# Improvements to template detection may make this option obsolete.
tok_split_gte = false # false/true
-# Control what to do with the UTF-8 BOM (recommed 'remove')
+# Control what to do with the UTF-8 BOM (recommend 'remove')
utf8_bom = ignore # ignore/add/remove/force
# If the file only contains chars between 128 and 255 and is not UTF-8, then output as UTF-8
# Will substitute $(class) with the class name.
cmt_insert_class_header = "" # string
-# The filename that contains text to insert before a Obj-C message specification if the method isn't preceeded with a C/C++ comment.
+# The filename that contains text to insert before a Obj-C message specification if the method isn't preceded with a C/C++ comment.
# Will substitute $(message) with the function name and $(javaparam) with the javadoc @param and @return stuff.
cmt_insert_oc_msg_header = "" # string
close all open sockets during shutdown. [GL #1312]
5324. [bug] Change the category of some log messages from general
- to the more appopriate catergory of xfer-in. [GL #1394]
+ to the more appropriate catergory of xfer-in. [GL #1394]
5323. [bug] Fix a bug in DNSSEC trust anchor verification.
[GL !2609]
See the ARM for configuration details. [GL #1134]
-5315. [bug] Apply the inital RRSIG expiration spread fixed
+5315. [bug] Apply the initial RRSIG expiration spread fixed
to all dynamically created records in the zone
including NSEC3. Also fix the signature clusters
when the server has been offline for prolonged
5170. [test] Added --with-dlz-filesystem to feature-test. [GL !1587]
-5169. [bug] The presence of certain types in an otherwise
+5169. [bug] The presense of certain types in an otherwise
empty node could cause a crash while processing a
type ANY query. [GL #901]
4965. [func] Add support for marking options as deprecated.
[GL #322]
-4964. [bug] Reduce the probabilty of double signature when deleting
+4964. [bug] Reduce the probability of double signature when deleting
a DNSKEY by checking if the node is otherwise signed
by the algorithm of the key to be deleted. [GL #240]
for unsigned zones since change 4596. [GL #209]
4945. [func] BIND can no longer be built without DNSSEC support.
- A cryptography provder (i.e., OpenSSL or a hardware
+ A cryptography provider (i.e., OpenSSL or a hardware
service module with PKCS#11 support) must be
available. [GL #244]
dig (+[no]raflag, +[no]tcflag). [GL #213]
4928. [func] The "dnskey-sig-validity" option allows
- "sig-validity-interval" to be overriden for signatures
+ "sig-validity-interval" to be overridden for signatures
covering DNSKEY RRsets. [GL #145]
4927. [placeholder]
[RT #46725]
4831. [bug] Convert the RRSIG expirytime to 64 bits for
- comparisions in diff.c:resign. [RT #46710]
+ comparisons in diff.c:resign. [RT #46710]
4830. [bug] Failure to configure ATF when requested did not cause
an error in top-level configure script. [RT #46655]
used to append a formatted string to the used region of
a buffer. [RT #46201]
-4766. [cleanup] Addresss Coverity warnings. [RT #46150]
+4766. [cleanup] Address Coverity warnings. [RT #46150]
4765. [bug] Address potential INSIST in dnssec-cds. [RT #46150]
4719. [bug] Address PVS static analyzer warnings. [RT #45946]
-4718. [func] Avoid seaching for a owner name compression pointer
+4718. [func] Avoid searching for a owner name compression pointer
more than once when writing out a RRset. [RT #45802]
4717. [bug] Treat replies with QCOUNT=0 as truncated if TC=1,
3518. [bug] Increase the size of dns_rrl_key.s.rtype by one bit
so that all dns_rrl_rtype_t enum values fit regardless
- of whether it is teated as signed or unsigned by
+ of whether it is treated as signed or unsigned by
the compiler. [RT #32792]
3517. [bug] Reorder destruction to avoid shutdown race. [RT #32777]
--- 9.9.0b1 released ---
-3186. [bug] Version/db mis-match in rpz code. [RT #26180]
+3186. [bug] Version/db mismatch in rpz code. [RT #26180]
3185. [func] New 'rndc signing' option for auto-dnssec zones:
- 'rndc signing -list' displays the current
2998. [func] Add isc_task_beginexclusive and isc_task_endexclusive
to the task api. [RT #22776]
-2997. [func] named -V now reports the OpenSSL and libxml2 verions
+2997. [func] named -V now reports the OpenSSL and libxml2 versions
it was compiled against. [RT #22687]
2996. [security] Temporarily disable SO_ACCEPTFILTER support.
2096. [bug] libbind: handle applications that fail to detect
res_init() failures better.
-2095. [port] libbind: alway prototype inet_cidr_ntop_ipv6() and
+2095. [port] libbind: always prototype inet_cidr_ntop_ipv6() and
net_cidr_ntop_ipv6(). [RT #16388]
2094. [contrib] Update named-bootconf. [RT #16404]
2076. [bug] Several files were missing #include <config.h>
causing build failures on OSF. [RT #16341]
-2075. [bug] The spillat timer event hander could leak memory.
+2075. [bug] The spillat timer event handler could leak memory.
[RT #16357]
2074. [bug] dns_request_createvia2(), dns_request_createvia3(),
failure while cleaning up a stale rdataset.
[RT #16292]
-2058. [bug] Adjust how we calculate rtt estimates in the presence
+2058. [bug] Adjust how we calculate rtt estimates in the presense
of authoritative servers that drop EDNS and/or CD
requests. Also fallback to EDNS/512 and plain DNS
faster for zones with less than 3 servers. [RT #16187]
1831. [doc] Update named-checkzone documentation. [RT #13604]
-1830. [bug] adb lame cache has sence of test reversed. [RT #13600]
+1830. [bug] adb lame cache has sense of test reversed. [RT #13600]
1829. [bug] win32: "pid-file none;" broken. [RT #13563]
1796. [func] "rndc freeze/thaw" now freezes/thaws all zones.
1795. [bug] "rndc dumpdb" was not fully documented. Minor
- formating issues with "rndc dumpdb -all". [RT #13396]
+ formatting issues with "rndc dumpdb -all". [RT #13396]
1794. [func] Named and named-checkzone can now both check for
non-terminal wildcard records.
acl.
1393. [port] Bind to individual IPv6 interfaces if IPV6_IPV6ONLY
- is not available in the kernel to prevent accidently
+ is not available in the kernel to prevent accidentally
listening on IPv4 interfaces.
1392. [bug] named-checkzone: update usage.
839. [func] Dump packets for which there was no view or that the
class could not be determined to category "unmatched".
- 838. [port] UnixWare 7.x.x is now suported by
+ 838. [port] UnixWare 7.x.x is now supported by
bin/tests/system/ifconfig.sh.
837. [cleanup] Multi-threading is now enabled by default only on
blocking.
772. [bug] Owner names could be incorrectly omitted from cache
- dumps in the presence of negative caching entries.
+ dumps in the presense of negative caching entries.
[RT #991]
771. [cleanup] TSIG errors related to unsynchronized clocks
lock in certain error cases.
18. [bug] Use AC_TRY_LINK rather than AC_TRY_COMPILE in
- configure.in to check for presence of in6addr_any.
+ configure.in to check for presense of in6addr_any.
17. [func] Do configuration file post-load validation of zones.
security issues so please encrypt your communications to us if possible,
using the ISC Security Officer public key.
-Do not discuss undisclosed security vulnerabilites on any public mailing
+Do not discuss undisclosed security vulnerabilities on any public mailing
list. ISC has a long history of handling reported vulnerabilities promptly
and effectively and we respect and acknowledge responsible reporters.
security issues so please encrypt your communications to us if possible,
using the [ISC Security Officer public key](https://www.isc.org/downloads/software-support-policy/openpgp-key/).
-Do not discuss undisclosed security vulnerabilites on any public mailing list.
+Do not discuss undisclosed security vulnerabilities on any public mailing list.
ISC has a long history of handling reported vulnerabilities promptly and
effectively and we respect and acknowledge responsible reporters.
* dig: report the number of extra bytes still left in the packet after
processing all the records.
* Support for IPSECKEY rdata type.
- * Raise the UDP recieve buffer size to 32k if it is less than 32k.
- * x86 and x86_64 now have seperate atomic locking implementations.
+ * Raise the UDP receive buffer size to 32k if it is less than 32k.
+ * x86 and x86_64 now have separate atomic locking implementations.
* named-checkconf now validates update-policy entries.
* Attempt to make the amount of work performed in a iteration self
tuning. The covers nodes clean from the cache per iteration, nodes
* dig now warns if 'RA' is not set in the answer when 'RD' was set in
the query. host/nslookup skip servers that fail to set 'RA' when 'RD'
is set unless a server is explicitly set.
- * Integrate contibuted DLZ code into named.
- * Integrate contibuted IDN code from JPNIC.
+ * Integrate contributed DLZ code into named.
+ * Integrate contributed IDN code from JPNIC.
* libbind: corresponds to that from BIND 8.4.7.
BIND 9.3.0
- dig: report the number of extra bytes still left in the packet after
processing all the records.
- Support for IPSECKEY rdata type.
-- Raise the UDP recieve buffer size to 32k if it is less than 32k.
-- x86 and x86_64 now have seperate atomic locking implementations.
+- Raise the UDP receive buffer size to 32k if it is less than 32k.
+- x86 and x86_64 now have separate atomic locking implementations.
- named-checkconf now validates update-policy entries.
- Attempt to make the amount of work performed in a iteration self tuning.
The covers nodes clean from the cache per iteration, nodes written to
- dig now warns if 'RA' is not set in the answer when 'RD' was set in the
query. host/nslookup skip servers that fail to set 'RA' when 'RD' is set
unless a server is explicitly set.
-- Integrate contibuted DLZ code into named.
-- Integrate contibuted IDN code from JPNIC.
+- Integrate contributed DLZ code into named.
+- Integrate contributed IDN code from JPNIC.
- libbind: corresponds to that from BIND 8.4.7.
#### BIND 9.3.0
dnl PKG_CHECK_MODULES(), but does not set variables or print errors.
dnl
dnl Please remember that m4 expands AC_REQUIRE([PKG_PROG_PKG_CONFIG])
-dnl only at the first occurence in configure.ac, so if the first place
+dnl only at the first occurrence in configure.ac, so if the first place
dnl it's called might be skipped (such as if it is within an "if", you
dnl have to call PKG_CHECK_EXISTS manually
AC_DEFUN([PKG_CHECK_EXISTS],
}
/*
- * If we are outputing to stdout then send the informational
+ * If we are printing to stdout then send the informational
* output to stderr.
*/
if (dumpzone &&
.PP
The
\fBdnssec\-cds\fR
-command uses special DNSSEC validation logic specified by RFC 7344\&. It requires that the CDS and/or CDNSKEY records are validly signed by a key represented in the existing DS records\&. This will typicially be the pre\-existing key\-signing key (KSK)\&.
+command uses special DNSSEC validation logic specified by RFC 7344\&. It requires that the CDS and/or CDNSKEY records are validly signed by a key represented in the existing DS records\&. This will typically be the pre\-existing key\-signing key (KSK)\&.
.PP
For protection against replay attacks, the signatures on the child records must not be older than they were on a previous run of
\fBdnssec\-cds\fR\&. This time is obtained from the modification time of the
}
/*
- * Sucessfully do nothing if there's neither CDNSKEY nor CDS
+ * Successfully do nothing if there's neither CDNSKEY nor CDS
* RFC 7344 section 4.1 first paragraph
*/
if (!dns_rdataset_isassociated(&cdnskey_set) &&
The <command>dnssec-cds</command> command uses special DNSSEC
validation logic specified by RFC 7344. It requires that the CDS
and/or CDNSKEY records are validly signed by a key represented in the
- existing DS records. This will typicially be the pre-existing
+ existing DS records. This will typically be the pre-existing
key-signing key (KSK).
</para>
<para>
The <span class="command"><strong>dnssec-cds</strong></span> command uses special DNSSEC
validation logic specified by RFC 7344. It requires that the CDS
and/or CDNSKEY records are validly signed by a key represented in the
- existing DS records. This will typicially be the pre-existing
+ existing DS records. This will typically be the pre-existing
key-signing key (KSK).
</p>
<p>
.PP
\fB"increment"\fR
.RS 4
-Increment the SOA serial number using RFC 1982 arithmetics\&.
+Increment the SOA serial number using RFC 1982 arithmetic\&.
.RE
.PP
\fB"unixtime"\fR
size_t entries = l->entries;
/*
- * Skip initial speculative wild card hashs.
+ * Skip initial speculative wild card hashes.
*/
while (entries > 0U && next[l->length - 1] != 0U) {
next += l->length;
/*
* See if the node contains any non RRSIG/NSEC records and report to
- * caller. Clean out extranous RRSIG records for node.
+ * caller. Clean out extraneous RRSIG records for node.
*/
static inline bool
active_node(dns_dbnode_t *node) {
/* Set SOA serial to the value provided. */
new_serial = serial;
} else {
- /* Increment SOA serial using RFC 1982 arithmetics */
+ /* Increment SOA serial using RFC 1982 arithmetic */
new_serial = (old_serial + 1) & 0xFFFFFFFF;
if (new_serial == 0) {
new_serial = 1;
salt_len, false);
dns_db_detachnode(gdb, &node);
/*
- * Add hashs for empty nodes. Use closest encloser logic.
