BASEDIR=`pwd`;
LIBDIR=${BASEDIR}/libs;
SUBDIRS="apr \
- libzrtp ilbc iksemel js js/nsprpub ldns libdingaling libsndfile sofia-sip \
+ libzrtp ilbc iksemel js js/nsprpub libdingaling libsndfile sofia-sip \
speex srtp openzap freetdm spandsp libg722_1 portaudio unimrcp tiff-4.0.2 broadvoice silk libcodec2 \
fs";
bootstrap_libs_post() {
case "$1" in
- ldns)
- cd $BASEDIR/libs/ldns
- if test ! -x install-sh; then
- ex ${AUTOMAKE:-automake} --add-missing --copy
- ex rm -rf autom4te*.cache
- chmod a+x install-sh
- fi
- ;;
+ *) return 0;;
esac
}
;;
esac
+# temporary workaround for Debian libldns-dev package bug
+if test -f /usr/lib/pkg-config/libldns.pc; then
+ path_push_unique PKG_CONFIG_PATH /usr/lib/pkg-config
+fi
+
PKG_CHECK_MODULES([SQLITE], [sqlite3 >= 3.6.20])
PKG_CHECK_MODULES([CURL], [libcurl >= 7.19])
PKG_CHECK_MODULES([PCRE], [libpcre >= 7.8])
PKG_CHECK_MODULES([YAML], [yaml-0.1 >= 0.1.4],[
AM_CONDITIONAL([HAVE_YAML],[true])],[
AC_MSG_RESULT([no]); AM_CONDITIONAL([HAVE_YAML],[false])])
+PKG_CHECK_MODULES([LDNS], [libldns >= 1.6.6],[
+ AM_CONDITIONAL([HAVE_LDNS],[true])],[
+ AC_MSG_RESULT([no]); AM_CONDITIONAL([HAVE_LDNS],[false])])
PKG_CHECK_MODULES([MEMCACHED], [libmemcached >= 0.31],[
AM_CONDITIONAL([HAVE_MEMCACHED],[true])
Module: applications/mod_enum
Description: ENUM
This module implements ENUM support.
+Build-Depends: libldns-dev
Module: applications/mod_esf
Description: Multicast support
Copyright: 1991,1993, The Regents of the University of California
License: BSD-3-clause
-Files: libs/ldns/*
-Copyright: 2001-2010, NLnet Labs
- 2000-2001, Aaron D. Gifford
- 2000-2003 Damien Miller
- 1999 WIDE Project
- 1998 Todd C. Miller <Todd.Miller@courtesan.com>
- 1996, 1998 Internet Software Consortium.
- 1995 International Business Machines
-License: BSD-2-clause
-
-Files: libs/ldns/compat/fake-rfc2553.[ch]
- libs/ldns/examples/fake-rfc2553.h
- libs/ldns/ldns/rbtree.h
- libs/ldns/rbtree.c
- libs/win32/ldns/ldns-lib/util.h
-Copyright: 2001-2010, NLnet Labs
- 2000-2003 Damien Miller
- 1999 WIDE Project
-License: BSD-3-clause
-
-Files: libs/ldns/compat/b32_pton.c
- libs/ldns/compat/strlcpy.c
- libs/ldns/compat/b32_ntop.c
- libs/ldns/compat/b64_ntop.c
- libs/ldns/compat/inet_pton.c
-Copyright: 1996, 1998 Internet Software Consortium.
- 1995 International Business Machines, Inc.
- 1998 Todd C. Miller <Todd.Miller@courtesan.com>
-License: ISC
-
Files: libs/js/*
Copyright: 1998-2006 Mozilla <http://www.mozilla.org/>
1996-2000 Netscape Communications Corporation
Rules:
rules:
- -
- Glob: libs/ldns/*
- Matches: NLnet\s*Labs,?\s*(20\d\d(|\s*-\s*20\d\d)|All\sright\sreserved)
- Copyright: 2004-2010, NLnet Labs
- -
- Glob: libs/win32/ldns/ldns-lib/util.h
- Matches: NLnet\s*Labs,?\s*(20\d\d(|\s*-\s*20\d\d)|All\sright\sreserved)
- Copyright: 2004-2010, NLnet Labs
-
Glob: libs/miniupnpc/*
Matches: Thomas\sBERNARD
/js/src/jsautocfg.h
/js/src/perlconnect/Makefile.PL
/lame-*/
-/ldns-*/
-/ldns/doc/ldns_manpages
-/ldns/include/
-/ldns/ldns/config.h
-/ldns/ldns/ldns
-/ldns/ldns/net.h
-/ldns/ldns/util.h
-/ldns/lib
-/ldns/linktest
-/ldns/Makefile
-/ldns/packaging/ldns-config
/libcodec2/src/c2dec
/libcodec2/src/c2demo
/libcodec2/src/c2enc
!/apr-util/xml/expat/conftools/install-sh
!/apr-util/xml/expat/conftools/missing
!/iksemel/ltmain.sh
-!/ldns/drill/config.h.in
-!/ldns/drill/configure
-!/ldns/drill/install-sh
-!/ldns/examples/config.h.in
-!/ldns/examples/configure
-!/ldns/ldns/config.h.in
!/libdingaling/config.guess
!/libdingaling/config.sub
!/libdingaling/depcomp
+++ /dev/null
-1.6.9 2011-03-16
- * Fix creating NSEC(3) bitmaps: make array size 65536,
- don't add doubles.
- * Fix printout of escaped binary in TXT records.
- * Parsing TXT records: don't skip starting whitespace that is quoted.
- * bugfix #358: Check if memory was successfully allocated in
- ldns_rdf2str().
- * Added more memory allocation checks in host2str.c
- * python wrapper for ldns_fetch_valid_domain_keys by Bedrich Kosata.
- * fix to compile python wrapper with swig 2.0.2.
- * Don't fallback to SHA-1 when creating NSEC3 hash with another
- algorithm identifier, fail instead (no other algorithm identifiers
- are assigned yet).
-
-1.6.8 2011-01-24
- * Fix ldns zone, so that $TTL definition match RFC 2308.
- * Fix lots of missing checks on allocation failures and parse of
- NSEC with many types and max parse length in hosts_frm_fp routine
- and off by one in read_anchor_file routine (thanks Dan Kaminsky and
- Justin Ferguson).
- * bugfix #335: Drill: Print both SHA-1 and SHA-256 corresponding DS
- records.
- * Print correct WHEN in query packet (is not always 1-1-1970)
- * ldns-test-edns: new example tool that detects EDNS support.
- * fix ldns_resolver_send without openssl.
- * bugfix #342: patch for support for more CERT key types (RFC4398).
- * bugfix #351: fix udp_send hang if UDP checksum error.
- * fix set_bit (from NSEC3 sign) patch from Jan Komissar.
-
-1.6.7 2010-11-08
- * EXPERIMENTAL ecdsa implementation, please do not enable on real
- servers.
- * GOST code enabled by default (RFC 5933).
- * bugfix #326: ignore whitespace between directives and their values.
- * Header comment to advertise ldns_axfr_complete to check for
- successfully completed zone transfers.
- * read resolv.conf skips interface labels, e.g. %eth0.
- * Fix drill verify NSEC3 denials.
- * Use closesocket() on windows.
- * Add ldns_get_signing_algorithm_by_name that understand aliases,
- names changed to RFC names and aliases for compatibility added.
- * bugfix: don't print final dot if the domain is relative.
- * bugfix: resolver search continue when packet rcode != NOERROR.
- * bugfix: resolver push all domains in search directive to list.
- * bugfix: resolver search by default includes the root domain.
- * bugfix: tcp read could fail on single octet recv.
- * bugfix: read of RR in unknown syntax with missing fields.
- * added ldns_pkt_tsig_sign_next() and ldns_pkt_tsig_verify_next()
- to sign and verify TSIG RRs on subsequent messages
- (section 4.4, RFC 2845, thanks to Michael Sheldon).
- * bugfix: signer sigs nsecs with zsks only.
- * bugfix #333: fix ldns_dname_absolute for name ending with backslash.
-
-1.6.6 2010-08-09
- * Fix ldns_rr_clone to copy question rrs properly.
- * Fix ldns_sign_zone(_nsec3) to clone the soa for the new zone.
- * Fix ldns_wire2dname size check from reading 1 byte beyond buffer end.
- * Fix ldns_wire2dname from reading 1 byte beyond end for pointer.
- * Fix crash using GOST for particular platform configurations.
- * extern C declarations used in the header file.
- * Removed debug fprintf from resolver.c.
- * ldns-signzone checks if public key file is for the right zone.
- * NETLDNS, .NET port of ldns functionality, by Alex Nicoll, in contrib.
- * Fix handling of comments in resolv.conf parse.
- * GOST code enabled if SSL recent, RFC 5933.
- * bugfix #317: segfault util.c ldns_init_random() fixed.
- * Fix ldns_tsig_mac_new: allocate enough memory for the hash, fix use of
- b64_pton_calculate_size.
- * Fix ldns_dname_cat: size calculation and handling of realloc().
- * Fix ldns_rr_pop_rdf: fix handling of realloc().
- * Fix ldns-signzone for single type key scheme: sign whole zone if there
- are only KSKs.
- * Fix ldns_resolver: also close socket if AXFR failed (if you don't,
- it would block subsequent transfers (thanks Roland van Rijswijk).
- * Fix drill: allow for a secure trace if you use DS records as trust
- anchors (thanks Jan Komissar).
-
-1.6.5 2010-06-15
- * Catch \X where X is a digit as an error.
- * Fix segfault when ip6 ldns resolver only has ip4 servers.
- * Fix NSEC record after DNSKEY at zone apex not properly signed.
- * Fix syntax error if last label too long and no dot at end of domain.
- * Fix parse of \# syntax with space for type LOC.
- * Fix ldns_dname_absolute for escape sequences, fixes some parse errs.
- * bugfix #297: linking ssl, bug due to patch submitted as #296.
- * bugfix #299: added missing declarations to host2str.h
- * ldns-compare-zones -s to not exclude SOA record from comparison.
- * --disable-rpath fix
- * fix ldns_pkt_empty(), reported by Alex Nicoll.
- * fix ldns_resolver_new_frm_fp not ignore lines after a comment.
- * python code for ldns_rr.new_question_frm_str()
- * Fix ldns_dnssec_verify_denial: the signature selection routine.
- * Type TALINK parsed (draft-ietf-dnsop-trust-history).
- * bugfix #304: fixed dead loop in ldns_tcp_read_wire() and
- ldns_tcp_read_wire_timeout().
- * GOST support with correct algorithm numbers. The plan is to make it
- enabled if openssl support is detected, but it is disabled by
- default in this release because the RFC is not ready.
- * Fixed comment in rbtree.h about being first member and data ptr.
- * Fixed possibly leak in case of out of memory in ldns_native2rdf...
- * ldns_dname_is_wildcard added.
- * Fixed: signatures over wildcards had the wrong labelcount.
- * Fixed ldns_verify() inconsistent return values.
- * Fixed ldns_resolver to copy and free tsig name, data and algorithm.
- * Fixed ldns_resolver to push search onto searchlist.
- * A ldns resolver now defaults to a non-recursive resolver that handles
- the TC bit.
- * ldns_resolver_print() prints more details.
- * Fixed ldns_rdf2buffer_str_time(), which did not print timestamps
- on 64bit systems.
- * Make ldns_resolver_nameservers_randomize() more random.
- * bugfix #310: POSIX specifies NULL second argument of gettimeofday.
- * fix compiler warnings from llvm clang compiler.
- * bugfix #309: ldns_pkt_clone did not clone the tsig_rr.
- * Fix gentoo ebuild for drill, 'no m4 directory'.
- * bugfix #313: drill trace on an empty nonterminal continuation.
-
-1.6.4 2010-01-20
- * Imported pyldns contribution by Zdenek Vasicek and Karel Slany.
- Changed its configure and Makefile to fit into ldns.
- Added its dname_* methods to the rdf_* class (as is the ldns API).
- Changed swig destroy of ldns_buffer class to ldns_buffer_free.
- Declared ldns_pkt_all and ldns_pkt_all_noquestion so swig sees them.
- * Bugfix: parse PTR target of .tomhendrikx.nl with error not crash.
- * Bugfix: handle escaped characters in TXT rdata.
- * bug292: no longer crash on malformed domain names where a label is
- on position 255, which was a buffer overflow by one.
- * Fix ldns_get_rr_list_hosts_frm_fp_l (strncpy to strlcpy change),
- which fixes resolv.conf reading badly terminated string buffers.
- * Fix ldns_pkt_set_random_id to be more random, and a little faster,
- it did not do value 0 statistically correctly.
- * Fix ldns_rdf2native_sockaddr_storage to set sockaddr type to zeroes,
- for portability.
- * bug295: nsec3-hash routine no longer case sensitive.
- * bug298: drill failed nsec3 denial of existence proof.
-
-1.6.3 2009-12-04
- * Bugfix: allow for unknown resource records in zonefile with rdlen=0.
- * Bugfix: also mark an RR as question if it comes from the wire
- * Bugfix: NSEC3 bitmap contained NSEC
- * Bugfix: Inherit class when creating signatures
-
-1.6.2 2009-11-12
- * Fix Makefile patch from Havard Eidnes, better install.sh usage.
- * Fix parse error on SOA serial of 2910532839.
- Fix print of ';' and readback of '\;' in names, also for '\\'.
- Fix parse of '\(' and '\)' in names. Also for file read. Also '\.'
- * Fix signature creation when TTLs are different for RRs in RRset.
- * bug273: fix so EDNS rdata is included in pkt to wire conversion.
- * bug274: fix use of c++ keyword 'class' for RR class in the code.
- * bug275: fix memory leak of packet edns rdata.
- * Fix timeout procedure for TCP and AXFR on Solaris.
- * Fix occasional NSEC bitmap bogus
- * Fix rr comparing (was in reversed order since 1.6.0)
- * bug278: fix parsing HINFO rdata (and other cases).
- * Fix previous owner name: also pick up if owner name is @.
- * RFC5702: enabled sha2 functions by default. This requires OpenSSL 0.9.8 or higher.
- Reason for this default is the root to be signed with RSASHA256.
- * Fix various LDNS RR parsing issues: IPSECKEY, WKS, NSAP, very long lines
- * Fix: Make ldns_dname_is_subdomain case insensitive.
- * Fix ldns-verify-zone so that address records at zone NS set are not considered glue
- (Or glue records fall below delegation)
- * Fix LOC RR altitude printing.
- * Feature: Added period (e.g. '3m6d') support at explicit TTLs.
- * Feature: DNSKEY rrset by default signed with minimal signatures
- but -A option for ldns-signzone to sign it with all keys.
- This makes the DNSKEY responses smaller for signed domains.
-
-1.6.1 2009-09-14
- * --enable-gost : use the GOST algorithm (experimental).
- * Added some missing options to drill manpage
- * Some fixes to --without-ssl option
- * Fixed quote parsing withing strings
- * Bitmask fix in EDNS handling
- * Fixed non-fqdn domain name completion for rdata field domain
- names of length 1
- * Fixed chain validation with SHA256 DS records
-
-1.6.0
- Additions:
- * Addition of an ldns-config script which gives cflags and libs
- values, for use in configure scripts for applications that use
- use ldns. Can be disabled with ./configure --disable-ldns-config
- * Added direct sha1, sha256, and sha512 support in ldns.
- With these functions, all NSEC3 functionality can still be
- used, even if ldns is built without OpenSSL. Thanks to OpenBSD,
- Steve Reid, and Aaron D. Gifford for the code.
- * Added reading/writing support for the SPF Resource Record
- * Base32 functions are now exported
- Bugfixes:
- * ldns_is_rrset did not go through the complete rrset, but
- only compared the first two records. Thanks to Olafur
- Gudmundsson for report and patch
- * Fixed a small memory bug in ldns_rr_list_subtype_by_rdf(),
- thanks to Marius Rieder for finding an patching this.
- * --without-ssl should now work. Make sure that examples/ and
- drill also get the --without-ssl flag on their configure, if
- this is used.
- * Some malloc() return value checks have been added
- * NSEC3 creation has been improved wrt to empty nonterminals,
- and opt-out.
- * Fixed a bug in the parser when reading large NSEC3 salt
- values.
- * Made the allowed length for domain names on wire
- and presentation format the same.
- Example tools:
- * ldns-key2ds can now also generate DS records for keys without
- the SEP flag
- * ldns-signzone now equalizes the TTL of the DNSKEY RRset (to
- the first non-default DNSKEY TTL value it sees)
-
-1.5.1
- Example tools:
- * ldns-signzone was broken in 1.5.0 for multiple keys, this
- has been repaired
-
- Build system:
- * Removed a small erroneous output warning in
- examples/configure and drill/configure
-
-1.5.0
- Bug fixes:
- * fixed a possible memory overflow in the RR parser
- * build flag fix for Sun Studio
- * fixed a building race condition in the copying of header
- files
- * EDNS0 extended rcode; the correct assembled code number
- is now printed (still in the EDNS0 field, though)
- * ldns_pkt_rr no longer leaks memory (in fact, it no longer
- copies anything all)
-
- API addition:
- * ldns_key now has support for 'external' data, in which
- case the OpenSSL EVP structures are not used;
- ldns_key_set_external_key() and ldns_key_external_key()
- * added ldns_key_get_file_base_name() which creates a
- 'default' filename base string for key storage, of the
- form "K<zone>+<algorithm>+<keytag>"
- * the ldns_dnssec_* family of structures now have deep_free()
- functions, which also free the ldns_rr's contained in them
- * there is now an ldns_match_wildcard() function, which checks
- whether a domain name matches a wildcard name
- * ldns_sign_public has been split up; this resulted in the
- addition of ldns_create_empty_rrsig() and
- ldns_sign_public_buffer()
-
- Examples:
- * ldns-signzone can now automatically add DNSKEY records when
- using an OpenSSL engine, as it already did when using key
- files
- * added new example tool: ldns-nsec3-hash
- * ldns-dpa can now filter on specific query name and types
- * ldnsd has fixes for the zone name, a fix for the return
- value of recvfrom(), and an memory initialization fix
- (Thanks to Colm MacCárthaigh for the patch)
- * Fixed memory leaks in ldnsd
-
-
-
-1.4.1
- Bug fixes:
- * fixed a build issue where ldns lib existence was done too early
- * removed unnecessary check for pcap.h
- * NSEC3 optout flag now correctly printed in string output
- * inttypes.h moved to configured inclusion
- * fixed NSEC3 type bitmaps for empty nonterminals and unsigned
- delegations
-
- API addition:
- * for that last fix, we added a new function
- ldns_dname_add_from() that can clone parts of a dname
-
-1.4.0
- Bug fixes:
- * sig chase return code fix (patch from Rafael Justo, bug id 189)
- * rdata.c memory leaks on error and allocation checks fixed (patch
- from Shane Kerr, bug id 188)
- * zone.c memory leaks on error and allocation checks fixed (patch
- from Shane Kerr, bug id 189)
- * ldns-zplit output and error messages fixed (patch from Shane Kerr,
- bug id 190)
- * Fixed potential buffer overflow in ldns_str2rdf_dname
- * Signing code no longer signs delegation NS rrsets
- * Some minor configure/makefile updates
- * Fixed a bug in the randomness initialization
- * Fixed a bug in the reading of resolv.conf
- * Fixed a bug concerning whitespace in zone data (with patch from Ondrej
- Sury, bug 213)
- * Fixed a small fallback problem in axfr client code
-
- API CHANGES:
- * added 2str convenience functions:
- - ldns_rr_type2str
- - ldns_rr_class2str
- - ldns_rr_type2buffer_str
- - ldns_rr_class2buffer_str
- * buffer2str() is now called ldns_buffer2str
- * base32 and base64 function names are now also prepended with ldns_
- * ldns_rr_new_frm_str() now returns an error on missing RDATA fields.
- Since you cannot read QUESTION section RRs with this anymore,
- there is now a function called ldns_rr_new_question_frm_str()
-
- LIBRARY FEATURES:
- * DS RRs string representation now add bubblebabble in a comment
- (patch from Jakob Schlyter)
- * DLV RR type added
- * TCP fallback system has been improved
- * HMAC-SHA256 TSIG support has been added.
- * TTLS are now correcly set in NSEC(3) records when signing zones
-
- EXAMPLE TOOLS:
- * New example: ldns-revoke to revoke DNSKEYs according to RFC5011
- * ldns-testpkts has been fixed and updated
- * ldns-signzone now has the option to not add the DNSKEY
- * ldns-signzone now has an (full zone only) opt-out option for
- NSEC3
- * ldns-keygen can create HMAC-SHA1 and HMAC-SHA256 symmetric keys
- * ldns-walk output has been fixed
- * ldns-compare-zones has been fixed, and now has an option
- to show all differences (-a)
- * ldns-read-zone now has an option to print DNSSEC records only
-
-1.3
- Base library:
-
- * Added a new family of functions based around ldns_dnssec_zone,
- which is a new structure that keeps a zone sorted through an
- rbtree and links signatures and NSEC(3) records directly to their
- RRset. These functions all start with ldns_dnssec_
-
- * ldns_zone_sign and ldns_zone_sign_nsec3 are now deprecated, but
- have been changed to internally use the new
- ldns_dnssec_zone_sign(_nsec3)
-
- * Moved some ldns_buffer functions inline, so a clean rebuild of
- applications relying on those is needed (otherwise you'll get
- linker errors)
- * ldns_dname_label now returns one extra (zero)
- byte, so it can be seen as an fqdn.
- * NSEC3 type code update for signing algorithms.
- * DSA key generation of DNSKEY RRs fixed (one byte too small).
-
- * Added support for RSA/SHA256 and RSA/SHA512, as specified in
- draft-ietf-dnsext-dnssec-rsasha256-04. The typecodes are not
- final, and this feature is not enabled by default. It can be
- enabled at compilation time with the flag --with-sha2
-
- * Added 2wire_canonical family of functions that lowercase dnames
- in rdata fields in resource records of the types in the list in
- rfc3597
-
- * Added base32 conversion functions.
-
- * Fixed DSA RRSIG conversion when calling OpenSSL
-
- Drill:
-
- * Chase output is completely different, it shows, in ascii, the
- relations in the trust hierarchy.
-
- Examples:
- * Added ldns-verify-zone, that can verify the internal DNSSEC records
- of a signed BIND-style zone file
-
- * ldns-keygen now takes an -a argument specifying the algorithm,
- instead of -R or -D. -a list show a list of supported algorithms
-
- * ldns-keygen now defaults to the exponent RSA_F4 instead of RSA_3
- for RSA key generation
-
- * ldns-signzone now has support for HSMs
- * ldns-signzone uses the new ldns_dnssec_ structures and functions
- which improves its speed, and output; RRSIGS are now placed
- directly after their RRset, NSEC(3) records directly after the
- name they handle
-
- Contrib:
- * new contrib/ dir with user contributions
- * added compilation script for solaris (thanks to Jakob Schlyter)
-
-28 Nov 2007 1.2.2:
- * Added support for HMAC-MD5 keys in generator
- * Added a new example tool (written by Ondrej Sury): ldns-compare-zones
- * ldns-keygen now checks key sizes for rfc conformancy
- * ldns-signzone outputs SSL error if present
- * Fixed manpages (thanks to Ondrej Sury)
- * Fixed Makefile for -j <x>
- * Fixed a $ORIGIN error when reading zones
- * Fixed another off-by-one error
-
-03 Oct 2007 1.2.1:
- * Fixed an offset error in rr comparison
- * Fixed ldns-read-zone exit code
- * Added check for availability of SHA256 hashing algorithm
- * Fixed ldns-key2ds -2 argument
- * Fixed $ORIGIN bug in .key files
- * Output algorithms as an integer instead of their mnemonic
- * Fixed a memory leak in dnssec code when SHA256 is not available
- * Updated fedora .spec file
-
-11 Apr 2007 1.2.0:
- * canonicalization of rdata in DNSSEC functions now adheres to the
- rr type list in rfc3597, not rfc4035, which will be updated
- (see http://www.ops.ietf.org/lists/namedroppers/namedroppers.2007/msg00183.html)
- * ldns-walk now support dnames with maximum label length
- * ldnsd now takes an extra argument containing the address to listen on
- * signing no longer signs every rrset with KSK's, but only the DNSKEY rrset
- * ported to Solaris 10
- * added ldns_send_buffer() function
- * added ldns-testpkts fake packet server
- * added ldns-notify to send NOTIFY packets
- * ldns-dpa can now accurately calculate the number of matches per
- second
- * libtool is now used for compilation too (still gcc, but not directly)
- * Bugfixes:
- - TSIG signing buffer size
- - resolv.conf reading (comments)
- - dname comparison off by one error
- - typo in keyfetchers output file name fixed (a . too much)
- - fixed zone file parser when comments contain ( or )
- - fixed LOC RR type
- - fixed CERT RR type
-
- Drill:
- * drill prints error on failed axfr.
- * drill now accepts mangled packets with -f
- * old -c option (use tcp) changed to -t
- * -c option to specify alternative resolv.conf file added
- * feedback of signature chase improved
- * chaser now stops at root when no trusted keys are found
- instead of looping forever trying to find the DS for .
- * Fixed bugs:
- - wildcard on multiple labels signature verification
- - error in -f packet writing for malformed packets
- - made KSK check more resilient
-
-7 Jul 2006: 1.1.0: ldns-team
- * Added tutorials and an introduction to the documentation
- * Added include/ and lib/ dirs so that you can compile against ldns
- without installing ldns on your system
- * Makefile updates
- * Starting usage of assert throughout the library to catch illegal calls
- * Solaris 9 testing was carried out. Ldns now compiles on that
- platform; some gnuism were identified and fixed.
- * The ldns_zone structure was stress tested. The current setup
- (ie. just a list of rrs) can scale to zone file in order of
- megabytes. Sorting such zone is still difficult.
- * Reading multiline b64 encoded rdata works.
- * OpenSSL was made optional, configure --without-ssl.
- Ofcourse all dnssec/tsig related functions are disabled
- * Building of examples and drill now happens with the same
- defines as the building of ldns itself.
- * Preliminary sha-256 support was added. Currently is your
- OpenSSL supports it, it is supported in the DS creation.
- * ldns_resolver_search was implemented
- * Fixed a lot of bugs
-
- Drill:
- * -r was killed in favor of -o <header bit mnemonic> which
- allows for a header bits setting (and maybe more in the
- future)
- * DNSSEC is never automaticaly set, even when you query
- for DNSKEY/RRSIG or DS.
- * Implement a crude RTT check, it now distinguishes between
- reachable and unreachable.
- * A form of secure tracing was added
- * Secure Chasing has been improved
- * -x does a reverse lookup for the given IP address
-
- Examples:
- * ldns-dpa was added to the examples - this is the Dns Packet
- Analyzer tool.
- * ldnsd - as very, very simple nameserver impl.
- * ldns-zsplit - split zones for parrallel signing
- * ldns-zcat - cat split zones back together
- * ldns-keyfetcher - Fetches DNSKEY records with a few (non-strong,
- non-DNSSEC) anti-spoofing techniques.
- * ldns-walk - 'Walks' a DNSSEC signed zone
- * Added an all-static target to the makefile so you can use examples
- without installing the library
- * When building in the source tree or in a direct subdirectory of
- the build dir, configure does not need --with-ldns=../ anymore
-
- Code:
- * All networking code was moved to net.c
- * rdata.c: added asserts to the rdf set/get functions
- * const keyword was added to pointer arguments that
- aren't changed
-
- API:
- Changed:
- * renamed ldns/dns.h to ldns/ldns.h
- * ldns_rr_new_frm_str() is extented with an extra variable which
- in common use may be NULL. This trickles through to:
- o ldns_rr_new_frm_fp
- o ldns_rr_new_frm_fp_l
- Which also get an extra variable
- Also the function has been changed to return a status message.
- The compiled RR is returned in the first argument.
- * ldns_zone_new_frm_fp_l() and ldns_zone_new_frm_fp() are
- changed to return a status msg.
- * ldns_key_new_frm_fp is changed to return ldns_status and
- the actual key list in the first argument
- * ldns_rdata_new_frm_fp[_l]() are changed to return a status.
- the rdf is return in the first argument
- * ldns_resolver_new_frm_fp: same treatment: return status and
- the new resolver in the first argument
- * ldns_pkt_query_new_frm_str(): same: return status and the
- packet in the first arg
- * tsig.h: internal used functions are now static:
- ldns_digest_name and ldns_tsig_mac_new
- * ldns_key_rr2ds has an extra argument to specify the hash to
- use.
- * ldns_pkt_rcode() is renamed to ldns_pkt_get_rcode, ldns_pkt_rcode
- is now the rcode type, like ldns_pkt_opcode
- New:
- * ldns_resolver_searchlist_count: return the searchlist counter
- * ldns_zone_sort: Sort a zone
- * ldns_bgsend(): background send, returns a socket.
- * ldns_pkt_empty(): check is a packet is empty
- * ldns_rr_list_pop_rr_list(): pop multiple rr's from another rr_list
- * ldns_rr_list_push_rr_list(): push multiple rr's to an rr_list
- * ldns_rr_list_compare(): compare 2 ldns_rr_lists
- * ldns_pkt_push_rr_list: rr_list equiv for rr
- * ldns_pkt_safe_push_rr_list: rr_list equiv for rr
- Removed:
- * ldns_resolver_bgsend(): was not used in 1.0.0 and is not used now
- * ldns_udp_server_connect(): was faulty and isn't really part of
- the core ldns idea any how.
- * ldns_rr_list_insert_rr(): obsoleted, because not used.
- * char *_when was removed from the ldns_pkt structure
-
-18 Oct 2005: 1.0.0: ldns-team
- * Commited a patch from Håkan Olsson
- * Added UPDATE support (Jakob Schlyter and Håkan Olsson)
- * License change: ldns is now BSD licensed
- * ldns now depends on SSL
- * Networking code cleanup, added (some) server udp/tcp support
- * A zone type is introduced. Currently this is a list
- of RRs, so it will not scale well.
- * [beta] Zonefile parsing was added
- * [tools] Drill was added to ldns - see drill/
- * [tools] experimental signer was added
- * [building] better check for ssl
- * [building] major revision of build system
- * [building] added rpm .spec in packaging/ (thanks to Paul Wouters)
- * [building] A lot of cleanup in the build scripts (thanks to Jakob Schlyter
- and Paul Wouters)
-
-28 Jul 2005: 0.70: ldns-team
- * [func] ldns_pkt_get_section now returns copies from the rrlists
- in the packet. This can be freed by the user program
- * [code] added ldns_ prefixes to function from util.h
- * [inst] removed documentation from default make install
- * Usual fixes in documentation and code
-
-20 Jun 2005: 0.66: ldns-team
- Rel. Focus: drill-pre2 uses some functions which are
- not in 0.65
- * dnssec_cd bit function was added
- * Zone infrastructure was added
- * Usual fixes in documentation and code
-
-13 Jun 2005: 0.65: ldns-team
- * Repository is online at:
- http://www.nlnetlabs.nl/ldns/svn/
- * Apply reference copying throuhgout ldns, except in 2
- places in the ldns_resolver structure (._domain and
- ._nameservers)
- * Usual array of bugfixes
- * Documentation added
- * keygen.c added as an example for DNSSEC programming
-
-23 May 2005: 0.60: ldns-team
- * Removed config.h from the header installed files
- (you're not supposed to include that in a libary)
- * Further tweaking
- - DNSSEC signing/verification works
- - Assorted bug fixes and tweaks (memory management)
-
-May 2005: 0.50: ldns-team
- * First usable release
- * Basic DNS functionality works
- * DNSSEC validation works
+++ /dev/null
-Copyright (c) 2005,2006, NLnetLabs
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
-
- * Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
- * Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
- * Neither the name of NLnetLabs nor the names of its
- contributors may be used to endorse or promote products derived from this
- software without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
-LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-POSSIBILITY OF SUCH DAMAGE.
+++ /dev/null
-# Standard installation pathnames
-# See the file LICENSE for the license
-SHELL = @SHELL@
-VERSION = @PACKAGE_VERSION@
-version_info = @LIBTOOL_VERSION_INFO@
-srcdir = @srcdir@
-basesrcdir = $(shell basename `pwd`)
-prefix = @prefix@
-exec_prefix = @exec_prefix@
-bindir = @bindir@
-mandir = @mandir@
-datarootdir = @datarootdir@
-datadir = @datadir@
-libdir = @libdir@
-includedir = @includedir@
-doxygen = @doxygen@
-pywrapdir = ${srcdir}/contrib/python
-swig = @swig@
-python_site =@PYTHON_SITE_PKG@
-pyldns_inst =@PYLDNS@
-pyldns_uninst =@PYLDNS@
-ifeq "$(pyldns_inst)" "pyldns"
- pyldns_inst=install-@PYLDNS@
- pyldns_uninst=uninstall-@PYLDNS@
-else
- pyldns_inst=
- pyldns_uninst=
-endif
-glibtool = @libtool@
-libtool = ./libtool
-ifdef glibtool
-libtool = $(glibtool)
-endif
-
-CC = @CC@
-ifeq "$(srcdir)" "."
- CPPFLAGS = $(strip -I. @CPPFLAGS@ @DEFS@)
-else
- CPPFLAGS = $(strip -I. -I$(srcdir) @CPPFLAGS@ @DEFS@)
-endif
-CFLAGS = $(strip @CFLAGS@)
-LDFLAGS = @LDFLAGS@
-LIBS = @LIBS@
-LIBOBJS = @LIBOBJS@
-PYTHON_CPPFLAGS = @PYTHON_CPPFLAGS@
-PYTHON_LDFLAGS = @PYTHON_LDFLAGS@
-LIBSSL_CPPFLAGS = @LIBSSL_CPPFLAGS@
-LIBSSL_LDFLAGS = @LIBSSL_LDFLAGS@
-LIBSSL_LIBS = @LIBSSL_LIBS@
-RUNTIME_PATH = @RUNTIME_PATH@
-DATE = $(shell date +%Y%m%d)
-LIBTOOL = $(libtool) --tag=CC --quiet
-INSTALL_LDNS_CONFIG = @INSTALL_LDNS_CONFIG@
-
-LINT = splint
-LINTFLAGS=+quiet -weak -warnposix -unrecog -Din_addr_t=uint32_t -Du_int=unsigned -Du_char=uint8_t -preproc -Drlimit=rlimit64 -D__gnuc_va_list=va_list
-#-Dglob64=glob -Dglobfree64=globfree
-# compat with openssl linux edition.
-LINTFLAGS+="-DBN_ULONG=unsigned long" -Dkrb5_int32=int "-Dkrb5_ui_4=unsigned int" -DPQ_64BIT=uint64_t -DRC4_INT=unsigned -fixedformalarray -D"ENGINE=unsigned" -D"RSA=unsigned" -D"DSA=unsigned" -D"EVP_PKEY=unsigned" -D"EVP_MD=unsigned" -D"SSL=unsigned" -D"SSL_CTX=unsigned" -D"X509=unsigned" -D"RC4_KEY=unsigned" -D"EVP_MD_CTX=unsigned" -D"EC_KEY=unsigned" -D"EC_POINT=unsigned" -D"EC_GROUP=unsigned"
-# compat with NetBSD
-ifeq "$(shell uname)" "NetBSD"
-LINTFLAGS+="-D__RENAME(x)=" -D_NETINET_IN_H_
-endif
-# compat with OpenBSD
-LINTFLAGS+="-Dsigset_t=long"
-# FreeBSD8
-LINTFLAGS+="-D__uint16_t=uint16_t"
-
-INSTALL = $(SHELL) $(srcdir)/install-sh
-
-LIBDNS_SOURCES = rdata.c util.c rr.c packet.c wire2host.c \
- host2str.c buffer.c str2host.c tsig.c resolver.c \
- net.c host2wire.c dname.c dnssec.c dnssec_verify.c \
- keys.c higher.c rr_functions.c parse.c update.c \
- error.c zone.c dnssec_zone.c dnssec_sign.c rbtree.c \
- sha1.c sha2.c
-LIBDNS_HEADERS = $(srcdir)/ldns/error.h \
- $(srcdir)/ldns/packet.h \
- $(srcdir)/ldns/common.h \
- $(srcdir)/ldns/rdata.h \
- $(srcdir)/ldns/rr.h \
- $(srcdir)/ldns/wire2host.h \
- $(srcdir)/ldns/host2str.h \
- $(srcdir)/ldns/host2wire.h \
- $(srcdir)/ldns/str2host.h \
- $(srcdir)/ldns/buffer.h \
- $(srcdir)/ldns/resolver.h \
- $(srcdir)/ldns/dname.h \
- $(srcdir)/ldns/dnssec.h \
- $(srcdir)/ldns/dnssec_verify.h \
- $(srcdir)/ldns/dnssec_sign.h \
- $(srcdir)/ldns/keys.h \
- $(srcdir)/ldns/higher.h \
- $(srcdir)/ldns/parse.h \
- $(srcdir)/ldns/rr_functions.h \
- $(srcdir)/ldns/ldns.h \
- $(srcdir)/ldns/zone.h \
- $(srcdir)/ldns/dnssec_zone.h \
- $(srcdir)/ldns/update.h \
- $(srcdir)/ldns/tsig.h \
- $(srcdir)/ldns/rbtree.h \
- $(srcdir)/ldns/sha1.h \
- $(srcdir)/ldns/sha2.h
-LIBDNS_OBJECTS = $(LIBDNS_SOURCES:.c=.o) $(LIBOBJS)
-LIBDNS_LOBJECTS = $(LIBDNS_SOURCES:.c=.lo) $(LIBOBJS:.o=.lo)
-
-ALL_SOURCES = $(LIBDNS_SOURCES)
-
-COMPILE = $(CC) $(CPPFLAGS) $(CFLAGS)
-COMP_LIB = $(LIBTOOL) --mode=compile $(CC) $(CPPFLAGS) $(CFLAGS)
-LINK = $(CC) $(strip $(CFLAGS) $(LDFLAGS) $(LIBS))
-LINK_LIB = $(LIBTOOL) --mode=link $(CC) $(strip $(CFLAGS) $(LDFLAGS) $(LIBS) -version-number $(version_info) -no-undefined)
-
-%.o: $(srcdir)/%.c $(LIBDNS_HEADERS) ldns/net.h ldns/util.h ldns/config.h
- $(COMP_LIB) $(LIBSSL_CPPFLAGS) -c $<
-
-.PHONY: clean realclean docclean manpages doc lint all lib pyldns test
-.PHONY: install uninstall install-doc uninstall-doc uninstall-pyldns
-.PHONY: install-h uninstall-h install-lib uninstall-lib install-pyldns
-
-all: copy-headers lib linktest manpages @PYLDNS@
-
-linktest: $(srcdir)/linktest.c $(LIBDNS_HEADERS) ldns/net.h ldns/util.h ldns/config.h libldns.la
- $(LIBTOOL) --mode=link $(CC) $(srcdir)/linktest.c $(CPPFLAGS) $(LIBSSL_CPPFLAGS) $(CFLAGS) -lldns $(LIBS) -o linktest
-
-lib: libldns.la
- if [ ! -d lib ] ; then ln -s .libs lib ; fi ;
-
-lib-export-all: libldns.la-export-all
- if [ ! -d lib ] ; then ln -s .libs lib ; fi ;
-
-libldns.la: $(LIBDNS_OBJECTS)
- $(LINK_LIB) $(LIBSSL_LDFLAGS) $(LIBSSL_LIBS) --export-symbols $(srcdir)/ldns_symbols.def -o libldns.la $(LIBDNS_LOBJECTS) -rpath $(libdir) $(RUNTIME_PATH)
-
-libldns.la-export-all: $(LIBDNS_OBJECTS)
- $(LINK_LIB) -o libldns.la $(LIBDNS_LOBJECTS) -rpath $(libdir) $(RUNTIME_PATH)
-
-$(addprefix include/ldns/, $(notdir $(LIBDNS_HEADERS))): include/ldns/%.h: $(srcdir)/ldns/%.h
- @if [ ! -d include ] ; then ($(INSTALL) -d include || echo "include exists") ; fi ;
- @if [ ! -d include/ldns ] ; then (cd include; ln -s ../ldns ./ldns || echo "include/ldns exists") ; fi ;
- $(INSTALL) -c -m 644 $< ./include/ldns/
-
-include/ldns/util.h include/ldns/net.h include/ldns/config.h: include/ldns/%.h: ./ldns/%.h
- @if [ ! -d include ] ; then ($(INSTALL) -d include || echo "include exists") ; fi ;
- @if [ ! -d include/ldns ] ; then (cd include; ln -s ../ldns ./ldns || echo "include/ldns exists") ; fi ;
- $(INSTALL) -c -m 644 $< ./include/ldns/
-
-copy-headers: $(addprefix include/ldns/, $(notdir $(LIBDNS_HEADERS))) include/ldns/util.h include/ldns/net.h include/ldns/config.h
-
-mancheck:
- sh -c 'find . -name \*.\[13\] -exec troff -z {} \;' 2>&1 | sed "s/^\.\///" | sed "s/\(:[0\-9]\+:\)/\1 warning:/g"
-
-doxygen: manpages
- $(INSTALL) -d doc
-ifdef doxygen
-# if we are not in base we need to copy some html files too
- if [ ! -e doc/header.html ] ; then \
- $(INSTALL) -c -m 644 $(srcdir)/doc/header.html doc/ ; \
- fi ;
- $(doxygen) $(srcdir)/libdns.doxygen
-endif
-
-manpages: $(srcdir)/doc/function_manpages
- $(INSTALL) -d doc
- cat $(srcdir)/ldns/*.h | $(srcdir)/doc/doxyparse.pl -m $(srcdir)/doc/function_manpages 2>&1 | \
- grep -v ^doxygen | grep -v ^cat > doc/ldns_manpages
-
-pyldns: _ldns.la
-
-$(pywrapdir)/ldns_wrapper.c: $(pywrapdir)/ldns.i $(wildcard $(pywrapdir)/*.i) $(LIBDNS_HEADERS) ldns/util.h ldns/config.h
- $(swig) -python -o $@ $(CPPFLAGS) $(PYTHON_CPPFLAGS) $<
-
-ldns_wrapper.lo: $(pywrapdir)/ldns_wrapper.c $(LIBDNS_HEADERS) ldns/util.h ldns/config.h
- $(COMP_LIB) -I./include/ldns $(PYTHON_CPPFLAGS) -c $< -o $@
-
-_ldns.la: ldns_wrapper.lo libldns.la
- $(LIBTOOL) --tag=CC --mode=link $(CC) $(strip $(CFLAGS) $(PYTHON_CFLAGS) $(LDFLAGS) $(PYTHON_LDFLAGS) -module -version-number $(version_info) -no-undefined -o $@ $< -rpath $(python_site) -L. -L.libs -lldns $(LIBS))
-
-install: install-h install-lib install-config install-manpages $(pyldns_inst)
-
-uninstall: uninstall-manpages uninstall-h uninstall-lib $(pyldns_uninst)
-
-destclean: uninstall
-
-install-config:
- if [ $(INSTALL_LDNS_CONFIG) = "yes" ] ; then \
- $(INSTALL) -d $(DESTDIR)$(bindir); \
- $(INSTALL) -c -m 755 packaging/ldns-config $(DESTDIR)$(bindir)/; \
- fi
-
-install-manpages: manpages
- ${INSTALL} -d $(DESTDIR)$(mandir)/man3
- for f in doc/man/man3/*; do \
- ${INSTALL} -c -m 444 $$f $(DESTDIR)$(mandir)/man3/; \
- done
-
-uninstall-manpages:
- for i in `cat doc/ldns_manpages`; do \
- rm -f $(DESTDIR)$(mandir)/man3/$$i.3 ; done
- rmdir -p $(DESTDIR)$(mandir)/man3 || echo "ok, dir already gone"
-
-install-h: lib
- $(INSTALL) -m 755 -d $(DESTDIR)$(includedir)/ldns
- for i in $(LIBDNS_HEADERS); do \
- $(INSTALL) -c -m 644 $$i $(DESTDIR)$(includedir)/ldns/; done
- $(INSTALL) -c -m 644 include/ldns/util.h $(DESTDIR)$(includedir)/ldns/
- $(INSTALL) -c -m 644 include/ldns/net.h $(DESTDIR)$(includedir)/ldns/
-
-uninstall-h:
- for i in $(LIBDNS_HEADERS); do \
- rm -f $(DESTDIR)$(includedir)/$$i; done
- [ ! -d $(DESTDIR)$(includedir)/ldns ] || rmdir -p $(DESTDI)$(includedir)/ldns || echo "ok, dir already gone"
- exit 0
-
-install-lib: lib
- $(INSTALL) -m 755 -d $(DESTDIR)$(libdir)
- $(LIBTOOL) --mode=install cp libldns.la $(DESTDIR)$(libdir)
- $(LIBTOOL) --mode=finish $(DESTDIR)$(libdir)
-
-uninstall-lib:
- $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/libldns.la
- rmdir -p $(DESTDIR)$(libdir) || echo "ok, dir already gone"
-
-install-pyldns: @PYLDNS@
- $(INSTALL) -m 755 -d $(DESTDIR)$(python_site)/ldns
- $(INSTALL) -c -m 644 $(pywrapdir)/ldns.py $(DESTDIR)$(python_site)/ldns.py
- $(LIBTOOL) --mode=install cp _ldns.la $(DESTDIR)$(python_site)
- $(LIBTOOL) --mode=finish $(DESTDIR)$(python_site)
-
-uninstall-pyldns:
- rm -f $(DESTDIR)$(python_site)/ldns/*
- rmdir -p $(DESTDIR)$(python_site)/ldns
-
-clean:
- rm -f *.o *.d *.lo
- rm -f *~
- rm -rf autom4te.cache/
- rm -f tags
- rm -f *.key
- rm -f *.ds
- rm -f *.private
- rm -rf include/
- rm -rf lib
- rm -rf .libs
- rm -f linktest
- rm -f $(pywrapdir)/ldns_wrapper.c $(pywrapdir)/ldns.py
-
-distclean: clean docclean libclean
- rm -f ltmain.sh
-
-realclean: clean docclean libclean
- rm -f config.status
- rm -f config.log
- rm -f Makefile
- rm -f ldns/config.h.in
- rm -f ldns/config.h
- rm -f ldns/util.h
- rm -f config.h.in
- rm -f configure
- rm -f config.sub
- rm -f config.guess
- rm -f ltmain.sh
-
-docclean:
- rm -rf doc/html/
- rm -rf doc/man/
- rm -rf doc/latex/
- rm -f doc/*.txt
- rm -f doc/*.tex
- rm -f doc/ldns_manpages
-
-libclean:
- $(LIBTOOL) --mode clean rm -f libldns.la
- $(LIBTOOL) --mode clean rm -f libldns.a
- $(LIBTOOL) --mode clean rm -f libldns.so
- $(LIBTOOL) --mode clean rm -f libldns.so.*
- $(LIBTOOL) --mode clean rm -f _ldns.la
- rm -rf ldns/net.h ldns/util.h ldns/config.h
- rm -rf *.lo
- rm -rf .libs
- rm -rf libtool
-
-## No need for changes here
-
-lint:
- for i in $(LIBDNS_SOURCES); do \
- $(LINT) $(LINTFLAGS) -I. -I$(srcdir) $(srcdir)/$$i ; \
- if [ $$? -ne 0 ] ; then exit 1 ; fi ; \
- done
-
-tags: $(srcdir)/*.c ldns/*.[ch]
- ctags -f $(srcdir)/tags $(srcdir)/*.[ch] ldns/*.[ch]
-
-b64_pton$U.o: $(srcdir)/compat/b64_pton.c
- $(COMP_LIB) -c $(srcdir)/compat/b64_pton.c -o $@
-
-b64_ntop$U.o: $(srcdir)/compat/b64_ntop.c
- $(COMP_LIB) -c $(srcdir)/compat/b64_ntop.c -o $@
-
-b32_pton$U.o: $(srcdir)/compat/b32_pton.c
- $(COMP_LIB) -c $(srcdir)/compat/b32_pton.c -o $@
-
-b32_ntop$U.o: $(srcdir)/compat/b32_ntop.c
- $(COMP_LIB) -c $(srcdir)/compat/b32_ntop.c -o $@
-
-malloc$U.o: $(srcdir)/compat/malloc.c
- $(COMP_LIB) -c $(srcdir)/compat/malloc.c -o $@
-
-realloc$U.o: $(srcdir)/compat/realloc.c
- $(COMP_LIB) -c $(srcdir)/compat/realloc.c -o $@
-
-timegm$U.o: $(srcdir)/compat/timegm.c
- $(COMP_LIB) -c $(srcdir)/compat/timegm.c -o $@
-
-isblank$U.o: $(srcdir)/compat/isblank.c
- $(COMP_LIB) -c $(srcdir)/compat/isblank.c -o $@
-
-isasciik$U.o: $(srcdir)/compat/isascii.c
- $(COMP_LIB) -c $(srcdir)/compat/isascii.c -o $@
-
-strlcpy$U.o: $(srcdir)/compat/strlcpy.c
- $(COMP_LIB) -c $(srcdir)/compat/strlcpy.c -o $@
-
-memmove$U.o: $(srcdir)/compat/memmove.c
- $(COMP_LIB) -c $(srcdir)/compat/memmove.c -o $@
-
-inet_pton$U.o: $(srcdir)/compat/inet_pton.c
- $(COMP_LIB) -c $(srcdir)/compat/inet_pton.c -o $@
-
-inet_aton$U.o: $(srcdir)/compat/inet_aton.c
- $(COMP_LIB) -c $(srcdir)/compat/inet_aton.c -o $@
-
-inet_ntop$U.o: $(srcdir)/compat/inet_ntop.c
- $(COMP_LIB) -c $(srcdir)/compat/inet_ntop.c -o $@
-
-snprintf$U.o: $(srcdir)/compat/snprintf.c
- $(COMP_LIB) -c $(srcdir)/compat/snprintf.c -o $@
-
-fake-rfc2553$U.o: $(srcdir)/compat/fake-rfc2553.c
- $(COMP_LIB) -c $(srcdir)/compat/fake-rfc2553.c -o $@
-
-gmtime_r$U.o: $(srcdir)/compat/gmtime_r.c
- $(COMP_LIB) -c $(srcdir)/compat/gmtime_r.c -o $@
-
-ctime_r$U.o: $(srcdir)/compat/ctime_r.c
- $(COMP_LIB) -c $(srcdir)/compat/ctime_r.c -o $@
-
-# Automatic dependencies.
-%.d: $(srcdir)/%.c
- $(SHELL) -ec '$(CC) -MM $(CPPFLAGS) $< \
- | sed '\''s!\(.*\)\.o[ :]*!$(dir $@)\1.o $@ : !g'\'' > $@; \
- [ -s $@ ] || rm -f $@'
-
-allclean: test-clean clean
-
-test-clean:
- tpkg -b test clean
-
-test:
- if test -x "`which bash`"; then bash test/test_all.sh; else sh test/test_all.sh; fi
-
-#-include $(ALL_SOURCES:.c=.d)
-
-# Recreate symbols file, only needed when API changes
-# make clean first (and after this make clean; make again)
-symbols: lib-export-all
- nm -g lib/libldns.so | cut -d " " -f 3 | grep ldns | sort > $(srcdir)/ldns_symbols.def
-
+++ /dev/null
-
-Contents:
- REQUIREMENTS
- INSTALLATION
- libdns
- examples
- drill
- INFORMATION FOR SPECIFIC OPERATING SYSTEMS
- Mac OS X
- Solaris
- Your Support
-
-Project page:
-http://www.nlnetlabs.nl/ldns/
-On that page you can also subscribe to the ldns mailing list.
-
-* Development
-ldns is mainly developed on Linux and FreeBSD. It is regularly tested to
-compile on other systems like Solaris and Mac OS X.
-
-REQUIREMENTS
-- OpenSSL (Optional, but needed for features like DNSSEC)
-- libpcap (Optional, but needed for examples/ldns-dpa)
-- (GNU) libtool (in OSX, that's glibtool, not libtool)
-- GNU make
-
-INSTALLATION
-1. Unpack the tarball
-2. cd ldns-<VERSION>
-3. ./configure
-4. gmake (it needs gnu make to compile, on systems where GNU make is the
- default you can just use 'make')
-5. sudo gmake install
-6. Optional. (cd examples; ./configure; gmake), make example programs included.
-7. Optional. (cd drill; ./configure; gmake; gmake install), to build drill.
-
-You can configure and compile it in a separate build directory.
-
-* Examples
-There are some examples and dns related tools in the examples/ directory.
-These can be built with:
-1. cd examples/
-2. ./configure [--with-ldns=<path to ldns installation or build>]
-3. gmake
-
-* Drill
-Drill can be built with:
-1. cd drill/
-2. ./configure [--with-ldns=<path to ldns installation or build>]
-3. gmake
-
-Note that you need to set LD_LIBRARY_PATH if you want to run the binaries
-and you have not installed the library to a system directory. You can use
-the make target all-static for the examples to run them if you don't want to
-install the library.
-
-
-* Building from subversion repository
-
-If you are building from the repository you will need to have (gnu)
-autotools like libtool and autoreconf installed. A list of all the commands
-needed to build everything can be found in README.svn. Note that the actual
-commands may be a little bit different on your machine. Most notable, you'll need to run libtoolize (or glibtoolize), if you skip this step, you'll get an error about missing config.sub.
-
-* Developers
-ldns is developed by the ldns team at NLnet Labs. This team currently
-consists of:
- o Wouter Wijngaards
- o Matthijs Mekking
-
-Former main developers:
- o Jelte Jansen
- o Miek Gieben
-
-* Credits
-We have received patches from the following people, thanks!
- o Erik Rozendaal
- o Håkan Olsson
- o Jakob Schlyter
- o Paul Wouters
- o Simon Vallet
- o Ondřej Surý
-
-
-IFORMATION FOR SPECIFIC OPERATING SYSTEMS
-
-MAC OS X
-
-For MACOSX 10.4 and later, it seems that you have to set the
-MACOSX_DEPLOYMENT_TARGET environment variable to 10.4 before running
-make. Apparently it defaults to 10.1.
-
-This appears to be a known problem in 10.2 to 10.4, see:
-http://developer.apple.com/qa/qa2001/qa1233.html
-for more information.
-
-
-SOLARIS
-
-In Solaris multi-architecture systems (that have both 32-bit and
-64-bit support), it can be a bit taxing to convince the system to
-compile in 64-bit mode. Jakob Schlyter has kindly contributed a build
-script that sets the right build and link options. You can find it in
-contrib/build-solaris.sh
-
-
-Your Support
-NLnet Labs offers all of its software products as open source, most are
-published under a BDS license. You can download them, not only from the
-NLnet Labs website but also through the various OS distributions for
-which NSD, ldns, and Unbound are packaged. We therefore have little idea
-who uses our software in production environments and have no direct ties
-with 'our customers'.
-
-Therefore, we ask you to contact us at users@NLnetLabs.nl and tell us
-whether you use one of our products in your production environment,
-what that environment looks like, and maybe even share some praise.
-We would like to refer to the fact that your organization is using our
-products. We will only do that if you explicitly allow us. In all other
-cases we will keep the information you share with us to ourselves.
-
-In addition to the moral support you can also support us
-financially. NLnet Labs is a recognized not-for-profit charity foundation
-that is chartered to develop open-source software and open-standards
-for the Internet. If you use our software to satisfaction please express
-that by giving us a donation. For small donations PayPal can be used. For
-larger and regular donations please contact us at users@NLnetLabs.nl. Also
-see http://www.nlnetlabs.nl/labs/contributors/.
-
+++ /dev/null
-ldns - snapshot releases
-
-Snapshot releases are not official released. They can be released to
-interested parties for development.
-
-Snapshots can be recognized from the date in the the tar file name.
-
-They should not be used for packaging in distributions.
+++ /dev/null
-
-# The ldns subversion repository can found at:
-# www.nlnetlabs.nl/ldns/svn/
-
-# small list of commands to build all on a linux system
-# libtoolize is needed for most other targets
-
-# on Solaris, and other systems that may not have
-# the default 'automake' and 'aclocal' script aliases,
-# the correct versions may need to be set. On those
-# systems, the 'autoreconf' line should be changed to:
-# AUTOMAKE=automake-1.10 ACLOCAL=aclocal-1.10 autoreconf
-# (and these systems probably need gmake instead of make)
-
-# older versions of libtoolize do not support --install
-# so you might need to remove that (with newer versions
-# it is needed)
-libtoolize -c --install
-autoreconf --install
-./configure
-make
-make doc # needs doxygen for the html pages
-(cd examples && autoreconf && ./configure && make)
-(cd drill && autoreconf && ./configure && make)
-(cd pcat && autoreconf && ./configure && make)
-(cd examples/nsd-test && autoreconf && ./configure && make)
+++ /dev/null
-# ===========================================================================
-# http://autoconf-archive.cryp.to/ac_pkg_swig.html
-# ===========================================================================
-#
-# SYNOPSIS
-#
-# AC_PROG_SWIG([major.minor.micro])
-#
-# DESCRIPTION
-#
-# This macro searches for a SWIG installation on your system. If found you
-# should call SWIG via $(SWIG). You can use the optional first argument to
-# check if the version of the available SWIG is greater than or equal to
-# the value of the argument. It should have the format: N[.N[.N]] (N is a
-# number between 0 and 999. Only the first N is mandatory.)
-#
-# If the version argument is given (e.g. 1.3.17), AC_PROG_SWIG checks that
-# the swig package is this version number or higher.
-#
-# In configure.in, use as:
-#
-# AC_PROG_SWIG(1.3.17)
-# SWIG_ENABLE_CXX
-# SWIG_MULTI_MODULE_SUPPORT
-# SWIG_PYTHON
-#
-# LAST MODIFICATION
-#
-# 2008-04-12
-#
-# COPYLEFT
-#
-# Copyright (c) 2008 Sebastian Huber <sebastian-huber@web.de>
-# Copyright (c) 2008 Alan W. Irwin <irwin@beluga.phys.uvic.ca>
-# Copyright (c) 2008 Rafael Laboissiere <rafael@laboissiere.net>
-# Copyright (c) 2008 Andrew Collier <colliera@ukzn.ac.za>
-#
-# This program is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License as published by the
-# Free Software Foundation; either version 2 of the License, or (at your
-# option) any later version.
-#
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
-# Public License for more details.
-#
-# You should have received a copy of the GNU General Public License along
-# with this program. If not, see <http://www.gnu.org/licenses/>.
-#
-# As a special exception, the respective Autoconf Macro's copyright owner
-# gives unlimited permission to copy, distribute and modify the configure
-# scripts that are the output of Autoconf when processing the Macro. You
-# need not follow the terms of the GNU General Public License when using
-# or distributing such scripts, even though portions of the text of the
-# Macro appear in them. The GNU General Public License (GPL) does govern
-# all other use of the material that constitutes the Autoconf Macro.
-#
-# This special exception to the GPL applies to versions of the Autoconf
-# Macro released by the Autoconf Macro Archive. When you make and
-# distribute a modified version of the Autoconf Macro, you may extend this
-# special exception to the GPL to apply to your modified version as well.
-
-AC_DEFUN([AC_PROG_SWIG],[
- AC_PATH_PROG([SWIG],[swig])
- if test -z "$SWIG" ; then
- AC_MSG_WARN([cannot find 'swig' program. You should look at http://www.swig.org])
- SWIG='echo "Error: SWIG is not installed. You should look at http://www.swig.org" ; false'
- elif test -n "$1" ; then
- AC_MSG_CHECKING([for SWIG version])
- [swig_version=`$SWIG -version 2>&1 | grep 'SWIG Version' | sed 's/.*\([0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*\).*/\1/g'`]
- AC_MSG_RESULT([$swig_version])
- if test -n "$swig_version" ; then
- # Calculate the required version number components
- [required=$1]
- [required_major=`echo $required | sed 's/[^0-9].*//'`]
- if test -z "$required_major" ; then
- [required_major=0]
- fi
- [required=`echo $required | sed 's/[0-9]*[^0-9]//'`]
- [required_minor=`echo $required | sed 's/[^0-9].*//'`]
- if test -z "$required_minor" ; then
- [required_minor=0]
- fi
- [required=`echo $required | sed 's/[0-9]*[^0-9]//'`]
- [required_patch=`echo $required | sed 's/[^0-9].*//'`]
- if test -z "$required_patch" ; then
- [required_patch=0]
- fi
- # Calculate the available version number components
- [available=$swig_version]
- [available_major=`echo $available | sed 's/[^0-9].*//'`]
- if test -z "$available_major" ; then
- [available_major=0]
- fi
- [available=`echo $available | sed 's/[0-9]*[^0-9]//'`]
- [available_minor=`echo $available | sed 's/[^0-9].*//'`]
- if test -z "$available_minor" ; then
- [available_minor=0]
- fi
- [available=`echo $available | sed 's/[0-9]*[^0-9]//'`]
- [available_patch=`echo $available | sed 's/[^0-9].*//'`]
- if test -z "$available_patch" ; then
- [available_patch=0]
- fi
- if test $available_major -ne $required_major \
- -o $available_minor -ne $required_minor \
- -o $available_patch -lt $required_patch ; then
- AC_MSG_WARN([SWIG version >= $1 is required. You have $swig_version. You should look at http://www.swig.org])
- SWIG='echo "Error: SWIG version >= $1 is required. You have '"$swig_version"'. You should look at http://www.swig.org" ; false'
- else
- AC_MSG_NOTICE([SWIG executable is '$SWIG'])
- SWIG_LIB=`$SWIG -swiglib`
- AC_MSG_NOTICE([SWIG library directory is '$SWIG_LIB'])
- fi
- else
- AC_MSG_WARN([cannot determine SWIG version])
- SWIG='echo "Error: Cannot determine SWIG version. You should look at http://www.swig.org" ; false'
- fi
- fi
- AC_SUBST([SWIG_LIB])
-])
+++ /dev/null
-# acx_nlnetlabs.m4 - common macros for configure checks
-# Copyright 2009, Wouter Wijngaards, NLnet Labs.
-# BSD licensed.
-#
-# Version 11
-# 2010-08-16 Fix FLAG_OMITTED for AS_TR_CPP changes in autoconf-2.66.
-# 2010-07-02 Add check for ss_family (for minix).
-# 2010-04-26 Fix to use CPPFLAGS for CHECK_COMPILER_FLAGS.
-# 2010-03-01 Fix RPATH using CONFIG_COMMANDS to run at the very end.
-# 2010-02-18 WITH_SSL outputs the LIBSSL_LDFLAGS, LIBS, CPPFLAGS seperate, -ldl
-# 2010-02-01 added ACX_CHECK_MEMCMP_SIGNED, AHX_MEMCMP_BROKEN
-# 2010-01-20 added AHX_COONFIG_STRLCAT
-# 2009-07-14 U_CHAR detection improved for windows crosscompile.
-# added ACX_FUNC_MALLOC
-# fixup some #if to #ifdef
-# NONBLOCKING test for mingw crosscompile.
-# 2009-07-13 added ACX_WITH_SSL_OPTIONAL
-# 2009-07-03 fixup LDFLAGS for empty ssl dir.
-#
-# Automates some of the checking constructs. Aims at portability for POSIX.
-# Documentation for functions is below.
-#
-# the following macro's are provided in this file:
-# (see below for details on each macro).
-#
-# ACX_ESCAPE_BACKSLASH - escape backslashes in var for C-preproc.
-# ACX_RSRC_VERSION - create windows resource version number.
-# ACX_CHECK_COMPILER_FLAG - see if cc supports a flag.
-# ACX_CHECK_ERROR_FLAGS - see which flag is -werror (used below).
-# ACX_CHECK_COMPILER_FLAG_NEEDED - see if flags make the code compile cleanly.
-# ACX_DEPFLAG - find cc dependency flags.
-# ACX_DETERMINE_EXT_FLAGS_UNBOUND - find out which flags enable BSD and POSIX.
-# ACX_CHECK_FORMAT_ATTRIBUTE - find cc printf format syntax.
-# ACX_CHECK_UNUSED_ATTRIBUTE - find cc variable unused syntax.
-# ACX_LIBTOOL_C_ONLY - create libtool for C only, improved.
-# ACX_TYPE_U_CHAR - u_char type.
-# ACX_TYPE_RLIM_T - rlim_t type.
-# ACX_TYPE_SOCKLEN_T - socklen_t type.
-# ACX_TYPE_IN_ADDR_T - in_addr_t type.
-# ACX_TYPE_IN_PORT_T - in_port_t type.
-# ACX_ARG_RPATH - add --disable-rpath option.
-# ACX_WITH_SSL - add --with-ssl option, link -lcrypto.
-# ACX_WITH_SSL_OPTIONAL - add --with-ssl option, link -lcrypto,
-# where --without-ssl is also accepted
-# ACX_LIB_SSL - setup to link -lssl.
-# ACX_SYS_LARGEFILE - improved sys_largefile, fseeko, >2G files.
-# ACX_CHECK_GETADDRINFO_WITH_INCLUDES - find getaddrinfo, portably.
-# ACX_FUNC_DEPRECATED - see if func is deprecated.
-# ACX_CHECK_NONBLOCKING_BROKEN - see if nonblocking sockets really work.
-# ACX_MKDIR_ONE_ARG - determine mkdir(2) number of arguments.
-# ACX_FUNC_IOCTLSOCKET - find ioctlsocket, portably.
-# ACX_FUNC_MALLOC - check malloc, define replacement .
-# AHX_CONFIG_FORMAT_ATTRIBUTE - config.h text for format.
-# AHX_CONFIG_UNUSED_ATTRIBUTE - config.h text for unused.
-# AHX_CONFIG_FSEEKO - define fseeko, ftello fallback.
-# AHX_CONFIG_RAND_MAX - define RAND_MAX if needed.
-# AHX_CONFIG_MAXHOSTNAMELEN - define MAXHOSTNAMELEN if needed.
-# AHX_CONFIG_IPV6_MIN_MTU - define IPV6_MIN_MTU if needed.
-# AHX_CONFIG_SNPRINTF - snprintf compat prototype
-# AHX_CONFIG_INET_PTON - inet_pton compat prototype
-# AHX_CONFIG_INET_NTOP - inet_ntop compat prototype
-# AHX_CONFIG_INET_ATON - inet_aton compat prototype
-# AHX_CONFIG_MEMMOVE - memmove compat prototype
-# AHX_CONFIG_STRLCAT - strlcat compat prototype
-# AHX_CONFIG_STRLCPY - strlcpy compat prototype
-# AHX_CONFIG_GMTIME_R - gmtime_r compat prototype
-# AHX_CONFIG_W32_SLEEP - w32 compat for sleep
-# AHX_CONFIG_W32_USLEEP - w32 compat for usleep
-# AHX_CONFIG_W32_RANDOM - w32 compat for random
-# AHX_CONFIG_W32_SRANDOM - w32 compat for srandom
-# AHX_CONFIG_W32_FD_SET_T - w32 detection of FD_SET_T.
-# ACX_CFLAGS_STRIP - strip one flag from CFLAGS
-# ACX_STRIP_EXT_FLAGS - strip extension flags from CFLAGS
-# AHX_CONFIG_FLAG_OMITTED - define omitted flag
-# AHX_CONFIG_FLAG_EXT - define omitted extension flag
-# AHX_CONFIG_EXT_FLAGS - define the stripped extension flags
-# ACX_CHECK_MEMCMP_SIGNED - check if memcmp uses signed characters.
-# AHX_MEMCMP_BROKEN - replace memcmp func for CHECK_MEMCMP_SIGNED.
-# ACX_CHECK_SS_FAMILY - check for sockaddr_storage.ss_family
-#
-
-dnl Escape backslashes as \\, for C:\ paths, for the C preprocessor defines.
-dnl for example, ACX_ESCAPE_BACKSLASH($from_var, to_var)
-dnl $1: the text to change.
-dnl $2: the result.
-AC_DEFUN([ACX_ESCAPE_BACKSLASH], [$2="`echo $1 | sed -e 's/\\\\/\\\\\\\\/g'`"
-])
-
-dnl Calculate comma separated windows-resource numbers from package version.
-dnl Picks the first three(,0) or four numbers out of the name.
-dnl $1: variable for the result
-AC_DEFUN([ACX_RSRC_VERSION],
-[$1=[`echo $PACKAGE_VERSION | sed -e 's/^[^0-9]*\([0-9]\)[^0-9]*\([0-9]\)[^0-9]*\([0-9]\)[^0-9]*\([0-9]\).*$/\1,\2,\3,\4/' -e 's/^[^0-9]*\([0-9]\)[^0-9]*\([0-9]\)[^0-9]*\([0-9]\)[^0-9]*$/\1,\2,\3,0/' `]
-])
-
-dnl Routine to help check for compiler flags.
-dnl Checks if the compiler will accept the flag.
-dnl $1: the flag without a - in front, so g to check -g.
-dnl $2: executed if yes
-dnl $3: executed if no
-AC_DEFUN([ACX_CHECK_COMPILER_FLAG],
-[
-AC_REQUIRE([AC_PROG_CC])
-AC_MSG_CHECKING(whether $CC supports -$1)
-cache=`echo $1 | sed 'y%.=/+-%___p_%'`
-AC_CACHE_VAL(cv_prog_cc_flag_$cache,
-[
-echo 'void f(){}' >conftest.c
-if test -z "`$CC $CPPFLAGS $CFLAGS -$1 -c conftest.c 2>&1`"; then
-eval "cv_prog_cc_flag_$cache=yes"
-else
-eval "cv_prog_cc_flag_$cache=no"
-fi
-rm -f conftest conftest.o conftest.c
-])
-if eval "test \"`echo '$cv_prog_cc_flag_'$cache`\" = yes"; then
-AC_MSG_RESULT(yes)
-:
-$2
-else
-AC_MSG_RESULT(no)
-:
-$3
-fi
-])
-
-dnl setup flags for ACX_CHECK_COMPILER_FLAG_NEEDED
-dnl ERRFLAG: result, compiler flag to turn warnings into errors
-AC_DEFUN([ACX_CHECK_ERROR_FLAGS],
-[
-ACX_CHECK_COMPILER_FLAG(Werror, [ERRFLAG="-Werror"], [ERRFLAG="-errwarn"])
-ACX_CHECK_COMPILER_FLAG(Wall, [ERRFLAG="$ERRFLAG -Wall"],
- [ERRFLAG="$ERRFLAG -errfmt"])
-])
-
-dnl Routine to help check for needed compiler flags.
-dnl $1: flags for CC
-dnl $2: the includes and code
-dnl $3: if the given code only compiles with the flag, execute argument 3
-dnl $4: if the given code compiles without the flag, execute argument 4
-dnl $5: with and without flag the compile fails, execute argument 5.
-AC_DEFUN([ACX_CHECK_COMPILER_FLAG_NEEDED],
-[
-AC_REQUIRE([AC_PROG_CC])
-AC_REQUIRE([ACX_CHECK_ERROR_FLAGS])
-AC_MSG_CHECKING(whether we need $1 as a flag for $CC)
-cache=AS_TR_SH($1)
-dnl cache=`echo $1 | sed 'y%.=/+- %___p__%'`
-AC_CACHE_VAL(cv_prog_cc_flag_needed_$cache,
-[
-echo '$2' > conftest.c
-echo 'void f(){}' >>conftest.c
-if test -z "`$CC $CPPFLAGS $CFLAGS $ERRFLAG -c conftest.c 2>&1`"; then
-eval "cv_prog_cc_flag_needed_$cache=no"
-else
-[
-if test -z "`$CC $CPPFLAGS $CFLAGS $1 $ERRFLAG -c conftest.c 2>&1`"; then
-eval "cv_prog_cc_flag_needed_$cache=yes"
-else
-eval "cv_prog_cc_flag_needed_$cache=fail"
-#echo 'Test with flag fails too!'
-#cat conftest.c
-#echo "$CC $CPPFLAGS $CFLAGS $1 $ERRFLAG -c conftest.c 2>&1"
-#echo `$CC $CPPFLAGS $CFLAGS $1 $ERRFLAG -c conftest.c 2>&1`
-#exit 1
-fi
-]
-fi
-rm -f conftest conftest.c conftest.o
-])
-if eval "test \"`echo '$cv_prog_cc_flag_needed_'$cache`\" = yes"; then
-AC_MSG_RESULT(yes)
-:
-$3
-else
-if eval "test \"`echo '$cv_prog_cc_flag_needed_'$cache`\" = no"; then
-AC_MSG_RESULT(no)
-#echo 'Test with flag is no!'
-#cat conftest.c
-#echo "$CC $CPPFLAGS $CFLAGS $1 $ERRFLAG -c conftest.c 2>&1"
-#echo `$CC $CPPFLAGS $CFLAGS $1 $ERRFLAG -c conftest.c 2>&1`
-#exit 1
-:
-$4
-else
-AC_MSG_RESULT(failed)
-:
-$5
-fi
-fi
-])
-
-dnl Check for CC dependency flag
-dnl DEPFLAG: set to flag that generates dependencies.
-AC_DEFUN([ACX_DEPFLAG],
-[
-AC_MSG_CHECKING([$CC dependency flag])
-echo 'void f(){}' >conftest.c
-if test "`$CC -MM conftest.c 2>&1`" = "conftest.o: conftest.c"; then
- DEPFLAG="-MM"
-else
- if test "`$CC -xM1 conftest.c 2>&1`" = "conftest.o: conftest.c"; then
- DEPFLAG="-xM1"
- else
- DEPFLAG="-MM" # dunno do something
- fi
-fi
-AC_MSG_RESULT($DEPFLAG)
-rm -f conftest.c
-AC_SUBST(DEPFLAG)
-])
-
-dnl Determine flags that gives POSIX and BSD functionality.
-dnl CFLAGS is modified for the result.
-AC_DEFUN([ACX_DETERMINE_EXT_FLAGS_UNBOUND],
-[
-ACX_CHECK_COMPILER_FLAG(std=c99, [C99FLAG="-std=c99"])
-ACX_CHECK_COMPILER_FLAG(xc99, [C99FLAG="-xc99"])
-
-AC_CHECK_HEADERS([getopt.h time.h],,, [AC_INCLUDES_DEFAULT])
-
-ACX_CHECK_COMPILER_FLAG_NEEDED($C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 -D_XOPEN_SOURCE_EXTENDED=1 -D_ALL_SOURCE,
-[
-#include "confdefs.h"
-#include <stdlib.h>
-#include <ctype.h>
-#include <sys/time.h>
-#ifdef HAVE_TIME_H
-#include <time.h>
-#endif
-#include <unistd.h>
-#include <netdb.h>
-#ifdef HAVE_GETOPT_H
-#include <getopt.h>
-#endif
-
-int test() {
- int a;
- char **opts = NULL;
- struct timeval tv;
- char *t;
- time_t time = 0;
- char *buf = NULL;
- const char* str = NULL;
- struct msghdr msg;
- msg.msg_control = 0;
- t = ctime_r(&time, buf);
- tv.tv_usec = 10;
- srandom(32);
- a = getopt(2, opts, "a");
- a = isascii(32);
- str = gai_strerror(0);
- return a;
-}
-], [CFLAGS="$CFLAGS $C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 -D_XOPEN_SOURCE_EXTENDED=1 -D_ALL_SOURCE"])
-
-ACX_CHECK_COMPILER_FLAG_NEEDED($C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 -D_ALL_SOURCE,
-[
-#include "confdefs.h"
-#include <stdlib.h>
-#include <ctype.h>
-#include <sys/time.h>
-#ifdef HAVE_TIME_H
-#include <time.h>
-#endif
-#include <unistd.h>
-#include <netdb.h>
-#ifdef HAVE_GETOPT_H
-#include <getopt.h>
-#endif
-
-int test() {
- int a;
- char **opts = NULL;
- struct timeval tv;
- char *t;
- time_t time = 0;
- char *buf = NULL;
- const char* str = NULL;
- struct msghdr msg;
- msg.msg_control = 0;
- t = ctime_r(&time, buf);
- tv.tv_usec = 10;
- srandom(32);
- a = getopt(2, opts, "a");
- a = isascii(32);
- str = gai_strerror(0);
- return a;
-}
-], [CFLAGS="$CFLAGS $C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 -D_ALL_SOURCE"])
-
-ACX_CHECK_COMPILER_FLAG_NEEDED($C99FLAG,
-[
-#include <stdbool.h>
-#include <ctype.h>
-int test() {
- int a = 0;
- return a;
-}
-], [CFLAGS="$CFLAGS $C99FLAG"])
-
-ACX_CHECK_COMPILER_FLAG_NEEDED(-D_BSD_SOURCE,
-[
-#include <ctype.h>
-
-int test() {
- int a;
- a = isascii(32);
- return a;
-}
-], [CFLAGS="$CFLAGS -D_BSD_SOURCE"])
-
-ACX_CHECK_COMPILER_FLAG_NEEDED(-D_GNU_SOURCE,
-[
-#include <netinet/in.h>
-
-int test() {
- struct in6_pktinfo inf;
- int a = (int)sizeof(inf);
- return a;
-}
-], [CFLAGS="$CFLAGS -D_GNU_SOURCE"])
-
-# check again for GNU_SOURCE for setresgid. May fail if setresgid
-# is not available at all. -D_FRSRESGID is to make this check unique.
-# otherwise we would get the previous cached result.
-ACX_CHECK_COMPILER_FLAG_NEEDED(-D_GNU_SOURCE -D_FRSRESGID,
-[
-#include <unistd.h>
-
-int test() {
- int a = setresgid(0,0,0);
- a = setresuid(0,0,0);
- return a;
-}
-], [CFLAGS="$CFLAGS -D_GNU_SOURCE"])
-
-ACX_CHECK_COMPILER_FLAG_NEEDED(-D_POSIX_C_SOURCE=200112,
-[
-#include "confdefs.h"
-#ifdef HAVE_TIME_H
-#include <time.h>
-#endif
-#include <netdb.h>
-
-int test() {
- int a = 0;
- char *t;
- time_t time = 0;
- char *buf = NULL;
- const char* str = NULL;
- t = ctime_r(&time, buf);
- str = gai_strerror(0);
- return a;
-}
-], [CFLAGS="$CFLAGS -D_POSIX_C_SOURCE=200112"])
-
-ACX_CHECK_COMPILER_FLAG_NEEDED(-D__EXTENSIONS__,
-[
-#include "confdefs.h"
-#include <stdlib.h>
-#include <ctype.h>
-#include <sys/time.h>
-#ifdef HAVE_TIME_H
-#include <time.h>
-#endif
-#include <unistd.h>
-#ifdef HAVE_GETOPT_H
-#include <getopt.h>
-#endif
-
-int test() {
- int a;
- char **opts = NULL;
- struct timeval tv;
- tv.tv_usec = 10;
- srandom(32);
- a = getopt(2, opts, "a");
- a = isascii(32);
- return a;
-}
-], [CFLAGS="$CFLAGS -D__EXTENSIONS__"])
-
-])dnl End of ACX_DETERMINE_EXT_FLAGS_UNBOUND
-
-dnl Check the printf-format attribute (if any)
-dnl result in HAVE_ATTR_FORMAT.
-dnl Make sure you also include the AHX_CONFIG_FORMAT_ATTRIBUTE.
-AC_DEFUN([ACX_CHECK_FORMAT_ATTRIBUTE],
-[AC_REQUIRE([AC_PROG_CC])
-AC_MSG_CHECKING(whether the C compiler (${CC-cc}) accepts the "format" attribute)
-AC_CACHE_VAL(ac_cv_c_format_attribute,
-[ac_cv_c_format_attribute=no
-AC_TRY_COMPILE(
-[#include <stdio.h>
-void f (char *format, ...) __attribute__ ((format (printf, 1, 2)));
-void (*pf) (char *format, ...) __attribute__ ((format (printf, 1, 2)));
-], [
- f ("%s", "str");
-],
-[ac_cv_c_format_attribute="yes"],
-[ac_cv_c_format_attribute="no"])
-])
-
-AC_MSG_RESULT($ac_cv_c_format_attribute)
-if test $ac_cv_c_format_attribute = yes; then
- AC_DEFINE(HAVE_ATTR_FORMAT, 1, [Whether the C compiler accepts the "format" attribute])
-fi
-])dnl End of ACX_CHECK_FORMAT_ATTRIBUTE
-
-dnl Setup ATTR_FORMAT config.h parts.
-dnl make sure you call ACX_CHECK_FORMAT_ATTRIBUTE also.
-AC_DEFUN([AHX_CONFIG_FORMAT_ATTRIBUTE],
-[
-#ifdef HAVE_ATTR_FORMAT
-# define ATTR_FORMAT(archetype, string_index, first_to_check) \
- __attribute__ ((format (archetype, string_index, first_to_check)))
-#else /* !HAVE_ATTR_FORMAT */
-# define ATTR_FORMAT(archetype, string_index, first_to_check) /* empty */
-#endif /* !HAVE_ATTR_FORMAT */
-])
-
-dnl Check how to mark function arguments as unused.
-dnl result in HAVE_ATTR_UNUSED.
-dnl Make sure you include AHX_CONFIG_UNUSED_ATTRIBUTE also.
-AC_DEFUN([ACX_CHECK_UNUSED_ATTRIBUTE],
-[AC_REQUIRE([AC_PROG_CC])
-AC_MSG_CHECKING(whether the C compiler (${CC-cc}) accepts the "unused" attribute)
-AC_CACHE_VAL(ac_cv_c_unused_attribute,
-[ac_cv_c_unused_attribute=no
-AC_TRY_COMPILE(
-[#include <stdio.h>
-void f (char *u __attribute__((unused)));
-], [
- f ("x");
-],
-[ac_cv_c_unused_attribute="yes"],
-[ac_cv_c_unused_attribute="no"])
-])
-
-dnl Setup ATTR_UNUSED config.h parts.
-dnl make sure you call ACX_CHECK_UNUSED_ATTRIBUTE also.
-AC_DEFUN([AHX_CONFIG_UNUSED_ATTRIBUTE],
-[
-#if defined(DOXYGEN)
-# define ATTR_UNUSED(x) x
-#elif defined(__cplusplus)
-# define ATTR_UNUSED(x)
-#elif defined(HAVE_ATTR_UNUSED)
-# define ATTR_UNUSED(x) x __attribute__((unused))
-#else /* !HAVE_ATTR_UNUSED */
-# define ATTR_UNUSED(x) x
-#endif /* !HAVE_ATTR_UNUSED */
-])
-
-AC_MSG_RESULT($ac_cv_c_unused_attribute)
-if test $ac_cv_c_unused_attribute = yes; then
- AC_DEFINE(HAVE_ATTR_UNUSED, 1, [Whether the C compiler accepts the "unused" attribute])
-fi
-])dnl
-
-dnl Pre-fun for ACX_LIBTOOL_C_ONLY
-AC_DEFUN([ACX_LIBTOOL_C_PRE], [
-# skip these tests, we do not need them.
-AC_DEFUN([AC_PROG_F77], [:])
-AC_DEFUN([AC_PROG_FC], [:])
-AC_DEFUN([AC_PROG_CXX], [:])
-AC_DEFUN([AC_PROG_CXXCPP], [:])
-AC_DEFUN([AC_PROG_OBJC], [:])
-AC_DEFUN([AC_PROG_OBJCCPP], [:])
-AC_DEFUN([AC_LIBTOOL_CXX], [:])
-AC_DEFUN([AC_LIBTOOL_F77], [:])
-# always use ./libtool unless override from commandline (libtool=mylibtool)
-if test -z "$libtool"; then
- libtool="./libtool"
-fi
-AC_SUBST(libtool)
-# avoid libtool max commandline length test on systems that fork slowly.
-AC_CANONICAL_HOST
-if echo "$host_os" | grep "sunos4" >/dev/null; then
- lt_cv_sys_max_cmd_len=32750;
-fi
-AC_PATH_TOOL(AR, ar, [false])
-if test $AR = false; then
- AC_MSG_ERROR([Cannot find 'ar', please extend PATH to include it])
-fi
-])
-
-dnl Perform libtool check, portably, only for C
-AC_DEFUN([ACX_LIBTOOL_C_ONLY], [
-dnl as a requirement so that is gets called before LIBTOOL
-dnl because libtools 'AC_REQUIRE' names are right after this one, before
-dnl this function contents.
-AC_REQUIRE([ACX_LIBTOOL_C_PRE])
-AC_PROG_LIBTOOL
-])
-
-dnl Detect if u_char type is defined, otherwise define it.
-AC_DEFUN([ACX_TYPE_U_CHAR],
-[AC_CHECK_TYPE([u_char], ,
- [AC_DEFINE([u_char], [unsigned char], [Define to 'unsigned char if not defined])], [
-AC_INCLUDES_DEFAULT
-#ifdef HAVE_WINSOCK2_H
-# include <winsock2.h>
-#endif
-]) ])
-
-dnl Detect if rlim_t type is defined, otherwise define it.
-AC_DEFUN([ACX_TYPE_RLIM_T],
-[AC_CHECK_TYPE(rlim_t, ,
- [AC_DEFINE([rlim_t], [unsigned long], [Define to 'int' if not defined])], [
-AC_INCLUDES_DEFAULT
-#ifdef HAVE_SYS_RESOURCE_H
-# include <sys/resource.h>
-#endif
-]) ])
-
-dnl Detect if socklen_t type is defined, otherwise define it.
-AC_DEFUN([ACX_TYPE_SOCKLEN_T],
-[
-AC_CHECK_TYPE(socklen_t, ,
- [AC_DEFINE([socklen_t], [int], [Define to 'int' if not defined])], [
-AC_INCLUDES_DEFAULT
-#ifdef HAVE_SYS_SOCKET_H
-# include <sys/socket.h>
-#endif
-#ifdef HAVE_WS2TCPIP_H
-# include <ws2tcpip.h>
-#endif
-]) ])
-
-dnl Detect if in_addr_t type is defined, otherwise define it.
-AC_DEFUN([ACX_TYPE_IN_ADDR_T],
-[ AC_CHECK_TYPE(in_addr_t, [], [AC_DEFINE([in_addr_t], [uint32_t], [in_addr_t])], [
-AC_INCLUDES_DEFAULT
-#ifdef HAVE_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-# include <netinet/in.h>
-#endif
-]) ])
-
-dnl Detect if in_port_t type is defined, otherwise define it.
-AC_DEFUN([ACX_TYPE_IN_PORT_T],
-[ AC_CHECK_TYPE(in_port_t, [], [AC_DEFINE([in_port_t], [uint16_t], [in_port_t])], [
-AC_INCLUDES_DEFAULT
-#ifdef HAVE_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-# include <netinet/in.h>
-#endif
-]) ])
-
-dnl Add option to disable the evil rpath. Check whether to use rpath or not.
-dnl Adds the --disable-rpath option. Uses trick to edit the ./libtool.
-AC_DEFUN([ACX_ARG_RPATH],
-[
-AC_ARG_ENABLE(rpath,
- [ --disable-rpath disable hardcoded rpath (default=enabled)],
- enable_rpath=$enableval, enable_rpath=yes)
-if test "x$enable_rpath" = xno; then
- dnl AC_MSG_RESULT([Fixing libtool for -rpath problems.])
- AC_CONFIG_COMMANDS([disable-rpath], [
- sed < libtool > libtool-2 \
- 's/^hardcode_libdir_flag_spec.*$'/'hardcode_libdir_flag_spec=" -D__LIBTOOL_RPATH_SED__ "/'
- mv libtool-2 libtool
- chmod 755 libtool
- libtool="./libtool"
- ])
-fi
-])
-
-dnl Add a -R to the RUNTIME_PATH. Only if rpath is enabled and it is
-dnl an absolute path.
-dnl $1: the pathname to add.
-AC_DEFUN([ACX_RUNTIME_PATH_ADD], [
- if test "x$enable_rpath" = xyes; then
- if echo "$1" | grep "^/" >/dev/null; then
- RUNTIME_PATH="$RUNTIME_PATH -R$1"
- fi
- fi
-])
-
-dnl Common code for both ACX_WITH_SSL and ACX_WITH_SSL_OPTIONAL
-dnl Takes one argument; the withval checked in those 2 functions
-dnl sets up the environment for the given openssl path
-AC_DEFUN([ACX_SSL_CHECKS], [
- withval=$1
- if test x_$withval != x_no; then
- AC_MSG_CHECKING(for SSL)
- if test x_$withval = x_ -o x_$withval = x_yes; then
- withval="/usr/local/ssl /usr/lib/ssl /usr/ssl /usr/pkg /usr/local /opt/local /usr/sfw /usr"
- fi
- for dir in $withval; do
- ssldir="$dir"
- if test -f "$dir/include/openssl/ssl.h"; then
- found_ssl="yes"
- AC_DEFINE_UNQUOTED([HAVE_SSL], [], [Define if you have the SSL libraries installed.])
- dnl assume /usr/include is already in the include-path.
- if test "$ssldir" != "/usr"; then
- CPPFLAGS="$CPPFLAGS -I$ssldir/include"
- LIBSSL_CPPFLAGS="$LIBSSL_CPPFLAGS -I$ssldir/include"
- fi
- break;
- fi
- done
- if test x_$found_ssl != x_yes; then
- AC_MSG_ERROR(Cannot find the SSL libraries in $withval)
- else
- AC_MSG_RESULT(found in $ssldir)
- HAVE_SSL=yes
- dnl assume /usr is already in the lib and dynlib paths.
- if test "$ssldir" != "/usr" -a "$ssldir" != ""; then
- LDFLAGS="$LDFLAGS -L$ssldir/lib"
- LIBSSL_LDFLAGS="$LIBSSL_LDFLAGS -L$ssldir/lib"
- ACX_RUNTIME_PATH_ADD([$ssldir/lib])
- fi
-
- AC_MSG_CHECKING([for HMAC_CTX_init in -lcrypto])
- LIBS="$LIBS -lcrypto"
- LIBSSL_LIBS="$LIBSSL_LIBS -lcrypto"
- AC_TRY_LINK(, [
- int HMAC_CTX_init(void);
- (void)HMAC_CTX_init();
- ], [
- AC_MSG_RESULT(yes)
- AC_DEFINE([HAVE_HMAC_CTX_INIT], 1,
- [If you have HMAC_CTX_init])
- ], [
- AC_MSG_RESULT(no)
- # check if -lwsock32 or -lgdi32 are needed.
- BAKLIBS="$LIBS"
- BAKSSLLIBS="$LIBSSL_LIBS"
- LIBS="$LIBS -lgdi32"
- LIBSSL_LIBS="$LIBSSL_LIBS -lgdi32"
- AC_MSG_CHECKING([if -lcrypto needs -lgdi32])
- AC_TRY_LINK([], [
- int HMAC_CTX_init(void);
- (void)HMAC_CTX_init();
- ],[
- AC_DEFINE([HAVE_HMAC_CTX_INIT], 1,
- [If you have HMAC_CTX_init])
- AC_MSG_RESULT(yes)
- ],[
- AC_MSG_RESULT(no)
- LIBS="$BAKLIBS"
- LIBSSL_LIBS="$BAKSSLLIBS"
- LIBS="$LIBS -ldl"
- LIBSSL_LIBS="$LIBSSL_LIBS -ldl"
- AC_MSG_CHECKING([if -lcrypto needs -ldl])
- AC_TRY_LINK([], [
- int HMAC_CTX_init(void);
- (void)HMAC_CTX_init();
- ],[
- AC_DEFINE([HAVE_HMAC_CTX_INIT], 1,
- [If you have HMAC_CTX_init])
- AC_MSG_RESULT(yes)
- ],[
- AC_MSG_RESULT(no)
- AC_MSG_ERROR([OpenSSL found in $ssldir, but version 0.9.7 or higher is required])
- ])
- ])
- ])
- fi
- AC_SUBST(HAVE_SSL)
- AC_SUBST(RUNTIME_PATH)
- # openssl engine functionality needs dlopen().
- BAKLIBS="$LIBS"
- AC_SEARCH_LIBS([dlopen], [dl])
- if test "$LIBS" != "$BAKLIBS"; then
- LIBSSL_LIBS="$LIBSSL_LIBS -ldl"
- fi
- fi
-AC_CHECK_HEADERS([openssl/ssl.h],,, [AC_INCLUDES_DEFAULT])
-AC_CHECK_HEADERS([openssl/err.h],,, [AC_INCLUDES_DEFAULT])
-AC_CHECK_HEADERS([openssl/rand.h],,, [AC_INCLUDES_DEFAULT])
-])dnl End of ACX_SSL_CHECKS
-
-dnl Check for SSL, where SSL is mandatory
-dnl Adds --with-ssl option, searches for openssl and defines HAVE_SSL if found
-dnl Setup of CPPFLAGS, CFLAGS. Adds -lcrypto to LIBS.
-dnl Checks main header files of SSL.
-dnl
-AC_DEFUN([ACX_WITH_SSL],
-[
-AC_ARG_WITH(ssl, AC_HELP_STRING([--with-ssl=pathname],
- [enable SSL (will check /usr/local/ssl
- /usr/lib/ssl /usr/ssl /usr/pkg /usr/local /opt/local /usr/sfw /usr)]),[
- ],[
- withval="yes"
- ])
- if test x_$withval = x_no; then
- AC_MSG_ERROR([Need SSL library to do digital signature cryptography])
- fi
- ACX_SSL_CHECKS($withval)
-])dnl End of ACX_WITH_SSL
-
-dnl Check for SSL, where ssl is optional (--without-ssl is allowed)
-dnl Adds --with-ssl option, searches for openssl and defines HAVE_SSL if found
-dnl Setup of CPPFLAGS, CFLAGS. Adds -lcrypto to LIBS.
-dnl Checks main header files of SSL.
-dnl
-AC_DEFUN([ACX_WITH_SSL_OPTIONAL],
-[
-AC_ARG_WITH(ssl, AC_HELP_STRING([--with-ssl=pathname],
- [enable SSL (will check /usr/local/ssl
- /usr/lib/ssl /usr/ssl /usr/pkg /usr/local /opt/local /usr/sfw /usr)]),[
- ],[
- withval="yes"
- ])
- ACX_SSL_CHECKS($withval)
-])dnl End of ACX_WITH_SSL_OPTIONAL
-
-dnl Setup to use -lssl
-dnl To use -lcrypto, use the ACX_WITH_SSL setup (before this one).
-AC_DEFUN([ACX_LIB_SSL],
-[
-# check if libssl needs libdl
-BAKLIBS="$LIBS"
-LIBS="-lssl $LIBS"
-AC_MSG_CHECKING([if libssl needs libdl])
-AC_TRY_LINK_FUNC([SSL_CTX_new], [
- AC_MSG_RESULT([no])
- LIBS="$BAKLIBS"
-] , [
- AC_MSG_RESULT([yes])
- LIBS="$BAKLIBS"
- AC_SEARCH_LIBS([dlopen], [dl])
-]) ])dnl End of ACX_LIB_SSL
-
-dnl Setup to use very large files (>2Gb).
-dnl setups fseeko and its own
-AC_DEFUN([ACX_SYS_LARGEFILE],
-[
-AC_SYS_LARGEFILE
-dnl try to see if an additional _LARGEFILE_SOURCE 1 is needed to get fseeko
-ACX_CHECK_COMPILER_FLAG_NEEDED(-D_LARGEFILE_SOURCE=1,
-[
-#include <stdio.h>
-int test() {
- int a = fseeko(stdin, 0, 0);
- return a;
-}
-], [CFLAGS="$CFLAGS -D_LARGEFILE_SOURCE=1"])
-])
-
-dnl Check getaddrinfo.
-dnl Works on linux, solaris, bsd and windows(links winsock).
-dnl defines HAVE_GETADDRINFO, USE_WINSOCK.
-AC_DEFUN([ACX_CHECK_GETADDRINFO_WITH_INCLUDES],
-[AC_REQUIRE([AC_PROG_CC])
-AC_MSG_CHECKING(for getaddrinfo)
-ac_cv_func_getaddrinfo=no
-AC_LINK_IFELSE([AC_LANG_SOURCE([
-[
-#ifdef __cplusplus
-extern "C"
-{
-#endif
-char* getaddrinfo();
-char* (*f) () = getaddrinfo;
-#ifdef __cplusplus
-}
-#endif
-int main() {
- ;
- return 0;
-}
-]])],
-dnl this case on linux, solaris, bsd
-[ac_cv_func_getaddrinfo="yes"],
-dnl no quick getaddrinfo, try mingw32 and winsock2 library.
-ORIGLIBS="$LIBS"
-LIBS="$LIBS -lws2_32"
-AC_LINK_IFELSE([
-AC_LANG_PROGRAM(
-[[
-#ifdef HAVE_WS2TCPIP_H
-#include <ws2tcpip.h>
-#endif
-]],[[
- (void)getaddrinfo(NULL, NULL, NULL, NULL);
-]])],
-[
-ac_cv_func_getaddrinfo="yes"
-dnl already: LIBS="$LIBS -lws2_32"
-AC_DEFINE(USE_WINSOCK, 1, [Whether the windows socket API is used])
-USE_WINSOCK="1"
-],
-[
-ac_cv_func_getaddrinfo="no"
-LIBS="$ORIGLIBS"
-])
-)
-
-AC_MSG_RESULT($ac_cv_func_getaddrinfo)
-if test $ac_cv_func_getaddrinfo = yes; then
- AC_DEFINE(HAVE_GETADDRINFO, 1, [Whether getaddrinfo is available])
-fi
-])dnl Endof AC_CHECK_GETADDRINFO_WITH_INCLUDES
-
-dnl check if a function is deprecated. defines DEPRECATED_func in config.h.
-dnl $1: function name
-dnl $2: C-statement that calls the function.
-dnl $3: includes for the program.
-dnl $4: executes if yes
-dnl $5: executes if no
-AC_DEFUN([ACX_FUNC_DEPRECATED],
-[
-AC_REQUIRE([AC_PROG_CC])
-AC_MSG_CHECKING(if $1 is deprecated)
-cache=`echo $1 | sed 'y%.=/+-%___p_%'`
-AC_CACHE_VAL(cv_cc_deprecated_$cache,
-[
-echo '$3' >conftest.c
-echo 'void f(){ $2 }' >>conftest.c
-if test -z "`$CC -c conftest.c 2>&1 | grep deprecated`"; then
-eval "cv_cc_deprecated_$cache=no"
-else
-eval "cv_cc_deprecated_$cache=yes"
-fi
-rm -f conftest conftest.o conftest.c
-])
-if eval "test \"`echo '$cv_cc_deprecated_'$cache`\" = yes"; then
-AC_MSG_RESULT(yes)
-AC_DEFINE_UNQUOTED(AS_TR_CPP([DEPRECATED_$1]), 1, [Whether $1 is deprecated])
-:
-$4
-else
-AC_MSG_RESULT(no)
-:
-$5
-fi
-])dnl end of ACX_FUNC_DEPRECATED
-
-dnl check if select and nonblocking sockets actually work.
-dnl Needs fork(2) and select(2).
-dnl defines NONBLOCKING_IS_BROKEN, and if that is true multiple reads from
-dnl a nonblocking socket do not work, a new call to select is necessary.
-AC_DEFUN([ACX_CHECK_NONBLOCKING_BROKEN],
-[
-AC_MSG_CHECKING([if nonblocking sockets work])
-if echo $target | grep mingw32 >/dev/null; then
- AC_MSG_RESULT([no (windows)])
- AC_DEFINE([NONBLOCKING_IS_BROKEN], 1, [Define if the network stack does not fully support nonblocking io (causes lower performance).])
-else
-AC_RUN_IFELSE([AC_LANG_PROGRAM([[
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <fcntl.h>
-#include <errno.h>
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-#ifdef HAVE_TIME_H
-#include <time.h>
-#endif
-]],[[
- int port;
- int sfd, cfd;
- int num = 10;
- int i, p;
- struct sockaddr_in a;
- /* test if select and nonblocking reads work well together */
- /* open port.
- fork child to send 10 messages.
- select to read.
- then try to nonblocking read the 10 messages
- then, nonblocking read must give EAGAIN
- */
-
- port = 12345 + (time(0)%32);
- sfd = socket(PF_INET, SOCK_DGRAM, 0);
- if(sfd == -1) {
- perror("socket");
- return 1;
- }
- memset(&a, 0, sizeof(a));
- a.sin_family = AF_INET;
- a.sin_port = htons(port);
- a.sin_addr.s_addr = inet_addr("127.0.0.1");
- if(bind(sfd, (struct sockaddr*)&a, sizeof(a)) < 0) {
- perror("bind");
- return 1;
- }
- if(fcntl(sfd, F_SETFL, O_NONBLOCK) == -1) {
- perror("fcntl");
- return 1;
- }
-
- cfd = socket(PF_INET, SOCK_DGRAM, 0);
- if(cfd == -1) {
- perror("client socket");
- return 1;
- }
- a.sin_port = 0;
- if(bind(cfd, (struct sockaddr*)&a, sizeof(a)) < 0) {
- perror("client bind");
- return 1;
- }
- a.sin_port = htons(port);
-
- /* no handler, causes exit in 10 seconds */
- alarm(10);
-
- /* send and receive on the socket */
- if((p=fork()) == 0) {
- for(i=0; i<num; i++) {
- if(sendto(cfd, &i, sizeof(i), 0,
- (struct sockaddr*)&a, sizeof(a)) < 0) {
- perror("sendto");
- return 1;
- }
- }
- } else {
- /* parent */
- fd_set rset;
- int x;
- if(p == -1) {
- perror("fork");
- return 1;
- }
- FD_ZERO(&rset);
- FD_SET(sfd, &rset);
- if(select(sfd+1, &rset, NULL, NULL, NULL) < 1) {
- perror("select");
- return 1;
- }
- i = 0;
- while(i < num) {
- if(recv(sfd, &x, sizeof(x), 0) != sizeof(x)) {
- if(errno == EAGAIN)
- continue;
- perror("recv");
- return 1;
- }
- i++;
- }
- /* now we want to get EAGAIN: nonblocking goodness */
- errno = 0;
- recv(sfd, &x, sizeof(x), 0);
- if(errno != EAGAIN) {
- perror("trying to recv again");
- return 1;
- }
- /* EAGAIN encountered */
- }
-
- close(sfd);
- close(cfd);
-]])], [
- AC_MSG_RESULT([yes])
-], [
- AC_MSG_RESULT([no])
- AC_DEFINE([NONBLOCKING_IS_BROKEN], 1, [Define if the network stack does not fully support nonblocking io (causes lower performance).])
-], [
- AC_MSG_RESULT([crosscompile(yes)])
-])
-fi
-])dnl End of ACX_CHECK_NONBLOCKING_BROKEN
-
-dnl Check if mkdir has one or two arguments.
-dnl defines MKDIR_HAS_ONE_ARG
-AC_DEFUN([ACX_MKDIR_ONE_ARG],
-[
-AC_MSG_CHECKING([whether mkdir has one arg])
-AC_TRY_COMPILE([
-#include <stdio.h>
-#include <unistd.h>
-#ifdef HAVE_WINSOCK2_H
-#include <winsock2.h>
-#endif
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-], [
- (void)mkdir("directory");
-],
-AC_MSG_RESULT(yes)
-AC_DEFINE(MKDIR_HAS_ONE_ARG, 1, [Define if mkdir has one argument.])
-,
-AC_MSG_RESULT(no)
-)
-])dnl end of ACX_MKDIR_ONE_ARG
-
-dnl Check for ioctlsocket function. works on mingw32 too.
-AC_DEFUN([ACX_FUNC_IOCTLSOCKET],
-[
-# check ioctlsocket
-AC_MSG_CHECKING(for ioctlsocket)
-AC_LINK_IFELSE([AC_LANG_PROGRAM([[
-#ifdef HAVE_WINSOCK2_H
-#include <winsock2.h>
-#endif
-]],[[
-(void)ioctlsocket(0, 0, NULL);
-]])], [
-AC_MSG_RESULT(yes)
-AC_DEFINE(HAVE_IOCTLSOCKET, 1, [if the function 'ioctlsocket' is available])
-],[AC_MSG_RESULT(no)])
-])dnl end of ACX_FUNC_IOCTLSOCKET
-
-dnl detect malloc and provide malloc compat prototype.
-dnl $1: unique name for compat code
-AC_DEFUN([ACX_FUNC_MALLOC],
-[
- AC_FUNC_MALLOC
- if test "$ac_cv_func_malloc_0_nonnull" = no; then
- AC_DEFINE_UNQUOTED([malloc], [rpl_malloc_$1], [Define if replacement function should be used.])
- fi
-])
-
-dnl Define fallback for fseeko and ftello if needed.
-AC_DEFUN([AHX_CONFIG_FSEEKO],
-[
-#ifndef HAVE_FSEEKO
-#define fseeko fseek
-#define ftello ftell
-#endif /* HAVE_FSEEKO */
-])
-
-dnl Define RAND_MAX if not defined
-AC_DEFUN([AHX_CONFIG_RAND_MAX],
-[
-#ifndef RAND_MAX
-#define RAND_MAX 2147483647
-#endif
-])
-
-dnl Define MAXHOSTNAMELEN if not defined
-AC_DEFUN([AHX_CONFIG_MAXHOSTNAMELEN],
-[
-#ifndef MAXHOSTNAMELEN
-#define MAXHOSTNAMELEN 256
-#endif
-])
-
-dnl Define IPV6_MIN_MTU if not defined
-AC_DEFUN([AHX_CONFIG_IPV6_MIN_MTU],
-[
-#ifndef IPV6_MIN_MTU
-#define IPV6_MIN_MTU 1280
-#endif /* IPV6_MIN_MTU */
-])
-
-dnl provide snprintf, vsnprintf compat prototype
-dnl $1: unique name for compat code
-AC_DEFUN([AHX_CONFIG_SNPRINTF],
-[
-#ifndef HAVE_SNPRINTF
-#define snprintf snprintf_$1
-#define vsnprintf vsnprintf_$1
-#include <stdarg.h>
-int snprintf (char *str, size_t count, const char *fmt, ...);
-int vsnprintf (char *str, size_t count, const char *fmt, va_list arg);
-#endif /* HAVE_SNPRINTF */
-])
-
-dnl provide inet_pton compat prototype.
-dnl $1: unique name for compat code
-AC_DEFUN([AHX_CONFIG_INET_PTON],
-[
-#ifndef HAVE_INET_PTON
-#define inet_pton inet_pton_$1
-int inet_pton(int af, const char* src, void* dst);
-#endif /* HAVE_INET_PTON */
-])
-
-dnl provide inet_ntop compat prototype.
-dnl $1: unique name for compat code
-AC_DEFUN([AHX_CONFIG_INET_NTOP],
-[
-#ifndef HAVE_INET_NTOP
-#define inet_ntop inet_ntop_$1
-const char *inet_ntop(int af, const void *src, char *dst, size_t size);
-#endif
-])
-
-dnl provide inet_aton compat prototype.
-dnl $1: unique name for compat code
-AC_DEFUN([AHX_CONFIG_INET_ATON],
-[
-#ifndef HAVE_INET_ATON
-#define inet_aton inet_aton_$1
-int inet_aton(const char *cp, struct in_addr *addr);
-#endif
-])
-
-dnl provide memmove compat prototype.
-dnl $1: unique name for compat code
-AC_DEFUN([AHX_CONFIG_MEMMOVE],
-[
-#ifndef HAVE_MEMMOVE
-#define memmove memmove_$1
-void *memmove(void *dest, const void *src, size_t n);
-#endif
-])
-
-dnl provide strlcat compat prototype.
-dnl $1: unique name for compat code
-AC_DEFUN([AHX_CONFIG_STRLCAT],
-[
-#ifndef HAVE_STRLCAT
-#define strlcat strlcat_$1
-size_t strlcat(char *dst, const char *src, size_t siz);
-#endif
-])
-
-dnl provide strlcpy compat prototype.
-dnl $1: unique name for compat code
-AC_DEFUN([AHX_CONFIG_STRLCPY],
-[
-#ifndef HAVE_STRLCPY
-#define strlcpy strlcpy_$1
-size_t strlcpy(char *dst, const char *src, size_t siz);
-#endif
-])
-
-dnl provide gmtime_r compat prototype.
-dnl $1: unique name for compat code
-AC_DEFUN([AHX_CONFIG_GMTIME_R],
-[
-#ifndef HAVE_GMTIME_R
-#define gmtime_r gmtime_r_$1
-struct tm *gmtime_r(const time_t *timep, struct tm *result);
-#endif
-])
-
-dnl provide w32 compat definition for sleep
-AC_DEFUN([AHX_CONFIG_W32_SLEEP],
-[
-#ifndef HAVE_SLEEP
-#define sleep(x) Sleep((x)*1000) /* on win32 */
-#endif /* HAVE_SLEEP */
-])
-
-dnl provide w32 compat definition for usleep
-AC_DEFUN([AHX_CONFIG_W32_USLEEP],
-[
-#ifndef HAVE_USLEEP
-#define usleep(x) Sleep((x)/1000 + 1) /* on win32 */
-#endif /* HAVE_USLEEP */
-])
-
-dnl provide w32 compat definition for random
-AC_DEFUN([AHX_CONFIG_W32_RANDOM],
-[
-#ifndef HAVE_RANDOM
-#define random rand /* on win32, for tests only (bad random) */
-#endif /* HAVE_RANDOM */
-])
-
-dnl provide w32 compat definition for srandom
-AC_DEFUN([AHX_CONFIG_W32_SRANDOM],
-[
-#ifndef HAVE_SRANDOM
-#define srandom(x) srand(x) /* on win32, for tests only (bad random) */
-#endif /* HAVE_SRANDOM */
-])
-
-dnl provide w32 compat definition for FD_SET_T
-AC_DEFUN([AHX_CONFIG_W32_FD_SET_T],
-[
-/* detect if we need to cast to unsigned int for FD_SET to avoid warnings */
-#ifdef HAVE_WINSOCK2_H
-#define FD_SET_T (u_int)
-#else
-#define FD_SET_T
-#endif
-])
-
-dnl Remove an extension flag from CFLAGS, define replacement to be made.
-dnl Used by ACX_STRIP_EXT_FLAGS.
-dnl $1: the name of the flag, for example -D_GNU_SOURCE.
-AC_DEFUN([ACX_CFLAGS_STRIP],
-[
- if echo $CFLAGS | grep " $1" >/dev/null 2>&1; then
- CFLAGS="`echo $CFLAGS | sed -e 's/ $1//g'`"
- AC_DEFINE(m4_bpatsubst(OMITTED_$1,[[-=]],_), 1, Put $1 define in config.h)
- fi
-])
-
-dnl Remove EXT flags from the CFLAGS and set them to be defined in config.h
-dnl use with ACX_DETERMINE_EXT_FLAGS.
-AC_DEFUN([ACX_STRIP_EXT_FLAGS],
-[
- AC_MSG_NOTICE([Stripping extension flags...])
- ACX_CFLAGS_STRIP(-D_GNU_SOURCE)
- ACX_CFLAGS_STRIP(-D_BSD_SOURCE)
- ACX_CFLAGS_STRIP(-D__EXTENSIONS__)
- ACX_CFLAGS_STRIP(-D_POSIX_C_SOURCE=200112)
- ACX_CFLAGS_STRIP(-D_XOPEN_SOURCE=600)
- ACX_CFLAGS_STRIP(-D_XOPEN_SOURCE_EXTENDED=1)
- ACX_CFLAGS_STRIP(-D_ALL_SOURCE)
- ACX_CFLAGS_STRIP(-D_LARGEFILE_SOURCE=1)
-]) dnl End of ACX_STRIP_EXT_FLAGS
-
-dnl define one omitted flag for config.h
-dnl $1: flag name. -D_GNU_SOURCE
-dnl $2: replacement define. _GNU_SOURCE
-dnl $3: define value, 1
-AC_DEFUN([AHX_CONFIG_FLAG_OMITTED],
-[#if defined($1) && !defined($2)
-#define $2 $3
-[#]endif ])
-
-dnl Wrapper for AHX_CONFIG_FLAG_OMITTED for -D style flags
-dnl $1: the -DNAME or -DNAME=value string.
-AC_DEFUN([AHX_CONFIG_FLAG_EXT],
-[AHX_CONFIG_FLAG_OMITTED(m4_bpatsubst(OMITTED_$1,[[-=]],_),m4_bpatsubst(m4_bpatsubst($1,-D,),=.*$,),m4_if(m4_bregexp($1,=),-1,1,m4_bpatsubst($1,^.*=,)))
-])
-
-dnl config.h part to define omitted cflags, use with ACX_STRIP_EXT_FLAGS.
-AC_DEFUN([AHX_CONFIG_EXT_FLAGS],
-[AHX_CONFIG_FLAG_EXT(-D_GNU_SOURCE)
-AHX_CONFIG_FLAG_EXT(-D_BSD_SOURCE)
-AHX_CONFIG_FLAG_EXT(-D__EXTENSIONS__)
-AHX_CONFIG_FLAG_EXT(-D_POSIX_C_SOURCE=200112)
-AHX_CONFIG_FLAG_EXT(-D_XOPEN_SOURCE=600)
-AHX_CONFIG_FLAG_EXT(-D_XOPEN_SOURCE_EXTENDED=1)
-AHX_CONFIG_FLAG_EXT(-D_ALL_SOURCE)
-AHX_CONFIG_FLAG_EXT(-D_LARGEFILE_SOURCE=1)
-])
-
-dnl check if memcmp is using signed characters and replace if so.
-AC_DEFUN([ACX_CHECK_MEMCMP_SIGNED],
-[AC_MSG_CHECKING([if memcmp compares unsigned])
-AC_RUN_IFELSE([AC_LANG_SOURCE([[
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-int main(void)
-{
- char a = 255, b = 0;
- if(memcmp(&a, &b, 1) < 0)
- return 1;
- return 0;
-}
-]])], [AC_MSG_RESULT([yes]) ],
-[ AC_MSG_RESULT([no])
- AC_DEFINE([MEMCMP_IS_BROKEN], [1], [Define if memcmp() does not compare unsigned bytes])
- AC_LIBOBJ([memcmp])
-], [ AC_MSG_RESULT([cross-compile no])
- AC_DEFINE([MEMCMP_IS_BROKEN], [1], [Define if memcmp() does not compare unsigned bytes])
- AC_LIBOBJ([memcmp])
-]) ])
-
-dnl define memcmp to its replacement, pass unique id for program as arg
-AC_DEFUN([AHX_MEMCMP_BROKEN], [
-#ifdef MEMCMP_IS_BROKEN
-# ifdef memcmp
-# undef memcmp
-# endif
-#define memcmp memcmp_$1
-int memcmp(const void *x, const void *y, size_t n);
-#endif
-])
-
-dnl ACX_CHECK_SS_FAMILY - check for sockaddr_storage.ss_family
-AC_DEFUN([ACX_CHECK_SS_FAMILY],
-[AC_CHECK_MEMBER([struct sockaddr_storage.ss_family], [], [
- AC_CHECK_MEMBER([struct sockaddr_storage.__ss_family], [
- AC_DEFINE([ss_family], [__ss_family], [Fallback member name for socket family in struct sockaddr_storage])
- ],, [AC_INCLUDES_DEFAULT
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
- ])
-], [AC_INCLUDES_DEFAULT
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-]) ])
-
-dnl End of file
+++ /dev/null
-AC_DEFUN([AC_PYTHON_DEVEL],[
- #
- # Allow the use of a (user set) custom python version
- #
- AC_ARG_VAR([PYTHON_VERSION],[The installed Python
- version to use, for example '2.3'. This string
- will be appended to the Python interpreter
- canonical name.])
-
- AC_PATH_PROG([PYTHON],[python[$PYTHON_VERSION]])
- if test -z "$PYTHON"; then
- AC_MSG_ERROR([Cannot find python$PYTHON_VERSION in your system path])
- PYTHON_VERSION=""
- fi
-
- if test -z "$PYTHON_VERSION"; then
- PYTHON_VERSION=`$PYTHON -c "import sys, string; \
- print string.split(sys.version)[[0]]"`
- fi
-
- #
- # Check for a version of Python >= 2.1.0
- #
- AC_MSG_CHECKING([for a version of Python >= '2.1.0'])
- ac_supports_python_ver=`$PYTHON -c "import sys, string; \
- ver = string.split(sys.version)[[0]]; \
- print ver >= '2.1.0'"`
- if test "$ac_supports_python_ver" != "True"; then
- if test -z "$PYTHON_NOVERSIONCHECK"; then
- AC_MSG_RESULT([no])
- AC_MSG_FAILURE([
-This version of the AC@&t@_PYTHON_DEVEL macro
-doesn't work properly with versions of Python before
-2.1.0. You may need to re-run configure, setting the
-variables PYTHON_CPPFLAGS, PYTHON_LDFLAGS, PYTHON_SITE_PKG,
-PYTHON_EXTRA_LIBS and PYTHON_EXTRA_LDFLAGS by hand.
-Moreover, to disable this check, set PYTHON_NOVERSIONCHECK
-to something else than an empty string.
-])
- else
- AC_MSG_RESULT([skip at user request])
- fi
- else
- AC_MSG_RESULT([yes])
- fi
-
- #
- # if the macro parameter ``version'' is set, honour it
- #
- if test -n "$1"; then
- AC_MSG_CHECKING([for a version of Python $1])
- ac_supports_python_ver=`$PYTHON -c "import sys, string; \
- ver = string.split(sys.version)[[0]]; \
- print ver $1"`
- if test "$ac_supports_python_ver" = "True"; then
- AC_MSG_RESULT([yes])
- else
- AC_MSG_RESULT([no])
- AC_MSG_ERROR([this package requires Python $1.
-If you have it installed, but it isn't the default Python
-interpreter in your system path, please pass the PYTHON_VERSION
-variable to configure. See ``configure --help'' for reference.
-])
- PYTHON_VERSION=""
- fi
- fi
-
- #
- # Check if you have distutils, else fail
- #
- AC_MSG_CHECKING([for the distutils Python package])
- ac_distutils_result=`$PYTHON -c "import distutils" 2>&1`
- if test -z "$ac_distutils_result"; then
- AC_MSG_RESULT([yes])
- else
- AC_MSG_RESULT([no])
- AC_MSG_ERROR([cannot import Python module "distutils".
-Please check your Python installation. The error was:
-$ac_distutils_result])
- PYTHON_VERSION=""
- fi
-
- #
- # Check for Python include path
- #
- AC_MSG_CHECKING([for Python include path])
- if test -z "$PYTHON_CPPFLAGS"; then
- python_path=`$PYTHON -c "import distutils.sysconfig; \
- print distutils.sysconfig.get_python_inc();"`
- if test -n "${python_path}"; then
- python_path="-I$python_path"
- fi
- PYTHON_CPPFLAGS=$python_path
- fi
- AC_MSG_RESULT([$PYTHON_CPPFLAGS])
- AC_SUBST([PYTHON_CPPFLAGS])
-
- #
- # Check for Python library path
- #
- AC_MSG_CHECKING([for Python library path])
- if test -z "$PYTHON_LDFLAGS"; then
- # (makes two attempts to ensure we've got a version number
- # from the interpreter)
- py_version=`$PYTHON -c "from distutils.sysconfig import *; \
- from string import join; \
- print join(get_config_vars('VERSION'))"`
- if test "$py_version" = "[None]"; then
- if test -n "$PYTHON_VERSION"; then
- py_version=$PYTHON_VERSION
- else
- py_version=`$PYTHON -c "import sys; \
- print sys.version[[:3]]"`
- fi
- fi
-
- PYTHON_LDFLAGS=`$PYTHON -c "from distutils.sysconfig import *; \
- from string import join; \
- print '-L' + get_python_lib(0,1), \
- '-L' + os.path.dirname(get_python_lib(0,1)), \
- '-lpython';"`$py_version
- fi
- AC_MSG_RESULT([$PYTHON_LDFLAGS])
- AC_SUBST([PYTHON_LDFLAGS])
-
- #
- # Check for site packages
- #
- AC_MSG_CHECKING([for Python site-packages path])
- if test -z "$PYTHON_SITE_PKG"; then
- PYTHON_SITE_PKG=`$PYTHON -c "import distutils.sysconfig; \
- print distutils.sysconfig.get_python_lib(0,0);"`
- fi
- AC_MSG_RESULT([$PYTHON_SITE_PKG])
- AC_SUBST([PYTHON_SITE_PKG])
-
- #
- # libraries which must be linked in when embedding
- #
- AC_MSG_CHECKING(python extra libraries)
- if test -z "$PYTHON_EXTRA_LIBS"; then
- PYTHON_EXTRA_LIBS=`$PYTHON -c "import distutils.sysconfig; \
- conf = distutils.sysconfig.get_config_var; \
- print conf('LOCALMODLIBS'), conf('LIBS')"`
- fi
- AC_MSG_RESULT([$PYTHON_EXTRA_LIBS])
- AC_SUBST(PYTHON_EXTRA_LIBS)
-
- #
- # linking flags needed when embedding
- #
- AC_MSG_CHECKING(python extra linking flags)
- if test -z "$PYTHON_EXTRA_LDFLAGS"; then
- PYTHON_EXTRA_LDFLAGS=`$PYTHON -c "import distutils.sysconfig; \
- conf = distutils.sysconfig.get_config_var; \
- print conf('LINKFORSHARED')"`
- fi
- AC_MSG_RESULT([$PYTHON_EXTRA_LDFLAGS])
- AC_SUBST(PYTHON_EXTRA_LDFLAGS)
-
- #
- # final check to see if everything compiles alright
- #
- AC_MSG_CHECKING([consistency of all components of python development environment])
- AC_LANG_PUSH([C])
- # save current global flags
- LIBS="$ac_save_LIBS $PYTHON_LDFLAGS"
- CPPFLAGS="$ac_save_CPPFLAGS $PYTHON_CPPFLAGS"
- AC_TRY_LINK([
- #include <Python.h>
- ],[
- Py_Initialize();
- ],[pythonexists=yes],[pythonexists=no])
-
- AC_MSG_RESULT([$pythonexists])
-
- if test ! "$pythonexists" = "yes"; then
- AC_MSG_ERROR([
- Could not link test program to Python. Maybe the main Python library has been
- installed in some non-standard library path. If so, pass it to configure,
- via the LDFLAGS environment variable.
- Example: ./configure LDFLAGS="-L/usr/non-standard-path/python/lib"
- ============================================================================
- ERROR!
- You probably have to install the development version of the Python package
- for your distribution. The exact name of this package varies among them.
- ============================================================================
- ])
- PYTHON_VERSION=""
- fi
- AC_LANG_POP
- # turn back to default flags
- CPPFLAGS="$ac_save_CPPFLAGS"
- LIBS="$ac_save_LIBS"
-
- #
- # all done!
- #
-])
-
+++ /dev/null
-/*
- * buffer.c -- generic memory buffer .
- *
- * Copyright (c) 2001-2008, NLnet Labs. All rights reserved.
- *
- * See LICENSE for the license.
- *
- */
-
-#include <ldns/config.h>
-
-#include <ldns/ldns.h>
-#include <ldns/buffer.h>
-
-ldns_buffer *
-ldns_buffer_new(size_t capacity)
-{
- ldns_buffer *buffer = LDNS_MALLOC(ldns_buffer);
-
- if (!buffer) {
- return NULL;
- }
-
- buffer->_data = (uint8_t *) LDNS_XMALLOC(uint8_t, capacity);
- if (!buffer->_data) {
- LDNS_FREE(buffer);
- return NULL;
- }
-
- buffer->_position = 0;
- buffer->_limit = buffer->_capacity = capacity;
- buffer->_fixed = 0;
- buffer->_status = LDNS_STATUS_OK;
-
- ldns_buffer_invariant(buffer);
-
- return buffer;
-}
-
-void
-ldns_buffer_new_frm_data(ldns_buffer *buffer, void *data, size_t size)
-{
- assert(data != NULL);
-
- buffer->_position = 0;
- buffer->_limit = buffer->_capacity = size;
- buffer->_fixed = 0;
- buffer->_data = LDNS_XMALLOC(uint8_t, size);
- if(!buffer->_data) {
- buffer->_status = LDNS_STATUS_MEM_ERR;
- return;
- }
- memcpy(buffer->_data, data, size);
- buffer->_status = LDNS_STATUS_OK;
-
- ldns_buffer_invariant(buffer);
-}
-
-bool
-ldns_buffer_set_capacity(ldns_buffer *buffer, size_t capacity)
-{
- void *data;
-
- ldns_buffer_invariant(buffer);
- assert(buffer->_position <= capacity);
-
- data = (uint8_t *) LDNS_XREALLOC(buffer->_data, uint8_t, capacity);
- if (!data) {
- buffer->_status = LDNS_STATUS_MEM_ERR;
- return false;
- } else {
- buffer->_data = data;
- buffer->_limit = buffer->_capacity = capacity;
- return true;
- }
-}
-
-bool
-ldns_buffer_reserve(ldns_buffer *buffer, size_t amount)
-{
- ldns_buffer_invariant(buffer);
- assert(!buffer->_fixed);
- if (buffer->_capacity < buffer->_position + amount) {
- size_t new_capacity = buffer->_capacity * 3 / 2;
-
- if (new_capacity < buffer->_position + amount) {
- new_capacity = buffer->_position + amount;
- }
- if (!ldns_buffer_set_capacity(buffer, new_capacity)) {
- buffer->_status = LDNS_STATUS_MEM_ERR;
- return false;
- }
- }
- buffer->_limit = buffer->_capacity;
- return true;
-}
-
-int
-ldns_buffer_printf(ldns_buffer *buffer, const char *format, ...)
-{
- va_list args;
- int written = 0;
- size_t remaining;
-
- if (ldns_buffer_status_ok(buffer)) {
- ldns_buffer_invariant(buffer);
- assert(buffer->_limit == buffer->_capacity);
-
- remaining = ldns_buffer_remaining(buffer);
- va_start(args, format);
- written = vsnprintf((char *) ldns_buffer_current(buffer), remaining,
- format, args);
- va_end(args);
- if (written == -1) {
- buffer->_status = LDNS_STATUS_INTERNAL_ERR;
- return -1;
- } else if ((size_t) written >= remaining) {
- if (!ldns_buffer_reserve(buffer, (size_t) written + 1)) {
- buffer->_status = LDNS_STATUS_MEM_ERR;
- return -1;
- }
- va_start(args, format);
- written = vsnprintf((char *) ldns_buffer_current(buffer),
- ldns_buffer_remaining(buffer), format, args);
- va_end(args);
- if (written == -1) {
- buffer->_status = LDNS_STATUS_INTERNAL_ERR;
- return -1;
- }
- }
- buffer->_position += written;
- }
- return written;
-}
-
-void
-ldns_buffer_free(ldns_buffer *buffer)
-{
- if (!buffer) {
- return;
- }
-
- LDNS_FREE(buffer->_data);
-
- LDNS_FREE(buffer);
-}
-
-void *
-ldns_buffer_export(ldns_buffer *buffer)
-{
- buffer->_fixed = 1;
- return buffer->_data;
-}
-
-int
-ldns_bgetc(ldns_buffer *buffer)
-{
- if (!ldns_buffer_available_at(buffer, buffer->_position, sizeof(uint8_t))) {
- ldns_buffer_set_position(buffer, ldns_buffer_limit(buffer));
- /* ldns_buffer_rewind(buffer);*/
- return EOF;
- }
- return (int)ldns_buffer_read_u8(buffer);
-}
-
-void
-ldns_buffer_copy(ldns_buffer* result, ldns_buffer* from)
-{
- size_t tocopy = ldns_buffer_limit(from);
-
- if(tocopy > ldns_buffer_capacity(result))
- tocopy = ldns_buffer_capacity(result);
- ldns_buffer_clear(result);
- ldns_buffer_write(result, ldns_buffer_begin(from), tocopy);
- ldns_buffer_flip(result);
-}
+++ /dev/null
-/*
- * Copyright (c) 1996, 1998 by Internet Software Consortium.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
- * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
- * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
- * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
- * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
- * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
- * SOFTWARE.
- */
-
-/*
- * Portions Copyright (c) 1995 by International Business Machines, Inc.
- *
- * International Business Machines, Inc. (hereinafter called IBM) grants
- * permission under its copyrights to use, copy, modify, and distribute this
- * Software with or without fee, provided that the above copyright notice and
- * all paragraphs of this notice appear in all copies, and that the name of IBM
- * not be used in connection with the marketing of any product incorporating
- * the Software or modifications thereof, without specific, written prior
- * permission.
- *
- * To the extent it has a right to do so, IBM grants an immunity from suit
- * under its patents, if any, for the use, sale or manufacture of products to
- * the extent that such products are used for performing Domain Name System
- * dynamic updates in TCP/IP networks by means of the Software. No immunity is
- * granted for any product per se or for any other function of any product.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES,
- * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL,
- * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING
- * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
- * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
- */
-#include <ldns/config.h>
-
-#include <sys/types.h>
-#ifndef _MSC_VER
-#include <sys/param.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-
-#include <ctype.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <assert.h>
-
-static const char Base32[] =
- "abcdefghijklmnopqrstuvwxyz234567";
-/* "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567";*/
-/* 00000000001111111111222222222233
- 01234567890123456789012345678901*/
-static const char Base32_extended_hex[] =
-/* "0123456789ABCDEFGHIJKLMNOPQRSTUV";*/
- "0123456789abcdefghijklmnopqrstuv";
-static const char Pad32 = '=';
-
-/* (From RFC3548 and draft-josefsson-rfc3548bis-00.txt)
-5. Base 32 Encoding
-
- The Base 32 encoding is designed to represent arbitrary sequences of
- octets in a form that needs to be case insensitive but need not be
- humanly readable.
-
- A 33-character subset of US-ASCII is used, enabling 5 bits to be
- represented per printable character. (The extra 33rd character, "=",
- is used to signify a special processing function.)
-
- The encoding process represents 40-bit groups of input bits as output
- strings of 8 encoded characters. Proceeding from left to right, a
- 40-bit input group is formed by concatenating 5 8bit input groups.
- These 40 bits are then treated as 8 concatenated 5-bit groups, each
- of which is translated into a single digit in the base 32 alphabet.
- When encoding a bit stream via the base 32 encoding, the bit stream
- must be presumed to be ordered with the most-significant-bit first.
- That is, the first bit in the stream will be the high-order bit in
- the first 8bit byte, and the eighth bit will be the low-order bit in
- the first 8bit byte, and so on.
-
- Each 5-bit group is used as an index into an array of 32 printable
- characters. The character referenced by the index is placed in the
- output string. These characters, identified in Table 3, below, are
- selected from US-ASCII digits and uppercase letters.
-
- Table 3: The Base 32 Alphabet
-
- Value Encoding Value Encoding Value Encoding Value Encoding
- 0 A 9 J 18 S 27 3
- 1 B 10 K 19 T 28 4
- 2 C 11 L 20 U 29 5
- 3 D 12 M 21 V 30 6
- 4 E 13 N 22 W 31 7
- 5 F 14 O 23 X
- 6 G 15 P 24 Y (pad) =
- 7 H 16 Q 25 Z
- 8 I 17 R 26 2
-
-
- Special processing is performed if fewer than 40 bits are available
- at the end of the data being encoded. A full encoding quantum is
- always completed at the end of a body. When fewer than 40 input bits
- are available in an input group, zero bits are added (on the right)
- to form an integral number of 5-bit groups. Padding at the end of
- the data is performed using the "=" character. Since all base 32
- input is an integral number of octets, only the following cases can
- arise:
-
- (1) the final quantum of encoding input is an integral multiple of 40
- bits; here, the final unit of encoded output will be an integral
- multiple of 8 characters with no "=" padding,
-
- (2) the final quantum of encoding input is exactly 8 bits; here, the
- final unit of encoded output will be two characters followed by six
- "=" padding characters,
-
- (3) the final quantum of encoding input is exactly 16 bits; here, the
- final unit of encoded output will be four characters followed by four
- "=" padding characters,
-
- (4) the final quantum of encoding input is exactly 24 bits; here, the
- final unit of encoded output will be five characters followed by
- three "=" padding characters, or
-
- (5) the final quantum of encoding input is exactly 32 bits; here, the
- final unit of encoded output will be seven characters followed by one
- "=" padding character.
-
-
-6. Base 32 Encoding with Extended Hex Alphabet
-
- The following description of base 32 is due to [7]. This encoding
- should not be regarded as the same as the "base32" encoding, and
- should not be referred to as only "base32".
-
- One property with this alphabet, that the base64 and base32 alphabet
- lack, is that encoded data maintain its sort order when the encoded
- data is compared bit-wise.
-
- This encoding is identical to the previous one, except for the
- alphabet. The new alphabet is found in table 4.
-
- Table 4: The "Extended Hex" Base 32 Alphabet
-
- Value Encoding Value Encoding Value Encoding Value Encoding
- 0 0 9 9 18 I 27 R
- 1 1 10 A 19 J 28 S
- 2 2 11 B 20 K 29 T
- 3 3 12 C 21 L 30 U
- 4 4 13 D 22 M 31 V
- 5 5 14 E 23 N
- 6 6 15 F 24 O (pad) =
- 7 7 16 G 25 P
- 8 8 17 H 26 Q
-
-*/
-
-
-int
-ldns_b32_ntop_ar(uint8_t const *src, size_t srclength, char *target, size_t targsize, const char B32_ar[]) {
- size_t datalength = 0;
- uint8_t input[5];
- uint8_t output[8];
- size_t i;
- memset(output, 0, 8);
-
- while (4 < srclength) {
- input[0] = *src++;
- input[1] = *src++;
- input[2] = *src++;
- input[3] = *src++;
- input[4] = *src++;
- srclength -= 5;
-
- output[0] = (input[0] & 0xf8) >> 3;
- output[1] = ((input[0] & 0x07) << 2) + ((input[1] & 0xc0) >> 6);
- output[2] = (input[1] & 0x3e) >> 1;
- output[3] = ((input[1] & 0x01) << 4) + ((input[2] & 0xf0) >> 4);
- output[4] = ((input[2] & 0x0f) << 1) + ((input[3] & 0x80) >> 7);
- output[5] = (input[3] & 0x7c) >> 2;
- output[6] = ((input[3] & 0x03) << 3) + ((input[4] & 0xe0) >> 5);
- output[7] = (input[4] & 0x1f);
-
- assert(output[0] < 32);
- assert(output[1] < 32);
- assert(output[2] < 32);
- assert(output[3] < 32);
- assert(output[4] < 32);
- assert(output[5] < 32);
- assert(output[6] < 32);
- assert(output[7] < 32);
-
- if (datalength + 8 > targsize) {
- return (-1);
- }
- target[datalength++] = B32_ar[output[0]];
- target[datalength++] = B32_ar[output[1]];
- target[datalength++] = B32_ar[output[2]];
- target[datalength++] = B32_ar[output[3]];
- target[datalength++] = B32_ar[output[4]];
- target[datalength++] = B32_ar[output[5]];
- target[datalength++] = B32_ar[output[6]];
- target[datalength++] = B32_ar[output[7]];
- }
-
- /* Now we worry about padding. */
- if (0 != srclength) {
- /* Get what's left. */
- input[0] = input[1] = input[2] = input[3] = input[4] = (uint8_t) '\0';
- for (i = 0; i < srclength; i++)
- input[i] = *src++;
-
- output[0] = (input[0] & 0xf8) >> 3;
- assert(output[0] < 32);
- if (srclength >= 1) {
- output[1] = ((input[0] & 0x07) << 2) + ((input[1] & 0xc0) >> 6);
- assert(output[1] < 32);
- output[2] = (input[1] & 0x3e) >> 1;
- assert(output[2] < 32);
- }
- if (srclength >= 2) {
- output[3] = ((input[1] & 0x01) << 4) + ((input[2] & 0xf0) >> 4);
- assert(output[3] < 32);
- }
- if (srclength >= 3) {
- output[4] = ((input[2] & 0x0f) << 1) + ((input[3] & 0x80) >> 7);
- assert(output[4] < 32);
- output[5] = (input[3] & 0x7c) >> 2;
- assert(output[5] < 32);
- }
- if (srclength >= 4) {
- output[6] = ((input[3] & 0x03) << 3) + ((input[4] & 0xe0) >> 5);
- assert(output[6] < 32);
- }
-
-
- if (datalength + 1 > targsize) {
- return (-2);
- }
- target[datalength++] = B32_ar[output[0]];
- if (srclength >= 1) {
- if (datalength + 1 > targsize) { return (-2); }
- target[datalength++] = B32_ar[output[1]];
- if (srclength == 1 && output[2] == 0) {
- if (datalength + 1 > targsize) { return (-2); }
- target[datalength++] = Pad32;
- } else {
- if (datalength + 1 > targsize) { return (-2); }
- target[datalength++] = B32_ar[output[2]];
- }
- } else {
- if (datalength + 1 > targsize) { return (-2); }
- target[datalength++] = Pad32;
- if (datalength + 1 > targsize) { return (-2); }
- target[datalength++] = Pad32;
- }
- if (srclength >= 2) {
- if (datalength + 1 > targsize) { return (-2); }
- target[datalength++] = B32_ar[output[3]];
- } else {
- if (datalength + 1 > targsize) { return (-2); }
- target[datalength++] = Pad32;
- }
- if (srclength >= 3) {
- if (datalength + 1 > targsize) { return (-2); }
- target[datalength++] = B32_ar[output[4]];
- if (srclength == 3 && output[5] == 0) {
- if (datalength + 1 > targsize) { return (-2); }
- target[datalength++] = Pad32;
- } else {
- if (datalength + 1 > targsize) { return (-2); }
- target[datalength++] = B32_ar[output[5]];
- }
- } else {
- if (datalength + 1 > targsize) { return (-2); }
- target[datalength++] = Pad32;
- if (datalength + 1 > targsize) { return (-2); }
- target[datalength++] = Pad32;
- }
- if (srclength >= 4) {
- if (datalength + 1 > targsize) { return (-2); }
- target[datalength++] = B32_ar[output[6]];
- } else {
- if (datalength + 1 > targsize) { return (-2); }
- target[datalength++] = Pad32;
- }
- if (datalength + 1 > targsize) { return (-2); }
- target[datalength++] = Pad32;
- }
- if (datalength+1 > targsize) {
- return (int) (datalength);
- }
- target[datalength] = '\0'; /* Returned value doesn't count \0. */
- return (int) (datalength);
-}
-
-int
-ldns_b32_ntop(uint8_t const *src, size_t srclength, char *target, size_t targsize) {
- return ldns_b32_ntop_ar(src, srclength, target, targsize, Base32);
-}
-
-/* deprecated, here for backwards compatibility */
-int
-b32_ntop(uint8_t const *src, size_t srclength, char *target, size_t targsize) {
- return ldns_b32_ntop_ar(src, srclength, target, targsize, Base32);
-}
-
-int
-ldns_b32_ntop_extended_hex(uint8_t const *src, size_t srclength, char *target, size_t targsize) {
- return ldns_b32_ntop_ar(src, srclength, target, targsize, Base32_extended_hex);
-}
-
-/* deprecated, here for backwards compatibility */
-int
-b32_ntop_extended_hex(uint8_t const *src, size_t srclength, char *target, size_t targsize) {
- return ldns_b32_ntop_ar(src, srclength, target, targsize, Base32_extended_hex);
-}
-
+++ /dev/null
-/*
- * Copyright (c) 1996, 1998 by Internet Software Consortium.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
- * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
- * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
- * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
- * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
- * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
- * SOFTWARE.
- */
-
-/*
- * Portions Copyright (c) 1995 by International Business Machines, Inc.
- *
- * International Business Machines, Inc. (hereinafter called IBM) grants
- * permission under its copyrights to use, copy, modify, and distribute this
- * Software with or without fee, provided that the above copyright notice and
- * all paragraphs of this notice appear in all copies, and that the name of IBM
- * not be used in connection with the marketing of any product incorporating
- * the Software or modifications thereof, without specific, written prior
- * permission.
- *
- * To the extent it has a right to do so, IBM grants an immunity from suit
- * under its patents, if any, for the use, sale or manufacture of products to
- * the extent that such products are used for performing Domain Name System
- * dynamic updates in TCP/IP networks by means of the Software. No immunity is
- * granted for any product per se or for any other function of any product.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES,
- * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL,
- * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING
- * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
- * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
- */
-#include <ldns/config.h>
-
-#include <sys/types.h>
-#ifndef _MSC_VER
-#include <sys/param.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-
-#include <ctype.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-/* "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567";*/
-static const char Base32[] =
- "abcdefghijklmnopqrstuvwxyz234567";
-/* "0123456789ABCDEFGHIJKLMNOPQRSTUV";*/
-static const char Base32_extended_hex[] =
- "0123456789abcdefghijklmnopqrstuv";
-static const char Pad32 = '=';
-
-/* (From RFC1521 and draft-ietf-dnssec-secext-03.txt)
-5. Base 32 Encoding
-
- The Base 32 encoding is designed to represent arbitrary sequences of
- octets in a form that needs to be case insensitive but need not be
- humanly readable.
-
- A 33-character subset of US-ASCII is used, enabling 5 bits to be
- represented per printable character. (The extra 33rd character, "=",
- is used to signify a special processing function.)
-
- The encoding process represents 40-bit groups of input bits as output
- strings of 8 encoded characters. Proceeding from left to right, a
- 40-bit input group is formed by concatenating 5 8bit input groups.
- These 40 bits are then treated as 8 concatenated 5-bit groups, each
- of which is translated into a single digit in the base 32 alphabet.
- When encoding a bit stream via the base 32 encoding, the bit stream
- must be presumed to be ordered with the most-significant-bit first.
- That is, the first bit in the stream will be the high-order bit in
- the first 8bit byte, and the eighth bit will be the low-order bit in
- the first 8bit byte, and so on.
-
- Each 5-bit group is used as an index into an array of 32 printable
- characters. The character referenced by the index is placed in the
- output string. These characters, identified in Table 3, below, are
- selected from US-ASCII digits and uppercase letters.
-
- Table 3: The Base 32 Alphabet
-
- Value Encoding Value Encoding Value Encoding Value Encoding
- 0 A 9 J 18 S 27 3
- 1 B 10 K 19 T 28 4
- 2 C 11 L 20 U 29 5
- 3 D 12 M 21 V 30 6
- 4 E 13 N 22 W 31 7
- 5 F 14 O 23 X
- 6 G 15 P 24 Y (pad) =
- 7 H 16 Q 25 Z
- 8 I 17 R 26 2
-
-
- Special processing is performed if fewer than 40 bits are available
- at the end of the data being encoded. A full encoding quantum is
- always completed at the end of a body. When fewer than 40 input bits
- are available in an input group, zero bits are added (on the right)
- to form an integral number of 5-bit groups. Padding at the end of
- the data is performed using the "=" character. Since all base 32
- input is an integral number of octets, only the following cases can
- arise:
-
- (1) the final quantum of encoding input is an integral multiple of 40
- bits; here, the final unit of encoded output will be an integral
- multiple of 8 characters with no "=" padding,
-
- (2) the final quantum of encoding input is exactly 8 bits; here, the
- final unit of encoded output will be two characters followed by six
- "=" padding characters,
-
- (3) the final quantum of encoding input is exactly 16 bits; here, the
- final unit of encoded output will be four characters followed by four
- "=" padding characters,
-
- (4) the final quantum of encoding input is exactly 24 bits; here, the
- final unit of encoded output will be five characters followed by
- three "=" padding characters, or
-
- (5) the final quantum of encoding input is exactly 32 bits; here, the
- final unit of encoded output will be seven characters followed by one
- "=" padding character.
-
-
-6. Base 32 Encoding with Extended Hex Alphabet
-
- The following description of base 32 is due to [7]. This encoding
- should not be regarded as the same as the "base32" encoding, and
- should not be referred to as only "base32".
-
- One property with this alphabet, that the base32 and base32 alphabet
- lack, is that encoded data maintain its sort order when the encoded
- data is compared bit-wise.
-
- This encoding is identical to the previous one, except for the
- alphabet. The new alphabet is found in table 4.
-
- Table 4: The "Extended Hex" Base 32 Alphabet
-
- Value Encoding Value Encoding Value Encoding Value Encoding
- 0 0 9 9 18 I 27 R
- 1 1 10 A 19 J 28 S
- 2 2 11 B 20 K 29 T
- 3 3 12 C 21 L 30 U
- 4 4 13 D 22 M 31 V
- 5 5 14 E 23 N
- 6 6 15 F 24 O (pad) =
- 7 7 16 G 25 P
- 8 8 17 H 26 Q
-
-
-
-
-*/
-/* skips all whitespace anywhere.
- converts characters, four at a time, starting at (or after)
- src from base - 32 numbers into three 8 bit bytes in the target area.
- it returns the number of data bytes stored at the target, or -1 on error.
- */
-
-int
-ldns_b32_pton_ar(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize, const char B32_ar[])
-{
- int tarindex, state, ch;
- char *pos;
- int i = 0;
-
- state = 0;
- tarindex = 0;
-
- while ((ch = *src++) != '\0' && (i == 0 || i < (int) hashed_owner_str_len)) {
- i++;
- ch = tolower(ch);
- if (isspace((unsigned char)ch)) /* Skip whitespace anywhere. */
- continue;
-
- if (ch == Pad32)
- break;
-
- pos = strchr(B32_ar, ch);
- if (pos == 0) {
- /* A non-base32 character. */
- return (-ch);
- }
-
- switch (state) {
- case 0:
- if (target) {
- if ((size_t)tarindex >= targsize) {
- return (-2);
- }
- target[tarindex] = (pos - B32_ar) << 3;
- }
- state = 1;
- break;
- case 1:
- if (target) {
- if ((size_t)tarindex + 1 >= targsize) {
- return (-3);
- }
- target[tarindex] |= (pos - B32_ar) >> 2;
- target[tarindex+1] = ((pos - B32_ar) & 0x03)
- << 6 ;
- }
- tarindex++;
- state = 2;
- break;
- case 2:
- if (target) {
- if ((size_t)tarindex + 1 >= targsize) {
- return (-4);
- }
- target[tarindex] |= (pos - B32_ar) << 1;
- }
- /*tarindex++;*/
- state = 3;
- break;
- case 3:
- if (target) {
- if ((size_t)tarindex + 1 >= targsize) {
- return (-5);
- }
- target[tarindex] |= (pos - B32_ar) >> 4;
- target[tarindex+1] = ((pos - B32_ar) & 0x0f) << 4 ;
- }
- tarindex++;
- state = 4;
- break;
- case 4:
- if (target) {
- if ((size_t)tarindex + 1 >= targsize) {
- return (-6);
- }
- target[tarindex] |= (pos - B32_ar) >> 1;
- target[tarindex+1] = ((pos - B32_ar) & 0x01)
- << 7 ;
- }
- tarindex++;
- state = 5;
- break;
- case 5:
- if (target) {
- if ((size_t)tarindex + 1 >= targsize) {
- return (-7);
- }
- target[tarindex] |= (pos - B32_ar) << 2;
- }
- state = 6;
- break;
- case 6:
- if (target) {
- if ((size_t)tarindex + 1 >= targsize) {
- return (-8);
- }
- target[tarindex] |= (pos - B32_ar) >> 3;
- target[tarindex+1] = ((pos - B32_ar) & 0x07)
- << 5 ;
- }
- tarindex++;
- state = 7;
- break;
- case 7:
- if (target) {
- if ((size_t)tarindex + 1 >= targsize) {
- return (-9);
- }
- target[tarindex] |= (pos - B32_ar);
- }
- tarindex++;
- state = 0;
- break;
- default:
- abort();
- }
- }
-
- /*
- * We are done decoding Base-32 chars. Let's see if we ended
- * on a byte boundary, and/or with erroneous trailing characters.
- */
-
- if (ch == Pad32) { /* We got a pad char. */
- ch = *src++; /* Skip it, get next. */
- switch (state) {
- case 0: /* Invalid = in first position */
- case 1: /* Invalid = in second position */
- return (-10);
-
- case 2: /* Valid, means one byte of info */
- case 3:
- /* Skip any number of spaces. */
- for ((void)NULL; ch != '\0'; ch = *src++)
- if (!isspace((unsigned char)ch))
- break;
- /* Make sure there is another trailing = sign. */
- if (ch != Pad32) {
- return (-11);
- }
- ch = *src++; /* Skip the = */
- /* Fall through to "single trailing =" case. */
- /* FALLTHROUGH */
-
- case 4: /* Valid, means two bytes of info */
- case 5:
- case 6:
- /*
- * We know this char is an =. Is there anything but
- * whitespace after it?
- */
- for ((void)NULL; ch != '\0'; ch = *src++)
- if (!(isspace((unsigned char)ch) || ch == '=')) {
- return (-12);
- }
-
- case 7: /* Valid, means three bytes of info */
- /*
- * We know this char is an =. Is there anything but
- * whitespace after it?
- */
- for ((void)NULL; ch != '\0'; ch = *src++)
- if (!isspace((unsigned char)ch)) {
- return (-13);
- }
-
- /*
- * Now make sure for cases 2 and 3 that the "extra"
- * bits that slopped past the last full byte were
- * zeros. If we don't check them, they become a
- * subliminal channel.
- */
- if (target && target[tarindex] != 0) {
- return (-14);
- }
- }
- } else {
- /*
- * We ended by seeing the end of the string. Make sure we
- * have no partial bytes lying around.
- */
- if (state != 0)
- return (-15);
- }
-
- return (tarindex);
-}
-
-int
-ldns_b32_pton(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize)
-{
- return ldns_b32_pton_ar(src, hashed_owner_str_len, target, targsize, Base32);
-}
-
-/* deprecated, here for backwards compatibility */
-int
-b32_pton(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize)
-{
- return ldns_b32_pton_ar(src, hashed_owner_str_len, target, targsize, Base32);
-}
-
-int
-ldns_b32_pton_extended_hex(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize)
-{
- return ldns_b32_pton_ar(src, hashed_owner_str_len, target, targsize, Base32_extended_hex);
-}
-
-/* deprecated, here for backwards compatibility */
-int
-b32_pton_extended_hex(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize)
-{
- return ldns_b32_pton_ar(src, hashed_owner_str_len, target, targsize, Base32_extended_hex);
-}
+++ /dev/null
-/*
- * Copyright (c) 1996, 1998 by Internet Software Consortium.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
- * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
- * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
- * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
- * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
- * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
- * SOFTWARE.
- */
-
-/*
- * Portions Copyright (c) 1995 by International Business Machines, Inc.
- *
- * International Business Machines, Inc. (hereinafter called IBM) grants
- * permission under its copyrights to use, copy, modify, and distribute this
- * Software with or without fee, provided that the above copyright notice and
- * all paragraphs of this notice appear in all copies, and that the name of IBM
- * not be used in connection with the marketing of any product incorporating
- * the Software or modifications thereof, without specific, written prior
- * permission.
- *
- * To the extent it has a right to do so, IBM grants an immunity from suit
- * under its patents, if any, for the use, sale or manufacture of products to
- * the extent that such products are used for performing Domain Name System
- * dynamic updates in TCP/IP networks by means of the Software. No immunity is
- * granted for any product per se or for any other function of any product.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES,
- * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL,
- * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING
- * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
- * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
- */
-#include <ldns/config.h>
-
-#include <sys/types.h>
-#ifndef _MSC_VER
-#include <sys/param.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-
-#include <ctype.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#define Assert(Cond) if (!(Cond)) abort()
-
-static const char Base64[] =
- "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
-static const char Pad64 = '=';
-
-/* (From RFC1521 and draft-ietf-dnssec-secext-03.txt)
- The following encoding technique is taken from RFC 1521 by Borenstein
- and Freed. It is reproduced here in a slightly edited form for
- convenience.
-
- A 65-character subset of US-ASCII is used, enabling 6 bits to be
- represented per printable character. (The extra 65th character, "=",
- is used to signify a special processing function.)
-
- The encoding process represents 24-bit groups of input bits as output
- strings of 4 encoded characters. Proceeding from left to right, a
- 24-bit input group is formed by concatenating 3 8-bit input groups.
- These 24 bits are then treated as 4 concatenated 6-bit groups, each
- of which is translated into a single digit in the base64 alphabet.
-
- Each 6-bit group is used as an index into an array of 64 printable
- characters. The character referenced by the index is placed in the
- output string.
-
- Table 1: The Base64 Alphabet
-
- Value Encoding Value Encoding Value Encoding Value Encoding
- 0 A 17 R 34 i 51 z
- 1 B 18 S 35 j 52 0
- 2 C 19 T 36 k 53 1
- 3 D 20 U 37 l 54 2
- 4 E 21 V 38 m 55 3
- 5 F 22 W 39 n 56 4
- 6 G 23 X 40 o 57 5
- 7 H 24 Y 41 p 58 6
- 8 I 25 Z 42 q 59 7
- 9 J 26 a 43 r 60 8
- 10 K 27 b 44 s 61 9
- 11 L 28 c 45 t 62 +
- 12 M 29 d 46 u 63 /
- 13 N 30 e 47 v
- 14 O 31 f 48 w (pad) =
- 15 P 32 g 49 x
- 16 Q 33 h 50 y
-
- Special processing is performed if fewer than 24 bits are available
- at the end of the data being encoded. A full encoding quantum is
- always completed at the end of a quantity. When fewer than 24 input
- bits are available in an input group, zero bits are added (on the
- right) to form an integral number of 6-bit groups. Padding at the
- end of the data is performed using the '=' character.
-
- Since all base64 input is an integral number of octets, only the
- -------------------------------------------------
- following cases can arise:
-
- (1) the final quantum of encoding input is an integral
- multiple of 24 bits; here, the final unit of encoded
- output will be an integral multiple of 4 characters
- with no "=" padding,
- (2) the final quantum of encoding input is exactly 8 bits;
- here, the final unit of encoded output will be two
- characters followed by two "=" padding characters, or
- (3) the final quantum of encoding input is exactly 16 bits;
- here, the final unit of encoded output will be three
- characters followed by one "=" padding character.
- */
-
-int
-ldns_b64_ntop(uint8_t const *src, size_t srclength, char *target, size_t targsize) {
- size_t datalength = 0;
- uint8_t input[3];
- uint8_t output[4];
- size_t i;
-
- if (srclength == 0) {
- if (targsize > 0) {
- target[0] = '\0';
- return 0;
- } else {
- return -1;
- }
- }
-
- while (2 < srclength) {
- input[0] = *src++;
- input[1] = *src++;
- input[2] = *src++;
- srclength -= 3;
-
- output[0] = input[0] >> 2;
- output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4);
- output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6);
- output[3] = input[2] & 0x3f;
- Assert(output[0] < 64);
- Assert(output[1] < 64);
- Assert(output[2] < 64);
- Assert(output[3] < 64);
-
- if (datalength + 4 > targsize) {
- return (-1);
- }
- target[datalength++] = Base64[output[0]];
- target[datalength++] = Base64[output[1]];
- target[datalength++] = Base64[output[2]];
- target[datalength++] = Base64[output[3]];
- }
-
- /* Now we worry about padding. */
- if (0 != srclength) {
- /* Get what's left. */
- input[0] = input[1] = input[2] = (uint8_t) '\0';
- for (i = 0; i < srclength; i++)
- input[i] = *src++;
-
- output[0] = input[0] >> 2;
- output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4);
- output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6);
- Assert(output[0] < 64);
- Assert(output[1] < 64);
- Assert(output[2] < 64);
-
- if (datalength + 4 > targsize) {
- return (-2);
- }
- target[datalength++] = Base64[output[0]];
- target[datalength++] = Base64[output[1]];
- if (srclength == 1) {
- target[datalength++] = Pad64;
- } else {
- target[datalength++] = Base64[output[2]];
- }
- target[datalength++] = Pad64;
- }
- if (datalength >= targsize) {
- return (-3);
- }
- target[datalength] = '\0'; /* Returned value doesn't count \0. */
- return (int) (datalength);
-}
+++ /dev/null
-/*
- * Copyright (c) 1996, 1998 by Internet Software Consortium.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
- * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
- * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
- * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
- * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
- * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
- * SOFTWARE.
- */
-
-/*
- * Portions Copyright (c) 1995 by International Business Machines, Inc.
- *
- * International Business Machines, Inc. (hereinafter called IBM) grants
- * permission under its copyrights to use, copy, modify, and distribute this
- * Software with or without fee, provided that the above copyright notice and
- * all paragraphs of this notice appear in all copies, and that the name of IBM
- * not be used in connection with the marketing of any product incorporating
- * the Software or modifications thereof, without specific, written prior
- * permission.
- *
- * To the extent it has a right to do so, IBM grants an immunity from suit
- * under its patents, if any, for the use, sale or manufacture of products to
- * the extent that such products are used for performing Domain Name System
- * dynamic updates in TCP/IP networks by means of the Software. No immunity is
- * granted for any product per se or for any other function of any product.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES,
- * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE. IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL,
- * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING
- * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
- * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
- */
-#include <ldns/config.h>
-
-#include <sys/types.h>
-#ifndef _MSC_VER
-#include <sys/param.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-
-#include <ctype.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#define Assert(Cond) if (!(Cond)) abort()
-
-static const char Base64[] =
- "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
-static const char Pad64 = '=';
-
-/* (From RFC1521 and draft-ietf-dnssec-secext-03.txt)
- The following encoding technique is taken from RFC 1521 by Borenstein
- and Freed. It is reproduced here in a slightly edited form for
- convenience.
-
- A 65-character subset of US-ASCII is used, enabling 6 bits to be
- represented per printable character. (The extra 65th character, "=",
- is used to signify a special processing function.)
-
- The encoding process represents 24-bit groups of input bits as output
- strings of 4 encoded characters. Proceeding from left to right, a
- 24-bit input group is formed by concatenating 3 8-bit input groups.
- These 24 bits are then treated as 4 concatenated 6-bit groups, each
- of which is translated into a single digit in the base64 alphabet.
-
- Each 6-bit group is used as an index into an array of 64 printable
- characters. The character referenced by the index is placed in the
- output string.
-
- Table 1: The Base64 Alphabet
-
- Value Encoding Value Encoding Value Encoding Value Encoding
- 0 A 17 R 34 i 51 z
- 1 B 18 S 35 j 52 0
- 2 C 19 T 36 k 53 1
- 3 D 20 U 37 l 54 2
- 4 E 21 V 38 m 55 3
- 5 F 22 W 39 n 56 4
- 6 G 23 X 40 o 57 5
- 7 H 24 Y 41 p 58 6
- 8 I 25 Z 42 q 59 7
- 9 J 26 a 43 r 60 8
- 10 K 27 b 44 s 61 9
- 11 L 28 c 45 t 62 +
- 12 M 29 d 46 u 63 /
- 13 N 30 e 47 v
- 14 O 31 f 48 w (pad) =
- 15 P 32 g 49 x
- 16 Q 33 h 50 y
-
- Special processing is performed if fewer than 24 bits are available
- at the end of the data being encoded. A full encoding quantum is
- always completed at the end of a quantity. When fewer than 24 input
- bits are available in an input group, zero bits are added (on the
- right) to form an integral number of 6-bit groups. Padding at the
- end of the data is performed using the '=' character.
-
- Since all base64 input is an integral number of octets, only the
- -------------------------------------------------
- following cases can arise:
-
- (1) the final quantum of encoding input is an integral
- multiple of 24 bits; here, the final unit of encoded
- output will be an integral multiple of 4 characters
- with no "=" padding,
- (2) the final quantum of encoding input is exactly 8 bits;
- here, the final unit of encoded output will be two
- characters followed by two "=" padding characters, or
- (3) the final quantum of encoding input is exactly 16 bits;
- here, the final unit of encoded output will be three
- characters followed by one "=" padding character.
- */
-
-/* skips all whitespace anywhere.
- converts characters, four at a time, starting at (or after)
- src from base - 64 numbers into three 8 bit bytes in the target area.
- it returns the number of data bytes stored at the target, or -1 on error.
- */
-
-int
-ldns_b64_pton(char const *src, uint8_t *target, size_t targsize)
-{
- int tarindex, state, ch;
- char *pos;
-
- state = 0;
- tarindex = 0;
-
- if (strlen(src) == 0) {
- return 0;
- }
-
- while ((ch = *src++) != '\0') {
- if (isspace((unsigned char)ch)) /* Skip whitespace anywhere. */
- continue;
-
- if (ch == Pad64)
- break;
-
- pos = strchr(Base64, ch);
- if (pos == 0) {
- /* A non-base64 character. */
- return (-1);
- }
-
- switch (state) {
- case 0:
- if (target) {
- if ((size_t)tarindex >= targsize)
- return (-1);
- target[tarindex] = (pos - Base64) << 2;
- }
- state = 1;
- break;
- case 1:
- if (target) {
- if ((size_t)tarindex + 1 >= targsize)
- return (-1);
- target[tarindex] |= (pos - Base64) >> 4;
- target[tarindex+1] = ((pos - Base64) & 0x0f)
- << 4 ;
- }
- tarindex++;
- state = 2;
- break;
- case 2:
- if (target) {
- if ((size_t)tarindex + 1 >= targsize)
- return (-1);
- target[tarindex] |= (pos - Base64) >> 2;
- target[tarindex+1] = ((pos - Base64) & 0x03)
- << 6;
- }
- tarindex++;
- state = 3;
- break;
- case 3:
- if (target) {
- if ((size_t)tarindex >= targsize)
- return (-1);
- target[tarindex] |= (pos - Base64);
- }
- tarindex++;
- state = 0;
- break;
- default:
- abort();
- }
- }
-
- /*
- * We are done decoding Base-64 chars. Let's see if we ended
- * on a byte boundary, and/or with erroneous trailing characters.
- */
-
- if (ch == Pad64) { /* We got a pad char. */
- ch = *src++; /* Skip it, get next. */
- switch (state) {
- case 0: /* Invalid = in first position */
- case 1: /* Invalid = in second position */
- return (-1);
-
- case 2: /* Valid, means one byte of info */
- /* Skip any number of spaces. */
- for ((void)NULL; ch != '\0'; ch = *src++)
- if (!isspace((unsigned char)ch))
- break;
- /* Make sure there is another trailing = sign. */
- if (ch != Pad64)
- return (-1);
- ch = *src++; /* Skip the = */
- /* Fall through to "single trailing =" case. */
- /* FALLTHROUGH */
-
- case 3: /* Valid, means two bytes of info */
- /*
- * We know this char is an =. Is there anything but
- * whitespace after it?
- */
- for ((void)NULL; ch != '\0'; ch = *src++)
- if (!isspace((unsigned char)ch))
- return (-1);
-
- /*
- * Now make sure for cases 2 and 3 that the "extra"
- * bits that slopped past the last full byte were
- * zeros. If we don't check them, they become a
- * subliminal channel.
- */
- if (target && target[tarindex] != 0)
- return (-1);
- }
- } else {
- /*
- * We ended by seeing the end of the string. Make sure we
- * have no partial bytes lying around.
