code review #2: Rename serial_arithmitics_gmtime_r to ldns_serial_arithmitics_gmtime_r (and all the other added functions in util.h) and add to ldns_symbols.def.
code review #3: Comment swap of ldns_dnssec_verify_denial_nsec3_match, ldns_verify_rrsig_buffers and ldns_dnssec_verify_denial_nsec3
code review #4: Finishing the sentence in the comment about opt-out handling in function ldns_dnssec_create_nsec3.
code review #5: Just do rd-strlen = strlen(rd) once in rr.c
code review #6: Moved setting of output variables from acx_nlnetlabs.m4 to configure.ac so acx_nlnetlabs.m4 doesn't have to be merged into NSD and Unbound.
AC_MSG_RESULT($ac_cv_c_format_attribute)
if test $ac_cv_c_format_attribute = yes; then
AC_DEFINE(HAVE_ATTR_FORMAT, 1, [Whether the C compiler accepts the "format" attribute])
- AC_SUBST(ldns_build_config_have_attr_format, 1)
-else
- AC_SUBST(ldns_build_config_have_attr_format, 0)
fi
])dnl End of ACX_CHECK_FORMAT_ATTRIBUTE
AC_MSG_RESULT($ac_cv_c_unused_attribute)
if test $ac_cv_c_unused_attribute = yes; then
AC_DEFINE(HAVE_ATTR_UNUSED, 1, [Whether the C compiler accepts the "unused" attribute])
- AC_SUBST(ldns_build_config_have_attr_unused, 1)
-else
- AC_SUBST(ldns_build_config_have_attr_unused, 0)
fi
])dnl
else
AC_SUBST(ldns_build_config_have_ssl, 0)
fi
+if test "x$ac_cv_c_format_attribute" = "xyes"; then
+ AC_SUBST(ldns_build_config_have_attr_format, 1)
+else
+ AC_SUBST(ldns_build_config_have_attr_format, 0)
+fi
+if test "x$ac_cv_c_unused_attribute" = "xyes"; then
+ AC_SUBST(ldns_build_config_have_attr_unused, 1)
+else
+ AC_SUBST(ldns_build_config_have_attr_unused, 0)
+fi
AC_CONFIG_FILES([Makefile ldns/common.h ldns/net.h ldns/util.h packaging/libldns.pc packaging/ldns-config])
while (cur_rrsets) {
/* Do not include obscured rrsets on the delegation point
* in the type bitmap. Potentionally not skipping insecure
- * delegation should have been done earlier, in
- *
+ * delegation should have been done earlier, in function
+ * ldns_dnssec_zone_create_nsec3s, or even earlier in:
+ * ldns_dnssec_zone_sign_nsec3_flg .
*/
if ( ( on_delegation_point && (
cur_rrsets->type == LDNS_RR_TYPE_NS
for(i = 0; i < ldns_rr_list_rr_count(rrsig_type); i++) {
memset(&incep, 0, sizeof(incep));
- if (serial_arithmitics_gmtime_r(
+ if (ldns_serial_arithmitics_gmtime_r(
ldns_rdf2native_time_t(
ldns_rr_rrsig_inception(
ldns_rr_list_rr(rrsig_type, i))),
incep_buf[0] = '\0';
}
memset(&expir, 0, sizeof(expir));
- if (serial_arithmitics_gmtime_r(
+ if (ldns_serial_arithmitics_gmtime_r(
ldns_rdf2native_time_t(
ldns_rr_rrsig_expiration(
ldns_rr_list_rr(rrsig_type, i))),
printf("Error: the NSEC record for ");
ldns_rdf_print(stdout, name->name);
printf(" points to the wrong next owner name\n");
- printf(" : ");
- ldns_rdf_print(stdout, ldns_rr_rdf(name->nsec, 0));
- printf(" i.s.o. ");
- ldns_rdf_print(stdout, next_name->name);
- printf(".\n");
+ if (verbosity >= 4) {
+ printf(" : ");
+ ldns_rdf_print(stdout,ldns_rr_rdf(name->nsec, 0));
+ printf(" i.s.o. ");
+ ldns_rdf_print(stdout, next_name->name);
+ printf(".\n");
+ }
if (result == LDNS_STATUS_OK) {
result = LDNS_STATUS_ERR;
}
char date_buf[16];
memset(&tm, 0, sizeof(tm));
- if (serial_arithmitics_gmtime_r(ldns_rdf2native_int32(rdf), time(NULL), &tm)
+ if (ldns_serial_arithmitics_gmtime_r(ldns_rdf2native_int32(rdf), time(NULL), &tm)
&& strftime(date_buf, 15, "%Y%m%d%H%M%S", &tm)) {
ldns_buffer_printf(output, "%s", date_buf);
}
bool packet_nodata);
/**
- * Verifies the already processed data in the buffers
- * This function should probably not be used directly.
+ * Same as ldns_status ldns_dnssec_verify_denial_nsec3 but also returns
+ * the nsec rr that matched.
*
- * \param[in] rawsig_buf Buffer containing signature data to use
- * \param[in] verify_buf Buffer containing data to verify
- * \param[in] key_buf Buffer containing key data to use
- * \param[in] algo Signing algorithm
- * \return status LDNS_STATUS_OK if the data verifies. Error if not.