+ * Add hashes for empty nodes. Use closest encloser logic.
* The closest encloser either has data or is a empty
* node for another <name,nextname> span so we don't add
* it here. Empty labels on nextname are within the span.
<term><command>"increment"</command></term>
<listitem>
<para>Increment the SOA serial number using RFC 1982
- arithmetics.</para>
+ arithmetic.</para>
</listitem>
</varlistentry>
<dt><span class="term"><span class="command"><strong>"increment"</strong></span></span></dt>
<dd>
<p>Increment the SOA serial number using RFC 1982
- arithmetics.</p>
+ arithmetic.</p>
</dd>
<dt><span class="term"><span class="command"><strong>"unixtime"</strong></span></span></dt>
<dd>
usage();
}
isc_commandline_argument = argv[isc_commandline_index];
- /* skip to next arguement */
+ /* skip to next argument */
isc_commandline_index++;
return (true);
}
/*
* We have ncpus network threads, ncpus worker threads, ncpus
* old network threads - make it 4x just to be safe. The memory
- * impact is neglible.
+ * impact is negligible.
*/
isc_hp_init(4 * named_g_cpus);
named_g_nm = isc_nm_start(named_g_mctx, named_g_cpus);
* When the view's configuration changes, the cached data may become
* invalid because it reflects our old view of the world. We check
* some of the configuration parameters that could invalidate the cache
- * or otherwise make it unsharable, but there are other configuration
+ * or otherwise make it unshareable, but there are other configuration
* options that should be checked. For example, if a view uses a
* forwarder, changes in the forwarder configuration may invalidate
* the cache. At the moment, it's the administrator's responsibility to
}
/*
- * Determing the default DSCP code point.
+ * Determining the default DSCP code point.
*/
CHECKM(named_config_getdscp(config, &named_g_dscp), "dscp");
dnstapstats_index[i++] = dns_dnstapcounter_##counterid; \
} while (0)
i = 0;
- SET_DNSTAPSTATDESC(success, "dnstap messges written", "DNSTAPsuccess");
+ SET_DNSTAPSTATDESC(success, "dnstap messages written", "DNSTAPsuccess");
SET_DNSTAPSTATDESC(drop, "dnstap messages dropped", "DNSTAPdropped");
INSIST(i == dns_dnstapcounter_max);
key=lambda event: event.when)
# scan events per zone, algorithm, and key type, in order of
- # occurrance, noting inconsistent states when found
+ # occurrence, noting inconsistent states when found
def coverage(self, zone, keytype, until, output = None):
def noop(*args, **kwargs): pass
if not output:
lookup("moghedien.flame.org."); /* should fetch */
lookup("mailrelay.flame.org."); /* should fetch */
lookup("ipv4v6.flame.org."); /* should fetch */
- lookup("nonexistant.flame.org."); /* should fail to be found */
+ lookup("nonexistent.flame.org."); /* should fail to be found */
lookup("foobar.badns.flame.org."); /* should fail utterly (NS) */
lookup("i.root-servers.net."); /* Should be in hints */
lookup("www.firstcard.com.");
lookup("moghedien.flame.org."); /* should fetch */
lookup("mailrelay.flame.org."); /* should fetch */
lookup("ipv4v6.flame.org."); /* should fetch */
- lookup("nonexistant.flame.org."); /* should fail to be found */
+ lookup("nonexistent.flame.org."); /* should fail to be found */
lookup("foobar.badns.flame.org."); /* should fail utterly (NS) */
lookup("i.root-servers.net."); /* Should be in hints */
CUNLOCK();
UNUSED(argv);
/*
- * Verify that returned values are reproducable.
+ * Verify that returned values are reproducible.
*/
isc_lfsr_init(&lfsr1, 0, 32, 0x80000057U, 0, NULL, NULL);
for (i = 0; i < 32; i++) {
printf("\n");
} else {
if (result != ISC_R_NOMORE) {
- printf("UNEXEPCTED ITERATION ERROR: %s",
+ printf("UNEXPECTED ITERATION ERROR: %s",
dns_result_totext(result));
}
break;
ERRCONT(result, "dns_name_fromtext");
result = dns_db_find(db, dns_fixedname_name(&name),
- NULL /*vesion*/, dns_rdatatype_a,
+ NULL /*version*/, dns_rdatatype_a,
0 /*options*/, 0 /*time*/, NULL /*nodep*/,
dns_fixedname_name(&found), &rdataset,
&sigset);
pk11_result_register();
- /* Allocate hanles */
+ /* Allocate handles */
hKey = (CK_SESSION_HANDLE *)malloc(count * sizeof(CK_SESSION_HANDLE));
if (hKey == NULL) {
perror("malloc");
pk11_result_register();
- /* Allocate hanles */
+ /* Allocate handles */
pubKey = (CK_SESSION_HANDLE *)malloc(count * sizeof(CK_SESSION_HANDLE));
if (pubKey == NULL) {
perror("malloc");
pk11_result_register();
- /* Allocate hanles */
+ /* Allocate handles */
hKey = (CK_SESSION_HANDLE *)malloc(count * sizeof(CK_SESSION_HANDLE));
if (hKey == NULL) {
perror("malloc");
pk11_result_register();
- /* Allocate hanles */
+ /* Allocate handles */
hKey = (CK_SESSION_HANDLE *)malloc(count * sizeof(CK_SESSION_HANDLE));
if (hKey == NULL) {
perror("malloc");
n=0
n=`expr $n + 1`
-echo_i "wait for zones to finish transfering to ns2 ($n)"
+echo_i "wait for zones to finish transferring to ns2 ($n)"
for i in 1 2 3 4 5 6 7 8 9 10
do
ret=0
# This number has been tuned for `sig-validity-interval 10 2`, as
# 1. 1. signature expiration dates should be spread out across at most 8 (10-2) days
# 2. we remove first and last day to remove frequency outlier, we are left with 6 (8-2) days
- # 3. we substract one more day to allow test pass on day boundaries, etc. leaving us with 5 (6-1) days
+ # 3. we subtract one more day to allow test pass on day boundaries, etc. leaving us with 5 (6-1) days
for _num in $_expiretimes
do
_count=$((_count+1))
status=`expr $status + $ret`
n=`expr $n + 1`
-echo_i "check SOA owner case is transfered to slave ($n)"
+echo_i "check SOA owner case is transferred to slave ($n)"
ret=0
$DIG $DIGOPTS axfr dynamic @10.53.0.2 > dig.ns2.test$n
digcomp dig.ns2.test$n postupdate.good || ret=1
status=`expr $status + $ret`
n=`expr $n + 1`
-echo_i "check A owner case is transfered to slave ($n)"
+echo_i "check A owner case is transferred to slave ($n)"
ret=0
$DIG $DIGOPTS axfr dynamic @10.53.0.2 > dig.ns2.test$n
digcomp dig.ns2.test$n postns1.good || ret=1
#
# examples: for the answer set "cname, cname, cname", an rr set
# '1, s1, 2, s2, 3, s3, 4, s4' indicates that all four RRs should
-# be included in the answer, with siagntures, in the origninal
+# be included in the answer, with siagntures, in the original
# order, while 4, s4, 3, s3, 2, s2, 1, s1' indicates the order
# should be reversed, 's3, s3, s3, s3' indicates that the third
# RRSIG should be repeated four times and everything else should
status=`expr $status + $ret`
n=`expr $n + 1`
-echo_i "checking CNAME to signed external delgation is handled ($n)"
+echo_i "checking CNAME to signed external delegation is handled ($n)"
ret=0
$RNDCCMD 10.53.0.7 null --- start test$n --- 2>&1 | sed 's/^/ns7 /' | cat_i
$DIG $DIGOPTS @10.53.0.7 c.example > dig.out.$n
status=`expr $status + $ret`
n=`expr $n + 1`
-echo_i "checking CNAME to signed internal delgation is handled ($n)"
+echo_i "checking CNAME to signed internal delegation is handled ($n)"
ret=0
$RNDCCMD 10.53.0.7 null --- start test$n --- 2>&1 | sed 's/^/ns7 /' | cat_i
$DIG $DIGOPTS @10.53.0.7 d.example > dig.out.$n
awk '{$2 = "3600"; print}' > $patchedfile
#
-# Seperate DNSSEC records.
+# Separate DNSSEC records.
#
zone=split-dnssec.example.
infile=split-dnssec.example.db.in
"$SIGNER" -P -D -o "$zone" "$zonefile" > /dev/null
#
-# Seperate DNSSEC records smart signing.
+# Separate DNSSEC records smart signing.
#
zone=split-smart.example.
infile=split-smart.example.db.in
; This is a zone which has two DNSKEY records, none of which have
; existing private key files available. The resulting zone should fail
-; the consistancy tests.
+; the consistency tests.
;
$TTL 3600
example.com. IN SOA ns hostmaster 00090000 1200 3600 604800 300
/*
* Driver version is called when loading the driver to ensure there
- * is no API mismatch betwen the driver and the caller.
+ * is no API mismatch between the driver and the caller.
*/
int
dyndb_version(unsigned int *flags) {
result = syncptr_find_zone(inst, addr_rdata,
dns_fixedname_name(&ptr_name), &ptr_zone);
if (result != ISC_R_SUCCESS) {
- log_error_r("PTR record synchonization skipped: reverse zone "
+ log_error_r("PTR record synchronization skipped: reverse zone "
"is not managed by driver instance '%s'",
inst->db_name);
goto cleanup;
$DIG $DIGOPTS @10.53.0.1 +edns=100 +noednsnegotiation soa $zone > dig.out$n
grep "status: BADVERS," dig.out$n > /dev/null || { ret=1; reason="status"; }
grep "EDNS: version: 0," dig.out$n > /dev/null || { ret=1; reason="version"; }
-grep "IN.SOA." dig.out$n > /dev/null && { ret=1; reaons="soa"; }
+grep "IN.SOA." dig.out$n > /dev/null && { ret=1; reasons="soa"; }
if [ $ret != 0 ]; then echo_i "failed $reason"; fi
status=`expr $status + $ret`
# This is a tool for sending an arbitrary packet via UDP or TCP to an
# arbitrary address and port. The packet is specified in a file or on
-# the standard input, in the form of a series of bytes in hexidecimal.
+# the standard input, in the form of a series of bytes in hexadecimal.
# Whitespace is ignored, as is anything following a '#' symbol.
#
# For example, the following input would generate normal query for
status=`expr $status + $ret`
n=`expr $n + 1`
-echo_i "checking that update has been transfered and has been signed ($n)"
+echo_i "checking that update has been transferred and has been signed ($n)"
ret=0
for i in 1 2 3 4 5 6 7 8 9 10
do
status=`expr $status + $ret`
n=`expr $n + 1`
-echo_i "checking that update has been transfered and has been signed, noixfr ($n)"
+echo_i "checking that update has been transferred and has been signed, noixfr ($n)"
ret=0
for i in 1 2 3 4 5 6 7 8 9 10 1 2 3 4 5 6 7 8 9 10 1 2 3 4 5 6 7 8 9 10
do
status=`expr $status + $ret`
n=`expr $n + 1`
-echo_i "checking that the change has not been transfered due to notify ($n)"
+echo_i "checking that the change has not been transferred due to notify ($n)"
ret=0
for i in 0 1 2 3 4 5 6 7 8 9
do
KSK=$($KEYGEN -a ECDSAP256SHA256 -f KSK -L 3600 $zone 2> keygen.out.$zone.1)
ZSK1=$($KEYGEN -a ECDSAP256SHA256 -L 3600 $zone 2> keygen.out.$zone.2)
ZSK2=$($KEYGEN -a ECDSAP256SHA256 -L 3600 $zone 2> keygen.out.$zone.3)
-# Substract DNSKEY TTL from all the times (1h).
+# Subtract DNSKEY TTL from all the times (1h).
TactN="now-962h"
TretN="now-242h"
TpubN1="now-268h"
KSK1=$($KEYGEN -a ECDSAP256SHA256 -f KSK -L 7200 $zone 2> keygen.out.$zone.1)
KSK2=$($KEYGEN -a ECDSAP256SHA256 -f KSK -L 7200 $zone 2> keygen.out.$zone.2)
ZSK=$($KEYGEN -a ECDSAP256SHA256 -L 7200 $zone 2> keygen.out.$zone.3)
-# Substract DNSKEY TTL from all the times (2h).
+# Subtract DNSKEY TTL from all the times (2h).
TactN="now-1492h"
TretN="now-52h"
TpubN1="now-102h"
setup step5.csk-roll.autosign
CSK1=$($KEYGEN -k csk-roll -l policies/autosign.conf $zone 2> keygen.out.$zone.1)
CSK2=$($KEYGEN -k csk-roll -l policies/autosign.conf $zone 2> keygen.out.$zone.1)
-# Substract DNSKEY TTL plus zone propagation delay from all the times (2h).
+# Subtract DNSKEY TTL plus zone propagation delay from all the times (2h).
TactN="now-4470h"
TretN="now-6h"
TdeaN="now-2h"
setup step7.csk-roll.autosign
CSK1=$($KEYGEN -k csk-roll -l policies/autosign.conf $zone 2> keygen.out.$zone.1)
CSK2=$($KEYGEN -k csk-roll -l policies/autosign.conf $zone 2> keygen.out.$zone.1)
-# Substract DNSKEY TTL plus zone propagation delay from all the times (2h).