- */
- if (state != 0)
- return (-1);
- }
-
- return (tarindex);
-}
+++ /dev/null
-#ifdef HAVE_CONFIG_H
-#include <ldns/config.h>
-#endif
-
-#ifdef HAVE_TIME_H
-#include <time.h>
-#endif
-
-char *ctime_r(const time_t *timep, char *buf)
-{
- /* no thread safety. */
- char* result = ctime(timep);
- if(buf && result)
- strcpy(buf, result);
- return result;
-}
+++ /dev/null
-/* From openssh 4.3p2 filename openbsd-compat/fake-rfc2553.h */
-/*
- * Copyright (C) 2000-2003 Damien Miller. All rights reserved.
- * Copyright (C) 1999 WIDE Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the project nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/*
- * Pseudo-implementation of RFC2553 name / address resolution functions
- *
- * But these functions are not implemented correctly. The minimum subset
- * is implemented for ssh use only. For example, this routine assumes
- * that ai_family is AF_INET. Don't use it for another purpose.
- */
-
-#include <ldns/config.h>
-#include <ldns/common.h>
-#ifndef _MSC_VER
-#include <unistd.h>
-#endif
-#include <string.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include "compat/fake-rfc2553.h"
-
-#ifndef HAVE_GETNAMEINFO
-int getnameinfo(const struct sockaddr *sa, size_t ATTR_UNUSED(salen), char *host,
- size_t hostlen, char *serv, size_t servlen, int flags)
-{
- struct sockaddr_in *sin = (struct sockaddr_in *)sa;
- struct hostent *hp;
- char tmpserv[16];
-
- if (serv != NULL) {
- snprintf(tmpserv, sizeof(tmpserv), "%d", ntohs(sin->sin_port));
- if (strlcpy(serv, tmpserv, servlen) >= servlen)
- return (EAI_MEMORY);
- }
-
- if (host != NULL) {
- if (flags & NI_NUMERICHOST) {
- if (strlcpy(host, inet_ntoa(sin->sin_addr),
- hostlen) >= hostlen)
- return (EAI_MEMORY);
- else
- return (0);
- } else {
- hp = gethostbyaddr((char *)&sin->sin_addr,
- sizeof(struct in_addr), AF_INET);
- if (hp == NULL)
- return (EAI_NODATA);
-
- if (strlcpy(host, hp->h_name, hostlen) >= hostlen)
- return (EAI_MEMORY);
- else
- return (0);
- }
- }
- return (0);
-}
-#endif /* !HAVE_GETNAMEINFO */
-
-#ifndef HAVE_GAI_STRERROR
-#ifdef HAVE_CONST_GAI_STRERROR_PROTO
-const char *
-#else
-char *
-#endif
-gai_strerror(int err)
-{
- switch (err) {
- case EAI_NODATA:
- return ("no address associated with name");
- case EAI_MEMORY:
- return ("memory allocation failure.");
- case EAI_NONAME:
- return ("nodename nor servname provided, or not known");
- default:
- return ("unknown/invalid error.");
- }
-}
-#endif /* !HAVE_GAI_STRERROR */
-
-#ifndef HAVE_FREEADDRINFO
-void
-freeaddrinfo(struct addrinfo *ai)
-{
- struct addrinfo *next;
-
- for(; ai != NULL;) {
- next = ai->ai_next;
- free(ai);
- ai = next;
- }
-}
-#endif /* !HAVE_FREEADDRINFO */
-
-#ifndef HAVE_GETADDRINFO
-static struct
-addrinfo *malloc_ai(int port, u_long addr, const struct addrinfo *hints)
-{
- struct addrinfo *ai;
-
- ai = malloc(sizeof(*ai) + sizeof(struct sockaddr_in));
- if (ai == NULL)
- return (NULL);
-
- memset(ai, '\0', sizeof(*ai) + sizeof(struct sockaddr_in));
-
- ai->ai_addr = (struct sockaddr *)(ai + 1);
- /* XXX -- ssh doesn't use sa_len */
- ai->ai_addrlen = sizeof(struct sockaddr_in);
- ai->ai_addr->sa_family = ai->ai_family = AF_INET;
-
- ((struct sockaddr_in *)(ai)->ai_addr)->sin_port = port;
- ((struct sockaddr_in *)(ai)->ai_addr)->sin_addr.s_addr = addr;
-
- /* XXX: the following is not generally correct, but does what we want */
- if (hints->ai_socktype)
- ai->ai_socktype = hints->ai_socktype;
- else
- ai->ai_socktype = SOCK_STREAM;
-
- if (hints->ai_protocol)
- ai->ai_protocol = hints->ai_protocol;
-
- return (ai);
-}
-
-int
-getaddrinfo(const char *hostname, const char *servname,
- const struct addrinfo *hints, struct addrinfo **res)
-{
- struct hostent *hp;
- struct servent *sp;
- struct in_addr in;
- int i;
- long int port;
- u_long addr;
-
- port = 0;
- if (servname != NULL) {
- char *cp;
-
- port = strtol(servname, &cp, 10);
- if (port > 0 && port <= 65535 && *cp == '\0')
- port = htons(port);
- else if ((sp = getservbyname(servname, NULL)) != NULL)
- port = sp->s_port;
- else
- port = 0;
- }
-
- if (hints && hints->ai_flags & AI_PASSIVE) {
- addr = htonl(0x00000000);
- if (hostname && inet_aton(hostname, &in) != 0)
- addr = in.s_addr;
- *res = malloc_ai(port, addr, hints);
- if (*res == NULL)
- return (EAI_MEMORY);
- return (0);
- }
-
- if (!hostname) {
- *res = malloc_ai(port, htonl(0x7f000001), hints);
- if (*res == NULL)
- return (EAI_MEMORY);
- return (0);
- }
-
- if (inet_aton(hostname, &in)) {
- *res = malloc_ai(port, in.s_addr, hints);
- if (*res == NULL)
- return (EAI_MEMORY);
- return (0);
- }
-
- /* Don't try DNS if AI_NUMERICHOST is set */
- if (hints && hints->ai_flags & AI_NUMERICHOST)
- return (EAI_NONAME);
-
- hp = gethostbyname(hostname);
- if (hp && hp->h_name && hp->h_name[0] && hp->h_addr_list[0]) {
- struct addrinfo *cur, *prev;
-
- cur = prev = *res = NULL;
- for (i = 0; hp->h_addr_list[i]; i++) {
- struct in_addr *in = (struct in_addr *)hp->h_addr_list[i];
-
- cur = malloc_ai(port, in->s_addr, hints);
- if (cur == NULL) {
- if (*res != NULL)
- freeaddrinfo(*res);
- return (EAI_MEMORY);
- }
- if (prev)
- prev->ai_next = cur;
- else
- *res = cur;
-
- prev = cur;
- }
- return (0);
- }
-
- return (EAI_NODATA);
-}
-#endif /* !HAVE_GETADDRINFO */
+++ /dev/null
-/* From openssh 4.3p2 filename openbsd-compat/fake-rfc2553.h */
-/*
- * Copyright (C) 2000-2003 Damien Miller. All rights reserved.
- * Copyright (C) 1999 WIDE Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the project nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/*
- * Pseudo-implementation of RFC2553 name / address resolution functions
- *
- * But these functions are not implemented correctly. The minimum subset
- * is implemented for ssh use only. For example, this routine assumes
- * that ai_family is AF_INET. Don't use it for another purpose.
- */
-
-#ifndef _FAKE_RFC2553_H
-#define _FAKE_RFC2553_H
-
-#include <sys/types.h>
-#ifdef _MSC_VER
-#include <winsock2.h>
-#else
-#include <sys/socket.h>
-#include <netdb.h>
-#endif
-#include <limits.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*
- * First, socket and INET6 related definitions
- */
-#ifndef HAVE_STRUCT_SOCKADDR_STORAGE
-#ifndef _SS_MAXSIZE
-# define _SS_MAXSIZE 128 /* Implementation specific max size */
-# define _SS_PADSIZE (_SS_MAXSIZE - sizeof (struct sockaddr))
-struct sockaddr_storage {
- struct sockaddr ss_sa;
- char __ss_pad2[_SS_PADSIZE];
-};
-# define ss_family ss_sa.sa_family
-#endif /* _SS_MAXSIZE */
-#endif /* !HAVE_STRUCT_SOCKADDR_STORAGE */
-
-#ifndef IN6_IS_ADDR_LOOPBACK
-# define IN6_IS_ADDR_LOOPBACK(a) \
- (((uint32_t *)(a))[0] == 0 && ((uint32_t *)(a))[1] == 0 && \
- ((uint32_t *)(a))[2] == 0 && ((uint32_t *)(a))[3] == htonl(1))
-#endif /* !IN6_IS_ADDR_LOOPBACK */
-
-#ifndef HAVE_STRUCT_IN6_ADDR
-struct in6_addr {
- uint8_t s6_addr[16];
-};
-#endif /* !HAVE_STRUCT_IN6_ADDR */
-
-#ifndef HAVE_STRUCT_SOCKADDR_IN6
-struct sockaddr_in6 {
- unsigned short sin6_family;
- uint16_t sin6_port;
- uint32_t sin6_flowinfo;
- struct in6_addr sin6_addr;
-};
-#endif /* !HAVE_STRUCT_SOCKADDR_IN6 */
-
-#ifndef AF_INET6
-/* Define it to something that should never appear */
-#define AF_INET6 AF_MAX
-#endif
-
-/*
- * Next, RFC2553 name / address resolution API
- */
-
-#ifndef NI_NUMERICHOST
-# define NI_NUMERICHOST (1)
-#endif
-#ifndef NI_NAMEREQD
-# define NI_NAMEREQD (1<<1)
-#endif
-#ifndef NI_NUMERICSERV
-# define NI_NUMERICSERV (1<<2)
-#endif
-
-#ifndef AI_PASSIVE
-# define AI_PASSIVE (1)
-#endif
-#ifndef AI_CANONNAME
-# define AI_CANONNAME (1<<1)
-#endif
-#ifndef AI_NUMERICHOST
-# define AI_NUMERICHOST (1<<2)
-#endif
-
-#ifndef NI_MAXSERV
-# define NI_MAXSERV 32
-#endif /* !NI_MAXSERV */
-#ifndef NI_MAXHOST
-# define NI_MAXHOST 1025
-#endif /* !NI_MAXHOST */
-
-#ifndef INT_MAX
-#define INT_MAX 0xffffffff
-#endif
-
-#ifndef EAI_NODATA
-# define EAI_NODATA (INT_MAX - 1)
-#endif
-#ifndef EAI_MEMORY
-# define EAI_MEMORY (INT_MAX - 2)
-#endif
-#ifndef EAI_NONAME
-# define EAI_NONAME (INT_MAX - 3)
-#endif
-#ifndef EAI_SYSTEM
-# define EAI_SYSTEM (INT_MAX - 4)
-#endif
-
-#ifndef HAVE_STRUCT_ADDRINFO
-struct addrinfo {
- int ai_flags; /* AI_PASSIVE, AI_CANONNAME */
- int ai_family; /* PF_xxx */
- int ai_socktype; /* SOCK_xxx */
- int ai_protocol; /* 0 or IPPROTO_xxx for IPv4 and IPv6 */
- size_t ai_addrlen; /* length of ai_addr */
- char *ai_canonname; /* canonical name for hostname */
- struct sockaddr *ai_addr; /* binary address */
- struct addrinfo *ai_next; /* next structure in linked list */
-};
-#endif /* !HAVE_STRUCT_ADDRINFO */
-
-#ifndef HAVE_GETADDRINFO
-#ifdef getaddrinfo
-# undef getaddrinfo
-#endif
-#define getaddrinfo(a,b,c,d) (ssh_getaddrinfo(a,b,c,d))
-int getaddrinfo(const char *, const char *,
- const struct addrinfo *, struct addrinfo **);
-#endif /* !HAVE_GETADDRINFO */
-
-#if !defined(HAVE_GAI_STRERROR) && !defined(HAVE_CONST_GAI_STRERROR_PROTO)
-#define gai_strerror(a) (ssh_gai_strerror(a))
-char *gai_strerror(int);
-#endif /* !HAVE_GAI_STRERROR */
-
-#ifndef HAVE_FREEADDRINFO
-#define freeaddrinfo(a) (ssh_freeaddrinfo(a))
-void freeaddrinfo(struct addrinfo *);
-#endif /* !HAVE_FREEADDRINFO */
-
-#ifndef HAVE_GETNAMEINFO
-#define getnameinfo(a,b,c,d,e,f,g) (ssh_getnameinfo(a,b,c,d,e,f,g))
-int getnameinfo(const struct sockaddr *, size_t, char *, size_t,
- char *, size_t, int);
-#endif /* !HAVE_GETNAMEINFO */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* !_FAKE_RFC2553_H */
-
+++ /dev/null
-#include <ldns/config.h>\r
-\r
-#ifndef HAVE_GETTIMEOFDAY\r
-\r
-#include < time.h >\r
-#include < windows.h>\r
-#include <compat/gettimeofday.h>\r
-\r
-#if defined(_MSC_VER) || defined(_MSC_EXTENSIONS)\r
-#define DELTA_EPOCH_IN_MICROSECS 11644473600000000Ui64\r
-#else\r
-#define DELTA_EPOCH_IN_MICROSECS 11644473600000000ULL\r
-#endif\r
- \r
-int gettimeofday(struct timeval *tv, struct timezone *tz)\r
-{\r
- FILETIME ft;\r
- unsigned __int64 tmpres = 0;\r
- static int tzflag;\r
- \r
- if (NULL != tv)\r
- {\r
- GetSystemTimeAsFileTime(&ft);\r
- \r
- tmpres |= ft.dwHighDateTime;\r
- tmpres <<= 32;\r
- tmpres |= ft.dwLowDateTime;\r
- \r
- /*converting file time to unix epoch*/\r
- tmpres /= 10; /*convert into microseconds*/\r
- tmpres -= DELTA_EPOCH_IN_MICROSECS;\r
- tv->tv_sec = (long)(tmpres / 1000000UL);\r
- tv->tv_usec = (long)(tmpres % 1000000UL);\r
- }\r
- \r
- if (NULL != tz)\r
- {\r
- if (!tzflag)\r
- {\r
- _tzset();\r
- tzflag++;\r
- }\r
- tz->tz_minuteswest = _timezone / 60;\r
- tz->tz_dsttime = _daylight;\r
- }\r
- \r
- return 0;\r
-}\r
-\r
-#endif
\ No newline at end of file
+++ /dev/null
-#ifndef HAVE_GETTIMEOFDAY\r
-\r
-struct timezone\r
-{\r
- int tz_minuteswest; /* minutes W of Greenwich */\r
- int tz_dsttime; /* type of dst correction */\r
-};\r
- \r
-int gettimeofday(struct timeval *tv, struct timezone *tz);\r
-\r
-#endif
\ No newline at end of file
+++ /dev/null
-#ifdef HAVE_CONFIG_H
-#include <ldns/config.h>
-#endif
-
-#ifdef HAVE_TIME_H
-#include <time.h>
-#endif
-
-struct tm *gmtime_r(const time_t *timep, struct tm *result)
-{
- /* no thread safety. */
- *result = *gmtime(timep);
- return result;
-}
+++ /dev/null
-/* From openssh4.3p2 compat/inet_aton.c */
-/*
- * Copyright (c) 1983, 1990, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * -
- * Portions Copyright (c) 1993 by Digital Equipment Corporation.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies, and that
- * the name of Digital Equipment Corporation not be used in advertising or
- * publicity pertaining to distribution of the document or software without
- * specific, written prior permission.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL
- * WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DIGITAL EQUIPMENT
- * CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
- * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
- * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
- * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
- * SOFTWARE.
- * -
- * --Copyright--
- */
-
-/* OPENBSD ORIGINAL: lib/libc/net/inet_addr.c */
-
-#include <ldns/config.h>
-
-#if !defined(HAVE_INET_ATON)
-
-#include <sys/types.h>
-#ifndef _MSC_VER
-#include <sys/param.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-#include <ctype.h>
-
-#if 0
-/*
- * Ascii internet address interpretation routine.
- * The value returned is in network order.
- */
-in_addr_t
-inet_addr(const char *cp)
-{
- struct in_addr val;
-
- if (inet_aton(cp, &val))
- return (val.s_addr);
- return (INADDR_NONE);
-}
-#endif
-
-/*
- * Check whether "cp" is a valid ascii representation
- * of an Internet address and convert to a binary address.
- * Returns 1 if the address is valid, 0 if not.
- * This replaces inet_addr, the return value from which
- * cannot distinguish between failure and a local broadcast address.
- */
-int
-inet_aton(const char *cp, struct in_addr *addr)
-{
- uint32_t val;
- int base, n;
- char c;
- unsigned int parts[4];
- unsigned int *pp = parts;
-
- c = *cp;
- for (;;) {
- /*
- * Collect number up to ``.''.
- * Values are specified as for C:
- * 0x=hex, 0=octal, isdigit=decimal.
- */
- if (!isdigit((int) c))
- return (0);
- val = 0; base = 10;
- if (c == '0') {
- c = *++cp;
- if (c == 'x' || c == 'X')
- base = 16, c = *++cp;
- else
- base = 8;
- }
- for (;;) {
- if (isascii((int) c) && isdigit((int) c)) {
- val = (val * base) + (c - '0');
- c = *++cp;
- } else if (base == 16 && isascii((int) c) && isxdigit((int) c)) {
- val = (val << 4) |
- (c + 10 - (islower((int) c) ? 'a' : 'A'));
- c = *++cp;
- } else
- break;
- }
- if (c == '.') {
- /*
- * Internet format:
- * a.b.c.d
- * a.b.c (with c treated as 16 bits)
- * a.b (with b treated as 24 bits)
- */
- if (pp >= parts + 3)
- return (0);
- *pp++ = val;
- c = *++cp;
- } else
- break;
- }
- /*
- * Check for trailing characters.
- */
- if (c != '\0' && (!isascii((int) c) || !isspace((int) c)))
- return (0);
- /*
- * Concoct the address according to
- * the number of parts specified.
- */
- n = pp - parts + 1;
- switch (n) {
-
- case 0:
- return (0); /* initial nondigit */
-
- case 1: /* a -- 32 bits */
- break;
-
- case 2: /* a.b -- 8.24 bits */
- if ((val > 0xffffff) || (parts[0] > 0xff))
- return (0);
- val |= parts[0] << 24;
- break;
-
- case 3: /* a.b.c -- 8.8.16 bits */
- if ((val > 0xffff) || (parts[0] > 0xff) || (parts[1] > 0xff))
- return (0);
- val |= (parts[0] << 24) | (parts[1] << 16);
- break;
-
- case 4: /* a.b.c.d -- 8.8.8.8 bits */
- if ((val > 0xff) || (parts[0] > 0xff) || (parts[1] > 0xff) || (parts[2] > 0xff))
- return (0);
- val |= (parts[0] << 24) | (parts[1] << 16) | (parts[2] << 8);
- break;
- }
- if (addr)
- addr->s_addr = htonl(val);
- return (1);
-}
-
-#endif /* !defined(HAVE_INET_ATON) */
+++ /dev/null
-/* From openssh 4.3p2 compat/inet_ntop.c */
-/* Copyright (c) 1996 by Internet Software Consortium.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
- * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
- * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
- * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
- * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
- * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
- * SOFTWARE.
- */
-
-/* OPENBSD ORIGINAL: lib/libc/net/inet_ntop.c */
-
-#include <ldns/config.h>
-
-#ifndef HAVE_INET_NTOP
-
-#ifndef _MSC_VER
-#include <sys/param.h>
-#endif
-#include <sys/types.h>
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#include <string.h>
-#include <errno.h>
-#include <stdio.h>
-
-#ifndef IN6ADDRSZ
-#define IN6ADDRSZ 16 /* IPv6 T_AAAA */
-#endif
-
-#ifndef INT16SZ
-#define INT16SZ 2 /* for systems without 16-bit ints */
-#endif
-
-/*
- * WARNING: Don't even consider trying to compile this on a system where
- * sizeof(int) < 4. sizeof(int) > 4 is fine; all the world's not a VAX.
- */
-
-static const char *inet_ntop4(const u_char *src, char *dst, size_t size);
-static const char *inet_ntop6(const u_char *src, char *dst, size_t size);
-
-/* char *
- * inet_ntop(af, src, dst, size)
- * convert a network format address to presentation format.
- * return:
- * pointer to presentation format address (`dst'), or NULL (see errno).
- * author:
- * Paul Vixie, 1996.
- */
-const char *
-inet_ntop(int af, const void *src, char *dst, size_t size)
-{
- switch (af) {
- case AF_INET:
- return (inet_ntop4(src, dst, size));
- case AF_INET6:
- return (inet_ntop6(src, dst, size));
- default:
-#ifdef EAFNOSUPPORT
- errno = EAFNOSUPPORT;
-#else
- errno = ENOSYS;
-#endif
- return (NULL);
- }
- /* NOTREACHED */
-}
-
-/* const char *
- * inet_ntop4(src, dst, size)
- * format an IPv4 address, more or less like inet_ntoa()
- * return:
- * `dst' (as a const)
- * notes:
- * (1) uses no statics
- * (2) takes a u_char* not an in_addr as input
- * author:
- * Paul Vixie, 1996.
- */
-static const char *
-inet_ntop4(const u_char *src, char *dst, size_t size)
-{
- static const char fmt[] = "%u.%u.%u.%u";
- char tmp[sizeof "255.255.255.255"];
- int l;
-
- l = snprintf(tmp, size, fmt, src[0], src[1], src[2], src[3]);
- if (l <= 0 || l >= (int)size) {
- errno = ENOSPC;
- return (NULL);
- }
- strlcpy(dst, tmp, size);
- return (dst);
-}
-
-/* const char *
- * inet_ntop6(src, dst, size)
- * convert IPv6 binary address into presentation (printable) format
- * author:
- * Paul Vixie, 1996.
- */
-static const char *
-inet_ntop6(const u_char *src, char *dst, size_t size)
-{
- /*
- * Note that int32_t and int16_t need only be "at least" large enough
- * to contain a value of the specified size. On some systems, like
- * Crays, there is no such thing as an integer variable with 16 bits.
- * Keep this in mind if you think this function should have been coded
- * to use pointer overlays. All the world's not a VAX.
- */
- char tmp[sizeof "ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255"];
- char *tp, *ep;
- struct { int base, len; } best, cur;
- u_int words[IN6ADDRSZ / INT16SZ];
- int i;
- int advance;
-
- /*
- * Preprocess:
- * Copy the input (bytewise) array into a wordwise array.
- * Find the longest run of 0x00's in src[] for :: shorthanding.
- */
- memset(words, '\0', sizeof words);
- for (i = 0; i < IN6ADDRSZ; i++)
- words[i / 2] |= (src[i] << ((1 - (i % 2)) << 3));
- best.base = -1;
- cur.base = -1;
- for (i = 0; i < (IN6ADDRSZ / INT16SZ); i++) {
- if (words[i] == 0) {
- if (cur.base == -1)
- cur.base = i, cur.len = 1;
- else
- cur.len++;
- } else {
- if (cur.base != -1) {
- if (best.base == -1 || cur.len > best.len)
- best = cur;
- cur.base = -1;
- }
- }
- }
- if (cur.base != -1) {
- if (best.base == -1 || cur.len > best.len)
- best = cur;
- }
- if (best.base != -1 && best.len < 2)
- best.base = -1;
-
- /*
- * Format the result.
- */
- tp = tmp;
- ep = tmp + sizeof(tmp);
- for (i = 0; i < (IN6ADDRSZ / INT16SZ) && tp < ep; i++) {
- /* Are we inside the best run of 0x00's? */
- if (best.base != -1 && i >= best.base &&
- i < (best.base + best.len)) {
- if (i == best.base) {
- if (tp + 1 >= ep)
- return (NULL);
- *tp++ = ':';
- }
- continue;
- }
- /* Are we following an initial run of 0x00s or any real hex? */
- if (i != 0) {
- if (tp + 1 >= ep)
- return (NULL);
- *tp++ = ':';
- }
- /* Is this address an encapsulated IPv4? */
- if (i == 6 && best.base == 0 &&
- (best.len == 6 || (best.len == 5 && words[5] == 0xffff))) {
- if (!inet_ntop4(src+12, tp, (size_t)(ep - tp)))
- return (NULL);
- tp += strlen(tp);
- break;
- }
- advance = snprintf(tp, ep - tp, "%x", words[i]);
- if (advance <= 0 || advance >= ep - tp)
- return (NULL);
- tp += advance;
- }
- /* Was it a trailing run of 0x00's? */
- if (best.base != -1 && (best.base + best.len) == (IN6ADDRSZ / INT16SZ)) {
- if (tp + 1 >= ep)
- return (NULL);
- *tp++ = ':';
- }
- if (tp + 1 >= ep)
- return (NULL);
- *tp++ = '\0';
-
- /*
- * Check for overflow, copy, and we're done.
- */
- if ((size_t)(tp - tmp) > size) {
- errno = ENOSPC;
- return (NULL);
- }
- strlcpy(dst, tmp, size);
- return (dst);
-}
-
-#endif /* !HAVE_INET_NTOP */
+++ /dev/null
-/* $KAME: inet_pton.c,v 1.5 2001/08/20 02:32:40 itojun Exp $ */
-
-/* Copyright (c) 1996 by Internet Software Consortium.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
- * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
- * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
- * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
- * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
- * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
- * SOFTWARE.
- */
-
-#include <ldns/config.h>
-
-#include <string.h>
-#include <stdio.h>
-#include <errno.h>
-
-/*
- * WARNING: Don't even consider trying to compile this on a system where
- * sizeof(int) < 4. sizeof(int) > 4 is fine; all the world's not a VAX.
- */
-
-static int inet_pton4 (const char *src, uint8_t *dst);
-static int inet_pton6 (const char *src, uint8_t *dst);
-
-/*
- *
- * The definitions we might miss.
- *
- */
-#ifndef NS_INT16SZ
-#define NS_INT16SZ 2
-#endif
-
-#ifndef NS_IN6ADDRSZ
-#define NS_IN6ADDRSZ 16
-#endif
-
-#ifndef NS_INADDRSZ
-#define NS_INADDRSZ 4
-#endif
-
-/* int
- * inet_pton(af, src, dst)
- * convert from presentation format (which usually means ASCII printable)
- * to network format (which is usually some kind of binary format).
- * return:
- * 1 if the address was valid for the specified address family
- * 0 if the address wasn't valid (`dst' is untouched in this case)
- * -1 if some other error occurred (`dst' is untouched in this case, too)
- * author:
- * Paul Vixie, 1996.
- */
-int
-inet_pton(af, src, dst)
- int af;
- const char *src;
- void *dst;
-{
- switch (af) {
- case AF_INET:
- return (inet_pton4(src, dst));
- case AF_INET6:
- return (inet_pton6(src, dst));
- default:
-#ifdef EAFNOSUPPORT
- errno = EAFNOSUPPORT;
-#else
- errno = ENOSYS;
-#endif
- return (-1);
- }
- /* NOTREACHED */
-}
-
-/* int
- * inet_pton4(src, dst)
- * like inet_aton() but without all the hexadecimal and shorthand.
- * return:
- * 1 if `src' is a valid dotted quad, else 0.
- * notice:
- * does not touch `dst' unless it's returning 1.
- * author:
- * Paul Vixie, 1996.
- */
-static int
-inet_pton4(src, dst)
- const char *src;
- uint8_t *dst;
-{
- static const char digits[] = "0123456789";
- int saw_digit, octets, ch;
- uint8_t tmp[NS_INADDRSZ], *tp;
-
- saw_digit = 0;
- octets = 0;
- *(tp = tmp) = 0;
- while ((ch = *src++) != '\0') {
- const char *pch;
-
- if ((pch = strchr(digits, ch)) != NULL) {
- uint32_t new = *tp * 10 + (pch - digits);
-
- if (new > 255)
- return (0);
- *tp = new;
- if (! saw_digit) {
- if (++octets > 4)
- return (0);
- saw_digit = 1;
- }
- } else if (ch == '.' && saw_digit) {
- if (octets == 4)
- return (0);
- *++tp = 0;
- saw_digit = 0;
- } else
- return (0);
- }
- if (octets < 4)
- return (0);
-
- memcpy(dst, tmp, NS_INADDRSZ);
- return (1);
-}
-
-/* int
- * inet_pton6(src, dst)
- * convert presentation level address to network order binary form.
- * return:
- * 1 if `src' is a valid [RFC1884 2.2] address, else 0.
- * notice:
- * (1) does not touch `dst' unless it's returning 1.
- * (2) :: in a full address is silently ignored.
- * credit:
- * inspired by Mark Andrews.
- * author:
- * Paul Vixie, 1996.
- */
-static int
-inet_pton6(src, dst)
- const char *src;
- uint8_t *dst;
-{
- static const char xdigits_l[] = "0123456789abcdef",
- xdigits_u[] = "0123456789ABCDEF";
- uint8_t tmp[NS_IN6ADDRSZ], *tp, *endp, *colonp;
- const char *xdigits, *curtok;
- int ch, saw_xdigit;
- uint32_t val;
-
- memset((tp = tmp), '\0', NS_IN6ADDRSZ);
- endp = tp + NS_IN6ADDRSZ;
- colonp = NULL;
- /* Leading :: requires some special handling. */
- if (*src == ':')
- if (*++src != ':')
- return (0);
- curtok = src;
- saw_xdigit = 0;
- val = 0;
- while ((ch = *src++) != '\0') {
- const char *pch;
-
- if ((pch = strchr((xdigits = xdigits_l), ch)) == NULL)
- pch = strchr((xdigits = xdigits_u), ch);
- if (pch != NULL) {
- val <<= 4;
- val |= (pch - xdigits);
- if (val > 0xffff)
- return (0);
- saw_xdigit = 1;
- continue;
- }
- if (ch == ':') {
- curtok = src;
- if (!saw_xdigit) {
- if (colonp)
- return (0);
- colonp = tp;
- continue;
- }
- if (tp + NS_INT16SZ > endp)
- return (0);
- *tp++ = (uint8_t) (val >> 8) & 0xff;
- *tp++ = (uint8_t) val & 0xff;
- saw_xdigit = 0;
- val = 0;
- continue;
- }
- if (ch == '.' && ((tp + NS_INADDRSZ) <= endp) &&
- inet_pton4(curtok, tp) > 0) {
- tp += NS_INADDRSZ;
- saw_xdigit = 0;
- break; /* '\0' was seen by inet_pton4(). */
- }
- return (0);
- }
- if (saw_xdigit) {
- if (tp + NS_INT16SZ > endp)
- return (0);
- *tp++ = (uint8_t) (val >> 8) & 0xff;
- *tp++ = (uint8_t) val & 0xff;
- }
- if (colonp != NULL) {
- /*
- * Since some memmove()'s erroneously fail to handle
- * overlapping regions, we'll do the shift by hand.
- */
- const int n = tp - colonp;
- int i;
-
- for (i = 1; i <= n; i++) {
- endp[- i] = colonp[n - i];
- colonp[n - i] = 0;
- }
- tp = endp;
- }
- if (tp != endp)
- return (0);
- memcpy(dst, tmp, NS_IN6ADDRSZ);
- return (1);
-}
+++ /dev/null
-/* Just a replacement, if the original isascii is not
- present */
-
-#if HAVE_CONFIG_H
-#include <ldns/config.h>
-#endif
-
-int isascii(int c);
-
-/* true if character is ascii. */
-int
-isascii(int c)
-{
- return c >= 0 && c < 128;
-}
+++ /dev/null
-/* Just a replacement, if the original isblank is not
- present */
-
-#if HAVE_CONFIG_H
-#include <ldns/config.h>
-#endif
-
-int isblank(int c);
-
-/* true if character is a blank (space or tab). C99. */
-int
-isblank(int c)
-{
- return (c == ' ') || (c == '\t');
-}
+++ /dev/null
-/* Just a replacement, if the original malloc is not
- GNU-compliant. See autoconf documentation. */
-
-#if HAVE_CONFIG_H
-#include <ldns/config.h>
-#endif
-#undef malloc
-
-#include <sys/types.h>
-
-#ifndef _MSC_VER
-void *malloc ();
-#endif
-
-/* Allocate an N-byte block of memory from the heap.
- If N is zero, allocate a 1-byte block. */
-
-void *
-rpl_malloc (size_t n)
-{
- if (n == 0)
- n = 1;
- return malloc (n);
-}
+++ /dev/null
-/*
- * memmove.c: memmove compat implementation.
- *
- * Copyright (c) 2001-2008, NLnet Labs. All rights reserved.
- *
- * See LICENSE for the license.
-*/
-
-#include <ldns/config.h>
-#include <stdlib.h>
-
-#ifndef _MSC_VER
-void *memmove(void *dest, const void *src, size_t n);
-
-void *memmove(void *dest, const void *src, size_t n)
-{
- uint8_t* from = (uint8_t*) src;
- uint8_t* to = (uint8_t*) dest;
-
- if (from == to || n == 0)
- return dest;
- if (to > from && to-from < (int)n) {
- /* to overlaps with from */
- /* <from......> */
- /* <to........> */
- /* copy in reverse, to avoid overwriting from */
- int i;
- for(i=n-1; i>=0; i--)
- to[i] = from[i];
- return dest;
- }
- if (from > to && from-to < (int)n) {
- /* to overlaps with from */
- /* <from......> */
- /* <to........> */
- /* copy forwards, to avoid overwriting from */
- size_t i;
- for(i=0; i<n; i++)
- to[i] = from[i];
- return dest;
- }
- memcpy(dest, src, n);
- return dest;
-}
-#endif
+++ /dev/null
-/* Just a replacement, if the original malloc is not
- GNU-compliant. Based on malloc.c */
-
-#if HAVE_CONFIG_H
-#include <ldns/config.h>
-#endif
-#undef realloc
-
-#include <sys/types.h>
-
-#ifndef _MSC_VER
-void *realloc (void*, size_t);
-void *malloc (size_t);
-#endif
-
-/* Changes allocation to new sizes, copies over old data.
- * if oldptr is NULL, does a malloc.
- * if size is zero, allocate 1-byte block....
- * (does not return NULL and free block)
- */
-
-void *
-rpl_realloc (void* ptr, size_t n)
-{
- if (n == 0)
- n = 1;
- if(ptr == 0) {
- return malloc(n);
- }
- return realloc(ptr, n);
-}
-
+++ /dev/null
-#include <ldns/config.h>
-
-#ifndef HAVE_SNPRINTF
-
-#include <ctype.h>
-#include <sys/types.h>
-
-/* Define this as a fall through, HAVE_STDARG_H is probably already set */
-
-#define HAVE_VARARGS_H
-
-/**************************************************************
- * Original:
- * Patrick Powell Tue Apr 11 09:48:21 PDT 1995
- * A bombproof version of doprnt (dopr) included.
- * Sigh. This sort of thing is always nasty do deal with. Note that
- * the version here does not include floating point...
- *
- * snprintf() is used instead of sprintf() as it does limit checks
- * for string length. This covers a nasty loophole.
- *
- * The other functions are there to prevent NULL pointers from
- * causing nast effects.
- *
- * More Recently:
- * Brandon Long (blong@fiction.net) 9/15/96 for mutt 0.43
- * This was ugly. It is still ugly. I opted out of floating point
- * numbers, but the formatter understands just about everything
- * from the normal C string format, at least as far as I can tell from
- * the Solaris 2.5 printf(3S) man page.
- *
- * Brandon Long (blong@fiction.net) 10/22/97 for mutt 0.87.1
- * Ok, added some minimal floating point support, which means this
- * probably requires libm on most operating systems. Don't yet
- * support the exponent (e,E) and sigfig (g,G). Also, fmtint()
- * was pretty badly broken, it just wasn't being exercised in ways
- * which showed it, so that's been fixed. Also, formated the code
- * to mutt conventions, and removed dead code left over from the
- * original. Also, there is now a builtin-test, just compile with:
- * gcc -DTEST_SNPRINTF -o snprintf snprintf.c -lm
- * and run snprintf for results.
- *
- **************************************************************/
-
-
-/* varargs declarations: */
-
-#if defined(HAVE_STDARG_H)
-# include <stdarg.h>
-# define HAVE_STDARGS /* let's hope that works everywhere (mj) */
-# define VA_LOCAL_DECL va_list ap
-# define VA_START(f) va_start(ap, f)
-# define VA_SHIFT(v,t) ; /* no-op for ANSI */
-# define VA_END va_end(ap)
-#else
-# if defined(HAVE_VARARGS_H)
-# include <varargs.h>
-# undef HAVE_STDARGS
-# define VA_LOCAL_DECL va_list ap
-# define VA_START(f) va_start(ap) /* f is ignored! */
-# define VA_SHIFT(v,t) v = va_arg(ap,t)
-# define VA_END va_end(ap)
-# else
-/*XX ** NO VARARGS ** XX*/
-# endif
-#endif
-
-int snprintf (char *str, size_t count, const char *fmt, ...);
-int vsnprintf (char *str, size_t count, const char *fmt, va_list arg);
-
-static void dopr (char *buffer, size_t maxlen, const char *format,
- va_list args);
-static void fmtstr (char *buffer, size_t *currlen, size_t maxlen,
- char *value, int flags, int min, int max);
-static void fmtint (char *buffer, size_t *currlen, size_t maxlen,
- long value, int base, int min, int max, int flags);
-static void fmtfp (char *buffer, size_t *currlen, size_t maxlen,
- long double fvalue, int min, int max, int flags);
-static void dopr_outch (char *buffer, size_t *currlen, size_t maxlen, char c );
-
-int vsnprintf (char *str, size_t count, const char *fmt, va_list args)
-{
- str[0] = 0;
- dopr(str, count, fmt, args);
- return(strlen(str));
-}
-
-/* VARARGS3 */
-#ifdef HAVE_STDARGS
-int snprintf (char *str,size_t count,const char *fmt,...)
-#else
-int snprintf (va_alist) va_dcl
-#endif
-{
-#ifndef HAVE_STDARGS
- char *str;
- size_t count;
- char *fmt;
-#endif
- VA_LOCAL_DECL;
-
- VA_START (fmt);
- VA_SHIFT (str, char *);
- VA_SHIFT (count, size_t );
- VA_SHIFT (fmt, char *);
- (void) vsnprintf(str, count, fmt, ap);
- VA_END;
- return(strlen(str));
-}
-
-/*
- * dopr(): poor man's version of doprintf
- */
-
-/* format read states */
-#define DP_S_DEFAULT 0
-#define DP_S_FLAGS 1
-#define DP_S_MIN 2
-#define DP_S_DOT 3
-#define DP_S_MAX 4
-#define DP_S_MOD 5
-#define DP_S_CONV 6
-#define DP_S_DONE 7
-
-/* format flags - Bits */
-#define DP_F_MINUS 1
-#define DP_F_PLUS 2
-#define DP_F_SPACE 4
-#define DP_F_NUM 8
-#define DP_F_ZERO 16
-#define DP_F_UP 32
-
-/* Conversion Flags */
-#define DP_C_SHORT 1
-#define DP_C_LONG 2
-#define DP_C_LDOUBLE 3
-
-#define char_to_int(p) (p - '0')
-#define MAX(p,q) ((p >= q) ? p : q)
-
-static void dopr (char *buffer, size_t maxlen, const char *format, va_list args)
-{
- char ch;
- long value;
- long double fvalue;
- char *strvalue;
- int min;
- int max;
- int state;
- int flags;
- int cflags;
- size_t currlen;
-
- state = DP_S_DEFAULT;
- currlen = flags = cflags = min = 0;
- max = -1;
- ch = *format++;
-
- while (state != DP_S_DONE)
- {
- if ((ch == '\0') || (currlen >= maxlen))
- state = DP_S_DONE;
-
- switch(state)
- {
- case DP_S_DEFAULT:
- if (ch == '%')
- state = DP_S_FLAGS;
- else
- dopr_outch (buffer, &currlen, maxlen, ch);
- ch = *format++;
- break;
- case DP_S_FLAGS:
- switch (ch)
- {
- case '-':
- flags |= DP_F_MINUS;
- ch = *format++;
- break;
- case '+':
- flags |= DP_F_PLUS;
- ch = *format++;
- break;
- case ' ':
- flags |= DP_F_SPACE;
- ch = *format++;
- break;
- case '#':
- flags |= DP_F_NUM;
- ch = *format++;
- break;
- case '0':
- flags |= DP_F_ZERO;
- ch = *format++;
- break;
- default:
- state = DP_S_MIN;
- break;
- }
- break;
- case DP_S_MIN:
- if (isdigit((int) ch))
- {
- min = 10*min + char_to_int (ch);
- ch = *format++;
- }
- else if (ch == '*')
- {
- min = va_arg (args, int);
- ch = *format++;
- state = DP_S_DOT;
- }
- else
- state = DP_S_DOT;
- break;
- case DP_S_DOT:
- if (ch == '.')
- {
- state = DP_S_MAX;
- ch = *format++;
- }
- else
- state = DP_S_MOD;
- break;
- case DP_S_MAX:
- if (isdigit((int) ch))
- {
- if (max < 0)
- max = 0;
- max = 10*max + char_to_int (ch);
- ch = *format++;
- }
- else if (ch == '*')
- {
- max = va_arg (args, int);
- ch = *format++;
- state = DP_S_MOD;
- }
- else
- state = DP_S_MOD;
- break;
- case DP_S_MOD:
- /* Currently, we don't support Long Long, bummer */
- switch (ch)
- {
- case 'h':
- cflags = DP_C_SHORT;
- ch = *format++;
- break;
- case 'l':
- cflags = DP_C_LONG;
- ch = *format++;
- break;
- case 'L':
- cflags = DP_C_LDOUBLE;
- ch = *format++;
- break;
- default:
- break;
- }
- state = DP_S_CONV;
- break;
- case DP_S_CONV:
- switch (ch)
- {
- case 'd':
- case 'i':
- if (cflags == DP_C_SHORT)
- value = va_arg (args, int);
- else if (cflags == DP_C_LONG)
- value = va_arg (args, long int);
- else
- value = va_arg (args, int);
- fmtint (buffer, &currlen, maxlen, value, 10, min, max, flags);
- break;
- case 'o':
- flags &= ~DP_F_PLUS;
- if (cflags == DP_C_SHORT)
- value = va_arg (args, unsigned int);
- else if (cflags == DP_C_LONG)
- value = va_arg (args, unsigned long int);
- else
- value = va_arg (args, unsigned int);
- fmtint (buffer, &currlen, maxlen, value, 8, min, max, flags);
- break;
- case 'u':
- flags &= ~DP_F_PLUS;
- if (cflags == DP_C_SHORT)
- value = va_arg (args, unsigned int);
- else if (cflags == DP_C_LONG)
- value = va_arg (args, unsigned long int);
- else
- value = va_arg (args, unsigned int);
- fmtint (buffer, &currlen, maxlen, value, 10, min, max, flags);
- break;
- case 'X':
- flags |= DP_F_UP;
- case 'x':
- flags &= ~DP_F_PLUS;
- if (cflags == DP_C_SHORT)
- value = va_arg (args, unsigned int);
- else if (cflags == DP_C_LONG)
- value = va_arg (args, unsigned long int);
- else
- value = va_arg (args, unsigned int);
- fmtint (buffer, &currlen, maxlen, value, 16, min, max, flags);
- break;
- case 'f':
- if (cflags == DP_C_LDOUBLE)
- fvalue = va_arg (args, long double);
- else
- fvalue = va_arg (args, double);
- /* um, floating point? */
- fmtfp (buffer, &currlen, maxlen, fvalue, min, max, flags);
- break;
- case 'E':
- flags |= DP_F_UP;
- case 'e':
- if (cflags == DP_C_LDOUBLE)
- fvalue = va_arg (args, long double);
- else
- fvalue = va_arg (args, double);
- break;
- case 'G':
- flags |= DP_F_UP;
- case 'g':
- if (cflags == DP_C_LDOUBLE)
- fvalue = va_arg (args, long double);
- else
- fvalue = va_arg (args, double);
- break;
- case 'c':
- dopr_outch (buffer, &currlen, maxlen, va_arg (args, int));
- break;
- case 's':
- strvalue = va_arg (args, char *);
- if (max < 0)
- max = maxlen; /* ie, no max */
- fmtstr (buffer, &currlen, maxlen, strvalue, flags, min, max);
- break;
- case 'p':
- strvalue = va_arg (args, void *);
- fmtint (buffer, &currlen, maxlen, (long) strvalue, 16, min, max, flags);
- break;
- case 'n':
- if (cflags == DP_C_SHORT)
- {
- short int *num;
- num = va_arg (args, short int *);
- *num = currlen;
- }
- else if (cflags == DP_C_LONG)
- {
- long int *num;
- num = va_arg (args, long int *);
- *num = currlen;
- }
- else
- {
- int *num;
- num = va_arg (args, int *);
- *num = currlen;
- }
- break;
- case '%':
- dopr_outch (buffer, &currlen, maxlen, ch);
- break;
- case 'w':
- /* not supported yet, treat as next char */
- ch = *format++;
- break;
- default:
- /* Unknown, skip */
- break;
- }
- ch = *format++;
- state = DP_S_DEFAULT;
- flags = cflags = min = 0;
- max = -1;
- break;
- case DP_S_DONE:
- break;
- default:
- /* hmm? */
- break; /* some picky compilers need this */
- }
- }
- if (currlen < maxlen - 1)
- buffer[currlen] = '\0';
- else
- buffer[maxlen - 1] = '\0';
-}
-
-static void fmtstr (char *buffer, size_t *currlen, size_t maxlen,
- char *value, int flags, int min, int max)
-{
- int padlen, strln; /* amount to pad */
- int cnt = 0;
-
- if (value == 0)
- {
- value = (char *) "<NULL>";
- }
-
- for (strln = 0; value[strln]; ++strln); /* strlen */
- padlen = min - strln;
- if (padlen < 0)
- padlen = 0;
- if (flags & DP_F_MINUS)
- padlen = -padlen; /* Left Justify */
-
- while ((padlen > 0) && (cnt < max))
- {
- dopr_outch (buffer, currlen, maxlen, ' ');
- --padlen;
- ++cnt;
- }
- while (*value && (cnt < max))
- {
- dopr_outch (buffer, currlen, maxlen, *value++);
- ++cnt;
- }
- while ((padlen < 0) && (cnt < max))
- {
- dopr_outch (buffer, currlen, maxlen, ' ');
- ++padlen;
- ++cnt;
- }
-}
-
-/* Have to handle DP_F_NUM (ie 0x and 0 alternates) */
-
-static void fmtint (char *buffer, size_t *currlen, size_t maxlen,
- long value, int base, int min, int max, int flags)
-{
- int signvalue = 0;
- unsigned long uvalue;
- char convert[20];
- int place = 0;
- int spadlen = 0; /* amount to space pad */
- int zpadlen = 0; /* amount to zero pad */
- int caps = 0;
-
- if (max < 0)
- max = 0;
-
- uvalue = value;
- if( value < 0 ) {
- signvalue = '-';
- uvalue = -value;
- }
- else
- if (flags & DP_F_PLUS) /* Do a sign (+/i) */
- signvalue = '+';
- else
- if (flags & DP_F_SPACE)
- signvalue = ' ';
-
- if (flags & DP_F_UP) caps = 1; /* Should characters be upper case? */
-
- do {
- convert[place++] =
- (caps? "0123456789ABCDEF":"0123456789abcdef")
- [uvalue % (unsigned)base ];
- uvalue = (uvalue / (unsigned)base );
- } while(uvalue && (place < 20));
- if (place == 20) place--;
- convert[place] = 0;
-
- zpadlen = max - place;
- spadlen = min - MAX (max, place) - (signvalue ? 1 : 0);
- if (zpadlen < 0) zpadlen = 0;
- if (spadlen < 0) spadlen = 0;
- if (flags & DP_F_ZERO)
- {
- zpadlen = MAX(zpadlen, spadlen);
- spadlen = 0;
- }
- if (flags & DP_F_MINUS)
- spadlen = -spadlen; /* Left Justifty */
-
-#ifdef DEBUG_SNPRINTF
- dprint (1, (debugfile, "zpad: %d, spad: %d, min: %d, max: %d, place: %d\n",
- zpadlen, spadlen, min, max, place));
-#endif
-
- /* Spaces */
- while (spadlen > 0)
- {
- dopr_outch (buffer, currlen, maxlen, ' ');
- --spadlen;
- }
-
- /* Sign */
- if (signvalue)
- dopr_outch (buffer, currlen, maxlen, signvalue);
-
- /* Zeros */
- if (zpadlen > 0)
- {
- while (zpadlen > 0)
- {
- dopr_outch (buffer, currlen, maxlen, '0');
- --zpadlen;
- }
- }
-
- /* Digits */
- while (place > 0)
- dopr_outch (buffer, currlen, maxlen, convert[--place]);
-
- /* Left Justified spaces */
- while (spadlen < 0) {
- dopr_outch (buffer, currlen, maxlen, ' ');
- ++spadlen;
- }
-}
-
-static long double abs_val (long double value)
-{
- long double result = value;
-
- if (value < 0)
- result = -value;
-
- return result;
-}
-
-static double pow10 (double exp)
-{
- long double result = 1;
-
- while (exp)
- {
- result *= 10;
- exp--;
- }
-
- return result;
-}
-
-static double round (double value)
-{
- long intpart;
-
- intpart = value;
- value = value - intpart;
- if (value >= 0.5)
- intpart++;
-
- return intpart;
-}
-
-static void fmtfp (char *buffer, size_t *currlen, size_t maxlen,
- long double fvalue, int min, int max, int flags)
-{
- int signvalue = 0;
- long double ufvalue;
- char iconvert[20];
- char fconvert[20];
- int iplace = 0;
- int fplace = 0;
- int padlen = 0; /* amount to pad */
- int zpadlen = 0;
- int caps = 0;
- long intpart;
- long fracpart;
-
- /*
- * AIX manpage says the default is 0, but Solaris says the default
- * is 6, and sprintf on AIX defaults to 6
- */
- if (max < 0)
- max = 6;
-
- ufvalue = abs_val (fvalue);
-
- if (fvalue < 0)
- signvalue = '-';
- else
- if (flags & DP_F_PLUS) /* Do a sign (+/i) */
- signvalue = '+';
- else
- if (flags & DP_F_SPACE)
- signvalue = ' ';
-
-#if 0
- if (flags & DP_F_UP) caps = 1; /* Should characters be upper case? */
-#endif
-
- intpart = ufvalue;
-
- /*
- * Sorry, we only support 9 digits past the decimal because of our
- * conversion method
- */
- if (max > 9)
- max = 9;
-
- /* We "cheat" by converting the fractional part to integer by
- * multiplying by a factor of 10
- */
- fracpart = round ((pow10 (max)) * (ufvalue - intpart));
-
- if (fracpart >= pow10 (max))
- {
- intpart++;
- fracpart -= pow10 (max);
- }
-
-#ifdef DEBUG_SNPRINTF
- dprint (1, (debugfile, "fmtfp: %f =? %d.%d\n", fvalue, intpart, fracpart));
-#endif
-
- /* Convert integer part */
- do {
- iconvert[iplace++] =
- (caps? "0123456789ABCDEF":"0123456789abcdef")[intpart % 10];
- intpart = (intpart / 10);
- } while(intpart && (iplace < 20));
- if (iplace == 20) iplace--;
- iconvert[iplace] = 0;
-
- /* Convert fractional part */
- do {
- fconvert[fplace++] =
- (caps? "0123456789ABCDEF":"0123456789abcdef")[fracpart % 10];
- fracpart = (fracpart / 10);
- } while(fracpart && (fplace < 20));
- if (fplace == 20) fplace--;
- fconvert[fplace] = 0;
-
- /* -1 for decimal point, another -1 if we are printing a sign */
- padlen = min - iplace - max - 1 - ((signvalue) ? 1 : 0);
- zpadlen = max - fplace;
- if (zpadlen < 0)
- zpadlen = 0;
- if (padlen < 0)
- padlen = 0;
- if (flags & DP_F_MINUS)
- padlen = -padlen; /* Left Justifty */
-
- if ((flags & DP_F_ZERO) && (padlen > 0))
- {
- if (signvalue)
- {
- dopr_outch (buffer, currlen, maxlen, signvalue);
- --padlen;
- signvalue = 0;
- }
- while (padlen > 0)
- {
- dopr_outch (buffer, currlen, maxlen, '0');
- --padlen;
- }
- }
- while (padlen > 0)
- {
- dopr_outch (buffer, currlen, maxlen, ' ');
- --padlen;
- }
- if (signvalue)
- dopr_outch (buffer, currlen, maxlen, signvalue);
-
- while (iplace > 0)
- dopr_outch (buffer, currlen, maxlen, iconvert[--iplace]);
-
- /*
- * Decimal point. This should probably use locale to find the correct
- * char to print out.
- */
- dopr_outch (buffer, currlen, maxlen, '.');
-
- while (zpadlen > 0)
- {
- dopr_outch (buffer, currlen, maxlen, '0');
- --zpadlen;
- }
-
- while (fplace > 0)
- dopr_outch (buffer, currlen, maxlen, fconvert[--fplace]);
-
- while (padlen < 0)
- {
- dopr_outch (buffer, currlen, maxlen, ' ');
- ++padlen;
- }
-}
-
-static void dopr_outch (char *buffer, size_t *currlen, size_t maxlen, char c)
-{
- if (*currlen < maxlen)
- buffer[(*currlen)++] = c;
-}
-
-#ifdef TEST_SNPRINTF
-#ifndef LONG_STRING
-#define LONG_STRING 1024
-#endif
-int main (void)
-{
- char buf1[LONG_STRING];
- char buf2[LONG_STRING];
- char *fp_fmt[] = {
- "%-1.5f",
- "%1.5f",
- "%123.9f",
- "%10.5f",
- "% 10.5f",
- "%+22.9f",
- "%+4.9f",
- "%01.3f",
- "%4f",
- "%3.1f",
- "%3.2f",
- NULL
- };
- double fp_nums[] = { -1.5, 134.21, 91340.2, 341.1234, 0203.9, 0.96, 0.996,
- 0.9996, 1.996, 4.136, 0};
- char *int_fmt[] = {
- "%-1.5d",
- "%1.5d",
- "%123.9d",
- "%5.5d",
- "%10.5d",
- "% 10.5d",
- "%+22.33d",
- "%01.3d",
- "%4d",
- NULL
- };
- long int_nums[] = { -1, 134, 91340, 341, 0203, 0};
- int x, y;
- int fail = 0;
- int num = 0;
-
- printf ("Testing snprintf format codes against system sprintf...\n");
-
- for (x = 0; fp_fmt[x] != NULL ; x++)
- for (y = 0; fp_nums[y] != 0 ; y++)
- {
- snprintf (buf1, sizeof (buf1), fp_fmt[x], fp_nums[y]);
- sprintf (buf2, fp_fmt[x], fp_nums[y]);
- if (strcmp (buf1, buf2))
- {
- printf("snprintf doesn't match Format: %s\n\tsnprintf = %s\n\tsprintf = %s\n",
- fp_fmt[x], buf1, buf2);
- fail++;
- }
- num++;
- }
-
- for (x = 0; int_fmt[x] != NULL ; x++)
- for (y = 0; int_nums[y] != 0 ; y++)
- {
- snprintf (buf1, sizeof (buf1), int_fmt[x], int_nums[y]);
- sprintf (buf2, int_fmt[x], int_nums[y]);
- if (strcmp (buf1, buf2))
- {
- printf("snprintf doesn't match Format: %s\n\tsnprintf = %s\n\tsprintf = %s\n",
- int_fmt[x], buf1, buf2);
- fail++;
- }
- num++;
- }
- printf ("%d tests failed out of %d.\n", fail, num);
-}
-#endif /* SNPRINTF_TEST */
-
-#endif /* !HAVE_SNPRINTF */
+++ /dev/null
-/* from openssh 4.3p2 compat/strlcpy.c */
-/*
- * Copyright (c) 1998 Todd C. Miller <Todd.Miller@courtesan.com>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-/* OPENBSD ORIGINAL: lib/libc/string/strlcpy.c */
-
-#include <ldns/config.h>
-#ifndef HAVE_STRLCPY
-
-#include <sys/types.h>
-#include <string.h>
-
-/*
- * Copy src to string dst of size siz. At most siz-1 characters
- * will be copied. Always NUL terminates (unless siz == 0).
- * Returns strlen(src); if retval >= siz, truncation occurred.
- */
-size_t
-strlcpy(char *dst, const char *src, size_t siz)
-{
- char *d = dst;
- const char *s = src;
- size_t n = siz;
-
- /* Copy as many bytes as will fit */
- if (n != 0 && --n != 0) {
- do {
- if ((*d++ = *s++) == 0)
- break;
- } while (--n != 0);
- }
-
- /* Not enough room in dst, add NUL and traverse rest of src */
- if (n == 0) {
- if (siz != 0)
- *d = '\0'; /* NUL-terminate dst */
- while (*s++)
- ;
- }
-
- return(s - src - 1); /* count does not include NUL */
-}
-
-#endif /* !HAVE_STRLCPY */
+++ /dev/null
-#ifdef HAVE_CONFIG_H
-#include <ldns/config.h>
-#endif
-
-#include <stdio.h>
-
-#ifdef HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
-
-#include <time.h>
-
-time_t
-timegm (struct tm *tm) {
- time_t ret;
- char *tz;
-
- tz = getenv("TZ");
- putenv((char*)"TZ=");
- tzset();
- ret = mktime(tm);
- if (tz) {
- char buf[256];
- snprintf(buf, sizeof(buf), "TZ=%s", tz);
- putenv(tz);
- }
- else
- putenv((char*)"TZ");
- tzset();
- return ret;
-}
+++ /dev/null
-# -*- Autoconf -*-
-# Process this file with autoconf to produce a configure script.
-AC_PREREQ(2.56)
-sinclude(acx_nlnetlabs.m4)
-
-# must be numbers. ac_defun because of later processing.
-m4_define([VERSION_MAJOR],[1])
-m4_define([VERSION_MINOR],[6])
-m4_define([VERSION_MICRO],[9])
-AC_INIT(ldns, m4_defn([VERSION_MAJOR]).m4_defn([VERSION_MINOR]).m4_defn([VERSION_MICRO]), libdns@nlnetlabs.nl, libdns)
-AC_CONFIG_SRCDIR([packet.c])
-# needed to build correct soname
-AC_SUBST(LIBTOOL_VERSION_INFO, VERSION_MAJOR:VERSION_MINOR:VERSION_MICRO)
-AC_SUBST(LDNS_VERSION_MAJOR, [VERSION_MAJOR])
-AC_SUBST(LDNS_VERSION_MINOR, [VERSION_MINOR])
-AC_SUBST(LDNS_VERSION_MICRO, [VERSION_MICRO])
-
-OURCPPFLAGS=''
-CPPFLAGS=${CPPFLAGS:-${OURCPPFLAGS}}
-CFLAGS="$CFLAGS"
-
-AC_AIX
-# Checks for programs.
-AC_PROG_CC
-AC_PROG_MAKE_SET
-
-AC_DEFINE(WINVER, 0x0502, [the version of the windows API enabled])
-
-ACX_CHECK_COMPILER_FLAG(std=c99, [C99FLAG="-std=c99"])
-ACX_CHECK_COMPILER_FLAG(xc99, [C99FLAG="-xc99"])
-
-# routine to copy files
-# argument 1 is a list of files (relative to the source dir)
-# argument 2 is a destination directory (relative to the current
-# working directory
-AC_DEFUN([COPY_FILES],
-[
-for file in $1; do
- sh $srcdir/install-sh -m 644 $file $2
-done
-])
-
-# copy all .h files in the dir at argument 1
-# (relative to source) to the dir at argument 2
-# (relative to current dir)
-AC_DEFUN([COPY_HEADER_FILES],
-[
-echo "copying header files"
-COPY_FILES($srcdir/$1/*.h, $2)
-])
-
-# Checks for typedefs, structures, and compiler characteristics.
-AC_C_CONST
-AC_LANG_C
-ACX_CHECK_COMPILER_FLAG(g, [CFLAGS="-g $CFLAGS"])
-ACX_CHECK_COMPILER_FLAG(O2, [CFLAGS="-O2 $CFLAGS"])
-ACX_CHECK_COMPILER_FLAG(Wall, [CFLAGS="-Wall $CFLAGS"])
-ACX_CHECK_COMPILER_FLAG(W, [CFLAGS="-W $CFLAGS"])
-ACX_CHECK_COMPILER_FLAG(Wwrite-strings, [CFLAGS="-Wwrite-strings $CFLAGS"])
-
-AC_CHECK_HEADERS([getopt.h time.h],,, [AC_INCLUDES_DEFAULT])
-
-# MinGW32 tests
-AC_CHECK_HEADERS([winsock2.h ws2tcpip.h],,, [AC_INCLUDES_DEFAULT])
-# end mingw32 tests
-
-ACX_DETERMINE_EXT_FLAGS_UNBOUND
-
-AC_C_INLINE
-AC_CHECK_TYPE(int8_t, char)
-AC_CHECK_TYPE(int16_t, short)
-AC_CHECK_TYPE(int32_t, int)
-AC_CHECK_TYPE(int64_t, long long)
-AC_CHECK_TYPE(uint8_t, unsigned char)
-AC_CHECK_TYPE(uint16_t, unsigned short)
-AC_CHECK_TYPE(uint32_t, unsigned int)
-AC_CHECK_TYPE(uint64_t, unsigned long long)
-
-# my own checks
-AC_CHECK_PROG(doxygen, doxygen, doxygen)
-
-# check to see if libraries are needed for these functions.
-AC_SEARCH_LIBS([socket], [socket])
-AC_SEARCH_LIBS([inet_pton], [nsl])
-
-# check for python
-AC_ARG_WITH(pyldns, AC_HELP_STRING([--with-pyldns],
- [generate python library, or --without-pyldns to disable Python support.]),
- [],[ withval="no" ])
-ldns_have_python=no
-if test x_$withval != x_no; then
- sinclude(acx_python.m4)
- ac_save_LIBS="$LIBS" dnl otherwise AC_PYTHON_DEVEL thrashes $LIBS
- AC_PYTHON_DEVEL
- if test ! -z "$PYTHON_VERSION"; then
- if test `$PYTHON -c "print '$PYTHON_VERSION' >= '2.4.0'"` = "False"; then
- AC_ERROR([Python version >= 2.4.0 is required])
- fi
- # Have Python
- AC_DEFINE(HAVE_PYTHON,1,[Define if you have Python libraries and header files.])
- ldns_have_python=yes
- fi
-
- # check for swig
- if test x_$ldns_have_python != x_no; then
- sinclude(ac_pkg_swig.m4)
- AC_PROG_SWIG
- if test ! -x "$SWIG"; then
- AC_ERROR([failed to find swig tool, install it, or do not build pyldns])
- else
- AC_DEFINE(HAVE_SWIG,1,[Define if you have Swig libraries and header files.])
- AC_SUBST(PYLDNS, "pyldns")
- AC_SUBST(swig, "$SWIG")
- fi
- else
- AC_MSG_RESULT([*** don't have Python, skipping Swig, no pyldns ***])
- fi
-fi
-
-# Use libtool
-ACX_LIBTOOL_C_ONLY
-
-tmp_CPPFLAGS=$CPPFLAGS
-tmp_LDFLAGS=$LDFLAGS
-tmp_LIBS=$LIBS
-
-ACX_WITH_SSL_OPTIONAL
-
-AC_CHECK_FUNCS([EVP_sha256])
-
-# for macosx, see if glibtool exists and use that
-# BSD's need to know the version...
-#AC_CHECK_PROG(glibtool, glibtool, [glibtool], )
-#AC_CHECK_PROGS(libtool, [libtool15 libtool], [./libtool])
-
-AC_ARG_ENABLE(sha2, AC_HELP_STRING([--disable-sha2], [Disable SHA256 and SHA512 RRSIG support]))
-case "$enable_sha2" in
- no)
- ;;
- yes|*)
- if test "x$HAVE_SSL" != "xyes"; then
- AC_MSG_ERROR([SHA2 enabled, but no SSL support])
- fi
- AC_MSG_CHECKING(for SHA256 and SHA512)
- AC_CHECK_FUNC(SHA256_Init, [], [
- AC_MSG_ERROR([No SHA2 functions found in OpenSSL: please upgrade OpenSSL or rerun with --disable-sha2])
- ])
- AC_DEFINE_UNQUOTED([USE_SHA2], [1], [Define this to enable SHA256 and SHA512 support.])
- ;;
-esac
-
-AC_ARG_ENABLE(gost, AC_HELP_STRING([--disable-gost], [Disable GOST support]))
-case "$enable_gost" in
- no)
- ;;
- *) dnl default
- if test "x$HAVE_SSL" != "xyes"; then
- AC_MSG_ERROR([GOST enabled, but no SSL support])
- fi
- AC_MSG_CHECKING(for GOST)
- AC_CHECK_FUNC(EVP_PKEY_set_type_str, [],[AC_MSG_ERROR([OpenSSL >= 1.0.0 is needed for GOST support or rerun with --disable-gost])])
- AC_CHECK_FUNC(EC_KEY_new, [], [AC_MSG_ERROR([No ECC functions found in OpenSSL: please upgrade OpenSSL or rerun with --disable-gost])])
- AC_DEFINE_UNQUOTED([USE_GOST], [1], [Define this to enable GOST support.])
- ;;
-esac
-
-AC_ARG_ENABLE(ecdsa, AC_HELP_STRING([--enable-ecdsa], [Enable ECDSA support, experimental]))
-case "$enable_ecdsa" in
- yes)
- if test "x$HAVE_SSL" != "xyes"; then
- AC_MSG_ERROR([ECDSA enabled, but no SSL support])
- fi
- AC_CHECK_FUNC(ECDSA_sign, [], [AC_MSG_ERROR([OpenSSL does not support ECDSA])])
- AC_CHECK_FUNC(SHA384_Init, [], [AC_MSG_ERROR([OpenSSL does not support SHA384])])
- AC_CHECK_DECLS([NID_X9_62_prime256v1, NID_secp384r1], [], [AC_MSG_ERROR([OpenSSL does not support the ECDSA curve])], [AC_INCLUDES_DEFAULT
-#include <openssl/evp.h>
- ])
- # we now know we have ECDSA and the required curves.
- AC_DEFINE_UNQUOTED([USE_ECDSA], [1], [Define this to enable ECDSA support.])
- AC_WARN([
- *****************************************************************
- *** YOU HAVE ENABLED ECDSA WHICH IS EXPERIMENTAL AT THIS TIME ***
- *** PLEASE DO NOT USE THIS ON THE PUBLIC INTERNET ***
- *****************************************************************])
- ;;
- no)
- ;;
- *)
- ;;
-esac
-
-AC_SUBST(LIBSSL_CPPFLAGS)
-AC_SUBST(LIBSSL_LDFLAGS)
-AC_SUBST(LIBSSL_LIBS)
-CPPFLAGS=$tmp_CPPFLAGS
-LDFLAGS=$tmp_LDFLAGS
-LIBS=$tmp_LIBS
-
-# add option to disable installation of ldns-config script
-AC_ARG_ENABLE(ldns-config, [ --disable-ldns-config disable installation of ldns-config (default=enabled)],
- enable_ldns_config=$enableval, enable_ldns_config=yes)
-if test "x$enable_ldns_config" = xyes; then
- INSTALL_LDNS_CONFIG="yes"
-else
- INSTALL_LDNS_CONFIG="no"
-fi
-AC_SUBST(INSTALL_LDNS_CONFIG)
-
-# add option to disable the evil rpath
-ACX_ARG_RPATH
-
-#AC_TRY_RUN(
-#[
-#int main()
-#{
-#short one = 1;
-#char *cp = (char*)&one;
-#if ( *cp == 0 )
-#return(0);
-#else
-#return(1);
-#}
-#], [],[
-#AC_DEFINE(CONFCHECK_LITTLE_ENDIAN, 1, [system appears to be little-endian])
-#],[])
-
-# should define WORDS_BIGENDIAN if the system is big-endian
-AC_C_BIGENDIAN
-
-# Checks for header files.
-AC_HEADER_STDC
-#AC_HEADER_SYS_WAIT
-#AC_CHECK_HEADERS([getopt.h fcntl.h stdlib.h string.h strings.h unistd.h])
-# do the very minimum - we can always extend this
-AC_CHECK_HEADERS([getopt.h stdarg.h stdbool.h openssl/ssl.h netinet/in.h time.h arpa/inet.h netdb.h],,, [AC_INCLUDES_DEFAULT])
-AC_CHECK_HEADERS(sys/param.h sys/mount.h,,,
-[AC_INCLUDES_DEFAULT
- [
- #if HAVE_SYS_PARAM_H
- # include <sys/param.h>
- #endif
- ]
-])
-AC_CHECK_HEADER(sys/socket.h,
-[
-include_sys_socket_h='#include <sys/socket.h>'
-AC_DEFINE(HAVE_SYS_SOCKET_H, 1, [define if you have sys/socket.h])
-],[
-include_sys_socket_h=''
-],[AC_INCLUDES_DEFAULT
- [
- #if HAVE_SYS_PARAM_H
- # include <sys/param.h>
- #endif
- ]
-])
-AC_SUBST(include_sys_socket_h)
-AC_CHECK_HEADER(inttypes.h,
-[
-include_inttypes_h='#include <inttypes.h>'
-AC_DEFINE(HAVE_INTTYPES_H, 1, [define if you have inttypes.h])
-],[
-include_inttypes_h=''
-],[AC_INCLUDES_DEFAULT
-])
-AC_SUBST(include_inttypes_h)
-AC_CHECK_HEADER(sys/types.h,
-[
-include_systypes_h='#include <sys/types.h>'
-AC_DEFINE(HAVE_SYS_TYPES_H, 1, [define if you have sys/types.h])
-],[
-include_systypes_h=''
-],[AC_INCLUDES_DEFAULT
-])
-AC_SUBST(include_systypes_h)
-AC_CHECK_HEADER(unistd.h,
-[
-include_unistd_h='#include <unistd.h>'
-AC_DEFINE(HAVE_UNISTD_H, 1, [define if you have unistd.h])
-],[
-include_unistd_h=''
-],[AC_INCLUDES_DEFAULT
-])
-AC_SUBST(include_unistd_h)
-
-ACX_TYPE_SOCKLEN_T
-AC_CHECK_TYPE(ssize_t, int)
-AC_CHECK_TYPE(in_addr_t, [], [AC_DEFINE([in_addr_t], [uint32_t], [in_addr_t])], [
-#if HAVE_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#if HAVE_NETINET_IN_H
-# include <netinet/in.h>
-#endif])
-AC_CHECK_TYPE(in_port_t, [], [AC_DEFINE([in_port_t], [uint16_t], [in_port_t])], [
-#if HAVE_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#if HAVE_NETINET_IN_H
-# include <netinet/in.h>
-#endif])
-ACX_CHECK_SS_FAMILY
-
-AC_FUNC_MALLOC
-AC_FUNC_REALLOC
-
-AC_REPLACE_FUNCS(b64_pton)
-AC_REPLACE_FUNCS(b64_ntop)
-AC_REPLACE_FUNCS(b32_pton)
-AC_REPLACE_FUNCS(b32_ntop)
-AC_REPLACE_FUNCS(timegm)
-AC_REPLACE_FUNCS(gmtime_r)
-AC_REPLACE_FUNCS(ctime_r)
-AC_REPLACE_FUNCS(isblank)
-AC_REPLACE_FUNCS(isascii)
-AC_REPLACE_FUNCS(inet_aton)
-AC_REPLACE_FUNCS(inet_pton)
-AC_REPLACE_FUNCS(inet_ntop)
-AC_REPLACE_FUNCS(snprintf)
-AC_REPLACE_FUNCS(strlcpy)
-AC_REPLACE_FUNCS(memmove)
-AC_CHECK_FUNCS([endprotoent endservent sleep random fcntl strtoul])
-
-ACX_CHECK_GETADDRINFO_WITH_INCLUDES
-if test $ac_cv_func_getaddrinfo = no; then
- AC_LIBOBJ([fake-rfc2553])
-fi
-if test "$USE_WINSOCK" = 1; then
- AC_CHECK_TOOL(WINDRES, windres)
-fi
-
-ACX_FUNC_IOCTLSOCKET
-
-#AC_SEARCH_LIBS(RSA_new, [crypto])
-
-ACX_CHECK_FORMAT_ATTRIBUTE
-ACX_CHECK_UNUSED_ATTRIBUTE
-
-# check OSX deployment target which is needed
-if echo $build_os | grep darwin > /dev/null; then
- export MACOSX_DEPLOYMENT_TARGET="10.4"
-fi
-
-AC_DEFINE([SYSCONFDIR], [sysconfdir], [System configuration dir])
-
-AH_BOTTOM([
-#include <stdio.h>
-#include <string.h>
-#include <unistd.h>
-#include <assert.h>
-
-#ifndef LITTLE_ENDIAN
-#define LITTLE_ENDIAN 1234
-#endif
-
-#ifndef BIG_ENDIAN
-#define BIG_ENDIAN 4321
-#endif
-
-#ifndef BYTE_ORDER
-#ifdef WORDS_BIGENDIAN
-#define BYTE_ORDER BIG_ENDIAN
-#else
-#define BYTE_ORDER LITTLE_ENDIAN
-#endif /* WORDS_BIGENDIAN */
-#endif /* BYTE_ORDER */
-
-#if STDC_HEADERS
-#include <stdlib.h>
-#include <stddef.h>
-#endif
-
-#ifdef HAVE_STDINT_H
-#include <stdint.h>
-#endif
-
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-
-#ifdef HAVE_WINSOCK2_H
-#include <winsock2.h>
-#endif
-
-#ifdef HAVE_WS2TCPIP_H
-#include <ws2tcpip.h>
-#endif
-]
-AHX_CONFIG_W32_FD_SET_T
-)
-
-AH_BOTTOM([
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#ifndef B64_PTON
-int ldns_b64_ntop(uint8_t const *src, size_t srclength,
- char *target, size_t targsize);
-/**
- * calculates the size needed to store the result of b64_ntop
- */
-/*@unused@*/
-static inline size_t ldns_b64_ntop_calculate_size(size_t srcsize)
-{
- return ((((srcsize + 2) / 3) * 4) + 1);
-}
-#endif /* !B64_PTON */
-#ifndef B64_NTOP
-int ldns_b64_pton(char const *src, uint8_t *target, size_t targsize);
-/**
- * calculates the size needed to store the result of ldns_b64_pton
- */
-/*@unused@*/
-static inline size_t ldns_b64_pton_calculate_size(size_t srcsize)
-{
- return (((((srcsize + 3) / 4) * 3)) + 1);
-}
-#endif /* !B64_NTOP */
-
-#ifndef HAVE_SLEEP
-/* use windows sleep, in millisecs, instead */
-#define sleep(x) Sleep((x)*1000)
-#endif
-
-#ifndef HAVE_RANDOM
-#define srandom(x) srand(x)
-#define random(x) rand(x)
-#endif
-
-#ifndef HAVE_TIMEGM
-#include <time.h>
-time_t timegm (struct tm *tm);
-#endif /* !TIMEGM */
-#ifndef HAVE_GMTIME_R
-struct tm *gmtime_r(const time_t *timep, struct tm *result);
-#endif
-#ifndef HAVE_ISBLANK
-int isblank(int c);
-#endif /* !HAVE_ISBLANK */
-#ifndef HAVE_ISASCII
-int isascii(int c);
-#endif /* !HAVE_ISASCII */
-#ifndef HAVE_SNPRINTF
-#include <stdarg.h>
-int snprintf (char *str, size_t count, const char *fmt, ...);
-int vsnprintf (char *str, size_t count, const char *fmt, va_list arg);
-#endif /* HAVE_SNPRINTF */
-#ifndef HAVE_INET_PTON
-int inet_pton(int af, const char* src, void* dst);
-#endif /* HAVE_INET_PTON */
-#ifndef HAVE_INET_NTOP
-const char *inet_ntop(int af, const void *src, char *dst, size_t size);
-#endif
-#ifndef HAVE_INET_ATON
-int inet_aton(const char *cp, struct in_addr *addr);
-#endif
-#ifndef HAVE_MEMMOVE
-void *memmove(void *dest, const void *src, size_t n);
-#endif
-#ifndef HAVE_STRLCPY
-size_t strlcpy(char *dst, const char *src, size_t siz);
-#endif
-#ifdef __cplusplus
-}
-#endif
-#ifndef HAVE_GETADDRINFO
-#include "compat/fake-rfc2553.h"
-#endif
-#ifndef HAVE_STRTOUL
-#define strtoul (unsigned long)strtol
-#endif
-])
-
-AC_CONFIG_FILES([Makefile ldns/net.h ldns/util.h packaging/libldns.pc packaging/ldns-config])
-
-AC_CONFIG_HEADER([ldns/config.h])
-AC_OUTPUT
-COPY_HEADER_FILES(ldns/, ldns/)
-
-AC_CONFIG_SUBDIRS([drill])
-m4_ifdef([AC_REQUIRE_AUX_FILE], [AC_REQUIRE_AUX_FILE([install-sh])])
+++ /dev/null
-NETLDNS is a functionality port of NLnet Labs' LDNS to the .NET
-2.0 framework, contributed by Alex Nicoll of the Carnegie Mellon
-University Software Engineering Institute. NETLDNS is released
-under the BSD license. NETLDNS uses Mihnea Radulescu's BigInteger
-Library (http://www.codeproject.com/KB/cs/BigInteger_Library.aspx)
-from CodeProject to help with key manipulation. Please contact Alex at
-anicoll@cert.org with inquiries or requests for newer versions.
-
-This project is not supported by NLnet Labs.
-
+++ /dev/null
-#!/bin/ksh
-#
-# $Id: build-solaris.sh 2597 2008-04-15 08:39:58Z jelte $
-
-
-PREFIX=/opt/ldns
-OPENSSL=/usr/sfw
-SUDO=sudo
-
-MAKE_PROGRAM=gmake
-MAKE_ARGS="-j 4"
-
-OBJ32=obj32
-OBJ64=obj64
-
-SRCDIR=`pwd`
-
-
-test -d $OBJ32 && $SUDO rm -fr $OBJ32
-mkdir $OBJ32
-
-export CFLAGS=""
-export LDFLAGS="-L${OPENSSL}/lib -R${OPENSSL}/lib"
-
-(cd $OBJ32; \
-${SRCDIR}/configure --with-ssl=${OPENSSL} --prefix=${PREFIX} --libdir=${PREFIX}/lib; \
-$MAKE_PROGRAM $MAKE_ARGS)
-
-if [ `isainfo -k` = amd64 ]; then
- test -d $OBJ64 && $SUDO rm -fr $OBJ64
- mkdir $OBJ64
-
- export CFLAGS="-m64"
- export LDFLAGS="-L${OPENSSL}/lib/amd64 -R${OPENSSL}/lib/amd64"
-
- (cd $OBJ64; \
- ${SRCDIR}/configure --with-ssl=${OPENSSL} --prefix=${PREFIX} --libdir=${PREFIX}/lib/amd64; \
- $MAKE_PROGRAM $MAKE_ARGS)
-fi
-
-# optionally install
-#
-if [ x$1 = xinstall ]; then
- (cd $OBJ32; $SUDO $MAKE_PROGRAM install-h)
- (cd $OBJ32; $SUDO $MAKE_PROGRAM install-doc)
- (cd $OBJ32; $SUDO $MAKE_PROGRAM install-lib)
- if [ `isainfo -k` = amd64 ]; then
- (cd $OBJ64; $SUDO $MAKE_PROGRAM install-lib)
- fi
-fi
+++ /dev/null
-Copyright (c) 2009, Zdenek Vasicek (vasicek AT fit.vutbr.cz)
- Karel Slany (slany AT fit.vutbr.cz)
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
-
- * Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
- * Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
- * Neither the name of the organization nor the names of its
- contributors may be used to endorse or promote products derived from this
- software without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
-LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-POSSIBILITY OF SUCH DAMAGE.
+++ /dev/null
-# Makefile: compilation of sources and documentation, test environment
-#
-# Copyright (c) 2009, Zdenek Vasicek (vasicek AT fit.vutbr.cz)
-# Karel Slany (slany AT fit.vutbr.cz)
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions are met:
-#
-# * Redistributions of source code must retain the above copyright notice,
-# this list of conditions and the following disclaimer.
-# * Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in the
-# documentation and/or other materials provided with the distribution.
-# * Neither the name of the organization nor the names of its
-# contributors may be used to endorse or promote products derived from this
-# software without specific prior written permission.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
-# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-
-help:
- @echo "Please use \`make <target>' where <target> is one of"
- @echo " testenv to make test environment and run bash "
- @echo " usefull in case you don't want to install ldns but want to test examples"
- @echo " doc to make documentation"
- @echo " clean clean all"
-
-../../Makefile: ../../configure
- cd ../.. && ./configure --with-python
-
-_ldns.so: ../../Makefile
- $(MAKE) -C ../..
-
-../../.libs/ldns.so.1: ../../Makefile
- $(MAKE) -C ../..
-
-clean:
- rm -rdf examples/ldns
- rm -f _ldns.so ldns_wrapper.o
- $(MAKE) -C ../.. clean
-
-testenv: ../../.libs/libldns.so.1 _ldns.so
- rm -rdf examples/ldns
- cd examples && mkdir ldns && ln -s ../../ldns.py ldns/__init__.py && ln -s ../../_ldns.so ldns/_ldns.so && ln -s ../../../../.libs/libldns.so.1 ldns/libldns.so.1 && ls -la
- @echo "Run a script by typing ./script_name.py"
- cd examples && LD_LIBRARY_PATH=ldns bash
- rm -rdf examples/ldns
-
-doc: ../../.libs/ldns.so.1 _ldns.so
- $(MAKE) -C docs html
-
-#for development only
-swig: ldns.i
- swig -python -o ldns_wrapper.c -I../.. ldns.i
- gcc -c ldns_wrapper.c -O9 -fPIC -I../.. -I../../ldns -I/usr/include/python2.5 -I. -o ldns_wrapper.o
- ld -shared ldns_wrapper.o -L../../.libs -lldns -o _ldns.so
-
+++ /dev/null
-# Makefile for Sphinx documentation
-#
-
-# You can set these variables from the command line.
-SPHINXOPTS =
-SPHINXBUILD = sphinx-build
-PAPER =
-
-# Internal variables.
-PAPEROPT_a4 = -D latex_paper_size=a4
-PAPEROPT_letter = -D latex_paper_size=letter
-ALLSPHINXOPTS = -d build/doctrees $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) source
-
-.PHONY: help clean html web pickle htmlhelp latex changes linkcheck
-
-help:
- @echo "Please use \`make <target>' where <target> is one of"
- @echo " html to make standalone HTML files"
- @echo " pickle to make pickle files (usable by e.g. sphinx-web)"
- @echo " htmlhelp to make HTML files and a HTML help project"
- @echo " latex to make LaTeX files, you can set PAPER=a4 or PAPER=letter"
- @echo " changes to make an overview over all changed/added/deprecated items"
- @echo " linkcheck to check all external links for integrity"
-
-clean:
- -rm -rf build/*
-
-html:
- mkdir -p build/html build/doctrees
- LD_LIBRARY_PATH=../../../.libs $(SPHINXBUILD) -b html $(ALLSPHINXOPTS) build/html
- @echo
- @echo "Build finished. The HTML pages are in build/html."
-
-pickle:
- mkdir -p build/pickle build/doctrees
- LD_LIBRARY_PATH=../../../.libs $(SPHINXBUILD) -b pickle $(ALLSPHINXOPTS) build/pickle
- @echo
- @echo "Build finished; now you can process the pickle files or run"
- @echo " sphinx-web build/pickle"
- @echo "to start the sphinx-web server."
-
-web: pickle
-
-htmlhelp:
- mkdir -p build/htmlhelp build/doctrees
- LD_LIBRARY_PATH=../../../.libs $(SPHINXBUILD) -b htmlhelp $(ALLSPHINXOPTS) build/htmlhelp
- @echo
- @echo "Build finished; now you can run HTML Help Workshop with the" \
- ".hhp project file in build/htmlhelp."
-
-latex:
- mkdir -p build/latex build/doctrees
- LD_LIBRARY_PATH=../../../.libs $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) build/latex
- @echo
- @echo "Build finished; the LaTeX files are in build/latex."
- @echo "Run \`make all-pdf' or \`make all-ps' in that directory to" \
- "run these through (pdf)latex."
-
-changes:
- mkdir -p build/changes build/doctrees
- LD_LIBRARY_PATH=../../../.libs $(SPHINXBUILD) -b changes $(ALLSPHINXOPTS) build/changes
- @echo
- @echo "The overview file is in build/changes."
-
-linkcheck:
- mkdir -p build/linkcheck build/doctrees
- LD_LIBRARY_PATH=../../../.libs $(SPHINXBUILD) -b linkcheck $(ALLSPHINXOPTS) build/linkcheck
- @echo
- @echo "Link check complete; look for any errors in the above output " \
- "or in build/linkcheck/output.txt."
+++ /dev/null
-# -*- coding: utf-8 -*-
-#
-# Unbound documentation build configuration file, created by
-# sphinx-quickstart on Fri Jan 2 19:14:13 2009.
-#
-# This file is execfile()d with the current directory set to its containing dir.
-#
-# The contents of this file are pickled, so don't put values in the namespace
-# that aren't pickleable (module imports are okay, they're removed automatically).
-#
-# All configuration values have a default value; values that are commented out
-# serve to show the default value.
-
-import sys, os
-
-# If your extensions are in another directory, add it here. If the directory
-# is relative to the documentation root, use os.path.abspath to make it
-# absolute, like shown here.
-sys.path.append(os.path.abspath(os.path.join(os.path.dirname(__file__),'../../')))
-#print sys.path
-
-# General configuration
-# ---------------------
-
-# Add any Sphinx extension module names here, as strings. They can be extensions
-# coming with Sphinx (named 'sphinx.ext.*') or your custom ones.
-extensions = ['sphinx.ext.autodoc', 'sphinx.ext.doctest']
-
-# Add any paths that contain templates here, relative to this directory.
-templates_path = ['_templates']
-
-# The suffix of source filenames.
-source_suffix = '.rst'
-
-# The master toctree document.
-master_doc = 'index'
-
-# General substitutions.
-project = 'pyLDNS'
-copyright = '2009, Karel Slany, Zdenek Vasicek'
-
-# The default replacements for |version| and |release|, also used in various
-# other places throughout the built documents.
-#
-# The short X.Y version.
-version = '1.0'
-# The full version, including alpha/beta/rc tags.
-release = '1.0.0'
-
-# There are two options for replacing |today|: either, you set today to some
-# non-false value, then it is used:
-#today = ''
-# Else, today_fmt is used as the format for a strftime call.
-today_fmt = '%B %d, %Y'
-
-# List of documents that shouldn't be included in the build.
-#unused_docs = []
-
-# List of directories, relative to source directories, that shouldn't be searched
-# for source files.
-#exclude_dirs = []
-
-# The reST default role (used for this markup: `text`) to use for all documents.
-#default_role = None
-
-# If true, '()' will be appended to :func: etc. cross-reference text.
-#add_function_parentheses = True
-
-# If true, the current module name will be prepended to all description
-# unit titles (such as .. function::).
-#add_module_names = True
-
-# If true, sectionauthor and moduleauthor directives will be shown in the
-# output. They are ignored by default.
-#show_authors = False
-
-# The name of the Pygments (syntax highlighting) style to use.
-pygments_style = 'sphinx'
-
-
-# Options for HTML output
-# -----------------------
-
-# The style sheet to use for HTML and HTML Help pages. A file of that name
-# must exist either in Sphinx' static/ path, or in one of the custom paths
-# given in html_static_path.
-html_style = 'default.css'
-
-# The name for this set of Sphinx documents. If None, it defaults to
-# "<project> v<release> documentation".
-#html_title = None
-
-# A shorter title for the navigation bar. Default is the same as html_title.
-#html_short_title = None
-
-# The name of an image file (within the static path) to place at the top of
-# the sidebar.
-#html_logo = None
-
-# The name of an image file (within the static path) to use as favicon of the
-# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32
-# pixels large.
-#html_favicon = None
-
-# Add any paths that contain custom static files (such as style sheets) here,
-# relative to this directory. They are copied after the builtin static files,
-# so a file named "default.css" will overwrite the builtin "default.css".
-html_static_path = ['_static']
-
-# If not '', a 'Last updated on:' timestamp is inserted at every page bottom,
-# using the given strftime format.
-html_last_updated_fmt = '%b %d, %Y'
-
-# If true, SmartyPants will be used to convert quotes and dashes to
-# typographically correct entities.
-#html_use_smartypants = True
-
-# Custom sidebar templates, maps document names to template names.
-#html_sidebars = {}
-
-# Additional templates that should be rendered to pages, maps page names to
-# template names.
-#html_additional_pages = {}
-
-# If false, no module index is generated.
-html_use_modindex = False
-
-# If false, no index is generated.
-#html_use_index = True
-
-# If true, the index is split into individual pages for each letter.
-html_split_index = False
-
-# If true, the reST sources are included in the HTML build as _sources/<name>.
-html_copy_source = False
-
-# If true, an OpenSearch description file will be output, and all pages will
-# contain a <link> tag referring to it. The value of this option must be the
-# base URL from which the finished HTML is served.
-#html_use_opensearch = ''
-
-# If nonempty, this is the file name suffix for HTML files (e.g. ".xhtml").
-#html_file_suffix = ''
-
-# Output file base name for HTML help builder.
-htmlhelp_basename = 'ldnsdoc'
-
-
-# Options for LaTeX output
-# ------------------------
-
-# The paper size ('letter' or 'a4').
-#latex_paper_size = 'letter'
-
-# The font size ('10pt', '11pt' or '12pt').
-#latex_font_size = '10pt'
-
-# Grouping the document tree into LaTeX files. List of tuples
-# (source start file, target name, title, author, document class [howto/manual]).
-latex_documents = [
- ('index', 'ldns-doc.tex', 'LDNS Documentation',
- 'Karel Slany, Zdenek Vasicek', 'manual'),
-]
-
-# The name of an image file (relative to this directory) to place at the top of
-# the title page.
-#latex_logo = None
-
-# For "manual" documents, if this is true, then toplevel headings are parts,
-# not chapters.
-#latex_use_parts = False
-
-# Additional stuff for the LaTeX preamble.
-#latex_preamble = ''
-
-# Documents to append as an appendix to all manuals.
-#latex_appendices = []
-
-# If false, no module index is generated.
-#latex_use_modindex = True
+++ /dev/null
-Resolving the MX records
-==============================
-
-This basic example shows how to create a resolver which asks for MX records which contain the information about mail servers.
-
-::
-
- #!/usr/bin/python
- #
- # MX is a small program that prints out the mx records for a particular domain
- #
- import ldns
-
- resolver = ldns.ldns_resolver.new_frm_file("/etc/resolv.conf")
-
- dname = ldns.ldns_dname("nic.cz")
-
- pkt = resolver.query(dname, ldns.LDNS_RR_TYPE_MX, ldns.LDNS_RR_CLASS_IN, ldns.LDNS_RD)
- if (pkt):
- mx = pkt.rr_list_by_type(ldns.LDNS_RR_TYPE_MX, ldns.LDNS_SECTION_ANSWER)
- if (mx):
- mx.sort()
- print mx
-
-Resolving step by step
-------------------------
-
-First of all we import :mod:`ldns` extension module which make LDNS functions and classes accessible::
-
- import ldns
-
-If importing fails, it means that Python cannot find the module or ldns library.
-
-Then we create the resolver by :meth:`ldns.ldns_resolver.new_frm_file` constructor ::
-
- resolver = ldns.ldns_resolver.new_frm_file("/etc/resolv.conf")
-
-and domain name variable dname::
-
- dname = ldns.ldns_dname("nic.cz")
-
-To create a resolver you may also use::
-
- resolver = ldns.ldns_resolver.new_frm_file(None)
-
-which behaves in the same manner as the command above.
-
-In the third step we tell the resolver to query for our domain, type MX, of class IN::
-
- pkt = resolver.query(dname, ldns.LDNS_RR_TYPE_MX, ldns.LDNS_RR_CLASS_IN, ldns.LDNS_RD)
-
-The function should return a packet if everything goes well and this packet will contain resource records we asked for.
-Note that there exists a simplier way. Instead of using a dname variable, we can use a string which will be automatically converted.
-::
-
- pkt = resolver.query("fit.vutbr.cz", ldns.LDNS_RR_TYPE_MX, ldns.LDNS_RR_CLASS_IN, ldns.LDNS_RD)
-
-Now, we test whether the resolver returns a packet and then get all RRs of type MX from the answer packet and store them in list mx::
-
- if (pkt):
- mx = pkt.rr_list_by_type(ldns.LDNS_RR_TYPE_MX, ldns.LDNS_SECTION_ANSWER)
-
-If this list is not empty, we sort and print the content to stdout::
-
- if (mx):
- mx.sort()
- print mx
-
+++ /dev/null
-#!/usr/bin/python
-# -*- coding: utf-8 -*-
-import ldns
-import sys
-
-debug = True
-
-# Check args
-argc = len(sys.argv)
-name = "www.nic.cz"
-if argc < 2:
- print "Usage:", sys.argv[0], "domain [resolver_addr]"
- sys.exit(1)
-else:
- name = sys.argv[1]
-
-# Create resolver
-resolver = ldns.ldns_resolver.new_frm_file("/etc/resolv.conf")
-resolver.set_dnssec(True)
-
-# Custom resolver
-if argc > 2:
- # Clear previous nameservers
- ns = resolver.pop_nameserver()
- while ns != None:
- ns = resolver.pop_nameserver()
- ip = ldns.ldns_rdf.new_frm_str(sys.argv[2], ldns.LDNS_RDF_TYPE_A)
- resolver.push_nameserver(ip)
-
-# Resolve DNS name
-pkt = resolver.query(name, ldns.LDNS_RR_TYPE_A, ldns.LDNS_RR_CLASS_IN)
-if pkt and pkt.answer():
-
- # Debug
- if debug:
- print "NS returned:", pkt.get_rcode(), "(AA: %d AD: %d)" % ( pkt.ad(), pkt.ad() )
-
- # SERVFAIL indicated bogus name
- if pkt.get_rcode() is ldns.LDNS_RCODE_SERVFAIL:
- print name, "is bogus"
-
- # Check AD (Authenticated) bit
- if pkt.get_rcode() is ldns.LDNS_RCODE_NOERROR:
- if pkt.ad(): print name, "is secure"
- else: print name, "is insecure"
+++ /dev/null
-.. _ex_dnssec:
-
-Querying DNS-SEC validators
-===========================
-
-This basic example shows how to query validating resolver and
-evaluate answer.
-
-Resolving step by step
-------------------------
-
-For DNS queries, we need to initialize ldns resolver (covered in previous example).
-
-::
-
- # Create resolver
- resolver = ldns.ldns_resolver.new_frm_file("/etc/resolv.conf")
- resolver.set_dnssec(True)
-
- # Custom resolver
- if argc > 2:
- # Clear previous nameservers
- ns = resolver.pop_nameserver()
- while ns != None:
- ns = resolver.pop_nameserver()
- ip = ldns.ldns_rdf.new_frm_str(sys.argv[2], ldns.LDNS_RDF_TYPE_A)
- resolver.push_nameserver(ip)
-
-Note the second line :meth:`resolver.set_dnssec`, which enables DNSSEC OK bit
-in queries in order to get meaningful results.
-
-As we have resolver initialized, we can start querying for domain names :
-
-::
-
- # Resolve DNS name
- pkt = resolver.query(name, ldns.LDNS_RR_TYPE_A, ldns.LDNS_RR_CLASS_IN)
- if pkt and pkt.answer():
-
-Now we evaluate result, where two flags are crucial :
-
- * Return code
- * AD flag (authenticated)
-
-When return code is `SERVFAIL`, it means that validating resolver marked requested
-name as **bogus** (or bad configuration).
-
-**AD** flag is set if domain name is authenticated **(secure)** or false if
-it's insecure.
-
-Complete source code
---------------------
-
- .. literalinclude:: ../../../examples/ldns-dnssec.py
- :language: python
-
-
-Testing
--------
-
-In order to get meaningful results, you have to enter IP address of validating
-resolver or setup your own (see howto).
-
-Execute `./example2.py` with options `domain name` and `resolver IP`,
-example:
-
-::
-
- user@localhost# ./example2.py www.dnssec.cz 127.0.0.1 # Secure (Configured Unbound running on localhost)
- user@localhost# ./example2.py www.rhybar.cz 127.0.0.1 # Bogus
-
-Howto setup Unbound as validating resolver
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-Install Unbound according to instructions.
-Modify following options in `unbound.conf` (located in `/etc` or `/usr/local/etc`)/
-
-
-Uncomment `module-config` and set `validator` before iterator.
-
-::
-
- module-config: "validator iterator"
-
-Download DLV keys and update path in `unbound.conf`::
-
- # DLV keys
- # Download from http://ftp.isc.org/www/dlv/dlv.isc.org.key
- dlv-anchor-file: "/usr/local/etc/unbound/dlv.isc.org.key"
-
-Update trusted keys (`.cz` for example)::
-
- # Trusted keys
- # For current key, see www.dnssec.cz
- trusted-keys-file: "/usr/local/etc/unbound/trusted.key"
-
-Now you should have well configured Unbound, so run it::
-
- user@localhost# unbound -dv
-
+++ /dev/null
-High-level functions
-===========================
-
-This basic example shows how to get name by addr and vice versa.
-
-.. literalinclude:: ../../../examples/ldns-higher.py
- :language: python
+++ /dev/null
-AXFR client with IDN support
-===============================
-
-This example shows how to get AXFR working and how to get involved Internationalized Domain Names (IDN)
-
-.. literalinclude:: ../../../examples/ldns-axfr.py
- :language: python
+++ /dev/null
-Examine the results
-===============================
-
-This example shows how to go through the obtained results
-
-.. literalinclude:: ../../../examples/ldns-mx2.py
- :language: python
-
-This snippet of code prints::
-
- nic.cz. 1761 IN MX 20 mx.cznic.org.
- nic.cz. 1761 IN MX 10 mail.nic.cz.
- nic.cz. 1761 IN MX 15 mail4.nic.cz.
-
+++ /dev/null
-Read zone file
-===============================
-
-This example shows how to read the content of a zone file
-
-.. literalinclude:: ../../../examples/ldns-zone.py
- :language: python
-
-Zone file ``zone.txt``:
-
-.. literalinclude:: ../../../examples/zone.txt
-
+++ /dev/null
-Generate public/private key pair
-=======================================
-
-This example shows how generate keys for DNSSEC (i.e. for signing a zone file according DNSSECbis).
-
-.. literalinclude:: ../../../examples/ldns-keygen.py
- :language: python
-
+++ /dev/null
-Signing of a zone file
-===============================
-
-This example shows how to sign the content of the given zone file
-
-.. literalinclude:: ../../../examples/ldns-signzone.py
- :language: python
-
-In order to be able sign a zone file, you have to generate a key-pair using ``ldns-keygen.py``. Don't forget to modify tag number.
-
-Signing consists of three steps
-
-1. In the first step, the content of a zone file is readed and parsed. This can be done using :class:`ldns.ldns_zone` class.
-
-2. In the second step, the private and public key is readed and public key is inserted into zone (as DNSKEY).
-
-3. In the last step, the DNSSEC zone instace is created and all the RRs from zone file are copied here. Then, all the records are signed using :meth:`ldns.ldns_zone.sign` method. If the signing was successfull, the content of DNSSEC zone is written to a file.
+++ /dev/null
-Tutorials
-==============================
-
-Here you can find a set of simple applications which utilizes the ldns library in Python environment.
-
-`Tutorials`
-
-.. toctree::
- :maxdepth: 1
- :glob:
-
- example*
+++ /dev/null
-PyLDNS documentation
-=======================================
-
-PyLDNS provides an `LDNS`_ wrapper (Python extension module) - the thinnest layer over the library possible. Everything you can do from the C API, you can do from Python, but with less effort. The purpose of porting LDNS library to Python is to simplify DNS programming and usage of LDNS, however, still preserve the performance of this library as the speed represents the main benefit of LDNS. The proposed object approach allows the users to be concentrated at the essential part of application only and don't bother with deallocation of objects and so on.
-
-.. _LDNS: http://www.nlnetlabs.nl/projects/ldns/
-
-Contents
-----------
-.. toctree::
- :maxdepth: 2
-
- install.rst
- examples/index.rst
- modules/ldns
-
-Indices and tables
--------------------
-
-* :ref:`genindex`
-* :ref:`search`
-
+++ /dev/null
-Installation
-===================================
-
-**Prerequisites**
-
-Python 2.4 or higher, SWIG 1.3 or higher, GNU make
-
-**Download**
-
-You can download the source codes `here`_.
-The latest release is 1.4.1, Jan 15, 2009.
-
-.. _here: ldns-1.4.1-py.tar.gz
-
-**Compiling**
-
-After downloading, you can compile the library by doing::
-
- > tar -xzf ldns-1.4.1-py.tar.gz
- > cd ldns-1.4.1
- > ./configure --with-pyldns
- > make
-
-You need GNU make to compile pyLDNS; SWIG and Python development libraries to compile extension module.
-
-
-**Testing**
-
-If the compilation is successfull, you can test the python LDNS extension module by::
-
- > cd contrib/python
- > make testenv
- > ./ldns-mx.py
-
-This will start a new shell, during which the symbolic links will be working.
-When you exit the shell, then symbolic links will be deleted.
-
-In ``contrib/examples`` you can find many simple applications in python which demostrates the capabilities of LDNS library.
-
-**Installation**
-
-To install libraries and extension type::
-
- > cd ldns-1.4.1
- > make install
-
+++ /dev/null
-LDNS module documentation
-================================
-
-Here you can find the documentation of pyLDNS extension module. This module consists of several classes and a couple of functions.
-
-.. toctree::
- :maxdepth: 1
- :glob:
-
- ldns_resolver
- ldns_pkt
- ldns_rr
- ldns_rdf
- ldns_dname
- ldns_rr_list
- ldns_zone
- ldns_key
- ldns_key_list
- ldns_buffer
- ldns_dnssec
- ldns_func
-
-
-
-
-**Differences against libLDNS**
-
-* You don't need to use ldns-compare functions, instances can be compared using standard operators <, >, = ::
-
- if (some_rr.owner() == another_rr.rdf(1)):
- pass
-
-* Classes contain static methods that create new instances, the name of these methods starts with the new\_ prefix (e.g. :meth:`ldns.ldns_pkt.new_frm_file`).
-
-* Is it possible to print the content of an object using ``print objinst`` (see :meth:`ldns.ldns_resolver.get_addr_by_name`).
-
-* Classes contain write_to_buffer method that writes the content into buffer.
-
-* All the methods that consume parameter of (const ldns_rdf) type allows to use string instead (see :meth:`ldns.ldns_resolver.query`).
-
+++ /dev/null
-Class ldns_buffer
-================================
-
-
-.. automodule:: ldns
-
-Class ldns_buffer
-------------------------------
-.. autoclass:: ldns_buffer
- :members:
- :undoc-members:
+++ /dev/null
-Class ldns_dname
-================================
-
-
-.. automodule:: ldns
-
-Class ldns_dname
-------------------------------
-.. autoclass:: ldns_dname
- :members:
- :undoc-members:
+++ /dev/null
-Class ldns_dnssec_zone
-================================
-
-.. automodule:: ldns
-
-Class ldns_dnssec_zone
-------------------------------
-.. autoclass:: ldns_dnssec_zone
- :members:
- :undoc-members:
-
-Class ldns_dnssec_name
-------------------------------
-.. autoclass:: ldns_dnssec_name
- :members:
- :undoc-members:
-
-Class ldns_dnssec_rrsets
-------------------------------
-.. autoclass:: ldns_dnssec_rrsets
- :members:
- :undoc-members:
-
-Class ldns_dnssec_rrs
-------------------------------
-.. autoclass:: ldns_dnssec_rrs
- :members:
- :undoc-members:
+++ /dev/null
-Various functions
-================================
-
-Here you can find list of functions that are not assigned to the classes.
-These functions have the same parameters as LDNS functions of the same name.
-You are encouraged to read the LDNS documentation.
-
-**List of functions**
-
- * ldns_algorithm2buffer_str
- * ldns_bget_keyword_data
- * ldns_bget_token
- * ldns_bgetc
- * ldns_bskipcs
- * ldns_bubblebabble
- * ldns_buffer2pkt_wire
- * ldns_buffer2str
- * ldns_calc_keytag
- * ldns_calc_keytag_raw
- * ldns_cert_algorithm2buffer_str
- * ldns_convert_dsa_rrsig_asn12rdf
- * ldns_convert_dsa_rrsig_rdf2asn1
- * ldns_create_nsec
- * ldns_create_nsec3
- * ldns_dname2buffer_wire
- * ldns_dname2canonical
- * ldns_dnssec_build_data_chain
- * ldns_dnssec_chain_nsec3_list
- * ldns_dnssec_create_nsec
- * ldns_dnssec_create_nsec3
- * ldns_dnssec_create_nsec_bitmap
- * ldns_dnssec_data_chain_deep_free
- * ldns_dnssec_data_chain_free
- * ldns_dnssec_data_chain_new
- * ldns_dnssec_data_chain_print
- * ldns_dnssec_default_add_to_signatures
- * ldns_dnssec_default_delete_signatures
- * ldns_dnssec_default_leave_signatures
- * ldns_dnssec_default_replace_signatures
- * ldns_dnssec_derive_trust_tree
- * ldns_dnssec_derive_trust_tree_dnskey_rrset
- * ldns_dnssec_derive_trust_tree_ds_rrset
- * ldns_dnssec_derive_trust_tree_no_sig
- * ldns_dnssec_derive_trust_tree_normal_rrset
- * ldns_dnssec_get_dnskey_for_rrsig
- * ldns_dnssec_get_rrsig_for_name_and_type
- * ldns_dnssec_nsec3_closest_encloser
- * ldns_dnssec_pkt_get_rrsigs_for_name_and_type
- * ldns_dnssec_pkt_get_rrsigs_for_type
- * ldns_dnssec_pkt_has_rrsigs
- * ldns_dnssec_remove_signatures
- * ldns_dnssec_trust_tree_add_parent
- * ldns_dnssec_trust_tree_contains_keys
- * ldns_dnssec_trust_tree_depth
- * ldns_dnssec_trust_tree_free
- * ldns_dnssec_trust_tree_new
- * ldns_dnssec_trust_tree_print
- * ldns_dnssec_verify_denial
- * ldns_dnssec_verify_denial_nsec3
- * ldns_fetch_valid_domain_keys
- * ldns_fget_keyword_data
- * ldns_fget_keyword_data_l
- * ldns_fget_token
- * ldns_fget_token_l
- * ldns_fskipcs
- * ldns_fskipcs_l
- * ldns_get_bit
- * ldns_get_bit_r
- * ldns_get_errorstr_by_id
- * ldns_get_rr_class_by_name
- * ldns_get_rr_list_addr_by_name
- * ldns_get_rr_list_hosts_frm_file
- * ldns_get_rr_list_hosts_frm_fp
- * ldns_get_rr_list_hosts_frm_fp_l
- * ldns_get_rr_list_name_by_addr
- * ldns_get_rr_type_by_name
- * ldns_getaddrinfo
- * ldns_hexdigit_to_int
- * ldns_hexstring_to_data
- * ldns_init_random
- * ldns_int_to_hexdigit
- * ldns_is_rrset
- * ldns_key2buffer_str
- * ldns_key2rr
- * ldns_key2str
- * ldns_lookup_by_id
- * ldns_lookup_by_name
- * ldns_native2rdf_int16
- * ldns_native2rdf_int16_data
- * ldns_native2rdf_int32
- * ldns_native2rdf_int8
- * ldns_nsec3_add_param_rdfs
- * ldns_nsec3_algorithm
- * ldns_nsec3_bitmap
- * ldns_nsec3_flags
- * ldns_nsec3_hash_name
- * ldns_nsec3_hash_name_frm_nsec3
- * ldns_nsec3_iterations
- * ldns_nsec3_next_owner
- * ldns_nsec3_optout
- * ldns_nsec3_salt
- * ldns_nsec3_salt_data
- * ldns_nsec3_salt_length
- * ldns_nsec_bitmap_covers_type
- * ldns_nsec_covers_name
- * ldns_nsec_get_bitmap
- * ldns_nsec_type_check
- * ldns_octet
- * ldns_pkt2buffer_str
- * ldns_pkt2buffer_wire
- * ldns_pkt2str
- * ldns_pkt2wire
- * ldns_pktheader2buffer_str
- * ldns_power
- * ldns_print_rr_rdf
- * ldns_rbtree_create
- * ldns_rbtree_delete
- * ldns_rbtree_find_less_equal
- * ldns_rbtree_first
- * ldns_rbtree_free
- * ldns_rbtree_init
- * ldns_rbtree_insert
- * ldns_rbtree_insert_vref
- * ldns_rbtree_last
- * ldns_rbtree_next
- * ldns_rbtree_previous
- * ldns_rbtree_search
- * ldns_rdf2buffer_str
- * ldns_rdf2buffer_str_a
- * ldns_rdf2buffer_str_aaaa
- * ldns_rdf2buffer_str_alg
- * ldns_rdf2buffer_str_apl
- * ldns_rdf2buffer_str_b64
- * ldns_rdf2buffer_str_cert_alg
- * ldns_rdf2buffer_str_class
- * ldns_rdf2buffer_str_dname
- * ldns_rdf2buffer_str_hex
- * ldns_rdf2buffer_str_int16
- * ldns_rdf2buffer_str_int16_data
- * ldns_rdf2buffer_str_ipseckey
- * ldns_rdf2buffer_str_loc
- * ldns_rdf2buffer_str_nsap
- * ldns_rdf2buffer_str_nsec
- * ldns_rdf2buffer_str_period
- * ldns_rdf2buffer_str_str
- * ldns_rdf2buffer_str_tsig
- * ldns_rdf2buffer_str_tsigtime
- * ldns_rdf2buffer_str_type
- * ldns_rdf2buffer_str_unknown
- * ldns_rdf2buffer_str_wks
- * ldns_rdf2buffer_wire
- * ldns_rdf2buffer_wire_canonical
- * ldns_rdf2native_int16
- * ldns_rdf2native_int32
- * ldns_rdf2native_int8
- * ldns_rdf2native_sockaddr_storage
- * ldns_rdf2native_time_t
- * ldns_rdf2rr_type
- * ldns_rdf2str
- * ldns_rdf2wire
- * ldns_read_anchor_file
- * ldns_read_uint16
- * ldns_read_uint32
- * ldns_rr2buffer_str
- * ldns_rr2buffer_wire
- * ldns_rr2buffer_wire_canonical
- * ldns_rr2canonical
- * ldns_rr2str
- * ldns_rr2wire
- * ldns_rrsig2buffer_wire
- * ldns_send
- * ldns_send_buffer
- * ldns_set_bit
- * ldns_sign_public
- * ldns_sockaddr_storage2rdf
- * ldns_str2period
- * ldns_str2rdf_a
- * ldns_str2rdf_aaaa
- * ldns_str2rdf_alg
- * ldns_str2rdf_apl
- * ldns_str2rdf_b32_ext
- * ldns_str2rdf_b64
- * ldns_str2rdf_cert_alg
- * ldns_str2rdf_class
- * ldns_str2rdf_dname
- * ldns_str2rdf_hex
- * ldns_str2rdf_int16
- * ldns_str2rdf_int32
- * ldns_str2rdf_int8
- * ldns_str2rdf_loc
- * ldns_str2rdf_nsap
- * ldns_str2rdf_nsec
- * ldns_str2rdf_nsec3_salt
- * ldns_str2rdf_period
- * ldns_str2rdf_service
- * ldns_str2rdf_str
- * ldns_str2rdf_time
- * ldns_str2rdf_tsig
- * ldns_str2rdf_type
- * ldns_str2rdf_unknown
- * ldns_str2rdf_wks
- * ldns_tcp_bgsend
- * ldns_tcp_connect
- * ldns_tcp_read_wire
- * ldns_tcp_send
- * ldns_tcp_send_query
- * ldns_traverse_postorder
- * ldns_tsig_algorithm
- * ldns_tsig_keydata
- * ldns_tsig_keydata_clone
- * ldns_tsig_keyname
- * ldns_tsig_keyname_clone
- * ldns_udp_bgsend
- * ldns_udp_connect
- * ldns_udp_read_wire
- * ldns_udp_send
- * ldns_udp_send_query
- * ldns_update_pkt_new
- * ldns_update_pkt_tsig_add
- * ldns_update_prcount
- * ldns_update_set_adcount
- * ldns_update_set_prcount
- * ldns_update_set_upcount
- * ldns_update_soa_mname
- * ldns_update_soa_zone_mname
- * ldns_update_upcount
- * ldns_update_zocount
- * ldns_validate_domain_dnskey
- * ldns_validate_domain_ds
- * ldns_verify
- * ldns_verify_rrsig
- * ldns_verify_rrsig_buffers
- * ldns_verify_rrsig_buffers_raw
- * ldns_verify_rrsig_dsa
- * ldns_verify_rrsig_dsa_raw
- * ldns_verify_rrsig_keylist
- * ldns_verify_rrsig_rsamd5
- * ldns_verify_rrsig_rsamd5_raw
- * ldns_verify_rrsig_rsasha1
- * ldns_verify_rrsig_rsasha1_raw
- * ldns_verify_rrsig_rsasha256_raw
- * ldns_verify_rrsig_rsasha512_raw
- * ldns_verify_trusted
- * ldns_version
- * ldns_wire2dname
- * ldns_wire2pkt
- * ldns_wire2rdf
- * ldns_wire2rr
- * ldns_write_uint16
- * ldns_write_uint32
- * ldns_write_uint64_as_uint48
- * mktime_from_utc
- * qsort_rr_compare_nsec3
+++ /dev/null
-Class ldns_key
-================================
-
-
-.. automodule:: ldns
-
-Class ldns_key
-------------------------------
-.. autoclass:: ldns_key
- :members:
- :undoc-members:
+++ /dev/null
-Class ldns_key_list
-================================
-
-
-.. automodule:: ldns
-
-Class ldns_key_list
-------------------------------
-.. autoclass:: ldns_key_list
- :members:
- :undoc-members:
+++ /dev/null
-Class ldns_pkt
-================================
-
-
-.. automodule:: ldns
-
-Class ldns_pkt
-------------------------------
-.. autoclass:: ldns_pkt
- :members:
- :undoc-members:
+++ /dev/null
-Class ldns_rdf
-================================
-
-
-.. automodule:: ldns
-
-Class ldns_rdf
-------------------------------
-.. autoclass:: ldns_rdf
- :members:
- :undoc-members:
-
-Predefined constants
-------------------------------
-
-**RDF TYPE**
- * LDNS_RDF_TYPE_NONE,
- * LDNS_RDF_TYPE_DNAME,
- * LDNS_RDF_TYPE_INT8,
- * LDNS_RDF_TYPE_INT16,
- * LDNS_RDF_TYPE_INT32,
- * LDNS_RDF_TYPE_A,
- * LDNS_RDF_TYPE_AAAA,
- * LDNS_RDF_TYPE_STR,
- * LDNS_RDF_TYPE_APL,
- * LDNS_RDF_TYPE_B32_EXT,
- * LDNS_RDF_TYPE_B64,
- * LDNS_RDF_TYPE_HEX,
- * LDNS_RDF_TYPE_NSEC,
- * LDNS_RDF_TYPE_TYPE,
- * LDNS_RDF_TYPE_CLASS,
- * LDNS_RDF_TYPE_CERT_ALG,
- * LDNS_RDF_TYPE_ALG,
- * LDNS_RDF_TYPE_UNKNOWN,
- * LDNS_RDF_TYPE_TIME,
- * LDNS_RDF_TYPE_PERIOD,
- * LDNS_RDF_TYPE_TSIGTIME,
- * LDNS_RDF_TYPE_TSIG,
- * LDNS_RDF_TYPE_INT16_DATA,
- * LDNS_RDF_TYPE_SERVICE,
- * LDNS_RDF_TYPE_LOC,
- * LDNS_RDF_TYPE_WKS,
- * LDNS_RDF_TYPE_NSAP,
- * LDNS_RDF_TYPE_IPSECKEY,
- * LDNS_RDF_TYPE_NSEC3_SALT,
- * LDNS_RDF_TYPE_NSEC3_NEXT_OWNER
-
+++ /dev/null
-Class ldns_resolver
-================================
-
-.. automodule:: ldns
-
-Class ldns_resolver
-------------------------------
-.. autoclass:: ldns_resolver
- :members:
- :undoc-members:
-
-
-
+++ /dev/null
-Class ldns_rr
-================================
-
-
-.. automodule:: ldns
-
-Class ldns_rr
-------------------------------
-.. autoclass:: ldns_rr
- :members:
- :undoc-members:
-
-Class ldns_rr_descriptor
-------------------------------
-.. autoclass:: ldns_rr_descriptor
- :members:
- :undoc-members:
-
+++ /dev/null
-Class ldns_rr_list
-================================
-
-
-.. automodule:: ldns
-
-Class ldns_rr_list
-------------------------------
-.. autoclass:: ldns_rr_list
- :members:
- :undoc-members:
+++ /dev/null
-Class ldns_zone
-================================
-
-
-.. automodule:: ldns
-
-Class ldns_zone
-------------------------------
-.. autoclass:: ldns_zone
- :members:
- :undoc-members:
+++ /dev/null
-#!/usr/bin/python
-# vim:fileencoding=utf-8
-#
-# AXFR client with IDN (Internationalized Domain Names) support
-#
-
-import ldns
-import encodings.idna
-
-def utf2name(name):
- return '.'.join([encodings.idna.ToASCII(a) for a in name.split('.')])
-def name2utf(name):
- return '.'.join([encodings.idna.ToUnicode(a) for a in name.split('.')])
-
-
-resolver = ldns.ldns_resolver.new_frm_file("/etc/resolv.conf")
-
-#addr = ldns.ldns_get_rr_list_addr_by_name(resolver, "zone.nic.cz", ldns.LDNS_RR_CLASS_IN, ldns.LDNS_RD);
-addr = resolver.get_addr_by_name("zone.nic.cz", ldns.LDNS_RR_CLASS_IN, ldns.LDNS_RD);
-if (not addr):
- raise Exception("Can't retrieve server address")
-
-print "Addr_by_name:",str(addr).replace("\n","; ")
-
-#remove all nameservers
-while resolver.pop_nameserver():
- pass
-
-#insert server addr
-for rr in addr.rrs():
- resolver.push_nameserver_rr(rr)
-
-#AXFR transfer
-status = resolver.axfr_start(utf2name(u"háčkyčárky.cz"), ldns.LDNS_RR_CLASS_IN)
-if status != ldns.LDNS_STATUS_OK:
- raise Exception("Can't start AXFR. Error: %s" % ldns.ldns_get_errorstr_by_id(status))
-
-#Print results
-while True:
- rr = resolver.axfr_next()
- if not rr:
- break
-
- rdf = rr.owner()
- if (rdf.get_type() == ldns.LDNS_RDF_TYPE_DNAME):
- print "RDF owner: type=",rdf.get_type_str(),"data=",name2utf(str(rdf))
- else:
- print "RDF owner: type=",rdf.get_type_str(),"data=",str(rdf)
- print " RR type=", rr.get_type_str()," ttl=",rr.ttl()
- for rdf in rr.rdfs():
- if (rdf.get_type() == ldns.LDNS_RDF_TYPE_DNAME):
- print " RDF: type=",rdf.get_type_str(),"data=",name2utf(str(rdf))
- else:
- print " RDF: type=",rdf.get_type_str(),"data=",str(rdf)
-
- print
+++ /dev/null
-#!/usr/bin/python
-
-import ldns
-
-buf = ldns.ldns_buffer(1024)
-buf.printf("Test buffer")
-print buf
-
+++ /dev/null
-#!/usr/bin/python
-# -*- coding: utf-8 -*-
-import ldns
-import sys
-
-debug = True
-
-# Check args
-argc = len(sys.argv)
-name = "www.nic.cz"
-if argc < 2:
- print "Usage:", sys.argv[0], "domain [resolver_addr]"
- sys.exit(1)
-else:
- name = sys.argv[1]
-
-# Create resolver
-resolver = ldns.ldns_resolver.new_frm_file("/etc/resolv.conf")
-resolver.set_dnssec(True)
-
-# Custom resolver
-if argc > 2:
- # Clear previous nameservers
- ns = resolver.pop_nameserver()
- while ns != None:
- ns = resolver.pop_nameserver()
- ip = ldns.ldns_rdf.new_frm_str(sys.argv[2], ldns.LDNS_RDF_TYPE_A)
- resolver.push_nameserver(ip)
-
-# Resolve DNS name
-pkt = resolver.query(name, ldns.LDNS_RR_TYPE_A, ldns.LDNS_RR_CLASS_IN)
-if pkt and pkt.answer():
-
- # Debug
- if debug:
- print "NS returned:", pkt.get_rcode(), "(AA: %d AD: %d)" % ( pkt.ad(), pkt.ad() )
-
- # SERVFAIL indicated bogus name
- if pkt.get_rcode() is ldns.LDNS_RCODE_SERVFAIL:
- print name, "is bogus"
-
- # Check AD (Authenticated) bit
- if pkt.get_rcode() is ldns.LDNS_RCODE_NOERROR:
- if pkt.ad(): print name, "is secure"
- else: print name, "is insecure"
+++ /dev/null
-#!/usr/bin/python
-import ldns
-
-resolver = ldns.ldns_resolver.new_frm_file("/etc/resolv.conf")
-
-dnn = ldns.ldns_dname("www.google.com")
-print dnn.get_type_str(), dnn
-
-dna = ldns.ldns_rdf.new_frm_str("74.125.43.99",ldns.LDNS_RDF_TYPE_A)
-print dna.get_type_str(), dna
-
-name = resolver.get_name_by_addr(dna)
-if (not name): raise Exception("Can't retrieve server name")
-for rr in name.rrs():
- print rr
-
-name = resolver.get_name_by_addr("74.125.43.99")
-if (not name): raise Exception("Can't retrieve server name")
-for rr in name.rrs():
- print rr
-
-addr = resolver.get_addr_by_name(dnn)
-if (not addr): raise Exception("Can't retrieve server address")
-for rr in addr.rrs():
- print rr
-
-addr = resolver.get_addr_by_name("www.google.com")
-if (not addr): raise Exception("Can't retrieve server address")
-for rr in addr.rrs():
- print rr
-
-hosts = ldns.ldns_rr_list.new_frm_file("/etc/hosts")
-if (not hosts): raise Exception("Can't retrieve the content of file")
-for rr in hosts.rrs():
- print rr
-
+++ /dev/null
-#!/usr/bin/python
-#
-# This example shows how to generate public/private key pair
-#
-import ldns
-
-algorithm = ldns.LDNS_SIGN_DSA
-bits = 512
-
-ldns.ldns_init_random(open("/dev/random","rb"), (bits+7)//8)
-
-domain = ldns.ldns_dname("example.")
-
-#generate a new key
-key = ldns.ldns_key.new_frm_algorithm(algorithm, bits);
-print key
-
-#set owner
-key.set_pubkey_owner(domain)
-
-#create the public from the ldns_key
-pubkey = key.key_to_rr()
-#previous command is equivalent to
-# pubkey = ldns.ldns_key2rr(key)
-print pubkey
-
-#calculate and set the keytag
-key.set_keytag(ldns.ldns_calc_keytag(pubkey))
-
-#build the DS record
-ds = ldns.ldns_key_rr2ds(pubkey, ldns.LDNS_SHA1)
-print ds
-
-owner, tag = pubkey.owner(), key.keytag()
-
-#write public key to .key file
-fw = open("key-%s-%d.key" % (owner,tag), "wb")
-pubkey.print_to_file(fw)
-
-#write private key to .priv file
-fw = open("key-%s-%d.private" % (owner,tag), "wb")
-key.print_to_file(fw)
-
-#write DS to .ds file
-fw = open("key-%s-%d.ds" % (owner,tag), "wb")
-ds.print_to_file(fw)
+++ /dev/null
-#!/usr/bin/python
-#
-# MX is a small program that prints out the mx records for a particular domain
-#
-import ldns
-
-resolver = ldns.ldns_resolver.new_frm_file("/etc/resolv.conf")
-
-pkt = resolver.query("nic.cz", ldns.LDNS_RR_TYPE_MX,ldns.LDNS_RR_CLASS_IN)
-
-if (pkt):
- mx = pkt.rr_list_by_type(ldns.LDNS_RR_TYPE_MX, ldns.LDNS_SECTION_ANSWER)
- if (mx):
- mx.sort()
- print mx
+++ /dev/null
-#!/usr/bin/python
-#
-# MX is a small program that prints out the mx records for a particular domain
-#
-import ldns
-
-dname = ldns.ldns_dname("nic.cz")
-print dname
-
-resolver = ldns.ldns_resolver.new_frm_file("/etc/resolv.conf")
-
-pkt = resolver.query(dname, ldns.LDNS_RR_TYPE_MX,ldns.LDNS_RR_CLASS_IN)
-
-if (pkt):
- mx = pkt.rr_list_by_type(ldns.LDNS_RR_TYPE_MX, ldns.LDNS_SECTION_ANSWER)
- if (mx):
- mx.sort()
- print mx
+++ /dev/null
-#!/usr/bin/python
-#
-# MX is a small program that prints out the mx records for a particular domain
-#
-import ldns
-
-resolver = ldns.ldns_resolver.new_frm_file("/etc/resolv.conf")
-
-pkt = resolver.query("nic.cz", ldns.LDNS_RR_TYPE_MX,ldns.LDNS_RR_CLASS_IN)
-if (pkt) and (pkt.answer()):
-
- for rr in pkt.answer().rrs():
- if (rr.get_type() != ldns.LDNS_RR_TYPE_MX):
- continue
-
- rdf = rr.owner()
- print rdf," ",rr.ttl()," ",rr.get_class_str()," ",rr.get_type_str()," ",
- print " ".join(str(rdf) for rdf in rr.rdfs())
-
+++ /dev/null
-#!/usr/bin/python
-
-import ldns
-
-pkt = ldns.ldns_pkt.new_query_frm_str("www.google.com",ldns.LDNS_RR_TYPE_ANY, ldns.LDNS_RR_CLASS_IN, ldns.LDNS_QR | ldns.LDNS_AA)
-
-rra = ldns.ldns_rr.new_frm_str("www.google.com. IN A 192.168.1.1",300)
-rrb = ldns.ldns_rr.new_frm_str("www.google.com. IN TXT Some\ Description",300)
-
-list = ldns.ldns_rr_list()
-if (rra): list.push_rr(rra)
-if (rrb): list.push_rr(rrb)
-
-pkt.push_rr_list(ldns.LDNS_SECTION_ANSWER, list)
-
-print "Packet:"
-print pkt
+++ /dev/null
-#!/usr/bin/python
-# This example shows how to sign a given zone file with private key
-
-import ldns
-import sys, os, time
-
-#private key TAG which identifies the private key
-#use ldns-keygen.py in order to obtain private key
-keytag = 30761
-
-# Read zone file
-#-------------------------------------------------------------
-
-zone = ldns.ldns_zone.new_frm_fp(open("zone.txt","r"), None, 0, ldns.LDNS_RR_CLASS_IN)
-soa = zone.soa()
-origin = soa.owner()
-
-# Prepare keys
-#-------------------------------------------------------------
-
-#Read private key from file
-keyfile = open("key-%s-%d.private" % (origin, keytag), "r");
-key = ldns.ldns_key.new_frm_fp(keyfile)
-
-#Read public key from file
-pubfname = "key-%s-%d.key" % (origin, keytag)
-pubkey = None
-if os.path.isfile(pubfname):
- pubkeyfile = open(pubfname, "r");
- pubkey,_,_,_ = ldns.ldns_rr.new_frm_fp(pubkeyfile)
-
-if not pubkey:
- #Create new public key
- pubkey = key.key_to_rr()
-
-#Set key expiration
-key.set_expiration(int(time.time()) + 365*60*60*24) #365 days
-
-#Set key owner (important step)
-key.set_pubkey_owner(origin)
-
-#Insert DNSKEY RR
-zone.push_rr(pubkey)
-
-# Sign zone
-#-------------------------------------------------------------
-
-#Create keylist and push private key
-keys = ldns.ldns_key_list()
-keys.push_key(key)
-
-#Add SOA
-signed_zone = ldns.ldns_dnssec_zone()
-signed_zone.add_rr(soa)
-
-#Add RRs
-for rr in zone.rrs().rrs():
- print "RR:",str(rr),
- signed_zone.add_rr(rr)
-
-added_rrs = ldns.ldns_rr_list()
-status = signed_zone.sign(added_rrs, keys)
-if (status == ldns.LDNS_STATUS_OK):
- signed_zone.print_to_file(open("zone_signed.txt","w"))
-
+++ /dev/null
-#!/usr/bin/python
-import ldns
-
-#Read zone from file
-zone = ldns.ldns_zone.new_frm_fp(open("zone.txt","r"), None, 0, ldns.LDNS_RR_CLASS_IN)
-print zone
-
-print "SOA:", zone.soa()
-for r in zone.rrs().rrs():
- print "RR:", r
-
-
-zone = ldns.ldns_zone()
-#print zone
-
+++ /dev/null
-$ORIGIN example.
-$TTL 600
-
-example. IN SOA example. admin.example. (
- 2008022501 ; serial
- 28800 ; refresh (8 hours)
- 7200 ; retry (2 hours)
- 604800 ; expire (1 week)
- 18000 ; minimum (5 hours)
- )
-
-@ IN MX 10 mail.example.
-@ IN NS ns1
-@ IN NS ns2
-@ IN A 192.168.1.1
+++ /dev/null
-/*
- * ldns.i: LDNS interface file
- *
- * Copyright (c) 2009, Zdenek Vasicek (vasicek AT fit.vutbr.cz)
- * Karel Slany (slany AT fit.vutbr.cz)
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * * Redistributions of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * * Neither the name of the organization nor the names of its
- * contributors may be used to endorse or promote products derived from this
- * software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-%module ldns
-%{
-
-#include "ldns.h"
-#include <stdio.h>
-#include <stdlib.h>
-#include <inttypes.h>
-
-#include <ldns/util.h>
-#include <ldns/buffer.h>
-#include <ldns/common.h>
-#include <ldns/dname.h>
-#include <ldns/dnssec.h>
-#include <ldns/dnssec_verify.h>
-#include <ldns/dnssec_sign.h>
-#include <ldns/error.h>
-#include <ldns/higher.h>
-#include <ldns/host2str.h>
-#include <ldns/host2wire.h>
-#include <ldns/net.h>
-#include <ldns/packet.h>
-#include <ldns/rdata.h>
-#include <ldns/resolver.h>
-#include <ldns/rr.h>
-#include <ldns/str2host.h>
-#include <ldns/tsig.h>
-#include <ldns/update.h>
-#include <ldns/wire2host.h>
-#include <ldns/rr_functions.h>
-#include <ldns/keys.h>
-#include <ldns/parse.h>
-#include <ldns/zone.h>
-#include <ldns/dnssec_zone.h>
-#include <ldns/rbtree.h>
-%}
-
-//#define LDNS_DEBUG
-
-%include "stdint.i" // uint_16_t is known type now
-%include "file.i" // FILE *
-%include "typemaps.i"
-
-%inline %{
-struct timeval* ldns_make_timeval(uint32_t sec, uint32_t usec)
-{
- struct timeval* res = (struct timeval*)malloc(sizeof(*res));
- res->tv_sec = sec;
- res->tv_usec = usec;
- return res;
-}
-uint32_t ldns_read_timeval_sec(struct timeval* t) {
- return (uint32_t)t->tv_sec; }
-uint32_t ldns_read_timeval_usec(struct timeval* t) {
- return (uint32_t)t->tv_usec; }
-%}
-
-%immutable ldns_struct_lookup_table::name;
-%immutable ldns_struct_rr_descriptor::_name;
-%immutable ldns_error_str;
-%immutable ldns_signing_algorithms;
-
-//new_frm_fp_l
-%apply int *OUTPUT { int *line_nr};
-%apply uint32_t *OUTPUT { uint32_t *default_ttl};
-
-%include "ldns_packet.i"
-%include "ldns_resolver.i"
-%include "ldns_rr.i"
-%include "ldns_rdf.i"
-%include "ldns_zone.i"
-%include "ldns_key.i"
-%include "ldns_buffer.i"
-%include "ldns_dnssec.i"
-
-%include <ldns/util.h>
- %include <ldns/buffer.h>
-%include <ldns/dnssec.h>
-%include <ldns/dnssec_verify.h>
- %include <ldns/dnssec_sign.h>
-%include <ldns/error.h>
-%include <ldns/higher.h>
- %include <ldns/host2str.h>
- %include <ldns/host2wire.h>
-%include <ldns/net.h>
- %include <ldns/packet.h>
- %include <ldns/rdata.h>
- %include <ldns/resolver.h>
- %include <ldns/rr.h>
-%include <ldns/str2host.h>
-%include <ldns/tsig.h>
- %include <ldns/update.h>
-%include <ldns/wire2host.h>
- %include <ldns/rr_functions.h>
- %include <ldns/keys.h>
-%include <ldns/parse.h>
- %include <ldns/zone.h>
- %include <ldns/dnssec_zone.h>
-%include <ldns/rbtree.h>
- %include <ldns/dname.h>
-
-typedef struct ldns_dnssec_name { };
-typedef struct ldns_dnssec_rrs { };
-typedef struct ldns_dnssec_rrsets { };
-typedef struct ldns_dnssec_zone { };
-// ================================================================================
-
-%include "ldns_dname.i"
-
-%inline %{
- PyObject* ldns_rr_new_frm_str_(const char *str, uint32_t default_ttl, ldns_rdf* origin, ldns_rdf* prev)
- //returns tuple (status, ldns_rr, prev)
- {
- PyObject* tuple;
-
- ldns_rdf *p_prev = prev;
- ldns_rdf **pp_prev = &p_prev;
- if (p_prev == 0) pp_prev = 0;
-
- ldns_rr *p_rr = 0;
- ldns_rr **pp_rr = &p_rr;
-
- ldns_status st = ldns_rr_new_frm_str(pp_rr, str, default_ttl, origin, pp_prev);
-
- tuple = PyTuple_New(3);
- PyTuple_SetItem(tuple, 0, SWIG_From_int(st));
- PyTuple_SetItem(tuple, 1, (st == LDNS_STATUS_OK) ?
- SWIG_NewPointerObj(SWIG_as_voidptr(p_rr), SWIGTYPE_p_ldns_struct_rr, SWIG_POINTER_OWN | 0 ) :
- Py_None);
- PyTuple_SetItem(tuple, 2, (p_prev != prev) ?
- SWIG_NewPointerObj(SWIG_as_voidptr(p_prev), SWIGTYPE_p_ldns_struct_rdf, SWIG_POINTER_OWN | 0 ) :
- Py_None);
- return tuple;
- }
-
- PyObject* ldns_rr_new_frm_fp_l_(FILE *fp, uint32_t default_ttl, ldns_rdf* origin, ldns_rdf* prev, int ret_linenr)
- //returns tuple (status, ldns_rr, [line if ret_linenr], ttl, origin, prev)
- {
- int linenr = 0;
- int *p_linenr = &linenr;
-
- uint32_t defttl = default_ttl;
- uint32_t *p_defttl = &defttl;
- if (defttl == 0) p_defttl = 0;
-
- ldns_rdf *p_origin = origin;
- ldns_rdf **pp_origin = &p_origin;
- if (p_origin == 0) pp_origin = 0;
-
- ldns_rdf *p_prev = prev;
- ldns_rdf **pp_prev = &p_prev;
- if (p_prev == 0) pp_prev = 0;
-
- ldns_rr *p_rr = 0;
- ldns_rr **pp_rr = &p_rr;
-
- ldns_status st = ldns_rr_new_frm_fp_l(pp_rr, fp, p_defttl, pp_origin, pp_prev, p_linenr);
-
- PyObject* tuple;
- tuple = PyTuple_New(ret_linenr ? 6 : 5);
- int idx = 0;
- PyTuple_SetItem(tuple, idx, SWIG_From_int(st));
- idx++;
- PyTuple_SetItem(tuple, idx, (st == LDNS_STATUS_OK) ?
- SWIG_NewPointerObj(SWIG_as_voidptr(p_rr), SWIGTYPE_p_ldns_struct_rr, SWIG_POINTER_OWN | 0 ) :
- Py_None);
- idx++;
- if (ret_linenr) {
- PyTuple_SetItem(tuple, idx, SWIG_From_int(linenr));
- idx++;
- }
- PyTuple_SetItem(tuple, idx, (defttl != default_ttl) ? SWIG_From_int(defttl) : Py_None);
- idx++;
- PyTuple_SetItem(tuple, idx, (p_origin != origin) ?
- SWIG_NewPointerObj(SWIG_as_voidptr(p_origin), SWIGTYPE_p_ldns_struct_rdf, SWIG_POINTER_OWN | 0 ) :
- Py_None);
- idx++;
- PyTuple_SetItem(tuple, idx, (p_prev != prev) ?
- SWIG_NewPointerObj(SWIG_as_voidptr(p_prev), SWIGTYPE_p_ldns_struct_rdf, SWIG_POINTER_OWN | 0 ) :
- Py_None);
- return tuple;
- }
-
- PyObject* ldns_rr_new_question_frm_str_(const char *str, ldns_rdf* origin, ldns_rdf* prev)
- //returns tuple (status, ldns_rr, prev)
- {
- PyObject* tuple;
-
- ldns_rdf *p_prev = prev;
- ldns_rdf **pp_prev = &p_prev;
- if (p_prev == 0) pp_prev = 0;
-
- ldns_rr *p_rr = 0;
- ldns_rr **pp_rr = &p_rr;
-
- ldns_status st = ldns_rr_new_question_frm_str(pp_rr, str, origin, pp_prev);
-
- tuple = PyTuple_New(3);
- PyTuple_SetItem(tuple, 0, SWIG_From_int(st));
- PyTuple_SetItem(tuple, 1, (st == LDNS_STATUS_OK) ?
- SWIG_NewPointerObj(SWIG_as_voidptr(p_rr), SWIGTYPE_p_ldns_struct_rr, SWIG_POINTER_OWN | 0 ) :
- Py_None);
- PyTuple_SetItem(tuple, 2, (p_prev != prev) ?
- SWIG_NewPointerObj(SWIG_as_voidptr(p_prev), SWIGTYPE_p_ldns_struct_rdf, SWIG_POINTER_OWN | 0 ) :
- Py_None);
- return tuple;
- }
-
-
-
-PyObject* ldns_fetch_valid_domain_keys_(const ldns_resolver * res, const ldns_rdf * domain,
- const ldns_rr_list * keys)
- //returns tuple (status, result)
- {
- PyObject* tuple;
-
- ldns_rr_list *rrl = 0;
- ldns_status st = 0;
- rrl = ldns_fetch_valid_domain_keys(res, domain, keys, &st);
-
-
- tuple = PyTuple_New(2);
- PyTuple_SetItem(tuple, 0, SWIG_From_int(st));
- PyTuple_SetItem(tuple, 1, (st == LDNS_STATUS_OK) ?
- SWIG_NewPointerObj(SWIG_as_voidptr(rrl), SWIGTYPE_p_ldns_struct_rr_list, SWIG_POINTER_OWN | 0 ) :
- Py_None);
- return tuple;
- }
-
-%}
-
-%pythoncode %{
-def ldns_fetch_valid_domain_keys(res, domain, keys):
- return _ldns.ldns_fetch_valid_domain_keys_(res, domain, keys)
-%}
-
+++ /dev/null
-/******************************************************************************
- * ldns_buffer.i: LDNS buffer class
- *
- * Copyright (c) 2009, Zdenek Vasicek (vasicek AT fit.vutbr.cz)
- * Karel Slany (slany AT fit.vutbr.cz)
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * * Redistributions of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * * Neither the name of the organization nor the names of its
- * contributors may be used to endorse or promote products derived from this
- * software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- ******************************************************************************/
-
-%typemap(in,numinputs=0,noblock=1) (ldns_buffer **)
-{
- ldns_buffer *$1_buf;
- $1 = &$1_buf;
-}
-
-/* result generation */
-%typemap(argout,noblock=1) (ldns_buffer **)
-{
- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(SWIG_as_voidptr($1_buf), SWIGTYPE_p_ldns_struct_buffer, SWIG_POINTER_OWN | 0 ));
-}
-
-%nodefaultctor ldns_struct_buffer; //no default constructor & destructor
-%nodefaultdtor ldns_struct_buffer;
-
-%delobject ldns_buffer_free;
-%newobject ldns_buffer_new;
-%newobject ldns_dname_new;
-%newobject ldns_dname_new_frm_data;
-%newobject ldns_dname_label;
-
-%rename(ldns_buffer) ldns_struct_buffer;
-
-#ifdef LDNS_DEBUG
-%rename(__ldns_buffer_free) ldns_buffer_free;
-%inline %{
-void _ldns_buffer_free (ldns_buffer* b) {
- printf("******** LDNS_BUFFER free 0x%lX ************\n", (long unsigned int)b);
- ldns_buffer_free(b);
-}
-%}
-#else
-%rename(_ldns_buffer_free) ldns_buffer_free;
-#endif
-
-%ignore ldns_struct_buffer::_position;
-%ignore ldns_struct_buffer::_limit;
-%ignore ldns_struct_buffer::_capacity;
-%ignore ldns_struct_buffer::_data;
-%ignore ldns_struct_buffer::_fixed;
-%ignore ldns_struct_buffer::_status;
-
-%extend ldns_struct_buffer {
-
- %pythoncode %{
- def __init__(self, capacity):
- """Creates a new buffer with the specified capacity.
-
- :param capacity: the size (in bytes) to allocate for the buffer
- """
- self.this = _ldns.ldns_buffer_new(capacity)
-
- __swig_destroy__ = _ldns._ldns_buffer_free
-
- def __str__(self):
- """Returns the data in the buffer as a string. Buffer data must be char * type."""
- return _ldns.ldns_buffer2str(self)
-
- def getc(self):
- """returns the next character from a buffer.
-
- Advances the position pointer with 1. When end of buffer is reached returns EOF. This is the buffer's equivalent for getc().
-
- :returns: (int) EOF on failure otherwise return the character
- """
- return _ldns.ldns_bgetc(self)
-
- #LDNS_BUFFER_METHODS_#
- def at(self,at):
- """returns a pointer to the data at the indicated position.
-
- :param at:
- position
- :returns: (uint8_t \*) the pointer to the data
- """
- return _ldns.ldns_buffer_at(self,at)
- #parameters: const ldns_buffer *,size_t,
- #retvals: uint8_t *
-
- def available(self,count):
- """checks if the buffer has count bytes available at the current position
-
- :param count:
- how much is available
- :returns: (int) true or false
- """
- return _ldns.ldns_buffer_available(self,count)
- #parameters: ldns_buffer *,size_t,
- #retvals: int
-
- def available_at(self,at,count):
- """checks if the buffer has at least COUNT more bytes available.
-
- Before reading or writing the caller needs to ensure enough space is available!
-
- :param at:
- indicated position
- :param count:
- how much is available
- :returns: (int) true or false
- """
- return _ldns.ldns_buffer_available_at(self,at,count)
- #parameters: ldns_buffer *,size_t,size_t,
- #retvals: int
-
- def begin(self):
- """returns a pointer to the beginning of the buffer (the data at position 0).
-
- :returns: (uint8_t \*) the pointer
- """
- return _ldns.ldns_buffer_begin(self)
- #parameters: const ldns_buffer *,
- #retvals: uint8_t *
-
- def capacity(self):
- """returns the number of bytes the buffer can hold.
-
- :returns: (size_t) the number of bytes
- """
- return _ldns.ldns_buffer_capacity(self)
- #parameters: ldns_buffer *,
- #retvals: size_t
-
- def clear(self):
- """clears the buffer and make it ready for writing.
-
- The buffer's limit is set to the capacity and the position is set to 0.
- """
- _ldns.ldns_buffer_clear(self)
- #parameters: ldns_buffer *,
- #retvals:
-
- def copy(self,bfrom):
- """Copy contents of the other buffer to this buffer.
-
- Silently truncated if this buffer is too small.
-
- :param bfrom: other buffer
- """
- _ldns.ldns_buffer_copy(self,bfrom)
- #parameters: ldns_buffer *,ldns_buffer *,
- #retvals:
-
- def current(self):
- """returns a pointer to the data at the buffer's current position.
-
- :returns: (uint8_t \*) the pointer
- """
- return _ldns.ldns_buffer_current(self)
- #parameters: ldns_buffer *,
- #retvals: uint8_t *
-
- def end(self):
- """returns a pointer to the end of the buffer (the data at the buffer's limit).
-
- :returns: (uint8_t \*) the pointer
- """
- return _ldns.ldns_buffer_end(self)
- #parameters: ldns_buffer *,
- #retvals: uint8_t *
-
- def export(self):
- """Makes the buffer fixed and returns a pointer to the data.
-
- The caller is responsible for free'ing the result.
-
- :returns: (void \*) void
- """
- return _ldns.ldns_buffer_export(self)
- #parameters: ldns_buffer *,
- #retvals: void *
-
- def flip(self):
- """makes the buffer ready for reading the data that has been written to the buffer.
-
- The buffer's limit is set to the current position and the position is set to 0.
- """
- _ldns.ldns_buffer_flip(self)
- #parameters: ldns_buffer *,
-
- def invariant(self):
- _ldns.ldns_buffer_invariant(self)
- #parameters: ldns_buffer *,
-
- def limit(self):
- """returns the maximum size of the buffer
-
- :returns: (size_t) the size
- """
- return _ldns.ldns_buffer_limit(self)
- #parameters: ldns_buffer *,
- #retvals: size_t
-
- def position(self):
- """returns the current position in the buffer (as a number of bytes)
-
- :returns: (size_t) the current position
- """
- return _ldns.ldns_buffer_position(self)
- #parameters: ldns_buffer *,
- #retvals: size_t
-
- def printf(self,*str):
- """Prints to the buffer, increasing the capacity if required using buffer_reserve().
-
- The buffer's position is set to the terminating '\0'. Returns the number of characters written (not including the terminating '\0') or -1 on failure.
- :param str: a string
- :returns: (int)
- """
- return _ldns.ldns_buffer_printf(self,*str)
- #parameters: ldns_buffer *,const char *,...
- #retvals: int
-
- def read(self,data,count):
- """copies count bytes of data at the current position to the given data-array
-
- :param data:
- buffer to copy to
- :param count:
- the length of the data to copy
- """
- _ldns.ldns_buffer_read(self,data,count)
- #parameters: ldns_buffer *,void *,size_t,
- #retvals:
-
- def read_at(self,at,data,count):
- """copies count bytes of data at the given position to the given data-array
-
- :param at:
- the position in the buffer to start
- :param data:
- buffer to copy to
- :param count:
- the length of the data to copy
- """
- _ldns.ldns_buffer_read_at(self,at,data,count)
- #parameters: ldns_buffer *,size_t,void *,size_t,
- #retvals:
-
- def read_u16(self):
- """returns the 2-byte integer value at the current position in the buffer
-
- :returns: (uint16_t) 2 byte integer
- """
- return _ldns.ldns_buffer_read_u16(self)
- #parameters: ldns_buffer *,
- #retvals: uint16_t
-
- def read_u16_at(self,at):
- """returns the 2-byte integer value at the given position in the buffer
-
- :param at:
- position in the buffer
- :returns: (uint16_t) 2 byte integer
- """
- return _ldns.ldns_buffer_read_u16_at(self,at)
- #parameters: ldns_buffer *,size_t,
- #retvals: uint16_t
-
- def read_u32(self):
- """returns the 4-byte integer value at the current position in the buffer
-
- :returns: (uint32_t) 4 byte integer
- """
- return _ldns.ldns_buffer_read_u32(self)
- #parameters: ldns_buffer *,
- #retvals: uint32_t
-
- def read_u32_at(self,at):
- """returns the 4-byte integer value at the given position in the buffer
-
- :param at:
- position in the buffer
- :returns: (uint32_t) 4 byte integer
- """
- return _ldns.ldns_buffer_read_u32_at(self,at)
- #parameters: ldns_buffer *,size_t,
- #retvals: uint32_t
-
- def read_u8(self):
- """returns the byte value at the current position in the buffer
-
- :returns: (uint8_t) 1 byte integer
- """
- return _ldns.ldns_buffer_read_u8(self)
- #parameters: ldns_buffer *,
- #retvals: uint8_t
-
- def read_u8_at(self,at):
- """returns the byte value at the given position in the buffer
-
- :param at:
- the position in the buffer
- :returns: (uint8_t) 1 byte integer
- """
- return _ldns.ldns_buffer_read_u8_at(self,at)
- #parameters: ldns_buffer *,size_t,
- #retvals: uint8_t
-
- def remaining(self):
- """returns the number of bytes remaining between the buffer's position and limit.
-
- :returns: (size_t) the number of bytes
- """
- return _ldns.ldns_buffer_remaining(self)
- #parameters: ldns_buffer *,
- #retvals: size_t
-
- def remaining_at(self,at):
- """returns the number of bytes remaining between the indicated position and the limit.
-
- :param at:
- indicated position
- :returns: (size_t) number of bytes
- """
- return _ldns.ldns_buffer_remaining_at(self,at)
- #parameters: ldns_buffer *,size_t,
- #retvals: size_t
-
- def reserve(self,amount):
- """ensures BUFFER can contain at least AMOUNT more bytes.
-
- The buffer's capacity is increased if necessary using buffer_set_capacity().
-
- The buffer's limit is always set to the (possibly increased) capacity.
-
- :param amount:
- amount to use
- :returns: (bool) whether this failed or succeeded
- """
- return _ldns.ldns_buffer_reserve(self,amount)
- #parameters: ldns_buffer *,size_t,
- #retvals: bool
-
- def rewind(self):
- """make the buffer ready for re-reading the data.
-
- The buffer's position is reset to 0.
- """
- _ldns.ldns_buffer_rewind(self)
- #parameters: ldns_buffer *,
- #retvals:
-
- def set_capacity(self,capacity):
- """changes the buffer's capacity.
-
- The data is reallocated so any pointers to the data may become invalid. The buffer's limit is set to the buffer's new capacity.
-
- :param capacity:
- the capacity to use
- :returns: (bool) whether this failed or succeeded
- """
- return _ldns.ldns_buffer_set_capacity(self,capacity)
- #parameters: ldns_buffer *,size_t,
- #retvals: bool
-
- def set_limit(self,limit):
- """changes the buffer's limit.
-
- If the buffer's position is greater than the new limit the position is set to the limit.
-
- :param limit:
- the new limit
- """
- _ldns.ldns_buffer_set_limit(self,limit)
- #parameters: ldns_buffer *,size_t,
- #retvals:
-
- def set_position(self,mark):
- """sets the buffer's position to MARK.
-
- The position must be less than or equal to the buffer's limit.
-
- :param mark:
- the mark to use
- """
- _ldns.ldns_buffer_set_position(self,mark)
- #parameters: ldns_buffer *,size_t,
- #retvals:
-
- def skip(self,count):
- """changes the buffer's position by COUNT bytes.
-
- The position must not be moved behind the buffer's limit or before the beginning of the buffer.
-
- :param count:
- the count to use
- """
- _ldns.ldns_buffer_skip(self,count)
- #parameters: ldns_buffer *,ssize_t,
- #retvals:
-
- def status(self):
- """returns the status of the buffer
-
- :returns: (ldns_status) the status
- """
- return _ldns.ldns_buffer_status(self)
- #parameters: ldns_buffer *,
- #retvals: ldns_status
-
- def status_ok(self):
- """returns true if the status of the buffer is LDNS_STATUS_OK, false otherwise
-
- :returns: (bool) true or false
- """
- return _ldns.ldns_buffer_status_ok(self)
- #parameters: ldns_buffer *,
- #retvals: bool
-
- def write(self,data,count):
- """writes count bytes of data to the current position of the buffer
-
- :param data:
- the data to write
- :param count:
- the lenght of the data to write
- """
- _ldns.ldns_buffer_write(self,data,count)
- #parameters: ldns_buffer *,const void *,size_t,
- #retvals:
-
- def write_at(self,at,data,count):
- """writes the given data to the buffer at the specified position
-
- :param at:
- the position (in number of bytes) to write the data at
- :param data:
- pointer to the data to write to the buffer
- :param count:
- the number of bytes of data to write
- """
- _ldns.ldns_buffer_write_at(self,at,data,count)
- #parameters: ldns_buffer *,size_t,const void *,size_t,
- #retvals:
-
- def write_string(self,str):
- """copies the given (null-delimited) string to the current position at the buffer
-
- :param str:
- the string to write
- """
- _ldns.ldns_buffer_write_string(self,str)
- #parameters: ldns_buffer *,const char *,
- #retvals:
-
- def write_string_at(self,at,str):
- """copies the given (null-delimited) string to the specified position at the buffer
-
- :param at:
- the position in the buffer
- :param str:
- the string to write
- """
- _ldns.ldns_buffer_write_string_at(self,at,str)
- #parameters: ldns_buffer *,size_t,const char *,
- #retvals:
-
- def write_u16(self,data):
- """writes the given 2 byte integer at the current position in the buffer
-
- :param data:
- the 16 bits to write
- """
- _ldns.ldns_buffer_write_u16(self,data)
- #parameters: ldns_buffer *,uint16_t,
- #retvals:
-
- def write_u16_at(self,at,data):
- """writes the given 2 byte integer at the given position in the buffer
-
- :param at:
- the position in the buffer
- :param data:
- the 16 bits to write
- """
- _ldns.ldns_buffer_write_u16_at(self,at,data)
- #parameters: ldns_buffer *,size_t,uint16_t,
- #retvals:
-
- def write_u32(self,data):
- """writes the given 4 byte integer at the current position in the buffer
-
- :param data:
- the 32 bits to write
- """
- _ldns.ldns_buffer_write_u32(self,data)
- #parameters: ldns_buffer *,uint32_t,
- #retvals:
-
- def write_u32_at(self,at,data):
- """writes the given 4 byte integer at the given position in the buffer
-
- :param at:
- the position in the buffer
- :param data:
- the 32 bits to write
- """
- _ldns.ldns_buffer_write_u32_at(self,at,data)
- #parameters: ldns_buffer *,size_t,uint32_t,
- #retvals:
-
- def write_u8(self,data):
- """writes the given byte of data at the current position in the buffer
-
- :param data:
- the 8 bits to write
- """
- _ldns.ldns_buffer_write_u8(self,data)
- #parameters: ldns_buffer *,uint8_t,
- #retvals:
-
- def write_u8_at(self,at,data):
- """writes the given byte of data at the given position in the buffer
-
- :param at:
- the position in the buffer
- :param data:
- the 8 bits to write
- """
- _ldns.ldns_buffer_write_u8_at(self,at,data)
- #parameters: ldns_buffer *,size_t,uint8_t,
- #retvals:
-
- #_LDNS_BUFFER_METHODS#
- %}
-}
-
+++ /dev/null
-/******************************************************************************
- * ldns_dname.i: LDNS domain name class
- *
- * Copyright (c) 2009, Zdenek Vasicek (vasicek AT fit.vutbr.cz)
- * Karel Slany (slany AT fit.vutbr.cz)
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * * Redistributions of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * * Neither the name of the organization nor the names of its
- * contributors may be used to endorse or promote products derived from this
- * software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- ******************************************************************************/
-%pythoncode %{
- class ldns_dname(ldns_rdf):
- """Domain name
-
- This class contains methods to read and manipulate domain names.
- Domain names are stored in ldns_rdf structures, with the type LDNS_RDF_TYPE_DNAME
-
- **Usage**
-
- >>> import ldns
- >>> resolver = ldns.ldns_resolver.new_frm_file("/etc/resolv.conf")
- >>> dn1 = ldns.ldns_dname("test.nic.cz")
- >>> print dn1
- test.nic.cz.
- >>> dn2 = ldns.ldns_dname("nic.cz")
- >>> if dn2.is_subdomain(dn1): print dn2,"is subdomain of",dn1
- >>> if dn1.is_subdomain(dn2): print dn1,"is subdomain of",dn2
- test.nic.cz. is subdomain of nic.cz.
- """
- def __init__(self, str):
- """Creates a new dname rdf from a string.
-
- :parameter str: str string to use
- """
- self.this = _ldns.ldns_dname_new_frm_str(str)
-
- @staticmethod
- def new_frm_str(str):
- """Creates a new dname rdf instance from a string.
-
- This static method is equivalent to using of default class constructor.
-
- :parameter str: str string to use
- """
- return ldns_dname(str)
-
- def absolute(self):
- """Checks whether the given dname string is absolute (i.e. ends with a '.')
-
- :returns: (bool) True or False
- """
- return self.endswith(".")
-
-
- def make_canonical(self):
- """Put a dname into canonical fmt - ie. lowercase it
- """
- _ldns.ldns_dname2canonical(self)
-
- def __cmp__(self,other):
- """Compares the two dname rdf's according to the algorithm for ordering in RFC4034 Section 6.
-
- :param other:
- the second dname rdf to compare
- :returns: (int) -1 if dname comes before other, 1 if dname comes after other, and 0 if they are equal.
- """
- return _ldns.ldns_dname_compare(self,other)
-
- def write_to_buffer(self,buffer):
- """Copies the dname data to the buffer in wire format.
-
- :param buffer: buffer to append the result to
- :returns: (ldns_status) ldns_status
- """
- return _ldns.ldns_dname2buffer_wire(buffer,self)
- #parameters: ldns_buffer *,const ldns_rdf *,
- #retvals: ldns_status
-
- #LDNS_DNAME_METHODS_#
-
- def cat(self,rd2):
- """concatenates rd2 after this dname (rd2 is copied, this dname is modified)
-
- :param rd2:
- the rightside
- :returns: (ldns_status) LDNS_STATUS_OK on success
- """
- return _ldns.ldns_dname_cat(self,rd2)
- #parameters: ldns_rdf *,ldns_rdf *,
- #retvals: ldns_status
-
- def cat_clone(self,rd2):
- """concatenates two dnames together
-
- :param rd2:
- the rightside
- :returns: (ldns_rdf \*) a new rdf with leftside/rightside
- """
- return _ldns.ldns_dname_cat_clone(self,rd2)
- #parameters: const ldns_rdf *,const ldns_rdf *,
- #retvals: ldns_rdf *
-
- def interval(self,middle,next):
- """check if middle lays in the interval defined by prev and next prev <= middle < next.
-
- This is usefull for nsec checking
-
- :param middle:
- the dname to check
- :param next:
- the next dname return 0 on error or unknown, -1 when middle is in the interval, +1 when not
- :returns: (int)
- """
- return _ldns.ldns_dname_interval(self,middle,next)
- #parameters: const ldns_rdf *,const ldns_rdf *,const ldns_rdf *,
- #retvals: int
-
- def is_subdomain(self,parent):
- """Tests wether the name sub falls under parent (i.e. is a subdomain of parent).
-
- This function will return false if the given dnames are equal.
-
- :param parent:
- (ldns_rdf) the parent's name
- :returns: (bool) true if sub falls under parent, otherwise false
- """
- return _ldns.ldns_dname_is_subdomain(self,parent)
- #parameters: const ldns_rdf *,const ldns_rdf *,
- #retvals: bool
-
- def label(self,labelpos):
- """look inside the rdf and if it is an LDNS_RDF_TYPE_DNAME try and retrieve a specific label.
-
- The labels are numbered starting from 0 (left most).
-
- :param labelpos:
- return the label with this number
- :returns: (ldns_rdf \*) a ldns_rdf* with the label as name or NULL on error
- """
- return _ldns.ldns_dname_label(self,labelpos)
- #parameters: const ldns_rdf *,uint8_t,
- #retvals: ldns_rdf *
-
- def label_count(self):
- """count the number of labels inside a LDNS_RDF_DNAME type rdf.
-
- :returns: (uint8_t) the number of labels
- """
- return _ldns.ldns_dname_label_count(self)
- #parameters: const ldns_rdf *,
- #retvals: uint8_t
-
- def left_chop(self):
- """chop one label off the left side of a dname.
-
- so wwww.nlnetlabs.nl, becomes nlnetlabs.nl
-
- :returns: (ldns_rdf \*) the remaining dname
- """
- return _ldns.ldns_dname_left_chop(self)
- #parameters: const ldns_rdf *,
- #retvals: ldns_rdf *
-
- def reverse(self):
- """Returns a clone of the given dname with the labels reversed.
-
- :returns: (ldns_rdf \*) clone of the dname with the labels reversed.
- """
- return _ldns.ldns_dname_reverse(self)
- #parameters: const ldns_rdf *,
- #retvals: ldns_rdf *
-
- #_LDNS_DNAME_METHODS#
-%}
-
+++ /dev/null
-/******************************************************************************
- * ldns_dnssec.i: DNSSEC zone, name, rrs
- *
- * Copyright (c) 2009, Zdenek Vasicek (vasicek AT fit.vutbr.cz)
- * Karel Slany (slany AT fit.vutbr.cz)
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * * Redistributions of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * * Neither the name of the organization nor the names of its
- * contributors may be used to endorse or promote products derived from this
- * software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- ******************************************************************************/
-%nodefaultctor ldns_dnssec_rrs; //no default constructor & destructor
-%nodefaultdtor ldns_dnssec_rrs;
-
-%newobject ldns_dnssec_rrs_new;
-%delobject ldns_dnssec_rrs_free;
-
-%extend ldns_dnssec_rrs {
- %pythoncode %{
-
- def __init__(self):
- """Creates a new entry for 1 pointer to an rr and 1 pointer to the next rrs.
-
- :returns: (ldns_dnssec_rrs) the allocated data
- """
- self.this = _ldns.ldns_dnssec_rrs_new()
- if not self.this:
- raise Exception("Can't create rrs instance")
-
- __swig_destroy__ = _ldns.ldns_dnssec_rrs_free
-
- #LDNS_DNSSEC_RRS_METHODS_#
- def add_rr(self,rr):
- """Adds an RR to the list of RRs.
-
- The list will remain ordered
-
- :param rr:
- the RR to add
- :returns: (ldns_status) LDNS_STATUS_OK on success
- """
- return _ldns.ldns_dnssec_rrs_add_rr(self,rr)
- #parameters: ldns_dnssec_rrs *,ldns_rr *,
- #retvals: ldns_status
- #_LDNS_DNSSEC_RRS_METHODS#
- %}
-}
-
-// ================================================================================
-// DNNSEC RRS
-// ================================================================================
-%nodefaultctor ldns_dnssec_rrsets; //no default constructor & destructor
-%nodefaultdtor ldns_dnssec_rrsets;
-
-%newobject ldns_dnssec_rrsets_new;
-%delobject ldns_dnssec_rrsets_free;
-
-%extend ldns_dnssec_rrsets {
- %pythoncode %{
- def __init__(self):
- """Creates a new list (entry) of RRsets.