+ * \param[in] rr The (query) RR to check the denial of existence for
+ * \param[in] nsecs The list of NSEC3 RRs that are supposed to deny the
+ * existence of the RR
+ * \param[in] rrsigs The RRSIG rr covering the NSEC RRs
+ * \param[in] packet_rcode The RCODE value of the packet that provided the
+ * NSEC3 RRs
+ * \param[in] packet_qtype The original query RR type
+ * \param[in] packet_nodata True if the providing packet had an empty ANSWER
+ * section
+ * \param[in] ldns_rr On match, the given (reference to a) pointer will be set
+ * to point to the matching nsec resource record.
+ * \return LDNS_STATUS_OK if the NSEC3 RRs deny the existence, error code
+ * containing the reason they do not otherwise
*/
ldns_status ldns_dnssec_verify_denial_nsec3_match(ldns_rr *rr,
- ldns_rr_list *nsecs,
- ldns_rr_list *rrsigs,
- ldns_pkt_rcode packet_rcode,
- ldns_rr_type packet_qtype,
- bool packet_nodata,
- ldns_rr **match);
+ ldns_rr_list *nsecs,
+ ldns_rr_list *rrsigs,
+ ldns_pkt_rcode packet_rcode,
+ ldns_rr_type packet_qtype,
+ bool packet_nodata,
+ ldns_rr **match);
/**
- * Same as ldns_status ldns_dnssec_verify_denial_nsec3 but also returns
- * the nsec rr that matched.
+ * Verifies the already processed data in the buffers
* This function should probably not be used directly.
*
* \param[in] rawsig_buf Buffer containing signature data to use
* \param[in] algo Signing algorithm
* \return status LDNS_STATUS_OK if the data verifies. Error if not.
*/
-
-
ldns_status ldns_verify_rrsig_buffers(ldns_buffer *rawsig_buf,
ldns_buffer *verify_buf,
ldns_buffer *key_buf,
* That number of seconds is then converted to broken-out time information.
* This is especially usefull when converting the inception and expiration
* fields of RRSIG records.
+ *
* \param[in] time number of seconds since epoch (midnight, January 1st, 1970)
- * to be intepreted as a serial arithmitics number relative to now.
+ * to be intepreted as a serial arithmitics number relative to now.
* \param[in] now number of seconds since epoch (midnight, January 1st, 1970)
- * to which the time value is compared to determine the final value.
+ * to which the time value is compared to determine the final value.
* \param[out] result the struct with the broken-out time information
* \return result on success or NULL on error
*/
-struct tm * serial_arithmitics_gmtime_r(int32_t time, time_t now, struct tm *result);
+struct tm * ldns_serial_arithmitics_gmtime_r(int32_t time, time_t now, struct tm *result);
/**
* Seed the random function.
ldns_rr_uncompressed_size
ldns_send
ldns_send_buffer
+ldns_serial_arithmitics_gmtime_r
ldns_set_bit
ldns_sha1
ldns_sha1_final
ldns_rr_free(new);
return LDNS_STATUS_SYNTAX_RDATA_ERR;
}
- rd_strlen = strlen(rd);
rd_strlen = strlen(rd);
strncpy(hex_data_str + cur_hex_data_size, rd, rd_strlen);
cur_hex_data_size += rd_strlen;
#if SIZEOF_TIME_T <= 4
-void
-year_and_yday_from_days_since_epoch(int64_t days, struct tm *result)
+static void
+ldns_year_and_yday_from_days_since_epoch(int64_t days, struct tm *result)
{
int year = 1970;
int new_year;
31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31
};
-void
-mon_and_mday_from_year_and_yday(struct tm *result)
+static void
+ldns_mon_and_mday_from_year_and_yday(struct tm *result)
{
int idays = result->tm_yday;
const int *mon_lengths = is_leap_year(result->tm_year) ?
result->tm_mday = idays + 1;
}
-void
-wday_from_year_and_yday(struct tm *result)
+static void
+ldns_wday_from_year_and_yday(struct tm *result)
{
result->tm_wday = 4 /* 1-1-1970 was a thursday */
+ ((result->tm_year - 1970) % 7) * (365 % 7)
}
}
-struct tm *
+static struct tm *
ldns_gmtime64_r(int64_t clock, struct tm *result)
{
result->tm_isdst = 0;
result->tm_hour = (int) (clock % 24);
clock /= 24;
- year_and_yday_from_days_since_epoch(clock, result);
- mon_and_mday_from_year_and_yday(result);
- wday_from_year_and_yday(result);
+ ldns_year_and_yday_from_days_since_epoch(clock, result);
+ ldns_mon_and_mday_from_year_and_yday(result);
+ ldns_wday_from_year_and_yday(result);
result->tm_year -= 1900;
return result;
#endif /* SIZEOF_TIME_T <= 4 */
-int64_t
-serial_arithmitics_time(int32_t time, time_t now)
+static int64_t
+ldns_serial_arithmitics_time(int32_t time, time_t now)
{
int32_t offset = time - (int32_t) now;
return (int64_t) now + offset;
struct tm *
-serial_arithmitics_gmtime_r(int32_t time, time_t now, struct tm *result)
+ldns_serial_arithmitics_gmtime_r(int32_t time, time_t now, struct tm *result)
{
#if SIZEOF_TIME_T <= 4
- int64_t secs_since_epoch = serial_arithmitics_time(time, now);
+ int64_t secs_since_epoch = ldns_serial_arithmitics_time(time, now);
return ldns_gmtime64_r(secs_since_epoch, result);
#else
- time_t secs_since_epoch = serial_arithmitics_time(time, now);
+ time_t secs_since_epoch = ldns_serial_arithmitics_time(time, now);
return gmtime_r(&secs_since_epoch, result);
#endif
}
projects / thirdparty / ldns.git / commitdiff