+# Subtract DNSKEY TTL plus zone propagation delay from all the times (2h).
TactN="now-5093h"
TretN="now-629h"
TdeaN="now-625h"
setup step5.csk-roll2.autosign
CSK1=$($KEYGEN -k csk-roll2 -l policies/autosign.conf $zone 2> keygen.out.$zone.1)
CSK2=$($KEYGEN -k csk-roll2 -l policies/autosign.conf $zone 2> keygen.out.$zone.1)
-# Substract Dreg + Iret (174h).
+# Subtract Dreg + Iret (174h).
TactN="now-4676h"
TretN="now-212h"
TpubN1="now-215h"
CSK1=$($KEYGEN -k csk-roll2 -l policies/autosign.conf $zone 2> keygen.out.$zone.1)
CSK2=$($KEYGEN -k csk-roll2 -l policies/autosign.conf $zone 2> keygen.out.$zone.1)
-# Substract DNSKEY TTL plus zone propagation delay (2h).
+# Subtract DNSKEY TTL plus zone propagation delay (2h).
TactN="now-4678h"
TretN="now-214h"
TdeaN="now-2h"
ret=0
n=`expr $n + 1`
-echo_i "test owner inheritence after "'$INCLUDE'" ($n)"
+echo_i "test owner inheritance after "'$INCLUDE'" ($n)"
$CHECKZONE -Dq example zone/inheritownerafterinclude.db > checkzone.out$n
$DIFF checkzone.out$n zone/inheritownerafterinclude.good || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $ret + $status`
n=`expr $n + 1`
-echo_i "checking example4 contents have been transfered after restart ($n)"
+echo_i "checking example4 contents have been transferred after restart ($n)"
ret=0
$DIG $DIGOPTS a.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1
grep "10.0.0.4" dig.out.ns2.test$n > /dev/null || ret=1
ret=0
echo_i "check that 'nsupdate -l' with a missing keyfile reports the missing file"
-$NSUPDATE -4 -p ${PORT} -l -k ns1/nonexistant.key 2> nsupdate.out < /dev/null
-grep ns1/nonexistant.key nsupdate.out > /dev/null || ret=1
+$NSUPDATE -4 -p ${PORT} -l -k ns1/nonexistent.key 2> nsupdate.out < /dev/null
+grep ns1/nonexistent.key nsupdate.out > /dev/null || ret=1
if test $ret -ne 0
then
echo_i "failed"; status=1
# This is a tool for sending an arbitrary packet via UDP or TCP to an
# arbitrary address and port. The packet is specified in a file or on
-# the standard input, in the form of a series of bytes in hexidecimal.
+# the standard input, in the form of a series of bytes in hexadecimal.
# Whitespace is ignored, as is anything following a '#' symbol.
#
# For example, the following input would generate normal query for
############################################################################
#
# This tool acts as a TCP/UDP proxy and delays all incoming packets by 500
-# miliseconds.
+# milliseconds.
#
# We use it to check pipelining - a client sents 8 questions over a
# pipelined connection - that require asking a normal (examplea) and a
class UDPDelayer(threading.Thread):
""" Every incoming UDP packet is put in a queue for DELAY time, then
it's sent to (ip, port). We remember the query id to send the
- response we get to a proper source, responsed are not delayed.
+ response we get to a proper source, responses are not delayed.
"""
def __init__(self, usock, ip, port):
threading.Thread.__init__(self)
# too.many.labels.a.b.c.d.e.f.g.h.i.j.k.l.m.n.o.p.q.r.s.t.u.v.w.x.y.z.good. A 192.0.2.2
# it responds properly (with NODATA empty response) to non-empty terminals
#
-# For slow. it works the same as for good., but each response is delayed by 400 miliseconds
+# For slow. it works the same as for good., but each response is delayed by 400 milliseconds
#
# For bad. it works the same as for good., but returns NXDOMAIN to non-empty terminals
#
# icky.ptang.zoop.boing.good. NS a.bit.longer.ns.name.good.
# it responds properly (with NODATA empty response) to non-empty terminals
#
-# For slow. it works the same as for good., but each response is delayed by 400 miliseconds
+# For slow. it works the same as for good., but each response is delayed by 400 milliseconds
#
# For bad. it works the same as for good., but returns NXDOMAIN to non-empty terminals
#
# more.icky.icky.icky.ptang.zoop.boing.good. A 192.0.2.2
# it responds properly (with NODATA empty response) to non-empty terminals
#
-# For slow. it works the same as for good., but each response is delayed by 400 miliseconds
+# For slow. it works the same as for good., but each response is delayed by 400 milliseconds
#
# For bad. it works the same as for good., but returns NXDOMAIN to non-empty terminals
#
status=`expr $status + $ret`
n=`expr $n + 1`
-echo_i "query for .bad succeds when qname-minimization is in relaxed mode ($n)"
+echo_i "query for .bad succeeds when qname-minimization is in relaxed mode ($n)"
ret=0
$CLEANQL
$RNDCCMD 10.53.0.7 flush
$RNDCCMD 10.53.0.6 flush
n=`expr $n + 1`
-echo_i "query for .ugly succeds when qname-minimization is in relaxed mode ($n)"
+echo_i "query for .ugly succeeds when qname-minimization is in relaxed mode ($n)"
ret=0
$CLEANQL
$RNDCCMD 10.53.0.7 flush
status=`expr $status + $ret`
n=`expr $n + 1`
-echo_i "query for .ip6.arpa succeds and skips on proper boundaries when qname-minimization is on ($n)"
+echo_i "query for .ip6.arpa succeeds and skips on proper boundaries when qname-minimization is on ($n)"
ret=0
$CLEANQL
$RNDCCMD 10.53.0.6 flush
$rcode = "REFUSED";
}
- # mark the answer as authoritive (by setting the 'aa' flag
+ # mark the answer as authoritative (by setting the 'aa' flag
return ($rcode, \@ans, \@auth, \@add, { aa => 1 });
}
ns7.server. A 10.53.0.7
;
; These two delegations are strictly not necessary as the test resolver (ns5)
-; doesn't have this zone as its root. They are just done for consistancy with
+; doesn't have this zone as its root. They are just done for consistency with
; the delegations in ns4/tld.
;
no-edns-version.tld. NS ns.no-edns-version.tld.
echo_i "RT21594 regression test NXDOMAIN answers ($n)"
ret=0
# Check that resolver accepts the non-authoritative positive answers.
-$DIG $DIGOPTS +tcp noexistant @10.53.0.5 txt > dig.ns5.out.${n} || ret=1
+$DIG $DIGOPTS +tcp noexistent @10.53.0.5 txt > dig.ns5.out.${n} || ret=1
grep "status: NXDOMAIN" dig.ns5.out.${n} > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
$DIG $DIGOPTS @10.53.0.5 fetch.tld txt > dig.out.2.${n} || ret=1
ttl2=`awk '/"A" "short" "ttl"/ { print $2 }' dig.out.2.${n}`
sleep 1
-# check that prefetch occured
+# check that prefetch occurred
$DIG $DIGOPTS @10.53.0.5 fetch.tld txt > dig.out.3.${n} || ret=1
ttl=`awk '/"A" "short" "ttl"/ { print $2 }' dig.out.3.${n}`
test ${ttl:-0} -gt ${ttl2:-1} || ret=1
$DIG $DIGOPTS @10.53.0.5 ds.example.net ds > dig.out.2.${n} || ret=1
dsttl2=`awk '$4 == "DS" && $7 == "2" { print $2 }' dig.out.2.${n}`
sleep 1
-# check that prefetch occured
+# check that prefetch occurred
$DIG $DIGOPTS @10.53.0.5 ds.example.net ds +dnssec > dig.out.3.${n} || ret=1
dsttl=`awk '$4 == "DS" && $7 == "2" { print $2 }' dig.out.3.${n}`
sigttl=`awk '$4 == "RRSIG" && $5 == "DS" { print $2 }' dig.out.3.${n}`
# the previous one.
$DIG $DIGOPTS @10.53.0.7 fetch.example.net txt > dig.out.2.${n} || return 1
ttl2=`awk '/"A" "short" "ttl"/ { print $2 }' dig.out.2.${n}`
- # check that prefetch has not occured
+ # check that prefetch has not occurred
if [ $ttl2 -ge $tmp_ttl ]; then
return 1
fi
ip-as-ns yes"
fi
-# write dnsrps setttings for master resolver
+# write dnsrps settings for master resolver
cat <<EOF >>$MCONF
$MASTER };
EOF
-# write dnsrps setttings for resolvers that should not start dnsrpzd
+# write dnsrps settings for resolvers that should not start dnsrpzd
cat <<EOF >>$SCONF
$CMN
dnsrpzd '' }; # do not start dnsrpzd
-# run the performace test close to real life
+# run the performance test close to real life
-c named.conf -D rpz-ns5 -X named.lock -gd3
-; RPZ preformance test
+; RPZ performance test
$TTL 120
@ SOA . hostmaster.ns.example.tld5. ( 1 3600 1200 604800 60 )
done
}
-# (re)load the reponse policy zones with the rules in the file $TEST_FILE
+# (re)load the response policy zones with the rules in the file $TEST_FILE
load_db () {
if test -n "$TEST_FILE"; then
copy_setports $TEST_FILE tmp
rndc_reload ns2 $ns2 bl.tld2
ck_soa 2 bl.tld2 $ns3
nochange a7-1.tld2 # 19 PASSTHRU
- # ensure that a clock tick has occured so that named will do the reload
+ # ensure that a clock tick has occurred so that named will do the reload
sleep 1
cp ns2/blv3.tld2.db.in ns2/bl.tld2.db
rndc_reload ns2 $ns2 bl.tld2
grep "fast-expire/IN: response-policy zone expired" ns3/named.run > /dev/null || setret "failed"
fi
- # RPZ 'CNAME *.' (NODATA) trumps DNS64. Test against various DNS64 senarios.
+ # RPZ 'CNAME *.' (NODATA) trumps DNS64. Test against various DNS64 scenarios.
for label in a-only no-a-no-aaaa a-plus-aaaa
do
for type in AAAA A
$rcode = "NXDOMAIN";
}
- # mark the answer as authoritive (by setting the 'aa' flag
+ # mark the answer as authoritative (by setting the 'aa' flag
return ($rcode, \@ans, \@auth, \@add, { aa => 1 });
}
# should not be there, hence the &&
grep "key id = $ckprerevoke\$" $cfile.signed > /dev/null && {
ret=1
- echo_i "found unexpect child pre-revoke ZSK id = $ckprerevoke"
+ echo_i "found unexpected child pre-revoke ZSK id = $ckprerevoke"
}
grep "key id = $czgenerated\$" $cfile.signed > /dev/null && {
ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
-# reload with a different name server: exisitng zone shouldn't be reused.
+# reload with a different name server: existing zone shouldn't be reused.
n=`expr $n + 1`
echo_i "checking server reload with a different static-stub config ($n)"
ret=0
zone "private.nsec" { type master; file "private.nsec.db.signed"; };
/*
- * The contents of nsec3 and private.nsec3 are specially choosen to
- * have seperate NSEC3 records for the "no qname proof" and the
+ * The contents of nsec3 and private.nsec3 are specially chosen to
+ * have separate NSEC3 records for the "no qname proof" and the
* "closest encloser proof".
*/
zone "nsec3" { type master; file "nsec3.db.signed"; };
n=$((n+1))
echo_i "testing basic zone transfer functionality (from secondary) ($n)"
#
-# Spin to allow the zone to tranfer.
+# Spin to allow the zone to transfer.
#
for i in 1 2 3 4 5
do
grep "^;" dig.out.ns2.test$n | cat_i
#
-# Spin to allow the zone to tranfer.
+# Spin to allow the zone to transfer.
#
for i in 1 2 3 4 5
do
fprintf(stderr, "usage: named-rrchecker [-o origin] [-hpCPTu]\n");
fprintf(stderr, "\t-h: print this help message\n");
fprintf(stderr, "\t-o origin: set origin to be used when "
- "interpeting the record\n");
+ "interpreting the record\n");
fprintf(stderr, "\t-p: print the record in canonical format\n");
fprintf(stderr, "\t-C: list the supported class names\n");
fprintf(stderr, "\t-P: list the supported private type names\n");
IDS_BAD_PRIVILEGES "This user cannot acquire the privileges necessary to install BIND. Please ensure you are logged on as a member of the Administrators group."
IDS_ERR_CREATE_DIR "An error occurred while creating directory %s\n(%s)"
IDS_VERSION "Version %s"
- IDS_ERR_CREATE_KEY "An error occured while creating registry keys\n(%s)"
+ IDS_ERR_CREATE_KEY "An error occurred while creating registry keys\n(%s)"
END
STRINGTABLE
BEGIN
- IDS_ERR_SET_VALUE "An error occured while setting registry key values\n(%s)"
+ IDS_ERR_SET_VALUE "An error occurred while setting registry key values\n(%s)"
IDS_NO_VERSION "Version Unknown"
IDS_EXISTING_NEWER "%s\nThe existing version of this file is newer than the version being installed.\nDo you wish to overwrite the existing file?"