-
- :returns: (ldns_dnssec_rrsets \*) instance
- """
- self.this = _ldns.ldns_dnssec_rrsets_new()
- if not self.this:
- raise Exception("Can't create rrsets instance")
-
- __swig_destroy__ = _ldns.ldns_dnssec_rrsets_free
-
- def print_to_file(self, file, follow):
- """Print the given list of rrsets to the given file descriptor.
-
- :param file: file pointer
- :param follow: if set to false, only print the first RRset
- """
- _ldns.ldns_dnssec_rrsets_print(file,self,follow)
- #parameters: FILE *,ldns_dnssec_rrsets *,bool,
- #retvals:
-
- #LDNS_DNSSEC_RRSETS_METHODS_#
- def add_rr(self,rr):
- """Add an ldns_rr to the corresponding RRset in the given list of RRsets.
-
- If it is not present, add it as a new RRset with 1 record.
-
- :param rr:
- the rr to add to the list of rrsets
- :returns: (ldns_status) LDNS_STATUS_OK on success
- """
- return _ldns.ldns_dnssec_rrsets_add_rr(self,rr)
- #parameters: ldns_dnssec_rrsets *,ldns_rr *,
- #retvals: ldns_status
-
- def set_type(self,atype):
- """Sets the RR type of the rrset (that is head of the given list).
-
- :param atype:
- :returns: (ldns_status) LDNS_STATUS_OK on success
- """
- return _ldns.ldns_dnssec_rrsets_set_type(self,atype)
- #parameters: ldns_dnssec_rrsets *,ldns_rr_type,
- #retvals: ldns_status
-
- def type(self):
- """Returns the rr type of the rrset (that is head of the given list).
-
- :returns: (ldns_rr_type) the rr type
- """
- return _ldns.ldns_dnssec_rrsets_type(self)
- #parameters: ldns_dnssec_rrsets *,
- #retvals: ldns_rr_type
- #_LDNS_DNSSEC_RRSETS_METHODS#
- %}
-}
-
-// ================================================================================
-// DNNSEC NAME
-// ================================================================================
-%nodefaultctor ldns_dnssec_name; //no default constructor & destructor
-%nodefaultdtor ldns_dnssec_name;
-
-%newobject ldns_dnssec_name_new;
-%delobject ldns_dnssec_name_free;
-
-%extend ldns_dnssec_name {
- %pythoncode %{
- def __init__(self):
- """Create a new instance of dnssec name."""
- self.this = _ldns.ldns_dnssec_name_new()
- if not self.this:
- raise Exception("Can't create dnssec name instance")
-
- __swig_destroy__ = _ldns.ldns_dnssec_name_free
-
- def print_to_file(self,file):
- """Prints the RRs in the dnssec name structure to the given file descriptor.
-
- :param file: file pointer
- """
- _ldns.ldns_dnssec_name_print(file, self)
- #parameters: FILE *,ldns_dnssec_name *,
-
- @staticmethod
- def new_frm_rr(raiseException=True):
- """Create a new instace of dnssec name for the given RR.
-
- :returns: (ldns_dnssec_name) instance
- """
- name = _ldns.ldns_dnssec_name_new_frm_rr(self)
- if (not name) and (raiseException):
- raise Exception("Can't create dnssec name")
- return name
-
- #LDNS_DNSSEC_NAME_METHODS_#
- def add_rr(self,rr):
- """Inserts the given rr at the right place in the current dnssec_name No checking is done whether the name matches.
-
- :param rr:
- The RR to add
- :returns: (ldns_status) LDNS_STATUS_OK on success, error code otherwise
- """
- return _ldns.ldns_dnssec_name_add_rr(self,rr)
- #parameters: ldns_dnssec_name *,ldns_rr *,
- #retvals: ldns_status
-
- def find_rrset(self,atype):
- """Find the RRset with the given type in within this name structure.
-
- :param atype:
- :returns: (ldns_dnssec_rrsets \*) the RRset, or NULL if not present
- """
- return _ldns.ldns_dnssec_name_find_rrset(self,atype)
- #parameters: ldns_dnssec_name *,ldns_rr_type,
- #retvals: ldns_dnssec_rrsets *
-
- def name(self):
- """Returns the domain name of the given dnssec_name structure.
-
- :returns: (ldns_rdf \*) the domain name
- """
- return _ldns.ldns_dnssec_name_name(self)
- #parameters: ldns_dnssec_name *,
- #retvals: ldns_rdf *
-
- def set_name(self,dname):
- """Sets the domain name of the given dnssec_name structure.
-
- :param dname:
- the domain name to set it to. This data is *not* copied.
- """
- _ldns.ldns_dnssec_name_set_name(self,dname)
- #parameters: ldns_dnssec_name *,ldns_rdf *,
- #retvals:
-
- def set_nsec(self,nsec):
- """Sets the NSEC(3) RR of the given dnssec_name structure.
-
- :param nsec:
- the nsec rr to set it to. This data is *not* copied.
- """
- _ldns.ldns_dnssec_name_set_nsec(self,nsec)
- #parameters: ldns_dnssec_name *,ldns_rr *,
- #retvals:
- #_LDNS_DNSSEC_NAME_METHODS#
- %}
-}
-
-// ================================================================================
-// DNNSEC ZONE
-// ================================================================================
-%nodefaultctor ldns_dnssec_zone; //no default constructor & destructor
-%nodefaultdtor ldns_dnssec_zone;
-
-%newobject ldns_dnssec_zone_new;
-%delobject ldns_dnssec_zone_free;
-
-%inline %{
-ldns_status ldns_dnssec_zone_sign_defcb(ldns_dnssec_zone *zone, ldns_rr_list *new_rrs, ldns_key_list *key_list, int cbtype)
-{
- if (cbtype == 0)
- return ldns_dnssec_zone_sign(zone, new_rrs, key_list, ldns_dnssec_default_add_to_signatures, NULL);
- if (cbtype == 1)
- return ldns_dnssec_zone_sign(zone, new_rrs, key_list, ldns_dnssec_default_leave_signatures, NULL);
- if (cbtype == 2)
- return ldns_dnssec_zone_sign(zone, new_rrs, key_list, ldns_dnssec_default_delete_signatures, NULL);
-
- return ldns_dnssec_zone_sign(zone, new_rrs, key_list, ldns_dnssec_default_replace_signatures, NULL);
-}
-%}
-
-%extend ldns_dnssec_zone {
- %pythoncode %{
-
- def __init__(self):
- """Creates a new dnssec_zone instance"""
- self.this = _ldns.ldns_dnssec_zone_new()
- if not self.this:
- raise Exception("Can't create dnssec zone instance")
-
- __swig_destroy__ = _ldns.ldns_dnssec_zone_free
-
- def print_to_file(self,file):
- """Prints the complete zone to the given file descriptor.
-
- :param file: file pointer
- """
- _ldns.ldns_dnssec_zone_print(file, self)
- #parameters: FILE *, ldns_dnssec_zone *,
- #retvals:
-
- def create_nsec3s(self,new_rrs,algorithm,flags,iterations,salt_length,salt):
- """Adds NSEC3 records to the zone.
-
- :param new_rrs:
- :param algorithm:
- :param flags:
- :param iterations:
- :param salt_length:
- :param salt:
- :returns: (ldns_status)
- """
- return _ldns.ldns_dnssec_zone_create_nsec3s(self,new_rrs,algorithm,flags,iterations,salt_length,salt)
- #parameters: ldns_dnssec_zone *,ldns_rr_list *,uint8_t,uint8_t,uint16_t,uint8_t,uint8_t *,
- #retvals: ldns_status
-
- def create_nsecs(self,new_rrs):
- """Adds NSEC records to the given dnssec_zone.
-
- :param new_rrs:
- ldns_rr's created by this function are added to this rr list, so the caller can free them later
- :returns: (ldns_status) LDNS_STATUS_OK on success, an error code otherwise
- """
- return _ldns.ldns_dnssec_zone_create_nsecs(self,new_rrs)
- #parameters: ldns_dnssec_zone *,ldns_rr_list *,
- #retvals: ldns_status
-
- def create_rrsigs(self,new_rrs,key_list,func,arg):
- """Adds signatures to the zone.
-
- :param new_rrs:
- the RRSIG RRs that are created are also added to this list, so the caller can free them later
- :param key_list:
- list of keys to sign with.
- :param func:
- Callback function to decide what keys to use and what to do with old signatures
- :param arg:
- Optional argument for the callback function
- :returns: (ldns_status) LDNS_STATUS_OK on success, error otherwise
- """
- return _ldns.ldns_dnssec_zone_create_rrsigs(self,new_rrs,key_list,func,arg)
- #parameters: ldns_dnssec_zone *,ldns_rr_list *,ldns_key_list *,int(*)(ldns_rr *, void *),void *,
- #retvals: ldns_status
-
- def sign_cb(self,new_rrs,key_list,func,arg):
- """signs the given zone with the given keys (with callback function)
-
- :param new_rrs:
- newly created resource records are added to this list, to free them later
- :param key_list:
- the list of keys to sign the zone with
- :param func:
- callback function that decides what to do with old signatures.
- This function takes an ldns_rr and an optional arg argument, and returns one of four values:
-
- * LDNS_SIGNATURE_LEAVE_ADD_NEW - leave the signature and add a new one for the corresponding key
-
- * LDNS_SIGNATURE_REMOVE_ADD_NEW - remove the signature and replace is with a new one from the same key
-
- * LDNS_SIGNATURE_LEAVE_NO_ADD - leave the signature and do not add a new one with the corresponding key
-
- * LDNS_SIGNATURE_REMOVE_NO_ADD - remove the signature and do not replace
-
- :param arg:
- optional argument for the callback function
- :returns: (ldns_status) LDNS_STATUS_OK on success, an error code otherwise
- """
- return _ldns.ldns_dnssec_zone_sign(self,new_rrs,key_list,func,arg)
- #parameters: ldns_dnssec_zone *,ldns_rr_list *,ldns_key_list *,int(*)(ldns_rr *, void *),void *,
- #retvals: ldns_status
-
- def sign(self,new_rrs,key_list, cbtype=3):
- """signs the given zone with the given keys
-
- :param new_rrs:
- newly created resource records are added to this list, to free them later
- :param key_list:
- the list of keys to sign the zone with
- :param cb_type:
- specifies how to deal with old signatures, possible values:
-
- * 0 - ldns_dnssec_default_add_to_signatures,
-
- * 1 - ldns_dnssec_default_leave_signatures,
-
- * 2 - ldns_dnssec_default_delete_signatures,
-
- * 3 - ldns_dnssec_default_replace_signatures
-
- :returns: (ldns_status) LDNS_STATUS_OK on success, an error code otherwise
- """
- return _ldns.ldns_dnssec_zone_sign_defcb(self,new_rrs,key_list, cbtype)
- #parameters: ldns_dnssec_zone *,ldns_rr_list *,ldns_key_list *,
- #retvals: ldns_status
-
- def sign_nsec3(self,new_rrs,key_list,func,arg,algorithm,flags,iterations,salt_length,salt):
- """signs the given zone with the given new zone, with NSEC3
-
- :param new_rrs:
- newly created resource records are added to this list, to free them later
- :param key_list:
- the list of keys to sign the zone with
- :param func:
- callback function that decides what to do with old signatures
- :param arg:
- optional argument for the callback function
- :param algorithm:
- the NSEC3 hashing algorithm to use
- :param flags:
- NSEC3 flags
- :param iterations:
- the number of NSEC3 hash iterations to use
- :param salt_length:
- the length (in octets) of the NSEC3 salt
- :param salt:
- the NSEC3 salt data
- :returns: (ldns_status) LDNS_STATUS_OK on success, an error code otherwise
- """
- return _ldns.ldns_dnssec_zone_sign_nsec3(self,new_rrs,key_list,func,arg,algorithm,flags,iterations,salt_length,salt)
- #parameters: ldns_dnssec_zone *,ldns_rr_list *,ldns_key_list *,int(*)(ldns_rr *, void *),void *,uint8_t,uint8_t,uint16_t,uint8_t,uint8_t *,
- #retvals: ldns_status
-
- #LDNS_DNSSEC_ZONE_METHODS_#
- def add_empty_nonterminals(self):
- """Adds explicit dnssec_name structures for the empty nonterminals in this zone.
-
- (this is needed for NSEC3 generation)
-
- :returns: (ldns_status)
- """
- return _ldns.ldns_dnssec_zone_add_empty_nonterminals(self)
- #parameters: ldns_dnssec_zone *,
- #retvals: ldns_status
-
- def add_rr(self,rr):
- """Adds the given RR to the zone.
-
- It find whether there is a dnssec_name with that name present.
- If so, add it to that, if not create a new one.
- Special handling of NSEC and RRSIG provided.
-
- :param rr:
- The RR to add
- :returns: (ldns_status) LDNS_STATUS_OK on success, an error code otherwise
- """
- return _ldns.ldns_dnssec_zone_add_rr(self,rr)
- #parameters: ldns_dnssec_zone *,ldns_rr *,
- #retvals: ldns_status
-
- def find_rrset(self,dname,atype):
- """Find the RRset with the given name and type in the zone.
-
- :param dname:
- the domain name of the RRset to find
- :param atype:
- :returns: (ldns_dnssec_rrsets \*) the RRset, or NULL if not present
- """
- return _ldns.ldns_dnssec_zone_find_rrset(self,dname,atype)
- #parameters: ldns_dnssec_zone *,ldns_rdf *,ldns_rr_type,
- #retvals: ldns_dnssec_rrsets *
-
- #_LDNS_DNSSEC_ZONE_METHODS#
- %}
-}
+++ /dev/null
-/******************************************************************************
- * ldns_key.i: LDNS key class
- *
- * Copyright (c) 2009, Zdenek Vasicek (vasicek AT fit.vutbr.cz)
- * Karel Slany (slany AT fit.vutbr.cz)
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * * Redistributions of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * * Neither the name of the organization nor the names of its
- * contributors may be used to endorse or promote products derived from this
- * software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- ******************************************************************************/
-%typemap(in,numinputs=0,noblock=1) (ldns_key **)
-{
- ldns_key *$1_key;
- $1 = &$1_key;
-}
-
-/* result generation */
-%typemap(argout,noblock=1) (ldns_key **)
-{
- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(SWIG_as_voidptr($1_key), SWIGTYPE_p_ldns_struct_key, SWIG_POINTER_OWN | 0 ));
-}
-
-%exception ldns_key_set_pubkey_owner(ldns_key *k, ldns_rdf *r) %{ $action Py_INCREF(obj1); %}
-
-%nodefaultctor ldns_struct_key; //no default constructor & destructor
-%nodefaultdtor ldns_struct_key;
-
-%delobject ldns_key_free;
-%delobject ldns_key_deep_free;
-%newobject ldns_key_list_pop_key;
-%newobject ldns_key2rr;
-%newobject ldns_key_new_frm_algorithm;
-%newobject ldns_key_new_frm_fp;
-%newobject ldns_key_new_frm_fp_l;
-%newobject ldns_key_new_frm_engine;
-
-%rename(ldns_key) ldns_struct_key;
-
-#ifdef LDNS_DEBUG
-%rename(__ldns_key_free) ldns_key_free;
-%inline %{
-void _ldns_key_free (ldns_key* k) {
- printf("******** LDNS_KEY free 0x%lX ************\n", (long unsigned int)k);
- ldns_key_deep_free(k);
-}
-%}
-#else
-%rename(_ldns_key_free) ldns_key_deep_free;
-%rename(__ldns_key_free) ldns_key_free;
-#endif
-
-%feature("docstring") ldns_struct_key "Key class
-
-This class can contains all types of keys that are used in DNSSEC. Mostly used to store private keys, since public keys can also be stored in a ldns_rr with type LDNS_RR_TYPE_DNSKEY. This class can also store some variables that influence the signatures generated by signing with this key, for instance the inception date.
-
-**Usage**
-
- >>> import ldns
- >>> ldns.ldns_init_random(open(\"/dev/random\",\"rb\"), 512/8)
- >>> key = ldns.ldns_key.new_frm_algorithm(ldns.LDNS_SIGN_DSA, 512) #generate new DSA key
- >>> print key
- Private-key-format: v1.2
- Algorithm: 3 (DSA)
- Prime(p): XXXXXXXXHRQBGRflHZQriSAoLI2g+LGvZz8BlEesO+ZQg65wrFGs9IC441y/mn3nFnXfCdtX6zbN5bQuabPdlQ==
- Subprime(q): XXXXXdnWs/cWsGDglhEyZRLEVA8=
- Base(g): XXXXXXXqrd+dm2bcxDBdCsZRzkXQ22FxCk2ycnjgevr+s2HfA57BPk3xwqCrHUwuOBVg3Fvq4bpldrCe0sT6Og==
- Private_value(x): XXXXXcVubZF33pj04z4ZoETsQW1Y=
- Public_value(y): XXXXXX8t6zfOxJHoy57qteIw9sOZ/Zu0yFiPO083sPm11NlFx3b4m7TJ2k41gYicHXHLUQK1p0xXFToeZEkPGQ==
- >>> fw = open(\"key.priv\", \"wb\")
- >>> key.print_to_file(fw) #write priv key to file
-"
-
-%extend ldns_struct_key {
-
- %pythoncode %{
- def __init__(self):
- self.this = _ldns.ldns_key_new()
- if not self.this:
- raise Exception("Can't create instance of this class")
-
- __swig_destroy__ = _ldns._ldns_key_free
-
- def __str__(self):
- """converts the data to presentation format"""
- return _ldns.ldns_key2str(self)
-
-
- def key_to_rr(self):
- """converts a ldns_key to a public key rr
-
- :returns: (ldns_rr \*) ldns_rr representation of the key
- """
- return _ldns.ldns_key2rr(self)
- #parameters: const ldns_key *,
- #retvals: ldns_rr *
-
- def print_to_file(self, file):
- """print a private key to the file ouput
-
- :param file: output file pointer
- """
- _ldns.ldns_key_print(file, self)
- #parameters: FILE *, const ldns_key *,
- #retvals:
-
- #LDNS_KEY_CONSTRUCTORS_#
- @staticmethod
- def new_frm_fp(file, raiseException=True):
- """Creates a new priv key based on the contents of the file pointed by fp.
-
- :param file: a file object
- :param raiseException: if True, an exception occurs in case a key instance can't be created
- :returns: key instance or None. If the object can't be created and raiseException is True, an exception occurs.
- """
- status, key = _ldns.ldns_key_new_frm_fp(file)
- if status != LDNS_STATUS_OK:
- if (raiseException): raise Exception("Can't create key, error: %s (%d)" % (_ldns.ldns_get_errorstr_by_id(status),status))
- return None
- return key
-
- @staticmethod
- def new_frm_fp_l(file, raiseException=True):
- """Creates a new private key based on the contents of the file pointed by fp.
-
- :param file: a file object
- :param raiseException: if True, an exception occurs in case a key instance can't be created
- :returns:
- * key - key instance or None. If an instance can't be created and raiseException is True, an exception occurs.
-
- * line - the line number (for debugging)
- """
- status, key, line = _ldns.ldns_key_new_frm_fp_l(file)
- if status != LDNS_STATUS_OK:
- if (raiseException): raise Exception("Can't create key, error: %d" % status)
- return None
- return key, line
-
- @staticmethod
- def new_frm_algorithm(algorithm, size, raiseException=True):
- """Creates a new key based on the algorithm.
-
- :param algorithm: the algorithm to use
- :param size: the number of bytes for the keysize
- :param raiseException: if True, an exception occurs in case a key instance can't be created
- :returns: key instance or None. If the object can't be created and raiseException is True, an exception occurs.
-
- **Algorithms**
- LDNS_SIGN_RSAMD5, LDNS_SIGN_RSASHA1, LDNS_SIGN_DSA, LDNS_SIGN_RSASHA1_NSEC3, LDNS_SIGN_RSASHA256, LDNS_SIGN_RSASHA256_NSEC3, LDNS_SIGN_RSASHA512, LDNS_SIGN_RSASHA512_NSEC3, LDNS_SIGN_DSA_NSEC3, LDNS_SIGN_HMACMD5, LDNS_SIGN_HMACSHA1, LDNS_SIGN_HMACSHA256
- """
- key = _ldns.ldns_key_new_frm_algorithm(algorithm, size)
- if (not key) and (raiseException): raise Exception("Can't create key, error: %d" % status)
- return key
- #_LDNS_KEY_CONSTRUCTORS#
-
- #LDNS_KEY_METHODS_#
- def algorithm(self):
- """return the signing alg of the key
-
- :returns: (ldns_signing_algorithm) the algorithm
- """
- return _ldns.ldns_key_algorithm(self)
- #parameters: const ldns_key *,
- #retvals: ldns_signing_algorithm
-
- def dsa_key(self):
- """returns the (openssl) DSA struct contained in the key
-
- :returns: (DSA \*)
- """
- return _ldns.ldns_key_dsa_key(self)
- #parameters: const ldns_key *,
- #retvals: DSA *
-
- def evp_key(self):
- """returns the (openssl) EVP struct contained in the key
-
- :returns: (EVP_PKEY \*) the RSA * structure in the key
- """
- return _ldns.ldns_key_evp_key(self)
- #parameters: const ldns_key *,
- #retvals: EVP_PKEY *
-
- def expiration(self):
- """return the key's expiration date
-
- :returns: (uint32_t) the experiration date
- """
- return _ldns.ldns_key_expiration(self)
- #parameters: const ldns_key *,
- #retvals: uint32_t
-
- def flags(self):
- """return the flag of the key
-
- :returns: (uint16_t) the flag
- """
- return _ldns.ldns_key_flags(self)
- #parameters: const ldns_key *,
- #retvals: uint16_t
-
- def hmac_key(self):
- """return the hmac key data
-
- :returns: (unsigned char \*) the hmac key data
- """
- return _ldns.ldns_key_hmac_key(self)
- #parameters: const ldns_key *,
- #retvals: unsigned char *
-
- def hmac_size(self):
- """return the hmac key size
-
- :returns: (size_t) the hmac key size
- """
- return _ldns.ldns_key_hmac_size(self)
- #parameters: const ldns_key *,
- #retvals: size_t
-
- def inception(self):
- """return the key's inception date
-
- :returns: (uint32_t) the inception date
- """
- return _ldns.ldns_key_inception(self)
- #parameters: const ldns_key *,
- #retvals: uint32_t
-
- def keytag(self):
- """return the keytag
-
- :returns: (uint16_t) the keytag
- """
- return _ldns.ldns_key_keytag(self)
- #parameters: const ldns_key *,
- #retvals: uint16_t
-
- def origttl(self):
- """return the original ttl of the key
-
- :returns: (uint32_t) the original ttl
- """
- return _ldns.ldns_key_origttl(self)
- #parameters: const ldns_key *,
- #retvals: uint32_t
-
- def pubkey_owner(self):
- """return the public key's owner
-
- :returns: (ldns_rdf \*) the owner
- """
- return _ldns.ldns_key_pubkey_owner(self)
- #parameters: const ldns_key *,
- #retvals: ldns_rdf *
-
- def rsa_key(self):
- """returns the (openssl) RSA struct contained in the key
-
- :returns: (RSA \*) the RSA * structure in the key
- """
- return _ldns.ldns_key_rsa_key(self)
- #parameters: const ldns_key *,
- #retvals: RSA *
-
- def set_algorithm(self,l):
- """Set the key's algorithm.
-
- :param l:
- the algorithm
- """
- _ldns.ldns_key_set_algorithm(self,l)
- #parameters: ldns_key *,ldns_signing_algorithm,
- #retvals:
-
- def set_dsa_key(self,d):
- """Set the key's dsa data.
-
- :param d:
- the dsa data
- """
- _ldns.ldns_key_set_dsa_key(self,d)
- #parameters: ldns_key *,DSA *,
- #retvals:
-
- def set_evp_key(self,e):
- """Set the key's evp key.
-
- :param e:
- the evp key
- """
- _ldns.ldns_key_set_evp_key(self,e)
- #parameters: ldns_key *,EVP_PKEY *,
- #retvals:
-
- def set_expiration(self,e):
- """Set the key's expiration date (seconds after epoch).
-
- :param e:
- the expiration
- """
- _ldns.ldns_key_set_expiration(self,e)
- #parameters: ldns_key *,uint32_t,
- #retvals:
-
- def set_flags(self,flags):
- """Set the key's flags.
-
- :param flags:
- the flags
- """
- _ldns.ldns_key_set_flags(self,flags)
- #parameters: ldns_key *,uint16_t,
- #retvals:
-
- def set_hmac_key(self,hmac):
- """Set the key's hmac data.
-
- :param hmac:
- the raw key data
- """
- _ldns.ldns_key_set_hmac_key(self,hmac)
- #parameters: ldns_key *,unsigned char *,
- #retvals:
-
- def set_hmac_size(self,hmac_size):
- """Set the key's hmac size.
-
- :param hmac_size:
- the size of the hmac data
- """
- _ldns.ldns_key_set_hmac_size(self,hmac_size)
- #parameters: ldns_key *,size_t,
- #retvals:
-
- def set_inception(self,i):
- """Set the key's inception date (seconds after epoch).
-
- :param i:
- the inception
- """
- _ldns.ldns_key_set_inception(self,i)
- #parameters: ldns_key *,uint32_t,
- #retvals:
-
- def set_keytag(self,tag):
- """Set the key's key tag.
-
- :param tag:
- the keytag
- """
- _ldns.ldns_key_set_keytag(self,tag)
- #parameters: ldns_key *,uint16_t,
- #retvals:
-
- def set_origttl(self,t):
- """Set the key's original ttl.
-
- :param t:
- the ttl
- """
- _ldns.ldns_key_set_origttl(self,t)
- #parameters: ldns_key *,uint32_t,
- #retvals:
-
- def set_pubkey_owner(self,r):
- """Set the key's pubkey owner.
-
- :param r:
- the owner
- """
- _ldns.ldns_key_set_pubkey_owner(self,r)
- #parameters: ldns_key *,ldns_rdf *,
- #retvals:
-
- def set_rsa_key(self,r):
- """Set the key's rsa data.
-
- :param r:
- the rsa data
- """
- _ldns.ldns_key_set_rsa_key(self,r)
- #parameters: ldns_key *,RSA *,
- #retvals:
-
- def set_use(self,v):
- """set the use flag
-
- :param v:
- the boolean value to set the _use field to
- """
- _ldns.ldns_key_set_use(self,v)
- #parameters: ldns_key *,bool,
- #retvals:
-
- def use(self):
- """return the use flag
-
- :returns: (bool) the boolean value of the _use field
- """
- return _ldns.ldns_key_use(self)
- #parameters: const ldns_key *,
- #retvals: bool
- #_LDNS_KEY_METHODS#
- %}
-}
-
-%nodefaultctor ldns_struct_key_list; //no default constructor & destructor
-%nodefaultdtor ldns_struct_key_list;
-
-%newobject ldns_key_list_new;
-%newobject ldns_key_list_pop_key;
-%delobject ldns_key_list_free;
-%delobject ldns_key_list_push_key;
-
-%rename(ldns_key_list) ldns_struct_key_list;
-
-#ifdef LDNS_DEBUG
-%rename(__ldns_key_list_free) ldns_key_list_free;
-%inline %{
-void _ldns_key_list_free (ldns_key_list* k) {
- printf("******** LDNS_KEY_LIST free 0x%lX ************\n", (long unsigned int)k);
- ldns_key_list_free(k);
-}
-%}
-#else
-%rename(_ldns_key_list_free) ldns_key_list_free;
-#endif
-
-%extend ldns_struct_key_list {
-
- %pythoncode %{
- def __init__(self):
- self.this = _ldns.ldns_key_list_new()
- if not self.this:
- raise Exception("Can't create class")
-
- __swig_destroy__ = _ldns._ldns_key_list_free
-
- def keys(self):
- """Key list iterator"""
- for i in range(0, self.key_count()):
- yield self.key(i)
-
- def __str__(self):
- i = 0
- s = ""
- for k in self.keys():
- i += 1
- s += "key %d:\n %s\n" % (i, str(k).replace("\n","\n "))
- return s
-
- #LDNS_KEY_LIST_METHODS_#
- def key(self,nr):
- """returns a pointer to the key in the list at the given position
-
- :param nr:
- the position in the list
- :returns: (ldns_key \*) the key
- """
- return _ldns.ldns_key_list_key(self,nr)
- #parameters: const ldns_key_list *,size_t,
- #retvals: ldns_key *
-
- def key_count(self):
- """returns the number of keys in the key list
-
- :returns: (size_t) the numbers of keys in the list
- """
- return _ldns.ldns_key_list_key_count(self)
- #parameters: const ldns_key_list *,
- #retvals: size_t
-
- def pop_key(self):
- """pops the last rr from a keylist
-
- :returns: (ldns_key \*) NULL if nothing to pop. Otherwise the popped RR
- """
- return _ldns.ldns_key_list_pop_key(self)
- #parameters: ldns_key_list *,
- #retvals: ldns_key *
-
- def push_key(self,key):
- """pushes a key to a keylist
-
- :param key:
- the key to push
- :returns: (bool) false on error, otherwise true
- """
- return _ldns.ldns_key_list_push_key(self,key)
- #parameters: ldns_key_list *,ldns_key *,
- #retvals: bool
-
- def set_key_count(self,count):
- """Set the keylist's key count to count.
-
- :param count:
- the cuont
- """
- _ldns.ldns_key_list_set_key_count(self,count)
- #parameters: ldns_key_list *,size_t,
- #retvals:
-
- def set_use(self,v):
- """Set the 'use' flag for all keys in the list.
-
- :param v:
- The value to set the use flags to
- """
- _ldns.ldns_key_list_set_use(self,v)
- #parameters: ldns_key_list *,bool,
- #retvals:
-
- #_LDNS_KEY_LIST_METHODS#
- %}
-}
-
+++ /dev/null
-/******************************************************************************
- * ldns_packet.i: LDNS packet class
- *
- * Copyright (c) 2009, Zdenek Vasicek (vasicek AT fit.vutbr.cz)
- * Karel Slany (slany AT fit.vutbr.cz)
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * * Redistributions of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * * Neither the name of the organization nor the names of its
- * contributors may be used to endorse or promote products derived from this
- * software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- ******************************************************************************/
-%typemap(in,numinputs=0,noblock=1) (ldns_pkt **)
-{
- ldns_pkt *$1_pkt;
- $1 = &$1_pkt;
-}
-
-/* result generation */
-%typemap(argout,noblock=1) (ldns_pkt **)
-{
- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(SWIG_as_voidptr($1_pkt), SWIGTYPE_p_ldns_struct_pkt, SWIG_POINTER_OWN | 0 ));
-}
-
-%newobject ldns_pkt_clone;
-%newobject ldns_pkt_rr_list_by_type;
-%newobject ldns_pkt_rr_list_by_name_and_type;
-%newobject ldns_pkt_rr_list_by_name;
-%newobject ldns_update_pkt_new;
-
-%nodefaultctor ldns_struct_pkt; //no default constructor & destructor
-%nodefaultdtor ldns_struct_pkt;
-
-%rename(ldns_pkt) ldns_struct_pkt;
-#ifdef LDNS_DEBUG
-%rename(__ldns_pkt_free) ldns_pkt_free;
-%inline %{
-void _ldns_pkt_free (ldns_pkt* p) {
- printf("******** LDNS_PKT free 0x%lX ************\n", (long unsigned int)p);
- ldns_pkt_free(p);
-}
-%}
-#else
-%rename(_ldns_pkt_free) ldns_pkt_free;
-#endif
-
-%newobject ldns_pkt2str;
-%newobject ldns_pkt_opcode2str;
-%newobject ldns_pkt_rcode2str;
-%newobject ldns_pkt_algorithm2str;
-%newobject ldns_pkt_cert_algorithm2str;
-
-%exception ldns_pkt_push_rr(ldns_pkt *packet, ldns_pkt_section section, ldns_rr *rr) %{ $action if (result) Py_INCREF(obj2); %}
-%exception ldns_pkt_push_rr_list(ldns_pkt *packet, ldns_pkt_section section, ldns_rr_list *list) %{ $action if (result) Py_INCREF(obj2); %}
-
-
-%feature("docstring") ldns_struct_pkt "LDNS packet object.
-
-The ldns_pkt object contains DNS packed (either a query or an answer). It is the complete representation of what you actually send to a nameserver, and what you get back (see :class:`ldns.ldns_resolver`).
-
-**Usage**
-
->>> import ldns
->>> resolver = ldns.ldns_resolver.new_frm_file(\"/etc/resolv.conf\")
->>> pkt = resolver.query(\"nic.cz\", ldns.LDNS_RR_TYPE_NS,ldns.LDNS_RR_CLASS_IN)
->>> print pkt
-;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 63004
-;; flags: qr rd ra ; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0
-;; QUESTION SECTION:
-;; nic.cz. IN NS
-;; ANSWER SECTION:
-nic.cz. 758 IN NS a.ns.nic.cz.
-nic.cz. 758 IN NS c.ns.nic.cz.
-nic.cz. 758 IN NS e.ns.nic.cz.
-;; AUTHORITY SECTION:
-;; ADDITIONAL SECTION:
-;; Query time: 8 msec
-;; SERVER: 82.100.38.2
-;; WHEN: Thu Jan 11 12:54:33 2009
-;; MSG SIZE rcvd: 75
-
-This simple example instances a resolver in order to resolve NS for nic.cz.
-"
-
-%extend ldns_struct_pkt {
-
- %pythoncode %{
- def __init__(self):
- raise Exception("This class can't be created directly. Please use: ldns_pkt_new(), ldns_pkt_query_new() or ldns_pkt_query_new_frm_str()")
-
- __swig_destroy__ = _ldns._ldns_pkt_free
-
- #LDNS_PKT_CONSTRUCTORS_#
- @staticmethod
- def new_query(rr_name, rr_type, rr_class, flags):
- """Creates a packet with a query in it for the given name, type and class.
-
- :param rr_name: the name to query for
- :param rr_type: the type to query for
- :param rr_class: the class to query for
- :param flags: packet flags
- :returns: new ldns_pkt object
- """
- return _ldns.ldns_pkt_query_new(rr_name, rr_type, rr_class, flags)
-
- @staticmethod
- def new_query_frm_str(rr_name, rr_type, rr_class, flags, raiseException = True):
- """Creates a query packet for the given name, type, class.
-
- :param rr_name: the name to query for
- :param rr_type: the type to query for
- :param rr_class: the class to query for
- :param flags: packet flags
- :param raiseException: if True, an exception occurs in case a resolver object can't be created
- :returns: query packet object or None. If the object can't be created and raiseException is True, an exception occurs.
-
-
- **Usage**
-
- >>> pkt = ldns.ldns_pkt.new_query_frm_str("test.nic.cz",ldns.LDNS_RR_TYPE_ANY, ldns.LDNS_RR_CLASS_IN, ldns.LDNS_QR | ldns.LDNS_AA)
- >>> rra = ldns.ldns_rr.new_frm_str("test.nic.cz. IN A 192.168.1.1",300)
- >>> list = ldns.ldns_rr_list()
- >>> if (rra): list.push_rr(rra)
- >>> pkt.push_rr_list(ldns.LDNS_SECTION_ANSWER, list)
- >>> print pkt
- ;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 0
- ;; flags: qr aa ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
- ;; QUESTION SECTION:
- ;; test.nic.cz. IN ANY
- ;; ANSWER SECTION:
- test.nic.cz. 300 IN A 192.168.1.1
- ;; AUTHORITY SECTION:
- ;; ADDITIONAL SECTION:
- ;; Query time: 0 msec
- ;; WHEN: Thu Jan 1 01:00:00 1970
- ;; MSG SIZE rcvd: 0
- """
- status, pkt = _ldns.ldns_pkt_query_new_frm_str(rr_name, rr_type, rr_class, flags)
- if status != LDNS_STATUS_OK:
- if (raiseException): raise Exception("Can't create query packet, error: %d" % status)
- return None
- return pkt
- #_LDNS_PKT_CONSTRUCTORS#
-
- def __str__(self):
- """Converts the data in the DNS packet to presentation format"""
- return _ldns.ldns_pkt2str(self)
-
- def opcode2str(self):
- """Converts a packet opcode to its mnemonic and returns that as an allocated null-terminated string."""
- return _ldns.ldns_pkt_opcode2str(sefl.get_opcode())
-
- def rcode2str(self):
- """Converts a packet rcode to its mnemonic and returns that as an allocated null-terminated string."""
- return _ldns.ldns_pkt_rcode2str(self.get_rcode())
-
- def print_to_file(self,output):
- """Prints the data in the DNS packet to the given file stream (in presentation format)."""
- _ldns.ldns_pkt_print(output,self)
- #parameters: FILE *,const ldns_pkt *,
-
- def write_to_buffer(self, buffer):
- """Copies the packet data to the buffer in wire format.
-
- :param buffer: buffer to append the result to
- :returns: (ldns_status) ldns_status
- """
- return _ldns.ldns_pkt2buffer_wire(buffer, self)
- #parameters: ldns_buffer *,const ldns_pkt *,
- #retvals: ldns_status
-
- @staticmethod
- def algorithm2str(alg):
- """Converts a signing algorithms to its mnemonic and returns that as an allocated null-terminated string."""
- return _ldns.ldns_pkt_algorithm2str(alg)
- #parameters: ldns_algorithm,
-
- @staticmethod
- def cert_algorithm2str(alg):
- """Converts a cert algorithm to its mnemonic and returns that as an allocated null-terminated string."""
- return _ldns.ldns_pkt_cert_algorithm2str(alg)
- #parameters: ldns_algorithm,
-
- #LDNS_PKT_METHODS_#
- def aa(self):
- """Read the packet's aa bit.
-
- :returns: (bool) value of the bit
- """
- return _ldns.ldns_pkt_aa(self)
- #parameters: const ldns_pkt *,
- #retvals: bool
-
- def ad(self):
- """Read the packet's ad bit.
-
- :returns: (bool) value of the bit
- """
- return _ldns.ldns_pkt_ad(self)
- #parameters: const ldns_pkt *,
- #retvals: bool
-
- def additional(self):
- """Return the packet's additional section.
-
- :returns: (ldns_rr_list \*) the section
- """
- return _ldns.ldns_pkt_additional(self)
- #parameters: const ldns_pkt *,
- #retvals: ldns_rr_list *
-
- def all(self):
- return _ldns.ldns_pkt_all(self)
- #parameters: const ldns_pkt *,
- #retvals: ldns_rr_list *
-
- def all_noquestion(self):
- return _ldns.ldns_pkt_all_noquestion(self)
- #parameters: const ldns_pkt *,
- #retvals: ldns_rr_list *
-
- def ancount(self):
- """Return the packet's an count.
-
- :returns: (uint16_t) the an count
- """
- return _ldns.ldns_pkt_ancount(self)
- #parameters: const ldns_pkt *,
- #retvals: uint16_t
-
- def answer(self):
- """Return the packet's answer section.
-
- :returns: (ldns_rr_list \*) the section
- """
- return _ldns.ldns_pkt_answer(self)
- #parameters: const ldns_pkt *,
- #retvals: ldns_rr_list *
-
- def answerfrom(self):
- """Return the packet's answerfrom.
-
- :returns: (ldns_rdf \*) the name of the server
- """
- return _ldns.ldns_pkt_answerfrom(self)
- #parameters: const ldns_pkt *,
- #retvals: ldns_rdf *
-
- def arcount(self):
- """Return the packet's ar count.
-
- :returns: (uint16_t) the ar count
- """
- return _ldns.ldns_pkt_arcount(self)
- #parameters: const ldns_pkt *,
- #retvals: uint16_t
-
- def authority(self):
- """Return the packet's authority section.
-
- :returns: (ldns_rr_list \*) the section
- """
- return _ldns.ldns_pkt_authority(self)
- #parameters: const ldns_pkt *,
- #retvals: ldns_rr_list *
-
- def cd(self):
- """Read the packet's cd bit.
-
- :returns: (bool) value of the bit
- """
- return _ldns.ldns_pkt_cd(self)
- #parameters: const ldns_pkt *,
- #retvals: bool
-
- def clone(self):
- """clones the given packet, creating a fully allocated copy
-
- :returns: (ldns_pkt \*) ldns_pkt* pointer to the new packet
- """
- return _ldns.ldns_pkt_clone(self)
- #parameters: ldns_pkt *,
- #retvals: ldns_pkt *
-
- def edns(self):
- """returns true if this packet needs and EDNS rr to be sent.
-
- At the moment the only reason is an expected packet size larger than 512 bytes, but for instance dnssec would be a good reason too.
-
- :returns: (bool) true if packet needs edns rr
- """
- return _ldns.ldns_pkt_edns(self)
- #parameters: const ldns_pkt *,
- #retvals: bool
-
- def edns_data(self):
- """return the packet's edns data
-
- :returns: (ldns_rdf \*) the data
- """
- return _ldns.ldns_pkt_edns_data(self)
- #parameters: const ldns_pkt *,
- #retvals: ldns_rdf *
-
- def edns_do(self):
- """return the packet's edns do bit
-
- :returns: (bool) the bit's value
- """
- return _ldns.ldns_pkt_edns_do(self)
- #parameters: const ldns_pkt *,
- #retvals: bool
-
- def edns_extended_rcode(self):
- """return the packet's edns extended rcode
-
- :returns: (uint8_t) the rcode
- """
- return _ldns.ldns_pkt_edns_extended_rcode(self)
- #parameters: const ldns_pkt *,
- #retvals: uint8_t
-
- def edns_udp_size(self):
- """return the packet's edns udp size
-
- :returns: (uint16_t) the size
- """
- return _ldns.ldns_pkt_edns_udp_size(self)
- #parameters: const ldns_pkt *,
- #retvals: uint16_t
-
- def edns_version(self):
- """return the packet's edns version
-
- :returns: (uint8_t) the version
- """
- return _ldns.ldns_pkt_edns_version(self)
- #parameters: const ldns_pkt *,
- #retvals: uint8_t
-
- def edns_z(self):
- """return the packet's edns z value
-
- :returns: (uint16_t) the z value
- """
- return _ldns.ldns_pkt_edns_z(self)
- #parameters: const ldns_pkt *,
- #retvals: uint16_t
-
- def empty(self):
- """check if a packet is empty
-
- :returns: (bool) true: empty, false: empty
- """
- return _ldns.ldns_pkt_empty(self)
- #parameters: ldns_pkt *,
- #retvals: bool
-
- def get_opcode(self):
- """Read the packet's code.
-
- :returns: (ldns_pkt_opcode) the opcode
- """
- return _ldns.ldns_pkt_get_opcode(self)
- #parameters: const ldns_pkt *,
- #retvals: ldns_pkt_opcode
-
- def get_rcode(self):
- """Return the packet's respons code.
-
- :returns: (ldns_pkt_rcode) the respons code
- """
- return _ldns.ldns_pkt_get_rcode(self)
- #parameters: const ldns_pkt *,
- #retvals: ldns_pkt_rcode
-
- def get_section_clone(self,s):
- """return all the rr_list's in the packet.
-
- Clone the lists, instead of returning pointers.
-
- :param s:
- what section(s) to return
- :returns: (ldns_rr_list \*) ldns_rr_list with the rr's or NULL if none were found
- """
- return _ldns.ldns_pkt_get_section_clone(self,s)
- #parameters: const ldns_pkt *,ldns_pkt_section,
- #retvals: ldns_rr_list *
-
- def id(self):
- """Read the packet id.
-
- :returns: (uint16_t) the packet id
- """
- return _ldns.ldns_pkt_id(self)
- #parameters: const ldns_pkt *,
- #retvals: uint16_t
-
- def nscount(self):
- """Return the packet's ns count.
-
- :returns: (uint16_t) the ns count
- """
- return _ldns.ldns_pkt_nscount(self)
- #parameters: const ldns_pkt *,
- #retvals: uint16_t
-
- def push_rr(self,section,rr):
- """push an rr on a packet
-
- :param section:
- where to put it
- :param rr:
- rr to push
- :returns: (bool) a boolean which is true when the rr was added
- """
- return _ldns.ldns_pkt_push_rr(self,section,rr)
- #parameters: ldns_pkt *,ldns_pkt_section,ldns_rr *,
- #retvals: bool
-
- def push_rr_list(self,section,list):
- """push a rr_list on a packet
-
- :param section:
- where to put it
- :param list:
- the rr_list to push
- :returns: (bool) a boolean which is true when the rr was added
- """
- return _ldns.ldns_pkt_push_rr_list(self,section,list)
- #parameters: ldns_pkt *,ldns_pkt_section,ldns_rr_list *,
- #retvals: bool
-
- def qdcount(self):
- """Return the packet's qd count.
-
- :returns: (uint16_t) the qd count
- """
- return _ldns.ldns_pkt_qdcount(self)
- #parameters: const ldns_pkt *,
- #retvals: uint16_t
-
- def qr(self):
- """Read the packet's qr bit.
-
- :returns: (bool) value of the bit
- """
- return _ldns.ldns_pkt_qr(self)
- #parameters: const ldns_pkt *,
- #retvals: bool
-
- def querytime(self):
- """Return the packet's querytime.
-
- :returns: (uint32_t) the querytime
- """
- return _ldns.ldns_pkt_querytime(self)
- #parameters: const ldns_pkt *,
- #retvals: uint32_t
-
- def question(self):
- """Return the packet's question section.
-
- :returns: (ldns_rr_list \*) the section
- """
- return _ldns.ldns_pkt_question(self)
- #parameters: const ldns_pkt *,
- #retvals: ldns_rr_list *
-
- def ra(self):
- """Read the packet's ra bit.
-
- :returns: (bool) value of the bit
- """
- return _ldns.ldns_pkt_ra(self)
- #parameters: const ldns_pkt *,
- #retvals: bool
-
- def rd(self):
- """Read the packet's rd bit.
-
- :returns: (bool) value of the bit
- """
- return _ldns.ldns_pkt_rd(self)
- #parameters: const ldns_pkt *,
- #retvals: bool
-
- def reply_type(self):
- """looks inside the packet to determine what kind of packet it is, AUTH, NXDOMAIN, REFERRAL, etc.
-
- :returns: (ldns_pkt_type) the type of packet
- """
- return _ldns.ldns_pkt_reply_type(self)
- #parameters: ldns_pkt *,
- #retvals: ldns_pkt_type
-
- def rr(self,sec,rr):
- """check to see if an rr exist in the packet
-
- :param sec:
- in which section to look
- :param rr:
- the rr to look for
- :returns: (bool)
- """
- return _ldns.ldns_pkt_rr(self,sec,rr)
- #parameters: ldns_pkt *,ldns_pkt_section,ldns_rr *,
- #retvals: bool
-
- def rr_list_by_name(self,r,s):
- """return all the rr with a specific name from a packet.
-
- Optionally specify from which section in the packet
-
- :param r:
- the name
- :param s:
- the packet's section
- :returns: (ldns_rr_list \*) a list with the rr's or NULL if none were found
- """
- return _ldns.ldns_pkt_rr_list_by_name(self,r,s)
- #parameters: ldns_pkt *,ldns_rdf *,ldns_pkt_section,
- #retvals: ldns_rr_list *
-
- def rr_list_by_name_and_type(self,ownername,atype,sec):
- """return all the rr with a specific type and type from a packet.
-
- Optionally specify from which section in the packet
-
- :param ownername:
- the name
- :param atype:
- :param sec:
- the packet's section
- :returns: (ldns_rr_list \*) a list with the rr's or NULL if none were found
- """
- return _ldns.ldns_pkt_rr_list_by_name_and_type(self,ownername,atype,sec)
- #parameters: const ldns_pkt *,const ldns_rdf *,ldns_rr_type,ldns_pkt_section,
- #retvals: ldns_rr_list *
-
- def rr_list_by_type(self,t,s):
- """return all the rr with a specific type from a packet.
-
- Optionally specify from which section in the packet
-
- :param t:
- the type
- :param s:
- the packet's section
- :returns: (ldns_rr_list \*) a list with the rr's or NULL if none were found
- """
- return _ldns.ldns_pkt_rr_list_by_type(self,t,s)
- #parameters: const ldns_pkt *,ldns_rr_type,ldns_pkt_section,
- #retvals: ldns_rr_list *
-
- def safe_push_rr(self,sec,rr):
- """push an rr on a packet, provided the RR is not there.
-
- :param sec:
- where to put it
- :param rr:
- rr to push
- :returns: (bool) a boolean which is true when the rr was added
- """
- return _ldns.ldns_pkt_safe_push_rr(self,sec,rr)
- #parameters: ldns_pkt *,ldns_pkt_section,ldns_rr *,
- #retvals: bool
-
- def safe_push_rr_list(self,sec,list):
- """push an rr_list to a packet, provided the RRs are not already there.
-
- :param sec:
- where to put it
- :param list:
- the rr_list to push
- :returns: (bool) a boolean which is true when the rr was added
- """
- return _ldns.ldns_pkt_safe_push_rr_list(self,sec,list)
- #parameters: ldns_pkt *,ldns_pkt_section,ldns_rr_list *,
- #retvals: bool
-
- def section_count(self,s):
- return _ldns.ldns_pkt_section_count(self,s)
- #parameters: const ldns_pkt *,ldns_pkt_section,
- #retvals: uint16_t
-
- def set_aa(self,b):
- """Set the packet's aa bit.
-
- :param b:
- the value to set (boolean)
- """
- _ldns.ldns_pkt_set_aa(self,b)
- #parameters: ldns_pkt *,bool,
- #retvals:
-
- def set_ad(self,b):
- """Set the packet's ad bit.
-
- :param b:
- the value to set (boolean)
- """
- _ldns.ldns_pkt_set_ad(self,b)
- #parameters: ldns_pkt *,bool,
- #retvals:
-
- def set_additional(self,rr):
- """directly set the additional section
-
- :param rr:
- rrlist to set
- """
- _ldns.ldns_pkt_set_additional(self,rr)
- #parameters: ldns_pkt *,ldns_rr_list *,
- #retvals:
-
- def set_ancount(self,c):
- """Set the packet's an count.
-
- :param c:
- the count
- """
- _ldns.ldns_pkt_set_ancount(self,c)
- #parameters: ldns_pkt *,uint16_t,
- #retvals:
-
- def set_answer(self,rr):
- """directly set the answer section
-
- :param rr:
- rrlist to set
- """
- _ldns.ldns_pkt_set_answer(self,rr)
- #parameters: ldns_pkt *,ldns_rr_list *,
- #retvals:
-
- def set_answerfrom(self,r):
- """Set the packet's answering server.
-
- :param r:
- the address
- """
- _ldns.ldns_pkt_set_answerfrom(self,r)
- #parameters: ldns_pkt *,ldns_rdf *,
- #retvals:
-
- def set_arcount(self,c):
- """Set the packet's arcount.
-
- :param c:
- the count
- """
- _ldns.ldns_pkt_set_arcount(self,c)
- #parameters: ldns_pkt *,uint16_t,
- #retvals:
-
- def set_authority(self,rr):
- """directly set the auhority section
-
- :param rr:
- rrlist to set
- """
- _ldns.ldns_pkt_set_authority(self,rr)
- #parameters: ldns_pkt *,ldns_rr_list *,
- #retvals:
-
- def set_cd(self,b):
- """Set the packet's cd bit.
-
- :param b:
- the value to set (boolean)
- """
- _ldns.ldns_pkt_set_cd(self,b)
- #parameters: ldns_pkt *,bool,
- #retvals:
-
- def set_edns_data(self,data):
- """Set the packet's edns data.
-
- :param data:
- the data
- """
- _ldns.ldns_pkt_set_edns_data(self,data)
- #parameters: ldns_pkt *,ldns_rdf *,
- #retvals:
-
- def set_edns_do(self,value):
- """Set the packet's edns do bit.
-
- :param value:
- the bit's new value
- """
- _ldns.ldns_pkt_set_edns_do(self,value)
- #parameters: ldns_pkt *,bool,
- #retvals:
-
- def set_edns_extended_rcode(self,c):
- """Set the packet's edns extended rcode.
-
- :param c:
- the code
- """
- _ldns.ldns_pkt_set_edns_extended_rcode(self,c)
- #parameters: ldns_pkt *,uint8_t,
- #retvals:
-
- def set_edns_udp_size(self,s):
- """Set the packet's edns udp size.
-
- :param s:
- the size
- """
- _ldns.ldns_pkt_set_edns_udp_size(self,s)
- #parameters: ldns_pkt *,uint16_t,
- #retvals:
-
- def set_edns_version(self,v):
- """Set the packet's edns version.
-
- :param v:
- the version
- """
- _ldns.ldns_pkt_set_edns_version(self,v)
- #parameters: ldns_pkt *,uint8_t,
- #retvals:
-
- def set_edns_z(self,z):
- """Set the packet's edns z value.
-
- :param z:
- the value
- """
- _ldns.ldns_pkt_set_edns_z(self,z)
- #parameters: ldns_pkt *,uint16_t,
- #retvals:
-
- def set_flags(self,flags):
- """sets the flags in a packet.
-
- :param flags:
- ORed values: LDNS_QR| LDNS_AR for instance
- :returns: (bool) true on success otherwise false
- """
- return _ldns.ldns_pkt_set_flags(self,flags)
- #parameters: ldns_pkt *,uint16_t,
- #retvals: bool
-
- def set_id(self,id):
- """Set the packet's id.
-
- :param id:
- the id to set
- """
- _ldns.ldns_pkt_set_id(self,id)
- #parameters: ldns_pkt *,uint16_t,
- #retvals:
-
- def set_nscount(self,c):
- """Set the packet's ns count.
-
- :param c:
- the count
- """
- _ldns.ldns_pkt_set_nscount(self,c)
- #parameters: ldns_pkt *,uint16_t,
- #retvals:
-
- def set_opcode(self,c):
- """Set the packet's opcode.
-
- :param c:
- the opcode
- """
- _ldns.ldns_pkt_set_opcode(self,c)
- #parameters: ldns_pkt *,ldns_pkt_opcode,
- #retvals:
-
- def set_qdcount(self,c):
- """Set the packet's qd count.
-
- :param c:
- the count
- """
- _ldns.ldns_pkt_set_qdcount(self,c)
- #parameters: ldns_pkt *,uint16_t,
- #retvals:
-
- def set_qr(self,b):
- """Set the packet's qr bit.
-
- :param b:
- the value to set (boolean)
- """
- _ldns.ldns_pkt_set_qr(self,b)
- #parameters: ldns_pkt *,bool,
- #retvals:
-
- def set_querytime(self,t):
- """Set the packet's query time.
-
- :param t:
- the querytime in msec
- """
- _ldns.ldns_pkt_set_querytime(self,t)
- #parameters: ldns_pkt *,uint32_t,
- #retvals:
-
- def set_question(self,rr):
- """directly set the question section
-
- :param rr:
- rrlist to set
- """
- _ldns.ldns_pkt_set_question(self,rr)
- #parameters: ldns_pkt *,ldns_rr_list *,
- #retvals:
-
- def set_ra(self,b):
- """Set the packet's ra bit.
-
- :param b:
- the value to set (boolean)
- """
- _ldns.ldns_pkt_set_ra(self,b)
- #parameters: ldns_pkt *,bool,
- #retvals:
-
- def set_random_id(self):
- """Set the packet's id to a random value.
- """
- _ldns.ldns_pkt_set_random_id(self)
- #parameters: ldns_pkt *,
- #retvals:
-
- def set_rcode(self,c):
- """Set the packet's respons code.
-
- :param c:
- the rcode
- """
- _ldns.ldns_pkt_set_rcode(self,c)
- #parameters: ldns_pkt *,uint8_t,
- #retvals:
-
- def set_rd(self,b):
- """Set the packet's rd bit.
-
- :param b:
- the value to set (boolean)
- """
- _ldns.ldns_pkt_set_rd(self,b)
- #parameters: ldns_pkt *,bool,
- #retvals:
-
- def set_section_count(self,s,x):
- """Set a packet's section count to x.
-
- :param s:
- the section
- :param x:
- the section count
- """
- _ldns.ldns_pkt_set_section_count(self,s,x)
- #parameters: ldns_pkt *,ldns_pkt_section,uint16_t,
- #retvals:
-
- def set_size(self,s):
- """Set the packet's size.
-
- :param s:
- the size
- """
- _ldns.ldns_pkt_set_size(self,s)
- #parameters: ldns_pkt *,size_t,
- #retvals:
-
- def set_tc(self,b):
- """Set the packet's tc bit.
-
- :param b:
- the value to set (boolean)
- """
- _ldns.ldns_pkt_set_tc(self,b)
- #parameters: ldns_pkt *,bool,
- #retvals:
-
- def set_timestamp(self,timeval):
- _ldns.ldns_pkt_set_timestamp(self,timeval)
- #parameters: ldns_pkt *,struct timeval,
- #retvals:
-
- def set_tsig(self,t):
- """Set the packet's tsig rr.
-
- :param t:
- the tsig rr
- """
- _ldns.ldns_pkt_set_tsig(self,t)
- #parameters: ldns_pkt *,ldns_rr *,
- #retvals:
-
- def size(self):
- """Return the packet's size in bytes.
-
- :returns: (size_t) the size
- """
- return _ldns.ldns_pkt_size(self)
- #parameters: const ldns_pkt *,
- #retvals: size_t
-
- def tc(self):
- """Read the packet's tc bit.
-
- :returns: (bool) value of the bit
- """
- return _ldns.ldns_pkt_tc(self)
- #parameters: const ldns_pkt *,
- #retvals: bool
-
- def timestamp(self):
- """Return the packet's timestamp.
-
- :returns: (struct timeval) the timestamp
- """
- return _ldns.ldns_pkt_timestamp(self)
- #parameters: const ldns_pkt *,
- #retvals: struct timeval
-
- def tsig(self):
- """Return the packet's tsig pseudo rr's.
-
- :returns: (ldns_rr \*) the tsig rr
- """
- return _ldns.ldns_pkt_tsig(self)
- #parameters: const ldns_pkt *,
- #retvals: ldns_rr *
-
- #_LDNS_PKT_METHODS#
-
- #LDNS update methods
- #LDNS_METHODS_#
- def update_pkt_tsig_add(self,r):
- """add tsig credentials to a packet from a resolver
-
- :param r:
- resolver to copy from
- :returns: (ldns_status) status wether successfull or not
- """
- return _ldns.ldns_update_pkt_tsig_add(self,r)
- #parameters: ldns_pkt *,ldns_resolver *,
- #retvals: ldns_status
-
- def update_prcount(self):
- """Get the zo count.
-
- :returns: (uint16_t) the pr count
- """
- return _ldns.ldns_update_prcount(self)
- #parameters: const ldns_pkt *,
- #retvals: uint16_t
-
- def update_set_adcount(self,c):
- """Set the ad count.
-
- :param c:
- the ad count to set
- """
- _ldns.ldns_update_set_adcount(self,c)
- #parameters: ldns_pkt *,uint16_t,
- #retvals:
-
- def update_set_prcount(self,c):
- """Set the pr count.
-
- :param c:
- the pr count to set
- """
- _ldns.ldns_update_set_prcount(self,c)
- #parameters: ldns_pkt *,uint16_t,
- #retvals:
-
- def update_set_upcount(self,c):
- """Set the up count.
-
- :param c:
- the up count to set
- """
- _ldns.ldns_update_set_upcount(self,c)
- #parameters: ldns_pkt *,uint16_t,
- #retvals:
-
- def update_set_zo(self,v):
- _ldns.ldns_update_set_zo(self,v)
- #parameters: ldns_pkt *,uint16_t,
- #retvals:
-
- def update_upcount(self):
- """Get the zo count.
-
- :returns: (uint16_t) the up count
- """
- return _ldns.ldns_update_upcount(self)
- #parameters: const ldns_pkt *,
- #retvals: uint16_t
-
- def update_zocount(self):
- """Get the zo count.
-
- :returns: (uint16_t) the zo count
- """
- return _ldns.ldns_update_zocount(self)
- #parameters: const ldns_pkt *,
- #retvals: uint16_t
-
- #_LDNS_METHODS#
- %}
-}
+++ /dev/null
-/******************************************************************************
- * ldns_rdata.i: LDNS record data
- *
- * Copyright (c) 2009, Zdenek Vasicek (vasicek AT fit.vutbr.cz)
- * Karel Slany (slany AT fit.vutbr.cz)
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * * Redistributions of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * * Neither the name of the organization nor the names of its
- * contributors may be used to endorse or promote products derived from this
- * software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- ******************************************************************************/
-
-//automatic conversion of const ldns_rdf* parameter from string
-%typemap(in,noblock=1) const ldns_rdf * (void* argp, $1_ltype tmp = 0, int res) {
- if (PyString_Check($input)) {
- tmp = ldns_dname_new_frm_str(PyString_AsString($input));
- if (tmp == NULL) {
- %argument_fail(SWIG_TypeError, "char *", $symname, $argnum);
- }
- $1 = ($1_ltype) tmp;
- } else {
- res = SWIG_ConvertPtr($input, &argp, SWIGTYPE_p_ldns_struct_rdf, 0 | 0 );
- if (!SWIG_IsOK(res)) {
- %argument_fail(res, "ldns_rdf const *", $symname, $argnum);
- }
- $1 = ($1_ltype) argp;
- }
-}
-
-%typemap(in,numinputs=0,noblock=1) (ldns_rdf **)
-{
- ldns_rdf *$1_rdf;
- $1 = &$1_rdf;
-}
-
-// result generation
-%typemap(argout,noblock=1) (ldns_rdf **)
-{
- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(SWIG_as_voidptr($1_rdf), SWIGTYPE_p_ldns_struct_rdf, SWIG_POINTER_OWN | 0 ));
-}
-
-%nodefaultctor ldns_struct_rdf; //no default constructor & destructor
-%nodefaultdtor ldns_struct_rdf;
-
-%newobject ldns_dname_new;
-%newobject ldns_dname_new_frm_str;
-%newobject ldns_dname_new_frm_data;
-
-%delobject ldns_rdf_deep_free;
-%delobject ldns_rdf_free;
-
-%rename(ldns_rdf) ldns_struct_rdf;
-
-%inline %{
-
-const char *ldns_rdf_type2str(const ldns_rdf *rdf)
-{
- if (rdf) {
- switch(ldns_rdf_get_type(rdf)) {
- case LDNS_RDF_TYPE_NONE: return 0;
- case LDNS_RDF_TYPE_DNAME: return "DNAME";
- case LDNS_RDF_TYPE_INT8: return "INT8";
- case LDNS_RDF_TYPE_INT16: return "INT16";
- case LDNS_RDF_TYPE_INT32: return "INT32";
- case LDNS_RDF_TYPE_PERIOD: return "PERIOD";
- case LDNS_RDF_TYPE_TSIGTIME: return "TSIGTIME";
- case LDNS_RDF_TYPE_A: return "A";
- case LDNS_RDF_TYPE_AAAA: return "AAAA";
- case LDNS_RDF_TYPE_STR: return "STR";
- case LDNS_RDF_TYPE_APL: return "APL";
- case LDNS_RDF_TYPE_B32_EXT: return "B32_EXT";
- case LDNS_RDF_TYPE_B64: return "B64";
- case LDNS_RDF_TYPE_HEX: return "HEX";
- case LDNS_RDF_TYPE_NSEC: return "NSEC";
- case LDNS_RDF_TYPE_NSEC3_SALT: return "NSEC3_SALT";
- case LDNS_RDF_TYPE_TYPE: return "TYPE";
- case LDNS_RDF_TYPE_CLASS: return "CLASS";
- case LDNS_RDF_TYPE_CERT_ALG: return "CER_ALG";
- case LDNS_RDF_TYPE_ALG: return "ALG";
- case LDNS_RDF_TYPE_UNKNOWN: return "UNKNOWN";
- case LDNS_RDF_TYPE_TIME: return "TIME";
- case LDNS_RDF_TYPE_LOC: return "LOC";
- case LDNS_RDF_TYPE_WKS: return "WKS";
- case LDNS_RDF_TYPE_SERVICE: return "SERVICE";
- case LDNS_RDF_TYPE_NSAP: return "NSAP";
- case LDNS_RDF_TYPE_ATMA: return "ATMA";
- case LDNS_RDF_TYPE_IPSECKEY: return "IPSECKEY";
- case LDNS_RDF_TYPE_TSIG: return "TSIG";
- case LDNS_RDF_TYPE_INT16_DATA: return "INT16_DATA";
- case LDNS_RDF_TYPE_NSEC3_NEXT_OWNER: return "NSEC3_NEXT_OWNER";
- }
- }
- return 0;
-}
-%}
-
-#ifdef LDNS_DEBUG
-%rename(__ldns_rdf_deep_free) ldns_rdf_deep_free;
-%rename(__ldns_rdf_free) ldns_rdf_free;
-%inline %{
-void _ldns_rdf_free (ldns_rdf* r) {
- printf("******** LDNS_RDF free 0x%lX ************\n", (long unsigned int)r);
- ldns_rdf_free(r);
-}
-%}
-#else
-%rename(_ldns_rdf_deep_free) ldns_rdf_deep_free;
-%rename(_ldns_rdf_free) ldns_rdf_free;
-#endif
-
-%newobject ldns_rdf2str;
-
-
-%feature("docstring") ldns_struct_rdf "Resource record data field.
-
-The data is a network ordered array of bytes, which size is specified by the (16-bit) size field. To correctly parse it, use the type specified in the (16-bit) type field with a value from ldns_rdf_type."
-
-%extend ldns_struct_rdf {
-
- %pythoncode %{
- def __init__(self):
- raise Exception("This class can't be created directly. Please use: ldns_rdf_new, ldns_rdf_new_frm_data, ldns_rdf_new_frm_str, ldns_rdf_new_frm_fp, ldns_rdf_new_frm_fp_l")
-
- __swig_destroy__ = _ldns._ldns_rdf_free
-
- #LDNS_RDF_CONSTRUCTORS_#
- @staticmethod
- def new_frm_str(str, rr_type, raiseException = True):
- """Creates a new rdf from a string of a given type.
-
- :param str: string to use
- :param rr_type: the type of RDF. See predefined `RDF_TYPE_` constants
- :param raiseException: if True, an exception occurs in case a RDF object can't be created
- :returns: RDF object or None. If the object can't be created and raiseException is True, an exception occurs.
-
- **Usage**
- >>> rdf = ldns.ldns_rdf.new_frm_str("74.125.43.99",ldns.LDNS_RDF_TYPE_A)
- >>> print rdf, rdf.get_type_str()
- A 74.125.43.99
- >>> name = ldns.ldns_resolver.new_frm_file().get_name_by_addr(rdf)
- >>> if (name): print name
- 99.43.125.74.in-addr.arpa. 85277 IN PTR bw-in-f99.google.com.
- """
- rr = _ldns.ldns_rdf_new_frm_str(rr_type, str)
- if not rr:
- if (raiseException): raise Exception("Can't create query packet, error: %d" % status)
- return rr
- #_LDNS_RDF_CONSTRUCTORS#
-
- def __str__(self):
- """Converts the rdata field to presentation format"""
- return _ldns.ldns_rdf2str(self)
-
- def __cmp__(self,other):
- """compares two rdf's on their wire formats.
-
- (To order dnames according to rfc4034, use ldns_dname_compare)
-
- :param other:
- the second one RDF
- :returns: (int) 0 if equal -1 if self comes before other +1 if other comes before self
- """
- return _ldns.ldns_rdf_compare(self,other)
-
- def print_to_file(self,output):
- """Prints the data in the rdata field to the given file stream (in presentation format)."""
- _ldns.ldns_rdf_print(output,self)
-
- def get_type_str(self):
- """Converts type to string"""
- return ldns_rdf_type2str(self)
-
- def write_to_buffer(self, buffer):
- """Copies the rdata data to the buffer in wire format.
-
- :param buffer: buffer to append the result to
- :returns: (ldns_status) ldns_status
- """
- return _ldns.ldns_rdf2buffer_wire(buffer, self)
- #parameters: ldns_buffer *,const ldns_rdf *,
- #retvals: ldns_status
-
- def write_to_buffer_canonical(self, buffer):
- """Copies the rdata data to the buffer in wire format If the rdata is a dname, the letters will be lowercased during the conversion.
-
- :param buffer: LDNS buffer
- :returns: (ldns_status) ldns_status
- """
- return _ldns.ldns_rdf2buffer_wire_canonical(buffer, self)
- #parameters: ldns_buffer *,const ldns_rdf *,
- #retvals: ldns_status
-
- #LDNS_RDF_METHODS_#
- def address_reverse(self):
- """reverses an rdf, only actually useful for AAAA and A records.
-
- The returned rdf has the type LDNS_RDF_TYPE_DNAME!
-
- :returns: (ldns_rdf \*) the reversed rdf (a newly created rdf)
- """
- return _ldns.ldns_rdf_address_reverse(self)
- #parameters: ldns_rdf *,
- #retvals: ldns_rdf *
-
- def clone(self):
- """clones a rdf structure.
-
- The data is copied.
-
- :returns: (ldns_rdf \*) a new rdf structure
- """
- return _ldns.ldns_rdf_clone(self)
- #parameters: const ldns_rdf *,
- #retvals: ldns_rdf *
-
- def data(self):
- """returns the data of the rdf.
-
- :returns: (uint8_t \*) uint8_t* pointer to the rdf's data
- """
- return _ldns.ldns_rdf_data(self)
- #parameters: const ldns_rdf *,
- #retvals: uint8_t *
-
- def get_type(self):
- """returns the type of the rdf.
-
- We need to insert _get_ here to prevent conflict the the rdf_type TYPE.
-
- :returns: (ldns_rdf_type) ldns_rdf_type with the type
- """
- return _ldns.ldns_rdf_get_type(self)
- #parameters: const ldns_rdf *,
- #retvals: ldns_rdf_type
-
- def set_data(self,data):
- """sets the size of the rdf.
-
- :param data:
- """
- _ldns.ldns_rdf_set_data(self,data)
- #parameters: ldns_rdf *,void *,
- #retvals:
-
- def set_size(self,size):
- """sets the size of the rdf.
-
- :param size:
- the new size
- """
- _ldns.ldns_rdf_set_size(self,size)
- #parameters: ldns_rdf *,size_t,
- #retvals:
-
- def set_type(self,atype):
- """sets the size of the rdf.
-
- :param atype:
- """
- _ldns.ldns_rdf_set_type(self,atype)
- #parameters: ldns_rdf *,ldns_rdf_type,
- #retvals:
-
- def size(self):
- """returns the size of the rdf.
-
- :returns: (size_t) uint16_t with the size
- """
- return _ldns.ldns_rdf_size(self)
- #parameters: const ldns_rdf *,
- #retvals: size_t
-
- @staticmethod
- def dname_new_frm_str(str):
- """Creates a new dname rdf instance from a string.
-
- This static method is equivalent to using of default class constructor.
-
- :parameter str: str string to use
- """
- return _ldns.ldns_dname_new_frm_str(str)
-
- def absolute(self):
- """Checks whether the given dname string is absolute (i.e. ends with a '.')
-
- :returns: (bool) True or False
- """
- return self.endswith(".")
-
- def make_canonical(self):
- """Put a dname into canonical fmt - ie. lowercase it
- """
- _ldns.ldns_dname2canonical(self)
-
- def dname_compare(self,other):
- """Compares the two dname rdf's according to the algorithm for ordering in RFC4034 Section 6.
-
- :param other:
- the second dname rdf to compare
- :returns: (int) -1 if dname comes before other, 1 if dname comes after other, and 0 if they are equal.
- """
- return _ldns.ldns_dname_compare(self,other)
-
- def cat(self,rd2):
- """concatenates rd2 after this dname (rd2 is copied, this dname is modified)
-
- :param rd2:
- the rightside
- :returns: (ldns_status) LDNS_STATUS_OK on success
- """
- return _ldns.ldns_dname_cat(self,rd2)
- #parameters: ldns_rdf *,ldns_rdf *,
- #retvals: ldns_status
-
- def cat_clone(self,rd2):
- """concatenates two dnames together
-
- :param rd2:
- the rightside
- :returns: (ldns_rdf \*) a new rdf with leftside/rightside
- """
- return _ldns.ldns_dname_cat_clone(self,rd2)
- #parameters: const ldns_rdf *,const ldns_rdf *,
- #retvals: ldns_rdf *
-
- def interval(self,middle,next):
- """check if middle lays in the interval defined by prev and next prev <= middle < next.
-
- This is usefull for nsec checking
-
- :param middle:
- the dname to check
- :param next:
- the next dname return 0 on error or unknown, -1 when middle is in the interval, +1 when not
- :returns: (int)
- """
- return _ldns.ldns_dname_interval(self,middle,next)
- #parameters: const ldns_rdf *,const ldns_rdf *,const ldns_rdf *,
- #retvals: int
-
- def is_subdomain(self,parent):
- """Tests wether the name sub falls under parent (i.e. is a subdomain of parent).
-
- This function will return false if the given dnames are equal.
-
- :param parent:
- (ldns_rdf) the parent's name
- :returns: (bool) true if sub falls under parent, otherwise false
- """
- return _ldns.ldns_dname_is_subdomain(self,parent)
- #parameters: const ldns_rdf *,const ldns_rdf *,
- #retvals: bool
-
- def label(self,labelpos):
- """look inside the rdf and if it is an LDNS_RDF_TYPE_DNAME try and retrieve a specific label.
-
- The labels are numbered starting from 0 (left most).
-
- :param labelpos:
- return the label with this number
- :returns: (ldns_rdf \*) a ldns_rdf* with the label as name or NULL on error
- """
- return _ldns.ldns_dname_label(self,labelpos)
- #parameters: const ldns_rdf *,uint8_t,
- #retvals: ldns_rdf *
-
- def label_count(self):
- """count the number of labels inside a LDNS_RDF_DNAME type rdf.
-
- :returns: (uint8_t) the number of labels
- """
- return _ldns.ldns_dname_label_count(self)
- #parameters: const ldns_rdf *,
- #retvals: uint8_t
-
- def left_chop(self):
- """chop one label off the left side of a dname.
-
- so wwww.nlnetlabs.nl, becomes nlnetlabs.nl
-
- :returns: (ldns_rdf \*) the remaining dname
- """
- return _ldns.ldns_dname_left_chop(self)
- #parameters: const ldns_rdf *,
- #retvals: ldns_rdf *
-
- def reverse(self):
- """Returns a clone of the given dname with the labels reversed.
-
- :returns: (ldns_rdf \*) clone of the dname with the labels reversed.
- """
- return _ldns.ldns_dname_reverse(self)
- #parameters: const ldns_rdf *,
- #retvals: ldns_rdf *
-
- #_LDNS_RDF_METHODS#
- %}
-}
+++ /dev/null
-/******************************************************************************
- * ldns_resolver.i: LDNS resolver class
- *
- * Copyright (c) 2009, Zdenek Vasicek (vasicek AT fit.vutbr.cz)
- * Karel Slany (slany AT fit.vutbr.cz)
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * * Redistributions of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * * Neither the name of the organization nor the names of its
- * contributors may be used to endorse or promote products derived from this
- * software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- ******************************************************************************/
-
-%typemap(in,numinputs=0,noblock=1) (ldns_resolver **r)
-{
- ldns_resolver *$1_res;
- $1 = &$1_res;
-}
-
-/* result generation */
-%typemap(argout,noblock=1) (ldns_resolver **r)
-{
- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(SWIG_as_voidptr($1_res), SWIGTYPE_p_ldns_struct_resolver, SWIG_POINTER_OWN | 0 ));
-}
-
-//TODO: pop_nameserver a podobne funkce musi predat objekt do spravy PYTHONU!!
-%newobject ldns_resolver_pop_nameserver;
-%newobject ldns_resolver_query;
-%newobject ldns_axfr_next;
-
-%delobject ldns_resolver_deep_free;
-%delobject ldns_resolver_free;
-
-%nodefaultctor ldns_struct_resolver; //no default constructor & destructor
-%nodefaultdtor ldns_struct_resolver;
-
-%ignore ldns_struct_resolver::_searchlist;
-%ignore ldns_struct_resolver::_nameservers;
-%ignore ldns_resolver_set_nameservers;
-
-%rename(ldns_resolver) ldns_struct_resolver;
-
-#ifdef LDNS_DEBUG
-%rename(__ldns_resolver_deep_free) ldns_resolver_deep_free;
-%rename(__ldns_resolver_free) ldns_resolver_free;
-%inline %{
-void _ldns_resolver_free (ldns_resolver* r) {
- printf("******** LDNS_RESOLVER deep free 0x%lX ************\n", (long unsigned int)r);
- ldns_resolver_deep_free(r);
-}
-%}
-#else
-%rename(_ldns_resolver_deep_free) ldns_resolver_deep_free;
-%rename(_ldns_resolver_free) ldns_resolver_free;
-#endif
-
-%feature("docstring") ldns_struct_resolver "LDNS resolver object.
-
-The ldns_resolver object keeps a list of nameservers and can perform queries.
-
-**Usage**
-
->>> import ldns
->>> resolver = ldns.ldns_resolver.new_frm_file(\"/etc/resolv.conf\")
->>> pkt = resolver.query(\"www.nic.cz\", ldns.LDNS_RR_TYPE_A,ldns.LDNS_RR_CLASS_IN)
->>> if (pkt) and (pkt.answer()):
->>> print pkt.answer()
-www.nic.cz. 1757 IN A 217.31.205.50
-
-This simple example instances a resolver in order to resolve www.nic.cz record of A type.
-"
-
-%extend ldns_struct_resolver {
-
- %pythoncode %{
- def __init__(self):
- raise Exception("This class can't be created directly. Please use: new_frm_file(filename), new_frm_fp(file) or new_frm_fp_l(file,line)")
-
- __swig_destroy__ = _ldns._ldns_resolver_free
-
- #LDNS_RESOLVER_CONSTRUCTORS_#
- @staticmethod
- def new_frm_file(filename = "/etc/resolv.conf", raiseException=True):
- """Creates a resolver object from given filename
-
- :param filename: name of file which contains informations (usually /etc/resolv.conf)
- :param raiseException: if True, an exception occurs in case a resolver object can't be created
- :returns: resolver object or None. If the object can't be created and raiseException is True, an exception occurs.
- """
- status, resolver = _ldns.ldns_resolver_new_frm_file(filename)
- if status != LDNS_STATUS_OK:
- if (raiseException): raise Exception("Can't create resolver, error: %d" % status)
- return None
- return resolver
-
- @staticmethod
- def new_frm_fp(file, raiseException=True):
- """Creates a resolver object from file
-
- :param file: a file object
- :param raiseException: if True, an exception occurs in case a resolver object can't be created
- :returns: resolver object or None. If the object can't be created and raiseException is True, an exception occurs.
- """
- status, resolver = _ldns.ldns_resolver_new_frm_fp(file)
- if status != LDNS_STATUS_OK:
- if (raiseException): raise Exception("Can't create resolver, error: %d" % status)
- return None
- return resolver
-
- @staticmethod
- def new_frm_fp_l(file, raiseException=True):
- """Creates a resolver object from file
-
- :param file: a file object
- :param raiseException: if True, an exception occurs in case a resolver instance can't be created
- :returns:
- * resolver - resolver instance or None. If an instance can't be created and raiseException is True, an exception occurs.
-
- * line - the line number (for debugging)
- """
- status, resolver, line = _ldns.ldns_resolver_new_frm_fp_l(file)
- if status != LDNS_STATUS_OK:
- if (raiseException): raise Exception("Can't create resolver, error: %d" % status)
- return None
- return resolver, line
-
- #_LDNS_RESOLVER_CONSTRUCTORS#
-
- # High level functions
- def get_addr_by_name(self, name, aclass = _ldns.LDNS_RR_CLASS_IN, flags = _ldns.LDNS_RD):
- """Ask the resolver about name and return all address records
-
- :param name: (ldns_rdf) the name to look for
- :param aclass: the class to use
- :param flags: give some optional flags to the query
-
- :returns: RR List object or None
-
- **Usage**
- >>> addr = resolver.get_addr_by_name("www.google.com", ldns.LDNS_RR_CLASS_IN, ldns.LDNS_RD)
- >>> if (not addr): raise Exception("Can't retrieve server address")
- >>> for rr in addr.rrs():
- >>> print rr
- www.l.google.com. 300 IN A 74.125.43.99
- www.l.google.com. 300 IN A 74.125.43.103
- www.l.google.com. 300 IN A 74.125.43.104
- www.l.google.com. 300 IN A 74.125.43.147
-
- """
- return _ldns.ldns_get_rr_list_addr_by_name(self, name, aclass, flags)
-
- def get_name_by_addr(self, addr, aclass = _ldns.LDNS_RR_CLASS_IN, flags = _ldns.LDNS_RD):
- """Ask the resolver about the address and return the name
-
- :param name: (ldns_rdf of A or AAAA type) the addr to look for. If a string is given, A or AAAA type is identified automatically
- :param aclass: the class to use
- :param flags: give some optional flags to the query
-
- :returns: RR List object or None
-
- **Usage**
- >>> addr = resolver.get_name_by_addr("74.125.43.99", ldns.LDNS_RR_CLASS_IN, ldns.LDNS_RD)
- >>> if (not addr): raise Exception("Can't retrieve server address")
- >>> for rr in addr.rrs():
- >>> print rr
- 99.43.125.74.in-addr.arpa. 85641 IN PTR bw-in-f99.google.com.
-
- """
- rdf = addr
- if isinstance(addr, str):
- if (addr.find("::") >= 0): #IPv6
- rdf = _ldns.ldns_rdf_new_frm_str(_ldns.LDNS_RDF_TYPE_AAAA, addr)
- else:
- rdf = _ldns.ldns_rdf_new_frm_str(_ldns.LDNS_RDF_TYPE_A, addr)
- return _ldns.ldns_get_rr_list_name_by_addr(self, rdf, aclass, flags)
-
- def print_to_file(self,output):
- """Print a resolver (in sofar that is possible) state to output."""
- _ldns.ldns_resolver_print(output,self)
-
- def axfr_start(self, domain, aclass):
- """Prepares the resolver for an axfr query. The query is sent and the answers can be read with axfr_next
-
- **Usage**
- ::
-
- status = resolver.axfr_start("nic.cz", ldns.LDNS_RR_CLASS_IN)
- if (status != ldns.LDNS_STATUS_OK): raise Exception("Can't start AXFR, error: %s" % ldns.ldns_get_errorstr_by_id(status))
- #Print the results
- while True:
- rr = resolver.axfr_next()
- if not rr:
- break
-
- print rr
-
- """
- return _ldns.ldns_axfr_start(self, domain, aclass)
- #parameters: ldns_resolver *resolver, ldns_rdf *domain, ldns_rr_class c
- #retvals: int
-
- def axfr_complete(self):
- """returns true if the axfr transfer has completed (i.e. 2 SOA RRs and no errors were encountered)"""
- return _ldns.ldns_axfr_complete(self)
- #parameters: const ldns_resolver *,
- #retvals: bool
-
- def axfr_last_pkt(self):
- """returns a pointer to the last ldns_pkt that was sent by the server in the AXFR transfer uasable for instance to get the error code on failure"""
- return _ldns.ldns_axfr_last_pkt(self)
- #parameters: const ldns_resolver *,
- #retvals: ldns_pkt *
-
- def axfr_next(self):
- """get the next stream of RRs in a AXFR"""
- return _ldns.ldns_axfr_next(self)
- #parameters: ldns_resolver *,
- #retvals: ldns_rr *
-
- #LDNS_RESOLVER_METHODS_#
- def debug(self):
- """Get the debug status of the resolver.
-
- :returns: (bool) true if so, otherwise false
- """
- return _ldns.ldns_resolver_debug(self)
- #parameters: const ldns_resolver *,
- #retvals: bool
-
- def dec_nameserver_count(self):
- """Decrement the resolver's nameserver count.
- """
- _ldns.ldns_resolver_dec_nameserver_count(self)
- #parameters: ldns_resolver *,
- #retvals:
-
- def defnames(self):
- return _ldns.ldns_resolver_defnames(self)
- #parameters: const ldns_resolver *,
- #retvals: bool
-
- def dnsrch(self):
- return _ldns.ldns_resolver_dnsrch(self)
- #parameters: const ldns_resolver *,
- #retvals: bool
-
- def dnssec(self):
- """Does the resolver do DNSSEC.
-
- :returns: (bool) true: yes, false: no
- """
- return _ldns.ldns_resolver_dnssec(self)
- #parameters: const ldns_resolver *,
- #retvals: bool
-
- def dnssec_anchors(self):
- """Get the resolver's DNSSEC anchors.
-
- :returns: (ldns_rr_list \*) an rr_list containg trusted DNSSEC anchors
- """
- return _ldns.ldns_resolver_dnssec_anchors(self)
- #parameters: const ldns_resolver *,
- #retvals: ldns_rr_list *
-
- def dnssec_cd(self):
- """Does the resolver set the CD bit.
-
- :returns: (bool) true: yes, false: no
- """
- return _ldns.ldns_resolver_dnssec_cd(self)
- #parameters: const ldns_resolver *,
- #retvals: bool
-
- def domain(self):
- """What is the default dname to add to relative queries.
-
- :returns: (ldns_rdf \*) the dname which is added
- """
- return _ldns.ldns_resolver_domain(self)
- #parameters: const ldns_resolver *,
- #retvals: ldns_rdf *
-
- def edns_udp_size(self):
- """Get the resolver's udp size.
-
- :returns: (uint16_t) the udp mesg size
- """
- return _ldns.ldns_resolver_edns_udp_size(self)
- #parameters: const ldns_resolver *,
- #retvals: uint16_t
-
- def fail(self):
- """Does the resolver only try the first nameserver.
-
- :returns: (bool) true: yes, fail, false: no, try the others
- """
- return _ldns.ldns_resolver_fail(self)
- #parameters: const ldns_resolver *,
- #retvals: bool
-
- def fallback(self):
- """Get the truncation fallback status.
-
- :returns: (bool) whether the truncation fallback mechanism is used
- """
- return _ldns.ldns_resolver_fallback(self)
- #parameters: const ldns_resolver *,
- #retvals: bool
-
- def igntc(self):
- """Does the resolver ignore the TC bit (truncated).
-
- :returns: (bool) true: yes, false: no
- """
- return _ldns.ldns_resolver_igntc(self)
- #parameters: const ldns_resolver *,
- #retvals: bool
-
- def incr_nameserver_count(self):
- """Incremental the resolver's nameserver count.
- """
- _ldns.ldns_resolver_incr_nameserver_count(self)
- #parameters: ldns_resolver *,
- #retvals:
-
- def ip6(self):
- """Does the resolver use ip6 or ip4.
-
- :returns: (uint8_t) 0: both, 1: ip4, 2:ip6
- """
- return _ldns.ldns_resolver_ip6(self)
- #parameters: const ldns_resolver *,
- #retvals: uint8_t
-
- def nameserver_count(self):
- """How many nameserver are configured in the resolver.
-
- :returns: (size_t) number of nameservers
- """
- return _ldns.ldns_resolver_nameserver_count(self)
- #parameters: const ldns_resolver *,
- #retvals: size_t
-
- def nameserver_rtt(self,pos):
- """Return the used round trip time for a specific nameserver.
-
- :param pos:
- the index to the nameserver
- :returns: (size_t) the rrt, 0: infinite, >0: undefined (as of * yet)
- """
- return _ldns.ldns_resolver_nameserver_rtt(self,pos)
- #parameters: const ldns_resolver *,size_t,
- #retvals: size_t
-
- def nameservers(self):
- """Return the configured nameserver ip address.
-
- :returns: (ldns_rdf \*\*) a ldns_rdf pointer to a list of the addresses
- """
- return _ldns.ldns_resolver_nameservers(self)
- #parameters: const ldns_resolver *,
- #retvals: ldns_rdf **
-
- def nameservers_randomize(self):
- """randomize the nameserver list in the resolver
- """
- _ldns.ldns_resolver_nameservers_randomize(self)
- #parameters: ldns_resolver *,
- #retvals:
-
- def pop_nameserver(self):
- """pop the last nameserver from the resolver.
-
- :returns: (ldns_rdf \*) the popped address or NULL if empty
- """
- return _ldns.ldns_resolver_pop_nameserver(self)
- #parameters: ldns_resolver *,
- #retvals: ldns_rdf *
-
- def port(self):
- """Get the port the resolver should use.
-
- :returns: (uint16_t) the port number
- """
- return _ldns.ldns_resolver_port(self)
- #parameters: const ldns_resolver *,
- #retvals: uint16_t
-
- def prepare_query_pkt(self,name,t,c,f):
- """Form a query packet from a resolver and name/type/class combo.
-
- :param name:
- :param t:
- query for this type (may be 0, defaults to A)
- :param c:
- query for this class (may be 0, default to IN)
- :param f:
- the query flags
- :returns: * (ldns_status) ldns_pkt* a packet with the reply from the nameserver
- * (ldns_pkt \*\*) query packet class
- """
- return _ldns.ldns_resolver_prepare_query_pkt(self,name,t,c,f)
- #parameters: ldns_resolver *,const ldns_rdf *,ldns_rr_type,ldns_rr_class,uint16_t,
- #retvals: ldns_status,ldns_pkt **
-
- def push_dnssec_anchor(self,rr):
- """Push a new trust anchor to the resolver.
-
- It must be a DS or DNSKEY rr
-
- :param rr:
- the RR to add as a trust anchor.
- :returns: (ldns_status) a status
- """
- return _ldns.ldns_resolver_push_dnssec_anchor(self,rr)
- #parameters: ldns_resolver *,ldns_rr *,
- #retvals: ldns_status
-
- def push_nameserver(self,n):
- """push a new nameserver to the resolver.
-
- It must be an IP address v4 or v6.
-
- :param n:
- the ip address
- :returns: (ldns_status) ldns_status a status
- """
- return _ldns.ldns_resolver_push_nameserver(self,n)
- #parameters: ldns_resolver *,ldns_rdf *,
- #retvals: ldns_status
-
- def push_nameserver_rr(self,rr):
- """push a new nameserver to the resolver.
-
- It must be an A or AAAA RR record type
-
- :param rr:
- the resource record
- :returns: (ldns_status) ldns_status a status
- """
- return _ldns.ldns_resolver_push_nameserver_rr(self,rr)
- #parameters: ldns_resolver *,ldns_rr *,
- #retvals: ldns_status
-
- def push_nameserver_rr_list(self,rrlist):
- """push a new nameserver rr_list to the resolver.
-
- :param rrlist:
- the rr_list to push
- :returns: (ldns_status) ldns_status a status
- """
- return _ldns.ldns_resolver_push_nameserver_rr_list(self,rrlist)
- #parameters: ldns_resolver *,ldns_rr_list *,
- #retvals: ldns_status
-
- def push_searchlist(self,rd):
- """Push a new rd to the resolver's searchlist.
-
- :param rd:
- to push
- """
- _ldns.ldns_resolver_push_searchlist(self,rd)
- #parameters: ldns_resolver *,ldns_rdf *,
- #retvals:
-
- def query(self,name,atype=_ldns.LDNS_RR_TYPE_A,aclass=_ldns.LDNS_RR_CLASS_IN,flags=_ldns.LDNS_RD):
- """Send a query to a nameserver.
-
- :param name: (ldns_rdf) the name to look for
- :param atype: the RR type to use
- :param aclass: the RR class to use
- :param flags: give some optional flags to the query
- :returns: (ldns_pkt) a packet with the reply from the nameserver if _defnames is true the default domain will be added
- """
- return _ldns.ldns_resolver_query(self,name,atype,aclass,flags)
- #parameters: const ldns_resolver *,const ldns_rdf *,ldns_rr_type,ldns_rr_class,uint16_t,
- #retvals: ldns_pkt *
-
- def random(self):
- """Does the resolver randomize the nameserver before usage.
-
- :returns: (bool) true: yes, false: no
- """
- return _ldns.ldns_resolver_random(self)
- #parameters: const ldns_resolver *,
- #retvals: bool
-
- def recursive(self):
- """Is the resolver set to recurse.
-
- :returns: (bool) true if so, otherwise false
- """
- return _ldns.ldns_resolver_recursive(self)
- #parameters: const ldns_resolver *,
- #retvals: bool
-
- def retrans(self):
- """Get the retransmit interval.
-
- :returns: (uint8_t) the retransmit interval
- """
- return _ldns.ldns_resolver_retrans(self)
- #parameters: const ldns_resolver *,
- #retvals: uint8_t
-
- def retry(self):
- """Get the number of retries.
-
- :returns: (uint8_t) the number of retries
- """
- return _ldns.ldns_resolver_retry(self)
- #parameters: const ldns_resolver *,
- #retvals: uint8_t
-
- def rtt(self):
- """Return the used round trip times for the nameservers.
-
- :returns: (size_t \*) a size_t* pointer to the list. yet)
- """
- return _ldns.ldns_resolver_rtt(self)
- #parameters: const ldns_resolver *,
- #retvals: size_t *
-
- def search(self,rdf,t,c,flags):
- """Send the query for using the resolver and take the search list into account The search algorithm is as follows: If the name is absolute, try it as-is, otherwise apply the search list.
-
- :param rdf:
- :param t:
- query for this type (may be 0, defaults to A)
- :param c:
- query for this class (may be 0, default to IN)
- :param flags:
- the query flags
- :returns: (ldns_pkt \*) ldns_pkt* a packet with the reply from the nameserver
- """
- return _ldns.ldns_resolver_search(self,rdf,t,c,flags)
- #parameters: const ldns_resolver *,const ldns_rdf *,ldns_rr_type,ldns_rr_class,uint16_t,
- #retvals: ldns_pkt *
-
- def searchlist(self):
- """What is the searchlist as used by the resolver.
-
- :returns: (ldns_rdf \*\*) a ldns_rdf pointer to a list of the addresses
- """
- return _ldns.ldns_resolver_searchlist(self)
- #parameters: const ldns_resolver *,
- #retvals: ldns_rdf \*\*
-
- def searchlist_count(self):
- """Return the resolver's searchlist count.
-
- :returns: (size_t) the searchlist count
- """
- return _ldns.ldns_resolver_searchlist_count(self)
- #parameters: const ldns_resolver *,
- #retvals: size_t
-
- def send(self,name,t,c,flags):
- """Send the query for name as-is.
-
- :param name:
- :param t:
- query for this type (may be 0, defaults to A)
- :param c:
- query for this class (may be 0, default to IN)
- :param flags:
- the query flags
- :returns: * (ldns_status) ldns_pkt* a packet with the reply from the nameserver
- * (ldns_pkt \*\*)
- """
- return _ldns.ldns_resolver_send(self,name,t,c,flags)
- #parameters: ldns_resolver *,const ldns_rdf *,ldns_rr_type,ldns_rr_class,uint16_t,
- #retvals: ldns_status,ldns_pkt **
-
- def send_pkt(self,query_pkt):
- """Send the given packet to a nameserver.
-
- :param query_pkt:
- :returns: * (ldns_status)
- * (ldns_pkt \*\*)
- """
- return _ldns.ldns_resolver_send_pkt(self,query_pkt)
- #parameters: ldns_resolver *,ldns_pkt *,
- #retvals: ldns_status,ldns_pkt **
-
- def set_debug(self,b):
- """Set the resolver debugging.
-
- :param b:
- true: debug on: false debug off
- """
- _ldns.ldns_resolver_set_debug(self,b)
- #parameters: ldns_resolver *,bool,
- #retvals:
-
- def set_defnames(self,b):
- """Whether the resolver uses the name set with _set_domain.
-
- :param b:
- true: use the defaults, false: don't use them
- """
- _ldns.ldns_resolver_set_defnames(self,b)
- #parameters: ldns_resolver *,bool,
- #retvals:
-
- def set_dnsrch(self,b):
- """Whether the resolver uses the searchlist.
-
- :param b:
- true: use the list, false: don't use the list
- """
- _ldns.ldns_resolver_set_dnsrch(self,b)
- #parameters: ldns_resolver *,bool,
- #retvals:
-
- def set_dnssec(self,b):
- """Whether the resolver uses DNSSEC.
-
- :param b:
- true: use DNSSEC, false: don't use DNSSEC
- """
- _ldns.ldns_resolver_set_dnssec(self,b)
- #parameters: ldns_resolver *,bool,
- #retvals:
-
- def set_dnssec_anchors(self,l):
- """Set the resolver's DNSSEC anchor list directly.
-
- RRs should be of type DS or DNSKEY.
-
- :param l:
- the list of RRs to use as trust anchors
- """
- _ldns.ldns_resolver_set_dnssec_anchors(self,l)
- #parameters: ldns_resolver *,ldns_rr_list *,
- #retvals:
-
- def set_dnssec_cd(self,b):
- """Whether the resolver uses the checking disable bit.
-
- :param b:
- true: enable , false: don't use TCP
- """
- _ldns.ldns_resolver_set_dnssec_cd(self,b)
- #parameters: ldns_resolver *,bool,
- #retvals:
-
- def set_domain(self,rd):
- """Set the resolver's default domain.
-
- This gets appended when no absolute name is given
-
- :param rd:
- the name to append
- """
- _ldns.ldns_resolver_set_domain(self,rd)
- #parameters: ldns_resolver *,ldns_rdf *,
- #retvals:
-
- def set_edns_udp_size(self,s):
- """Set maximum udp size.
-
- :param s:
- the udp max size
- """
- _ldns.ldns_resolver_set_edns_udp_size(self,s)
- #parameters: ldns_resolver *,uint16_t,
- #retvals:
-
- def set_fail(self,b):
- """Whether or not to fail after one failed query.
-
- :param b:
- true: yes fail, false: continue with next nameserver
- """
- _ldns.ldns_resolver_set_fail(self,b)
- #parameters: ldns_resolver *,bool,
- #retvals:
-
- def set_fallback(self,fallback):
- """Set whether the resolvers truncation fallback mechanism is used when ldns_resolver_query() is called.
-
- :param fallback:
- whether to use the fallback mechanism
- """
- _ldns.ldns_resolver_set_fallback(self,fallback)
- #parameters: ldns_resolver *,bool,
- #retvals:
-
- def set_igntc(self,b):
- """Whether or not to ignore the TC bit.
-
- :param b:
- true: yes ignore, false: don't ignore
- """
- _ldns.ldns_resolver_set_igntc(self,b)
- #parameters: ldns_resolver *,bool,
- #retvals:
-
- def set_ip6(self,i):
- """Whether the resolver uses ip6.
-
- :param i:
- 0: no pref, 1: ip4, 2: ip6
- """
- _ldns.ldns_resolver_set_ip6(self,i)
- #parameters: ldns_resolver *,uint8_t,
- #retvals:
-
- def set_nameserver_count(self,c):
- """Set the resolver's nameserver count directly.
-
- :param c:
- the nameserver count
- """
- _ldns.ldns_resolver_set_nameserver_count(self,c)
- #parameters: ldns_resolver *,size_t,
- #retvals:
-
- def set_nameserver_rtt(self,pos,value):
- """Set round trip time for a specific nameserver.
-
- Note this currently differentiates between: unreachable and reachable.
-
- :param pos:
- the nameserver position
- :param value:
- the rtt
- """
- _ldns.ldns_resolver_set_nameserver_rtt(self,pos,value)
- #parameters: ldns_resolver *,size_t,size_t,
- #retvals:
-
- def set_nameservers(self,rd):
- """Set the resolver's nameserver count directly by using an rdf list.
-
- :param rd:
- the resolver addresses
- """
- _ldns.ldns_resolver_set_nameservers(self,rd)
- #parameters: ldns_resolver *,ldns_rdf **,
- #retvals:
-
- def set_port(self,p):
- """Set the port the resolver should use.
-
- :param p:
- the port number
- """
- _ldns.ldns_resolver_set_port(self,p)
- #parameters: ldns_resolver *,uint16_t,
- #retvals:
-
- def set_random(self,b):
- """Should the nameserver list be randomized before each use.
-
- :param b:
- true: randomize, false: don't
- """
- _ldns.ldns_resolver_set_random(self,b)
- #parameters: ldns_resolver *,bool,
- #retvals:
-
- def set_recursive(self,b):
- """Set the resolver recursion.
-
- :param b:
- true: set to recurse, false: unset
- """
- _ldns.ldns_resolver_set_recursive(self,b)
- #parameters: ldns_resolver *,bool,
- #retvals:
-
- def set_retrans(self,re):
- """Set the resolver retrans timeout (in seconds).
-
- :param re:
- the retransmission interval in seconds
- """
- _ldns.ldns_resolver_set_retrans(self,re)
- #parameters: ldns_resolver *,uint8_t,
- #retvals:
-
- def set_retry(self,re):
- """Set the resolver retry interval (in seconds).
-
- :param re:
- the retry interval
- """
- _ldns.ldns_resolver_set_retry(self,re)
- #parameters: ldns_resolver *,uint8_t,
- #retvals:
-
- def set_rtt(self,rtt):
- """Set round trip time for all nameservers.
-
- Note this currently differentiates between: unreachable and reachable.
-
- :param rtt:
- a list with the times
- """
- _ldns.ldns_resolver_set_rtt(self,rtt)
- #parameters: ldns_resolver *,size_t *,
- #retvals:
-
- def set_searchlist_count(self,c):
- _ldns.ldns_resolver_set_searchlist_count(self,c)
- #parameters: ldns_resolver *,size_t,
- #retvals:
-
- def set_timeout(self,timeout):
- """Set the resolver's socket time out when talking to remote hosts.
-
- :param timeout:
- the timeout to use
- """
- _ldns.ldns_resolver_set_timeout(self,timeout)
- #parameters: ldns_resolver *,struct timeval,
- #retvals:
-
- def set_tsig_algorithm(self,tsig_algorithm):
- """Set the tsig algorithm.
-
- :param tsig_algorithm:
- the tsig algorithm
- """
- _ldns.ldns_resolver_set_tsig_algorithm(self,tsig_algorithm)
- #parameters: ldns_resolver *,char *,
- #retvals:
-
- def set_tsig_keydata(self,tsig_keydata):
- """Set the tsig key data.
-
- :param tsig_keydata:
- the key data
- """
- _ldns.ldns_resolver_set_tsig_keydata(self,tsig_keydata)
- #parameters: ldns_resolver *,char *,
- #retvals:
-
- def set_tsig_keyname(self,tsig_keyname):
- """Set the tsig key name.
-
- :param tsig_keyname:
- the tsig key name
- """
- _ldns.ldns_resolver_set_tsig_keyname(self,tsig_keyname)
- #parameters: ldns_resolver *,char *,
- #retvals:
-
- def set_usevc(self,b):
- """Whether the resolver uses a virtual circuit (TCP).
-
- :param b:
- true: use TCP, false: don't use TCP
- """
- _ldns.ldns_resolver_set_usevc(self,b)
- #parameters: ldns_resolver *,bool,
- #retvals:
-
- def timeout(self):
- """What is the timeout on socket connections.
-
- :returns: (struct timeval) the timeout as struct timeval
- """
- return _ldns.ldns_resolver_timeout(self)
- #parameters: const ldns_resolver *,
- #retvals: struct timeval
-
- def trusted_key(self,keys,trusted_keys):
- """Returns true if at least one of the provided keys is a trust anchor.
-
- :param keys:
- the keyset to check
- :param trusted_keys:
- the subset of trusted keys in the 'keys' rrset
- :returns: (bool) true if at least one of the provided keys is a configured trust anchor
- """
- return _ldns.ldns_resolver_trusted_key(self,keys,trusted_keys)
- #parameters: const ldns_resolver *,ldns_rr_list *,ldns_rr_list *,
- #retvals: bool
-
- def tsig_algorithm(self):
- """Return the tsig algorithm as used by the nameserver.
-
- :returns: (char \*) the algorithm used.
- """
- return _ldns.ldns_resolver_tsig_algorithm(self)
- #parameters: const ldns_resolver *,
- #retvals: char *
-
- def tsig_keydata(self):
- """Return the tsig keydata as used by the nameserver.
-
- :returns: (char \*) the keydata used.
- """
- return _ldns.ldns_resolver_tsig_keydata(self)
- #parameters: const ldns_resolver *,
- #retvals: char *
-
- def tsig_keyname(self):
- """Return the tsig keyname as used by the nameserver.
-
- :returns: (char \*) the name used.
- """
- return _ldns.ldns_resolver_tsig_keyname(self)
- #parameters: const ldns_resolver *,
- #retvals: char *
-
- def usevc(self):
- """Does the resolver use tcp or udp.
-
- :returns: (bool) true: tcp, false: udp
- """
- return _ldns.ldns_resolver_usevc(self)
- #parameters: const ldns_resolver *,
- #retvals: bool
-
- #_LDNS_RESOLVER_METHODS#
- %}
-}
+++ /dev/null
-/******************************************************************************
- * ldns_rr.i: LDNS resource records (RR), RR list
- *
- * Copyright (c) 2009, Zdenek Vasicek (vasicek AT fit.vutbr.cz)
- * Karel Slany (slany AT fit.vutbr.cz)
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * * Redistributions of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * * Neither the name of the organization nor the names of its
- * contributors may be used to endorse or promote products derived from this
- * software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- ******************************************************************************/
-
-%typemap(in,numinputs=0,noblock=1) (ldns_rr **)
-{
- ldns_rr *$1_rr;
- $1 = &$1_rr;
-}
-
-/* result generation */
-%typemap(argout,noblock=1) (ldns_rr **)
-{
- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(SWIG_as_voidptr($1_rr), SWIGTYPE_p_ldns_struct_rr, SWIG_POINTER_OWN | 0 ));
-}
-
-%nodefaultctor ldns_struct_rr; //no default constructor & destructor
-%nodefaultdtor ldns_struct_rr;
-
-%ignore ldns_struct_rr::_rdata_fields;
-
-%newobject ldns_rr_clone;
-%newobject ldns_rr_pop_rdf;
-%delobject ldns_rr_free;
-
-%rename(ldns_rr) ldns_struct_rr;
-
-#ifdef LDNS_DEBUG
-%rename(__ldns_rr_free) ldns_rr_free;
-%inline %{
-void _ldns_rr_free (ldns_rr* r) {
- printf("******** LDNS_RR free 0x%lX ************\n", (long unsigned int)r);
- ldns_rr_free(r);
-}
-%}
-#else
-%rename(_ldns_rr_free) ldns_rr_free;
-#endif
-
-%newobject ldns_rr2str;
-%newobject ldns_rr_type2str;
-%newobject ldns_rr_class2str;
-%newobject ldns_read_anchor_file;
-
-%rename(_ldns_rr_new_frm_str) ldns_rr_new_frm_str;
-%rename(_ldns_rr_new_frm_fp_l) ldns_rr_new_frm_fp_l;
-%rename(_ldns_rr_new_frm_fp) ldns_rr_new_frm_fp;
-
-%feature("docstring") ldns_struct_rr "Resource Record (RR)
-
-The RR is the basic DNS element that contains actual data. This class allows to create RR and manipulate with the content."
-
-%extend ldns_struct_rr {
-
- %pythoncode %{
- def __init__(self):
- raise Exception("This class can't be created directly. Please use: ldns_rr_new, ldns_rr_new_frm_type, new_frm_fp(), new_frm_fp_l(), new_frm_str() or new_question_frm_str")
-
- __swig_destroy__ = _ldns._ldns_rr_free
-
- #LDNS_RR_CONSTRUCTORS_#
- @staticmethod
- def new_frm_str(str, default_ttl=0, origin=None, prev=None, raiseException=True):
- """Creates an rr object from a string.
-
- The string should be a fully filled-in rr, like ownername [space] TTL [space] CLASS [space] TYPE [space] RDATA.
-
- :param str: the string to convert
- :param default_ttl: default ttl value for the rr. If 0 DEF_TTL will be used
- :param origin: when the owner is relative add this
- :param prev: the previous ownername
- :param raiseException: if True, an exception occurs in case a rr instance can't be created
- :returns:
- * rr - (ldnsrr) RR instance or None. If the object can't be created and raiseException is True, an exception occurs.
-
- **Usage**
-
- >>> import ldns
- >>> rr = ldns.ldns_rr.new_frm_str("www.nic.cz. IN A 192.168.1.1",300)
- >>> print rr
- www.nic.cz. 300 IN A 192.168.1.1
- """
- status, rr, prev = _ldns.ldns_rr_new_frm_str_(str, default_ttl, origin, prev)
- if status != LDNS_STATUS_OK:
- if (raiseException): raise Exception("Can't create RR, error: %d" % status)
- return None
- return rr
-
- @staticmethod
- def new_question_frm_str(str, default_ttl=0, origin=None, prev=None, raiseException=True):
- """Creates an rr object from a string.
-
- The string is like new_frm_str but without rdata.
-
- :param str: the string to convert
- :param origin: when the owner is relative add this
- :param prev: the previous ownername
- :param raiseException: if True, an exception occurs in case a rr instance can't be created
- :returns:
- * rr - (ldnsrr) RR instance or None. If the object can't be created and raiseException is True, an exception occurs.
- """
- status, rr, prev = _ldns.ldns_rr_new_question_frm_str_(str, origin, prev)
- if status != LDNS_STATUS_OK:
- if (raiseException): raise Exception("Can't create RR, error: %d" % status)
- return None
- return rr
-
- @staticmethod
- def new_frm_str_prev(str, default_ttl=0, origin=None, prev=None, raiseException=True):
- """Creates an rr object from a string.
-
- The string should be a fully filled-in rr, like ownername [space] TTL [space] CLASS [space] TYPE [space] RDATA.
-
- :param str: the string to convert
- :param default_ttl: default ttl value for the rr. If 0 DEF_TTL will be used
- :param origin: when the owner is relative add this
- :param prev: the previous ownername
- :param raiseException: if True, an exception occurs in case a rr instance can't be created
- :returns:
- * rr - (ldnsrr) RR instance or None. If the object can't be created and raiseException is True, an exception occurs.
-
- * prev - (ldns_rdf) ownername found in this string or None
- """
- status, rr, prev = _ldns.ldns_rr_new_frm_str_(str, default_ttl, origin, prev)
- if status != LDNS_STATUS_OK:
- if (raiseException): raise Exception("Can't create RR, error: %d" % status)
- return None
- return rr, prev
-
- @staticmethod
- def new_frm_fp(file, default_ttl=0, origin=None, prev=None, raiseException=True):
- """Creates a new rr from a file containing a string.
-
- :param file: file pointer
- :param default_ttl: If 0 DEF_TTL will be used
- :param origin: when the owner is relative add this.
- :param prev: when the owner is whitespaces use this.
- :param raiseException: if True, an exception occurs in case a resolver object can't be created
- :returns:
- * rr - (ldns_rr) RR object or None. If the object can't be created and raiseException is True, an exception occurs.
-
- * ttl - (int) None or TTL if the file contains a $TTL directive
-
- * origin - (ldns_rdf) None or dname if the file contains a $ORIGIN directive
-
- * prev - (ldns_rdf) None or updated value of prev parameter
- """
- res = _ldns.ldns_rr_new_frm_fp_l_(file, default_ttl, origin, prev, 0)
- if res[0] != LDNS_STATUS_OK:
- if (raiseException): raise Exception("Can't create RR, error: %d" % res[0])
- return None
- return res[1:]
-
- @staticmethod
- def new_frm_fp_l(file, default_ttl=0, origin=None, prev=None, raiseException=True):
- """Creates a new rr from a file containing a string.
-
- :param file: file pointer
- :param default_ttl: If 0 DEF_TTL will be used
- :param origin: when the owner is relative add this.
- :param prev: when the owner is whitespaces use this.
- :param raiseException: if True, an exception occurs in case a resolver object can't be created
- :returns:
- * rr - (ldns_rr) RR object or None. If the object can't be created and raiseException is True, an exception occurs.
-
- * line - (int) line number (for debugging)
-
- * ttl - (int) None or TTL if the file contains a $TTL directive
-
- * origin - (ldns_rdf) None or dname if the file contains a $ORIGIN directive
-
- * prev - (ldns_rdf) None or updated value of prev parameter
- """
- res = _ldns.ldns_rr_new_frm_fp_l_(file, default_ttl, origin, prev, 1)
- if res[0] != LDNS_STATUS_OK:
- if (raiseException): raise Exception("Can't create RR, error: %d" % res[0])
- return None
- return res[1:]
- #_LDNS_RR_CONSTRUCTORS#
-
-
- def __str__(self):
- """converts the data in the resource record to presentation format"""
- return _ldns.ldns_rr2str(self)
-
- def __cmp__(self, other):
- """compares two rrs.
-
- The TTL is not looked at.
-
- :param other:
- the second RR one
- :returns: (int) 0 if equal -1 if self comes before other RR +1 if other RR comes before self
- """
- return _ldns.ldns_rr_compare(self,other)
-
- def rdfs(self):
- """returns the list of rdata records."""
- for i in range(0,self.rd_count()):
- yield self.rdf(i)
-
- def get_function(self,rtype,pos):
- """return a specific rdf"""
- return _ldns.ldns_rr_function(rtype,self,pos)
- #parameters: ldns_rr_type,const ldns_rr *,size_t,
- #retvals: ldns_rdf *
-
- def set_function(self,rtype,rdf,pos):
- """set a specific rdf"""
- return _ldns.ldns_rr_set_function(rtype,self,rdf,pos)
- #parameters: ldns_rr_type,ldns_rr *,ldns_rdf *,size_t,
- #retvals: bool
-
- def print_to_file(self,output):
- """Prints the data in the resource record to the given file stream (in presentation format)."""
- _ldns.ldns_rr_print(output,self)
- #parameters: FILE *,const ldns_rr *,
-
- def get_type_str(self):
- """Converts an RR type value to its string representation, and returns that string."""
- return _ldns.ldns_rr_type2str(self.get_type())
- #parameters: const ldns_rr_type,
-
- def get_class_str(self):
- """Converts an RR class value to its string representation, and returns that string."""
- return _ldns.ldns_rr_class2str(self.get_class())
- #parameters: const ldns_rr_class,
-
- @staticmethod
- def dnskey_key_size_raw(keydata,len,alg):
- """get the length of the keydata in bits"""
- return _ldns.ldns_rr_dnskey_key_size_raw(keydata,len,alg)
- #parameters: const unsigned char *,const size_t,const ldns_algorithm,
- #retvals: size_t
-
- def write_to_buffer(self,buffer,section):
- """Copies the rr data to the buffer in wire format.
-
- :param buffer: buffer to append the result to buffer
- :param section: the section in the packet this rr is supposed to be in (to determine whether to add rdata or not)
- :returns: (ldns_status) ldns_status
- """
- return _ldns.ldns_rr2buffer_wire(buffer,self,section)
- #parameters: ldns_buffer *,const ldns_rr *,int,
- #retvals: ldns_status
-
- def write_to_buffer_canonical(self,buffer,section):
- """Copies the rr data to the buffer in wire format, in canonical format according to RFC3597 (every dname in rdata fields of RR's mentioned in that RFC will be lowercased).
-
- :param buffer: buffer to append the result to buffer
- :param section: the section in the packet this rr is supposed to be in (to determine whether to add rdata or not)
- :returns: (ldns_status) ldns_status
- """
- return _ldns.ldns_rr2buffer_wire_canonical(buffer,self,section)
- #parameters: ldns_buffer *,const ldns_rr *,int,
- #retvals: ldns_status
-
- def write_data_to_buffer(self,buffer):
- """Converts an rr's rdata to wireformat, while excluding the ownername and all the stuff before the rdata.
-
- This is needed in DNSSEC keytag calculation, the ds calcalution from the key and maybe elsewhere.
-
- :param buffer: buffer to append the result to
- :returns: (ldns_status) ldns_status
- """
- return _ldns.ldns_rr_rdata2buffer_wire(buffer,self)
- #parameters: ldns_buffer *,const ldns_rr *,
- #retvals: ldns_status
-
- def write_rrsig_to_buffer(self,buffer):
- """Converts a rrsig to wireformat BUT EXCLUDE the rrsig rdata
-
- This is needed in DNSSEC verification.
-
- :param buffer: buffer to append the result to
- :returns: (ldns_status) ldns_status
- """
- return _ldns.ldns_rrsig2buffer_wire(buffer,self)
- #parameters: ldns_buffer *,const ldns_rr *,
- #retvals: ldns_status
-
- #LDNS_RR_METHODS_#
- def a_address(self):
- """returns the address of a LDNS_RR_TYPE_A rr
-
- :returns: (ldns_rdf \*) a ldns_rdf* with the address or NULL on failure
- """
- return _ldns.ldns_rr_a_address(self)
- #parameters: const ldns_rr *,
- #retvals: ldns_rdf *
-
- def a_set_address(self,f):
- """sets the address of a LDNS_RR_TYPE_A rr
-
- :param f:
- the address to set
- :returns: (bool) true on success, false otherwise
- """
- return _ldns.ldns_rr_a_set_address(self,f)
- #parameters: ldns_rr *,ldns_rdf *,
- #retvals: bool
-
- def clone(self):
- """clones a rr and all its data
-
- :returns: (ldns_rr \*) the new rr or NULL on failure
- """
- return _ldns.ldns_rr_clone(self)
- #parameters: const ldns_rr *,
- #retvals: ldns_rr *
-
- def compare_ds(self,rr2):
- """returns true of the given rr's are equal.
-
- Also returns true if one record is a DS that represents the same DNSKEY record as the other record
-
- :param rr2:
- the second rr
- :returns: (bool) true if equal otherwise false
- """
- return _ldns.ldns_rr_compare_ds(self,rr2)
- #parameters: const ldns_rr *,const ldns_rr *,
- #retvals: bool
-
- def compare_no_rdata(self,rr2):
- """compares two rrs, up to the rdata.
-
- :param rr2:
- the second one
- :returns: (int) 0 if equal -1 if rr1 comes before rr2 +1 if rr2 comes before rr1
- """
- return _ldns.ldns_rr_compare_no_rdata(self,rr2)
- #parameters: const ldns_rr *,const ldns_rr *,
- #retvals: int
-
- def dnskey_algorithm(self):
- """returns the algorithm of a LDNS_RR_TYPE_DNSKEY rr
-
- :returns: (ldns_rdf \*) a ldns_rdf* with the algorithm or NULL on failure
- """
- return _ldns.ldns_rr_dnskey_algorithm(self)
- #parameters: const ldns_rr *,
- #retvals: ldns_rdf *
-
- def dnskey_flags(self):
- """returns the flags of a LDNS_RR_TYPE_DNSKEY rr
-
- :returns: (ldns_rdf \*) a ldns_rdf* with the flags or NULL on failure
- """
- return _ldns.ldns_rr_dnskey_flags(self)
- #parameters: const ldns_rr *,
- #retvals: ldns_rdf *
-
- def dnskey_key(self):
- """returns the key data of a LDNS_RR_TYPE_DNSKEY rr
-
- :returns: (ldns_rdf \*) a ldns_rdf* with the key data or NULL on failure
- """
- return _ldns.ldns_rr_dnskey_key(self)
- #parameters: const ldns_rr *,
- #retvals: ldns_rdf *
-
- def dnskey_key_size(self):
- """get the length of the keydata in bits
-
- :returns: (size_t) the keysize in bits
- """
- return _ldns.ldns_rr_dnskey_key_size(self)
- #parameters: const ldns_rr *,
- #retvals: size_t
-
- def dnskey_protocol(self):
- """returns the protocol of a LDNS_RR_TYPE_DNSKEY rr
-
- :returns: (ldns_rdf \*) a ldns_rdf* with the protocol or NULL on failure
- """
- return _ldns.ldns_rr_dnskey_protocol(self)
- #parameters: const ldns_rr *,
- #retvals: ldns_rdf *
-
- def dnskey_set_algorithm(self,f):
- """sets the algorithm of a LDNS_RR_TYPE_DNSKEY rr
-
- :param f:
- the algorithm to set
- :returns: (bool) true on success, false otherwise
- """
- return _ldns.ldns_rr_dnskey_set_algorithm(self,f)
- #parameters: ldns_rr *,ldns_rdf *,
- #retvals: bool
-
- def dnskey_set_flags(self,f):
- """sets the flags of a LDNS_RR_TYPE_DNSKEY rr
-
- :param f:
- the flags to set
- :returns: (bool) true on success, false otherwise
- """
- return _ldns.ldns_rr_dnskey_set_flags(self,f)
- #parameters: ldns_rr *,ldns_rdf *,
- #retvals: bool
-
- def dnskey_set_key(self,f):
- """sets the key data of a LDNS_RR_TYPE_DNSKEY rr
-
- :param f:
- the key data to set
- :returns: (bool) true on success, false otherwise
- """
- return _ldns.ldns_rr_dnskey_set_key(self,f)
- #parameters: ldns_rr *,ldns_rdf *,
- #retvals: bool
-
- def dnskey_set_protocol(self,f):
- """sets the protocol of a LDNS_RR_TYPE_DNSKEY rr
-
- :param f:
- the protocol to set
- :returns: (bool) true on success, false otherwise
- """
- return _ldns.ldns_rr_dnskey_set_protocol(self,f)
- #parameters: ldns_rr *,ldns_rdf *,
- #retvals: bool
-
- def get_class(self):
- """returns the class of the rr.
-
- :returns: (ldns_rr_class) the class of the rr
- """
- return _ldns.ldns_rr_get_class(self)
- #parameters: const ldns_rr *,
- #retvals: ldns_rr_class
-
- def get_type(self):
- """returns the type of the rr.
-
- :returns: (ldns_rr_type) the type of the rr
- """
- return _ldns.ldns_rr_get_type(self)
- #parameters: const ldns_rr *,
- #retvals: ldns_rr_type
-
- def label_count(self):
- """counts the number of labels of the ownername.
-
- :returns: (uint8_t) the number of labels
- """
- return _ldns.ldns_rr_label_count(self)
- #parameters: ldns_rr *,
- #retvals: uint8_t
-
- def mx_exchange(self):
- """returns the mx host of a LDNS_RR_TYPE_MX rr
-
- :returns: (ldns_rdf \*) a ldns_rdf* with the name of the MX host or NULL on failure
- """
- return _ldns.ldns_rr_mx_exchange(self)
- #parameters: const ldns_rr *,
- #retvals: ldns_rdf *
-
- def mx_preference(self):
- """returns the mx pref.
-
- of a LDNS_RR_TYPE_MX rr
-
- :returns: (ldns_rdf \*) a ldns_rdf* with the preference or NULL on failure
- """
- return _ldns.ldns_rr_mx_preference(self)
- #parameters: const ldns_rr *,
- #retvals: ldns_rdf *
-
- def ns_nsdname(self):
- """returns the name of a LDNS_RR_TYPE_NS rr
-
- :returns: (ldns_rdf \*) a ldns_rdf* with the name or NULL on failure
- """
- return _ldns.ldns_rr_ns_nsdname(self)
- #parameters: const ldns_rr *,
- #retvals: ldns_rdf *
-
- def owner(self):
- """returns the owner name of an rr structure.
-
- :returns: (ldns_rdf \*) ldns_rdf *
- """
- return _ldns.ldns_rr_owner(self)
- #parameters: const ldns_rr *,
- #retvals: ldns_rdf *
-
- def pop_rdf(self):
- """removes a rd_field member, it will be popped from the last position.
-
- :returns: (ldns_rdf \*) rdf which was popped (null if nothing)
- """
- return _ldns.ldns_rr_pop_rdf(self)
- #parameters: ldns_rr *,
- #retvals: ldns_rdf *
-
- def push_rdf(self,f):
- """sets rd_field member, it will be placed in the next available spot.
-
- :param f:
- :returns: (bool) bool
- """
- return _ldns.ldns_rr_push_rdf(self,f)
- #parameters: ldns_rr *,const ldns_rdf *,
- #retvals: bool
-
- def rd_count(self):
- """returns the rd_count of an rr structure.
-
- :returns: (size_t) the rd count of the rr
- """
- return _ldns.ldns_rr_rd_count(self)
- #parameters: const ldns_rr *,
- #retvals: size_t
-
- def rdf(self,nr):
- """returns the rdata field member counter.
-
- :param nr:
- the number of the rdf to return
- :returns: (ldns_rdf \*) ldns_rdf *
- """
- return _ldns.ldns_rr_rdf(self,nr)
- #parameters: const ldns_rr *,size_t,
- #retvals: ldns_rdf *
-
- def rrsig_algorithm(self):
- """returns the algorithm of a LDNS_RR_TYPE_RRSIG RR
-
- :returns: (ldns_rdf \*) a ldns_rdf* with the algorithm or NULL on failure
- """
- return _ldns.ldns_rr_rrsig_algorithm(self)
- #parameters: const ldns_rr *,
- #retvals: ldns_rdf *
-
- def rrsig_expiration(self):
- """returns the expiration time of a LDNS_RR_TYPE_RRSIG RR
-
- :returns: (ldns_rdf \*) a ldns_rdf* with the expiration time or NULL on failure
- """
- return _ldns.ldns_rr_rrsig_expiration(self)
- #parameters: const ldns_rr *,
- #retvals: ldns_rdf *
-
- def rrsig_inception(self):
- """returns the inception time of a LDNS_RR_TYPE_RRSIG RR
-
- :returns: (ldns_rdf \*) a ldns_rdf* with the inception time or NULL on failure
- """
- return _ldns.ldns_rr_rrsig_inception(self)
- #parameters: const ldns_rr *,
- #retvals: ldns_rdf *
-
- def rrsig_keytag(self):
- """returns the keytag of a LDNS_RR_TYPE_RRSIG RR
-
- :returns: (ldns_rdf \*) a ldns_rdf* with the keytag or NULL on failure
- """
- return _ldns.ldns_rr_rrsig_keytag(self)
- #parameters: const ldns_rr *,
- #retvals: ldns_rdf *
-
- def rrsig_labels(self):
- """returns the number of labels of a LDNS_RR_TYPE_RRSIG RR
-
- :returns: (ldns_rdf \*) a ldns_rdf* with the number of labels or NULL on failure
- """
- return _ldns.ldns_rr_rrsig_labels(self)
- #parameters: const ldns_rr *,
- #retvals: ldns_rdf *
-
- def rrsig_origttl(self):
- """returns the original TTL of a LDNS_RR_TYPE_RRSIG RR
-
- :returns: (ldns_rdf \*) a ldns_rdf* with the original TTL or NULL on failure
- """
- return _ldns.ldns_rr_rrsig_origttl(self)
- #parameters: const ldns_rr *,
- #retvals: ldns_rdf *
-
- def rrsig_set_algorithm(self,f):
- """sets the algorithm of a LDNS_RR_TYPE_RRSIG rr
-
- :param f:
- the algorithm to set
- :returns: (bool) true on success, false otherwise
- """
- return _ldns.ldns_rr_rrsig_set_algorithm(self,f)
- #parameters: ldns_rr *,ldns_rdf *,
- #retvals: bool
-
- def rrsig_set_expiration(self,f):
- """sets the expireation date of a LDNS_RR_TYPE_RRSIG rr
-
- :param f:
- the expireation date to set
- :returns: (bool) true on success, false otherwise
- """
- return _ldns.ldns_rr_rrsig_set_expiration(self,f)
- #parameters: ldns_rr *,ldns_rdf *,
- #retvals: bool
-
- def rrsig_set_inception(self,f):
- """sets the inception date of a LDNS_RR_TYPE_RRSIG rr
-
- :param f:
- the inception date to set
- :returns: (bool) true on success, false otherwise
- """
- return _ldns.ldns_rr_rrsig_set_inception(self,f)
- #parameters: ldns_rr *,ldns_rdf *,
- #retvals: bool
-
- def rrsig_set_keytag(self,f):
- """sets the keytag of a LDNS_RR_TYPE_RRSIG rr
-
- :param f:
- the keytag to set
- :returns: (bool) true on success, false otherwise
- """
- return _ldns.ldns_rr_rrsig_set_keytag(self,f)
- #parameters: ldns_rr *,ldns_rdf *,
- #retvals: bool
-
- def rrsig_set_labels(self,f):
- """sets the number of labels of a LDNS_RR_TYPE_RRSIG rr
-
- :param f:
- the number of labels to set
- :returns: (bool) true on success, false otherwise
- """
- return _ldns.ldns_rr_rrsig_set_labels(self,f)
- #parameters: ldns_rr *,ldns_rdf *,
- #retvals: bool
-
- def rrsig_set_origttl(self,f):
- """sets the original TTL of a LDNS_RR_TYPE_RRSIG rr
-
- :param f:
- the original TTL to set
- :returns: (bool) true on success, false otherwise
- """
- return _ldns.ldns_rr_rrsig_set_origttl(self,f)
- #parameters: ldns_rr *,ldns_rdf *,
- #retvals: bool
-
- def rrsig_set_sig(self,f):
- """sets the signature data of a LDNS_RR_TYPE_RRSIG rr
-
- :param f:
- the signature data to set
- :returns: (bool) true on success, false otherwise
- """
- return _ldns.ldns_rr_rrsig_set_sig(self,f)
- #parameters: ldns_rr *,ldns_rdf *,
- #retvals: bool
-
- def rrsig_set_signame(self,f):
- """sets the signers name of a LDNS_RR_TYPE_RRSIG rr
-
- :param f:
- the signers name to set
- :returns: (bool) true on success, false otherwise
- """
- return _ldns.ldns_rr_rrsig_set_signame(self,f)
- #parameters: ldns_rr *,ldns_rdf *,
- #retvals: bool
-
- def rrsig_set_typecovered(self,f):
- """sets the typecovered of a LDNS_RR_TYPE_RRSIG rr
-
- :param f:
- the typecovered to set
- :returns: (bool) true on success, false otherwise
- """
- return _ldns.ldns_rr_rrsig_set_typecovered(self,f)
- #parameters: ldns_rr *,ldns_rdf *,
- #retvals: bool
-
- def rrsig_sig(self):
- """returns the signature data of a LDNS_RR_TYPE_RRSIG RR
-
- :returns: (ldns_rdf \*) a ldns_rdf* with the signature data or NULL on failure
- """
- return _ldns.ldns_rr_rrsig_sig(self)
- #parameters: const ldns_rr *,
- #retvals: ldns_rdf *
-
- def rrsig_signame(self):
- """returns the signers name of a LDNS_RR_TYPE_RRSIG RR
-
- :returns: (ldns_rdf \*) a ldns_rdf* with the signers name or NULL on failure
- """
- return _ldns.ldns_rr_rrsig_signame(self)
- #parameters: const ldns_rr *,
- #retvals: ldns_rdf *
-
- def rrsig_typecovered(self):
- """returns the type covered of a LDNS_RR_TYPE_RRSIG rr
-
- :returns: (ldns_rdf \*) a ldns_rdf* with the type covered or NULL on failure
- """
- return _ldns.ldns_rr_rrsig_typecovered(self)
- #parameters: const ldns_rr *,
- #retvals: ldns_rdf *
-
- def set_class(self,rr_class):
- """sets the class in the rr.
-
- :param rr_class:
- set to this class
- """
- _ldns.ldns_rr_set_class(self,rr_class)
- #parameters: ldns_rr *,ldns_rr_class,
- #retvals:
-
- def set_owner(self,owner):
- """sets the owner in the rr structure.
-
- :param owner:
- """
- _ldns.ldns_rr_set_owner(self,owner)
- #parameters: ldns_rr *,ldns_rdf *,
- #retvals:
-
- def set_rd_count(self,count):
- """sets the rd_count in the rr.
-
- :param count:
- set to this count
- """
- _ldns.ldns_rr_set_rd_count(self,count)
- #parameters: ldns_rr *,size_t,
- #retvals:
-
- def set_rdf(self,f,position):
- """sets a rdf member, it will be set on the position given.
-
- The old value is returned, like pop.
-
- :param f:
- :param position:
- the position the set the rdf
- :returns: (ldns_rdf \*) the old value in the rr, NULL on failyre
- """
- return _ldns.ldns_rr_set_rdf(self,f,position)
- #parameters: ldns_rr *,const ldns_rdf *,size_t,
- #retvals: ldns_rdf *
-
- def set_ttl(self,ttl):
- """sets the ttl in the rr structure.
-
- :param ttl:
- set to this ttl
- """
- _ldns.ldns_rr_set_ttl(self,ttl)
- #parameters: ldns_rr *,uint32_t,
- #retvals:
-
- def set_type(self,rr_type):
- """sets the type in the rr.
-
- :param rr_type:
- set to this type
- """
- _ldns.ldns_rr_set_type(self,rr_type)
- #parameters: ldns_rr *,ldns_rr_type,
- #retvals:
-
- def ttl(self):
- """returns the ttl of an rr structure.
-
- :returns: (uint32_t) the ttl of the rr
- """
- return _ldns.ldns_rr_ttl(self)
- #parameters: const ldns_rr *,
- #retvals: uint32_t
-
- def uncompressed_size(self):
- """calculates the uncompressed size of an RR.
-
- :returns: (size_t) size of the rr
- """
- return _ldns.ldns_rr_uncompressed_size(self)
- #parameters: const ldns_rr *,
- #retvals: size_t
-
- #_LDNS_RR_METHODS#
- %}
-}
-
-%nodefaultctor ldns_struct_rr_list; //no default constructor & destructor
-%nodefaultdtor ldns_struct_rr_list;
-
-%ignore ldns_struct_rr_list::_rrs;
-
-%newobject ldns_rr_list_clone;
-%newobject ldns_rr_list_pop_rr;
-%newobject ldns_rr_list_pop_rr_list;
-%newobject ldns_rr_list_pop_rrset;
-%delobject ldns_rr_list_deep_free;
-%delobject ldns_rr_list_free;
-
-%rename(ldns_rr_list) ldns_struct_rr_list;
-#ifdef LDNS_DEBUG
-%rename(__ldns_rr_list_deep_free) ldns_rr_list_deep_free;
-%rename(__ldns_rr_list_free) ldns_rr_list_free;
-%inline %{
-void _ldns_rr_list_free(ldns_rr_list* r) {
- printf("******** LDNS_RR_LIST deep free 0x%lX ************\n", (long unsigned int)r);
- ldns_rr_list_deep_free(r);
-}
-%}
-#else
-%rename(_ldns_rr_list_deep_free) ldns_rr_list_deep_free;
-%rename(_ldns_rr_list_free) ldns_rr_list_free;
-#endif
-
-%exception ldns_rr_list_push_rr(ldns_rr_list *rr_list, const ldns_rr *rr) %{ $action if (result) Py_INCREF(obj1); %}
-%exception ldns_rr_list_push_rr_list(ldns_rr_list *rr_list, const ldns_rr_list *push_list) %{ $action if (result) Py_INCREF(obj1); %}
-
-%newobject ldns_rr_list2str;
-
-
-
-
-%feature("docstring") ldns_struct_rr_list "List of Resource Records.
-
-This class contains a list of RR's (see :class:`ldns.ldns_rr`).
-"
-
-%extend ldns_struct_rr_list {
-
- %pythoncode %{
- def __init__(self):
- self.this = _ldns.ldns_rr_list_new()
- if not self.this:
- raise Exception("Can't create new RR_LIST")
-
- __swig_destroy__ = _ldns._ldns_rr_list_free
-
- #LDNS_RR_LIST_CONSTRUCTORS_#
- @staticmethod
- def new_frm_file(filename="/etc/hosts", raiseException=True):
- """Creates an RR List object from a file content
-
- Goes through a file and returns a rr_list containing all the defined hosts in there.
-
- :param filename: the filename to use
- :returns: RR List object or None. If the object can't be created and raiseException is True, an exception occurs.
-
- **Usage**
- >>> alist = ldns.ldns_rr_list.new_frm_file()
- >>> print alist
- localhost. 3600 IN A 127.0.0.1
- ...
-
- """
- rr = _ldns.ldns_get_rr_list_hosts_frm_file(filename)
- if (not rr) and (raiseException): raise Exception("Can't create RR List, error: %d" % status)
- return rr
- #_LDNS_RR_LIST_CONSTRUCTORS#
-
- def __str__(self):
- """converts a list of resource records to presentation format"""
- return _ldns.ldns_rr_list2str(self)
-
- def print_to_file(self,output):
- """print a rr_list to output param[in] output the fd to print to param[in] list the rr_list to print"""
- _ldns.ldns_rr_list_print(output,self)
-
-
- def to_canonical(self):
- """converts each dname in each rr in a rr_list to its canonical form."""
- _ldns.ldns_rr_list2canonical(self)
- #parameters: ldns_rr_list *,
- #retvals:
-
- def rrs(self):
- """returns the list of rr records."""
- for i in range(0,self.rr_count()):
- yield self.rr(i)
-
- def is_rrset(self):
- """checks if an rr_list is a rrset."""
- return _ldns.ldns_is_rrset(self)
-
- def __cmp__(self,rrl2):
- """compares two rr listss.
-
- :param rrl2:
- the second one
- :returns: (int) 0 if equal -1 if this list comes before rrl2 +1 if rrl2 comes before this list
- """
- return _ldns.ldns_rr_list_compare(self,rrl2)
-
- def write_to_buffer(self, buffer):
- """Copies the rr_list data to the buffer in wire format.
-
- :param buffer: output buffer to append the result to
- :returns: (ldns_status) ldns_status
- """
- return _ldns.ldns_rr_list2buffer_wire(buffer,self)
-
- #LDNS_RR_LIST_METHODS_#
- def cat(self,right):
- """concatenates two ldns_rr_lists together.
-
- This modifies rr list (to extend it and add the pointers from right).
-
- :param right:
- the rightside
- :returns: (bool) a left with right concatenated to it
- """
- return _ldns.ldns_rr_list_cat(self,right)
- #parameters: ldns_rr_list *,ldns_rr_list *,
- #retvals: bool
-
- def cat_clone(self,right):
- """concatenates two ldns_rr_lists together, but makes clones of the rr's (instead of pointer copying).
-
- :param right:
- the rightside
- :returns: (ldns_rr_list \*) a new rr_list with leftside/rightside concatenated
- """
- return _ldns.ldns_rr_list_cat_clone(self,right)
- #parameters: ldns_rr_list *,ldns_rr_list *,
- #retvals: ldns_rr_list *
-
- def clone(self):
- """clones an rrlist.
-
- :returns: (ldns_rr_list \*) the cloned rr list
- """
- return _ldns.ldns_rr_list_clone(self)
- #parameters: const ldns_rr_list *,
- #retvals: ldns_rr_list *
-
- def contains_rr(self,rr):
- """returns true if the given rr is one of the rrs in the list, or if it is equal to one
-
- :param rr:
- the rr to check
- :returns: (bool) true if rr_list contains rr, false otherwise
- """
- return _ldns.ldns_rr_list_contains_rr(self,rr)
- #parameters: const ldns_rr_list *,ldns_rr *,
- #retvals: bool
-
- def owner(self):
- """Returns the owner domain name rdf of the first element of the RR If there are no elements present, NULL is returned.
-
- :returns: (ldns_rdf \*) dname of the first element, or NULL if the list is empty
- """
- return _ldns.ldns_rr_list_owner(self)
- #parameters: const ldns_rr_list *,
- #retvals: ldns_rdf *
-
- def pop_rr(self):
- """pops the last rr from an rrlist.
-
- :returns: (ldns_rr \*) NULL if nothing to pop. Otherwise the popped RR
- """
- return _ldns.ldns_rr_list_pop_rr(self)
- #parameters: ldns_rr_list *,
- #retvals: ldns_rr *
-
- def pop_rr_list(self,size):
- """pops an rr_list of size s from an rrlist.
-
- :param size:
- the number of rr's to pop
- :returns: (ldns_rr_list \*) NULL if nothing to pop. Otherwise the popped rr_list
- """
- return _ldns.ldns_rr_list_pop_rr_list(self,size)
- #parameters: ldns_rr_list *,size_t,
- #retvals: ldns_rr_list *
-
- def pop_rrset(self):
- """pops the first rrset from the list, the list must be sorted, so that all rr's from each rrset are next to each other
-
- :returns: (ldns_rr_list \*)
- """
- return _ldns.ldns_rr_list_pop_rrset(self)
- #parameters: ldns_rr_list *,
- #retvals: ldns_rr_list *
-
- def push_rr(self,rr):
- """pushes an rr to an rrlist.
-
- :param rr:
- the rr to push
- :returns: (bool) false on error, otherwise true
- """
- return _ldns.ldns_rr_list_push_rr(self,rr)
- #parameters: ldns_rr_list *,const ldns_rr *,
- #retvals: bool
-
- def push_rr_list(self,push_list):
- """pushes an rr_list to an rrlist.
-
- :param push_list:
- the rr_list to push
- :returns: (bool) false on error, otherwise true
- """
- return _ldns.ldns_rr_list_push_rr_list(self,push_list)
- #parameters: ldns_rr_list *,const ldns_rr_list *,
- #retvals: bool
-
- def rr(self,nr):
- """returns a specific rr of an rrlist.
-
- :param nr:
- return this rr
- :returns: (ldns_rr \*) the rr at position nr
- """
- return _ldns.ldns_rr_list_rr(self,nr)
- #parameters: const ldns_rr_list *,size_t,
- #retvals: ldns_rr *
-
- def rr_count(self):
- """returns the number of rr's in an rr_list.
-
- :returns: (size_t) the number of rr's
- """
- return _ldns.ldns_rr_list_rr_count(self)
- #parameters: const ldns_rr_list *,
- #retvals: size_t
-
- def set_rr(self,r,count):
- """set a rr on a specific index in a ldns_rr_list
-
- :param r:
- the rr to set
- :param count:
- index into the rr_list
- :returns: (ldns_rr \*) the old rr which was stored in the rr_list, or NULL is the index was too large set a specific rr
- """
- return _ldns.ldns_rr_list_set_rr(self,r,count)
- #parameters: ldns_rr_list *,const ldns_rr *,size_t,
- #retvals: ldns_rr *
-
- def set_rr_count(self,count):
- """sets the number of rr's in an rr_list.
-
- :param count:
- the number of rr in this list
- """
- _ldns.ldns_rr_list_set_rr_count(self,count)
- #parameters: ldns_rr_list *,size_t,
- #retvals:
-
- def sort(self):
- """sorts an rr_list (canonical wire format).
-
- the sorting is done inband.
- """
- _ldns.ldns_rr_list_sort(self)
- #parameters: ldns_rr_list *,
- #retvals:
-
- def subtype_by_rdf(self,r,pos):
- """Return the rr_list which matches the rdf at position field.
-
- Think type-covered stuff for RRSIG
-
- :param r:
- the rdf to use for the comparison
- :param pos:
- at which position can we find the rdf
- :returns: (ldns_rr_list \*) a new rr list with only the RRs that match
- """
- return _ldns.ldns_rr_list_subtype_by_rdf(self,r,pos)
- #parameters: ldns_rr_list *,ldns_rdf *,size_t,
- #retvals: ldns_rr_list *
-
- def type(self):
- """Returns the type of the first element of the RR If there are no elements present, 0 is returned (LDNS_RR_TYPE_A).
-
- :returns: (ldns_rr_type) rr_type of the first element, or 0 if the list is empty
- """
- return _ldns.ldns_rr_list_type(self)
- #parameters: const ldns_rr_list *,
- #retvals: ldns_rr_type
- #_LDNS_RR_LIST_METHODS#
- %}
-}
-
-%newobject ldns_rr_descript;
-
-%nodefaultctor ldns_struct_rr_descriptor; //no default constructor & destructor
-%nodefaultdtor ldns_struct_rr_descriptor;
-%rename(ldns_rr_descriptor) ldns_struct_rr_descriptor;
-
-
-
-
-%feature("docstring") ldns_struct_rr_descriptor "Resource Record descriptor
-
-This structure contains, for all rr types, the rdata fields that are defined."
-
-%extend ldns_struct_rr_descriptor {
- %pythoncode %{
- def __init__(self):
- raise Exception("This class can't be created directly. Please use: ldns_rr_descript")
- #LDNS_RR_DESCRIPTOR_METHODS_#
- def field_type(self,field):
- """returns the rdf type for the given rdata field number of the rr type for the given descriptor.
-
- :param field:
- the field number
- :returns: (ldns_rdf_type) the rdf type for the field
- """
- return _ldns.ldns_rr_descriptor_field_type(self,field)
- #parameters: const ldns_rr_descriptor *,size_t,
- #retvals: ldns_rdf_type
-
- def maximum(self):
- """returns the maximum number of rdata fields of the rr type this descriptor describes.
-
- :returns: (size_t) the maximum number of rdata fields
- """
- return _ldns.ldns_rr_descriptor_maximum(self)
- #parameters: const ldns_rr_descriptor *,
- #retvals: size_t
-
- def minimum(self):
- """returns the minimum number of rdata fields of the rr type this descriptor describes.
-
- :returns: (size_t) the minimum number of rdata fields
- """
- return _ldns.ldns_rr_descriptor_minimum(self)
- #parameters: const ldns_rr_descriptor *,
- #retvals: size_t
-
- #_LDNS_RR_DESCRIPTOR_METHODS#
- %}
-}
-
+++ /dev/null
-/******************************************************************************
- * ldns_zone.i: LDNS zone class
- *
- * Copyright (c) 2009, Zdenek Vasicek (vasicek AT fit.vutbr.cz)
- * Karel Slany (slany AT fit.vutbr.cz)
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * * Redistributions of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * * Neither the name of the organization nor the names of its
- * contributors may be used to endorse or promote products derived from this
- * software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- ******************************************************************************/
-
-%typemap(in,numinputs=0,noblock=1) (ldns_zone **)
-{
- ldns_zone *$1_zone;
- $1 = &$1_zone;
-}
-
-/* result generation */
-%typemap(argout,noblock=1) (ldns_zone **)
-{
- $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(SWIG_as_voidptr($1_zone), SWIGTYPE_p_ldns_struct_zone, SWIG_POINTER_OWN | 0 ));
-}
-
-%nodefaultctor ldns_struct_zone; //no default constructor & destructor
-%nodefaultdtor ldns_struct_zone;
-
-%newobject ldns_zone_new_frm_fp;
-%newobject ldns_zone_new_frm_fp_l;
-%newobject ldns_zone_new;
-%delobject ldns_zone_free;
-%delobject ldns_zone_deep_free;
-%delobject ldns_zone_push_rr;
-%delobject ldns_zone_push_rr_list;
-
-%ignore ldns_struct_zone::_soa;
-%ignore ldns_struct_zone::_rrs;
-
-%rename(ldns_zone) ldns_struct_zone;
-
-#ifdef LDNS_DEBUG
-%rename(__ldns_zone_free) ldns_zone_free;
-%rename(__ldns_zone_deep_free) ldns_zone_deep_free;
-%inline %{
-void _ldns_zone_free (ldns_zone* z) {
- printf("******** LDNS_ZONE free 0x%lX ************\n", (long unsigned int)z);
- ldns_zone_deep_free(z);
-}
-%}
-#else
-%rename(__ldns_zone_free) ldns_zone_free;
-%rename(_ldns_zone_free) ldns_zone_deep_free;
-#endif
-%feature("docstring") ldns_struct_zone "Zone definitions
-
-**Usage**
-
-This class is able to read and parse the content of zone file by doing:
-
->>> import ldns
->>> zone = ldns.ldns_zone.new_frm_fp(open(\"zone.txt\",\"r\"), None, 0, ldns.LDNS_RR_CLASS_IN)
->>> print zone.soa()
-example. 600 IN SOA example. admin.example. 2008022501 28800 7200 604800 18000
->>> print zone.rrs()
-example. 600 IN MX 10 mail.example.
-example. 600 IN NS ns1.example.
-example. 600 IN NS ns2.example.
-example. 600 IN A 192.168.1.1
-
-The ``zone.txt`` file contains the following records::
-
- $ORIGIN example.
- $TTL 600
-
- example. IN SOA example. admin.example. (
- 2008022501 ; serial
- 28800 ; refresh (8 hours)
- 7200 ; retry (2 hours)
- 604800 ; expire (1 week)
- 18000 ; minimum (5 hours)
- )
-
- @ IN MX 10 mail.example.
- @ IN NS ns1
- @ IN NS ns2
- @ IN A 192.168.1.1
-"
-
-%extend ldns_struct_zone {
-
- %pythoncode %{
- def __init__(self):
- self.this = _ldns.ldns_zone_new()
- if not self.this:
- raise Exception("Can't create zone.")
-
- __swig_destroy__ = _ldns._ldns_zone_free
-
- def __str__(self):
- return str(self.soa()) + "\n" + str(self.rrs())
-
- def print_to_file(self,output):
- """Prints the data in the zone to the given file stream (in presentation format)."""
- _ldns.ldns_zone_print(output,self)
- #parameters: FILE *,const ldns_zone *,
-
- #LDNS_ZONE_CONSTRUCTORS_#
- @staticmethod
- def new_frm_fp(file, origin, ttl, rr_class=_ldns.LDNS_RR_CLASS_IN, raiseException=True):
- """Creates a new zone object from given file pointer
-
- :param file: a file object
- :param origin: (ldns_rdf) the zones' origin
- :param ttl: default ttl to use
- :param rr_class: efault class to use (IN)
- :param raiseException: if True, an exception occurs in case a zone instance can't be created
- :returns: zone instance or None. If an instance can't be created and raiseException is True, an exception occurs.
- """
- status, zone = _ldns.ldns_zone_new_frm_fp(file, origin, ttl, rr_class)
- if status != LDNS_STATUS_OK:
- if (raiseException): raise Exception("Can't create zone, error: %s (%d)" % (_ldns.ldns_get_errorstr_by_id(status),status))
- return None
- return zone
-
- @staticmethod
- def new_frm_fp_l(file, origin, ttl, rr_class, raiseException=True):
- """Create a new zone from a file, keep track of the line numbering
-
- :param file: a file object
- :param origin: (ldns_rdf) the zones' origin
- :param ttl: default ttl to use
- :param rr_class: efault class to use (IN)
- :param raiseException: if True, an exception occurs in case a zone instance can't be created
- :returns:
- * zone - zone instance or None. If an instance can't be created and raiseException is True, an exception occurs.
-
- * line - used for error msg, to get to the line number
- """
- status, zone = _ldns.ldns_zone_new_frm_fp_l(file, line)
- if status != LDNS_STATUS_OK:
- if (raiseException): raise Exception("Can't create zone, error: %d" % status)
- return None
- return zone
- #_LDNS_ZONE_CONSTRUCTORS#
-
- def sign(self,key_list):
- """Signs the zone, and returns a newly allocated signed zone.
-
- :param key_list:
- list of keys to sign with
- :returns: (ldns_zone \*) signed zone
- """
- return _ldns.ldns_zone_sign(self,key_list)
- #parameters: const ldns_zone *,ldns_key_list *,
- #retvals: ldns_zone *
-
- def sign_nsec3(self,key_list,algorithm,flags,iterations,salt_length,salt):
- """Signs the zone with NSEC3, and returns a newly allocated signed zone.
-
- :param key_list:
- list of keys to sign with
- :param algorithm:
- the NSEC3 hashing algorithm to use
- :param flags:
- NSEC3 flags
- :param iterations:
- the number of NSEC3 hash iterations to use
- :param salt_length:
- the length (in octets) of the NSEC3 salt
- :param salt:
- the NSEC3 salt data
- :returns: (ldns_zone \*) signed zone
- """
- return _ldns.ldns_zone_sign_nsec3(self,key_list,algorithm,flags,iterations,salt_length,salt)
- #parameters: ldns_zone *,ldns_key_list *,uint8_t,uint8_t,uint16_t,uint8_t,uint8_t *,
- #retvals: ldns_zone *
-
- #LDNS_ZONE_METHODS_#
- def glue_rr_list(self):
- """Retrieve all resource records from the zone that are glue records.
-
- The resulting list does are pointer references to the zone's data.
-
- Due to the current zone implementation (as a list of rr's), this function is extremely slow. Another (probably better) way to do this is to use an ldns_dnssec_zone structure and the mark_glue function
-
- :returns: (ldns_rr_list \*) the rr_list with the glue
- """
- return _ldns.ldns_zone_glue_rr_list(self)
- #parameters: const ldns_zone *,
- #retvals: ldns_rr_list *
-
- def push_rr(self,rr):
- """push an single rr to a zone structure.
-
- This function use pointer copying, so the rr_list structure inside z is modified!
-
- :param rr:
- the rr to add
- :returns: (bool) a true on succes otherwise falsed
- """
- return _ldns.ldns_zone_push_rr(self,rr)
- #parameters: ldns_zone *,ldns_rr *,
- #retvals: bool
-
- def push_rr_list(self,list):
- """push an rrlist to a zone structure.
-
- This function use pointer copying, so the rr_list structure inside z is modified!
-
- :param list:
- the list to add
- :returns: (bool) a true on succes otherwise falsed
- """
- return _ldns.ldns_zone_push_rr_list(self,list)
- #parameters: ldns_zone *,ldns_rr_list *,
- #retvals: bool
-
- def rr_count(self):
- """Returns the number of resource records in the zone, NOT counting the SOA record.
-
- :returns: (size_t) the number of rr's in the zone
- """
- return _ldns.ldns_zone_rr_count(self)
- #parameters: const ldns_zone *,
- #retvals: size_t
-
- def rrs(self):
- """Get a list of a zone's content.
-
- Note that the SOA isn't included in this list. You need to get the with ldns_zone_soa.
-
- :returns: (ldns_rr_list \*) the rrs from this zone
- """
- return _ldns.ldns_zone_rrs(self)
- #parameters: const ldns_zone *,
- #retvals: ldns_rr_list *
-
- def set_rrs(self,rrlist):
- """Set the zone's contents.
-
- :param rrlist:
- the rrlist to use
- """
- _ldns.ldns_zone_set_rrs(self,rrlist)
- #parameters: ldns_zone *,ldns_rr_list *,
- #retvals:
-
- def set_soa(self,soa):
- """Set the zone's soa record.
-
- :param soa:
- the soa to set
- """
- _ldns.ldns_zone_set_soa(self,soa)
- #parameters: ldns_zone *,ldns_rr *,
- #retvals:
-
- def soa(self):
- """Return the soa record of a zone.
-
- :returns: (ldns_rr \*) the soa record in the zone
- """
- return _ldns.ldns_zone_soa(self)
- #parameters: const ldns_zone *,
- #retvals: ldns_rr *
-
- def sort(self):
- """Sort the rrs in a zone, with the current impl.
-
- this is slow
- """
- _ldns.ldns_zone_sort(self)
- #parameters: ldns_zone *,
- #retvals:
-
- #_LDNS_ZONE_METHODS#
- %}
-}
+++ /dev/null
-/*
- * dname.c
- *
- * dname specific rdata implementations
- * A dname is a rdf structure with type LDNS_RDF_TYPE_DNAME
- * It is not a /real/ type! All function must therefor check
- * for LDNS_RDF_TYPE_DNAME.
- *
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2004-2006
- *
- * See the file LICENSE for the license
- */
-
-#include <ldns/config.h>
-
-#include <ldns/ldns.h>
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-
-ldns_rdf *
-ldns_dname_cat_clone(const ldns_rdf *rd1, const ldns_rdf *rd2)
-{
- ldns_rdf *new;
- uint16_t new_size;
- uint8_t *buf;
- uint16_t left_size;
-
- if (ldns_rdf_get_type(rd1) != LDNS_RDF_TYPE_DNAME ||
- ldns_rdf_get_type(rd2) != LDNS_RDF_TYPE_DNAME) {
- return NULL;
- }
-
- /* remove root label if it is present at the end of the left
- * rd, by reducing the size with 1
- */
- left_size = ldns_rdf_size(rd1);
- if (left_size > 0 &&ldns_rdf_data(rd1)[left_size - 1] == 0) {
- left_size--;
- }
-
- /* we overwrite the nullbyte of rd1 */
- new_size = left_size + ldns_rdf_size(rd2);
- buf = LDNS_XMALLOC(uint8_t, new_size);
- if (!buf) {
- return NULL;
- }
-
- /* put the two dname's after each other */
- memcpy(buf, ldns_rdf_data(rd1), left_size);
- memcpy(buf + left_size, ldns_rdf_data(rd2), ldns_rdf_size(rd2));
-
- new = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_DNAME, new_size, buf);
-
- LDNS_FREE(buf);
- return new;
-}
-
-ldns_status
-ldns_dname_cat(ldns_rdf *rd1, ldns_rdf *rd2)
-{
- uint16_t left_size;
- uint16_t size;
- uint8_t* newd;
-
- if (ldns_rdf_get_type(rd1) != LDNS_RDF_TYPE_DNAME ||
- ldns_rdf_get_type(rd2) != LDNS_RDF_TYPE_DNAME) {
- return LDNS_STATUS_ERR;
- }
-
- /* remove root label if it is present at the end of the left
- * rd, by reducing the size with 1
- */
- left_size = ldns_rdf_size(rd1);
- if (left_size > 0 &&ldns_rdf_data(rd1)[left_size - 1] == 0) {
- left_size--;
- }
- if(left_size == 0) {
- return LDNS_STATUS_OK;
- }
-
- size = left_size + ldns_rdf_size(rd2);
- newd = LDNS_XREALLOC(ldns_rdf_data(rd1), uint8_t, size);
- if(!newd) {
- return LDNS_STATUS_MEM_ERR;
- }
-
- ldns_rdf_set_data(rd1, newd);
- memcpy(ldns_rdf_data(rd1) + left_size, ldns_rdf_data(rd2),
- ldns_rdf_size(rd2));
- ldns_rdf_set_size(rd1, size);
-
- return LDNS_STATUS_OK;
-}
-
-ldns_rdf *
-ldns_dname_reverse(const ldns_rdf *d)
-{
- ldns_rdf *new;
- ldns_rdf *tmp;
- ldns_rdf *d_tmp;
- ldns_status status;
-
- d_tmp = ldns_rdf_clone(d);
-
- new = ldns_dname_new_frm_str(".");
- if(!new)
- return NULL;
-
- while(ldns_dname_label_count(d_tmp) > 0) {
- tmp = ldns_dname_label(d_tmp, 0);
- status = ldns_dname_cat(tmp, new);
- if(status != LDNS_STATUS_OK) {
- ldns_rdf_deep_free(new);
- ldns_rdf_deep_free(d_tmp);
- return NULL;
- }
- ldns_rdf_deep_free(new);
- new = tmp;
- tmp = ldns_dname_left_chop(d_tmp);
- ldns_rdf_deep_free(d_tmp);
- d_tmp = tmp;
- }
- ldns_rdf_deep_free(d_tmp);
-
- return new;
-}
-
-ldns_rdf *
-ldns_dname_clone_from(const ldns_rdf *d, uint16_t n)
-{
- uint8_t *data;
- uint8_t label_size;
- size_t data_size;
-
- if (!d ||
- ldns_rdf_get_type(d) != LDNS_RDF_TYPE_DNAME ||
- ldns_dname_label_count(d) < n) {
- return NULL;
- }
-
- data = ldns_rdf_data(d);
- data_size = ldns_rdf_size(d);
- while (n > 0) {
- label_size = data[0] + 1;
- data += label_size;
- if (data_size < label_size) {
- /* this label is very broken */
- return NULL;
- }
- data_size -= label_size;
- n--;
- }
-
- return ldns_dname_new_frm_data(data_size, data);
-}
-
-ldns_rdf *
-ldns_dname_left_chop(const ldns_rdf *d)
-{
- uint8_t label_pos;
- ldns_rdf *chop;
-
- if (!d) {
- return NULL;
- }
-
- if (ldns_rdf_get_type(d) != LDNS_RDF_TYPE_DNAME) {
- return NULL;
- }
- if (ldns_dname_label_count(d) == 0) {
- /* root label */
- return NULL;
- }
- /* 05blaat02nl00 */
- label_pos = ldns_rdf_data(d)[0];
-
- chop = ldns_dname_new_frm_data(ldns_rdf_size(d) - label_pos - 1,
- ldns_rdf_data(d) + label_pos + 1);
- return chop;
-}
-
-uint8_t
-ldns_dname_label_count(const ldns_rdf *r)
-{
- uint16_t src_pos;
- uint16_t len;
- uint8_t i;
- size_t r_size;
-
- if (!r) {
- return 0;
- }
-
- i = 0;
- src_pos = 0;
- r_size = ldns_rdf_size(r);
-
- if (ldns_rdf_get_type(r) != LDNS_RDF_TYPE_DNAME) {
- return 0;
- } else {
- len = ldns_rdf_data(r)[src_pos]; /* start of the label */
-
- /* single root label */
- if (1 == r_size) {
- return 0;
- } else {
- while ((len > 0) && src_pos < r_size) {
- src_pos++;
- src_pos += len;
- len = ldns_rdf_data(r)[src_pos];
- i++;
- }
- }
- }
- return i;
-}
-
-ldns_rdf *
-ldns_dname_new(uint16_t s, void *d)
-{
- ldns_rdf *rd;
-
- rd = LDNS_MALLOC(ldns_rdf);
- if (!rd) {
- return NULL;
- }
- ldns_rdf_set_size(rd, s);
- ldns_rdf_set_type(rd, LDNS_RDF_TYPE_DNAME);
- ldns_rdf_set_data(rd, d);
- return rd;
-}
-
-ldns_rdf *
-ldns_dname_new_frm_str(const char *str)
-{
- return ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, str);
-}
-
-ldns_rdf *
-ldns_dname_new_frm_data(uint16_t size, const void *data)
-{
- return ldns_rdf_new_frm_data(LDNS_RDF_TYPE_DNAME, size, data);
-}
-
-void
-ldns_dname2canonical(const ldns_rdf *rd)
-{
- uint8_t *rdd;
- uint16_t i;
-
- if (ldns_rdf_get_type(rd) != LDNS_RDF_TYPE_DNAME) {
- return;
- }
-
- rdd = (uint8_t*)ldns_rdf_data(rd);
- for (i = 0; i < ldns_rdf_size(rd); i++, rdd++) {
- *rdd = (uint8_t)LDNS_DNAME_NORMALIZE((int)*rdd);
- }
-}
-
-bool
-ldns_dname_is_subdomain(const ldns_rdf *sub, const ldns_rdf *parent)
-{
- uint8_t sub_lab;
- uint8_t par_lab;
- int8_t i, j;
- ldns_rdf *tmp_sub = NULL;
- ldns_rdf *tmp_par = NULL;
- ldns_rdf *sub_clone;
- ldns_rdf *parent_clone;
- bool result = true;
-
- if (ldns_rdf_get_type(sub) != LDNS_RDF_TYPE_DNAME ||
- ldns_rdf_get_type(parent) != LDNS_RDF_TYPE_DNAME ||
- ldns_rdf_compare(sub, parent) == 0) {
- return false;
- }
-
- /* would be nicer if we do not have to clone... */
- sub_clone = ldns_dname_clone_from(sub, 0);
- parent_clone = ldns_dname_clone_from(parent, 0);
- ldns_dname2canonical(sub_clone);
- ldns_dname2canonical(parent_clone);
-
- sub_lab = ldns_dname_label_count(sub_clone);
- par_lab = ldns_dname_label_count(parent_clone);
-
- /* if sub sits above parent, it cannot be a child/sub domain */
- if (sub_lab < par_lab) {
- result = false;
- } else {
- /* check all labels the from the parent labels, from right to left.
