TSIG_FUDGE 300 -#define NS_TSIG_TCP_COUNT 100 #define NS_TSIG_ALG_HMAC_MD5 "HMAC-MD5.SIG-ALG.REG.INT" -#define NS_TSIG_ERROR_NO_TSIG -10 -#define NS_TSIG_ERROR_NO_SPACE -11 -#define NS_TSIG_ERROR_FORMERR -12 - /* * Currently defined type values for resources and queries. */ diff --git a/includes/dhcpd.h b/includes/dhcpd.h index 88fe22c6d..6ae123177 100644 --- a/includes/dhcpd.h +++ b/includes/dhcpd.h @@ -69,7 +69,7 @@ #include "arpa/nameser.h" -#include "minires.h" +#include "ns_name.h" struct hash_table; typedef struct hash_table group_hash_t; @@ -3139,8 +3139,6 @@ int dns_zone_dereference (struct dns_zone **, const char *, int); #if defined (NSUPDATE) #define FIND_FORWARD 0 #define FIND_REVERSE 1 -isc_result_t find_tsig_key (ns_tsig_key **, const char *, struct dns_zone *); -void tkey_free (ns_tsig_key **); isc_result_t find_cached_zone (dhcp_ddns_cb_t *, int); void forget_zone (struct dns_zone **); void repudiate_zone (struct dns_zone **); diff --git a/includes/minires.h b/includes/ns_name.h similarity index 89% rename from includes/minires.h rename to includes/ns_name.h index 2e6126c9a..ec7c02963 100644 --- a/includes/minires.h +++ b/includes/ns_name.h @@ -1,6 +1,5 @@ /* - * Copyright (c) 2014 by Internet Systems Consortium, Inc. ("ISC") - * Copyright (c) 2004,2007-2009 by Internet Systems Consortium, Inc. ("ISC") + * Copyright (c) 2004-2017 by Internet Systems Consortium, Inc. ("ISC") * Copyright (c) 2001-2003 by Internet Software Consortium * * Permission to use, copy, modify, and distribute this software for any @@ -21,8 +20,8 @@ * * http://www.isc.org/ */ -#ifndef MINIRES_H -#define MINIRES_H +#ifndef NS_NAME_H +#define NS_NAME_H #include "cdefs.h" #include "osdep.h" @@ -43,4 +42,4 @@ int MRns_name_pton(const char *, u_char *, size_t); int MRns_name_uncompress_list(const unsigned char*, int buflen, char*, size_t); int MRns_name_compress_list(const char*, int buflen, unsigned char*, size_t); -#endif /* MINIRES_H */ +#endif /* NS_NAME_H */ diff --git a/minires/.cvsignore b/minires/.cvsignore deleted file mode 100644 index 63f8570f9..000000000 --- a/minires/.cvsignore +++ /dev/null @@ -1,2 +0,0 @@ -.deps -Makefile diff --git a/minires/Makefile.am b/minires/Makefile.am deleted file mode 100644 index 6fc1df132..000000000 --- a/minires/Makefile.am +++ /dev/null @@ -1,8 +0,0 @@ -AM_CPPFLAGS = -DMINIRES_LIB -DHMAC_MD5 - -noinst_LIBRARIES = libres.a - -libres_a_SOURCES = res_mkupdate.c res_init.c res_update.c res_send.c \ - res_comp.c res_sendsigned.c res_findzonecut.c res_query.c \ - res_mkquery.c ns_date.c ns_parse.c ns_sign.c ns_name.c \ - ns_samedomain.c ns_verify.c diff --git a/minires/Makefile.in b/minires/Makefile.in deleted file mode 100644 index 616f38bd9..000000000 --- a/minires/Makefile.in +++ /dev/null @@ -1,554 +0,0 @@ -# Makefile.in generated by automake 1.14 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994-2013 Free Software Foundation, Inc. - -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' -am__make_running_with_option = \ - case $${target_option-} in \ - ?) ;; \ - *) echo "am__make_running_with_option: internal error: invalid" \ - "target option '$${target_option-}' specified" >&2; \ - exit 1;; \ - esac; \ - has_opt=no; \ - sane_makeflags=$$MAKEFLAGS; \ - if $(am__is_gnu_make); then \ - sane_makeflags=$$MFLAGS; \ - else \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - bs=\\; \ - sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ - | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ - esac; \ - fi; \ - skip_next=no; \ - strip_trailopt () \ - { \ - flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ - }; \ - for flg in $$sane_makeflags; do \ - test $$skip_next = yes && { skip_next=no; continue; }; \ - case $$flg in \ - *=*|--*) continue;; \ - -*I) strip_trailopt 'I'; skip_next=yes;; \ - -*I?*) strip_trailopt 'I';; \ - -*O) strip_trailopt 'O'; skip_next=yes;; \ - -*O?*) strip_trailopt 'O';; \ - -*l) strip_trailopt 'l'; skip_next=yes;; \ - -*l?*) strip_trailopt 'l';; \ - -[dEDm]) skip_next=yes;; \ - -[JT]) skip_next=yes;; \ - esac; \ - case $$flg in \ - *$$target_option*) has_opt=yes; break;; \ - esac; \ - done; \ - test $$has_opt = yes -am__make_dryrun = (target_option=n; $(am__make_running_with_option)) -am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -subdir = minires -DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ - $(top_srcdir)/depcomp -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/configure.ac -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/includes/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -LIBRARIES = $(noinst_LIBRARIES) -AR = ar -ARFLAGS = cru -AM_V_AR = $(am__v_AR_@AM_V@) -am__v_AR_ = $(am__v_AR_@AM_DEFAULT_V@) -am__v_AR_0 = @echo " AR " $@; -am__v_AR_1 = -libres_a_AR = $(AR) $(ARFLAGS) -libres_a_LIBADD = -am_libres_a_OBJECTS = res_mkupdate.$(OBJEXT) res_init.$(OBJEXT) \ - res_update.$(OBJEXT) res_send.$(OBJEXT) res_comp.$(OBJEXT) \ - res_sendsigned.$(OBJEXT) res_findzonecut.$(OBJEXT) \ - res_query.$(OBJEXT) res_mkquery.$(OBJEXT) ns_date.$(OBJEXT) \ - ns_parse.$(OBJEXT) ns_sign.$(OBJEXT) ns_name.$(OBJEXT) \ - ns_samedomain.$(OBJEXT) ns_verify.$(OBJEXT) -libres_a_OBJECTS = $(am_libres_a_OBJECTS) -AM_V_P = $(am__v_P_@AM_V@) -am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) -am__v_P_0 = false -am__v_P_1 = : -AM_V_GEN = $(am__v_GEN_@AM_V@) -am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) -am__v_GEN_0 = @echo " GEN " $@; -am__v_GEN_1 = -AM_V_at = $(am__v_at_@AM_V@) -am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) -am__v_at_0 = @ -am__v_at_1 = -DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)/includes -depcomp = $(SHELL) $(top_srcdir)/depcomp -am__depfiles_maybe = depfiles -am__mv = mv -f -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -AM_V_CC = $(am__v_CC_@AM_V@) -am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) -am__v_CC_0 = @echo " CC " $@; -am__v_CC_1 = -CCLD = $(CC) -LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -AM_V_CCLD = $(am__v_CCLD_@AM_V@) -am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) -am__v_CCLD_0 = @echo " CCLD " $@; -am__v_CCLD_1 = -SOURCES = $(libres_a_SOURCES) -DIST_SOURCES = $(libres_a_SOURCES) -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) -# Read a list of newline-separated strings from the standard input, -# and print each of them once, without duplicates. Input order is -# *not* preserved. -am__uniquify_input = $(AWK) '\ - BEGIN { nonempty = 0; } \ - { items[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in items) print i; }; } \ -' -# Make sure the list of sources is unique. This is necessary because, -# e.g., the same source file might be shared among _SOURCES variables -# for different programs/libraries. -am__define_uniq_tagged_files = \ - list='$(am__tagged_files)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | $(am__uniquify_input)` -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ -ATF_CFLAGS = @ATF_CFLAGS@ -ATF_LDFLAGS = @ATF_LDFLAGS@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -GREP = @GREP@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -LDAP_CFLAGS = @LDAP_CFLAGS@ -LDFLAGS = @LDFLAGS@ -LIBOBJS = @LIBOBJS@ -LIBS = @LIBS@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -RANLIB = @RANLIB@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -VERSION = @VERSION@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_prefix_program = @ac_prefix_program@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -byte_order = @byte_order@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -AM_CPPFLAGS = -DMINIRES_LIB -DHMAC_MD5 -noinst_LIBRARIES = libres.a -libres_a_SOURCES = res_mkupdate.c res_init.c res_update.c res_send.c \ - res_comp.c res_sendsigned.c res_findzonecut.c res_query.c \ - res_mkquery.c ns_date.c ns_parse.c ns_sign.c ns_name.c \ - ns_samedomain.c ns_verify.c - -all: all-am - -.SUFFIXES: -.SUFFIXES: .c .