IDS_FILE_BAD "Could not retrieve version info for file %s. Do you wish to continue?\n(Continuing may overwrite a newer version of the file) "
}
catch(DWORD dw) {
CString msg;
- msg.Format("A fatal error occured\n(%s)", GetErrMessage(dw));
+ msg.Format("A fatal error occurred\n(%s)", GetErrMessage(dw));
MessageBox(msg);
SetCurrent(IDS_CLEANUP);
FailedInstall();
$as_echo "" >&6; }
for dd in $bdbdirs
do
- # Skip nonexistant directories
+ # Skip nonexistent directories
if test ! -d "$dd"
then
continue
#define bulk 4 /* bulk load data */
/*%
- * quit macro is used instead of exit. quit always trys to close the lexer
+ * quit macro is used instead of exit. quit always tries to close the lexer
* and the BDB database before exiting.
*/
}
/*%
- * checkInvalidParam is used to only allow paramters which make sense for
+ * checkInvalidParam is used to only allow parameters which make sense for
* the operation selected. I.E. passing the key parameter makes no sense
* for the add operation, and thus it isn't allowed.
*/
}
/*%
- * checkInvalidOption is used to only allow paramters which make sense for
+ * checkInvalidOption is used to only allow parameters which make sense for
* the operation selected - but checks boolean options.
* I.E. passing the "b" bare_list parameter makes no sense for the add
* operation, and thus it isn't allowed.
checkInvalidParam(c_ip, "i", "for add operation");
checkInvalidOption(list_everything, true, "e", "for add operation");
- /* if open lexer fails it alread prints error messages. */
+ /* if open lexer fails it already prints error messages. */
if (open_lexer() != ISC_R_SUCCESS) {
quit(4);
}
AC_MSG_RESULT( )
for dd in $bdbdirs
do
- # Skip nonexistant directories
+ # Skip nonexistent directories
if test ! -d "$dd"
then
continue
char *lastchar = (char *)&tmp[strlen(tmp) + 1];
/*%
- * String should be formated as:
+ * String should be formatted as:
* zone(a space)host(a space)ttl(a space)type(a space)remaining data
* examples:
* example.com www 10 A 127.0.0.1
if (*endp != '\0' || pd->ttl < 0) {
isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE,
DNS_LOGMODULE_DLZ, ISC_LOG_ERROR,
- "BDB driver ttl must be a postive number");
+ "BDB driver ttl must be a positive number");
return (ISC_R_FAILURE);
}
char *lastchar = (char *)&tmp[strlen(tmp)];
/*%
- * String should be formated as:
+ * String should be formatted as:
* replication_id
* (a space)
* host_name
if (*endp != '\0' || pd->ttl < 0) {
isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE,
DNS_LOGMODULE_DLZ, ISC_LOG_ERROR,
- "bdbhpt driver ttl must be a postive number");
+ "bdbhpt driver ttl must be a positive number");
return (ISC_R_FAILURE);
}
/*
* reverse string to take advantage of BDB locality of reference
- * if we need futher lookups because the zone doesn't match the
+ * if we need further lookups because the zone doesn't match the
* first time.
*/
key.data = bdbhpt_strrev(key.data);
break;
/*
* Private mode. No inter-process communication & no locking.
- * Lowest saftey - highest speed.
+ * Lowest safety - highest speed.
*/
case 'P':
case 'p':
isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE,
DNS_LOGMODULE_DLZ, ISC_LOG_ERROR,
"Filesystem driver "
- "ttl must be a postive number");
+ "ttl must be a positive number");
}
/* pass data back to Bind */
isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE,
DNS_LOGMODULE_DLZ, ISC_LOG_ERROR,
"Directory split count must be zero (0) "
- "or a postive number");
+ "or a positive number");
}
/* get and store our separator character */
#define LOOKUP 5
/*%
- * Structure to hold everthing needed by this "instance" of the LDAP
+ * Structure to hold everything needed by this "instance" of the LDAP
* driver remember, the driver code is only loaded once, but may have
* many separate instances.
*/
/* skip empty attributes. */
if (vals == NULL || vals[0] == NULL) {
- /* increment attibute pointer */
+ /* increment attribute pointer */
attribute = attrs[++i];
/* start loop over */
continue;
DNS_LOGMODULE_DLZ,
ISC_LOG_ERROR,
"LDAP driver ttl must "
- "be a postive number");
+ "be a positive number");
goto cleanup;
}
break;
ldap_value_free(vals);
vals = NULL;
- /* increment attibute pointer */
+ /* increment attribute pointer */
attribute = attrs[++i];
} /* end while (attribute != NULL) */
}
}
- /* perform ldap search syncronously */
+ /* perform ldap search synchronously */
ldap_result =
ldap_search_s((LDAP *)dbi->dbconn, ldap_url->lud_dn,
ldap_url->lud_scope, ldap_url->lud_filter,
DNS_LOGCATEGORY_DATABASE,
DNS_LOGMODULE_DLZ, ISC_LOG_ERROR,
"mysql driver ttl must be "
- "a postive number");
+ "a positive number");
}
result = dns_sdlz_putrr(lookup, safeGet(row[1]), ttl,
safeGet(row[2]));
DNS_LOGCATEGORY_DATABASE,
DNS_LOGMODULE_DLZ, ISC_LOG_ERROR,
"mysql driver ttl must be "
- "a postive number");
+ "a positive number");
}
/* ok, now tell Bind about it. */
result = dns_sdlz_putrr(lookup, safeGet(row[1]), ttl,
isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE,
DNS_LOGMODULE_DLZ, ISC_LOG_ERROR,
"mysql driver ttl must be "
- "a postive number");
+ "a positive number");
}
if (fields == 4) {
/* tell Bind about it. */
tmpString = isc_mem_allocate(named_g_mctx, len + 1);
/* copy this field to tmpString */
strcpy(tmpString, safeGet(row[3]));
- /* concatonate the rest, with spaces between */
+ /* concatenate the rest, with spaces between */
for (j = 4; j < fields; j++) {
strcat(tmpString, " ");
strcat(tmpString, safeGet(row[j]));
return (ISC_R_FAILURE);
}
- /* parse connection string and get paramters. */
+ /* parse connection string and get parameters. */
/* get db name - required */
dbname = getParameterValue(argv[1], "dbname=");
} odbc_db_t;
/*
- * Structure to hold everthing needed by this "instance" of the odbc driver
+ * Structure to hold everything needed by this "instance" of the odbc driver
* remember, the driver code is only loaded once, but may have many separate
* instances
*/
return (strlen((char *)a));
}
-/*% propertly cleans up an odbc_instance_t */
+/*% properly cleans up an odbc_instance_t */
static void
destroy_odbc_instance(odbc_instance_t *odbc_inst) {
* database instance (DBI). It will then run the query and hopefully
* obtain a result set. The data base instance that is used is returned
* to the caller so they can get the data from the result set from it.
- * If successfull, it will be the responsibility of the caller to close
+ * If successful, it will be the responsibility of the caller to close
* the cursor, and unlock the mutex of the DBI when they are done with it.
- * If not successfull, this function will perform all the cleanup.
+ * If not successful, this function will perform all the cleanup.
*/
static isc_result_t
if (result != ISC_R_SUCCESS) {
break;
}
- /* incase this is the last time through the loop */
+ /* in case this is the last time through the loop */
result = ISC_R_FAILURE;
} else {
result = ISC_R_SUCCESS;
/*%
* Gets a single field from the ODBC statement. The memory for the
* returned data is dynamically allocated. If this method is successful
- * it is the reponsibility of the caller to free the memory using
+ * it is the responsibility of the caller to free the memory using
* isc_mem_free(named_g_mctx, *ptr);
*/
/*%
* Gets multiple fields from the ODBC statement. The memory for the
* returned data is dynamically allocated. If this method is successful
- * it is the reponsibility of the caller to free the memory using
+ * it is the responsibility of the caller to free the memory using
* isc_mem_free(named_g_mctx, *ptr);
*/
DNS_LOGMODULE_DLZ,
ISC_LOG_ERROR,
"Odbc driver ttl must "
- "be a postive number");
+ "be a positive number");
result = ISC_R_FAILURE;
} else {
/*
DNS_LOGCATEGORY_DATABASE,
DNS_LOGMODULE_DLZ, ISC_LOG_ERROR,
"Odbc driver ttl must be "
- "a postive number");
+ "a positive number");
result = ISC_R_FAILURE;
} else {
/* successful converting TTL, tell Bind */
odbc_inst = isc_mem_get(named_g_mctx, sizeof(odbc_instance_t));
memset(odbc_inst, 0, sizeof(odbc_instance_t));
- /* parse connection string and get paramters. */
+ /* parse connection string and get parameters. */
/* get odbc database dsn - required */
odbc_inst->dsn = (SQLCHAR *)getParameterValue(argv[2], "dsn=");
break;
}
}
- /* result set ok, break outter loop */
+ /* result set ok, break outer loop */
if (PQresultStatus(*rs) == PGRES_TUPLES_OK) {
#if 0
/* temporary logging message */
DNS_LOGCATEGORY_DATABASE,
DNS_LOGMODULE_DLZ, ISC_LOG_ERROR,
"Postgres driver ttl must be "
- "a postive number");
+ "a positive number");
}
/* ok, now tell Bind about it. */
result = dns_sdlz_putrr(lookup, PQgetvalue(rs, i, 1),
isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE,
DNS_LOGMODULE_DLZ, ISC_LOG_ERROR,
"Postgres driver ttl must be "
- "a postive number");
+ "a positive number");
}
if (fields == 4) {
/* tell Bind about it. */
tmpString = isc_mem_allocate(named_g_mctx, len + 1);
/* copy this field to tmpString */
strcpy(tmpString, PQgetvalue(rs, i, 3));
- /* concatonate the rest, with spaces between */
+ /* concatenate the rest, with spaces between */
for (j = 4; j < fields; j++) {
strcat(tmpString, " ");
strcat(tmpString, PQgetvalue(rs, i, j));
char *
sdlzh_get_parameter_value(isc_mem_t *mctx, const char *input, const char *key);
-/* Compatability with existing DLZ drivers */
+/* Compatibility with existing DLZ drivers */
#define build_querystring sdlzh_build_querystring
#define build_sqldbinstance sdlzh_build_sqldbinstance
OVERVIEW:
-DLZ (Dynamically Loadable Zones) is an extention to BIND 9 that
+DLZ (Dynamically Loadable Zones) is an extension to BIND 9 that
allows zone data to be retrieved directly from an external database.
There is no required format or schema. DLZ drivers exist for several
different database backends including PostgreSQL, MySQL, and LDAP and
- isc_result_t writeable_zone(dns_view_t *view, const char *zone_name);
- Allows the DLZ module to inform named that a given zone can recieve
+ Allows the DLZ module to inform named that a given zone can receive
DDNS updates. (Note: This is not currently supported for DLZ
databases that are configured as 'search no;')
*
* Additionally, a query for 'source-addr.example.nil/TXT' is always
* answered with the source address of the query. This is used to
- * demonstrate the code that retreives client information from the
+ * demonstrate the code that retrieves client information from the
* caller.
*
* To use this driver, "dlz_external.so" must be moved into the working
/*
* reverse string to take advantage of BDB locality of reference
- * if we need futher lookups because the zone doesn't match the
+ * if we need further lookups because the zone doesn't match the
* first time.
*/
key.data = bdbhpt_strrev(key.data);
/*
* Private mode. No inter-process communication & no locking.
- * Lowest saftey - highest speed.
+ * Lowest safety - highest speed.
*/
case 'P':
case 'p':
my $zone_list = $opt->{zones};
if (!defined $zone_list || $zone_list eq '') {
- usage('Please specify a space seperated list of zones');
+ usage('Please specify a space separated list of zones');
exit 1;
}
print STDERR "usage: $0 --bdb=<bdb-file> --input=<input-file> --zones=<zone-list>\n\n";
print STDERR "\tbdb-file: The output BerkeleyDB file you wish to create and use with bdbhpt-dynamic\n\n";
print STDERR "\tinput-file: The input text-file containing records to populate within your zones\n\n";
- print STDERR "\tzone-list: The space-seperated list of zones you wish to create\n\n";
+ print STDERR "\tzone-list: The space-separated list of zones you wish to create\n\n";
}
sub populate_records {
ttl = strtol(ttlStr, &endp, 10);
if (*endp != '\0' || ttl < 0) {
cd->log(ISC_LOG_ERROR, "Filesystem driver "
- "ttl must be a postive number");
+ "ttl must be a positive number");
}
/* pass data back to Bind */
cd->splitcnt = strtol(argv[4], &endp, 10);
if (*endp != '\0' || cd->splitcnt < 0) {
cd->log(ISC_LOG_ERROR, "Directory split count must be zero (0) "
- "or a postive number");
+ "or a positive number");
}
/* get and store our separator character */
#define LOOKUP 5
/*%
- * Structure to hold everthing needed by this "instance" of the LDAP
+ * Structure to hold everything needed by this "instance" of the LDAP
* driver remember, the driver code is only loaded once, but may have
* many separate instances.