- * When they /all/ match we have found a subdomain
- */
- j = sub_lab - 1; /* we count from zero, thank you */
- for (i = par_lab -1; i >= 0; i--) {
- tmp_sub = ldns_dname_label(sub_clone, j);
- tmp_par = ldns_dname_label(parent_clone, i);
- if (!tmp_sub || !tmp_par) {
- /* deep free does null check */
- ldns_rdf_deep_free(tmp_sub);
- ldns_rdf_deep_free(tmp_par);
- result = false;
- break;
- }
-
- if (ldns_rdf_compare(tmp_sub, tmp_par) != 0) {
- /* they are not equal */
- ldns_rdf_deep_free(tmp_sub);
- ldns_rdf_deep_free(tmp_par);
- result = false;
- break;
- }
- ldns_rdf_deep_free(tmp_sub);
- ldns_rdf_deep_free(tmp_par);
- j--;
- }
- }
- ldns_rdf_deep_free(sub_clone);
- ldns_rdf_deep_free(parent_clone);
- return result;
-}
-
-int
-ldns_dname_compare(const ldns_rdf *dname1, const ldns_rdf *dname2)
-{
- size_t lc1, lc2, lc1f, lc2f;
- size_t i;
- int result = 0;
- uint8_t *lp1, *lp2;
-
- /* see RFC4034 for this algorithm */
- /* this algorithm assumes the names are normalized to case */
-
- /* only when both are not NULL we can say anything about them */
- if (!dname1 && !dname2) {
- return 0;
- }
- if (!dname1 || !dname2) {
- return -1;
- }
- /* asserts must happen later as we are looking in the
- * dname, which could be NULL. But this case is handled
- * above
- */
- assert(ldns_rdf_get_type(dname1) == LDNS_RDF_TYPE_DNAME);
- assert(ldns_rdf_get_type(dname2) == LDNS_RDF_TYPE_DNAME);
-
- lc1 = ldns_dname_label_count(dname1);
- lc2 = ldns_dname_label_count(dname2);
-
- if (lc1 == 0 && lc2 == 0) {
- return 0;
- }
- if (lc1 == 0) {
- return -1;
- }
- if (lc2 == 0) {
- return 1;
- }
- lc1--;
- lc2--;
- /* we start at the last label */
- while (true) {
- /* find the label first */
- lc1f = lc1;
- lp1 = ldns_rdf_data(dname1);
- while (lc1f > 0) {
- lp1 += *lp1 + 1;
- lc1f--;
- }
-
- /* and find the other one */
- lc2f = lc2;
- lp2 = ldns_rdf_data(dname2);
- while (lc2f > 0) {
- lp2 += *lp2 + 1;
- lc2f--;
- }
-
- /* now check the label character for character. */
- for (i = 1; i < (size_t)(*lp1 + 1); i++) {
- if (i > *lp2) {
- /* apparently label 1 is larger */
- result = 1;
- goto done;
- }
- if (LDNS_DNAME_NORMALIZE((int) *(lp1 + i)) <
- LDNS_DNAME_NORMALIZE((int) *(lp2 + i))) {
- result = -1;
- goto done;
- } else if (LDNS_DNAME_NORMALIZE((int) *(lp1 + i)) >
- LDNS_DNAME_NORMALIZE((int) *(lp2 + i))) {
- result = 1;
- goto done;
- }
- }
- if (*lp1 < *lp2) {
- /* apparently label 2 is larger */
- result = -1;
- goto done;
- }
- if (lc1 == 0 && lc2 > 0) {
- result = -1;
- goto done;
- } else if (lc1 > 0 && lc2 == 0) {
- result = 1;
- goto done;
- } else if (lc1 == 0 && lc2 == 0) {
- result = 0;
- goto done;
- }
- lc1--;
- lc2--;
- }
-
- done:
- return result;
-}
-
-int
-ldns_dname_is_wildcard(const ldns_rdf* dname)
-{
- return ( ldns_dname_label_count(dname) > 0 &&
- ldns_rdf_data(dname)[0] == 1 &&
- ldns_rdf_data(dname)[1] == '*');
-}
-
-int
-ldns_dname_match_wildcard(const ldns_rdf *dname, const ldns_rdf *wildcard)
-{
- ldns_rdf *wc_chopped;
- int result;
- /* check whether it really is a wildcard */
- if (ldns_dname_is_wildcard(wildcard)) {
- /* ok, so the dname needs to be a subdomain of the wildcard
- * without the *
- */
- wc_chopped = ldns_dname_left_chop(wildcard);
- result = (int) ldns_dname_is_subdomain(dname, wc_chopped);
- ldns_rdf_deep_free(wc_chopped);
- } else {
- result = (ldns_dname_compare(dname, wildcard) == 0);
- }
- return result;
-}
-
-/* nsec test: does prev <= middle < next
- * -1 = yes
- * 0 = error/can't tell
- * 1 = no
- */
-int
-ldns_dname_interval(const ldns_rdf *prev, const ldns_rdf *middle,
- const ldns_rdf *next)
-{
- int prev_check, next_check;
-
- assert(ldns_rdf_get_type(prev) == LDNS_RDF_TYPE_DNAME);
- assert(ldns_rdf_get_type(middle) == LDNS_RDF_TYPE_DNAME);
- assert(ldns_rdf_get_type(next) == LDNS_RDF_TYPE_DNAME);
-
- prev_check = ldns_dname_compare(prev, middle);
- next_check = ldns_dname_compare(middle, next);
- /* <= next. This cannot be the case for nsec, because then we would
- * have gotten the nsec of next...
- */
- if (next_check == 0) {
- return 0;
- }
-
- /* <= */
- if ((prev_check == -1 || prev_check == 0) &&
- /* < */
- next_check == -1) {
- return -1;
- } else {
- return 1;
- }
-}
-
-
-bool
-ldns_dname_str_absolute(const char *dname_str)
-{
- const char* s;
- if(dname_str && strcmp(dname_str, ".") == 0)
- return 1;
- if(!dname_str || strlen(dname_str) < 2)
- return 0;
- if(dname_str[strlen(dname_str) - 1] != '.')
- return 0;
- if(dname_str[strlen(dname_str) - 2] != '\\')
- return 1; /* ends in . and no \ before it */
- /* so we have the case of ends in . and there is \ before it */
- for(s=dname_str; *s; s++) {
- if(*s == '\\') {
- if(s[1] && s[2] && s[3] /* check length */
- && isdigit(s[1]) && isdigit(s[2]) &&
- isdigit(s[3]))
- s += 3;
- else if(!s[1] || isdigit(s[1])) /* escape of nul,0-9 */
- return 0; /* parse error */
- else s++; /* another character escaped */
- }
- else if(!*(s+1) && *s == '.')
- return 1; /* trailing dot, unescaped */
- }
- return 0;
-}
-
-ldns_rdf *
-ldns_dname_label(const ldns_rdf *rdf, uint8_t labelpos)
-{
- uint8_t labelcnt;
- uint16_t src_pos;
- uint16_t len;
- ldns_rdf *tmpnew;
- size_t s;
-
- if (ldns_rdf_get_type(rdf) != LDNS_RDF_TYPE_DNAME) {
- return NULL;
- }
-
- labelcnt = 0;
- src_pos = 0;
- s = ldns_rdf_size(rdf);
-
- len = ldns_rdf_data(rdf)[src_pos]; /* label start */
- while ((len > 0) && src_pos < s) {
- if (labelcnt == labelpos) {
- /* found our label */
- tmpnew = LDNS_MALLOC(ldns_rdf);
- if (!tmpnew) {
- return NULL;
- }
- tmpnew->_type = LDNS_RDF_TYPE_DNAME;
- tmpnew->_data = LDNS_XMALLOC(uint8_t, len + 2);
- if (!tmpnew->_data) {
- LDNS_FREE(tmpnew);
- return NULL;
- }
- memset(tmpnew->_data, 0, len + 2);
- memcpy(tmpnew->_data, ldns_rdf_data(rdf) + src_pos, len + 1);
- tmpnew->_size = len + 2;
- return tmpnew;
- }
- src_pos++;
- src_pos += len;
- len = ldns_rdf_data(rdf)[src_pos];
- labelcnt++;
- }
- return NULL;
-}
+++ /dev/null
-/*
- * dnssec.c
- *
- * contains the cryptographic function needed for DNSSEC in ldns
- * The crypto library used is openssl
- *
- * (c) NLnet Labs, 2004-2008
- *
- * See the file LICENSE for the license
- */
-
-#include <ldns/config.h>
-
-#include <ldns/ldns.h>
-#include <ldns/dnssec.h>
-
-#ifdef _MSC_VER
-#include <string.h>
-#else
-#include <strings.h>
-#endif
-#include <time.h>
-
-#ifdef HAVE_SSL
-#include <openssl/ssl.h>
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#include <openssl/err.h>
-#include <openssl/md5.h>
-#endif
-
-ldns_rr *
-ldns_dnssec_get_rrsig_for_name_and_type(const ldns_rdf *name,
- const ldns_rr_type type,
- const ldns_rr_list *rrs)
-{
- size_t i;
- ldns_rr *candidate;
-
- if (!name || !rrs) {
- return NULL;
- }
-
- for (i = 0; i < ldns_rr_list_rr_count(rrs); i++) {
- candidate = ldns_rr_list_rr(rrs, i);
- if (ldns_rr_get_type(candidate) == LDNS_RR_TYPE_RRSIG) {
- if (ldns_dname_compare(ldns_rr_owner(candidate),
- name) == 0 &&
- ldns_rdf2rr_type(ldns_rr_rrsig_typecovered(candidate))
- == type
- ) {
- return candidate;
- }
- }
- }
-
- return NULL;
-}
-
-ldns_rr *
-ldns_dnssec_get_dnskey_for_rrsig(const ldns_rr *rrsig,
- const ldns_rr_list *rrs)
-{
- size_t i;
- ldns_rr *candidate;
-
- if (!rrsig || !rrs) {
- return NULL;
- }
-
- for (i = 0; i < ldns_rr_list_rr_count(rrs); i++) {
- candidate = ldns_rr_list_rr(rrs, i);
- if (ldns_rr_get_type(candidate) == LDNS_RR_TYPE_DNSKEY) {
- if (ldns_dname_compare(ldns_rr_owner(candidate),
- ldns_rr_rrsig_signame(rrsig)) == 0 &&
- ldns_rdf2native_int16(ldns_rr_rrsig_keytag(rrsig)) ==
- ldns_calc_keytag(candidate)
- ) {
- return candidate;
- }
- }
- }
-
- return NULL;
-}
-
-ldns_rdf *
-ldns_nsec_get_bitmap(ldns_rr *nsec) {
- if (ldns_rr_get_type(nsec) == LDNS_RR_TYPE_NSEC) {
- return ldns_rr_rdf(nsec, 1);
- } else if (ldns_rr_get_type(nsec) == LDNS_RR_TYPE_NSEC3) {
- return ldns_rr_rdf(nsec, 5);
- } else {
- return NULL;
- }
-}
-
-/*return the owner name of the closest encloser for name from the list of rrs */
-/* this is NOT the hash, but the original name! */
-ldns_rdf *
-ldns_dnssec_nsec3_closest_encloser(ldns_rdf *qname,
- ATTR_UNUSED(ldns_rr_type qtype),
- ldns_rr_list *nsec3s)
-{
- /* remember parameters, they must match */
- uint8_t algorithm;
- uint32_t iterations;
- uint8_t salt_length;
- uint8_t *salt;
-
- ldns_rdf *sname, *hashed_sname, *tmp;
- ldns_rr *ce;
- bool flag;
-
- bool exact_match_found;
- bool in_range_found;
-
- ldns_status status;
- ldns_rdf *zone_name;
-
- size_t nsec_i;
- ldns_rr *nsec;
- ldns_rdf *result = NULL;
- qtype = qtype;
-
- if (!qname || !nsec3s || ldns_rr_list_rr_count(nsec3s) < 1) {
- return NULL;
- }
-
- nsec = ldns_rr_list_rr(nsec3s, 0);
- algorithm = ldns_nsec3_algorithm(nsec);
- salt_length = ldns_nsec3_salt_length(nsec);
- salt = ldns_nsec3_salt_data(nsec);
- iterations = ldns_nsec3_iterations(nsec);
-
- sname = ldns_rdf_clone(qname);
-
- ce = NULL;
- flag = false;
-
- zone_name = ldns_dname_left_chop(ldns_rr_owner(nsec));
-
- /* algorithm from nsec3-07 8.3 */
- while (ldns_dname_label_count(sname) > 0) {
- exact_match_found = false;
- in_range_found = false;
-
- hashed_sname = ldns_nsec3_hash_name(sname,
- algorithm,
- iterations,
- salt_length,
- salt);
-
- status = ldns_dname_cat(hashed_sname, zone_name);
- if(status != LDNS_STATUS_OK) {
- LDNS_FREE(salt);
- ldns_rdf_deep_free(zone_name);
- ldns_rdf_deep_free(sname);
- return NULL;
- }
-
- for (nsec_i = 0; nsec_i < ldns_rr_list_rr_count(nsec3s); nsec_i++) {
- nsec = ldns_rr_list_rr(nsec3s, nsec_i);
-
- /* check values of iterations etc! */
-
- /* exact match? */
- if (ldns_dname_compare(ldns_rr_owner(nsec), hashed_sname) == 0) {
- exact_match_found = true;
- } else if (ldns_nsec_covers_name(nsec, hashed_sname)) {
- in_range_found = true;
- }
-
- }
- if (!exact_match_found && in_range_found) {
- flag = true;
- } else if (exact_match_found && flag) {
- result = ldns_rdf_clone(sname);
- /* RFC 5155: 8.3. 2.** "The proof is complete" */
- ldns_rdf_deep_free(hashed_sname);
- goto done;
- } else if (exact_match_found && !flag) {
- /* error! */
- ldns_rdf_deep_free(hashed_sname);
- goto done;
- } else {
- flag = false;
- }
-
- ldns_rdf_deep_free(hashed_sname);
- tmp = sname;
- sname = ldns_dname_left_chop(sname);
- ldns_rdf_deep_free(tmp);
- }
-
- done:
- LDNS_FREE(salt);
- ldns_rdf_deep_free(zone_name);
- ldns_rdf_deep_free(sname);
-
- return result;
-}
-
-bool
-ldns_dnssec_pkt_has_rrsigs(const ldns_pkt *pkt)
-{
- size_t i;
- for (i = 0; i < ldns_pkt_ancount(pkt); i++) {
- if (ldns_rr_get_type(ldns_rr_list_rr(ldns_pkt_answer(pkt), i)) ==
- LDNS_RR_TYPE_RRSIG) {
- return true;
- }
- }
- for (i = 0; i < ldns_pkt_nscount(pkt); i++) {
- if (ldns_rr_get_type(ldns_rr_list_rr(ldns_pkt_authority(pkt), i)) ==
- LDNS_RR_TYPE_RRSIG) {
- return true;
- }
- }
- return false;
-}
-
-ldns_rr_list *
-ldns_dnssec_pkt_get_rrsigs_for_name_and_type(const ldns_pkt *pkt,
- ldns_rdf *name,
- ldns_rr_type type)
-{
- uint16_t t_netorder;
- ldns_rr_list *sigs;
- ldns_rr_list *sigs_covered;
- ldns_rdf *rdf_t;
-
- sigs = ldns_pkt_rr_list_by_name_and_type(pkt,
- name,
- LDNS_RR_TYPE_RRSIG,
- LDNS_SECTION_ANY_NOQUESTION
- );
-
- t_netorder = htons(type); /* rdf are in network order! */
- rdf_t = ldns_rdf_new(LDNS_RDF_TYPE_TYPE, LDNS_RDF_SIZE_WORD, &t_netorder);
- sigs_covered = ldns_rr_list_subtype_by_rdf(sigs, rdf_t, 0);
-
- ldns_rdf_free(rdf_t);
- ldns_rr_list_deep_free(sigs);
-
- return sigs_covered;
-
-}
-
-ldns_rr_list *
-ldns_dnssec_pkt_get_rrsigs_for_type(const ldns_pkt *pkt, ldns_rr_type type)
-{
- uint16_t t_netorder;
- ldns_rr_list *sigs;
- ldns_rr_list *sigs_covered;
- ldns_rdf *rdf_t;
-
- sigs = ldns_pkt_rr_list_by_type(pkt,
- LDNS_RR_TYPE_RRSIG,
- LDNS_SECTION_ANY_NOQUESTION
- );
-
- t_netorder = htons(type); /* rdf are in network order! */
- rdf_t = ldns_rdf_new(LDNS_RDF_TYPE_TYPE,
- 2,
- &t_netorder);
- sigs_covered = ldns_rr_list_subtype_by_rdf(sigs, rdf_t, 0);
-
- ldns_rdf_free(rdf_t);
- ldns_rr_list_deep_free(sigs);
-
- return sigs_covered;
-
-}
-
-/* used only on the public key RR */
-uint16_t
-ldns_calc_keytag(const ldns_rr *key)
-{
- uint16_t ac16;
- ldns_buffer *keybuf;
- size_t keysize;
-
- if (!key) {
- return 0;
- }
-
- if (ldns_rr_get_type(key) != LDNS_RR_TYPE_DNSKEY &&
- ldns_rr_get_type(key) != LDNS_RR_TYPE_KEY
- ) {
- return 0;
- }
-
- /* rdata to buf - only put the rdata in a buffer */
- keybuf = ldns_buffer_new(LDNS_MIN_BUFLEN); /* grows */
- if (!keybuf) {
- return 0;
- }
- (void)ldns_rr_rdata2buffer_wire(keybuf, key);
- /* the current pos in the buffer is the keysize */
- keysize= ldns_buffer_position(keybuf);
-
- ac16 = ldns_calc_keytag_raw(ldns_buffer_begin(keybuf), keysize);
- ldns_buffer_free(keybuf);
- return ac16;
-}
-
-uint16_t ldns_calc_keytag_raw(uint8_t* key, size_t keysize)
-{
- unsigned int i;
- uint32_t ac32;
- uint16_t ac16;
-
- if(keysize < 4) {
- return 0;
- }
- /* look at the algorithm field, copied from 2535bis */
- if (key[3] == LDNS_RSAMD5) {
- ac16 = 0;
- if (keysize > 4) {
- memmove(&ac16, key + keysize - 3, 2);
- }
- ac16 = ntohs(ac16);
- return (uint16_t) ac16;
- } else {
- ac32 = 0;
- for (i = 0; (size_t)i < keysize; ++i) {
- ac32 += (i & 1) ? key[i] : key[i] << 8;
- }
- ac32 += (ac32 >> 16) & 0xFFFF;
- return (uint16_t) (ac32 & 0xFFFF);
- }
-}
-
-#ifdef HAVE_SSL
-DSA *
-ldns_key_buf2dsa(ldns_buffer *key)
-{
- return ldns_key_buf2dsa_raw((unsigned char*)ldns_buffer_begin(key),
- ldns_buffer_position(key));
-}
-
-DSA *
-ldns_key_buf2dsa_raw(unsigned char* key, size_t len)
-{
- uint8_t T;
- uint16_t length;
- uint16_t offset;
- DSA *dsa;
- BIGNUM *Q; BIGNUM *P;
- BIGNUM *G; BIGNUM *Y;
-
- if(len == 0)
- return NULL;
- T = (uint8_t)key[0];
- length = (64 + T * 8);
- offset = 1;
-
- if (T > 8) {
- return NULL;
- }
- if(len < (size_t)1 + SHA_DIGEST_LENGTH + 3*length)
- return NULL;
-
- Q = BN_bin2bn(key+offset, SHA_DIGEST_LENGTH, NULL);
- offset += SHA_DIGEST_LENGTH;
-
- P = BN_bin2bn(key+offset, (int)length, NULL);
- offset += length;
-
- G = BN_bin2bn(key+offset, (int)length, NULL);
- offset += length;
-
- Y = BN_bin2bn(key+offset, (int)length, NULL);
- offset += length;
-
- /* create the key and set its properties */
- if(!Q || !P || !G || !Y || !(dsa = DSA_new())) {
- BN_free(Q);
- BN_free(P);
- BN_free(G);
- BN_free(Y);
- return NULL;
- }
-#ifndef S_SPLINT_S
- dsa->p = P;
- dsa->q = Q;
- dsa->g = G;
- dsa->pub_key = Y;
-#endif /* splint */
-
- return dsa;
-}
-
-RSA *
-ldns_key_buf2rsa(ldns_buffer *key)
-{
- return ldns_key_buf2rsa_raw((unsigned char*)ldns_buffer_begin(key),
- ldns_buffer_position(key));
-}
-
-RSA *
-ldns_key_buf2rsa_raw(unsigned char* key, size_t len)
-{
- uint16_t offset;
- uint16_t exp;
- uint16_t int16;
- RSA *rsa;
- BIGNUM *modulus;
- BIGNUM *exponent;
-
- if (len == 0)
- return NULL;
- if (key[0] == 0) {
- if(len < 3)
- return NULL;
- /* need some smart comment here XXX*/
- /* the exponent is too large so it's places
- * futher...???? */
- memmove(&int16, key+1, 2);
- exp = ntohs(int16);
- offset = 3;
- } else {
- exp = key[0];
- offset = 1;
- }
-
- /* key length at least one */
- if(len < (size_t)offset + exp + 1)
- return NULL;
-
- /* Exponent */
- exponent = BN_new();
- if(!exponent) return NULL;
- (void) BN_bin2bn(key+offset, (int)exp, exponent);
- offset += exp;
-
- /* Modulus */
- modulus = BN_new();
- if(!modulus) {
- BN_free(exponent);
- return NULL;
- }
- /* length of the buffer must match the key length! */
- (void) BN_bin2bn(key+offset, (int)(len - offset), modulus);
-
- rsa = RSA_new();
- if(!rsa) {
- BN_free(exponent);
- BN_free(modulus);
- return NULL;
- }
-#ifndef S_SPLINT_S
- rsa->n = modulus;
- rsa->e = exponent;
-#endif /* splint */
-
- return rsa;
-}
-
-int
-ldns_digest_evp(unsigned char* data, unsigned int len, unsigned char* dest,
- const EVP_MD* md)
-{
- EVP_MD_CTX* ctx;
- ctx = EVP_MD_CTX_create();
- if(!ctx)
- return false;
- if(!EVP_DigestInit_ex(ctx, md, NULL) ||
- !EVP_DigestUpdate(ctx, data, len) ||
- !EVP_DigestFinal_ex(ctx, dest, NULL)) {
- EVP_MD_CTX_destroy(ctx);
- return false;
- }
- EVP_MD_CTX_destroy(ctx);
- return true;
-}
-#endif /* HAVE_SSL */
-
-ldns_rr *
-ldns_key_rr2ds(const ldns_rr *key, ldns_hash h)
-{
- ldns_rdf *tmp;
- ldns_rr *ds;
- uint16_t keytag;
- uint8_t sha1hash;
- uint8_t *digest;
- ldns_buffer *data_buf;
-#ifdef USE_GOST
- const EVP_MD* md = NULL;
-#endif
-
- if (ldns_rr_get_type(key) != LDNS_RR_TYPE_DNSKEY) {
- return NULL;
- }
-
- ds = ldns_rr_new();
- if (!ds) {
- return NULL;
- }
- ldns_rr_set_type(ds, LDNS_RR_TYPE_DS);
- ldns_rr_set_owner(ds, ldns_rdf_clone(
- ldns_rr_owner(key)));
- ldns_rr_set_ttl(ds, ldns_rr_ttl(key));
- ldns_rr_set_class(ds, ldns_rr_get_class(key));
-
- switch(h) {
- default:
- case LDNS_SHA1:
- digest = LDNS_XMALLOC(uint8_t, LDNS_SHA1_DIGEST_LENGTH);
- if (!digest) {
- ldns_rr_free(ds);
- return NULL;
- }
- break;
- case LDNS_SHA256:
- digest = LDNS_XMALLOC(uint8_t, LDNS_SHA256_DIGEST_LENGTH);
- if (!digest) {
- ldns_rr_free(ds);
- return NULL;
- }
- break;
- case LDNS_HASH_GOST:
-#ifdef USE_GOST
- (void)ldns_key_EVP_load_gost_id();
- md = EVP_get_digestbyname("md_gost94");
- if(!md) {
- ldns_rr_free(ds);
- return NULL;
- }
- digest = LDNS_XMALLOC(uint8_t, EVP_MD_size(md));
- if (!digest) {
- ldns_rr_free(ds);
- return NULL;
- }
- break;
-#else
- /* not implemented */
- ldns_rr_free(ds);
- return NULL;
-#endif
-#ifdef USE_ECDSA
- case LDNS_SHA384:
- digest = LDNS_XMALLOC(uint8_t, SHA384_DIGEST_LENGTH);
- if (!digest) {
- ldns_rr_free(ds);
- return NULL;
- }
- break;
-#else
- /* not implemented */
- ldns_rr_free(ds);
- return NULL;
-#endif
- }
-
- data_buf = ldns_buffer_new(LDNS_MAX_PACKETLEN);
- if (!data_buf) {
- LDNS_FREE(digest);
- ldns_rr_free(ds);
- return NULL;
- }
-
- /* keytag */
- keytag = htons(ldns_calc_keytag((ldns_rr*)key));
- tmp = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_INT16,
- sizeof(uint16_t),
- &keytag);
- ldns_rr_push_rdf(ds, tmp);
-
- /* copy the algorithm field */
- ldns_rr_push_rdf(ds, ldns_rdf_clone( ldns_rr_rdf(key, 2)));
-
- /* digest hash type */
- sha1hash = (uint8_t)h;
- tmp = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_INT8,
- sizeof(uint8_t),
- &sha1hash);
- ldns_rr_push_rdf(ds, tmp);
-
- /* digest */
- /* owner name */
- tmp = ldns_rdf_clone(ldns_rr_owner(key));
- ldns_dname2canonical(tmp);
- if (ldns_rdf2buffer_wire(data_buf, tmp) != LDNS_STATUS_OK) {
- LDNS_FREE(digest);
- ldns_buffer_free(data_buf);
- ldns_rr_free(ds);
- ldns_rdf_deep_free(tmp);
- return NULL;
- }
- ldns_rdf_deep_free(tmp);
-
- /* all the rdata's */
- if (ldns_rr_rdata2buffer_wire(data_buf,
- (ldns_rr*)key) != LDNS_STATUS_OK) {
- LDNS_FREE(digest);
- ldns_buffer_free(data_buf);
- ldns_rr_free(ds);
- return NULL;
- }
- switch(h) {
- case LDNS_SHA1:
- (void) ldns_sha1((unsigned char *) ldns_buffer_begin(data_buf),
- (unsigned int) ldns_buffer_position(data_buf),
- (unsigned char *) digest);
-
- tmp = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_HEX,
- LDNS_SHA1_DIGEST_LENGTH,
- digest);
- ldns_rr_push_rdf(ds, tmp);
-
- break;
- case LDNS_SHA256:
- (void) ldns_sha256((unsigned char *) ldns_buffer_begin(data_buf),
- (unsigned int) ldns_buffer_position(data_buf),
- (unsigned char *) digest);
- tmp = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_HEX,
- LDNS_SHA256_DIGEST_LENGTH,
- digest);
- ldns_rr_push_rdf(ds, tmp);
- break;
- case LDNS_HASH_GOST:
-#ifdef USE_GOST
- if(!ldns_digest_evp((unsigned char *) ldns_buffer_begin(data_buf),
- (unsigned int) ldns_buffer_position(data_buf),
- (unsigned char *) digest, md)) {
- LDNS_FREE(digest);
- ldns_buffer_free(data_buf);
- ldns_rr_free(ds);
- return NULL;
- }
- tmp = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_HEX,
- (size_t)EVP_MD_size(md),
- digest);
- ldns_rr_push_rdf(ds, tmp);
-#endif
- break;
-#ifdef USE_ECDSA
- case LDNS_SHA384:
- (void) SHA384((unsigned char *) ldns_buffer_begin(data_buf),
- (unsigned int) ldns_buffer_position(data_buf),
- (unsigned char *) digest);
- tmp = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_HEX,
- SHA384_DIGEST_LENGTH,
- digest);
- ldns_rr_push_rdf(ds, tmp);
- break;
-#endif
- }
-
- LDNS_FREE(digest);
- ldns_buffer_free(data_buf);
- return ds;
-}
-
-ldns_rdf *
-ldns_dnssec_create_nsec_bitmap(ldns_rr_type rr_type_list[],
- size_t size,
- ldns_rr_type nsec_type)
-{
- size_t i;
- uint8_t *bitmap;
- uint16_t bm_len = 0;
- uint16_t i_type;
- ldns_rdf *bitmap_rdf;
-
- uint8_t *data = NULL;
- uint8_t cur_data[32];
- uint8_t cur_window = 0;
- uint8_t cur_window_max = 0;
- uint16_t cur_data_size = 0;
-
- if (nsec_type != LDNS_RR_TYPE_NSEC &&
- nsec_type != LDNS_RR_TYPE_NSEC3) {
- return NULL;
- }
-
- i_type = 0;
- for (i = 0; i < size; i++) {
- if (i_type < rr_type_list[i])
- i_type = rr_type_list[i];
- }
- if (i_type < nsec_type) {
- i_type = nsec_type;
- }
-
- bm_len = i_type / 8 + 2;
- bitmap = LDNS_XMALLOC(uint8_t, bm_len);
- if(!bitmap) return NULL;
- for (i = 0; i < bm_len; i++) {
- bitmap[i] = 0;
- }
-
- for (i = 0; i < size; i++) {
- i_type = rr_type_list[i];
- ldns_set_bit(bitmap + (int) i_type / 8,
- (int) (7 - (i_type % 8)),
- true);
- }
-
- /* fold it into windows TODO: can this be done directly? */
- memset(cur_data, 0, 32);
- for (i = 0; i < bm_len; i++) {
- if (i / 32 > cur_window) {
- /* check, copy, new */
- if (cur_window_max > 0) {
- /* this window has stuff, add it */
- data = LDNS_XREALLOC(data,
- uint8_t,
- cur_data_size + cur_window_max + 3);
- if(!data) {
- LDNS_FREE(bitmap);
- return NULL;
- }
- data[cur_data_size] = cur_window;
- data[cur_data_size + 1] = cur_window_max + 1;
- memcpy(data + cur_data_size + 2,
- cur_data,
- cur_window_max+1);
- cur_data_size += cur_window_max + 3;
- }
- cur_window++;
- cur_window_max = 0;
- memset(cur_data, 0, 32);
- }
- cur_data[i%32] = bitmap[i];
- if (bitmap[i] > 0) {
- cur_window_max = i%32;
- }
- }
- if (cur_window_max > 0 || cur_data[0] != 0) {
- /* this window has stuff, add it */
- data = LDNS_XREALLOC(data,
- uint8_t,
- cur_data_size + cur_window_max + 3);
- if(!data) {
- LDNS_FREE(bitmap);
- return NULL;
- }
- data[cur_data_size] = cur_window;
- data[cur_data_size + 1] = cur_window_max + 1;
- memcpy(data + cur_data_size + 2, cur_data, cur_window_max+1);
- cur_data_size += cur_window_max + 3;
- }
-
- bitmap_rdf = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_NSEC,
- cur_data_size,
- data);
-
- LDNS_FREE(bitmap);
- LDNS_FREE(data);
-
- return bitmap_rdf;
-}
-
-int
-ldns_dnssec_rrsets_contains_type(ldns_dnssec_rrsets *rrsets,
- ldns_rr_type type)
-{
- ldns_dnssec_rrsets *cur_rrset = rrsets;
- while (cur_rrset) {
- if (cur_rrset->type == type) {
- return 1;
- }
- cur_rrset = cur_rrset->next;
- }
- return 0;
-}
-
-/* returns true if the current dnssec_rrset from the given list of rrsets
- * is glue */
-static int
-is_glue(ldns_dnssec_rrsets *cur_rrsets, ldns_dnssec_rrsets *orig_rrsets)
-{
- /* only glue if a or aaaa if there are no ns, unless there is soa */
- return (cur_rrsets->type == LDNS_RR_TYPE_A ||
- cur_rrsets->type == LDNS_RR_TYPE_AAAA) &&
- (ldns_dnssec_rrsets_contains_type(orig_rrsets,
- LDNS_RR_TYPE_NS) &&
- !ldns_dnssec_rrsets_contains_type(orig_rrsets,
- LDNS_RR_TYPE_SOA));
-}
-
-ldns_rr *
-ldns_dnssec_create_nsec(ldns_dnssec_name *from,
- ldns_dnssec_name *to,
- ldns_rr_type nsec_type)
-{
- ldns_rr *nsec_rr;
- ldns_rr_type types[65536];
- size_t type_count = 0;
- ldns_dnssec_rrsets *cur_rrsets;
-
- if (!from || !to || (nsec_type != LDNS_RR_TYPE_NSEC &&
- nsec_type != LDNS_RR_TYPE_NSEC3)) {
- return NULL;
- }
-
- nsec_rr = ldns_rr_new();
- ldns_rr_set_type(nsec_rr, nsec_type);
- ldns_rr_set_owner(nsec_rr, ldns_rdf_clone(ldns_dnssec_name_name(from)));
- ldns_rr_push_rdf(nsec_rr, ldns_rdf_clone(ldns_dnssec_name_name(to)));
-
- cur_rrsets = from->rrsets;
- while (cur_rrsets) {
- if (is_glue(cur_rrsets, from->rrsets)) {
- cur_rrsets = cur_rrsets->next;
- continue;
- }
- if (cur_rrsets->type != LDNS_RR_TYPE_RRSIG &&
- cur_rrsets->type != LDNS_RR_TYPE_NSEC) {
- types[type_count] = cur_rrsets->type;
- type_count++;
- }
- cur_rrsets = cur_rrsets->next;
-
- }
- types[type_count] = LDNS_RR_TYPE_RRSIG;
- type_count++;
- types[type_count] = LDNS_RR_TYPE_NSEC;
- type_count++;
-
- ldns_rr_push_rdf(nsec_rr, ldns_dnssec_create_nsec_bitmap(types,
- type_count,
- nsec_type));
-
- return nsec_rr;
-}
-
-ldns_rr *
-ldns_dnssec_create_nsec3(ldns_dnssec_name *from,
- ldns_dnssec_name *to,
- ldns_rdf *zone_name,
- uint8_t algorithm,
- uint8_t flags,
- uint16_t iterations,
- uint8_t salt_length,
- uint8_t *salt)
-{
- ldns_rr *nsec_rr;
- ldns_rr_type types[65536];
- size_t type_count = 0;
- ldns_dnssec_rrsets *cur_rrsets;
- ldns_status status;
-
- flags = flags;
-
- if (!from) {
- return NULL;
- }
-
- nsec_rr = ldns_rr_new_frm_type(LDNS_RR_TYPE_NSEC3);
- ldns_rr_set_owner(nsec_rr,
- ldns_nsec3_hash_name(ldns_dnssec_name_name(from),
- algorithm,
- iterations,
- salt_length,
- salt));
- status = ldns_dname_cat(ldns_rr_owner(nsec_rr), zone_name);
- if(status != LDNS_STATUS_OK) {
- ldns_rr_free(nsec_rr);
- return NULL;
- }
- ldns_nsec3_add_param_rdfs(nsec_rr,
- algorithm,
- flags,
- iterations,
- salt_length,
- salt);
-
- cur_rrsets = from->rrsets;
- while (cur_rrsets) {
- if (is_glue(cur_rrsets, from->rrsets)) {
- cur_rrsets = cur_rrsets->next;
- continue;
- }
- if (cur_rrsets->type != LDNS_RR_TYPE_RRSIG) {
- types[type_count] = cur_rrsets->type;
- type_count++;
- }
- cur_rrsets = cur_rrsets->next;
- }
- /* always add rrsig type if this is not an unsigned
- * delegation
- */
- if (type_count > 0 &&
- !(type_count == 1 && types[0] == LDNS_RR_TYPE_NS)) {
- types[type_count] = LDNS_RR_TYPE_RRSIG;
- type_count++;
- }
-
- /* leave next rdata empty if they weren't precomputed yet */
- if (to && to->hashed_name) {
- (void) ldns_rr_set_rdf(nsec_rr,
- ldns_rdf_clone(to->hashed_name),
- 4);
- } else {
- (void) ldns_rr_set_rdf(nsec_rr, NULL, 4);
- }
-
- ldns_rr_push_rdf(nsec_rr,
- ldns_dnssec_create_nsec_bitmap(types,
- type_count,
- LDNS_RR_TYPE_NSEC3));
-
- return nsec_rr;
-}
-
-ldns_rr *
-ldns_create_nsec(ldns_rdf *cur_owner, ldns_rdf *next_owner, ldns_rr_list *rrs)
-{
- /* we do not do any check here - garbage in, garbage out */
-
- /* the the start and end names - get the type from the
- * before rrlist */
-
- /* inefficient, just give it a name, a next name, and a list of rrs */
- /* we make 1 big uberbitmap first, then windows */
- /* todo: make something more efficient :) */
- uint16_t i;
- ldns_rr *i_rr;
- uint16_t i_type;
-
- ldns_rr *nsec = NULL;
- ldns_rr_type i_type_list[65536];
- size_t type_count = 0;
-
- nsec = ldns_rr_new();
- ldns_rr_set_type(nsec, LDNS_RR_TYPE_NSEC);
- ldns_rr_set_owner(nsec, ldns_rdf_clone(cur_owner));
- ldns_rr_push_rdf(nsec, ldns_rdf_clone(next_owner));
-
- for (i = 0; i < ldns_rr_list_rr_count(rrs); i++) {
- i_rr = ldns_rr_list_rr(rrs, i);
- if (ldns_rdf_compare(cur_owner,
- ldns_rr_owner(i_rr)) == 0) {
- i_type = ldns_rr_get_type(i_rr);
- if (i_type != LDNS_RR_TYPE_RRSIG && i_type != LDNS_RR_TYPE_NSEC) {
- if (type_count == 0 || i_type_list[type_count-1] != i_type) {
- i_type_list[type_count] = i_type;
- type_count++;
- }
- }
- }
- }
-
- i_type_list[type_count] = LDNS_RR_TYPE_RRSIG;
- type_count++;
- i_type_list[type_count] = LDNS_RR_TYPE_NSEC;
- type_count++;
-
- ldns_rr_push_rdf(nsec,
- ldns_dnssec_create_nsec_bitmap(i_type_list,
- type_count, LDNS_RR_TYPE_NSEC));
-
- return nsec;
-}
-
-ldns_rdf *
-ldns_nsec3_hash_name(ldns_rdf *name,
- uint8_t algorithm,
- uint16_t iterations,
- uint8_t salt_length,
- uint8_t *salt)
-{
- size_t hashed_owner_str_len;
- ldns_rdf *cann;
- ldns_rdf *hashed_owner;
- unsigned char *hashed_owner_str;
- char *hashed_owner_b32;
- size_t hashed_owner_b32_len;
- uint32_t cur_it;
- /* define to contain the largest possible hash, which is
- * sha1 at the moment */
- unsigned char hash[LDNS_SHA1_DIGEST_LENGTH];
- ldns_status status;
-
- /* TODO: mnemonic list for hash algs SHA-1, default to 1 now (sha1) */
- if (algorithm != LDNS_SHA1) {
- return NULL;
- }
-
- /* prepare the owner name according to the draft section bla */
- cann = ldns_rdf_clone(name);
- if(!cann) {
- fprintf(stderr, "Memory error\n");
- return NULL;
- }
- ldns_dname2canonical(cann);
-
- hashed_owner_str_len = salt_length + ldns_rdf_size(cann);
- hashed_owner_str = LDNS_XMALLOC(unsigned char, hashed_owner_str_len);
- if(!hashed_owner_str) {
- ldns_rdf_deep_free(cann);
- return NULL;
- }
- memcpy(hashed_owner_str, ldns_rdf_data(cann), ldns_rdf_size(cann));
- memcpy(hashed_owner_str + ldns_rdf_size(cann), salt, salt_length);
- ldns_rdf_deep_free(cann);
-
- for (cur_it = iterations + 1; cur_it > 0; cur_it--) {
- (void) ldns_sha1((unsigned char *) hashed_owner_str,
- (unsigned int) hashed_owner_str_len, hash);
-
- LDNS_FREE(hashed_owner_str);
- hashed_owner_str_len = salt_length + LDNS_SHA1_DIGEST_LENGTH;
- hashed_owner_str = LDNS_XMALLOC(unsigned char, hashed_owner_str_len);
- if (!hashed_owner_str) {
- return NULL;
- }
- memcpy(hashed_owner_str, hash, LDNS_SHA1_DIGEST_LENGTH);
- memcpy(hashed_owner_str + LDNS_SHA1_DIGEST_LENGTH, salt, salt_length);
- hashed_owner_str_len = LDNS_SHA1_DIGEST_LENGTH + salt_length;
- }
-
- LDNS_FREE(hashed_owner_str);
- hashed_owner_str = hash;
- hashed_owner_str_len = LDNS_SHA1_DIGEST_LENGTH;
-
- hashed_owner_b32 = LDNS_XMALLOC(char,
- ldns_b32_ntop_calculate_size(hashed_owner_str_len) + 1);
- if(!hashed_owner_b32) {
- return NULL;
- }
- hashed_owner_b32_len = (size_t) ldns_b32_ntop_extended_hex(
- (uint8_t *) hashed_owner_str,
- hashed_owner_str_len,
- hashed_owner_b32,
- ldns_b32_ntop_calculate_size(hashed_owner_str_len)+1);
- if (hashed_owner_b32_len < 1) {
- fprintf(stderr, "Error in base32 extended hex encoding ");
- fprintf(stderr, "of hashed owner name (name: ");
- ldns_rdf_print(stderr, name);
- fprintf(stderr, ", return code: %u)\n",
- (unsigned int) hashed_owner_b32_len);
- LDNS_FREE(hashed_owner_b32);
- return NULL;
- }
- hashed_owner_b32[hashed_owner_b32_len] = '\0';
-
- status = ldns_str2rdf_dname(&hashed_owner, hashed_owner_b32);
- if (status != LDNS_STATUS_OK) {
- fprintf(stderr, "Error creating rdf from %s\n", hashed_owner_b32);
- LDNS_FREE(hashed_owner_b32);
- return NULL;
- }
-
- LDNS_FREE(hashed_owner_b32);
- return hashed_owner;
-}
-
-void
-ldns_nsec3_add_param_rdfs(ldns_rr *rr,
- uint8_t algorithm,
- uint8_t flags,
- uint16_t iterations,
- uint8_t salt_length,
- uint8_t *salt)
-{
- ldns_rdf *salt_rdf = NULL;
- uint8_t *salt_data = NULL;
- ldns_rdf *old;
-
- old = ldns_rr_set_rdf(rr,
- ldns_rdf_new_frm_data(LDNS_RDF_TYPE_INT8,
- 1, (void*)&algorithm),
- 0);
- if (old) ldns_rdf_deep_free(old);
-
- old = ldns_rr_set_rdf(rr,
- ldns_rdf_new_frm_data(LDNS_RDF_TYPE_INT8,
- 1, (void*)&flags),
- 1);
- if (old) ldns_rdf_deep_free(old);
-
- old = ldns_rr_set_rdf(rr,
- ldns_native2rdf_int16(LDNS_RDF_TYPE_INT16,
- iterations),
- 2);
- if (old) ldns_rdf_deep_free(old);
-
- salt_data = LDNS_XMALLOC(uint8_t, salt_length + 1);
- if(!salt_data) {
- /* no way to return error */
- return;
- }
- salt_data[0] = salt_length;
- memcpy(salt_data + 1, salt, salt_length);
- salt_rdf = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_NSEC3_SALT,
- salt_length + 1,
- salt_data);
- if(!salt_rdf) {
- LDNS_FREE(salt_data);
- /* no way to return error */
- return;
- }
-
- old = ldns_rr_set_rdf(rr, salt_rdf, 3);
- if (old) ldns_rdf_deep_free(old);
- LDNS_FREE(salt_data);
-}
-
-static int
-rr_list_delegation_only(ldns_rdf *origin, ldns_rr_list *rr_list)
-{
- size_t i;
- ldns_rr *cur_rr;
- if (!origin || !rr_list) return 0;
- for (i = 0; i < ldns_rr_list_rr_count(rr_list); i++) {
- cur_rr = ldns_rr_list_rr(rr_list, i);
- if (ldns_dname_compare(ldns_rr_owner(cur_rr), origin) == 0) {
- return 0;
- }
- if (ldns_rr_get_type(cur_rr) != LDNS_RR_TYPE_NS) {
- return 0;
- }
- }
- return 1;
-}
-
-/* this will NOT return the NSEC3 completed, you will have to run the
- finalize function on the rrlist later! */
-ldns_rr *
-ldns_create_nsec3(ldns_rdf *cur_owner,
- ldns_rdf *cur_zone,
- ldns_rr_list *rrs,
- uint8_t algorithm,
- uint8_t flags,
- uint16_t iterations,
- uint8_t salt_length,
- uint8_t *salt,
- bool emptynonterminal)
-{
- size_t i;
- ldns_rr *i_rr;
- uint16_t i_type;
-
- ldns_rr *nsec = NULL;
- ldns_rdf *hashed_owner = NULL;
-
- ldns_status status;
-
- ldns_rr_type i_type_list[1024];
- size_t type_count = 0;
-
- hashed_owner = ldns_nsec3_hash_name(cur_owner,
- algorithm,
- iterations,
- salt_length,
- salt);
- status = ldns_dname_cat(hashed_owner, cur_zone);
- if(status != LDNS_STATUS_OK)
- return NULL;
-
- nsec = ldns_rr_new_frm_type(LDNS_RR_TYPE_NSEC3);
- if(!nsec)
- return NULL;
- ldns_rr_set_type(nsec, LDNS_RR_TYPE_NSEC3);
- ldns_rr_set_owner(nsec, hashed_owner);
-
- ldns_nsec3_add_param_rdfs(nsec,
- algorithm,
- flags,
- iterations,
- salt_length,
- salt);
- (void) ldns_rr_set_rdf(nsec, NULL, 4);
-
-
- for (i = 0; i < ldns_rr_list_rr_count(rrs); i++) {
- i_rr = ldns_rr_list_rr(rrs, i);
- if (ldns_rdf_compare(cur_owner,
- ldns_rr_owner(i_rr)) == 0) {
- i_type = ldns_rr_get_type(i_rr);
- if (type_count == 0 || i_type_list[type_count-1] != i_type) {
- i_type_list[type_count] = i_type;
- type_count++;
- }
- }
- }
-
- /* add RRSIG anyway, but only if this is not an ENT or
- * an unsigned delegation */
- if (!emptynonterminal && !rr_list_delegation_only(cur_zone, rrs)) {
- i_type_list[type_count] = LDNS_RR_TYPE_RRSIG;
- type_count++;
- }
-
- /* and SOA if owner == zone */
- if (ldns_dname_compare(cur_zone, cur_owner) == 0) {
- i_type_list[type_count] = LDNS_RR_TYPE_SOA;
- type_count++;
- }
-
- ldns_rr_push_rdf(nsec,
- ldns_dnssec_create_nsec_bitmap(i_type_list,
- type_count, LDNS_RR_TYPE_NSEC3));
-
- return nsec;
-}
-
-uint8_t
-ldns_nsec3_algorithm(const ldns_rr *nsec3_rr)
-{
- if (nsec3_rr && ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3 &&
- ldns_rdf_size(ldns_rr_rdf(nsec3_rr, 0)) > 0
- ) {
- return ldns_rdf2native_int8(ldns_rr_rdf(nsec3_rr, 0));
- }
- return 0;
-}
-
-uint8_t
-ldns_nsec3_flags(const ldns_rr *nsec3_rr)
-{
- if (nsec3_rr && ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3 &&
- ldns_rdf_size(ldns_rr_rdf(nsec3_rr, 1)) > 0
- ) {
- return ldns_rdf2native_int8(ldns_rr_rdf(nsec3_rr, 1));
- }
- return 0;
-}
-
-bool
-ldns_nsec3_optout(const ldns_rr *nsec3_rr)
-{
- return (ldns_nsec3_flags(nsec3_rr) & LDNS_NSEC3_VARS_OPTOUT_MASK);
-}
-
-uint16_t
-ldns_nsec3_iterations(const ldns_rr *nsec3_rr)
-{
- if (nsec3_rr && ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3 &&
- ldns_rdf_size(ldns_rr_rdf(nsec3_rr, 2)) > 0
- ) {
- return ldns_rdf2native_int16(ldns_rr_rdf(nsec3_rr, 2));
- }
- return 0;
-
-}
-
-ldns_rdf *
-ldns_nsec3_salt(const ldns_rr *nsec3_rr)
-{
- if (nsec3_rr && ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3) {
- return ldns_rr_rdf(nsec3_rr, 3);
- }
- return NULL;
-}
-
-uint8_t
-ldns_nsec3_salt_length(const ldns_rr *nsec3_rr)
-{
- ldns_rdf *salt_rdf = ldns_nsec3_salt(nsec3_rr);
- if (salt_rdf && ldns_rdf_size(salt_rdf) > 0) {
- return (uint8_t) ldns_rdf_data(salt_rdf)[0];
- }
- return 0;
-}
-
-/* allocs data, free with LDNS_FREE() */
-uint8_t *
-ldns_nsec3_salt_data(const ldns_rr *nsec3_rr)
-{
- uint8_t salt_length;
- uint8_t *salt;
-
- ldns_rdf *salt_rdf = ldns_nsec3_salt(nsec3_rr);
- if (salt_rdf && ldns_rdf_size(salt_rdf) > 0) {
- salt_length = ldns_rdf_data(salt_rdf)[0];
- salt = LDNS_XMALLOC(uint8_t, salt_length);
- if(!salt) return NULL;
- memcpy(salt, &ldns_rdf_data(salt_rdf)[1], salt_length);
- return salt;
- }
- return NULL;
-}
-
-ldns_rdf *
-ldns_nsec3_next_owner(const ldns_rr *nsec3_rr)
-{
- if (!nsec3_rr || ldns_rr_get_type(nsec3_rr) != LDNS_RR_TYPE_NSEC3) {
- return NULL;
- } else {
- return ldns_rr_rdf(nsec3_rr, 4);
- }
-}
-
-ldns_rdf *
-ldns_nsec3_bitmap(const ldns_rr *nsec3_rr)
-{
- if (!nsec3_rr || ldns_rr_get_type(nsec3_rr) != LDNS_RR_TYPE_NSEC3) {
- return NULL;
- } else {
- return ldns_rr_rdf(nsec3_rr, 5);
- }
-}
-
-ldns_rdf *
-ldns_nsec3_hash_name_frm_nsec3(const ldns_rr *nsec, ldns_rdf *name)
-{
- uint8_t algorithm;
- uint16_t iterations;
- uint8_t salt_length;
- uint8_t *salt = 0;
-
- ldns_rdf *hashed_owner;
-
- algorithm = ldns_nsec3_algorithm(nsec);
- salt_length = ldns_nsec3_salt_length(nsec);
- salt = ldns_nsec3_salt_data(nsec);
- iterations = ldns_nsec3_iterations(nsec);
-
- hashed_owner = ldns_nsec3_hash_name(name,
- algorithm,
- iterations,
- salt_length,
- salt);
-
- LDNS_FREE(salt);
- return hashed_owner;
-}
-
-bool
-ldns_nsec_bitmap_covers_type(const ldns_rdf *nsec_bitmap, ldns_rr_type type)
-{
- uint8_t window_block_nr;
- uint8_t bitmap_length;
- uint16_t cur_type;
- uint16_t pos = 0;
- uint16_t bit_pos;
- uint8_t *data = ldns_rdf_data(nsec_bitmap);
-
- while(pos < ldns_rdf_size(nsec_bitmap)) {
- window_block_nr = data[pos];
- bitmap_length = data[pos + 1];
- pos += 2;
-
- for (bit_pos = 0; bit_pos < (bitmap_length) * 8; bit_pos++) {
- if (ldns_get_bit(&data[pos], bit_pos)) {
- cur_type = 256 * (uint16_t) window_block_nr + bit_pos;
- if (cur_type == type) {
- return true;
- }
- }
- }
-
- pos += (uint16_t) bitmap_length;
- }
- return false;
-}
-
-bool
-ldns_nsec_covers_name(const ldns_rr *nsec, const ldns_rdf *name)
-{
- ldns_rdf *nsec_owner = ldns_rr_owner(nsec);
- ldns_rdf *hash_next;
- char *next_hash_str;
- ldns_rdf *nsec_next = NULL;
- ldns_status status;
- ldns_rdf *chopped_dname;
- bool result;
-
- if (ldns_rr_get_type(nsec) == LDNS_RR_TYPE_NSEC) {
- nsec_next = ldns_rdf_clone(ldns_rr_rdf(nsec, 0));
- } else if (ldns_rr_get_type(nsec) == LDNS_RR_TYPE_NSEC3) {
- hash_next = ldns_nsec3_next_owner(nsec);
- next_hash_str = ldns_rdf2str(hash_next);
- nsec_next = ldns_dname_new_frm_str(next_hash_str);
- LDNS_FREE(next_hash_str);
- chopped_dname = ldns_dname_left_chop(nsec_owner);
- status = ldns_dname_cat(nsec_next, chopped_dname);
- ldns_rdf_deep_free(chopped_dname);
- if (status != LDNS_STATUS_OK) {
- printf("error catting: %s\n", ldns_get_errorstr_by_id(status));
- }
- } else {
- ldns_rdf_deep_free(nsec_next);
- return false;
- }
-
- /* in the case of the last nsec */
- if(ldns_dname_compare(nsec_owner, nsec_next) > 0) {
- result = (ldns_dname_compare(nsec_owner, name) <= 0 ||
- ldns_dname_compare(name, nsec_next) < 0);
- } else {
- result = (ldns_dname_compare(nsec_owner, name) <= 0 &&
- ldns_dname_compare(name, nsec_next) < 0);
- }
-
- ldns_rdf_deep_free(nsec_next);
- return result;
-}
-
-#ifdef HAVE_SSL
-/* sig may be null - if so look in the packet */
-ldns_status
-ldns_pkt_verify(ldns_pkt *p, ldns_rr_type t, ldns_rdf *o,
- ldns_rr_list *k, ldns_rr_list *s, ldns_rr_list *good_keys)
-{
- ldns_rr_list *rrset;
- ldns_rr_list *sigs;
- ldns_rr_list *sigs_covered;
- ldns_rdf *rdf_t;
- ldns_rr_type t_netorder;
-
- if (!k) {
- return LDNS_STATUS_ERR;
- /* return LDNS_STATUS_CRYPTO_NO_DNSKEY; */
- }
-
- if (t == LDNS_RR_TYPE_RRSIG) {
- /* we don't have RRSIG(RRSIG) (yet? ;-) ) */
- return LDNS_STATUS_ERR;
- }
-
- if (s) {
- /* if s is not NULL, the sigs are given to use */
- sigs = s;
- } else {
- /* otherwise get them from the packet */
- sigs = ldns_pkt_rr_list_by_name_and_type(p, o, LDNS_RR_TYPE_RRSIG,
- LDNS_SECTION_ANY_NOQUESTION);
- if (!sigs) {
- /* no sigs */
- return LDNS_STATUS_ERR;
- /* return LDNS_STATUS_CRYPTO_NO_RRSIG; */
- }
- }
-
- /* rrsig are subtyped, so now we need to find the correct
- * sigs for the type t
- */
- t_netorder = htons(t); /* rdf are in network order! */
- /* a type identifier is a 16-bit number, so the size is 2 bytes */
- rdf_t = ldns_rdf_new(LDNS_RDF_TYPE_TYPE,
- 2,
- &t_netorder);
- sigs_covered = ldns_rr_list_subtype_by_rdf(sigs, rdf_t, 0);
-
- rrset = ldns_pkt_rr_list_by_name_and_type(p,
- o,
- t,
- LDNS_SECTION_ANY_NOQUESTION);
-
- if (!rrset) {
- return LDNS_STATUS_ERR;
- }
-
- if (!sigs_covered) {
- return LDNS_STATUS_ERR;
- }
-
- return ldns_verify(rrset, sigs, k, good_keys);
-}
-#endif /* HAVE_SSL */
-
-ldns_status
-ldns_dnssec_chain_nsec3_list(ldns_rr_list *nsec3_rrs)
-{
- size_t i;
- char *next_nsec_owner_str;
- ldns_rdf *next_nsec_owner_label;
- ldns_rdf *next_nsec_rdf;
- ldns_status status = LDNS_STATUS_OK;
-
- for (i = 0; i < ldns_rr_list_rr_count(nsec3_rrs); i++) {
- if (i == ldns_rr_list_rr_count(nsec3_rrs) - 1) {
- next_nsec_owner_label =
- ldns_dname_label(ldns_rr_owner(ldns_rr_list_rr(nsec3_rrs,
- 0)), 0);
- next_nsec_owner_str = ldns_rdf2str(next_nsec_owner_label);
- if (next_nsec_owner_str[strlen(next_nsec_owner_str) - 1]
- == '.') {
- next_nsec_owner_str[strlen(next_nsec_owner_str) - 1]
- = '\0';
- }
- status = ldns_str2rdf_b32_ext(&next_nsec_rdf,
- next_nsec_owner_str);
- if (!ldns_rr_set_rdf(ldns_rr_list_rr(nsec3_rrs, i),
- next_nsec_rdf, 4)) {
- /* todo: error */
- }
-
- ldns_rdf_deep_free(next_nsec_owner_label);
- LDNS_FREE(next_nsec_owner_str);
- } else {
- next_nsec_owner_label =
- ldns_dname_label(ldns_rr_owner(ldns_rr_list_rr(nsec3_rrs,
- i + 1)),
- 0);
- next_nsec_owner_str = ldns_rdf2str(next_nsec_owner_label);
- if (next_nsec_owner_str[strlen(next_nsec_owner_str) - 1]
- == '.') {
- next_nsec_owner_str[strlen(next_nsec_owner_str) - 1]
- = '\0';
- }
- status = ldns_str2rdf_b32_ext(&next_nsec_rdf,
- next_nsec_owner_str);
- ldns_rdf_deep_free(next_nsec_owner_label);
- LDNS_FREE(next_nsec_owner_str);
- if (!ldns_rr_set_rdf(ldns_rr_list_rr(nsec3_rrs, i),
- next_nsec_rdf, 4)) {
- /* todo: error */
- }
- }
- }
- return status;
-}
-
-int
-qsort_rr_compare_nsec3(const void *a, const void *b)
-{
- const ldns_rr *rr1 = * (const ldns_rr **) a;
- const ldns_rr *rr2 = * (const ldns_rr **) b;
- if (rr1 == NULL && rr2 == NULL) {
- return 0;
- }
- if (rr1 == NULL) {
- return -1;
- }
- if (rr2 == NULL) {
- return 1;
- }
- return ldns_rdf_compare(ldns_rr_owner(rr1), ldns_rr_owner(rr2));
-}
-
-void
-ldns_rr_list_sort_nsec3(ldns_rr_list *unsorted)
-{
- qsort(unsorted->_rrs,
- ldns_rr_list_rr_count(unsorted),
- sizeof(ldns_rr *),
- qsort_rr_compare_nsec3);
-}
-
-int
-ldns_dnssec_default_add_to_signatures(ldns_rr *sig, void *n)
-{
- sig = sig;
- n = n;
- return LDNS_SIGNATURE_LEAVE_ADD_NEW;
-}
-
-int
-ldns_dnssec_default_leave_signatures(ldns_rr *sig, void *n)
-{
- sig = sig;
- n = n;
- return LDNS_SIGNATURE_LEAVE_NO_ADD;
-}
-
-int
-ldns_dnssec_default_delete_signatures(ldns_rr *sig, void *n)
-{
- sig = sig;
- n = n;
- return LDNS_SIGNATURE_REMOVE_NO_ADD;
-}
-
-int
-ldns_dnssec_default_replace_signatures(ldns_rr *sig, void *n)
-{
- sig = sig;
- n = n;
- return LDNS_SIGNATURE_REMOVE_ADD_NEW;
-}
-
-#ifdef HAVE_SSL
-ldns_rdf *
-ldns_convert_dsa_rrsig_asn12rdf(const ldns_buffer *sig,
- const long sig_len)
-{
- ldns_rdf *sigdata_rdf;
- DSA_SIG *dsasig;
- unsigned char *dsasig_data = (unsigned char*)ldns_buffer_begin(sig);
- size_t byte_offset;
-
- dsasig = d2i_DSA_SIG(NULL,
- (const unsigned char **)&dsasig_data,
- sig_len);
- if (!dsasig) {
- DSA_SIG_free(dsasig);
- return NULL;
- }
-
- dsasig_data = LDNS_XMALLOC(unsigned char, 41);
- if(!dsasig_data) {
- DSA_SIG_free(dsasig);
- return NULL;
- }
- dsasig_data[0] = 0;
- byte_offset = (size_t) (20 - BN_num_bytes(dsasig->r));
- if (byte_offset > 20) {
- DSA_SIG_free(dsasig);
- LDNS_FREE(dsasig_data);
- return NULL;
- }
- memset(&dsasig_data[1], 0, byte_offset);
- BN_bn2bin(dsasig->r, &dsasig_data[1 + byte_offset]);
- byte_offset = (size_t) (20 - BN_num_bytes(dsasig->s));
- if (byte_offset > 20) {
- DSA_SIG_free(dsasig);
- LDNS_FREE(dsasig_data);
- return NULL;
- }
- memset(&dsasig_data[21], 0, byte_offset);
- BN_bn2bin(dsasig->s, &dsasig_data[21 + byte_offset]);
-
- sigdata_rdf = ldns_rdf_new(LDNS_RDF_TYPE_B64, 41, dsasig_data);
- if(!sigdata_rdf) {
- LDNS_FREE(dsasig_data);
- }
- DSA_SIG_free(dsasig);
-
- return sigdata_rdf;
-}
-
-ldns_status
-ldns_convert_dsa_rrsig_rdf2asn1(ldns_buffer *target_buffer,
- const ldns_rdf *sig_rdf)
-{
- /* the EVP api wants the DER encoding of the signature... */
- BIGNUM *R, *S;
- DSA_SIG *dsasig;
- unsigned char *raw_sig = NULL;
- int raw_sig_len;
-
- if(ldns_rdf_size(sig_rdf) < 1 + 2*SHA_DIGEST_LENGTH)
- return LDNS_STATUS_SYNTAX_RDATA_ERR;
- /* extract the R and S field from the sig buffer */
- R = BN_new();
- if(!R) return LDNS_STATUS_MEM_ERR;
- (void) BN_bin2bn((unsigned char *) ldns_rdf_data(sig_rdf) + 1,
- SHA_DIGEST_LENGTH, R);
- S = BN_new();
- if(!S) {
- BN_free(R);
- return LDNS_STATUS_MEM_ERR;
- }
- (void) BN_bin2bn((unsigned char *) ldns_rdf_data(sig_rdf) + 21,
- SHA_DIGEST_LENGTH, S);
-
- dsasig = DSA_SIG_new();
- if (!dsasig) {
- BN_free(R);
- BN_free(S);
- return LDNS_STATUS_MEM_ERR;
- }
-
- dsasig->r = R;
- dsasig->s = S;
-
- raw_sig_len = i2d_DSA_SIG(dsasig, &raw_sig);
- if (raw_sig_len < 0) {
- DSA_SIG_free(dsasig);
- free(raw_sig);
- return LDNS_STATUS_SSL_ERR;
- }
- if (ldns_buffer_reserve(target_buffer, (size_t) raw_sig_len)) {
- ldns_buffer_write(target_buffer, raw_sig, (size_t)raw_sig_len);
- }
-
- DSA_SIG_free(dsasig);
- free(raw_sig);
-
- return ldns_buffer_status(target_buffer);
-}
-
-#ifdef USE_ECDSA
-#ifndef S_SPLINT_S
-ldns_rdf *
-ldns_convert_ecdsa_rrsig_asn12rdf(const ldns_buffer *sig, const long sig_len)
-{
- ECDSA_SIG* ecdsa_sig;
- unsigned char *data = (unsigned char*)ldns_buffer_begin(sig);
- ldns_rdf* rdf;
- ecdsa_sig = d2i_ECDSA_SIG(NULL, (const unsigned char **)&data, sig_len);
- if(!ecdsa_sig) return NULL;
-
- /* "r | s". */
- data = LDNS_XMALLOC(unsigned char,
- BN_num_bytes(ecdsa_sig->r) + BN_num_bytes(ecdsa_sig->s));
- if(!data) {
- ECDSA_SIG_free(ecdsa_sig);
- return NULL;
- }
- BN_bn2bin(ecdsa_sig->r, data);
- BN_bn2bin(ecdsa_sig->s, data+BN_num_bytes(ecdsa_sig->r));
- rdf = ldns_rdf_new(LDNS_RDF_TYPE_B64, (size_t)(
- BN_num_bytes(ecdsa_sig->r) + BN_num_bytes(ecdsa_sig->s)), data);
- ECDSA_SIG_free(ecdsa_sig);
- return rdf;
-}
-
-ldns_status
-ldns_convert_ecdsa_rrsig_rdf2asn1(ldns_buffer *target_buffer,
- const ldns_rdf *sig_rdf)
-{
- ECDSA_SIG* sig;
- int raw_sig_len;
- long bnsize = (long)ldns_rdf_size(sig_rdf) / 2;
- /* if too short, or not even length, do not bother */
- if(bnsize < 16 || (size_t)bnsize*2 != ldns_rdf_size(sig_rdf))
- return LDNS_STATUS_ERR;
-
- /* use the raw data to parse two evenly long BIGNUMs, "r | s". */
- sig = ECDSA_SIG_new();
- if(!sig) return LDNS_STATUS_MEM_ERR;
- sig->r = BN_bin2bn((const unsigned char*)ldns_rdf_data(sig_rdf),
- bnsize, sig->r);
- sig->s = BN_bin2bn((const unsigned char*)ldns_rdf_data(sig_rdf)+bnsize,
- bnsize, sig->s);
- if(!sig->r || !sig->s) {
- ECDSA_SIG_free(sig);
- return LDNS_STATUS_MEM_ERR;
- }
-
- raw_sig_len = i2d_ECDSA_SIG(sig, NULL);
- if (ldns_buffer_reserve(target_buffer, (size_t) raw_sig_len)) {
- unsigned char* pp = (unsigned char*)
- ldns_buffer_current(target_buffer);
- raw_sig_len = i2d_ECDSA_SIG(sig, &pp);
- ldns_buffer_skip(target_buffer, (ssize_t) raw_sig_len);
- }
- ECDSA_SIG_free(sig);
-
- return ldns_buffer_status(target_buffer);
-}
-
-#endif /* S_SPLINT_S */
-#endif /* USE_ECDSA */
-#endif /* HAVE_SSL */
+++ /dev/null
-#include <ldns/config.h>
-
-#include <ldns/ldns.h>
-
-#include <ldns/dnssec.h>
-#include <ldns/dnssec_sign.h>
-
-#ifdef _MSC_VER
-#include <string.h>
-#else
-#include <strings.h>
-#endif
-#include <time.h>
-
-#ifdef HAVE_SSL
-/* this entire file is rather useless when you don't have
- * crypto...
- */
-#include <openssl/ssl.h>
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#include <openssl/err.h>
-#include <openssl/md5.h>
-#endif /* HAVE_SSL */
-
-ldns_rr *
-ldns_create_empty_rrsig(ldns_rr_list *rrset,
- ldns_key *current_key)
-{
- uint32_t orig_ttl;
- ldns_rr_class orig_class;
- time_t now;
- ldns_rr *current_sig;
- uint8_t label_count;
-
- label_count = ldns_dname_label_count(ldns_rr_owner(ldns_rr_list_rr(rrset,
- 0)));
- /* RFC4035 2.2: not counting the leftmost label if it is a wildcard */
- if(ldns_dname_is_wildcard(ldns_rr_owner(ldns_rr_list_rr(rrset, 0))))
- label_count --;
-
- current_sig = ldns_rr_new_frm_type(LDNS_RR_TYPE_RRSIG);
-
- /* set the type on the new signature */
- orig_ttl = ldns_rr_ttl(ldns_rr_list_rr(rrset, 0));
- orig_class = ldns_rr_get_class(ldns_rr_list_rr(rrset, 0));
-
- ldns_rr_set_ttl(current_sig, orig_ttl);
- ldns_rr_set_class(current_sig, orig_class);
- ldns_rr_set_owner(current_sig,
- ldns_rdf_clone(
- ldns_rr_owner(
- ldns_rr_list_rr(rrset,
- 0))));
-
- /* fill in what we know of the signature */
-
- /* set the orig_ttl */
- (void)ldns_rr_rrsig_set_origttl(
- current_sig,
- ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32,
- orig_ttl));
- /* the signers name */
- (void)ldns_rr_rrsig_set_signame(
- current_sig,
- ldns_rdf_clone(ldns_key_pubkey_owner(current_key)));
- /* label count - get it from the first rr in the rr_list */
- (void)ldns_rr_rrsig_set_labels(
- current_sig,
- ldns_native2rdf_int8(LDNS_RDF_TYPE_INT8,
- label_count));
- /* inception, expiration */
- now = time(NULL);
- if (ldns_key_inception(current_key) != 0) {
- (void)ldns_rr_rrsig_set_inception(
- current_sig,
- ldns_native2rdf_int32(
- LDNS_RDF_TYPE_TIME,
- ldns_key_inception(current_key)));
- } else {
- (void)ldns_rr_rrsig_set_inception(
- current_sig,
- ldns_native2rdf_int32(LDNS_RDF_TYPE_TIME, now));
- }
- if (ldns_key_expiration(current_key) != 0) {
- (void)ldns_rr_rrsig_set_expiration(
- current_sig,
- ldns_native2rdf_int32(
- LDNS_RDF_TYPE_TIME,
- ldns_key_expiration(current_key)));
- } else {
- (void)ldns_rr_rrsig_set_expiration(
- current_sig,
- ldns_native2rdf_int32(
- LDNS_RDF_TYPE_TIME,
- now + LDNS_DEFAULT_EXP_TIME));
- }
-
- (void)ldns_rr_rrsig_set_keytag(
- current_sig,
- ldns_native2rdf_int16(LDNS_RDF_TYPE_INT16,
- ldns_key_keytag(current_key)));
-
- (void)ldns_rr_rrsig_set_algorithm(
- current_sig,
- ldns_native2rdf_int8(
- LDNS_RDF_TYPE_ALG,
- ldns_key_algorithm(current_key)));
-
- (void)ldns_rr_rrsig_set_typecovered(
- current_sig,
- ldns_native2rdf_int16(
- LDNS_RDF_TYPE_TYPE,
- ldns_rr_get_type(ldns_rr_list_rr(rrset,
- 0))));
- return current_sig;
-}
-
-#ifdef HAVE_SSL
-ldns_rdf *
-ldns_sign_public_buffer(ldns_buffer *sign_buf, ldns_key *current_key)
-{
- ldns_rdf *b64rdf = NULL;
-
- switch(ldns_key_algorithm(current_key)) {
- case LDNS_SIGN_DSA:
- case LDNS_SIGN_DSA_NSEC3:
- b64rdf = ldns_sign_public_evp(
- sign_buf,
- ldns_key_evp_key(current_key),
- EVP_dss1());
- break;
- case LDNS_SIGN_RSASHA1:
- case LDNS_SIGN_RSASHA1_NSEC3:
- b64rdf = ldns_sign_public_evp(
- sign_buf,
- ldns_key_evp_key(current_key),
- EVP_sha1());
- break;
-#ifdef USE_SHA2
- case LDNS_SIGN_RSASHA256:
- b64rdf = ldns_sign_public_evp(
- sign_buf,
- ldns_key_evp_key(current_key),
- EVP_sha256());
- break;
- case LDNS_SIGN_RSASHA512:
- b64rdf = ldns_sign_public_evp(
- sign_buf,
- ldns_key_evp_key(current_key),
- EVP_sha512());
- break;
-#endif /* USE_SHA2 */
-#ifdef USE_GOST
- case LDNS_SIGN_ECC_GOST:
- b64rdf = ldns_sign_public_evp(
- sign_buf,
- ldns_key_evp_key(current_key),
- EVP_get_digestbyname("md_gost94"));
- break;
-#endif /* USE_GOST */
-#ifdef USE_ECDSA
- case LDNS_SIGN_ECDSAP256SHA256:
- b64rdf = ldns_sign_public_evp(
- sign_buf,
- ldns_key_evp_key(current_key),
- EVP_sha256());
- break;
- case LDNS_SIGN_ECDSAP384SHA384:
- b64rdf = ldns_sign_public_evp(
- sign_buf,
- ldns_key_evp_key(current_key),
- EVP_sha384());
- break;
-#endif
- case LDNS_SIGN_RSAMD5:
- b64rdf = ldns_sign_public_evp(
- sign_buf,
- ldns_key_evp_key(current_key),
- EVP_md5());
- break;
- default:
- /* do _you_ know this alg? */
- printf("unknown algorithm, ");
- printf("is the one used available on this system?\n");
- break;
- }
-
- return b64rdf;
-}
-
-/**
- * use this function to sign with a public/private key alg
- * return the created signatures
- */
-ldns_rr_list *
-ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys)
-{
- ldns_rr_list *signatures;
- ldns_rr_list *rrset_clone;
- ldns_rr *current_sig;
- ldns_rdf *b64rdf;
- ldns_key *current_key;
- size_t key_count;
- uint16_t i;
- ldns_buffer *sign_buf;
- ldns_rdf *new_owner;
-
- if (!rrset || ldns_rr_list_rr_count(rrset) < 1 || !keys) {
- return NULL;
- }
-
- new_owner = NULL;
-
- signatures = ldns_rr_list_new();
-
- /* prepare a signature and add all the know data
- * prepare the rrset. Sign this together. */
- rrset_clone = ldns_rr_list_clone(rrset);
- if (!rrset_clone) {
- return NULL;
- }
-
- /* make it canonical */
- for(i = 0; i < ldns_rr_list_rr_count(rrset_clone); i++) {
- ldns_rr_set_ttl(ldns_rr_list_rr(rrset_clone, i),
- ldns_rr_ttl(ldns_rr_list_rr(rrset, 0)));
- ldns_rr2canonical(ldns_rr_list_rr(rrset_clone, i));
- }
- /* sort */
- ldns_rr_list_sort(rrset_clone);
-
- for (key_count = 0;
- key_count < ldns_key_list_key_count(keys);
- key_count++) {
- if (!ldns_key_use(ldns_key_list_key(keys, key_count))) {
- continue;
- }
- sign_buf = ldns_buffer_new(LDNS_MAX_PACKETLEN);
- if (!sign_buf) {
- ldns_rr_list_free(rrset_clone);
- ldns_rr_list_free(signatures);
- ldns_rdf_free(new_owner);
- return NULL;
- }
- b64rdf = NULL;
-
- current_key = ldns_key_list_key(keys, key_count);
- /* sign all RRs with keys that have ZSKbit, !SEPbit.
- sign DNSKEY RRs with keys that have ZSKbit&SEPbit */
- if (ldns_key_flags(current_key) & LDNS_KEY_ZONE_KEY) {
- current_sig = ldns_create_empty_rrsig(rrset_clone,
- current_key);
-
- /* right now, we have: a key, a semi-sig and an rrset. For
- * which we can create the sig and base64 encode that and
- * add that to the signature */
-
- if (ldns_rrsig2buffer_wire(sign_buf, current_sig)
- != LDNS_STATUS_OK) {
- ldns_buffer_free(sign_buf);
- /* ERROR */
- ldns_rr_list_deep_free(rrset_clone);
- return NULL;
- }
-
- /* add the rrset in sign_buf */
- if (ldns_rr_list2buffer_wire(sign_buf, rrset_clone)
- != LDNS_STATUS_OK) {
- ldns_buffer_free(sign_buf);
- ldns_rr_list_deep_free(rrset_clone);
- return NULL;
- }
-
- b64rdf = ldns_sign_public_buffer(sign_buf, current_key);
-
- if (!b64rdf) {
- /* signing went wrong */
- ldns_rr_list_deep_free(rrset_clone);
- return NULL;
- }
-
- ldns_rr_rrsig_set_sig(current_sig, b64rdf);
-
- /* push the signature to the signatures list */
- ldns_rr_list_push_rr(signatures, current_sig);
- }
- ldns_buffer_free(sign_buf); /* restart for the next key */
- }
- ldns_rr_list_deep_free(rrset_clone);
-
- return signatures;
-}
-
-/**
- * Sign data with DSA
- *
- * \param[in] to_sign The ldns_buffer containing raw data that is
- * to be signed
- * \param[in] key The DSA key structure to sign with
- * \return ldns_rdf for the RRSIG ldns_rr
- */
-ldns_rdf *
-ldns_sign_public_dsa(ldns_buffer *to_sign, DSA *key)
-{
- unsigned char *sha1_hash;
- ldns_rdf *sigdata_rdf;
- ldns_buffer *b64sig;
-
- DSA_SIG *sig;
- uint8_t *data;
- size_t pad;
-
- b64sig = ldns_buffer_new(LDNS_MAX_PACKETLEN);
- if (!b64sig) {
- return NULL;
- }
-
- sha1_hash = SHA1((unsigned char*)ldns_buffer_begin(to_sign),
- ldns_buffer_position(to_sign), NULL);
- if (!sha1_hash) {
- ldns_buffer_free(b64sig);
- return NULL;
- }
-
- sig = DSA_do_sign(sha1_hash, SHA_DIGEST_LENGTH, key);
- if(!sig) {
- ldns_buffer_free(b64sig);
- return NULL;
- }
-
- data = LDNS_XMALLOC(uint8_t, 1 + 2 * SHA_DIGEST_LENGTH);
- if(!data) {
- ldns_buffer_free(b64sig);
- DSA_SIG_free(sig);
- return NULL;
- }
-
- data[0] = 1;
- pad = 20 - (size_t) BN_num_bytes(sig->r);
- if (pad > 0) {
- memset(data + 1, 0, pad);
- }
- BN_bn2bin(sig->r, (unsigned char *) (data + 1) + pad);
-
- pad = 20 - (size_t) BN_num_bytes(sig->s);
- if (pad > 0) {
- memset(data + 1 + SHA_DIGEST_LENGTH, 0, pad);
- }
- BN_bn2bin(sig->s, (unsigned char *) (data + 1 + SHA_DIGEST_LENGTH + pad));
-
- sigdata_rdf = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64,
- 1 + 2 * SHA_DIGEST_LENGTH,
- data);
-
- ldns_buffer_free(b64sig);
- LDNS_FREE(data);
- DSA_SIG_free(sig);
-
- return sigdata_rdf;
-}
-
-#ifdef USE_ECDSA
-#ifndef S_SPLINT_S
-static int
-ldns_pkey_is_ecdsa(EVP_PKEY* pkey)
-{
- EC_KEY* ec;
- const EC_GROUP* g;
- if(EVP_PKEY_type(pkey->type) != EVP_PKEY_EC)
- return 0;
- ec = EVP_PKEY_get1_EC_KEY(pkey);
- g = EC_KEY_get0_group(ec);
- if(!g) {
- EC_KEY_free(ec);
- return 0;
- }
- if(EC_GROUP_get_curve_name(g) == NID_secp224r1 ||
- EC_GROUP_get_curve_name(g) == NID_X9_62_prime256v1 ||
- EC_GROUP_get_curve_name(g) == NID_secp384r1) {
- EC_KEY_free(ec);
- return 1;
- }
- /* downref the eckey, the original is still inside the pkey */
- EC_KEY_free(ec);
- return 0;
-}
-#endif /* splint */
-#endif /* USE_ECDSA */
-
-ldns_rdf *
-ldns_sign_public_evp(ldns_buffer *to_sign,
- EVP_PKEY *key,
- const EVP_MD *digest_type)
-{
- unsigned int siglen;
- ldns_rdf *sigdata_rdf;
- ldns_buffer *b64sig;
- EVP_MD_CTX ctx;
- const EVP_MD *md_type;
- int r;
-
- siglen = 0;
- b64sig = ldns_buffer_new(LDNS_MAX_PACKETLEN);
- if (!b64sig) {
- return NULL;
- }
-
- /* initializes a signing context */
- md_type = digest_type;
- if(!md_type) {
- /* unknown message difest */
- ldns_buffer_free(b64sig);
- return NULL;
- }
-
- EVP_MD_CTX_init(&ctx);
- r = EVP_SignInit(&ctx, md_type);
- if(r == 1) {
- r = EVP_SignUpdate(&ctx, (unsigned char*)
- ldns_buffer_begin(to_sign),
- ldns_buffer_position(to_sign));
- } else {
- ldns_buffer_free(b64sig);
- return NULL;
- }
- if(r == 1) {
- r = EVP_SignFinal(&ctx, (unsigned char*)
- ldns_buffer_begin(b64sig), &siglen, key);
- } else {
- ldns_buffer_free(b64sig);
- return NULL;
- }
- if(r != 1) {
- ldns_buffer_free(b64sig);
- return NULL;
- }
-
- /* unfortunately, OpenSSL output is differenct from DNS DSA format */
-#ifndef S_SPLINT_S
- if (EVP_PKEY_type(key->type) == EVP_PKEY_DSA) {
- sigdata_rdf = ldns_convert_dsa_rrsig_asn12rdf(b64sig, siglen);
-#ifdef USE_ECDSA
- } else if(EVP_PKEY_type(key->type) == EVP_PKEY_EC &&
- ldns_pkey_is_ecdsa(key)) {
- sigdata_rdf = ldns_convert_ecdsa_rrsig_asn12rdf(b64sig, siglen);
-#endif
- } else {
- /* ok output for other types is the same */
- sigdata_rdf = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, siglen,
- ldns_buffer_begin(b64sig));
- }
-#endif /* splint */
- ldns_buffer_free(b64sig);
- EVP_MD_CTX_cleanup(&ctx);
- return sigdata_rdf;
-}
-
-ldns_rdf *
-ldns_sign_public_rsasha1(ldns_buffer *to_sign, RSA *key)
-{
- unsigned char *sha1_hash;
- unsigned int siglen;
- ldns_rdf *sigdata_rdf;
- ldns_buffer *b64sig;
- int result;
-
- siglen = 0;
- b64sig = ldns_buffer_new(LDNS_MAX_PACKETLEN);
- if (!b64sig) {
- return NULL;
- }
-
- sha1_hash = SHA1((unsigned char*)ldns_buffer_begin(to_sign),
- ldns_buffer_position(to_sign), NULL);
- if (!sha1_hash) {
- ldns_buffer_free(b64sig);
- return NULL;
- }
-
- result = RSA_sign(NID_sha1, sha1_hash, SHA_DIGEST_LENGTH,
- (unsigned char*)ldns_buffer_begin(b64sig),
- &siglen, key);
- if (result != 1) {
- return NULL;
- }
-
- if (result != 1) {
- return NULL;
- }
-
- sigdata_rdf = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, siglen,
- ldns_buffer_begin(b64sig));
- ldns_buffer_free(b64sig); /* can't free this buffer ?? */
- return sigdata_rdf;
-}
-
-ldns_rdf *
-ldns_sign_public_rsamd5(ldns_buffer *to_sign, RSA *key)
-{
- unsigned char *md5_hash;
- unsigned int siglen;
- ldns_rdf *sigdata_rdf;
- ldns_buffer *b64sig;
-
- b64sig = ldns_buffer_new(LDNS_MAX_PACKETLEN);
- if (!b64sig) {
- return NULL;
- }
-
- md5_hash = MD5((unsigned char*)ldns_buffer_begin(to_sign),
- ldns_buffer_position(to_sign), NULL);
- if (!md5_hash) {
- ldns_buffer_free(b64sig);
- return NULL;
- }
-
- RSA_sign(NID_md5, md5_hash, MD5_DIGEST_LENGTH,
- (unsigned char*)ldns_buffer_begin(b64sig),
- &siglen, key);
-
- sigdata_rdf = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, siglen,
- ldns_buffer_begin(b64sig));
- ldns_buffer_free(b64sig);
- return sigdata_rdf;
-}
-#endif /* HAVE_SSL */
-
-static int
-ldns_dnssec_name_has_only_a(ldns_dnssec_name *cur_name)
-{
- ldns_dnssec_rrsets *cur_rrset;
- cur_rrset = cur_name->rrsets;
- while (cur_rrset) {
- if (cur_rrset->type != LDNS_RR_TYPE_A &&
- cur_rrset->type != LDNS_RR_TYPE_AAAA) {
- return 0;
- } else {
- cur_rrset = cur_rrset->next;
- }
- }
- return 1;
-}
-
-ldns_status
-ldns_dnssec_zone_mark_glue(ldns_dnssec_zone *zone)
-{
- ldns_rbnode_t *cur_node;
- ldns_dnssec_name *cur_name;
- ldns_rdf *cur_owner, *cur_parent;
-
- cur_node = ldns_rbtree_first(zone->names);
- while (cur_node != LDNS_RBTREE_NULL) {
- cur_name = (ldns_dnssec_name *) cur_node->data;
- cur_node = ldns_rbtree_next(cur_node);
- if (ldns_dnssec_name_has_only_a(cur_name)) {
- /* assume glue XXX check for zone cur */
- cur_owner = ldns_rdf_clone(ldns_rr_owner(
- cur_name->rrsets->rrs->rr));
- while (ldns_dname_label_count(cur_owner) >
- ldns_dname_label_count(zone->soa->name)) {
- if (ldns_dnssec_zone_find_rrset(zone,
- cur_owner,
- LDNS_RR_TYPE_NS)) {
- /*
- fprintf(stderr, "[XX] Marking as glue: ");
- ldns_rdf_print(stderr, cur_name->name);
- fprintf(stderr, "\n");
- */
- cur_name->is_glue = true;
- }
- cur_parent = ldns_dname_left_chop(cur_owner);
- ldns_rdf_deep_free(cur_owner);
- cur_owner = cur_parent;
- }
- ldns_rdf_deep_free(cur_owner);
- }
- }
- return LDNS_STATUS_OK;
-}
-
-ldns_rbnode_t *
-ldns_dnssec_name_node_next_nonglue(ldns_rbnode_t *node)
-{
- ldns_rbnode_t *next_node = NULL;
- ldns_dnssec_name *next_name = NULL;
- bool done = false;
-
- if (node == LDNS_RBTREE_NULL) {
- return NULL;
- }
- next_node = node;
- while (!done) {
- if (next_node == LDNS_RBTREE_NULL) {
- return NULL;
- } else {
- next_name = (ldns_dnssec_name *)next_node->data;
- if (!next_name->is_glue) {
- done = true;
- } else {
- next_node = ldns_rbtree_next(next_node);
- }
- }
- }
- return next_node;
-}
-
-ldns_status
-ldns_dnssec_zone_create_nsecs(ldns_dnssec_zone *zone,
- ldns_rr_list *new_rrs)
-{
-
- ldns_rbnode_t *first_node, *cur_node, *next_node;
- ldns_dnssec_name *cur_name, *next_name;
- ldns_rr *nsec_rr;
- uint32_t nsec_ttl;
- ldns_dnssec_rrsets *soa;
-
- /* the TTL of NSEC rrs should be set to the minimum TTL of
- * the zone SOA (RFC4035 Section 2.3)
- */
- soa = ldns_dnssec_name_find_rrset(zone->soa, LDNS_RR_TYPE_SOA);
-
- /* did the caller actually set it? if not,
- * fall back to default ttl
- */
- if (soa && soa->rrs && soa->rrs->rr) {
- nsec_ttl = ldns_rdf2native_int32(ldns_rr_rdf(
- soa->rrs->rr, 6));
- } else {
- nsec_ttl = LDNS_DEFAULT_TTL;
- }
-
- first_node = ldns_dnssec_name_node_next_nonglue(
- ldns_rbtree_first(zone->names));
- cur_node = first_node;
- if (cur_node) {
- next_node = ldns_dnssec_name_node_next_nonglue(
- ldns_rbtree_next(cur_node));
- } else {
- next_node = NULL;
- }
-
- while (cur_node && next_node) {
- cur_name = (ldns_dnssec_name *)cur_node->data;
- next_name = (ldns_dnssec_name *)next_node->data;
- nsec_rr = ldns_dnssec_create_nsec(cur_name,
- next_name,
- LDNS_RR_TYPE_NSEC);
- ldns_rr_set_ttl(nsec_rr, nsec_ttl);
- if(ldns_dnssec_name_add_rr(cur_name, nsec_rr)!=LDNS_STATUS_OK){
- ldns_rr_free(nsec_rr);
- return LDNS_STATUS_ERR;
- }
- ldns_rr_list_push_rr(new_rrs, nsec_rr);
- cur_node = next_node;
- if (cur_node) {
- next_node = ldns_dnssec_name_node_next_nonglue(
- ldns_rbtree_next(cur_node));
- }
- }
-
- if (cur_node && !next_node) {
- cur_name = (ldns_dnssec_name *)cur_node->data;
- next_name = (ldns_dnssec_name *)first_node->data;
- nsec_rr = ldns_dnssec_create_nsec(cur_name,
- next_name,
- LDNS_RR_TYPE_NSEC);
- ldns_rr_set_ttl(nsec_rr, nsec_ttl);
- if(ldns_dnssec_name_add_rr(cur_name, nsec_rr)!=LDNS_STATUS_OK){
- ldns_rr_free(nsec_rr);
- return LDNS_STATUS_ERR;
- }
- ldns_rr_list_push_rr(new_rrs, nsec_rr);
- } else {
- printf("error\n");
- }
-
- return LDNS_STATUS_OK;
-}
-
-#ifdef HAVE_SSL
-ldns_status
-ldns_dnssec_zone_create_nsec3s(ldns_dnssec_zone *zone,
- ldns_rr_list *new_rrs,
- uint8_t algorithm,
- uint8_t flags,
- uint16_t iterations,
- uint8_t salt_length,
- uint8_t *salt)
-{
- ldns_rbnode_t *first_name_node;
- ldns_rbnode_t *current_name_node;
- ldns_dnssec_name *current_name;
- ldns_status result = LDNS_STATUS_OK;
- ldns_rr *nsec_rr;
- ldns_rr_list *nsec3_list;
- uint32_t nsec_ttl;
- ldns_dnssec_rrsets *soa;
-
- if (!zone || !new_rrs || !zone->names) {
- return LDNS_STATUS_ERR;
- }
-
- /* the TTL of NSEC rrs should be set to the minimum TTL of
- * the zone SOA (RFC4035 Section 2.3)
- */
- soa = ldns_dnssec_name_find_rrset(zone->soa, LDNS_RR_TYPE_SOA);
-
- /* did the caller actually set it? if not,
- * fall back to default ttl
- */
- if (soa && soa->rrs && soa->rrs->rr) {
- nsec_ttl = ldns_rdf2native_int32(ldns_rr_rdf(
- soa->rrs->rr, 6));
- } else {
- nsec_ttl = LDNS_DEFAULT_TTL;
- }
-
- nsec3_list = ldns_rr_list_new();
-
- first_name_node = ldns_dnssec_name_node_next_nonglue(
- ldns_rbtree_first(zone->names));
-
- current_name_node = first_name_node;
-
- while (current_name_node &&
- current_name_node != LDNS_RBTREE_NULL) {
- current_name = (ldns_dnssec_name *) current_name_node->data;
- nsec_rr = ldns_dnssec_create_nsec3(current_name,
- NULL,
- zone->soa->name,
- algorithm,
- flags,
- iterations,
- salt_length,
- salt);
- /* by default, our nsec based generator adds rrsigs
- * remove the bitmap for empty nonterminals */
- if (!current_name->rrsets) {
- ldns_rdf_deep_free(ldns_rr_pop_rdf(nsec_rr));
- }
- ldns_rr_set_ttl(nsec_rr, nsec_ttl);
- result = ldns_dnssec_name_add_rr(current_name, nsec_rr);
- ldns_rr_list_push_rr(new_rrs, nsec_rr);
- ldns_rr_list_push_rr(nsec3_list, nsec_rr);
- current_name_node = ldns_dnssec_name_node_next_nonglue(
- ldns_rbtree_next(current_name_node));
- }
- if (result != LDNS_STATUS_OK) {
- return result;
- }
-
- ldns_rr_list_sort_nsec3(nsec3_list);
- result = ldns_dnssec_chain_nsec3_list(nsec3_list);
- if (result != LDNS_STATUS_OK) {
- return result;
- }
-
- ldns_rr_list_free(nsec3_list);
- return result;
-}
-#endif /* HAVE_SSL */
-
-ldns_dnssec_rrs *
-ldns_dnssec_remove_signatures(ldns_dnssec_rrs *signatures,
- ldns_key_list *key_list,
- int (*func)(ldns_rr *, void *),
- void *arg)
-{
- ldns_dnssec_rrs *base_rrs = signatures;
- ldns_dnssec_rrs *cur_rr = base_rrs;
- ldns_dnssec_rrs *prev_rr = NULL;
- ldns_dnssec_rrs *next_rr;
-
- uint16_t keytag;
- size_t i;
-
- key_list = key_list;
-
- if (!cur_rr) {
- switch(func(NULL, arg)) {
- case LDNS_SIGNATURE_LEAVE_ADD_NEW:
- case LDNS_SIGNATURE_REMOVE_ADD_NEW:
- break;
- case LDNS_SIGNATURE_LEAVE_NO_ADD:
- case LDNS_SIGNATURE_REMOVE_NO_ADD:
- ldns_key_list_set_use(key_list, false);
- break;
- default:
- fprintf(stderr, "[XX] unknown return value from callback\n");
- break;
- }
- return NULL;
- }
- (void)func(cur_rr->rr, arg);
-
- while (cur_rr) {
- next_rr = cur_rr->next;
-
- switch (func(cur_rr->rr, arg)) {
- case LDNS_SIGNATURE_LEAVE_ADD_NEW:
- prev_rr = cur_rr;
- break;
- case LDNS_SIGNATURE_LEAVE_NO_ADD:
- keytag = ldns_rdf2native_int16(
- ldns_rr_rrsig_keytag(cur_rr->rr));
- for (i = 0; i < ldns_key_list_key_count(key_list); i++) {
- if (ldns_key_keytag(ldns_key_list_key(key_list, i)) ==
- keytag) {
- ldns_key_set_use(ldns_key_list_key(key_list, i),
- false);
- }
- }
- prev_rr = cur_rr;
- break;
- case LDNS_SIGNATURE_REMOVE_NO_ADD:
- keytag = ldns_rdf2native_int16(
- ldns_rr_rrsig_keytag(cur_rr->rr));
- for (i = 0; i < ldns_key_list_key_count(key_list); i++) {
- if (ldns_key_keytag(ldns_key_list_key(key_list, i))
- == keytag) {
- ldns_key_set_use(ldns_key_list_key(key_list, i),
- false);
- }
- }
- if (prev_rr) {
- prev_rr->next = next_rr;
- } else {
- base_rrs = next_rr;
- }
- LDNS_FREE(cur_rr);
- break;
- case LDNS_SIGNATURE_REMOVE_ADD_NEW:
- if (prev_rr) {
- prev_rr->next = next_rr;
- } else {
- base_rrs = next_rr;
- }
- LDNS_FREE(cur_rr);
- break;
- default:
- fprintf(stderr, "[XX] unknown return value from callback\n");
- break;
- }
- cur_rr = next_rr;
- }
-
- return base_rrs;
-}
-
-#ifdef HAVE_SSL
-ldns_status
-ldns_dnssec_zone_create_rrsigs(ldns_dnssec_zone *zone,
- ldns_rr_list *new_rrs,
- ldns_key_list *key_list,
- int (*func)(ldns_rr *, void*),
- void *arg)
-{
- return ldns_dnssec_zone_create_rrsigs_flg(zone, new_rrs, key_list,
- func, arg, 0);
-}
-
-/** If there are KSKs use only them and mark ZSKs unused */
-static void
-ldns_key_list_filter_for_dnskey(ldns_key_list *key_list)
-{
- int saw_ksk = 0;
- size_t i;
- for(i=0; i<ldns_key_list_key_count(key_list); i++)
- if((ldns_key_flags(ldns_key_list_key(key_list, i))&LDNS_KEY_SEP_KEY)) {
- saw_ksk = 1;
- break;
- }
- if(!saw_ksk)
- return;
- for(i=0; i<ldns_key_list_key_count(key_list); i++)
- if(!(ldns_key_flags(ldns_key_list_key(key_list, i))&LDNS_KEY_SEP_KEY))
- ldns_key_set_use(ldns_key_list_key(key_list, i), 0);
-}
-
-/** If there are no ZSKs use KSK as ZSK */
-static void
-ldns_key_list_filter_for_non_dnskey(ldns_key_list *key_list)
-{
- int saw_zsk = 0;
- size_t i;
- for(i=0; i<ldns_key_list_key_count(key_list); i++)
- if(!(ldns_key_flags(ldns_key_list_key(key_list, i))&LDNS_KEY_SEP_KEY)) {
- saw_zsk = 1;
- break;
- }
- if(!saw_zsk)
- return;
- /* else filter all KSKs */
- for(i=0; i<ldns_key_list_key_count(key_list); i++)
- if((ldns_key_flags(ldns_key_list_key(key_list, i))&LDNS_KEY_SEP_KEY))
- ldns_key_set_use(ldns_key_list_key(key_list, i), 0);
-}
-
-ldns_status
-ldns_dnssec_zone_create_rrsigs_flg(ldns_dnssec_zone *zone,
- ldns_rr_list *new_rrs,
- ldns_key_list *key_list,
- int (*func)(ldns_rr *, void*),
- void *arg,
- int flags)
-{
- ldns_status result = LDNS_STATUS_OK;
-
- ldns_rbnode_t *cur_node;
- ldns_rr_list *rr_list;
-
- ldns_dnssec_name *cur_name;
- ldns_dnssec_rrsets *cur_rrset;
- ldns_dnssec_rrs *cur_rr;
-
- ldns_rr_list *siglist;
-
- size_t i;
-
- ldns_rr_list *pubkey_list = ldns_rr_list_new();
- zone = zone;
- new_rrs = new_rrs;
- key_list = key_list;
- for (i = 0; i<ldns_key_list_key_count(key_list); i++) {
- ldns_rr_list_push_rr(pubkey_list,
- ldns_key2rr(ldns_key_list_key(key_list, i)));
- }
- /* TODO: callback to see is list should be signed */
- /* TODO: remove 'old' signatures from signature list */
- cur_node = ldns_rbtree_first(zone->names);
- while (cur_node != LDNS_RBTREE_NULL) {
- cur_name = (ldns_dnssec_name *) cur_node->data;
-
- if (!cur_name->is_glue) {
- cur_rrset = cur_name->rrsets;
- while (cur_rrset) {
- /* reset keys to use */
- ldns_key_list_set_use(key_list, true);
-
- /* walk through old sigs, remove the old,
- and mark which keys (not) to use) */
- cur_rrset->signatures =
- ldns_dnssec_remove_signatures(cur_rrset->signatures,
- key_list,
- func,
- arg);
- if(!(flags&LDNS_SIGN_DNSKEY_WITH_ZSK) &&
- cur_rrset->type == LDNS_RR_TYPE_DNSKEY)
- ldns_key_list_filter_for_dnskey(key_list);
-
- if(cur_rrset->type != LDNS_RR_TYPE_DNSKEY)
- ldns_key_list_filter_for_non_dnskey(key_list);
-
- /* TODO: just set count to zero? */
- rr_list = ldns_rr_list_new();
-
- cur_rr = cur_rrset->rrs;
- while (cur_rr) {
- ldns_rr_list_push_rr(rr_list, cur_rr->rr);
- cur_rr = cur_rr->next;
- }
-
- /* only sign non-delegation RRsets */
- /* (glue should have been marked earlier) */
- if ((ldns_rr_list_type(rr_list) != LDNS_RR_TYPE_NS ||
- ldns_dname_compare(ldns_rr_list_owner(rr_list),
- zone->soa->name) == 0) &&
- /* OK, there is also the possibility that the record
- * is glue, but at the same owner name as other records that
- * are not NS nor A/AAAA. Bleh, our current data structure
- * doesn't really support that... */
- !((ldns_rr_list_type(rr_list) == LDNS_RR_TYPE_A ||
- ldns_rr_list_type(rr_list) == LDNS_RR_TYPE_AAAA) &&
- !ldns_dname_compare(ldns_rr_list_owner(rr_list), zone->soa->name) == 0 &&
- ldns_dnssec_zone_find_rrset(zone, ldns_rr_list_owner(rr_list), LDNS_RR_TYPE_NS)
- )) {
-
- siglist = ldns_sign_public(rr_list, key_list);
- for (i = 0; i < ldns_rr_list_rr_count(siglist); i++) {
- if (cur_rrset->signatures) {
- result = ldns_dnssec_rrs_add_rr(cur_rrset->signatures,
- ldns_rr_list_rr(siglist,
- i));
- } else {
- cur_rrset->signatures = ldns_dnssec_rrs_new();
- cur_rrset->signatures->rr =
- ldns_rr_list_rr(siglist, i);
- ldns_rr_list_push_rr(new_rrs,
- ldns_rr_list_rr(siglist,
- i));
- }
- }
- ldns_rr_list_free(siglist);
- }
-
- ldns_rr_list_free(rr_list);
-
- cur_rrset = cur_rrset->next;
- }
-
- /* sign the nsec */
- ldns_key_list_set_use(key_list, true);
- cur_name->nsec_signatures =
- ldns_dnssec_remove_signatures(cur_name->nsec_signatures,
- key_list,
- func,
- arg);
- ldns_key_list_filter_for_non_dnskey(key_list);
-
- rr_list = ldns_rr_list_new();
- ldns_rr_list_push_rr(rr_list, cur_name->nsec);
- siglist = ldns_sign_public(rr_list, key_list);
-
- for (i = 0; i < ldns_rr_list_rr_count(siglist); i++) {
- if (cur_name->nsec_signatures) {
- result = ldns_dnssec_rrs_add_rr(cur_name->nsec_signatures,
- ldns_rr_list_rr(siglist, i));
- } else {
- cur_name->nsec_signatures = ldns_dnssec_rrs_new();
- cur_name->nsec_signatures->rr =
- ldns_rr_list_rr(siglist, i);
- ldns_rr_list_push_rr(new_rrs,
- ldns_rr_list_rr(siglist, i));
- }
- }
-
- ldns_rr_list_free(siglist);
- ldns_rr_list_free(rr_list);
- }
- cur_node = ldns_rbtree_next(cur_node);
- }
-
- ldns_rr_list_deep_free(pubkey_list);
- return result;
-}
-
-ldns_status
-ldns_dnssec_zone_sign(ldns_dnssec_zone *zone,
- ldns_rr_list *new_rrs,
- ldns_key_list *key_list,
- int (*func)(ldns_rr *, void *),
- void *arg)
-{
- return ldns_dnssec_zone_sign_flg(zone, new_rrs, key_list, func, arg, 0);
-}
-
-ldns_status
-ldns_dnssec_zone_sign_flg(ldns_dnssec_zone *zone,
- ldns_rr_list *new_rrs,
- ldns_key_list *key_list,
- int (*func)(ldns_rr *, void *),
- void *arg,
- int flags)
-{
- ldns_status result = LDNS_STATUS_OK;
-
- if (!zone || !new_rrs || !key_list) {
- return LDNS_STATUS_ERR;
- }
-
- /* zone is already sorted */
- result = ldns_dnssec_zone_mark_glue(zone);
- if (result != LDNS_STATUS_OK) {
- return result;
- }
-
- /* check whether we need to add nsecs */
- if (zone->names && !((ldns_dnssec_name *)zone->names->root->data)->nsec) {
- result = ldns_dnssec_zone_create_nsecs(zone, new_rrs);
- if (result != LDNS_STATUS_OK) {
- return result;
- }
- }
-
- result = ldns_dnssec_zone_create_rrsigs_flg(zone,
- new_rrs,
- key_list,
- func,
- arg,
- flags);
-
- return result;
-}
-
-ldns_status
-ldns_dnssec_zone_sign_nsec3(ldns_dnssec_zone *zone,
- ldns_rr_list *new_rrs,
- ldns_key_list *key_list,
- int (*func)(ldns_rr *, void *),
- void *arg,
- uint8_t algorithm,
- uint8_t flags,
- uint16_t iterations,
- uint8_t salt_length,
- uint8_t *salt)
-{
- return ldns_dnssec_zone_sign_nsec3_flg(zone, new_rrs, key_list,
- func, arg, algorithm, flags, iterations, salt_length, salt, 0);
-}
-
-ldns_status
-ldns_dnssec_zone_sign_nsec3_flg(ldns_dnssec_zone *zone,
- ldns_rr_list *new_rrs,
- ldns_key_list *key_list,
- int (*func)(ldns_rr *, void *),
- void *arg,
- uint8_t algorithm,
- uint8_t flags,
- uint16_t iterations,
- uint8_t salt_length,
- uint8_t *salt,
- int signflags)
-{
- ldns_rr *nsec3, *nsec3params;
- ldns_status result = LDNS_STATUS_OK;
-
- /* zone is already sorted */
- result = ldns_dnssec_zone_mark_glue(zone);
- if (result != LDNS_STATUS_OK) {
- return result;
- }
-
- /* TODO if there are already nsec3s presents and their
- * parameters are the same as these, we don't have to recreate
- */
- if (zone->names) {
- /* add empty nonterminals */
- result = ldns_dnssec_zone_add_empty_nonterminals(zone);
- if (result != LDNS_STATUS_OK) {
- return result;
- }
-
- nsec3 = ((ldns_dnssec_name *)zone->names->root->data)->nsec;
- if (nsec3 && ldns_rr_get_type(nsec3) == LDNS_RR_TYPE_NSEC3) {
- /* no need to recreate */
- } else {
- if (!ldns_dnssec_zone_find_rrset(zone,
- zone->soa->name,
- LDNS_RR_TYPE_NSEC3PARAMS)) {
- /* create and add the nsec3params rr */
- nsec3params =
- ldns_rr_new_frm_type(LDNS_RR_TYPE_NSEC3PARAMS);
- ldns_rr_set_owner(nsec3params,
- ldns_rdf_clone(zone->soa->name));
- ldns_nsec3_add_param_rdfs(nsec3params,
- algorithm,
- flags,
- iterations,
- salt_length,
- salt);
- /* always set bit 7 of the flags to zero, according to
- * rfc5155 section 11 */
- ldns_set_bit(ldns_rdf_data(ldns_rr_rdf(nsec3params, 1)), 7, 0);
- result = ldns_dnssec_zone_add_rr(zone, nsec3params);
- if (result != LDNS_STATUS_OK) {
- return result;
- }
- ldns_rr_list_push_rr(new_rrs, nsec3params);
- }
- result = ldns_dnssec_zone_create_nsec3s(zone,
- new_rrs,
- algorithm,
- flags,
- iterations,
- salt_length,
- salt);
- if (result != LDNS_STATUS_OK) {
- return result;
- }
- }
-
- result = ldns_dnssec_zone_create_rrsigs_flg(zone,
- new_rrs,
- key_list,
- func,
- arg,
- signflags);
- }
-
- return result;
-}
-
-
-ldns_zone *
-ldns_zone_sign(const ldns_zone *zone, ldns_key_list *key_list)
-{
- ldns_dnssec_zone *dnssec_zone;
- ldns_zone *signed_zone;
- ldns_rr_list *new_rrs;
- size_t i;
-
- signed_zone = ldns_zone_new();
- dnssec_zone = ldns_dnssec_zone_new();
-
- (void) ldns_dnssec_zone_add_rr(dnssec_zone, ldns_zone_soa(zone));
- ldns_zone_set_soa(signed_zone, ldns_rr_clone(ldns_zone_soa(zone)));
-
- for (i = 0; i < ldns_rr_list_rr_count(ldns_zone_rrs(zone)); i++) {
- (void) ldns_dnssec_zone_add_rr(dnssec_zone,
- ldns_rr_list_rr(ldns_zone_rrs(zone),
- i));
- ldns_zone_push_rr(signed_zone,
- ldns_rr_clone(ldns_rr_list_rr(ldns_zone_rrs(zone),
- i)));
- }
-
- new_rrs = ldns_rr_list_new();
- (void) ldns_dnssec_zone_sign(dnssec_zone,
- new_rrs,
- key_list,
- ldns_dnssec_default_replace_signatures,
- NULL);
-
- for (i = 0; i < ldns_rr_list_rr_count(new_rrs); i++) {
- ldns_rr_list_push_rr(ldns_zone_rrs(signed_zone),
- ldns_rr_clone(ldns_rr_list_rr(new_rrs, i)));
- }
-
- ldns_rr_list_deep_free(new_rrs);
- ldns_dnssec_zone_free(dnssec_zone);
-
- return signed_zone;
-}
-
-ldns_zone *
-ldns_zone_sign_nsec3(ldns_zone *zone, ldns_key_list *key_list, uint8_t algorithm, uint8_t flags, uint16_t iterations, uint8_t salt_length, uint8_t *salt)
-{
- ldns_dnssec_zone *dnssec_zone;
- ldns_zone *signed_zone;
- ldns_rr_list *new_rrs;
- size_t i;
-
- signed_zone = ldns_zone_new();
- dnssec_zone = ldns_dnssec_zone_new();
-
- (void) ldns_dnssec_zone_add_rr(dnssec_zone, ldns_zone_soa(zone));
- ldns_zone_set_soa(signed_zone, ldns_rr_clone(ldns_zone_soa(zone)));
-
- for (i = 0; i < ldns_rr_list_rr_count(ldns_zone_rrs(zone)); i++) {
- (void) ldns_dnssec_zone_add_rr(dnssec_zone,
- ldns_rr_list_rr(ldns_zone_rrs(zone),
- i));
- ldns_zone_push_rr(signed_zone,
- ldns_rr_clone(ldns_rr_list_rr(ldns_zone_rrs(zone),
- i)));
- }
-
- new_rrs = ldns_rr_list_new();
- (void) ldns_dnssec_zone_sign_nsec3(dnssec_zone,
- new_rrs,
- key_list,
- ldns_dnssec_default_replace_signatures,
- NULL,
- algorithm,
- flags,
- iterations,
- salt_length,
- salt);
-
- for (i = 0; i < ldns_rr_list_rr_count(new_rrs); i++) {
- ldns_rr_list_push_rr(ldns_zone_rrs(signed_zone),
- ldns_rr_clone(ldns_rr_list_rr(new_rrs, i)));
- }
-
- ldns_rr_list_deep_free(new_rrs);
- ldns_dnssec_zone_free(dnssec_zone);
-
- return signed_zone;
-}
-#endif /* HAVE_SSL */
-
+++ /dev/null
-#include <ldns/config.h>
-
-#include <ldns/ldns.h>
-
-#ifdef _MSC_VER
-#include <string.h>
-#else
-#include <strings.h>
-#endif
-#include <time.h>
-
-#ifdef HAVE_SSL
-/* this entire file is rather useless when you don't have
- * crypto...
- */
-#include <openssl/ssl.h>
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-#include <openssl/err.h>
-#include <openssl/md5.h>
-
-ldns_dnssec_data_chain *
-ldns_dnssec_data_chain_new()
-{
- ldns_dnssec_data_chain *nc = LDNS_XMALLOC(ldns_dnssec_data_chain, 1);
- if(!nc) return NULL;
- nc->rrset = NULL;
- nc->parent_type = 0;
- nc->parent = NULL;
- nc->signatures = NULL;
- nc->packet_rcode = 0;
- nc->packet_qtype = 0;
- nc->packet_nodata = false;
- return nc;
-}
-
-void
-ldns_dnssec_data_chain_free(ldns_dnssec_data_chain *chain)
-{
- LDNS_FREE(chain);
-}
-
-void
-ldns_dnssec_data_chain_deep_free(ldns_dnssec_data_chain *chain)
-{
- ldns_rr_list_deep_free(chain->rrset);
- ldns_rr_list_deep_free(chain->signatures);
- if (chain->parent) {
- ldns_dnssec_data_chain_deep_free(chain->parent);
- }
- LDNS_FREE(chain);
-}
-
-void
-ldns_dnssec_data_chain_print(FILE *out, const ldns_dnssec_data_chain *chain)
-{
- ldns_lookup_table *rcode;
- const ldns_rr_descriptor *rr_descriptor;
- if (chain) {
- ldns_dnssec_data_chain_print(out, chain->parent);
- if (ldns_rr_list_rr_count(chain->rrset) > 0) {
- rcode = ldns_lookup_by_id(ldns_rcodes,
- (int) chain->packet_rcode);
- if (rcode) {
- fprintf(out, ";; rcode: %s\n", rcode->name);
- }
-
- rr_descriptor = ldns_rr_descript(chain->packet_qtype);
- if (rr_descriptor && rr_descriptor->_name) {
- fprintf(out, ";; qtype: %s\n", rr_descriptor->_name);
- } else if (chain->packet_qtype != 0) {
- fprintf(out, "TYPE%u",
- chain->packet_qtype);
- }
- if (chain->packet_nodata) {
- fprintf(out, ";; NODATA response\n");
- }
- fprintf(out, "rrset:\n");
- ldns_rr_list_print(out, chain->rrset);
- fprintf(out, "sigs:\n");
- ldns_rr_list_print(out, chain->signatures);
- fprintf(out, "---\n");
- } else {
- fprintf(out, "<no data>\n");
- }
- }
-}
-
-static void
-ldns_dnssec_build_data_chain_dnskey(ldns_resolver *res,
- uint16_t qflags,
- const ldns_pkt *pkt,
- ldns_rr_list *signatures,
- ldns_dnssec_data_chain *new_chain,
- ldns_rdf *key_name,
- ldns_rr_class c) {
- ldns_rr_list *keys;
- ldns_pkt *my_pkt;
- if (signatures && ldns_rr_list_rr_count(signatures) > 0) {
- new_chain->signatures = ldns_rr_list_clone(signatures);
- new_chain->parent_type = 0;
-
- keys = ldns_pkt_rr_list_by_name_and_type(
- pkt,
- key_name,
- LDNS_RR_TYPE_DNSKEY,
- LDNS_SECTION_ANY_NOQUESTION
- );
- if (!keys) {
- my_pkt = ldns_resolver_query(res,
- key_name,
- LDNS_RR_TYPE_DNSKEY,
- c,
- qflags);
- if (my_pkt) {
- keys = ldns_pkt_rr_list_by_name_and_type(
- my_pkt,
- key_name,
- LDNS_RR_TYPE_DNSKEY,
- LDNS_SECTION_ANY_NOQUESTION
- );
- new_chain->parent = ldns_dnssec_build_data_chain(res,
- qflags,
- keys,
- my_pkt,
- NULL);
- new_chain->parent->packet_qtype = LDNS_RR_TYPE_DNSKEY;
- ldns_pkt_free(my_pkt);
- }
- } else {
- new_chain->parent = ldns_dnssec_build_data_chain(res,
- qflags,
- keys,
- pkt,
- NULL);
- new_chain->parent->packet_qtype = LDNS_RR_TYPE_DNSKEY;
- }
- ldns_rr_list_deep_free(keys);
- }
-}
-
-static void
-ldns_dnssec_build_data_chain_other(ldns_resolver *res,
- uint16_t qflags,
- ldns_dnssec_data_chain *new_chain,
- ldns_rdf *key_name,
- ldns_rr_class c,
- ldns_rr_list *dss)
-{
- /* 'self-signed', parent is a DS */
-
- /* okay, either we have other keys signing the current one,
- * or the current
- * one should have a DS record in the parent zone.
- * How do we find this out? Try both?
- *
- * request DNSKEYS for current zone,
- * add all signatures to current level
- */
- ldns_pkt *my_pkt;
- ldns_rr_list *signatures2;
-
- new_chain->parent_type = 1;
-
- my_pkt = ldns_resolver_query(res,
- key_name,
- LDNS_RR_TYPE_DS,
- c,
- qflags);
- if (my_pkt) {
- dss = ldns_pkt_rr_list_by_name_and_type(my_pkt,
- key_name,
- LDNS_RR_TYPE_DS,
- LDNS_SECTION_ANY_NOQUESTION
- );
- if (dss) {
- new_chain->parent = ldns_dnssec_build_data_chain(res,
- qflags,
- dss,
- my_pkt,
- NULL);
- new_chain->parent->packet_qtype = LDNS_RR_TYPE_DS;
- ldns_rr_list_deep_free(dss);
- }
- ldns_pkt_free(my_pkt);
- }
-
- my_pkt = ldns_resolver_query(res,
- key_name,
- LDNS_RR_TYPE_DNSKEY,
- c,
- qflags);
- if (my_pkt) {
- signatures2 = ldns_pkt_rr_list_by_name_and_type(my_pkt,
- key_name,
- LDNS_RR_TYPE_RRSIG,
- LDNS_SECTION_ANSWER);
- if (signatures2) {
- if (new_chain->signatures) {
- printf("There were already sigs!\n");
- ldns_rr_list_deep_free(new_chain->signatures);
- printf("replacing the old sigs\n");
- }
- new_chain->signatures = signatures2;
- }
- ldns_pkt_free(my_pkt);
- }
-}
-
-ldns_dnssec_data_chain *
-ldns_dnssec_build_data_chain_nokeyname(ldns_resolver *res,
- uint16_t qflags,
- ldns_rr *orig_rr,
- const ldns_rr_list *rrset,
- ldns_dnssec_data_chain *new_chain)
-{
- ldns_rdf *possible_parent_name;
- ldns_pkt *my_pkt;
- /* apparently we were not able to find a signing key, so
- we assume the chain ends here
- */
- /* try parents for auth denial of DS */
- if (orig_rr) {
- possible_parent_name = ldns_rr_owner(orig_rr);
- } else if (rrset && ldns_rr_list_rr_count(rrset) > 0) {
- possible_parent_name = ldns_rr_owner(ldns_rr_list_rr(rrset, 0));
- } else {
- /* no information to go on, give up */
- return new_chain;
- }
-
- my_pkt = ldns_resolver_query(res,
- possible_parent_name,
- LDNS_RR_TYPE_DS,
- LDNS_RR_CLASS_IN,
- qflags);
- if (!my_pkt) {
- return new_chain;
- }
-
- if (ldns_pkt_ancount(my_pkt) > 0) {
- /* add error, no sigs but DS in parent */
- /*ldns_pkt_print(stdout, my_pkt);*/
- ldns_pkt_free(my_pkt);
- } else {
- /* are there signatures? */
- new_chain->parent = ldns_dnssec_build_data_chain(res,
- qflags,
- NULL,
- my_pkt,
- NULL);
-
- new_chain->parent->packet_qtype = LDNS_RR_TYPE_DS;
-
- }
- return new_chain;
-}
-
-
-ldns_dnssec_data_chain *
-ldns_dnssec_build_data_chain(ldns_resolver *res,
- uint16_t qflags,
- const ldns_rr_list *rrset,
- const ldns_pkt *pkt,
- ldns_rr *orig_rr)
-{
- ldns_rr_list *signatures = NULL;
- ldns_rr_list *dss = NULL;
-
- ldns_rr_list *my_rrset;
-
- ldns_pkt *my_pkt;
-
- ldns_rdf *name = NULL, *key_name = NULL;
- ldns_rr_type type = 0;
- ldns_rr_class c = 0;
-
- bool other_rrset = false;
-
- ldns_dnssec_data_chain *new_chain = ldns_dnssec_data_chain_new();
-
- if (!ldns_dnssec_pkt_has_rrsigs(pkt)) {
- /* hmm. no dnssec data in the packet. go up to try and deny
- * DS? */
- return new_chain;
- }
-
- if (orig_rr) {
- new_chain->rrset = ldns_rr_list_new();
- ldns_rr_list_push_rr(new_chain->rrset, orig_rr);
- new_chain->parent = ldns_dnssec_build_data_chain(res,
- qflags,
- rrset,
- pkt,
- NULL);
- new_chain->packet_rcode = ldns_pkt_get_rcode(pkt);
- new_chain->packet_qtype = ldns_rr_get_type(orig_rr);
- if (ldns_pkt_ancount(pkt) == 0) {
- new_chain->packet_nodata = true;
- }
- return new_chain;
- }
-
- if (!rrset || ldns_rr_list_rr_count(rrset) < 1) {
- /* hmm, no data, do we have denial? only works if pkt was given,
- otherwise caller has to do the check himself */
- new_chain->packet_nodata = true;
- if (pkt) {
- my_rrset = ldns_pkt_rr_list_by_type(pkt,
- LDNS_RR_TYPE_NSEC,
- LDNS_SECTION_ANY_NOQUESTION
- );
- if (my_rrset) {
- if (ldns_rr_list_rr_count(my_rrset) > 0) {
- type = LDNS_RR_TYPE_NSEC;
- other_rrset = true;
- } else {
- ldns_rr_list_deep_free(my_rrset);
- my_rrset = NULL;
- }
- } else {
- /* nothing, try nsec3 */
- my_rrset = ldns_pkt_rr_list_by_type(pkt,
- LDNS_RR_TYPE_NSEC3,
- LDNS_SECTION_ANY_NOQUESTION);
- if (my_rrset) {
- if (ldns_rr_list_rr_count(my_rrset) > 0) {
- type = LDNS_RR_TYPE_NSEC3;
- other_rrset = true;
- } else {
- ldns_rr_list_deep_free(my_rrset);
- my_rrset = NULL;
- }
- } else {
- /* nothing, stop */
- /* try parent zone? for denied insecure? */
- return new_chain;
- }
- }
- } else {
- return new_chain;
- }
- } else {
- my_rrset = (ldns_rr_list *) rrset;
- }
-
- if (my_rrset && ldns_rr_list_rr_count(my_rrset) > 0) {
- new_chain->rrset = ldns_rr_list_clone(my_rrset);
- name = ldns_rr_owner(ldns_rr_list_rr(my_rrset, 0));
- type = ldns_rr_get_type(ldns_rr_list_rr(my_rrset, 0));
- c = ldns_rr_get_class(ldns_rr_list_rr(my_rrset, 0));
- }
-
- if (other_rrset) {
- ldns_rr_list_deep_free(my_rrset);
- }
-
- /* normally there will only be 1 signature 'set'
- but there can be more than 1 denial (wildcards)
- so check for NSEC
- */
- if (type == LDNS_RR_TYPE_NSEC || type == LDNS_RR_TYPE_NSEC3) {
- /* just throw in all signatures, the tree builder must sort
- this out */
- if (pkt) {
- signatures = ldns_dnssec_pkt_get_rrsigs_for_type(pkt, type);
- } else {
- my_pkt = ldns_resolver_query(res, name, type, c, qflags);
- if (my_pkt) {
- signatures = ldns_dnssec_pkt_get_rrsigs_for_type(pkt, type);
- ldns_pkt_free(my_pkt);
- }
- }
- } else {
- if (pkt) {
- signatures =
- ldns_dnssec_pkt_get_rrsigs_for_name_and_type(pkt,
- name,
- type);
- }
- if (!signatures) {
- my_pkt = ldns_resolver_query(res, name, type, c, qflags);
- if (my_pkt) {
- signatures =
- ldns_dnssec_pkt_get_rrsigs_for_name_and_type(my_pkt,
- name,
- type);
- ldns_pkt_free(my_pkt);
- }
- }
- }
-
- if (signatures && ldns_rr_list_rr_count(signatures) > 0) {
- key_name = ldns_rr_rdf(ldns_rr_list_rr(signatures, 0), 7);
- }
-
- if (!key_name) {
- return ldns_dnssec_build_data_chain_nokeyname(res,
- qflags,
- orig_rr,
- rrset,
- new_chain);
- }
-
- if (type != LDNS_RR_TYPE_DNSKEY) {
- ldns_dnssec_build_data_chain_dnskey(res,
- qflags,
- pkt,
- signatures,
- new_chain,
- key_name,
- c
- );
- } else {
- ldns_dnssec_build_data_chain_other(res,
- qflags,
- new_chain,
- key_name,
- c,
- dss
-
- );
- }
- if (signatures) {
- ldns_rr_list_deep_free(signatures);
- }
-
- return new_chain;
-}
-
-ldns_dnssec_trust_tree *
-ldns_dnssec_trust_tree_new()
-{
- ldns_dnssec_trust_tree *new_tree = LDNS_XMALLOC(ldns_dnssec_trust_tree,
- 1);
- if(!new_tree) return NULL;
- new_tree->rr = NULL;
- new_tree->rrset = NULL;
- new_tree->parent_count = 0;
-
- return new_tree;
-}
-
-void
-ldns_dnssec_trust_tree_free(ldns_dnssec_trust_tree *tree)
-{
- size_t i;
- if (tree) {
- for (i = 0; i < tree->parent_count; i++) {
- ldns_dnssec_trust_tree_free(tree->parents[i]);
- }
- }
- LDNS_FREE(tree);
-}
-
-size_t
-ldns_dnssec_trust_tree_depth(ldns_dnssec_trust_tree *tree)
-{
- size_t result = 0;
- size_t parent = 0;
- size_t i;
-
- for (i = 0; i < tree->parent_count; i++) {
- parent = ldns_dnssec_trust_tree_depth(tree->parents[i]);
- if (parent > result) {
- result = parent;
- }
- }
- return 1 + result;
-}
-
-/* TODO ldns_ */
-static void
-print_tabs(FILE *out, size_t nr, uint8_t *map, size_t treedepth)
-{
- size_t i;
- for (i = 0; i < nr; i++) {
- if (i == nr - 1) {
- fprintf(out, "|---");
- } else if (map && i < treedepth && map[i] == 1) {
- fprintf(out, "| ");
- } else {
- fprintf(out, " ");
- }
- }
-}
-
-void
-ldns_dnssec_trust_tree_print_sm(FILE *out,
- ldns_dnssec_trust_tree *tree,
- size_t tabs,
- bool extended,
- uint8_t *sibmap,
- size_t treedepth)
-{
- size_t i;
- const ldns_rr_descriptor *descriptor;
- bool mapset = false;
-
- if (!sibmap) {
- treedepth = ldns_dnssec_trust_tree_depth(tree);
- sibmap = malloc(treedepth);
- if(!sibmap)
- return; /* mem err */
- memset(sibmap, 0, treedepth);
- mapset = true;
- }
-
- if (tree) {
- if (tree->rr) {
- print_tabs(out, tabs, sibmap, treedepth);
- ldns_rdf_print(out, ldns_rr_owner(tree->rr));
- descriptor = ldns_rr_descript(ldns_rr_get_type(tree->rr));
-
- if (descriptor->_name) {
- fprintf(out, " (%s", descriptor->_name);
- } else {
- fprintf(out, " (TYPE%d",
- ldns_rr_get_type(tree->rr));
- }
- if (tabs > 0) {
- if (ldns_rr_get_type(tree->rr) == LDNS_RR_TYPE_DNSKEY) {
- fprintf(out, " keytag: %u",
- (unsigned int) ldns_calc_keytag(tree->rr));
- fprintf(out, " alg: ");
- ldns_rdf_print(out, ldns_rr_rdf(tree->rr, 2));
- fprintf(out, " flags: ");
- ldns_rdf_print(out, ldns_rr_rdf(tree->rr, 0));
- } else if (ldns_rr_get_type(tree->rr) == LDNS_RR_TYPE_DS) {
- fprintf(out, " keytag: ");
- ldns_rdf_print(out, ldns_rr_rdf(tree->rr, 0));
- fprintf(out, " digest type: ");
- ldns_rdf_print(out, ldns_rr_rdf(tree->rr, 2));
- }
- if (ldns_rr_get_type(tree->rr) == LDNS_RR_TYPE_NSEC) {
- fprintf(out, " ");
- ldns_rdf_print(out, ldns_rr_rdf(tree->rr, 0));
- fprintf(out, " ");
- ldns_rdf_print(out, ldns_rr_rdf(tree->rr, 1));
- }
- }
-
- fprintf(out, ")\n");
- for (i = 0; i < tree->parent_count; i++) {
- if (tree->parent_count > 1 && i < tree->parent_count - 1) {
- sibmap[tabs] = 1;
- } else {
- sibmap[tabs] = 0;
- }
- /* only print errors */
- if (ldns_rr_get_type(tree->parents[i]->rr) ==
- LDNS_RR_TYPE_NSEC ||
- ldns_rr_get_type(tree->parents[i]->rr) ==
- LDNS_RR_TYPE_NSEC3) {
- if (tree->parent_status[i] == LDNS_STATUS_OK) {
- print_tabs(out, tabs + 1, sibmap, treedepth);
- if (tabs == 0 &&
- ldns_rr_get_type(tree->rr) == LDNS_RR_TYPE_NS &&
- ldns_rr_rd_count(tree->rr) > 0) {
- fprintf(out, "Existence of DS is denied by:\n");
- } else {
- fprintf(out, "Existence is denied by:\n");
- }
- } else {
- /* NS records aren't signed */
- if (ldns_rr_get_type(tree->rr) == LDNS_RR_TYPE_NS) {
- fprintf(out, "Existence of DS is denied by:\n");
- } else {
- print_tabs(out, tabs + 1, sibmap, treedepth);
- fprintf(out,
- "Error in denial of existence: %s\n",
- ldns_get_errorstr_by_id(
- tree->parent_status[i]));
- }
- }
- } else
- if (tree->parent_status[i] != LDNS_STATUS_OK) {
- print_tabs(out, tabs + 1, sibmap, treedepth);
- fprintf(out,
- "%s:\n",
- ldns_get_errorstr_by_id(
- tree->parent_status[i]));
- if (tree->parent_status[i]
- == LDNS_STATUS_SSL_ERR) {
- printf("; SSL Error: ");
- ERR_load_crypto_strings();
- ERR_print_errors_fp(stdout);
- printf("\n");
- }
- ldns_rr_print(out, tree->parent_signature[i]);
- printf("For RRset:\n");
- ldns_rr_list_print(out, tree->rrset);
- printf("With key:\n");
- ldns_rr_print(out, tree->parents[i]->rr);
- }
- ldns_dnssec_trust_tree_print_sm(out,
- tree->parents[i],
- tabs+1,
- extended,
- sibmap,
- treedepth);
- }
- } else {
- print_tabs(out, tabs, sibmap, treedepth);
- fprintf(out, "<no data>\n");
- }
- } else {
- fprintf(out, "<null pointer>\n");
- }
-
- if (mapset) {
- free(sibmap);
- }
-}
-
-void
-ldns_dnssec_trust_tree_print(FILE *out,
- ldns_dnssec_trust_tree *tree,
- size_t tabs,
- bool extended)
-{
- ldns_dnssec_trust_tree_print_sm(out, tree, tabs, extended, NULL, 0);
-}
-
-ldns_status
-ldns_dnssec_trust_tree_add_parent(ldns_dnssec_trust_tree *tree,
- const ldns_dnssec_trust_tree *parent,
- const ldns_rr *signature,
- const ldns_status parent_status)
-{
- if (tree
- && parent
- && tree->parent_count < LDNS_DNSSEC_TRUST_TREE_MAX_PARENTS) {
- /*
- printf("Add parent for: ");
- ldns_rr_print(stdout, tree->rr);
- printf("parent: ");
- ldns_rr_print(stdout, parent->rr);
- */
- tree->parents[tree->parent_count] =
- (ldns_dnssec_trust_tree *) parent;
- tree->parent_status[tree->parent_count] = parent_status;
- tree->parent_signature[tree->parent_count] = (ldns_rr *) signature;
- tree->parent_count++;
- return LDNS_STATUS_OK;
- } else {
- return LDNS_STATUS_ERR;
- }
-}
-
-/* if rr is null, take the first from the rrset */
-ldns_dnssec_trust_tree *
-ldns_dnssec_derive_trust_tree(ldns_dnssec_data_chain *data_chain, ldns_rr *rr)
-{
- ldns_rr_list *cur_rrset;
- ldns_rr_list *cur_sigs;
- ldns_rr *cur_rr = NULL;
- ldns_rr *cur_sig_rr;
- size_t i, j;
-
- ldns_dnssec_trust_tree *new_tree = ldns_dnssec_trust_tree_new();
- if(!new_tree)
- return NULL;
-
- if (data_chain && data_chain->rrset) {
- cur_rrset = data_chain->rrset;
-
- cur_sigs = data_chain->signatures;
-
- if (rr) {
- cur_rr = rr;
- }
-
- if (!cur_rr && ldns_rr_list_rr_count(cur_rrset) > 0) {
- cur_rr = ldns_rr_list_rr(cur_rrset, 0);
- }
-
- if (cur_rr) {
- new_tree->rr = cur_rr;
- new_tree->rrset = cur_rrset;
- /* there are three possibilities:
- 1 - 'normal' rrset, signed by a key
- 2 - dnskey signed by other dnskey
- 3 - dnskey proven by higher level DS
- (data denied by nsec is a special case that can
- occur in multiple places)
-
- */
- if (cur_sigs) {
- for (i = 0; i < ldns_rr_list_rr_count(cur_sigs); i++) {
- /* find the appropriate key in the parent list */
- cur_sig_rr = ldns_rr_list_rr(cur_sigs, i);
-
- if (ldns_rr_get_type(cur_rr) == LDNS_RR_TYPE_NSEC) {
- if (ldns_dname_compare(ldns_rr_owner(cur_sig_rr),
- ldns_rr_owner(cur_rr)))
- {
- /* find first that does match */
-
- for (j = 0;
- j < ldns_rr_list_rr_count(cur_rrset) &&
- ldns_dname_compare(ldns_rr_owner(cur_sig_rr),ldns_rr_owner(cur_rr)) != 0;
- j++) {
- cur_rr = ldns_rr_list_rr(cur_rrset, j);
-
- }
- if (ldns_dname_compare(ldns_rr_owner(cur_sig_rr),
- ldns_rr_owner(cur_rr)))
- {
- break;
- }
- }
-
- }
- /* option 1 */
- if (data_chain->parent) {
- ldns_dnssec_derive_trust_tree_normal_rrset(
- new_tree,
- data_chain,
- cur_sig_rr);
- }
-
- /* option 2 */
- ldns_dnssec_derive_trust_tree_dnskey_rrset(
- new_tree,
- data_chain,
- cur_rr,
- cur_sig_rr);
- }
-
- ldns_dnssec_derive_trust_tree_ds_rrset(new_tree,
- data_chain,
- cur_rr);
- } else {
- /* no signatures? maybe it's nsec data */
-
- /* just add every rr from parent as new parent */
- ldns_dnssec_derive_trust_tree_no_sig(new_tree, data_chain);
- }
- }
- }
-
- return new_tree;
-}
-
-void
-ldns_dnssec_derive_trust_tree_normal_rrset(ldns_dnssec_trust_tree *new_tree,
- ldns_dnssec_data_chain *data_chain,
- ldns_rr *cur_sig_rr)
-{
- size_t i, j;
- ldns_rr_list *cur_rrset = ldns_rr_list_clone(data_chain->rrset);
- ldns_dnssec_trust_tree *cur_parent_tree;
- ldns_rr *cur_parent_rr;
- uint16_t cur_keytag;
- ldns_rr_list *tmp_rrset = NULL;
- ldns_status cur_status;
-
- cur_keytag = ldns_rdf2native_int16(ldns_rr_rrsig_keytag(cur_sig_rr));
-
- for (j = 0; j < ldns_rr_list_rr_count(data_chain->parent->rrset); j++) {
- cur_parent_rr = ldns_rr_list_rr(data_chain->parent->rrset, j);
- if (ldns_rr_get_type(cur_parent_rr) == LDNS_RR_TYPE_DNSKEY) {
- if (ldns_calc_keytag(cur_parent_rr) == cur_keytag) {
-
- /* TODO: check wildcard nsec too */
- if (cur_rrset && ldns_rr_list_rr_count(cur_rrset) > 0) {
- tmp_rrset = cur_rrset;
- if (ldns_rr_get_type(ldns_rr_list_rr(cur_rrset, 0))
- == LDNS_RR_TYPE_NSEC ||
- ldns_rr_get_type(ldns_rr_list_rr(cur_rrset, 0))
- == LDNS_RR_TYPE_NSEC3) {
- /* might contain different names!
- sort and split */
- ldns_rr_list_sort(cur_rrset);
- if (tmp_rrset && tmp_rrset != cur_rrset) {
- ldns_rr_list_deep_free(tmp_rrset);
- tmp_rrset = NULL;
- }
- tmp_rrset = ldns_rr_list_pop_rrset(cur_rrset);
-
- /* with nsecs, this might be the wrong one */
- while (tmp_rrset &&
- ldns_rr_list_rr_count(cur_rrset) > 0 &&
- ldns_dname_compare(
- ldns_rr_owner(ldns_rr_list_rr(
- tmp_rrset, 0)),
- ldns_rr_owner(cur_sig_rr)) != 0) {
- ldns_rr_list_deep_free(tmp_rrset);
- tmp_rrset =
- ldns_rr_list_pop_rrset(cur_rrset);
- }
- }
- cur_status = ldns_verify_rrsig(tmp_rrset,
- cur_sig_rr,
- cur_parent_rr);
- /* avoid dupes */
- for (i = 0; i < new_tree->parent_count; i++) {
- if (cur_parent_rr == new_tree->parents[i]->rr) {
- goto done;
- }
- }
-
- cur_parent_tree =
- ldns_dnssec_derive_trust_tree(data_chain->parent,
- cur_parent_rr);
- (void)ldns_dnssec_trust_tree_add_parent(new_tree,
- cur_parent_tree,
- cur_sig_rr,
- cur_status);
- }
- }
- }
- }
- done:
- if (tmp_rrset && tmp_rrset != cur_rrset) {
- ldns_rr_list_deep_free(tmp_rrset);
- }
- ldns_rr_list_deep_free(cur_rrset);
-}
-
-void
-ldns_dnssec_derive_trust_tree_dnskey_rrset(ldns_dnssec_trust_tree *new_tree,
- ldns_dnssec_data_chain *data_chain,
- ldns_rr *cur_rr,
- ldns_rr *cur_sig_rr)
-{
- size_t j;
- ldns_rr_list *cur_rrset = data_chain->rrset;
- ldns_dnssec_trust_tree *cur_parent_tree;
- ldns_rr *cur_parent_rr;
- uint16_t cur_keytag;
- ldns_status cur_status;
-
- cur_keytag = ldns_rdf2native_int16(ldns_rr_rrsig_keytag(cur_sig_rr));
-
- for (j = 0; j < ldns_rr_list_rr_count(cur_rrset); j++) {
- cur_parent_rr = ldns_rr_list_rr(cur_rrset, j);
- if (cur_parent_rr != cur_rr &&
- ldns_rr_get_type(cur_parent_rr) == LDNS_RR_TYPE_DNSKEY) {
- if (ldns_calc_keytag(cur_parent_rr) == cur_keytag
- ) {
- cur_parent_tree = ldns_dnssec_trust_tree_new();
- cur_parent_tree->rr = cur_parent_rr;
- cur_parent_tree->rrset = cur_rrset;
- cur_status = ldns_verify_rrsig(cur_rrset,
- cur_sig_rr,
- cur_parent_rr);
- (void) ldns_dnssec_trust_tree_add_parent(new_tree,
- cur_parent_tree, cur_sig_rr, cur_status);
- }
- }
- }
-}
-
-void
-ldns_dnssec_derive_trust_tree_ds_rrset(ldns_dnssec_trust_tree *new_tree,
- ldns_dnssec_data_chain *data_chain,
- ldns_rr *cur_rr)
-{
- size_t j, h;
- ldns_rr_list *cur_rrset = data_chain->rrset;
- ldns_dnssec_trust_tree *cur_parent_tree;
- ldns_rr *cur_parent_rr;
-
- /* try the parent to see whether there are DSs there */
- if (ldns_rr_get_type(cur_rr) == LDNS_RR_TYPE_DNSKEY &&
- data_chain->parent &&
- data_chain->parent->rrset
- ) {
- for (j = 0;
- j < ldns_rr_list_rr_count(data_chain->parent->rrset);
- j++) {
- cur_parent_rr = ldns_rr_list_rr(data_chain->parent->rrset, j);
- if (ldns_rr_get_type(cur_parent_rr) == LDNS_RR_TYPE_DS) {
- for (h = 0; h < ldns_rr_list_rr_count(cur_rrset); h++) {
- cur_rr = ldns_rr_list_rr(cur_rrset, h);
- if (ldns_rr_compare_ds(cur_rr, cur_parent_rr)) {
- cur_parent_tree =
- ldns_dnssec_derive_trust_tree(
- data_chain->parent, cur_parent_rr);
- (void) ldns_dnssec_trust_tree_add_parent(
- new_tree,
- cur_parent_tree,
- NULL,
- LDNS_STATUS_OK);
- } else {
- /*ldns_rr_print(stdout, cur_parent_rr);*/
- }
- }
- }
- }
- }
-}
-
-void
-ldns_dnssec_derive_trust_tree_no_sig(ldns_dnssec_trust_tree *new_tree,
- ldns_dnssec_data_chain *data_chain)
-{
- size_t i;
- ldns_rr_list *cur_rrset;
- ldns_rr *cur_parent_rr;
- ldns_dnssec_trust_tree *cur_parent_tree;
- ldns_status result;
-
- if (data_chain->parent && data_chain->parent->rrset) {
- cur_rrset = data_chain->parent->rrset;
- /* nsec? */
- if (cur_rrset && ldns_rr_list_rr_count(cur_rrset) > 0) {
- if (ldns_rr_get_type(ldns_rr_list_rr(cur_rrset, 0)) ==
- LDNS_RR_TYPE_NSEC3) {
- result = ldns_dnssec_verify_denial_nsec3(
- new_tree->rr,
- cur_rrset,
- data_chain->parent->signatures,
- data_chain->packet_rcode,
- data_chain->packet_qtype,
- data_chain->packet_nodata);
- } else if (ldns_rr_get_type(ldns_rr_list_rr(cur_rrset, 0)) ==
- LDNS_RR_TYPE_NSEC3) {
- result = ldns_dnssec_verify_denial(
- new_tree->rr,
- cur_rrset,
- data_chain->parent->signatures);
- } else {
- /* unsigned zone, unsigned parent */
- result = LDNS_STATUS_OK;
- }
- } else {
- result = LDNS_STATUS_DNSSEC_NSEC_RR_NOT_COVERED;
- }
- for (i = 0; i < ldns_rr_list_rr_count(cur_rrset); i++) {
- cur_parent_rr = ldns_rr_list_rr(cur_rrset, i);
- cur_parent_tree =
- ldns_dnssec_derive_trust_tree(data_chain->parent,
- cur_parent_rr);
- (void) ldns_dnssec_trust_tree_add_parent(new_tree,
- cur_parent_tree, NULL, result);
- }
- }
-}
-
-/*
- * returns OK if there is a path from tree to key with only OK
- * the (first) error in between otherwise
- * or NOT_FOUND if the key wasn't present at all
- */
-ldns_status
-ldns_dnssec_trust_tree_contains_keys(ldns_dnssec_trust_tree *tree,
- ldns_rr_list *trusted_keys)
-{
- size_t i;
- ldns_status result = LDNS_STATUS_CRYPTO_NO_DNSKEY;
- bool equal;
- ldns_status parent_result;
-
- if (tree && trusted_keys && ldns_rr_list_rr_count(trusted_keys) > 0)
- { if (tree->rr) {
- for (i = 0; i < ldns_rr_list_rr_count(trusted_keys); i++) {
- equal = ldns_rr_compare_ds(
- tree->rr,
- ldns_rr_list_rr(trusted_keys, i));
- if (equal) {
- result = LDNS_STATUS_OK;
- return result;
- }
- }
- }
- for (i = 0; i < tree->parent_count; i++) {
- parent_result =
- ldns_dnssec_trust_tree_contains_keys(tree->parents[i],
- trusted_keys);
- if (parent_result != LDNS_STATUS_CRYPTO_NO_DNSKEY) {
- if (tree->parent_status[i] != LDNS_STATUS_OK) {
- result = tree->parent_status[i];
- } else {
- if (ldns_rr_get_type(tree->rr)
- == LDNS_RR_TYPE_NSEC &&
- parent_result == LDNS_STATUS_OK
- ) {
- result =
- LDNS_STATUS_DNSSEC_EXISTENCE_DENIED;
- } else {
- result = parent_result;
- }
- }
- }
- }
- } else {
- result = LDNS_STATUS_ERR;
- }
-
- return result;
-}
-
-ldns_status
-ldns_verify(ldns_rr_list *rrset, ldns_rr_list *rrsig, const ldns_rr_list *keys,
- ldns_rr_list *good_keys)
-{
- uint16_t i;
- ldns_status verify_result = LDNS_STATUS_ERR;
-
- if (!rrset || !rrsig || !keys) {
- return LDNS_STATUS_ERR;
- }
-
- if (ldns_rr_list_rr_count(rrset) < 1) {
- return LDNS_STATUS_ERR;
- }
-
- if (ldns_rr_list_rr_count(rrsig) < 1) {
- return LDNS_STATUS_CRYPTO_NO_RRSIG;
- }
-
- if (ldns_rr_list_rr_count(keys) < 1) {
- verify_result = LDNS_STATUS_CRYPTO_NO_TRUSTED_DNSKEY;
- } else {
- for (i = 0; i < ldns_rr_list_rr_count(rrsig); i++) {
- ldns_status s = ldns_verify_rrsig_keylist(rrset,
- ldns_rr_list_rr(rrsig, i), keys, good_keys);
- /* try a little to get more descriptive error */
- if(s == LDNS_STATUS_OK) {
- verify_result = LDNS_STATUS_OK;
- } else if(verify_result == LDNS_STATUS_ERR)
- verify_result = s;
- else if(s != LDNS_STATUS_ERR && verify_result ==
- LDNS_STATUS_CRYPTO_NO_MATCHING_KEYTAG_DNSKEY)
- verify_result = s;
- }
- }
- return verify_result;
-}
-
-ldns_status
-ldns_verify_notime(ldns_rr_list *rrset, ldns_rr_list *rrsig,
- const ldns_rr_list *keys, ldns_rr_list *good_keys)
-{
- uint16_t i;
- ldns_status verify_result = LDNS_STATUS_ERR;
-
- if (!rrset || !rrsig || !keys) {
- return LDNS_STATUS_ERR;
- }
-
- if (ldns_rr_list_rr_count(rrset) < 1) {
- return LDNS_STATUS_ERR;
- }
-
- if (ldns_rr_list_rr_count(rrsig) < 1) {
- return LDNS_STATUS_CRYPTO_NO_RRSIG;
- }
-
- if (ldns_rr_list_rr_count(keys) < 1) {
- verify_result = LDNS_STATUS_CRYPTO_NO_TRUSTED_DNSKEY;
- } else {
- for (i = 0; i < ldns_rr_list_rr_count(rrsig); i++) {
- ldns_status s = ldns_verify_rrsig_keylist_notime(rrset,
- ldns_rr_list_rr(rrsig, i), keys, good_keys);
-
- /* try a little to get more descriptive error */
- if (s == LDNS_STATUS_OK) {
- verify_result = LDNS_STATUS_OK;
- } else if (verify_result == LDNS_STATUS_ERR) {
- verify_result = s;
- } else if (s != LDNS_STATUS_ERR && verify_result ==
- LDNS_STATUS_CRYPTO_NO_MATCHING_KEYTAG_DNSKEY) {
- verify_result = s;
- }
- }
- }
- return verify_result;
-}
-
-ldns_rr_list *
-ldns_fetch_valid_domain_keys(const ldns_resolver *res,
- const ldns_rdf *domain,
- const ldns_rr_list *keys,
- ldns_status *status)
-{
- ldns_rr_list * trusted_keys = NULL;
- ldns_rr_list * ds_keys = NULL;
-
- if (res && domain && keys) {
-
- if ((trusted_keys = ldns_validate_domain_dnskey(res,
- domain,
- keys))) {
- *status = LDNS_STATUS_OK;
- } else {
- /* No trusted keys in this domain, we'll have to find some in the parent domain */
- *status = LDNS_STATUS_CRYPTO_NO_TRUSTED_DNSKEY;
-
- if (ldns_rdf_size(domain) > 1) {
- /* Fail if we are at the root */
- ldns_rr_list * parent_keys;
- ldns_rdf * parent_domain = ldns_dname_left_chop(domain);
-
- if ((parent_keys =
- ldns_fetch_valid_domain_keys(res,
- parent_domain,
- keys,
- status))) {
- /* Check DS records */
- if ((ds_keys =
- ldns_validate_domain_ds(res,
- domain,
- parent_keys))) {
- trusted_keys =
- ldns_fetch_valid_domain_keys(res,
- domain,
- ds_keys,
- status);
- ldns_rr_list_deep_free(ds_keys);
- } else {
- /* No valid DS at the parent -- fail */
- *status = LDNS_STATUS_CRYPTO_NO_TRUSTED_DS ;
- }
- ldns_rr_list_deep_free(parent_keys);
- }
- ldns_rdf_deep_free(parent_domain);
- }
- }
- }
- return trusted_keys;
-}
-
-ldns_rr_list *
-ldns_validate_domain_dnskey(const ldns_resolver * res,
- const ldns_rdf * domain,
- const ldns_rr_list * keys)
-{
- ldns_pkt * keypkt;
- ldns_rr * cur_key;
- uint16_t key_i; uint16_t key_j; uint16_t key_k;
- uint16_t sig_i; ldns_rr * cur_sig;
-
- ldns_rr_list * domain_keys = NULL;
- ldns_rr_list * domain_sigs = NULL;
- ldns_rr_list * trusted_keys = NULL;
-
- /* Fetch keys for the domain */
- keypkt = ldns_resolver_query(res, domain,
- LDNS_RR_TYPE_DNSKEY, LDNS_RR_CLASS_IN, LDNS_RD);
- if (keypkt) {
- domain_keys = ldns_pkt_rr_list_by_type(keypkt,
- LDNS_RR_TYPE_DNSKEY,
- LDNS_SECTION_ANSWER);
- domain_sigs = ldns_pkt_rr_list_by_type(keypkt,
- LDNS_RR_TYPE_RRSIG,
- LDNS_SECTION_ANSWER);
-
- /* Try to validate the record using our keys */
- for (key_i=0; key_i< ldns_rr_list_rr_count(domain_keys); key_i++) {
-
- cur_key = ldns_rr_list_rr(domain_keys, key_i);
- for (key_j=0; key_j<ldns_rr_list_rr_count(keys); key_j++) {
- if (ldns_rr_compare_ds(ldns_rr_list_rr(keys, key_j),
- cur_key)) {
-
- /* Current key is trusted -- validate */
- trusted_keys = ldns_rr_list_new();
-
- for (sig_i=0;
- sig_i<ldns_rr_list_rr_count(domain_sigs);
- sig_i++) {
- cur_sig = ldns_rr_list_rr(domain_sigs, sig_i);
- /* Avoid non-matching sigs */
- if (ldns_rdf2native_int16(
- ldns_rr_rrsig_keytag(cur_sig))
- == ldns_calc_keytag(cur_key)) {
- if (ldns_verify_rrsig(domain_keys,
- cur_sig,
- cur_key)
- == LDNS_STATUS_OK) {
-
- /* Push the whole rrset
- -- we can't do much more */
- for (key_k=0;
- key_k<ldns_rr_list_rr_count(
- domain_keys);
- key_k++) {
- ldns_rr_list_push_rr(
- trusted_keys,
- ldns_rr_clone(
- ldns_rr_list_rr(
- domain_keys,
- key_k)));
- }
-
- ldns_rr_list_deep_free(domain_keys);
- ldns_rr_list_deep_free(domain_sigs);
- ldns_pkt_free(keypkt);
- return trusted_keys;
- }
- }
- }
-
- /* Only push our trusted key */
- ldns_rr_list_push_rr(trusted_keys,
- ldns_rr_clone(cur_key));
- }
- }
- }
-
- ldns_rr_list_deep_free(domain_keys);
- ldns_rr_list_deep_free(domain_sigs);
- ldns_pkt_free(keypkt);
-
- } else {
- /* LDNS_STATUS_CRYPTO_NO_DNSKEY */
- }
-
- return trusted_keys;
-}
-
-ldns_rr_list *
-ldns_validate_domain_ds(const ldns_resolver *res,
- const ldns_rdf * domain,
- const ldns_rr_list * keys)
-{
- ldns_pkt * dspkt;
- uint16_t key_i;
- ldns_rr_list * rrset = NULL;
- ldns_rr_list * sigs = NULL;
- ldns_rr_list * trusted_keys = NULL;
-
- /* Fetch DS for the domain */
- dspkt = ldns_resolver_query(res, domain,
- LDNS_RR_TYPE_DS, LDNS_RR_CLASS_IN, LDNS_RD);
- if (dspkt) {
- rrset = ldns_pkt_rr_list_by_type(dspkt,
- LDNS_RR_TYPE_DS,
- LDNS_SECTION_ANSWER);
- sigs = ldns_pkt_rr_list_by_type(dspkt,
- LDNS_RR_TYPE_RRSIG,
- LDNS_SECTION_ANSWER);
-
- /* Validate sigs */
- if (ldns_verify(rrset, sigs, keys, NULL) == LDNS_STATUS_OK) {
- trusted_keys = ldns_rr_list_new();
- for (key_i=0; key_i<ldns_rr_list_rr_count(rrset); key_i++) {
- ldns_rr_list_push_rr(trusted_keys,
- ldns_rr_clone(ldns_rr_list_rr(rrset,
- key_i)
- )
- );
- }
- }
-
- ldns_rr_list_deep_free(rrset);
- ldns_rr_list_deep_free(sigs);
- ldns_pkt_free(dspkt);
-
- } else {
- /* LDNS_STATUS_CRYPTO_NO_DS */
- }
-
- return trusted_keys;
-}
-
-ldns_status
-ldns_verify_trusted(ldns_resolver *res,
- ldns_rr_list *rrset,
- ldns_rr_list * rrsigs,
- ldns_rr_list * validating_keys)
-{
- uint16_t sig_i; uint16_t key_i;
- ldns_rr * cur_sig; ldns_rr * cur_key;
- ldns_rr_list * trusted_keys = NULL;
- ldns_status result = LDNS_STATUS_ERR;
-
- if (!res || !rrset || !rrsigs) {
- return LDNS_STATUS_ERR;
- }
-
- if (ldns_rr_list_rr_count(rrset) < 1) {
- return LDNS_STATUS_ERR;
- }
-
- if (ldns_rr_list_rr_count(rrsigs) < 1) {
- return LDNS_STATUS_CRYPTO_NO_RRSIG;
- }
-
- /* Look at each sig */
- for (sig_i=0; sig_i < ldns_rr_list_rr_count(rrsigs); sig_i++) {
-
- cur_sig = ldns_rr_list_rr(rrsigs, sig_i);
- /* Get a valid signer key and validate the sig */
- if ((trusted_keys = ldns_fetch_valid_domain_keys(
- res,
- ldns_rr_rrsig_signame(cur_sig),
- ldns_resolver_dnssec_anchors(res),
- &result))) {
-
- for (key_i = 0;
- key_i < ldns_rr_list_rr_count(trusted_keys);
- key_i++) {
- cur_key = ldns_rr_list_rr(trusted_keys, key_i);
-
- if ((result = ldns_verify_rrsig(rrset,
- cur_sig,
- cur_key))
- == LDNS_STATUS_OK) {
- if (validating_keys) {
- ldns_rr_list_push_rr(validating_keys,
- ldns_rr_clone(cur_key));
- }
- ldns_rr_list_deep_free(trusted_keys);
- return LDNS_STATUS_OK;
- } else {
- ldns_rr_list_print(stdout, rrset);
- ldns_rr_print(stdout, cur_sig);
- ldns_rr_print(stdout, cur_key);
-
- }
- }
- }
- }
-
- ldns_rr_list_deep_free(trusted_keys);
- return result;
-}
-
-ldns_status
-ldns_dnssec_verify_denial(ldns_rr *rr,
- ldns_rr_list *nsecs,
- ldns_rr_list *rrsigs)
-{
- ldns_rdf *rr_name;
- ldns_rdf *wildcard_name;
- ldns_rdf *chopped_dname;
- ldns_rr *cur_nsec;
- size_t i;
- ldns_status result;
- /* needed for wildcard check on exact match */
- ldns_rr *rrsig;
- bool name_covered = false;
- bool type_covered = false;
- bool wildcard_covered = false;
- bool wildcard_type_covered = false;
-
- wildcard_name = ldns_dname_new_frm_str("*");
- rr_name = ldns_rr_owner(rr);
- chopped_dname = ldns_dname_left_chop(rr_name);
- result = ldns_dname_cat(wildcard_name, chopped_dname);
- if (result != LDNS_STATUS_OK) {
- return result;
- }
-
- ldns_rdf_deep_free(chopped_dname);
-
- for (i = 0; i < ldns_rr_list_rr_count(nsecs); i++) {
- cur_nsec = ldns_rr_list_rr(nsecs, i);
- if (ldns_dname_compare(rr_name, ldns_rr_owner(cur_nsec)) == 0) {
- /* see section 5.4 of RFC4035, if the label count of the NSEC's
- RRSIG is equal, then it is proven that wildcard expansion
- could not have been used to match the request */
- rrsig = ldns_dnssec_get_rrsig_for_name_and_type(
- ldns_rr_owner(cur_nsec),
- ldns_rr_get_type(cur_nsec),
- rrsigs);
- if (rrsig && ldns_rdf2native_int8(ldns_rr_rrsig_labels(rrsig))
- == ldns_dname_label_count(rr_name)) {
- wildcard_covered = true;
- }
-
- if (ldns_nsec_bitmap_covers_type(ldns_nsec_get_bitmap(cur_nsec),
- ldns_rr_get_type(rr))) {
- type_covered = true;
- }
- }
- if (ldns_nsec_covers_name(cur_nsec, rr_name)) {
- name_covered = true;
- }
-
- if (ldns_dname_compare(wildcard_name,
- ldns_rr_owner(cur_nsec)) == 0) {
- if (ldns_nsec_bitmap_covers_type(ldns_nsec_get_bitmap(cur_nsec),
- ldns_rr_get_type(rr))) {
- wildcard_type_covered = true;
- }
- }
-
- if (ldns_nsec_covers_name(cur_nsec, wildcard_name)) {
- wildcard_covered = true;
- }
-
- }
-
- ldns_rdf_deep_free(wildcard_name);
-
- if (type_covered || !name_covered) {
- return LDNS_STATUS_DNSSEC_NSEC_RR_NOT_COVERED;
- }
-
- if (wildcard_type_covered || !wildcard_covered) {
- return LDNS_STATUS_DNSSEC_NSEC_WILDCARD_NOT_COVERED;
- }
-
- return LDNS_STATUS_OK;
-}
-
-#ifdef HAVE_SSL
-ldns_status
-ldns_dnssec_verify_denial_nsec3(ldns_rr *rr,
- ldns_rr_list *nsecs,
- ldns_rr_list *rrsigs,
- ldns_pkt_rcode packet_rcode,
- ldns_rr_type packet_qtype,
- bool packet_nodata)
-{
- ldns_rdf *closest_encloser;
- ldns_rdf *wildcard;
- ldns_rdf *hashed_wildcard_name;
- bool wildcard_covered = false;
- ldns_rdf *zone_name;
- ldns_rdf *hashed_name;
- size_t i;
- ldns_status result = LDNS_STATUS_DNSSEC_NSEC_RR_NOT_COVERED;
-
- rrsigs = rrsigs;
-
- zone_name = ldns_dname_left_chop(ldns_rr_owner(ldns_rr_list_rr(nsecs,0)));
-
- /* section 8.4 */
- if (packet_rcode == LDNS_RCODE_NXDOMAIN) {
- closest_encloser = ldns_dnssec_nsec3_closest_encloser(
- ldns_rr_owner(rr),
- ldns_rr_get_type(rr),
- nsecs);
- if(!closest_encloser) {
- result = LDNS_STATUS_NSEC3_ERR;
- goto done;
- }
-
- wildcard = ldns_dname_new_frm_str("*");
- (void) ldns_dname_cat(wildcard, closest_encloser);
-
- for (i = 0; i < ldns_rr_list_rr_count(nsecs); i++) {
- hashed_wildcard_name =
- ldns_nsec3_hash_name_frm_nsec3(ldns_rr_list_rr(nsecs, 0),
- wildcard
- );
- (void) ldns_dname_cat(hashed_wildcard_name, zone_name);
-
- if (ldns_nsec_covers_name(ldns_rr_list_rr(nsecs, i),
- hashed_wildcard_name)) {
- wildcard_covered = true;
- }
- ldns_rdf_deep_free(hashed_wildcard_name);
- }
-
- ldns_rdf_deep_free(closest_encloser);
- ldns_rdf_deep_free(wildcard);
-
- if (!wildcard_covered) {
- result = LDNS_STATUS_DNSSEC_NSEC_WILDCARD_NOT_COVERED;
- } else if (closest_encloser && wildcard_covered) {
- result = LDNS_STATUS_OK;
- } else {
- result = LDNS_STATUS_DNSSEC_NSEC_RR_NOT_COVERED;
- }
- } else if (packet_nodata && packet_qtype != LDNS_RR_TYPE_DS) {
- /* section 8.5 */
- hashed_name = ldns_nsec3_hash_name_frm_nsec3(
- ldns_rr_list_rr(nsecs, 0),
- ldns_rr_owner(rr));
- (void) ldns_dname_cat(hashed_name, zone_name);
- for (i = 0; i < ldns_rr_list_rr_count(nsecs); i++) {
- if (ldns_dname_compare(hashed_name,
- ldns_rr_owner(ldns_rr_list_rr(nsecs, i)))
- == 0) {
- if (!ldns_nsec_bitmap_covers_type(
- ldns_nsec3_bitmap(ldns_rr_list_rr(nsecs, i)),
- packet_qtype)
- &&
- !ldns_nsec_bitmap_covers_type(
- ldns_nsec3_bitmap(ldns_rr_list_rr(nsecs, i)),
- LDNS_RR_TYPE_CNAME)) {
- result = LDNS_STATUS_OK;
- goto done;
- }
- }
- }
- result = LDNS_STATUS_DNSSEC_NSEC_RR_NOT_COVERED;
- } else if (packet_nodata && packet_qtype == LDNS_RR_TYPE_DS) {
- /* section 8.6 */
- /* note: up to XXX this is the same as for 8.5 */
- hashed_name = ldns_nsec3_hash_name_frm_nsec3(ldns_rr_list_rr(nsecs,
- 0),
- ldns_rr_owner(rr)
- );
- (void) ldns_dname_cat(hashed_name, zone_name);
- for (i = 0; i < ldns_rr_list_rr_count(nsecs); i++) {
- if (ldns_dname_compare(hashed_name,
- ldns_rr_owner(ldns_rr_list_rr(nsecs,
- i)))
- == 0) {
- if (!ldns_nsec_bitmap_covers_type(
- ldns_nsec3_bitmap(ldns_rr_list_rr(nsecs, i)),
- LDNS_RR_TYPE_DS)
- &&
- !ldns_nsec_bitmap_covers_type(
- ldns_nsec3_bitmap(ldns_rr_list_rr(nsecs, i)),
- LDNS_RR_TYPE_CNAME)) {
- result = LDNS_STATUS_OK;
- goto done;
- }
- }
- }
-
- /* XXX see note above */
- result = LDNS_STATUS_DNSSEC_NSEC_RR_NOT_COVERED;
- }
-
- done:
- ldns_rdf_deep_free(zone_name);
- return result;
-}
-#endif /* HAVE_SSL */
-
-#ifdef USE_GOST
-EVP_PKEY*
-ldns_gost2pkey_raw(unsigned char* key, size_t keylen)
-{
- /* prefix header for X509 encoding */
- uint8_t asn[37] = { 0x30, 0x63, 0x30, 0x1c, 0x06, 0x06, 0x2a, 0x85,
- 0x03, 0x02, 0x02, 0x13, 0x30, 0x12, 0x06, 0x07, 0x2a, 0x85,
- 0x03, 0x02, 0x02, 0x23, 0x01, 0x06, 0x07, 0x2a, 0x85, 0x03,
- 0x02, 0x02, 0x1e, 0x01, 0x03, 0x43, 0x00, 0x04, 0x40};
- unsigned char encoded[37+64];
- const unsigned char* pp;
- if(keylen != 64) {
- /* key wrong size */
- return NULL;
- }
-
- /* create evp_key */
- memmove(encoded, asn, 37);
- memmove(encoded+37, key, 64);
- pp = (unsigned char*)&encoded[0];
-
- return d2i_PUBKEY(NULL, &pp, (int)sizeof(encoded));
-}
-
-static ldns_status
-ldns_verify_rrsig_gost_raw(unsigned char* sig, size_t siglen,
- ldns_buffer* rrset, unsigned char* key, size_t keylen)
-{
- EVP_PKEY *evp_key;
- ldns_status result;
-
- (void) ldns_key_EVP_load_gost_id();
- evp_key = ldns_gost2pkey_raw(key, keylen);
- if(!evp_key) {
- /* could not convert key */
- return LDNS_STATUS_CRYPTO_BOGUS;
- }
-
- /* verify signature */
- result = ldns_verify_rrsig_evp_raw(sig, siglen, rrset,
- evp_key, EVP_get_digestbyname("md_gost94"));
- EVP_PKEY_free(evp_key);
-
- return result;
-}
-#endif
-
-#ifdef USE_ECDSA
-EVP_PKEY*
-ldns_ecdsa2pkey_raw(unsigned char* key, size_t keylen, uint8_t algo)
-{
- unsigned char buf[256+2]; /* sufficient for 2*384/8+1 */
- const unsigned char* pp = buf;
- EVP_PKEY *evp_key;
- EC_KEY *ec;
- /* check length, which uncompressed must be 2 bignums */
- if(algo == LDNS_ECDSAP256SHA256) {
- if(keylen != 2*256/8) return NULL;
- ec = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
- } else if(algo == LDNS_ECDSAP384SHA384) {
- if(keylen != 2*384/8) return NULL;
- ec = EC_KEY_new_by_curve_name(NID_secp384r1);
- } else ec = NULL;
- if(!ec) return NULL;
- if(keylen+1 > sizeof(buf))
- return NULL; /* sanity check */
- /* prepend the 0x02 (from docs) (or actually 0x04 from implementation
- * of openssl) for uncompressed data */
- buf[0] = POINT_CONVERSION_UNCOMPRESSED;
- memmove(buf+1, key, keylen);
- if(!o2i_ECPublicKey(&ec, &pp, (int)keylen+1)) {
- EC_KEY_free(ec);
- return NULL;
- }
- evp_key = EVP_PKEY_new();
- if(!evp_key) {
- EC_KEY_free(ec);
- return NULL;
- }
- EVP_PKEY_assign_EC_KEY(evp_key, ec);
- return evp_key;
-}
-
-static ldns_status
-ldns_verify_rrsig_ecdsa_raw(unsigned char* sig, size_t siglen,
- ldns_buffer* rrset, unsigned char* key, size_t keylen, uint8_t algo)
-{
- EVP_PKEY *evp_key;
- ldns_status result;
- const EVP_MD *d;
-
- evp_key = ldns_ecdsa2pkey_raw(key, keylen, algo);
- if(!evp_key) {
- /* could not convert key */
- return LDNS_STATUS_CRYPTO_BOGUS;
- }
- if(algo == LDNS_ECDSAP256SHA256)
- d = EVP_sha256();
- else d = EVP_sha384(); /* LDNS_ECDSAP384SHA384 */
- result = ldns_verify_rrsig_evp_raw(sig, siglen, rrset, evp_key, d);
- EVP_PKEY_free(evp_key);
- return result;
-}
-#endif
-
-ldns_status
-ldns_verify_rrsig_buffers(ldns_buffer *rawsig_buf, ldns_buffer *verify_buf,
- ldns_buffer *key_buf, uint8_t algo)
-{
- return ldns_verify_rrsig_buffers_raw(
- (unsigned char*)ldns_buffer_begin(rawsig_buf),
- ldns_buffer_position(rawsig_buf),
- verify_buf,
- (unsigned char*)ldns_buffer_begin(key_buf),
- ldns_buffer_position(key_buf), algo);
-}
-
-ldns_status
-ldns_verify_rrsig_buffers_raw(unsigned char* sig, size_t siglen,
- ldns_buffer *verify_buf, unsigned char* key, size_t keylen,
- uint8_t algo)
-{
- /* check for right key */
- switch(algo) {
- case LDNS_DSA:
- case LDNS_DSA_NSEC3:
- return ldns_verify_rrsig_dsa_raw(sig,
- siglen,
- verify_buf,
- key,
- keylen);
- break;
- case LDNS_RSASHA1:
- case LDNS_RSASHA1_NSEC3:
- return ldns_verify_rrsig_rsasha1_raw(sig,
- siglen,
- verify_buf,
- key,
- keylen);
- break;
-#ifdef USE_SHA2
- case LDNS_RSASHA256:
- return ldns_verify_rrsig_rsasha256_raw(sig,
- siglen,
- verify_buf,
- key,
- keylen);
- break;
- case LDNS_RSASHA512:
- return ldns_verify_rrsig_rsasha512_raw(sig,
- siglen,
- verify_buf,
- key,
- keylen);
- break;
-#endif
-#ifdef USE_GOST
- case LDNS_ECC_GOST:
- return ldns_verify_rrsig_gost_raw(sig, siglen, verify_buf,
- key, keylen);
- break;
-#endif
-#ifdef USE_ECDSA
- case LDNS_ECDSAP256SHA256:
- case LDNS_ECDSAP384SHA384:
- return ldns_verify_rrsig_ecdsa_raw(sig, siglen, verify_buf,
- key, keylen, algo);
- break;
-#endif
- case LDNS_RSAMD5:
- return ldns_verify_rrsig_rsamd5_raw(sig,
- siglen,
- verify_buf,
- key,
- keylen);
- break;
- default:
- /* do you know this alg?! */
- return LDNS_STATUS_CRYPTO_UNKNOWN_ALGO;
- }
-}
-
-
-/**
- * Reset the ttl in the rrset with the orig_ttl from the sig
- * and update owner name if it was wildcard
- * Also canonicalizes the rrset.