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign minires/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --foreign minires/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): - -clean-noinstLIBRARIES: - -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) - -libres.a: $(libres_a_OBJECTS) $(libres_a_DEPENDENCIES) $(EXTRA_libres_a_DEPENDENCIES) - $(AM_V_at)-rm -f libres.a - $(AM_V_AR)$(libres_a_AR) libres.a $(libres_a_OBJECTS) $(libres_a_LIBADD) - $(AM_V_at)$(RANLIB) libres.a - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ns_date.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ns_name.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ns_parse.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ns_samedomain.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ns_sign.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ns_verify.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/res_comp.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/res_findzonecut.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/res_init.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/res_mkquery.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/res_mkupdate.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/res_query.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/res_send.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/res_sendsigned.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/res_update.Po@am__quote@ - -.c.o: -@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< - -.c.obj: -@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` - -ID: $(am__tagged_files) - $(am__define_uniq_tagged_files); mkid -fID $$unique -tags: tags-am -TAGS: tags - -tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) - set x; \ - here=`pwd`; \ - $(am__define_uniq_tagged_files); \ - shift; \ - if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - if test $$# -gt 0; then \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - "$$@" $$unique; \ - else \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$unique; \ - fi; \ - fi -ctags: ctags-am - -CTAGS: ctags -ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) - $(am__define_uniq_tagged_files); \ - test -z "$(CTAGS_ARGS)$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && $(am__cd) $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) "$$here" -cscopelist: cscopelist-am - -cscopelist-am: $(am__tagged_files) - list='$(am__tagged_files)'; \ - case "$(srcdir)" in \ - [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ - *) sdir=$(subdir)/$(srcdir) ;; \ - esac; \ - for i in $$list; do \ - if test -f "$$i"; then \ - echo "$(subdir)/$$i"; \ - else \ - echo "$$sdir/$$i"; \ - fi; \ - done >> $(top_builddir)/cscope.files - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(LIBRARIES) -installdirs: -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-noinstLIBRARIES mostlyclean-am - -distclean: distclean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: - -.MAKE: install-am install-strip - -.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \ - clean-noinstLIBRARIES cscopelist-am ctags ctags-am distclean \ - distclean-compile distclean-generic distclean-tags distdir dvi \ - dvi-am html html-am info info-am install install-am \ - install-data install-data-am install-dvi install-dvi-am \ - install-exec install-exec-am install-html install-html-am \ - install-info install-info-am install-man install-pdf \ - install-pdf-am install-ps install-ps-am install-strip \ - installcheck installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic pdf pdf-am ps ps-am tags tags-am uninstall \ - uninstall-am - - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/minires/OBSOLETE b/minires/OBSOLETE deleted file mode 100644 index 3846c6d37..000000000 --- a/minires/OBSOLETE +++ /dev/null @@ -1 +0,0 @@ -This library is obsolete diff --git a/minires/ns_date.c b/minires/ns_date.c deleted file mode 100644 index bbefe5ef8..000000000 --- a/minires/ns_date.c +++ /dev/null @@ -1,132 +0,0 @@ -/* - * Copyright (c) 2009,2014 by Internet Systems Consortium, Inc. ("ISC") - * Copyright (c) 2004,2007 by Internet Systems Consortium, Inc. ("ISC") - * Copyright (c) 1999-2003 by Internet Software Consortium - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT - * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - * - * Internet Systems Consortium, Inc. - * 950 Charter Street - * Redwood City, CA 94063 - * - * https://www.isc.org/ - */ - -/* Import. */ - -#include -#include -#include -#include -#include - -#include -#include -#include - -#include "minires/minires.h" -#include "arpa/nameser.h" - -#ifdef SPRINTF_CHAR -# define SPRINTF(x) strlen(sprintf/**/x) -#else -# define SPRINTF(x) ((size_t)sprintf x) -#endif - -/* Forward. */ - -static int datepart(const char *, int, int, int, int *); - -/* Public. */ - -/* Convert a date in ASCII into the number of seconds since - 1 January 1970 (GMT assumed). Format is yyyymmddhhmmss, all - digits required, no spaces allowed. */ - -u_int32_t -ns_datetosecs(const char *cp, int *errp) { - struct tm time; - u_int32_t result; - int mdays, i; - static const int days_per_month[12] = - {31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}; - - if (strlen(cp) != 14) { - *errp = 1; - return (0); - } - *errp = 0; - - memset(&time, 0, sizeof time); - time.tm_year = datepart(cp + 0, 4, 1990, 9999, errp) - 1900; - time.tm_mon = datepart(cp + 4, 2, 01, 12, errp) - 1; - time.tm_mday = datepart(cp + 6, 2, 01, 31, errp); - time.tm_hour = datepart(cp + 8, 2, 00, 23, errp); - time.tm_min = datepart(cp + 10, 2, 00, 59, errp); - time.tm_sec = datepart(cp + 12, 2, 00, 59, errp); - if (*errp) /* Any parse errors? */ - return (0); - - /* - * OK, now because timegm() is not available in all environments, - * we will do it by hand. Roll up sleeves, curse the gods, begin! - */ - -#define SECS_PER_DAY ((u_int32_t)24*60*60) -#define isleap(y) ((((y) % 4) == 0 && ((y) % 100) != 0) || ((y) % 400) == 0) - - result = time.tm_sec; /* Seconds */ - result += time.tm_min * 60; /* Minutes */ - result += time.tm_hour * (60*60); /* Hours */ - result += (time.tm_mday - 1) * SECS_PER_DAY; /* Days */ - - /* Months are trickier. Look without leaping, then leap */ - mdays = 0; - for (i = 0; i < time.tm_mon; i++) - mdays += days_per_month[i]; - result += mdays * SECS_PER_DAY; /* Months */ - if (time.tm_mon > 1 && isleap(1900+time.tm_year)) - result += SECS_PER_DAY; /* Add leapday for this year */ - - /* First figure years without leapdays, then add them in. */ - /* The loop is slow, FIXME, but simple and accurate. */ - result += (time.tm_year - 70) * (SECS_PER_DAY*365); /* Years */ - for (i = 70; i < time.tm_year; i++) - if (isleap(1900+i)) - result += SECS_PER_DAY; /* Add leapday for prev year */ - - return (result); -} - -/* Private. */ - -/* - * Parse part of a date. Set error flag if any error. - * Don't reset the flag if there is no error. - */ -static int -datepart(const char *buf, int size, int min, int max, int *errp) { - int result = 0; - int i; - - for (i = 0; i < size; i++) { - if (!isdigit((unsigned char)buf[i])) - *errp = 1; - result = (result * 10) + buf[i] - '0'; - } - if (result < min) - *errp = 1; - if (result > max) - *errp = 1; - return (result); -} diff --git a/minires/ns_name.c b/minires/ns_name.c deleted file mode 100644 index dad5087f9..000000000 --- a/minires/ns_name.c +++ /dev/null @@ -1,652 +0,0 @@ -/* - * Copyright (c) 2004,2009,2014 by Internet Systems Consortium, Inc. ("ISC") - * Copyright (c) 1996-2003 by Internet Software Consortium - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT - * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - * - * Internet Systems Consortium, Inc. - * 950 Charter Street - * Redwood City, CA 94063 - * - * https://www.isc.org/ - */ - -#include - -#include -#include - -#include -#include -#include - -#include "minires/minires.h" -#include "arpa/nameser.h" - -/* Data. */ - -static const char digits[] = "0123456789"; - -/* Forward. */ - -static int special(int); -static int