*/
/* skip empty attributes. */
if (vals == NULL || vals[0] == NULL) {
- /* increment attibute pointer */
+ /* increment attribute pointer */
attribute = attrs[++i];
/* start loop over */
continue;
if (*endp != '\0' || ttl < 0) {
db->log(ISC_LOG_ERROR, "LDAP driver "
"ttl must "
- "be a postive "
+ "be a positive "
"number");
goto cleanup;
}
ldap_value_free(vals);
vals = NULL;
- /* increment attibute pointer */
+ /* increment attribute pointer */
attribute = attrs[++i];
}
}
}
- /* perform ldap search syncronously */
+ /* perform ldap search synchronously */
ldap_result =
ldap_search_s((LDAP *)dbi->dbconn, ldap_url->lud_dn,
ldap_url->lud_scope, ldap_url->lud_filter,
#define safeGet(in) in == NULL ? "" : in
/*%
- * Structure to hold everthing needed by this "instance" of the MySQL
+ * Structure to hold everything needed by this "instance" of the MySQL
* module remember, the module code is only loaded once, but may have
* many separate instances.
*/
if (*endp != '\0' || ttl < 0) {
db->log(ISC_LOG_ERROR, "MySQL module ttl must "
"be "
- "a postive number");
+ "a positive number");
return (ISC_R_FAILURE);
}
if (*endp != '\0' || ttl < 0) {
db->log(ISC_LOG_ERROR, "MySQL module ttl must "
"be "
- "a postive number");
+ "a positive number");
free(tmpString);
return (ISC_R_FAILURE);
}
ttl = strtol(safeGet(row[0]), &endp, 10);
if (*endp != '\0' || ttl < 0) {
db->log(ISC_LOG_ERROR, "MySQL module ttl must be "
- "a postive number");
+ "a positive number");
result = ISC_R_FAILURE;
goto cleanup;
}
#define safeGet(in) in == NULL ? "" : in
/*%
- * Structure to hold everthing needed by this "instance" of the SQLite3
+ * Structure to hold everything needed by this "instance" of the SQLite3
* module remember, the module code is only loaded once, but may have
* many separate instances.
*/
if (*endp != '\0' || ttl < 0) {
db->log(ISC_LOG_ERROR, "SQLite3 module: TTL "
"must be "
- "a postive number");
+ "a positive number");
return (ISC_R_FAILURE);
}
if (*endp != '\0' || ttl < 0) {
db->log(ISC_LOG_ERROR, "SQLite3 module: TTL "
"must be "
- "a postive number");
+ "a positive number");
free(tmpString);
return (ISC_R_FAILURE);
}
ttl = strtol(safeGet(row[0]), &endp, 10);
if (*endp != '\0' || ttl < 0) {
db->log(ISC_LOG_ERROR, "SQLite3 module: TTL must be "
- "a postive number");
+ "a positive number");
result = ISC_R_FAILURE;
goto cleanup;
}
* 86400 A 192.0.0.100";
};
-For any zone name matchin the wildcard, it would return the data from
+For any zone name matching the wildcard, it would return the data from
the template. "$zone$" is replaced with zone name: i.e., the shortest
possible string of labels in the query name that matches the wildcard.
"$record$" is replaced with the remainder of the query name. In the
checking whether the SERIAL field has been updated; if so,
a new transfer request is initiated. The timing of these
refresh queries is controlled by the SOA REFRESH and RETRY
- fields, but can be overrridden with the
+ fields, but can be overridden with the
<command>max-refresh-time</command>,
<command>min-refresh-time</command>,
<command>max-retry-time</command>, and
<para>
If the anchor type is <command>static-ds</command> or
<command>initial-ds</command>, then it is followed with the
- key tag, algorithm, digest type, and the hexidecimal
+ key tag, algorithm, digest type, and the hexadecimal
representation of the key digest. This is identical to the
text representation of a DS record. Spaces, tabs, newlines
and carriage returns are ignored.
<listitem>
<para>
A margin that is added to the pre-publication
- interval in rollover timing calcuations to give some
+ interval in rollover timing calculations to give some
extra time to cover unforeseen events. This increases
the time that keys are published before becoming active.
The default is <constant>PT1H</constant> (1 hour).
<para>
If a redirect zone is configured with a
<option>masters</option> option, then it is
- transfered in as if it were a slave zone.
+ transferred in as if it were a slave zone.
Otherwise, it is loaded from a file as if it
were a master zone.
</para>
checking whether the SERIAL field has been updated; if so,
a new transfer request is initiated. The timing of these
refresh queries is controlled by the SOA REFRESH and RETRY
- fields, but can be overrridden with the
+ fields, but can be overridden with the
<span class="command"><strong>max-refresh-time</strong></span>,
<span class="command"><strong>min-refresh-time</strong></span>,
<span class="command"><strong>max-retry-time</strong></span>, and
<p>
If the anchor type is <span class="command"><strong>static-ds</strong></span> or
<span class="command"><strong>initial-ds</strong></span>, then it is followed with the
- key tag, algorithm, digest type, and the hexidecimal
+ key tag, algorithm, digest type, and the hexadecimal
representation of the key digest. This is identical to the
text representation of a DS record. Spaces, tabs, newlines
and carriage returns are ignored.
<p>
If a redirect zone is configured with a
<code class="option">masters</code> option, then it is
- transfered in as if it were a slave zone.
+ transferred in as if it were a slave zone.
Otherwise, it is loaded from a file as if it
were a master zone.
</p>
The <span class="command"><strong>dnssec-cds</strong></span> command uses special DNSSEC
validation logic specified by RFC 7344. It requires that the CDS
and/or CDNSKEY records are validly signed by a key represented in the
- existing DS records. This will typicially be the pre-existing
+ existing DS records. This will typically be the pre-existing
key-signing key (KSK).
</p>
<p>
<dt><span class="term"><span class="command"><strong>"increment"</strong></span></span></dt>
<dd>
<p>Increment the SOA serial number using RFC 1982
- arithmetics.</p>
+ arithmetic.</p>
</dd>
<dt><span class="term"><span class="command"><strong>"unixtime"</strong></span></span></dt>
<dd>
send it. This fits with the priciple of being liberal with
what you accept and strict with what you send.
- There are a few cases where it does not make sence to accept
+ There are a few cases where it does not make sense to accept
compression pointers of a given type. i.e. the first domain name
in a message, local compression pointers in the ownername of a RR
or in a question.
/*
* If too many recv()'s are already running, just return.
*
- * If noone is attached to us, just return.
+ * If no one is attached to us, just return.
*
* Allocate a new buffer to receive into.
* If no more buffers:
Any attempts to add shutdown events with isc_task_onshutdown()
will fail, since the task is already shutting down
-Task shutdown can be initiated explicity, via a call to isc_task_shutdown(),
+Task shutdown can be initiated explicitly, via a call to isc_task_shutdown(),
or implicitly, when the following conditions occur:
The "shutting down" attribute of the task is not set
Event action (callback) rules:
* no locks held on your behald when entering a callback.
- * not allowed to block, except when aquiring a lock.
+ * not allowed to block, except when acquiring a lock.
* not allowed to hold a lock when exiting the callback.
configurations to be identified earlier providing for a more stable
DNS.
-Compatability:
+Compatibility:
Zones are required to be configuration file compatable with
BIND 8.x.
was), BIND style always keeps indication of the function's success or
failure separate from its returned data. Similarly, the C library
function `fread()` returns the number of characters read and then
-depends on `feof()` and `ferror()` to determine whether an error occured
+depends on `feof()` and `ferror()` to determine whether an error occurred
or the end of file was reached, but BIND's version uses result codes:
char buffer[BUFSIZ];
|Parameter|Description |
|---------|-----------------------|
|`class`|This argument should be ignored when used with a class-generic RR type, otherwise `REQUIRE(class == <value>)` should be present at the start of the function.|
-|`type`|This should be tested with a `REQUIRE(type == <value>)` statement at the begining of the function.|
+|`type`|This should be tested with a `REQUIRE(type == <value>)` statement at the beginning of the function.|
|`lexer`|This is used to read the input text stream.|
|`origin`|This is a absolute name used to qualify unqualified / partially qualified domain names in the text stream. It is passed to the name parsing routines.|
|`downcase`|This is passed to the name parsing routines to determine whether to downcase the names it generates or leave them in the case they are presented in.|
|Parameter|Description |
|---------|-----------------------|
|`class`|This argument should be ignored when used with a class-generic RR type otherwise `REQUIRE(class == <value>)` should be present at the start of the function.|
-|`type`|This should be tested with a `REQUIRE(type == <value>)` statement at the begining of the function.|
+|`type`|This should be tested with a `REQUIRE(type == <value>)` statement at the beginning of the function.|
|`source`|This is a `BINARY` buffer with the `active` region containing a resource record in wire format.|
|`dctx`|This is the decompression context and is passed to `dns_name_fromwire()`, along with `downcase`, to enable a compressed domain name to be extracted from the source.|
|`downcase`|This is passed to `dns_name_fromwire()` to say whether the extracted domain name should be downcased during the extraction.|
/// critical.
///
/// \li If we ever get really ambitious, we might try processing
-/// Doxygen's XML output, which is basicly a dump of what Doxygen
+/// Doxygen's XML output, which is basically a dump of what Doxygen
/// was able to scrape from the sources. This would be a major
/// project, just something to think about if there's something we
/// really don't like about the output Doxygen generates. Punt
In any case, bind9 named binds to specific addresses for ipv4 sockets.
-The followings are historical notes when we always bound to the ipv6
+The following are historical notes when we always bound to the ipv6
wildcard port regardless of the availability of the API support.
These problems should not happen with the closer checks above.
used.
[12] Section 5.5 does not match reality. Named uses the presence
-of DO=1 to detect if validation may be occuring. CD has no bearing
-on whether validation is occuring or not.
+of DO=1 to detect if validation may be occurring. CD has no bearing
+on whether validation is occurring or not.
[13] Conditional on the OpenSSL library being linked against
supporting ECDSA.
xmlns:db="http://docbook.org/ns/docbook">
<!-- <optional> and <command> rendered in <programlisting>s.
- For each overriden element, the parameters must be defined.
+ For each overridden element, the parameters must be defined.
They are mandatory, and $probe must be set to 0 by default.
Only dblatex 0.2.12, with the verbatim.boldseq template works
;; take it from there. I've sent this patch off to the port
;; maintainer but have not yet heard anything back.
;;
-;; I don't really know whther this is the "right" fix, but it seems to
+;; I don't really know whether this is the "right" fix, but it seems to
;; work, and I'm pretty sure that the code this patch deletes does not
;; work as it stands, so at worst the result after applying this patch
;; should be no worse than the result without this patch.
-<xsl:template name="question.answer.label">
- <!-- variable: deflabel -->
- <xsl:variable name="deflabel">
-- <!-- chck whether someone has a defaultlabel attribute -->
+- <!-- check whether someone has a defaultlabel attribute -->
- <xsl:choose>
- <xsl:when test="ancestor-or-self::*[@defaultlabel]">
- <xsl:value-of select="(ancestor-or-self::*[@defaultlabel])[last()]/@defaultlabel"/>
/*
* Check that a RFC 1918 / ULA reverse zone is not forward first
- * unless explictly configured to be so.
+ * unless explicitly configured to be so.
*/
if (ztype == CFG_ZONE_FORWARD && (rfc1918 || ula)) {
obj = NULL;
(void)cfg_map_get(zoptions, "forward", &obj);
if (obj == NULL) {
/*
- * Forward mode not explicity configured.
+ * Forward mode not explicitly configured.
*/
if (voptions != NULL) {
cfg_map_get(voptions, "forward", &obj);
result = ISC_R_FAILURE;
/*
- * Use case insensitive comparision as not all file
+ * Use case insensitive comparison as not all file
* systems are case sensitive. This will prevent people
* using FOO.DB and foo.db on case sensitive file
* systems but that shouldn't be a major issue.
}
/*
- * Use case insensitive comparision as not all file systems are
+ * Use case insensitive comparison as not all file systems are
* case sensitive. This will prevent people using FOO.DB and foo.db
* on case sensitive file systems but that shouldn't be a major issue.
*/
/*
* DSCP value has no default, but when it is specified, it is identical
- * for all masters and cannot be overriden for a specific master IP, so
+ * for all masters and cannot be overridden for a specific master IP, so
* use the DSCP value set for the first master
*/
if (entry->opts.masters.count > 0 && entry->opts.masters.dscps[0] >= 0)
if (disp->refcount == 0) {
/*
- * This dispatcher is shutting down. Force cancelation.
+ * This dispatcher is shutting down. Force cancellation.
*/
tcpmsg->result = ISC_R_CANCELED;
}
result = open_socket(sockmgr, &localaddr_bound, 0,
&sock, NULL, false);
/*
- * Continue if the port choosen is already in use
+ * Continue if the port chosen is already in use
* or the OS has reserved it.
*/
if (result == ISC_R_NOPERM || result == ISC_R_ADDRINUSE)
/*
* Search for the first response handler without packets outstanding
- * unless a specific hander is given.
+ * unless a specific handler is given.
*/
LOCK(&qid->lock);
for (resp = linear_first(qid); resp != NULL && resp->item_out;
/*
* Stop now without complaining if librpz is not available.
* Complain later if and when librpz is needed for a view with
- * "dnsrps-enable yse" (including the default view).
+ * "dnsrps-enable yes" (including the default view).
*/
if (librpz == NULL) {
return (ISC_R_SUCCESS);
* These two cases are rare enough that we will set hint_publish
* anyway when hint_sign is set, because BIND 9 natively does not
* support the ZSK Double-RRSIG method, and when introducing a new
- * algorihtm, we strive to publish its signatures and DNSKEY records
+ * algorithm, we strive to publish its signatures and DNSKEY records
* at the same time.