- * @param rrset: rrset to modify
- * @param sig: signature to take TTL and wildcard values from
- */
-static void
-ldns_rrset_use_signature_ttl(ldns_rr_list* rrset_clone, ldns_rr* rrsig)
-{
- uint32_t orig_ttl;
- uint16_t i;
- uint8_t label_count;
- ldns_rdf *wildcard_name;
- ldns_rdf *wildcard_chopped;
- ldns_rdf *wildcard_chopped_tmp;
-
- orig_ttl = ldns_rdf2native_int32( ldns_rr_rdf(rrsig, 3));
- label_count = ldns_rdf2native_int8(ldns_rr_rdf(rrsig, 2));
-
- for(i = 0; i < ldns_rr_list_rr_count(rrset_clone); i++) {
- if (label_count <
- ldns_dname_label_count(
- ldns_rr_owner(ldns_rr_list_rr(rrset_clone, i)))) {
- (void) ldns_str2rdf_dname(&wildcard_name, "*");
- wildcard_chopped = ldns_rdf_clone(ldns_rr_owner(
- ldns_rr_list_rr(rrset_clone, i)));
- while (label_count < ldns_dname_label_count(wildcard_chopped)) {
- wildcard_chopped_tmp = ldns_dname_left_chop(
- wildcard_chopped);
- ldns_rdf_deep_free(wildcard_chopped);
- wildcard_chopped = wildcard_chopped_tmp;
- }
- (void) ldns_dname_cat(wildcard_name, wildcard_chopped);
- ldns_rdf_deep_free(wildcard_chopped);
- ldns_rdf_deep_free(ldns_rr_owner(ldns_rr_list_rr(
- rrset_clone, i)));
- ldns_rr_set_owner(ldns_rr_list_rr(rrset_clone, i),
- wildcard_name);
- }
- ldns_rr_set_ttl(ldns_rr_list_rr(rrset_clone, i), orig_ttl);
- /* convert to lowercase */
- ldns_rr2canonical(ldns_rr_list_rr(rrset_clone, i));
- }
-}
-
-/**
- * Make raw signature buffer out of rrsig
- * @param rawsig_buf: raw signature buffer for result
- * @param rrsig: signature to convert
- * @return OK or more specific error.
- */
-static ldns_status
-ldns_rrsig2rawsig_buffer(ldns_buffer* rawsig_buf, ldns_rr* rrsig)
-{
- uint8_t sig_algo = ldns_rdf2native_int8(ldns_rr_rdf(rrsig, 1));
- /* check for known and implemented algo's now (otherwise
- * the function could return a wrong error
- */
- /* create a buffer with signature rdata */
- /* for some algorithms we need other data than for others... */
- /* (the DSA API wants DER encoding for instance) */
-
- switch(sig_algo) {
- case LDNS_RSAMD5:
- case LDNS_RSASHA1:
- case LDNS_RSASHA1_NSEC3:
-#ifdef USE_SHA2
- case LDNS_RSASHA256:
- case LDNS_RSASHA512:
-#endif
-#ifdef USE_GOST
- case LDNS_ECC_GOST:
-#endif
- if (ldns_rdf2buffer_wire(rawsig_buf,
- ldns_rr_rdf(rrsig, 8)) != LDNS_STATUS_OK) {
- return LDNS_STATUS_MEM_ERR;
- }
- break;
- case LDNS_DSA:
- case LDNS_DSA_NSEC3:
- /* EVP takes rfc2459 format, which is a tad longer than dns format */
- if (ldns_convert_dsa_rrsig_rdf2asn1(rawsig_buf,
- ldns_rr_rdf(rrsig, 8)) != LDNS_STATUS_OK) {
- /*
- if (ldns_rdf2buffer_wire(rawsig_buf,
- ldns_rr_rdf(rrsig, 8)) != LDNS_STATUS_OK) {
- */
- return LDNS_STATUS_MEM_ERR;
- }
- break;
-#ifdef USE_ECDSA
- case LDNS_ECDSAP256SHA256:
- case LDNS_ECDSAP384SHA384:
- /* EVP produces an ASN prefix on the signature, which is
- * not used in the DNS */
- if (ldns_convert_ecdsa_rrsig_rdf2asn1(rawsig_buf,
- ldns_rr_rdf(rrsig, 8)) != LDNS_STATUS_OK) {
- return LDNS_STATUS_MEM_ERR;
- }
- break;
-#endif
- case LDNS_DH:
- case LDNS_ECC:
- case LDNS_INDIRECT:
- return LDNS_STATUS_CRYPTO_ALGO_NOT_IMPL;
- default:
- return LDNS_STATUS_CRYPTO_UNKNOWN_ALGO;
- }
- return LDNS_STATUS_OK;
-}
-
-/**
- * Check RRSIG timestamps against the given 'now' time.
- * @param rrsig: signature to check.
- * @param now: the current time in seconds epoch.
- * @return status code LDNS_STATUS_OK if all is fine.
- */
-static ldns_status
-ldns_rrsig_check_timestamps(ldns_rr* rrsig, int32_t now)
-{
- int32_t inception, expiration;
-
- /* check the signature time stamps */
- inception = (int32_t)ldns_rdf2native_time_t(
- ldns_rr_rrsig_inception(rrsig));
- expiration = (int32_t)ldns_rdf2native_time_t(
- ldns_rr_rrsig_expiration(rrsig));
-
- if (expiration - inception < 0) {
- /* bad sig, expiration before inception?? Tsssg */
- return LDNS_STATUS_CRYPTO_EXPIRATION_BEFORE_INCEPTION;
- }
- if (now - inception < 0) {
- /* bad sig, inception date has not yet come to pass */
- return LDNS_STATUS_CRYPTO_SIG_NOT_INCEPTED;
- }
- if (expiration - now < 0) {
- /* bad sig, expiration date has passed */
- return LDNS_STATUS_CRYPTO_SIG_EXPIRED;
- }
- return LDNS_STATUS_OK;
-}
-
-/**
- * Prepare for verification.
- * @param rawsig_buf: raw signature buffer made ready.
- * @param verify_buf: data for verification buffer made ready.
- * @param rrset_clone: made ready.
- * @param rrsig: signature to prepare for.
- * @return LDNS_STATUS_OK is all went well. Otherwise specific error.
- */
-static ldns_status
-ldns_prepare_for_verify(ldns_buffer* rawsig_buf, ldns_buffer* verify_buf,
- ldns_rr_list* rrset_clone, ldns_rr* rrsig)
-{
- ldns_status result;
-
- /* canonicalize the sig */
- ldns_dname2canonical(ldns_rr_owner(rrsig));
-
- /* check if the typecovered is equal to the type checked */
- if (ldns_rdf2rr_type(ldns_rr_rrsig_typecovered(rrsig)) !=
- ldns_rr_get_type(ldns_rr_list_rr(rrset_clone, 0)))
- return LDNS_STATUS_CRYPTO_TYPE_COVERED_ERR;
-
- /* create a buffer with b64 signature rdata */
- result = ldns_rrsig2rawsig_buffer(rawsig_buf, rrsig);
- if(result != LDNS_STATUS_OK)
- return result;
-
- /* use TTL from signature. Use wildcard names for wildcards */
- /* also canonicalizes rrset_clone */
- ldns_rrset_use_signature_ttl(rrset_clone, rrsig);
-
- /* sort the rrset in canonical order */
- ldns_rr_list_sort(rrset_clone);
-
- /* put the signature rr (without the b64) to the verify_buf */
- if (ldns_rrsig2buffer_wire(verify_buf, rrsig) != LDNS_STATUS_OK)
- return LDNS_STATUS_MEM_ERR;
-
- /* add the rrset in verify_buf */
- if(ldns_rr_list2buffer_wire(verify_buf, rrset_clone)
- != LDNS_STATUS_OK)
- return LDNS_STATUS_MEM_ERR;
-
- return LDNS_STATUS_OK;
-}
-
-/**
- * Check if a key matches a signature.
- * Checks keytag, sigalgo and signature.
- * @param rawsig_buf: raw signature buffer for verify
- * @param verify_buf: raw data buffer for verify
- * @param rrsig: the rrsig
- * @param key: key to attempt.
- * @return LDNS_STATUS_OK if OK, else some specific error.
- */
-static ldns_status
-ldns_verify_test_sig_key(ldns_buffer* rawsig_buf, ldns_buffer* verify_buf,
- ldns_rr* rrsig, ldns_rr* key)
-{
- uint8_t sig_algo = ldns_rdf2native_int8(ldns_rr_rdf(rrsig, 1));
-
- /* before anything, check if the keytags match */
- if (ldns_calc_keytag(key)
- ==
- ldns_rdf2native_int16(ldns_rr_rrsig_keytag(rrsig))
- ) {
- ldns_buffer* key_buf = ldns_buffer_new(LDNS_MAX_PACKETLEN);
- ldns_status result = LDNS_STATUS_ERR;
-
- /* put the key-data in a buffer, that's the third rdf, with
- * the base64 encoded key data */
- if (ldns_rdf2buffer_wire(key_buf, ldns_rr_rdf(key, 3))
- != LDNS_STATUS_OK) {
- ldns_buffer_free(key_buf);
- /* returning is bad might screw up
- good keys later in the list
- what to do? */
- return LDNS_STATUS_ERR;
- }
-
- if (sig_algo == ldns_rdf2native_int8(ldns_rr_rdf(key, 2))) {
- result = ldns_verify_rrsig_buffers(rawsig_buf,
- verify_buf, key_buf, sig_algo);
- } else {
- /* No keys with the corresponding algorithm are found */
- result = LDNS_STATUS_CRYPTO_NO_MATCHING_KEYTAG_DNSKEY;
- }
-
- ldns_buffer_free(key_buf);
- return result;
- }
- else {
- /* No keys with the corresponding keytag are found */
- return LDNS_STATUS_CRYPTO_NO_MATCHING_KEYTAG_DNSKEY;
- }
-}
-
-/*
- * to verify:
- * - create the wire fmt of the b64 key rdata
- * - create the wire fmt of the sorted rrset
- * - create the wire fmt of the b64 sig rdata
- * - create the wire fmt of the sig without the b64 rdata
- * - cat the sig data (without b64 rdata) to the rrset
- * - verify the rrset+sig, with the b64 data and the b64 key data
- */
-ldns_status
-ldns_verify_rrsig_keylist(ldns_rr_list *rrset,
- ldns_rr *rrsig,
- const ldns_rr_list *keys,
- ldns_rr_list *good_keys)
-{
- ldns_status result;
- ldns_rr_list *valid = ldns_rr_list_new();
- if (!valid)
- return LDNS_STATUS_MEM_ERR;
-
- result = ldns_verify_rrsig_keylist_notime(rrset, rrsig, keys, valid);
- if(result != LDNS_STATUS_OK) {
- ldns_rr_list_free(valid);
- return result;
- }
-
- /* check timestamps last; its OK except time */
- result = ldns_rrsig_check_timestamps(rrsig, (int32_t)time(NULL));
- if(result != LDNS_STATUS_OK) {
- ldns_rr_list_free(valid);
- return result;
- }
-
- ldns_rr_list_cat(good_keys, valid);
- ldns_rr_list_free(valid);
- return LDNS_STATUS_OK;
-}
-
-ldns_status
-ldns_verify_rrsig_keylist_notime(ldns_rr_list *rrset,
- ldns_rr *rrsig,
- const ldns_rr_list *keys,
- ldns_rr_list *good_keys)
-{
- ldns_buffer *rawsig_buf;
- ldns_buffer *verify_buf;
- uint16_t i;
- ldns_status result, status;
- ldns_rr_list *rrset_clone;
- ldns_rr_list *validkeys;
-
- if (!rrset) {
- return LDNS_STATUS_ERR;
- }
-
- validkeys = ldns_rr_list_new();
- if (!validkeys) {
- return LDNS_STATUS_MEM_ERR;
- }
-
- /* clone the rrset so that we can fiddle with it */
- rrset_clone = ldns_rr_list_clone(rrset);
-
- /* create the buffers which will certainly hold the raw data */
- rawsig_buf = ldns_buffer_new(LDNS_MAX_PACKETLEN);
- verify_buf = ldns_buffer_new(LDNS_MAX_PACKETLEN);
-
- result = ldns_prepare_for_verify(rawsig_buf, verify_buf,
- rrset_clone, rrsig);
- if(result != LDNS_STATUS_OK) {
- ldns_buffer_free(verify_buf);
- ldns_buffer_free(rawsig_buf);
- ldns_rr_list_deep_free(rrset_clone);
- ldns_rr_list_free(validkeys);
- return result;
- }
-
- result = LDNS_STATUS_CRYPTO_NO_MATCHING_KEYTAG_DNSKEY;
- for(i = 0; i < ldns_rr_list_rr_count(keys); i++) {
- status = ldns_verify_test_sig_key(rawsig_buf, verify_buf,
- rrsig, ldns_rr_list_rr(keys, i));
- if (status == LDNS_STATUS_OK) {
- /* one of the keys has matched, don't break
- * here, instead put the 'winning' key in
- * the validkey list and return the list
- * later */
- if (!ldns_rr_list_push_rr(validkeys,
- ldns_rr_list_rr(keys,i))) {
- /* couldn't push the key?? */
- ldns_buffer_free(rawsig_buf);
- ldns_buffer_free(verify_buf);
- ldns_rr_list_deep_free(rrset_clone);
- ldns_rr_list_free(validkeys);
- return LDNS_STATUS_MEM_ERR;
- }
-
- result = status;
- }
-
- if (result == LDNS_STATUS_CRYPTO_NO_MATCHING_KEYTAG_DNSKEY) {
- result = status;
- }
- }
-
- /* no longer needed */
- ldns_rr_list_deep_free(rrset_clone);
- ldns_buffer_free(rawsig_buf);
- ldns_buffer_free(verify_buf);
-
- if (ldns_rr_list_rr_count(validkeys) == 0) {
- /* no keys were added, return last error */
- ldns_rr_list_free(validkeys);
- return result;
- }
-
- /* do not check timestamps */
-
- ldns_rr_list_cat(good_keys, validkeys);
- ldns_rr_list_free(validkeys);
- return LDNS_STATUS_OK;
-}
-
-ldns_status
-ldns_verify_rrsig(ldns_rr_list *rrset, ldns_rr *rrsig, ldns_rr *key)
-{
- ldns_buffer *rawsig_buf;
- ldns_buffer *verify_buf;
- ldns_status result;
- ldns_rr_list *rrset_clone;
-
- if (!rrset) {
- return LDNS_STATUS_NO_DATA;
- }
- /* clone the rrset so that we can fiddle with it */
- rrset_clone = ldns_rr_list_clone(rrset);
- /* create the buffers which will certainly hold the raw data */
- rawsig_buf = ldns_buffer_new(LDNS_MAX_PACKETLEN);
- verify_buf = ldns_buffer_new(LDNS_MAX_PACKETLEN);
-
- result = ldns_prepare_for_verify(rawsig_buf, verify_buf,
- rrset_clone, rrsig);
- if(result != LDNS_STATUS_OK) {
- ldns_rr_list_deep_free(rrset_clone);
- ldns_buffer_free(rawsig_buf);
- ldns_buffer_free(verify_buf);
- return result;
- }
- result = ldns_verify_test_sig_key(rawsig_buf, verify_buf,
- rrsig, key);
- /* no longer needed */
- ldns_rr_list_deep_free(rrset_clone);
- ldns_buffer_free(rawsig_buf);
- ldns_buffer_free(verify_buf);
-
- /* check timestamp last, apart from time its OK */
- if(result == LDNS_STATUS_OK)
- result = ldns_rrsig_check_timestamps(rrsig,
- (int32_t)time(NULL));
-
- return result;
-}
-
-ldns_status
-ldns_verify_rrsig_evp(ldns_buffer *sig,
- ldns_buffer *rrset,
- EVP_PKEY *key,
- const EVP_MD *digest_type)
-{
- return ldns_verify_rrsig_evp_raw(
- (unsigned char*)ldns_buffer_begin(sig),
- ldns_buffer_position(sig),
- rrset,
- key,
- digest_type);
-}
-
-ldns_status
-ldns_verify_rrsig_evp_raw(unsigned char *sig, size_t siglen,
- ldns_buffer *rrset, EVP_PKEY *key, const EVP_MD *digest_type)
-{
- EVP_MD_CTX ctx;
- int res;
-
- EVP_MD_CTX_init(&ctx);
-
- EVP_VerifyInit(&ctx, digest_type);
- EVP_VerifyUpdate(&ctx,
- ldns_buffer_begin(rrset),
- ldns_buffer_position(rrset));
- res = EVP_VerifyFinal(&ctx, sig, (unsigned int) siglen, key);
-
- EVP_MD_CTX_cleanup(&ctx);
-
- if (res == 1) {
- return LDNS_STATUS_OK;
- } else if (res == 0) {
- return LDNS_STATUS_CRYPTO_BOGUS;
- }
- /* TODO how to communicate internal SSL error?
- let caller use ssl's get_error() */
- return LDNS_STATUS_SSL_ERR;
-}
-
-ldns_status
-ldns_verify_rrsig_dsa(ldns_buffer *sig, ldns_buffer *rrset, ldns_buffer *key)
-{
- return ldns_verify_rrsig_dsa_raw(
- (unsigned char*) ldns_buffer_begin(sig),
- ldns_buffer_position(sig),
- rrset,
- (unsigned char*) ldns_buffer_begin(key),
- ldns_buffer_position(key));
-}
-
-ldns_status
-ldns_verify_rrsig_rsasha1(ldns_buffer *sig, ldns_buffer *rrset, ldns_buffer *key)
-{
- return ldns_verify_rrsig_rsasha1_raw(
- (unsigned char*)ldns_buffer_begin(sig),
- ldns_buffer_position(sig),
- rrset,
- (unsigned char*) ldns_buffer_begin(key),
- ldns_buffer_position(key));
-}
-
-ldns_status
-ldns_verify_rrsig_rsamd5(ldns_buffer *sig, ldns_buffer *rrset, ldns_buffer *key)
-{
- return ldns_verify_rrsig_rsamd5_raw(
- (unsigned char*)ldns_buffer_begin(sig),
- ldns_buffer_position(sig),
- rrset,
- (unsigned char*) ldns_buffer_begin(key),
- ldns_buffer_position(key));
-}
-
-ldns_status
-ldns_verify_rrsig_dsa_raw(unsigned char* sig, size_t siglen,
- ldns_buffer* rrset, unsigned char* key, size_t keylen)
-{
- EVP_PKEY *evp_key;
- ldns_status result;
-
- evp_key = EVP_PKEY_new();
- EVP_PKEY_assign_DSA(evp_key, ldns_key_buf2dsa_raw(key, keylen));
- result = ldns_verify_rrsig_evp_raw(sig,
- siglen,
- rrset,
- evp_key,
- EVP_dss1());
- EVP_PKEY_free(evp_key);
- return result;
-
-}
-
-ldns_status
-ldns_verify_rrsig_rsasha1_raw(unsigned char* sig, size_t siglen,
- ldns_buffer* rrset, unsigned char* key, size_t keylen)
-{
- EVP_PKEY *evp_key;
- ldns_status result;
-
- evp_key = EVP_PKEY_new();
- EVP_PKEY_assign_RSA(evp_key, ldns_key_buf2rsa_raw(key, keylen));
- result = ldns_verify_rrsig_evp_raw(sig,
- siglen,
- rrset,
- evp_key,
- EVP_sha1());
- EVP_PKEY_free(evp_key);
-
- return result;
-}
-
-ldns_status
-ldns_verify_rrsig_rsasha256_raw(unsigned char* sig,
- size_t siglen,
- ldns_buffer* rrset,
- unsigned char* key,
- size_t keylen)
-{
-#ifdef USE_SHA2
- EVP_PKEY *evp_key;
- ldns_status result;
-
- evp_key = EVP_PKEY_new();
- EVP_PKEY_assign_RSA(evp_key, ldns_key_buf2rsa_raw(key, keylen));
- result = ldns_verify_rrsig_evp_raw(sig,
- siglen,
- rrset,
- evp_key,
- EVP_sha256());
- EVP_PKEY_free(evp_key);
-
- return result;
-#else
- /* touch these to prevent compiler warnings */
- (void) sig;
- (void) siglen;
- (void) rrset;
- (void) key;
- (void) keylen;
- return LDNS_STATUS_CRYPTO_UNKNOWN_ALGO;
-#endif
-}
-
-ldns_status
-ldns_verify_rrsig_rsasha512_raw(unsigned char* sig,
- size_t siglen,
- ldns_buffer* rrset,
- unsigned char* key,
- size_t keylen)
-{
-#ifdef USE_SHA2
- EVP_PKEY *evp_key;
- ldns_status result;
-
- evp_key = EVP_PKEY_new();
- EVP_PKEY_assign_RSA(evp_key, ldns_key_buf2rsa_raw(key, keylen));
- result = ldns_verify_rrsig_evp_raw(sig,
- siglen,
- rrset,
- evp_key,
- EVP_sha512());
- EVP_PKEY_free(evp_key);
-
- return result;
-#else
- /* touch these to prevent compiler warnings */
- (void) sig;
- (void) siglen;
- (void) rrset;
- (void) key;
- (void) keylen;
- return LDNS_STATUS_CRYPTO_UNKNOWN_ALGO;
-#endif
-}
-
-
-ldns_status
-ldns_verify_rrsig_rsamd5_raw(unsigned char* sig,
- size_t siglen,
- ldns_buffer* rrset,
- unsigned char* key,
- size_t keylen)
-{
- EVP_PKEY *evp_key;
- ldns_status result;
-
- evp_key = EVP_PKEY_new();
- EVP_PKEY_assign_RSA(evp_key, ldns_key_buf2rsa_raw(key, keylen));
- result = ldns_verify_rrsig_evp_raw(sig,
- siglen,
- rrset,
- evp_key,
- EVP_md5());
- EVP_PKEY_free(evp_key);
-
- return result;
-}
-
-#endif
+++ /dev/null
-/*
- * special zone file structures and functions for better dnssec handling
- */
-
-#include <ldns/config.h>
-
-#include <ldns/ldns.h>
-
-ldns_dnssec_rrs *
-ldns_dnssec_rrs_new()
-{
- ldns_dnssec_rrs *new_rrs;
- new_rrs = LDNS_MALLOC(ldns_dnssec_rrs);
- if(!new_rrs) return NULL;
- new_rrs->rr = NULL;
- new_rrs->next = NULL;
- return new_rrs;
-}
-
-INLINE void
-ldns_dnssec_rrs_free_internal(ldns_dnssec_rrs *rrs, int deep)
-{
- ldns_dnssec_rrs *next;
- while (rrs) {
- next = rrs->next;
- if (deep) {
- ldns_rr_free(rrs->rr);
- }
- LDNS_FREE(rrs);
- rrs = next;
- }
-}
-
-void
-ldns_dnssec_rrs_free(ldns_dnssec_rrs *rrs)
-{
- ldns_dnssec_rrs_free_internal(rrs, 0);
-}
-
-void
-ldns_dnssec_rrs_deep_free(ldns_dnssec_rrs *rrs)
-{
- ldns_dnssec_rrs_free_internal(rrs, 1);
-}
-
-ldns_status
-ldns_dnssec_rrs_add_rr(ldns_dnssec_rrs *rrs, ldns_rr *rr)
-{
- int cmp;
- ldns_dnssec_rrs *new_rrs;
- if (!rrs || !rr) {
- return LDNS_STATUS_ERR;
- }
-
- /* this could be done more efficiently; name and type should already
- be equal */
- cmp = ldns_rr_compare(rrs->rr,
- rr);
- /* should we error on equal? */
- if (cmp <= 0) {
- if (rrs->next) {
- return ldns_dnssec_rrs_add_rr(rrs->next, rr);
- } else {
- new_rrs = ldns_dnssec_rrs_new();
- new_rrs->rr = rr;
- rrs->next = new_rrs;
- }
- } else if (cmp > 0) {
- /* put the current old rr in the new next, put the new
- rr in the current container */
- new_rrs = ldns_dnssec_rrs_new();
- new_rrs->rr = rrs->rr;
- new_rrs->next = rrs->next;
- rrs->rr = rr;
- rrs->next = new_rrs;
- }
- return LDNS_STATUS_OK;
-}
-
-void
-ldns_dnssec_rrs_print(FILE *out, ldns_dnssec_rrs *rrs)
-{
- if (!rrs) {
- fprintf(out, "<void>");
- } else {
- if (rrs->rr) {
- ldns_rr_print(out, rrs->rr);
- }
- if (rrs->next) {
- ldns_dnssec_rrs_print(out, rrs->next);
- }
- }
-}
-
-ldns_dnssec_rrsets *
-ldns_dnssec_rrsets_new()
-{
- ldns_dnssec_rrsets *new_rrsets;
- new_rrsets = LDNS_MALLOC(ldns_dnssec_rrsets);
- if(!new_rrsets) return NULL;
- new_rrsets->rrs = NULL;
- new_rrsets->type = 0;
- new_rrsets->signatures = NULL;
- new_rrsets->next = NULL;
- return new_rrsets;
-}
-
-INLINE void
-ldns_dnssec_rrsets_free_internal(ldns_dnssec_rrsets *rrsets, int deep)
-{
- if (rrsets) {
- if (rrsets->rrs) {
- ldns_dnssec_rrs_free_internal(rrsets->rrs, deep);
- }
- if (rrsets->next) {
- ldns_dnssec_rrsets_free_internal(rrsets->next, deep);
- }
- if (rrsets->signatures) {
- ldns_dnssec_rrs_free_internal(rrsets->signatures, deep);
- }
- LDNS_FREE(rrsets);
- }
-}
-
-void
-ldns_dnssec_rrsets_free(ldns_dnssec_rrsets *rrsets)
-{
- ldns_dnssec_rrsets_free_internal(rrsets, 0);
-}
-
-void
-ldns_dnssec_rrsets_deep_free(ldns_dnssec_rrsets *rrsets)
-{
- ldns_dnssec_rrsets_free_internal(rrsets, 1);
-}
-
-ldns_rr_type
-ldns_dnssec_rrsets_type(ldns_dnssec_rrsets *rrsets)
-{
- if (rrsets) {
- return rrsets->type;
- } else {
- return 0;
- }
-}
-
-ldns_status
-ldns_dnssec_rrsets_set_type(ldns_dnssec_rrsets *rrsets,
- ldns_rr_type type)
-{
- if (rrsets) {
- rrsets->type = type;
- return LDNS_STATUS_OK;
- }
- return LDNS_STATUS_ERR;
-}
-
-ldns_dnssec_rrsets *
-ldns_dnssec_rrsets_new_frm_rr(ldns_rr *rr)
-{
- ldns_dnssec_rrsets *new_rrsets;
- ldns_rr_type rr_type;
- bool rrsig;
-
- new_rrsets = ldns_dnssec_rrsets_new();
- rr_type = ldns_rr_get_type(rr);
- if (rr_type == LDNS_RR_TYPE_RRSIG) {
- rrsig = true;
- rr_type = ldns_rdf2rr_type(ldns_rr_rrsig_typecovered(rr));
- } else {
- rrsig = false;
- }
- if (!rrsig) {
- new_rrsets->rrs = ldns_dnssec_rrs_new();
- new_rrsets->rrs->rr = rr;
- } else {
- new_rrsets->signatures = ldns_dnssec_rrs_new();
- new_rrsets->signatures->rr = rr;
- }
- new_rrsets->type = rr_type;
- return new_rrsets;
-}
-
-ldns_status
-ldns_dnssec_rrsets_add_rr(ldns_dnssec_rrsets *rrsets, ldns_rr *rr)
-{
- ldns_dnssec_rrsets *new_rrsets;
- ldns_rr_type rr_type;
- bool rrsig = false;
- ldns_status result = LDNS_STATUS_OK;
-
- if (!rrsets || !rr) {
- return LDNS_STATUS_ERR;
- }
-
- rr_type = ldns_rr_get_type(rr);
-
- if (rr_type == LDNS_RR_TYPE_RRSIG) {
- rrsig = true;
- rr_type = ldns_rdf2rr_type(ldns_rr_rrsig_typecovered(rr));
- }
-
- if (!rrsets->rrs && rrsets->type == 0 && !rrsets->signatures) {
- if (!rrsig) {
- rrsets->rrs = ldns_dnssec_rrs_new();
- rrsets->rrs->rr = rr;
- rrsets->type = rr_type;
- } else {
- rrsets->signatures = ldns_dnssec_rrs_new();
- rrsets->signatures->rr = rr;
- rrsets->type = rr_type;
- }
- return LDNS_STATUS_OK;
- }
-
- if (rr_type > ldns_dnssec_rrsets_type(rrsets)) {
- if (rrsets->next) {
- result = ldns_dnssec_rrsets_add_rr(rrsets->next, rr);
- } else {
- new_rrsets = ldns_dnssec_rrsets_new_frm_rr(rr);
- rrsets->next = new_rrsets;
- }
- } else if (rr_type < ldns_dnssec_rrsets_type(rrsets)) {
- /* move the current one into the new next,
- replace field of current with data from new rr */
- new_rrsets = ldns_dnssec_rrsets_new();
- new_rrsets->rrs = rrsets->rrs;
- new_rrsets->type = rrsets->type;
- new_rrsets->signatures = rrsets->signatures;
- new_rrsets->next = rrsets->next;
- if (!rrsig) {
- rrsets->rrs = ldns_dnssec_rrs_new();
- rrsets->rrs->rr = rr;
- rrsets->signatures = NULL;
- } else {
- rrsets->rrs = NULL;
- rrsets->signatures = ldns_dnssec_rrs_new();
- rrsets->signatures->rr = rr;
- }
- rrsets->type = rr_type;
- rrsets->next = new_rrsets;
- } else {
- /* equal, add to current rrsets */
- if (rrsig) {
- if (rrsets->signatures) {
- result = ldns_dnssec_rrs_add_rr(rrsets->signatures, rr);
- } else {
- rrsets->signatures = ldns_dnssec_rrs_new();
- rrsets->signatures->rr = rr;
- }
- } else {
- if (rrsets->rrs) {
- result = ldns_dnssec_rrs_add_rr(rrsets->rrs, rr);
- } else {
- rrsets->rrs = ldns_dnssec_rrs_new();
- rrsets->rrs->rr = rr;
- }
- }
- }
-
- return result;
-}
-
-void
-ldns_dnssec_rrsets_print_soa(FILE *out,
- ldns_dnssec_rrsets *rrsets,
- bool follow,
- bool show_soa)
-{
- if (!rrsets) {
- fprintf(out, "<void>\n");
- } else {
- if (rrsets->rrs &&
- (show_soa ||
- ldns_rr_get_type(rrsets->rrs->rr) != LDNS_RR_TYPE_SOA
- )
- ) {
- ldns_dnssec_rrs_print(out, rrsets->rrs);
- if (rrsets->signatures) {
- ldns_dnssec_rrs_print(out, rrsets->signatures);
- }
- }
- if (follow && rrsets->next) {
- ldns_dnssec_rrsets_print_soa(out, rrsets->next, follow, show_soa);
- }
- }
-}
-
-void
-ldns_dnssec_rrsets_print(FILE *out, ldns_dnssec_rrsets *rrsets, bool follow)
-{
- ldns_dnssec_rrsets_print_soa(out, rrsets, follow, true);
-}
-
-ldns_dnssec_name *
-ldns_dnssec_name_new()
-{
- ldns_dnssec_name *new_name;
-
- new_name = LDNS_MALLOC(ldns_dnssec_name);
- if (!new_name) {
- return NULL;
- }
-
- new_name->name = NULL;
- new_name->rrsets = NULL;
- new_name->name_alloced = false;
- new_name->nsec = NULL;
- new_name->nsec_signatures = NULL;
-
- new_name->is_glue = false;
- new_name->hashed_name = NULL;
-
- return new_name;
-}
-
-ldns_dnssec_name *
-ldns_dnssec_name_new_frm_rr(ldns_rr *rr)
-{
- ldns_dnssec_name *new_name = ldns_dnssec_name_new();
-
- new_name->name = ldns_rr_owner(rr);
- if(ldns_dnssec_name_add_rr(new_name, rr) != LDNS_STATUS_OK) {
- ldns_dnssec_name_free(new_name);
- return NULL;
- }
-
- return new_name;
-}
-
-INLINE void
-ldns_dnssec_name_free_internal(ldns_dnssec_name *name,
- int deep)
-{
- if (name) {
- if (name->name_alloced) {
- ldns_rdf_deep_free(name->name);
- }
- if (name->rrsets) {
- ldns_dnssec_rrsets_free_internal(name->rrsets, deep);
- }
- if (name->nsec && deep) {
- ldns_rr_free(name->nsec);
- }
- if (name->nsec_signatures) {
- ldns_dnssec_rrs_free_internal(name->nsec_signatures, deep);
- }
- if (name->hashed_name) {
- if (deep) {
- ldns_rdf_deep_free(name->hashed_name);
- }
- }
- LDNS_FREE(name);
- }
-}
-
-void
-ldns_dnssec_name_free(ldns_dnssec_name *name)
-{
- ldns_dnssec_name_free_internal(name, 0);
-}
-
-void
-ldns_dnssec_name_deep_free(ldns_dnssec_name *name)
-{
- ldns_dnssec_name_free_internal(name, 1);
-}
-
-ldns_rdf *
-ldns_dnssec_name_name(ldns_dnssec_name *name)
-{
- if (name) {
- return name->name;
- }
- return NULL;
-}
-
-void
-ldns_dnssec_name_set_name(ldns_dnssec_name *rrset,
- ldns_rdf *dname)
-{
- if (rrset && dname) {
- rrset->name = dname;
- }
-}
-
-ldns_rr *
-ldns_dnssec_name_nsec(ldns_dnssec_name *rrset)
-{
- if (rrset) {
- return rrset->nsec;
- }
- return NULL;
-}
-
-void
-ldns_dnssec_name_set_nsec(ldns_dnssec_name *rrset, ldns_rr *nsec)
-{
- if (rrset && nsec) {
- rrset->nsec = nsec;
- }
-}
-
-int
-ldns_dnssec_name_cmp(const void *a, const void *b)
-{
- ldns_dnssec_name *na = (ldns_dnssec_name *) a;
- ldns_dnssec_name *nb = (ldns_dnssec_name *) b;
-
- if (na && nb) {
- return ldns_dname_compare(ldns_dnssec_name_name(na),
- ldns_dnssec_name_name(nb));
- } else if (na) {
- return 1;
- } else if (nb) {
- return -1;
- } else {
- return 0;
- }
-}
-
-ldns_status
-ldns_dnssec_name_add_rr(ldns_dnssec_name *name,
- ldns_rr *rr)
-{
- ldns_status result = LDNS_STATUS_OK;
- ldns_rdf *name_name;
- bool hashed_name = false;
- ldns_rr_type rr_type;
- ldns_rr_type typecovered = 0;
-
- /* special handling for NSEC3 and NSECX covering RRSIGS */
-
- if (!name || !rr) {
- return LDNS_STATUS_ERR;
- }
-
- rr_type = ldns_rr_get_type(rr);
-
- if (rr_type == LDNS_RR_TYPE_RRSIG) {
- typecovered = ldns_rdf2rr_type(ldns_rr_rrsig_typecovered(rr));
- }
-
-#ifdef HAVE_SSL
- if (rr_type == LDNS_RR_TYPE_NSEC3 ||
- typecovered == LDNS_RR_TYPE_NSEC3) {
- name_name = ldns_nsec3_hash_name_frm_nsec3(rr,
- ldns_dnssec_name_name(name));
- hashed_name = true;
- } else {
- name_name = ldns_dnssec_name_name(name);
- }
-#else
- name_name = ldns_dnssec_name_name(name);
-#endif /* HAVE_SSL */
-
- if (rr_type == LDNS_RR_TYPE_NSEC ||
- rr_type == LDNS_RR_TYPE_NSEC3) {
- /* XX check if is already set (and error?) */
- name->nsec = rr;
- } else if (typecovered == LDNS_RR_TYPE_NSEC ||
- typecovered == LDNS_RR_TYPE_NSEC3) {
- if (name->nsec_signatures) {
- result = ldns_dnssec_rrs_add_rr(name->nsec_signatures, rr);
- } else {
- name->nsec_signatures = ldns_dnssec_rrs_new();
- name->nsec_signatures->rr = rr;
- }
- } else {
- /* it's a 'normal' RR, add it to the right rrset */
- if (name->rrsets) {
- result = ldns_dnssec_rrsets_add_rr(name->rrsets, rr);
- } else {
- name->rrsets = ldns_dnssec_rrsets_new();
- result = ldns_dnssec_rrsets_add_rr(name->rrsets, rr);
- }
- }
-
- if (hashed_name) {
- ldns_rdf_deep_free(name_name);
- }
-
- return result;
-}
-
-ldns_dnssec_rrsets *
-ldns_dnssec_name_find_rrset(ldns_dnssec_name *name,
- ldns_rr_type type) {
- ldns_dnssec_rrsets *result;
-
- result = name->rrsets;
- while (result) {
- if (result->type == type) {
- return result;
- } else {
- result = result->next;
- }
- }
- return NULL;
-}
-
-ldns_dnssec_rrsets *
-ldns_dnssec_zone_find_rrset(ldns_dnssec_zone *zone,
- ldns_rdf *dname,
- ldns_rr_type type)
-{
- ldns_rbnode_t *node;
-
- if (!zone || !dname) {
- return NULL;
- }
-
- node = ldns_rbtree_search(zone->names, dname);
- if (node) {
- return ldns_dnssec_name_find_rrset((ldns_dnssec_name *)node->data,
- type);
- } else {
- return NULL;
- }
-}
-
-void
-ldns_dnssec_name_print_soa(FILE *out, ldns_dnssec_name *name, bool show_soa)
-{
- if (name) {
- if(name->rrsets) {
- ldns_dnssec_rrsets_print_soa(out, name->rrsets, true, show_soa);
- } else {
- fprintf(out, ";; Empty nonterminal: ");
- ldns_rdf_print(out, name->name);
- fprintf(out, "\n");
- }
- if(name->nsec) {
- ldns_rr_print(out, name->nsec);
- }
- if (name->nsec_signatures) {
- ldns_dnssec_rrs_print(out, name->nsec_signatures);
- }
- } else {
- fprintf(out, "<void>\n");
- }
-}
-
-void
-ldns_dnssec_name_print(FILE *out, ldns_dnssec_name *name)
-{
- ldns_dnssec_name_print_soa(out, name, true);
-}
-
-ldns_dnssec_zone *
-ldns_dnssec_zone_new()
-{
- ldns_dnssec_zone *zone = LDNS_MALLOC(ldns_dnssec_zone);
- if(!zone) return NULL;
- zone->soa = NULL;
- zone->names = NULL;
-
- return zone;
-}
-
-void
-ldns_dnssec_name_node_free(ldns_rbnode_t *node, void *arg) {
- (void) arg;
- ldns_dnssec_name_free((ldns_dnssec_name *)node->data);
- free(node);
-}
-
-void
-ldns_dnssec_name_node_deep_free(ldns_rbnode_t *node, void *arg) {
- (void) arg;
- ldns_dnssec_name_deep_free((ldns_dnssec_name *)node->data);
- free(node);
-}
-
-void
-ldns_dnssec_zone_free(ldns_dnssec_zone *zone)
-{
- if (zone) {
- if (zone->names) {
- /* destroy all name structures within the tree */
- ldns_traverse_postorder(zone->names,
- ldns_dnssec_name_node_free,
- NULL);
- free(zone->names);
- }
- LDNS_FREE(zone);
- }
-}
-
-void
-ldns_dnssec_zone_deep_free(ldns_dnssec_zone *zone)
-{
- if (zone) {
- if (zone->names) {
- /* destroy all name structures within the tree */
- ldns_traverse_postorder(zone->names,
- ldns_dnssec_name_node_deep_free,
- NULL);
- free(zone->names);
- }
- LDNS_FREE(zone);
- }
-}
-
-/* use for dname comparison in tree */
-int
-ldns_dname_compare_v(const void *a, const void *b) {
- return ldns_dname_compare((ldns_rdf *)a, (ldns_rdf *)b);
-}
-
-#ifdef HAVE_SSL
-ldns_rbnode_t *
-ldns_dnssec_zone_find_nsec3_original(ldns_dnssec_zone *zone,
- ldns_rr *rr) {
- ldns_rbnode_t *current_node = ldns_rbtree_first(zone->names);
- ldns_dnssec_name *current_name;
- ldns_rdf *hashed_name;
-
- hashed_name = ldns_dname_label(ldns_rr_owner(rr), 0);
-
- while (current_node != LDNS_RBTREE_NULL) {
- current_name = (ldns_dnssec_name *) current_node->data;
- if (!current_name->hashed_name) {
- current_name->hashed_name =
- ldns_nsec3_hash_name_frm_nsec3(rr, current_name->name);
- }
- if (ldns_dname_compare(hashed_name,
- current_name->hashed_name)
- == 0) {
- ldns_rdf_deep_free(hashed_name);
- return current_node;
- }
- current_node = ldns_rbtree_next(current_node);
- }
- ldns_rdf_deep_free(hashed_name);
- return NULL;
-}
-
-ldns_status
-ldns_dnssec_zone_add_rr(ldns_dnssec_zone *zone, ldns_rr *rr)
-{
- ldns_status result = LDNS_STATUS_OK;
- ldns_dnssec_name *cur_name;
- ldns_rbnode_t *cur_node;
- ldns_rr_type type_covered = 0;
-
- if (!zone || !rr) {
- return LDNS_STATUS_ERR;
- }
-
- if (!zone->names) {
- zone->names = ldns_rbtree_create(ldns_dname_compare_v);
- if(!zone->names) return LDNS_STATUS_MEM_ERR;
- }
-
- /* we need the original of the hashed name if this is
- an NSEC3, or an RRSIG that covers an NSEC3 */
- if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_RRSIG) {
- type_covered = ldns_rdf2rr_type(ldns_rr_rrsig_typecovered(rr));
- }
- if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_NSEC3 ||
- type_covered == LDNS_RR_TYPE_NSEC3) {
- cur_node = ldns_dnssec_zone_find_nsec3_original(zone,
- rr);
- if (!cur_node) {
- return LDNS_STATUS_DNSSEC_NSEC3_ORIGINAL_NOT_FOUND;
- }
- } else {
- cur_node = ldns_rbtree_search(zone->names, ldns_rr_owner(rr));
- }
-
- if (!cur_node) {
- /* add */
- cur_name = ldns_dnssec_name_new_frm_rr(rr);
- if(!cur_name) return LDNS_STATUS_MEM_ERR;
- cur_node = LDNS_MALLOC(ldns_rbnode_t);
- if(!cur_node) {
- ldns_dnssec_name_free(cur_name);
- return LDNS_STATUS_MEM_ERR;
- }
- cur_node->key = ldns_rr_owner(rr);
- cur_node->data = cur_name;
- (void)ldns_rbtree_insert(zone->names, cur_node);
- } else {
- cur_name = (ldns_dnssec_name *) cur_node->data;
- result = ldns_dnssec_name_add_rr(cur_name, rr);
- }
-
- if (result != LDNS_STATUS_OK) {
- fprintf(stderr, "error adding rr: ");
- ldns_rr_print(stderr, rr);
- }
-
- /*TODO ldns_dnssec_name_print_names(stdout, zone->names, 0);*/
- if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_SOA) {
- zone->soa = cur_name;
- }
-
- return result;
-}
-#endif /* HAVE_SSL */
-
-void
-ldns_dnssec_zone_names_print(FILE *out, ldns_rbtree_t *tree, bool print_soa)
-{
- ldns_rbnode_t *node;
- ldns_dnssec_name *name;
-
- node = ldns_rbtree_first(tree);
- while (node != LDNS_RBTREE_NULL) {
- name = (ldns_dnssec_name *) node->data;
- ldns_dnssec_name_print_soa(out, name, print_soa);
- fprintf(out, ";\n");
- node = ldns_rbtree_next(node);
- }
-}
-
-void
-ldns_dnssec_zone_print(FILE *out, ldns_dnssec_zone *zone)
-{
- if (zone) {
- if (zone->soa) {
- fprintf(out, ";; Zone: ");
- ldns_rdf_print(out, ldns_dnssec_name_name(zone->soa));
- fprintf(out, "\n;\n");
- ldns_dnssec_rrsets_print(
- out,
- ldns_dnssec_name_find_rrset(zone->soa,
- LDNS_RR_TYPE_SOA),
- false);
- fprintf(out, ";\n");
- }
-
- if (zone->names) {
- ldns_dnssec_zone_names_print(out, zone->names, false);
- }
- }
-}
-
-ldns_status
-ldns_dnssec_zone_add_empty_nonterminals(ldns_dnssec_zone *zone)
-{
- ldns_dnssec_name *new_name;
- ldns_rdf *cur_name;
- ldns_rdf *next_name;
- ldns_rbnode_t *cur_node, *next_node, *new_node;
-
- /* for the detection */
- uint16_t i, cur_label_count, next_label_count;
- uint16_t soa_label_count = 0;
- ldns_rdf *l1, *l2;
- int lpos;
-
- if (!zone) {
- return LDNS_STATUS_ERR;
- }
- if (zone->soa && zone->soa->name) {
- soa_label_count = ldns_dname_label_count(zone->soa->name);
- }
-
- cur_node = ldns_rbtree_first(zone->names);
- while (cur_node != LDNS_RBTREE_NULL) {
- next_node = ldns_rbtree_next(cur_node);
-
- /* skip glue */
- while (next_node != LDNS_RBTREE_NULL &&
- next_node->data &&
- ((ldns_dnssec_name *)next_node->data)->is_glue
- ) {
- next_node = ldns_rbtree_next(next_node);
- }
-
- if (next_node == LDNS_RBTREE_NULL) {
- next_node = ldns_rbtree_first(zone->names);
- }
-
- cur_name = ((ldns_dnssec_name *)cur_node->data)->name;
- next_name = ((ldns_dnssec_name *)next_node->data)->name;
- cur_label_count = ldns_dname_label_count(cur_name);
- next_label_count = ldns_dname_label_count(next_name);
-
- /* Since the names are in canonical order, we can
- * recognize empty non-terminals by their labels;
- * every label after the first one on the next owner
- * name is a non-terminal if it either does not exist
- * in the current name or is different from the same
- * label in the current name (counting from the end)
- */
- for (i = 1; i < next_label_count - soa_label_count; i++) {
- lpos = (int)cur_label_count - (int)next_label_count + (int)i;
- if (lpos >= 0) {
- l1 = ldns_dname_label(cur_name, (uint8_t)lpos);
- } else {
- l1 = NULL;
- }
- l2 = ldns_dname_label(next_name, i);
-
- if (!l1 || ldns_dname_compare(l1, l2) != 0) {
- /* We have an empty nonterminal, add it to the
- * tree
- */
- new_name = ldns_dnssec_name_new();
- if (!new_name) {
- return LDNS_STATUS_MEM_ERR;
- }
- new_name->name = ldns_dname_clone_from(next_name,
- i);
- if (!new_name) {
- ldns_dnssec_name_free(new_name);
- return LDNS_STATUS_MEM_ERR;
- }
- new_name->name_alloced = true;
- new_node = LDNS_MALLOC(ldns_rbnode_t);
- if (!new_node) {
- ldns_dnssec_name_free(new_name);
- return LDNS_STATUS_MEM_ERR;
- }
- new_node->key = new_name->name;
- new_node->data = new_name;
- (void)ldns_rbtree_insert(zone->names, new_node);
- }
- ldns_rdf_deep_free(l1);
- ldns_rdf_deep_free(l2);
- }
-
- /* we might have inserted a new node after
- * the current one so we can't just use next()
- */
- if (next_node != ldns_rbtree_first(zone->names)) {
- cur_node = next_node;
- } else {
- cur_node = LDNS_RBTREE_NULL;
- }
- }
- return LDNS_STATUS_OK;
-}
+++ /dev/null
-<?xml version="1.0"?>
-
-<!DOCTYPE rfc SYSTEM "rfc2629.dtd">
-<!-- $Id -->
-
-<?rfc toc="yes" ?>
-<?rfc compact="yes" ?>
-<?rfc editing="no" ?>
-<?rfc iprnotified="no" ?>
-<?rfc private="LibDNS API" ?>
-
-<rfc ipr="none" category="info" docName="API-00.txt">
-
-<front>
-<title>LibDNS API</title>
- <author initials="R." surname="Gieben" fullname="Miek Gieben">
- <organization>NLnet Labs</organization>
- <address>
- <postal>
- <street>Kruislaan 419</street>
- <city>Amsterdam</city>
- <code>1098 VA</code>
- <country>The Netherlands</country>
- </postal>
- <email>miek@nlnetlabs.nl</email>
- <uri>http://www.nlnetlabs.nl</uri>
- </address>
- </author>
- <author initials="J." surname="Jansen" fullname="Jelte Jansen">
- <organization>NLnet Labs</organization>
- <address>
- <postal>
- <street>Kruislaan 419</street>
- <city>Amsterdam</city>
- <code>1098 VA</code>
- <country>The Netherlands</country>
- </postal>
- <email>jelte@nlnetlabs.nl</email>
- <uri>http://www.nlnetlabs.nl</uri>
- </address>
- </author>
- <author initials="E." surname="Rozendaal" fullname="Erik Rozendaal">
- <organization>NLnet Labs</organization>
- <address>
- <postal>
- <street>Kruislaan 419</street>
- <city>Amsterdam</city>
- <code>1098 VA</code>
- <country>The Netherlands</country>
- </postal>
- <email>erik@nlnetlabs.nl</email>
- <uri>http://www.nlnetlabs.nl</uri>
- </address>
- </author>
-<date month="January" year="2005" />
-<keyword>DNS</keyword>
-<keyword>Elite</keyword>
-<keyword>Hacking</keyword>
-<abstract>
-<t>
-A small abstract will come here, TBD.
-</t>
-</abstract>
-</front>
-
-<middle>
-
-<section title="Introduction">
-<t>
-LibDNS (or lDNS) is modelled after the Net::DNS perl library. It has
-been shown that Net::DNS can be used vefficiently for
-programming DNS aware applications. We want to bring the same
-level of efficiency to C programmers.
-</t>
-<t>
-The lDNS API consist of two layers. The top-layer, this is
-what is actually exported to the application via the library. And the
-bottom-layer, this is what lDNS needs to compile and function.
-</t>
-</section> <!-- "Introduction" -->
-
-<section title="Differences With Other Libraries">
-<t>
-Short intermezzo detailing differences with other libraries. Most important
-ones are the libc resolver interface (from BIND8) and the lwres_ interface
-from BIND9.
-</t>
-</section> <!-- "Differences with other libraries" -->
-
-<section title="Interfaces">
-<t>
-At its lowest level lDNS is only dependent on libc. It uses a
-few networking systems calls; socket, bind, send/recv and friends.
-</t>
-<t>
-Further more it is to be expected that lDNS will depend on OpenSSL for
-its cryptography.
-</t>
-<t>
-As said, lDNS is modelled after Net::DNS, therefor its application API
-looks very much like the one used for Net::DNS. Some modification are made
-ofcourse, because not all functionality of Perl can be caught in C.
-</t>
-
-<t>
-This API document was written by carefully looking at the documentation
-contained in the Net::DNS Perl module.
-</t>
-</section> <!-- "Interfaces" -->
+++ /dev/null
-<?xml version="1.0"?>
-
-<!DOCTYPE rfc SYSTEM "rfc2629.dtd">
-<!-- $Id -->
-
-<?rfc toc="yes" ?>
-<?rfc compact="yes" ?>
-<?rfc editing="no" ?>
-<?rfc iprnotified="no" ?>
-<?rfc private="LibDNS API" ?>
-
-<rfc ipr="none" category="info" docName="libdns-api-00.txt">
-
-<front>
-<title>LibDNS API</title>
- <author initials="R." surname="Gieben" fullname="Miek Gieben">
- <organization>NLnet Labs</organization>
- <address>
- <postal>
- <street>Kruislaan 419</street>
- <city>Amsterdam</city>
- <code>1098 VA</code>
- <country>The Netherlands</country>
- </postal>
- <email>miek@nlnetlabs.nl</email>
- <uri>http://www.nlnetlabs.nl</uri>
- </address>
- </author>
- <author initials="J." surname="Jansen" fullname="Jelte Jansen">
- <organization>NLnet Labs</organization>
- <address>
- <postal>
- <street>Kruislaan 419</street>
- <city>Amsterdam</city>
- <code>1098 VA</code>
- <country>The Netherlands</country>
- </postal>
- <email>jelte@nlnetlabs.nl</email>
- <uri>http://www.nlnetlabs.nl</uri>
- </address>
- </author>
- <author initials="E." surname="Rozendaal" fullname="Erik Rozendaal">
- <organization>NLnet Labs</organization>
- <address>
- <postal>
- <street>Kruislaan 419</street>
- <city>Amsterdam</city>
- <code>1098 VA</code>
- <country>The Netherlands</country>
- </postal>
- <email>erik@nlnetlabs.nl</email>
- <uri>http://www.nlnetlabs.nl</uri>
- </address>
- </author>
-<date month="January" year="2005" />
-<keyword>DNS</keyword>
-<keyword>Elite</keyword>
-<keyword>Hacking</keyword>
-<abstract>
-<t>
-A small abstract will come here, TBD.
-</t>
-</abstract>
-</front>
-
-<middle>
-
-<section title="Introduction">
-<t>
-LibDNS (or lDNS) is modelled after the Net::DNS perl library. It has
-been shown that Net::DNS can be used vefficiently for
-programming DNS aware applications. We want to bring the same
-level of efficiency to C programmers.
-</t>
-<t>
-The lDNS API consist of two layers. The top-layer, this is
-what is actually exported to the application via the library. And the
-bottom-layer, this is what lDNS needs to compile and function.
-</t>
-</section> <!-- "Introduction" -->
-
-<section title="Differences With Other Libraries">
-<t>
-Short intermezzo detailing differences with other libraries. Most important
-ones are the libc resolver interface (from BIND8) and the lwres_ interface
-from BIND9.
-</t>
-</section> <!-- "Differences with other libraries" -->
-
-<section title="Interfaces">
-<t>
-At its lowest level lDNS is only dependent on libc. It uses a
-few networking systems calls; socket, bind, send/recv and friends.
-</t>
-<t>
-Further more it is to be expected that lDNS will depend on OpenSSL for
-its cryptography.
-</t>
-<t>
-As said, lDNS is modelled after Net::DNS, therefor its application API
-looks very much like the one used for Net::DNS. Some modification are made
-ofcourse, because not all functionality of Perl can be caught in C.
-</t>
-
-<t>
-This API document was written by carefully looking at the documentation
-contained in the Net::DNS Perl module.
-</t>
-</section> <!-- "Interfaces" -->
-
-<section title="RDF Structure">
-<t>
-The rdf structure, the RData Field, is a type that contains the different
-types in the rdata of an RR. Consider the following example:
-<artwork>
-example.com. IN MX 10 mx.example.com.
-</artwork>
-The "10 mx.example.com." is the rdata in this case. It consists of two
-fields, "10" and "mx.example.com". These have the types (in this case)
-LDNS_RDF_TYPE_INT8 and LDNS_RDF_TYPE_DNAME.
-</t>
-<t>
-The following functions operate on this structure.
-</t>
-<t>
-<list style="hanging">
-<t hangText="dns_rdf *ldns_rdf_new(uint16_t s, ldns_rdf_type t, uint8_t *d):">
-Create a new rdf structure. Return a pointer to it.
-</t>
-<t hangText="uint16_t ldns_rdf_size(ldns_rdf *r):">
-Get the size of a rdf structure.
-</t>
-<t hangText="void ldns_rdf_set_size(ldns_rdf *r, uint16_t):">
-Set the size of a rdf structure.
-</t>
-<t hangText="void ldns_rdf_set_type(ldns_rdf *r, ldns_rdf_type t):">
-Set the type of a rdf structure.
-</t>
-<t hangText="ldns_rdf_type ldns_rdf_get_type(ldns_rdf *r):">
-Get the type of a rdf structure.
-</t>
-<t hangText="void ldns_rdf_set_data(ldns_rdf *r, uint8_t *n):">
-Set the (binary/network order) data of a rdf structure.
-</t>
-<t hangText="uint8_t *ldns_rdf_data(ldns_rdf *r):">
-Get a pointer to the data in a rdf structure.
-</t>
-<t hangText="void ldns_rdf_free(ldns_rdf *r):">
-Free a rdf structure.
-</t>
-<t hangText="ldns_rdf_new_frm_str(uint8_t *s, ldns_rdf_type t):">
-Create a new rdf structure from a string and a specific rdf_type.
-The type is needed to perform the correct conversion.
-</t>
-</list>
-</t>
-</section> <!-- "RDF Structure" -->
-
-<section title="RR Structure">
-<t>
-These functions operate on ldns_rr structures.
-</t>
-<t>
-<list style="hanging">
-<t hangText="ldns_rr *ldns_rr_new(void):">
-Returns a pointer to the newly created ldns_rr structure.
-</t>
-<t hangText="void ldns_rr_print(FILE *s, ldns_rr *r):">
-Prints the record to the stream s.
-</t>
-<t hangText="ldns_buffer ldns_rr_rdatastr(ldns_rr *r):">
-Returns a pointer to a ldns_buffer containing with string containing
-RR-specific data.
-</t>
-<t hangText="ldns_rdf *ldns_rr_name(ldns_rr *r):">
-Returns the record's owner name as a ldns_rdf type.
-</t>
-<t hangText="ldns_rdf_rr_type ldns_rr_get_type(ldns_rr *r):">
-Returns the record's type.
-</t>
-<t hangText="ldns_rr_class ldns_rr_get_class(ldns_rr *r):">
-Returns the record's class.
-</t>
-<t hangText="uint32_t ldns_rr_get_ttl(ldns_rr *r):">
-Returns the record's time-to-live (TTL).
-</t>
-</list>
-</t>
-
-<t>
-TODO the 'set' functions of the 'get'
-</t>
-</section> <!-- "RR Structure" -->
-
-<section title="RR list Structure">
-<t>
-In the DNS the atomic data type is an RRset. This is a list
-of RRs with the same ownername, type and class. Net::DNS doesn't
-have rrsets as a seperate object.
-</t>
-<t>
-In lDNS we have the ldns_rr_list, which just holds a bunch of RR's.
-No specific check are made on the RRs that can be put in such a list.
-Special wrapper functions exist which allow the usage of ldns_rr_list
-of real (RFC compliant) RR sets.
-</t>
-<t>
-TODO: See rr.c
-</t>
-</section> <!-- "RR list Structure" -->
-
-<section title="Resolver Structure">
-<t>
-<list style="hanging">
-<t hangText="ldns_resolver* ldns_resolver_new(void):">
-Create a new resolver structure and return the pointer to that.
-</t>
-<t hangText="uint8_t ldns_version(resolver *res):">
-Returns the version of lDNS.
-</t>
-<t hangText="ldns_pkt *ldns_mx(ldns_resolver *res, ldns_rdf_type *dname):">
-Returns a ldns_pkt representing the MX records
-for the specified dname. Function is documented differently in Net::DNS.
-Do we need stuff like this?? XXX
-</t>
-<t hangText="ldns_status ldns_resolver_domain(resolver *res, ldns_rdf
-*domain):">
- Set the default domain for this resolver. This domain is added
- when a query is made with a name without a trailing dot.
-
-
-</t>
-<t hangText="ldns_status ldns_resolver_nameserver_push(resolver *res,
-ldns_rdf *ip):">
-Add a new nameserver to the resolver. These nameservers are queried
- when a search() or query() is done.
-
-</t>
-<t hangText="ldns_status ldns_resolver_searchlist_push(resolver *res,
-ldns_rdf *domain):">
- Add a domain to the searchlist of a resolver.
-</t>
-<t hangText=" ldns_pkt * ldns_resolver_search(ldns_resolver *res,
- ldns_rdf *domain,
- ldns_rr_type *type,
- ldns_class *class):">
- Perform a query. Try all the nameservers in the *res structure. Apply
- the search list. And default domain.
-If type is NULL it defaults to 'A',
-If class is NULL it default to 'IN'.
-</t>
-<t hangText="ldns_pkt * ldns_resolver_query(ldns_resolver *res,
- ldns_rdf *dom,
- ldns_type *t,
- ldns_class *cl):">
-Perform a query. Only the default domain is added.
-If type is NULL it defaults to 'A',
-If class is NULL it default to 'IN'.
-</t>
-<t hangText=" ldns_pkt * ldns_resolver_send(ldns_resolver *res,
- ldns_rdf *domain,
- ldns_type *type,
- ldns_class *class):">
-No search list nor default domain is applied. Return a pointer to a ldns_pkt
-structure with the information from the nameserver.
-If type is NULL it defaults to 'A',
-If class is NULL it default to 'IN'.
-</t>
-</list>
-</t>
-<t>
-TODO XX Gazillion helper functions to set port, src-port, etc. etc.
-</t>
-</section> <!-- "Resolver Structure" -->
-
-<section title="Packet Structure">
-<t>
-A packet structure (ldns_pkt) has five sections:
-<list style="numbers">
-<t>The header section, a ldns_hdr structure.</t>
-<t>The question section, a ldns_rr_list structure.</t>
-<t>The answer section, a ldns_rr_list structure.</t>
-<t>The authority section, a ldns_rr_list structure.</t>
-<t>The additional section, a ldns_rr_list structure.</t>
-</list>
-</t>
-<t>
-<list style="hanging">
-<t hangText="Header Structure (ldns_hdr):">
-ldns_hdr represents the header section of a DNS packet.
-</t>
-<t hangText="Question Section (ldns_rr_list):">
-A list of RRs in the Question section of a DNS packet.
-</t>
-<t hangText="Answer Section (ldns_rr_list):">
-A list of RRs in the Question section of a DNS packet.
-</t>
-<t hangText="Authority Section (ldns_rr_list):">
-A list of RRs in the Question section of a DNS packet.
-</t>
-<t hangText="Additional Section (ldns_rr_list):">
-A list of RRs in the Question section of a DNS packet.
-</t>
-</list>
-</t>
-
-<t>
-<list style="hanging">
-<t hangText="ldns_pkt * ldns_pkt_new(void):">
-Creates a new empty packet.
-</t>
-<t hangText="ldns_buffer* ldns_pkt_data(ldns_pkt *pkt):">
-Returns the packet data in binary format, suitable for sending to a
-nameserver. [XXX, suitable for sending to a NS?]
-</t>
-<t hangText="ldns_hdr *ldns_header(ldn_pkt *pkt):">
-Returns a ldns_hdr structure representing the header section of
-the packet.
-</t>
-<t hangText="ldns_rr_list *ldns_question(ldns_pkt *pkt):">
- Returns a pointer to a ldns_rr_list representing the question section
-of the packet.
-</t>
-<t hangText="ldns_rr_list *ldns_answer(ldns_pkt *pkt):">
- Returns a pointer to a ldns_rr_list representing the answer section of
-the packet.
-
-</t>
-<t hangText=" ldns_rr_list *ldns_authority(ldns_pkt *pkt):">
-Returns a pointer to a ldns_rr_list representing the authority section
-of the packet.
-
-</t>
-<t hangText=" ldns_rr_list *ldns_additional(ldns_pkt *pkt):">
-Returns a pointer to a ldns_rr_list of representing the additional
-section of the packet.
-
-</t>
-<t hangText=" void ldsn_pkt_print(ldns_pkt *pkt):">
-Prints the packet data on the standard output in an ASCII format similar
-to that used in DNS zone files. See RFC1035.
-
-</t>
-<t hangText="ldns_buffer *ldns_pkt_string(ldns_pkt *pkt):">
-Returns a ldns_buffer containing the string representation of the packet.
-
-</t>
-<t hangText="ldns_rdf* ldns_pkt_answerfrom(ldns_pkt *pkt):">
-Returns the IP address from which we received this packet. User-created
-packets will return NULL.
-
-</t>
-<t hangText="uint16_t ldns_pkt_answersize(ldns_pkt *pkt):">
-Returns the size of the packet in bytes as it was received from a
-nameserver. User-created packets will return 0. [XXX
-user-created??]
-
-</t>
-<t hangText="ldns_status ldns_push(ldns_pkt *pkt, ldns_pkt_section section,
-ldns_rr *rr):">
-Adds *rr to the specified section of the packet. Return LDNS_STATUS_OK
-on success, LDNS_STATUS_ERR otherwise.
-
-</t>
-<t hangText="ldns_status ldns_unique_push(ldns_pkt *pkt, ldns_pkt_section
-section, ldns_rr *rr):">
-Adds *rr to the specified section of the packet provided that the RR
-does not already exist in the packet. Return LDNS_STATUS_OK
-on success, LDNS_STATUS_ERR otherwise.
-</t>
-<t hangText="ldns_rr *ldns_pop(ldns_pkt, ldns_pkt_section):">
-Removes a RR from the specified section of the packet. Returns NULL if
-no RR's could be popped.
-</t>
-<t hangText="ldns_rr_list *ldns_pkt_rrset(ldns_pkt *pkt,...):">
-Retrieve all RRs in a packet matching certain criteria. XXX function needs
-to be specified better.
-</t>
-<t hangText="void *ldns_pkt_print(FILE *s, ldns_pkt *p):">
-Print packet p to stream s.
-</t>
-
-</list>
-</t>
-</section> <!-- "Packet Structure" -->
-
-<section title="Specific RR Structures">
-<t>
-Some resource records can have special access function no other RR has.
-Those are detailed here. XXX TODO don't exist (yet?).
-</t>
-</section> <!-- "Specific RR Structures" -->
-
-<section title="Exported Defines and Macros">
-<t>
-insert your long list here.
-</t>
-</section> <!-- "Exported defines and macros" -->
-
-<section title="Examples">
-<t>
-A small example, which queries a nameserver on localhost
-to diplay the MX records for miek.nl.
-</t>
-
-<t>
-<figure>
-<artwork>
-/**
- * An example ldns program
- * In semi-C code
- *
- * Setup a resolver
- * Query a nameserver
- * Print the result
- */
-
-#include <ldns.h>
-
-int
-main(void)
-{
- ldns_resolver *res;
- ldns_rdf *default_dom;
- ldns_rdf *nameserver;
- ldns_rdf *qname;
- ldns_pkt *pkt;
-
- /* init */
- res = ldns_resolver_new();
- if (!res)
- return 1;
-
- /* create a default domain and add it */
- default_dom = ldns_rdf_new_frm_str("miek.nl.", LDNS_RDF_TYPE_DNAME);
- nameserver = ldns_rdf_new_frm_str("127.0.0.1", LDNS_RDF_TYPE_A);
-
- if (ldns_resolver_domain(res, default_dom) != LDNS_STATUS_OK)
- return 1;
- if (ldns_resolver_nameserver_push(res, nameserver) != LDNS_STATUS_OK)
- return 1;
-
- /* setup the question */
- qname = ldns_rdf_new_frm_str("www", LDNS_RDF_TYPE_DNAME);
-
- /* fire it off. "miek.nl." will be added */
- pkt = ldns_resolver_query(res, qname, LDNS_RR_TYPE_MX, NULL);
-
- /* print the resulting pkt to stdout */
- ldns_pkt_print(stdout, pkt);
-
- return 0;
-}
-</artwork>
-</figure>
-</t>
-</section> <!-- title="Short Example" -->
-
-</middle>
-<back>
-</back>
-</rfc>
+++ /dev/null
-The libdns coding style guide
-
-* Use of tabs (real tabs, 8 positions long)
-* Spaces only after comma's, and in between operators.
- And after keywords (if, while, for)
-* Underscores to make long names readable
-* prefix (exported) identifiers with 'ldns_'
-* no unneeded parentheses after 'return'
-* always curly brackets in if-statements
-* use defines for (weird) constants, and masks
-* type 'bool', constants 'true'/'false'. Don't compare bools for
- equality.
-* always use LDNS_MALLOC/FREE etc, or the new/free/deep_free functions
-* buffer can scale, so don't alloc the max size, but the min size
-* make lint (uses splint) is your friend
-
-
-* Return values:
- - status code (structure to fill is usually passed as a first argument)
- - new/pointer: return pointer or NULL on error
- - 'read' functions: ldns_status wire2thing(uint8_t *p, size_t max,
- size_t pos, *thing);
- - void functions like ldns_rr_free
- - bool functions
-
-* Parameter sequence: (dest, [dest_meta, ] src, [src_meta] etc)
-* structure/union field names start with _ when "private"
-* enum for rcode, opcode, types etc,
- example:
- enum ldns_rcode {
- LDNS_RCODE_OK = 0,
- ... = .,
- LDNS_RCODE_FIRST = LDNS_RCODE_OK,
- LDNS_RCODE_LAST = 15,
- LDNS_RCODE_COUNT = LDNS_RCODE_LAST + 1
- }
-* Everything by reference, all data structures an optional _clone() function
-* arrays: ps[] with size_t p_count for the number of elements
-* _size for size in bytes
-* _free and _clone copies perform deep free/copy.
-
-* Standard abbreviations, don't abbreviate other names:
-
- id = identity
- rr = resource record
- rrset = resource record set
- rdata = resource data
- rdf = resource data field
- rcode = result code
- qr = query/resource bit
- aa = authoritative answer
- tc = truncated
- rd = recursion disabled
- cd = checking disabled
- ra = recursion available
- ad = authentic data
- qdcount = question section count
- ancount = answer section count
- nscount = authority section count
- arcount = additional section count
-
-ldns-<tools>
-* use exit(EXIT_FAILURE)/ exit(SUCCES)
-*
+++ /dev/null
-TODO
-
-Features:
-* Multi-line zone file parsing
-* Configure option for not printing DNSSEC RR comments
-* HMAC and MD5 without OpenSSL
-* HIP RR support
-* Parse 'search' attribute in /etc/resolv.conf
-* Make use of automake (Bug #173)
-* ./configure --with-tools --with-drill (Bug #264)
-* Drill: print appropriate DS RRs (relates to Bug #355)
-* ldns-signzone optout to be really optout
-
-Bugfixes:
-* Bug #279: fix return values for net.h functions, and related: make return
- values for functions that cannot return memory-failure today. Needs medium
- version increase because of API change.
-* Long out-standing packaging bugs (debian)
-* Lazy ABI
+++ /dev/null
-/** \page design Design
-
-The following image shows the various modules of libdns and their
-functionality.
-
-\image html libdnsoverview.png
-
-\section central_structures Central structures
-
- - \ref ldns_pkt A DNS Packet, which can contain a query, answers, and additional information.
- - \ref ldns_rr A Resource Record, which holds a bit of information about a specific domain name.
- - \ref ldns_rdf An RDATA field, every Resource Record contains one or more RDATA fields, depending on the type of RR. These are the 'basic types' of DNS data.
- - \ref ldns_rr_list A list of resource records
- - \ref ldns_zone A representation of a DNS Zone.
-
-The actual structure definitions are named \c ldns_struct_<name> which are all typedeffed to \c ldns_<name>
-
-
-A DNS Resource record looks like this:
-
-<pre>
-nlnetlabs.nl. 600 IN MX 10 open.nlnetlabs.nl.
- \ \ \ \ \ /
- owner ttl class type \ rdf[] /
- (rdf) (uint32_t) (rr_class) (rr_type)
- 10 := rdf[0]
- open.nlnetlabs.nl. := rdf[1]
-</pre>
-
-* Owner:
-The owner name is put in an \c ldns_rdf structure, which is a normal rdata field but always
-has the type LDNS_RDF_TYPE_DNAME.
-
-An \ref ldns_rdf structure has 3 members; the size, the type of rdata and a void *
-pointer to the data. The data is always in uncompressed wireformat.
-
-The RSH (rdata) is put in an array of rdf's (in this case 2).
-
-The entire resource record is put in a RR structure, which has
-the fields described above (under the RR):
- - owner (nlnetlabs.nl.)
- - ttl (600)
- - class (LDNS_RR_CLASS_IN: 'IN')
- - type (LDNS_RR_TYPE_MX: 'MX')
- - rd_count (2)
- - rdata_fields[rd_count]
- - rdf[0] (10)
- - rdf[1] (open.nlnetlabs.nl.)
-
-* RR list structure:
-An RR list structure is simply a structure with a counter
-and an array of RR structures. Different kinds of RR's can
-be grouped together this way.
-
-* RRset structure:
-An RRset structure is an RR list structure, but its accessor
-function checks if the \c ldns_rr structures in there are:
- - from the same type
- - have the same TTL
- - have the same ownername
-
-This is the RFC definition of an RRset.
-
-* pkt structure:
-A pkt structure consists out of a header structure where
-packet specific flags are kept, TC, RD, IP from the server which
-sent the packet, etc.
-Further more it is divided in 4 sections: question, authority, answer
-and additional.
-
-All four sections have the type RRlist that simply hold a list of RR's
-
-
-\section wire_module Wire module and central structures Interface
-
-As the WIRE module takes care of the compression/decompression
-it needs a buffer which holds all the binary DNS data.
-All functions will operate on such a buffer to extract specific
-information which is then stored in RR structures.
-
-
-\section resolver_module Resolver module and central structures Interface
-
-The resolver module always returns a pkt structure. Either with
-the answer or a SERVFAIL pkt.
-
-The exact function-call parameters have not yet been
-decided on.
-
-Also the resolver module will need to access some of the
-to_wire and from_wire function to creates ldn_pkt's from
-the data it receives (arrow not drawn).
-
-
-\section str_module str module and central structures Interface
-
-Convert to and from strings. This module could be used
-to read in a zone file (list of RRs) and convert the text strings to
-the format used by ldns. Or the other way around.
-
-
-\section net_module Net module and resolver module interface
-
-The resolver module will get a packet and will mold it so that
-it can be sent off to a nameserver.
-It might need to interface with the wire module (arrow not drawn).
-
-\section Net module and OS/libc interface
-OS/network calls will be used here. The Net module is the only part of
-the library where the underlying OS matters.
-
-\section Client program ldns interface
-Any client program will have access to
-- Wire module
-- Central structures
-- Resolver module
-- str module (arrow not drawn in the above figure)
-
-\section dnssec_module DNSSEC module
-The DNSSEC types are handled in the RR module, but the crypto
-routines are contained in this module. This module will depend
-on OpenSSL for the crypto routines.
-
-*/
+++ /dev/null
-http://www.posadis.org/projects/poslib.php
-Poslib DNS library - Default branch
-
-http://www.posadis.org/poslib?DokuWiki=2b00f9da090fb9d4ad3d6e98b9c2f61f
-
-Poslib is the C++ library for applications using the Domain Name System
-that is used by all Posadis tools, including the Posadis DNS server and the
-Zoneedit and Dnsquery tools. It consists of a library for creating client
-applications using DNS, and a server library for DNS servers.
-
-
-FireDNS Library
-http://firestuff.org/projects/firedns
-FireDNS Library
----------------
-(c) 2002 Ian Gulliver under the GNU Public License, Version 2.
-See GPL for more details.
-
-From libfiredns(3):
-
-libfiredns is a library for handling asynchronous DNS
-requests. It provides a very simple interface for sending
-requests and parsing reponses, as well as low-timeout
-blocking functions. libfiredns functions have much lower
-timeouts than the stock functions and tend to be faster
-because they send requests to all configured system
-nameservers at the same time.
-
-If you have questions or comments, you can reach me at
-ian@penguinhosting.net.
-
-
-
-skadns
-
- Skadns is Kind of an Asynchronous DNS client software.
-
- * Kind of: it's small. Really small. But it just works.
- * Asynchronous: all DNS operations are non-blocking.
- * DNS client software: it's a DNS client, what you may know as a "stub resolver". To perform full DNS resolution, you will still need a full resolver like dnscache.
-
- Similar work
-
- * ares is an asynchronous DNS resolver library with a nice interface
- * and more configuration options than skadns (and a very reasonable
- * size). Use it if you find that skadns lacks configurability (you
- * shouldn't need more than it provides, but well, you're the user).
- * Yet it doesn't hide the DNS internals as opaquely as skadns does,
- * giving you a bunch of fds to select() on instead of just one.
- * adns works fine, and is small for a GNU project. Impressive. But
- * the interface is still too complex and much too generic - the
- * usual problems with GNU software.
-
-
-ADNS; documentation scares - is it still active
-simular aims - different ways
+++ /dev/null
-#!/usr/bin/perl
-
-# Doxygen is usefull for html documentation, but sucks
-# in making manual pages. Still tool also parses the .h
-# files with the doxygen documentation and creates
-# the man page we want
-#
-# 2 way process
-# 1. All the .h files are processed to create in file in which:
-# filename | API | description | return values
-# are documented
-# 2. Another file is parsed which states which function should
-# be grouped together in which manpage. Symlinks are also created.
-#
-# With this all in place, all documentation should be autogenerated
-# from the doxydoc.
-
-use Getopt::Std;
-
-my $state;
-my $description;
-my $struct_description;
-my $key;
-my $return;
-my $param;
-my $api;
-my $const;
-
-my %description;
-my %api;
-my %return;
-my %options;
-my %manpages;
-my %see_also;
-
-my $BASE="doc/man";
-my $MAN_SECTION = "3";
-my $MAN_HEADER = ".TH ldns $MAN_SECTION \"30 May 2006\"\n";
-my $MAN_MIDDLE = ".SH AUTHOR
-The ldns team at NLnet Labs. Which consists out of
-Jelte Jansen and Miek Gieben.
-
-.SH REPORTING BUGS
-Please report bugs to ldns-team\@nlnetlabs.nl or in
-our bugzilla at
-http://www.nlnetlabs.nl/bugs/index.html
-
-.SH COPYRIGHT
-Copyright (c) 2004 - 2006 NLnet Labs.
-.PP
-Licensed under the BSD License. There is NO warranty; not even for
-MERCHANTABILITY or
-FITNESS FOR A PARTICULAR PURPOSE.
-";
-my $MAN_FOOTER = ".SH REMARKS
-This manpage was automaticly generated from the ldns source code by
-use of Doxygen and some perl.
-";
-
-getopts("m:",\%options);
-# if -m manpage file is given process that file
-# parse the file which tells us what manpages go together
-my $functions, $see_also;
-if (defined $options{'m'}) {
- # process
- open(MAN, "<$options{'m'}") or die "Cannot open $options{'m'}";
- # it's line based:
- # func1, func2, .. | see_also1, see_also2, ...
- while(<MAN>) {
- chomp;
- if (/^#/) { next; }
- if (/^$/) { next; }
- ($functions, $see_also) = split /[\t ]*\|[\t ]*/, $_;
- #print "{$functions}\n";
- #print "{$see_also}\n";
- my @funcs = split /[\t ]*,[\t ]*/, $functions;
- my @also = split /[\t ]*,[\t ]*/, $see_also;
- $manpages{$funcs[0]} = \@funcs;
- $see_also{$funcs[0]} = \@also;
- #print "[", $funcs[0], "]\n";
- }
- close(MAN);
-} else {
- print "Need -m file to process the .h files\n";
- exit 1;
-}
-
-# 0 - somewhere in the file
-# 1 - in a doxygen par
-# 2 - after doxygen, except funcion
-
-# create our pwd
-mkdir "doc";
-mkdir "doc/man";
-mkdir "doc/man/man$MAN_SECTION";
-
-$state = 0;
-my $i;
-my @lines = <STDIN>;
-my $max = @lines;
-
-while($i < $max) {
- $typedef = "";
- if ($lines[$i] =~ /^typedef struct/ and $lines[$i + 1] =~ /^struct/) {
- # move typedef to below struct
- $typedef = $lines[$i];
- $j = $i;
- while ($lines[$j] !~ /}/) {
- $lines[$j] = $lines[$j+1];
- $j++;
- }
- $lines[$j] = $lines[$j+1];
- $lines[$j + 1] = $typedef;
- }
-
- $cur_line = $lines[$i];
- chomp($cur_line);
- if ($cur_line =~ /^\/\*\*[\t ]*$/) {
- # /** Seen
- #print "Comment seen! [$cur_line]\n";
- $state = 1;
- undef $description;
- undef $struct_description;
- $i++;
- next;
- }
- if ($cur_line =~ /\*\// and $state == 1) {
- #print "END Comment seen!\n";
- $state = 2;
- $i++;
- next;
- }
-
- if ($state == 1) {
- # inside doxygen
- $cur_line =~ s/\\/\\\\/g;
- $cur_line =~ s/^[ \t]*\* ?//;
- $description = $description . "\n" . $cur_line;
- #$description = $description . "\n.br\n" . $cur_line;
- }
- if ($state == 2 and $cur_line =~ /const/) {
- # the const word exists in the function call
- #$const = "const";
- #s/[\t ]*const[\t ]*//;
- } else {
- #undef $const;
- }
-
- if ($cur_line =~ /^INLINE/) {
- $cur_line =~ s/^INLINE\s*//;
- while ($cur_line !~ /{/) {
- $i++;
- $cur_line .= " ".$lines[$i];
- $cur_line =~ s/\n//;
- }
- $cur_line =~ s/{/;/;
- }
-
- if ($cur_line =~ /^[^#*\/ ]([\w\*]+)[\t ]+(.*?)[({](.*)\s*/ and $state == 2) {
- while ($cur_line !~ /\)\s*;/) {
- $i++;
- $cur_line .= $lines[$i];
- chomp($cur_line);
- $cur_line =~ s/\n/ /g;
- $cur_line =~ s/\s\s*/ /g;
- }
- $cur_line =~ /([\w\* ]+)[\t ]+(.*?)\((.*)\)\s*;/;
- # this should also end the current comment parsing
- $return = $1;
- $key = $2;
- $api = $3;
- # sometimes the * is stuck to the function
- # name instead to the return type
- if ($key =~ /^\*/) {
- #print"Name starts with *\n";
- $key =~ s/^\*//;
- if (defined($const)) {
- $return = $const . " " . $return . '*';
- } else {
- $return = $return . '*';
- }
- }
- $description =~ s/\\param\[in\][ \t]*([\*\w]+)[ \t]+/.br\n\\fB$1\\fR: /g;
- $description =~ s/\\param\[out\][ \t]*([\*\w]+)[ \t]+/.br\n\\fB$1\\fR: /g;
- $description =~ s/\\return[ \t]*/.br\nReturns /g;
-
- $description{$key} = $description;
- $api{$key} = $api;
- $return{$key} = $return;
- undef $description;
- undef $struct_description;
- $state = 0;
- } elsif ($state == 2 and (
- $cur_line =~ /^typedef\sstruct\s(\w+)\s(\w+);/ or
- $cur_line =~ /^typedef\senum\s(\w+)\s(\w+);/)) {
- $struct_description .= "\n.br\n" . $cur_line;
- $key = $2;
- $struct_description =~ s/\/\*\*\s*(.*?)\s*\*\//\\fB$1:\\fR/g;
- $description{$key} = $struct_description;
- $api{$key} = "struct";
- $return{$key} = $1;
- undef $description;
- undef $struct_description;
- $state = 0;
- } else {
- $struct_description .= "\n.br\n" . $cur_line;
- }
- $i++;
-}
-
-# create the manpages
-foreach (keys %manpages) {
- $name = $manpages{$_};
- $also = $see_also{$_};
-
- $filename = @$name[0];
- $filename = "$BASE/man$MAN_SECTION/$filename.$MAN_SECTION";
-
- my $symlink_file = @$name[0] . "." . $MAN_SECTION;
-
-# print STDOUT $filename,"\n";
- open (MAN, ">$filename") or die "Can not open $filename";
-
- print MAN $MAN_HEADER;
- print MAN ".SH NAME\n";
- print MAN join ", ", @$name;
- print MAN "\n\n";
- print MAN ".SH SYNOPSIS\n";
-
- print MAN "#include <stdint.h>\n.br\n";
- print MAN "#include <stdbool.h>\n.br\n";
-
- print MAN ".PP\n";
- print MAN "#include <ldns/ldns.h>\n";
- print MAN ".PP\n";
-
- foreach (@$name) {
- $b = $return{$_};
- $b =~ s/\s+$//;
- if ($api{$_} ne "struct") {
- print MAN $b, " ", $_;
- print MAN "(", $api{$_},");\n";
- print MAN ".PP\n";
- }
- }
-
- print MAN "\n.SH DESCRIPTION\n";
- foreach (@$name) {
- print MAN ".HP\n";
- print MAN "\\fI", $_, "\\fR";
- if ($api{$_} ne "struct") {
- print MAN "()";
- }
-# print MAN ".br\n";
- print MAN $description{$_};
- print MAN "\n.PP\n";
- }
-
- print MAN $MAN_MIDDLE;
-
- if (defined(@$also)) {
- print MAN "\n.SH SEE ALSO\n\\fI";
- print MAN join "\\fR, \\fI", @$also;
- print MAN "\\fR.\nAnd ";
- print MAN "\\fBperldoc Net::DNS\\fR, \\fBRFC1034\\fR,
-\\fBRFC1035\\fR, \\fBRFC4033\\fR, \\fBRFC4034\\fR and \\fBRFC4035\\fR.\n";
- } else {
- print MAN ".SH SEE ALSO
-\\fBperldoc Net::DNS\\fR, \\fBRFC1034\\fR,
-\\fBRFC1035\\fR, \\fBRFC4033\\fR, \\fBRFC4034\\fR and \\fBRFC4035\\fR.\n";
- }
-
- print MAN $MAN_FOOTER;
-
- # create symlinks
- chdir("$BASE/man$MAN_SECTION");
- foreach (@$name) {
- print STDERR $_,"\n";
- my $new_file = $_ . "." . $MAN_SECTION;
- if ($new_file eq $symlink_file) {
- next;
- }
- #print STDOUT "\t", $new_file, " -> ", $symlink_file, "\n";
- symlink $symlink_file, $new_file;
- }
- chdir("../../.."); # and back, tricky and fragile...
- close(MAN);
-}
+++ /dev/null
-# first function name will be the real name of the manpage
-# other names are aliases (symlinks)
-# all functions specified on the same line are included in the
-# same manual page. We cannot deal with linebreaks!
-# function named after the pipe `|' are put in the "see also" section
-
-# functions that must be included, separated by commas
-
-### host2wire.h
-# conversion functions
-ldns_rr2wire, ldns_pkt2wire, ldns_rdf2wire | ldns_wire2rr, ldns_wire2pkt, ldns_wire2rdf
-# lower level conversions, some are from host2str.h
-ldns_pkt2buffer_str, ldns_pktheader2buffer_str, ldns_rr2buffer_str, ldns_rr_list2buffer_str, ldns_rdf2buffer_str, ldns_key2buffer_str, ldns_pkt2buffer_wire, ldns_rr2buffer_wire, ldns_rdf2buffer_wire, ldns_rrsig2buffer_wire, ldns_rr_rdata2buffer_wire | ldns_pkt2str, ldns_rr2str, ldns_rdf2str, ldns_rr_list2str, ldns_key2str
-### /host2wire.h
-
-### host2str.h
-ldns_rr2str, ldns_pkt2str, ldns_rdf2str, ldns_rr_list2str, ldns_key2str | ldns_rr_print, ldns_rdf_print, ldns_pkt_print, ldns_rr_list_print, ldns_resolver_print, ldns_zone_print
-ldns_rr_print, ldns_rdf_print, ldns_pkt_print, ldns_rr_list_print, ldns_resolver_print, ldns_zone_print | ldns_rr2str, ldns_rdf2str, ldns_pkt2str, ldns_rr_list2str, ldns_key2str
-### /host2str.h
-
-### host2str.h
-# and even lower
-ldns_rdf2buffer_str_a, ldns_rdf2buffer_str_aaaa, ldns_rdf2buffer_str_str, ldns_rdf2buffer_str_b64, ldns_rdf2buffer_str_hex, ldns_rdf2buffer_str_type, ldns_rdf2buffer_str_class, ldns_rdf2buffer_str_alg, ldns_rdf2buffer_str_loc, ldns_rdf2buffer_str_unknown, ldns_rdf2buffer_str_nsap, ldns_rdf2buffer_str_wks, ldns_rdf2buffer_str_nsec, ldns_rdf2buffer_str_period, ldns_rdf2buffer_str_tsigtime, ldns_rdf2buffer_str_apl, ldns_rdf2buffer_str_int16_data, ldns_rdf2buffer_str_int16, ldns_rdf2buffer_str_ipseckey
-### /host2str.h
-
-### wire2host.h
-# wirefunctions
-ldns_wire2rr, ldns_wire2pkt, ldns_wire2rdf, ldns_wire2dname | ldns_rr2wire, ldns_pkt2wire, ldns_rdf2wire, ldns_dname2wire
-ldns_buffer2pkt_wire
-### /wire2host.h
-
-### dname.h
-ldns_dname_left_chop, ldns_dname_label_count | ldns_dname
-ldns_dname2canonical | ldns_dname
-ldns_dname_cat_clone, ldns_dname_cat | ldns_dname
-ldns_dname_new, ldns_dname_new_frm_str, ldns_dname_new_frm_data | ldns_dname, ldns_pkt_query_new_frm_str, ldns_rdf_new_frm_str, ldns_rr_new_frm_str
-ldns_dname_is_subdomain, ldns_dname_str_absolute, ldns_dname_label | ldns_dname
-ldns_dname_compare, ldns_dname_interval | ldns_dname_is_subdomain | ldns_dname
-ldns_dname | ldns_dname_left_chop, ldns_dname_label_count, ldns_dname2canonical, ldns_dname_cat, ldns_dname_cat_clone, ldns_dname_new, ldns_dname_new_frm_str, ldns_dname_new_frm_data, ldns_dname_is_subdomain, ldns_dname_str_absolute, ldns_dname_label, ldns_dname_compare, ldns_dname_interval
-### /dname.h
-
-### rdata.h
-ldns_rdf, ldns_rdf_type | ldns_rdf_set_size, ldns_rdf_set_type, ldns_rdf_set_data, ldns_rdf_size, ldns_rdf_get_type, ldns_rdf_data, ldns_rdf_compare, ldns_rdf_new, ldns_rdf_clone, ldns_rdf_new_frm_data, ldns_rdf_new_frm_str, ldns_rdf_new_frm_fp, ldns_rdf_free, ldns_rdf_deep_free, ldns_rdf_print, ldns_native2rdf_int8, ldns_native2rdf_int16, ldns_native2rdf_int32, ldns_native2rdf_int16_data, ldns_rdf2native_int8, ldns_rdf2native_int16, ldns_rdf2native_int32, ldns_rdf2native_sockaddr_storage, ldns_rdf2native_time_t, ldns_native2rdf_int8, ldns_native2rdf_int16, ldns_native2rdf_int32, ldns_native2rdf_int16_data, ldns_rdf2native_int8, ldns_rdf2native_int16, ldns_rdf2native_int32, ldns_rdf2native_sockaddr_storage, ldns_rdf2native_time_t, ldns_native2rdf_int8, ldns_native2rdf_int16, ldns_native2rdf_int32, ldns_native2rdf_int16_data, ldns_rdf2native_int8, ldns_rdf2native_int16, ldns_rdf2native_int32, ldns_rdf2native_sockaddr_storage, ldns_rdf2native_time_t
-ldns_rdf_set_size, ldns_rdf_set_type, ldns_rdf_set_data | ldns_rdf
-ldns_rdf_size, ldns_rdf_get_type, ldns_rdf_data, ldns_rdf_compare | ldns_rdf
-ldns_rdf_new, ldns_rdf_clone, ldns_rdf_new_frm_data, ldns_rdf_new_frm_str, ldns_rdf_new_frm_fp, ldns_rdf_free, ldns_rdf_deep_free, ldns_rdf_print | ldns_rdf
-ldns_native2rdf_int8, ldns_native2rdf_int16, ldns_native2rdf_int32, ldns_native2rdf_int16_data, ldns_rdf2native_int8, ldns_rdf2native_int16, ldns_rdf2native_int32, ldns_rdf2native_sockaddr_storage, ldns_rdf2native_time_t | ldns_rdf
-ldns_rdf_address_reverse | ldns_rdf
-ldns_octet | ldns_rdf
-# why is this in rdata.h?
-ldns_str2period
-### /rdata.h
-
-### higher.h
-ldns_get_rr_list_addr_by_name, ldns_get_rr_list_name_by_addr | ldns_rr_list, ldns_rr
-ldns_get_rr_list_hosts_frm_fp, ldns_get_rr_list_hosts_frm_file | ldns_rr_list, ldns_rr, ldns_get_rr_list_hosts_frm_fp_l
-ldns_get_rr_list_hosts_frm_fp_l | ldns_rr_list
-ldns_getaddrinfo
-### /higher.h
-
-#
-### dnssec.h
-#
-ldns_calc_keytag, ldns_verify, ldns_verify_rrsig, ldns_verify_rrsig_dsa, ldns_verify_rrsig_rsasha1, ldns_verify_rrsig_rsamd5, ldns_key_rr2ds, ldns_key_buf2dsa, ldns_key_buf2rsa | ldns_key, ldns_sign_public, ldns_zone_sign, ldns_verify, ldns_verify_rrsig
-
-# algs
-ldns_verify_rrsig_dsa, ldns_verify_rrsig_rsasha1, ldns_verify_rrsig_rsamd5 | ldns_key, ldns_sign_public, ldns_zone_sign, ldns_verify, ldns_verify_rrsig
-
-# tsig
-ldns_pkt_tsig_verify, ldns_pkt_tsig_sign | ldns_key
-
-# verify
-ldns_verify, ldns_verify_rrsig, ldns_verify_rrsig_keylist, ldns_verify_rrsig_keylist_notime, ldns_verify_notime | ldns_verify_rrsig_evp | ldns_verify_rrsig_dsa, ldns_verify_rrsig_rsasha1, ldns_verify_rrsig_rsamd5, ldns_sign_public, ldns_zone_sign, ldns_key
-
-# convert
-ldns_key_buf2dsa, ldns_key_buf2rsa | ldns_key_rr2ds
-ldns_key_rr2ds | ldns_key
-ldns_create_nsec | ldns_sign_public
-
-# signing
-ldns_sign_public | ldns_sign_public_dsa, ldns_sign_public_rsamd5, ldns_sign_public_rsasha1, ldns_verify, ldns_verify_rrsig, ldns_key
-ldns_sign_public_dsa, ldns_sign_public_rsamd5, ldns_sign_public_rsasha1 | ldns_sign_public
-ldns_dnssec_zone_sign, ldns_dnssec_zone_sign_nsec3 | ldns_zone_sign, ldns_zone_sign_nsec3 | ldns_sign_public, ldns_key, ldns_init_random
-ldns_init_random | ldns_sign_public, ldns_key
-ldns_pkt_verify | ldns_verify, ldns_sign_public, ldns_zone_sign
-
-# new family of dnssec functions
-ldns_dnssec_zone, ldns_dnssec_name, ldns_dnssec_rrs, ldns_dnssec_rrsets | ldns_dnssec_zone_new, ldns_dnssec_name_new, ldns_dnssec_rrs_new, ldns_dnssec_rrsets_new
-ldns_dnssec_zone_find_rrset, ldns_dnssec_zone_new, ldns_dnssec_zone_free, ldns_dnssec_zone_add_rr, ldns_dnssec_zone_names_print, ldns_dnssec_zone_print, ldns_dnssec_zone_add_empty_nonterminals | ldns_dnssec_zone
-ldns_dnssec_name_new, ldns_dnssec_name_new_frm_rr, ldns_dnssec_name_free, ldns_dnssec_name_name, ldns_dnssec_name_set_name, ldns_dnssec_name_set_nsec, ldns_dnssec_name_cmp, ldns_dnssec_name_add_rr, ldns_dnssec_name_find_rrset, ldns_dnssec_name_print | ldns_dnssec_zone
-ldns_dnssec_rrsets_new, ldns_dnssec_rrsets_free, ldns_dnssec_rrsets_type, ldns_dnssec_rrsets_set_type, ldns_dnssec_rrsets_add_rr, ldns_dnssec_rrsets_print | ldns_dnssec_zone
-ldns_dnssec_rrs_new, ldns_dnssec_rrs_free, ldns_dnssec_rrs_add_rr, ldns_dnssec_rrs_print | ldns_dnssec_zone
-
-# verification
-ldns_dnssec_data_chain, ldns_dnssec_data_chain_struct, ldns_dnssec_trust_tree | ldns_dnssec_data_chain_new, ldns_dnssec_trust_tree_new, ldns_dnssec_verify_denial
-ldns_dnssec_data_chain_new, ldns_dnssec_data_chain_free, ldns_dnssec_data_chain_deep_free, ldns_dnssec_build_data_chain, ldns_dnssec_data_chain_print | ldns_dnssec_data_chain
-ldns_dnssec_trust_tree_new, ldns_dnssec_trust_tree_free, ldns_dnssec_trust_tree_depth, ldns_dnssec_derive_trust_tree, ldns_dnssec_trust_tree_contains_keys, ldns_dnssec_trust_tree_print, ldns_dnssec_trust_tree_print_sm, ldns_dnssec_trust_tree_add_parent, ldns_dnssec_derive_trust_tree_normal_rrset, ldns_dnssec_derive_trust_tree_dnskey_rrset, ldns_dnssec_derive_trust_tree_ds_rrset, ldns_dnssec_derive_trust_tree_no_sig | ldns_dnssec_data_chain, ldns_dnssec_trust_tree
-ldns_dnssec_verify_denial, ldns_dnssec_verify_denial_nsec3 | ldns_dnssec_trust_tree, ldns_dnssec_data_chain
-
-# new signing functions
-ldns_dnssec_zone_sign, ldns_dnssec_zone_sign_nsec3, ldns_dnssec_zone_mark_glue, ldns_dnssec_name_node_next_nonglue, ldns_dnssec_zone_create_nsecs, ldns_dnssec_remove_signatures, ldns_dnssec_zone_create_rrsigs | ldns_dnssec_zone
-
-### /dnssec.h
-
-### dnskey.h
-ldns_key_new | ldns_key, ldns_key_list_new
-ldns_key_new_frm_algorithm, ldns_key_new_frm_fp, ldns_key_new_frm_fp_l | ldns_key
-ldns_key_new_frm_fp_rsa, ldns_key_new_frm_fp_rsa_l | ldns_key_new_frm_fp, ldns_key
-ldns_key_new_frm_fp_dsa, ldns_key_new_frm_fp_dsa_l | ldns_key_new_frm_fp, ldns_key
-ldns_key_list_new | ldns_key_new, ldns_key
-# access, write
-ldns_key_set_algorithm, ldns_key_set_rsa_key, ldns_key_set_dsa_key, ldns_key_set_hmac_key, ldns_key_set_origttl, ldns_key_set_inception, ldns_key_set_expiration, ldns_key_set_pubkey_owner, ldns_key_set_keytag, ldns_key_set_flags, ldns_key_list_set_key_count, ldns_key_algo_supported | ldns_key_push_key, ldns_key
-ldns_key_list_push_key | ldns_key_list_pop_key, ldns_key
-ldns_key_list_pop_key | ldns_key_list_push_key, ldns_key
-# access, read
-ldns_key_list_key_count, ldns_key_list_key, ldns_key_rsa_key, ldns_key_dsa_key, ldns_key_algorithm, ldns_key_hmac_key, ldns_key_origttl, ldns_key_inception, ldns_key_expiration, ldns_key_keytag, ldns_key_pubkey_owner, ldns_key_flags | ldns_key
-# convert
-ldns_key2rr | ldns_key
-ldns_key_free, ldns_key_deep_free, ldns_key_list_free | ldns_key
-#
-ldns_key_print | ldns_key_new, ldns_key
-ldns_key | ldns_key_new, ldns_key_new_frm_algorithm,ldns_key_new_frm_fp,ldns_key_new_frm_fp_l, ldns_key_new_frm_fp_rsa, ldns_key_new_frm_fp_rsa_l, ldns_key_new_frm_fp_dsa, ldns_key_new_frm_fp_dsa_l, ldns_key_list_new, ldns_key_set_algorithm, ldns_key_set_rsa_key, ldns_key_set_dsa_key, ldns_key_set_hmac_key, ldns_key_set_origttl, ldns_key_set_inception, ldns_key_set_expiration, ldns_key_set_pubkey_owner, ldns_key_set_keytag, ldns_key_set_flags, ldns_key_list_set_key_count, ldns_key_list_push_key, ldns_key_list_pop_key, ldns_key_list_key_count, ldns_key_list_key, ldns_key_rsa_key, ldns_key_dsa_key, ldns_key_algorithm, ldns_key_hmac_key, ldns_key_origttl, ldns_key_inception, ldns_key_expiration, ldns_key_keytag, ldns_key_pubkey_owner, ldns_key_flags, ldns_key2rr, ldns_key_free, ldns_key_deep_free, ldns_key_list_free, ldns_key_print
-### /dnskey.h
-
-### MIEK TOT HIER TOT HIER
-
-# lists
-ldns_key_list_new, ldns_key_list_push_key, ldns_key_list_pop_key, ldns_key_list_key_count, ldns_key_list_key | ldns_key_list, ldns_key
-ldns_key_rsa_key, ldns_key_dsa_key, ldns_key_algorithm, ldns_key_hmac_key | ldns_key_list, ldns_key
-
-# gets/sets
-ldns_key_origttl, ldns_key_inception, ldns_key_expiration, ldns_key_keytag, ldns_key_pubkey_owner, ldns_key_flags | ldns_key
-ldns_key_set_algorithm, ldns_key_set_rsa_key, ldns_key_set_dsa_key, ldns_key_set_hmac_key, ldns_key_set_origttl, ldns_key_set_inception, ldns_key_set_expiration, ldns_key_set_pubkey_owner, ldns_key_set_keytag, ldns_key_set_flags, ldns_key_list_set_key_count | ldns_key
-
-# errr.h
-ldns_get_errorstr_by_id | ldns_status
-ldns_status | ldns_get_errorstr_by_id
-
-### net.h
-ldns_send | ldns_pkt, ldns_resolver
-ldns_tcp_send_query, ldns_tcp_read_wire, ldns_tcp_connect | ldns_send, ldns_pkt, ldns_resolver
-### /net.h
-
-### buffer.h
-# general
-ldns_buffer | ldns_buffer_new, ldns_buffer_new_frm_data, ldns_buffer_clear, ldns_buffer_printf, ldns_buffer_free, ldns_buffer_export, ldns_buffer_flip, ldns_buffer_rewind, ldns_buffer_position, ldns_buffer_set_position, ldns_buffer_skip, ldns_buffer_limit, ldns_buffer_set_limit, ldns_buffer_capacity, ldns_buffer_set_capacity, ldns_buffer_reserve, ldns_buffer_at, ldns_buffer_begin, ldns_buffer_end, ldns_buffer_current, ldns_buffer_remaining_at, ldns_buffer_remaining, ldns_buffer_available_at, ldns_buffer_available, ldns_buffer_status, ldns_buffer_status_ok, ldns_buffer_write_at, ldns_buffer_write_at, ldns_buffer_write, ldns_buffer_write_string_at, ldns_buffer_write_string, ldns_buffer_write_u8_at, ldns_buffer_write_u8, ldns_buffer_write_u16_at, ldns_buffer_write_u16, ldns_buffer_read_at, ldns_buffer_read, ldns_buffer_read_u8_at, ldns_buffer_read_u8, ldns_buffer_read_u16_at, ldns_buffer_read_u16, ldns_buffer_read_u32_at, ldns_buffer_read_u32
-ldns_buffer_new, ldns_buffer_new_frm_data, ldns_buffer_clear, ldns_buffer_printf, ldns_buffer_free, ldns_buffer_export | ldns_buffer
-# position
-ldns_buffer_flip, ldns_buffer_rewind, ldns_buffer_position, ldns_buffer_set_position, ldns_buffer_skip | ldns_buffer
-# values and pointers
-ldns_buffer_limit, ldns_buffer_set_limit, ldns_buffer_capacity, ldns_buffer_set_capacity, ldns_buffer_reserve, ldns_buffer_at, ldns_buffer_begin, ldns_buffer_end, ldns_buffer_current | ldns_buffer
-# info
-ldns_buffer_remaining_at, ldns_buffer_remaining, ldns_buffer_available_at, ldns_buffer_available, ldns_buffer_status, ldns_buffer_status_ok | ldns_buffer
-# read and write
-ldns_buffer_write_at, ldns_buffer_write_at, ldns_buffer_write, ldns_buffer_write_string_at, ldns_buffer_write_string, ldns_buffer_write_u8_at, ldns_buffer_write_u8, ldns_buffer_write_u16_at, ldns_buffer_write_u16, ldns_buffer_read_at, ldns_buffer_read, ldns_buffer_read_u8_at, ldns_buffer_read_u8, ldns_buffer_read_u16_at, ldns_buffer_read_u16, ldns_buffer_read_u32_at, ldns_buffer_read_u32 | ldns_buffer
-### /buffer.h
-
-# parse.h
-ldns_bget_token, ldns_bgetc, ldns_bskipcs | ldns_buffer
-ldns_fget_token, ldns_fskipcs | ldns_buffer
-ldns_str_remove_comment
-
-
-# rr.h and other general rr funcs
-ldns_rr, ldns_rr_class, ldns_rr_type, ldns_rr_compress, ldns_rr_list | ldns_rr_new, ldns_rr_new_frm_type, ldns_rr_new_frm_str, ldns_rr_new_frm_fp, ldns_rr_free, ldns_rr_print, ldns_rr_set_owner, ldns_rr_set_ttl, ldns_rr_set_type, ldns_rr_set_rd_count, ldns_rr_set_class, ldns_rr_set_rdf, ldns_rr_push_rdf, ldns_rr_pop_rdf, ldns_rr_rdf, ldns_rr_owner, ldns_rr_rd_count, ldns_rr_ttl, ldns_rr_get_class, ldns_rr_list_rr_count, ldns_rr_list_set_rr_count, ldns_rr_list_new, ldns_rr_list_free, ldns_rr_list_cat, ldns_rr_list_push_rr, ldns_rr_list_pop_rr, ldns_is_rrset, ldns_rr_set_push_rr, ldns_rr_set_pop_rr, ldns_get_rr_class_by_name, ldns_get_rr_type_by_name, ldns_rr_list_clone, ldns_rr_list_sort, ldns_rr_compare, ldns_rr_compare_ds, ldns_rr_uncompressed_size, ldns_rr2canonical, ldns_rr_label_count, ldns_is_rrset, ldns_rr_descriptor, ldns_rr_descript
-ldns_rr_new, ldns_rr_new_frm_type, ldns_rr_new_frm_str, ldns_rr_new_frm_fp, ldns_rr_free, ldns_rr_print | ldns_rr, ldns_rr_list
-ldns_rr_set_owner, ldns_rr_set_ttl, ldns_rr_set_type, ldns_rr_set_rd_count, ldns_rr_set_class, ldns_rr_set_rdf | ldns_rr, ldns_rr_list
-ldns_rr_push_rdf, ldns_rr_pop_rdf | ldns_rr, ldns_rr_list
-ldns_rr_rdf, ldns_rr_owner, ldns_rr_rd_count, ldns_rr_ttl, ldns_rr_get_class | ldns_rr, ldns_rr_list
-ldns_rr_list_rr_count, ldns_rr_list_set_rr_count | ldns_rr, ldns_rr_list
-ldns_rr_list_new, ldns_rr_list_free | ldns_rr, ldns_rr_list
-ldns_rr_list_cat, ldns_rr_list_push_rr, ldns_rr_list_pop_rr | ldns_rr, ldns_rr_list
-ldns_is_rrset | ldns_rr, ldns_rr_list
-ldns_rr_set_push_rr, ldns_rr_set_pop_rr | ldns_rr, ldns_rr_list
-ldns_get_rr_class_by_name, ldns_get_rr_type_by_name | ldns_rr, ldns_rr_list
-ldns_rr_list_clone | ldns_rr, ldns_rr_list
-ldns_rr_list_sort | ldns_rr, ldns_rr_list
-ldns_rr_compare, ldns_rr_compare_ds | ldns_rr, ldns_rr_list
-ldns_rr_uncompressed_size | ldns_rr, ldns_rr_list
-ldns_rr2canonical | ldns_rr, ldns_rr_list
-ldns_rr_label_count | ldns_rr, ldns_rr_list
-ldns_is_rrset | ldns_rr
-
-# rr descriptors
-ldns_rr_descriptor, ldns_rr_descript, ldns_rr_descriptor_minimum, ldns_rr_descriptor_maximum, ldns_rr_descriptor_field_type | ldns_rr, ldns_rdf
-
-# packet.h
-ldns_pkt, ldns_pkt_section, ldns_pkt_type | ldns_pkt_new, ldns_pkt_free, ldns_pkt_print, ldns_pkt_query_new, ldns_pkt_query_new_frm_str, ldns_pkt_reply_type, ldns_pkt_id, ldns_pkt_qr, ldns_pkt_aa, ldns_pkt_tc, ldns_pkt_rd, ldns_pkt_cd, ldns_pkt_ra, ldns_pkt_ad, ldns_pkt_get_opcode, ldns_pkt_get_rcode, ldns_pkt_qdcount, ldns_pkt_ancount, ldns_pkt_nscount, ldns_pkt_arcount, ldns_pkt_answerfrom, ldns_pkt_querytime, ldns_pkt_size, ldns_pkt_tsig, ldns_pkt_question, ldns_pkt_answer, ldns_pkt_authority, ldns_pkt_additional, ldns_pkt_get_section_clone, ldns_pkt_rr_list_by_name, ldns_pkt_rr_list_by_type, ldns_pkt_rr_list_by_name_and_type, ldns_pkt_set_flags, ldns_pkt_set_id, ldns_pkt_set_qr, ldns_pkt_set_aa, ldns_pkt_set_tc, ldns_pkt_set_rd, ldns_pkt_set_cd, ldns_pkt_set_ra, ldns_pkt_set_ad, ldns_pkt_set_opcode, ldns_pkt_set_rcode, ldns_pkt_set_qdcount, ldns_pkt_set_ancount, ldns_pkt_set_nscount, ldns_pkt_set_arcount, ldns_pkt_set_answerfrom, ldns_pkt_set_querytime, ldns_pkt_set_size, ldns_pkt_set_section_count, ldns_pkt_set_tsig, ldns_pkt_edns, ldns_pkt_edns_udp_size, ldns_pkt_edns_extended_rcode, ldns_pkt_edns_version, ldns_pkt_edns_z, ldns_pkt_edns_data, ldns_pkt_set_edns_udp_size, ldns_pkt_set_edns_extended_rcode, ldns_pkt_set_edns_version, ldns_pkt_set_edns_z, ldns_pkt_set_edns_data
-
-ldns_pkt_new, ldns_pkt_free, ldns_pkt_print, ldns_pkt_query_new, ldns_pkt_query_new_frm_str, ldns_pkt_reply_type | ldns_pkt
-# gets
-ldns_pkt_id, ldns_pkt_qr, ldns_pkt_aa, ldns_pkt_tc, ldns_pkt_rd, ldns_pkt_cd, ldns_pkt_ra, ldns_pkt_ad, ldns_pkt_get_opcode, ldns_pkt_get_rcode, ldns_pkt_qdcount, ldns_pkt_ancount, ldns_pkt_nscount, ldns_pkt_arcount, ldns_pkt_answerfrom, ldns_pkt_querytime, ldns_pkt_size, ldns_pkt_tsig, ldns_pkt_question, ldns_pkt_answer, ldns_pkt_authority, ldns_pkt_additional, ldns_pkt_get_section_clone, ldns_pkt_rr_list_by_name, ldns_pkt_rr_list_by_type, ldns_pkt_rr_list_by_name_and_type | ldns_pkt
-# sets
-ldns_pkt_set_flags, ldns_pkt_set_id, ldns_pkt_set_qr, ldns_pkt_set_aa, ldns_pkt_set_tc, ldns_pkt_set_rd, ldns_pkt_set_cd, ldns_pkt_set_ra, ldns_pkt_set_ad, ldns_pkt_set_opcode, ldns_pkt_set_rcode, ldns_pkt_set_qdcount, ldns_pkt_set_ancount, ldns_pkt_set_nscount, ldns_pkt_set_arcount, ldns_pkt_set_answerfrom, ldns_pkt_set_querytime, ldns_pkt_set_size, ldns_pkt_set_section_count, ldns_pkt_set_tsig | ldns_pkt
-# EDNS0
-ldns_pkt_edns, ldns_pkt_edns_udp_size, ldns_pkt_edns_extended_rcode, ldns_pkt_edns_version, ldns_pkt_edns_z, ldns_pkt_edns_data, ldns_pkt_set_edns_udp_size, ldns_pkt_set_edns_extended_rcode, ldns_pkt_set_edns_version, ldns_pkt_set_edns_z, ldns_pkt_set_edns_data | ldns_pkt
-
-# rr_functions.h
-ldns_rr_ns_nsdname
-#
-ldns_rr_mx_preference, ldns_rr_mx_exchange
-#
-ldns_rr_rrsig_typecovered, ldns_rr_rrsig_set_typecovered, ldns_rr_rrsig_algorithm, ldns_rr_rrsig_set_algorithm, ldns_rr_rrsig_labels, ldns_rr_rrsig_set_labels, ldns_rr_rrsig_origttl, ldns_rr_rrsig_set_origttl, ldns_rr_rrsig_expiration, ldns_rr_rrsig_set_expiration, ldns_rr_rrsig_inception, ldns_rr_rrsig_set_inception, ldns_rr_rrsig_keytag, ldns_rr_rrsig_set_keytag, ldns_rr_rrsig_signame, ldns_rr_rrsig_set_signame, ldns_rr_rrsig_sig, ldns_rr_rrsig_set_sig
-#
-ldns_rr_dnskey_flags, ldns_rr_dnskey_set_flags, ldns_rr_dnskey_protocol, ldns_rr_dnskey_set_protocol, ldns_rr_dnskey_algorithm, ldns_rr_dnskey_set_algorithm, ldns_rr_dnskey_key, ldns_rr_dnskey_set_key | ldns_rr
-
-### zone.h
-ldns_zone | ldns_zone_new, ldns_zone_deep_free, ldns_zone_new_frm_fp, ldns_zone_new_frm_fp_l, ldns_zone_sort, ldns_zone_glue_rr_list, ldns_zone_push_rr, ldns_zone_push_rr_list, ldns_zone_set_rrs, ldns_zone_set_soa, ldns_zone_rrs, ldns_zone_soa, ldns_zone_rr_count,
-
-
-ldns_zone_new, ldns_zone_deep_free, ldns_zone_new_frm_fp, ldns_zone_new_frm_fp_l | ldns_zone
-ldns_zone_sort, ldns_zone_glue_rr_list | ldns_zone
-ldns_zone_push_rr, ldns_zone_push_rr_list | ldns_zone
-ldns_zone_set_rrs, ldns_zone_set_soa | ldns_zone, ldns_zone_rrs, ldns_zone_soa
-ldns_zone_rrs, ldns_zone_soa | ldns_zone ldns_zone_set_rrs
-ldns_zone_rr_count | ldns_zone
-
-### update.h
-ldns_update_pkt_new | ldns_update_pkt_tsig_add, ldns_update_pkt_tsig_add, ldns_update_zocount, ldns_update_prcount, ldns_update_upcount, ldns_update_adcount, ldns_update_set_zocount, ldns_update_set_prcount, ldns_update_set_upcount, ldns_update_set_adcount,
-
-ldns_update_pkt_tsig_add | ldns_update_pkt_new
-ldns_update_zocount, ldns_update_prcount, ldns_update_upcount, ldns_update_adcount | ldns_update_pkt_new
-ldns_update_set_zocount, ldns_update_set_prcount, ldns_update_set_upcount, ldns_update_set_adcount | ldns_update_pkt_new
+++ /dev/null
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
-<html><head><meta http-equiv="Content-Type"
-content="text/html;charset=iso-8859-1">
-<title>ldns documentation</title>
-<link href="doxygen.css" rel="stylesheet" type="text/css">
-<link href="tabs.css" rel="stylesheet" type="text/css">
-</head><body>
-<div class="logo">
-<img src="LogoInGradientBar2-y100.png"/>
-</div>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!-- Created with Inkscape (http://www.inkscape.org/) -->
-<svg
- xmlns:dc="http://purl.org/dc/elements/1.1/"
- xmlns:cc="http://web.resource.org/cc/"
- xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
- xmlns:svg="http://www.w3.org/2000/svg"
- xmlns="http://www.w3.org/2000/svg"
- xmlns:xlink="http://www.w3.org/1999/xlink"
- xmlns:sodipodi="http://inkscape.sourceforge.net/DTD/sodipodi-0.dtd"
- xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
- width="744.09448819"
- height="1052.3622047"
- id="svg2"
- sodipodi:version="0.32"
- inkscape:version="0.43"
- sodipodi:docbase="/home/jeltejan/Desktop"
- sodipodi:docname="libdnsoverview.svg">
- <defs
- id="defs4">
- <marker
- inkscape:stockid="Arrow1Lend"
- orient="auto"
- refY="0.0"
- refX="0.0"
- id="Arrow1Lend"
- style="overflow:visible;">
- <path
- id="path6471"
- d="M 0.0,0.0 L 5.0,-5.0 L -12.5,0.0 L 5.0,5.0 L 0.0,0.0 z "
- style="fill-rule:evenodd;stroke:#000000;stroke-width:1.0pt;marker-start:none;"
- transform="scale(0.8) rotate(180)" />
- </marker>
- <marker
- inkscape:stockid="Arrow2Lstart"
- orient="auto"
- refY="0.0"
- refX="0.0"
- id="Arrow2Lstart"
- style="overflow:visible">
- <path
- id="path6456"
- style="font-size:12.0;fill-rule:evenodd;stroke-width:0.62500000;stroke-linejoin:round"
- d="M 8.7185878,4.0337352 L -2.2072895,0.016013256 L 8.7185884,-4.0017078 C 6.9730900,-1.6296469 6.9831476,1.6157441 8.7185878,4.0337352 z "
- transform="scale(1.1) translate(-5,0)" />
- </marker>
- <marker
- inkscape:stockid="Arrow1Lstart"
- orient="auto"
- refY="0.0"
- refX="0.0"
- id="Arrow1Lstart"
- style="overflow:visible">
- <path
- id="path6474"
- d="M 0.0,0.0 L 5.0,-5.0 L -12.5,0.0 L 5.0,5.0 L 0.0,0.0 z "
- style="fill-rule:evenodd;stroke:#000000;stroke-width:1.0pt;marker-start:none"
- transform="scale(0.8)" />
- </marker>
- <linearGradient
- inkscape:collect="always"
- id="linearGradient6293">
- <stop
- style="stop-color:#000000;stop-opacity:1;"
- offset="0"
- id="stop6295" />
- <stop
- style="stop-color:#000000;stop-opacity:0;"
- offset="1"
- id="stop6297" />
- </linearGradient>
- <radialGradient
- inkscape:collect="always"
- xlink:href="#linearGradient6293"
- id="radialGradient6299"
- cx="247.14285"
- cy="314.14789"
- fx="247.14285"
- fy="314.14789"
- r="53.357145"
- gradientTransform="matrix(0.360193,0.932878,-0.364659,0.140798,328.3948,67.21935)"
- gradientUnits="userSpaceOnUse" />
- <radialGradient
- inkscape:collect="always"
- xlink:href="#linearGradient6293"
- id="radialGradient6487"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.533404,-0.663938,0.262021,0.206525,-65.56892,208.3559)"
- cx="247.14285"
- cy="314.14789"
- fx="247.14285"
- fy="314.14789"
- r="53.357145" />
- <radialGradient
- inkscape:collect="always"
- xlink:href="#linearGradient6293"
- id="radialGradient6491"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(0.700682,8.366694e-2,-3.154009e-2,0.264153,261.3825,-3.441503)"
- cx="247.14285"
- cy="314.14789"
- fx="247.14285"
- fy="314.14789"
- r="53.357145" />
- <radialGradient
- inkscape:collect="always"
- xlink:href="#linearGradient6293"
- id="radialGradient6495"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(-0.304578,-0.203794,0.310458,-3.225552e-2,282.7444,163.9328)"
- cx="247.14285"
- cy="314.14789"
- fx="247.14285"
- fy="314.14789"
- r="53.357145" />
- <radialGradient
- inkscape:collect="always"
- xlink:href="#linearGradient6293"
- id="radialGradient7376"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(-0.304578,-0.390833,0.310458,-6.185918e-2,472.4645,371.958)"
- cx="247.14285"
- cy="314.14789"
- fx="247.14285"
- fy="314.14789"
- r="53.357145" />
- <radialGradient
- inkscape:collect="always"
- xlink:href="#linearGradient6293"
- id="radialGradient7384"
- gradientUnits="userSpaceOnUse"
- gradientTransform="matrix(-9.134252e-2,-1.242432,0.752705,0.765448,-7.814871,371.0985)"
- cx="247.14285"
- cy="314.14789"
- fx="247.14285"
- fy="314.14789"
- r="53.357145" />
- </defs>
- <sodipodi:namedview
- id="base"
- pagecolor="#ffffff"
- bordercolor="#666666"
- borderopacity="1.0"
- inkscape:pageopacity="0.0"
- inkscape:pageshadow="2"
- inkscape:zoom="1.4"
- inkscape:cx="321.73243"
- inkscape:cy="789.1913"
- inkscape:document-units="px"
- inkscape:current-layer="layer1"
- inkscape:window-width="1184"
- inkscape:window-height="910"
- inkscape:window-x="10"
- inkscape:window-y="61"
- showguides="true" />
- <metadata
- id="metadata7">
- <rdf:RDF>
- <cc:Work
- rdf:about="">
- <dc:format>image/svg+xml</dc:format>
- <dc:type
- rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
- </cc:Work>
- </rdf:RDF>
- </metadata>
- <g
- inkscape:label="Layer 1"
- inkscape:groupmode="layer"
- id="layer1">
- <g
- id="g1350"
- transform="translate(6.428571,-50)">
- <text
- id="text1307"
- y="104.24736"
- x="271.21109"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- xml:space="preserve"><tspan
- id="tspan1311"
- y="104.24736"
- x="271.21109"
- sodipodi:role="line">- CLIENT -</tspan></text>
- <text
- id="text1315"
- y="123.79076"
- x="204.28571"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- xml:space="preserve"><tspan
- y="123.79076"
- x="204.28571"
- id="tspan1317"
- sodipodi:role="line">any program making use of ldns</tspan></text>
- </g>
- <g
- id="g1339"
- transform="translate(-78.57144,-104.2857)">
- <text
- id="text1319"
- y="269.50504"
- x="132.85713"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- xml:space="preserve"><tspan
- y="269.50504"
- x="132.85713"
- id="tspan1321"
- sodipodi:role="line">- WIRE module -</tspan><tspan
- id="tspan1323"
- y="284.50504"
- x="132.85713"
- sodipodi:role="line" /></text>
- <text
- id="text1325"
- y="288.07648"
- x="79.999992"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- xml:space="preserve"><tspan
- y="288.07648"
- x="79.999992"
- id="tspan1327"
- sodipodi:role="line"> from_wire</tspan><tspan
- id="tspan1329"
- y="303.07648"
- x="79.999992"
- sodipodi:role="line"> to_wire</tspan><tspan
- id="tspan1331"
- y="318.07648"
- x="79.999992"
- sodipodi:role="line">- convert to and from wireformat</tspan><tspan
- id="tspan1333"
- y="333.07648"
- x="79.999992"
- sodipodi:role="line">- all name encoding and decoding</tspan><tspan
- id="tspan1335"
- y="348.07648"
- x="79.999992"
- sodipodi:role="line"> is contained in these functions</tspan></text>
- </g>
- <g
- id="g1384"
- transform="translate(1.428571,-235.7143)">
- <text
- id="text1356"
- y="374.50507"
- x="248.57143"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- xml:space="preserve"><tspan
- y="374.50507"
- x="248.57143"
- id="tspan1358"
- sodipodi:role="line">- central structures -</tspan></text>
- <text
- id="text1360"
- y="393.79074"
- x="260"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- xml:space="preserve"><tspan
- y="393.79074"
- x="260"
- id="tspan1362"
- sodipodi:role="line">pkt structure</tspan><tspan
- id="tspan1368"
- y="408.79074"
- x="260"
- sodipodi:role="line">rdf structure</tspan><tspan
- id="tspan1374"
- y="423.79074"
- x="260"
- sodipodi:role="line">dname structure</tspan><tspan
- id="tspan1376"
- y="438.79074"
- x="260"
- sodipodi:role="line">rr structure</tspan><tspan
- id="tspan1378"
- y="453.79074"
- x="260"
- sodipodi:role="line">rrlist structure</tspan><tspan
- id="tspan1380"
- y="468.79074"
- x="260"
- sodipodi:role="line">rrset structure</tspan><tspan
- id="tspan1382"
- y="483.79074"
- x="260"
- sodipodi:role="line">pkt structure</tspan><tspan
- y="498.79074"
- x="260"
- sodipodi:role="line"
- id="tspan1466">zone structure</tspan></text>
- </g>
- <g
- id="g1440"
- transform="translate(146.5289,-247.1429)">
- <text
- id="text1396"
- y="384.50504"
- x="291.42856"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- xml:space="preserve"><tspan
- y="384.50504"
- x="291.42856"
- id="tspan1398"
- sodipodi:role="line">- resolver module -</tspan><tspan
- id="tspan1400"
- y="399.50504"
- x="291.42856"
- sodipodi:role="line" /></text>
- <text
- id="text1402"
- y="403.79077"
- x="308.57141"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- xml:space="preserve"><tspan
- y="403.79077"
- x="308.57141"
- id="tspan1404"
- sodipodi:role="line">stub resolver</tspan><tspan
- id="tspan1406"
- y="418.79077"
- x="308.57141"
- sodipodi:role="line">send</tspan><tspan
- id="tspan1408"
- y="433.79077"
- x="308.57141"
- sodipodi:role="line">query</tspan><tspan
- id="tspan1410"
- y="448.79077"
- x="308.57141"
- sodipodi:role="line">bgsend</tspan><tspan
- id="tspan1412"
- y="463.79077"
- x="308.57141"
- sodipodi:role="line">axfr</tspan><tspan
- id="tspan1414"
- y="478.79077"
- x="308.57141"
- sodipodi:role="line" /></text>
- </g>
- <g
- id="g1452"
- transform="translate(338.5714,-85.71429)">
- <text
- id="text1416"
- y="390.93359"
- x="114.28572"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- xml:space="preserve"><tspan
- y="390.93359"
- x="114.28572"
- id="tspan1418"
- sodipodi:role="line">- net module -</tspan><tspan
- id="tspan1420"
- y="405.93359"
- x="114.28572"
- sodipodi:role="line" /></text>
- <text
- id="text1422"
- y="409.50507"
- x="72.142853"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- xml:space="preserve"><tspan
- y="409.50507"
- x="72.142853"
- id="tspan1424"
- sodipodi:role="line">all network interfacing code</tspan></text>
- </g>
- <text
- xml:space="preserve"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- x="448.59805"
- y="386.64789"
- id="text1426"><tspan
- sodipodi:role="line"
- id="tspan1428"
- x="448.59805"
- y="386.64789">- OS/libc layer -</tspan></text>
- <g
- id="g1484"
- transform="translate(-26.42857,-10)">
- <text
- id="text1468"
- y="371.64789"
- x="105"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- xml:space="preserve"><tspan
- y="371.64789"
- x="105"
- id="tspan1470"
- sodipodi:role="line">str module</tspan></text>
- <text
- id="text1472"
- y="390.93362"
- x="53.57143"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- xml:space="preserve"><tspan
- y="390.93362"
- x="53.57143"
- id="tspan1474"
- sodipodi:role="line"> from_str</tspan><tspan
- id="tspan1476"
- y="405.93362"
- x="53.57143"
- sodipodi:role="line"> to_str</tspan><tspan
- id="tspan1478"
- y="420.93362"
- x="53.57143"
- sodipodi:role="line">- convert from and to string</tspan><tspan
- id="tspan1480"
- y="435.93362"
- x="53.57143"
- sodipodi:role="line">- dig-style formatted output</tspan><tspan
- id="tspan1482"
- y="450.93362"
- x="53.57143"
- sodipodi:role="line" /></text>
- </g>
- <g
- id="g1459"
- transform="translate(-198.5714,9.285712)">
- <text
- id="text1430"
- y="426.64789"
- x="454.28574"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- xml:space="preserve"><tspan
- y="426.64789"
- x="454.28574"
- id="tspan1432"
- sodipodi:role="line">DNSSEC module</tspan></text>
- <text
- id="text1434"
- y="445.93359"
- x="486.42859"
- style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
- xml:space="preserve"><tspan
- y="445.93359"
- x="486.42859"
- id="tspan1436"
- sodipodi:role="line">sign</tspan><tspan
- id="tspan1438"
- y="460.93359"
- x="486.42859"
- sodipodi:role="line">verify</tspan></text>
- </g>
- <path
- style="opacity:1;color:#000000;fill:url(#radialGradient6299);fill-opacity:1;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;marker:none;marker-start:url(#Arrow1Lstart);marker-mid:none;marker-end:url(#Arrow1Lend);stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;visibility:visible;display:inline;overflow:visible"
- d="M 302.80907,285.36328 C 302.9052,398.64679 302.9052,398.64679 302.9052,398.64679"
- id="path5410" />
- <path
- style="opacity:1;color:#000000;fill:url(#radialGradient6487);fill-opacity:1;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;marker:none;marker-start:url(#Arrow1Lstart);marker-mid:none;marker-end:url(#Arrow1Lend);stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;visibility:visible;display:inline;overflow:visible"
- d="M 106.73167,133.48635 C 190.41118,84.809439 190.41118,84.809439 190.41118,84.809439"
- id="path6485" />
- <path
- style="opacity:1;color:#000000;fill:url(#radialGradient6491);fill-opacity:1;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;marker:none;marker-start:url(#Arrow1Lstart);marker-mid:none;marker-end:url(#Arrow1Lend);stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;visibility:visible;display:inline;overflow:visible"
- d="M 389.24933,82.040347 C 460.03637,118.39829 460.03637,118.39829 460.03637,118.39829"
- id="path6489" />
- <path
- style="opacity:1;color:#000000;fill:url(#radialGradient6495);fill-opacity:1;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;marker:none;marker-start:url(#Arrow1Lstart);marker-mid:none;marker-end:url(#Arrow1Lend);stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;visibility:visible;display:inline;overflow:visible"
- d="M 304.93106,115.88536 C 305.06893,90.981858 305.06893,90.981858 305.06893,90.981858"
- id="path6493" />
- <path
- style="opacity:1;color:#000000;fill:url(#radialGradient7376);fill-opacity:1;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;marker:none;marker-start:url(#Arrow1Lstart);marker-mid:none;marker-end:url(#Arrow1Lend);stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;visibility:visible;display:inline;overflow:visible"
- d="M 494.65118,279.81341 C 494.78905,232.0538 494.78905,232.0538 494.78905,232.0538"
- id="path7374" />
- <path
- style="opacity:1;color:#000000;fill:none;fill-opacity:1;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;marker:none;marker-start:url(#Arrow1Lstart);marker-mid:none;marker-end:url(#Arrow1Lend);stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;visibility:visible;display:inline;overflow:visible"
- d="M 494.65118,364.09965 C 494.78905,339.19615 494.78905,339.19615 494.78905,339.19615"
- id="path7378"
- transform="matrix(1,0,1e-2,1,0,0)" />
- <path
- style="opacity:1;color:#000000;fill:url(#radialGradient7384);fill-opacity:1;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;marker:none;marker-start:url(#Arrow1Lstart);marker-mid:none;marker-end:url(#Arrow1Lend);stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;visibility:visible;display:inline;overflow:visible"
- d="M 171.70014,330.31326 C 240.44271,278.69682 240.44271,278.69682 240.44271,278.69682"
- id="path7382" />
- </g>
-</svg>
+++ /dev/null
-BODY,H1,H2,H3,H4,H5,H6,P,CENTER,TD,TH,UL,DL,DIV {
- font-family: Geneva, Arial, Helvetica, sans-serif;
-}
-BODY,TD {
- font-size: 90%;
-}
-H1 {
-text-align: center;
- font-size: 160%;
-}
-H2 {
- font-size: 120%;
-}
-H3 {
- font-size: 100%;
-}
-CAPTION { font-weight: bold }
-DIV.qindex {
- width: 100%;
- background-color: #e8eef2;
- border: 1px solid #84c7b0;
- text-align: center;
- margin: 2px;
- padding: 2px;
- line-height: 140%;
-}
-DIV.nav {
- width: 100%;
- background-color: #e8eef2;
- border: 1px solid #84c7b0;
- text-align: center;
- margin: 2px;
- padding: 2px;
- line-height: 140%;
-}
-
-DIV.navtab {
- background-color: #e8eef2;
- border: 1px solid #84c7b0;
- text-align: center;
- margin: 2px;
- margin-right: 15px;
- padding: 2px;
-}
-TD.navtab {
- font-size: 70%;
-}
-A {
- text-decoration: none;
- font-weight: bold;
- color: #1ba159;
-}
-
-A.qindex {
- text-decoration: none;
- font-weight: bold;
- color: #1ba159;
-}
-A.qindex:visited {
- text-decoration: none;
- font-weight: bold;
- color: #1b7159;
-}
-A.qindex:hover {
- text-decoration: none;
- background-color: #ddffdd;
-}
-A.qindexHL {
- text-decoration: none;
- font-weight: bold;
- background-color: #6666cc;
- color: #ffffff;
- border: 1px double #9295C2;
-}
-A.qindexHL:hover {
- text-decoration: none;
- background-color: #6666cc;
- color: #ffffff;
-}
-A.qindexHL:visited { text-decoration: none; background-color: #6666cc; color: #ffffff }
-A.el { text-decoration: none; font-weight: bold }
-A.elRef { font-weight: bold }
-A.code:link { text-decoration: none; font-weight: normal; color: #1ba159}
-A.code:visited { text-decoration: none; font-weight: normal; color: #1b7159}
-A.codeRef:link { font-weight: normal; color: #1ba159}
-A.codeRef:visited { font-weight: normal; color: #1b7159}
-A:hover { text-decoration: none; background-color: #c0c0c0 }
-
-DL.el { margin-left: -1cm }
-.fragment {
- font-family: monospace;
- font-size: 100%;
-}
-PRE.fragment {
- border: 1px solid #CCCCCC;
- background-color: #f5f5f5;
- margin-top: 4px;
- margin-bottom: 4px;
- margin-left: 2px;
- margin-right: 8px;
- padding-left: 6px;
- padding-right: 6px;
- padding-top: 4px;
- padding-bottom: 4px;
-}
-DIV.ah { background-color: black; font-weight: bold; color: #ffffff; margin-bottom: 3px; margin-top: 3px }
-TD.md { background-color: #F4F4FB; font-weight: bold; }
-TD.mdPrefix {
- background-color: #F4F4FB;
- color: #606060;
- font-size: 80%;
-}
-TD.mdname1 { background-color: #F4FBF4; font-weight: bold; color: #602020; }
-TD.mdname { background-color: #F4FBF4; font-weight: bold; color: #602020; width: 600px; }
-DIV.groupHeader {
- margin-left: 16px;
- margin-top: 12px;
- margin-bottom: 6px;
- font-weight: bold;
-}
-DIV.groupText { margin-left: 16px; font-style: italic; font-size: 90% }
-BODY {
- background: white;
- color: black;
- margin-right: 20px;
- margin-left: 20px;
-}
-TD.indexkey {
- background-color: #e8eef2;
- font-weight: bold;
- padding-right : 10px;
- padding-top : 2px;
- padding-left : 10px;
- padding-bottom : 2px;
- margin-left : 0px;
- margin-right : 0px;
- margin-top : 2px;
- margin-bottom : 2px;
- border: 1px solid #CCCCCC;
-}
-TD.indexvalue {
- background-color: #e8eef2;
- font-style: italic;
- padding-right : 10px;
- padding-top : 2px;
- padding-left : 10px;
- padding-bottom : 2px;
- margin-left : 0px;
- margin-right : 0px;
- margin-top : 2px;
- margin-bottom : 2px;
- border: 1px solid #CCCCCC;
-}
-TR.memlist {
- background-color: #f0f0f0;
-}
-P.formulaDsp { text-align: center; }
-IMG.formulaDsp { }
-IMG.formulaInl { vertical-align: middle; }
-SPAN.keyword { color: #008000 }
-SPAN.keywordtype { color: #604020 }
-SPAN.keywordflow { color: #e08000 }
-SPAN.comment { color: #800000 }
-SPAN.preprocessor { color: #806020 }
-SPAN.stringliteral { color: #002080 }
-SPAN.charliteral { color: #008080 }
-.mdTable {
- border: 1px solid #868686;
- background-color: #F4F4FB;
-}
-.mdRow {
- padding: 8px 10px;
-}
-.mdescLeft {
- padding: 0px 8px 4px 8px;
- font-size: 80%;
- font-style: italic;
- background-color: #FAFAFA;
- border-top: 1px none #E0E0E0;
- border-right: 1px none #E0E0E0;
- border-bottom: 1px none #E0E0E0;
- border-left: 1px none #E0E0E0;
- margin: 0px;
-}
-.mdescRight {
- padding: 0px 8px 4px 8px;
- font-size: 80%;
- font-style: italic;
- background-color: #FAFAFA;
- border-top: 1px none #E0E0E0;
- border-right: 1px none #E0E0E0;
- border-bottom: 1px none #E0E0E0;
- border-left: 1px none #E0E0E0;
- margin: 0px;
-}
-.memItemLeft {
- padding: 1px 0px 0px 8px;
- margin: 4px;
- border-top-width: 1px;
- border-right-width: 1px;
- border-bottom-width: 1px;
- border-left-width: 1px;
- border-top-color: #E0E0E0;
- border-right-color: #E0E0E0;
- border-bottom-color: #E0E0E0;
- border-left-color: #E0E0E0;
- border-top-style: solid;
- border-right-style: none;
- border-bottom-style: none;
- border-left-style: none;
- background-color: #FAFAFA;
- font-size: 80%;
-}
-.memItemRight {
- padding: 1px 8px 0px 8px;
- margin: 4px;
- border-top-width: 1px;
- border-right-width: 1px;
- border-bottom-width: 1px;
- border-left-width: 1px;
- border-top-color: #E0E0E0;
- border-right-color: #E0E0E0;
- border-bottom-color: #E0E0E0;
- border-left-color: #E0E0E0;
- border-top-style: solid;
- border-right-style: none;
- border-bottom-style: none;
- border-left-style: none;
- background-color: #FAFAFA;
- font-size: 80%;
-}
-.memTemplItemLeft {
- padding: 1px 0px 0px 8px;
- margin: 4px;
- border-top-width: 1px;
- border-right-width: 1px;
- border-bottom-width: 1px;
- border-left-width: 1px;
- border-top-color: #E0E0E0;
- border-right-color: #E0E0E0;
- border-bottom-color: #E0E0E0;
- border-left-color: #E0E0E0;
- border-top-style: none;
- border-right-style: none;
- border-bottom-style: none;
- border-left-style: none;
- background-color: #FAFAFA;
- font-size: 80%;
-}
-.memTemplItemRight {
- padding: 1px 8px 0px 8px;
- margin: 4px;
- border-top-width: 1px;
- border-right-width: 1px;
- border-bottom-width: 1px;
- border-left-width: 1px;
- border-top-color: #E0E0E0;
- border-right-color: #E0E0E0;
- border-bottom-color: #E0E0E0;
- border-left-color: #E0E0E0;
- border-top-style: none;
- border-right-style: none;
- border-bottom-style: none;
- border-left-style: none;
- background-color: #FAFAFA;
- font-size: 80%;
-}
-.memTemplParams {
- padding: 1px 0px 0px 8px;
- margin: 4px;
- border-top-width: 1px;
- border-right-width: 1px;
- border-bottom-width: 1px;
- border-left-width: 1px;
- border-top-color: #E0E0E0;
- border-right-color: #E0E0E0;
- border-bottom-color: #E0E0E0;
- border-left-color: #E0E0E0;
- border-top-style: solid;
- border-right-style: none;
- border-bottom-style: none;
- border-left-style: none;
- color: #606060;
- background-color: #FAFAFA;
- font-size: 80%;
-}
-.search { color: #009933;
- font-weight: bold;
-}
-FORM.search {
- margin-bottom: 0px;
- margin-top: 0px;
-}
-INPUT.search { font-size: 75%;
- color: #008000;
- font-weight: normal;
- background-color: #e8eef2;
-}
-TD.tiny { font-size: 75%;
-}
-a {
- color: #1ba159;
-}
-a:visited {
- color: #1b7159;
-}
-.dirtab { padding: 4px;
- border-collapse: collapse;
- border: 1px solid #84b0c7;
-}
-TH.dirtab { background: #e8eef2;
- font-weight: bold;
-}
-HR { height: 1px;
- border: none;
- border-top: 1px solid black;
-}
-
-/* tabs styles, based on http://www.alistapart.com/articles/slidingdoors */
-
-DIV.tabs
-{
- float : left;
- width : 100%;
- background : url("tab_b.gif") repeat-x bottom;
- margin-bottom : 4px;
-}
-
-DIV.tabs UL
-{
- margin : 0px;
- padding-left : 10px;
- list-style : none;
-}
-
-DIV.tabs LI, DIV.tabs FORM
-{
- display : inline;
- margin : 0px;
- padding : 0px;
-}
-
-DIV.tabs FORM
-{
- float : right;
-}
-
-DIV.tabs A
-{
- float : left;
- background : url("tab_r.gif") no-repeat right top;
- border-bottom : 1px solid #84C7B0;
- font-size : x-small;
- font-weight : bold;
- text-decoration : none;
-}
-
-DIV.tabs A:hover
-{
- background-position: 100% -150px;
-}
-
-DIV.tabs A:link, DIV.tabs A:visited,
-DIV.tabs A:active, DIV.tabs A:hover
-{
- color: #1b7159;
-}
-
-DIV.tabs SPAN
-{
- float : left;
- display : block;
- background : url("tab_l.gif") no-repeat left top;
- padding : 5px 9px;
- white-space : nowrap;
-}
-
-DIV.tabs INPUT
-{
- float : right;
- display : inline;
- font-size : 1em;
-}
-
-DIV.tabs TD
-{
- font-size : x-small;
- font-weight : bold;
- text-decoration : none;
-}
-
-
-
-/* Commented Backslash Hack hides rule from IE5-Mac \*/
-DIV.tabs SPAN {float : none;}
-/* End IE5-Mac hack */
-
-DIV.tabs A:hover SPAN
-{
- background-position: 0% -150px;
-}
-
-DIV.tabs LI#current A
-{
- background-position: 100% -150px;
- border-width : 0px;
-}
-
-DIV.tabs LI#current SPAN
-{
- background-position: 0% -150px;
- padding-bottom : 6px;
-}
-
-DIV.nav
-{
- background : none;
- border : none;
- border-bottom : 1px solid #84C7B0;
-}
-
-.logo
-{
- text-align: right;
-}
+++ /dev/null
-/**
- \page tutorial1_mx Tutorial 1: Querying for MX records
- \dontinclude ldns-mx.c
-
- The full source code can be found in \link examples/ldns-mx.c \endlink
-
- ldns-mx is a simple tool that queries your default caching forwarder for
- the MX (Mail exchange) record of the given domain.
-
- <pre>
- % ldns-mx nlnetlabs.nl
- nlnetlabs.nl. 86400 IN MX 100 omval.tednet.nl.
- nlnetlabs.nl. 86400 IN MX 50 open.nlnetlabs.nl.
- </pre>
-
- First of all, we need to include the correct header files, so
- that all functions are available to us:
-
- \skip include
- \until dns.h
-
- In this case we have used a configure script to generate a config.h file
- that does all our inclusions for us, so that it can be compiled on
- multiple platforms. If your platform supports the include files \c
- stdint.h and \c stdlib.h, you can include these instead of using a
- configure script.
-
- The first included files are prerequisites that ldns needs to function.
- The last one, of course, includes the functions of ldns itself.
-
- In our main function, we declare some variables that we are going to use:
-
- \skipline ldns_resolver
- \until ldns_status
-
- - The \c ldns_resolver structure keeps a list of nameservers, and can perform queries for us
- - An \c ldns_rdf is a basic data type of dns, the RDATA. See \ref design for a description about the building blocks of DNS.
- In this case, \c domain will be used to store the name the user specifies when calling the program
- - An \c ldns_pkt is a DNS packet, for instance a complete query, or an answer
- - The \c ldns_rr_list structure contains a list of DNS Resource Records (RRs). In this case, we will store the MX records we find in the list.
- - \c ldns_status is the basic type for status messages in ldns. Most functions will return a value of this type.
-
- First, we parse the command line argument (checks omitted on this page, see full source code), and store it in our \c domain variable:
- \skipline ldns_dname_new_frm_str
-
- This function takes a string containing a domain name (like
- "nlnetlabs.nl") and returns an \c ldns_rdf representing that name. If
- somehow the given string can not be parsed it returns NULL.
-
- Then, we create the resolver structure:
- \skipline ldns_resolver_new
-
- Most of the functions work like this, the first argument is a pointer to
- the structure where ldns should store its results (which is also a
- pointer). The function returns a status code indicating success
- (\ref LDNS_STATUS_OK) or an error number. Remember that these types of
- functions allocate memory that you should free later (using the
- ldns_free_<type> functions).
-
- The second argument is the filename that contains information about the
- resolver structure that is to be created. If this argument is NULL,
- /etc/resolv.conf is used. The syntax of the file is like that of
- /etc/resolv.conf.
-
-
-
- We tell the resolver to query for our domain, type MX, of class IN:
- \skipline ldns_resolver_query
- \until )
-
- The last argument contains flags to influence the type of query the
- resolver structure sends. In this case, we want the nameserver to use
- recursion, so that we'll get the final answer. Therefore, we specify the
- \ref LDNS_RD (Recursion Desired) flag.
-
- This should return a packet if everything goes well.
-
- We get all RRs of type MX from the answer packet and store them in our list:
- \skipline ldns_pkt_rr_list_by_type
- \until )
-
- If this list is not empty, we sort and print it:
- \skipline ldns_rr_list_sort
- \skipline ldns_rr_list_print
-
- And finally, just to be proper, we free our allocated data:
- \skipline free(
- \until resolver_deep_free
-
- For structures that can contain other ldns structures, there are two types of free() function available
- - \c ldns_free_<type> frees only the allocated data for the structure itself.
- - \c ldns_deep_free_<type> frees the structure, and ALL structures that
- are nested in it. For example, of you \c deep_free an ldns_rr_list,
- all \c ldns_rr structures that were present in the list are also
- freed.
-
-
-*/
+++ /dev/null
-/**
- \page tutorial2_zone Tutorial 2: Reading a zone file
- \dontinclude ldns-read-zone.c
-
- The full source code can be found in \link examples/ldns-read-zone.c \endlink
-
- ldns-read-zone reads a zone file, and prints it to stdout, with 1 resource record per line.
-
- <pre>
-% cat example.zone
-$ORIGIN example.
-$TTL 600
-
-example. IN SOA example. op.example. (
- 2004022501 ; serial
- 28800 ; refresh (8 hours)
- 7200 ; retry (2 hours)
- 604800 ; expire (1 week)
- 18000 ; minimum (5 hours)
- )
-
-@ IN MX 10 mail.example.
-@ IN NS ns1
-@ IN NS ns2
-@ IN A 123.123.123.123
-
-% ldns-read-zone example.zone
-example. 600 IN SOA example. op.example. 2004022501 28800 7200 604800 18000
-example. 600 IN MX 10 mail.example.
-example. 600 IN NS ns1.example.
-example. 600 IN NS ns2.example.
-example. 600 IN A 123.123.123.123
- </pre>
-
-
-
-Again, let's start with including some necessary header files:
-
-\skipline include
-\until errno
-
-In this example, we are going to open a file, if that fails, we'll need errno.h to display an error message.
-
-Okay, let's declare the variables we are going to need today:
-
-\skipline filename
-\until ldns_status
-
-The only two ldns-specific types here are \c ldns_zone and \c ldns_status.
- - \c ldns_zone is the structure that can contain a complete zone
- - \c ldns_status again is used to check return values of ldns functions
-
-
-If we get no filename, we'll read standard input, otherwise, we'll try to
-open the given filename:
-\skipline if (argc == 0)
-\until exit(EXIT_FAILURE)
-\until }
-\until }
-
-
-With the \c FILE pointer in our hands, we visit ldns to pour it into a zone
-structure:
-\skipline ldns_zone_new_frm_fp_l
-
-There is also a \c ldns_zone_new_frm_fp, but this one also remembers the
-line number it was on, so we can use that if we encounter a parse error.
-
-Just like in \ref tutorial1_mx, the first argument is a pointer
-to the place ldns should store its creation in, and again, the return value
-is the status code.
-
-The second argument is the file pointer where our zone data should reside.
-
-The third argument, if not NULL, is a \c dname that contains the zones
-origin. It will place this dname after every name in the file that is not a
-fully qualified domain name.
-
-The fourth argument, if not 0, is the default TTL to use.
-
-Both these values can be specified in the zone file by setting \c $ORIGIN and \c $TTL.
-
-The fifth argument specifies the default class, which defaults to IN (\ref LDNS_RR_CLASS_IN).
-
-And finally, every time \c ldns_zone_new_frm_fp_l reads a line from the
-input file pointer, it will increment the value pointed to by the last
-argument with 1.
-
-
-Okay, with that, we should have a nice zone structure. Of course we need to
-check whether it has succeeded.
-
-\skipline LDNS_STATUS_OK
-\until deep_free
-
-If everything went well, we sort the zone if necessary, print it, and free it.
-
-Since \c ldns_zone contains other ldns structures, we use \c ldns_deep_free
-so that every \c ldns_rr_list, \c ldns_rr et cetera are freed too.
-
-\until line_nr);
-\until }
-
-If something went wrong, we use \c ldns_get_errorstr_by_id() to get a nice
-error string instead of just a status integer.
-
-And of course, we should play nice and close the file:
-\skipline fclose
-\until exit
-
-*/
+++ /dev/null
-/**
- \page tutorial3_signzone Tutorial 3: Signing a zone file
- \dontinclude ldns-signzone.c
-
- The full source code can be found in \link examples/ldns-signzone.c \endlink
-
- Of course, we start by the usual includes. Since we need a bit more here,
- we'll add those right away.
-
- \skipline include
- \until define
-
- Let's skip the boring usage() and sanity check functions, and dive right
- into main().
-
- \skipline main(int argc
- \skipline {
-
- We'll be reading another zone file, so let's prepare some variables for that.
-
- \skipline zone
- \until argi
-
- We will create a separate zone structure for the signed zone, so let's have a clear name for the original one.
-
- \skipline zone
- \until zone
-
- To sign a zone, we need keys, so we need some variables to read and store it;
-
- \skipline key
- \until status
-
- The \ref ldns_key structure holds (private) keys. These can be of any
- supported algorithm type; you can put an RSA key in it, an DSA key, or an
- HMAC key. Public keys can simply be put in an \ref ldns_rr structure with
- type \ref LDNS_RR_TYPE_DNSKEY.
-
- The \ref ldns_key_list type is much like the \ref ldns_rr_list, only, you
- guessed it, for \c ldns_key entries.
-
-
- The signed zone will be stored in a new file.
-
- \skipline file
- \until file
-
- And we have some command line options for the output zone.
-
- \skipline tm
- \until class
-
- \c origin is a domain name, so it can be stored in an \ref ldns_rdf
- variable with type \ref LDNS_RDF_TYPE_DNAME.
-
- The next part is option parsing, which is pretty straightforward using \c
- getopt(), so we'll skip this too. U can always look to the source of the
- file to check it out.
-
- Okay that's it for the variables, let's get to work!
-
- First we'll try to read in the zone that is to be signed.
-
- \skipline fopen(zone
- \until } else {
-
- If the file exists and can be read, we'll let ldns mold it into a zone
- structure:
-
- \skipline zone_new
-
- This creates a new (\c new) zone from (\c frm) a filepointer (\c fp),
- while remembering the current line (\c l) in the input file (for error
- messages).
-
- A pointer to the zone structure to be filled is passed as the first
- argument, like in most \c new_frm functions.
-
- Like a lot of ldns functions, this one returns a \c ldns_status
- indicating success or the type of failure, so let us check that.
-
- \skipline STATUS
- \until } else {
-
- If everything is ok so far, we check if the zone has a SOA record and contains actual data.
-
- \skipline orig_soa
- \until }
- \until }
- \until }
-
- Now that we have the complete zone in our memory, we won't be needing the file anymore.
-
- \skipline fclose
- \until }
-
- If there was no origin given, we'll use the one derived from the original zone file.
-
- \skipline origin
- \until }
-
- No signing party can be complete without keys to sign with, let's fetch those.
-
- Multiple key files can be specified on the command line, by using the
- base names of the .key/.private file pairs.
-
- \skipline key
- \until fopen
-
- As you can see, we append ".private" to the name, which should result in
- the complete file name of the private key. Later we'll also form the
- ".key" file name, which will be directly included in the signed zone.
-
- If the file exists, we'll read it and create a \c ldns_key from its
- contents, much like the way we read the zone earlier.
-
- \skipline line_nr
- \until STATUS
-
- If this went ok, we need to set the inception and expiration times, which
- are set in the keys, but will eventually end up in the RRSIGs generated
- by those keys.
-
- \skipline expiration
- \until }
- \skipline inception
- \until }
-
- And now that we have read the private keys, we read the public keys and
- add them to the zone.
-
- Reading them from the files works roughly the same as reading private
- keys, but public keys are normal Resource Records, and they can be stored
- in general \c ldns_rr structures.
-
- \skipline FREE
- \until }
- \until }
-
- With \c push() we add them to our key list and our zone. This function
- clones the data, so we can safely free it after that.
-
- \skipline push
- \until free
-
- And if we're done, we free the allocated memory for the file name.
-
- \until FREE
-
- If the reading did not work, we print an error. Finally, we move on to
- the next key in the argument list.
-
- \skipline } else {
- \until }
- \until }
- \until }
-
- Just to be sure, we add a little check to see if we actually have any keys now.
-
- \skipline count
- \until }
-
- So, we have our zone, we have our keys, let's do some signing!
-
- \skipline sign
-
- Yes. That's it. We now have a completely signed zone, \c ldns_zone_sign
- checks the keys, and uses the zone signing keys to sign the data resource
- records. NSEC and RRSIG resource records are generated and added to the
- new zone.
-
- So now that we have a signed zone, all that is left is to store it somewhere.
-
- If no explicit output file name was given, we'll just append ".signed" to
- the original zone file name.
-
- \skipline outputfile
- \until }
-
- \c ldns_zone_sign returns NULL if the signing did not work, so we must check that.
-
- \skipline signed_zone
- \until } else {
-
- Writing to a file is no different than normal printing, so we'll print to
- the file and close it.
-
- \skipline print
- \until }
-
- And of course, give an error if the signing failed.
-
- \skipline } else {
- \until }
-
- Just to be nice, let's free the rest of the data we allocated, and exit
- with the right return value.
-
- \skipline free
- \until }
-
-
-
-
-
-*/
\ No newline at end of file
+++ /dev/null
---------- Drill now is a subdirectory in ldns. To make life easier
---------- we are using ldns' version numbering for drill from now on.
---------- Sadly this means we GO BACKWARDS in the versions
---------- This ChangeLog will not be updated anymore - all changes are
---------- documented in ldns' ChangeLog
-
-1.0-pre3: to be released: drill-team
- * Secure tracing works
- * Added section about DNSSEC in the manual page
- * Allow the class information to be given to do_chase()
- * Lint fixes for the code
- * Bugzilla was setup for drill
- * Bug #97 (drill); -S crash was fixed
- * Add -Q (quiet) flag was added. This supresses output from drill.