printable(int); -static int dn_find(const u_char *, const u_char *, - const u_char * const *, - const u_char * const *); - -/* Public. */ - -/* - * ns_name_ntop(src, dst, dstsiz) - * Convert an encoded domain name to printable ascii as per RFC1035. - * return: - * Number of bytes written to buffer, or -1 (with errno set) - * notes: - * The root is returned as "." - * All other domains are returned in non absolute form - */ -int -ns_name_ntop(const u_char *src, char *dst, size_t dstsiz) { - const u_char *cp; - char *dn, *eom; - u_char c; - u_int n; - - cp = src; - dn = dst; - eom = dst + dstsiz; - - if (dn >= eom) { - errno = EMSGSIZE; - return (-1); - } - - while ((n = *cp++) != 0) { - if ((n & NS_CMPRSFLGS) != 0) { - /* Some kind of compression pointer. */ - errno = EMSGSIZE; - return (-1); - } - if (dn != dst) { - if (dn >= eom) { - errno = EMSGSIZE; - return (-1); - } - *dn++ = '.'; - } - if (dn + n >= eom) { - errno = EMSGSIZE; - return (-1); - } - for ((void)NULL; n > 0; n--) { - c = *cp++; - if (special(c)) { - if (dn + 1 >= eom) { - errno = EMSGSIZE; - return (-1); - } - *dn++ = '\\'; - *dn++ = (char)c; - } else if (!printable(c)) { - if (dn + 3 >= eom) { - errno = EMSGSIZE; - return (-1); - } - *dn++ = '\\'; - *dn++ = digits[c / 100]; - *dn++ = digits[(c % 100) / 10]; - *dn++ = digits[c % 10]; - } else { - if (dn >= eom) { - errno = EMSGSIZE; - return (-1); - } - *dn++ = (char)c; - } - } - } - if (dn == dst) { - if (dn >= eom) { - errno = EMSGSIZE; - return (-1); - } - *dn++ = '.'; - } - if (dn >= eom) { - errno = EMSGSIZE; - return (-1); - } - *dn++ = '\0'; - return (dn - dst); -} - -/* - * ns_name_pton(src, dst, dstsiz) - * Convert a ascii string into an encoded domain name as per RFC1035. - * return: - * -1 if it fails - * 1 if string was fully qualified - * 0 is string was not fully qualified - * notes: - * Enforces label and domain length limits. - */ - -int -ns_name_pton(const char *src, u_char *dst, size_t dstsiz) { - u_char *label, *bp, *eom; - int c, n, escaped; - char *cp; - - escaped = 0; - bp = dst; - eom = dst + dstsiz; - label = bp++; - - while ((c = *src++) != 0) { - if (escaped) { - if ((cp = strchr(digits, c)) != NULL) { - n = (cp - digits) * 100; - if ((c = *src++) == 0 || - (cp = strchr(digits, c)) == NULL) { - errno = EMSGSIZE; - return (-1); - } - n += (cp - digits) * 10; - if ((c = *src++) == 0 || - (cp = strchr(digits, c)) == NULL) { - errno = EMSGSIZE; - return (-1); - } - n += (cp - digits); - if (n > 255) { - errno = EMSGSIZE; - return (-1); - } - c = n; - } - escaped = 0; - } else if (c == '\\') { - escaped = 1; - continue; - } else if (c == '.') { - c = (bp - label - 1); - if ((c & NS_CMPRSFLGS) != 0) { /* Label too big. */ - errno = EMSGSIZE; - return (-1); - } - if (label >= eom) { - errno = EMSGSIZE; - return (-1); - } - *label = c; - /* Fully qualified ? */ - if (*src == '\0') { - if (c != 0) { - if (bp >= eom) { - errno = EMSGSIZE; - return (-1); - } - *bp++ = '\0'; - } - if ((bp - dst) > MAXCDNAME) { - errno = EMSGSIZE; - return (-1); - } - return (1); - } - if (c == 0 || *src == '.') { - errno = EMSGSIZE; - return (-1); - } - label = bp++; - continue; - } - if (bp >= eom) { - errno = EMSGSIZE; - return (-1); - } - *bp++ = (u_char)c; - } - c = (bp - label - 1); - if ((c & NS_CMPRSFLGS) != 0) { /* Label too big. */ - errno = EMSGSIZE; - return (-1); - } - if (label >= eom) { - errno = EMSGSIZE; - return (-1); - } - *label = c; - if (c != 0) { - if (bp >= eom) { - errno = EMSGSIZE; - return (-1); - } - *bp++ = 0; - } - if ((bp - dst) > MAXCDNAME) { /* src too big */ - errno = EMSGSIZE; - return (-1); - } - return (0); -} - -/* - * ns_name_ntol(src, dst, dstsiz) - * Convert a network strings labels into all lowercase. - * return: - * Number of bytes written to buffer, or -1 (with errno set) - * notes: - * Enforces label and domain length limits. - */ - -int -ns_name_ntol(const u_char *src, u_char *dst, size_t dstsiz) { - const u_char *cp; - u_char *dn, *eom; - u_char c; - u_int n; - - cp = src; - dn = dst; - eom = dst + dstsiz; - - if (dn >= eom) { - errno = EMSGSIZE; - return (-1); - } - while ((n = *cp++) != 0) { - if ((n & NS_CMPRSFLGS) != 0) { - /* Some kind of compression pointer. */ - errno = EMSGSIZE; - return (-1); - } - *dn++ = n; - if (dn + n >= eom) { - errno = EMSGSIZE; - return (-1); - } - for ((void)NULL; n > 0; n--) { - c = *cp++; - if (isupper(c)) - *dn++ = tolower(c); - else - *dn++ = c; - } - } - *dn++ = '\0'; - return (dn - dst); -} - -/* - * ns_name_unpack(msg, eom, src, dst, dstsiz) - * Unpack a domain name from a message, source may be compressed. - * return: - * -1 if it fails, or consumed octets if it succeeds. - */ -int -ns_name_unpack(const u_char *msg, const u_char *eom, const u_char *src, - u_char *dst, size_t dstsiz) -{ - const u_char *srcp, *dstlim; - u_char *dstp; - unsigned n; - int len; - int checked; - - len = -1; - checked = 0; - dstp = dst; - srcp = src; - dstlim = dst + dstsiz; - if (srcp < msg || srcp >= eom) { - errno = EMSGSIZE; - return (-1); - } - /* Fetch next label in domain name. */ - while ((n = *srcp++) != 0) { - /* Check for indirection. */ - switch (n & NS_CMPRSFLGS) { - case 0: - /* Limit checks. */ - if (dstp + n + 1 >= dstlim || srcp + n >= eom) { - errno = EMSGSIZE; - return (-1); - } - checked += n + 1; - *dstp++ = n; - memcpy(dstp, srcp, n); - dstp += n; - srcp += n; - break; - - case NS_CMPRSFLGS: - if (srcp >= eom) { - errno = EMSGSIZE; - return (-1); - } - if (len < 0) - len = srcp - src + 1; - srcp = msg + (((n & 0x3f) << 8) | (*srcp & 0xff)); - if (srcp < msg || srcp >= eom) { /* Out of range. */ - errno = EMSGSIZE; - return (-1); - } - checked += 2; - /* - * Check for loops in the compressed name; - * if we've looked at the whole message, - * there must be a loop. - */ - if (checked >= eom - msg) { - errno = EMSGSIZE; - return (-1); - } - break; - - default: - errno = EMSGSIZE; - return (-1); /* flag error */ - } - } - *dstp = '\0'; - if (len < 0) - len = srcp - src; - return (len); -} - -/* - * ns_name_pack(src, dst, dstsiz, dnptrs, lastdnptr) - * Pack domain name 'domain' into 'comp_dn'. - * return: - * Size of the compressed name, or -1. - * notes: - * 'dnptrs' is an array of pointers to previous compressed names. - * dnptrs[0] is a pointer to the beginning of the message. The array - * ends with NULL. - * 'lastdnptr' is a pointer to the end of the array pointed to - * by 'dnptrs'. - * Side effects: - * The list of pointers in dnptrs is updated for labels inserted into - * the message as we compress the name. If 'dnptr' is NULL, we don't - * try to compress names. If 'lastdnptr' is NULL, we don't update the - * list. - */ -int -ns_name_pack(const u_char *src, u_char *dst, unsigned dstsiz, - const u_char **dnptrs, const u_char **lastdnptr) -{ - u_char *dstp; - const u_char **cpp, **lpp, *eob, *msg; - const u_char *srcp; - unsigned n; - int l; - - srcp = src; - dstp = dst; - eob = dstp + dstsiz; - lpp = cpp = NULL; - if (dnptrs != NULL) { - if ((msg = *dnptrs++) != NULL) { - for (cpp = dnptrs; *cpp != NULL; cpp++) - (void)NULL; - lpp = cpp; /* end of list to search */ - } - } else - msg = NULL; - - /* make sure the domain we are about to add is legal */ - l = 0; - do { - n = *srcp; - if ((n & NS_CMPRSFLGS) != 0) { - errno = EMSGSIZE; - return (-1); - } - l += n + 1; - if (l > MAXCDNAME) { - errno = EMSGSIZE; - return (-1); - } - srcp += n + 1; - } while (n != 0); - - /* from here on we need to reset compression pointer array on error */ - srcp = src; - do { - /* Look to see if we can use pointers. */ - n = *srcp; - if (n != 0 && msg != NULL) { - l = dn_find(srcp, msg, (const u_char * const *)dnptrs, - (const u_char * const *)lpp); - if (l >= 0) { - if (dstp + 1 >= eob) { - goto cleanup; - } - *dstp++ = (l >> 8) | NS_CMPRSFLGS; - *dstp++ = l % 256; - return (dstp - dst); - } - /* Not found, save it. */ - if (lastdnptr != NULL && cpp < lastdnptr - 1 && - (dstp - msg) < 0x4000) { - *cpp++ = dstp; - *cpp = NULL; - } - } - /* copy label to