*/
if (key->hint_sign && publish == 0) {
}
}
- /* Printable version of key1 (the newly aquired key) */
+ /* Printable version of key1 (the newly acquired key) */
dst_key_format(key1->key, keystr1, sizeof(keystr1));
/* No match found in keys; add the new key. */
enum Type {
// AUTH_QUERY is a DNS query message received from a resolver by an
- // authoritative name server, from the perspective of the authorative
+ // authoritative name server, from the perspective of the authoritative
// name server.
AUTH_QUERY = 1;
dns_adb_setcookie(dns_adb_t *adb, dns_adbaddrinfo_t *addr,
const unsigned char *cookie, size_t len);
/*%<
- * Record the COOKIE associated with this addresss. If
+ * Record the COOKIE associated with this address. If
* cookie is NULL or len is zero the recorded COOKIE is cleared.
*
* Requires:
dns_adb_getcookie(dns_adb_t *adb, dns_adbaddrinfo_t *addr,
unsigned char *cookie, size_t len);
/*
- * Retieve the saved COOKIE value and store it in 'cookie' which has
+ * Retrieve the saved COOKIE value and store it in 'cookie' which has
* size 'len'.
*
* Requires:
*/
struct dns_catz_entry_options {
/*
- * Options that can be overriden in catalog zone
+ * Options that can be overridden in catalog zone
*/
/* default-masters definition */
dns_ipkeylist_t masters;
dns_clientreqtrans_t **transp);
/*%<
- * Send a DNS request containig a query message 'query' to 'server'.
+ * Send a DNS request containing a query message 'query' to 'server'.
*
* 'parseoptions' will be used when the response packet is parsed, and will be
* passed to dns_message_parse() via dns_request_getresponse(). See
*
* dns_db_findnodeext() (findnode extended) also accepts parameters
* 'methods' and 'clientinfo', which, when provided, enable the database to
- * retreive information about the client from the caller, and modify its
+ * retrieve information about the client from the caller, and modify its
* response on the basis of that information.
*
* Notes:
* Find the best match for 'name' and 'type' in version 'version' of 'db'.
*
* dns_db_findext() (find extended) also accepts parameters 'methods'
- * and 'clientinfo', which when provided enable the database to retreive
+ * and 'clientinfo', which when provided enable the database to retrieve
* information about the client from the caller, and modify its response
* on the basis of this information.
*
isc_result_t
dns_db_getnsec3parameters(dns_db_t *db, dns_dbversion_t *version,
dns_hash_t *hash, uint8_t *flags,
- uint16_t *interations, unsigned char *salt,
+ uint16_t *iterations, unsigned char *salt,
size_t *salt_length);
/*%<
* Get the NSEC3 parameters that are associated with this zone.
* clients apply. 'mapped' defines which A records are candidated for
* mapping. If 'mapped' is NULL then all A records will be mapped.
* 'excluded' defines which AAAA are to be treated as non-existent for the
- * purposed of determining whether to perform syntesis. If 'excluded' is
+ * purposed of determining whether to perform synthesis. If 'excluded' is
* NULL then no AAAA records prevent synthesis.
*
* If DNS_DNS64_RECURSIVE_ONLY is set then the record will only match if
/*
* Determine if there are any non-excluded AAAA records in from the
* matching dns64 records in the list starting at 'dns64'. If there
- * is a non-exluded address return true. If all addresses are
+ * is a non-excluded address return true. If all addresses are
* excluded in the matched records return false. If no records
* match then return true.
*
* \li 'n' >= ipkl->count
*
* Returns:
- * \li #ISC_R_SUCCESS if successs
- * \li #ISC_R_NOMEMORY if there's no memory, ipkeylist is left untoched
+ * \li #ISC_R_SUCCESS if success
+ * \li #ISC_R_NOMEMORY if there's no memory, ipkeylist is left untouched
*/
#endif /* ifndef DNS_IPKEYLIST_H */
* should only be used when adding managed-keys from configuration.
* This indicates the key is in "initializing" state, and has not yet
* been confirmed with a key refresh query. Once a key refresh query
- * has validated, we update the keynode with inital == false.)
+ * has validated, we update the keynode with initial == false.)
*
* Notes:
*
* \li Because it only needs to test for equality, dns_name_equal() can be
* significantly faster than dns_name_fullcompare() or dns_name_compare().
*
- * \li Offsets tables are not used in the comparision.
+ * \li Offsets tables are not used in the comparison.
*
* \li It makes no sense for one of the names to be relative and the
* other absolute. If both names are relative, then to be meaningfully
void
dns_resolver_setretryinterval(dns_resolver_t *resolver, unsigned int interval);
/*%<
- * Sets the amount of time, in millseconds, that is waited for a reply
+ * Sets the amount of time, in milliseconds, that is waited for a reply
* to a server before another server is tried. Interacts with the
* value of dns_resolver_getnonbackofftries() by trying that number of times
* at this interval, before doing exponential backoff and doubling the interval
* are exceeded. If 'which' is set to quotatype "zone", then the
* result specified in 'resp' will be used when the fetches-per-zone
* quota is exceeded by a fetch. If 'which' is set to quotatype "server",
- * then the reuslt specified in 'resp' will be used when the
+ * then the result specified in 'resp' will be used when the
* fetches-per-server quota has been exceeded for all the
* authoritative servers for a zone. Valid choices are
* DNS_R_DROP or DNS_R_SERVFAIL.
void
dns_zone_setmaxrecords(dns_zone_t *zone, uint32_t records);
/*%<
- * Sets the maximim number of records permitted in a zone.
+ * Sets the maximum number of records permitted in a zone.
* 0 implies unlimited.
*
* Requires:
uint32_t
dns_zone_getmaxrecords(dns_zone_t *zone);
/*%<
- * Gets the maximim number of records permitted in a zone.
+ * Gets the maximum number of records permitted in a zone.
* 0 implies unlimited.
*
* Requires:
isc_mem_t *mctx, dst_key_t **keyp);
/*%<
* Reads a key from permanent storage. The key can either be a public or
- * private key, or a key stae. It is specified by filename. If a private key
+ * private key, or a key state. It is specified by filename. If a private key
* or key state is specified, the public key must also be present.
*
* If 'dirname' is not NULL, and 'filename' is a relative path,
}
count++;
/*
- * If width is non zero then we need to add a label seperator.
+ * If width is non zero then we need to add a label separator.
* If value is non zero then we need to add another label and
- * that requires a label seperator.
+ * that requires a label separator.
*/
if (width > 0 || value != 0) {
if (length > 0U) {
* <name_data> contains the name of the node when it was created.
* <oldoffsetlen> contains the length of <offsets> when the node
* was created.
- * <offsets> contains the offets into name for each label when the node
+ * <offsets> contains the offsets into name for each label when the node
* was created.
*/
* DS records live above the zone cut in ordinary zone so
* we want to ignore any referral.
*
- * Stub zones don't have anything "above" the delgation so
+ * Stub zones don't have anything "above" the delegation so
* we always return a referral.
*/
if (node->find_callback &&
* Note that "%d node of %d in tree" can report things like
* "flush_deletions: 59 nodes of 41 in tree". This means
* That some nodes appear on the deletions list more than
- * once. Only the last occurence will actually be deleted.
+ * once. Only the last occurrence will actually be deleted.
*/
isc_log_write(dns_lctx, DNS_LOGCATEGORY_DATABASE,
DNS_LOGMODULE_CACHE, ISC_LOG_DEBUG(1),
#define NS_LOCATORSZ 8
/*
- * Active Diretory gc._msdcs.<forest> prefix.
+ * Active Directory gc._msdcs.<forest> prefix.
*/
static unsigned char gc_msdcs_data[] = "\002gc\006_msdcs";
static unsigned char gc_msdcs_offset[] = { 0, 3 };
static inline int
casecompare_cdnskey(ARGS_COMPARE) {
/*
- * Treat ALG 253 (private DNS) subtype name case sensistively.
+ * Treat ALG 253 (private DNS) subtype name case sensitively.
*/
return (compare_cdnskey(rdata1, rdata2));
}
static inline int
casecompare_dnskey(ARGS_COMPARE) {
/*
- * Treat ALG 253 (private DNS) subtype name case sensistively.
+ * Treat ALG 253 (private DNS) subtype name case sensitively.
*/
return (compare_dnskey(rdata1, rdata2));
}
/*
* Check the wire format of the Regexp field.
- * Don't allow embeded NUL's.
+ * Don't allow embedded NUL's.
*/
static inline isc_result_t
txt_valid_regex(const unsigned char *txt) {
static inline int
casecompare_rkey(ARGS_COMPARE) {
/*
- * Treat ALG 253 (private DNS) subtype name case sensistively.
+ * Treat ALG 253 (private DNS) subtype name case sensitively.
*/
return (compare_rkey(rdata1, rdata2));
}
UNUSED(rdclass);
/*
- * Handle Active Diretory gc._msdcs.<forest> name.
+ * Handle Active Directory gc._msdcs.<forest> name.
*/
if (dns_name_countlabels(name) > 2U) {
dns_name_init(&prefix, NULL);
UNUSED(rdclass);
/*
- * Handle Active Diretory gc._msdcs.<forest> name.
+ * Handle Active Directory gc._msdcs.<forest> name.
*/
if (dns_name_countlabels(name) > 2U) {
dns_name_init(&prefix, NULL);
dns_rdataslab_fromrdataset(dns_rdataset_t *rdataset, isc_mem_t *mctx,
isc_region_t *region, unsigned int reservelen) {
/*
- * Use &removed as a sentinal pointer for duplicate
+ * Use &removed as a sentinel pointer for duplicate
* rdata as rdata.data == NULL is valid.
*/
static unsigned char removed;
* zone. So a response to an explicit query for this type should be
* excluded from delegation-only fixup.
*
- * SOA, NS, and DNSKEY can only exist at a zone apex, so a postive
+ * SOA, NS, and DNSKEY can only exist at a zone apex, so a positive
* response to a query for these types can never violate the
* delegation-only assumption: if the query name is below a
* zone cut, the response should normally be a referral, which should
}
/*
- * Record the UDP EDNS size choosen.
+ * Record the UDP EDNS size chosen.
*/
query->udpsize = udpsize;
}
/*
- * Fetch Creation, Joining, and Cancelation.
+ * Fetch Creation, Joining, and Cancellation.
*/
static inline isc_result_t
inc_stats(res, dns_resstatscounter_valnegsuccess);
/*
- * Cache DS NXDOMAIN seperately to other types.
+ * Cache DS NXDOMAIN separately to other types.
*/
if (fctx->rmessage->rcode == dns_rcode_nxdomain &&
fctx->type != dns_rdatatype_ds)
}
/*
- * Cache DS NXDOMAIN seperately to other types.
+ * Cache DS NXDOMAIN separately to other types.
*/
if (fctx->rmessage->rcode == dns_rcode_nxdomain &&
fctx->type != dns_rdatatype_ds)
}
/*
- * Discard prevous hash table when all of its entries are old.
+ * Discard previous hash table when all of its entries are old.
*/
age = delta_rrl_time(rrl->old_hash->check_time, now);
if (age > rrl->window) {
}
/*
- * Log occassionally in the rate-limit category.
+ * Log occasionally in the rate-limit category.
*/
if ((!e->logged || e->log_secs >= DNS_RRL_MAX_LOG_SECS) &&
isc_log_wouldlog(dns_lctx, DNS_RRL_LOG_DROP))
result = dns_db_newversion(db, &new);
assert_int_equal(result, ISC_R_SUCCESS);
- /* Delete the rdataset from the new verison */
+ /* Delete the rdataset from the new version */
result = dns_db_deleterdataset(db, node, new, dns_rdatatype_a, 0);
assert_int_equal(result, ISC_R_SUCCESS);
* The code below enables us to trap assertion failures for testing
* purposes. local_callback() is set as the callback function for
* isc_assertion_failed(). It calls mock_assert() so that CMOCKA
- * will be able to see it, then returns to the calling functon via
+ * will be able to see it, then returns to the calling function via
* longjmp() so that the abort() call in isc_assertion_failed() will
* never be reached. Use check_assertion() to check for assertions
* instead of expect_assert_failure().
* We are currently only checking that the calls do not trigger
* assertion failures.
*
- * XXXMPA A future extention could be to record the expected
+ * XXXMPA A future extension could be to record the expected
* result and the expected value of 'bad'.