-
-1.0-pre2: 20 Jun 2005: drill-team
- * Second prerelease
- * Bugs where fix in the chasing functionality
-
-1.0-pre1: 1 Jun 2005: drill-team
- * First drill release based on ldns
- * drill's core code is not much more simple, as
- all the difficult stuff is moved to ldns.
- * Much saner argument parsing
-
----------- Above Newer drill based on ldns --------------
----------- Below Older drill with it's own DNS handling --------------
-
-0.9.2: Feb 3 2005: drill-team
- * Added two more options (borrowed from dig)
- --rd, don't set the RD bit in queries
- --fail, don't query the next nameserver on SERVFAIL
- * Fixed handling of obscure data types
- * Handle classes other the 'IN' when making a query
-
- * For people using FreeBSD: drill is now in the ports
- (Thanks to Jaap Akkerhuis)
-
-0.9.1: Jan 5 2005: drill-team
- * Makefile tweaks
- * drill ns . works
- * re-check the root in when tracing
- * added handling for some lesser known types (including WKS)
-
-0.9: Dec 6 2004: drill-team
- * big configure.ac and Makefile.in updates (made more general)
- * escapes in names argument and txt and dname data
- * gcc 2(.95) support
- * packet wire data is now checked for dangerous elements (like
- looping compression etc)
- * (Multiple) Octal char representation
- * Responses can be saved to file
- * 'Answers' can be read from file instead of server
- * Lots and lots of bugfixes and improvements
-
-0.8.1: Oct 27 2004: Miek
- * configure.ac updates
- * secure resolving updates (still doesn't work)
- * printing additions
- - CERT RR supported
- - LOC RR support
- * All non supported RRs are handled as unknown
- * If no namservers found in /etc/resolv.conf
- default to 127.0.0.1
- * Various bugs fixed
- - Close sockets after using them
- - Some memory leaks were plugged
-
-0.8: Oct 26 2004: Miek
- * Lots of features added. Drill is almost feature complete
- * Unknown RR's are supported
- * Numerous smaller updates in documentation
- * Numerous code cleanups
- * Dig is no longer needed to build drill
-
-0.7: Oct 21 2004: Miek
- * reworked interal code
- * DNSSEC is working, except the secure resolving
- * build updates
- * more sane options parsing
- * more sane argument handling
-
-0.6-alpha: Oct 2004: Jelte
- * No log
-
-0.5-alpha: Sept 22 2004: Miek
- * most of the DNS stuff is working
- * moved to configure
- * tested on Linux/FreeBSD
- * fully IPV6 capable
- * new DNSSEC types supported
- * DNSSEC somewhat working
- * gcc => 3 is needed for building
-
-0.4-alpha: Sept 9 2004: Miek
- * moved to autoconf for building
- * lots of various updates
- * really a workable program now
-
-0.3-alpha: Sept 6 2004: Miek
- * IPv6 support
- * automatic secure resolving
- * --trace updates
- * --chase updates
- * more checks
+++ /dev/null
-# Standard installation pathnames
-# See the file LICENSE for the license
-SHELL = @SHELL@
-VERSION = @PACKAGE_VERSION@
-basesrcdir = $(shell basename `pwd`)
-srcdir = @srcdir@
-prefix = @prefix@
-exec_prefix = @exec_prefix@
-bindir = @bindir@
-mandir = @mandir@
-includedir = @includedir@
-
-CC = @CC@
-CFLAGS = -I. @CFLAGS@
-CPPFLAGS = @CPPFLAGS@
-LDFLAGS = @LDFLAGS@
-LIBS = @LIBS@
-INSTALL = $(SHELL) $(srcdir)/install-sh -c
-INSTALL_PROGRAM = $(INSTALL)
-LDNSDIR = @LDNSDIR@
-LIBS_STC = @LIBS_STC@
-
-COMPILE = $(CC) $(CPPFLAGS) $(CFLAGS) -I. -I$(srcdir)
-LINK = $(CC) $(CFLAGS) $(LDFLAGS)
-
-LINT = splint
-LINTFLAGS=+quiet -weak -warnposix -unrecog -Din_addr_t=uint32_t -Du_int=unsigned -Du_char=uint8_t -preproc -Drlimit=rlimit64 -D__gnuc_va_list=va_list
-#-Dglob64=glob -Dglobfree64=globfree
-# compat with openssl linux edition.
-LINTFLAGS+="-DBN_ULONG=unsigned long" -Dkrb5_int32=int "-Dkrb5_ui_4=unsigned int" -DPQ_64BIT=uint64_t -DRC4_INT=unsigned -fixedformalarray -D"ENGINE=unsigned" -D"RSA=unsigned" -D"DSA=unsigned" -D"EVP_PKEY=unsigned" -D"EVP_MD=unsigned" -D"SSL=unsigned" -D"SSL_CTX=unsigned" -D"X509=unsigned" -D"RC4_KEY=unsigned" -D"EVP_MD_CTX=unsigned"
-# compat with NetBSD
-ifeq "$(shell uname)" "NetBSD"
-LINTFLAGS+="-D__RENAME(x)=" -D_NETINET_IN_H_
-endif
-# compat with OpenBSD
-LINTFLAGS+="-Dsigset_t=long"
-# FreeBSD8
-LINTFLAGS+="-D__uint16_t=uint16_t"
-LINTFLAGS+=-D__signed__=signed "-D__packed=" "-D__aligned(x)="
-
-OBJ=drill.o drill_util.o error.o root.o work.o chasetrace.o dnssec.o securetrace.o
-SRC=$(OBJ:.o=.c)
-
-HEADER=drill.h $(srcdir)/drill_util.h
-
-.PHONY: all clean realclean docclean doc release tags install all-static
-
-all: drill
-all-static: drill-stc
-
-tags:
- ctags *.[ch]
-
-drill: $(OBJ)
- $(LINK) -o drill $(OBJ) $(LIBS)
-
-drill-stc: $(OBJ)
- $(LINK) -o drill $(OBJ) $(LIBS_STC)
-
-## implicit rule
-%.o: $(srcdir)/%.c
- $(COMPILE) -c $<
-
-clean:
- rm -f ${OBJ}
- rm -f drill
- rm -f *core
- rm -f config.h.in~
- rm -f config.log
- rm -f config.guess
- rm -f config.status
-
-docclean:
- rm -rf doxydoc
-
-distclean: clean docclean
- rm -f config.h
- rm -f drill.h
-
-realclean: clean docclean
- rm -f tags
- rm -f config.log
- rm -f config.sub
- rm -f ltmain.sh
- rm -f config.status
- rm -rf autom4te.cache
- rm -f config.h
- rm -f config.h.in
- rm -f drill.h
- rm -f configure
- rm -f Makefile
- rm -f aclocal.m4
-
-doc:
- doxygen drill.doxygen
-
-install: all
- $(INSTALL) -d $(DESTDIR)$(bindir)
- $(INSTALL) drill $(DESTDIR)$(bindir)/drill
- $(INSTALL) -m 644 $(srcdir)/drill.1 $(DESTDIR)$(mandir)/man1/drill.1
-
-uninstall:
- @echo
- rm -f -- $(DESTDIR)$(bindir)/drill
- rm -f -- $(DESTDIR)$(mandir)/man1/drill.1
- rmdir -p $(DESTDIR)$(bindir)
- rmdir -p $(DESTDIR)$(mandir)/man1
- @echo
-
-lint:
- @for i in $(SRC) ; do \
- $(LINT) $(LINTFLAGS) $(CPPFLAGS) -I$(srcdir) $(srcdir)/$$i ; \
- if [ $$? -ne 0 ] ; then exit 1 ; fi ; \
- done
-
-confclean: clean
- rm -rf config.log config.status config.h Makefile
+++ /dev/null
-QUICK INSTALL GUIDE
-
-drill is a subdirectory in ldns.
-
-To compile drill you need:
-autoreconf && ./configure && make
-
-If ldns is installed in a different location, use --with-ldns=directory
-See also ./configure --help
-
-In the first case you must run drill as:
-LD_LIBRARY_PATH=../.libs ./drill <options>
+++ /dev/null
-REGRESSIONS
-
-This version of drill is based on ldns and as such some things
-are slightly changed. This file documents the changes.
-
-o When tracing (-T option) we use the local resolver (as specified
- in /etc/resolv.conf) to lookup names. This increases the speed
- dramatically, but you obviously need to be able to reach a recursive
- server/cache.
- Previously drill would try to resolve the names by itself.
-
-o Printing of DSs after DNSKEY records. Because we don't parse our
- own packets anymore, we cannot print the DS directly after the DNSKEY
- record. The DSs are now printed AFTER the packet.
-
-o The long options are removed.
-
-o The chase function has a different output, and will be subject to change
- in the near future.
-
-o The useless (for jokes only) -I option was dropped.
-
-FIXED:
-o the argument parsing is much smarter, the order doesn't matter (much)
- anymore
+++ /dev/null
-/*
- * chasetrace.c
- * Where all the hard work concerning chasing
- * and tracing is done
- * (c) 2005, 2006 NLnet Labs
- *
- * See the file LICENSE for the license
- *
- */
-
-#include "drill.h"
-#include <ldns/ldns.h>
-
-/**
- * trace down from the root to name
- */
-
-/* same naive method as in drill0.9
- * We resolver _ALL_ the names, which is ofcourse not needed
- * We _do_ use the local resolver to do that, so it still is
- * fast, but it can be made to run much faster
- */
-ldns_pkt *
-do_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t,
- ldns_rr_class c)
-{
- ldns_resolver *res;
- ldns_pkt *p;
- ldns_rr_list *new_nss_a;
- ldns_rr_list *new_nss_aaaa;
- ldns_rr_list *final_answer;
- ldns_rr_list *new_nss;
- ldns_rr_list *hostnames;
- ldns_rr_list *ns_addr;
- uint16_t loop_count;
- ldns_rdf *pop;
- ldns_status status;
- size_t i;
-
- loop_count = 0;
- new_nss_a = NULL;
- new_nss_aaaa = NULL;
- new_nss = NULL;
- ns_addr = NULL;
- final_answer = NULL;
- p = ldns_pkt_new();
- res = ldns_resolver_new();
-
- if (!p || !res) {
- error("Memory allocation failed");
- return NULL;
- }
-
- /* transfer some properties of local_res to res,
- * because they were given on the commandline */
- ldns_resolver_set_ip6(res,
- ldns_resolver_ip6(local_res));
- ldns_resolver_set_port(res,
- ldns_resolver_port(local_res));
- ldns_resolver_set_debug(res,
- ldns_resolver_debug(local_res));
- ldns_resolver_set_dnssec(res,
- ldns_resolver_dnssec(local_res));
- ldns_resolver_set_fail(res,
- ldns_resolver_fail(local_res));
- ldns_resolver_set_usevc(res,
- ldns_resolver_usevc(local_res));
- ldns_resolver_set_random(res,
- ldns_resolver_random(local_res));
- ldns_resolver_set_recursive(res, false);
-
- /* setup the root nameserver in the new resolver */
- status = ldns_resolver_push_nameserver_rr_list(res, global_dns_root);
- if (status != LDNS_STATUS_OK) {
- fprintf(stderr, "Error adding root servers to resolver: %s\n", ldns_get_errorstr_by_id(status));
- ldns_rr_list_print(stdout, global_dns_root);
- return NULL;
- }
-
- /* this must be a real query to local_res */
- status = ldns_resolver_send(&p, res, ldns_dname_new_frm_str("."), LDNS_RR_TYPE_NS, c, 0);
- /* p can still be NULL */
-
-
- if (ldns_pkt_empty(p)) {
- warning("No root server information received");
- }
-
- if (status == LDNS_STATUS_OK) {
- if (!ldns_pkt_empty(p)) {
- drill_pkt_print(stdout, local_res, p);
- }
- } else {
- error("cannot use local resolver");
- return NULL;
- }
-
- status = ldns_resolver_send(&p, res, name, t, c, 0);
-
- while(status == LDNS_STATUS_OK &&
- ldns_pkt_reply_type(p) == LDNS_PACKET_REFERRAL) {
-
- if (!p) {
- /* some error occurred, bail out */
- return NULL;
- }
-
- new_nss_a = ldns_pkt_rr_list_by_type(p,
- LDNS_RR_TYPE_A, LDNS_SECTION_ADDITIONAL);
- new_nss_aaaa = ldns_pkt_rr_list_by_type(p,
- LDNS_RR_TYPE_AAAA, LDNS_SECTION_ADDITIONAL);
- new_nss = ldns_pkt_rr_list_by_type(p,
- LDNS_RR_TYPE_NS, LDNS_SECTION_AUTHORITY);
-
- if (verbosity != -1) {
- ldns_rr_list_print(stdout, new_nss);
- }
- /* checks itself for verbosity */
- drill_pkt_print_footer(stdout, local_res, p);
-
- /* remove the old nameserver from the resolver */
- while((pop = ldns_resolver_pop_nameserver(res))) { /* do it */ }
-
- /* also check for new_nss emptyness */
-
- if (!new_nss_aaaa && !new_nss_a) {
- /*
- * no nameserver found!!!
- * try to resolve the names we do got
- */
- for(i = 0; i < ldns_rr_list_rr_count(new_nss); i++) {
- /* get the name of the nameserver */
- pop = ldns_rr_rdf(ldns_rr_list_rr(new_nss, i), 0);
- if (!pop) {
- break;
- }
-
- ldns_rr_list_print(stdout, new_nss);
- ldns_rdf_print(stdout, pop);
- /* retrieve it's addresses */
- ns_addr = ldns_rr_list_cat_clone(ns_addr,
- ldns_get_rr_list_addr_by_name(local_res, pop, c, 0));
- }
-
- if (ns_addr) {
- if (ldns_resolver_push_nameserver_rr_list(res, ns_addr) !=
- LDNS_STATUS_OK) {
- error("Error adding new nameservers");
- ldns_pkt_free(p);
- return NULL;
- }
- ldns_rr_list_free(ns_addr);
- } else {
- ldns_rr_list_print(stdout, ns_addr);
- error("Could not find the nameserver ip addr; abort");
- ldns_pkt_free(p);
- return NULL;
- }
- }
-
- /* add the new ones */
- if (new_nss_aaaa) {
- if (ldns_resolver_push_nameserver_rr_list(res, new_nss_aaaa) !=
- LDNS_STATUS_OK) {
- error("adding new nameservers");
- ldns_pkt_free(p);
- return NULL;
- }
- }
- if (new_nss_a) {
- if (ldns_resolver_push_nameserver_rr_list(res, new_nss_a) !=
- LDNS_STATUS_OK) {
- error("adding new nameservers");
- ldns_pkt_free(p);
- return NULL;
- }
- }
-
- if (loop_count++ > 20) {
- /* unlikely that we are doing something usefull */
- error("Looks like we are looping");
- ldns_pkt_free(p);
- return NULL;
- }
-
- status = ldns_resolver_send(&p, res, name, t, c, 0);
- new_nss_aaaa = NULL;
- new_nss_a = NULL;
- ns_addr = NULL;
- }
-
- status = ldns_resolver_send(&p, res, name, t, c, 0);
-
- if (!p) {
- return NULL;
- }
-
- hostnames = ldns_get_rr_list_name_by_addr(local_res,
- ldns_pkt_answerfrom(p), 0, 0);
-
- new_nss = ldns_pkt_authority(p);
- final_answer = ldns_pkt_answer(p);
-
- if (verbosity != -1) {
- ldns_rr_list_print(stdout, final_answer);
- ldns_rr_list_print(stdout, new_nss);
-
- }
- drill_pkt_print_footer(stdout, local_res, p);
- ldns_pkt_free(p);
- return NULL;
-}
-
-
-/**
- * Chase the given rr to a known and trusted key
- *
- * Based on drill 0.9
- *
- * the last argument prev_key_list, if not null, and type == DS, then the ds
- * rr list we have must all be a ds for the keys in this list
- */
-#ifdef HAVE_SSL
-ldns_status
-do_chase(ldns_resolver *res,
- ldns_rdf *name,
- ldns_rr_type type,
- ldns_rr_class c,
- ldns_rr_list *trusted_keys,
- ldns_pkt *pkt_o,
- uint16_t qflags,
- ldns_rr_list *prev_key_list,
- int verbosity)
-{
- ldns_rr_list *rrset = NULL;
- ldns_status result;
- ldns_rr *orig_rr = NULL;
-
- bool cname_followed = false;
-/*
- ldns_rr_list *sigs;
- ldns_rr *cur_sig;
- uint16_t sig_i;
- ldns_rr_list *keys;
-*/
- ldns_pkt *pkt;
- ldns_status tree_result;
- ldns_dnssec_data_chain *chain;
- ldns_dnssec_trust_tree *tree;
-
- const ldns_rr_descriptor *descriptor;
- descriptor = ldns_rr_descript(type);
-
- ldns_dname2canonical(name);
-
- pkt = ldns_pkt_clone(pkt_o);
- if (!name) {
- mesg("No name to chase");
- ldns_pkt_free(pkt);
- return LDNS_STATUS_EMPTY_LABEL;
- }
- if (verbosity != -1) {
- printf(";; Chasing: ");
- ldns_rdf_print(stdout, name);
- if (descriptor && descriptor->_name) {
- printf(" %s\n", descriptor->_name);
- } else {
- printf(" type %d\n", type);
- }
- }
-
- if (!trusted_keys || ldns_rr_list_rr_count(trusted_keys) < 1) {
- warning("No trusted keys specified");
- }
-
- if (pkt) {
- rrset = ldns_pkt_rr_list_by_name_and_type(pkt,
- name,
- type,
- LDNS_SECTION_ANSWER
- );
- if (!rrset) {
- /* nothing in answer, try authority */
- rrset = ldns_pkt_rr_list_by_name_and_type(pkt,
- name,
- type,
- LDNS_SECTION_AUTHORITY
- );
- }
- /* answer might be a cname, chase that first, then chase
- cname target? (TODO) */
- if (!rrset) {
- cname_followed = true;
- rrset = ldns_pkt_rr_list_by_name_and_type(pkt,
- name,
- LDNS_RR_TYPE_CNAME,
- LDNS_SECTION_ANSWER
- );
- if (!rrset) {
- /* nothing in answer, try authority */
- rrset = ldns_pkt_rr_list_by_name_and_type(pkt,
- name,
- LDNS_RR_TYPE_CNAME,
- LDNS_SECTION_AUTHORITY
- );
- }
- }
- } else {
- /* no packet? */
- if (verbosity >= 0) {
- fprintf(stderr, "%s", ldns_get_errorstr_by_id(LDNS_STATUS_MEM_ERR));
- fprintf(stderr, "\n");
- }
- return LDNS_STATUS_MEM_ERR;
- }
-
- if (!rrset) {
- /* not found in original packet, try again */
- ldns_pkt_free(pkt);
- pkt = NULL;
- pkt = ldns_resolver_query(res, name, type, c, qflags);
-
- if (!pkt) {
- if (verbosity >= 0) {
- fprintf(stderr, "%s", ldns_get_errorstr_by_id(LDNS_STATUS_NETWORK_ERR));
- fprintf(stderr, "\n");
- }
- return LDNS_STATUS_NETWORK_ERR;
- }
- if (verbosity >= 5) {
- ldns_pkt_print(stdout, pkt);
- }
-
- rrset = ldns_pkt_rr_list_by_name_and_type(pkt,
- name,
- type,
- LDNS_SECTION_ANSWER
- );
- }
-
- orig_rr = ldns_rr_new();
-
-/* if the answer had no answer section, we need to construct our own rr (for instance if
- * the rr qe asked for doesn't exist. This rr will be destroyed when the chain is freed */
- if (ldns_pkt_ancount(pkt) < 1) {
- ldns_rr_set_type(orig_rr, type);
- ldns_rr_set_owner(orig_rr, ldns_rdf_clone(name));
-
- chain = ldns_dnssec_build_data_chain(res, qflags, rrset, pkt, ldns_rr_clone(orig_rr));
- } else {
- /* chase the first answer */
- chain = ldns_dnssec_build_data_chain(res, qflags, rrset, pkt, NULL);
- }
-
- if (verbosity >= 4) {
- printf("\n\nDNSSEC Data Chain:\n");
- ldns_dnssec_data_chain_print(stdout, chain);
- }
-
- result = LDNS_STATUS_OK;
-
- tree = ldns_dnssec_derive_trust_tree(chain, NULL);
-
- if (verbosity >= 2) {
- printf("\n\nDNSSEC Trust tree:\n");
- ldns_dnssec_trust_tree_print(stdout, tree, 0, true);
- }
-
- if (ldns_rr_list_rr_count(trusted_keys) > 0) {
- tree_result = ldns_dnssec_trust_tree_contains_keys(tree, trusted_keys);
-
- if (tree_result == LDNS_STATUS_DNSSEC_EXISTENCE_DENIED) {
- if (verbosity >= 1) {
- printf("Existence denied or verifiably insecure\n");
- }
- result = LDNS_STATUS_OK;
- } else if (tree_result != LDNS_STATUS_OK) {
- if (verbosity >= 1) {
- printf("No trusted keys found in tree: first error was: %s\n", ldns_get_errorstr_by_id(tree_result));
- }
- result = tree_result;
- }
-
- } else {
- if (verbosity >= 0) {
- printf("You have not provided any trusted keys.\n");
- }
- }
-
- ldns_rr_free(orig_rr);
- ldns_dnssec_trust_tree_free(tree);
- ldns_dnssec_data_chain_deep_free(chain);
-
- ldns_rr_list_deep_free(rrset);
- ldns_pkt_free(pkt);
- /* ldns_rr_free(orig_rr);*/
-
- return result;
-}
-#endif /* HAVE_SSL */
-
+++ /dev/null
-/* config.h.in. Generated from configure.ac by autoheader. */
-
-/* Define to 1 if you have the <arpa/inet.h> header file. */
-#undef HAVE_ARPA_INET_H
-
-/* Define to 1 if you have the <assert.h> header file. */
-#undef HAVE_ASSERT_H
-
-/* Define to 1 if you have the <ctype.h> header file. */
-#undef HAVE_CTYPE_H
-
-/* Whether getaddrinfo is available */
-#undef HAVE_GETADDRINFO
-
-/* Define to 1 if you have the <getopt.h> header file. */
-#undef HAVE_GETOPT_H
-
-/* If you have HMAC_CTX_init */
-#undef HAVE_HMAC_CTX_INIT
-
-/* Define to 1 if you have the <inttypes.h> header file. */
-#undef HAVE_INTTYPES_H
-
-/* Define to 1 if you have the `isblank' function. */
-#undef HAVE_ISBLANK
-
-/* Define to 1 if you have the `ldns' library (-lldns). */
-#undef HAVE_LIBLDNS
-
-/* Define to 1 if you have the <memory.h> header file. */
-#undef HAVE_MEMORY_H
-
-/* Define to 1 if you have the <netinet/if_ether.h> header file. */
-#undef HAVE_NETINET_IF_ETHER_H
-
-/* Define to 1 if you have the <netinet/in.h> header file. */
-#undef HAVE_NETINET_IN_H
-
-/* Define to 1 if you have the <netinet/in_systm.h> header file. */
-#undef HAVE_NETINET_IN_SYSTM_H
-
-/* Define to 1 if you have the <netinet/ip6.h> header file. */
-#undef HAVE_NETINET_IP6_H
-
-/* Define to 1 if you have the <netinet/ip.h> header file. */
-#undef HAVE_NETINET_IP_H
-
-/* Define to 1 if you have the <netinet/udp.h> header file. */
-#undef HAVE_NETINET_UDP_H
-
-/* Define to 1 if you have the <net/if.h> header file. */
-#undef HAVE_NET_IF_H
-
-/* Define to 1 if you have the <openssl/err.h> header file. */
-#undef HAVE_OPENSSL_ERR_H
-
-/* Define to 1 if you have the <openssl/rand.h> header file. */
-#undef HAVE_OPENSSL_RAND_H
-
-/* Define to 1 if you have the <openssl/ssl.h> header file. */
-#undef HAVE_OPENSSL_SSL_H
-
-/* Define if you have the SSL libraries installed. */
-#undef HAVE_SSL
-
-/* Define to 1 if you have the <stdint.h> header file. */
-#undef HAVE_STDINT_H
-
-/* Define to 1 if you have the <stdio.h> header file. */
-#undef HAVE_STDIO_H
-
-/* Define to 1 if you have the <stdlib.h> header file. */
-#undef HAVE_STDLIB_H
-
-/* Define to 1 if you have the <strings.h> header file. */
-#undef HAVE_STRINGS_H
-
-/* Define to 1 if you have the <string.h> header file. */
-#undef HAVE_STRING_H
-
-/* Define to 1 if you have the <sys/mount.h> header file. */
-#undef HAVE_SYS_MOUNT_H
-
-/* Define to 1 if you have the <sys/param.h> header file. */
-#undef HAVE_SYS_PARAM_H
-
-/* Define to 1 if you have the <sys/select.h> header file. */
-#undef HAVE_SYS_SELECT_H
-
-/* Define to 1 if you have the <sys/socket.h> header file. */
-#undef HAVE_SYS_SOCKET_H
-
-/* Define to 1 if you have the <sys/stat.h> header file. */
-#undef HAVE_SYS_STAT_H
-
-/* Define to 1 if you have the <sys/time.h> header file. */
-#undef HAVE_SYS_TIME_H
-
-/* Define to 1 if you have the <sys/types.h> header file. */
-#undef HAVE_SYS_TYPES_H
-
-/* Define to 1 if you have the <time.h> header file. */
-#undef HAVE_TIME_H
-
-/* Define to 1 if you have the <unistd.h> header file. */
-#undef HAVE_UNISTD_H
-
-/* Define to 1 if you have the <winsock2.h> header file. */
-#undef HAVE_WINSOCK2_H
-
-/* Define to 1 if you have the <ws2tcpip.h> header file. */
-#undef HAVE_WS2TCPIP_H
-
-/* Define to the address where bug reports for this package should be sent. */
-#undef PACKAGE_BUGREPORT
-
-/* Define to the full name of this package. */
-#undef PACKAGE_NAME
-
-/* Define to the full name and version of this package. */
-#undef PACKAGE_STRING
-
-/* Define to the one symbol short name of this package. */
-#undef PACKAGE_TARNAME
-
-/* Define to the home page for this package. */
-#undef PACKAGE_URL
-
-/* Define to the version of this package. */
-#undef PACKAGE_VERSION
-
-/* Define to 1 if you have the ANSI C header files. */
-#undef STDC_HEADERS
-
-/* Enable extensions on AIX 3, Interix. */
-#ifndef _ALL_SOURCE
-# undef _ALL_SOURCE
-#endif
-/* Enable GNU extensions on systems that have them. */
-#ifndef _GNU_SOURCE
-# undef _GNU_SOURCE
-#endif
-/* Enable threading extensions on Solaris. */
-#ifndef _POSIX_PTHREAD_SEMANTICS
-# undef _POSIX_PTHREAD_SEMANTICS
-#endif
-/* Enable extensions on HP NonStop. */
-#ifndef _TANDEM_SOURCE
-# undef _TANDEM_SOURCE
-#endif
-/* Enable general extensions on Solaris. */
-#ifndef __EXTENSIONS__
-# undef __EXTENSIONS__
-#endif
-
-
-/* Whether the windows socket API is used */
-#undef USE_WINSOCK
-
-/* the version of the windows API enabled */
-#undef WINVER
-
-/* Define to 1 if on MINIX. */
-#undef _MINIX
-
-/* Define to 2 if the system does not provide POSIX.1 features except with
- this defined. */
-#undef _POSIX_1_SOURCE
-
-/* Define to 1 if you need to in order for `stat' and other things to work. */
-#undef _POSIX_SOURCE
-
-/* in_addr_t */
-#undef in_addr_t
-
-/* in_port_t */
-#undef in_port_t
-
-/* Define to `__inline__' or `__inline' if that's what the C compiler
- calls it, or to nothing if 'inline' is not supported under any name. */
-#ifndef __cplusplus
-#undef inline
-#endif
-
-/* Define to `short' if <sys/types.h> does not define. */
-#undef int16_t
-
-/* Define to `int' if <sys/types.h> does not define. */
-#undef int32_t
-
-/* Define to `long long' if <sys/types.h> does not define. */
-#undef int64_t
-
-/* Define to `char' if <sys/types.h> does not define. */
-#undef int8_t
-
-/* Define to `unsigned int' if <sys/types.h> does not define. */
-#undef size_t
-
-/* Define to 'int' if not defined */
-#undef socklen_t
-
-/* Define to `int' if <sys/types.h> does not define. */
-#undef ssize_t
-
-/* Define to `unsigned short' if <sys/types.h> does not define. */
-#undef uint16_t
-
-/* Define to `unsigned int' if <sys/types.h> does not define. */
-#undef uint32_t
-
-/* Define to `unsigned long long' if <sys/types.h> does not define. */
-#undef uint64_t
-
-/* Define to `unsigned char' if <sys/types.h> does not define. */
-#undef uint8_t
-
-
-
-#include <stdio.h>
-#include <string.h>
-#include <unistd.h>
-#include <assert.h>
-
-#if STDC_HEADERS
-#include <stdlib.h>
-#include <stddef.h>
-#endif
-
-#ifdef HAVE_STDINT_H
-#include <stdint.h>
-#endif
-
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-
-#ifdef HAVE_NETINET_UDP_H
-#include <netinet/udp.h>
-#endif
-
-#ifdef HAVE_TIME_H
-#include <time.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_SYSTM_H
-#include <netinet/in_systm.h>
-#endif
-
-#ifdef HAVE_NETINET_IP_H
-#include <netinet/ip.h>
-#endif
-
-#ifdef HAVE_NET_IF_H
-#include <net/if.h>
-#endif
-
-#ifdef HAVE_NETINET_IF_ETHER_H
-#include <netinet/if_ether.h>
-#endif
-
-#ifdef HAVE_WINSOCK2_H
-#define USE_WINSOCK 1
-#include <winsock2.h>
-#endif
-
-#ifdef HAVE_WS2TCPIP_H
-#include <ws2tcpip.h>
-#endif
-
-extern char *optarg;
-extern int optind, opterr;
-
-#ifndef EXIT_FAILURE
-#define EXIT_FAILURE 1
-#endif
-#ifndef EXIT_SUCCESS
-#define EXIT_SUCCESS 0
-#endif
-
-#ifdef S_SPLINT_S
-#define FD_ZERO(a) /* a */
-#define FD_SET(a,b) /* a, b */
-#endif
-
+++ /dev/null
-#! /bin/sh
-# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.68 for ldns 1.6.9.
-#
-# Report bugs to <libdns@nlnetlabs.nl>.
-#
-#
-# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
-# 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free Software
-# Foundation, Inc.
-#
-#
-# This configure script is free software; the Free Software Foundation
-# gives unlimited permission to copy, distribute and modify it.
-## -------------------- ##
-## M4sh Initialization. ##
-## -------------------- ##
-
-# Be more Bourne compatible
-DUALCASE=1; export DUALCASE # for MKS sh
-if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then :
- emulate sh
- NULLCMD=:
- # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
- # is contrary to our usage. Disable this feature.
- alias -g '${1+"$@"}'='"$@"'
- setopt NO_GLOB_SUBST
-else
- case `(set -o) 2>/dev/null` in #(
- *posix*) :
- set -o posix ;; #(
- *) :
- ;;
-esac
-fi
-
-
-as_nl='
-'
-export as_nl
-# Printing a long string crashes Solaris 7 /usr/bin/printf.
-as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
-as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo
-as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo
-# Prefer a ksh shell builtin over an external printf program on Solaris,
-# but without wasting forks for bash or zsh.
-if test -z "$BASH_VERSION$ZSH_VERSION" \
- && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then
- as_echo='print -r --'
- as_echo_n='print -rn --'
-elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then
- as_echo='printf %s\n'
- as_echo_n='printf %s'
-else
- if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then
- as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"'
- as_echo_n='/usr/ucb/echo -n'
- else
- as_echo_body='eval expr "X$1" : "X\\(.*\\)"'
- as_echo_n_body='eval
- arg=$1;
- case $arg in #(
- *"$as_nl"*)
- expr "X$arg" : "X\\(.*\\)$as_nl";
- arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;;
- esac;
- expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl"
- '
- export as_echo_n_body
- as_echo_n='sh -c $as_echo_n_body as_echo'
- fi
- export as_echo_body
- as_echo='sh -c $as_echo_body as_echo'
-fi
-
-# The user is always right.
-if test "${PATH_SEPARATOR+set}" != set; then
- PATH_SEPARATOR=:
- (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && {
- (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 ||
- PATH_SEPARATOR=';'
- }
-fi
-
-
-# IFS
-# We need space, tab and new line, in precisely that order. Quoting is
-# there to prevent editors from complaining about space-tab.
-# (If _AS_PATH_WALK were called with IFS unset, it would disable word
-# splitting by setting IFS to empty value.)
-IFS=" "" $as_nl"
-
-# Find who we are. Look in the path if we contain no directory separator.
-as_myself=
-case $0 in #((
- *[\\/]* ) as_myself=$0 ;;
- *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break
- done
-IFS=$as_save_IFS
-
- ;;
-esac
-# We did not find ourselves, most probably we were run as `sh COMMAND'
-# in which case we are not to be found in the path.
-if test "x$as_myself" = x; then
- as_myself=$0
-fi
-if test ! -f "$as_myself"; then
- $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
- exit 1
-fi
-
-# Unset variables that we do not need and which cause bugs (e.g. in
-# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1"
-# suppresses any "Segmentation fault" message there. '((' could
-# trigger a bug in pdksh 5.2.14.
-for as_var in BASH_ENV ENV MAIL MAILPATH
-do eval test x\${$as_var+set} = xset \
- && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || :
-done
-PS1='$ '
-PS2='> '
-PS4='+ '
-
-# NLS nuisances.
-LC_ALL=C
-export LC_ALL
-LANGUAGE=C
-export LANGUAGE
-
-# CDPATH.
-(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
-
-if test "x$CONFIG_SHELL" = x; then
- as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then :
- emulate sh
- NULLCMD=:
- # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which
- # is contrary to our usage. Disable this feature.
- alias -g '\${1+\"\$@\"}'='\"\$@\"'
- setopt NO_GLOB_SUBST
-else
- case \`(set -o) 2>/dev/null\` in #(
- *posix*) :
- set -o posix ;; #(
- *) :
- ;;
-esac
-fi
-"
- as_required="as_fn_return () { (exit \$1); }
-as_fn_success () { as_fn_return 0; }
-as_fn_failure () { as_fn_return 1; }
-as_fn_ret_success () { return 0; }
-as_fn_ret_failure () { return 1; }
-
-exitcode=0
-as_fn_success || { exitcode=1; echo as_fn_success failed.; }
-as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; }
-as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; }
-as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; }
-if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then :
-
-else
- exitcode=1; echo positional parameters were not saved.
-fi
-test x\$exitcode = x0 || exit 1"
- as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO
- as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO
- eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" &&
- test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1
-test \$(( 1 + 1 )) = 2 || exit 1"
- if (eval "$as_required") 2>/dev/null; then :
- as_have_required=yes
-else
- as_have_required=no
-fi
- if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null; then :
-
-else
- as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-as_found=false
-for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- as_found=:
- case $as_dir in #(
- /*)
- for as_base in sh bash ksh sh5; do
- # Try only shells that exist, to save several forks.
- as_shell=$as_dir/$as_base
- if { test -f "$as_shell" || test -f "$as_shell.exe"; } &&
- { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$as_shell"; } 2>/dev/null; then :
- CONFIG_SHELL=$as_shell as_have_required=yes
- if { $as_echo "$as_bourne_compatible""$as_suggested" | as_run=a "$as_shell"; } 2>/dev/null; then :
- break 2
-fi
-fi
- done;;
- esac
- as_found=false
-done
-$as_found || { if { test -f "$SHELL" || test -f "$SHELL.exe"; } &&
- { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$SHELL"; } 2>/dev/null; then :
- CONFIG_SHELL=$SHELL as_have_required=yes
-fi; }
-IFS=$as_save_IFS
-
-
- if test "x$CONFIG_SHELL" != x; then :
- # We cannot yet assume a decent shell, so we have to provide a
- # neutralization value for shells without unset; and this also
- # works around shells that cannot unset nonexistent variables.
- # Preserve -v and -x to the replacement shell.
- BASH_ENV=/dev/null
- ENV=/dev/null
- (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV
- export CONFIG_SHELL
- case $- in # ((((
- *v*x* | *x*v* ) as_opts=-vx ;;
- *v* ) as_opts=-v ;;
- *x* ) as_opts=-x ;;
- * ) as_opts= ;;
- esac
- exec "$CONFIG_SHELL" $as_opts "$as_myself" ${1+"$@"}
-fi
-
- if test x$as_have_required = xno; then :
- $as_echo "$0: This script requires a shell more modern than all"
- $as_echo "$0: the shells that I found on your system."
- if test x${ZSH_VERSION+set} = xset ; then
- $as_echo "$0: In particular, zsh $ZSH_VERSION has bugs and should"
- $as_echo "$0: be upgraded to zsh 4.3.4 or later."
- else
- $as_echo "$0: Please tell bug-autoconf@gnu.org and
-$0: libdns@nlnetlabs.nl about your system, including any
-$0: error possibly output before this message. Then install
-$0: a modern shell, or manually run the script under such a
-$0: shell if you do have one."
- fi
- exit 1
-fi
-fi
-fi
-SHELL=${CONFIG_SHELL-/bin/sh}
-export SHELL
-# Unset more variables known to interfere with behavior of common tools.
-CLICOLOR_FORCE= GREP_OPTIONS=
-unset CLICOLOR_FORCE GREP_OPTIONS
-
-## --------------------- ##
-## M4sh Shell Functions. ##
-## --------------------- ##
-# as_fn_unset VAR
-# ---------------
-# Portably unset VAR.
-as_fn_unset ()
-{
- { eval $1=; unset $1;}
-}
-as_unset=as_fn_unset
-
-# as_fn_set_status STATUS
-# -----------------------
-# Set $? to STATUS, without forking.
-as_fn_set_status ()
-{
- return $1
-} # as_fn_set_status
-
-# as_fn_exit STATUS
-# -----------------
-# Exit the shell with STATUS, even in a "trap 0" or "set -e" context.
-as_fn_exit ()
-{
- set +e
- as_fn_set_status $1
- exit $1
-} # as_fn_exit
-
-# as_fn_mkdir_p
-# -------------
-# Create "$as_dir" as a directory, including parents if necessary.
-as_fn_mkdir_p ()
-{
-
- case $as_dir in #(
- -*) as_dir=./$as_dir;;
- esac
- test -d "$as_dir" || eval $as_mkdir_p || {
- as_dirs=
- while :; do
- case $as_dir in #(
- *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'(
- *) as_qdir=$as_dir;;
- esac
- as_dirs="'$as_qdir' $as_dirs"
- as_dir=`$as_dirname -- "$as_dir" ||
-$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$as_dir" : 'X\(//\)[^/]' \| \
- X"$as_dir" : 'X\(//\)$' \| \
- X"$as_dir" : 'X\(/\)' \| . 2>/dev/null ||
-$as_echo X"$as_dir" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
- s//\1/
- q
- }
- /^X\(\/\/\)[^/].*/{
- s//\1/
- q
- }
- /^X\(\/\/\)$/{
- s//\1/
- q
- }
- /^X\(\/\).*/{
- s//\1/
- q
- }
- s/.*/./; q'`
- test -d "$as_dir" && break
- done
- test -z "$as_dirs" || eval "mkdir $as_dirs"
- } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir"
-
-
-} # as_fn_mkdir_p
-# as_fn_append VAR VALUE
-# ----------------------
-# Append the text in VALUE to the end of the definition contained in VAR. Take
-# advantage of any shell optimizations that allow amortized linear growth over
-# repeated appends, instead of the typical quadratic growth present in naive
-# implementations.
-if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then :
- eval 'as_fn_append ()
- {
- eval $1+=\$2
- }'
-else
- as_fn_append ()
- {
- eval $1=\$$1\$2
- }
-fi # as_fn_append
-
-# as_fn_arith ARG...
-# ------------------
-# Perform arithmetic evaluation on the ARGs, and store the result in the
-# global $as_val. Take advantage of shells that can avoid forks. The arguments
-# must be portable across $(()) and expr.
-if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then :
- eval 'as_fn_arith ()
- {
- as_val=$(( $* ))
- }'
-else
- as_fn_arith ()
- {
- as_val=`expr "$@" || test $? -eq 1`
- }
-fi # as_fn_arith
-
-
-# as_fn_error STATUS ERROR [LINENO LOG_FD]
-# ----------------------------------------
-# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are
-# provided, also output the error to LOG_FD, referencing LINENO. Then exit the
-# script with STATUS, using 1 if that was 0.
-as_fn_error ()
-{
- as_status=$1; test $as_status -eq 0 && as_status=1
- if test "$4"; then
- as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
- $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4
- fi
- $as_echo "$as_me: error: $2" >&2
- as_fn_exit $as_status
-} # as_fn_error
-
-if expr a : '\(a\)' >/dev/null 2>&1 &&
- test "X`expr 00001 : '.*\(...\)'`" = X001; then
- as_expr=expr
-else
- as_expr=false
-fi
-
-if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then
- as_basename=basename
-else
- as_basename=false
-fi
-
-if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then
- as_dirname=dirname
-else
- as_dirname=false
-fi
-
-as_me=`$as_basename -- "$0" ||
-$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
- X"$0" : 'X\(//\)$' \| \
- X"$0" : 'X\(/\)' \| . 2>/dev/null ||
-$as_echo X/"$0" |
- sed '/^.*\/\([^/][^/]*\)\/*$/{
- s//\1/
- q
- }
- /^X\/\(\/\/\)$/{
- s//\1/
- q
- }
- /^X\/\(\/\).*/{
- s//\1/
- q
- }
- s/.*/./; q'`
-
-# Avoid depending upon Character Ranges.
-as_cr_letters='abcdefghijklmnopqrstuvwxyz'
-as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
-as_cr_Letters=$as_cr_letters$as_cr_LETTERS
-as_cr_digits='0123456789'
-as_cr_alnum=$as_cr_Letters$as_cr_digits
-
-
- as_lineno_1=$LINENO as_lineno_1a=$LINENO
- as_lineno_2=$LINENO as_lineno_2a=$LINENO
- eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" &&
- test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || {
- # Blame Lee E. McMahon (1931-1989) for sed's syntax. :-)
- sed -n '
- p
- /[$]LINENO/=
- ' <$as_myself |
- sed '
- s/[$]LINENO.*/&-/
- t lineno
- b
- :lineno
- N
- :loop
- s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/
- t loop
- s/-\n.*//
- ' >$as_me.lineno &&
- chmod +x "$as_me.lineno" ||
- { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; }
-
- # Don't try to exec as it changes $[0], causing all sort of problems
- # (the dirname of $[0] is not the place where we might find the
- # original and so on. Autoconf is especially sensitive to this).
- . "./$as_me.lineno"
- # Exit status is that of the last command.
- exit
-}
-
-ECHO_C= ECHO_N= ECHO_T=
-case `echo -n x` in #(((((
--n*)
- case `echo 'xy\c'` in
- *c*) ECHO_T=' ';; # ECHO_T is single tab character.
- xy) ECHO_C='\c';;
- *) echo `echo ksh88 bug on AIX 6.1` > /dev/null
- ECHO_T=' ';;
- esac;;
-*)
- ECHO_N='-n';;
-esac
-
-rm -f conf$$ conf$$.exe conf$$.file
-if test -d conf$$.dir; then
- rm -f conf$$.dir/conf$$.file
-else
- rm -f conf$$.dir
- mkdir conf$$.dir 2>/dev/null
-fi
-if (echo >conf$$.file) 2>/dev/null; then
- if ln -s conf$$.file conf$$ 2>/dev/null; then
- as_ln_s='ln -s'
- # ... but there are two gotchas:
- # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
- # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
- # In both cases, we have to default to `cp -p'.
- ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
- as_ln_s='cp -p'
- elif ln conf$$.file conf$$ 2>/dev/null; then
- as_ln_s=ln
- else
- as_ln_s='cp -p'
- fi
-else
- as_ln_s='cp -p'
-fi
-rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file
-rmdir conf$$.dir 2>/dev/null
-
-if mkdir -p . 2>/dev/null; then
- as_mkdir_p='mkdir -p "$as_dir"'
-else
- test -d ./-p && rmdir ./-p
- as_mkdir_p=false
-fi
-
-if test -x / >/dev/null 2>&1; then
- as_test_x='test -x'
-else
- if ls -dL / >/dev/null 2>&1; then
- as_ls_L_option=L
- else
- as_ls_L_option=
- fi
- as_test_x='
- eval sh -c '\''
- if test -d "$1"; then
- test -d "$1/.";
- else
- case $1 in #(
- -*)set "./$1";;
- esac;
- case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #((
- ???[sx]*):;;*)false;;esac;fi
- '\'' sh
- '
-fi
-as_executable_p=$as_test_x
-
-# Sed expression to map a string onto a valid CPP name.
-as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
-
-# Sed expression to map a string onto a valid variable name.
-as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'"
-
-
-test -n "$DJDIR" || exec 7<&0 </dev/null
-exec 6>&1
-
-# Name of the host.
-# hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status,
-# so uname gets run too.
-ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q`
-
-#
-# Initializations.
-#
-ac_default_prefix=/usr/local
-ac_clean_files=
-ac_config_libobj_dir=.
-LIBOBJS=
-cross_compiling=no
-subdirs=
-MFLAGS=
-MAKEFLAGS=
-
-# Identity of this package.
-PACKAGE_NAME='ldns'
-PACKAGE_TARNAME='libdns'
-PACKAGE_VERSION='1.6.9'
-PACKAGE_STRING='ldns 1.6.9'
-PACKAGE_BUGREPORT='libdns@nlnetlabs.nl'
-PACKAGE_URL=''
-
-ac_unique_file="drill.c"
-# Factoring default headers for most tests.
-ac_includes_default="\
-#include <stdio.h>
-#ifdef HAVE_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_STAT_H
-# include <sys/stat.h>
-#endif
-#ifdef STDC_HEADERS
-# include <stdlib.h>
-# include <stddef.h>
-#else
-# ifdef HAVE_STDLIB_H
-# include <stdlib.h>
-# endif
-#endif
-#ifdef HAVE_STRING_H
-# if !defined STDC_HEADERS && defined HAVE_MEMORY_H
-# include <memory.h>
-# endif
-# include <string.h>
-#endif
-#ifdef HAVE_STRINGS_H
-# include <strings.h>
-#endif
-#ifdef HAVE_INTTYPES_H
-# include <inttypes.h>
-#endif
-#ifdef HAVE_STDINT_H
-# include <stdint.h>
-#endif
-#ifdef HAVE_UNISTD_H
-# include <unistd.h>
-#endif"
-
-ac_subst_vars='LTLIBOBJS
-LIBOBJS
-LDNSDIR
-LIBS_STC
-RUNTIME_PATH
-HAVE_SSL
-libtool
-SET_MAKE
-EGREP
-GREP
-CPP
-OBJEXT
-EXEEXT
-ac_ct_CC
-CPPFLAGS
-LDFLAGS
-CFLAGS
-CC
-target_alias
-host_alias
-build_alias
-LIBS
-ECHO_T
-ECHO_N
-ECHO_C
-DEFS
-mandir
-localedir
-libdir
-psdir
-pdfdir
-dvidir
-htmldir
-infodir
-docdir
-oldincludedir
-includedir
-localstatedir
-sharedstatedir
-sysconfdir
-datadir
-datarootdir
-libexecdir
-sbindir
-bindir
-program_transform_name
-prefix
-exec_prefix
-PACKAGE_URL
-PACKAGE_BUGREPORT
-PACKAGE_STRING
-PACKAGE_VERSION
-PACKAGE_TARNAME
-PACKAGE_NAME
-PATH_SEPARATOR
-SHELL'
-ac_subst_files=''
-ac_user_opts='
-enable_option_checking
-enable_rpath
-with_ssl
-with_ldns
-'
- ac_precious_vars='build_alias
-host_alias
-target_alias
-CC
-CFLAGS
-LDFLAGS
-LIBS
-CPPFLAGS
-CPP'
-
-
-# Initialize some variables set by options.
-ac_init_help=
-ac_init_version=false
-ac_unrecognized_opts=
-ac_unrecognized_sep=
-# The variables have the same names as the options, with
-# dashes changed to underlines.
-cache_file=/dev/null
-exec_prefix=NONE
-no_create=
-no_recursion=
-prefix=NONE
-program_prefix=NONE
-program_suffix=NONE
-program_transform_name=s,x,x,
-silent=
-site=
-srcdir=
-verbose=
-x_includes=NONE
-x_libraries=NONE
-
-# Installation directory options.
-# These are left unexpanded so users can "make install exec_prefix=/foo"
-# and all the variables that are supposed to be based on exec_prefix
-# by default will actually change.
-# Use braces instead of parens because sh, perl, etc. also accept them.
-# (The list follows the same order as the GNU Coding Standards.)
-bindir='${exec_prefix}/bin'
-sbindir='${exec_prefix}/sbin'
-libexecdir='${exec_prefix}/libexec'
-datarootdir='${prefix}/share'
-datadir='${datarootdir}'
-sysconfdir='${prefix}/etc'
-sharedstatedir='${prefix}/com'
-localstatedir='${prefix}/var'
-includedir='${prefix}/include'
-oldincludedir='/usr/include'
-docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
-infodir='${datarootdir}/info'
-htmldir='${docdir}'
-dvidir='${docdir}'
-pdfdir='${docdir}'
-psdir='${docdir}'
-libdir='${exec_prefix}/lib'
-localedir='${datarootdir}/locale'
-mandir='${datarootdir}/man'
-
-ac_prev=
-ac_dashdash=
-for ac_option
-do
- # If the previous option needs an argument, assign it.
- if test -n "$ac_prev"; then
- eval $ac_prev=\$ac_option
- ac_prev=
- continue
- fi
-
- case $ac_option in
- *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;;
- *=) ac_optarg= ;;
- *) ac_optarg=yes ;;
- esac
-
- # Accept the important Cygnus configure options, so we can diagnose typos.
-
- case $ac_dashdash$ac_option in
- --)
- ac_dashdash=yes ;;
-
- -bindir | --bindir | --bindi | --bind | --bin | --bi)
- ac_prev=bindir ;;
- -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*)
- bindir=$ac_optarg ;;
-
- -build | --build | --buil | --bui | --bu)
- ac_prev=build_alias ;;
- -build=* | --build=* | --buil=* | --bui=* | --bu=*)
- build_alias=$ac_optarg ;;
-
- -cache-file | --cache-file | --cache-fil | --cache-fi \
- | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c)
- ac_prev=cache_file ;;
- -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \
- | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*)
- cache_file=$ac_optarg ;;
-
- --config-cache | -C)
- cache_file=config.cache ;;
-
- -datadir | --datadir | --datadi | --datad)
- ac_prev=datadir ;;
- -datadir=* | --datadir=* | --datadi=* | --datad=*)
- datadir=$ac_optarg ;;
-
- -datarootdir | --datarootdir | --datarootdi | --datarootd | --dataroot \
- | --dataroo | --dataro | --datar)
- ac_prev=datarootdir ;;
- -datarootdir=* | --datarootdir=* | --datarootdi=* | --datarootd=* \
- | --dataroot=* | --dataroo=* | --dataro=* | --datar=*)
- datarootdir=$ac_optarg ;;
-
- -disable-* | --disable-*)
- ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'`
- # Reject names that are not valid shell variable names.
- expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
- as_fn_error $? "invalid feature name: $ac_useropt"
- ac_useropt_orig=$ac_useropt
- ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
- case $ac_user_opts in
- *"
-"enable_$ac_useropt"
-"*) ;;
- *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig"
- ac_unrecognized_sep=', ';;
- esac
- eval enable_$ac_useropt=no ;;
-
- -docdir | --docdir | --docdi | --doc | --do)
- ac_prev=docdir ;;
- -docdir=* | --docdir=* | --docdi=* | --doc=* | --do=*)
- docdir=$ac_optarg ;;
-
- -dvidir | --dvidir | --dvidi | --dvid | --dvi | --dv)
- ac_prev=dvidir ;;
- -dvidir=* | --dvidir=* | --dvidi=* | --dvid=* | --dvi=* | --dv=*)
- dvidir=$ac_optarg ;;
-
- -enable-* | --enable-*)
- ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'`
- # Reject names that are not valid shell variable names.
- expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
- as_fn_error $? "invalid feature name: $ac_useropt"
- ac_useropt_orig=$ac_useropt
- ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
- case $ac_user_opts in
- *"
-"enable_$ac_useropt"
-"*) ;;
- *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig"
- ac_unrecognized_sep=', ';;
- esac
- eval enable_$ac_useropt=\$ac_optarg ;;
-
- -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \
- | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \
- | --exec | --exe | --ex)
- ac_prev=exec_prefix ;;
- -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \
- | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \
- | --exec=* | --exe=* | --ex=*)
- exec_prefix=$ac_optarg ;;
-
- -gas | --gas | --ga | --g)
- # Obsolete; use --with-gas.
- with_gas=yes ;;
-
- -help | --help | --hel | --he | -h)
- ac_init_help=long ;;
- -help=r* | --help=r* | --hel=r* | --he=r* | -hr*)
- ac_init_help=recursive ;;
- -help=s* | --help=s* | --hel=s* | --he=s* | -hs*)
- ac_init_help=short ;;
-
- -host | --host | --hos | --ho)
- ac_prev=host_alias ;;
- -host=* | --host=* | --hos=* | --ho=*)
- host_alias=$ac_optarg ;;
-
- -htmldir | --htmldir | --htmldi | --htmld | --html | --htm | --ht)
- ac_prev=htmldir ;;
- -htmldir=* | --htmldir=* | --htmldi=* | --htmld=* | --html=* | --htm=* \
- | --ht=*)
- htmldir=$ac_optarg ;;
-
- -includedir | --includedir | --includedi | --included | --include \
- | --includ | --inclu | --incl | --inc)
- ac_prev=includedir ;;
- -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \
- | --includ=* | --inclu=* | --incl=* | --inc=*)
- includedir=$ac_optarg ;;
-
- -infodir | --infodir | --infodi | --infod | --info | --inf)
- ac_prev=infodir ;;
- -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*)
- infodir=$ac_optarg ;;
-
- -libdir | --libdir | --libdi | --libd)
- ac_prev=libdir ;;
- -libdir=* | --libdir=* | --libdi=* | --libd=*)
- libdir=$ac_optarg ;;
-
- -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \
- | --libexe | --libex | --libe)
- ac_prev=libexecdir ;;
- -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \
- | --libexe=* | --libex=* | --libe=*)
- libexecdir=$ac_optarg ;;
-
- -localedir | --localedir | --localedi | --localed | --locale)
- ac_prev=localedir ;;
- -localedir=* | --localedir=* | --localedi=* | --localed=* | --locale=*)
- localedir=$ac_optarg ;;
-
- -localstatedir | --localstatedir | --localstatedi | --localstated \
- | --localstate | --localstat | --localsta | --localst | --locals)
- ac_prev=localstatedir ;;
- -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \
- | --localstate=* | --localstat=* | --localsta=* | --localst=* | --locals=*)
- localstatedir=$ac_optarg ;;
-
- -mandir | --mandir | --mandi | --mand | --man | --ma | --m)
- ac_prev=mandir ;;
- -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*)
- mandir=$ac_optarg ;;
-
- -nfp | --nfp | --nf)
- # Obsolete; use --without-fp.
- with_fp=no ;;
-
- -no-create | --no-create | --no-creat | --no-crea | --no-cre \
- | --no-cr | --no-c | -n)
- no_create=yes ;;
-
- -no-recursion | --no-recursion | --no-recursio | --no-recursi \
- | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r)
- no_recursion=yes ;;
-
- -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \
- | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \
- | --oldin | --oldi | --old | --ol | --o)
- ac_prev=oldincludedir ;;
- -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \
- | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \
- | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*)
- oldincludedir=$ac_optarg ;;
-
- -prefix | --prefix | --prefi | --pref | --pre | --pr | --p)
- ac_prev=prefix ;;
- -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*)
- prefix=$ac_optarg ;;
-
- -program-prefix | --program-prefix | --program-prefi | --program-pref \
- | --program-pre | --program-pr | --program-p)
- ac_prev=program_prefix ;;
- -program-prefix=* | --program-prefix=* | --program-prefi=* \
- | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*)
- program_prefix=$ac_optarg ;;
-
- -program-suffix | --program-suffix | --program-suffi | --program-suff \
- | --program-suf | --program-su | --program-s)
- ac_prev=program_suffix ;;
- -program-suffix=* | --program-suffix=* | --program-suffi=* \
- | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*)
- program_suffix=$ac_optarg ;;
-
- -program-transform-name | --program-transform-name \
- | --program-transform-nam | --program-transform-na \
- | --program-transform-n | --program-transform- \
- | --program-transform | --program-transfor \
- | --program-transfo | --program-transf \
- | --program-trans | --program-tran \
- | --progr-tra | --program-tr | --program-t)
- ac_prev=program_transform_name ;;
- -program-transform-name=* | --program-transform-name=* \
- | --program-transform-nam=* | --program-transform-na=* \
- | --program-transform-n=* | --program-transform-=* \
- | --program-transform=* | --program-transfor=* \
- | --program-transfo=* | --program-transf=* \
- | --program-trans=* | --program-tran=* \
- | --progr-tra=* | --program-tr=* | --program-t=*)
- program_transform_name=$ac_optarg ;;
-
- -pdfdir | --pdfdir | --pdfdi | --pdfd | --pdf | --pd)
- ac_prev=pdfdir ;;
- -pdfdir=* | --pdfdir=* | --pdfdi=* | --pdfd=* | --pdf=* | --pd=*)
- pdfdir=$ac_optarg ;;
-
- -psdir | --psdir | --psdi | --psd | --ps)
- ac_prev=psdir ;;
- -psdir=* | --psdir=* | --psdi=* | --psd=* | --ps=*)
- psdir=$ac_optarg ;;
-
- -q | -quiet | --quiet | --quie | --qui | --qu | --q \
- | -silent | --silent | --silen | --sile | --sil)
- silent=yes ;;
-
- -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
- ac_prev=sbindir ;;
- -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
- | --sbi=* | --sb=*)
- sbindir=$ac_optarg ;;
-
- -sharedstatedir | --sharedstatedir | --sharedstatedi \
- | --sharedstated | --sharedstate | --sharedstat | --sharedsta \
- | --sharedst | --shareds | --shared | --share | --shar \
- | --sha | --sh)
- ac_prev=sharedstatedir ;;
- -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \
- | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \
- | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \
- | --sha=* | --sh=*)
- sharedstatedir=$ac_optarg ;;
-
- -site | --site | --sit)
- ac_prev=site ;;
- -site=* | --site=* | --sit=*)
- site=$ac_optarg ;;
-
- -srcdir | --srcdir | --srcdi | --srcd | --src | --sr)
- ac_prev=srcdir ;;
- -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*)
- srcdir=$ac_optarg ;;
-
- -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \
- | --syscon | --sysco | --sysc | --sys | --sy)
- ac_prev=sysconfdir ;;
- -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \
- | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*)
- sysconfdir=$ac_optarg ;;
-
- -target | --target | --targe | --targ | --tar | --ta | --t)
- ac_prev=target_alias ;;
- -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*)
- target_alias=$ac_optarg ;;
-
- -v | -verbose | --verbose | --verbos | --verbo | --verb)
- verbose=yes ;;
-
- -version | --version | --versio | --versi | --vers | -V)
- ac_init_version=: ;;
-
- -with-* | --with-*)
- ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'`
- # Reject names that are not valid shell variable names.
- expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
- as_fn_error $? "invalid package name: $ac_useropt"
- ac_useropt_orig=$ac_useropt
- ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
- case $ac_user_opts in
- *"
-"with_$ac_useropt"
-"*) ;;
- *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig"
- ac_unrecognized_sep=', ';;
- esac
- eval with_$ac_useropt=\$ac_optarg ;;
-
- -without-* | --without-*)
- ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'`
- # Reject names that are not valid shell variable names.
- expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
- as_fn_error $? "invalid package name: $ac_useropt"
- ac_useropt_orig=$ac_useropt
- ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
- case $ac_user_opts in
- *"
-"with_$ac_useropt"
-"*) ;;
- *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig"
- ac_unrecognized_sep=', ';;
- esac
- eval with_$ac_useropt=no ;;
-
- --x)
- # Obsolete; use --with-x.
- with_x=yes ;;
-
- -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \
- | --x-incl | --x-inc | --x-in | --x-i)
- ac_prev=x_includes ;;
- -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \
- | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*)
- x_includes=$ac_optarg ;;
-
- -x-libraries | --x-libraries | --x-librarie | --x-librari \
- | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l)
- ac_prev=x_libraries ;;
- -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \
- | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*)
- x_libraries=$ac_optarg ;;
-
- -*) as_fn_error $? "unrecognized option: \`$ac_option'
-Try \`$0 --help' for more information"
- ;;
-
- *=*)
- ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='`
- # Reject names that are not valid shell variable names.
- case $ac_envvar in #(
- '' | [0-9]* | *[!_$as_cr_alnum]* )
- as_fn_error $? "invalid variable name: \`$ac_envvar'" ;;
- esac
- eval $ac_envvar=\$ac_optarg
- export $ac_envvar ;;
-
- *)
- # FIXME: should be removed in autoconf 3.0.
- $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2
- expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null &&
- $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2
- : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}"
- ;;
-
- esac
-done
-
-if test -n "$ac_prev"; then
- ac_option=--`echo $ac_prev | sed 's/_/-/g'`
- as_fn_error $? "missing argument to $ac_option"
-fi
-
-if test -n "$ac_unrecognized_opts"; then
- case $enable_option_checking in
- no) ;;
- fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;;
- *) $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;;
- esac
-fi
-
-# Check all directory arguments for consistency.
-for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
- datadir sysconfdir sharedstatedir localstatedir includedir \
- oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
- libdir localedir mandir
-do
- eval ac_val=\$$ac_var
- # Remove trailing slashes.
- case $ac_val in
- */ )
- ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'`
- eval $ac_var=\$ac_val;;
- esac
- # Be sure to have absolute directory names.
- case $ac_val in
- [\\/$]* | ?:[\\/]* ) continue;;
- NONE | '' ) case $ac_var in *prefix ) continue;; esac;;
- esac
- as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val"
-done
-
-# There might be people who depend on the old broken behavior: `$host'
-# used to hold the argument of --host etc.
-# FIXME: To remove some day.
-build=$build_alias
-host=$host_alias
-target=$target_alias
-
-# FIXME: To remove some day.
-if test "x$host_alias" != x; then
- if test "x$build_alias" = x; then
- cross_compiling=maybe
- $as_echo "$as_me: WARNING: if you wanted to set the --build type, don't use --host.
- If a cross compiler is detected then cross compile mode will be used" >&2
- elif test "x$build_alias" != "x$host_alias"; then
- cross_compiling=yes
- fi
-fi
-
-ac_tool_prefix=
-test -n "$host_alias" && ac_tool_prefix=$host_alias-
-
-test "$silent" = yes && exec 6>/dev/null
-
-
-ac_pwd=`pwd` && test -n "$ac_pwd" &&
-ac_ls_di=`ls -di .` &&
-ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` ||
- as_fn_error $? "working directory cannot be determined"
-test "X$ac_ls_di" = "X$ac_pwd_ls_di" ||
- as_fn_error $? "pwd does not report name of working directory"
-
-
-# Find the source files, if location was not specified.
-if test -z "$srcdir"; then
- ac_srcdir_defaulted=yes
- # Try the directory containing this script, then the parent directory.
- ac_confdir=`$as_dirname -- "$as_myself" ||
-$as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$as_myself" : 'X\(//\)[^/]' \| \
- X"$as_myself" : 'X\(//\)$' \| \
- X"$as_myself" : 'X\(/\)' \| . 2>/dev/null ||
-$as_echo X"$as_myself" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
- s//\1/
- q
- }
- /^X\(\/\/\)[^/].*/{
- s//\1/
- q
- }
- /^X\(\/\/\)$/{
- s//\1/
- q
- }
- /^X\(\/\).*/{
- s//\1/
- q
- }
- s/.*/./; q'`
- srcdir=$ac_confdir
- if test ! -r "$srcdir/$ac_unique_file"; then
- srcdir=..
- fi
-else
- ac_srcdir_defaulted=no
-fi
-if test ! -r "$srcdir/$ac_unique_file"; then
- test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .."
- as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir"
-fi
-ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work"
-ac_abs_confdir=`(
- cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg"
- pwd)`
-# When building in place, set srcdir=.
-if test "$ac_abs_confdir" = "$ac_pwd"; then
- srcdir=.
-fi
-# Remove unnecessary trailing slashes from srcdir.
-# Double slashes in file names in object file debugging info
-# mess up M-x gdb in Emacs.
-case $srcdir in
-*/) srcdir=`expr "X$srcdir" : 'X\(.*[^/]\)' \| "X$srcdir" : 'X\(.*\)'`;;
-esac
-for ac_var in $ac_precious_vars; do
- eval ac_env_${ac_var}_set=\${${ac_var}+set}
- eval ac_env_${ac_var}_value=\$${ac_var}
- eval ac_cv_env_${ac_var}_set=\${${ac_var}+set}
- eval ac_cv_env_${ac_var}_value=\$${ac_var}
-done
-
-#
-# Report the --help message.
-#
-if test "$ac_init_help" = "long"; then
- # Omit some internal or obsolete options to make the list less imposing.
- # This message is too long to be a string in the A/UX 3.1 sh.
- cat <<_ACEOF
-\`configure' configures ldns 1.6.9 to adapt to many kinds of systems.
-
-Usage: $0 [OPTION]... [VAR=VALUE]...
-
-To assign environment variables (e.g., CC, CFLAGS...), specify them as
-VAR=VALUE. See below for descriptions of some of the useful variables.
-
-Defaults for the options are specified in brackets.
-
-Configuration:
- -h, --help display this help and exit
- --help=short display options specific to this package
- --help=recursive display the short help of all the included packages
- -V, --version display version information and exit
- -q, --quiet, --silent do not print \`checking ...' messages
- --cache-file=FILE cache test results in FILE [disabled]
- -C, --config-cache alias for \`--cache-file=config.cache'
- -n, --no-create do not create output files
- --srcdir=DIR find the sources in DIR [configure dir or \`..']
-
-Installation directories:
- --prefix=PREFIX install architecture-independent files in PREFIX
- [$ac_default_prefix]
- --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX
- [PREFIX]
-
-By default, \`make install' will install all the files in
-\`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify
-an installation prefix other than \`$ac_default_prefix' using \`--prefix',
-for instance \`--prefix=\$HOME'.
-
-For better control, use the options below.
-
-Fine tuning of the installation directories:
- --bindir=DIR user executables [EPREFIX/bin]
- --sbindir=DIR system admin executables [EPREFIX/sbin]
- --libexecdir=DIR program executables [EPREFIX/libexec]
- --sysconfdir=DIR read-only single-machine data [PREFIX/etc]
- --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
- --localstatedir=DIR modifiable single-machine data [PREFIX/var]
- --libdir=DIR object code libraries [EPREFIX/lib]
- --includedir=DIR C header files [PREFIX/include]
- --oldincludedir=DIR C header files for non-gcc [/usr/include]
- --datarootdir=DIR read-only arch.-independent data root [PREFIX/share]
- --datadir=DIR read-only architecture-independent data [DATAROOTDIR]
- --infodir=DIR info documentation [DATAROOTDIR/info]
- --localedir=DIR locale-dependent data [DATAROOTDIR/locale]
- --mandir=DIR man documentation [DATAROOTDIR/man]
- --docdir=DIR documentation root [DATAROOTDIR/doc/libdns]
- --htmldir=DIR html documentation [DOCDIR]
- --dvidir=DIR dvi documentation [DOCDIR]
- --pdfdir=DIR pdf documentation [DOCDIR]
- --psdir=DIR ps documentation [DOCDIR]
-_ACEOF
-
- cat <<\_ACEOF
-_ACEOF
-fi
-
-if test -n "$ac_init_help"; then
- case $ac_init_help in
- short | recursive ) echo "Configuration of ldns 1.6.9:";;
- esac
- cat <<\_ACEOF
-
-Optional Features:
- --disable-option-checking ignore unrecognized --enable/--with options
- --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no)
- --enable-FEATURE[=ARG] include FEATURE [ARG=yes]
- --disable-rpath disable hardcoded rpath (default=enabled)
-
-Optional Packages:
- --with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
- --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no)
- --with-ssl=pathname enable SSL (will check /usr/local/ssl /usr/lib/ssl
- /usr/ssl /usr/pkg /usr/local /opt/local /usr/sfw
- /usr)
- --with-ldns=PATH specify prefix of path of ldns library to use
-
-
-
-Some influential environment variables:
- CC C compiler command
- CFLAGS C compiler flags
- LDFLAGS linker flags, e.g. -L<lib dir> if you have libraries in a
- nonstandard directory <lib dir>
- LIBS libraries to pass to the linker, e.g. -l<library>
- CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I<include dir> if
- you have headers in a nonstandard directory <include dir>
- CPP C preprocessor
-
-Use these variables to override the choices made by `configure' or to help
-it to find libraries and programs with nonstandard names/locations.
-
-Report bugs to <libdns@nlnetlabs.nl>.
-_ACEOF
-ac_status=$?
-fi
-
-if test "$ac_init_help" = "recursive"; then
- # If there are subdirs, report their specific --help.
- for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue
- test -d "$ac_dir" ||
- { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } ||
- continue
- ac_builddir=.
-
-case "$ac_dir" in
-.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;;
-*)
- ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'`
- # A ".." for each directory in $ac_dir_suffix.
- ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'`
- case $ac_top_builddir_sub in
- "") ac_top_builddir_sub=. ac_top_build_prefix= ;;
- *) ac_top_build_prefix=$ac_top_builddir_sub/ ;;
- esac ;;
-esac
-ac_abs_top_builddir=$ac_pwd
-ac_abs_builddir=$ac_pwd$ac_dir_suffix
-# for backward compatibility:
-ac_top_builddir=$ac_top_build_prefix
-
-case $srcdir in
- .) # We are building in place.
- ac_srcdir=.
- ac_top_srcdir=$ac_top_builddir_sub
- ac_abs_top_srcdir=$ac_pwd ;;
- [\\/]* | ?:[\\/]* ) # Absolute name.
- ac_srcdir=$srcdir$ac_dir_suffix;
- ac_top_srcdir=$srcdir
- ac_abs_top_srcdir=$srcdir ;;
- *) # Relative name.
- ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix
- ac_top_srcdir=$ac_top_build_prefix$srcdir
- ac_abs_top_srcdir=$ac_pwd/$srcdir ;;
-esac
-ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix
-
- cd "$ac_dir" || { ac_status=$?; continue; }
- # Check for guested configure.
- if test -f "$ac_srcdir/configure.gnu"; then
- echo &&
- $SHELL "$ac_srcdir/configure.gnu" --help=recursive
- elif test -f "$ac_srcdir/configure"; then
- echo &&
- $SHELL "$ac_srcdir/configure" --help=recursive
- else
- $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2
- fi || ac_status=$?
- cd "$ac_pwd" || { ac_status=$?; break; }
- done
-fi
-
-test -n "$ac_init_help" && exit $ac_status
-if $ac_init_version; then
- cat <<\_ACEOF
-ldns configure 1.6.9
-generated by GNU Autoconf 2.68
-
-Copyright (C) 2010 Free Software Foundation, Inc.
-This configure script is free software; the Free Software Foundation
-gives unlimited permission to copy, distribute and modify it.
-_ACEOF
- exit
-fi
-
-## ------------------------ ##
-## Autoconf initialization. ##
-## ------------------------ ##
-
-# ac_fn_c_try_compile LINENO
-# --------------------------
-# Try to compile conftest.$ac_ext, and return whether this succeeded.
-ac_fn_c_try_compile ()
-{
- as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
- rm -f conftest.$ac_objext
- if { { ac_try="$ac_compile"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
- (eval "$ac_compile") 2>conftest.err
- ac_status=$?
- if test -s conftest.err; then
- grep -v '^ *+' conftest.err >conftest.er1
- cat conftest.er1 >&5
- mv -f conftest.er1 conftest.err
- fi
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; } && {
- test -z "$ac_c_werror_flag" ||
- test ! -s conftest.err
- } && test -s conftest.$ac_objext; then :
- ac_retval=0
-else
- $as_echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_retval=1
-fi
- eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
- as_fn_set_status $ac_retval
-
-} # ac_fn_c_try_compile
-
-# ac_fn_c_try_cpp LINENO
-# ----------------------
-# Try to preprocess conftest.$ac_ext, and return whether this succeeded.
-ac_fn_c_try_cpp ()
-{
- as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
- if { { ac_try="$ac_cpp conftest.$ac_ext"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
- (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err
- ac_status=$?
- if test -s conftest.err; then
- grep -v '^ *+' conftest.err >conftest.er1
- cat conftest.er1 >&5
- mv -f conftest.er1 conftest.err
- fi
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; } > conftest.i && {
- test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
- test ! -s conftest.err
- }; then :
- ac_retval=0
-else
- $as_echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_retval=1
-fi
- eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
- as_fn_set_status $ac_retval
-
-} # ac_fn_c_try_cpp
-
-# ac_fn_c_check_header_mongrel LINENO HEADER VAR INCLUDES
-# -------------------------------------------------------
-# Tests whether HEADER exists, giving a warning if it cannot be compiled using
-# the include files in INCLUDES and setting the cache variable VAR
-# accordingly.
-ac_fn_c_check_header_mongrel ()
-{
- as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
- if eval \${$3+:} false; then :
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
-$as_echo_n "checking for $2... " >&6; }
-if eval \${$3+:} false; then :
- $as_echo_n "(cached) " >&6
-fi
-eval ac_res=\$$3
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
-$as_echo "$ac_res" >&6; }
-else
- # Is the header compilable?
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 usability" >&5
-$as_echo_n "checking $2 usability... " >&6; }
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-$4
-#include <$2>
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- ac_header_compiler=yes
-else
- ac_header_compiler=no
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_compiler" >&5
-$as_echo "$ac_header_compiler" >&6; }
-
-# Is the header present?
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 presence" >&5
-$as_echo_n "checking $2 presence... " >&6; }
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#include <$2>
-_ACEOF
-if ac_fn_c_try_cpp "$LINENO"; then :
- ac_header_preproc=yes
-else
- ac_header_preproc=no
-fi
-rm -f conftest.err conftest.i conftest.$ac_ext
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_preproc" >&5
-$as_echo "$ac_header_preproc" >&6; }
-
-# So? What about this header?
-case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in #((
- yes:no: )
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&5
-$as_echo "$as_me: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&2;}
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5
-$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;}
- ;;
- no:yes:* )
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: present but cannot be compiled" >&5
-$as_echo "$as_me: WARNING: $2: present but cannot be compiled" >&2;}
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: check for missing prerequisite headers?" >&5
-$as_echo "$as_me: WARNING: $2: check for missing prerequisite headers?" >&2;}
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: see the Autoconf documentation" >&5
-$as_echo "$as_me: WARNING: $2: see the Autoconf documentation" >&2;}
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&5
-$as_echo "$as_me: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&2;}
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5
-$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;}
-( $as_echo "## ---------------------------------- ##
-## Report this to libdns@nlnetlabs.nl ##
-## ---------------------------------- ##"
- ) | sed "s/^/$as_me: WARNING: /" >&2
- ;;
-esac
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
-$as_echo_n "checking for $2... " >&6; }
-if eval \${$3+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- eval "$3=\$ac_header_compiler"
-fi
-eval ac_res=\$$3
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
-$as_echo "$ac_res" >&6; }
-fi
- eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
-
-} # ac_fn_c_check_header_mongrel
-
-# ac_fn_c_try_run LINENO
-# ----------------------
-# Try to link conftest.$ac_ext, and return whether this succeeded. Assumes
-# that executables *can* be run.
-ac_fn_c_try_run ()
-{
- as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
- if { { ac_try="$ac_link"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
- (eval "$ac_link") 2>&5
- ac_status=$?
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; } && { ac_try='./conftest$ac_exeext'
- { { case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
- (eval "$ac_try") 2>&5
- ac_status=$?
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; }; }; then :
- ac_retval=0
-else
- $as_echo "$as_me: program exited with status $ac_status" >&5
- $as_echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_retval=$ac_status
-fi
- rm -rf conftest.dSYM conftest_ipa8_conftest.oo
- eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
- as_fn_set_status $ac_retval
-
-} # ac_fn_c_try_run
-
-# ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES
-# -------------------------------------------------------
-# Tests whether HEADER exists and can be compiled using the include files in
-# INCLUDES, setting the cache variable VAR accordingly.
-ac_fn_c_check_header_compile ()
-{
- as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
-$as_echo_n "checking for $2... " >&6; }
-if eval \${$3+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-$4
-#include <$2>
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- eval "$3=yes"
-else
- eval "$3=no"
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-eval ac_res=\$$3
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
-$as_echo "$ac_res" >&6; }
- eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
-
-} # ac_fn_c_check_header_compile
-
-# ac_fn_c_check_type LINENO TYPE VAR INCLUDES
-# -------------------------------------------
-# Tests whether TYPE exists after having included INCLUDES, setting cache
-# variable VAR accordingly.
-ac_fn_c_check_type ()
-{
- as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
-$as_echo_n "checking for $2... " >&6; }
-if eval \${$3+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- eval "$3=no"
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-$4
-int
-main ()
-{
-if (sizeof ($2))
- return 0;
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-$4
-int
-main ()
-{
-if (sizeof (($2)))
- return 0;
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-else
- eval "$3=yes"
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-eval ac_res=\$$3
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
-$as_echo "$ac_res" >&6; }
- eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
-
-} # ac_fn_c_check_type
-
-# ac_fn_c_try_link LINENO
-# -----------------------
-# Try to link conftest.$ac_ext, and return whether this succeeded.
-ac_fn_c_try_link ()
-{
- as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
- rm -f conftest.$ac_objext conftest$ac_exeext
- if { { ac_try="$ac_link"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
- (eval "$ac_link") 2>conftest.err
- ac_status=$?
- if test -s conftest.err; then
- grep -v '^ *+' conftest.err >conftest.er1
- cat conftest.er1 >&5
- mv -f conftest.er1 conftest.err
- fi
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; } && {
- test -z "$ac_c_werror_flag" ||
- test ! -s conftest.err
- } && test -s conftest$ac_exeext && {
- test "$cross_compiling" = yes ||
- $as_test_x conftest$ac_exeext
- }; then :
- ac_retval=0
-else
- $as_echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_retval=1
-fi
- # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information
- # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would
- # interfere with the next link command; also delete a directory that is
- # left behind by Apple's compiler. We do this before executing the actions.
- rm -rf conftest.dSYM conftest_ipa8_conftest.oo
- eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
- as_fn_set_status $ac_retval
-
-} # ac_fn_c_try_link
-
-# ac_fn_c_check_func LINENO FUNC VAR
-# ----------------------------------
-# Tests whether FUNC exists, setting the cache variable VAR accordingly
-ac_fn_c_check_func ()
-{
- as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
-$as_echo_n "checking for $2... " >&6; }
-if eval \${$3+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-/* Define $2 to an innocuous variant, in case <limits.h> declares $2.
- For example, HP-UX 11i <limits.h> declares gettimeofday. */
-#define $2 innocuous_$2
-
-/* System header to define __stub macros and hopefully few prototypes,
- which can conflict with char $2 (); below.
- Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
- <limits.h> exists even on freestanding compilers. */
-
-#ifdef __STDC__
-# include <limits.h>
-#else
-# include <assert.h>
-#endif
-
-#undef $2
-
-/* Override any GCC internal prototype to avoid an error.
- Use char because int might match the return type of a GCC
- builtin and then its argument prototype would still apply. */
-#ifdef __cplusplus
-extern "C"
-#endif
-char $2 ();
-/* The GNU C library defines this for functions which it implements
- to always fail with ENOSYS. Some functions are actually named
- something starting with __ and the normal name is an alias. */
-#if defined __stub_$2 || defined __stub___$2
-choke me
-#endif
-
-int
-main ()
-{
-return $2 ();
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
- eval "$3=yes"
-else
- eval "$3=no"
-fi
-rm -f core conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
-fi
-eval ac_res=\$$3
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
-$as_echo "$ac_res" >&6; }
- eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
-
-} # ac_fn_c_check_func
-cat >config.log <<_ACEOF
-This file contains any messages produced by compilers while
-running configure, to aid debugging if configure makes a mistake.
-
-It was created by ldns $as_me 1.6.9, which was
-generated by GNU Autoconf 2.68. Invocation command line was
-
- $ $0 $@
-
-_ACEOF
-exec 5>>config.log
-{
-cat <<_ASUNAME
-## --------- ##
-## Platform. ##
-## --------- ##
-
-hostname = `(hostname || uname -n) 2>/dev/null | sed 1q`
-uname -m = `(uname -m) 2>/dev/null || echo unknown`
-uname -r = `(uname -r) 2>/dev/null || echo unknown`
-uname -s = `(uname -s) 2>/dev/null || echo unknown`
-uname -v = `(uname -v) 2>/dev/null || echo unknown`
-
-/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown`
-/bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown`
-
-/bin/arch = `(/bin/arch) 2>/dev/null || echo unknown`
-/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown`
-/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown`
-/usr/bin/hostinfo = `(/usr/bin/hostinfo) 2>/dev/null || echo unknown`
-/bin/machine = `(/bin/machine) 2>/dev/null || echo unknown`
-/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown`
-/bin/universe = `(/bin/universe) 2>/dev/null || echo unknown`
-
-_ASUNAME
-
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- $as_echo "PATH: $as_dir"
- done
-IFS=$as_save_IFS
-
-} >&5
-
-cat >&5 <<_ACEOF
-
-
-## ----------- ##
-## Core tests. ##
-## ----------- ##
-
-_ACEOF
-
-
-# Keep a trace of the command line.
-# Strip out --no-create and --no-recursion so they do not pile up.
-# Strip out --silent because we don't want to record it for future runs.
-# Also quote any args containing shell meta-characters.
-# Make two passes to allow for proper duplicate-argument suppression.
-ac_configure_args=
-ac_configure_args0=
-ac_configure_args1=
-ac_must_keep_next=false
-for ac_pass in 1 2
-do
- for ac_arg
- do
- case $ac_arg in
- -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;;
- -q | -quiet | --quiet | --quie | --qui | --qu | --q \
- | -silent | --silent | --silen | --sile | --sil)
- continue ;;
- *\'*)
- ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;;
- esac
- case $ac_pass in
- 1) as_fn_append ac_configure_args0 " '$ac_arg'" ;;
- 2)
- as_fn_append ac_configure_args1 " '$ac_arg'"
- if test $ac_must_keep_next = true; then
- ac_must_keep_next=false # Got value, back to normal.
- else
- case $ac_arg in
- *=* | --config-cache | -C | -disable-* | --disable-* \
- | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \
- | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \
- | -with-* | --with-* | -without-* | --without-* | --x)
- case "$ac_configure_args0 " in
- "$ac_configure_args1"*" '$ac_arg' "* ) continue ;;
- esac
- ;;
- -* ) ac_must_keep_next=true ;;
- esac
- fi
- as_fn_append ac_configure_args " '$ac_arg'"
- ;;
- esac
- done
-done
-{ ac_configure_args0=; unset ac_configure_args0;}
-{ ac_configure_args1=; unset ac_configure_args1;}
-
-# When interrupted or exit'd, cleanup temporary files, and complete
-# config.log. We remove comments because anyway the quotes in there
-# would cause problems or look ugly.
-# WARNING: Use '\'' to represent an apostrophe within the trap.
-# WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug.
-trap 'exit_status=$?
- # Save into config.log some information that might help in debugging.
- {
- echo
-
- $as_echo "## ---------------- ##
-## Cache variables. ##
-## ---------------- ##"
- echo
- # The following way of writing the cache mishandles newlines in values,
-(
- for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do
- eval ac_val=\$$ac_var
- case $ac_val in #(
- *${as_nl}*)
- case $ac_var in #(
- *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5
-$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;;
- esac
- case $ac_var in #(
- _ | IFS | as_nl) ;; #(
- BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #(
- *) { eval $ac_var=; unset $ac_var;} ;;
- esac ;;
- esac
- done
- (set) 2>&1 |
- case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #(
- *${as_nl}ac_space=\ *)
- sed -n \
- "s/'\''/'\''\\\\'\'''\''/g;
- s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p"
- ;; #(
- *)
- sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p"
- ;;
- esac |
- sort
-)
- echo
-
- $as_echo "## ----------------- ##
-## Output variables. ##
-## ----------------- ##"
- echo
- for ac_var in $ac_subst_vars
- do
- eval ac_val=\$$ac_var
- case $ac_val in
- *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;;
- esac
- $as_echo "$ac_var='\''$ac_val'\''"
- done | sort
- echo
-
- if test -n "$ac_subst_files"; then
- $as_echo "## ------------------- ##
-## File substitutions. ##
-## ------------------- ##"
- echo
- for ac_var in $ac_subst_files
- do
- eval ac_val=\$$ac_var
- case $ac_val in
- *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;;
- esac
- $as_echo "$ac_var='\''$ac_val'\''"
- done | sort
- echo
- fi
-
- if test -s confdefs.h; then
- $as_echo "## ----------- ##
-## confdefs.h. ##
-## ----------- ##"
- echo
- cat confdefs.h
- echo
- fi
- test "$ac_signal" != 0 &&
- $as_echo "$as_me: caught signal $ac_signal"
- $as_echo "$as_me: exit $exit_status"
- } >&5
- rm -f core *.core core.conftest.* &&
- rm -f -r conftest* confdefs* conf$$* $ac_clean_files &&
- exit $exit_status
-' 0
-for ac_signal in 1 2 13 15; do
- trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal
-done
-ac_signal=0
-
-# confdefs.h avoids OS command line length limits that DEFS can exceed.
-rm -f -r conftest* confdefs.h
-
-$as_echo "/* confdefs.h */" > confdefs.h
-
-# Predefined preprocessor variables.
-
-cat >>confdefs.h <<_ACEOF
-#define PACKAGE_NAME "$PACKAGE_NAME"
-_ACEOF
-
-cat >>confdefs.h <<_ACEOF
-#define PACKAGE_TARNAME "$PACKAGE_TARNAME"
-_ACEOF
-
-cat >>confdefs.h <<_ACEOF
-#define PACKAGE_VERSION "$PACKAGE_VERSION"
-_ACEOF
-
-cat >>confdefs.h <<_ACEOF
-#define PACKAGE_STRING "$PACKAGE_STRING"
-_ACEOF
-
-cat >>confdefs.h <<_ACEOF
-#define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT"
-_ACEOF
-
-cat >>confdefs.h <<_ACEOF
-#define PACKAGE_URL "$PACKAGE_URL"
-_ACEOF
-
-
-# Let the site file select an alternate cache file if it wants to.
-# Prefer an explicitly selected file to automatically selected ones.
-ac_site_file1=NONE
-ac_site_file2=NONE
-if test -n "$CONFIG_SITE"; then
- # We do not want a PATH search for config.site.
- case $CONFIG_SITE in #((
- -*) ac_site_file1=./$CONFIG_SITE;;
- */*) ac_site_file1=$CONFIG_SITE;;
- *) ac_site_file1=./$CONFIG_SITE;;
- esac
-elif test "x$prefix" != xNONE; then
- ac_site_file1=$prefix/share/config.site
- ac_site_file2=$prefix/etc/config.site
-else
- ac_site_file1=$ac_default_prefix/share/config.site
- ac_site_file2=$ac_default_prefix/etc/config.site
-fi
-for ac_site_file in "$ac_site_file1" "$ac_site_file2"
-do
- test "x$ac_site_file" = xNONE && continue
- if test /dev/null != "$ac_site_file" && test -r "$ac_site_file"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5
-$as_echo "$as_me: loading site script $ac_site_file" >&6;}
- sed 's/^/| /' "$ac_site_file" >&5
- . "$ac_site_file" \
- || { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error $? "failed to load site script $ac_site_file
-See \`config.log' for more details" "$LINENO" 5; }
- fi
-done
-
-if test -r "$cache_file"; then
- # Some versions of bash will fail to source /dev/null (special files
- # actually), so we avoid doing that. DJGPP emulates it as a regular file.
- if test /dev/null != "$cache_file" && test -f "$cache_file"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5
-$as_echo "$as_me: loading cache $cache_file" >&6;}
- case $cache_file in
- [\\/]* | ?:[\\/]* ) . "$cache_file";;
- *) . "./$cache_file";;
- esac
- fi
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5
-$as_echo "$as_me: creating cache $cache_file" >&6;}
- >$cache_file
-fi
-
-# Check that the precious variables saved in the cache have kept the same
-# value.
-ac_cache_corrupted=false
-for ac_var in $ac_precious_vars; do
- eval ac_old_set=\$ac_cv_env_${ac_var}_set
- eval ac_new_set=\$ac_env_${ac_var}_set
- eval ac_old_val=\$ac_cv_env_${ac_var}_value
- eval ac_new_val=\$ac_env_${ac_var}_value
- case $ac_old_set,$ac_new_set in
- set,)
- { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5
-$as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;}
- ac_cache_corrupted=: ;;
- ,set)
- { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5
-$as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;}
- ac_cache_corrupted=: ;;
- ,);;
- *)
- if test "x$ac_old_val" != "x$ac_new_val"; then
- # differences in whitespace do not lead to failure.
- ac_old_val_w=`echo x $ac_old_val`
- ac_new_val_w=`echo x $ac_new_val`
- if test "$ac_old_val_w" != "$ac_new_val_w"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5
-$as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;}
- ac_cache_corrupted=:
- else
- { $as_echo "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5
-$as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;}
- eval $ac_var=\$ac_old_val
- fi
- { $as_echo "$as_me:${as_lineno-$LINENO}: former value: \`$ac_old_val'" >&5
-$as_echo "$as_me: former value: \`$ac_old_val'" >&2;}
- { $as_echo "$as_me:${as_lineno-$LINENO}: current value: \`$ac_new_val'" >&5
-$as_echo "$as_me: current value: \`$ac_new_val'" >&2;}
- fi;;
- esac
- # Pass precious variables to config.status.
- if test "$ac_new_set" = set; then
- case $ac_new_val in
- *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;;
- *) ac_arg=$ac_var=$ac_new_val ;;
- esac
- case " $ac_configure_args " in
- *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy.
- *) as_fn_append ac_configure_args " '$ac_arg'" ;;
- esac
- fi
-done
-if $ac_cache_corrupted; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
- { $as_echo "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5
-$as_echo "$as_me: error: changes in the environment can compromise the build" >&2;}
- as_fn_error $? "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5
-fi
-## -------------------- ##
-## Main body of script. ##
-## -------------------- ##
-
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-
-
-
-# acx_nlnetlabs.m4 - common macros for configure checks
-# Copyright 2009, Wouter Wijngaards, NLnet Labs.
-# BSD licensed.
-#
-# Version 11
-# 2010-08-16 Fix FLAG_OMITTED for AS_TR_CPP changes in autoconf-2.66.
-# 2010-07-02 Add check for ss_family (for minix).
-# 2010-04-26 Fix to use CPPFLAGS for CHECK_COMPILER_FLAGS.
-# 2010-03-01 Fix RPATH using CONFIG_COMMANDS to run at the very end.
-# 2010-02-18 WITH_SSL outputs the LIBSSL_LDFLAGS, LIBS, CPPFLAGS seperate, -ldl
-# 2010-02-01 added ACX_CHECK_MEMCMP_SIGNED, AHX_MEMCMP_BROKEN
-# 2010-01-20 added AHX_COONFIG_STRLCAT
-# 2009-07-14 U_CHAR detection improved for windows crosscompile.
-# added ACX_FUNC_MALLOC
-# fixup some #if to #ifdef
-# NONBLOCKING test for mingw crosscompile.
-# 2009-07-13 added ACX_WITH_SSL_OPTIONAL
-# 2009-07-03 fixup LDFLAGS for empty ssl dir.
-#
-# Automates some of the checking constructs. Aims at portability for POSIX.
-# Documentation for functions is below.
-#
-# the following macro's are provided in this file:
-# (see below for details on each macro).
-#
-# ACX_ESCAPE_BACKSLASH - escape backslashes in var for C-preproc.
-# ACX_RSRC_VERSION - create windows resource version number.
-# ACX_CHECK_COMPILER_FLAG - see if cc supports a flag.
-# ACX_CHECK_ERROR_FLAGS - see which flag is -werror (used below).
-# ACX_CHECK_COMPILER_FLAG_NEEDED - see if flags make the code compile cleanly.
-# ACX_DEPFLAG - find cc dependency flags.
-# ACX_DETERMINE_EXT_FLAGS_UNBOUND - find out which flags enable BSD and POSIX.
-# ACX_CHECK_FORMAT_ATTRIBUTE - find cc printf format syntax.
-# ACX_CHECK_UNUSED_ATTRIBUTE - find cc variable unused syntax.
-# ACX_LIBTOOL_C_ONLY - create libtool for C only, improved.
-# ACX_TYPE_U_CHAR - u_char type.
-# ACX_TYPE_RLIM_T - rlim_t type.
-# ACX_TYPE_SOCKLEN_T - socklen_t type.
-# ACX_TYPE_IN_ADDR_T - in_addr_t type.
-# ACX_TYPE_IN_PORT_T - in_port_t type.
-# ACX_ARG_RPATH - add --disable-rpath option.
-# ACX_WITH_SSL - add --with-ssl option, link -lcrypto.
-# ACX_WITH_SSL_OPTIONAL - add --with-ssl option, link -lcrypto,
-# where --without-ssl is also accepted
-# ACX_LIB_SSL - setup to link -lssl.
-# ACX_SYS_LARGEFILE - improved sys_largefile, fseeko, >2G files.
-# ACX_CHECK_GETADDRINFO_WITH_INCLUDES - find getaddrinfo, portably.
-# ACX_FUNC_DEPRECATED - see if func is deprecated.
-# ACX_CHECK_NONBLOCKING_BROKEN - see if nonblocking sockets really work.
-# ACX_MKDIR_ONE_ARG - determine mkdir(2) number of arguments.
-# ACX_FUNC_IOCTLSOCKET - find ioctlsocket, portably.
-# ACX_FUNC_MALLOC - check malloc, define replacement .
-# AHX_CONFIG_FORMAT_ATTRIBUTE - config.h text for format.
-# AHX_CONFIG_UNUSED_ATTRIBUTE - config.h text for unused.
-# AHX_CONFIG_FSEEKO - define fseeko, ftello fallback.
-# AHX_CONFIG_RAND_MAX - define RAND_MAX if needed.
-# AHX_CONFIG_MAXHOSTNAMELEN - define MAXHOSTNAMELEN if needed.
-# AHX_CONFIG_IPV6_MIN_MTU - define IPV6_MIN_MTU if needed.
-# AHX_CONFIG_SNPRINTF - snprintf compat prototype
-# AHX_CONFIG_INET_PTON - inet_pton compat prototype
-# AHX_CONFIG_INET_NTOP - inet_ntop compat prototype
-# AHX_CONFIG_INET_ATON - inet_aton compat prototype
-# AHX_CONFIG_MEMMOVE - memmove compat prototype
-# AHX_CONFIG_STRLCAT - strlcat compat prototype
-# AHX_CONFIG_STRLCPY - strlcpy compat prototype
-# AHX_CONFIG_GMTIME_R - gmtime_r compat prototype
-# AHX_CONFIG_W32_SLEEP - w32 compat for sleep
-# AHX_CONFIG_W32_USLEEP - w32 compat for usleep
-# AHX_CONFIG_W32_RANDOM - w32 compat for random
-# AHX_CONFIG_W32_SRANDOM - w32 compat for srandom
-# AHX_CONFIG_W32_FD_SET_T - w32 detection of FD_SET_T.
-# ACX_CFLAGS_STRIP - strip one flag from CFLAGS
-# ACX_STRIP_EXT_FLAGS - strip extension flags from CFLAGS
-# AHX_CONFIG_FLAG_OMITTED - define omitted flag
-# AHX_CONFIG_FLAG_EXT - define omitted extension flag
-# AHX_CONFIG_EXT_FLAGS - define the stripped extension flags
-# ACX_CHECK_MEMCMP_SIGNED - check if memcmp uses signed characters.
-# AHX_MEMCMP_BROKEN - replace memcmp func for CHECK_MEMCMP_SIGNED.
-# ACX_CHECK_SS_FAMILY - check for sockaddr_storage.ss_family
-#
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-OURCPPFLAGS=''
-CPPFLAGS=${CPPFLAGS:-${OURCPPFLAGS}}
-OURCFLAGS='-g'
-CFLAGS=${CFLAGS:-${OURCFLAGS}}
-
-$as_echo "#define WINVER 0x0502" >>confdefs.h
-
-
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-if test -n "$ac_tool_prefix"; then
- # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args.
-set dummy ${ac_tool_prefix}gcc; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_CC+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
- ac_cv_prog_CC="${ac_tool_prefix}gcc"
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
- done
-IFS=$as_save_IFS
-
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
-$as_echo "$CC" >&6; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-fi
-if test -z "$ac_cv_prog_CC"; then
- ac_ct_CC=$CC
- # Extract the first word of "gcc", so it can be a program name with args.
-set dummy gcc; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_ac_ct_CC+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -n "$ac_ct_CC"; then
- ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
- ac_cv_prog_ac_ct_CC="gcc"
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
- done
-IFS=$as_save_IFS
-
-fi
-fi
-ac_ct_CC=$ac_cv_prog_ac_ct_CC
-if test -n "$ac_ct_CC"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5
-$as_echo "$ac_ct_CC" >&6; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
- if test "x$ac_ct_CC" = x; then
- CC=""
- else
- case $cross_compiling:$ac_tool_warned in
-yes:)
-{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
-$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
-ac_tool_warned=yes ;;
-esac
- CC=$ac_ct_CC
- fi
-else
- CC="$ac_cv_prog_CC"
-fi
-
-if test -z "$CC"; then
- if test -n "$ac_tool_prefix"; then
- # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args.
-set dummy ${ac_tool_prefix}cc; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_CC+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
- ac_cv_prog_CC="${ac_tool_prefix}cc"
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
- done
-IFS=$as_save_IFS
-
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
-$as_echo "$CC" >&6; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
- fi
-fi
-if test -z "$CC"; then
- # Extract the first word of "cc", so it can be a program name with args.
-set dummy cc; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_CC+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
-else
- ac_prog_rejected=no
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
- if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then
- ac_prog_rejected=yes
- continue
- fi
- ac_cv_prog_CC="cc"
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
- done
-IFS=$as_save_IFS
-
-if test $ac_prog_rejected = yes; then
- # We found a bogon in the path, so make sure we never use it.
- set dummy $ac_cv_prog_CC
- shift
- if test $# != 0; then
- # We chose a different compiler from the bogus one.
- # However, it has the same basename, so the bogon will be chosen
- # first if we set CC to just the basename; use the full file name.
- shift
- ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@"
- fi
-fi
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
-$as_echo "$CC" >&6; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-fi
-if test -z "$CC"; then
- if test -n "$ac_tool_prefix"; then
- for ac_prog in cl.exe
- do
- # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
-set dummy $ac_tool_prefix$ac_prog; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_CC+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
- ac_cv_prog_CC="$ac_tool_prefix$ac_prog"
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
- done
-IFS=$as_save_IFS
-
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
-$as_echo "$CC" >&6; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
- test -n "$CC" && break
- done
-fi
-if test -z "$CC"; then
- ac_ct_CC=$CC
- for ac_prog in cl.exe
-do
- # Extract the first word of "$ac_prog", so it can be a program name with args.
-set dummy $ac_prog; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_ac_ct_CC+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -n "$ac_ct_CC"; then
- ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
- ac_cv_prog_ac_ct_CC="$ac_prog"
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
- done
-IFS=$as_save_IFS
-
-fi
-fi
-ac_ct_CC=$ac_cv_prog_ac_ct_CC
-if test -n "$ac_ct_CC"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5
-$as_echo "$ac_ct_CC" >&6; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
- test -n "$ac_ct_CC" && break
-done
-
- if test "x$ac_ct_CC" = x; then
- CC=""
- else
- case $cross_compiling:$ac_tool_warned in
-yes:)
-{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
-$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
-ac_tool_warned=yes ;;
-esac
- CC=$ac_ct_CC
- fi
-fi
-
-fi
-
-
-test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error $? "no acceptable C compiler found in \$PATH
-See \`config.log' for more details" "$LINENO" 5; }
-
-# Provide some information about the compiler.
-$as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5
-set X $ac_compile
-ac_compiler=$2
-for ac_option in --version -v -V -qversion; do
- { { ac_try="$ac_compiler $ac_option >&5"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
- (eval "$ac_compiler $ac_option >&5") 2>conftest.err
- ac_status=$?
- if test -s conftest.err; then
- sed '10a\
-... rest of stderr output deleted ...
- 10q' conftest.err >conftest.er1
- cat conftest.er1 >&5
- fi
- rm -f conftest.er1 conftest.err
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; }
-done
-
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-ac_clean_files_save=$ac_clean_files
-ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out"
-# Try to create an executable without -o first, disregard a.out.
-# It will help us diagnose broken compilers, and finding out an intuition
-# of exeext.
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5
-$as_echo_n "checking whether the C compiler works... " >&6; }
-ac_link_default=`$as_echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'`
-
-# The possible output files:
-ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*"
-
-ac_rmfiles=
-for ac_file in $ac_files
-do
- case $ac_file in
- *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;;
- * ) ac_rmfiles="$ac_rmfiles $ac_file";;
- esac
-done
-rm -f $ac_rmfiles
-
-if { { ac_try="$ac_link_default"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
- (eval "$ac_link_default") 2>&5
- ac_status=$?
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; }; then :
- # Autoconf-2.13 could set the ac_cv_exeext variable to `no'.
-# So ignore a value of `no', otherwise this would lead to `EXEEXT = no'
-# in a Makefile. We should not override ac_cv_exeext if it was cached,
-# so that the user can short-circuit this test for compilers unknown to
-# Autoconf.
-for ac_file in $ac_files ''
-do
- test -f "$ac_file" || continue
- case $ac_file in
- *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj )
- ;;
- [ab].out )
- # We found the default executable, but exeext='' is most
- # certainly right.
- break;;
- *.* )
- if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no;
- then :; else
- ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'`
- fi
- # We set ac_cv_exeext here because the later test for it is not
- # safe: cross compilers may not add the suffix if given an `-o'
- # argument, so we may need to know it at that point already.
- # Even if this section looks crufty: it has the advantage of
- # actually working.
- break;;
- * )
- break;;
- esac
-done
-test "$ac_cv_exeext" = no && ac_cv_exeext=
-
-else
- ac_file=''
-fi
-if test -z "$ac_file"; then :
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-$as_echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error 77 "C compiler cannot create executables
-See \`config.log' for more details" "$LINENO" 5; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5
-$as_echo_n "checking for C compiler default output file name... " >&6; }
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5
-$as_echo "$ac_file" >&6; }
-ac_exeext=$ac_cv_exeext
-
-rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out
-ac_clean_files=$ac_clean_files_save
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of executables" >&5
-$as_echo_n "checking for suffix of executables... " >&6; }
-if { { ac_try="$ac_link"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
- (eval "$ac_link") 2>&5
- ac_status=$?
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; }; then :
- # If both `conftest.exe' and `conftest' are `present' (well, observable)
-# catch `conftest.exe'. For instance with Cygwin, `ls conftest' will
-# work properly (i.e., refer to `conftest.exe'), while it won't with
-# `rm'.
-for ac_file in conftest.exe conftest conftest.*; do
- test -f "$ac_file" || continue
- case $ac_file in
- *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;;
- *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'`
- break;;
- * ) break;;
- esac
-done
-else
- { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error $? "cannot compute suffix of executables: cannot compile and link
-See \`config.log' for more details" "$LINENO" 5; }
-fi
-rm -f conftest conftest$ac_cv_exeext
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5
-$as_echo "$ac_cv_exeext" >&6; }
-
-rm -f conftest.$ac_ext
-EXEEXT=$ac_cv_exeext
-ac_exeext=$EXEEXT
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#include <stdio.h>
-int
-main ()
-{
-FILE *f = fopen ("conftest.out", "w");
- return ferror (f) || fclose (f) != 0;
-
- ;
- return 0;
-}
-_ACEOF
-ac_clean_files="$ac_clean_files conftest.out"
-# Check that the compiler produces executables we can run. If not, either
-# the compiler is broken, or we cross compile.
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5
-$as_echo_n "checking whether we are cross compiling... " >&6; }
-if test "$cross_compiling" != yes; then
- { { ac_try="$ac_link"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
- (eval "$ac_link") 2>&5
- ac_status=$?
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; }
- if { ac_try='./conftest$ac_cv_exeext'
- { { case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
- (eval "$ac_try") 2>&5
- ac_status=$?
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; }; }; then
- cross_compiling=no
- else
- if test "$cross_compiling" = maybe; then
- cross_compiling=yes
- else
- { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error $? "cannot run C compiled programs.
-If you meant to cross compile, use \`--host'.
-See \`config.log' for more details" "$LINENO" 5; }
- fi
- fi
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5
-$as_echo "$cross_compiling" >&6; }
-
-rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out
-ac_clean_files=$ac_clean_files_save
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5
-$as_echo_n "checking for suffix of object files... " >&6; }
-if ${ac_cv_objext+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.o conftest.obj
-if { { ac_try="$ac_compile"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
- (eval "$ac_compile") 2>&5
- ac_status=$?
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; }; then :
- for ac_file in conftest.o conftest.obj conftest.*; do
- test -f "$ac_file" || continue;
- case $ac_file in
- *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;;
- *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'`
- break;;
- esac
-done
-else
- $as_echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error $? "cannot compute suffix of object files: cannot compile
-See \`config.log' for more details" "$LINENO" 5; }
-fi
-rm -f conftest.$ac_cv_objext conftest.$ac_ext
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5
-$as_echo "$ac_cv_objext" >&6; }
-OBJEXT=$ac_cv_objext
-ac_objext=$OBJEXT
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5
-$as_echo_n "checking whether we are using the GNU C compiler... " >&6; }
-if ${ac_cv_c_compiler_gnu+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
-#ifndef __GNUC__
- choke me
-#endif
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- ac_compiler_gnu=yes
-else
- ac_compiler_gnu=no
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-ac_cv_c_compiler_gnu=$ac_compiler_gnu
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5
-$as_echo "$ac_cv_c_compiler_gnu" >&6; }
-if test $ac_compiler_gnu = yes; then
- GCC=yes
-else
- GCC=
-fi
-ac_test_CFLAGS=${CFLAGS+set}
-ac_save_CFLAGS=$CFLAGS
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5
-$as_echo_n "checking whether $CC accepts -g... " >&6; }
-if ${ac_cv_prog_cc_g+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- ac_save_c_werror_flag=$ac_c_werror_flag
- ac_c_werror_flag=yes
- ac_cv_prog_cc_g=no
- CFLAGS="-g"
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- ac_cv_prog_cc_g=yes
-else
- CFLAGS=""
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-else
- ac_c_werror_flag=$ac_save_c_werror_flag
- CFLAGS="-g"
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- ac_cv_prog_cc_g=yes
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
- ac_c_werror_flag=$ac_save_c_werror_flag
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5
-$as_echo "$ac_cv_prog_cc_g" >&6; }
-if test "$ac_test_CFLAGS" = set; then
- CFLAGS=$ac_save_CFLAGS
-elif test $ac_cv_prog_cc_g = yes; then
- if test "$GCC" = yes; then
- CFLAGS="-g -O2"
- else
- CFLAGS="-g"
- fi
-else
- if test "$GCC" = yes; then
- CFLAGS="-O2"
- else
- CFLAGS=
- fi
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5
-$as_echo_n "checking for $CC option to accept ISO C89... " >&6; }
-if ${ac_cv_prog_cc_c89+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- ac_cv_prog_cc_c89=no
-ac_save_CC=$CC
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#include <stdarg.h>
-#include <stdio.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */
-struct buf { int x; };
-FILE * (*rcsopen) (struct buf *, struct stat *, int);
-static char *e (p, i)
- char **p;
- int i;
-{
- return p[i];
-}
-static char *f (char * (*g) (char **, int), char **p, ...)
-{
- char *s;
- va_list v;
- va_start (v,p);
- s = g (p, va_arg (v,int));
- va_end (v);
- return s;
-}
-
-/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has
- function prototypes and stuff, but not '\xHH' hex character constants.
- These don't provoke an error unfortunately, instead are silently treated
- as 'x'. The following induces an error, until -std is added to get
- proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an
- array size at least. It's necessary to write '\x00'==0 to get something
- that's true only with -std. */
-int osf4_cc_array ['\x00' == 0 ? 1 : -1];
-
-/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters
- inside strings and character constants. */
-#define FOO(x) 'x'
-int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1];
-
-int test (int i, double x);
-struct s1 {int (*f) (int a);};
-struct s2 {int (*f) (double a);};
-int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int);
-int argc;
-char **argv;
-int
-main ()
-{
-return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1];
- ;
- return 0;
-}
-_ACEOF
-for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \
- -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__"
-do
- CC="$ac_save_CC $ac_arg"
- if ac_fn_c_try_compile "$LINENO"; then :
- ac_cv_prog_cc_c89=$ac_arg
-fi
-rm -f core conftest.err conftest.$ac_objext
- test "x$ac_cv_prog_cc_c89" != "xno" && break
-done
-rm -f conftest.$ac_ext
-CC=$ac_save_CC
-
-fi
-# AC_CACHE_VAL
-case "x$ac_cv_prog_cc_c89" in
- x)
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5
-$as_echo "none needed" >&6; } ;;
- xno)
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5
-$as_echo "unsupported" >&6; } ;;
- *)
- CC="$CC $ac_cv_prog_cc_c89"
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5
-$as_echo "$ac_cv_prog_cc_c89" >&6; } ;;
-esac
-if test "x$ac_cv_prog_cc_c89" != xno; then :
-
-fi
-
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-
-
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5
-$as_echo_n "checking how to run the C preprocessor... " >&6; }
-# On Suns, sometimes $CPP names a directory.
-if test -n "$CPP" && test -d "$CPP"; then
- CPP=
-fi
-if test -z "$CPP"; then
- if ${ac_cv_prog_CPP+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- # Double quotes because CPP needs to be expanded
- for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp"
- do
- ac_preproc_ok=false
-for ac_c_preproc_warn_flag in '' yes
-do
- # Use a header file that comes with gcc, so configuring glibc
- # with a fresh cross-compiler works.
- # Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
- # <limits.h> exists even on freestanding compilers.
- # On the NeXT, cc -E runs the code through the compiler's parser,
- # not just through cpp. "Syntax error" is here to catch this case.
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#ifdef __STDC__
-# include <limits.h>
-#else
-# include <assert.h>
-#endif
- Syntax error
-_ACEOF
-if ac_fn_c_try_cpp "$LINENO"; then :
-
-else
- # Broken: fails on valid input.
-continue
-fi
-rm -f conftest.err conftest.i conftest.$ac_ext
-
- # OK, works on sane cases. Now check whether nonexistent headers
- # can be detected and how.
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#include <ac_nonexistent.h>
-_ACEOF
-if ac_fn_c_try_cpp "$LINENO"; then :
- # Broken: success on invalid input.
-continue
-else
- # Passes both tests.
-ac_preproc_ok=:
-break
-fi
-rm -f conftest.err conftest.i conftest.$ac_ext
-
-done
-# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
-rm -f conftest.i conftest.err conftest.$ac_ext
-if $ac_preproc_ok; then :
- break
-fi
-
- done
- ac_cv_prog_CPP=$CPP
-
-fi
- CPP=$ac_cv_prog_CPP
-else
- ac_cv_prog_CPP=$CPP
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5
-$as_echo "$CPP" >&6; }
-ac_preproc_ok=false
-for ac_c_preproc_warn_flag in '' yes
-do
- # Use a header file that comes with gcc, so configuring glibc
- # with a fresh cross-compiler works.
- # Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
- # <limits.h> exists even on freestanding compilers.
- # On the NeXT, cc -E runs the code through the compiler's parser,
- # not just through cpp. "Syntax error" is here to catch this case.
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#ifdef __STDC__
-# include <limits.h>
-#else
-# include <assert.h>
-#endif
- Syntax error
-_ACEOF
-if ac_fn_c_try_cpp "$LINENO"; then :
-
-else
- # Broken: fails on valid input.
-continue
-fi
-rm -f conftest.err conftest.i conftest.$ac_ext
-
- # OK, works on sane cases. Now check whether nonexistent headers
- # can be detected and how.
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#include <ac_nonexistent.h>
-_ACEOF
-if ac_fn_c_try_cpp "$LINENO"; then :
- # Broken: success on invalid input.
-continue
-else
- # Passes both tests.
-ac_preproc_ok=:
-break
-fi
-rm -f conftest.err conftest.i conftest.$ac_ext
-
-done
-# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
-rm -f conftest.i conftest.err conftest.$ac_ext
-if $ac_preproc_ok; then :
-
-else
- { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error $? "C preprocessor \"$CPP\" fails sanity check
-See \`config.log' for more details" "$LINENO" 5; }
-fi
-
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5
-$as_echo_n "checking for grep that handles long lines and -e... " >&6; }
-if ${ac_cv_path_GREP+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -z "$GREP"; then
- ac_path_GREP_found=false
- # Loop through the user's path and test for each of PROGNAME-LIST
- as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_prog in grep ggrep; do
- for ac_exec_ext in '' $ac_executable_extensions; do
- ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext"
- { test -f "$ac_path_GREP" && $as_test_x "$ac_path_GREP"; } || continue
-# Check for GNU ac_path_GREP and select it if it is found.
- # Check for GNU $ac_path_GREP
-case `"$ac_path_GREP" --version 2>&1` in
-*GNU*)
- ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;;
-*)
- ac_count=0
- $as_echo_n 0123456789 >"conftest.in"
- while :
- do
- cat "conftest.in" "conftest.in" >"conftest.tmp"
- mv "conftest.tmp" "conftest.in"
- cp "conftest.in" "conftest.nl"
- $as_echo 'GREP' >> "conftest.nl"
- "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break
- diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break
- as_fn_arith $ac_count + 1 && ac_count=$as_val
- if test $ac_count -gt ${ac_path_GREP_max-0}; then
- # Best one so far, save it but keep looking for a better one
- ac_cv_path_GREP="$ac_path_GREP"
- ac_path_GREP_max=$ac_count
- fi
- # 10*(2^10) chars as input seems more than enough
- test $ac_count -gt 10 && break
- done
- rm -f conftest.in conftest.tmp conftest.nl conftest.out;;
-esac
-
- $ac_path_GREP_found && break 3
- done
- done
- done
-IFS=$as_save_IFS
- if test -z "$ac_cv_path_GREP"; then
- as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5
- fi
-else
- ac_cv_path_GREP=$GREP
-fi
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_GREP" >&5
-$as_echo "$ac_cv_path_GREP" >&6; }
- GREP="$ac_cv_path_GREP"
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5
-$as_echo_n "checking for egrep... " >&6; }
-if ${ac_cv_path_EGREP+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if echo a | $GREP -E '(a|b)' >/dev/null 2>&1
- then ac_cv_path_EGREP="$GREP -E"
- else
- if test -z "$EGREP"; then
- ac_path_EGREP_found=false
- # Loop through the user's path and test for each of PROGNAME-LIST
- as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_prog in egrep; do
- for ac_exec_ext in '' $ac_executable_extensions; do
- ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext"
- { test -f "$ac_path_EGREP" && $as_test_x "$ac_path_EGREP"; } || continue
-# Check for GNU ac_path_EGREP and select it if it is found.
- # Check for GNU $ac_path_EGREP
-case `"$ac_path_EGREP" --version 2>&1` in
-*GNU*)
- ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;;
-*)
- ac_count=0
- $as_echo_n 0123456789 >"conftest.in"
- while :
- do
- cat "conftest.in" "conftest.in" >"conftest.tmp"
- mv "conftest.tmp" "conftest.in"
- cp "conftest.in" "conftest.nl"
- $as_echo 'EGREP' >> "conftest.nl"
- "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break
- diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break
- as_fn_arith $ac_count + 1 && ac_count=$as_val
- if test $ac_count -gt ${ac_path_EGREP_max-0}; then
- # Best one so far, save it but keep looking for a better one
- ac_cv_path_EGREP="$ac_path_EGREP"
- ac_path_EGREP_max=$ac_count
- fi
- # 10*(2^10) chars as input seems more than enough
- test $ac_count -gt 10 && break
- done
- rm -f conftest.in conftest.tmp conftest.nl conftest.out;;
-esac
-
- $ac_path_EGREP_found && break 3
- done
- done
- done
-IFS=$as_save_IFS
- if test -z "$ac_cv_path_EGREP"; then
- as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5
- fi
-else
- ac_cv_path_EGREP=$EGREP
-fi
-
- fi
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5
-$as_echo "$ac_cv_path_EGREP" >&6; }
- EGREP="$ac_cv_path_EGREP"
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5
-$as_echo_n "checking for ANSI C header files... " >&6; }
-if ${ac_cv_header_stdc+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#include <stdlib.h>
-#include <stdarg.h>
-#include <string.h>
-#include <float.h>
-
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- ac_cv_header_stdc=yes
-else
- ac_cv_header_stdc=no
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-if test $ac_cv_header_stdc = yes; then
- # SunOS 4.x string.h does not declare mem*, contrary to ANSI.
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#include <string.h>
-
-_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
- $EGREP "memchr" >/dev/null 2>&1; then :
-
-else
- ac_cv_header_stdc=no
-fi
-rm -f conftest*
-
-fi
-
-if test $ac_cv_header_stdc = yes; then
- # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI.
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#include <stdlib.h>
-
-_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
- $EGREP "free" >/dev/null 2>&1; then :
-
-else
- ac_cv_header_stdc=no
-fi
-rm -f conftest*
-
-fi
-
-if test $ac_cv_header_stdc = yes; then
- # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi.
- if test "$cross_compiling" = yes; then :
- :
-else
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#include <ctype.h>
-#include <stdlib.h>
-#if ((' ' & 0x0FF) == 0x020)
-# define ISLOWER(c) ('a' <= (c) && (c) <= 'z')
-# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c))
-#else
-# define ISLOWER(c) \
- (('a' <= (c) && (c) <= 'i') \
- || ('j' <= (c) && (c) <= 'r') \
- || ('s' <= (c) && (c) <= 'z'))
-# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c))
-#endif
-
-#define XOR(e, f) (((e) && !(f)) || (!(e) && (f)))
-int
-main ()
-{
- int i;
- for (i = 0; i < 256; i++)
- if (XOR (islower (i), ISLOWER (i))
- || toupper (i) != TOUPPER (i))
- return 2;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-
-else
- ac_cv_header_stdc=no
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
- conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-fi
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdc" >&5
-$as_echo "$ac_cv_header_stdc" >&6; }
-if test $ac_cv_header_stdc = yes; then
-
-$as_echo "#define STDC_HEADERS 1" >>confdefs.h
-
-fi
-
-# On IRIX 5.3, sys/types and inttypes.h are conflicting.
-for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \
- inttypes.h stdint.h unistd.h
-do :
- as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
-ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default
-"
-if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
- cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-
-
- ac_fn_c_check_header_mongrel "$LINENO" "minix/config.h" "ac_cv_header_minix_config_h" "$ac_includes_default"
-if test "x$ac_cv_header_minix_config_h" = xyes; then :
- MINIX=yes
-else
- MINIX=
-fi
-
-
- if test "$MINIX" = yes; then
-
-$as_echo "#define _POSIX_SOURCE 1" >>confdefs.h
-
-
-$as_echo "#define _POSIX_1_SOURCE 2" >>confdefs.h
-
-
-$as_echo "#define _MINIX 1" >>confdefs.h
-
- fi
-
-
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether it is safe to define __EXTENSIONS__" >&5
-$as_echo_n "checking whether it is safe to define __EXTENSIONS__... " >&6; }
-if ${ac_cv_safe_to_define___extensions__+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-# define __EXTENSIONS__ 1
- $ac_includes_default
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- ac_cv_safe_to_define___extensions__=yes
-else
- ac_cv_safe_to_define___extensions__=no
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_safe_to_define___extensions__" >&5
-$as_echo "$ac_cv_safe_to_define___extensions__" >&6; }
- test $ac_cv_safe_to_define___extensions__ = yes &&
- $as_echo "#define __EXTENSIONS__ 1" >>confdefs.h
-
- $as_echo "#define _ALL_SOURCE 1" >>confdefs.h
-
- $as_echo "#define _GNU_SOURCE 1" >>confdefs.h
-
- $as_echo "#define _POSIX_PTHREAD_SEMANTICS 1" >>confdefs.h
-
- $as_echo "#define _TANDEM_SOURCE 1" >>confdefs.h
-
-
-
-# Checks for programs.
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-if test -n "$ac_tool_prefix"; then
- # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args.
-set dummy ${ac_tool_prefix}gcc; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_CC+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
- ac_cv_prog_CC="${ac_tool_prefix}gcc"
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
- done
-IFS=$as_save_IFS
-
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
-$as_echo "$CC" >&6; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-fi
-if test -z "$ac_cv_prog_CC"; then
- ac_ct_CC=$CC
- # Extract the first word of "gcc", so it can be a program name with args.
-set dummy gcc; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_ac_ct_CC+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -n "$ac_ct_CC"; then
- ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
- ac_cv_prog_ac_ct_CC="gcc"
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
- done
-IFS=$as_save_IFS
-
-fi
-fi
-ac_ct_CC=$ac_cv_prog_ac_ct_CC
-if test -n "$ac_ct_CC"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5
-$as_echo "$ac_ct_CC" >&6; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
- if test "x$ac_ct_CC" = x; then
- CC=""
- else
- case $cross_compiling:$ac_tool_warned in
-yes:)
-{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
-$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
-ac_tool_warned=yes ;;
-esac
- CC=$ac_ct_CC
- fi
-else
- CC="$ac_cv_prog_CC"
-fi
-
-if test -z "$CC"; then
- if test -n "$ac_tool_prefix"; then
- # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args.
-set dummy ${ac_tool_prefix}cc; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_CC+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
- ac_cv_prog_CC="${ac_tool_prefix}cc"
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
- done
-IFS=$as_save_IFS
-
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
-$as_echo "$CC" >&6; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
- fi
-fi
-if test -z "$CC"; then
- # Extract the first word of "cc", so it can be a program name with args.
-set dummy cc; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_CC+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
-else
- ac_prog_rejected=no
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
- if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then
- ac_prog_rejected=yes
- continue
- fi
- ac_cv_prog_CC="cc"
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
- done
-IFS=$as_save_IFS
-
-if test $ac_prog_rejected = yes; then
- # We found a bogon in the path, so make sure we never use it.
- set dummy $ac_cv_prog_CC
- shift
- if test $# != 0; then
- # We chose a different compiler from the bogus one.
- # However, it has the same basename, so the bogon will be chosen
- # first if we set CC to just the basename; use the full file name.
- shift
- ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@"
- fi
-fi
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
-$as_echo "$CC" >&6; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-fi
-if test -z "$CC"; then
- if test -n "$ac_tool_prefix"; then
- for ac_prog in cl.exe
- do
- # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
-set dummy $ac_tool_prefix$ac_prog; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_CC+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
- ac_cv_prog_CC="$ac_tool_prefix$ac_prog"
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
- done
-IFS=$as_save_IFS
-
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
-$as_echo "$CC" >&6; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
- test -n "$CC" && break
- done
-fi
-if test -z "$CC"; then
- ac_ct_CC=$CC
- for ac_prog in cl.exe
-do
- # Extract the first word of "$ac_prog", so it can be a program name with args.
-set dummy $ac_prog; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_ac_ct_CC+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -n "$ac_ct_CC"; then
- ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
- ac_cv_prog_ac_ct_CC="$ac_prog"
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
- done
-IFS=$as_save_IFS
-
-fi
-fi
-ac_ct_CC=$ac_cv_prog_ac_ct_CC
-if test -n "$ac_ct_CC"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5
-$as_echo "$ac_ct_CC" >&6; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
- test -n "$ac_ct_CC" && break
-done
-
- if test "x$ac_ct_CC" = x; then
- CC=""
- else
- case $cross_compiling:$ac_tool_warned in
-yes:)
-{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
-$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
-ac_tool_warned=yes ;;
-esac
- CC=$ac_ct_CC
- fi
-fi
-
-fi
-
-
-test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error $? "no acceptable C compiler found in \$PATH
-See \`config.log' for more details" "$LINENO" 5; }
-
-# Provide some information about the compiler.
-$as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5
-set X $ac_compile
-ac_compiler=$2
-for ac_option in --version -v -V -qversion; do
- { { ac_try="$ac_compiler $ac_option >&5"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
- (eval "$ac_compiler $ac_option >&5") 2>conftest.err
- ac_status=$?
- if test -s conftest.err; then
- sed '10a\
-... rest of stderr output deleted ...
- 10q' conftest.err >conftest.er1
- cat conftest.er1 >&5
- fi
- rm -f conftest.er1 conftest.err
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; }
-done
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5
-$as_echo_n "checking whether we are using the GNU C compiler... " >&6; }
-if ${ac_cv_c_compiler_gnu+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
-#ifndef __GNUC__
- choke me
-#endif
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- ac_compiler_gnu=yes
-else
- ac_compiler_gnu=no
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-ac_cv_c_compiler_gnu=$ac_compiler_gnu
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5
-$as_echo "$ac_cv_c_compiler_gnu" >&6; }
-if test $ac_compiler_gnu = yes; then
- GCC=yes
-else
- GCC=
-fi
-ac_test_CFLAGS=${CFLAGS+set}
-ac_save_CFLAGS=$CFLAGS
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5
-$as_echo_n "checking whether $CC accepts -g... " >&6; }
-if ${ac_cv_prog_cc_g+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- ac_save_c_werror_flag=$ac_c_werror_flag
- ac_c_werror_flag=yes
- ac_cv_prog_cc_g=no
- CFLAGS="-g"
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- ac_cv_prog_cc_g=yes
-else
- CFLAGS=""
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-else
- ac_c_werror_flag=$ac_save_c_werror_flag
- CFLAGS="-g"
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- ac_cv_prog_cc_g=yes
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
- ac_c_werror_flag=$ac_save_c_werror_flag
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5
-$as_echo "$ac_cv_prog_cc_g" >&6; }
-if test "$ac_test_CFLAGS" = set; then
- CFLAGS=$ac_save_CFLAGS
-elif test $ac_cv_prog_cc_g = yes; then
- if test "$GCC" = yes; then
- CFLAGS="-g -O2"
- else
- CFLAGS="-g"
- fi
-else
- if test "$GCC" = yes; then
- CFLAGS="-O2"
- else
- CFLAGS=
- fi
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5
-$as_echo_n "checking for $CC option to accept ISO C89... " >&6; }
-if ${ac_cv_prog_cc_c89+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- ac_cv_prog_cc_c89=no
-ac_save_CC=$CC
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#include <stdarg.h>
-#include <stdio.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */
-struct buf { int x; };
-FILE * (*rcsopen) (struct buf *, struct stat *, int);
-static char *e (p, i)
- char **p;
- int i;
-{
- return p[i];
-}
-static char *f (char * (*g) (char **, int), char **p, ...)
-{
- char *s;
- va_list v;
- va_start (v,p);
- s = g (p, va_arg (v,int));
- va_end (v);
- return s;
-}
-
-/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has
- function prototypes and stuff, but not '\xHH' hex character constants.
- These don't provoke an error unfortunately, instead are silently treated
- as 'x'. The following induces an error, until -std is added to get
- proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an
- array size at least. It's necessary to write '\x00'==0 to get something
- that's true only with -std. */
-int osf4_cc_array ['\x00' == 0 ? 1 : -1];
-
-/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters
- inside strings and character constants. */
-#define FOO(x) 'x'
-int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1];
-
-int test (int i, double x);
-struct s1 {int (*f) (int a);};
-struct s2 {int (*f) (double a);};
-int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int);
-int argc;
-char **argv;
-int
-main ()
-{
-return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1];
- ;
- return 0;
-}
-_ACEOF
-for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \
- -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__"
-do
- CC="$ac_save_CC $ac_arg"
- if ac_fn_c_try_compile "$LINENO"; then :
- ac_cv_prog_cc_c89=$ac_arg
-fi
-rm -f core conftest.err conftest.$ac_objext
- test "x$ac_cv_prog_cc_c89" != "xno" && break
-done
-rm -f conftest.$ac_ext
-CC=$ac_save_CC
-
-fi
-# AC_CACHE_VAL
-case "x$ac_cv_prog_cc_c89" in
- x)
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5
-$as_echo "none needed" >&6; } ;;
- xno)
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5
-$as_echo "unsupported" >&6; } ;;
- *)
- CC="$CC $ac_cv_prog_cc_c89"
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5
-$as_echo "$ac_cv_prog_cc_c89" >&6; } ;;
-esac
-if test "x$ac_cv_prog_cc_c89" != xno; then :
-
-fi
-
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} sets \$(MAKE)" >&5
-$as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; }
-set x ${MAKE-make}
-ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'`
-if eval \${ac_cv_prog_make_${ac_make}_set+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- cat >conftest.make <<\_ACEOF
-SHELL = /bin/sh
-all:
- @echo '@@@%%%=$(MAKE)=@@@%%%'
-_ACEOF
-# GNU make sometimes prints "make[1]: Entering ...", which would confuse us.
-case `${MAKE-make} -f conftest.make 2>/dev/null` in
- *@@@%%%=?*=@@@%%%*)
- eval ac_cv_prog_make_${ac_make}_set=yes;;
- *)
- eval ac_cv_prog_make_${ac_make}_set=no;;
-esac
-rm -f conftest.make
-fi
-if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
- SET_MAKE=
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
- SET_MAKE="MAKE=${MAKE-make}"
-fi
-
-for ac_prog in glibtool libtool15 libtool
-do
- # Extract the first word of "$ac_prog", so it can be a program name with args.
-set dummy $ac_prog; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_libtool+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -n "$libtool"; then
- ac_cv_prog_libtool="$libtool" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
- ac_cv_prog_libtool="$ac_prog"
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
- done
-IFS=$as_save_IFS
-
-fi
-fi
-libtool=$ac_cv_prog_libtool
-if test -n "$libtool"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $libtool" >&5
-$as_echo "$libtool" >&6; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
- test -n "$libtool" && break
-done
-test -n "$libtool" || libtool="../libtool"
-
-
-# add option to disable the evil rpath
-# Check whether --enable-rpath was given.
-if test "${enable_rpath+set}" = set; then :
- enableval=$enable_rpath; enable_rpath=$enableval
-else
- enable_rpath=yes
-fi
-
-
-if test "x$enable_rpath" = xyes; then
- RPATH_VAL="-Wl,-rpath=\${libdir}"
-fi
-
-
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC supports -std=c99" >&5
-$as_echo_n "checking whether $CC supports -std=c99... " >&6; }
-cache=`echo std=c99 | sed 'y%.=/+-%___p_%'`
-if eval \${cv_prog_cc_flag_$cache+:} false; then :
- $as_echo_n "(cached) " >&6
-else
-
-echo 'void f(){}' >conftest.c
-if test -z "`$CC $CPPFLAGS $CFLAGS -std=c99 -c conftest.c 2>&1`"; then
-eval "cv_prog_cc_flag_$cache=yes"
-else
-eval "cv_prog_cc_flag_$cache=no"
-fi
-rm -f conftest conftest.o conftest.c
-
-fi
-
-if eval "test \"`echo '$cv_prog_cc_flag_'$cache`\" = yes"; then
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-:
-C99FLAG="-std=c99"
-else
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-:
-
-fi
-
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC supports -xc99" >&5
-$as_echo_n "checking whether $CC supports -xc99... " >&6; }
-cache=`echo xc99 | sed 'y%.=/+-%___p_%'`
-if eval \${cv_prog_cc_flag_$cache+:} false; then :
- $as_echo_n "(cached) " >&6
-else
-
-echo 'void f(){}' >conftest.c
-if test -z "`$CC $CPPFLAGS $CFLAGS -xc99 -c conftest.c 2>&1`"; then
-eval "cv_prog_cc_flag_$cache=yes"
-else
-eval "cv_prog_cc_flag_$cache=no"
-fi
-rm -f conftest conftest.o conftest.c
-
-fi
-
-if eval "test \"`echo '$cv_prog_cc_flag_'$cache`\" = yes"; then
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-:
-C99FLAG="-xc99"
-else
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-:
-
-fi
-
-
-ac_fn_c_check_type "$LINENO" "size_t" "ac_cv_type_size_t" "$ac_includes_default"
-if test "x$ac_cv_type_size_t" = xyes; then :
-
-else
-
-cat >>confdefs.h <<_ACEOF
-#define size_t unsigned int
-_ACEOF
-
-fi
-
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC supports -O2" >&5
-$as_echo_n "checking whether $CC supports -O2... " >&6; }
-cache=`echo O2 | sed 'y%.=/+-%___p_%'`
-if eval \${cv_prog_cc_flag_$cache+:} false; then :
- $as_echo_n "(cached) " >&6
-else
-
-echo 'void f(){}' >conftest.c
-if test -z "`$CC $CPPFLAGS $CFLAGS -O2 -c conftest.c 2>&1`"; then
-eval "cv_prog_cc_flag_$cache=yes"
-else
-eval "cv_prog_cc_flag_$cache=no"
-fi
-rm -f conftest conftest.o conftest.c
-
-fi
-
-if eval "test \"`echo '$cv_prog_cc_flag_'$cache`\" = yes"; then
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-:
-CFLAGS="$CFLAGS -O2"
-else
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-:
-
-fi
-
-
-
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC supports -Werror" >&5
-$as_echo_n "checking whether $CC supports -Werror... " >&6; }
-cache=`echo Werror | sed 'y%.=/+-%___p_%'`
-if eval \${cv_prog_cc_flag_$cache+:} false; then :
- $as_echo_n "(cached) " >&6
-else
-
-echo 'void f(){}' >conftest.c
-if test -z "`$CC $CPPFLAGS $CFLAGS -Werror -c conftest.c 2>&1`"; then
-eval "cv_prog_cc_flag_$cache=yes"
-else
-eval "cv_prog_cc_flag_$cache=no"
-fi
-rm -f conftest conftest.o conftest.c
-
-fi
-
-if eval "test \"`echo '$cv_prog_cc_flag_'$cache`\" = yes"; then
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-:
-ERRFLAG="-Werror"
-else
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-:
-ERRFLAG="-errwarn"
-fi
-
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC supports -Wall" >&5
-$as_echo_n "checking whether $CC supports -Wall... " >&6; }
-cache=`echo Wall | sed 'y%.=/+-%___p_%'`
-if eval \${cv_prog_cc_flag_$cache+:} false; then :
- $as_echo_n "(cached) " >&6
-else
-
-echo 'void f(){}' >conftest.c
-if test -z "`$CC $CPPFLAGS $CFLAGS -Wall -c conftest.c 2>&1`"; then
-eval "cv_prog_cc_flag_$cache=yes"
-else
-eval "cv_prog_cc_flag_$cache=no"
-fi
-rm -f conftest conftest.o conftest.c
-
-fi
-
-if eval "test \"`echo '$cv_prog_cc_flag_'$cache`\" = yes"; then
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-:
-ERRFLAG="$ERRFLAG -Wall"
-else
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-:
-ERRFLAG="$ERRFLAG -errfmt"
-fi
-
-
-
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we need $C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 as a flag for $CC" >&5
-$as_echo_n "checking whether we need $C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 as a flag for $CC... " >&6; }
-cache=`$as_echo "$C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600" | $as_tr_sh`
-if eval \${cv_prog_cc_flag_needed_$cache+:} false; then :
- $as_echo_n "(cached) " >&6
-else
-
-echo '
-#include "confdefs.h"
-#include <stdlib.h>
-#include <ctype.h>
-#include <sys/time.h>
-#ifdef HAVE_TIME_H
-#include <time.h>
-#endif
-#include <unistd.h>
-#ifdef HAVE_GETOPT_H
-#include <getopt.h>
-#endif
-
-int test() {
- int a;
- char **opts = NULL;
- struct timeval tv;
- char *t;
- time_t time = 0;
- char *buf = NULL;
- t = ctime_r(&time, buf);
- tv.tv_usec = 10;
- srandom(32);
- a = getopt(2, opts, "a");
- a = isascii(32);
- return a;
-}
-' > conftest.c
-echo 'void f(){}' >>conftest.c
-if test -z "`$CC $CPPFLAGS $CFLAGS $ERRFLAG -c conftest.c 2>&1`"; then
-eval "cv_prog_cc_flag_needed_$cache=no"
-else
-
-if test -z "`$CC $CPPFLAGS $CFLAGS $C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 $ERRFLAG -c conftest.c 2>&1`"; then
-eval "cv_prog_cc_flag_needed_$cache=yes"
-else
-eval "cv_prog_cc_flag_needed_$cache=fail"
-#echo 'Test with flag fails too!'
-#cat conftest.c
-#echo "$CC $CPPFLAGS $CFLAGS $C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 $ERRFLAG -c conftest.c 2>&1"
-#echo `$CC $CPPFLAGS $CFLAGS $C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 $ERRFLAG -c conftest.c 2>&1`
-#exit 1
-fi
-
-fi
-rm -f conftest conftest.c conftest.o
-
-fi
-
-if eval "test \"`echo '$cv_prog_cc_flag_needed_'$cache`\" = yes"; then
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-:
-CFLAGS="$CFLAGS $C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600"
-else
-if eval "test \"`echo '$cv_prog_cc_flag_needed_'$cache`\" = no"; then
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-#echo 'Test with flag is no!'
-#cat conftest.c
-#echo "$CC $CPPFLAGS $CFLAGS $C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 $ERRFLAG -c conftest.c 2>&1"
-#echo `$CC $CPPFLAGS $CFLAGS $C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 $ERRFLAG -c conftest.c 2>&1`
-#exit 1
-:
-
-else
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: failed" >&5
-$as_echo "failed" >&6; }
-:
-
-fi
-fi
-
-
-
-
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we need $C99FLAG as a flag for $CC" >&5
-$as_echo_n "checking whether we need $C99FLAG as a flag for $CC... " >&6; }
-cache=`$as_echo "$C99FLAG" | $as_tr_sh`
-if eval \${cv_prog_cc_flag_needed_$cache+:} false; then :
- $as_echo_n "(cached) " >&6
-else
-
-echo '#include <stdbool.h>' > conftest.c
-echo 'void f(){}' >>conftest.c
-if test -z "`$CC $CPPFLAGS $CFLAGS $ERRFLAG -c conftest.c 2>&1`"; then
-eval "cv_prog_cc_flag_needed_$cache=no"
-else
-
-if test -z "`$CC $CPPFLAGS $CFLAGS $C99FLAG $ERRFLAG -c conftest.c 2>&1`"; then
-eval "cv_prog_cc_flag_needed_$cache=yes"
-else
-eval "cv_prog_cc_flag_needed_$cache=fail"
-#echo 'Test with flag fails too!'
-#cat conftest.c
-#echo "$CC $CPPFLAGS $CFLAGS $C99FLAG $ERRFLAG -c conftest.c 2>&1"
-#echo `$CC $CPPFLAGS $CFLAGS $C99FLAG $ERRFLAG -c conftest.c 2>&1`
-#exit 1
-fi
-
-fi
-rm -f conftest conftest.c conftest.o
-
-fi
-
-if eval "test \"`echo '$cv_prog_cc_flag_needed_'$cache`\" = yes"; then
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-:
-CFLAGS="$CFLAGS $C99FLAG"
-else
-if eval "test \"`echo '$cv_prog_cc_flag_needed_'$cache`\" = no"; then
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-#echo 'Test with flag is no!'
-#cat conftest.c
-#echo "$CC $CPPFLAGS $CFLAGS $C99FLAG $ERRFLAG -c conftest.c 2>&1"
-#echo `$CC $CPPFLAGS $CFLAGS $C99FLAG $ERRFLAG -c conftest.c 2>&1`
-#exit 1
-:
-
-else
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: failed" >&5
-$as_echo "failed" >&6; }
-:
-
-fi
-fi
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for inline" >&5
-$as_echo_n "checking for inline... " >&6; }
-if ${ac_cv_c_inline+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- ac_cv_c_inline=no
-for ac_kw in inline __inline__ __inline; do
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#ifndef __cplusplus
-typedef int foo_t;
-static $ac_kw foo_t static_foo () {return 0; }
-$ac_kw foo_t foo () {return 0; }
-#endif
-
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- ac_cv_c_inline=$ac_kw
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
- test "$ac_cv_c_inline" != no && break
-done
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_inline" >&5
-$as_echo "$ac_cv_c_inline" >&6; }
-
-case $ac_cv_c_inline in
- inline | yes) ;;
- *)
- case $ac_cv_c_inline in
- no) ac_val=;;
- *) ac_val=$ac_cv_c_inline;;
- esac
- cat >>confdefs.h <<_ACEOF
-#ifndef __cplusplus
-#define inline $ac_val
-#endif
-_ACEOF
- ;;
-esac
-
-ac_fn_c_check_type "$LINENO" "int8_t" "ac_cv_type_int8_t" "$ac_includes_default"
-if test "x$ac_cv_type_int8_t" = xyes; then :
-
-else
-
-cat >>confdefs.h <<_ACEOF
-#define int8_t char
-_ACEOF
-
-fi
-
-ac_fn_c_check_type "$LINENO" "int16_t" "ac_cv_type_int16_t" "$ac_includes_default"
-if test "x$ac_cv_type_int16_t" = xyes; then :
-
-else
-
-cat >>confdefs.h <<_ACEOF
-#define int16_t short
-_ACEOF
-
-fi
-
-ac_fn_c_check_type "$LINENO" "int32_t" "ac_cv_type_int32_t" "$ac_includes_default"
-if test "x$ac_cv_type_int32_t" = xyes; then :
-
-else
-
-cat >>confdefs.h <<_ACEOF
-#define int32_t int
-_ACEOF
-
-fi
-
-ac_fn_c_check_type "$LINENO" "int64_t" "ac_cv_type_int64_t" "$ac_includes_default"
-if test "x$ac_cv_type_int64_t" = xyes; then :
-
-else
-
-cat >>confdefs.h <<_ACEOF
-#define int64_t long long
-_ACEOF
-
-fi
-
-ac_fn_c_check_type "$LINENO" "uint8_t" "ac_cv_type_uint8_t" "$ac_includes_default"
-if test "x$ac_cv_type_uint8_t" = xyes; then :
-
-else
-
-cat >>confdefs.h <<_ACEOF
-#define uint8_t unsigned char
-_ACEOF
-
-fi
-
-ac_fn_c_check_type "$LINENO" "uint16_t" "ac_cv_type_uint16_t" "$ac_includes_default"
-if test "x$ac_cv_type_uint16_t" = xyes; then :
-
-else
-
-cat >>confdefs.h <<_ACEOF
-#define uint16_t unsigned short
-_ACEOF
-
-fi
-
-ac_fn_c_check_type "$LINENO" "uint32_t" "ac_cv_type_uint32_t" "$ac_includes_default"
-if test "x$ac_cv_type_uint32_t" = xyes; then :
-
-else
-
-cat >>confdefs.h <<_ACEOF
-#define uint32_t unsigned int
-_ACEOF
-
-fi
-
-ac_fn_c_check_type "$LINENO" "uint64_t" "ac_cv_type_uint64_t" "$ac_includes_default"
-if test "x$ac_cv_type_uint64_t" = xyes; then :
-
-else
-
-cat >>confdefs.h <<_ACEOF
-#define uint64_t unsigned long long
-_ACEOF
-
-fi
-
-ac_fn_c_check_type "$LINENO" "ssize_t" "ac_cv_type_ssize_t" "$ac_includes_default"
-if test "x$ac_cv_type_ssize_t" = xyes; then :
-
-else
-
-cat >>confdefs.h <<_ACEOF
-#define ssize_t int
-_ACEOF
-
-fi
-
-
-for ac_header in sys/types.h getopt.h stdlib.h stdio.h assert.h netinet/in.h ctype.h time.h arpa/inet.h sys/time.h sys/socket.h sys/select.h
-do :
- as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
-ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default
-"
-if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
- cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-for ac_header in netinet/in_systm.h net/if.h netinet/ip.h netinet/udp.h netinet/if_ether.h netinet/ip6.h
-do :
- as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
-ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "
-$ac_includes_default
-#ifdef HAVE_NETINET_IN_SYSTM_H
-#include <netinet/in_systm.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_NET_IF_H
-#include <net/if.h>
-#endif
-"
-if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
- cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-# MinGW32 tests
-for ac_header in winsock2.h ws2tcpip.h
-do :
- as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
-ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default
-"
-if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
- cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-
-
-ac_fn_c_check_type "$LINENO" "socklen_t" "ac_cv_type_socklen_t" "
-$ac_includes_default
-#ifdef HAVE_SYS_SOCKET_H
-# include <sys/socket.h>
-#endif
-#ifdef HAVE_WS2TCPIP_H
-# include <ws2tcpip.h>
-#endif
-
-"
-if test "x$ac_cv_type_socklen_t" = xyes; then :
-
-else
-
-$as_echo "#define socklen_t int" >>confdefs.h
-
-fi
-
-for ac_header in sys/param.h sys/mount.h
-do :
- as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
-ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default
-
-
- #if HAVE_SYS_PARAM_H
- # include <sys/param.h>
- #endif
-
-
-"
-if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
- cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-ac_fn_c_check_type "$LINENO" "in_addr_t" "ac_cv_type_in_addr_t" "
-#if HAVE_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#if HAVE_NETINET_IN_H
-# include <netinet/in.h>
-#endif
-"
-if test "x$ac_cv_type_in_addr_t" = xyes; then :
-
-else
-
-$as_echo "#define in_addr_t uint32_t" >>confdefs.h
-
-fi
-
-ac_fn_c_check_type "$LINENO" "in_port_t" "ac_cv_type_in_port_t" "
-#if HAVE_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#if HAVE_NETINET_IN_H
-# include <netinet/in.h>
-#endif
-"
-if test "x$ac_cv_type_in_port_t" = xyes; then :
-
-else
-
-$as_echo "#define in_port_t uint16_t" >>confdefs.h
-
-fi
-
-
-# check to see if libraries are needed for these functions.
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing socket" >&5
-$as_echo_n "checking for library containing socket... " >&6; }
-if ${ac_cv_search_socket+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-/* Override any GCC internal prototype to avoid an error.
- Use char because int might match the return type of a GCC
- builtin and then its argument prototype would still apply. */
-#ifdef __cplusplus
-extern "C"
-#endif
-char socket ();
-int
-main ()
-{
-return socket ();
- ;
- return 0;
-}
-_ACEOF
-for ac_lib in '' socket; do
- if test -z "$ac_lib"; then
- ac_res="none required"
- else
- ac_res=-l$ac_lib
- LIBS="-l$ac_lib $ac_func_search_save_LIBS"
- fi
- if ac_fn_c_try_link "$LINENO"; then :
- ac_cv_search_socket=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
- conftest$ac_exeext
- if ${ac_cv_search_socket+:} false; then :
- break
-fi
-done
-if ${ac_cv_search_socket+:} false; then :
-
-else
- ac_cv_search_socket=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_socket" >&5
-$as_echo "$ac_cv_search_socket" >&6; }
-ac_res=$ac_cv_search_socket
-if test "$ac_res" != no; then :
- test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing inet_pton" >&5
-$as_echo_n "checking for library containing inet_pton... " >&6; }
-if ${ac_cv_search_inet_pton+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-/* Override any GCC internal prototype to avoid an error.
- Use char because int might match the return type of a GCC
- builtin and then its argument prototype would still apply. */
-#ifdef __cplusplus
-extern "C"
-#endif
-char inet_pton ();
-int
-main ()
-{
-return inet_pton ();
- ;
- return 0;
-}
-_ACEOF
-for ac_lib in '' nsl; do
- if test -z "$ac_lib"; then
- ac_res="none required"
- else
- ac_res=-l$ac_lib
- LIBS="-l$ac_lib $ac_func_search_save_LIBS"
- fi
- if ac_fn_c_try_link "$LINENO"; then :
- ac_cv_search_inet_pton=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
- conftest$ac_exeext
- if ${ac_cv_search_inet_pton+:} false; then :
- break
-fi
-done
-if ${ac_cv_search_inet_pton+:} false; then :
-
-else
- ac_cv_search_inet_pton=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_inet_pton" >&5
-$as_echo "$ac_cv_search_inet_pton" >&6; }
-ac_res=$ac_cv_search_inet_pton
-if test "$ac_res" != no; then :
- test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-fi
-
-
-
-
-# Check whether --with-ssl was given.
-if test "${with_ssl+set}" = set; then :
- withval=$with_ssl;
-
-else
-
- withval="yes"
-
-fi
-
-
- withval=$withval
- if test x_$withval != x_no; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for SSL" >&5
-$as_echo_n "checking for SSL... " >&6; }
- if test x_$withval = x_ -o x_$withval = x_yes; then
- withval="/usr/local/ssl /usr/lib/ssl /usr/ssl /usr/pkg /usr/local /opt/local /usr/sfw /usr"
- fi
- for dir in $withval; do
- ssldir="$dir"
- if test -f "$dir/include/openssl/ssl.h"; then
- found_ssl="yes"
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_SSL /**/
-_ACEOF
-
- if test "$ssldir" != "/usr"; then
- CPPFLAGS="$CPPFLAGS -I$ssldir/include"
- LIBSSL_CPPFLAGS="$LIBSSL_CPPFLAGS -I$ssldir/include"
- fi
- break;
- fi
- done
- if test x_$found_ssl != x_yes; then
- as_fn_error $? "Cannot find the SSL libraries in $withval" "$LINENO" 5
- else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: found in $ssldir" >&5
-$as_echo "found in $ssldir" >&6; }
- HAVE_SSL=yes
- if test "$ssldir" != "/usr" -a "$ssldir" != ""; then
- LDFLAGS="$LDFLAGS -L$ssldir/lib"
- LIBSSL_LDFLAGS="$LIBSSL_LDFLAGS -L$ssldir/lib"
-
- if test "x$enable_rpath" = xyes; then
- if echo "$ssldir/lib" | grep "^/" >/dev/null; then
- RUNTIME_PATH="$RUNTIME_PATH -R$ssldir/lib"
- fi
- fi
-
- fi
-
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for HMAC_CTX_init in -lcrypto" >&5
-$as_echo_n "checking for HMAC_CTX_init in -lcrypto... " >&6; }
- LIBS="$LIBS -lcrypto"
- LIBSSL_LIBS="$LIBSSL_LIBS -lcrypto"
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
-
- int HMAC_CTX_init(void);
- (void)HMAC_CTX_init();
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-$as_echo "#define HAVE_HMAC_CTX_INIT 1" >>confdefs.h
-
-
-else
-
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
- # check if -lwsock32 or -lgdi32 are needed.
- BAKLIBS="$LIBS"
- BAKSSLLIBS="$LIBSSL_LIBS"
- LIBS="$LIBS -lgdi32"
- LIBSSL_LIBS="$LIBSSL_LIBS -lgdi32"
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking if -lcrypto needs -lgdi32" >&5
-$as_echo_n "checking if -lcrypto needs -lgdi32... " >&6; }
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
-
- int HMAC_CTX_init(void);
- (void)HMAC_CTX_init();
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-
-
-$as_echo "#define HAVE_HMAC_CTX_INIT 1" >>confdefs.h
-
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-else
-
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
- LIBS="$BAKLIBS"
- LIBSSL_LIBS="$BAKSSLLIBS"
- LIBS="$LIBS -ldl"
- LIBSSL_LIBS="$LIBSSL_LIBS -ldl"
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking if -lcrypto needs -ldl" >&5
-$as_echo_n "checking if -lcrypto needs -ldl... " >&6; }
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
-
- int HMAC_CTX_init(void);
- (void)HMAC_CTX_init();
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-
-
-$as_echo "#define HAVE_HMAC_CTX_INIT 1" >>confdefs.h
-
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-else
-
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
- as_fn_error $? "OpenSSL found in $ssldir, but version 0.9.7 or higher is required" "$LINENO" 5
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
- fi
-
-
- # openssl engine functionality needs dlopen().
- BAKLIBS="$LIBS"
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing dlopen" >&5
-$as_echo_n "checking for library containing dlopen... " >&6; }
-if ${ac_cv_search_dlopen+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-/* Override any GCC internal prototype to avoid an error.
- Use char because int might match the return type of a GCC
- builtin and then its argument prototype would still apply. */
-#ifdef __cplusplus
-extern "C"
-#endif
-char dlopen ();
-int
-main ()
-{
-return dlopen ();
- ;
- return 0;
-}
-_ACEOF
-for ac_lib in '' dl; do
- if test -z "$ac_lib"; then
- ac_res="none required"
- else
- ac_res=-l$ac_lib
- LIBS="-l$ac_lib $ac_func_search_save_LIBS"
- fi
- if ac_fn_c_try_link "$LINENO"; then :
- ac_cv_search_dlopen=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
- conftest$ac_exeext
- if ${ac_cv_search_dlopen+:} false; then :
- break
-fi
-done
-if ${ac_cv_search_dlopen+:} false; then :
-
-else
- ac_cv_search_dlopen=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_dlopen" >&5
-$as_echo "$ac_cv_search_dlopen" >&6; }
-ac_res=$ac_cv_search_dlopen
-if test "$ac_res" != no; then :
- test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-fi
-
- if test "$LIBS" != "$BAKLIBS"; then
- LIBSSL_LIBS="$LIBSSL_LIBS -ldl"
- fi
- fi
-for ac_header in openssl/ssl.h
-do :
- ac_fn_c_check_header_compile "$LINENO" "openssl/ssl.h" "ac_cv_header_openssl_ssl_h" "$ac_includes_default
-"
-if test "x$ac_cv_header_openssl_ssl_h" = xyes; then :
- cat >>confdefs.h <<_ACEOF
-#define HAVE_OPENSSL_SSL_H 1
-_ACEOF
-
-fi
-
-done
-
-for ac_header in openssl/err.h
-do :
- ac_fn_c_check_header_compile "$LINENO" "openssl/err.h" "ac_cv_header_openssl_err_h" "$ac_includes_default
-"
-if test "x$ac_cv_header_openssl_err_h" = xyes; then :
- cat >>confdefs.h <<_ACEOF
-#define HAVE_OPENSSL_ERR_H 1
-_ACEOF
-
-fi
-
-done
-
-for ac_header in openssl/rand.h
-do :
- ac_fn_c_check_header_compile "$LINENO" "openssl/rand.h" "ac_cv_header_openssl_rand_h" "$ac_includes_default
-"
-if test "x$ac_cv_header_openssl_rand_h" = xyes; then :
- cat >>confdefs.h <<_ACEOF
-#define HAVE_OPENSSL_RAND_H 1
-_ACEOF
-
-fi
-
-done
-
-
-
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for getaddrinfo" >&5
-$as_echo_n "checking for getaddrinfo... " >&6; }
-ac_cv_func_getaddrinfo=no
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-#ifdef __cplusplus
-extern "C"
-{
-#endif
-char* getaddrinfo();
-char* (*f) () = getaddrinfo;
-#ifdef __cplusplus
-}
-#endif
-int main() {
- ;
- return 0;
-}
-
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
- ac_cv_func_getaddrinfo="yes"
-else
- ORIGLIBS="$LIBS"
-LIBS="$LIBS -lws2_32"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-#ifdef HAVE_WS2TCPIP_H
-#include <ws2tcpip.h>
-#endif
-
-int
-main ()
-{
-
- (void)getaddrinfo(NULL, NULL, NULL, NULL);
-
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-
-ac_cv_func_getaddrinfo="yes"
-
-$as_echo "#define USE_WINSOCK 1" >>confdefs.h
-
-USE_WINSOCK="1"
-
-else
-
-ac_cv_func_getaddrinfo="no"
-LIBS="$ORIGLIBS"
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_getaddrinfo" >&5
-$as_echo "$ac_cv_func_getaddrinfo" >&6; }
-if test $ac_cv_func_getaddrinfo = yes; then
-
-$as_echo "#define HAVE_GETADDRINFO 1" >>confdefs.h
-
-fi
-
-
-LIBS_STC="$LIBS"
-
-
-# check for ldns
-
-# Check whether --with-ldns was given.
-if test "${with_ldns+set}" = set; then :
- withval=$with_ldns;
- specialldnsdir="$withval"
- CPPFLAGS="$CPPFLAGS -I$withval/include"
- LDFLAGS="-L$withval -L$withval/lib $LDFLAGS"
- LDNSDIR="$withval"
- LIBS="-lldns $LIBS"
- LIBS_STC="$withval/lib/libldns.a $LIBS_STC"
-
-
-fi
-
-
-#AC_CHECK_HEADER(ldns/ldns.h,, [
-# AC_MSG_ERROR([Can't find ldns headers (make copy-headers in devel source.)])
-# ], [AC_INCLUDES_DEFAULT]
-#)
-
-for ac_func in isblank
-do :
- ac_fn_c_check_func "$LINENO" "isblank" "ac_cv_func_isblank"
-if test "x$ac_cv_func_isblank" = xyes; then :
- cat >>confdefs.h <<_ACEOF
-#define HAVE_ISBLANK 1
-_ACEOF
-
-fi
-done
-
-
-# check for ldns development source tree
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ldns devel source" >&5
-$as_echo_n "checking for ldns devel source... " >&6; }
-ldns_dev_dir=..
-if test -f $ldns_dev_dir/ldns/util.h && \
- grep LDNS_VERSION $ldns_dev_dir/ldns/util.h >/dev/null; then
- ldns_version=`grep LDNS_VERSION $ldns_dev_dir/ldns/util.h | sed -e 's/^.*"\(.*\)".*$/\1/'`
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: using $ldns_dev_dir with $ldns_version" >&5
-$as_echo "using $ldns_dev_dir with $ldns_version" >&6; }
- CPPFLAGS="$CPPFLAGS -I$ldns_dev_dir/include"
- LDFLAGS="-L$ldns_dev_dir -L$ldns_dev_dir/lib $LDFLAGS"
- LIBS="-lldns $LIBS"
-
-$as_echo "#define HAVE_LIBLDNS 1" >>confdefs.h
-
- LDNSDIR="$ldns_dev_dir"
- LIBS_STC="$ldns_dev_dir/lib/libldns.a $LIBS_STC"
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ldns_rr_new in -lldns" >&5
-$as_echo_n "checking for ldns_rr_new in -lldns... " >&6; }
-if ${ac_cv_lib_ldns_ldns_rr_new+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- ac_check_lib_save_LIBS=$LIBS
-LIBS="-lldns $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-/* Override any GCC internal prototype to avoid an error.
- Use char because int might match the return type of a GCC
- builtin and then its argument prototype would still apply. */
-#ifdef __cplusplus
-extern "C"
-#endif
-char ldns_rr_new ();
-int
-main ()
-{
-return ldns_rr_new ();
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
- ac_cv_lib_ldns_ldns_rr_new=yes
-else
- ac_cv_lib_ldns_ldns_rr_new=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ldns_ldns_rr_new" >&5
-$as_echo "$ac_cv_lib_ldns_ldns_rr_new" >&6; }
-if test "x$ac_cv_lib_ldns_ldns_rr_new" = xyes; then :
- cat >>confdefs.h <<_ACEOF
-#define HAVE_LIBLDNS 1
-_ACEOF
-
- LIBS="-lldns $LIBS"
-
-else
-
- as_fn_error $? "Can't find ldns library" "$LINENO" 5
-
-
-fi
-
-fi
-
-
-
-
-
-ac_config_files="$ac_config_files Makefile drill.h"
-
-ac_config_headers="$ac_config_headers config.h"
-
-cat >confcache <<\_ACEOF
-# This file is a shell script that caches the results of configure
-# tests run on this system so they can be shared between configure
-# scripts and configure runs, see configure's option --config-cache.
-# It is not useful on other systems. If it contains results you don't
-# want to keep, you may remove or edit it.
-#
-# config.status only pays attention to the cache file if you give it
-# the --recheck option to rerun configure.
-#
-# `ac_cv_env_foo' variables (set or unset) will be overridden when
-# loading this file, other *unset* `ac_cv_foo' will be assigned the
-# following values.
-
-_ACEOF
-
-# The following way of writing the cache mishandles newlines in values,
-# but we know of no workaround that is simple, portable, and efficient.
-# So, we kill variables containing newlines.
-# Ultrix sh set writes to stderr and can't be redirected directly,
-# and sets the high bit in the cache file unless we assign to the vars.
-(
- for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do
- eval ac_val=\$$ac_var
- case $ac_val in #(
- *${as_nl}*)
- case $ac_var in #(
- *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5
-$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;;
- esac
- case $ac_var in #(
- _ | IFS | as_nl) ;; #(
- BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #(
- *) { eval $ac_var=; unset $ac_var;} ;;
- esac ;;
- esac
- done
-
- (set) 2>&1 |
- case $as_nl`(ac_space=' '; set) 2>&1` in #(
- *${as_nl}ac_space=\ *)
- # `set' does not quote correctly, so add quotes: double-quote
- # substitution turns \\\\ into \\, and sed turns \\ into \.
- sed -n \
- "s/'/'\\\\''/g;
- s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p"
- ;; #(
- *)
- # `set' quotes correctly as required by POSIX, so do not add quotes.
- sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p"
- ;;
- esac |
- sort
-) |
- sed '
- /^ac_cv_env_/b end
- t clear
- :clear
- s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/
- t end
- s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/
- :end' >>confcache
-if diff "$cache_file" confcache >/dev/null 2>&1; then :; else
- if test -w "$cache_file"; then
- if test "x$cache_file" != "x/dev/null"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5
-$as_echo "$as_me: updating cache $cache_file" >&6;}
- if test ! -f "$cache_file" || test -h "$cache_file"; then
- cat confcache >"$cache_file"
- else
- case $cache_file in #(
- */* | ?:*)
- mv -f confcache "$cache_file"$$ &&
- mv -f "$cache_file"$$ "$cache_file" ;; #(
- *)
- mv -f confcache "$cache_file" ;;
- esac
- fi
- fi
- else
- { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5
-$as_echo "$as_me: not updating unwritable cache $cache_file" >&6;}
- fi
-fi
-rm -f confcache
-
-test "x$prefix" = xNONE && prefix=$ac_default_prefix
-# Let make expand exec_prefix.
-test "x$exec_prefix" = xNONE && exec_prefix='${prefix}'
-
-DEFS=-DHAVE_CONFIG_H
-
-ac_libobjs=
-ac_ltlibobjs=
-U=
-for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue
- # 1. Remove the extension, and $U if already installed.