buffer */ - if (n & NS_CMPRSFLGS) { /* Should not happen. */ - goto cleanup; - } - if (dstp + 1 + n >= eob) { - goto cleanup; - } - memcpy(dstp, srcp, n + 1); - srcp += n + 1; - dstp += n + 1; - } while (n != 0); - - if (dstp > eob) { -cleanup: - if (msg != NULL) - *lpp = NULL; - errno = EMSGSIZE; - return (-1); - } - return (dstp - dst); -} - -/* - * ns_name_uncompress(msg, eom, src, dst, dstsiz) - * Expand compressed domain name to presentation format. - * return: - * Number of bytes read out of `src', or -1 (with errno set). - * note: - * Root domain returns as "." not "". - */ -int -ns_name_uncompress(const u_char *msg, const u_char *eom, const u_char *src, - char *dst, size_t dstsiz) -{ - u_char tmp[NS_MAXCDNAME]; - int n; - - if ((n = ns_name_unpack(msg, eom, src, tmp, sizeof tmp)) == -1) - return (-1); - if (ns_name_ntop(tmp, dst, dstsiz) == -1) - return (-1); - return (n); -} - -/* - * ns_name_compress(src, dst, dstsiz, dnptrs, lastdnptr) - * Compress a domain name into wire format, using compression pointers. - * return: - * Number of bytes consumed in `dst' or -1 (with errno set). - * notes: - * 'dnptrs' is an array of pointers to previous compressed names. - * dnptrs[0] is a pointer to the beginning of the message. - * The list ends with NULL. 'lastdnptr' is a pointer to the end of the - * array pointed to by 'dnptrs'. Side effect is to update the list of - * pointers for labels inserted into the message as we compress the name. - * If 'dnptr' is NULL, we don't try to compress names. If 'lastdnptr' - * is NULL, we don't update the list. - */ -int -ns_name_compress(const char *src, u_char *dst, size_t dstsiz, - const u_char **dnptrs, const u_char **lastdnptr) -{ - u_char tmp[NS_MAXCDNAME]; - - if (ns_name_pton(src, tmp, sizeof tmp) == -1) - return (-1); - return (ns_name_pack(tmp, dst, dstsiz, dnptrs, lastdnptr)); -} - -/* - * ns_name_skip(ptrptr, eom) - * Advance *ptrptr to skip over the compressed name it points at. - * return: - * 0 on success, -1 (with errno set) on failure. - */ -int -ns_name_skip(const u_char **ptrptr, const u_char *eom) { - const u_char *cp; - u_int n; - - cp = *ptrptr; - while (cp < eom && (n = *cp++) != 0) { - /* Check for indirection. */ - switch (n & NS_CMPRSFLGS) { - case 0: /* normal case, n == len */ - cp += n; - continue; - case NS_CMPRSFLGS: /* indirection */ - cp++; - break; - default: /* illegal type */ - errno = EMSGSIZE; - return (-1); - } - break; - } - if (cp > eom) { - errno = EMSGSIZE; - return (-1); - } - *ptrptr = cp; - return (0); -} - -/* Private. */ - -/* - * special(ch) - * Thinking in noninternationalized USASCII (per the DNS spec), - * is this characted special ("in need of quoting") ? - * return: - * boolean. - */ -static int -special(int ch) { - switch (ch) { - case 0x22: /* '"' */ - case 0x2E: /* '.' */ - case 0x3B: /* ';' */ - case 0x5C: /* '\\' */ - /* Special modifiers in zone files. */ - case 0x40: /* '@' */ - case 0x24: /* '$' */ - return (1); - default: - return (0); - } -} - -/* - * printable(ch) - * Thinking in noninternationalized USASCII (per the DNS spec), - * is this character visible and not a space when printed ? - * return: - * boolean. - */ -static int -printable(int ch) { - return (ch > 0x20 && ch < 0x7f); -} - -/* - * Thinking in noninternationalized USASCII (per the DNS spec), - * convert this character to lower case if it's upper case. - */ -static int -mklower(int ch) { - if (ch >= 0x41 && ch <= 0x5A) - return (ch + 0x20); - return (ch); -} - -/* - * dn_find(domain, msg, dnptrs, lastdnptr) - * Search for the counted-label name in an array of compressed names. - * return: - * offset from msg if found, or -1. - * notes: - * dnptrs is the pointer to the first name on the list, - * not the pointer to the start of the message. - */ -static int -dn_find(const u_char *domain, const u_char *msg, - const u_char * const *dnptrs, - const u_char * const *lastdnptr) -{ - const u_char *dn, *cp, *sp; - const u_char * const *cpp; - u_int n; - - for (cpp = dnptrs; cpp < lastdnptr; cpp++) { - dn = domain; - sp = cp = *cpp; - while ((n = *cp++) != 0) { - /* - * check for indirection - */ - switch (n & NS_CMPRSFLGS) { - case 0: /* normal case, n == len */ - if (n != *dn++) - goto next; - for ((void)NULL; n > 0; n--) - if (mklower(*dn++) != mklower(*cp++)) - goto next; - /* Is next root for both ? */ - if (*dn == '\0' && *cp == '\0') - return (sp - msg); - if (*dn) - continue; - goto next; - - case NS_CMPRSFLGS: /* indirection */ - cp = msg + (((n & 0x3f) << 8) | *cp); - break; - - default: /* illegal type */ - errno = EMSGSIZE; - return (-1); - } - } - next: ; - } - errno = ENOENT; - return (-1); -} diff --git a/minires/ns_parse.c b/minires/ns_parse.c deleted file mode 100644 index a1bb3d52b..000000000 --- a/minires/ns_parse.c +++ /dev/null @@ -1,211 +0,0 @@ -/* - * Copyright (c) 2013-2014 by Internet Systems Consortium, Inc. ("ISC") - * Copyright (c) 2004,2009 by Internet Systems Consortium, Inc. ("ISC") - * Copyright (c) 1996-2003 by Internet Software Consortium - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT - * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - * - * Internet Systems Consortium, Inc. - * 950 Charter Street - * Redwood City, CA 94063 - * - * https://www.isc.org/ - */ - -/* Import. */ - -#include - -#include -#include - -#include -#include - -#include "minires/minires.h" -#include "arpa/nameser.h" - -/* Forward. */ - -static void setsection(ns_msg *msg, ns_sect sect); - -/* Macros. */ - -/* Public. */ - -/* These need to be in the same order as the nres.h:ns_flag enum. */ -struct _ns_flagdata _ns_flagdata[16] = { - { 0x8000, 15 }, /* qr. */ - { 0x7800, 11 }, /* opcode. */ - { 0x0400, 10 }, /* aa. */ - { 0x0200, 9 }, /* tc. */ - { 0x0100, 8 }, /* rd. */ - { 0x0080, 7 }, /* ra. */ - { 0x0040, 6 }, /* z. */ - { 0x0020, 5 }, /* ad. */ - { 0x0010, 4 }, /* cd. */ - { 0x000f, 0 }, /* rcode. */ - { 0x0000, 0 }, /* expansion (1/6). */ - { 0x0000, 0 }, /* expansion (2/6). */ - { 0x0000, 0 }, /* expansion (3/6). */ - { 0x0000, 0 }, /* expansion (4/6). */ - { 0x0000, 0 }, /* expansion (5/6). */ - { 0x0000, 0 }, /* expansion (6/6). */ -}; - -isc_result_t -ns_skiprr(const u_char *ptr, const u_char *eom, ns_sect section, int count, - int *rc) { - const u_char *optr = ptr; - - for ((void)NULL; count > 0; count--) { - int b, rdlength; - - b = dn_skipname(ptr, eom); - if (b < 0) - return ISC_R_INCOMPLETE; - ptr += b/*Name*/ + NS_INT16SZ/*Type*/ + NS_INT16SZ/*Class*/; - if (section != ns_s_qd) { - if (ptr + NS_INT32SZ + NS_INT16SZ > eom) - return ISC_R_INCOMPLETE; - ptr += NS_INT32SZ/*TTL*/; - rdlength = getUShort(ptr); - ptr += 2; - ptr += rdlength/*RData*/; - } - } - if (ptr > eom) - return ISC_R_INCOMPLETE; - if (rc) - *rc = ptr - optr; - return ISC_R_SUCCESS; -} - -isc_result_t -ns_initparse(const u_char *msg, unsigned msglen, ns_msg *handle) { - const u_char *eom = msg + msglen; - int i; - - memset(handle, 0x5e, sizeof *handle); - handle->_msg = msg; - handle->_eom = eom; - if (msg + NS_INT16SZ > eom) - return ISC_R_INCOMPLETE; - handle->_id = getUShort (msg); - msg += 2; - if (msg + NS_INT16SZ > eom) - return ISC_R_INCOMPLETE; - handle->_flags = getUShort (msg); - msg += 2; - for (i = 0; i < ns_s_max; i++) { - if (msg + NS_INT16SZ > eom) - return ISC_R_INCOMPLETE; - handle->_counts[i] = getUShort (msg); - msg += 2; - } - for (i = 0; i < ns_s_max; i++) - if (handle->_counts[i] == 0) - handle->_sections[i] = NULL; - else { - int b; - isc_result_t status = - ns_skiprr(msg, eom, (ns_sect)i, - handle->_counts[i], &b); - - if (status != ISC_R_SUCCESS) - return STATUS; - handle->_sections[i] = msg; - msg += b; - } - if (msg != eom) - return ISC_R_INCOMPLETE; - setsection(handle, ns_s_max); - return ISC_R_SUCCESS; -} - -isc_result_t -ns_parserr(ns_msg *handle, ns_sect section, int rrnum, ns_rr *rr) { - int b; - isc_result_t status; - - /* Make section right. */ - if (section >= ns_s_max) - return ISC_R_NOTIMPLEMENTED; - if (section != handle->_sect) - setsection(handle, section); - - /* Make rrnum right. */ - if (rrnum == -1) - rrnum = handle->_rrnum; - if (rrnum < 0 || rrnum >= handle->_counts[(int)section]) - return ISC_R_UNKNOWNATTRIBUTE; - if (rrnum < handle->_rrnum) - setsection(handle, section); - if (rrnum > handle->_rrnum) { - status = ns_skiprr(handle->_ptr, handle->_eom, section, - rrnum - handle->_rrnum, &b); - - if (status != ISC_R_SUCCESS) - return status; - handle->_ptr += b; - handle->_rrnum = rrnum; - } - - /* Do the parse. */ - b = dn_expand(handle->_msg, handle->_eom, - handle->_ptr, rr->name, NS_MAXDNAME); - if (b < 0) - return ISC_R_FORMERR; - handle->_ptr += b; - if (handle->_ptr + NS_INT16SZ + NS_INT16SZ > handle->_eom) - return ISC_R_INCOMPLETE; - rr->type = getUShort (handle->_ptr); - handle -> _ptr += 2; - rr->rr_class = getUShort (handle->_ptr); - handle -> _ptr += 2; - if (section == ns_s_qd) { - rr->ttl = 0; - rr->rdlength = 0; - rr->rdata = NULL; - } else { - if (handle->_ptr + NS_INT32SZ + NS_INT16SZ > handle->_eom) - return ISC_R_INCOMPLETE; - rr->ttl = getULong (handle->_ptr); - handle -> _ptr += 4; - rr->rdlength = getUShort (handle->_ptr); - handle -> _ptr += 2; - if (handle->_ptr + rr->rdlength > handle->_eom) - return ISC_R_INCOMPLETE; - rr->rdata = handle->_ptr; - handle->_ptr += rr->rdlength; - } - if (++handle->_rrnum > handle->_counts[(int)section]) - setsection(handle, (ns_sect)((int)section + 1)); - - /* All done. */ - return ISC_R_SUCCESS; -} - -/* Private. */ - -static void -setsection(ns_msg *msg, ns_sect sect) { - msg->_sect = sect; - if (sect == ns_s_max) { - msg->_rrnum = -1; - msg->_ptr = NULL; - } else { - msg->_rrnum = 0; - msg->_ptr = msg->_sections[(int)sect]; - } -} diff --git a/minires/ns_samedomain.c b/minires/ns_samedomain.c deleted file mode 100644 index 9b0b1cabd..000000000 --- a/minires/ns_samedomain.c +++ /dev/null @@ -1,212 +0,0 @@ -/* - * Copyright (c) 2004,2009,2014 by Internet Systems Consortium, Inc. ("ISC") - * Copyright (c) 1995-2003 by Internet Software Consortium - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT - * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - * - * Internet Systems Consortium, Inc. - * 950 Charter Street - * Redwood City, CA 94063 - * - * https://www.isc.org/ - */ - -#include -#include -#include - -#include -#include - -#include "minires/minires.h" -#include "arpa/nameser.h" - -/* - * int - * ns_samedomain(a, b) - * Check whether a name belongs to a domain. - * Inputs: - * a - the domain whose ancestory is being verified - * b - the potential ancestor we're checking against - * Return: - * boolean - is a at or below b? - * Notes: - * Trailing dots are first removed from name and domain. - * Always compare complete subdomains, not only whether the - * domain name is the trailing string of the given name. - * - * "host.foobar.top" lies in "foobar.top" and in "top" and in "" - * but NOT in "bar.top" - */ - -int -ns_samedomain(const char *a, const char *b) { - size_t la, lb; - int diff, i, escaped; - const char *cp; - - la = strlen(a); - lb = strlen(b); - - /* Ignore a trailing label separator (i.e. an unescaped dot) in 'a'. */ - if (la != 0 && a[la - 1] == '.') { - escaped = 0; - /* Note this loop doesn't get executed if la==1. */ - for (i = la - 2; i >= 0; i--) - if (a[i] == '\\') { - if (escaped) - escaped = 0; - else - escaped = 1; - } else - break; - if (!escaped) - la--; - } - - /* Ignore a trailing label separator (i.e. an unescaped dot) in 'b'. */ - if (lb != 0 && b[lb - 1] == '.') { - escaped = 0; - /* note this loop doesn't get executed if lb==1 */ - for (i = lb - 2; i >= 0; i--) - if (b[i] == '\\') { - if (escaped) - escaped = 0; - else - escaped = 1; - } else - break; - if (!escaped) - lb--; - } - - /* lb == 0 means 'b' is the root domain, so 'a' must be in 'b'. */ - if (lb == 0) - return (1); - - /* 'b' longer than 'a' means 'a' can't be in 'b'. */ - if (lb > la) - return (0); - - /* 'a' and 'b' being equal at this point indicates sameness. */ - if (lb == la) - return (strncasecmp(a, b, lb) == 0); - - /* Ok, we know la > lb. */ - - diff = la - lb; - - /* - * If 'a' is only 1 character longer than 'b', then it can't be - * a subdomain of 'b' (because of the need for the '.' label - * separator). - */ - if (diff < 2) - return (0); - - /* - * If the character before the last 'lb' characters of 'b' - * isn't '.', then it can't be a match (this lets us avoid - * having "foobar.com" match "bar.com"). - */ - if (a[diff - 1] != '.') - return (0); - - /* - * We're not sure about that '.', however. It could be escaped - * and thus not a really a label separator. - */ - escaped = 0; - for (i = diff - 2; i >= 0; i--) - if (a[i] == '\\') { - if (escaped) - escaped = 0; - else - escaped = 1; - } else - break; - if (escaped) - return (0); - - /* Now compare aligned trailing substring. */ - cp = a + diff; - return (strncasecmp(cp, b, lb) == 0); -} - -/* - * int - * ns_subdomain(a, b) - * is "a" a subdomain of "b"? - */ -int -ns_subdomain(const char *a, const char *b) { - return (ns_samename(a, b) != 1 && ns_samedomain(a, b)); -} - -/* - * int - * ns_makecanon(src, dst, dstsize) - * make a canonical copy of domain name "src" - * notes: - * foo -> foo. - * foo. -> foo. - * foo.. -> foo. - * foo\. -> foo\.. - * foo\\. -> foo\\. - */ - -isc_result_t -ns_makecanon(const char *src, char *dst, size_t dstsize) { - size_t n = strlen(src); - - if (n + sizeof "." > dstsize) { - return ISC_R_NOSPACE; - } - strcpy(dst, src); - while (n > 0 && dst[n - 1] == '.') /* Ends in "." */ - if (n > 1 && dst[n - 2] == '\\' && /* Ends in "\." */ - (n < 2 || dst[n - 3] != '\\')) /* But not "\\." */ - break; - else - dst[--n] = '\0'; - dst[n++] = '.'; - dst[n] = '\0'; - return ISC_R_SUCCESS; -} - -/* - * int - * ns_samename(a, b) - * determine whether domain name "a" is the same as domain name "b" - * return: - * -1 on error - * 0 if names differ - * 1 if names are the same - */ - -int -ns_samename(const char *a, const char *b) { - char ta[NS_MAXDNAME], tb[NS_MAXDNAME]; - isc_result_t status; - - status = ns_makecanon(a, ta, sizeof ta); - if (status != ISC_R_SUCCESS) - return status; - status = ns_makecanon(b, tb, sizeof tb); - if (status != ISC_R_SUCCESS) - return (-1); - if (strcasecmp(ta, tb) == 0) - return (1); - else - return (0); -} diff --git a/minires/ns_sign.c b/minires/ns_sign.c deleted file mode 100644 index 1a0cda628..000000000 --- a/minires/ns_sign.c +++ /dev/null @@ -1,361 +0,0 @@ -/* - * Copyright (c) 2013-2014 by Internet Systems Consortium, Inc. ("ISC") - * Copyright (c) 2004,2009 by Internet Systems Consortium, Inc. ("ISC") - * Copyright (c) 1999-2003 by Internet Software Consortium - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT - * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - * - * Internet Systems Consortium, Inc. - * 950 Charter Street - * Redwood City, CA 94063 - * - * https://www.isc.org/ - */ - -#if defined (TRACING) -#define time(x) trace_mr_time (x) -time_t trace_mr_time (time_t *); -#endif - -/* Import. */ - -#include -#include - -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include - -#include "minires/minires.h" -#include "arpa/nameser.h" - -#include - -#define BOUNDS_CHECK(ptr, count) \ - do { \ - if ((ptr) + (count) > eob) { \ - return ISC_R_NOSPACE; \ - } \ - } while (0) - -/* ns_sign - * Parameters: - * msg message to be sent - * msglen input - length of message - * output - length of signed message - * msgsize length of buffer containing message - * error value to put in the error field - * key tsig key used for signing - * querysig (response), the signature in the query - * querysiglen (response), the length of the signature in the query - * sig a buffer to hold the generated signature - * siglen input - length of signature buffer - * output - length of signature - * - * Errors: - * - bad input data (-1) - * - bad key / sign failed (-BADKEY) - * - not enough space (NS_TSIG_ERROR_NO_SPACE) - */ -isc_result_t -ns_sign(u_char *msg, unsigned *msglen, unsigned msgsize, int error, void *k, - const u_char *querysig, unsigned querysiglen, u_char *sig, - unsigned *siglen, time_t in_timesigned) -{ - HEADER *hp = (HEADER *)msg; - DST_KEY *key = (DST_KEY *)k; - u_char *cp = msg + *msglen, *eob = msg + msgsize; - u_char *lenp; - u_char *name, *alg; - int n; - time_t timesigned; - - dst_init(); - if (msg == NULL || msglen == NULL || sig == NULL || siglen == NULL) - return ISC_R_INVALIDARG; - - /* Name. */ - if (key != NULL && error != ns_r_badsig && error != ns_r_badkey) - n = dn_comp(key->dk_key_name, - cp, (unsigned)(eob - cp), NULL, NULL); - else - n = dn_comp("", cp, (unsigned)(eob - cp), NULL, NULL); - if (n < 0) - return ISC_R_NOSPACE; - name = cp; - cp += n; - - /* Type, class, ttl, length (not filled in yet). */ - BOUNDS_CHECK(cp, INT16SZ + INT16SZ + INT32SZ + INT16SZ); - PUTSHORT(ns_t_tsig, cp); - PUTSHORT(ns_c_any, cp); - PUTLONG(0, cp); /* TTL */ - lenp = cp; - cp += 2; - - /* Alg. */ - if (key != NULL && error != ns_r_badsig && error != ns_r_badkey) { - if (key->dk_alg != KEY_HMAC_MD5) - return ISC_R_BADKEY; - n = dn_comp(NS_TSIG_ALG_HMAC_MD5, - cp, (unsigned)(eob - cp), NULL, NULL); - } - else - n = dn_comp("", cp, (unsigned)(eob - cp), NULL, NULL); - if (n < 0) - return ISC_R_NOSPACE; - alg = cp; - cp += n; - - /* Time. */ - BOUNDS_CHECK(cp, INT16SZ + INT32SZ + INT16SZ); - PUTSHORT(0, cp); - timesigned = time(NULL); - if (error != ns_r_badtime) - PUTLONG(timesigned, cp); - else - PUTLONG(in_timesigned, cp); - PUTSHORT(NS_TSIG_FUDGE, cp); - - /* Compute the signature. */ - if (key != NULL && error != ns_r_badsig && error != ns_r_badkey) { - void *ctx; - u_char buf[MAXDNAME], *cp2; - int n; - - dst_sign_data(SIG_MODE_INIT, key, &ctx, NULL, 0, NULL, 0); - - /* Digest the query signature, if this is a response. */ - if (querysiglen > 0 && querysig != NULL) { - u_int16_t len_n = htons(querysiglen); - dst_sign_data(SIG_MODE_UPDATE, key, &ctx, - (u_char *)&len_n, INT16SZ, NULL, 0); - dst_sign_data(SIG_MODE_UPDATE, key, &ctx, - querysig, querysiglen, NULL, 0); - } - - /* Digest the message. */ - dst_sign_data(SIG_MODE_UPDATE, key, &ctx, msg, *msglen, - NULL, 0); - - /* Digest the key name. */ - n = ns_name_ntol(name, buf, sizeof(buf)); - dst_sign_data(SIG_MODE_UPDATE, key, &ctx, buf, n, NULL, 0); - - /* Digest the class and TTL. */ - cp2 = buf; - PUTSHORT(ns_c_any, cp2); - PUTLONG(0, cp2); - dst_sign_data(SIG_MODE_UPDATE, key, &ctx, - buf, (unsigned)(cp2-buf), NULL, 0); - - /* Digest the algorithm. */ - n = ns_name_ntol(alg, buf, sizeof(buf)); - dst_sign_data(SIG_MODE_UPDATE, key, &ctx, buf, n, NULL, 0); - - /* Digest the time signed, fudge, error, and other data */ - cp2 = buf; - PUTSHORT(0, cp2); /* Top 16 bits of time */ - if (error != ns_r_badtime) - PUTLONG(timesigned, cp2); - else - PUTLONG(in_timesigned, cp2); - PUTSHORT(NS_TSIG_FUDGE, cp2); - PUTSHORT(error, cp2); /* Error */ - if (error != ns_r_badtime) - PUTSHORT(0, cp2); /* Other data length */ - else { - PUTSHORT(INT16SZ+INT32SZ, cp2); /* Other data length */ - PUTSHORT(0, cp2); /* Top 16 bits of time */ - PUTLONG(timesigned, cp2); - } - n = dst_sign_data(SIG_MODE_UPDATE, key, &ctx, - buf, (unsigned)(cp2-buf), NULL, 0); - if (n < 0) - return ISC_R_BADKEY; - - n = dst_sign_data(SIG_MODE_FINAL, key, &ctx, NULL, 0, - sig, *siglen); - if (n < 0) - return ISC_R_BADKEY; - *siglen = n; - } else - *siglen = 0; - - /* Add the signature. */ - BOUNDS_CHECK(cp, INT16SZ + (*siglen)); - PUTSHORT(*siglen, cp); - memcpy(cp, sig, *siglen); - cp += (*siglen); - - /* The original message ID & error. */ - BOUNDS_CHECK(cp, INT16SZ + INT16SZ); - PUTSHORT(ntohs(hp->id), cp); /* already in network order */ - PUTSHORT(error, cp); - - /* Other data. */ - BOUNDS_CHECK(cp, INT16SZ); - if (error != ns_r_badtime) - PUTSHORT(0, cp); /* Other data length */ - else { - PUTSHORT(INT16SZ+INT32SZ, cp); /* Other data length */ - BOUNDS_CHECK(cp, INT32SZ+INT16SZ); - PUTSHORT(0, cp); /* Top 16 bits of time */ - PUTLONG(timesigned, cp); - } - - /* Go back and fill in the length. */ - PUTSHORT(cp - lenp - INT16SZ, lenp); - - hp->arcount = htons(ntohs(hp->arcount) + 1); - *msglen = (cp - msg); - return ISC_R_SUCCESS; -} - -#if 0 -isc_result_t -ns_sign_tcp_init(void *k, const u_char *querysig, unsigned querysiglen, - ns_tcp_tsig_state *state) -{ - dst_init(); - if (state == NULL || k == NULL || querysig == NULL || querysiglen < 0) - return ISC_R_INVALIDARG; - state->counter = -1; - state->key = k; - if (state->key->dk_alg != KEY_HMAC_MD5) - return ISC_R_BADKEY; - if (querysiglen > sizeof(state->sig)) - return ISC_R_NOSPACE; - memcpy(state->sig, querysig, querysiglen); - state->siglen = querysiglen; - return ISC_R_SUCCESS; -} - -isc_result_t -ns_sign_tcp(u_char *msg, unsigned *msglen, unsigned msgsize, int error, - ns_tcp_tsig_state *state, int done) -{ - u_char *cp, *eob, *lenp; - u_char buf[MAXDNAME], *cp2; - HEADER *hp = (HEADER *)msg; - time_t timesigned; - int n; - - if (msg == NULL || msglen == NULL || state == NULL) - return ISC_R_INVALIDARG; - - state->counter++; - if (state->counter == 0) - return ns_sign(msg, msglen, msgsize, error, state->key, - state->sig, state->siglen, - state->sig, &state->siglen, 0); - - if (state->siglen > 0) { - u_int16_t siglen_n = htons(state->siglen); - dst_sign_data(SIG_MODE_INIT, state->key, &state->ctx, - NULL, 0, NULL, 0); - dst_sign_data(SIG_MODE_UPDATE, state->key, &state->ctx, - (u_char *)&siglen_n, INT16SZ, NULL, 0); - dst_sign_data(SIG_MODE_UPDATE, state->key, &state->ctx, - state->sig, state->siglen, NULL, 0); - state->siglen = 0; - } - - dst_sign_data(SIG_MODE_UPDATE, state->key, &state->ctx, msg, *msglen, - NULL, 0); - - if (done == 0 && (state->counter % 100 != 0)) - return ISC_R_SUCCESS; - - cp = msg + *msglen; - eob = msg + msgsize; - - /* Name. */ - n = dn_comp(state->key->dk_key_name, - cp, (unsigned)(eob - cp), NULL, NULL); - if (n < 0) - return ISC_R_NOSPACE; - cp += n; - - /* Type, class, ttl, length (not filled in yet). */ - BOUNDS_CHECK(cp, INT16SZ + INT16SZ + INT32SZ + INT16SZ); - PUTSHORT(ns_t_tsig, cp); - PUTSHORT(ns_c_any, cp); - PUTLONG(0, cp); /* TTL */ - lenp = cp; - cp += 2; - - /* Alg. */ - n = dn_comp(NS_TSIG_ALG_HMAC_MD5, - cp, (unsigned)(eob - cp), NULL, NULL); - if (n < 0) - return ISC_R_NOSPACE; - cp += n; - - /* Time. */ - BOUNDS_CHECK(cp, INT16SZ + INT32SZ + INT16SZ); - PUTSHORT(0, cp); - timesigned = time(NULL); - PUTLONG(timesigned, cp); - PUTSHORT(NS_TSIG_FUDGE, cp); - - /* - * Compute the signature. - */ - - /* Digest the time signed and fudge. */ - cp2 = buf; - PUTSHORT(0, cp2); /* Top 16 bits of time */ - PUTLONG(timesigned, cp2); - PUTSHORT(NS_TSIG_FUDGE, cp2); - - dst_sign_data(SIG_MODE_UPDATE, state->key, &state->ctx, - buf, (unsigned)(cp2 - buf), NULL, 0); - - n = dst_sign_data(SIG_MODE_FINAL, state->key, &state->ctx, NULL, 0, - state->sig, sizeof(state->sig)); - if (n < 0) - return ISC_R_BADKEY; - state->siglen = n; - - /* Add the signature. */ - BOUNDS_CHECK(cp, INT16SZ + state->siglen); - PUTSHORT(state->siglen, cp); - memcpy(cp, state->sig, state->siglen); - cp += state->siglen; - - /* The original message ID & error. */ - BOUNDS_CHECK(cp, INT16SZ + INT16SZ); - PUTSHORT(ntohs(hp->id), cp); /* already in network order */ - PUTSHORT(error, cp); - - /* Other data. */ - BOUNDS_CHECK(cp, INT16SZ); - PUTSHORT(0, cp); - - /* Go back and fill in the length. */ - PUTSHORT(cp - lenp - INT16SZ, lenp); - - hp->arcount = htons(ntohs(hp->arcount) + 1); - *msglen = (cp - msg); - return ISC_R_SUCCESS; -} -#endif diff --git a/minires/ns_verify.c b/minires/ns_verify.c deleted file mode 100644 index 811271310..000000000 --- a/minires/ns_verify.c +++ /dev/null @@ -1,479 +0,0 @@ -/* - * Copyright (c) 2013-2014 by Internet Systems Consortium, Inc. ("ISC") - * Copyright (c) 2004,2007,2009 by Internet Systems Consortium, Inc. ("ISC") - * Copyright (c) 1999-2003 by Internet Software Consortium - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT - * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - * - * Internet