*/
static void
amtrelay(void **state) {
text_ok_t text_ok[] = {
TEXT_INVALID(""), TEXT_INVALID("0"), TEXT_INVALID("0 0"),
- /* gatway type 0 */
+ /* gateway type 0 */
TEXT_VALID("0 0 0"), TEXT_VALID("0 1 0"),
TEXT_INVALID("0 2 0"), /* discovery out of range */
- TEXT_VALID("255 1 0"), /* max precendence */
+ TEXT_VALID("255 1 0"), /* max precedence */
TEXT_INVALID("256 1 0"), /* precedence out of range */
/* IPv4 gateway */
- TEXT_INVALID("0 0 1"), /* no addresss */
+ TEXT_INVALID("0 0 1"), /* no address */
TEXT_VALID("0 0 1 0.0.0.0"),
TEXT_INVALID("0 0 1 0.0.0.0 x"), /* extra */
- TEXT_INVALID("0 0 1 0.0.0.0.0"), /* bad addresss */
- TEXT_INVALID("0 0 1 ::"), /* bad addresss */
- TEXT_INVALID("0 0 1 ."), /* bad addresss */
+ TEXT_INVALID("0 0 1 0.0.0.0.0"), /* bad address */
+ TEXT_INVALID("0 0 1 ::"), /* bad address */
+ TEXT_INVALID("0 0 1 ."), /* bad address */
/* IPv6 gateway */
- TEXT_INVALID("0 0 2"), /* no addresss */
+ TEXT_INVALID("0 0 2"), /* no address */
TEXT_VALID("0 0 2 ::"), TEXT_INVALID("0 0 2 :: xx"), /* extra */
- TEXT_INVALID("0 0 2 0.0.0.0"), /* bad addresss */
- TEXT_INVALID("0 0 2 ."), /* bad addresss */
+ TEXT_INVALID("0 0 2 0.0.0.0"), /* bad address */
+ TEXT_INVALID("0 0 2 ."), /* bad address */
/* hostname gateway */
TEXT_INVALID("0 0 3"), /* no name */
A records cause no additional section processing. The RDATA section of
an A line in a master file is an Internet address expressed as four
-decimal numbers separated by dots without any imbedded spaces (e.g.,
+decimal numbers separated by dots without any embedded spaces (e.g.,
"10.2.0.52" or "192.0.5.6").
3.4.2. WKS RDATA format
In order to reduce the size of messages, the domain system utilizes a
compression scheme which eliminates the repetition of domain names in a
message. In this scheme, an entire domain name or a list of labels at
-the end of a domain name is replaced with a pointer to a prior occurance
+the end of a domain name is replaced with a pointer to a prior occurrence
of the same name.
The pointer takes the form of a two octet sequence:
- a sequence of labels ending with a pointer
-Pointers can only be used for occurances of a domain name where the
+Pointers can only be used for occurrences of a domain name where the
format is not class specific. If this were not the case, a name server
or resolver would be required to know the format of all RRs it handled.
As yet, there are no such cases, but they may occur in future RDATA
Facilities," RFC-882, USC/Information Sciences
Institute, November 1983.
- Superceeded by this memo.
+ Superseded by this memo.
[RFC-883] P. Mockapetris, "Domain names - Implementation and
Specification," RFC-883, USC/Information Sciences
Institute, November 1983.
- Superceeded by this memo.
+ Superseded by this memo.
[RFC-920] J. Postel and J. Reynolds, "Domain Requirements",
RFC-920, USC/Information Sciences Institute,
A records cause no additional section processing. The RDATA section of
an A line in a master file is an Internet address expressed as four
-decimal numbers separated by dots without any imbedded spaces (e.g.,
+decimal numbers separated by dots without any embedded spaces (e.g.,
"10.2.0.52" or "192.0.5.6").
3.4.2. WKS RDATA format
In order to reduce the size of messages, the domain system utilizes a
compression scheme which eliminates the repetition of domain names in a
message. In this scheme, an entire domain name or a list of labels at
-the end of a domain name is replaced with a pointer to a prior occurance
+the end of a domain name is replaced with a pointer to a prior occurrence
of the same name.
The pointer takes the form of a two octet sequence:
- a sequence of labels ending with a pointer
-Pointers can only be used for occurances of a domain name where the
+Pointers can only be used for occurrences of a domain name where the
format is not class specific. If this were not the case, a name server
or resolver would be required to know the format of all RRs it handled.
As yet, there are no such cases, but they may occur in future RDATA
Facilities," RFC-882, USC/Information Sciences
Institute, November 1983.
- Superceeded by this memo.
+ Superseded by this memo.
[RFC-883] P. Mockapetris, "Domain names - Implementation and
Specification," RFC-883, USC/Information Sciences
Institute, November 1983.
- Superceeded by this memo.
+ Superseded by this memo.
[RFC-920] J. Postel and J. Reynolds, "Domain Requirements",
RFC-920, USC/Information Sciences Institute,
RWLOCK(&tkey->ring->lock, isc_rwlocktype_write);
/*
* We may have been removed from the LRU list between
- * removing the read lock and aquiring the write lock.
+ * removing the read lock and acquiring the write lock.
*/
if (ISC_LINK_LINKED(tkey, link) && tkey->ring->lru.tail != tkey)
{
/*
* If we are validating a wildcard response
* clabels will not be zero. We then need
- * to check if the generated wilcard from
+ * to check if the generated wildcard from
* dns_nsec_noexistnodata is consistent with
* the wildcard used to generate the response.
*/
}
/*
- * Create path to a directory and a filename contructed from viewname.
+ * Create path to a directory and a filename constructed from viewname.
* This is a front-end to isc_file_sanitize(), allowing backward
* compatibility to older versions when a file couldn't be expected
* to be in the specified directory but might be in the current working
isc_sockaddr_setport(&xfr->sourceaddr, 0);
/*
- * Reserve 2 bytes for TCP length at the begining of the buffer.
+ * Reserve 2 bytes for TCP length at the beginning of the buffer.
*/
isc_buffer_init(&xfr->qbuffer, &xfr->qbuffer_data[2],
sizeof(xfr->qbuffer_data) - 2);
DNS_ZONEFLG_EXPIRED = 0x00000080U, /*%< zone has expired */
DNS_ZONEFLG_NEEDREFRESH = 0x00000100U, /*%< refresh check needed */
DNS_ZONEFLG_UPTODATE = 0x00000200U, /*%< zone contents are
- * uptodate */
+ * up-to-date */
DNS_ZONEFLG_NEEDNOTIFY = 0x00000400U, /*%< need to send out notify
* messages */
DNS_ZONEFLG_DIFFONRELOAD = 0x00000800U, /*%< generate a journal diff on
}
/*
- * Co-ordinates the starting of routine jobs.
+ * Coordinates the starting of routine jobs.
*/
void
dns_zone_maintenance(dns_zone_t *zone) {
* An RPZ zone has expired; before unloading it, we must
* first remove it from the RPZ summary database. The
* easiest way to do this is "update" it with an empty
- * database so that the update callback synchonizes
+ * database so that the update callback synchronizes
* the diff automatically.
*/
if (zone->rpzs != NULL && zone->rpz_num != DNS_RPZ_INVALID_NUM) {
}
/*
- * walk nsec3param rdataset making a list of parameters (note that
+ * Walk nsec3param rdataset making a list of parameters (note that
* multiple simultaneous nsec3 chains are annoyingly legal -- this
- * is why we use an nsec3list, even tho we will usually only have
- * one)
+ * is why we use an nsec3list, even though we will usually only
+ * have one).
*/
for (result = dns_rdataset_first(&rdataset); result == ISC_R_SUCCESS;
result = dns_rdataset_next(&rdataset))
REQUIRE(DNS_ZONEMGR_VALID(zmgr));
setrl(zmgr->refreshrl, &zmgr->serialqueryrate, value);
- /* XXXMPA seperate out once we have the code to support this. */
+ /* XXXMPA separate out once we have the code to support this. */
setrl(zmgr->startuprefreshrl, &zmgr->startupserialqueryrate, value);
}
}
/*
- * We don't use dns_db_find() here as it works with the choosen
+ * We don't use dns_db_find() here as it works with the chosen
* nsec3 chain and we may also be called with uncommitted data
* from dnssec-signzone so the secure status of the zone may not
* be up to date.
/*!
* Allocate an addrinfo structure, and a sockaddr structure
- * of the specificed length. We initialize:
+ * of the specified length. We initialize:
* ai_addrlen
* ai_family
* ai_addr
/*@}*/
/*!
- * Size granularity for dynamically resizeable buffers; when reserving
+ * Size granularity for dynamically resizable buffers; when reserving
* space in a buffer, we round the allocated buffer length up to the
* nearest * multiple of this value.
*/
* probable that something could be cobbled together in NT 5 with inheritance,
* it can't really be done in NT 4 as a single property that you could
* set on a directory. You'd need to coordinate something with file creation
- * so that every file created had DELETE set for the owner but noone else.
+ * so that every file created had DELETE set for the owner but no one else.
*
* On Unix systems, setting #ISC_FSACCESS_LISTDIRECTORY sets READ.
* ... setting either #ISC_FSACCESS_CREATECHILD or #ISC_FSACCESS_DELETECHILD
* isc_hmac_final:
* @hmac: HMAC context
* @digest: the output buffer
- * @digestlen: the lenth of the data written to @digest
+ * @digestlen: the length of the data written to @digest
*
* This function retrieves the message authentication code from @hmac and places
* it in @digest, which must have space for the hash function output. If the
*\li 'lex' is a valid lexer.
*
* Returns:
- *\li The commenting sytles which are currently allowed.
+ *\li The commenting styles which are currently allowed.
*/
void
*\li #ISC_R_NOMEMORY Resource limit: Out of memory
*/
-/* Attention: next four comments PRECEED code */
+/* Attention: next four comments PRECEDE code */
/*!
* \brief
* Write a message to the log channels.
isc_result_t
isc_netaddr_prefixok(const isc_netaddr_t *na, unsigned int prefixlen);
/*
- * Test whether the netaddr 'na' and 'prefixlen' are consistant.
+ * Test whether the netaddr 'na' and 'prefixlen' are consistent.
* e.g. prefixlen within range.
* na does not have bits set which are not covered by the prefixlen.
*
* \param[in] ref pointer to reference counter.
* \returns current value of reference counter.
*
- * Undo implict promotion to 64 bits in our Windows implementation of
+ * Undo implicit promotion to 64 bits in our Windows implementation of
* atomic_load_explicit() by casting to uint_fast32_t.
*/
*
* \li "task" is NULL or a valid task
*
- * "how" is a bitmask describing the type of cancelation to perform.
+ * "how" is a bitmask describing the type of cancellation to perform.
* The type ISC_SOCKCANCEL_ALL will cancel all pending I/O on this
* socket.
*
void
isc_stats_set(isc_stats_t *stats, uint64_t val, isc_statscounter_t counter);
/*%<
- * Set the given counter to the specfied value.
+ * Set the given counter to the specified value.
*
* Requires:
*\li 'stats' is a valid isc_stats_t.
void
isc_stats_set(isc_stats_t *stats, uint64_t val, isc_statscounter_t counter);
/*%<
- * Set the given counter to the specfied value.
+ * Set the given counter to the specified value.
*
* Requires:
*\li 'stats' is a valid isc_stats_t.
/*! \file pk11/constants.h */
/*%
- * Static arrays of data used for key template initalization
+ * Static arrays of data used for key template initialization
*/
static CK_BYTE pk11_ecc_prime256v1[] = { 0x06, 0x08, 0x2a, 0x86, 0x48,
0xce, 0x3d, 0x03, 0x01, 0x07 };
atomic_bool paused;
/*
- * Acive connections are being closed and new connections are
+ * Active connections are being closed and new connections are
* no longer allowed.
*/
atomic_bool closing;
atomic_bool interlocked;
/*
- * Timeout values for TCP connections, coresponding to
+ * Timeout values for TCP connections, corresponding to
* tcp-intiial-timeout, tcp-idle-timeout, tcp-keepalive-timeout,
* and tcp-advertised-timeout. Note that these are stored in
* milliseconds so they can be used directly with the libuv timer,
/*%
* TCPDNS socket has exceeded the maximum number of
- * simultaneous requests per connecton, so will be temporarily
+ * simultaneous requests per connection, so will be temporarily
* restricted from pipelining.
*/
atomic_bool overlimit;
isc_sockaddr_t *local);
/*%<
* Get a handle for the socket 'sock', allocating a new one
- * if there isn't one availbale in 'sock->inactivehandles'.
+ * if there isn't one available in 'sock->inactivehandles'.
*
* If 'peer' is not NULL, set the handle's peer address to 'peer',
* otherwise set it to 'sock->peer'.
isc__nm_uvreq_get(isc_nm_t *mgr, isc_nmsocket_t *sock);
/*%<
* Get a UV request structure for the socket 'sock', allocating a
- * new one if there isn't one availbale in 'sock->inactivereqs'.
+ * new one if there isn't one available in 'sock->inactivereqs'.
*/
void
isc__nm_udp_send(isc_nmhandle_t *handle, isc_region_t *region, isc_nm_cb_t cb,
void *cbarg);
/*%<
- * Back-end implemenation of isc_nm_send() for UDP handles.
+ * Back-end implementation of isc_nm_send() for UDP handles.
*/
void
isc__nm_tcp_send(isc_nmhandle_t *handle, isc_region_t *region, isc_nm_cb_t cb,
void *cbarg);
/*%<
- * Back-end implemenation of isc_nm_send() for TCP handles.
+ * Back-end implementation of isc_nm_send() for TCP handles.
*/
void
isc__nm_tcpdns_send(isc_nmhandle_t *handle, isc_region_t *region,
isc_nm_cb_t cb, void *cbarg);
/*%<
- * Back-end implemenation of isc_nm_send() for TCPDNS handles.
+ * Back-end implementation of isc_nm_send() for TCPDNS handles.
*/
void
if (quota != NULL) {
/*
* We don't attach to quota, just assign - to avoid
- * increasing quota unnecesarily.
+ * increasing quota unnecessarily.
*/
nsock->pquota = quota;
}
}
++c;
break;
- case '|': /* alternative seperator */
+ case '|': /* alternative separator */
if (!have_atom) {
FAIL("no atom");
}
if (threadid == -1) {
/*
* Task is not pinned to a queue, it's threadid will be
- * choosen when first task will be sent to it - either
+ * chosen when first task will be sent to it - either
* randomly or specified by isc_task_sendto.
