local kres -- the module
-ffi = require('ffi')
+local ffi = require('ffi')
local bit = require('bit')
local bor = bit.bor
local band = bit.band
end
end
return records
- end,
+ end,
begin = function (pkt, section) return knot.knot_pkt_begin(pkt, section) end,
put = function (pkt, owner, ttl, rclass, rtype, rdata)
return C.kr_pkt_put(pkt, owner, ttl, rclass, rtype, rdata, #rdata)
},
})
-- Metatype for query
-local ub_t = ffi.typeof('unsigned char *')
local kr_query_t = ffi.typeof('struct kr_query')
ffi.metatype( kr_query_t, {
__index = {
ret = ret:sub(1, -2)
end
if rr.comment then
- ret = ret .. ' ;' .. rr.comment
+ ret = ret .. ' ;' .. rr.comment
end
end
return ret
end
local fs = ffi.new(kr_qflags)
- for k_, name in pairs(names) do
+ for _, name in pairs(names) do
fs[name] = true
end
return fs
-- `env.VAR returns os.getenv(VAR)`
env = {}
setmetatable(env, {
- __index = function (t, k) return os.getenv(k) end
+ __index = function (_, k) return os.getenv(k) end
})
-- Quick access to interfaces
-- Syntactic sugar for module loading
-- `modules.<name> = <config>`
setmetatable(modules, {
- __newindex = function (t,k,v)
- if type(k) == 'number' then k = v v = nil end
+ __newindex = function (_, k, v)
+ if type(k) == 'number' then
+ k, v = v, nil
+ end
if not rawget(_G, k) then
modules.load(k)
k = string.match(k, '[%w_]+')
return setmetatable({ __orig_name_list = nl }, {
__index = defined,
- __newindex = function (t, k, v)
+ __newindex = function (_, k, v)
if __protected[k] then
for k2,v2 in pairs(v) do
defined[k][k2] = v2
return load(code, nil, 't', _ENV)
end
end
- local status, err, chunk
+ local err, chunk
chunk, err = load_code(raw and 'return '..line or 'return table_print('..line..')')
if err then
chunk, err = load_code(line)
function table_print (tt, indent, done)
done = done or {}
indent = indent or 0
- result = ""
+ local result = ""
-- Convert to printable string (escape unprintable)
local function printable(value)
value = tostring(value)
return nil, 'luasec and luasocket needed for root TA bootstrap'
end
local resp = {}
- local r, c, h, s = https.request{
+ local r, c = https.request{
url = url,
cafile = ca,
verify = {'peer', 'fail_if_no_peer_cert' },
-- Plan an event for refreshing the root DNSKEYs and re-scheduling itself
local function refresh_plan(keyset, delay, priming, is_initial)
local owner_str = kres.dname2str(keyset.owner) -- maybe fix converting back and forth?
- keyset.refresh_ev = event.after(delay, function (ev)
+ keyset.refresh_ev = event.after(delay, function ()
resolve(owner_str, kres.type.DNSKEY, kres.class.IN, 'NO_CACHE',
function (pkt)
-- Schedule itself with updated timeout
if pkt:rcode() == kres.rcode.NOERROR then
local records = pkt:section(kres.section.ANSWER)
local new_keys = {}
- for i, rr in ipairs(records) do
+ for _, rr in ipairs(records) do
if rr.type == kres.type.DNSKEY then
table.insert(new_keys, rr)
end
end
-- Calculate refresh/retry timer (RFC 5011, 2.3)
local min_ttl = retry and day or 15 * day
- for i, rr in ipairs(keyset) do -- 10 or 50% of the original TTL
+ for _, rr in ipairs(keyset) do -- 10 or 50% of the original TTL
min_ttl = math.min(min_ttl, (retry and 100 or 500) * rr.ttl)
end
return math.max(hour, min_ttl)
-- For each RR, parse .state and .timer from .comment.
local function keyset_parse_comments(tas, default_state)
- for _k, ta in pairs(tas) do
+ for _, ta in pairs(tas) do
ta.state = default_state
if ta.comment then
string.gsub(ta.comment, '^%s*(%a+):(%d*)', function (state, time)
end
end
- for _k, ta in pairs(tas) do
+ for _, ta in pairs(tas) do
ta.key_tag = C.kr_dnssec_key_tag(ta.type, ta.rdata, #ta.rdata)
end
return tas
local store = kres.context().trust_anchors
local count = 0
C.kr_ta_del(store, keyset.owner)
- for i, ta in ipairs(keyset) do
+ for _, ta in ipairs(keyset) do
-- Key MAY be used as a TA only in these two states (RFC5011, 4.2)
if ta.state == key_state.Valid or ta.state == key_state.Missing then
if C.kr_ta_add(store, ta.owner, ta.type, ta.ttl, ta.rdata, #ta.rdata) == 0 then
local hold_down = (keyset.hold_down_time or trust_anchors.hold_down_time) / 1000
local keepset = {}
local keep_removed = keyset.keep_removed or trust_anchors.keep_removed
- for i, ta in ipairs(keyset) do
+ for _, ta in ipairs(keyset) do
local keep = true
if not ta_find(new_keys, ta) then
-- Ad-hoc: RFC 5011 doesn't mention removing a Missing key.
end
end
-- 2: remove all TAs - other settings etc. will remain in the keyset
- for i, ta in ipairs(keyset) do
+ for i, _ in ipairs(keyset) do
keyset[i] = nil
end
-- 3: move TAs to be kept into the keyset (same indices)
for k, ta in pairs(keepset) do
keyset[k] = ta
end
- keepset = nil
-- Evaluate new TAs
- for i, rr in ipairs(new_keys) do
+ for _, rr in ipairs(new_keys) do
if (rr.type == kres.type.DNSKEY or rr.type == kres.type.DS) and rr.rdata ~= nil then
ta_present(keyset, rr, hold_down, is_initial)
end
error('[ ta ] ERROR: failed to read anchors from path ' .. path)
end
local owner = keyset[1].owner
- for i, ta in ipairs(keyset) do
+ for _, ta in ipairs(keyset) do
if ta.owner ~= owner then
error('[ ta ] ERROR: mixed owner names found in path ' .. path)
end
projects / thirdparty / knot-resolver.git / commitdiff