Systems Consortium, Inc. - * 950 Charter Street - * Redwood City, CA 94063 - * - * https://www.isc.org/ - */ - -/* Import. */ - -#include -#include - -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include - -#define time(x) trace_mr_time (x) - -#include "minires/minires.h" -#include "arpa/nameser.h" -#include - -time_t trace_mr_time (time_t *); - -/* Private. */ - -#define BOUNDS_CHECK(ptr, count) \ - do { \ - if ((ptr) + (count) > eom) { \ - return (NS_TSIG_ERROR_FORMERR); \ - } \ - } while (0) - -/* Public. */ - -u_char * -ns_find_tsig(u_char *msg, u_char *eom) { - HEADER *hp = (HEADER *)msg; - int n, type; - u_char *cp = msg, *start; - isc_result_t status; - - if (msg == NULL || eom == NULL || msg > eom) - return (NULL); - - if (cp + HFIXEDSZ >= eom) - return (NULL); - - if (hp->arcount == 0) - return (NULL); - - cp += HFIXEDSZ; - - status = ns_skiprr(cp, eom, ns_s_qd, ntohs(hp->qdcount), &n); - if (status != ISC_R_SUCCESS) - return (NULL); - cp += n; - - status = ns_skiprr(cp, eom, ns_s_an, ntohs(hp->ancount), &n); - if (status != ISC_R_SUCCESS) - return (NULL); - cp += n; - - status = ns_skiprr(cp, eom, ns_s_ns, ntohs(hp->nscount), &n); - if (status != ISC_R_SUCCESS) - return (NULL); - cp += n; - - status = ns_skiprr(cp, eom, ns_s_ar, ntohs(hp->arcount) - 1, &n); - if (status != ISC_R_SUCCESS) - return (NULL); - cp += n; - - start = cp; - n = dn_skipname(cp, eom); - if (n < 0) - return (NULL); - cp += n; - if (cp + INT16SZ >= eom) - return (NULL); - - GETSHORT(type, cp); - if (type != ns_t_tsig) - return (NULL); - return (start); -} - -/* ns_verify - * Parameters: - * statp res stuff - * msg received message - * msglen length of message - * key tsig key used for verifying. - * querysig (response), the signature in the query - * querysiglen (response), the length of the signature in the query - * sig (query), a buffer to hold the signature - * siglen (query), input - length of signature buffer - * output - length of signature - * - * Errors: - * - bad input (-1) - * - invalid dns message (NS_TSIG_ERROR_FORMERR) - * - TSIG is not present (NS_TSIG_ERROR_NO_TSIG) - * - key doesn't match (-ns_r_badkey) - * - TSIG verification fails with BADKEY (-ns_r_badkey) - * - TSIG verification fails with BADSIG (-ns_r_badsig) - * - TSIG verification fails with BADTIME (-ns_r_badtime) - * - TSIG verification succeeds, error set to BAKEY (ns_r_badkey) - * - TSIG verification succeeds, error set to BADSIG (ns_r_badsig) - * - TSIG verification succeeds, error set to BADTIME (ns_r_badtime) - */ -isc_result_t -ns_verify(u_char *msg, unsigned *msglen, void *k, - const u_char *querysig, unsigned querysiglen, - u_char *sig, unsigned *siglen, time_t *timesigned, int nostrip) -{ - HEADER *hp = (HEADER *)msg; - DST_KEY *key = (DST_KEY *)k; - u_char *cp = msg, *eom; - char name[MAXDNAME], alg[MAXDNAME]; - u_char *recstart, *rdatastart; - u_char *sigstart, *otherstart; - int n; - int error; - u_int16_t type, length; - u_int16_t fudge, sigfieldlen, id, otherfieldlen; - - dst_init(); - if (msg == NULL || msglen == NULL) - return ISC_R_INVALIDARG; - - eom = msg + *msglen; - - recstart = ns_find_tsig(msg, eom); - if (recstart == NULL) - return ISC_R_NO_TSIG; - - cp = recstart; - - /* Read the key name. */ - n = dn_expand(msg, eom, cp, name, MAXDNAME); - if (n < 0) - return ISC_R_FORMERR; - cp += n; - - /* Read the type. */ - BOUNDS_CHECK(cp, 2*INT16SZ + INT32SZ + INT16SZ); - GETSHORT(type, cp); - if (type != ns_t_tsig) - return ISC_R_NO_TSIG; - - /* Skip the class and TTL, save the length. */ - cp += INT16SZ + INT32SZ; - GETSHORT(length, cp); - if (eom - cp != length) - return ISC_R_FORMERR; - - /* Read the algorithm name. */ - rdatastart = cp; - n = dn_expand(msg, eom, cp, alg, MAXDNAME); - if (n < 0) - return ISC_R_FORMERR; - if (ns_samename(alg, NS_TSIG_ALG_HMAC_MD5) != 1) - return ISC_R_INVALIDKEY; - cp += n; - - /* Read the time signed and fudge. */ - BOUNDS_CHECK(cp, INT16SZ + INT32SZ + INT16SZ); - cp += INT16SZ; - GETLONG((*timesigned), cp); - GETSHORT(fudge, cp); - - /* Read the signature. */ - BOUNDS_CHECK(cp, INT16SZ); - GETSHORT(sigfieldlen, cp); - BOUNDS_CHECK(cp, sigfieldlen); - sigstart = cp; - cp += sigfieldlen; - - /* Read the original id and error. */ - BOUNDS_CHECK(cp, 2*INT16SZ); - GETSHORT(id, cp); - GETSHORT(error, cp); - - /* Parse the other data. */ - BOUNDS_CHECK(cp, INT16SZ); - GETSHORT(otherfieldlen, cp); - BOUNDS_CHECK(cp, otherfieldlen); - otherstart = cp; - cp += otherfieldlen; - - if (cp != eom) - return ISC_R_FORMERR; - - /* Verify that the key used is OK. */ - if (key != NULL) { - if (key->dk_alg != KEY_HMAC_MD5) - return ISC_R_INVALIDKEY; - if (error != ns_r_badsig && error != ns_r_badkey) { - if (ns_samename(key->dk_key_name, name) != 1) - return ISC_R_INVALIDKEY; - } - } - - hp->arcount = htons(ntohs(hp->arcount) - 1); - - /* - * Do the verification. - */ - - if (key != NULL && error != ns_r_badsig && error != ns_r_badkey) { - void *ctx; - u_char buf[MAXDNAME]; - - /* Digest the query signature, if this is a response. */ - dst_verify_data(SIG_MODE_INIT, key, &ctx, NULL, 0, NULL, 0); - if (querysiglen > 0 && querysig != NULL) { - u_int16_t len_n = htons(querysiglen); - dst_verify_data(SIG_MODE_UPDATE, key, &ctx, - (u_char *)&len_n, INT16SZ, NULL, 0); - dst_verify_data(SIG_MODE_UPDATE, key, &ctx, - querysig, querysiglen, NULL, 0); - } - - /* Digest the message. */ - dst_verify_data(SIG_MODE_UPDATE, key, &ctx, msg, - (unsigned)(recstart - msg), NULL, 0); - - /* Digest the key name. */ - n = ns_name_ntol(recstart, buf, sizeof(buf)); - dst_verify_data(SIG_MODE_UPDATE, key, &ctx, buf, n, NULL, 0); - - /* Digest the class and TTL. */ - dst_verify_data(SIG_MODE_UPDATE, key, &ctx, - recstart + dn_skipname(recstart, eom) + INT16SZ, - INT16SZ + INT32SZ, NULL, 0); - - /* Digest the algorithm. */ - n = ns_name_ntol(rdatastart, buf, sizeof(buf)); - dst_verify_data(SIG_MODE_UPDATE, key, &ctx, buf, n, NULL, 0); - - /* Digest the time signed and fudge. */ - dst_verify_data(SIG_MODE_UPDATE, key, &ctx, - rdatastart + dn_skipname(rdatastart, eom), - INT16SZ + INT32SZ + INT16SZ, NULL, 0); - - /* Digest the error and other data. */ - dst_verify_data(SIG_MODE_UPDATE, key, &ctx, - otherstart - INT16SZ - INT16SZ, - (unsigned)otherfieldlen + INT16SZ + INT16SZ, - NULL, 0); - - n = dst_verify_data(SIG_MODE_FINAL, key, &ctx, NULL, 0, - sigstart, sigfieldlen); - - if (n < 0) - return ISC_R_BADSIG; - - if (sig != NULL && siglen != NULL) { - if (*siglen < sigfieldlen) - return ISC_R_NOSPACE; - memcpy(sig, sigstart, sigfieldlen); - *siglen = sigfieldlen; - } - } else { - if (sigfieldlen > 0) - return ISC_R_FORMERR; - if (sig != NULL && siglen != NULL) - *siglen = 0; - } - - /* Reset the counter, since we still need to check for badtime. */ - hp->arcount = htons(ntohs(hp->arcount) + 1); - - /* Verify the time. */ - if (abs((*timesigned) - time(NULL)) > fudge) - return ISC_R_BADTIME; - - if (nostrip == 0) { - *msglen = recstart - msg; - hp->arcount = htons(ntohs(hp->arcount) - 1); - } - - if (error != NOERROR) - return ns_rcode_to_isc (error); - - return ISC_R_SUCCESS; -} - -#if 0 -isc_result_t -ns_verify_tcp_init(void *k, const u_char *querysig, unsigned querysiglen, - ns_tcp_tsig_state *state) -{ - dst_init(); - if (state == NULL || k == NULL || querysig == NULL || querysiglen < 0) - return ISC_R_INVALIDARG; - state->counter = -1; - state->key = k; - if (state->key->dk_alg != KEY_HMAC_MD5) - return ISC_R_BADKEY; - if (querysiglen > sizeof(state->sig)) - return ISC_R_NOSPACE; - memcpy(state->sig, querysig, querysiglen); - state->siglen = querysiglen; - return ISC_R_SUCCESS; -} - -isc_result_t -ns_verify_tcp(u_char *msg, unsigned *msglen, ns_tcp_tsig_state *state, - int required) -{ - HEADER *hp = (HEADER *)msg; - u_char *recstart, *rdatastart, *sigstart; - unsigned sigfieldlen, otherfieldlen; - u_char *cp, *eom = msg + *msglen, *cp2; - char name[MAXDNAME], alg[MAXDNAME]; - u_char buf[MAXDNAME]; - int