*/
task->bound = false;
* bit.
*
* Broadcasting on halt_cond seems suboptimal, but
- * exclusive tasks are rare enought that we don't
+ * exclusive tasks are rare enough that we don't
* care.
*/
LOCK(&manager->halt_lock);
isc_time_formatshorttimestamp(const isc_time_t *t, char *buf, unsigned int len);
/*%<
* Format the time 't' into the buffer 'buf' of length 'len',
- * using the format "yyyymmddhhmmsssss" userful for file timestamping.
+ * using the format "yyyymmddhhmmsssss" useful for file timestamping.
* If the text does not fit in the buffer, the result is indeterminate,
* but is always guaranteed to be null terminated.
*
/*
* Enable this only for specific OS versions, and only when they have repaired
* their problems with it. Until then, this is is broken and needs to be
- * diabled by default. See RT22589 for details.
+ * disabled by default. See RT22589 for details.
*/
#undef ENABLE_ACCEPTFILTER
*/
/*
- * Values are 32 bit values layed out as follows:
+ * Values are 32 bit values laid out as follows:
*
* 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
* 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
isc_time_formatshorttimestamp(const isc_time_t *t, char *buf, unsigned int len);
/*%<
* Format the time 't' into the buffer 'buf' of length 'len',
- * using the format "yyyymmddhhmmsssss" userful for file timestamping.
+ * using the format "yyyymmddhhmmsssss" useful for file timestamping.
* If the text does not fit in the buffer, the result is indeterminate,
* but is always guaranteed to be null terminated.
*
if (lib_name == NULL) {
return (CKR_LIBRARY_FAILED_TO_LOAD);
}
- /* Visual Studio convertion issue... */
+ /* Visual Studio conversion issue... */
if (*lib_name == ' ') {
lib_name++;
}
/*
* Maybe free the socket.
*
- * This function will verify tht the socket is no longer in use in any way,
+ * This function will verify that the socket is no longer in use in any way,
* either internally or externally. This is the only place where this
* check is to be made; if some bit of code believes that IT is done with
* the socket (e.g., some reference counter reaches zero), it should call
/* */
/* One specific one is when a TCP SYN scan is used. In this situation, */
/* Windows responds with the SYN-ACK, but the scanner never responds with */
-/* the 3rd packet, the ACK. Windows consiers this a partially open connection.
+/* the 3rd packet, the ACK. Windows considers this a partially open connection.
*/
/* Most Unix networking stacks, and Windows without McAfee installed, will */
/* not return this to the caller. However, with this product installed, */
0, /* Length of Buffer */
sizeof(SOCKADDR_STORAGE) + 16, /* Local address length + 16
*/
- sizeof(SOCKADDR_STORAGE) + 16, /* Remote address lengh + 16
+ sizeof(SOCKADDR_STORAGE) + 16, /* Remote address length + 16
*/
(LPDWORD)&lpo->received_bytes, /* Bytes Recved */
(LPOVERLAPPED)lpo /* Overlapped structure */
0, /* Length of Buffer */
sizeof(SOCKADDR_STORAGE) + 16, /* Local address length + 16
*/
- sizeof(SOCKADDR_STORAGE) + 16, /* Remote address lengh + 16
+ sizeof(SOCKADDR_STORAGE) + 16, /* Remote address length + 16
*/
(LPDWORD)&lpo->received_bytes, /* Bytes Recved */
(LPOVERLAPPED)lpo /* Overlapped structure */
cfg_doc_enum_or_other(pctx, type, &cfg_type_boolean);
}
static cfg_type_t cfg_type_minimal = {
- "mimimal", parse_minimal, cfg_print_ustring,
+ "minimal", parse_minimal, cfg_print_ustring,
doc_minimal, &cfg_rep_string, minimal_enums,
};
/*%
* The socket address syntax in the "controls" statement is silly.
* It allows both socket address families, but also allows "*",
- * whis is gratuitously interpreted as the IPv4 wildcard address.
+ * which is gratuitously interpreted as the IPv4 wildcard address.
*/
static unsigned int controls_sockaddr_flags = CFG_ADDR_V4OK | CFG_ADDR_V6OK |
CFG_ADDR_WILDOK;
}
len = vsnprintf(message, sizeof(message), format, args);
-#define ELIPSIS " ... "
+#define ELLIPSIS " ... "
if (len >= sizeof(message)) {
- message[sizeof(message) - sizeof(ELIPSIS)] = 0;
- strlcat(message, ELIPSIS, sizeof(message));
+ message[sizeof(message) - sizeof(ELLIPSIS)] = 0;
+ strlcat(message, ELLIPSIS, sizeof(message));
}
if ((flags & (CFG_LOG_NEAR | CFG_LOG_BEFORE | CFG_LOG_NOPREP)) != 0) {
bool authoritative; /* authoritative query? */
bool want_restart; /* CNAME chain or other
* restart needed */
- bool need_wildcardproof; /* wilcard proof needed */
+ bool need_wildcardproof; /* wildcard proof needed */
bool nxrewrite; /* negative answer from RPZ */
bool findcoveringnsec; /* lookup covering NSEC */
bool answer_has_ns; /* NS is in answer */
*/
if (labels - first < 2) {
rpz_log_fail(client, DNS_RPZ_ERROR_LEVEL, suffix,
- rpz_type, "concatentate()", result);
+ rpz_type, "concatenate()", result);
return (ISC_R_FAILURE);
}
/*
*/
if (first == 0) {
rpz_log_fail(client, DNS_RPZ_DEBUG_LEVEL1, suffix,
- rpz_type, "concatentate()", result);
+ rpz_type, "concatenate()", result);
}
++first;
}
* 2nd zone matters until after recursing to get the A RRs and
* testing them in the first zone.
* Do not bother saving the work from this attempt,
- * because recusion is so slow.
+ * because recursion is so slow.
*/
if (qresult_type == qresult_type_recurse) {
goto cleanup;
}
/*
* We are finished checking the IP addresses for the qname.
- * Start with IPv4 if we will check NS IP addesses.
+ * Start with IPv4 if we will check NS IP addresses.
*/
st->state |= DNS_RPZ_DONE_QNAME_IP;
st->state &= ~DNS_RPZ_DONE_IPv4;
}
qctx->client->query.root_key_sentinel_is_ta = true;
/*
- * Simplify processing by disabling agressive
+ * Simplify processing by disabling aggressive
* negative caching.
*/
qctx->findcoveringnsec = false;
}
qctx->client->query.root_key_sentinel_not_ta = true;
/*
- * Simplify processing by disabling agressive
+ * Simplify processing by disabling aggressive
* negative caching.
*/
qctx->findcoveringnsec = false;
}
case DNS_RPZ_POLICY_CNAME:
/*
- * Add overridding CNAME from a named.conf
+ * Add overriding CNAME from a named.conf
* response-policy statement
*/
result = query_rpzcname(qctx,
}
/*%
- * Build a repsonse for a "normal" query, for a type other than ANY,
+ * Build a response for a "normal" query, for a type other than ANY,
* for which we have an answer (either positive or negative).
*/
static isc_result_t
isc_result_t result;
/*
- * Detemine the correct TTL to use for the SOA and RRSIG
+ * Determine the correct TTL to use for the SOA and RRSIG
*/
ttl = query_synthttl(*soardatasetp, *sigsoardatasetp, qctx->rdataset,
qctx->sigrdataset, NULL, NULL);
CCTRACE(ISC_LOG_DEBUG(3), "query_synthnxdomain");
/*
- * Detemine the correct TTL to use for the SOA and RRSIG
+ * Determine the correct TTL to use for the SOA and RRSIG
*/
ttl = query_synthttl(*soardatasetp, *sigsoardatasetp, qctx->rdataset,
qctx->sigrdataset, nowildrdataset,
/*%
* Handle covering NSEC responses.
*
- * Verify the NSEC record is apropriate for the QNAME; if not,
+ * Verify the NSEC record is appropriate for the QNAME; if not,
* redo the initial query without DNS_DBFIND_COVERINGNSEC.
*
* If the covering NSEC proves that the name exists but not the type,
}
/*%
- * Add CNAME to repsonse.
+ * Add CNAME to response.
*/
static isc_result_t
query_addcname(query_ctx_t *qctx, dns_trust_t trust, dns_ttl_t ttl) {
remove_orphaned_ds(dns_db_t *db, dns_dbversion_t *newver, dns_diff_t *diff) {
isc_result_t result;
bool ns_exists;
- dns_difftuple_t *tupple;
+ dns_difftuple_t *tuple;
dns_diff_t temp_diff;
dns_diff_init(diff->mctx, &temp_diff);
- for (tupple = ISC_LIST_HEAD(diff->tuples); tupple != NULL;
- tupple = ISC_LIST_NEXT(tupple, link))
+ for (tuple = ISC_LIST_HEAD(diff->tuples); tuple != NULL;
+ tuple = ISC_LIST_NEXT(tuple, link))
{
- if (!((tupple->op == DNS_DIFFOP_DEL &&
- tupple->rdata.type == dns_rdatatype_ns) ||
- (tupple->op == DNS_DIFFOP_ADD &&
- tupple->rdata.type == dns_rdatatype_ds)))
+ if (!((tuple->op == DNS_DIFFOP_DEL &&
+ tuple->rdata.type == dns_rdatatype_ns) ||
+ (tuple->op == DNS_DIFFOP_ADD &&
+ tuple->rdata.type == dns_rdatatype_ds)))
{
continue;
}
- CHECK(rrset_exists(db, newver, &tupple->name, dns_rdatatype_ns,
+ CHECK(rrset_exists(db, newver, &tuple->name, dns_rdatatype_ns,
0, &ns_exists));
if (ns_exists &&
- !dns_name_equal(&tupple->name, dns_db_origin(db))) {
+ !dns_name_equal(&tuple->name, dns_db_origin(db))) {
continue;
}
- CHECK(delete_if(true_p, db, newver, &tupple->name,
+ CHECK(delete_if(true_p, db, newver, &tuple->name,
dns_rdatatype_ds, 0, NULL, &temp_diff));
}
result = ISC_R_SUCCESS;
failure:
- for (tupple = ISC_LIST_HEAD(temp_diff.tuples); tupple != NULL;
- tupple = ISC_LIST_HEAD(temp_diff.tuples))
+ for (tuple = ISC_LIST_HEAD(temp_diff.tuples); tuple != NULL;
+ tuple = ISC_LIST_HEAD(temp_diff.tuples))
{
- ISC_LIST_UNLINK(temp_diff.tuples, tupple, link);
- dns_diff_appendminimal(diff, &tupple);
+ ISC_LIST_UNLINK(temp_diff.tuples, tuple, link);
+ dns_diff_appendminimal(diff, &tuple);
}
return (result);
}
next = ISC_LIST_NEXT(tuple, link);
if ((tuple->rdata.data[1] & ~DNS_NSEC3FLAG_OPTOUT) != 0) {
/*
- * If we havn't had any adds then the tuple->ttl must
+ * If we haven't had any adds then the tuple->ttl must
* be the original ttl and should be used for any
* future changes.
*/
for (tuple = ISC_LIST_HEAD(temp_diff.tuples); tuple != NULL;
tuple = next) {
/*
- * If we havn't had any adds then the tuple->ttl must be the
+ * If we haven't had any adds then the tuple->ttl must be the
* original ttl and should be used for any future changes.
*/
if (!ttl_good) {
/*
* Look for any deletes which match this ADD ignoring
- * flags. We don't need to explictly remove them as
+ * flags. We don't need to explicitly remove them as
* they will be removed a side effect of processing
* the add.
*/
/*
* Remove any existing CREATE request to add an
- * otherwise indentical chain with a reversed
+ * otherwise identical chain with a reversed
* OPTOUT state.
*/
buf[2] ^= DNS_NSEC3FLAG_OPTOUT;
s/^(\s{0,3}\d*\.)\s(\[\w{1,5}\])\s+(\S+)/$1\t$2\t\t$3/;
s/^(\s{0,3}\d*\.)\s(\[\w{6,}\])\s+(\S+)/$1\t$2\t$3/;
# Convert 8 spaces into tabs if at start of line
- # or preceeded by tabs.
+ # or preceded by tabs.
s/^(\t*) /$1\t/ while (/^\t* /);
# Remove trailing white space.
s/[ \t]*$//;
# tab if at start of line or proceeded by tabs.
# s/^(\t*) {1,7}\t/$1\t/ while (/^\t* {1,7}\t/);
# Convert 8 spaces into tabs if at start of line
- # or preceeded by tabs.
+ # or preceded by tabs.
# s/^(\t*) {8}/$1\t/ while (/^\t* {8}/);
# Remove trailing white space.
s/[ \t]*$//;
" clean (command) clean up generated files\n",
" <none> (command) print a summary of the configuration\n",
"\nOptional Features:\n",
-" enable-intrinsics enable instrinsic/atomic functions [default=yes]\n",
+" enable-intrinsics enable intrinsic/atomic functions [default=yes]\n",
" enable-native-pkcs11 use native PKCS#11 for all crypto [default=no]\n",
" enable-openssl-hash use OpenSSL for hash functions [default=yes]\n",
" enable-isc-spnego use SPNEGO from lib/dns [default=yes]\n",
projects / thirdparty / bind9.git / commitdiff
