util/configlexer.c: $(srcdir)/util/configlexer.lex util/configparser.h
$(INFO) Lex $<
ifeq "$(strip $(LEX))" ":"
- $Qecho "Need to rebuild lexer, but no lex program"
- exit 1
+ $Qecho "rebuild lexer, but no lex program, skipped"
else
@if test ! -d util; then $(INSTALL) -d util; fi
$Qecho "#include \"util/configyyrename.h\"" > $@
* @param debug_mode: if set, do not daemonize.
*/
static void
-run_daemon(const char* cfgfile, int cmdline_verbose, int debug_mode)
+run_daemon(char* cfgfile, int cmdline_verbose, int debug_mode)
{
struct config_file* cfg = NULL;
struct daemon* daemon = NULL;
main(int argc, char* argv[])
{
int c;
- const char* cfgfile = NULL;
+ char* cfgfile = NULL;
int cmdline_verbose = 0;
int debug_mode = 0;
and config.h.in.
- added yacc/lex generated files, util/configlexer.c,
util/configparser.c util/configparser.h, to svn.
+ - without lex no attempt to use it.
+ - unsecure response validation collated into one block.
+ - remove warning about const cast of cfgfile name.
18 October 2007: Wouter
- addresses are logged with errors.
}
int
-config_read(struct config_file* cfg, const char* filename)
+config_read(struct config_file* cfg, char* filename)
{
FILE *in;
if(!filename)
log_err("Could not open %s: %s", filename, strerror(errno));
return 0;
}
- create_cfg_parser(cfg, (char*)filename);
+ create_cfg_parser(cfg, filename);
ub_c_in = in;
ub_c_parse();
fclose(in);
/* This is the default next state. */
vq->state = VAL_FINISHED_STATE;
+ /* Unsigned responses must be underneath a "null" key entry.*/
+ if(key_entry_isnull(vq->key_entry)) {
+ verbose(VERB_ALGO, "Verified that %sresponse is INSECURE",
+ vq->signer_name?"":"unsigned ");
+ vq->chase_reply->security = sec_status_insecure;
+ val_mark_insecure(vq->chase_reply, vq->key_entry,
+ qstate->env->rrset_cache);
+ return 1;
+ }
+
/* signerName being null is the indicator that this response was
* unsigned */
if(vq->signer_name == NULL) {
log_query_info(VERB_ALGO, "processValidate: state has no "
"signer name", &vq->qchase);
- /* Unsigned responses must be underneath a "null" key entry.*/
- if(key_entry_isnull(vq->key_entry)) {
- verbose(VERB_ALGO, "Unsigned response was proven to "
- "be validly INSECURE");
- vq->chase_reply->security = sec_status_insecure;
- val_mark_insecure(vq->chase_reply, vq->key_entry,
- qstate->env->rrset_cache);
- return 1;
- }
verbose(VERB_DETAIL, "Could not establish validation of "
"INSECURE status of unsigned response.");
vq->chase_reply->security = sec_status_bogus;
return 1;
}
- if(key_entry_isnull(vq->key_entry)) {
- verbose(VERB_ALGO, "Verified that response is INSECURE");
- vq->chase_reply->security = sec_status_insecure;
- val_mark_insecure(vq->chase_reply, vq->key_entry,
- qstate->env->rrset_cache);
- return 1;
- }
-
/* check signatures in the message;
* answer and authority must be valid, additional is only checked. */
if(!validate_msg_signatures(qstate->env, ve, &vq->qchase,
projects / thirdparty / unbound.git / commitdiff