n, type, length, fudge, id, error; - time_t timesigned; - - if (msg == NULL || msglen == NULL || state == NULL) - return ISC_R_INVALIDARG; - - state->counter++; - if (state->counter == 0) - return (ns_verify(msg, msglen, state->key, - state->sig, state->siglen, - state->sig, &state->siglen, ×igned, 0)); - - if (state->siglen > 0) { - u_int16_t siglen_n = htons(state->siglen); - - dst_verify_data(SIG_MODE_INIT, state->key, &state->ctx, - NULL, 0, NULL, 0); - dst_verify_data(SIG_MODE_UPDATE, state->key, &state->ctx, - (u_char *)&siglen_n, INT16SZ, NULL, 0); - dst_verify_data(SIG_MODE_UPDATE, state->key, &state->ctx, - state->sig, state->siglen, NULL, 0); - state->siglen = 0; - } - - cp = recstart = ns_find_tsig(msg, eom); - - if (recstart == NULL) { - if (required) - return ISC_R_NO_TSIG; - dst_verify_data(SIG_MODE_UPDATE, state->key, &state->ctx, - msg, *msglen, NULL, 0); - return ISC_R_SUCCESS; - } - - hp->arcount = htons(ntohs(hp->arcount) - 1); - dst_verify_data(SIG_MODE_UPDATE, state->key, &state->ctx, - msg, (unsigned)(recstart - msg), NULL, 0); - - /* Read the key name. */ - n = dn_expand(msg, eom, cp, name, MAXDNAME); - if (n < 0) - return ISC_R_FORMERR; - cp += n; - - /* Read the type. */ - BOUNDS_CHECK(cp, 2*INT16SZ + INT32SZ + INT16SZ); - GETSHORT(type, cp); - if (type != ns_t_tsig) - return ISC_R_NO_TSIG; - - /* Skip the class and TTL, save the length. */ - cp += INT16SZ + INT32SZ; - GETSHORT(length, cp); - if (eom - cp != length) - return ISC_R_FORMERR; - - /* Read the algorithm name. */ - rdatastart = cp; - n = dn_expand(msg, eom, cp, alg, MAXDNAME); - if (n < 0) - return ISC_R_FORMERR; - if (ns_samename(alg, NS_TSIG_ALG_HMAC_MD5) != 1) - return ISC_R_BADKEY; - cp += n; - - /* Verify that the key used is OK. */ - if ((ns_samename(state->key->dk_key_name, name) != 1 || - state->key->dk_alg != KEY_HMAC_MD5)) - return ISC_R_BADKEY; - - /* Read the time signed and fudge. */ - BOUNDS_CHECK(cp, INT16SZ + INT32SZ + INT16SZ); - cp += INT16SZ; - GETLONG(timesigned, cp); - GETSHORT(fudge, cp); - - /* Read the signature. */ - BOUNDS_CHECK(cp, INT16SZ); - GETSHORT(sigfieldlen, cp); - BOUNDS_CHECK(cp, sigfieldlen); - sigstart = cp; - cp += sigfieldlen; - - /* Read the original id and error. */ - BOUNDS_CHECK(cp, 2*INT16SZ); - GETSHORT(id, cp); - GETSHORT(error, cp); - - /* Parse the other data. */ - BOUNDS_CHECK(cp, INT16SZ); - GETSHORT(otherfieldlen, cp); - BOUNDS_CHECK(cp, otherfieldlen); - cp += otherfieldlen; - - if (cp != eom) - return ISC_R_FORMERR; - - /* - * Do the verification. - */ - - /* Digest the time signed and fudge. */ - cp2 = buf; - PUTSHORT(0, cp2); /* Top 16 bits of time. */ - PUTLONG(timesigned, cp2); - PUTSHORT(NS_TSIG_FUDGE, cp2); - - dst_verify_data(SIG_MODE_UPDATE, state->key, &state->ctx, - buf, (unsigned)(cp2 - buf), NULL, 0); - - n = dst_verify_data(SIG_MODE_FINAL, state->key, &state->ctx, NULL, 0, - sigstart, sigfieldlen); - if (n < 0) - return ISC_R_BADSIG; - - if (sigfieldlen > sizeof(state->sig)) - return ISC_R_BADSIG; - - if (sigfieldlen > sizeof(state->sig)) - return ISC_R_NOSPACE; - - memcpy(state->sig, sigstart, sigfieldlen); - state->siglen = sigfieldlen; - - /* Verify the time. */ - if (abs(timesigned - time(NULL)) > fudge) - return ISC_R_BADTIME; - - *msglen = recstart - msg; - - if (error != NOERROR) - return ns_rcode_to_isc (error); - - return ISC_R_SUCCESS; -} -#endif diff --git a/minires/res_comp.c b/minires/res_comp.c deleted file mode 100644 index 64f179d52..000000000 --- a/minires/res_comp.c +++ /dev/null @@ -1,233 +0,0 @@ -/* - * Copyright (c) 1985, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * Portions Copyright (c) 1993 by Digital Equipment Corporation. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies, and that - * the name of Digital Equipment Corporation not be used in advertising or - * publicity pertaining to distribution of the document or software without - * specific, written prior permission. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL - * WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DIGITAL EQUIPMENT - * CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL - * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR - * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS - * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS - * SOFTWARE. - */ - -/* - * Portions Copyright (c) 2004,2009,2014 by Internet Systems Consortium, Inc. ("ISC") - * Portions Copyright (c) 1996-2003 by Internet Software Consortium - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT - * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - * - * Internet Systems Consortium, Inc. - * 950 Charter Street - * Redwood City, CA 94063 - * - * https://www.isc.org/ - */ - -#include -#include -#include -#include -#include -#include -#include -#include - -#include "minires/minires.h" -#include "arpa/nameser.h" - -/* - * Expand compressed domain name 'comp_dn' to full domain name. - * 'msg' is a pointer to the begining of the message, - * 'eomorig' points to the first location after the message, - * 'exp_dn' is a pointer to a buffer of size 'length' for the result. - * Return size of compressed name or -1 if there was an error. - */ -int -dn_expand(const u_char *msg, const u_char *eom, const u_char *src, - char *dst, unsigned dstsiz) -{ - int n = ns_name_uncompress(msg, eom, src, dst, (size_t)dstsiz); - - if (n > 0 && dst[0] == '.') - dst[0] = '\0'; - return (n); -} - -/* - * Pack domain name 'exp_dn' in presentation form into 'comp_dn'. - * Return the size of the compressed name or -1. - * 'length' is the size of the array pointed to by 'comp_dn'. - */ -int -dn_comp(const char *src, u_char *dst, unsigned dstsiz, - u_char **dnptrs, u_char **lastdnptr) -{ - return (ns_name_compress(src, dst, (size_t)dstsiz, - (const u_char **)dnptrs, - (const u_char **)lastdnptr)); -} - -/* - * Skip over a compressed domain name. Return the size or -1. - */ -int -dn_skipname(const u_char *ptr, const u_char *eom) { - const u_char *saveptr = ptr; - - if (ns_name_skip(&ptr, eom) == -1) - return (-1); - return (ptr - saveptr); -} - -/* - * Verify that a domain name uses an acceptable character set. - */ - -#if 0 -/* - * Note the conspicuous absence of ctype macros in these definitions. On - * non-ASCII hosts, we can't depend on string literals or ctype macros to - * tell us anything about network-format data. The rest of the BIND system - * is not careful about this, but for some reason, we're doing it right here. - */ -#define PERIOD 0x2e -#define hyphenchar(c) ((c) == 0x2d) -#define bslashchar(c) ((c) == 0x5c) -#define periodchar(c) ((c) == PERIOD) -#define asterchar(c) ((c) == 0x2a) -#define alphachar(c) (((c) >= 0x41 && (c) <= 0x5a) \ - || ((c) >= 0x61 && (c) <= 0x7a)) -#define digitchar(c) ((c) >= 0x30 && (c) <= 0x39) - -#define borderchar(c) (alphachar(c) || digitchar(c)) -#define middlechar(c) (borderchar(c) || hyphenchar(c)) -#define domainchar(c) ((c) > 0x20 && (c) < 0x7f) - -int -res_hnok(const char *dn) { - int ppch = '\0', pch = PERIOD, ch = *dn++; - - while (ch != '\0') { - int nch = *dn++; - - if (periodchar(ch)) { - (void)NULL; - } else if (periodchar(pch)) { - if (!borderchar(ch)) - return (0); - } else if (periodchar(nch) || nch == '\0') { - if (!borderchar(ch)) - return (0); - } else { - if (!middlechar(ch)) - return (0); - } - ppch = pch, pch = ch, ch = nch; - } - return (1); -} - -/* - * hostname-like (A, MX, WKS) owners can have "*" as their first label - * but must otherwise be as a host name. - */ -int -res_ownok(const char *dn) { - if (asterchar(dn[0])) { - if (periodchar(dn[1])) - return (res_hnok(dn+2)); - if (dn[1] == '\0') - return (1); - } - return (res_hnok(dn)); -} - -/* - * SOA RNAMEs and RP RNAMEs can have any printable character in their first - * label, but the rest of the name has to look like a host name. - */ -int -res_mailok(const char *dn) { - int ch, escaped = 0; - - /* "." is a valid missing representation */ - if (*dn == '\0') - return (1); - - /* otherwise