- ac_script='s/\$U\././;s/\.o$//;s/\.obj$//'
- ac_i=`$as_echo "$ac_i" | sed "$ac_script"`
- # 2. Prepend LIBOBJDIR. When used with automake>=1.10 LIBOBJDIR
- # will be set to the directory where LIBOBJS objects are built.
- as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext"
- as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo'
-done
-LIBOBJS=$ac_libobjs
-
-LTLIBOBJS=$ac_ltlibobjs
-
-
-
-: "${CONFIG_STATUS=./config.status}"
-ac_write_fail=0
-ac_clean_files_save=$ac_clean_files
-ac_clean_files="$ac_clean_files $CONFIG_STATUS"
-{ $as_echo "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5
-$as_echo "$as_me: creating $CONFIG_STATUS" >&6;}
-as_write_fail=0
-cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1
-#! $SHELL
-# Generated by $as_me.
-# Run this file to recreate the current configuration.
-# Compiler output produced by configure, useful for debugging
-# configure, is in config.log if it exists.
-
-debug=false
-ac_cs_recheck=false
-ac_cs_silent=false
-
-SHELL=\${CONFIG_SHELL-$SHELL}
-export SHELL
-_ASEOF
-cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1
-## -------------------- ##
-## M4sh Initialization. ##
-## -------------------- ##
-
-# Be more Bourne compatible
-DUALCASE=1; export DUALCASE # for MKS sh
-if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then :
- emulate sh
- NULLCMD=:
- # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
- # is contrary to our usage. Disable this feature.
- alias -g '${1+"$@"}'='"$@"'
- setopt NO_GLOB_SUBST
-else
- case `(set -o) 2>/dev/null` in #(
- *posix*) :
- set -o posix ;; #(
- *) :
- ;;
-esac
-fi
-
-
-as_nl='
-'
-export as_nl
-# Printing a long string crashes Solaris 7 /usr/bin/printf.
-as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
-as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo
-as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo
-# Prefer a ksh shell builtin over an external printf program on Solaris,
-# but without wasting forks for bash or zsh.
-if test -z "$BASH_VERSION$ZSH_VERSION" \
- && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then
- as_echo='print -r --'
- as_echo_n='print -rn --'
-elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then
- as_echo='printf %s\n'
- as_echo_n='printf %s'
-else
- if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then
- as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"'
- as_echo_n='/usr/ucb/echo -n'
- else
- as_echo_body='eval expr "X$1" : "X\\(.*\\)"'
- as_echo_n_body='eval
- arg=$1;
- case $arg in #(
- *"$as_nl"*)
- expr "X$arg" : "X\\(.*\\)$as_nl";
- arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;;
- esac;
- expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl"
- '
- export as_echo_n_body
- as_echo_n='sh -c $as_echo_n_body as_echo'
- fi
- export as_echo_body
- as_echo='sh -c $as_echo_body as_echo'
-fi
-
-# The user is always right.
-if test "${PATH_SEPARATOR+set}" != set; then
- PATH_SEPARATOR=:
- (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && {
- (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 ||
- PATH_SEPARATOR=';'
- }
-fi
-
-
-# IFS
-# We need space, tab and new line, in precisely that order. Quoting is
-# there to prevent editors from complaining about space-tab.
-# (If _AS_PATH_WALK were called with IFS unset, it would disable word
-# splitting by setting IFS to empty value.)
-IFS=" "" $as_nl"
-
-# Find who we are. Look in the path if we contain no directory separator.
-as_myself=
-case $0 in #((
- *[\\/]* ) as_myself=$0 ;;
- *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break
- done
-IFS=$as_save_IFS
-
- ;;
-esac
-# We did not find ourselves, most probably we were run as `sh COMMAND'
-# in which case we are not to be found in the path.
-if test "x$as_myself" = x; then
- as_myself=$0
-fi
-if test ! -f "$as_myself"; then
- $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
- exit 1
-fi
-
-# Unset variables that we do not need and which cause bugs (e.g. in
-# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1"
-# suppresses any "Segmentation fault" message there. '((' could
-# trigger a bug in pdksh 5.2.14.
-for as_var in BASH_ENV ENV MAIL MAILPATH
-do eval test x\${$as_var+set} = xset \
- && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || :
-done
-PS1='$ '
-PS2='> '
-PS4='+ '
-
-# NLS nuisances.
-LC_ALL=C
-export LC_ALL
-LANGUAGE=C
-export LANGUAGE
-
-# CDPATH.
-(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
-
-
-# as_fn_error STATUS ERROR [LINENO LOG_FD]
-# ----------------------------------------
-# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are
-# provided, also output the error to LOG_FD, referencing LINENO. Then exit the
-# script with STATUS, using 1 if that was 0.
-as_fn_error ()
-{
- as_status=$1; test $as_status -eq 0 && as_status=1
- if test "$4"; then
- as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
- $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4
- fi
- $as_echo "$as_me: error: $2" >&2
- as_fn_exit $as_status
-} # as_fn_error
-
-
-# as_fn_set_status STATUS
-# -----------------------
-# Set $? to STATUS, without forking.
-as_fn_set_status ()
-{
- return $1
-} # as_fn_set_status
-
-# as_fn_exit STATUS
-# -----------------
-# Exit the shell with STATUS, even in a "trap 0" or "set -e" context.
-as_fn_exit ()
-{
- set +e
- as_fn_set_status $1
- exit $1
-} # as_fn_exit
-
-# as_fn_unset VAR
-# ---------------
-# Portably unset VAR.
-as_fn_unset ()
-{
- { eval $1=; unset $1;}
-}
-as_unset=as_fn_unset
-# as_fn_append VAR VALUE
-# ----------------------
-# Append the text in VALUE to the end of the definition contained in VAR. Take
-# advantage of any shell optimizations that allow amortized linear growth over
-# repeated appends, instead of the typical quadratic growth present in naive
-# implementations.
-if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then :
- eval 'as_fn_append ()
- {
- eval $1+=\$2
- }'
-else
- as_fn_append ()
- {
- eval $1=\$$1\$2
- }
-fi # as_fn_append
-
-# as_fn_arith ARG...
-# ------------------
-# Perform arithmetic evaluation on the ARGs, and store the result in the
-# global $as_val. Take advantage of shells that can avoid forks. The arguments
-# must be portable across $(()) and expr.
-if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then :
- eval 'as_fn_arith ()
- {
- as_val=$(( $* ))
- }'
-else
- as_fn_arith ()
- {
- as_val=`expr "$@" || test $? -eq 1`
- }
-fi # as_fn_arith
-
-
-if expr a : '\(a\)' >/dev/null 2>&1 &&
- test "X`expr 00001 : '.*\(...\)'`" = X001; then
- as_expr=expr
-else
- as_expr=false
-fi
-
-if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then
- as_basename=basename
-else
- as_basename=false
-fi
-
-if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then
- as_dirname=dirname
-else
- as_dirname=false
-fi
-
-as_me=`$as_basename -- "$0" ||
-$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
- X"$0" : 'X\(//\)$' \| \
- X"$0" : 'X\(/\)' \| . 2>/dev/null ||
-$as_echo X/"$0" |
- sed '/^.*\/\([^/][^/]*\)\/*$/{
- s//\1/
- q
- }
- /^X\/\(\/\/\)$/{
- s//\1/
- q
- }
- /^X\/\(\/\).*/{
- s//\1/
- q
- }
- s/.*/./; q'`
-
-# Avoid depending upon Character Ranges.
-as_cr_letters='abcdefghijklmnopqrstuvwxyz'
-as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
-as_cr_Letters=$as_cr_letters$as_cr_LETTERS
-as_cr_digits='0123456789'
-as_cr_alnum=$as_cr_Letters$as_cr_digits
-
-ECHO_C= ECHO_N= ECHO_T=
-case `echo -n x` in #(((((
--n*)
- case `echo 'xy\c'` in
- *c*) ECHO_T=' ';; # ECHO_T is single tab character.
- xy) ECHO_C='\c';;
- *) echo `echo ksh88 bug on AIX 6.1` > /dev/null
- ECHO_T=' ';;
- esac;;
-*)
- ECHO_N='-n';;
-esac
-
-rm -f conf$$ conf$$.exe conf$$.file
-if test -d conf$$.dir; then
- rm -f conf$$.dir/conf$$.file
-else
- rm -f conf$$.dir
- mkdir conf$$.dir 2>/dev/null
-fi
-if (echo >conf$$.file) 2>/dev/null; then
- if ln -s conf$$.file conf$$ 2>/dev/null; then
- as_ln_s='ln -s'
- # ... but there are two gotchas:
- # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
- # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
- # In both cases, we have to default to `cp -p'.
- ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
- as_ln_s='cp -p'
- elif ln conf$$.file conf$$ 2>/dev/null; then
- as_ln_s=ln
- else
- as_ln_s='cp -p'
- fi
-else
- as_ln_s='cp -p'
-fi
-rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file
-rmdir conf$$.dir 2>/dev/null
-
-
-# as_fn_mkdir_p
-# -------------
-# Create "$as_dir" as a directory, including parents if necessary.
-as_fn_mkdir_p ()
-{
-
- case $as_dir in #(
- -*) as_dir=./$as_dir;;
- esac
- test -d "$as_dir" || eval $as_mkdir_p || {
- as_dirs=
- while :; do
- case $as_dir in #(
- *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'(
- *) as_qdir=$as_dir;;
- esac
- as_dirs="'$as_qdir' $as_dirs"
- as_dir=`$as_dirname -- "$as_dir" ||
-$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$as_dir" : 'X\(//\)[^/]' \| \
- X"$as_dir" : 'X\(//\)$' \| \
- X"$as_dir" : 'X\(/\)' \| . 2>/dev/null ||
-$as_echo X"$as_dir" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
- s//\1/
- q
- }
- /^X\(\/\/\)[^/].*/{
- s//\1/
- q
- }
- /^X\(\/\/\)$/{
- s//\1/
- q
- }
- /^X\(\/\).*/{
- s//\1/
- q
- }
- s/.*/./; q'`
- test -d "$as_dir" && break
- done
- test -z "$as_dirs" || eval "mkdir $as_dirs"
- } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir"
-
-
-} # as_fn_mkdir_p
-if mkdir -p . 2>/dev/null; then
- as_mkdir_p='mkdir -p "$as_dir"'
-else
- test -d ./-p && rmdir ./-p
- as_mkdir_p=false
-fi
-
-if test -x / >/dev/null 2>&1; then
- as_test_x='test -x'
-else
- if ls -dL / >/dev/null 2>&1; then
- as_ls_L_option=L
- else
- as_ls_L_option=
- fi
- as_test_x='
- eval sh -c '\''
- if test -d "$1"; then
- test -d "$1/.";
- else
- case $1 in #(
- -*)set "./$1";;
- esac;
- case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #((
- ???[sx]*):;;*)false;;esac;fi
- '\'' sh
- '
-fi
-as_executable_p=$as_test_x
-
-# Sed expression to map a string onto a valid CPP name.
-as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
-
-# Sed expression to map a string onto a valid variable name.
-as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'"
-
-
-exec 6>&1
-## ----------------------------------- ##
-## Main body of $CONFIG_STATUS script. ##
-## ----------------------------------- ##
-_ASEOF
-test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1
-
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-# Save the log message, to keep $0 and so on meaningful, and to
-# report actual input values of CONFIG_FILES etc. instead of their
-# values after options handling.
-ac_log="
-This file was extended by ldns $as_me 1.6.9, which was
-generated by GNU Autoconf 2.68. Invocation command line was
-
- CONFIG_FILES = $CONFIG_FILES
- CONFIG_HEADERS = $CONFIG_HEADERS
- CONFIG_LINKS = $CONFIG_LINKS
- CONFIG_COMMANDS = $CONFIG_COMMANDS
- $ $0 $@
-
-on `(hostname || uname -n) 2>/dev/null | sed 1q`
-"
-
-_ACEOF
-
-case $ac_config_files in *"
-"*) set x $ac_config_files; shift; ac_config_files=$*;;
-esac
-
-case $ac_config_headers in *"
-"*) set x $ac_config_headers; shift; ac_config_headers=$*;;
-esac
-
-
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
-# Files that config.status was made for.
-config_files="$ac_config_files"
-config_headers="$ac_config_headers"
-
-_ACEOF
-
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-ac_cs_usage="\
-\`$as_me' instantiates files and other configuration actions
-from templates according to the current configuration. Unless the files
-and actions are specified as TAGs, all are instantiated by default.
-
-Usage: $0 [OPTION]... [TAG]...
-
- -h, --help print this help, then exit
- -V, --version print version number and configuration settings, then exit
- --config print configuration, then exit
- -q, --quiet, --silent
- do not print progress messages
- -d, --debug don't remove temporary files
- --recheck update $as_me by reconfiguring in the same conditions
- --file=FILE[:TEMPLATE]
- instantiate the configuration file FILE
- --header=FILE[:TEMPLATE]
- instantiate the configuration header FILE
-
-Configuration files:
-$config_files
-
-Configuration headers:
-$config_headers
-
-Report bugs to <libdns@nlnetlabs.nl>."
-
-_ACEOF
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
-ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
-ac_cs_version="\\
-ldns config.status 1.6.9
-configured by $0, generated by GNU Autoconf 2.68,
- with options \\"\$ac_cs_config\\"
-
-Copyright (C) 2010 Free Software Foundation, Inc.
-This config.status script is free software; the Free Software Foundation
-gives unlimited permission to copy, distribute and modify it."
-
-ac_pwd='$ac_pwd'
-srcdir='$srcdir'
-test -n "\$AWK" || AWK=awk
-_ACEOF
-
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-# The default lists apply if the user does not specify any file.
-ac_need_defaults=:
-while test $# != 0
-do
- case $1 in
- --*=?*)
- ac_option=`expr "X$1" : 'X\([^=]*\)='`
- ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'`
- ac_shift=:
- ;;
- --*=)
- ac_option=`expr "X$1" : 'X\([^=]*\)='`
- ac_optarg=
- ac_shift=:
- ;;
- *)
- ac_option=$1
- ac_optarg=$2
- ac_shift=shift
- ;;
- esac
-
- case $ac_option in
- # Handling of the options.
- -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r)
- ac_cs_recheck=: ;;
- --version | --versio | --versi | --vers | --ver | --ve | --v | -V )
- $as_echo "$ac_cs_version"; exit ;;
- --config | --confi | --conf | --con | --co | --c )
- $as_echo "$ac_cs_config"; exit ;;
- --debug | --debu | --deb | --de | --d | -d )
- debug=: ;;
- --file | --fil | --fi | --f )
- $ac_shift
- case $ac_optarg in
- *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;;
- '') as_fn_error $? "missing file argument" ;;
- esac
- as_fn_append CONFIG_FILES " '$ac_optarg'"
- ac_need_defaults=false;;
- --header | --heade | --head | --hea )
- $ac_shift
- case $ac_optarg in
- *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;;
- esac
- as_fn_append CONFIG_HEADERS " '$ac_optarg'"
- ac_need_defaults=false;;
- --he | --h)
- # Conflict between --help and --header
- as_fn_error $? "ambiguous option: \`$1'
-Try \`$0 --help' for more information.";;
- --help | --hel | -h )
- $as_echo "$ac_cs_usage"; exit ;;
- -q | -quiet | --quiet | --quie | --qui | --qu | --q \
- | -silent | --silent | --silen | --sile | --sil | --si | --s)
- ac_cs_silent=: ;;
-
- # This is an error.
- -*) as_fn_error $? "unrecognized option: \`$1'
-Try \`$0 --help' for more information." ;;
-
- *) as_fn_append ac_config_targets " $1"
- ac_need_defaults=false ;;
-
- esac
- shift
-done
-
-ac_configure_extra_args=
-
-if $ac_cs_silent; then
- exec 6>/dev/null
- ac_configure_extra_args="$ac_configure_extra_args --silent"
-fi
-
-_ACEOF
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
-if \$ac_cs_recheck; then
- set X '$SHELL' '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion
- shift
- \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6
- CONFIG_SHELL='$SHELL'
- export CONFIG_SHELL
- exec "\$@"
-fi
-
-_ACEOF
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-exec 5>>config.log
-{
- echo
- sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX
-## Running $as_me. ##
-_ASBOX
- $as_echo "$ac_log"
-} >&5
-
-_ACEOF
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
-_ACEOF
-
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-
-# Handling of arguments.
-for ac_config_target in $ac_config_targets
-do
- case $ac_config_target in
- "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;;
- "drill.h") CONFIG_FILES="$CONFIG_FILES drill.h" ;;
- "config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;;
-
- *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;;
- esac
-done
-
-
-# If the user did not use the arguments to specify the items to instantiate,
-# then the envvar interface is used. Set only those that are not.
-# We use the long form for the default assignment because of an extremely
-# bizarre bug on SunOS 4.1.3.
-if $ac_need_defaults; then
- test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files
- test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers
-fi
-
-# Have a temporary directory for convenience. Make it in the build tree
-# simply because there is no reason against having it here, and in addition,
-# creating and moving files from /tmp can sometimes cause problems.
-# Hook for its removal unless debugging.
-# Note that there is a small window in which the directory will not be cleaned:
-# after its creation but before its name has been assigned to `$tmp'.
-$debug ||
-{
- tmp= ac_tmp=
- trap 'exit_status=$?
- : "${ac_tmp:=$tmp}"
- { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status
-' 0
- trap 'as_fn_exit 1' 1 2 13 15
-}
-# Create a (secure) tmp directory for tmp files.
-
-{
- tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` &&
- test -d "$tmp"
-} ||
-{
- tmp=./conf$$-$RANDOM
- (umask 077 && mkdir "$tmp")
-} || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5
-ac_tmp=$tmp
-
-# Set up the scripts for CONFIG_FILES section.
-# No need to generate them if there are no CONFIG_FILES.
-# This happens for instance with `./config.status config.h'.
-if test -n "$CONFIG_FILES"; then
-
-
-ac_cr=`echo X | tr X '\015'`
-# On cygwin, bash can eat \r inside `` if the user requested igncr.
-# But we know of no other shell where ac_cr would be empty at this
-# point, so we can use a bashism as a fallback.
-if test "x$ac_cr" = x; then
- eval ac_cr=\$\'\\r\'
-fi
-ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' </dev/null 2>/dev/null`
-if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then
- ac_cs_awk_cr='\\r'
-else
- ac_cs_awk_cr=$ac_cr
-fi
-
-echo 'BEGIN {' >"$ac_tmp/subs1.awk" &&
-_ACEOF
-
-
-{
- echo "cat >conf$$subs.awk <<_ACEOF" &&
- echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' &&
- echo "_ACEOF"
-} >conf$$subs.sh ||
- as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5
-ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'`
-ac_delim='%!_!# '
-for ac_last_try in false false false false false :; do
- . ./conf$$subs.sh ||
- as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5
-
- ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X`
- if test $ac_delim_n = $ac_delim_num; then
- break
- elif $ac_last_try; then
- as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5
- else
- ac_delim="$ac_delim!$ac_delim _$ac_delim!! "
- fi
-done
-rm -f conf$$subs.sh
-
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
-cat >>"\$ac_tmp/subs1.awk" <<\\_ACAWK &&
-_ACEOF
-sed -n '
-h
-s/^/S["/; s/!.*/"]=/
-p
-g
-s/^[^!]*!//
-:repl
-t repl
-s/'"$ac_delim"'$//
-t delim
-:nl
-h
-s/\(.\{148\}\)..*/\1/
-t more1
-s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/
-p
-n
-b repl
-:more1
-s/["\\]/\\&/g; s/^/"/; s/$/"\\/
-p
-g
-s/.\{148\}//
-t nl
-:delim
-h
-s/\(.\{148\}\)..*/\1/
-t more2
-s/["\\]/\\&/g; s/^/"/; s/$/"/
-p
-b
-:more2
-s/["\\]/\\&/g; s/^/"/; s/$/"\\/
-p
-g
-s/.\{148\}//
-t delim
-' <conf$$subs.awk | sed '
-/^[^""]/{
- N
- s/\n//
-}
-' >>$CONFIG_STATUS || ac_write_fail=1
-rm -f conf$$subs.awk
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
-_ACAWK
-cat >>"\$ac_tmp/subs1.awk" <<_ACAWK &&
- for (key in S) S_is_set[key] = 1
- FS = "\a"
-
-}
-{
- line = $ 0
- nfields = split(line, field, "@")
- substed = 0
- len = length(field[1])
- for (i = 2; i < nfields; i++) {
- key = field[i]
- keylen = length(key)
- if (S_is_set[key]) {
- value = S[key]
- line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3)
- len += length(value) + length(field[++i])
- substed = 1
- } else
- len += 1 + keylen
- }
-
- print line
-}
-
-_ACAWK
-_ACEOF
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then
- sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g"
-else
- cat
-fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \
- || as_fn_error $? "could not setup config files machinery" "$LINENO" 5
-_ACEOF
-
-# VPATH may cause trouble with some makes, so we remove sole $(srcdir),
-# ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and
-# trailing colons and then remove the whole line if VPATH becomes empty
-# (actually we leave an empty line to preserve line numbers).
-if test "x$srcdir" = x.; then
- ac_vpsub='/^[ ]*VPATH[ ]*=[ ]*/{
-h
-s///
-s/^/:/
-s/[ ]*$/:/
-s/:\$(srcdir):/:/g
-s/:\${srcdir}:/:/g
-s/:@srcdir@:/:/g
-s/^:*//
-s/:*$//
-x
-s/\(=[ ]*\).*/\1/
-G
-s/\n//
-s/^[^=]*=[ ]*$//
-}'
-fi
-
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-fi # test -n "$CONFIG_FILES"
-
-# Set up the scripts for CONFIG_HEADERS section.
-# No need to generate them if there are no CONFIG_HEADERS.
-# This happens for instance with `./config.status Makefile'.
-if test -n "$CONFIG_HEADERS"; then
-cat >"$ac_tmp/defines.awk" <<\_ACAWK ||
-BEGIN {
-_ACEOF
-
-# Transform confdefs.h into an awk script `defines.awk', embedded as
-# here-document in config.status, that substitutes the proper values into
-# config.h.in to produce config.h.
-
-# Create a delimiter string that does not exist in confdefs.h, to ease
-# handling of long lines.
-ac_delim='%!_!# '
-for ac_last_try in false false :; do
- ac_tt=`sed -n "/$ac_delim/p" confdefs.h`
- if test -z "$ac_tt"; then
- break
- elif $ac_last_try; then
- as_fn_error $? "could not make $CONFIG_HEADERS" "$LINENO" 5
- else
- ac_delim="$ac_delim!$ac_delim _$ac_delim!! "
- fi
-done
-
-# For the awk script, D is an array of macro values keyed by name,
-# likewise P contains macro parameters if any. Preserve backslash
-# newline sequences.
-
-ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]*
-sed -n '
-s/.\{148\}/&'"$ac_delim"'/g
-t rset
-:rset
-s/^[ ]*#[ ]*define[ ][ ]*/ /
-t def
-d
-:def
-s/\\$//
-t bsnl
-s/["\\]/\\&/g
-s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\
-D["\1"]=" \3"/p
-s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2"/p
-d
-:bsnl
-s/["\\]/\\&/g
-s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\
-D["\1"]=" \3\\\\\\n"\\/p
-t cont
-s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2\\\\\\n"\\/p
-t cont
-d
-:cont
-n
-s/.\{148\}/&'"$ac_delim"'/g
-t clear
-:clear
-s/\\$//
-t bsnlc
-s/["\\]/\\&/g; s/^/"/; s/$/"/p
-d
-:bsnlc
-s/["\\]/\\&/g; s/^/"/; s/$/\\\\\\n"\\/p
-b cont
-' <confdefs.h | sed '
-s/'"$ac_delim"'/"\\\
-"/g' >>$CONFIG_STATUS || ac_write_fail=1
-
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
- for (key in D) D_is_set[key] = 1
- FS = "\a"
-}
-/^[\t ]*#[\t ]*(define|undef)[\t ]+$ac_word_re([\t (]|\$)/ {
- line = \$ 0
- split(line, arg, " ")
- if (arg[1] == "#") {
- defundef = arg[2]
- mac1 = arg[3]
- } else {
- defundef = substr(arg[1], 2)
- mac1 = arg[2]
- }
- split(mac1, mac2, "(") #)
- macro = mac2[1]
- prefix = substr(line, 1, index(line, defundef) - 1)
- if (D_is_set[macro]) {
- # Preserve the white space surrounding the "#".
- print prefix "define", macro P[macro] D[macro]
- next
- } else {
- # Replace #undef with comments. This is necessary, for example,
- # in the case of _POSIX_SOURCE, which is predefined and required
- # on some systems where configure will not decide to define it.
- if (defundef == "undef") {
- print "/*", prefix defundef, macro, "*/"
- next
- }
- }
-}
-{ print }
-_ACAWK
-_ACEOF
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
- as_fn_error $? "could not setup config headers machinery" "$LINENO" 5
-fi # test -n "$CONFIG_HEADERS"
-
-
-eval set X " :F $CONFIG_FILES :H $CONFIG_HEADERS "
-shift
-for ac_tag
-do
- case $ac_tag in
- :[FHLC]) ac_mode=$ac_tag; continue;;
- esac
- case $ac_mode$ac_tag in
- :[FHL]*:*);;
- :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5;;
- :[FH]-) ac_tag=-:-;;
- :[FH]*) ac_tag=$ac_tag:$ac_tag.in;;
- esac
- ac_save_IFS=$IFS
- IFS=:
- set x $ac_tag
- IFS=$ac_save_IFS
- shift
- ac_file=$1
- shift
-
- case $ac_mode in
- :L) ac_source=$1;;
- :[FH])
- ac_file_inputs=
- for ac_f
- do
- case $ac_f in
- -) ac_f="$ac_tmp/stdin";;
- *) # Look for the file first in the build tree, then in the source tree
- # (if the path is not absolute). The absolute path cannot be DOS-style,
- # because $ac_f cannot contain `:'.
- test -f "$ac_f" ||
- case $ac_f in
- [\\/$]*) false;;
- *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";;
- esac ||
- as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;;
- esac
- case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac
- as_fn_append ac_file_inputs " '$ac_f'"
- done
-
- # Let's still pretend it is `configure' which instantiates (i.e., don't
- # use $as_me), people would be surprised to read:
- # /* config.h. Generated by config.status. */
- configure_input='Generated from '`
- $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g'
- `' by configure.'
- if test x"$ac_file" != x-; then
- configure_input="$ac_file. $configure_input"
- { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5
-$as_echo "$as_me: creating $ac_file" >&6;}
- fi
- # Neutralize special characters interpreted by sed in replacement strings.
- case $configure_input in #(
- *\&* | *\|* | *\\* )
- ac_sed_conf_input=`$as_echo "$configure_input" |
- sed 's/[\\\\&|]/\\\\&/g'`;; #(
- *) ac_sed_conf_input=$configure_input;;
- esac
-
- case $ac_tag in
- *:-:* | *:-) cat >"$ac_tmp/stdin" \
- || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;;
- esac
- ;;
- esac
-
- ac_dir=`$as_dirname -- "$ac_file" ||
-$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$ac_file" : 'X\(//\)[^/]' \| \
- X"$ac_file" : 'X\(//\)$' \| \
- X"$ac_file" : 'X\(/\)' \| . 2>/dev/null ||
-$as_echo X"$ac_file" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
- s//\1/
- q
- }
- /^X\(\/\/\)[^/].*/{
- s//\1/
- q
- }
- /^X\(\/\/\)$/{
- s//\1/
- q
- }
- /^X\(\/\).*/{
- s//\1/
- q
- }
- s/.*/./; q'`
- as_dir="$ac_dir"; as_fn_mkdir_p
- ac_builddir=.
-
-case "$ac_dir" in
-.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;;
-*)
- ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'`
- # A ".." for each directory in $ac_dir_suffix.
- ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'`
- case $ac_top_builddir_sub in
- "") ac_top_builddir_sub=. ac_top_build_prefix= ;;
- *) ac_top_build_prefix=$ac_top_builddir_sub/ ;;
- esac ;;
-esac
-ac_abs_top_builddir=$ac_pwd
-ac_abs_builddir=$ac_pwd$ac_dir_suffix
-# for backward compatibility:
-ac_top_builddir=$ac_top_build_prefix
-
-case $srcdir in
- .) # We are building in place.
- ac_srcdir=.
- ac_top_srcdir=$ac_top_builddir_sub
- ac_abs_top_srcdir=$ac_pwd ;;
- [\\/]* | ?:[\\/]* ) # Absolute name.
- ac_srcdir=$srcdir$ac_dir_suffix;
- ac_top_srcdir=$srcdir
- ac_abs_top_srcdir=$srcdir ;;
- *) # Relative name.
- ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix
- ac_top_srcdir=$ac_top_build_prefix$srcdir
- ac_abs_top_srcdir=$ac_pwd/$srcdir ;;
-esac
-ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix
-
-
- case $ac_mode in
- :F)
- #
- # CONFIG_FILE
- #
-
-_ACEOF
-
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-# If the template does not know about datarootdir, expand it.
-# FIXME: This hack should be removed a few years after 2.60.
-ac_datarootdir_hack=; ac_datarootdir_seen=
-ac_sed_dataroot='
-/datarootdir/ {
- p
- q
-}
-/@datadir@/p
-/@docdir@/p
-/@infodir@/p
-/@localedir@/p
-/@mandir@/p'
-case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in
-*datarootdir*) ac_datarootdir_seen=yes;;
-*@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*)
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5
-$as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;}
-_ACEOF
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
- ac_datarootdir_hack='
- s&@datadir@&$datadir&g
- s&@docdir@&$docdir&g
- s&@infodir@&$infodir&g
- s&@localedir@&$localedir&g
- s&@mandir@&$mandir&g
- s&\\\${datarootdir}&$datarootdir&g' ;;
-esac
-_ACEOF
-
-# Neutralize VPATH when `$srcdir' = `.'.
-# Shell code in configure.ac might set extrasub.
-# FIXME: do we really want to maintain this feature?
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
-ac_sed_extra="$ac_vpsub
-$extrasub
-_ACEOF
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-:t
-/@[a-zA-Z_][a-zA-Z_0-9]*@/!b
-s|@configure_input@|$ac_sed_conf_input|;t t
-s&@top_builddir@&$ac_top_builddir_sub&;t t
-s&@top_build_prefix@&$ac_top_build_prefix&;t t
-s&@srcdir@&$ac_srcdir&;t t
-s&@abs_srcdir@&$ac_abs_srcdir&;t t
-s&@top_srcdir@&$ac_top_srcdir&;t t
-s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t
-s&@builddir@&$ac_builddir&;t t
-s&@abs_builddir@&$ac_abs_builddir&;t t
-s&@abs_top_builddir@&$ac_abs_top_builddir&;t t
-$ac_datarootdir_hack
-"
-eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \
- >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "$LINENO" 5
-
-test -z "$ac_datarootdir_hack$ac_datarootdir_seen" &&
- { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } &&
- { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' \
- "$ac_tmp/out"`; test -z "$ac_out"; } &&
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir'
-which seems to be undefined. Please make sure it is defined" >&5
-$as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir'
-which seems to be undefined. Please make sure it is defined" >&2;}
-
- rm -f "$ac_tmp/stdin"
- case $ac_file in
- -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";;
- *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";;
- esac \
- || as_fn_error $? "could not create $ac_file" "$LINENO" 5
- ;;
- :H)
- #
- # CONFIG_HEADER
- #
- if test x"$ac_file" != x-; then
- {
- $as_echo "/* $configure_input */" \
- && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs"
- } >"$ac_tmp/config.h" \
- || as_fn_error $? "could not create $ac_file" "$LINENO" 5
- if diff "$ac_file" "$ac_tmp/config.h" >/dev/null 2>&1; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_file is unchanged" >&5
-$as_echo "$as_me: $ac_file is unchanged" >&6;}
- else
- rm -f "$ac_file"
- mv "$ac_tmp/config.h" "$ac_file" \
- || as_fn_error $? "could not create $ac_file" "$LINENO" 5
- fi
- else
- $as_echo "/* $configure_input */" \
- && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" \
- || as_fn_error $? "could not create -" "$LINENO" 5
- fi
- ;;
-
-
- esac
-
-done # for ac_tag
-
-
-as_fn_exit 0
-_ACEOF
-ac_clean_files=$ac_clean_files_save
-
-test $ac_write_fail = 0 ||
- as_fn_error $? "write failure creating $CONFIG_STATUS" "$LINENO" 5
-
-
-# configure is writing to config.log, and then calls config.status.
-# config.status does its own redirection, appending to config.log.
-# Unfortunately, on DOS this fails, as config.log is still kept open
-# by configure, so config.status won't be able to write to it; its
-# output is simply discarded. So we exec the FD to /dev/null,
-# effectively closing config.log, so it can be properly (re)opened and
-# appended to by config.status. When coming back to configure, we
-# need to make the FD available again.
-if test "$no_create" != yes; then
- ac_cs_success=:
- ac_config_status_args=
- test "$silent" = yes &&
- ac_config_status_args="$ac_config_status_args --quiet"
- exec 5>/dev/null
- $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false
- exec 5>>config.log
- # Use ||, not &&, to avoid exiting from the if with $? = 1, which
- # would make configure fail if this is the last instruction.
- $ac_cs_success || as_fn_exit 1
-fi
-if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5
-$as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;}
-fi
-
+++ /dev/null
-# -*- Autoconf -*-
-# Process this file with autoconf to produce a configure script.
-
-AC_PREREQ(2.56)
-AC_INIT(ldns, 1.6.9, libdns@nlnetlabs.nl,libdns)
-AC_CONFIG_SRCDIR([drill.c])
-sinclude(../acx_nlnetlabs.m4)
-
-OURCPPFLAGS=''
-CPPFLAGS=${CPPFLAGS:-${OURCPPFLAGS}}
-OURCFLAGS='-g'
-CFLAGS=${CFLAGS:-${OURCFLAGS}}
-AC_DEFINE(WINVER, 0x0502, [the version of the windows API enabled])
-
-AC_AIX
-# Checks for programs.
-AC_PROG_CC
-AC_PROG_MAKE_SET
-AC_CHECK_PROGS(libtool, [glibtool libtool15 libtool], [../libtool])
-
-# add option to disable the evil rpath
-dnl Check whether to use rpath or not
-AC_ARG_ENABLE(rpath,
- [ --disable-rpath disable hardcoded rpath (default=enabled)],
- enable_rpath=$enableval, enable_rpath=yes)
-
-if test "x$enable_rpath" = xyes; then
- RPATH_VAL="-Wl,-rpath=\${libdir}"
-fi
-
-
-ACX_CHECK_COMPILER_FLAG(std=c99, [C99FLAG="-std=c99"])
-ACX_CHECK_COMPILER_FLAG(xc99, [C99FLAG="-xc99"])
-
-AC_TYPE_SIZE_T
-ACX_CHECK_COMPILER_FLAG(O2, [CFLAGS="$CFLAGS -O2"])
-
-ACX_CHECK_COMPILER_FLAG_NEEDED($C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600,
-[
-#include "confdefs.h"
-#include <stdlib.h>
-#include <ctype.h>
-#include <sys/time.h>
-#ifdef HAVE_TIME_H
-#include <time.h>
-#endif
-#include <unistd.h>
-#ifdef HAVE_GETOPT_H
-#include <getopt.h>
-#endif
-
-int test() {
- int a;
- char **opts = NULL;
- struct timeval tv;
- char *t;
- time_t time = 0;
- char *buf = NULL;
- t = ctime_r(&time, buf);
- tv.tv_usec = 10;
- srandom(32);
- a = getopt(2, opts, "a");
- a = isascii(32);
- return a;
-}
-], [CFLAGS="$CFLAGS $C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600"])
-
-
-ACX_CHECK_COMPILER_FLAG_NEEDED($C99FLAG, [#include <stdbool.h>], [CFLAGS="$CFLAGS $C99FLAG"])
-
-AC_C_INLINE
-AC_CHECK_TYPE(int8_t, char)
-AC_CHECK_TYPE(int16_t, short)
-AC_CHECK_TYPE(int32_t, int)
-AC_CHECK_TYPE(int64_t, long long)
-AC_CHECK_TYPE(uint8_t, unsigned char)
-AC_CHECK_TYPE(uint16_t, unsigned short)
-AC_CHECK_TYPE(uint32_t, unsigned int)
-AC_CHECK_TYPE(uint64_t, unsigned long long)
-AC_CHECK_TYPE(ssize_t, int)
-
-AC_CHECK_HEADERS([sys/types.h getopt.h stdlib.h stdio.h assert.h netinet/in.h ctype.h time.h arpa/inet.h sys/time.h sys/socket.h sys/select.h],,, [AC_INCLUDES_DEFAULT])
-AC_CHECK_HEADERS([netinet/in_systm.h net/if.h netinet/ip.h netinet/udp.h netinet/if_ether.h netinet/ip6.h],,, [
-AC_INCLUDES_DEFAULT
-#ifdef HAVE_NETINET_IN_SYSTM_H
-#include <netinet/in_systm.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_NET_IF_H
-#include <net/if.h>
-#endif])
-# MinGW32 tests
-AC_CHECK_HEADERS([winsock2.h ws2tcpip.h],,, [AC_INCLUDES_DEFAULT])
-
-ACX_TYPE_SOCKLEN_T
-AC_CHECK_HEADERS([sys/param.h sys/mount.h],,,
-[AC_INCLUDES_DEFAULT]
-[
- [
- #if HAVE_SYS_PARAM_H
- # include <sys/param.h>
- #endif
- ]
-])
-AC_CHECK_TYPE(in_addr_t, [], [AC_DEFINE([in_addr_t], [uint32_t], [in_addr_t])], [
-#if HAVE_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#if HAVE_NETINET_IN_H
-# include <netinet/in.h>
-#endif])
-AC_CHECK_TYPE(in_port_t, [], [AC_DEFINE([in_port_t], [uint16_t], [in_port_t])], [
-#if HAVE_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#if HAVE_NETINET_IN_H
-# include <netinet/in.h>
-#endif])
-
-# check to see if libraries are needed for these functions.
-AC_SEARCH_LIBS(socket, socket)
-AC_SEARCH_LIBS([inet_pton], [nsl])
-
-ACX_WITH_SSL_OPTIONAL
-
-ACX_CHECK_GETADDRINFO_WITH_INCLUDES
-
-LIBS_STC="$LIBS"
-AC_SUBST(LIBS_STC)
-
-# check for ldns
-AC_ARG_WITH(ldns,
- AC_HELP_STRING([--with-ldns=PATH specify prefix of path of ldns library to use])
- ,
- [
- specialldnsdir="$withval"
- CPPFLAGS="$CPPFLAGS -I$withval/include"
- LDFLAGS="-L$withval -L$withval/lib $LDFLAGS"
- LDNSDIR="$withval"
- LIBS="-lldns $LIBS"
- LIBS_STC="$withval/lib/libldns.a $LIBS_STC"
- ]
-)
-
-#AC_CHECK_HEADER(ldns/ldns.h,, [
-# AC_MSG_ERROR([Can't find ldns headers (make copy-headers in devel source.)])
-# ], [AC_INCLUDES_DEFAULT]
-#)
-
-AC_CHECK_FUNCS(isblank)
-
-# check for ldns development source tree
-AC_MSG_CHECKING([for ldns devel source])
-ldns_dev_dir=..
-if test -f $ldns_dev_dir/ldns/util.h && \
- grep LDNS_VERSION $ldns_dev_dir/ldns/util.h >/dev/null; then
- ldns_version=`grep LDNS_VERSION $ldns_dev_dir/ldns/util.h | sed -e 's/^.*"\(.*\)".*$/\1/'`
- AC_MSG_RESULT([using $ldns_dev_dir with $ldns_version])
- CPPFLAGS="$CPPFLAGS -I$ldns_dev_dir/include"
- LDFLAGS="-L$ldns_dev_dir -L$ldns_dev_dir/lib $LDFLAGS"
- LIBS="-lldns $LIBS"
- AC_DEFINE(HAVE_LIBLDNS, 1, [If the ldns library is available.])
- LDNSDIR="$ldns_dev_dir"
- LIBS_STC="$ldns_dev_dir/lib/libldns.a $LIBS_STC"
-else
- AC_MSG_RESULT([no])
- AC_CHECK_LIB(ldns, ldns_rr_new, , [
- AC_MSG_ERROR([Can't find ldns library])
- ]
- )
-fi
-
-AC_SUBST(LDNSDIR)
-
-AH_BOTTOM([
-
-#include <stdio.h>
-#include <string.h>
-#include <unistd.h>
-#include <assert.h>
-
-#if STDC_HEADERS
-#include <stdlib.h>
-#include <stddef.h>
-#endif
-
-#ifdef HAVE_STDINT_H
-#include <stdint.h>
-#endif
-
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-
-#ifdef HAVE_NETINET_UDP_H
-#include <netinet/udp.h>
-#endif
-
-#ifdef HAVE_TIME_H
-#include <time.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_SYSTM_H
-#include <netinet/in_systm.h>
-#endif
-
-#ifdef HAVE_NETINET_IP_H
-#include <netinet/ip.h>
-#endif
-
-#ifdef HAVE_NET_IF_H
-#include <net/if.h>
-#endif
-
-#ifdef HAVE_NETINET_IF_ETHER_H
-#include <netinet/if_ether.h>
-#endif
-
-#ifdef HAVE_WINSOCK2_H
-#define USE_WINSOCK 1
-#include <winsock2.h>
-#endif
-
-#ifdef HAVE_WS2TCPIP_H
-#include <ws2tcpip.h>
-#endif
-
-extern char *optarg;
-extern int optind, opterr;
-
-#ifndef EXIT_FAILURE
-#define EXIT_FAILURE 1
-#endif
-#ifndef EXIT_SUCCESS
-#define EXIT_SUCCESS 0
-#endif
-
-#ifdef S_SPLINT_S
-#define FD_ZERO(a) /* a */
-#define FD_SET(a,b) /* a, b */
-#endif
-])
-
-AC_CONFIG_FILES([Makefile
- drill.h
- ])
-AC_CONFIG_HEADER([config.h])
-AC_OUTPUT
+++ /dev/null
-/*
- * dnssec.c
- * Some DNSSEC helper function are defined here
- * and tracing is done
- * (c) 2005 NLnet Labs
- *
- * See the file LICENSE for the license
- *
- */
-
-#include "drill.h"
-#include <ldns/ldns.h>
-
-/* get rr_type from a server from a server */
-ldns_rr_list *
-get_rr(ldns_resolver *res, ldns_rdf *zname, ldns_rr_type t, ldns_rr_class c)
-{
- /* query, retrieve, extract and return */
- ldns_pkt *p;
- ldns_rr_list *found;
-
- p = ldns_pkt_new();
- found = NULL;
-
- if (ldns_resolver_send(&p, res, zname, t, c, 0) != LDNS_STATUS_OK) {
- /* oops */
- return NULL;
- } else {
- found = ldns_pkt_rr_list_by_type(p, t, LDNS_SECTION_ANY_NOQUESTION);
- }
- return found;
-}
-
-void
-drill_pkt_print(FILE *fd, ldns_resolver *r, ldns_pkt *p)
-{
- ldns_rr_list *new_nss;
- ldns_rr_list *hostnames;
-
- if (verbosity < 5) {
- return;
- }
-
- hostnames = ldns_get_rr_list_name_by_addr(r, ldns_pkt_answerfrom(p), 0, 0);
-
- new_nss = ldns_pkt_rr_list_by_type(p,
- LDNS_RR_TYPE_NS, LDNS_SECTION_ANSWER);
- ldns_rr_list_print(fd, new_nss);
-
- /* new_nss can be empty.... */
-
- fprintf(fd, ";; Received %d bytes from %s#%d(",
- (int) ldns_pkt_size(p),
- ldns_rdf2str(ldns_pkt_answerfrom(p)),
- (int) ldns_resolver_port(r));
- /* if we can resolve this print it, other print the ip again */
- if (hostnames) {
- ldns_rdf_print(fd,
- ldns_rr_rdf(ldns_rr_list_rr(hostnames, 0), 0));
- ldns_rr_list_deep_free(hostnames);
- } else {
- fprintf(fd, "%s", ldns_rdf2str(ldns_pkt_answerfrom(p)));
- }
- fprintf(fd, ") in %u ms\n\n", (unsigned int)ldns_pkt_querytime(p));
-}
-
-void
-drill_pkt_print_footer(FILE *fd, ldns_resolver *r, ldns_pkt *p)
-{
- ldns_rr_list *hostnames;
-
- if (verbosity < 5) {
- return;
- }
-
- hostnames = ldns_get_rr_list_name_by_addr(r, ldns_pkt_answerfrom(p), 0, 0);
-
- fprintf(fd, ";; Received %d bytes from %s#%d(",
- (int) ldns_pkt_size(p),
- ldns_rdf2str(ldns_pkt_answerfrom(p)),
- (int) ldns_resolver_port(r));
- /* if we can resolve this print it, other print the ip again */
- if (hostnames) {
- ldns_rdf_print(fd,
- ldns_rr_rdf(ldns_rr_list_rr(hostnames, 0), 0));
- ldns_rr_list_deep_free(hostnames);
- } else {
- fprintf(fd, "%s", ldns_rdf2str(ldns_pkt_answerfrom(p)));
- }
- fprintf(fd, ") in %u ms\n\n", (unsigned int)ldns_pkt_querytime(p));
-}
-/*
- * generic function to get some RRset from a nameserver
- * and possible some signatures too (that would be the day...)
- */
-ldns_pkt_type
-get_dnssec_rr(ldns_pkt *p, ldns_rdf *name, ldns_rr_type t,
- ldns_rr_list **rrlist, ldns_rr_list **sig)
-{
- ldns_pkt_type pt = LDNS_PACKET_UNKNOWN;
- ldns_rr_list *rr = NULL;
- ldns_rr_list *sigs = NULL;
- size_t i;
-
- if (!p) {
- if (rrlist) {
- *rrlist = NULL;
- }
- return LDNS_PACKET_UNKNOWN;
- }
-
- pt = ldns_pkt_reply_type(p);
- if (name) {
- rr = ldns_pkt_rr_list_by_name_and_type(p, name, t, LDNS_SECTION_ANSWER);
- if (!rr) {
- rr = ldns_pkt_rr_list_by_name_and_type(p, name, t, LDNS_SECTION_AUTHORITY);
- }
- sigs = ldns_pkt_rr_list_by_name_and_type(p, name, LDNS_RR_TYPE_RRSIG,
- LDNS_SECTION_ANSWER);
- if (!sigs) {
- sigs = ldns_pkt_rr_list_by_name_and_type(p, name, LDNS_RR_TYPE_RRSIG,
- LDNS_SECTION_AUTHORITY);
- }
- } else {
- /* A DS-referral - get the DS records if they are there */
- rr = ldns_pkt_rr_list_by_type(p, t, LDNS_SECTION_AUTHORITY);
- sigs = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_RRSIG,
- LDNS_SECTION_AUTHORITY);
- }
- if (sig) {
- *sig = ldns_rr_list_new();
- for (i = 0; i < ldns_rr_list_rr_count(sigs); i++) {
- /* only add the sigs that cover this type */
- if (ldns_rdf2rr_type(ldns_rr_rrsig_typecovered(ldns_rr_list_rr(sigs, i))) ==
- t) {
- ldns_rr_list_push_rr(*sig, ldns_rr_clone(ldns_rr_list_rr(sigs, i)));
- }
- }
- }
- ldns_rr_list_deep_free(sigs);
- if (rrlist) {
- *rrlist = rr;
- }
-
- if (pt == LDNS_PACKET_NXDOMAIN || pt == LDNS_PACKET_NODATA) {
- return pt;
- } else {
- return LDNS_PACKET_ANSWER;
- }
-}
-
-
-ldns_status
-ldns_verify_denial(ldns_pkt *pkt, ldns_rdf *name, ldns_rr_type type, ldns_rr_list **nsec_rrs, ldns_rr_list **nsec_rr_sigs)
-{
- uint16_t nsec_i;
-
- ldns_rr_list *nsecs;
- ldns_status result;
-
- if (verbosity >= 5) {
- printf("VERIFY DENIAL FROM:\n");
- ldns_pkt_print(stdout, pkt);
- }
-
- result = LDNS_STATUS_CRYPTO_NO_RRSIG;
- /* Try to see if there are NSECS in the packet */
- nsecs = ldns_pkt_rr_list_by_type(pkt, LDNS_RR_TYPE_NSEC, LDNS_SECTION_ANY_NOQUESTION);
- if (nsecs) {
- for (nsec_i = 0; nsec_i < ldns_rr_list_rr_count(nsecs); nsec_i++) {
- /* there are four options:
- * - name equals ownername and is covered by the type bitmap
- * - name equals ownername but is not covered by the type bitmap
- * - name falls within nsec coverage but is not equal to the owner name
- * - name falls outside of nsec coverage
- */
- if (ldns_dname_compare(ldns_rr_owner(ldns_rr_list_rr(nsecs, nsec_i)), name) == 0) {
- /*
- printf("CHECKING NSEC:\n");
- ldns_rr_print(stdout, ldns_rr_list_rr(nsecs, nsec_i));
- printf("DAWASEM\n");
- */
- if (ldns_nsec_bitmap_covers_type(
- ldns_nsec_get_bitmap(ldns_rr_list_rr(nsecs,
- nsec_i)),
- type)) {
- /* Error, according to the nsec this rrset is signed */
- result = LDNS_STATUS_CRYPTO_NO_RRSIG;
- } else {
- /* ok nsec denies existence */
- if (verbosity >= 3) {
- printf(";; Existence of data set with this type denied by NSEC\n");
- }
- /*printf(";; Verifiably insecure.\n");*/
- if (nsec_rrs && nsec_rr_sigs) {
- (void) get_dnssec_rr(pkt, ldns_rr_owner(ldns_rr_list_rr(nsecs, nsec_i)), LDNS_RR_TYPE_NSEC, nsec_rrs, nsec_rr_sigs);
- }
- ldns_rr_list_deep_free(nsecs);
- return LDNS_STATUS_OK;
- }
- } else if (ldns_nsec_covers_name(ldns_rr_list_rr(nsecs, nsec_i), name)) {
- if (verbosity >= 3) {
- printf(";; Existence of data set with this name denied by NSEC\n");
- }
- if (nsec_rrs && nsec_rr_sigs) {
- (void) get_dnssec_rr(pkt, ldns_rr_owner(ldns_rr_list_rr(nsecs, nsec_i)), LDNS_RR_TYPE_NSEC, nsec_rrs, nsec_rr_sigs);
- }
- ldns_rr_list_deep_free(nsecs);
- return LDNS_STATUS_OK;
- } else {
- /* nsec has nothing to do with this data */
- }
- }
- ldns_rr_list_deep_free(nsecs);
- } else if( (nsecs = ldns_pkt_rr_list_by_type(pkt, LDNS_RR_TYPE_NSEC3, LDNS_SECTION_ANY_NOQUESTION)) ) {
- ldns_rr_list* sigs = ldns_pkt_rr_list_by_type(pkt, LDNS_RR_TYPE_RRSIG, LDNS_SECTION_ANY_NOQUESTION);
- ldns_rr* q = ldns_rr_new();
- if(!sigs) return LDNS_STATUS_MEM_ERR;
- if(!q) return LDNS_STATUS_MEM_ERR;
- ldns_rr_set_question(q, 1);
- ldns_rr_set_ttl(q, 0);
- ldns_rr_set_owner(q, ldns_rdf_clone(name));
- if(!ldns_rr_owner(q)) return LDNS_STATUS_MEM_ERR;
- ldns_rr_set_type(q, type);
-
- result = ldns_dnssec_verify_denial_nsec3(q, nsecs, sigs, ldns_pkt_get_rcode(pkt), type, ldns_pkt_ancount(pkt) == 0);
- ldns_rr_free(q);
- ldns_rr_list_deep_free(nsecs);
- ldns_rr_list_deep_free(sigs);
- }
- return result;
-}
-
-/* NSEC3 draft -07 */
-/*return hash name match*/
-ldns_rr *
-ldns_nsec3_exact_match(ldns_rdf *qname, ldns_rr_type qtype, ldns_rr_list *nsec3s) {
- uint8_t algorithm;
- uint32_t iterations;
- uint8_t salt_length;
- uint8_t *salt;
-
- ldns_rdf *sname, *hashed_sname;
-
- size_t nsec_i;
- ldns_rr *nsec;
- ldns_rr *result = NULL;
-
- ldns_status status;
-
- const ldns_rr_descriptor *descriptor;
-
- ldns_rdf *zone_name;
-
- if (verbosity >= 4) {
- printf(";; finding exact match for ");
- descriptor = ldns_rr_descript(qtype);
- if (descriptor && descriptor->_name) {
- printf("%s ", descriptor->_name);
- } else {
- printf("TYPE%d ", qtype);
- }
- ldns_rdf_print(stdout, qname);
- printf("\n");
- }
-
- if (!qname || !nsec3s || ldns_rr_list_rr_count(nsec3s) < 1) {
- if (verbosity >= 4) {
- printf("no qname, nsec3s or list empty\n");
- }
- return NULL;
- }
-
- nsec = ldns_rr_list_rr(nsec3s, 0);
- algorithm = ldns_nsec3_algorithm(nsec);
- salt_length = ldns_nsec3_salt_length(nsec);
- salt = ldns_nsec3_salt_data(nsec);
- iterations = ldns_nsec3_iterations(nsec);
-
- sname = ldns_rdf_clone(qname);
-
- if (verbosity >= 4) {
- printf(";; owner name hashes to: ");
- }
- hashed_sname = ldns_nsec3_hash_name(sname, algorithm, iterations, salt_length, salt);
-
- zone_name = ldns_dname_left_chop(ldns_rr_owner(nsec));
- status = ldns_dname_cat(hashed_sname, zone_name);
-
- if (verbosity >= 4) {
- ldns_rdf_print(stdout, hashed_sname);
- printf("\n");
- }
-
- for (nsec_i = 0; nsec_i < ldns_rr_list_rr_count(nsec3s); nsec_i++) {
- nsec = ldns_rr_list_rr(nsec3s, nsec_i);
-
- /* check values of iterations etc! */
-
- /* exact match? */
- if (ldns_dname_compare(ldns_rr_owner(nsec), hashed_sname) == 0) {
- result = nsec;
- goto done;
- }
-
- }
-
-done:
- ldns_rdf_deep_free(zone_name);
- ldns_rdf_deep_free(sname);
- ldns_rdf_deep_free(hashed_sname);
- LDNS_FREE(salt);
-
- if (verbosity >= 4) {
- if (result) {
- printf(";; Found.\n");
- } else {
- printf(";; Not foud.\n");
- }
- }
- return result;
-}
-
-/*return the owner name of the closest encloser for name from the list of rrs */
-/* this is NOT the hash, but the original name! */
-ldns_rdf *
-ldns_nsec3_closest_encloser(ldns_rdf *qname, ldns_rr_type qtype, ldns_rr_list *nsec3s)
-{
- /* remember parameters, they must match */
- uint8_t algorithm;
- uint32_t iterations;
- uint8_t salt_length;
- uint8_t *salt;
-
- ldns_rdf *sname, *hashed_sname, *tmp;
- ldns_rr *ce;
- bool flag;
-
- bool exact_match_found;
- bool in_range_found;
-
- ldns_status status;
- ldns_rdf *zone_name;
-
- size_t nsec_i;
- ldns_rr *nsec;
- ldns_rdf *result = NULL;
-
- if (!qname || !nsec3s || ldns_rr_list_rr_count(nsec3s) < 1) {
- return NULL;
- }
-
- if (verbosity >= 4) {
- printf(";; finding closest encloser for type %d ", qtype);
- ldns_rdf_print(stdout, qname);
- printf("\n");
- }
-
- nsec = ldns_rr_list_rr(nsec3s, 0);
- algorithm = ldns_nsec3_algorithm(nsec);
- salt_length = ldns_nsec3_salt_length(nsec);
- salt = ldns_nsec3_salt_data(nsec);
- iterations = ldns_nsec3_iterations(nsec);
-
- sname = ldns_rdf_clone(qname);
-
- ce = NULL;
- flag = false;
-
- zone_name = ldns_dname_left_chop(ldns_rr_owner(nsec));
-
- /* algorithm from nsec3-07 8.3 */
- while (ldns_dname_label_count(sname) > 0) {
- exact_match_found = false;
- in_range_found = false;
-
- if (verbosity >= 3) {
- printf(";; ");
- ldns_rdf_print(stdout, sname);
- printf(" hashes to: ");
- }
- hashed_sname = ldns_nsec3_hash_name(sname, algorithm, iterations, salt_length, salt);
-
- status = ldns_dname_cat(hashed_sname, zone_name);
-
- if (verbosity >= 3) {
- ldns_rdf_print(stdout, hashed_sname);
- printf("\n");
- }
-
- for (nsec_i = 0; nsec_i < ldns_rr_list_rr_count(nsec3s); nsec_i++) {
- nsec = ldns_rr_list_rr(nsec3s, nsec_i);
-
- /* check values of iterations etc! */
-
- /* exact match? */
- if (ldns_dname_compare(ldns_rr_owner(nsec), hashed_sname) == 0) {
- if (verbosity >= 4) {
- printf(";; exact match found\n");
- }
- exact_match_found = true;
- } else if (ldns_nsec_covers_name(nsec, hashed_sname)) {
- if (verbosity >= 4) {
- printf(";; in range of an nsec\n");
- }
- in_range_found = true;
- }
-
- }
- if (!exact_match_found && in_range_found) {
- flag = true;
- } else if (exact_match_found && flag) {
- result = ldns_rdf_clone(sname);
- } else if (exact_match_found && !flag) {
- // error!
- if (verbosity >= 4) {
- printf(";; the closest encloser is the same name (ie. this is an exact match, ie there is no closest encloser)\n");
- }
- ldns_rdf_deep_free(hashed_sname);
- goto done;
- } else {
- flag = false;
- }
-
- ldns_rdf_deep_free(hashed_sname);
- tmp = sname;
- sname = ldns_dname_left_chop(sname);
- ldns_rdf_deep_free(tmp);
- }
-
- done:
- LDNS_FREE(salt);
- ldns_rdf_deep_free(zone_name);
- ldns_rdf_deep_free(sname);
-
- if (!result) {
- if (verbosity >= 4) {
- printf(";; no closest encloser found\n");
- }
- }
-
- /* todo checks from end of 6.2. here or in caller? */
- return result;
-}
-
-
-/* special case were there was a wildcard expansion match, the exact match must be disproven */
-ldns_status
-ldns_verify_denial_wildcard(ldns_pkt *pkt, ldns_rdf *name, ldns_rr_type type, ldns_rr_list **nsec_rrs, ldns_rr_list **nsec_rr_sigs)
-{
- ldns_rdf *nsec3_ce = NULL;
- ldns_rr *nsec3_ex = NULL;
- ldns_rdf *wildcard_name = NULL;
- ldns_rdf *nsec3_wc_ce = NULL;
- ldns_rr *nsec3_wc_ex = NULL;
- ldns_rdf *chopped_dname = NULL;
- ldns_rr_list *nsecs;
- ldns_status result = LDNS_STATUS_ERR;
-
- nsecs = ldns_pkt_rr_list_by_type(pkt, LDNS_RR_TYPE_NSEC3, LDNS_SECTION_ANY_NOQUESTION);
- if (nsecs) {
- wildcard_name = ldns_dname_new_frm_str("*");
- chopped_dname = ldns_dname_left_chop(name);
- result = ldns_dname_cat(wildcard_name, chopped_dname);
- ldns_rdf_deep_free(chopped_dname);
-
- nsec3_ex = ldns_nsec3_exact_match(name, type, nsecs);
- nsec3_ce = ldns_nsec3_closest_encloser(name, type, nsecs);
- nsec3_wc_ce = ldns_nsec3_closest_encloser(wildcard_name, type, nsecs);
- nsec3_wc_ex = ldns_nsec3_exact_match(wildcard_name, type, nsecs);
-
- if (nsec3_ex) {
- if (verbosity >= 3) {
- printf(";; Error, exact match for for name found, but should not exist (draft -07 section 8.8)\n");
- }
- result = LDNS_STATUS_NSEC3_ERR;
- } else if (!nsec3_ce) {
- if (verbosity >= 3) {
- printf(";; Error, closest encloser for exact match missing in wildcard response (draft -07 section 8.8)\n");
- }
- result = LDNS_STATUS_NSEC3_ERR;
-/*
- } else if (!nsec3_wc_ex) {
- printf(";; Error, no wildcard nsec3 match: ");
- ldns_rdf_print(stdout, wildcard_name);
- printf(" (draft -07 section 8.8)\n");
- result = LDNS_STATUS_NSEC3_ERR;
-*/
-/* } else if (!nsec */
- } else {
- if (verbosity >= 3) {
- printf(";; wilcard expansion proven\n");
- }
- result = LDNS_STATUS_OK;
- }
- } else {
- if (verbosity >= 3) {
- printf(";; Error: no NSEC or NSEC3 records in answer\n");
- }
- result = LDNS_STATUS_CRYPTO_NO_RRSIG;
- }
-
- if (nsecs && nsec_rrs && nsec_rr_sigs) {
- (void) get_dnssec_rr(pkt, ldns_rr_owner(ldns_rr_list_rr(nsecs, 0)), LDNS_RR_TYPE_NSEC3, nsec_rrs, nsec_rr_sigs);
- }
- return result;
-}
-
-
+++ /dev/null
-.\" @(#)drill.1 1.7.0 14-Jul-2004 OF;
-.TH drill 1 "28 May 2006"
-.SH NAME
-drill \- get (debug) information out of DNS(SEC)
-.SH SYNOPSIS
-.B drill
-[
-.IR OPTIONS
-]
-.IR name
-[
-.IR @server
-]
-[
-.IR type
-]
-[
-.IR class
-]
-
-.SH DESCRIPTION
-\fBdrill\fR is a tool to designed to get all sorts of information out of the
-DNS. It is specificly designed to be used with DNSSEC.
-.PP
-The name \fBdrill\fR is a pun on \fBdig\fR. With \fBdrill\fR you should be able
-get even more information than with \fBdig\fR.
-.PP
-If no arguments are given class defaults to 'IN' and type to 'A'. The
-server(s) specified in /etc/resolv.conf are used to query against.
-
-.PP
-\fIname\fR
-Ask for this name.
-
-.PP
-\fI@server\fR
-Send to query to this server. If not specified use the nameservers from
-\fI/etc/resolv.conf\fR.
-
-.PP
-\fItype\fR
-Ask for this RR type. If type is not given on the command line it defaults
-to 'A'. Except when doing to reverse lookup when it defaults to 'PTR'.
-
-.PP
-\fIclass\fR
-Use this class when querying.
-
-.SH SAMPLE USAGE
-\fBdrill mx miek.nl\fR
-Show the MX records of the domain miek.nl
-
-.TP
-\fBdrill -S jelte.nlnetlabs.nl\fR
-Chase any signatures in the jelte.nlnetlab.nl domain. This option is
-only available when ldns has been compiled with openssl-support.
-
-.TP
-\fBdrill -TD www.example.com\fR
-Do a DNSSEC (-D) trace (-T) from the rootservers down to www.example.com.
-This option only works when ldns has been compiled with openssl support.
-
-.TP
-\fBdrill -s dnskey jelte.nlnetlabs.nl\fR
-Show the DNSKEY record(s) for jelte.nlnetlabs.nl. For each found DNSKEY
-record also print the DS record.
-
-.SH OPTIONS
-
-.TP
-\fB\-D
-Enable DNSSEC in the query. When querying for DNSSEC types (DNSKEY, RRSIG,
-DS and NSEC) this is \fInot\fR automaticly enabled.
-
-.TP
-\fB\-T
-Trace \fIname\fR from the root down. When using this option the @server and
-the type arguments are not used.
-
-.TP
-\fB\-S
-Chase the signature(s) of 'name' to a known key or as high up in
-the tree as possible.
-
-.TP
-\fB\-V \fIlevel\fR
-Be more verbose. Set level to 5 to see the actual query that is sent.
-
-.TP
-\fB\-Q
-Quiet mode, this overrules -V.
-
-.TP
-\fB\-f \fIfile\fR
-Read the query from a file. The query must be dumped with -w.
-
-.TP
-\fB\-i \fIfile\fR
-read the answer from the file instead from the network. This aids
-in debugging and can be used to check if a query on disk is valid.
-If the file contains binary data it is assumed to be a query in
-network order.
-
-.TP
-\fB\-w \fIfile\fR
-Write an answer packet to file.
-
-.TP
-\fB\-q \fIfile\fR
-Write the query packet to file.
-
-.TP
-\fB\-v
-Show drill's version.
-
-.TP
-\fB\-h
-Show a short help message.
-
-.SS QUERY OPTIONS
-
-.TP
-\fB\-4
-Stay on ip4. Only send queries to ip4 enabled nameservers.
-
-.TP
-\fB\-6
-Stay on ip6. Only send queries to ip6 enabled nameservers.
-
-.TP
-\fB\-a
-Use the resolver structure's fallback mechanism if the answer
-is truncated (TC=1). If a truncated packet is received and this
-option is set, drill will first send a new query with EDNS0
-buffer size 4096.
-
-If the EDNS0 buffer size was already set to 512+ bytes, or the
-above retry also results in a truncated answer, the resolver
-structure will fall back to TCP.
-
-.TP
-\fB\-b \fIsize\fR
-Use size as the buffer size in the EDNS0 pseudo RR.
-
-.TP
-\fB\-c \fIfile\fR
-Use file instead of /etc/resolv.conf for nameserver configuration.
-
-.TP
-\fB\-d \fIdomain\fR
-When tracing (-T), start from this domain instead of the root.
-
-.TP
-\fB\-t
-Use TCP/IP when querying a server
-
-.TP
-\fB\-k \fIkeyfile\fR
-Use this file to read a (trusted) key from. When this options is
-given \fBdrill\fR tries to validate the current answer with this
-key. No chasing is done. When \fBdrill\fR is doing a secure trace, this
-key will be used as trust anchor. Can contain a DNSKEY or a DS record.
-
-.TP
-\fB\-o \fImnemonic\fR
-Use this option to set or unset specific header bits. A bit is
-set by using the bit mnemonic in CAPITAL letters. A bit is unset when
-the mnemonic is given in lowercase. The following mnemonics are
-understood by \fBdrill\fR:
-
- QR, qr: set, unset QueRy (default: on)
- AA, aa: set, unset Authoritative Answer (default: off)
- TC, tc: set, unset TrunCated (default: off)
- RD, rd: set, unset Recursion Desired (default: on)
- CD, cd: set, unset Checking Disabled (default: off)
- RA, ra: set, unset Recursion Available (default: off)
- AD, ad: set, unset Authenticated Data (default: off)
-
-Thus: \fB-o CD\fR, will enable Checking Disabled, which instructs the
-cache to not validate the answers it gives out.
-
-.TP
-\fB\-p \fIport\fR
-Use this port instead of the default of 53.
-
-.TP
-\fB\-r \fIfile\fR
-When tracing (-T), use file as a root servers hint file.
-
-.TP
-\fB\-s
-When encountering a DNSKEY print the equivalent DS also.
-
-.TP
-\fB\-u
-Use UDP when querying a server. This is the default.
-
-.TP
-\fB\-w \fIfile\fR
-write the answer to a file. The file will contain a hexadecimal dump
-of the query. This can be used in conjunction with -f.
-
-.TP
-\fB\-x
-Do a reverse loopup. The type argument is not used, it is preset to PTR.
-
-.TP
-\fB\-y \fI<name:key[:algo]>\fR
-specify named base64 tsig key, and optional an algorithm (defaults to hmac-md5.sig-alg.reg.int)
-
-.TP
-\fB\-z \fR
-don't randomize the nameserver list before sending queries.
-
-
-.SH AUTHOR
-Jelte Jansen and Miek Gieben. Both of NLnet Labs.
-
-.SH REPORTING BUGS
-Report bugs to <ldns-team@nlnetlabs.nl>.
-
-.SH BUGS
-
-.SH COPYRIGHT
-Copyright (c) 2004-2008 NLnet Labs.
-Licensed under the revised BSD license. There is NO warranty; not even for MERCHANTABILITY or
-FITNESS FOR A PARTICULAR PURPOSE.
-
-.SH SEE ALSO
-\fBdig\fR(1), \fIRFC403{3,4,5}\fR.
+++ /dev/null
-/*
- * drill.c
- * the main file of drill
- * (c) 2005-2008 NLnet Labs
- *
- * See the file LICENSE for the license
- *
- */
-
-#include "drill.h"
-#include <ldns/ldns.h>
-
-#ifdef HAVE_SSL
-#include <openssl/err.h>
-#endif
-
-#define IP6_ARPA_MAX_LEN 65
-
-/* query debug, 2 hex dumps */
-int verbosity;
-
-static void
-usage(FILE *stream, const char *progname)
-{
- fprintf(stream, " Usage: %s name [@server] [type] [class]\n", progname);
- fprintf(stream, "\t<name> can be a domain name or an IP address (-x lookups)\n");
- fprintf(stream, "\t<type> defaults to A\n");
- fprintf(stream, "\t<class> defaults to IN\n");
- fprintf(stream, "\n\targuments may be placed in random order\n");
- fprintf(stream, "\n Options:\n");
- fprintf(stream, "\t-D\t\tenable DNSSEC (DO bit)\n");
-#ifdef HAVE_SSL
- fprintf(stream, "\t-T\t\ttrace from the root down to <name>\n");
- fprintf(stream, "\t-S\t\tchase signature(s) from <name> to a know key [*]\n");
-#endif /*HAVE_SSL*/
- fprintf(stream, "\t-V <number>\tverbosity (0-5)\n");
- fprintf(stream, "\t-Q\t\tquiet mode (overrules -V)\n");
- fprintf(stream, "\n");
- fprintf(stream, "\t-f file\t\tread packet from file and send it\n");
- fprintf(stream, "\t-i file\t\tread packet from file and print it\n");
- fprintf(stream, "\t-w file\t\twrite answer packet to file\n");
- fprintf(stream, "\t-q file\t\twrite query packet to file\n");
- fprintf(stream, "\t-h\t\tshow this help\n");
- fprintf(stream, "\t-v\t\tshow version\n");
- fprintf(stream, "\n Query options:\n");
- fprintf(stream, "\t-4\t\tstay on ip4\n");
- fprintf(stream, "\t-6\t\tstay on ip6\n");
- fprintf(stream, "\t-a\t\tfallback to EDNS0 and TCP if the answer is truncated\n");
- fprintf(stream, "\t-b <bufsize>\tuse <bufsize> as the buffer size (defaults to 512 b)\n");
- fprintf(stream, "\t-c <file>\t\tuse file for rescursive nameserver configuration (/etc/resolv.conf)\n");
- fprintf(stream, "\t-k <file>\tspecify a file that contains a trusted DNSSEC key (DNSKEY|DS) [**]\n");
- fprintf(stream, "\t\t\tused to verify any signatures in the current answer\n");
- fprintf(stream, "\t-o <mnemonic>\tset flags to: [QR|qr][AA|aa][TC|tc][RD|rd][CD|cd][RA|ra][AD|ad]\n");
- fprintf(stream, "\t\t\tlowercase: unset bit, uppercase: set bit\n");
- fprintf(stream, "\t-p <port>\tuse <port> as remote port number\n");
- fprintf(stream, "\t-s\t\tshow the DS RR for each key in a packet\n");
- fprintf(stream, "\t-u\t\tsend the query with udp (the default)\n");
- fprintf(stream, "\t-x\t\tdo a reverse lookup\n");
- fprintf(stream, "\twhen doing a secure trace:\n");
- fprintf(stream, "\t-r <file>\t\tuse file as root servers hint file\n");
- fprintf(stream, "\t-t\t\tsend the query with tcp (connected)\n");
- fprintf(stream, "\t-d <domain>\t\tuse domain as the start point for the trace\n");
- fprintf(stream, "\t-y <name:key[:algo]>\tspecify named base64 tsig key, and optional an\n\t\t\talgorithm (defaults to hmac-md5.sig-alg.reg.int)\n");
- fprintf(stream, "\t-z\t\tdon't randomize the nameservers before use\n");
- fprintf(stream, "\n [*] = enables/implies DNSSEC\n");
- fprintf(stream, " [**] = can be given more than once\n");
- fprintf(stream, "\n ldns-team@nlnetlabs.nl | http://www.nlnetlabs.nl/ldns/\n");
-}
-
-/**
- * Prints the drill version to stderr
- */
-static void
-version(FILE *stream, const char *progname)
-{
- fprintf(stream, "%s version %s (ldns version %s)\n", progname, DRILL_VERSION, ldns_version());
- fprintf(stream, "Written by NLnet Labs.\n");
- fprintf(stream, "\nCopyright (c) 2004-2008 NLnet Labs.\n");
- fprintf(stream, "Licensed under the revised BSD license.\n");
- fprintf(stream, "There is NO warranty; not even for MERCHANTABILITY or FITNESS\n");
- fprintf(stream, "FOR A PARTICULAR PURPOSE.\n");
-}
-
-
-/**
- * Main function of drill
- * parse the arguments and prepare a query
- */
-int
-main(int argc, char *argv[])
-{
- ldns_resolver *res = NULL;
- ldns_resolver *cmdline_res = NULL; /* only used to resolv @name names */
- ldns_rr_list *cmdline_rr_list = NULL;
- ldns_rdf *cmdline_dname = NULL;
- ldns_rdf *qname, *qname_tmp;
- ldns_pkt *pkt;
- ldns_pkt *qpkt;
- char *serv;
- char *name;
- char *name2;
- char *progname;
- char *query_file = NULL;
- char *answer_file = NULL;
- ldns_buffer *query_buffer = NULL;
- ldns_rdf *serv_rdf;
- ldns_rr_type type;
- ldns_rr_class clas;
-#if 0
- ldns_pkt_opcode opcode = LDNS_PACKET_QUERY;
-#endif
- int i, c;
- int int_type;
- int int_clas;
- int PURPOSE;
- char *tsig_name = NULL;
- char *tsig_data = NULL;
- char *tsig_algorithm = NULL;
- size_t tsig_separator;
- size_t tsig_separator2;
- ldns_rr *axfr_rr;
- ldns_status status;
- char *type_str;
-
- /* list of keys used in dnssec operations */
- ldns_rr_list *key_list = ldns_rr_list_new();
- /* what key verify the current answer */
- ldns_rr_list *key_verified;
-
- /* resolver options */
- uint16_t qflags;
- uint16_t qbuf;
- uint16_t qport;
- uint8_t qfamily;
- bool qdnssec;
- bool qfallback;
- bool qds;
- bool qusevc;
- bool qrandom;
-
- char *resolv_conf_file = NULL;
-
- ldns_rdf *trace_start_name = NULL;
-
- int result = 0;
-
-#ifdef USE_WINSOCK
- int r;
- WSADATA wsa_data;
-#endif
-
- int_type = -1; serv = NULL; type = 0;
- int_clas = -1; name = NULL; clas = 0;
- qname = NULL;
- progname = strdup(argv[0]);
-
-#ifdef USE_WINSOCK
- r = WSAStartup(MAKEWORD(2,2), &wsa_data);
- if(r != 0) {
- printf("Failed WSAStartup: %d\n", r);
- result = EXIT_FAILURE;
- goto exit;
- }
-#endif /* USE_WINSOCK */
-
-
- PURPOSE = DRILL_QUERY;
- qflags = LDNS_RD;
- qport = LDNS_PORT;
- verbosity = 2;
- qdnssec = false;
- qfamily = LDNS_RESOLV_INETANY;
- qfallback = false;
- qds = false;
- qbuf = 0;
- qusevc = false;
- qrandom = true;
- key_verified = NULL;
-
- ldns_init_random(NULL, 0);
-
- if (argc == 0) {
- usage(stdout, progname);
- result = EXIT_FAILURE;
- goto exit;
- }
-
- /* string from orig drill: "i:w:I46Sk:TNp:b:DsvhVcuaq:f:xr" */
- /* global first, query opt next, option with parm's last
- * and sorted */ /* "46DITSVQf:i:w:q:achuvxzy:so:p:b:k:" */
-
- while ((c = getopt(argc, argv, "46ab:c:d:Df:hi:Ik:o:p:q:Qr:sStTuvV:w:xy:z")) != -1) {
- switch(c) {
- /* global options */
- case '4':
- qfamily = LDNS_RESOLV_INET;
- break;
- case '6':
- qfamily = LDNS_RESOLV_INET6;
- break;
- case 'D':
- qdnssec = true;
- break;
- case 'I':
- /* reserved for backward compatibility */
- break;
- case 'T':
- if (PURPOSE == DRILL_CHASE) {
- fprintf(stderr, "-T and -S cannot be used at the same time.\n");
- exit(EXIT_FAILURE);
- }
- PURPOSE = DRILL_TRACE;
- break;
-#ifdef HAVE_SSL
- case 'S':
- if (PURPOSE == DRILL_TRACE) {
- fprintf(stderr, "-T and -S cannot be used at the same time.\n");
- exit(EXIT_FAILURE);
- }
- PURPOSE = DRILL_CHASE;
- break;
-#endif /* HAVE_SSL */
- case 'V':
- verbosity = atoi(optarg);
- break;
- case 'Q':
- verbosity = -1;
- break;
- case 'f':
- query_file = optarg;
- break;
- case 'i':
- answer_file = optarg;
- PURPOSE = DRILL_AFROMFILE;
- break;
- case 'w':
- answer_file = optarg;
- break;
- case 'q':
- query_file = optarg;
- PURPOSE = DRILL_QTOFILE;
- break;
- case 'r':
- if (global_dns_root) {
- fprintf(stderr, "There was already a series of root servers set\n");
- exit(EXIT_FAILURE);
- }
- global_dns_root = read_root_hints(optarg);
- if (!global_dns_root) {
- fprintf(stderr, "Unable to read root hints file %s, aborting\n", optarg);
- exit(EXIT_FAILURE);
- }
- break;
- /* query options */
- case 'a':
- qfallback = true;
- break;
- case 'b':
- qbuf = (uint16_t)atoi(optarg);
- if (qbuf == 0) {
- error("%s", "<bufsize> could not be converted");
- }
- break;
- case 'c':
- resolv_conf_file = optarg;
- break;
- case 't':
- qusevc = true;
- break;
- case 'k':
- status = read_key_file(optarg, key_list);
- if (status != LDNS_STATUS_OK) {
- error("Could not parse the key file %s: %s", optarg, ldns_get_errorstr_by_id(status));
- }
- qdnssec = true; /* enable that too */
- break;
- case 'o':
- /* only looks at the first hit: capital=ON, lowercase=OFF*/
- if (strstr(optarg, "QR")) {
- DRILL_ON(qflags, LDNS_QR);
- }
- if (strstr(optarg, "qr")) {
- DRILL_OFF(qflags, LDNS_QR);
- }
- if (strstr(optarg, "AA")) {
- DRILL_ON(qflags, LDNS_AA);
- }
- if (strstr(optarg, "aa")) {
- DRILL_OFF(qflags, LDNS_AA);
- }
- if (strstr(optarg, "TC")) {
- DRILL_ON(qflags, LDNS_TC);
- }
- if (strstr(optarg, "tc")) {
- DRILL_OFF(qflags, LDNS_TC);
- }
- if (strstr(optarg, "RD")) {
- DRILL_ON(qflags, LDNS_RD);
- }
- if (strstr(optarg, "rd")) {
- DRILL_OFF(qflags, LDNS_RD);
- }
- if (strstr(optarg, "CD")) {
- DRILL_ON(qflags, LDNS_CD);
- }
- if (strstr(optarg, "cd")) {
- DRILL_OFF(qflags, LDNS_CD);
- }
- if (strstr(optarg, "RA")) {
- DRILL_ON(qflags, LDNS_RA);
- }
- if (strstr(optarg, "ra")) {
- DRILL_OFF(qflags, LDNS_RA);
- }
- if (strstr(optarg, "AD")) {
- DRILL_ON(qflags, LDNS_AD);
- }
- if (strstr(optarg, "ad")) {
- DRILL_OFF(qflags, LDNS_AD);
- }
- break;
- case 'p':
- qport = (uint16_t)atoi(optarg);
- if (qport == 0) {
- error("%s", "<port> could not be converted");
- }
- break;
- case 's':
- qds = true;
- break;
- case 'u':
- qusevc = false;
- break;
- case 'v':
- version(stdout, progname);
- result = EXIT_SUCCESS;
- goto exit;
- case 'x':
- PURPOSE = DRILL_REVERSE;
- break;
- case 'y':
-#ifdef HAVE_SSL
- if (strchr(optarg, ':')) {
- tsig_separator = (size_t) (strchr(optarg, ':') - optarg);
- if (strchr(optarg + tsig_separator + 1, ':')) {
- tsig_separator2 = (size_t) (strchr(optarg + tsig_separator + 1, ':') - optarg);
- tsig_algorithm = xmalloc(strlen(optarg) - tsig_separator2);
- strncpy(tsig_algorithm, optarg + tsig_separator2 + 1, strlen(optarg) - tsig_separator2);
- tsig_algorithm[strlen(optarg) - tsig_separator2 - 1] = '\0';
- } else {
- tsig_separator2 = strlen(optarg);
- tsig_algorithm = xmalloc(26);
- strncpy(tsig_algorithm, "hmac-md5.sig-alg.reg.int.", 25);
- tsig_algorithm[25] = '\0';
- }
- tsig_name = xmalloc(tsig_separator + 1);
- tsig_data = xmalloc(tsig_separator2 - tsig_separator);
- strncpy(tsig_name, optarg, tsig_separator);
- strncpy(tsig_data, optarg + tsig_separator + 1, tsig_separator2 - tsig_separator - 1);
- /* strncpy does not append \0 if source is longer than n */
- tsig_name[tsig_separator] = '\0';
- tsig_data[ tsig_separator2 - tsig_separator - 1] = '\0';
- }
-#else
- fprintf(stderr, "TSIG requested, but SSL is not supported\n");
- result = EXIT_FAILURE;
- goto exit;
-#endif /* HAVE_SSL */
- break;
- case 'z':
- qrandom = false;
- break;
- case 'd':
- trace_start_name = ldns_dname_new_frm_str(optarg);
- if (!trace_start_name) {
- fprintf(stderr, "Unable to parse argument for -%c\n", c);
- result = EXIT_FAILURE;
- goto exit;
- }
- break;
- case 'h':
- version(stdout, progname);
- usage(stdout, progname);
- result = EXIT_SUCCESS;
- goto exit;
- break;
- default:
- fprintf(stderr, "Unknown argument: -%c, use -h to see usage\n", c);
- result = EXIT_FAILURE;
- goto exit;
- }
- }
- argc -= optind;
- argv += optind;
-
- /* do a secure trace when requested */
- if (PURPOSE == DRILL_TRACE && qdnssec) {
-#ifdef HAVE_SSL
- if (ldns_rr_list_rr_count(key_list) == 0) {
- warning("%s", "No trusted keys were given. Will not be able to verify authenticity!");
- }
- PURPOSE = DRILL_SECTRACE;
-#else
- fprintf(stderr, "ldns has not been compiled with OpenSSL support. Secure trace not available\n");
- exit(1);
-#endif /* HAVE_SSL */
- }
-
- /* parse the arguments, with multiple arguments, the last argument
- * found is used */
- for(i = 0; i < argc; i++) {
-
- /* if ^@ then it's a server */
- if (argv[i][0] == '@') {
- if (strlen(argv[i]) == 1) {
- warning("%s", "No nameserver given");
- exit(EXIT_FAILURE);
- }
- serv = argv[i] + 1;
- continue;
- }
- /* if has a dot, it's a name */
- if (strchr(argv[i], '.')) {
- name = argv[i];
- continue;
- }
- /* if it matches a type, it's a type */
- if (int_type == -1) {
- type = ldns_get_rr_type_by_name(argv[i]);
- if (type != 0) {
- int_type = 0;
- continue;
- }
- }
- /* if it matches a class, it's a class */
- if (int_clas == -1) {
- clas = ldns_get_rr_class_by_name(argv[i]);
- if (clas != 0) {
- int_clas = 0;
- continue;
- }
- }
- /* it all fails assume it's a name */
- name = argv[i];
- }
- /* act like dig and use for . NS */
- if (!name) {
- name = ".";
- int_type = 0;
- type = LDNS_RR_TYPE_NS;
- }
-
- /* defaults if not given */
- if (int_clas == -1) {
- clas = LDNS_RR_CLASS_IN;
- }
- if (int_type == -1) {
- if (PURPOSE != DRILL_REVERSE) {
- type = LDNS_RR_TYPE_A;
- } else {
- type = LDNS_RR_TYPE_PTR;
- }
- }
-
- /* set the nameserver to use */
- if (!serv) {
- /* no server given make a resolver from /etc/resolv.conf */
- status = ldns_resolver_new_frm_file(&res, resolv_conf_file);
- if (status != LDNS_STATUS_OK) {
- warning("Could not create a resolver structure: %s (%s)\n"
- "Try drill @localhost if you have a resolver running on your machine.",
- ldns_get_errorstr_by_id(status), resolv_conf_file);
- result = EXIT_FAILURE;
- goto exit;
- }
- } else {
- res = ldns_resolver_new();
- if (!res || strlen(serv) <= 0) {
- warning("Could not create a resolver structure");
- result = EXIT_FAILURE;
- goto exit;
- }
- /* add the nameserver */
- serv_rdf = ldns_rdf_new_addr_frm_str(serv);
- if (!serv_rdf) {
- /* try to resolv the name if possible */
- status = ldns_resolver_new_frm_file(&cmdline_res, resolv_conf_file);
-
- if (status != LDNS_STATUS_OK) {
- error("%s", "@server ip could not be converted");
- }
- ldns_resolver_set_dnssec(cmdline_res, qdnssec);
- ldns_resolver_set_ip6(cmdline_res, qfamily);
- ldns_resolver_set_fallback(cmdline_res, qfallback);
- ldns_resolver_set_usevc(cmdline_res, qusevc);
-
- cmdline_dname = ldns_dname_new_frm_str(serv);
-
- cmdline_rr_list = ldns_get_rr_list_addr_by_name(
- cmdline_res,
- cmdline_dname,
- LDNS_RR_CLASS_IN,
- qflags);
- ldns_rdf_deep_free(cmdline_dname);
- if (!cmdline_rr_list) {
- /* This error msg is not always accurate */
- error("%s `%s\'", "could not find any address for the name:", serv);
- } else {
- if (ldns_resolver_push_nameserver_rr_list(
- res,
- cmdline_rr_list
- ) != LDNS_STATUS_OK) {
- error("%s", "pushing nameserver");
- }
- }
- } else {
- if (ldns_resolver_push_nameserver(res, serv_rdf) != LDNS_STATUS_OK) {
- error("%s", "pushing nameserver");
- } else {
- ldns_rdf_deep_free(serv_rdf);
- }
- }
- }
- /* set the resolver options */
- ldns_resolver_set_port(res, qport);
- if (verbosity >= 5) {
- ldns_resolver_set_debug(res, true);
- } else {
- ldns_resolver_set_debug(res, false);
- }
- ldns_resolver_set_dnssec(res, qdnssec);
-/* ldns_resolver_set_dnssec_cd(res, qdnssec);*/
- ldns_resolver_set_ip6(res, qfamily);
- ldns_resolver_set_fallback(res, qfallback);
- ldns_resolver_set_usevc(res, qusevc);
- ldns_resolver_set_random(res, qrandom);
- if (qbuf != 0) {
- ldns_resolver_set_edns_udp_size(res, qbuf);
- }
-
- if (!name &&
- PURPOSE != DRILL_AFROMFILE &&
- !query_file
- ) {
- usage(stdout, progname);
- result = EXIT_FAILURE;
- goto exit;
- }
-
- if (tsig_name && tsig_data) {
- ldns_resolver_set_tsig_keyname(res, tsig_name);
- ldns_resolver_set_tsig_keydata(res, tsig_data);
- ldns_resolver_set_tsig_algorithm(res, tsig_algorithm);
- }
-
- /* main switching part of drill */
- switch(PURPOSE) {
- case DRILL_TRACE:
- /* do a trace from the root down */
- if (!global_dns_root) {
- init_root();
- }
- qname = ldns_dname_new_frm_str(name);
- if (!qname) {
- error("%s", "parsing query name");
- }
- /* don't care about return packet */
- (void)do_trace(res, qname, type, clas);
- clear_root();
- break;
- case DRILL_SECTRACE:
- /* do a secure trace from the root down */
- if (!global_dns_root) {
- init_root();
- }
- qname = ldns_dname_new_frm_str(name);
- if (!qname) {
- error("%s", "making qname");
- }
- /* don't care about return packet */
-#ifdef HAVE_SSL
- result = do_secure_trace(res, qname, type, clas, key_list, trace_start_name);
-#endif /* HAVE_SSL */
- clear_root();
- break;
- case DRILL_CHASE:
- qname = ldns_dname_new_frm_str(name);
- if (!qname) {
- error("%s", "making qname");
- }
-
- ldns_resolver_set_dnssec(res, true);
- ldns_resolver_set_dnssec_cd(res, true);
- /* set dnssec implies udp_size of 4096 */
- ldns_resolver_set_edns_udp_size(res, 4096);
- pkt = ldns_resolver_query(res, qname, type, clas, qflags);
-
- if (!pkt) {
- error("%s", "error pkt sending");
- result = EXIT_FAILURE;
- } else {
- if (verbosity >= 3) {
- ldns_pkt_print(stdout, pkt);
- }
-
- if (!ldns_pkt_answer(pkt)) {
- mesg("No answer in packet");
- } else {
-#ifdef HAVE_SSL
- ldns_resolver_set_dnssec_anchors(res, ldns_rr_list_clone(key_list));
- result = do_chase(res, qname, type,
- clas, key_list,
- pkt, qflags, NULL,
- verbosity);
- if (result == LDNS_STATUS_OK) {
- if (verbosity != -1) {
- mesg("Chase successful");
- }
- result = 0;
- } else {
- if (verbosity != -1) {
- mesg("Chase failed.");
- }
- }
-#endif /* HAVE_SSL */
- }
- ldns_pkt_free(pkt);
- }
- break;
- case DRILL_AFROMFILE:
- pkt = read_hex_pkt(answer_file);
- if (pkt) {
- if (verbosity != -1) {
- ldns_pkt_print(stdout, pkt);
- }
- ldns_pkt_free(pkt);
- }
-
- break;
- case DRILL_QTOFILE:
- qname = ldns_dname_new_frm_str(name);
- if (!qname) {
- error("%s", "making qname");
- }
-
- status = ldns_resolver_prepare_query_pkt(&qpkt, res, qname, type, clas, qflags);
- if(status != LDNS_STATUS_OK) {
- error("%s", "making query: %s",
- ldns_get_errorstr_by_id(status));
- }
- dump_hex(qpkt, query_file);
- ldns_pkt_free(qpkt);
- break;
- case DRILL_NSEC:
- break;
- case DRILL_REVERSE:
- /* ipv4 or ipv6 addr? */
- if (strchr(name, ':')) {
- if (strchr(name, '.')) {
- error("Syntax error: both '.' and ':' seen in address\n");
- }
- name2 = malloc(IP6_ARPA_MAX_LEN + 20);
- c = 0;
- for (i=0; i<(int)strlen(name); i++) {
- if (i >= IP6_ARPA_MAX_LEN) {
- error("%s", "reverse argument to long");
- }
- if (name[i] == ':') {
- if (i < (int) strlen(name) && name[i + 1] == ':') {
- error("%s", ":: not supported (yet)");
- } else {
- if (i + 2 == (int) strlen(name) || name[i + 2] == ':') {
- name2[c++] = '0';
- name2[c++] = '.';
- name2[c++] = '0';
- name2[c++] = '.';
- name2[c++] = '0';
- name2[c++] = '.';
- } else if (i + 3 == (int) strlen(name) || name[i + 3] == ':') {
- name2[c++] = '0';
- name2[c++] = '.';
- name2[c++] = '0';
- name2[c++] = '.';
- } else if (i + 4 == (int) strlen(name) || name[i + 4] == ':') {
- name2[c++] = '0';
- name2[c++] = '.';
- }
- }
- } else {
- name2[c++] = name[i];
- name2[c++] = '.';
- }
- }
- name2[c++] = '\0';
-
- qname = ldns_dname_new_frm_str(name2);
- qname_tmp = ldns_dname_reverse(qname);
- ldns_rdf_deep_free(qname);
- qname = qname_tmp;
- qname_tmp = ldns_dname_new_frm_str("ip6.arpa.");
- status = ldns_dname_cat(qname, qname_tmp);
- if (status != LDNS_STATUS_OK) {
- error("%s", "could not create reverse address for ip6: %s\n", ldns_get_errorstr_by_id(status));
- }
- ldns_rdf_deep_free(qname_tmp);
-
- free(name2);
- } else {
- qname = ldns_dname_new_frm_str(name);
- qname_tmp = ldns_dname_reverse(qname);
- ldns_rdf_deep_free(qname);
- qname = qname_tmp;
- qname_tmp = ldns_dname_new_frm_str("in-addr.arpa.");
- status = ldns_dname_cat(qname, qname_tmp);
- if (status != LDNS_STATUS_OK) {
- error("%s", "could not create reverse address for ip4: %s\n", ldns_get_errorstr_by_id(status));
- }
- ldns_rdf_deep_free(qname_tmp);
- }
- if (!qname) {
- error("%s", "-x implies an ip address");
- }
-
- /* create a packet and set the RD flag on it */
- pkt = ldns_resolver_query(res, qname, type, clas, qflags);
- if (!pkt) {
- error("%s", "pkt sending");
- result = EXIT_FAILURE;
- } else {
- if (verbosity != -1) {
- ldns_pkt_print(stdout, pkt);
- }
- ldns_pkt_free(pkt);
- }
- break;
- case DRILL_QUERY:
- default:
- if (query_file) {
- /* this old way, the query packet needed
- to be parseable, but we want to be able
- to send mangled packets, so we need
- to do it directly */
- #if 0
- qpkt = read_hex_pkt(query_file);
- if (qpkt) {
- status = ldns_resolver_send_pkt(&pkt, res, qpkt);
- if (status != LDNS_STATUS_OK) {
- printf("Error: %s\n", ldns_get_errorstr_by_id(status));
- exit(1);
- }
- } else {
- /* qpkt was bogus, reset pkt */
- pkt = NULL;
- }
- #endif
- query_buffer = read_hex_buffer(query_file);
- if (query_buffer) {
- status = ldns_send_buffer(&pkt, res, query_buffer, NULL);
- ldns_buffer_free(query_buffer);
- if (status != LDNS_STATUS_OK) {
- printf("Error: %s\n", ldns_get_errorstr_by_id(status));
- exit(1);
- }
- } else {
- printf("NO BUFFER\n");
- pkt = NULL;
- }
- } else {
- qname = ldns_dname_new_frm_str(name);
- if (!qname) {
- error("%s", "error in making qname");
- }
-
- if (type == LDNS_RR_TYPE_AXFR) {
- status = ldns_axfr_start(res, qname, clas);
- if(status != LDNS_STATUS_OK) {
- error("Error starting axfr: %s",
- ldns_get_errorstr_by_id(status));
- }
- axfr_rr = ldns_axfr_next(res);
- if(!axfr_rr) {
- fprintf(stderr, "AXFR failed.\n");
- ldns_pkt_print(stdout,
- ldns_axfr_last_pkt(res));
- goto exit;
- }
- while (axfr_rr) {
- if (verbosity != -1) {
- ldns_rr_print(stdout, axfr_rr);
- }
- ldns_rr_free(axfr_rr);
- axfr_rr = ldns_axfr_next(res);
- }
-
- goto exit;
- } else {
- /* create a packet and set the RD flag on it */
- pkt = ldns_resolver_query(res, qname, type, clas, qflags);
- }
- }
-
- if (!pkt) {
- mesg("No packet received");
- result = EXIT_FAILURE;
- } else {
- if (verbosity != -1) {
- ldns_pkt_print(stdout, pkt);
- if (ldns_pkt_tc(pkt)) {
- fprintf(stdout,
- "\n;; WARNING: The answer packet was truncated; you might want to\n");
- fprintf(stdout,
- ";; query again with TCP (-t argument), or EDNS0 (-b for buffer size)\n");
- }
- }
- if (qds) {
- if (verbosity != -1) {
- print_ds_of_keys(pkt);
- printf("\n");
- }
- }
-
- if (ldns_rr_list_rr_count(key_list) > 0) {
- /* -k's were given on the cmd line */
- ldns_rr_list *rrset_verified;
- uint16_t key_count;
-
- rrset_verified = ldns_pkt_rr_list_by_name_and_type(
- pkt, qname, type,
- LDNS_SECTION_ANY_NOQUESTION);
-
- if (type == LDNS_RR_TYPE_ANY) {
- /* don't verify this */
- break;
- }
-
- if (verbosity != -1) {
- printf("; ");
- ldns_rr_list_print(stdout, rrset_verified);
- }
-
- /* verify */
-#ifdef HAVE_SSL
- key_verified = ldns_rr_list_new();
- result = ldns_pkt_verify(pkt, type, qname, key_list, NULL, key_verified);
-
- if (result == LDNS_STATUS_ERR) {
- /* is the existence denied then? */
- result = ldns_verify_denial(pkt, qname, type, NULL, NULL);
- if (result == LDNS_STATUS_OK) {
- if (verbosity != -1) {
- printf("Existence denied for ");
- ldns_rdf_print(stdout, qname);
- type_str = ldns_rr_type2str(type);
- printf("\t%s\n", type_str);
- LDNS_FREE(type_str);
- }
- } else {
- if (verbosity != -1) {
- printf("Bad data; RR for name and "
- "type not found or failed to "
- "verify, and denial of "
- "existence failed.\n");
- }
- }
- } else if (result == LDNS_STATUS_OK) {
- for(key_count = 0; key_count < ldns_rr_list_rr_count(key_verified);
- key_count++) {
- if (verbosity != -1) {
- printf("; VALIDATED by id = %u, owner = ",
- (unsigned int)ldns_calc_keytag(
- ldns_rr_list_rr(key_verified, key_count)));
- ldns_rdf_print(stdout, ldns_rr_owner(
- ldns_rr_list_rr(key_list, key_count)));
- printf("\n");
- }
- }
- } else {
- for(key_count = 0; key_count < ldns_rr_list_rr_count(key_list);
- key_count++) {
- if (verbosity != -1) {
- printf("; %s for id = %u, owner = ",
- ldns_get_errorstr_by_id(result),
- (unsigned int)ldns_calc_keytag(
- ldns_rr_list_rr(key_list, key_count)));
- ldns_rdf_print(stdout, ldns_rr_owner(
-
- ldns_rr_list_rr(key_list,
- key_count)));
- printf("\n");
- }
- }
- }
- ldns_rr_list_free(key_verified);
-#else
- (void) key_count;
-#endif /* HAVE_SSL */
- }
- if (answer_file) {
- dump_hex(pkt, answer_file);
- }
- ldns_pkt_free(pkt);
- }
-
- break;
- }
-
- exit:
- ldns_rdf_deep_free(qname);
- ldns_resolver_deep_free(res);
- ldns_resolver_deep_free(cmdline_res);
- ldns_rr_list_deep_free(key_list);
- ldns_rr_list_deep_free(cmdline_rr_list);
- ldns_rdf_deep_free(trace_start_name);
- xfree(progname);
- xfree(tsig_name);
- xfree(tsig_data);
- xfree(tsig_algorithm);
-
-#ifdef HAVE_SSL
- ERR_remove_state(0);
- CRYPTO_cleanup_all_ex_data();
- ERR_free_strings();
- EVP_cleanup();
-#endif
-#ifdef USE_WINSOCK
- WSACleanup();
-#endif
-
- return result;
-}
+++ /dev/null
-/*
- * drill.h
- * the main header file of drill
- * (c) 2005, 2006 NLnet Labs
- *
- * See the file LICENSE for the license
- *
- */
-#ifndef _DRILL_H_
-#define _DRILL_H_
-#include "config.h"
-
-#include "drill_util.h"
-
-#define DRILL_VERSION "@PACKAGE_VERSION@"
-
-/* what kind of stuff do we allow */
-#define DRILL_QUERY 0
-#define DRILL_TRACE 1
-#define DRILL_CHASE 2
-#define DRILL_AFROMFILE 3
-#define DRILL_QTOFILE 4
-#define DRILL_NSEC 5
-#define DRILL_REVERSE 6
-#define DRILL_SECTRACE 7
-
-#define DRILL_ON(VAR, BIT) \
-(VAR) = (VAR) | (BIT)
-#define DRILL_OFF(VAR, BIT) \
-(VAR) = (VAR) & ~(BIT)
-
-extern ldns_rr_list *global_dns_root;
-extern bool qds;
-extern int verbosity;
-
-ldns_pkt *do_trace(ldns_resolver *res,
- ldns_rdf *name,
- ldns_rr_type type,
- ldns_rr_class c);
-ldns_status do_chase(ldns_resolver *res,
- ldns_rdf *name,
- ldns_rr_type type,
- ldns_rr_class c,
- ldns_rr_list *trusted_keys,
- ldns_pkt *pkt_o,
- uint16_t qflags,
- ldns_rr_list *prev_key_list,
- int verbosity);
-int do_secure_trace(ldns_resolver *res,
- ldns_rdf *name,
- ldns_rr_type type,
- ldns_rr_class c,
- ldns_rr_list *trusted_keys,
- ldns_rdf *start_name);
-
-ldns_rr_list * get_rr(ldns_resolver *res,
- ldns_rdf *zname,
- ldns_rr_type t,
- ldns_rr_class c);
-
-void drill_pkt_print(FILE *fd, ldns_resolver *r, ldns_pkt *p);
-void drill_pkt_print_footer(FILE *fd, ldns_resolver *r, ldns_pkt *p);
-
-ldns_pkt_type get_dnssec_rr(ldns_pkt *p,
- ldns_rdf *name,
- ldns_rr_type t,
- ldns_rr_list **rrlist,
- ldns_rr_list **sig);
-
-ldns_rr *ldns_nsec3_exact_match(ldns_rdf *qname,
- ldns_rr_type qtype,
- ldns_rr_list *nsec3s);
-
-ldns_rdf *ldns_nsec3_closest_encloser(ldns_rdf *qname,
- ldns_rr_type qtype,
- ldns_rr_list *nsec3s);
-
-/* verifies denial of existence of *name in *pkt (must contain NSEC or NSEC3 records
- * if *nsec_rrs and *nsec_rr_sigs are given, pointers to the relevant nsecs and their signatures are
- * placed there
- */
-ldns_status ldns_verify_denial(ldns_pkt *pkt,
- ldns_rdf *name,
- ldns_rr_type type,
- ldns_rr_list **nsec_rrs,
- ldns_rr_list **nsec_rr_sigs);
-ldns_status ldns_verify_denial_wildcard(ldns_pkt *pkt,
- ldns_rdf *name,
- ldns_rr_type type,
- ldns_rr_list **nsec_rrs,
- ldns_rr_list **nsec_rr_sigs);
-
-ldns_status read_key_file(const char *filename, ldns_rr_list *key_list);
-ldns_pkt *read_hex_pkt(char *filename);
-ldns_buffer *read_hex_buffer(char *filename);
-void init_root(void);
-ldns_rr_list *read_root_hints(const char *filename);
-void clear_root(void);
-void dump_hex(const ldns_pkt *pkt, const char *file);
-void warning(const char *fmt, ...);
-void error(const char *fmt, ...);
-void mesg(const char *fmt, ...);
-
-/* screen.c */
-void resolver_print_nameservers(ldns_resolver *r);
-void print_dnskey(ldns_rr_list *key_list);
-void print_ds(ldns_rr_list *ds_list);
-
-#endif /* _DRILL_H_ */
+++ /dev/null
-/*
- * util.c
- * some handy function needed in drill and not implemented
- * in ldns
- * (c) 2005 NLnet Labs
- *
- * See the file LICENSE for the license
- *
- */
-
-#include "drill.h"
-#include <ldns/ldns.h>
-
-#include <errno.h>
-
-static int
-read_line(FILE *input, char *line)
-{
- int i;
-
- char c;
- for (i = 0; i < LDNS_MAX_PACKETLEN; i++) {
- c = getc(input);
- if (c == EOF) {
- return -1;
- } else if (c != '\n') {
- line[i] = c;
- } else {
- break;
- }
- }
- line[i] = '\0';
- return i;
-}
-
-/* key_list must be initialized with ldns_rr_list_new() */
-ldns_status
-read_key_file(const char *filename, ldns_rr_list *key_list)
-{
- int line_len = 0;
- int line_nr = 0;
- int key_count = 0;
- char line[LDNS_MAX_PACKETLEN];
- ldns_status status;
- FILE *input_file;
- ldns_rr *rr;
-
- input_file = fopen(filename, "r");
- if (!input_file) {
- fprintf(stderr, "Error opening %s: %s\n",
- filename, strerror(errno));
- return LDNS_STATUS_ERR;
- }
- while (line_len >= 0) {
- line_len = read_line(input_file, line);
- line_nr++;
- if (line_len > 0 && line[0] != ';') {
- status = ldns_rr_new_frm_str(&rr, line, 0, NULL, NULL);
- if (status != LDNS_STATUS_OK) {
- fprintf(stderr,
- "Error parsing DNSKEY RR in line %d: %s\n",
- line_nr,
- ldns_get_errorstr_by_id(status));
- } else if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_DNSKEY ||
- ldns_rr_get_type(rr) == LDNS_RR_TYPE_DS) {
- ldns_rr_list_push_rr(key_list, rr);
- key_count++;
- } else {
- ldns_rr_free(rr);
- }
- }
- }
- printf(";; Number of trusted keys: %d\n", key_count);
- if (key_count > 0) {
- return LDNS_STATUS_OK;
- } else {
- /*fprintf(stderr, "No keys read\n");*/
- return LDNS_STATUS_ERR;
- }
-}
-
-ldns_rdf *
-ldns_rdf_new_addr_frm_str(char *str)
-{
- ldns_rdf *a;
-
- a = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_A, str);
- if (!a) {
- /* maybe ip6 */
- a = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_AAAA, str);
- if (!a) {
- return NULL;
- }
- }
- return a;
-}
-
-static inline void
-local_print_ds(FILE* out, const char* pre, ldns_rr* ds)
-{
- if (out && ds) {
- fprintf(out, "%s", pre);
- ldns_rr_print(out, ds);
- ldns_rr_free(ds);
- }
-}
-
-/*
- * For all keys in a packet print the DS
- */
-void
-print_ds_of_keys(ldns_pkt *p)
-{
- ldns_rr_list *keys;
- uint16_t i;
- ldns_rr *ds;
-
- /* TODO fix the section stuff, here or in ldns */
- keys = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_DNSKEY,
- LDNS_SECTION_ANSWER);
-
- /* this also returns the question section rr, which does not
- * have any data.... and this inturn crashes everything */
-
- if (keys) {
- for (i = 0; i < ldns_rr_list_rr_count(keys); i++) {
- fprintf(stdout, ";\n; equivalent DS records for key %u:\n",
- (unsigned int)ldns_calc_keytag(ldns_rr_list_rr(keys, i)));
-
- ds = ldns_key_rr2ds(ldns_rr_list_rr(keys, i), LDNS_SHA1);
- local_print_ds(stdout, "; sha1: ", ds);
- ds = ldns_key_rr2ds(ldns_rr_list_rr(keys, i), LDNS_SHA256);
- local_print_ds(stdout, "; sha256: ", ds);
- }
- }
-}
-
-static void
-print_class_type(FILE *fp, ldns_rr *r)
-{
- ldns_lookup_table *lt;
- lt = ldns_lookup_by_id(ldns_rr_classes, ldns_rr_get_class(r));
- if (lt) {
- fprintf(fp, " %s", lt->name);
- } else {
- fprintf(fp, " CLASS%d", ldns_rr_get_class(r));
- }
- /* okay not THE way - but the quickest */
- switch (ldns_rr_get_type(r)) {
- case LDNS_RR_TYPE_RRSIG:
- fprintf(fp, " RRSIG ");
- break;
- case LDNS_RR_TYPE_DNSKEY:
- fprintf(fp, " DNSKEY ");
- break;
- case LDNS_RR_TYPE_DS:
- fprintf(fp, " DS ");
- break;
- default:
- break;
- }
-}
-
-
-void
-print_ds_abbr(FILE *fp, ldns_rr *ds)
-{
- if (!ds || (ldns_rr_get_type(ds) != LDNS_RR_TYPE_DS)) {
- return;
- }
-
- ldns_rdf_print(fp, ldns_rr_owner(ds));
- fprintf(fp, " %d", (int)ldns_rr_ttl(ds));
- print_class_type(fp, ds);
- ldns_rdf_print(fp, ldns_rr_rdf(ds, 0)); fprintf(fp, " ");
- ldns_rdf_print(fp, ldns_rr_rdf(ds, 1)); fprintf(fp, " ");
- ldns_rdf_print(fp, ldns_rr_rdf(ds, 2)); fprintf(fp, " ");
- ldns_rdf_print(fp, ldns_rr_rdf(ds, 3)); fprintf(fp, " ");
-}
-
-/* print some of the elements of a signature */
-void
-print_rrsig_abbr(FILE *fp, ldns_rr *sig) {
- if (!sig || (ldns_rr_get_type(sig) != LDNS_RR_TYPE_RRSIG)) {
- return;
- }
-
- ldns_rdf_print(fp, ldns_rr_owner(sig));
- fprintf(fp, " %d", (int)ldns_rr_ttl(sig));
- print_class_type(fp, sig);
-
- /* print a number of rdf's */
- /* typecovered */
- ldns_rdf_print(fp, ldns_rr_rdf(sig, 0)); fprintf(fp, " ");
- /* algo */
- ldns_rdf_print(fp, ldns_rr_rdf(sig, 1)); fprintf(fp, " ");
- /* labels */
- ldns_rdf_print(fp, ldns_rr_rdf(sig, 2)); fprintf(fp, " (\n\t\t\t");
- /* expir */
- ldns_rdf_print(fp, ldns_rr_rdf(sig, 4)); fprintf(fp, " ");
- /* incep */
- ldns_rdf_print(fp, ldns_rr_rdf(sig, 5)); fprintf(fp, " ");
- /* key-id */
- ldns_rdf_print(fp, ldns_rr_rdf(sig, 6)); fprintf(fp, " ");
- /* key owner */
- ldns_rdf_print(fp, ldns_rr_rdf(sig, 7)); fprintf(fp, ")");
-}
-
-void
-print_dnskey_abbr(FILE *fp, ldns_rr *key)
-{
- if (!key || (ldns_rr_get_type(key) != LDNS_RR_TYPE_DNSKEY)) {
- return;
- }
-
- ldns_rdf_print(fp, ldns_rr_owner(key));
- fprintf(fp, " %d", (int)ldns_rr_ttl(key));
- print_class_type(fp, key);
-
- /* print a number of rdf's */
- /* flags */
- ldns_rdf_print(fp, ldns_rr_rdf(key, 0)); fprintf(fp, " ");
- /* proto */
- ldns_rdf_print(fp, ldns_rr_rdf(key, 1)); fprintf(fp, " ");
- /* algo */
- ldns_rdf_print(fp, ldns_rr_rdf(key, 2));
-
- if (ldns_rdf2native_int16(ldns_rr_rdf(key, 0)) == 256) {
- fprintf(fp, " ;{id = %u (zsk), size = %db}", (unsigned int)ldns_calc_keytag(key),
- (int)ldns_rr_dnskey_key_size(key));
- return;
- }
- if (ldns_rdf2native_int16(ldns_rr_rdf(key, 0)) == 257) {
- fprintf(fp, " ;{id = %u (ksk), size = %db}", (unsigned int)ldns_calc_keytag(key),
- (int)ldns_rr_dnskey_key_size(key));
- return;
- }
- fprintf(fp, " ;{id = %u, size = %db}", (unsigned int)ldns_calc_keytag(key),
- (int)ldns_rr_dnskey_key_size(key));
-}
-
-void
-print_rr_list_abbr(FILE *fp, ldns_rr_list *rrlist, char *usr)
-{
- size_t i;
- ldns_rr_type tp;
-
- for(i = 0; i < ldns_rr_list_rr_count(rrlist); i++) {
- tp = ldns_rr_get_type(ldns_rr_list_rr(rrlist, i));
- if (i == 0 && tp != LDNS_RR_TYPE_RRSIG) {
- if (usr) {
- fprintf(fp, "%s ", usr);
- }
- }
- switch(tp) {
- case LDNS_RR_TYPE_DNSKEY:
- print_dnskey_abbr(fp, ldns_rr_list_rr(rrlist, i));
- break;
- case LDNS_RR_TYPE_RRSIG:
- print_rrsig_abbr(fp, ldns_rr_list_rr(rrlist, i));
- break;
- case LDNS_RR_TYPE_DS:
- print_ds_abbr(fp, ldns_rr_list_rr(rrlist, i));
- break;
- default:
- /* not handled */
- break;
- }
- fputs("\n", fp);
- }
-}
-
-void *
-xmalloc(size_t s)
-{
- void *p;
-
- p = malloc(s);
- if (!p) {
- printf("Mem failure\n");
- exit(EXIT_FAILURE);
- }
- return p;
-}
-
-void *
-xrealloc(void *p, size_t size)
-{
- void *q;
-
- q = realloc(p, size);
- if (!q) {
- printf("Mem failure\n");
- exit(EXIT_FAILURE);
- }
- return q;
-}
-
-void
-xfree(void *p)
-{
- if (p) {
- free(p);
- }
-}
+++ /dev/null
-/*
- * util.h
- * util.c header file
- * in ldns
- * (c) 2005 NLnet Labs
- *
- * See the file LICENSE for the license
- *
- */
-
-#ifndef _DRILL_UTIL_H_
-#define _DRILL_UTIL_H_
-#include <ldns/ldns.h>
-
-/**
- * return a address rdf, either A or AAAA
- * NULL if anything goes wrong
- */
-ldns_rdf * ldns_rdf_new_addr_frm_str(char *);
-
-/**
- * print all the ds of the keys in the packet
- */
-void print_ds_of_keys(ldns_pkt *p);
-
-/**
- * print some rdfs of a signature
- */
-void print_rrsig_abbr(FILE *fp, ldns_rr *sig);
-/**
- * print some rdfs of a dnskey
- */
-void print_dnskey_abbr(FILE *fp, ldns_rr *key);
-/**
- * print some rdfs of a ds
- */
-void print_ds_abbr(FILE *fp, ldns_rr *ds);
-
-/**
- * print some rdfs of a rr in a rr_list
- */
-void print_rr_list_abbr(FILE *fp, ldns_rr_list *sig, char *usr);
-
-/**
- * Alloc some memory, with error checking
- */
-void *xmalloc(size_t s);
-
-/**
- * Realloc some memory, with error checking
- */
-void *xrealloc(void *p, size_t s);
-
-/**
- * Free the data
- */
-void xfree(void *q);
-#endif /* _DRILL_UTIL_H_ */
+++ /dev/null
-/**
- * error.c
- *
- * error reporting routines
- * basicly wrappers around printf
- *
- * (c) 2005 NLnet Labs
- *
- * See the file LICENSE for the license
- *
- */
-
-#include "drill.h"
-#include <ldns/ldns.h>
-
-static void
-warning_va_list(const char *fmt, va_list args)
-{
- fprintf(stderr, "Warning: ");
- vfprintf(stderr, fmt, args);
- fprintf(stderr, "\n");
-}
-
-void
-warning(const char *fmt, ...)
-{
- va_list args;
- va_start(args, fmt);
- warning_va_list(fmt, args);
- va_end(args);
-}
-
-static void
-error_va_list(const char *fmt, va_list args)
-{
- fprintf(stderr, "Error: ");
- vfprintf(stderr, fmt, args);
- fprintf(stderr, "\n");
-}
-
-void
-error(const char *fmt, ...)
-{
- va_list args;
- va_start(args, fmt);
- error_va_list(fmt, args);
- va_end(args);
- exit(EXIT_FAILURE);
-}
-
-static void
-verbose_va_list(const char *fmt, va_list args)
-{
- vfprintf(stdout, fmt, args);
- fprintf(stdout, "\n");
-}
-
-/* print stuff */
-void
-mesg(const char *fmt, ...)
-{
- va_list args;
- if (verbosity == -1) {
- return;
- }
- fprintf(stdout, ";; ");
- va_start(args, fmt);
- verbose_va_list(fmt, args);
- va_end(args);
-}
-
-/* print stuff when in verbose mode (1) */
-void
-verbose(const char *fmt, ...)
-{
- va_list args;
- if (verbosity < 1) {
- return;
- }
-
- va_start(args, fmt);
- verbose_va_list(fmt, args);
- va_end(args);
-}
-
-/* print stuff when in vverbose mode (2) */
-void
-vverbose(const char *fmt, ...)
-{
- va_list args;
- if (verbosity < 2) {
- return;
- }
-
- va_start(args, fmt);
- verbose_va_list(fmt, args);
- va_end(args);
-}
-
-static void
-debug_va_list(const char *fmt, va_list args)
-{
- vfprintf(stderr, fmt, args);
- fprintf(stderr, "\n");
-}
-
-void
-debug(const char *fmt, ...)
-{
- va_list args;
- fprintf(stderr, "[DEBUG] ");
- va_start(args, fmt);
- debug_va_list(fmt, args);
- va_end(args);
-}
+++ /dev/null
-#!/bin/sh
-# install - install a program, script, or datafile
-
-scriptversion=2009-04-28.21; # UTC
-
-# This originates from X11R5 (mit/util/scripts/install.sh), which was
-# later released in X11R6 (xc/config/util/install.sh) with the
-# following copyright and license.
-#
-# Copyright (C) 1994 X Consortium
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to
-# deal in the Software without restriction, including without limitation the
-# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
-# sell copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-# X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
-# AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNEC-
-# TION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-#
-# Except as contained in this notice, the name of the X Consortium shall not
-# be used in advertising or otherwise to promote the sale, use or other deal-
-# ings in this Software without prior written authorization from the X Consor-
-# tium.
-#
-#
-# FSF changes to this file are in the public domain.
-#
-# Calling this script install-sh is preferred over install.sh, to prevent
-# `make' implicit rules from creating a file called install from it
-# when there is no Makefile.
-#
-# This script is compatible with the BSD install script, but was written
-# from scratch.
-
-nl='
-'
-IFS=" "" $nl"
-
-# set DOITPROG to echo to test this script
-
-# Don't use :- since 4.3BSD and earlier shells don't like it.
-doit=${DOITPROG-}
-if test -z "$doit"; then
- doit_exec=exec
-else
- doit_exec=$doit
-fi
-
-# Put in absolute file names if you don't have them in your path;
-# or use environment vars.
-
-chgrpprog=${CHGRPPROG-chgrp}
-chmodprog=${CHMODPROG-chmod}
-chownprog=${CHOWNPROG-chown}
-cmpprog=${CMPPROG-cmp}
-cpprog=${CPPROG-cp}
-mkdirprog=${MKDIRPROG-mkdir}
-mvprog=${MVPROG-mv}
-rmprog=${RMPROG-rm}
-stripprog=${STRIPPROG-strip}
-
-posix_glob='?'
-initialize_posix_glob='
- test "$posix_glob" != "?" || {
- if (set -f) 2>/dev/null; then
- posix_glob=
- else
- posix_glob=:
- fi
- }
-'
-
-posix_mkdir=
-
-# Desired mode of installed file.
-mode=0755
-
-chgrpcmd=
-chmodcmd=$chmodprog
-chowncmd=
-mvcmd=$mvprog
-rmcmd="$rmprog -f"
-stripcmd=
-
-src=
-dst=
-dir_arg=
-dst_arg=
-
-copy_on_change=false
-no_target_directory=
-
-usage="\
-Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE
- or: $0 [OPTION]... SRCFILES... DIRECTORY
- or: $0 [OPTION]... -t DIRECTORY SRCFILES...
- or: $0 [OPTION]... -d DIRECTORIES...
-
-In the 1st form, copy SRCFILE to DSTFILE.
-In the 2nd and 3rd, copy all SRCFILES to DIRECTORY.
-In the 4th, create DIRECTORIES.
-
-Options:
- --help display this help and exit.
- --version display version info and exit.
-
- -c (ignored)
- -C install only if different (preserve the last data modification time)
- -d create directories instead of installing files.
- -g GROUP $chgrpprog installed files to GROUP.
- -m MODE $chmodprog installed files to MODE.
- -o USER $chownprog installed files to USER.
- -s $stripprog installed files.
- -t DIRECTORY install into DIRECTORY.
- -T report an error if DSTFILE is a directory.
-
-Environment variables override the default commands:
- CHGRPPROG CHMODPROG CHOWNPROG CMPPROG CPPROG MKDIRPROG MVPROG
- RMPROG STRIPPROG
-"
-
-while test $# -ne 0; do
- case $1 in
- -c) ;;
-
- -C) copy_on_change=true;;
-
- -d) dir_arg=true;;
-
- -g) chgrpcmd="$chgrpprog $2"
- shift;;
-
- --help) echo "$usage"; exit $?;;
-
- -m) mode=$2
- case $mode in
- *' '* | *' '* | *'
-'* | *'*'* | *'?'* | *'['*)
- echo "$0: invalid mode: $mode" >&2
- exit 1;;
- esac
- shift;;
-
- -o) chowncmd="$chownprog $2"
- shift;;
-
- -s) stripcmd=$stripprog;;
-
- -t) dst_arg=$2
- shift;;
-
- -T) no_target_directory=true;;
-
- --version) echo "$0 $scriptversion"; exit $?;;
-
- --) shift
- break;;
-
- -*) echo "$0: invalid option: $1" >&2
- exit 1;;
-
- *) break;;
- esac
- shift
-done
-
-if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then
- # When -d is used, all remaining arguments are directories to create.
- # When -t is used, the destination is already specified.
- # Otherwise, the last argument is the destination. Remove it from $@.
- for arg
- do
- if test -n "$dst_arg"; then
- # $@ is not empty: it contains at least $arg.
- set fnord "$@" "$dst_arg"
- shift # fnord
- fi
- shift # arg
- dst_arg=$arg
- done
-fi
-
-if test $# -eq 0; then
- if test -z "$dir_arg"; then
- echo "$0: no input file specified." >&2
- exit 1
- fi
- # It's OK to call `install-sh -d' without argument.
- # This can happen when creating conditional directories.
- exit 0
-fi
-
-if test -z "$dir_arg"; then
- trap '(exit $?); exit' 1 2 13 15
-
- # Set umask so as not to create temps with too-generous modes.
- # However, 'strip' requires both read and write access to temps.
- case $mode in
- # Optimize common cases.
- *644) cp_umask=133;;
- *755) cp_umask=22;;
-
- *[0-7])
- if test -z "$stripcmd"; then
- u_plus_rw=
- else
- u_plus_rw='% 200'
- fi
- cp_umask=`expr '(' 777 - $mode % 1000 ')' $u_plus_rw`;;
- *)
- if test -z "$stripcmd"; then
- u_plus_rw=
- else
- u_plus_rw=,u+rw
- fi
- cp_umask=$mode$u_plus_rw;;
- esac
-fi
-
-for src
-do
- # Protect names starting with `-'.
- case $src in
- -*) src=./$src;;
- esac
-
- if test -n "$dir_arg"; then
- dst=$src
- dstdir=$dst
- test -d "$dstdir"
- dstdir_status=$?
- else
-
- # Waiting for this to be detected by the "$cpprog $src $dsttmp" command
- # might cause directories to be created, which would be especially bad
- # if $src (and thus $dsttmp) contains '*'.
- if test ! -f "$src" && test ! -d "$src"; then
- echo "$0: $src does not exist." >&2
- exit 1
- fi
-
- if test -z "$dst_arg"; then
- echo "$0: no destination specified." >&2
- exit 1
- fi
-
- dst=$dst_arg
- # Protect names starting with `-'.
- case $dst in
- -*) dst=./$dst;;
- esac
-
- # If destination is a directory, append the input filename; won't work
- # if double slashes aren't ignored.
- if test -d "$dst"; then
- if test -n "$no_target_directory"; then
- echo "$0: $dst_arg: Is a directory" >&2
- exit 1
- fi
- dstdir=$dst
- dst=$dstdir/`basename "$src"`
- dstdir_status=0
- else
- # Prefer dirname, but fall back on a substitute if dirname fails.
- dstdir=`
- (dirname "$dst") 2>/dev/null ||
- expr X"$dst" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$dst" : 'X\(//\)[^/]' \| \
- X"$dst" : 'X\(//\)$' \| \
- X"$dst" : 'X\(/\)' \| . 2>/dev/null ||
- echo X"$dst" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
- s//\1/
- q
- }
- /^X\(\/\/\)[^/].*/{
- s//\1/
- q
- }
- /^X\(\/\/\)$/{
- s//\1/
- q
- }
- /^X\(\/\).*/{
- s//\1/
- q
- }
- s/.*/./; q'
- `
-
- test -d "$dstdir"
- dstdir_status=$?
- fi
- fi
-
- obsolete_mkdir_used=false
-
- if test $dstdir_status != 0; then
- case $posix_mkdir in
- '')
- # Create intermediate dirs using mode 755 as modified by the umask.
- # This is like FreeBSD 'install' as of 1997-10-28.
- umask=`umask`
- case $stripcmd.$umask in
- # Optimize common cases.
- *[2367][2367]) mkdir_umask=$umask;;
- .*0[02][02] | .[02][02] | .[02]) mkdir_umask=22;;
-
- *[0-7])
- mkdir_umask=`expr $umask + 22 \
- - $umask % 100 % 40 + $umask % 20 \
- - $umask % 10 % 4 + $umask % 2
- `;;
- *) mkdir_umask=$umask,go-w;;
- esac
-
- # With -d, create the new directory with the user-specified mode.
- # Otherwise, rely on $mkdir_umask.
- if test -n "$dir_arg"; then
- mkdir_mode=-m$mode
- else
- mkdir_mode=
- fi
-
- posix_mkdir=false
- case $umask in
- *[123567][0-7][0-7])
- # POSIX mkdir -p sets u+wx bits regardless of umask, which
- # is incompatible with FreeBSD 'install' when (umask & 300) != 0.
- ;;
- *)
- tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$
- trap 'ret=$?; rmdir "$tmpdir/d" "$tmpdir" 2>/dev/null; exit $ret' 0
-
- if (umask $mkdir_umask &&
- exec $mkdirprog $mkdir_mode -p -- "$tmpdir/d") >/dev/null 2>&1
- then
- if test -z "$dir_arg" || {
- # Check for POSIX incompatibilities with -m.
- # HP-UX 11.23 and IRIX 6.5 mkdir -m -p sets group- or
- # other-writeable bit of parent directory when it shouldn't.
- # FreeBSD 6.1 mkdir -m -p sets mode of existing directory.
- ls_ld_tmpdir=`ls -ld "$tmpdir"`
- case $ls_ld_tmpdir in
- d????-?r-*) different_mode=700;;
- d????-?--*) different_mode=755;;
- *) false;;
- esac &&
- $mkdirprog -m$different_mode -p -- "$tmpdir" && {
- ls_ld_tmpdir_1=`ls -ld "$tmpdir"`
- test "$ls_ld_tmpdir" = "$ls_ld_tmpdir_1"
- }
- }
- then posix_mkdir=:
- fi
- rmdir "$tmpdir/d" "$tmpdir"
- else
- # Remove any dirs left behind by ancient mkdir implementations.
- rmdir ./$mkdir_mode ./-p ./-- 2>/dev/null
- fi
- trap '' 0;;
- esac;;
- esac
-
- if
- $posix_mkdir && (
- umask $mkdir_umask &&
- $doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir"
- )
- then :
- else
-
- # The umask is ridiculous, or mkdir does not conform to POSIX,
- # or it failed possibly due to a race condition. Create the
- # directory the slow way, step by step, checking for races as we go.
-
- case $dstdir in
- /*) prefix='/';;
- -*) prefix='./';;
- *) prefix='';;
- esac
-
- eval "$initialize_posix_glob"
-
- oIFS=$IFS
- IFS=/
- $posix_glob set -f
- set fnord $dstdir
- shift
- $posix_glob set +f
- IFS=$oIFS
-
- prefixes=
-
- for d
- do
- test -z "$d" && continue
-
- prefix=$prefix$d
- if test -d "$prefix"; then
- prefixes=
- else
- if $posix_mkdir; then
- (umask=$mkdir_umask &&
- $doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir") && break
- # Don't fail if two instances are running concurrently.
- test -d "$prefix" || exit 1
- else
- case $prefix in
- *\'*) qprefix=`echo "$prefix" | sed "s/'/'\\\\\\\\''/g"`;;
- *) qprefix=$prefix;;
- esac
- prefixes="$prefixes '$qprefix'"
- fi
- fi
- prefix=$prefix/
- done
-
- if test -n "$prefixes"; then
- # Don't fail if two instances are running concurrently.
- (umask $mkdir_umask &&
- eval "\$doit_exec \$mkdirprog $prefixes") ||
- test -d "$dstdir" || exit 1
- obsolete_mkdir_used=true
- fi
- fi
- fi
-
- if test -n "$dir_arg"; then
- { test -z "$chowncmd" || $doit $chowncmd "$dst"; } &&
- { test -z "$chgrpcmd" || $doit $chgrpcmd "$dst"; } &&
- { test "$obsolete_mkdir_used$chowncmd$chgrpcmd" = false ||
- test -z "$chmodcmd" || $doit $chmodcmd $mode "$dst"; } || exit 1
- else
-
- # Make a couple of temp file names in the proper directory.
- dsttmp=$dstdir/_inst.$$_
- rmtmp=$dstdir/_rm.$$_
-
- # Trap to clean up those temp files at exit.
- trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0
-
- # Copy the file name to the temp name.
- (umask $cp_umask && $doit_exec $cpprog "$src" "$dsttmp") &&
-
- # and set any options; do chmod last to preserve setuid bits.
- #
- # If any of these fail, we abort the whole thing. If we want to
- # ignore errors from any of these, just make sure not to ignore
- # errors from the above "$doit $cpprog $src $dsttmp" command.
- #
- { test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } &&
- { test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } &&
- { test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } &&
- { test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } &&
-
- # If -C, don't bother to copy if it wouldn't change the file.
- if $copy_on_change &&
- old=`LC_ALL=C ls -dlL "$dst" 2>/dev/null` &&
- new=`LC_ALL=C ls -dlL "$dsttmp" 2>/dev/null` &&
-
- eval "$initialize_posix_glob" &&
- $posix_glob set -f &&
- set X $old && old=:$2:$4:$5:$6 &&
- set X $new && new=:$2:$4:$5:$6 &&
- $posix_glob set +f &&
-
- test "$old" = "$new" &&
- $cmpprog "$dst" "$dsttmp" >/dev/null 2>&1
- then
- rm -f "$dsttmp"
- else
- # Rename the file to the real destination.
- $doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null ||
-
- # The rename failed, perhaps because mv can't rename something else
- # to itself, or perhaps because mv is so ancient that it does not
- # support -f.
- {
- # Now remove or move aside any old file at destination location.
- # We try this two ways since rm can't unlink itself on some
- # systems and the destination file might be busy for other
- # reasons. In this case, the final cleanup might fail but the new
- # file should still install successfully.
- {
- test ! -f "$dst" ||
- $doit $rmcmd -f "$dst" 2>/dev/null ||
- { $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null &&
- { $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; }
- } ||
- { echo "$0: cannot unlink or rename $dst" >&2
- (exit 1); exit 1
- }
- } &&
-
- # Now rename the file to the real destination.
- $doit $mvcmd "$dsttmp" "$dst"
- }
- fi || exit 1
-
- trap '' 0
- fi
-done
-
-# Local variables:
-# eval: (add-hook 'write-file-hooks 'time-stamp)
-# time-stamp-start: "scriptversion="
-# time-stamp-format: "%:y-%02m-%02d.%02H"
-# time-stamp-time-zone: "UTC"
-# time-stamp-end: "; # UTC"
-# End:
+++ /dev/null
-/*
- * root.c
- * Function to handle to the rootservers
- * and to update and prime them
- * (c) 2005 NLnet Labs
- *
- * See the file LICENSE for the license
- *
- */
-
-#include "drill.h"
-#include <ldns/ldns.h>
-#include <errno.h>
-
-/* a global list of the root-servers */
-ldns_rr_list *global_dns_root = NULL;
-
-/* put a hardcoded list in the root and
- * init the root rrlist structure */
-void
-init_root(void)
-{
- ldns_rr *r;
-
- global_dns_root = ldns_rr_list_new();
-
- (void)ldns_rr_new_frm_str(&r, "A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4", 0, NULL, NULL);
- ldns_rr_list_push_rr(global_dns_root, r);
- (void)ldns_rr_new_frm_str(&r, "A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:BA3E::2:30", 0, NULL, NULL);
- ldns_rr_list_push_rr(global_dns_root, r);
- (void)ldns_rr_new_frm_str(&r, "B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201", 0, NULL, NULL);
- ldns_rr_list_push_rr(global_dns_root, r);
- (void)ldns_rr_new_frm_str(&r, "C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12", 0, NULL, NULL);
- ldns_rr_list_push_rr(global_dns_root, r);
- (void)ldns_rr_new_frm_str(&r, "D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90", 0, NULL, NULL);
- ldns_rr_list_push_rr(global_dns_root, r);
- (void)ldns_rr_new_frm_str(&r, "E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10", 0, NULL, NULL);
- ldns_rr_list_push_rr(global_dns_root, r);
- (void)ldns_rr_new_frm_str(&r, "F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241", 0, NULL, NULL);
- ldns_rr_list_push_rr(global_dns_root, r);
- (void)ldns_rr_new_frm_str(&r, "F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2F::F", 0, NULL, NULL);
- ldns_rr_list_push_rr(global_dns_root, r);
- (void)ldns_rr_new_frm_str(&r, "G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4", 0, NULL, NULL);
- ldns_rr_list_push_rr(global_dns_root, r);
- (void)ldns_rr_new_frm_str(&r, "H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53", 0, NULL, NULL);
- ldns_rr_list_push_rr(global_dns_root, r);
- (void)ldns_rr_new_frm_str(&r, "H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803F:235", 0, NULL, NULL);
- ldns_rr_list_push_rr(global_dns_root, r);
- (void)ldns_rr_new_frm_str(&r, "I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17", 0, NULL, NULL);
- ldns_rr_list_push_rr(global_dns_root, r);
- (void)ldns_rr_new_frm_str(&r, "J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30", 0, NULL, NULL);
- ldns_rr_list_push_rr(global_dns_root, r);
- (void)ldns_rr_new_frm_str(&r, "J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:C27::2:30", 0, NULL, NULL);
- ldns_rr_list_push_rr(global_dns_root, r);
- (void)ldns_rr_new_frm_str(&r, "K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 ", 0, NULL, NULL);
- ldns_rr_list_push_rr(global_dns_root, r);
- (void)ldns_rr_new_frm_str(&r, "K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FD::1", 0, NULL, NULL);
- ldns_rr_list_push_rr(global_dns_root, r);
- (void)ldns_rr_new_frm_str(&r, "L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42", 0, NULL, NULL);
- ldns_rr_list_push_rr(global_dns_root, r);
- (void)ldns_rr_new_frm_str(&r, "L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42 ", 0, NULL, NULL);
- ldns_rr_list_push_rr(global_dns_root, r);
- (void)ldns_rr_new_frm_str(&r, "M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33", 0, NULL, NULL);
- ldns_rr_list_push_rr(global_dns_root, r);
- (void)ldns_rr_new_frm_str(&r, "M.ROOT-SERVERS.NET. 3600000 AAAA 2001:DC3::35", 0, NULL, NULL);
- ldns_rr_list_push_rr(global_dns_root, r);
-}
-
-/*
- * Read a hints file as root
- *
- * The file with the given path should contain a list of NS RRs
- * for the root zone and A records for those NS RRs.
- * Read them, check them, and append the a records to the rr list given.
- */
-ldns_rr_list *
-read_root_hints(const char *filename)
-{
- FILE *fp = NULL;
- int line_nr = 0;
- ldns_zone *z;
- ldns_status status;
- ldns_rr_list *addresses = NULL;
- ldns_rr *rr;
- size_t i;
-
- fp = fopen(filename, "r");
- if (!fp) {
- fprintf(stderr, "Unable to open %s for reading: %s\n", filename, strerror(errno));
- return NULL;
- }
-
- status = ldns_zone_new_frm_fp_l(&z, fp, NULL, 0, 0, &line_nr);
- fclose(fp);
- if (status != LDNS_STATUS_OK) {
- fprintf(stderr, "Error reading root hints file: %s\n", ldns_get_errorstr_by_id(status));
- return NULL;
- } else {
- addresses = ldns_rr_list_new();
- for (i = 0; i < ldns_rr_list_rr_count(ldns_zone_rrs(z)); i++) {
- rr = ldns_rr_list_rr(ldns_zone_rrs(z), i);
- /*if ((address_family == 0 || address_family == 1) &&
- */
- if ( ldns_rr_get_type(rr) == LDNS_RR_TYPE_A ) {
- ldns_rr_list_push_rr(addresses, ldns_rr_clone(rr));
- }
- /*if ((address_family == 0 || address_family == 2) &&*/
- if ( ldns_rr_get_type(rr) == LDNS_RR_TYPE_AAAA) {
- ldns_rr_list_push_rr(addresses, ldns_rr_clone(rr));
- }
- }
- ldns_zone_deep_free(z);
- return addresses;
- }
-}
-
-
-void
-clear_root(void)
-{
- ldns_rr_list_deep_free(global_dns_root);
-}
+++ /dev/null
-/*
- * securechasetrace.c
- * Where all the hard work concerning secure tracing is done
- *
- * (c) 2005, 2006 NLnet Labs
- *
- * See the file LICENSE for the license
- *
- */
-
-#include "drill.h"
-#include <ldns/ldns.h>
-
-#define SELF "[S]" /* self sig ok */
-#define TRUST "[T]" /* chain from parent */
-#define BOGUS "[B]" /* bogus */
-#define UNSIGNED "[U]" /* no relevant dnssec data found */
-
-#if 0
-/* See if there is a key/ds in trusted that matches
- * a ds in *ds.
- */
-static ldns_rr_list *
-ds_key_match(ldns_rr_list *ds, ldns_rr_list *trusted)
-{
- size_t i, j;
- bool match;
- ldns_rr *rr_i, *rr_j;
- ldns_rr_list *keys;
-
- if (!trusted || !ds) {
- return NULL;
- }
-
- match = false;
- keys = ldns_rr_list_new();
- if (!keys) {
- return NULL;
- }
-
- if (!ds || !trusted) {
- return NULL;
- }
-
- for (i = 0; i < ldns_rr_list_rr_count(trusted); i++) {
- rr_i = ldns_rr_list_rr(trusted, i);
- for (j = 0; j < ldns_rr_list_rr_count(ds); j++) {
-
- rr_j = ldns_rr_list_rr(ds, j);
- if (ldns_rr_compare_ds(rr_i, rr_j)) {
- match = true;
- /* only allow unique RRs to match */
- ldns_rr_set_push_rr(keys, rr_i);
- }
- }
- }
- if (match) {
- return keys;
- } else {
- return NULL;
- }
-}
-#endif
-
-ldns_pkt *
-get_dnssec_pkt(ldns_resolver *r, ldns_rdf *name, ldns_rr_type t)
-{
- ldns_pkt *p = NULL;
- p = ldns_resolver_query(r, name, t, LDNS_RR_CLASS_IN, 0);
- if (!p) {
- return NULL;
- } else {
- if (verbosity >= 5) {
- ldns_pkt_print(stdout, p);
- }
- return p;
- }
-}
-
-#ifdef HAVE_SSL
-/*
- * retrieve keys for this zone
- */
-static ldns_pkt_type
-get_key(ldns_pkt *p, ldns_rdf *apexname, ldns_rr_list **rrlist, ldns_rr_list **opt_sig)
-{
- return get_dnssec_rr(p, apexname, LDNS_RR_TYPE_DNSKEY, rrlist, opt_sig);
-}
-
-/*
- * check to see if we can find a DS rrset here which we can then follow
- */
-static ldns_pkt_type
-get_ds(ldns_pkt *p, ldns_rdf *ownername, ldns_rr_list **rrlist, ldns_rr_list **opt_sig)
-{
- return get_dnssec_rr(p, ownername, LDNS_RR_TYPE_DS, rrlist, opt_sig);
-}
-#endif /* HAVE_SSL */
-
-void
-remove_resolver_nameservers(ldns_resolver *res)
-{
- ldns_rdf *pop;
-
- /* remove the old nameserver from the resolver */
- while((pop = ldns_resolver_pop_nameserver(res))) {
- ldns_rdf_deep_free(pop);
- }
-
-}
-
-void
-show_current_nameservers(FILE *out, ldns_resolver *res)
-{
- size_t i;
- fprintf(out, "Current nameservers for resolver object:\n");
- for (i = 0; i < ldns_resolver_nameserver_count(res); i++) {
- ldns_rdf_print(out, ldns_resolver_nameservers(res)[i]);
- fprintf(out, "\n");
- }
-}
-
-/*ldns_pkt **/
-#ifdef HAVE_SSL
-int
-do_secure_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t,
- ldns_rr_class c, ldns_rr_list *trusted_keys, ldns_rdf *start_name
- )
-{
- ldns_resolver *res;
- ldns_pkt *p, *local_p;
- ldns_rr_list *new_nss_a;
- ldns_rr_list *new_nss_aaaa;
- ldns_rr_list *new_nss;
- ldns_rr_list *ns_addr;
- uint16_t loop_count;
- ldns_rdf *pop;
- ldns_rdf **labels = NULL;
- ldns_status status, st;
- ssize_t i;
- size_t j;
- size_t k;
- size_t l;
- uint8_t labels_count;
- ldns_pkt_type pt;
-
- /* dnssec */
- ldns_rr_list *key_list;
- ldns_rr_list *key_sig_list;
- ldns_rr_list *ds_list;
- ldns_rr_list *ds_sig_list;
- ldns_rr_list *correct_key_list;
- ldns_rr_list *trusted_ds_rrs;
- bool new_keys_trusted = false;
- ldns_rr_list *current_correct_keys;
- ldns_rr_list *dataset;
-
- ldns_rr_list *nsec_rrs = NULL;
- ldns_rr_list *nsec_rr_sigs = NULL;
-
- /* empty non-terminal check */
- bool ent;
-
- /* glue handling */
- ldns_rr_list *new_ns_addr;
- ldns_rr_list *old_ns_addr;
- ldns_rr *ns_rr;
-
- int result = 0;
-
- /* printing niceness */
- const ldns_rr_descriptor *descriptor;
-
- descriptor = ldns_rr_descript(t);
-
- loop_count = 0;
- new_nss_a = NULL;
- new_nss_aaaa = NULL;
- new_nss = NULL;
- ns_addr = NULL;
- key_list = NULL;
- ds_list = NULL;
- pt = LDNS_PACKET_UNKNOWN;
-
- p = NULL;
- local_p = NULL;
- res = ldns_resolver_new();
- key_sig_list = NULL;
- ds_sig_list = NULL;
-
- if (!res) {
- error("Memory allocation failed");
- result = -1;
- return result;
- }
-
- correct_key_list = ldns_rr_list_new();
- if (!correct_key_list) {
- error("Memory allocation failed");
- result = -1;
- return result;
- }
-
- trusted_ds_rrs = ldns_rr_list_new();
- if (!trusted_ds_rrs) {
- error("Memory allocation failed");
- result = -1;
- return result;
- }
- /* Add all preset trusted DS signatures to the list of trusted DS RRs. */
- for (j = 0; j < ldns_rr_list_rr_count(trusted_keys); j++) {
- ldns_rr* one_rr = ldns_rr_list_rr(trusted_keys, j);
- if (ldns_rr_get_type(one_rr) == LDNS_RR_TYPE_DS) {
- ldns_rr_list_push_rr(trusted_ds_rrs, ldns_rr_clone(one_rr));
- }
- }
-
- /* transfer some properties of local_res to res */
- ldns_resolver_set_ip6(res,
- ldns_resolver_ip6(local_res));
- ldns_resolver_set_port(res,
- ldns_resolver_port(local_res));
- ldns_resolver_set_debug(res,
- ldns_resolver_debug(local_res));
- ldns_resolver_set_fail(res,
- ldns_resolver_fail(local_res));
- ldns_resolver_set_usevc(res,
- ldns_resolver_usevc(local_res));
- ldns_resolver_set_random(res,
- ldns_resolver_random(local_res));
- ldns_resolver_set_recursive(local_res, true);
-
- ldns_resolver_set_recursive(res, false);
- ldns_resolver_set_dnssec_cd(res, false);
- ldns_resolver_set_dnssec(res, true);
-
- /* setup the root nameserver in the new resolver */
- status = ldns_resolver_push_nameserver_rr_list(res, global_dns_root);
- if (status != LDNS_STATUS_OK) {
- printf("ERRRRR: %s\n", ldns_get_errorstr_by_id(status));
- ldns_rr_list_print(stdout, global_dns_root);
- return status;
- }
- labels_count = ldns_dname_label_count(name);
- if (start_name) {
- if (ldns_dname_is_subdomain(name, start_name)) {
- labels_count -= ldns_dname_label_count(start_name);
- } else {
- fprintf(stderr, "Error; ");
- ldns_rdf_print(stderr, name);
- fprintf(stderr, " is not a subdomain of ");
- ldns_rdf_print(stderr, start_name);
- fprintf(stderr, "\n");
- goto done;
- }
- }
- labels = LDNS_XMALLOC(ldns_rdf*, labels_count + 2);
- if (!labels) {
- goto done;
- }
- labels[0] = ldns_dname_new_frm_str(LDNS_ROOT_LABEL_STR);
- labels[1] = ldns_rdf_clone(name);
- for(i = 2 ; i < (ssize_t)labels_count + 2; i++) {
- labels[i] = ldns_dname_left_chop(labels[i - 1]);
- }
- /* if no servers is given with @, start by asking local resolver */
- /* first part todo :) */
- for (i = 0; i < (ssize_t) ldns_resolver_nameserver_count(local_res); i++) {
- (void) ldns_resolver_push_nameserver(res, ldns_resolver_nameservers(local_res)[i]);
- }
-
- /* get the nameserver for the label
- * ask: dnskey and ds for the label
- */
- for(i = (ssize_t)labels_count + 1; i > 0; i--) {
- status = ldns_resolver_send(&local_p, res, labels[i], LDNS_RR_TYPE_NS, c, 0);
-
- if (verbosity >= 5) {
- ldns_pkt_print(stdout, local_p);
- }
-
- new_nss = ldns_pkt_rr_list_by_type(local_p,
- LDNS_RR_TYPE_NS, LDNS_SECTION_ANSWER);
- if (!new_nss) {
- /* if it's a delegation, servers put them in the auth section */
- new_nss = ldns_pkt_rr_list_by_type(local_p,
- LDNS_RR_TYPE_NS, LDNS_SECTION_AUTHORITY);
- }
-
- /* if this is the final step there might not be nameserver records
- of course if the data is in the apex, there are, so cover both
- cases */
- if (new_nss || i > 1) {
- for(j = 0; j < ldns_rr_list_rr_count(new_nss); j++) {
- ns_rr = ldns_rr_list_rr(new_nss, j);
- pop = ldns_rr_rdf(ns_rr, 0);
- if (!pop) {
- printf("nopo\n");
- break;
- }
- /* retrieve it's addresses */
- /* trust glue? */
- new_ns_addr = NULL;
- if (ldns_dname_is_subdomain(pop, labels[i])) {
- new_ns_addr = ldns_pkt_rr_list_by_name_and_type(local_p, pop, LDNS_RR_TYPE_A, LDNS_SECTION_ADDITIONAL);
- }
- if (!new_ns_addr || ldns_rr_list_rr_count(new_ns_addr) == 0) {
- new_ns_addr = ldns_get_rr_list_addr_by_name(res, pop, c, 0);
- }
- if (!new_ns_addr || ldns_rr_list_rr_count(new_ns_addr) == 0) {
- new_ns_addr = ldns_get_rr_list_addr_by_name(local_res, pop, c, 0);
- }
-
- if (new_ns_addr) {
- old_ns_addr = ns_addr;
- ns_addr = ldns_rr_list_cat_clone(ns_addr, new_ns_addr);
- ldns_rr_list_deep_free(old_ns_addr);
- }
- ldns_rr_list_deep_free(new_ns_addr);
- }
- ldns_rr_list_deep_free(new_nss);
-
- if (ns_addr) {
- remove_resolver_nameservers(res);
-
- if (ldns_resolver_push_nameserver_rr_list(res, ns_addr) !=
- LDNS_STATUS_OK) {
- error("Error adding new nameservers");
- ldns_pkt_free(local_p);
- goto done;
- }
- ldns_rr_list_deep_free(ns_addr);
- } else {
- status = ldns_verify_denial(local_p, labels[i], LDNS_RR_TYPE_NS, &nsec_rrs, &nsec_rr_sigs);
-
- /* verify the nsec3 themselves*/
- if (verbosity >= 4) {
- printf("NSEC(3) Records to verify:\n");
- ldns_rr_list_print(stdout, nsec_rrs);
- printf("With signatures:\n");
- ldns_rr_list_print(stdout, nsec_rr_sigs);
- printf("correct keys:\n");
- ldns_rr_list_print(stdout, correct_key_list);
- }
-
- if (status == LDNS_STATUS_OK) {
- if ((st = ldns_verify(nsec_rrs, nsec_rr_sigs, trusted_keys, NULL)) == LDNS_STATUS_OK) {
- fprintf(stdout, "%s ", TRUST);
- fprintf(stdout, "Existence denied: ");
- ldns_rdf_print(stdout, labels[i]);
- /*
- if (descriptor && descriptor->_name) {
- printf(" %s", descriptor->_name);
- } else {
- printf(" TYPE%u", t);
- }
- */ fprintf(stdout, " NS\n");
- } else if ((st = ldns_verify(nsec_rrs, nsec_rr_sigs, correct_key_list, NULL)) == LDNS_STATUS_OK) {
- fprintf(stdout, "%s ", SELF);
- fprintf(stdout, "Existence denied: ");
- ldns_rdf_print(stdout, labels[i]);
- /*
- if (descriptor && descriptor->_name) {
- printf(" %s", descriptor->_name);
- } else {
- printf(" TYPE%u", t);
- }
- */
- fprintf(stdout, " NS\n");
- } else {
- fprintf(stdout, "%s ", BOGUS);
- result = 1;
- printf(";; Error verifying denial of existence for name ");
- ldns_rdf_print(stdout, labels[i]);
- /*
- printf(" type ");
- if (descriptor && descriptor->_name) {
- printf("%s", descriptor->_name);
- } else {
- printf("TYPE%u", t);
- }
- */ printf("NS: %s\n", ldns_get_errorstr_by_id(st));
- }
- } else {
- fprintf(stdout, "%s ", BOGUS);
- result = 1;
- printf(";; Error verifying denial of existence for name ");
- ldns_rdf_print(stdout, labels[i]);
- printf("NS: %s\n", ldns_get_errorstr_by_id(status));
- }
-
- /* there might be an empty non-terminal, in which case we need to continue */
- ent = false;
- for (j = 0; j < ldns_rr_list_rr_count(nsec_rrs); j++) {
- if (ldns_dname_is_subdomain(ldns_rr_rdf(ldns_rr_list_rr(nsec_rrs, j), 0), labels[i])) {
- ent = true;
- }
- }
- if (!ent) {
- ldns_rr_list_deep_free(nsec_rrs);
- ldns_rr_list_deep_free(nsec_rr_sigs);
- ldns_pkt_free(local_p);
- goto done;
- } else {
- printf(";; There is an empty non-terminal here, continue\n");
- continue;
- }
- goto done;
- }
-
- if (ldns_resolver_nameserver_count(res) == 0) {
- error("No nameservers found for this node");
- goto done;
- }
- }
- ldns_pkt_free(local_p);
-
- fprintf(stdout, ";; Domain: ");
- ldns_rdf_print(stdout, labels[i]);
- fprintf(stdout, "\n");
-
- /* retrieve keys for current domain, and verify them
- if they match an already trusted DS, or if one of the
- keys used to sign these is trusted, add the keys to
- the trusted list */
- p = get_dnssec_pkt(res, labels[i], LDNS_RR_TYPE_DNSKEY);
- pt = get_key(p, labels[i], &key_list, &key_sig_list);
- if (key_sig_list) {
- if (key_list) {
- current_correct_keys = ldns_rr_list_new();
- if ((st = ldns_verify(key_list, key_sig_list, key_list, current_correct_keys)) ==
- LDNS_STATUS_OK) {
- /* add all signed keys (don't just add current_correct, you'd miss
- * the zsk's then */
- for (j = 0; j < ldns_rr_list_rr_count(key_list); j++) {
- ldns_rr_list_push_rr(correct_key_list, ldns_rr_clone(ldns_rr_list_rr(key_list, j)));
- }
-
- /* check whether these keys were signed
- * by a trusted keys. if so, these
- * keys are also trusted */
- new_keys_trusted = false;
- for (k = 0; k < ldns_rr_list_rr_count(current_correct_keys); k++) {
- for (j = 0; j < ldns_rr_list_rr_count(trusted_ds_rrs); j++) {
- if (ldns_rr_compare_ds(ldns_rr_list_rr(current_correct_keys, k),
- ldns_rr_list_rr(trusted_ds_rrs, j))) {
- new_keys_trusted = true;
- }
- }
- }
-
- /* also all keys are trusted if one of the current correct keys is trusted */
- for (k = 0; k < ldns_rr_list_rr_count(current_correct_keys); k++) {
- for (j = 0; j < ldns_rr_list_rr_count(trusted_keys); j++) {
- if (ldns_rr_compare(ldns_rr_list_rr(current_correct_keys, k),
- ldns_rr_list_rr(trusted_keys, j)) == 0) {
- new_keys_trusted = true;
- }
- }
- }
-
-
- if (new_keys_trusted) {
- ldns_rr_list_push_rr_list(trusted_keys, key_list);
- print_rr_list_abbr(stdout, key_list, TRUST);
- ldns_rr_list_free(key_list);
- key_list = NULL;
- } else {
- if (verbosity >= 2) {
- printf(";; Signature ok but no chain to a trusted key or ds record\n");
- }
- print_rr_list_abbr(stdout, key_list, SELF);
- ldns_rr_list_deep_free(key_list);
- key_list = NULL;
- }
- } else {
- print_rr_list_abbr(stdout, key_list, BOGUS);
- result = 2;
- ldns_rr_list_deep_free(key_list);
- key_list = NULL;
- }
- ldns_rr_list_free(current_correct_keys);
- current_correct_keys = NULL;
- } else {
- printf(";; No DNSKEY record found for ");
- ldns_rdf_print(stdout, labels[i]);
- printf("\n");
- }
- }
-
- ldns_pkt_free(p);
- ldns_rr_list_deep_free(key_sig_list);
- key_sig_list = NULL;
-
- /* check the DS records for the next child domain */
- if (i > 1) {
- p = get_dnssec_pkt(res, labels[i-1], LDNS_RR_TYPE_DS);
- pt = get_ds(p, labels[i-1], &ds_list, &ds_sig_list);
- if (!ds_list) {
- ldns_pkt_free(p);
- if (ds_sig_list) {
- ldns_rr_list_deep_free(ds_sig_list);
- }
- p = get_dnssec_pkt(res, name, LDNS_RR_TYPE_DNSKEY);
- pt = get_ds(p, NULL, &ds_list, &ds_sig_list);
- }
- if (ds_sig_list) {
- if (ds_list) {
- if (verbosity >= 4) {
- printf("VERIFYING:\n");
- printf("DS LIST:\n");
- ldns_rr_list_print(stdout, ds_list);
- printf("SIGS:\n");
- ldns_rr_list_print(stdout, ds_sig_list);
- printf("KEYS:\n");
- ldns_rr_list_print(stdout, correct_key_list);
- }
-
- current_correct_keys = ldns_rr_list_new();
-
- if ((st = ldns_verify(ds_list, ds_sig_list, correct_key_list, current_correct_keys)) ==
- LDNS_STATUS_OK) {
- /* if the ds is signed by a trusted key and a key from correct keys
- matches that ds, add that key to the trusted keys */
- new_keys_trusted = false;
- if (verbosity >= 2) {
- printf("Checking if signing key is trusted:\n");
- }
- for (j = 0; j < ldns_rr_list_rr_count(current_correct_keys); j++) {
- if (verbosity >= 2) {
- printf("New key: ");
- ldns_rr_print(stdout, ldns_rr_list_rr(current_correct_keys, j));
- }
- for (k = 0; k < ldns_rr_list_rr_count(trusted_keys); k++) {
- if (verbosity >= 2) {
- printf("\tTrusted key: ");
- ldns_rr_print(stdout, ldns_rr_list_rr(trusted_keys, k));
- }
- if (ldns_rr_compare(ldns_rr_list_rr(current_correct_keys, j),
- ldns_rr_list_rr(trusted_keys, k)) == 0) {
- if (verbosity >= 2) {
- printf("Key is now trusted!\n");
- }
- for (l = 0; l < ldns_rr_list_rr_count(ds_list); l++) {
- ldns_rr_list_push_rr(trusted_ds_rrs, ldns_rr_clone(ldns_rr_list_rr(ds_list, l)));
- new_keys_trusted = true;
- }
- }
- }
- }
- if (new_keys_trusted) {
- print_rr_list_abbr(stdout, ds_list, TRUST);
- } else {
- print_rr_list_abbr(stdout, ds_list, SELF);
- }
- } else {
- result = 3;
- print_rr_list_abbr(stdout, ds_list, BOGUS);
- }
-
- ldns_rr_list_free(current_correct_keys);
- current_correct_keys = NULL;
- } else {
- /* wait apparently there were no keys either, go back to the ds packet */
- ldns_pkt_free(p);
- ldns_rr_list_deep_free(ds_sig_list);
- p = get_dnssec_pkt(res, labels[i-1], LDNS_RR_TYPE_DS);
- pt = get_ds(p, labels[i-1], &ds_list, &ds_sig_list);
-
- status = ldns_verify_denial(p, labels[i-1], LDNS_RR_TYPE_DS, &nsec_rrs, &nsec_rr_sigs);
-
- if (verbosity >= 4) {
- printf("NSEC(3) Records to verify:\n");
- ldns_rr_list_print(stdout, nsec_rrs);
- printf("With signatures:\n");
- ldns_rr_list_print(stdout, nsec_rr_sigs);
- printf("correct keys:\n");
- ldns_rr_list_print(stdout, correct_key_list);
- }
-
- if (status == LDNS_STATUS_OK) {
- if ((st = ldns_verify(nsec_rrs, nsec_rr_sigs, trusted_keys, NULL)) == LDNS_STATUS_OK) {
- fprintf(stdout, "%s ", TRUST);
- fprintf(stdout, "Existence denied: ");
- ldns_rdf_print(stdout, labels[i-1]);
- printf(" DS");
- fprintf(stdout, "\n");
- } else if ((st = ldns_verify(nsec_rrs, nsec_rr_sigs, correct_key_list, NULL)) == LDNS_STATUS_OK) {
- fprintf(stdout, "%s ", SELF);
- fprintf(stdout, "Existence denied: ");
- ldns_rdf_print(stdout, labels[i-1]);
- printf(" DS");
- fprintf(stdout, "\n");
- } else {
- result = 4;
- fprintf(stdout, "%s ", BOGUS);
- printf("Error verifying denial of existence for ");
- ldns_rdf_print(stdout, labels[i-1]);
- printf(" DS");
- printf(": %s\n", ldns_get_errorstr_by_id(st));
- }
-
-
- } else {
- if (status == LDNS_STATUS_CRYPTO_NO_RRSIG) {
- printf(";; No DS for ");
- ldns_rdf_print(stdout, labels[i - 1]);
- } else {
- printf("[B] Unable to verify denial of existence for ");
- ldns_rdf_print(stdout, labels[i - 1]);
- printf(" DS: %s\n", ldns_get_errorstr_by_id(status));
- }
- }
- if (verbosity >= 2) {
- printf(";; No ds record for delegation\n");
- }
- }
- }
- ldns_rr_list_deep_free(ds_list);
- ldns_pkt_free(p);
- } else {
- /* if this is the last label, just verify the data and stop */
- p = get_dnssec_pkt(res, labels[i], t);
- pt = get_dnssec_rr(p, labels[i], t, &dataset, &key_sig_list);
- if (dataset && ldns_rr_list_rr_count(dataset) > 0) {
- if (key_sig_list && ldns_rr_list_rr_count(key_sig_list) > 0) {
-
- /* If this is a wildcard, you must be able to deny exact match */
- if ((st = ldns_verify(dataset, key_sig_list, trusted_keys, NULL)) == LDNS_STATUS_OK) {
- fprintf(stdout, "%s ", TRUST);
- ldns_rr_list_print(stdout, dataset);
- } else if ((st = ldns_verify(dataset, key_sig_list, correct_key_list, NULL)) == LDNS_STATUS_OK) {
- fprintf(stdout, "%s ", SELF);
- ldns_rr_list_print(stdout, dataset);
- } else {
- result = 5;
- fprintf(stdout, "%s ", BOGUS);
- ldns_rr_list_print(stdout, dataset);
- printf(";; Error: %s\n", ldns_get_errorstr_by_id(st));
- }
- } else {
- fprintf(stdout, "%s ", UNSIGNED);
- ldns_rr_list_print(stdout, dataset);
- }
- ldns_rr_list_deep_free(dataset);
- } else {
- status = ldns_verify_denial(p, name, t, &nsec_rrs, &nsec_rr_sigs);
- if (status == LDNS_STATUS_OK) {
- /* verify the nsec3 themselves*/
- if (verbosity >= 5) {
- printf("NSEC(3) Records to verify:\n");
- ldns_rr_list_print(stdout, nsec_rrs);
- printf("With signatures:\n");
- ldns_rr_list_print(stdout, nsec_rr_sigs);
- printf("correct keys:\n");
- ldns_rr_list_print(stdout, correct_key_list);
-/*
- printf("trusted keys at %p:\n", trusted_keys);
- ldns_rr_list_print(stdout, trusted_keys);
-*/ }
-
- if ((st = ldns_verify(nsec_rrs, nsec_rr_sigs, trusted_keys, NULL)) == LDNS_STATUS_OK) {
- fprintf(stdout, "%s ", TRUST);
- fprintf(stdout, "Existence denied: ");
- ldns_rdf_print(stdout, name);
- if (descriptor && descriptor->_name) {
- printf(" %s", descriptor->_name);
- } else {
- printf(" TYPE%u", t);
- }
- fprintf(stdout, "\n");
- } else if ((st = ldns_verify(nsec_rrs, nsec_rr_sigs, correct_key_list, NULL)) == LDNS_STATUS_OK) {
- fprintf(stdout, "%s ", SELF);
- fprintf(stdout, "Existence denied: ");
- ldns_rdf_print(stdout, name);
- if (descriptor && descriptor->_name) {
- printf(" %s", descriptor->_name);
- } else {
- printf(" TYPE%u", t);
- }
- fprintf(stdout, "\n");
- } else {
- result = 6;
- fprintf(stdout, "%s ", BOGUS);
- printf("Error verifying denial of existence for ");
- ldns_rdf_print(stdout, name);
- printf(" type ");
- if (descriptor && descriptor->_name) {
- printf("%s", descriptor->_name);
- } else {
- printf("TYPE%u", t);
- }
- printf(": %s\n", ldns_get_errorstr_by_id(st));
- }
-
- ldns_rr_list_deep_free(nsec_rrs);
- ldns_rr_list_deep_free(nsec_rr_sigs);
- } else {
-/*
-*/
- if (status == LDNS_STATUS_CRYPTO_NO_RRSIG) {
- printf("%s ", UNSIGNED);
- printf("No data found for: ");
- ldns_rdf_print(stdout, name);
- printf(" type ");
- if (descriptor && descriptor->_name) {
- printf("%s", descriptor->_name);
- } else {
- printf("TYPE%u", t);
- }
- printf("\n");
- } else {
- printf("[B] Unable to verify denial of existence for ");
- ldns_rdf_print(stdout, name);
- printf(" type ");
- if (descriptor && descriptor->_name) {
- printf("%s", descriptor->_name);
- } else {
- printf("TYPE%u", t);
- }
- printf("\n");
- }
-
- }
- }
- ldns_pkt_free(p);
- }
-
- new_nss_aaaa = NULL;
- new_nss_a = NULL;
- new_nss = NULL;
- ns_addr = NULL;
- ldns_rr_list_deep_free(key_list);
- key_list = NULL;
- ldns_rr_list_deep_free(key_sig_list);
- key_sig_list = NULL;
- ds_list = NULL;
- ldns_rr_list_deep_free(ds_sig_list);
- ds_sig_list = NULL;
- }
- printf(";;" SELF " self sig OK; " BOGUS " bogus; " TRUST " trusted\n");
- /* verbose mode?
- printf("Trusted keys:\n");
- ldns_rr_list_print(stdout, trusted_keys);
- printf("trusted dss:\n");
- ldns_rr_list_print(stdout, trusted_ds_rrs);
- */
-
- done:
- ldns_rr_list_deep_free(trusted_ds_rrs);
- ldns_rr_list_deep_free(correct_key_list);
- ldns_resolver_deep_free(res);
- if (labels) {
- for(i = 0 ; i < (ssize_t)labels_count + 2; i++) {
- ldns_rdf_deep_free(labels[i]);
- }
- LDNS_FREE(labels);
- }
- return result;
-}
-#endif /* HAVE_SSL */
+++ /dev/null
-/*
- * work.c
- * Where all the hard work is done
- * (c) 2005 NLnet Labs
- *
- * See the file LICENSE for the license
- *
- */
-
-#include "drill.h"
-#include <ldns/ldns.h>
-
-/**
- * Converts a hex string to binary data
- * len is the length of the string
- * buf is the buffer to store the result in
- * offset is the starting position in the result buffer
- *
- * This function returns the length of the result
- */
-size_t
-hexstr2bin(char *hexstr, int len, uint8_t *buf, size_t offset, size_t buf_len)
-{
- char c;
- int i;
- uint8_t int8 = 0;
- int sec = 0;
- size_t bufpos = 0;
-
- if (len % 2 != 0) {
- return 0;
- }
-
- for (i=0; i<len; i++) {
- c = hexstr[i];
-
- /* case insensitive, skip spaces */
- if (c != ' ') {
- if (c >= '0' && c <= '9') {
- int8 += c & 0x0f;
- } else if (c >= 'a' && c <= 'z') {
- int8 += (c & 0x0f) + 9;
- } else if (c >= 'A' && c <= 'Z') {
- int8 += (c & 0x0f) + 9;
- } else {
- return 0;
- }
-
- if (sec == 0) {
- int8 = int8 << 4;
- sec = 1;
- } else {
- if (bufpos + offset + 1 <= buf_len) {
- buf[bufpos+offset] = int8;
- int8 = 0;
- sec = 0;
- bufpos++;
- } else {
- error("Buffer too small in hexstr2bin");
- }
- }
- }
- }
- return bufpos;
-}
-
-size_t
-packetbuffromfile(char *filename, uint8_t *wire)
-{
- FILE *fp = NULL;
- int c;
-
- /* stat hack
- * 0 = normal
- * 1 = comment (skip to end of line)
- * 2 = unprintable character found, read binary data directly
- */
- int state = 0;
- uint8_t *hexbuf = xmalloc(LDNS_MAX_PACKETLEN);
- int hexbufpos = 0;
- size_t wirelen;
-
- if (strncmp(filename, "-", 2) == 0) {
- fp = stdin;
- } else {
- fp = fopen(filename, "r");
- }
- if (fp == NULL) {
- perror("Unable to open file for reading");
- xfree(hexbuf);
- return 0;
- }
-
- /*verbose("Opened %s\n", filename);*/
-
- c = fgetc(fp);
- while (c != EOF && hexbufpos < LDNS_MAX_PACKETLEN) {
- if (state < 2 && !isascii(c)) {
- /*verbose("non ascii character found in file: (%d) switching to raw mode\n", c);*/
- state = 2;
- }
- switch (state) {
- case 0:
- if ( (c >= '0' && c <= '9') ||
- (c >= 'a' && c <= 'f') ||
- (c >= 'A' && c <= 'F') )
- {
- hexbuf[hexbufpos] = (uint8_t) c;
- hexbufpos++;
- } else if (c == ';') {
- state = 1;
- } else if (c == ' ' || c == '\t' || c == '\n') {
- /* skip whitespace */
- }
- break;
- case 1:
- if (c == '\n' || c == EOF) {
- state = 0;
- }
- break;
- case 2:
- hexbuf[hexbufpos] = (uint8_t) c;
- hexbufpos++;
- break;
- default:
- warning("unknown state while reading %s", filename);
- xfree(hexbuf);
- return 0;
- break;
- }
- c = fgetc(fp);
- }
-
- if (c == EOF) {
- /*
- if (have_drill_opt && drill_opt->verbose) {
- verbose("END OF FILE REACHED\n");
- if (state < 2) {
- verbose("read:\n");
- verbose("%s\n", hexbuf);
- } else {
- verbose("Not printing wire because it contains non ascii data\n");
- }
- }
- */
- }
- if (hexbufpos >= LDNS_MAX_PACKETLEN) {
- /*verbose("packet size reached\n");*/
- }
-
- /* lenient mode: length must be multiple of 2 */
- if (hexbufpos % 2 != 0) {
- hexbuf[hexbufpos] = (uint8_t) '0';
- hexbufpos++;
- }
-
- if (state < 2) {
- wirelen = hexstr2bin((char *) hexbuf,
- hexbufpos,
- wire,
- 0,
- LDNS_MAX_PACKETLEN);
- } else {
- memcpy(wire, hexbuf, (size_t) hexbufpos);
- wirelen = (size_t) hexbufpos;
- }
- if (fp != stdin) {
- fclose(fp);
- }
- xfree(hexbuf);
- return wirelen;
-}
-
-ldns_buffer *
-read_hex_buffer(char *filename)
-{
- uint8_t *wire;
- size_t wiresize;
- ldns_buffer *result_buffer = NULL;
-
- FILE *fp = NULL;
-
- if (strncmp(filename, "-", 2) != 0) {
- fp = fopen(filename, "r");
- } else {
- fp = stdin;
- }
-
- if (fp == NULL) {
- perror("");
- warning("Unable to open %s", filename);
- return NULL;
- }
-
- wire = xmalloc(LDNS_MAX_PACKETLEN);
-
- wiresize = packetbuffromfile(filename, wire);
-
- result_buffer = LDNS_MALLOC(ldns_buffer);
- ldns_buffer_new_frm_data(result_buffer, wire, wiresize);
- ldns_buffer_set_position(result_buffer, ldns_buffer_capacity(result_buffer));
-
- xfree(wire);
- return result_buffer;
-}
-
-ldns_pkt *
-read_hex_pkt(char *filename)
-{
- uint8_t *wire;
- size_t wiresize;
-
- ldns_pkt *pkt = NULL;
-
- ldns_status status = LDNS_STATUS_ERR;
-
- wire = xmalloc(LDNS_MAX_PACKETLEN);
-
- wiresize = packetbuffromfile(filename, wire);
-
- if (wiresize > 0) {
- status = ldns_wire2pkt(&pkt, wire, wiresize);
- }
-
- xfree(wire);
-
- if (status == LDNS_STATUS_OK) {
- return pkt;
- } else {
- fprintf(stderr, "Error parsing hex file: %s\n",
- ldns_get_errorstr_by_id(status));
- return NULL;
- }
-}
-
-void
-dump_hex(const ldns_pkt *pkt, const char *filename)
-{
- uint8_t *wire;
- size_t size, i;
- FILE *fp;
- ldns_status status;
-
- fp = fopen(filename, "w");
-
- if (fp == NULL) {
- error("Unable to open %s for writing", filename);
- return;
- }
-
- status = ldns_pkt2wire(&wire, pkt, &size);
-
- if (status != LDNS_STATUS_OK) {
- error("Unable to convert packet: error code %u", status);
- return;
- }
-
- fprintf(fp, "; 0");
- for (i = 1; i < 20; i++) {
- fprintf(fp, " %2u", (unsigned int) i);
- }
- fprintf(fp, "\n");
- fprintf(fp, ";--");
- for (i = 1; i < 20; i++) {
- fprintf(fp, " --");
- }
- fprintf(fp, "\n");
- for (i = 0; i < size; i++) {
- if (i % 20 == 0 && i > 0) {
- fprintf(fp, "\t;\t%4u-%4u\n", (unsigned int) i-19, (unsigned int) i);
- }
- fprintf(fp, " %02x", (unsigned int)wire[i]);
- }
- fprintf(fp, "\n");
- fclose(fp);
-}
+++ /dev/null
-/*
- * a error2str function to make sense of all the
- * error codes we have laying ardoun
- *
- * a Net::DNS like library for C
- * LibDNS Team @ NLnet Labs
- * (c) NLnet Labs, 2005-2006
- * See the file LICENSE for the license
- */
-
-#include <ldns/config.h>
-
-#include <ldns/ldns.h>
-
-ldns_lookup_table ldns_error_str[] = {
- { LDNS_STATUS_OK, "All OK" },
- { LDNS_STATUS_EMPTY_LABEL, "Empty label" },
- { LDNS_STATUS_LABEL_OVERFLOW, "Label length overflow" },
- { LDNS_STATUS_DOMAINNAME_OVERFLOW, "Domainname length overflow" },
- { LDNS_STATUS_DOMAINNAME_UNDERFLOW, "Domainname length underflow (zero length)" },
- { LDNS_STATUS_DDD_OVERFLOW, "\\DDD sequence overflow (>255)" },
- { LDNS_STATUS_PACKET_OVERFLOW, "Packet size overflow" },
- { LDNS_STATUS_INVALID_POINTER, "Invalid compression pointer" },
- { LDNS_STATUS_MEM_ERR, "General memory error" },
- { LDNS_STATUS_INTERNAL_ERR, "Internal error, this should not happen" },
- { LDNS_STATUS_SSL_ERR, "Error in SSL library" },
- { LDNS_STATUS_ERR, "General LDNS error" },
- { LDNS_STATUS_INVALID_INT, "Conversion error, integer expected" },
- { LDNS_STATUS_INVALID_IP4, "Conversion error, ip4 addr expected" },
- { LDNS_STATUS_INVALID_IP6, "Conversion error, ip6 addr expected" },
- { LDNS_STATUS_INVALID_STR, "Conversion error, string expected" },
- { LDNS_STATUS_INVALID_B64, "Conversion error, b64 encoding expected" },
- { LDNS_STATUS_INVALID_HEX, "Conversion error, hex encoding expected" },
- { LDNS_STATUS_INVALID_TIME, "Conversion error, time encoding expected" },
- { LDNS_STATUS_NETWORK_ERR, "Could not send or receive, because of network error" },
- { LDNS_STATUS_ADDRESS_ERR, "Could not start AXFR, because of address error" },
- { LDNS_STATUS_FILE_ERR, "Could not open the files" },
- { LDNS_STATUS_UNKNOWN_INET, "Uknown address family" },
- { LDNS_STATUS_NOT_IMPL, "This function is not implemented (yet), please notify the developers - or not..." },
- { LDNS_STATUS_NULL, "Supplied value pointer null" },
- { LDNS_STATUS_CRYPTO_UNKNOWN_ALGO, "Unknown cryptographic algorithm" },
- { LDNS_STATUS_CRYPTO_ALGO_NOT_IMPL, "Cryptographic algorithm not implemented" },
- { LDNS_STATUS_CRYPTO_NO_RRSIG, "No DNSSEC signature(s)" },
- { LDNS_STATUS_CRYPTO_NO_DNSKEY, "No DNSSEC public key(s)" },
- { LDNS_STATUS_CRYPTO_TYPE_COVERED_ERR, "The signature does not cover this RRset" },
- { LDNS_STATUS_CRYPTO_NO_TRUSTED_DNSKEY, "No signatures found for trusted DNSSEC public key(s)" },
- { LDNS_STATUS_CRYPTO_NO_DS, "No DS record(s)" },
- { LDNS_STATUS_CRYPTO_NO_TRUSTED_DS, "Could not validate DS record(s)" },
- { LDNS_STATUS_CRYPTO_NO_MATCHING_KEYTAG_DNSKEY, "No keys with the keytag and algorithm from the RRSIG found" },
- { LDNS_STATUS_CRYPTO_VALIDATED, "Valid DNSSEC signature" },
- { LDNS_STATUS_CRYPTO_BOGUS, "Bogus DNSSEC signature" },
- { LDNS_STATUS_CRYPTO_SIG_EXPIRED, "DNSSEC signature has expired" },
- { LDNS_STATUS_CRYPTO_SIG_NOT_INCEPTED, "DNSSEC signature not incepted yet" },
- { LDNS_STATUS_CRYPTO_TSIG_BOGUS, "Bogus TSIG signature" },
- { LDNS_STATUS_CRYPTO_TSIG_ERR, "Could not create TSIG signature" },
- { LDNS_STATUS_CRYPTO_EXPIRATION_BEFORE_INCEPTION, "DNSSEC signature has expiration date earlier than inception date" },
- { LDNS_STATUS_ENGINE_KEY_NOT_LOADED, "Unable to load private key from engine" },
- { LDNS_STATUS_NSEC3_ERR, "Error in NSEC3 denial of existence proof" },
- { LDNS_STATUS_RES_NO_NS, "No (valid) nameservers defined in the resolver" },
- { LDNS_STATUS_RES_QUERY, "No correct query given to resolver" },
- { LDNS_STATUS_WIRE_INCOMPLETE_HEADER, "header section incomplete" },
- { LDNS_STATUS_WIRE_INCOMPLETE_QUESTION, "question section incomplete" },
- { LDNS_STATUS_WIRE_INCOMPLETE_ANSWER, "answer section incomplete" },
- { LDNS_STATUS_WIRE_INCOMPLETE_AUTHORITY, "authority section incomplete" },
- { LDNS_STATUS_WIRE_INCOMPLETE_ADDITIONAL, "additional section incomplete" },
- { LDNS_STATUS_NO_DATA, "No data" },
- { LDNS_STATUS_CERT_BAD_ALGORITHM, "Bad algorithm type for CERT record" },
- { LDNS_STATUS_SYNTAX_TYPE_ERR, "Syntax error, could not parse the RR's type" },
- { LDNS_STATUS_SYNTAX_CLASS_ERR, "Syntax error, could not parse the RR's class" },
- { LDNS_STATUS_SYNTAX_TTL_ERR, "Syntax error, could not parse the RR's TTL" },
- { LDNS_STATUS_SYNTAX_INCLUDE_ERR_NOTIMPL, "Syntax error, $INCLUDE not implemented" },
- { LDNS_STATUS_SYNTAX_RDATA_ERR, "Syntax error, could not parse the RR's rdata" },
- { LDNS_STATUS_SYNTAX_DNAME_ERR, "Syntax error, could not parse the RR's dname(s)" },
- { LDNS_STATUS_SYNTAX_VERSION_ERR, "Syntax error, version mismatch" },
- { LDNS_STATUS_SYNTAX_ALG_ERR, "Syntax error, algorithm unknown or non parseable" },
- { LDNS_STATUS_SYNTAX_KEYWORD_ERR, "Syntax error, unknown keyword in input" },
- { LDNS_STATUS_SYNTAX_ERR, "Syntax error, could not parse the RR" },
- { LDNS_STATUS_SYNTAX_EMPTY, "Empty line was returned" },
- { LDNS_STATUS_SYNTAX_TTL, "$TTL directive was seen in the zone" },
- { LDNS_STATUS_SYNTAX_ORIGIN, "$ORIGIN directive was seen in the zone" },
- { LDNS_STATUS_SYNTAX_INCLUDE, "$INCLUDE directive was seen in the zone" },
- { LDNS_STATUS_SYNTAX_ITERATIONS_OVERFLOW, "Iterations count for NSEC3 record higher than maximum" },
- { LDNS_STATUS_SYNTAX_MISSING_VALUE_ERR, "Syntax error, value expected" },
- { LDNS_STATUS_SYNTAX_INTEGER_OVERFLOW, "Syntax error, integer value too large" },
- { LDNS_STATUS_SYNTAX_BAD_ESCAPE, "Syntax error, bad escape sequence" },
- { LDNS_STATUS_SOCKET_ERROR, "Error creating socket" },
- { LDNS_STATUS_DNSSEC_EXISTENCE_DENIED, "Existence denied by NSEC" },
- { LDNS_STATUS_DNSSEC_NSEC_RR_NOT_COVERED, "RR not covered by the given NSEC RRs" },
- { LDNS_STATUS_DNSSEC_NSEC_WILDCARD_NOT_COVERED, "wildcard not covered by the given NSEC RRs" },
- { LDNS_STATUS_DNSSEC_NSEC3_ORIGINAL_NOT_FOUND, "original of NSEC3 hashed name could not be found" },
- { 0, NULL }
-};
-
-const char *
-ldns_get_errorstr_by_id(ldns_status err)
-{
- ldns_lookup_table *lt;
-
- lt = ldns_lookup_by_id(ldns_error_str, err);
-
- if (lt) {
- return lt->name;
- }
- return NULL;
-}
+++ /dev/null
-# Standard installation pathnames
-# See the file LICENSE for the license
-SHELL = @SHELL@
-VERSION = @PACKAGE_VERSION@
-basesrcdir = $(shell basename `pwd`)
-srcdir = @srcdir@
-prefix = @prefix@
-exec_prefix = @exec_prefix@
-bindir = @bindir@
-mandir = @mandir@
-libtool = @libtool@
-
-CC = @CC@
-CFLAGS = -I. -I${srcdir} @CFLAGS@
-CPPFLAGS = @CPPFLAGS@
-LDFLAGS = @LDFLAGS@
-LIBNSL_LIBS = @LIBNSL_LIBS@
-LIBSSL_CPPFLAGS = @LIBSSL_CPPFLAGS@
-LIBSSL_LDFLAGS = @LIBSSL_LDFLAGS@
-LIBSSL_LIBS = @LIBSSL_LIBS@
-LIBS = @LIBS@
-RUNTIME_PATH = @RUNTIME_PATH@
-LDNSDIR = @LDNSDIR@
-
-INSTALL = $(SHELL) $(srcdir)/../install-sh
-
-COMPILE = $(CC) $(CPPFLAGS) $(LIBSSL_CPPFLAGS) $(CFLAGS)
-LINK = $(libtool) --tag=CC --quiet --mode=link $(CC) $(CFLAGS) $(LDFLAGS) $(LIBS) $(RUNTIME_PATH)
-LINK_STATIC = $(libtool) --tag=CC --quiet --mode=link $(CC) $(CFLAGS) -static $(LDFLAGS) $(LIBS) $(RUNTIME_PATH)
-
-LINT = splint
-LINTFLAGS=+quiet -weak -warnposix -unrecog -Din_addr_t=uint32_t -Du_int=unsigned -Du_char=uint8_t -preproc -Drlimit=rlimit64 -D__gnuc_va_list=va_list
-#-Dglob64=glob -Dglobfree64=globfree
-# compat with openssl linux edition.
-LINTFLAGS+="-DBN_ULONG=unsigned long" -Dkrb5_int32=int "-Dkrb5_ui_4=unsigned int" -DPQ_64BIT=uint64_t -DRC4_INT=unsigned -fixedformalarray -D"ENGINE=unsigned" -D"RSA=unsigned" -D"DSA=unsigned" -D"EVP_PKEY=unsigned" -D"EVP_MD=unsigned" -D"SSL=unsigned" -D"SSL_CTX=unsigned" -D"X509=unsigned" -D"RC4_KEY=unsigned" -D"EVP_MD_CTX=unsigned"
-# compat with NetBSD
-ifeq "$(shell uname)" "NetBSD"
-LINTFLAGS+="-D__RENAME(x)=" -D_NETINET_IN_H_
-endif
-# compat with OpenBSD
-LINTFLAGS+="-Dsigset_t=long"
-# FreeBSD8
-LINTFLAGS+="-D__uint16_t=uint16_t"
-LINTFLAGS+=-D__signed__=signed "-D__packed=" "-D__aligned(x)="
-
-HEADER = config.h
-MAIN_SOURCES = ldns-read-zone.c \
- ldns-mx.c \
- ldns-chaos.c \
- ldns-update.c \
- ldns-keygen.c \
- ldns-key2ds.c \
- ldns-version.c \
- ldns-rrsig.c \
- ldns-walk.c \
- ldns-zsplit.c \
- ldns-zcat.c \
- ldns-dpa.c \
- ldns-resolver.c \
- ldns-test-edns.c \
- ldns-keyfetcher.c \
- ldns-notify.c \
- ldns-testns.c \
- ldns-compare-zones.c \
- ldnsd.c
-
-MAIN_SSL_SOURCES = ldns-signzone.c \
- ldns-verify-zone.c \
- ldns-revoke.c \
- ldns-nsec3-hash.c
-
-OTHER_SOURCES = ldns-testpkts.c
-
-PROGRAMS=$(MAIN_SOURCES:.c=)
-SSL_PROGRAMS=$(MAIN_SSL_SOURCES:.c=)
-
-.PHONY: all clean realclean all-static
-.SECONDARY: $(MAIN_SOURCES:.c=.o) $(OTHER_SOURCES:.c=.o) $(MAIN_SSL_SOURCES:.c=.o)
-
-all: $(addsuffix .prg,$(PROGRAMS)) $(addsuffix .prg-ssl,$(SSL_PROGRAMS))
-
-all-static: $(addsuffix .stc,$(PROGRAMS)) $(addsuffix .stc-ssl,$(SSL_PROGRAMS))
-
-%.o: $(srcdir)/%.c
- $(COMPILE) -o $@ -c $<
-
-# ldns-testns uses more sources.
-ldns-testns.o: $(srcdir)/ldns-testns.c $(srcdir)/ldns-testpkts.c $(srcdir)/ldns-testpkts.h
-ldns-testns.prg: ldns-testpkts.o
-ldns-testns.stc: ldns-testpkts.o
-
-ldnsd.prg: ldnsd.o
- @if test ! -f $(@:.prg=) -o $< -nt $(@:.prg=); then \
- echo $(LINK) $(LIBNSL_LIBS) -o $(@:.prg=) $^ ; \
- $(LINK) $(LIBNSL_LIBS) -o $(@:.prg=) $^ ; \
- fi
-
-ldnsd.stc: ldnsd.o
- @if test ! -f $@ -o $< -nt $@; then \
- echo $(LINK_STATIC) $(LIBNSL_LDFLAGS) -o $@ $^ ; \
- $(LINK_STATIC) $(LIBNSL_LDFLAGS) -o $@ $^ ; \
- fi
-
-%.prg-ssl: %.o
- @if test ! -f $(@:.prg-ssl=) -o $< -nt $(@:.prg-ssl=); then \
- echo $(LINK) $(LIBNSL_LIBS) $(LIBSSL_LDFLAGS) $(LIBSSL_LIBS) -o $(@:.prg-ssl=) $^ ; \
- $(LINK) $(LIBNSL_LIBS) $(LIBSSL_LDFLAGS) $(LIBSSL_LIBS) -o $(@:.prg-ssl=) $^ ; \
- fi
-
-%.stc-ssl: %.o
- @if test ! -f $@ -o $< -nt $@; then \
- echo $(LINK_STATIC) $(LIBNSL_LIBS) $(LIBSSL_LDFLAGS) $(LIBSSL_LIBS) -o $@ $^ ; \
- $(LINK_STATIC) $(LIBNSL_LIBS) $(LIBSSL_LDFLAGS) $(LIBSSL_LIBS) -o $@ $^ ; \
- fi
-
-%.prg: %.o
- @if test ! -f $(@:.prg=) -o $< -nt $(@:.prg=); then \
- echo $(LINK) -o $(@:.prg=) $^ ; \
- $(LINK) -o $(@:.prg=) $^ ; \
- fi
-
-%.stc: %.o
- @if test ! -f $@ -o $< -nt $@; then \
- echo $(LINK_STATIC) -o $@ $^ ; \
- $(LINK_STATIC) -o $@ $^ ; \
- fi
-
-lint:
- for i in $(MAIN_SOURCES) $(OTHER_SOURCES); do \
- $(LINT) $(LINTFLAGS) -I. -I$(srcdir) $(srcdir)/$$i $(CPPFLAGS); \
- if [ $$? -ne 0 ] ; then exit 1 ; fi ; \
- done
-
-clean:
- rm -f *.o *.lo
- rm -rf .libs
- rm -f $(PROGRAMS) $(SSL_PROGRAMS)
- rm -f $(addsuffix .stc,$(PROGRAMS)) $(addsuffix .stc-ssl,$(SSL_PROGRAMS))
-
-realclean: clean
- rm -rf autom4te.cache/
- rm -f config.log config.status aclocal.m4 config.h.in configure Makefile
- rm -f config.h
-
-confclean: clean
- rm -rf config.log config.status config.h Makefile
-
-install: $(PROGRAMS) $(SSL_PROGRAMS)
- $(INSTALL) -d -m 755 $(DESTDIR)$(bindir)
- $(INSTALL) -d -m 755 $(DESTDIR)$(mandir)
- $(INSTALL) -d -m 755 $(DESTDIR)$(mandir)/man1
- for i in $(PROGRAMS) $(SSL_PROGRAMS); do \
- $(libtool) --tag=CC --mode=install ${INSTALL} -c $$i $(DESTDIR)$(bindir) ; \
- $(INSTALL) -c -m 644 $(srcdir)/$$i.1 $(DESTDIR)$(mandir)/man1/$$i.1 ; \
- done
- exit 0
-
-install-static: all-static
- $(INSTALL) -d -m 755 $(DESTDIR)$(bindir)
- $(INSTALL) -d -m 755 $(DESTDIR)$(mandir)
- $(INSTALL) -d -m 755 $(DESTDIR)$(mandir)/man1
- for i in $(PROGRAMS); do \
- $(libtool) --tag=CC --mode=install ${INSTALL} -c $$i.stc $(DESTDIR)$(bindir) ; \
- $(INSTALL) -c -m 644 $(srcdir)/$$i.1 $(DESTDIR)$(mandir)/man1/$$i.1 ; \
- done
- for i in $(SSL_PROGRAMS); do \
- $(libtool) --tag=CC --mode=install ${INSTALL} -c $$i.stc-ssl $(DESTDIR)$(bindir) ; \
- $(INSTALL) -c -m 644 $(srcdir)/$$i.1 $(DESTDIR)$(mandir)/man1/$$i.1 ; \
- done
- exit 0
-
-uninstall:
- for i in $(PROGRAMS) $(SSL_PROGRAMS); do \
- rm -f $(DESTDIR)$(bindir)/$$i ; \
- rm -f $(DESTDIR)$(mandir)/man1/$$i.1 ; \
- done
- exit 0
- rmdir -p $(DESTDIR)$(bindir)
- rmdir -p $(DESTDIR)$(mandir)
+++ /dev/null
-These tools are examples of ldns usage. They are not meant for production
-systems and will not be supported as such.
-
-Compilation:
-autoreconf && ./configure && make
+++ /dev/null
-/* config.h.in. Generated from configure.ac by autoheader. */
-
-/* Define to 1 if you have the <arpa/inet.h> header file. */
-#undef HAVE_ARPA_INET_H
-
-/* Define to 1 if you have the <assert.h> header file. */
-#undef HAVE_ASSERT_H
-
-/* Define to 1 if you have the <ctype.h> header file. */
-#undef HAVE_CTYPE_H
-
-/* Define to 1 if you have the declaration of `in6addr_any', and to 0 if you
- don't. */
-#undef HAVE_DECL_IN6ADDR_ANY
-
-/* Define to 1 if you have the `fork' function. */
-#undef HAVE_FORK
-
-/* Whether getaddrinfo is available */
-#undef HAVE_GETADDRINFO
-
-/* Define to 1 if you have the <getopt.h> header file. */
-#undef HAVE_GETOPT_H
-
-/* If you have HMAC_CTX_init */
-#undef HAVE_HMAC_CTX_INIT
-
-/* Define to 1 if you have the <inttypes.h> header file. */
-#undef HAVE_INTTYPES_H
-
-/* Define to 1 if you have the `isblank' function. */
-#undef HAVE_ISBLANK
-
-/* Define to 1 if you have the `ldns' library (-lldns). */
-#undef HAVE_LIBLDNS
-
-/* Define to 1 if you have the `pcap' library (-lpcap). */
-#undef HAVE_LIBPCAP
-
-/* Define to 1 if you have the <memory.h> header file. */
-#undef HAVE_MEMORY_H
-
-/* Define to 1 if you have the <netdb.h> header file. */
-#undef HAVE_NETDB_H
-
-/* Define to 1 if you have the <netinet/if_ether.h> header file. */
-#undef HAVE_NETINET_IF_ETHER_H
-
-/* Define to 1 if you have the <netinet/igmp.h> header file. */
-#undef HAVE_NETINET_IGMP_H
-
-/* Define to 1 if you have the <netinet/in.h> header file. */
-#undef HAVE_NETINET_IN_H
-
-/* Define to 1 if you have the <netinet/in_systm.h> header file. */
-#undef HAVE_NETINET_IN_SYSTM_H
-
-/* Define to 1 if you have the <netinet/ip6.h> header file. */
-#undef HAVE_NETINET_IP6_H
-
-/* Define to 1 if you have the <netinet/ip.h> header file. */
-#undef HAVE_NETINET_IP_H
-
-/* Define to 1 if you have the <netinet/udp.h> header file. */
-#undef HAVE_NETINET_UDP_H
-
-/* Define to 1 if you have the <net/if.h> header file. */
-#undef HAVE_NET_IF_H
-
-/* Define to 1 if you have the <openssl/err.h> header file. */
-#undef HAVE_OPENSSL_ERR_H
-
-/* Define to 1 if you have the <openssl/rand.h> header file. */
-#undef HAVE_OPENSSL_RAND_H
-
-/* Define to 1 if you have the <openssl/ssl.h> header file. */
-#undef HAVE_OPENSSL_SSL_H
-
-/* Define to 1 if you have the <pcap.h> header file. */
-#undef HAVE_PCAP_H
-
-/* Define to 1 if you have the `random' function. */
-#undef HAVE_RANDOM
-
-/* Define to 1 if you have the `sleep' function. */
-#undef HAVE_SLEEP
-
-/* Define to 1 if you have the `srandom' function. */
-#undef HAVE_SRANDOM
-
-/* Define if you have the SSL libraries installed. */
-#undef HAVE_SSL
-
-/* Define to 1 if you have the <stdint.h> header file. */
-#undef HAVE_STDINT_H
-
-/* Define to 1 if you have the <stdio.h> header file. */
-#undef HAVE_STDIO_H
-
-/* Define to 1 if you have the <stdlib.h> header file. */
-#undef HAVE_STDLIB_H
-
-/* Define to 1 if you have the <strings.h> header file. */
-#undef HAVE_STRINGS_H
-
-/* Define to 1 if you have the <string.h> header file. */
-#undef HAVE_STRING_H
-
-/* Define to 1 if you have the <sys/mount.h> header file. */
-#undef HAVE_SYS_MOUNT_H
-
-/* Define to 1 if you have the <sys/param.h> header file. */
-#undef HAVE_SYS_PARAM_H
-
-/* Define to 1 if you have the <sys/select.h> header file. */
-#undef HAVE_SYS_SELECT_H
-
-/* Define to 1 if you have the <sys/socket.h> header file. */
-#undef HAVE_SYS_SOCKET_H
-
-/* Define to 1 if you have the <sys/stat.h> header file. */
-#undef HAVE_SYS_STAT_H
-
-/* Define to 1 if you have the <sys/time.h> header file. */
-#undef HAVE_SYS_TIME_H
-
-/* Define to 1 if you have the <sys/types.h> header file. */
-#undef HAVE_SYS_TYPES_H
-
-/* Define to 1 if you have the <time.h> header file. */
-#undef HAVE_TIME_H
-
-/* Define to 1 if you have the <unistd.h> header file. */
-#undef HAVE_UNISTD_H
-
-/* Define to 1 if you have the `vfork' function. */
-#undef HAVE_VFORK
-
-/* Define to 1 if you have the <vfork.h> header file. */
-#undef HAVE_VFORK_H
-
-/* Define to 1 if you have the <winsock2.h> header file. */
-#undef HAVE_WINSOCK2_H
-
-/* Define to 1 if `fork' works. */
-#undef HAVE_WORKING_FORK
-
-/* Define to 1 if `vfork' works. */
-#undef HAVE_WORKING_VFORK
-
-/* Define to 1 if you have the <ws2tcpip.h> header file. */
-#undef HAVE_WS2TCPIP_H
-
-/* Define to the address where bug reports for this package should be sent. */
-#undef PACKAGE_BUGREPORT
-
-/* Define to the full name of this package. */
-#undef PACKAGE_NAME
-
-/* Define to the full name and version of this package. */
-#undef PACKAGE_STRING
-
-/* Define to the one symbol short name of this package. */
-#undef PACKAGE_TARNAME
-
-/* Define to the home page for this package. */
-#undef PACKAGE_URL
-
-/* Define to the version of this package. */
-#undef PACKAGE_VERSION
-
-/* Define to 1 if you have the ANSI C header files. */
-#undef STDC_HEADERS
-
-/* Define this to enable ECDSA support. */
-#undef USE_ECDSA
-
-/* Define this to enable GOST support. */
-#undef USE_GOST
-
-/* Define this to enable SHA256 and SHA512 support. */
-#undef USE_SHA2
-
-/* Enable extensions on AIX 3, Interix. */
-#ifndef _ALL_SOURCE
-# undef _ALL_SOURCE
-#endif
-/* Enable GNU extensions on systems that have them. */
-#ifndef _GNU_SOURCE
-# undef _GNU_SOURCE
-#endif
-/* Enable threading extensions on Solaris. */
-#ifndef _POSIX_PTHREAD_SEMANTICS
-# undef _POSIX_PTHREAD_SEMANTICS
-#endif
-/* Enable extensions on HP NonStop. */
-#ifndef _TANDEM_SOURCE
-# undef _TANDEM_SOURCE
-#endif
-/* Enable general extensions on Solaris. */
-#ifndef __EXTENSIONS__
-# undef __EXTENSIONS__
-#endif
-
-
-/* the version of the windows API enabled */
-#undef WINVER
-
-/* Define to 1 if on MINIX. */
-#undef _MINIX
-
-/* Define to 2 if the system does not provide POSIX.1 features except with
- this defined. */
-#undef _POSIX_1_SOURCE
-
-/* Define to 1 if you need to in order for `stat' and other things to work. */
-#undef _POSIX_SOURCE
-
-/* in_addr_t */
-#undef in_addr_t
-
-/* in_port_t */
-#undef in_port_t
-
-/* Define to `__inline__' or `__inline' if that's what the C compiler
- calls it, or to nothing if 'inline' is not supported under any name. */
-#ifndef __cplusplus
-#undef inline
-#endif
-
-/* Define to `short' if <sys/types.h> does not define. */
-#undef int16_t
-
-/* Define to `int' if <sys/types.h> does not define. */
-#undef int32_t
-
-/* Define to `long long' if <sys/types.h> does not define. */
-#undef int64_t
-
-/* Define to `char' if <sys/types.h> does not define. */
-#undef int8_t
-
-/* Define to `int' if <sys/types.h> does not define. */
-#undef pid_t
-
-/* Define to `unsigned int' if <sys/types.h> does not define. */
-#undef size_t
-
-/* Define to 'int' if not defined */
-#undef socklen_t
-
-/* Define to `int' if <sys/types.h> does not define. */
-#undef ssize_t
-
-/* Define to `unsigned short' if <sys/types.h> does not define. */
-#undef uint16_t
-
-/* Define to `unsigned int' if <sys/types.h> does not define. */
-#undef uint32_t
-
-/* Define to `unsigned long long' if <sys/types.h> does not define. */
-#undef uint64_t
-
-/* Define to `unsigned char' if <sys/types.h> does not define. */
-#undef uint8_t
-
-/* Define as `fork' if `vfork' does not work. */
-#undef vfork
-
-
-
-#include <stdio.h>
-#include <string.h>
-#include <unistd.h>
-#include <assert.h>
-
-#if STDC_HEADERS
-#include <stdlib.h>
-#include <stddef.h>
-#endif
-
-#ifdef HAVE_STDINT_H
-#include <stdint.h>
-#endif
-
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-
-#ifdef HAVE_NETINET_UDP_H
-#include <netinet/udp.h>
-#endif
-
-#ifdef HAVE_TIME_H
-#include <time.h>
-#endif
-
-#ifdef HAVE_PCAP_H
-#include <pcap.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_SYSTM_H
-#include <netinet/in_systm.h>
-#endif
-
-#ifdef HAVE_NETINET_IP_H
-#include <netinet/ip.h>
-#endif
-
-#ifdef HAVE_NET_IF_H
-#include <net/if.h>
-#endif
-
-#ifdef HAVE_NETINET_IF_ETHER_H
-#include <netinet/if_ether.h>
-#endif
-
-#ifdef HAVE_WINSOCK2_H
-#define USE_WINSOCK 1
-#include <winsock2.h>
-#endif
-
-#ifdef HAVE_WS2TCPIP_H
-#include <ws2tcpip.h>
-#endif
-
-#ifndef HAVE_GETADDRINFO
-#include <fake-rfc2553.h>
-#endif
-
-#ifndef HAVE_RANDOM
-/* random can be replaced by rand for ldnsexamples */
-#define random rand
-#endif
-
-#ifndef HAVE_SRANDOM
-/* srandom can be replaced by srand for ldnsexamples */
-#define srandom srand
-#endif
-
-extern char *optarg;
-extern int optind, opterr;
-
-#ifndef EXIT_FAILURE
-#define EXIT_FAILURE 1
-#endif
-#ifndef EXIT_SUCCESS
-#define EXIT_SUCCESS 0
-#endif
-
-#ifdef S_SPLINT_S
-#define FD_ZERO(a) /* a */
-#define FD_SET(a,b) /* a, b */
-#endif
-
+++ /dev/null
-#! /bin/sh
-# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.68 for ldns 1.6.9.
-#
-# Report bugs to <libdns@nlnetlabs.nl>.
-#
-#
-# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
-# 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free Software
-# Foundation, Inc.
-#
-#
-# This configure script is free software; the Free Software Foundation
-# gives unlimited permission to copy, distribute and modify it.
-## -------------------- ##
-## M4sh Initialization. ##
-## -------------------- ##
-
-# Be more Bourne compatible
-DUALCASE=1; export DUALCASE # for MKS sh
-if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then :
- emulate sh
- NULLCMD=:
- # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
- # is contrary to our usage. Disable this feature.
- alias -g '${1+"$@"}'='"$@"'
- setopt NO_GLOB_SUBST
-else
- case `(set -o) 2>/dev/null` in #(
- *posix*) :
- set -o posix ;; #(
- *) :
- ;;
-esac
-fi
-
-
-as_nl='
-'
-export as_nl
-# Printing a long string crashes Solaris 7 /usr/bin/printf.
-as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
-as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo
-as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo
-# Prefer a ksh shell builtin over an external printf program on Solaris,
-# but without wasting forks for bash or zsh.
-if test -z "$BASH_VERSION$ZSH_VERSION" \
- && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then
- as_echo='print -r --'
- as_echo_n='print -rn --'
-elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then
- as_echo='printf %s\n'
- as_echo_n='printf %s'
-else
- if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then
- as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"'
- as_echo_n='/usr/ucb/echo -n'
- else
- as_echo_body='eval expr "X$1" : "X\\(.*\\)"'
- as_echo_n_body='eval
- arg=$1;
- case $arg in #(
- *"$as_nl"*)
- expr "X$arg" : "X\\(.*\\)$as_nl";
- arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;;
- esac;
- expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl"
- '
- export as_echo_n_body
- as_echo_n='sh -c $as_echo_n_body as_echo'
- fi
- export as_echo_body
- as_echo='sh -c $as_echo_body as_echo'
-fi
-
-# The user is always right.
-if test "${PATH_SEPARATOR+set}" != set; then
- PATH_SEPARATOR=:
- (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && {
- (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 ||
- PATH_SEPARATOR=';'
- }
-fi
-
-
-# IFS
-# We need space, tab and new line, in precisely that order. Quoting is
-# there to prevent editors from complaining about space-tab.
-# (If _AS_PATH_WALK were called with IFS unset, it would disable word
-# splitting by setting IFS to empty value.)
-IFS=" "" $as_nl"
-
-# Find who we are. Look in the path if we contain no directory separator.
-as_myself=
-case $0 in #((
- *[\\/]* ) as_myself=$0 ;;
- *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break
- done
-IFS=$as_save_IFS
-
- ;;
-esac
-# We did not find ourselves, most probably we were run as `sh COMMAND'
-# in which case we are not to be found in the path.
-if test "x$as_myself" = x; then
- as_myself=$0
-fi
-if test ! -f "$as_myself"; then
- $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
- exit 1
-fi
-
-# Unset variables that we do not need and which cause bugs (e.g. in
-# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1"
-# suppresses any "Segmentation fault" message there. '((' could
-# trigger a bug in pdksh 5.2.14.
-for as_var in BASH_ENV ENV MAIL MAILPATH
-do eval test x\${$as_var+set} = xset \
- && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || :
-done
-PS1='$ '
-PS2='> '
-PS4='+ '
-
-# NLS nuisances.
-LC_ALL=C
-export LC_ALL
-LANGUAGE=C
-export LANGUAGE
-
-# CDPATH.
-(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
-
-if test "x$CONFIG_SHELL" = x; then
- as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then :
- emulate sh
- NULLCMD=:
- # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which
- # is contrary to our usage. Disable this feature.
- alias -g '\${1+\"\$@\"}'='\"\$@\"'
- setopt NO_GLOB_SUBST
-else
- case \`(set -o) 2>/dev/null\` in #(
- *posix*) :
- set -o posix ;; #(
- *) :
- ;;
-esac
-fi
-"
- as_required="as_fn_return () { (exit \$1); }
-as_fn_success () { as_fn_return 0; }
-as_fn_failure () { as_fn_return 1; }
-as_fn_ret_success () { return 0; }
-as_fn_ret_failure () { return 1; }
-
-exitcode=0
-as_fn_success || { exitcode=1; echo as_fn_success failed.; }
-as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; }
-as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; }
-as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; }
-if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then :
-
-else
- exitcode=1; echo positional parameters were not saved.
-fi
-test x\$exitcode = x0 || exit 1"
- as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO
- as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO
- eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" &&
- test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1
-test \$(( 1 + 1 )) = 2 || exit 1"
- if (eval "$as_required") 2>/dev/null; then :
- as_have_required=yes
-else
- as_have_required=no
-fi
- if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null; then :
-
-else
- as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-as_found=false
-for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- as_found=:
- case $as_dir in #(
- /*)
- for as_base in sh bash ksh sh5; do
- # Try only shells that exist, to save several forks.
- as_shell=$as_dir/$as_base
- if { test -f "$as_shell" || test -f "$as_shell.exe"; } &&
- { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$as_shell"; } 2>/dev/null; then :
- CONFIG_SHELL=$as_shell as_have_required=yes
- if { $as_echo "$as_bourne_compatible""$as_suggested" | as_run=a "$as_shell"; } 2>/dev/null; then :
- break 2
-fi
-fi
- done;;
- esac
- as_found=false
-done
-$as_found || { if { test -f "$SHELL" || test -f "$SHELL.exe"; } &&
- { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$SHELL"; } 2>/dev/null; then :
- CONFIG_SHELL=$SHELL as_have_required=yes
-fi; }
-IFS=$as_save_IFS
-
-
- if test "x$CONFIG_SHELL" != x; then :
- # We cannot yet assume a decent shell, so we have to provide a
- # neutralization value for shells without unset; and this also
- # works around shells that cannot unset nonexistent variables.
- # Preserve -v and -x to the replacement shell.
- BASH_ENV=/dev/null
- ENV=/dev/null
- (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV
- export CONFIG_SHELL
- case $- in # ((((
- *v*x* | *x*v* ) as_opts=-vx ;;
- *v* ) as_opts=-v ;;
- *x* ) as_opts=-x ;;
- * ) as_opts= ;;
- esac
- exec "$CONFIG_SHELL" $as_opts "$as_myself" ${1+"$@"}
-fi
-
- if test x$as_have_required = xno; then :
- $as_echo "$0: This script requires a shell more modern than all"
- $as_echo "$0: the shells that I found on your system."
- if test x${ZSH_VERSION+set} = xset ; then
- $as_echo "$0: In particular, zsh $ZSH_VERSION has bugs and should"
- $as_echo "$0: be upgraded to zsh 4.3.4 or later."
- else
- $as_echo "$0: Please tell bug-autoconf@gnu.org and
-$0: libdns@nlnetlabs.nl about your system, including any
-$0: error possibly output before this message. Then install
-$0: a modern shell, or manually run the script under such a
-$0: shell if you do have one."
- fi
- exit 1
-fi
-fi
-fi
-SHELL=${CONFIG_SHELL-/bin/sh}
-export SHELL
-# Unset more variables known to interfere with behavior of common tools.
-CLICOLOR_FORCE= GREP_OPTIONS=
-unset CLICOLOR_FORCE GREP_OPTIONS
-
-## --------------------- ##
-## M4sh Shell Functions. ##
-## --------------------- ##
-# as_fn_unset VAR
-# ---------------
-# Portably unset VAR.
-as_fn_unset ()
-{
- { eval $1=; unset $1;}
-}
-as_unset=as_fn_unset
-
-# as_fn_set_status STATUS
-# -----------------------
-# Set $? to STATUS, without forking.
-as_fn_set_status ()
-{
- return $1
-} # as_fn_set_status
-
-# as_fn_exit STATUS
-# -----------------
-# Exit the shell with STATUS, even in a "trap 0" or "set -e" context.
-as_fn_exit ()
-{
- set +e
- as_fn_set_status $1
- exit $1
-} # as_fn_exit
-
-# as_fn_mkdir_p
-# -------------
-# Create "$as_dir" as a directory, including parents if necessary.
-as_fn_mkdir_p ()
-{
-
- case $as_dir in #(
- -*) as_dir=./$as_dir;;
- esac
- test -d "$as_dir" || eval $as_mkdir_p || {
- as_dirs=
- while :; do
- case $as_dir in #(
- *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'(
- *) as_qdir=$as_dir;;
- esac
- as_dirs="'$as_qdir' $as_dirs"
- as_dir=`$as_dirname -- "$as_dir" ||
-$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$as_dir" : 'X\(//\)[^/]' \| \
- X"$as_dir" : 'X\(//\)$' \| \
- X"$as_dir" : 'X\(/\)' \| . 2>/dev/null ||
-$as_echo X"$as_dir" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
- s//\1/
- q
- }
- /^X\(\/\/\)[^/].*/{
- s//\1/
- q
- }
- /^X\(\/\/\)$/{
- s//\1/
- q
- }
- /^X\(\/\).*/{
- s//\1/
- q
- }
- s/.*/./; q'`
- test -d "$as_dir" && break
- done
- test -z "$as_dirs" || eval "mkdir $as_dirs"
- } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir"
-
-
-} # as_fn_mkdir_p
-# as_fn_append VAR VALUE
-# ----------------------
-# Append the text in VALUE to the end of the definition contained in VAR. Take
-# advantage of any shell optimizations that allow amortized linear growth over
-# repeated appends, instead of the typical quadratic growth present in naive
-# implementations.
-if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then :
- eval 'as_fn_append ()
- {
- eval $1+=\$2
- }'
-else
- as_fn_append ()
- {
- eval $1=\$$1\$2
- }
-fi # as_fn_append
-
-# as_fn_arith ARG...
-# ------------------
-# Perform arithmetic evaluation on the ARGs, and store the result in the
-# global $as_val. Take advantage of shells that can avoid forks. The arguments
-# must be portable across $(()) and expr.
-if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then :
- eval 'as_fn_arith ()
- {
- as_val=$(( $* ))
- }'
-else
- as_fn_arith ()
- {
- as_val=`expr "$@" || test $? -eq 1`
- }
-fi # as_fn_arith
-
-
-# as_fn_error STATUS ERROR [LINENO LOG_FD]
-# ----------------------------------------
-# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are
-# provided, also output the error to LOG_FD, referencing LINENO. Then exit the
-# script with STATUS, using 1 if that was 0.
-as_fn_error ()
-{
- as_status=$1; test $as_status -eq 0 && as_status=1
- if test "$4"; then
- as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
- $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4
- fi
- $as_echo "$as_me: error: $2" >&2
- as_fn_exit $as_status
-} # as_fn_error
-
-if expr a : '\(a\)' >/dev/null 2>&1 &&
- test "X`expr 00001 : '.*\(...\)'`" = X001; then
- as_expr=expr
-else
- as_expr=false
-fi
-
-if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then
- as_basename=basename
-else
- as_basename=false
-fi
-
-if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then
- as_dirname=dirname
-else
- as_dirname=false
-fi
-
-as_me=`$as_basename -- "$0" ||
-$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
- X"$0" : 'X\(//\)$' \| \
- X"$0" : 'X\(/\)' \| . 2>/dev/null ||
-$as_echo X/"$0" |
- sed '/^.*\/\([^/][^/]*\)\/*$/{
- s//\1/
- q
- }
- /^X\/\(\/\/\)$/{
- s//\1/
- q
- }
- /^X\/\(\/\).*/{
- s//\1/
- q
- }
- s/.*/./; q'`
-
-# Avoid depending upon Character Ranges.
-as_cr_letters='abcdefghijklmnopqrstuvwxyz'
-as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
-as_cr_Letters=$as_cr_letters$as_cr_LETTERS
-as_cr_digits='0123456789'
-as_cr_alnum=$as_cr_Letters$as_cr_digits
-
-
- as_lineno_1=$LINENO as_lineno_1a=$LINENO
- as_lineno_2=$LINENO as_lineno_2a=$LINENO
- eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" &&
- test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || {
- # Blame Lee E. McMahon (1931-1989) for sed's syntax. :-)
- sed -n '
- p
- /[$]LINENO/=
- ' <$as_myself |
- sed '
- s/[$]LINENO.*/&-/
- t lineno
- b
- :lineno
- N
- :loop
- s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/
- t loop
- s/-\n.*//
- ' >$as_me.lineno &&
- chmod +x "$as_me.lineno" ||
- { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; }
-
- # Don't try to exec as it changes $[0], causing all sort of problems
- # (the dirname of $[0] is not the place where we might find the
- # original and so on. Autoconf is especially sensitive to this).
- . "./$as_me.lineno"
- # Exit status is that of the last command.
- exit
-}
-
-ECHO_C= ECHO_N= ECHO_T=
-case `echo -n x` in #(((((
--n*)
- case `echo 'xy\c'` in
- *c*) ECHO_T=' ';; # ECHO_T is single tab character.
- xy) ECHO_C='\c';;
- *) echo `echo ksh88 bug on AIX 6.1` > /dev/null
- ECHO_T=' ';;
- esac;;
-*)
- ECHO_N='-n';;
-esac
-
-rm -f conf$$ conf$$.exe conf$$.file
-if test -d conf$$.dir; then
- rm -f conf$$.dir/conf$$.file
-else
- rm -f conf$$.dir
- mkdir conf$$.dir 2>/dev/null
-fi
-if (echo >conf$$.file) 2>/dev/null; then
- if ln -s conf$$.file conf$$ 2>/dev/null; then
- as_ln_s='ln -s'
- # ... but there are two gotchas:
- # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
- # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
- # In both cases, we have to default to `cp -p'.
- ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
- as_ln_s='cp -p'
- elif ln conf$$.file conf$$ 2>/dev/null; then
- as_ln_s=ln
- else
- as_ln_s='cp -p'
- fi
-else
- as_ln_s='cp -p'
-fi
-rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file
-rmdir conf$$.dir 2>/dev/null
-
-if mkdir -p . 2>/dev/null; then
- as_mkdir_p='mkdir -p "$as_dir"'
-else
- test -d ./-p && rmdir ./-p
- as_mkdir_p=false
-fi
-
-if test -x / >/dev/null 2>&1; then
- as_test_x='test -x'
-else
- if ls -dL / >/dev/null 2>&1; then
- as_ls_L_option=L
- else
- as_ls_L_option=
- fi
- as_test_x='
- eval sh -c '\''
- if test -d "$1"; then
- test -d "$1/.";
- else
- case $1 in #(
- -*)set "./$1";;
- esac;
- case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #((
- ???[sx]*):;;*)false;;esac;fi
- '\'' sh
- '
-fi
-as_executable_p=$as_test_x
-
-# Sed expression to map a string onto a valid CPP name.
-as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
-
-# Sed expression to map a string onto a valid variable name.
-as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'"
-
-
-test -n "$DJDIR" || exec 7<&0 </dev/null
-exec 6>&1
-
-# Name of the host.
-# hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status,
-# so uname gets run too.
-ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q`
-
-#
-# Initializations.
-#
-ac_default_prefix=/usr/local
-ac_clean_files=
-ac_config_libobj_dir=.
-LIBOBJS=
-cross_compiling=no
-subdirs=
-MFLAGS=
-MAKEFLAGS=
-
-# Identity of this package.
-PACKAGE_NAME='ldns'
-PACKAGE_TARNAME='libdns'
-PACKAGE_VERSION='1.6.9'
-PACKAGE_STRING='ldns 1.6.9'
-PACKAGE_BUGREPORT='libdns@nlnetlabs.nl'
-PACKAGE_URL=''
-
-ac_unique_file="ldns-read-zone.c"
-# Factoring default headers for most tests.
-ac_includes_default="\
-#include <stdio.h>
-#ifdef HAVE_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_STAT_H
-# include <sys/stat.h>
-#endif
-#ifdef STDC_HEADERS
-# include <stdlib.h>
-# include <stddef.h>
-#else
-# ifdef HAVE_STDLIB_H
-# include <stdlib.h>
-# endif
-#endif
-#ifdef HAVE_STRING_H
-# if !defined STDC_HEADERS && defined HAVE_MEMORY_H
-# include <memory.h>
-# endif
-# include <string.h>
-#endif
-#ifdef HAVE_STRINGS_H
-# include <strings.h>
-#endif
-#ifdef HAVE_INTTYPES_H
-# include <inttypes.h>
-#endif
-#ifdef HAVE_STDINT_H
-# include <stdint.h>
-#endif
-#ifdef HAVE_UNISTD_H
-# include <unistd.h>
-#endif"
-
-ac_subst_vars='LTLIBOBJS
-LIBOBJS
-LDNSDIR
-LIBSSL_LIBS
-LIBSSL_LDFLAGS
-LIBSSL_CPPFLAGS
-RUNTIME_PATH
-HAVE_SSL
-LIBNSL_LIBS
-libtool
-SET_MAKE
-EGREP
-GREP
-CPP
-OBJEXT
-EXEEXT
-ac_ct_CC
-CPPFLAGS
-LDFLAGS
-CFLAGS
-CC
-target_alias
-host_alias
-build_alias
-LIBS
-ECHO_T
-ECHO_N
-ECHO_C
-DEFS
-mandir
-localedir
-libdir
-psdir
-pdfdir
-dvidir
-htmldir
-infodir
-docdir
-oldincludedir
-includedir
-localstatedir
-sharedstatedir
-sysconfdir
-datadir
-datarootdir
-libexecdir
-sbindir
-bindir
-program_transform_name
-prefix
-exec_prefix
-PACKAGE_URL
-PACKAGE_BUGREPORT
-PACKAGE_STRING
-PACKAGE_VERSION
-PACKAGE_TARNAME
-PACKAGE_NAME
-PATH_SEPARATOR
-SHELL'
-ac_subst_files=''
-ac_user_opts='
-enable_option_checking
-enable_rpath
-with_ssl
-enable_sha2
-enable_gost
-enable_ecdsa
-with_ldns
-'
- ac_precious_vars='build_alias
-host_alias
-target_alias
-CC
-CFLAGS
-LDFLAGS
-LIBS
-CPPFLAGS
-CPP
-CPPFLAGS
-CC
-LDFLAGS
-LIBS
-CPPFLAGS'
-
-
-# Initialize some variables set by options.
-ac_init_help=
-ac_init_version=false
-ac_unrecognized_opts=
-ac_unrecognized_sep=
-# The variables have the same names as the options, with
-# dashes changed to underlines.
-cache_file=/dev/null
-exec_prefix=NONE
-no_create=
-no_recursion=
-prefix=NONE
-program_prefix=NONE
-program_suffix=NONE
-program_transform_name=s,x,x,
-silent=
-site=
-srcdir=
-verbose=
-x_includes=NONE
-x_libraries=NONE
-
-# Installation directory options.
-# These are left unexpanded so users can "make install exec_prefix=/foo"
-# and all the variables that are supposed to be based on exec_prefix
-# by default will actually change.
-# Use braces instead of parens because sh, perl, etc. also accept them.
-# (The list follows the same order as the GNU Coding Standards.)
-bindir='${exec_prefix}/bin'
-sbindir='${exec_prefix}/sbin'
-libexecdir='${exec_prefix}/libexec'
-datarootdir='${prefix}/share'
-datadir='${datarootdir}'
-sysconfdir='${prefix}/etc'
-sharedstatedir='${prefix}/com'
-localstatedir='${prefix}/var'
-includedir='${prefix}/include'
-oldincludedir='/usr/include'
-docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
-infodir='${datarootdir}/info'
-htmldir='${docdir}'
-dvidir='${docdir}'
-pdfdir='${docdir}'
-psdir='${docdir}'
-libdir='${exec_prefix}/lib'
-localedir='${datarootdir}/locale'
-mandir='${datarootdir}/man'
-
-ac_prev=
-ac_dashdash=
-for ac_option
-do
- # If the previous option needs an argument, assign it.
- if test -n "$ac_prev"; then
- eval $ac_prev=\$ac_option
- ac_prev=
- continue
- fi
-
- case $ac_option in
- *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;;
- *=) ac_optarg= ;;
- *) ac_optarg=yes ;;
- esac
-
- # Accept the important Cygnus configure options, so we can diagnose typos.
-
- case $ac_dashdash$ac_option in
- --)
- ac_dashdash=yes ;;
-
- -bindir | --bindir | --bindi | --bind | --bin | --bi)
- ac_prev=bindir ;;
- -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*)
- bindir=$ac_optarg ;;
-
- -build | --build | --buil | --bui | --bu)
- ac_prev=build_alias ;;
- -build=* | --build=* | --buil=* | --bui=* | --bu=*)
- build_alias=$ac_optarg ;;
-
- -cache-file | --cache-file | --cache-fil | --cache-fi \
- | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c)
- ac_prev=cache_file ;;
- -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \
- | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*)
- cache_file=$ac_optarg ;;
-
- --config-cache | -C)
- cache_file=config.cache ;;
-
- -datadir | --datadir | --datadi | --datad)
- ac_prev=datadir ;;
- -datadir=* | --datadir=* | --datadi=* | --datad=*)
- datadir=$ac_optarg ;;
-
- -datarootdir | --datarootdir | --datarootdi | --datarootd | --dataroot \
- | --dataroo | --dataro | --datar)
- ac_prev=datarootdir ;;
- -datarootdir=* | --datarootdir=* | --datarootdi=* | --datarootd=* \
- | --dataroot=* | --dataroo=* | --dataro=* | --datar=*)
- datarootdir=$ac_optarg ;;
-
- -disable-* | --disable-*)
- ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'`
- # Reject names that are not valid shell variable names.
- expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
- as_fn_error $? "invalid feature name: $ac_useropt"
- ac_useropt_orig=$ac_useropt
- ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
- case $ac_user_opts in
- *"
-"enable_$ac_useropt"
-"*) ;;
- *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig"
- ac_unrecognized_sep=', ';;
- esac
- eval enable_$ac_useropt=no ;;
-
- -docdir | --docdir | --docdi | --doc | --do)
- ac_prev=docdir ;;
- -docdir=* | --docdir=* | --docdi=* | --doc=* | --do=*)
- docdir=$ac_optarg ;;
-
- -dvidir | --dvidir | --dvidi | --dvid | --dvi | --dv)
- ac_prev=dvidir ;;
- -dvidir=* | --dvidir=* | --dvidi=* | --dvid=* | --dvi=* | --dv=*)
- dvidir=$ac_optarg ;;
-
- -enable-* | --enable-*)
- ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'`
- # Reject names that are not valid shell variable names.
- expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
- as_fn_error $? "invalid feature name: $ac_useropt"
- ac_useropt_orig=$ac_useropt
- ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
- case $ac_user_opts in
- *"
-"enable_$ac_useropt"
-"*) ;;
- *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig"
- ac_unrecognized_sep=', ';;
- esac
- eval enable_$ac_useropt=\$ac_optarg ;;
-
- -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \
- | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \
- | --exec | --exe | --ex)
- ac_prev=exec_prefix ;;
- -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \
- | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \
- | --exec=* | --exe=* | --ex=*)
- exec_prefix=$ac_optarg ;;
-
- -gas | --gas | --ga | --g)
- # Obsolete; use --with-gas.
- with_gas=yes ;;
-
- -help | --help | --hel | --he | -h)
- ac_init_help=long ;;
- -help=r* | --help=r* | --hel=r* | --he=r* | -hr*)
- ac_init_help=recursive ;;
- -help=s* | --help=s* | --hel=s* | --he=s* | -hs*)
- ac_init_help=short ;;
-
- -host | --host | --hos | --ho)
- ac_prev=host_alias ;;
- -host=* | --host=* | --hos=* | --ho=*)
- host_alias=$ac_optarg ;;
-
- -htmldir | --htmldir | --htmldi | --htmld | --html | --htm | --ht)
- ac_prev=htmldir ;;
- -htmldir=* | --htmldir=* | --htmldi=* | --htmld=* | --html=* | --htm=* \
- | --ht=*)
- htmldir=$ac_optarg ;;
-
- -includedir | --includedir | --includedi | --included | --include \
- | --includ | --inclu | --incl | --inc)
- ac_prev=includedir ;;
- -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \
- | --includ=* | --inclu=* | --incl=* | --inc=*)
- includedir=$ac_optarg ;;
-
- -infodir | --infodir | --infodi | --infod | --info | --inf)
- ac_prev=infodir ;;
- -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*)
- infodir=$ac_optarg ;;
-
- -libdir | --libdir | --libdi | --libd)
- ac_prev=libdir ;;
- -libdir=* | --libdir=* | --libdi=* | --libd=*)
- libdir=$ac_optarg ;;
-
- -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \
- | --libexe | --libex | --libe)
- ac_prev=libexecdir ;;
- -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \
- | --libexe=* | --libex=* | --libe=*)
- libexecdir=$ac_optarg ;;
-
- -localedir | --localedir | --localedi | --localed | --locale)
- ac_prev=localedir ;;
- -localedir=* | --localedir=* | --localedi=* | --localed=* | --locale=*)
- localedir=$ac_optarg ;;
-
- -localstatedir | --localstatedir | --localstatedi | --localstated \
- | --localstate | --localstat | --localsta | --localst | --locals)
- ac_prev=localstatedir ;;
- -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \
- | --localstate=* | --localstat=* | --localsta=* | --localst=* | --locals=*)
- localstatedir=$ac_optarg ;;
-
- -mandir | --mandir | --mandi | --mand | --man | --ma | --m)
- ac_prev=mandir ;;
- -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*)
- mandir=$ac_optarg ;;
-
- -nfp | --nfp | --nf)
- # Obsolete; use --without-fp.
- with_fp=no ;;
-
- -no-create | --no-create | --no-creat | --no-crea | --no-cre \
- | --no-cr | --no-c | -n)
- no_create=yes ;;
-
- -no-recursion | --no-recursion | --no-recursio | --no-recursi \
- | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r)
- no_recursion=yes ;;
-
- -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \
- | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \
- | --oldin | --oldi | --old | --ol | --o)
- ac_prev=oldincludedir ;;
- -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \
- | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \
- | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*)
- oldincludedir=$ac_optarg ;;
-
- -prefix | --prefix | --prefi | --pref | --pre | --pr | --p)
- ac_prev=prefix ;;
- -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*)
- prefix=$ac_optarg ;;
-
- -program-prefix | --program-prefix | --program-prefi | --program-pref \
- | --program-pre | --program-pr | --program-p)
- ac_prev=program_prefix ;;
- -program-prefix=* | --program-prefix=* | --program-prefi=* \
- | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*)
- program_prefix=$ac_optarg ;;
-
- -program-suffix | --program-suffix | --program-suffi | --program-suff \
- | --program-suf | --program-su | --program-s)
- ac_prev=program_suffix ;;
- -program-suffix=* | --program-suffix=* | --program-suffi=* \
- | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*)
- program_suffix=$ac_optarg ;;
-
- -program-transform-name | --program-transform-name \
- | --program-transform-nam | --program-transform-na \
- | --program-transform-n | --program-transform- \
- | --program-transform | --program-transfor \
- | --program-transfo | --program-transf \
- | --program-trans | --program-tran \
- | --progr-tra | --program-tr | --program-t)
- ac_prev=program_transform_name ;;
- -program-transform-name=* | --program-transform-name=* \
- | --program-transform-nam=* | --program-transform-na=* \
- | --program-transform-n=* | --program-transform-=* \
- | --program-transform=* | --program-transfor=* \
- | --program-transfo=* | --program-transf=* \
- | --program-trans=* | --program-tran=* \
- | --progr-tra=* | --program-tr=* | --program-t=*)
- program_transform_name=$ac_optarg ;;
-
- -pdfdir | --pdfdir | --pdfdi | --pdfd | --pdf | --pd)
- ac_prev=pdfdir ;;
- -pdfdir=* | --pdfdir=* | --pdfdi=* | --pdfd=* | --pdf=* | --pd=*)
- pdfdir=$ac_optarg ;;
-
- -psdir | --psdir | --psdi | --psd | --ps)
- ac_prev=psdir ;;
- -psdir=* | --psdir=* | --psdi=* | --psd=* | --ps=*)
- psdir=$ac_optarg ;;
-
- -q | -quiet | --quiet | --quie | --qui | --qu | --q \
- | -silent | --silent | --silen | --sile | --sil)
- silent=yes ;;
-
- -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
- ac_prev=sbindir ;;
- -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
- | --sbi=* | --sb=*)
- sbindir=$ac_optarg ;;
-
- -sharedstatedir | --sharedstatedir | --sharedstatedi \
- | --sharedstated | --sharedstate | --sharedstat | --sharedsta \
- | --sharedst | --shareds | --shared | --share | --shar \
- | --sha | --sh)
- ac_prev=sharedstatedir ;;
- -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \
- | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \
- | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \
- | --sha=* | --sh=*)
- sharedstatedir=$ac_optarg ;;
-
- -site | --site | --sit)
- ac_prev=site ;;
- -site=* | --site=* | --sit=*)
- site=$ac_optarg ;;
-
- -srcdir | --srcdir | --srcdi | --srcd | --src | --sr)
- ac_prev=srcdir ;;
- -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*)
- srcdir=$ac_optarg ;;
-
- -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \
- | --syscon | --sysco | --sysc | --sys | --sy)
- ac_prev=sysconfdir ;;
- -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \
- | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*)
- sysconfdir=$ac_optarg ;;
-
- -target | --target | --targe | --targ | --tar | --ta | --t)
- ac_prev=target_alias ;;
- -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*)
- target_alias=$ac_optarg ;;
-
- -v | -verbose | --verbose | --verbos | --verbo | --verb)
- verbose=yes ;;
-
- -version | --version | --versio | --versi | --vers | -V)
- ac_init_version=: ;;
-
- -with-* | --with-*)
- ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'`
- # Reject names that are not valid shell variable names.
- expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
- as_fn_error $? "invalid package name: $ac_useropt"
- ac_useropt_orig=$ac_useropt
- ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
- case $ac_user_opts in
- *"
-"with_$ac_useropt"
-"*) ;;
- *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig"
- ac_unrecognized_sep=', ';;
- esac
- eval with_$ac_useropt=\$ac_optarg ;;
-
- -without-* | --without-*)
- ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'`
- # Reject names that are not valid shell variable names.
- expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
- as_fn_error $? "invalid package name: $ac_useropt"
- ac_useropt_orig=$ac_useropt
- ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
- case $ac_user_opts in
- *"
-"with_$ac_useropt"
-"*) ;;
- *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig"
- ac_unrecognized_sep=', ';;
- esac
- eval with_$ac_useropt=no ;;
-
- --x)
- # Obsolete; use --with-x.
- with_x=yes ;;
-
- -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \
- | --x-incl | --x-inc | --x-in | --x-i)
- ac_prev=x_includes ;;
- -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \
- | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*)
- x_includes=$ac_optarg ;;
-
- -x-libraries | --x-libraries | --x-librarie | --x-librari \
- | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l)
- ac_prev=x_libraries ;;
- -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \
- | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*)
- x_libraries=$ac_optarg ;;
-
- -*) as_fn_error $? "unrecognized option: \`$ac_option'
-Try \`$0 --help' for more information"
- ;;
-
- *=*)
- ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='`
- # Reject names that are not valid shell variable names.
- case $ac_envvar in #(
- '' | [0-9]* | *[!_$as_cr_alnum]* )
- as_fn_error $? "invalid variable name: \`$ac_envvar'" ;;
- esac
- eval $ac_envvar=\$ac_optarg
- export $ac_envvar ;;
-
- *)
- # FIXME: should be removed in autoconf 3.0.
- $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2
- expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null &&
- $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2
- : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}"
- ;;
-
- esac
-done
-
-if test -n "$ac_prev"; then
- ac_option=--`echo $ac_prev | sed 's/_/-/g'`
- as_fn_error $? "missing argument to $ac_option"
-fi
-
-if test -n "$ac_unrecognized_opts"; then
- case $enable_option_checking in
- no) ;;
- fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;;
- *) $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;;
- esac
-fi
-
-# Check all directory arguments for consistency.
-for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
- datadir sysconfdir sharedstatedir localstatedir includedir \
- oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
- libdir localedir mandir
-do
- eval ac_val=\$$ac_var
- # Remove trailing slashes.
- case $ac_val in
- */ )
- ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'`
- eval $ac_var=\$ac_val;;
- esac
- # Be sure to have absolute directory names.
- case $ac_val in
- [\\/$]* | ?:[\\/]* ) continue;;
- NONE | '' ) case $ac_var in *prefix ) continue;; esac;;
- esac
- as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val"
-done
-
-# There might be people who depend on the old broken behavior: `$host'
-# used to hold the argument of --host etc.
-# FIXME: To remove some day.
-build=$build_alias
-host=$host_alias
-target=$target_alias
-
-# FIXME: To remove some day.
-if test "x$host_alias" != x; then
- if test "x$build_alias" = x; then
- cross_compiling=maybe
- $as_echo "$as_me: WARNING: if you wanted to set the --build type, don't use --host.
- If a cross compiler is detected then cross compile mode will be used" >&2
- elif test "x$build_alias" != "x$host_alias"; then
- cross_compiling=yes
- fi
-fi
-
-ac_tool_prefix=
-test -n "$host_alias" && ac_tool_prefix=$host_alias-
-
-test "$silent" = yes && exec 6>/dev/null
-
-
-ac_pwd=`pwd` && test -n "$ac_pwd" &&
-ac_ls_di=`ls -di .` &&
-ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` ||
- as_fn_error $? "working directory cannot be determined"
-test "X$ac_ls_di" = "X$ac_pwd_ls_di" ||
- as_fn_error $? "pwd does not report name of working directory"
-
-
-# Find the source files, if location was not specified.
-if test -z "$srcdir"; then
- ac_srcdir_defaulted=yes
- # Try the directory containing this script, then the parent directory.
- ac_confdir=`$as_dirname -- "$as_myself" ||
-$as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$as_myself" : 'X\(//\)[^/]' \| \
- X"$as_myself" : 'X\(//\)$' \| \
- X"$as_myself" : 'X\(/\)' \| . 2>/dev/null ||
-$as_echo X"$as_myself" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
- s//\1/
- q
- }
- /^X\(\/\/\)[^/].*/{
- s//\1/
- q
- }
- /^X\(\/\/\)$/{
- s//\1/
- q
- }
- /^X\(\/\).*/{
- s//\1/
- q
- }
- s/.*/./; q'`
- srcdir=$ac_confdir
- if test ! -r "$srcdir/$ac_unique_file"; then
- srcdir=..
- fi
-else
- ac_srcdir_defaulted=no
-fi
-if test ! -r "$srcdir/$ac_unique_file"; then
- test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .."
- as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir"
-fi
-ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work"
-ac_abs_confdir=`(
- cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg"
- pwd)`
-# When building in place, set srcdir=.
-if test "$ac_abs_confdir" = "$ac_pwd"; then
- srcdir=.
-fi
-# Remove unnecessary trailing slashes from srcdir.
-# Double slashes in file names in object file debugging info
-# mess up M-x gdb in Emacs.
-case $srcdir in
-*/) srcdir=`expr "X$srcdir" : 'X\(.*[^/]\)' \| "X$srcdir" : 'X\(.*\)'`;;
-esac
-for ac_var in $ac_precious_vars; do
- eval ac_env_${ac_var}_set=\${${ac_var}+set}
- eval ac_env_${ac_var}_value=\$${ac_var}
- eval ac_cv_env_${ac_var}_set=\${${ac_var}+set}
- eval ac_cv_env_${ac_var}_value=\$${ac_var}
-done
-
-#
-# Report the --help message.
-#
-if test "$ac_init_help" = "long"; then
- # Omit some internal or obsolete options to make the list less imposing.
- # This message is too long to be a string in the A/UX 3.1 sh.
- cat <<_ACEOF
-\`configure' configures ldns 1.6.9 to adapt to many kinds of systems.
-
-Usage: $0 [OPTION]... [VAR=VALUE]...
-
-To assign environment variables (e.g., CC, CFLAGS...), specify them as
-VAR=VALUE. See below for descriptions of some of the useful variables.
-
-Defaults for the options are specified in brackets.
-
-Configuration:
- -h, --help display this help and exit
- --help=short display options specific to this package
- --help=recursive display the short help of all the included packages
- -V, --version display version information and exit
- -q, --quiet, --silent do not print \`checking ...' messages
- --cache-file=FILE cache test results in FILE [disabled]
- -C, --config-cache alias for \`--cache-file=config.cache'
- -n, --no-create do not create output files
- --srcdir=DIR find the sources in DIR [configure dir or \`..']
-
-Installation directories:
- --prefix=PREFIX install architecture-independent files in PREFIX
- [$ac_default_prefix]
- --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX
- [PREFIX]
-
-By default, \`make install' will install all the files in
-\`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify
-an installation prefix other than \`$ac_default_prefix' using \`--prefix',
-for instance \`--prefix=\$HOME'.
-
-For better control, use the options below.
-
-Fine tuning of the installation directories:
- --bindir=DIR user executables [EPREFIX/bin]
- --sbindir=DIR system admin executables [EPREFIX/sbin]
- --libexecdir=DIR program executables [EPREFIX/libexec]
- --sysconfdir=DIR read-only single-machine data [PREFIX/etc]
- --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
- --localstatedir=DIR modifiable single-machine data [PREFIX/var]
- --libdir=DIR object code libraries [EPREFIX/lib]
- --includedir=DIR C header files [PREFIX/include]
- --oldincludedir=DIR C header files for non-gcc [/usr/include]
- --datarootdir=DIR read-only arch.-independent data root [PREFIX/share]
- --datadir=DIR read-only architecture-independent data [DATAROOTDIR]
- --infodir=DIR info documentation [DATAROOTDIR/info]
- --localedir=DIR locale-dependent data [DATAROOTDIR/locale]
- --mandir=DIR man documentation [DATAROOTDIR/man]
- --docdir=DIR documentation root [DATAROOTDIR/doc/libdns]
- --htmldir=DIR html documentation [DOCDIR]
- --dvidir=DIR dvi documentation [DOCDIR]
- --pdfdir=DIR pdf documentation [DOCDIR]
- --psdir=DIR ps documentation [DOCDIR]
-_ACEOF
-
- cat <<\_ACEOF
-_ACEOF
-fi
-
-if test -n "$ac_init_help"; then
- case $ac_init_help in
- short | recursive ) echo "Configuration of ldns 1.6.9:";;
- esac
- cat <<\_ACEOF
-
-Optional Features:
- --disable-option-checking ignore unrecognized --enable/--with options
- --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no)
- --enable-FEATURE[=ARG] include FEATURE [ARG=yes]
- --disable-rpath Disable hardcoded rpath (default=enabled)
- --disable-sha2 Disable SHA256 and SHA512 RRSIG support
- --disable-gost Disable GOST support
- --enable-ecdsa Enable ECDSA support, experimental
-
-Optional Packages:
- --with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
- --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no)
- --with-ssl=pathname enable SSL (will check /usr/local/ssl /usr/lib/ssl
- /usr/ssl /usr/pkg /usr/local /opt/local /usr/sfw
- /usr)
- --with-ldns=PATH specify prefix of path of ldns library to use
-
-
-
-Some influential environment variables:
- CC C compiler command
- CFLAGS C compiler flags
- LDFLAGS linker flags, e.g. -L<lib dir> if you have libraries in a
- nonstandard directory <lib dir>
- LIBS libraries to pass to the linker, e.g. -l<library>
- CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I<include dir> if
- you have headers in a nonstandard directory <include dir>
- CPP C preprocessor
-
-Use these variables to override the choices made by `configure' or to help
-it to find libraries and programs with nonstandard names/locations.
-
-Report bugs to <libdns@nlnetlabs.nl>.
-_ACEOF
-ac_status=$?
-fi
-
-if test "$ac_init_help" = "recursive"; then
- # If there are subdirs, report their specific --help.
- for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue
- test -d "$ac_dir" ||
- { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } ||
- continue
- ac_builddir=.
-
-case "$ac_dir" in
-.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;;
-*)
- ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'`
- # A ".." for each directory in $ac_dir_suffix.
- ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'`
- case $ac_top_builddir_sub in
- "") ac_top_builddir_sub=. ac_top_build_prefix= ;;
- *) ac_top_build_prefix=$ac_top_builddir_sub/ ;;
- esac ;;
-esac
-ac_abs_top_builddir=$ac_pwd
-ac_abs_builddir=$ac_pwd$ac_dir_suffix
-# for backward compatibility:
-ac_top_builddir=$ac_top_build_prefix
-
-case $srcdir in
- .) # We are building in place.
- ac_srcdir=.
- ac_top_srcdir=$ac_top_builddir_sub
- ac_abs_top_srcdir=$ac_pwd ;;
- [\\/]* | ?:[\\/]* ) # Absolute name.
- ac_srcdir=$srcdir$ac_dir_suffix;
- ac_top_srcdir=$srcdir
- ac_abs_top_srcdir=$srcdir ;;
- *) # Relative name.
- ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix
- ac_top_srcdir=$ac_top_build_prefix$srcdir
- ac_abs_top_srcdir=$ac_pwd/$srcdir ;;
-esac
-ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix
-
- cd "$ac_dir" || { ac_status=$?; continue; }
- # Check for guested configure.
- if test -f "$ac_srcdir/configure.gnu"; then
- echo &&
- $SHELL "$ac_srcdir/configure.gnu" --help=recursive
- elif test -f "$ac_srcdir/configure"; then
- echo &&
- $SHELL "$ac_srcdir/configure" --help=recursive
- else
- $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2
- fi || ac_status=$?
- cd "$ac_pwd" || { ac_status=$?; break; }
- done
-fi
-
-test -n "$ac_init_help" && exit $ac_status
-if $ac_init_version; then
- cat <<\_ACEOF
-ldns configure 1.6.9
-generated by GNU Autoconf 2.68
-
-Copyright (C) 2010 Free Software Foundation, Inc.
-This configure script is free software; the Free Software Foundation
-gives unlimited permission to copy, distribute and modify it.
-_ACEOF
- exit
-fi
-
-## ------------------------ ##
-## Autoconf initialization. ##
-## ------------------------ ##
-
-# ac_fn_c_try_compile LINENO
-# --------------------------
-# Try to compile conftest.$ac_ext, and return whether this succeeded.
-ac_fn_c_try_compile ()
-{
- as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
- rm -f conftest.$ac_objext
- if { { ac_try="$ac_compile"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
- (eval "$ac_compile") 2>conftest.err
- ac_status=$?
- if test -s conftest.err; then
- grep -v '^ *+' conftest.err >conftest.er1
- cat conftest.er1 >&5
- mv -f conftest.er1 conftest.err
- fi
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; } && {
- test -z "$ac_c_werror_flag" ||
- test ! -s conftest.err
- } && test -s conftest.$ac_objext; then :
- ac_retval=0
-else
- $as_echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_retval=1
-fi
- eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
- as_fn_set_status $ac_retval
-
-} # ac_fn_c_try_compile
-
-# ac_fn_c_try_cpp LINENO
-# ----------------------
-# Try to preprocess conftest.$ac_ext, and return whether this succeeded.
-ac_fn_c_try_cpp ()
-{
- as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
- if { { ac_try="$ac_cpp conftest.$ac_ext"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
- (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err
- ac_status=$?
- if test -s conftest.err; then
- grep -v '^ *+' conftest.err >conftest.er1
- cat conftest.er1 >&5
- mv -f conftest.er1 conftest.err
- fi
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; } > conftest.i && {
- test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
- test ! -s conftest.err
- }; then :
- ac_retval=0
-else
- $as_echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_retval=1
-fi
- eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
- as_fn_set_status $ac_retval
-
-} # ac_fn_c_try_cpp
-
-# ac_fn_c_check_header_mongrel LINENO HEADER VAR INCLUDES
-# -------------------------------------------------------
-# Tests whether HEADER exists, giving a warning if it cannot be compiled using
-# the include files in INCLUDES and setting the cache variable VAR
-# accordingly.
-ac_fn_c_check_header_mongrel ()
-{
- as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
- if eval \${$3+:} false; then :
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
-$as_echo_n "checking for $2... " >&6; }
-if eval \${$3+:} false; then :
- $as_echo_n "(cached) " >&6
-fi
-eval ac_res=\$$3
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
-$as_echo "$ac_res" >&6; }
-else
- # Is the header compilable?
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 usability" >&5
-$as_echo_n "checking $2 usability... " >&6; }
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-$4
-#include <$2>
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- ac_header_compiler=yes
-else
- ac_header_compiler=no
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_compiler" >&5
-$as_echo "$ac_header_compiler" >&6; }
-
-# Is the header present?
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 presence" >&5
-$as_echo_n "checking $2 presence... " >&6; }
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#include <$2>
-_ACEOF
-if ac_fn_c_try_cpp "$LINENO"; then :
- ac_header_preproc=yes
-else
- ac_header_preproc=no
-fi
-rm -f conftest.err conftest.i conftest.$ac_ext
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_preproc" >&5
-$as_echo "$ac_header_preproc" >&6; }
-
-# So? What about this header?
-case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in #((
- yes:no: )
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&5
-$as_echo "$as_me: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&2;}
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5
-$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;}
- ;;
- no:yes:* )
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: present but cannot be compiled" >&5
-$as_echo "$as_me: WARNING: $2: present but cannot be compiled" >&2;}
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: check for missing prerequisite headers?" >&5
-$as_echo "$as_me: WARNING: $2: check for missing prerequisite headers?" >&2;}
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: see the Autoconf documentation" >&5
-$as_echo "$as_me: WARNING: $2: see the Autoconf documentation" >&2;}
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&5
-$as_echo "$as_me: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&2;}
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5
-$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;}
-( $as_echo "## ---------------------------------- ##
-## Report this to libdns@nlnetlabs.nl ##
-## ---------------------------------- ##"
- ) | sed "s/^/$as_me: WARNING: /" >&2
- ;;
-esac
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
-$as_echo_n "checking for $2... " >&6; }
-if eval \${$3+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- eval "$3=\$ac_header_compiler"
-fi
-eval ac_res=\$$3
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
-$as_echo "$ac_res" >&6; }
-fi
- eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
-
-} # ac_fn_c_check_header_mongrel
-
-# ac_fn_c_try_run LINENO
-# ----------------------
-# Try to link conftest.$ac_ext, and return whether this succeeded. Assumes
-# that executables *can* be run.
-ac_fn_c_try_run ()
-{
- as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
- if { { ac_try="$ac_link"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
- (eval "$ac_link") 2>&5
- ac_status=$?
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; } && { ac_try='./conftest$ac_exeext'
- { { case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
- (eval "$ac_try") 2>&5
- ac_status=$?
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; }; }; then :
- ac_retval=0
-else
- $as_echo "$as_me: program exited with status $ac_status" >&5
- $as_echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_retval=$ac_status
-fi
- rm -rf conftest.dSYM conftest_ipa8_conftest.oo
- eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
- as_fn_set_status $ac_retval
-
-} # ac_fn_c_try_run
-
-# ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES
-# -------------------------------------------------------
-# Tests whether HEADER exists and can be compiled using the include files in
-# INCLUDES, setting the cache variable VAR accordingly.
-ac_fn_c_check_header_compile ()
-{
- as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
-$as_echo_n "checking for $2... " >&6; }
-if eval \${$3+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-$4
-#include <$2>
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- eval "$3=yes"
-else
- eval "$3=no"
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-eval ac_res=\$$3
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
-$as_echo "$ac_res" >&6; }
- eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
-
-} # ac_fn_c_check_header_compile
-
-# ac_fn_c_check_type LINENO TYPE VAR INCLUDES
-# -------------------------------------------
-# Tests whether TYPE exists after having included INCLUDES, setting cache
-# variable VAR accordingly.
-ac_fn_c_check_type ()
-{
- as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
-$as_echo_n "checking for $2... " >&6; }
-if eval \${$3+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- eval "$3=no"
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-$4
-int
-main ()
-{
-if (sizeof ($2))
- return 0;
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-$4
-int
-main ()
-{
-if (sizeof (($2)))
- return 0;
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-else
- eval "$3=yes"
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-eval ac_res=\$$3
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
-$as_echo "$ac_res" >&6; }
- eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
-
-} # ac_fn_c_check_type
-
-# ac_fn_c_try_link LINENO
-# -----------------------
-# Try to link conftest.$ac_ext, and return whether this succeeded.
-ac_fn_c_try_link ()
-{
- as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
- rm -f conftest.$ac_objext conftest$ac_exeext
- if { { ac_try="$ac_link"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
- (eval "$ac_link") 2>conftest.err
- ac_status=$?
- if test -s conftest.err; then
- grep -v '^ *+' conftest.err >conftest.er1
- cat conftest.er1 >&5
- mv -f conftest.er1 conftest.err
- fi
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; } && {
- test -z "$ac_c_werror_flag" ||
- test ! -s conftest.err
- } && test -s conftest$ac_exeext && {
- test "$cross_compiling" = yes ||
- $as_test_x conftest$ac_exeext
- }; then :
- ac_retval=0
-else
- $as_echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_retval=1
-fi
- # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information
- # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would
- # interfere with the next link command; also delete a directory that is
- # left behind by Apple's compiler. We do this before executing the actions.
- rm -rf conftest.dSYM conftest_ipa8_conftest.oo
- eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
- as_fn_set_status $ac_retval
-
-} # ac_fn_c_try_link
-
-# ac_fn_c_check_func LINENO FUNC VAR
-# ----------------------------------
-# Tests whether FUNC exists, setting the cache variable VAR accordingly
-ac_fn_c_check_func ()
-{
- as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
-$as_echo_n "checking for $2... " >&6; }
-if eval \${$3+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-/* Define $2 to an innocuous variant, in case <limits.h> declares $2.
- For example, HP-UX 11i <limits.h> declares gettimeofday. */
-#define $2 innocuous_$2
-
-/* System header to define __stub macros and hopefully few prototypes,
- which can conflict with char $2 (); below.
- Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
- <limits.h> exists even on freestanding compilers. */
-
-#ifdef __STDC__
-# include <limits.h>
-#else
-# include <assert.h>
-#endif
-
-#undef $2
-
-/* Override any GCC internal prototype to avoid an error.
- Use char because int might match the return type of a GCC
- builtin and then its argument prototype would still apply. */
-#ifdef __cplusplus
-extern "C"
-#endif
-char $2 ();
-/* The GNU C library defines this for functions which it implements
- to always fail with ENOSYS. Some functions are actually named
- something starting with __ and the normal name is an alias. */
-#if defined __stub_$2 || defined __stub___$2
-choke me
-#endif
-
-int
-main ()
-{
-return $2 ();
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
- eval "$3=yes"
-else
- eval "$3=no"
-fi
-rm -f core conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
-fi
-eval ac_res=\$$3
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
-$as_echo "$ac_res" >&6; }
- eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
-
-} # ac_fn_c_check_func
-
-# ac_fn_c_check_decl LINENO SYMBOL VAR INCLUDES
-# ---------------------------------------------
-# Tests whether SYMBOL is declared in INCLUDES, setting cache variable VAR
-# accordingly.
-ac_fn_c_check_decl ()
-{
- as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
- as_decl_name=`echo $2|sed 's/ *(.*//'`
- as_decl_use=`echo $2|sed -e 's/(/((/' -e 's/)/) 0&/' -e 's/,/) 0& (/g'`
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $as_decl_name is declared" >&5
-$as_echo_n "checking whether $as_decl_name is declared... " >&6; }
-if eval \${$3+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-$4
-int
-main ()
-{
-#ifndef $as_decl_name
-#ifdef __cplusplus
- (void) $as_decl_use;
-#else
- (void) $as_decl_name;
-#endif
-#endif
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- eval "$3=yes"
-else
- eval "$3=no"
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-eval ac_res=\$$3
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
-$as_echo "$ac_res" >&6; }
- eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
-
-} # ac_fn_c_check_decl
-cat >config.log <<_ACEOF
-This file contains any messages produced by compilers while
-running configure, to aid debugging if configure makes a mistake.
-
-It was created by ldns $as_me 1.6.9, which was
-generated by GNU Autoconf 2.68. Invocation command line was
-
- $ $0 $@
-
-_ACEOF
-exec 5>>config.log
-{
-cat <<_ASUNAME
-## --------- ##
-## Platform. ##
-## --------- ##
-
-hostname = `(hostname || uname -n) 2>/dev/null | sed 1q`
-uname -m = `(uname -m) 2>/dev/null || echo unknown`
-uname -r = `(uname -r) 2>/dev/null || echo unknown`
-uname -s = `(uname -s) 2>/dev/null || echo unknown`
-uname -v = `(uname -v) 2>/dev/null || echo unknown`
-
-/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown`
-/bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown`
-
-/bin/arch = `(/bin/arch) 2>/dev/null || echo unknown`
-/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown`
-/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown`
-/usr/bin/hostinfo = `(/usr/bin/hostinfo) 2>/dev/null || echo unknown`
-/bin/machine = `(/bin/machine) 2>/dev/null || echo unknown`
-/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown`
-/bin/universe = `(/bin/universe) 2>/dev/null || echo unknown`
-
-_ASUNAME
-
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- $as_echo "PATH: $as_dir"
- done
-IFS=$as_save_IFS
-
-} >&5
-
-cat >&5 <<_ACEOF
-
-
-## ----------- ##
-## Core tests. ##
-## ----------- ##
-
-_ACEOF
-
-
-# Keep a trace of the command line.
-# Strip out --no-create and --no-recursion so they do not pile up.
-# Strip out --silent because we don't want to record it for future runs.
-# Also quote any args containing shell meta-characters.
-# Make two passes to allow for proper duplicate-argument suppression.
-ac_configure_args=
-ac_configure_args0=
-ac_configure_args1=
-ac_must_keep_next=false
-for ac_pass in 1 2
-do
- for ac_arg
- do
- case $ac_arg in
- -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;;
- -q | -quiet | --quiet | --quie | --qui | --qu | --q \
- | -silent | --silent | --silen | --sile | --sil)
- continue ;;
- *\'*)
- ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;;
- esac
- case $ac_pass in
- 1) as_fn_append ac_configure_args0 " '$ac_arg'" ;;
- 2)
- as_fn_append ac_configure_args1 " '$ac_arg'"
- if test $ac_must_keep_next = true; then
- ac_must_keep_next=false # Got value, back to normal.
- else
- case $ac_arg in
- *=* | --config-cache | -C | -disable-* | --disable-* \
- | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \
- | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \
- | -with-* | --with-* | -without-* | --without-* | --x)
- case "$ac_configure_args0 " in
- "$ac_configure_args1"*" '$ac_arg' "* ) continue ;;
- esac
- ;;
- -* ) ac_must_keep_next=true ;;
- esac
- fi
- as_fn_append ac_configure_args " '$ac_arg'"
- ;;
- esac
- done
-done
-{ ac_configure_args0=; unset ac_configure_args0;}
-{ ac_configure_args1=; unset ac_configure_args1;}
-
-# When interrupted or exit'd, cleanup temporary files, and complete
-# config.log. We remove comments because anyway the quotes in there
-# would cause problems or look ugly.
-# WARNING: Use '\'' to represent an apostrophe within the trap.
-# WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug.
-trap 'exit_status=$?
- # Save into config.log some information that might help in debugging.
- {
- echo
-
- $as_echo "## ---------------- ##
-## Cache variables. ##
-## ---------------- ##"
- echo
- # The following way of writing the cache mishandles newlines in values,
-(
- for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do
- eval ac_val=\$$ac_var
- case $ac_val in #(
- *${as_nl}*)
- case $ac_var in #(
- *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5
-$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;;
- esac
- case $ac_var in #(
- _ | IFS | as_nl) ;; #(
- BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #(
- *) { eval $ac_var=; unset $ac_var;} ;;
- esac ;;
- esac
- done
- (set) 2>&1 |
- case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #(
- *${as_nl}ac_space=\ *)
- sed -n \
- "s/'\''/'\''\\\\'\'''\''/g;
- s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p"
- ;; #(
- *)
- sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p"
- ;;
- esac |
- sort
-)
- echo
-
- $as_echo "## ----------------- ##
-## Output variables. ##
-## ----------------- ##"
- echo
- for ac_var in $ac_subst_vars
- do
- eval ac_val=\$$ac_var
- case $ac_val in
- *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;;
- esac
- $as_echo "$ac_var='\''$ac_val'\''"
- done | sort
- echo
-
- if test -n "$ac_subst_files"; then
- $as_echo "## ------------------- ##
-## File substitutions. ##
-## ------------------- ##"
- echo
- for ac_var in $ac_subst_files
- do
- eval ac_val=\$$ac_var
- case $ac_val in
- *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;;
- esac
- $as_echo "$ac_var='\''$ac_val'\''"
- done | sort
- echo
- fi
-
- if test -s confdefs.h; then
- $as_echo "## ----------- ##
-## confdefs.h. ##
-## ----------- ##"
- echo
- cat confdefs.h
- echo
- fi
- test "$ac_signal" != 0 &&
- $as_echo "$as_me: caught signal $ac_signal"
- $as_echo "$as_me: exit $exit_status"
- } >&5
- rm -f core *.core core.conftest.* &&
- rm -f -r conftest* confdefs* conf$$* $ac_clean_files &&
- exit $exit_status
-' 0
-for ac_signal in 1 2 13 15; do
- trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal
-done
-ac_signal=0
-
-# confdefs.h avoids OS command line length limits that DEFS can exceed.
-rm -f -r conftest* confdefs.h
-
-$as_echo "/* confdefs.h */" > confdefs.h
-
-# Predefined preprocessor variables.
-
-cat >>confdefs.h <<_ACEOF
-#define PACKAGE_NAME "$PACKAGE_NAME"
-_ACEOF
-
-cat >>confdefs.h <<_ACEOF
-#define PACKAGE_TARNAME "$PACKAGE_TARNAME"
-_ACEOF
-
-cat >>confdefs.h <<_ACEOF
-#define PACKAGE_VERSION "$PACKAGE_VERSION"
-_ACEOF
-
-cat >>confdefs.h <<_ACEOF
-#define PACKAGE_STRING "$PACKAGE_STRING"
-_ACEOF
-
-cat >>confdefs.h <<_ACEOF
-#define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT"
-_ACEOF
-
-cat >>confdefs.h <<_ACEOF
-#define PACKAGE_URL "$PACKAGE_URL"
-_ACEOF
-
-
-# Let the site file select an alternate cache file if it wants to.
-# Prefer an explicitly selected file to automatically selected ones.
-ac_site_file1=NONE
-ac_site_file2=NONE
-if test -n "$CONFIG_SITE"; then
- # We do not want a PATH search for config.site.
- case $CONFIG_SITE in #((
- -*) ac_site_file1=./$CONFIG_SITE;;
- */*) ac_site_file1=$CONFIG_SITE;;
- *) ac_site_file1=./$CONFIG_SITE;;
- esac
-elif test "x$prefix" != xNONE; then
- ac_site_file1=$prefix/share/config.site
- ac_site_file2=$prefix/etc/config.site
-else
- ac_site_file1=$ac_default_prefix/share/config.site
- ac_site_file2=$ac_default_prefix/etc/config.site
-fi
-for ac_site_file in "$ac_site_file1" "$ac_site_file2"
-do
- test "x$ac_site_file" = xNONE && continue
- if test /dev/null != "$ac_site_file" && test -r "$ac_site_file"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5
-$as_echo "$as_me: loading site script $ac_site_file" >&6;}
- sed 's/^/| /' "$ac_site_file" >&5
- . "$ac_site_file" \
- || { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error $? "failed to load site script $ac_site_file
-See \`config.log' for more details" "$LINENO" 5; }
- fi
-done
-
-if test -r "$cache_file"; then
- # Some versions of bash will fail to source /dev/null (special files
- # actually), so we avoid doing that. DJGPP emulates it as a regular file.
- if test /dev/null != "$cache_file" && test -f "$cache_file"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5
-$as_echo "$as_me: loading cache $cache_file" >&6;}
- case $cache_file in
- [\\/]* | ?:[\\/]* ) . "$cache_file";;
- *) . "./$cache_file";;
- esac
- fi
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5
-$as_echo "$as_me: creating cache $cache_file" >&6;}
- >$cache_file
-fi
-
-# Check that the precious variables saved in the cache have kept the same
-# value.
-ac_cache_corrupted=false
-for ac_var in $ac_precious_vars; do
- eval ac_old_set=\$ac_cv_env_${ac_var}_set
- eval ac_new_set=\$ac_env_${ac_var}_set
- eval ac_old_val=\$ac_cv_env_${ac_var}_value
- eval ac_new_val=\$ac_env_${ac_var}_value
- case $ac_old_set,$ac_new_set in
- set,)
- { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5
-$as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;}
- ac_cache_corrupted=: ;;
- ,set)
- { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5
-$as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;}
- ac_cache_corrupted=: ;;
- ,);;
- *)
- if test "x$ac_old_val" != "x$ac_new_val"; then
- # differences in whitespace do not lead to failure.
- ac_old_val_w=`echo x $ac_old_val`
- ac_new_val_w=`echo x $ac_new_val`
- if test "$ac_old_val_w" != "$ac_new_val_w"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5
-$as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;}
- ac_cache_corrupted=:
- else
- { $as_echo "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5
-$as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;}
- eval $ac_var=\$ac_old_val
- fi
- { $as_echo "$as_me:${as_lineno-$LINENO}: former value: \`$ac_old_val'" >&5
-$as_echo "$as_me: former value: \`$ac_old_val'" >&2;}
- { $as_echo "$as_me:${as_lineno-$LINENO}: current value: \`$ac_new_val'" >&5
-$as_echo "$as_me: current value: \`$ac_new_val'" >&2;}
- fi;;
- esac
- # Pass precious variables to config.status.
- if test "$ac_new_set" = set; then
- case $ac_new_val in
- *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;;
- *) ac_arg=$ac_var=$ac_new_val ;;
- esac
- case " $ac_configure_args " in
- *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy.
- *) as_fn_append ac_configure_args " '$ac_arg'" ;;
- esac
- fi
-done
-if $ac_cache_corrupted; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
- { $as_echo "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5
-$as_echo "$as_me: error: changes in the environment can compromise the build" >&2;}
- as_fn_error $? "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5
-fi
-## -------------------- ##
-## Main body of script. ##
-## -------------------- ##
-
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-
-
-
-# acx_nlnetlabs.m4 - common macros for configure checks
-# Copyright 2009, Wouter Wijngaards, NLnet Labs.
-# BSD licensed.
-#
-# Version 11
-# 2010-08-16 Fix FLAG_OMITTED for AS_TR_CPP changes in autoconf-2.66.
-# 2010-07-02 Add check for ss_family (for minix).
-# 2010-04-26 Fix to use CPPFLAGS for CHECK_COMPILER_FLAGS.
-# 2010-03-01 Fix RPATH using CONFIG_COMMANDS to run at the very end.
-# 2010-02-18 WITH_SSL outputs the LIBSSL_LDFLAGS, LIBS, CPPFLAGS seperate, -ldl
-# 2010-02-01 added ACX_CHECK_MEMCMP_SIGNED, AHX_MEMCMP_BROKEN
-# 2010-01-20 added AHX_COONFIG_STRLCAT
-# 2009-07-14 U_CHAR detection improved for windows crosscompile.
-# added ACX_FUNC_MALLOC
-# fixup some #if to #ifdef
-# NONBLOCKING test for mingw crosscompile.
-# 2009-07-13 added ACX_WITH_SSL_OPTIONAL
-# 2009-07-03 fixup LDFLAGS for empty ssl dir.
-#
-# Automates some of the checking constructs. Aims at portability for POSIX.
-# Documentation for functions is below.
-#
-# the following macro's are provided in this file:
-# (see below for details on each macro).
-#
-# ACX_ESCAPE_BACKSLASH - escape backslashes in var for C-preproc.
-# ACX_RSRC_VERSION - create windows resource version number.
-# ACX_CHECK_COMPILER_FLAG - see if cc supports a flag.
-# ACX_CHECK_ERROR_FLAGS - see which flag is -werror (used below).
-# ACX_CHECK_COMPILER_FLAG_NEEDED - see if flags make the code compile cleanly.
-# ACX_DEPFLAG - find cc dependency flags.
-# ACX_DETERMINE_EXT_FLAGS_UNBOUND - find out which flags enable BSD and POSIX.
-# ACX_CHECK_FORMAT_ATTRIBUTE - find cc printf format syntax.
-# ACX_CHECK_UNUSED_ATTRIBUTE - find cc variable unused syntax.
-# ACX_LIBTOOL_C_ONLY - create libtool for C only, improved.
-# ACX_TYPE_U_CHAR - u_char type.
-# ACX_TYPE_RLIM_T - rlim_t type.
-# ACX_TYPE_SOCKLEN_T - socklen_t type.
-# ACX_TYPE_IN_ADDR_T - in_addr_t type.
-# ACX_TYPE_IN_PORT_T - in_port_t type.
-# ACX_ARG_RPATH - add --disable-rpath option.
-# ACX_WITH_SSL - add --with-ssl option, link -lcrypto.
-# ACX_WITH_SSL_OPTIONAL - add --with-ssl option, link -lcrypto,
-# where --without-ssl is also accepted
-# ACX_LIB_SSL - setup to link -lssl.
-# ACX_SYS_LARGEFILE - improved sys_largefile, fseeko, >2G files.
-# ACX_CHECK_GETADDRINFO_WITH_INCLUDES - find getaddrinfo, portably.
-# ACX_FUNC_DEPRECATED - see if func is deprecated.
-# ACX_CHECK_NONBLOCKING_BROKEN - see if nonblocking sockets really work.
-# ACX_MKDIR_ONE_ARG - determine mkdir(2) number of arguments.
-# ACX_FUNC_IOCTLSOCKET - find ioctlsocket, portably.
-# ACX_FUNC_MALLOC - check malloc, define replacement .
-# AHX_CONFIG_FORMAT_ATTRIBUTE - config.h text for format.
-# AHX_CONFIG_UNUSED_ATTRIBUTE - config.h text for unused.
-# AHX_CONFIG_FSEEKO - define fseeko, ftello fallback.
-# AHX_CONFIG_RAND_MAX - define RAND_MAX if needed.
-# AHX_CONFIG_MAXHOSTNAMELEN - define MAXHOSTNAMELEN if needed.
-# AHX_CONFIG_IPV6_MIN_MTU - define IPV6_MIN_MTU if needed.
-# AHX_CONFIG_SNPRINTF - snprintf compat prototype
-# AHX_CONFIG_INET_PTON - inet_pton compat prototype
-# AHX_CONFIG_INET_NTOP - inet_ntop compat prototype
-# AHX_CONFIG_INET_ATON - inet_aton compat prototype
-# AHX_CONFIG_MEMMOVE - memmove compat prototype
-# AHX_CONFIG_STRLCAT - strlcat compat prototype
-# AHX_CONFIG_STRLCPY - strlcpy compat prototype
-# AHX_CONFIG_GMTIME_R - gmtime_r compat prototype
-# AHX_CONFIG_W32_SLEEP - w32 compat for sleep
-# AHX_CONFIG_W32_USLEEP - w32 compat for usleep
-# AHX_CONFIG_W32_RANDOM - w32 compat for random
-# AHX_CONFIG_W32_SRANDOM - w32 compat for srandom
-# AHX_CONFIG_W32_FD_SET_T - w32 detection of FD_SET_T.
-# ACX_CFLAGS_STRIP - strip one flag from CFLAGS
-# ACX_STRIP_EXT_FLAGS - strip extension flags from CFLAGS
-# AHX_CONFIG_FLAG_OMITTED - define omitted flag
-# AHX_CONFIG_FLAG_EXT - define omitted extension flag
-# AHX_CONFIG_EXT_FLAGS - define the stripped extension flags
-# ACX_CHECK_MEMCMP_SIGNED - check if memcmp uses signed characters.
-# AHX_MEMCMP_BROKEN - replace memcmp func for CHECK_MEMCMP_SIGNED.
-# ACX_CHECK_SS_FAMILY - check for sockaddr_storage.ss_family
-#
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-OURCPPFLAGS=''
-CPPFLAGS=${CPPFLAGS:-${OURCPPFLAGS}}
-OURCFLAGS='-g'
-CFLAGS=${CFLAGS:-${OURCFLAGS}}
-
-$as_echo "#define WINVER 0x0502" >>confdefs.h
-
-
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-if test -n "$ac_tool_prefix"; then
- # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args.
-set dummy ${ac_tool_prefix}gcc; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_CC+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
- ac_cv_prog_CC="${ac_tool_prefix}gcc"
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
- done
-IFS=$as_save_IFS
-
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
-$as_echo "$CC" >&6; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-fi
-if test -z "$ac_cv_prog_CC"; then
- ac_ct_CC=$CC
- # Extract the first word of "gcc", so it can be a program name with args.
-set dummy gcc; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_ac_ct_CC+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -n "$ac_ct_CC"; then
- ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
- ac_cv_prog_ac_ct_CC="gcc"
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
- done
-IFS=$as_save_IFS
-
-fi
-fi
-ac_ct_CC=$ac_cv_prog_ac_ct_CC
-if test -n "$ac_ct_CC"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5
-$as_echo "$ac_ct_CC" >&6; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
- if test "x$ac_ct_CC" = x; then
- CC=""
- else
- case $cross_compiling:$ac_tool_warned in
-yes:)
-{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
-$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
-ac_tool_warned=yes ;;
-esac
- CC=$ac_ct_CC
- fi
-else
- CC="$ac_cv_prog_CC"
-fi
-
-if test -z "$CC"; then
- if test -n "$ac_tool_prefix"; then
- # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args.
-set dummy ${ac_tool_prefix}cc; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_CC+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
- ac_cv_prog_CC="${ac_tool_prefix}cc"
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
- done
-IFS=$as_save_IFS
-
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
-$as_echo "$CC" >&6; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
- fi
-fi
-if test -z "$CC"; then
- # Extract the first word of "cc", so it can be a program name with args.
-set dummy cc; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_CC+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
-else
- ac_prog_rejected=no
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
- if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then
- ac_prog_rejected=yes
- continue
- fi
- ac_cv_prog_CC="cc"
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
- done
-IFS=$as_save_IFS
-
-if test $ac_prog_rejected = yes; then
- # We found a bogon in the path, so make sure we never use it.
- set dummy $ac_cv_prog_CC
- shift
- if test $# != 0; then
- # We chose a different compiler from the bogus one.
- # However, it has the same basename, so the bogon will be chosen
- # first if we set CC to just the basename; use the full file name.
- shift
- ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@"
- fi
-fi
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
-$as_echo "$CC" >&6; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-fi
-if test -z "$CC"; then
- if test -n "$ac_tool_prefix"; then
- for ac_prog in cl.exe
- do
- # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
-set dummy $ac_tool_prefix$ac_prog; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_CC+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
- ac_cv_prog_CC="$ac_tool_prefix$ac_prog"
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
- done
-IFS=$as_save_IFS
-
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
-$as_echo "$CC" >&6; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
- test -n "$CC" && break
- done
-fi
-if test -z "$CC"; then
- ac_ct_CC=$CC
- for ac_prog in cl.exe
-do
- # Extract the first word of "$ac_prog", so it can be a program name with args.
-set dummy $ac_prog; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_ac_ct_CC+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -n "$ac_ct_CC"; then
- ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
- ac_cv_prog_ac_ct_CC="$ac_prog"
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
- done
-IFS=$as_save_IFS
-
-fi
-fi
-ac_ct_CC=$ac_cv_prog_ac_ct_CC
-if test -n "$ac_ct_CC"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5
-$as_echo "$ac_ct_CC" >&6; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
- test -n "$ac_ct_CC" && break
-done
-
- if test "x$ac_ct_CC" = x; then
- CC=""
- else
- case $cross_compiling:$ac_tool_warned in
-yes:)
-{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
-$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
-ac_tool_warned=yes ;;
-esac
- CC=$ac_ct_CC
- fi
-fi
-
-fi
-
-
-test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error $? "no acceptable C compiler found in \$PATH
-See \`config.log' for more details" "$LINENO" 5; }
-
-# Provide some information about the compiler.
-$as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5
-set X $ac_compile
-ac_compiler=$2
-for ac_option in --version -v -V -qversion; do
- { { ac_try="$ac_compiler $ac_option >&5"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
- (eval "$ac_compiler $ac_option >&5") 2>conftest.err
- ac_status=$?
- if test -s conftest.err; then
- sed '10a\
-... rest of stderr output deleted ...
- 10q' conftest.err >conftest.er1
- cat conftest.er1 >&5
- fi
- rm -f conftest.er1 conftest.err
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; }
-done
-
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-ac_clean_files_save=$ac_clean_files
-ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out"
-# Try to create an executable without -o first, disregard a.out.
-# It will help us diagnose broken compilers, and finding out an intuition
-# of exeext.
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5
-$as_echo_n "checking whether the C compiler works... " >&6; }
-ac_link_default=`$as_echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'`
-
-# The possible output files:
-ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*"
-
-ac_rmfiles=
-for ac_file in $ac_files
-do
- case $ac_file in
- *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;;
- * ) ac_rmfiles="$ac_rmfiles $ac_file";;
- esac
-done
-rm -f $ac_rmfiles
-
-if { { ac_try="$ac_link_default"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
- (eval "$ac_link_default") 2>&5
- ac_status=$?
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; }; then :
- # Autoconf-2.13 could set the ac_cv_exeext variable to `no'.
-# So ignore a value of `no', otherwise this would lead to `EXEEXT = no'
-# in a Makefile. We should not override ac_cv_exeext if it was cached,
-# so that the user can short-circuit this test for compilers unknown to
-# Autoconf.
-for ac_file in $ac_files ''
-do
- test -f "$ac_file" || continue
- case $ac_file in
- *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj )
- ;;
- [ab].out )
- # We found the default executable, but exeext='' is most
- # certainly right.
- break;;
- *.* )
- if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no;
- then :; else
- ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'`
- fi
- # We set ac_cv_exeext here because the later test for it is not
- # safe: cross compilers may not add the suffix if given an `-o'
- # argument, so we may need to know it at that point already.
- # Even if this section looks crufty: it has the advantage of
- # actually working.
- break;;
- * )
- break;;
- esac
-done
-test "$ac_cv_exeext" = no && ac_cv_exeext=
-
-else
- ac_file=''
-fi
-if test -z "$ac_file"; then :
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-$as_echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error 77 "C compiler cannot create executables
-See \`config.log' for more details" "$LINENO" 5; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5
-$as_echo_n "checking for C compiler default output file name... " >&6; }
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5
-$as_echo "$ac_file" >&6; }
-ac_exeext=$ac_cv_exeext
-
-rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out
-ac_clean_files=$ac_clean_files_save
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of executables" >&5
-$as_echo_n "checking for suffix of executables... " >&6; }
-if { { ac_try="$ac_link"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
- (eval "$ac_link") 2>&5
- ac_status=$?
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; }; then :
- # If both `conftest.exe' and `conftest' are `present' (well, observable)
-# catch `conftest.exe'. For instance with Cygwin, `ls conftest' will
-# work properly (i.e., refer to `conftest.exe'), while it won't with
-# `rm'.
-for ac_file in conftest.exe conftest conftest.*; do
- test -f "$ac_file" || continue
- case $ac_file in
- *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;;
- *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'`
- break;;
- * ) break;;
- esac
-done
-else
- { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error $? "cannot compute suffix of executables: cannot compile and link
-See \`config.log' for more details" "$LINENO" 5; }
-fi
-rm -f conftest conftest$ac_cv_exeext
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5
-$as_echo "$ac_cv_exeext" >&6; }
-
-rm -f conftest.$ac_ext
-EXEEXT=$ac_cv_exeext
-ac_exeext=$EXEEXT
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#include <stdio.h>
-int
-main ()
-{
-FILE *f = fopen ("conftest.out", "w");
- return ferror (f) || fclose (f) != 0;
-
- ;
- return 0;
-}
-_ACEOF
-ac_clean_files="$ac_clean_files conftest.out"
-# Check that the compiler produces executables we can run. If not, either
-# the compiler is broken, or we cross compile.
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5
-$as_echo_n "checking whether we are cross compiling... " >&6; }
-if test "$cross_compiling" != yes; then
- { { ac_try="$ac_link"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
- (eval "$ac_link") 2>&5
- ac_status=$?
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; }
- if { ac_try='./conftest$ac_cv_exeext'
- { { case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
- (eval "$ac_try") 2>&5
- ac_status=$?
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; }; }; then
- cross_compiling=no
- else
- if test "$cross_compiling" = maybe; then
- cross_compiling=yes
- else
- { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error $? "cannot run C compiled programs.
-If you meant to cross compile, use \`--host'.
-See \`config.log' for more details" "$LINENO" 5; }
- fi
- fi
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5
-$as_echo "$cross_compiling" >&6; }
-
-rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out
-ac_clean_files=$ac_clean_files_save
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5
-$as_echo_n "checking for suffix of object files... " >&6; }
-if ${ac_cv_objext+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.o conftest.obj
-if { { ac_try="$ac_compile"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
- (eval "$ac_compile") 2>&5
- ac_status=$?
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; }; then :
- for ac_file in conftest.o conftest.obj conftest.*; do
- test -f "$ac_file" || continue;
- case $ac_file in
- *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;;
- *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'`
- break;;
- esac
-done
-else
- $as_echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error $? "cannot compute suffix of object files: cannot compile
-See \`config.log' for more details" "$LINENO" 5; }
-fi
-rm -f conftest.$ac_cv_objext conftest.$ac_ext
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5
-$as_echo "$ac_cv_objext" >&6; }
-OBJEXT=$ac_cv_objext
-ac_objext=$OBJEXT
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5
-$as_echo_n "checking whether we are using the GNU C compiler... " >&6; }
-if ${ac_cv_c_compiler_gnu+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
-#ifndef __GNUC__
- choke me
-#endif
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- ac_compiler_gnu=yes
-else
- ac_compiler_gnu=no
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-ac_cv_c_compiler_gnu=$ac_compiler_gnu
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5
-$as_echo "$ac_cv_c_compiler_gnu" >&6; }
-if test $ac_compiler_gnu = yes; then
- GCC=yes
-else
- GCC=
-fi
-ac_test_CFLAGS=${CFLAGS+set}
-ac_save_CFLAGS=$CFLAGS
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5
-$as_echo_n "checking whether $CC accepts -g... " >&6; }
-if ${ac_cv_prog_cc_g+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- ac_save_c_werror_flag=$ac_c_werror_flag
- ac_c_werror_flag=yes
- ac_cv_prog_cc_g=no
- CFLAGS="-g"
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- ac_cv_prog_cc_g=yes
-else
- CFLAGS=""
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-else
- ac_c_werror_flag=$ac_save_c_werror_flag
- CFLAGS="-g"
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- ac_cv_prog_cc_g=yes
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
- ac_c_werror_flag=$ac_save_c_werror_flag
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5
-$as_echo "$ac_cv_prog_cc_g" >&6; }
-if test "$ac_test_CFLAGS" = set; then
- CFLAGS=$ac_save_CFLAGS
-elif test $ac_cv_prog_cc_g = yes; then
- if test "$GCC" = yes; then
- CFLAGS="-g -O2"
- else
- CFLAGS="-g"
- fi
-else
- if test "$GCC" = yes; then
- CFLAGS="-O2"
- else
- CFLAGS=
- fi
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5
-$as_echo_n "checking for $CC option to accept ISO C89... " >&6; }
-if ${ac_cv_prog_cc_c89+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- ac_cv_prog_cc_c89=no
-ac_save_CC=$CC
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#include <stdarg.h>
-#include <stdio.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */
-struct buf { int x; };
-FILE * (*rcsopen) (struct buf *, struct stat *, int);
-static char *e (p, i)
- char **p;
- int i;
-{
- return p[i];
-}
-static char *f (char * (*g) (char **, int), char **p, ...)
-{
- char *s;
- va_list v;
- va_start (v,p);
- s = g (p, va_arg (v,int));
- va_end (v);
- return s;
-}
-
-/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has
- function prototypes and stuff, but not '\xHH' hex character constants.
- These don't provoke an error unfortunately, instead are silently treated
- as 'x'. The following induces an error, until -std is added to get
- proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an
- array size at least. It's necessary to write '\x00'==0 to get something
- that's true only with -std. */
-int osf4_cc_array ['\x00' == 0 ? 1 : -1];
-
-/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters
- inside strings and character constants. */
-#define FOO(x) 'x'
-int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1];
-
-int test (int i, double x);
-struct s1 {int (*f) (int a);};
-struct s2 {int (*f) (double a);};
-int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int);
-int argc;
-char **argv;
-int
-main ()
-{
-return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1];
- ;
- return 0;
-}
-_ACEOF
-for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \
- -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__"
-do
- CC="$ac_save_CC $ac_arg"
- if ac_fn_c_try_compile "$LINENO"; then :
- ac_cv_prog_cc_c89=$ac_arg
-fi
-rm -f core conftest.err conftest.$ac_objext
- test "x$ac_cv_prog_cc_c89" != "xno" && break
-done
-rm -f conftest.$ac_ext
-CC=$ac_save_CC
-
-fi
-# AC_CACHE_VAL
-case "x$ac_cv_prog_cc_c89" in
- x)
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5
-$as_echo "none needed" >&6; } ;;
- xno)
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5
-$as_echo "unsupported" >&6; } ;;
- *)
- CC="$CC $ac_cv_prog_cc_c89"
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5
-$as_echo "$ac_cv_prog_cc_c89" >&6; } ;;
-esac
-if test "x$ac_cv_prog_cc_c89" != xno; then :
-
-fi
-
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-
-
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5
-$as_echo_n "checking how to run the C preprocessor... " >&6; }
-# On Suns, sometimes $CPP names a directory.
-if test -n "$CPP" && test -d "$CPP"; then
- CPP=
-fi
-if test -z "$CPP"; then
- if ${ac_cv_prog_CPP+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- # Double quotes because CPP needs to be expanded
- for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp"
- do
- ac_preproc_ok=false
-for ac_c_preproc_warn_flag in '' yes
-do
- # Use a header file that comes with gcc, so configuring glibc
- # with a fresh cross-compiler works.
- # Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
- # <limits.h> exists even on freestanding compilers.
- # On the NeXT, cc -E runs the code through the compiler's parser,
- # not just through cpp. "Syntax error" is here to catch this case.
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#ifdef __STDC__
-# include <limits.h>
-#else
-# include <assert.h>
-#endif
- Syntax error
-_ACEOF
-if ac_fn_c_try_cpp "$LINENO"; then :
-
-else
- # Broken: fails on valid input.
-continue
-fi
-rm -f conftest.err conftest.i conftest.$ac_ext
-
- # OK, works on sane cases. Now check whether nonexistent headers
- # can be detected and how.
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#include <ac_nonexistent.h>
-_ACEOF
-if ac_fn_c_try_cpp "$LINENO"; then :
- # Broken: success on invalid input.
-continue
-else
- # Passes both tests.
-ac_preproc_ok=:
-break
-fi
-rm -f conftest.err conftest.i conftest.$ac_ext
-
-done
-# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
-rm -f conftest.i conftest.err conftest.$ac_ext
-if $ac_preproc_ok; then :
- break
-fi
-
- done
- ac_cv_prog_CPP=$CPP
-
-fi
- CPP=$ac_cv_prog_CPP
-else
- ac_cv_prog_CPP=$CPP
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5
-$as_echo "$CPP" >&6; }
-ac_preproc_ok=false
-for ac_c_preproc_warn_flag in '' yes
-do
- # Use a header file that comes with gcc, so configuring glibc
- # with a fresh cross-compiler works.
- # Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
- # <limits.h> exists even on freestanding compilers.
- # On the NeXT, cc -E runs the code through the compiler's parser,
- # not just through cpp. "Syntax error" is here to catch this case.
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#ifdef __STDC__
-# include <limits.h>
-#else
-# include <assert.h>
-#endif
- Syntax error
-_ACEOF
-if ac_fn_c_try_cpp "$LINENO"; then :
-
-else
- # Broken: fails on valid input.
-continue
-fi
-rm -f conftest.err conftest.i conftest.$ac_ext
-
- # OK, works on sane cases. Now check whether nonexistent headers
- # can be detected and how.
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#include <ac_nonexistent.h>
-_ACEOF
-if ac_fn_c_try_cpp "$LINENO"; then :
- # Broken: success on invalid input.
-continue
-else
- # Passes both tests.
-ac_preproc_ok=:
-break
-fi
-rm -f conftest.err conftest.i conftest.$ac_ext
-
-done
-# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
-rm -f conftest.i conftest.err conftest.$ac_ext
-if $ac_preproc_ok; then :
-
-else
- { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error $? "C preprocessor \"$CPP\" fails sanity check
-See \`config.log' for more details" "$LINENO" 5; }
-fi
-
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5
-$as_echo_n "checking for grep that handles long lines and -e... " >&6; }
-if ${ac_cv_path_GREP+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -z "$GREP"; then
- ac_path_GREP_found=false
- # Loop through the user's path and test for each of PROGNAME-LIST
- as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_prog in grep ggrep; do
- for ac_exec_ext in '' $ac_executable_extensions; do
- ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext"
- { test -f "$ac_path_GREP" && $as_test_x "$ac_path_GREP"; } || continue
-# Check for GNU ac_path_GREP and select it if it is found.
- # Check for GNU $ac_path_GREP
-case `"$ac_path_GREP" --version 2>&1` in
-*GNU*)
- ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;;
-*)
- ac_count=0
- $as_echo_n 0123456789 >"conftest.in"
- while :
- do
- cat "conftest.in" "conftest.in" >"conftest.tmp"
- mv "conftest.tmp" "conftest.in"
- cp "conftest.in" "conftest.nl"
- $as_echo 'GREP' >> "conftest.nl"
- "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break
- diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break
- as_fn_arith $ac_count + 1 && ac_count=$as_val
- if test $ac_count -gt ${ac_path_GREP_max-0}; then
- # Best one so far, save it but keep looking for a better one
- ac_cv_path_GREP="$ac_path_GREP"
- ac_path_GREP_max=$ac_count
- fi
- # 10*(2^10) chars as input seems more than enough
- test $ac_count -gt 10 && break
- done
- rm -f conftest.in conftest.tmp conftest.nl conftest.out;;
-esac
-
- $ac_path_GREP_found && break 3
- done
- done
- done
-IFS=$as_save_IFS
- if test -z "$ac_cv_path_GREP"; then
- as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5
- fi
-else
- ac_cv_path_GREP=$GREP
-fi
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_GREP" >&5
-$as_echo "$ac_cv_path_GREP" >&6; }
- GREP="$ac_cv_path_GREP"
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5
-$as_echo_n "checking for egrep... " >&6; }
-if ${ac_cv_path_EGREP+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if echo a | $GREP -E '(a|b)' >/dev/null 2>&1
- then ac_cv_path_EGREP="$GREP -E"
- else
- if test -z "$EGREP"; then
- ac_path_EGREP_found=false
- # Loop through the user's path and test for each of PROGNAME-LIST
- as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_prog in egrep; do
- for ac_exec_ext in '' $ac_executable_extensions; do
- ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext"
- { test -f "$ac_path_EGREP" && $as_test_x "$ac_path_EGREP"; } || continue
-# Check for GNU ac_path_EGREP and select it if it is found.
- # Check for GNU $ac_path_EGREP
-case `"$ac_path_EGREP" --version 2>&1` in
-*GNU*)
- ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;;
-*)
- ac_count=0
- $as_echo_n 0123456789 >"conftest.in"
- while :
- do
- cat "conftest.in" "conftest.in" >"conftest.tmp"
- mv "conftest.tmp" "conftest.in"
- cp "conftest.in" "conftest.nl"
- $as_echo 'EGREP' >> "conftest.nl"
- "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break
- diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break
- as_fn_arith $ac_count + 1 && ac_count=$as_val
- if test $ac_count -gt ${ac_path_EGREP_max-0}; then
- # Best one so far, save it but keep looking for a better one
- ac_cv_path_EGREP="$ac_path_EGREP"
- ac_path_EGREP_max=$ac_count
- fi
- # 10*(2^10) chars as input seems more than enough
- test $ac_count -gt 10 && break
- done
- rm -f conftest.in conftest.tmp conftest.nl conftest.out;;
-esac
-
- $ac_path_EGREP_found && break 3
- done
- done
- done
-IFS=$as_save_IFS
- if test -z "$ac_cv_path_EGREP"; then
- as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5
- fi
-else
- ac_cv_path_EGREP=$EGREP
-fi
-
- fi
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5
-$as_echo "$ac_cv_path_EGREP" >&6; }
- EGREP="$ac_cv_path_EGREP"
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5
-$as_echo_n "checking for ANSI C header files... " >&6; }
-if ${ac_cv_header_stdc+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#include <stdlib.h>
-#include <stdarg.h>
-#include <string.h>
-#include <float.h>
-
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- ac_cv_header_stdc=yes
-else
- ac_cv_header_stdc=no
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-if test $ac_cv_header_stdc = yes; then
- # SunOS 4.x string.h does not declare mem*, contrary to ANSI.
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#include <string.h>
-
-_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
- $EGREP "memchr" >/dev/null 2>&1; then :
-
-else
- ac_cv_header_stdc=no
-fi
-rm -f conftest*
-
-fi
-
-if test $ac_cv_header_stdc = yes; then
- # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI.
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#include <stdlib.h>
-
-_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
- $EGREP "free" >/dev/null 2>&1; then :
-
-else
- ac_cv_header_stdc=no
-fi
-rm -f conftest*
-
-fi
-
-if test $ac_cv_header_stdc = yes; then
- # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi.
- if test "$cross_compiling" = yes; then :
- :
-else
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#include <ctype.h>
-#include <stdlib.h>
-#if ((' ' & 0x0FF) == 0x020)
-# define ISLOWER(c) ('a' <= (c) && (c) <= 'z')
-# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c))
-#else
-# define ISLOWER(c) \
- (('a' <= (c) && (c) <= 'i') \
- || ('j' <= (c) && (c) <= 'r') \
- || ('s' <= (c) && (c) <= 'z'))
-# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c))
-#endif
-
-#define XOR(e, f) (((e) && !(f)) || (!(e) && (f)))
-int
-main ()
-{
- int i;
- for (i = 0; i < 256; i++)
- if (XOR (islower (i), ISLOWER (i))
- || toupper (i) != TOUPPER (i))
- return 2;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-
-else
- ac_cv_header_stdc=no
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
- conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-fi
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdc" >&5
-$as_echo "$ac_cv_header_stdc" >&6; }
-if test $ac_cv_header_stdc = yes; then
-
-$as_echo "#define STDC_HEADERS 1" >>confdefs.h
-
-fi
-
-# On IRIX 5.3, sys/types and inttypes.h are conflicting.
-for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \
- inttypes.h stdint.h unistd.h
-do :
- as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
-ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default
-"
-if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
- cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-
-
- ac_fn_c_check_header_mongrel "$LINENO" "minix/config.h" "ac_cv_header_minix_config_h" "$ac_includes_default"
-if test "x$ac_cv_header_minix_config_h" = xyes; then :
- MINIX=yes
-else
- MINIX=
-fi
-
-
- if test "$MINIX" = yes; then
-
-$as_echo "#define _POSIX_SOURCE 1" >>confdefs.h
-
-
-$as_echo "#define _POSIX_1_SOURCE 2" >>confdefs.h
-
-
-$as_echo "#define _MINIX 1" >>confdefs.h
-
- fi
-
-
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether it is safe to define __EXTENSIONS__" >&5
-$as_echo_n "checking whether it is safe to define __EXTENSIONS__... " >&6; }
-if ${ac_cv_safe_to_define___extensions__+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-# define __EXTENSIONS__ 1
- $ac_includes_default
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- ac_cv_safe_to_define___extensions__=yes
-else
- ac_cv_safe_to_define___extensions__=no
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_safe_to_define___extensions__" >&5
-$as_echo "$ac_cv_safe_to_define___extensions__" >&6; }
- test $ac_cv_safe_to_define___extensions__ = yes &&
- $as_echo "#define __EXTENSIONS__ 1" >>confdefs.h
-
- $as_echo "#define _ALL_SOURCE 1" >>confdefs.h
-
- $as_echo "#define _GNU_SOURCE 1" >>confdefs.h
-
- $as_echo "#define _POSIX_PTHREAD_SEMANTICS 1" >>confdefs.h
-
- $as_echo "#define _TANDEM_SOURCE 1" >>confdefs.h
-
-
-
-# Checks for programs.
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-if test -n "$ac_tool_prefix"; then
- # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args.
-set dummy ${ac_tool_prefix}gcc; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_CC+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
- ac_cv_prog_CC="${ac_tool_prefix}gcc"
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
- done
-IFS=$as_save_IFS
-
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
-$as_echo "$CC" >&6; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-fi
-if test -z "$ac_cv_prog_CC"; then
- ac_ct_CC=$CC
- # Extract the first word of "gcc", so it can be a program name with args.
-set dummy gcc; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_ac_ct_CC+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -n "$ac_ct_CC"; then
- ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
- ac_cv_prog_ac_ct_CC="gcc"
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
- done
-IFS=$as_save_IFS
-
-fi
-fi
-ac_ct_CC=$ac_cv_prog_ac_ct_CC
-if test -n "$ac_ct_CC"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5
-$as_echo "$ac_ct_CC" >&6; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
- if test "x$ac_ct_CC" = x; then
- CC=""
- else
- case $cross_compiling:$ac_tool_warned in
-yes:)
-{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
-$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
-ac_tool_warned=yes ;;
-esac
- CC=$ac_ct_CC
- fi
-else
- CC="$ac_cv_prog_CC"
-fi
-
-if test -z "$CC"; then
- if test -n "$ac_tool_prefix"; then
- # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args.
-set dummy ${ac_tool_prefix}cc; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_CC+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
- ac_cv_prog_CC="${ac_tool_prefix}cc"
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
- done
-IFS=$as_save_IFS
-
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
-$as_echo "$CC" >&6; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
- fi
-fi
-if test -z "$CC"; then
- # Extract the first word of "cc", so it can be a program name with args.
-set dummy cc; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_CC+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
-else
- ac_prog_rejected=no
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
- if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then
- ac_prog_rejected=yes
- continue
- fi
- ac_cv_prog_CC="cc"
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
- done
-IFS=$as_save_IFS
-
-if test $ac_prog_rejected = yes; then
- # We found a bogon in the path, so make sure we never use it.
- set dummy $ac_cv_prog_CC
- shift
- if test $# != 0; then
- # We chose a different compiler from the bogus one.
- # However, it has the same basename, so the bogon will be chosen
- # first if we set CC to just the basename; use the full file name.
- shift
- ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@"
- fi
-fi
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
-$as_echo "$CC" >&6; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-fi
-if test -z "$CC"; then
- if test -n "$ac_tool_prefix"; then
- for ac_prog in cl.exe
- do
- # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
-set dummy $ac_tool_prefix$ac_prog; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_CC+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
- ac_cv_prog_CC="$ac_tool_prefix$ac_prog"
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
- done
-IFS=$as_save_IFS
-
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
-$as_echo "$CC" >&6; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
- test -n "$CC" && break
- done
-fi
-if test -z "$CC"; then
- ac_ct_CC=$CC
- for ac_prog in cl.exe
-do
- # Extract the first word of "$ac_prog", so it can be a program name with args.
-set dummy $ac_prog; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_ac_ct_CC+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -n "$ac_ct_CC"; then
- ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
- ac_cv_prog_ac_ct_CC="$ac_prog"
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
- done
-IFS=$as_save_IFS
-
-fi
-fi
-ac_ct_CC=$ac_cv_prog_ac_ct_CC
-if test -n "$ac_ct_CC"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5
-$as_echo "$ac_ct_CC" >&6; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
- test -n "$ac_ct_CC" && break
-done
-
- if test "x$ac_ct_CC" = x; then
- CC=""
- else
- case $cross_compiling:$ac_tool_warned in
-yes:)
-{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
-$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
-ac_tool_warned=yes ;;
-esac
- CC=$ac_ct_CC
- fi
-fi
-
-fi
-
-
-test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error $? "no acceptable C compiler found in \$PATH
-See \`config.log' for more details" "$LINENO" 5; }
-
-# Provide some information about the compiler.
-$as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5
-set X $ac_compile
-ac_compiler=$2
-for ac_option in --version -v -V -qversion; do
- { { ac_try="$ac_compiler $ac_option >&5"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
- (eval "$ac_compiler $ac_option >&5") 2>conftest.err
- ac_status=$?
- if test -s conftest.err; then
- sed '10a\
-... rest of stderr output deleted ...
- 10q' conftest.err >conftest.er1
- cat conftest.er1 >&5
- fi
- rm -f conftest.er1 conftest.err
- $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
- test $ac_status = 0; }
-done
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5
-$as_echo_n "checking whether we are using the GNU C compiler... " >&6; }
-if ${ac_cv_c_compiler_gnu+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
-#ifndef __GNUC__
- choke me
-#endif
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- ac_compiler_gnu=yes
-else
- ac_compiler_gnu=no
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-ac_cv_c_compiler_gnu=$ac_compiler_gnu
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5
-$as_echo "$ac_cv_c_compiler_gnu" >&6; }
-if test $ac_compiler_gnu = yes; then
- GCC=yes
-else
- GCC=
-fi
-ac_test_CFLAGS=${CFLAGS+set}
-ac_save_CFLAGS=$CFLAGS
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5
-$as_echo_n "checking whether $CC accepts -g... " >&6; }
-if ${ac_cv_prog_cc_g+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- ac_save_c_werror_flag=$ac_c_werror_flag
- ac_c_werror_flag=yes
- ac_cv_prog_cc_g=no
- CFLAGS="-g"
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- ac_cv_prog_cc_g=yes
-else
- CFLAGS=""
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-else
- ac_c_werror_flag=$ac_save_c_werror_flag
- CFLAGS="-g"
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- ac_cv_prog_cc_g=yes
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
- ac_c_werror_flag=$ac_save_c_werror_flag
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5
-$as_echo "$ac_cv_prog_cc_g" >&6; }
-if test "$ac_test_CFLAGS" = set; then
- CFLAGS=$ac_save_CFLAGS
-elif test $ac_cv_prog_cc_g = yes; then
- if test "$GCC" = yes; then
- CFLAGS="-g -O2"
- else
- CFLAGS="-g"
- fi
-else
- if test "$GCC" = yes; then
- CFLAGS="-O2"
- else
- CFLAGS=
- fi
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5
-$as_echo_n "checking for $CC option to accept ISO C89... " >&6; }
-if ${ac_cv_prog_cc_c89+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- ac_cv_prog_cc_c89=no
-ac_save_CC=$CC
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#include <stdarg.h>
-#include <stdio.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */
-struct buf { int x; };
-FILE * (*rcsopen) (struct buf *, struct stat *, int);
-static char *e (p, i)
- char **p;
- int i;
-{
- return p[i];
-}
-static char *f (char * (*g) (char **, int), char **p, ...)
-{
- char *s;
- va_list v;
- va_start (v,p);
- s = g (p, va_arg (v,int));
- va_end (v);
- return s;
-}
-
-/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has
- function prototypes and stuff, but not '\xHH' hex character constants.
- These don't provoke an error unfortunately, instead are silently treated
- as 'x'. The following induces an error, until -std is added to get
- proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an
- array size at least. It's necessary to write '\x00'==0 to get something
- that's true only with -std. */
-int osf4_cc_array ['\x00' == 0 ? 1 : -1];
-
-/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters
- inside strings and character constants. */
-#define FOO(x) 'x'
-int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1];
-
-int test (int i, double x);
-struct s1 {int (*f) (int a);};
-struct s2 {int (*f) (double a);};
-int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int);
-int argc;
-char **argv;
-int
-main ()
-{
-return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1];
- ;
- return 0;
-}
-_ACEOF
-for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \
- -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__"
-do
- CC="$ac_save_CC $ac_arg"
- if ac_fn_c_try_compile "$LINENO"; then :
- ac_cv_prog_cc_c89=$ac_arg
-fi
-rm -f core conftest.err conftest.$ac_objext
- test "x$ac_cv_prog_cc_c89" != "xno" && break
-done
-rm -f conftest.$ac_ext
-CC=$ac_save_CC
-
-fi
-# AC_CACHE_VAL
-case "x$ac_cv_prog_cc_c89" in
- x)
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5
-$as_echo "none needed" >&6; } ;;
- xno)
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5
-$as_echo "unsupported" >&6; } ;;
- *)
- CC="$CC $ac_cv_prog_cc_c89"
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5
-$as_echo "$ac_cv_prog_cc_c89" >&6; } ;;
-esac
-if test "x$ac_cv_prog_cc_c89" != xno; then :
-
-fi
-
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} sets \$(MAKE)" >&5
-$as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; }
-set x ${MAKE-make}
-ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'`
-if eval \${ac_cv_prog_make_${ac_make}_set+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- cat >conftest.make <<\_ACEOF
-SHELL = /bin/sh
-all:
- @echo '@@@%%%=$(MAKE)=@@@%%%'
-_ACEOF
-# GNU make sometimes prints "make[1]: Entering ...", which would confuse us.
-case `${MAKE-make} -f conftest.make 2>/dev/null` in
- *@@@%%%=?*=@@@%%%*)
- eval ac_cv_prog_make_${ac_make}_set=yes;;
- *)
- eval ac_cv_prog_make_${ac_make}_set=no;;
-esac
-rm -f conftest.make
-fi
-if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
- SET_MAKE=
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
- SET_MAKE="MAKE=${MAKE-make}"
-fi
-
-for ac_prog in glibtool libtool15 libtool
-do
- # Extract the first word of "$ac_prog", so it can be a program name with args.
-set dummy $ac_prog; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_libtool+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test -n "$libtool"; then
- ac_cv_prog_libtool="$libtool" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- for ac_exec_ext in '' $ac_executable_extensions; do
- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
- ac_cv_prog_libtool="$ac_prog"
- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
- break 2
- fi
-done
- done
-IFS=$as_save_IFS
-
-fi
-fi
-libtool=$ac_cv_prog_libtool
-if test -n "$libtool"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $libtool" >&5
-$as_echo "$libtool" >&6; }
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
- test -n "$libtool" && break
-done
-test -n "$libtool" || libtool="../libtool"
-
-
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC supports -std=c99" >&5
-$as_echo_n "checking whether $CC supports -std=c99... " >&6; }
-cache=`echo std=c99 | sed 'y%.=/+-%___p_%'`
-if eval \${cv_prog_cc_flag_$cache+:} false; then :
- $as_echo_n "(cached) " >&6
-else
-
-echo 'void f(){}' >conftest.c
-if test -z "`$CC $CPPFLAGS $CFLAGS -std=c99 -c conftest.c 2>&1`"; then
-eval "cv_prog_cc_flag_$cache=yes"
-else
-eval "cv_prog_cc_flag_$cache=no"
-fi
-rm -f conftest conftest.o conftest.c
-
-fi
-
-if eval "test \"`echo '$cv_prog_cc_flag_'$cache`\" = yes"; then
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-:
-C99FLAG="-std=c99"
-else
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-:
-
-fi
-
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC supports -xc99" >&5
-$as_echo_n "checking whether $CC supports -xc99... " >&6; }
-cache=`echo xc99 | sed 'y%.=/+-%___p_%'`
-if eval \${cv_prog_cc_flag_$cache+:} false; then :
- $as_echo_n "(cached) " >&6
-else
-
-echo 'void f(){}' >conftest.c
-if test -z "`$CC $CPPFLAGS $CFLAGS -xc99 -c conftest.c 2>&1`"; then
-eval "cv_prog_cc_flag_$cache=yes"
-else
-eval "cv_prog_cc_flag_$cache=no"
-fi
-rm -f conftest conftest.o conftest.c
-
-fi
-
-if eval "test \"`echo '$cv_prog_cc_flag_'$cache`\" = yes"; then
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-:
-C99FLAG="-xc99"
-else
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-:
-
-fi
-
-
-# Check whether --enable-rpath was given.
-if test "${enable_rpath+set}" = set; then :
- enableval=$enable_rpath; enable_rpath=$enableval
-else
- enable_rpath=yes
-fi
-
-
-if test "x$enable_rpath" = xyes; then
- RPATH_VAL="-Wl,-rpath=\${libdir}"
-fi
-
-
-ac_fn_c_check_type "$LINENO" "size_t" "ac_cv_type_size_t" "$ac_includes_default"
-if test "x$ac_cv_type_size_t" = xyes; then :
-
-else
-
-cat >>confdefs.h <<_ACEOF
-#define size_t unsigned int
-_ACEOF
-
-fi
-
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC supports -O2" >&5
-$as_echo_n "checking whether $CC supports -O2... " >&6; }
-cache=`echo O2 | sed 'y%.=/+-%___p_%'`
-if eval \${cv_prog_cc_flag_$cache+:} false; then :
- $as_echo_n "(cached) " >&6
-else
-
-echo 'void f(){}' >conftest.c
-if test -z "`$CC $CPPFLAGS $CFLAGS -O2 -c conftest.c 2>&1`"; then
-eval "cv_prog_cc_flag_$cache=yes"
-else
-eval "cv_prog_cc_flag_$cache=no"
-fi
-rm -f conftest conftest.o conftest.c
-
-fi
-
-if eval "test \"`echo '$cv_prog_cc_flag_'$cache`\" = yes"; then
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-:
-CFLAGS="$CFLAGS -O2"
-else
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-:
-
-fi
-
-
-
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC supports -Werror" >&5
-$as_echo_n "checking whether $CC supports -Werror... " >&6; }
-cache=`echo Werror | sed 'y%.=/+-%___p_%'`
-if eval \${cv_prog_cc_flag_$cache+:} false; then :
- $as_echo_n "(cached) " >&6
-else
-
-echo 'void f(){}' >conftest.c
-if test -z "`$CC $CPPFLAGS $CFLAGS -Werror -c conftest.c 2>&1`"; then
-eval "cv_prog_cc_flag_$cache=yes"
-else
-eval "cv_prog_cc_flag_$cache=no"
-fi
-rm -f conftest conftest.o conftest.c
-
-fi
-
-if eval "test \"`echo '$cv_prog_cc_flag_'$cache`\" = yes"; then
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-:
-ERRFLAG="-Werror"
-else
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-:
-ERRFLAG="-errwarn"
-fi
-
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC supports -Wall" >&5
-$as_echo_n "checking whether $CC supports -Wall... " >&6; }
-cache=`echo Wall | sed 'y%.=/+-%___p_%'`
-if eval \${cv_prog_cc_flag_$cache+:} false; then :
- $as_echo_n "(cached) " >&6
-else
-
-echo 'void f(){}' >conftest.c
-if test -z "`$CC $CPPFLAGS $CFLAGS -Wall -c conftest.c 2>&1`"; then
-eval "cv_prog_cc_flag_$cache=yes"
-else
-eval "cv_prog_cc_flag_$cache=no"
-fi
-rm -f conftest conftest.o conftest.c
-
-fi
-
-if eval "test \"`echo '$cv_prog_cc_flag_'$cache`\" = yes"; then
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-:
-ERRFLAG="$ERRFLAG -Wall"
-else
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-:
-ERRFLAG="$ERRFLAG -errfmt"
-fi
-
-
-
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we need $C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 as a flag for $CC" >&5
-$as_echo_n "checking whether we need $C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 as a flag for $CC... " >&6; }
-cache=`$as_echo "$C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600" | $as_tr_sh`
-if eval \${cv_prog_cc_flag_needed_$cache+:} false; then :
- $as_echo_n "(cached) " >&6
-else
-
-echo '
-#include "confdefs.h"
-#include <stdlib.h>
-#include <ctype.h>
-#include <sys/time.h>
-#ifdef HAVE_TIME_H
-#include <time.h>
-#endif
-#include <unistd.h>
-#ifdef HAVE_GETOPT_H
-#include <getopt.h>
-#endif
-
-int test() {
- int a;
- char **opts = NULL;
- struct timeval tv;
- char *t;
- time_t time = 0;
- char *buf = NULL;
- t = ctime_r(&time, buf);
- tv.tv_usec = 10;
- srandom(32);
- a = getopt(2, opts, "a");
- a = isascii(32);
- return a;
-}
-' > conftest.c
-echo 'void f(){}' >>conftest.c
-if test -z "`$CC $CPPFLAGS $CFLAGS $ERRFLAG -c conftest.c 2>&1`"; then
-eval "cv_prog_cc_flag_needed_$cache=no"
-else
-
-if test -z "`$CC $CPPFLAGS $CFLAGS $C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 $ERRFLAG -c conftest.c 2>&1`"; then
-eval "cv_prog_cc_flag_needed_$cache=yes"
-else
-eval "cv_prog_cc_flag_needed_$cache=fail"
-#echo 'Test with flag fails too!'
-#cat conftest.c
-#echo "$CC $CPPFLAGS $CFLAGS $C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 $ERRFLAG -c conftest.c 2>&1"
-#echo `$CC $CPPFLAGS $CFLAGS $C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 $ERRFLAG -c conftest.c 2>&1`
-#exit 1
-fi
-
-fi
-rm -f conftest conftest.c conftest.o
-
-fi
-
-if eval "test \"`echo '$cv_prog_cc_flag_needed_'$cache`\" = yes"; then
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-:
-CFLAGS="$CFLAGS $C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600"
-else
-if eval "test \"`echo '$cv_prog_cc_flag_needed_'$cache`\" = no"; then
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-#echo 'Test with flag is no!'
-#cat conftest.c
-#echo "$CC $CPPFLAGS $CFLAGS $C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 $ERRFLAG -c conftest.c 2>&1"
-#echo `$CC $CPPFLAGS $CFLAGS $C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 $ERRFLAG -c conftest.c 2>&1`
-#exit 1
-:
-
-else
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: failed" >&5
-$as_echo "failed" >&6; }
-:
-
-fi
-fi
-
-
-
-
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we need $C99FLAG as a flag for $CC" >&5
-$as_echo_n "checking whether we need $C99FLAG as a flag for $CC... " >&6; }
-cache=`$as_echo "$C99FLAG" | $as_tr_sh`
-if eval \${cv_prog_cc_flag_needed_$cache+:} false; then :
- $as_echo_n "(cached) " >&6
-else
-
-echo '#include <stdbool.h>' > conftest.c
-echo 'void f(){}' >>conftest.c
-if test -z "`$CC $CPPFLAGS $CFLAGS $ERRFLAG -c conftest.c 2>&1`"; then
-eval "cv_prog_cc_flag_needed_$cache=no"
-else
-
-if test -z "`$CC $CPPFLAGS $CFLAGS $C99FLAG $ERRFLAG -c conftest.c 2>&1`"; then
-eval "cv_prog_cc_flag_needed_$cache=yes"
-else
-eval "cv_prog_cc_flag_needed_$cache=fail"
-#echo 'Test with flag fails too!'
-#cat conftest.c
-#echo "$CC $CPPFLAGS $CFLAGS $C99FLAG $ERRFLAG -c conftest.c 2>&1"
-#echo `$CC $CPPFLAGS $CFLAGS $C99FLAG $ERRFLAG -c conftest.c 2>&1`
-#exit 1
-fi
-
-fi
-rm -f conftest conftest.c conftest.o
-
-fi
-
-if eval "test \"`echo '$cv_prog_cc_flag_needed_'$cache`\" = yes"; then
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-:
-CFLAGS="$CFLAGS $C99FLAG"
-else
-if eval "test \"`echo '$cv_prog_cc_flag_needed_'$cache`\" = no"; then
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-#echo 'Test with flag is no!'
-#cat conftest.c
-#echo "$CC $CPPFLAGS $CFLAGS $C99FLAG $ERRFLAG -c conftest.c 2>&1"
-#echo `$CC $CPPFLAGS $CFLAGS $C99FLAG $ERRFLAG -c conftest.c 2>&1`
-#exit 1
-:
-
-else
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: failed" >&5
-$as_echo "failed" >&6; }
-:
-
-fi
-fi
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for inline" >&5
-$as_echo_n "checking for inline... " >&6; }
-if ${ac_cv_c_inline+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- ac_cv_c_inline=no
-for ac_kw in inline __inline__ __inline; do
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#ifndef __cplusplus
-typedef int foo_t;
-static $ac_kw foo_t static_foo () {return 0; }
-$ac_kw foo_t foo () {return 0; }
-#endif
-
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- ac_cv_c_inline=$ac_kw
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
- test "$ac_cv_c_inline" != no && break
-done
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_inline" >&5
-$as_echo "$ac_cv_c_inline" >&6; }
-
-case $ac_cv_c_inline in
- inline | yes) ;;
- *)
- case $ac_cv_c_inline in
- no) ac_val=;;
- *) ac_val=$ac_cv_c_inline;;
- esac
- cat >>confdefs.h <<_ACEOF
-#ifndef __cplusplus
-#define inline $ac_val
-#endif
-_ACEOF
- ;;
-esac
-
-ac_fn_c_check_type "$LINENO" "int8_t" "ac_cv_type_int8_t" "$ac_includes_default"
-if test "x$ac_cv_type_int8_t" = xyes; then :
-
-else
-
-cat >>confdefs.h <<_ACEOF
-#define int8_t char
-_ACEOF
-
-fi
-
-ac_fn_c_check_type "$LINENO" "int16_t" "ac_cv_type_int16_t" "$ac_includes_default"
-if test "x$ac_cv_type_int16_t" = xyes; then :
-
-else
-
-cat >>confdefs.h <<_ACEOF
-#define int16_t short
-_ACEOF
-
-fi
-
-ac_fn_c_check_type "$LINENO" "int32_t" "ac_cv_type_int32_t" "$ac_includes_default"
-if test "x$ac_cv_type_int32_t" = xyes; then :
-
-else
-
-cat >>confdefs.h <<_ACEOF
-#define int32_t int
-_ACEOF
-
-fi
-
-ac_fn_c_check_type "$LINENO" "int64_t" "ac_cv_type_int64_t" "$ac_includes_default"
-if test "x$ac_cv_type_int64_t" = xyes; then :
-
-else
-
-cat >>confdefs.h <<_ACEOF
-#define int64_t long long
-_ACEOF
-
-fi
-
-ac_fn_c_check_type "$LINENO" "uint8_t" "ac_cv_type_uint8_t" "$ac_includes_default"
-if test "x$ac_cv_type_uint8_t" = xyes; then :
-
-else
-
-cat >>confdefs.h <<_ACEOF
-#define uint8_t unsigned char
-_ACEOF
-
-fi
-
-ac_fn_c_check_type "$LINENO" "uint16_t" "ac_cv_type_uint16_t" "$ac_includes_default"
-if test "x$ac_cv_type_uint16_t" = xyes; then :
-
-else
-
-cat >>confdefs.h <<_ACEOF
-#define uint16_t unsigned short
-_ACEOF
-
-fi
-
-ac_fn_c_check_type "$LINENO" "uint32_t" "ac_cv_type_uint32_t" "$ac_includes_default"
-if test "x$ac_cv_type_uint32_t" = xyes; then :
-
-else
-
-cat >>confdefs.h <<_ACEOF
-#define uint32_t unsigned int
-_ACEOF
-
-fi
-
-ac_fn_c_check_type "$LINENO" "uint64_t" "ac_cv_type_uint64_t" "$ac_includes_default"
-if test "x$ac_cv_type_uint64_t" = xyes; then :
-
-else
-
-cat >>confdefs.h <<_ACEOF
-#define uint64_t unsigned long long
-_ACEOF
-
-fi
-
-ac_fn_c_check_type "$LINENO" "ssize_t" "ac_cv_type_ssize_t" "$ac_includes_default"
-if test "x$ac_cv_type_ssize_t" = xyes; then :
-
-else
-
-cat >>confdefs.h <<_ACEOF
-#define ssize_t int
-_ACEOF
-
-fi
-
-
-for ac_header in sys/types.h getopt.h stdlib.h stdio.h assert.h netinet/in.h ctype.h time.h pcap.h arpa/inet.h sys/time.h sys/socket.h sys/select.h netdb.h
-do :
- as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
-ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default
-"
-if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
- cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-for ac_header in winsock2.h ws2tcpip.h
-do :
- as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
-ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default
-"
-if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
- cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-for ac_header in netinet/in_systm.h net/if.h netinet/ip.h netinet/udp.h netinet/igmp.h netinet/if_ether.h netinet/ip6.h
-do :
- as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
-ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "
-$ac_includes_default
-#ifdef HAVE_NETINET_IN_SYSTM_H
-#include <netinet/in_systm.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_NET_IF_H
-#include <net/if.h>
-#endif
-"
-if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
- cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-
-
-ac_fn_c_check_type "$LINENO" "socklen_t" "ac_cv_type_socklen_t" "
-$ac_includes_default
-#ifdef HAVE_SYS_SOCKET_H
-# include <sys/socket.h>
-#endif
-#ifdef HAVE_WS2TCPIP_H
-# include <ws2tcpip.h>
-#endif
-
-"
-if test "x$ac_cv_type_socklen_t" = xyes; then :
-
-else
-
-$as_echo "#define socklen_t int" >>confdefs.h
-
-fi
-
-for ac_header in sys/param.h sys/mount.h
-do :
- as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
-ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default
-
-
- #if HAVE_SYS_PARAM_H
- # include <sys/param.h>
- #endif
-
-
-"
-if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
- cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-ac_fn_c_check_type "$LINENO" "in_addr_t" "ac_cv_type_in_addr_t" "
-#if HAVE_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#if HAVE_NETINET_IN_H
-# include <netinet/in.h>
-#endif
-"
-if test "x$ac_cv_type_in_addr_t" = xyes; then :
-
-else
-
-$as_echo "#define in_addr_t uint32_t" >>confdefs.h
-
-fi
-
-ac_fn_c_check_type "$LINENO" "in_port_t" "ac_cv_type_in_port_t" "
-#if HAVE_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#if HAVE_NETINET_IN_H
-# include <netinet/in.h>
-#endif
-"
-if test "x$ac_cv_type_in_port_t" = xyes; then :
-
-else
-
-$as_echo "#define in_port_t uint16_t" >>confdefs.h
-
-fi
-
-
-# check to see if libraries are needed for these functions.
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing socket" >&5
-$as_echo_n "checking for library containing socket... " >&6; }
-if ${ac_cv_search_socket+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-/* Override any GCC internal prototype to avoid an error.
- Use char because int might match the return type of a GCC
- builtin and then its argument prototype would still apply. */
-#ifdef __cplusplus
-extern "C"
-#endif
-char socket ();
-int
-main ()
-{
-return socket ();
- ;
- return 0;
-}
-_ACEOF
-for ac_lib in '' socket; do
- if test -z "$ac_lib"; then
- ac_res="none required"
- else
- ac_res=-l$ac_lib
- LIBS="-l$ac_lib $ac_func_search_save_LIBS"
- fi
- if ac_fn_c_try_link "$LINENO"; then :
- ac_cv_search_socket=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
- conftest$ac_exeext
- if ${ac_cv_search_socket+:} false; then :
- break
-fi
-done
-if ${ac_cv_search_socket+:} false; then :
-
-else
- ac_cv_search_socket=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_socket" >&5
-$as_echo "$ac_cv_search_socket" >&6; }
-ac_res=$ac_cv_search_socket
-if test "$ac_res" != no; then :
- test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-fi
-
-tmp_LIBS="$LIBS"
-LIBS=
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing inet_pton" >&5
-$as_echo_n "checking for library containing inet_pton... " >&6; }
-if ${ac_cv_search_inet_pton+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-/* Override any GCC internal prototype to avoid an error.
- Use char because int might match the return type of a GCC
- builtin and then its argument prototype would still apply. */
-#ifdef __cplusplus
-extern "C"
-#endif
-char inet_pton ();
-int
-main ()
-{
-return inet_pton ();
- ;
- return 0;
-}
-_ACEOF
-for ac_lib in '' nsl; do
- if test -z "$ac_lib"; then
- ac_res="none required"
- else
- ac_res=-l$ac_lib
- LIBS="-l$ac_lib $ac_func_search_save_LIBS"
- fi
- if ac_fn_c_try_link "$LINENO"; then :
- ac_cv_search_inet_pton=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
- conftest$ac_exeext
- if ${ac_cv_search_inet_pton+:} false; then :
- break
-fi
-done
-if ${ac_cv_search_inet_pton+:} false; then :
-
-else
- ac_cv_search_inet_pton=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_inet_pton" >&5
-$as_echo "$ac_cv_search_inet_pton" >&6; }
-ac_res=$ac_cv_search_inet_pton
-if test "$ac_res" != no; then :
- test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-fi
-
-LIBNSL_LIBS=$LIBS
-
-LIBS="$tmp_LIBS"
-
-tmp_CPPFLAGS="$CPPFLAGS"
-tmp_LDFLAGS="$LDFLAGS"
-tmp_LIBS="$LIBS"
-
-
-
-# Check whether --with-ssl was given.
-if test "${with_ssl+set}" = set; then :
- withval=$with_ssl;
-
-else
-
- withval="yes"
-
-fi
-
-
- withval=$withval
- if test x_$withval != x_no; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for SSL" >&5
-$as_echo_n "checking for SSL... " >&6; }
- if test x_$withval = x_ -o x_$withval = x_yes; then
- withval="/usr/local/ssl /usr/lib/ssl /usr/ssl /usr/pkg /usr/local /opt/local /usr/sfw /usr"
- fi
- for dir in $withval; do
- ssldir="$dir"
- if test -f "$dir/include/openssl/ssl.h"; then
- found_ssl="yes"
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_SSL /**/
-_ACEOF
-
- if test "$ssldir" != "/usr"; then
- CPPFLAGS="$CPPFLAGS -I$ssldir/include"
- LIBSSL_CPPFLAGS="$LIBSSL_CPPFLAGS -I$ssldir/include"
- fi
- break;
- fi
- done
- if test x_$found_ssl != x_yes; then
- as_fn_error $? "Cannot find the SSL libraries in $withval" "$LINENO" 5
- else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: found in $ssldir" >&5
-$as_echo "found in $ssldir" >&6; }
- HAVE_SSL=yes
- if test "$ssldir" != "/usr" -a "$ssldir" != ""; then
- LDFLAGS="$LDFLAGS -L$ssldir/lib"
- LIBSSL_LDFLAGS="$LIBSSL_LDFLAGS -L$ssldir/lib"
-
- if test "x$enable_rpath" = xyes; then
- if echo "$ssldir/lib" | grep "^/" >/dev/null; then
- RUNTIME_PATH="$RUNTIME_PATH -R$ssldir/lib"
- fi
- fi
-
- fi
-
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for HMAC_CTX_init in -lcrypto" >&5
-$as_echo_n "checking for HMAC_CTX_init in -lcrypto... " >&6; }
- LIBS="$LIBS -lcrypto"
- LIBSSL_LIBS="$LIBSSL_LIBS -lcrypto"
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
-
- int HMAC_CTX_init(void);
- (void)HMAC_CTX_init();
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-$as_echo "#define HAVE_HMAC_CTX_INIT 1" >>confdefs.h
-
-
-else
-
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
- # check if -lwsock32 or -lgdi32 are needed.
- BAKLIBS="$LIBS"
- BAKSSLLIBS="$LIBSSL_LIBS"
- LIBS="$LIBS -lgdi32"
- LIBSSL_LIBS="$LIBSSL_LIBS -lgdi32"
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking if -lcrypto needs -lgdi32" >&5
-$as_echo_n "checking if -lcrypto needs -lgdi32... " >&6; }
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
-
- int HMAC_CTX_init(void);
- (void)HMAC_CTX_init();
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-
-
-$as_echo "#define HAVE_HMAC_CTX_INIT 1" >>confdefs.h
-
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-else
-
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
- LIBS="$BAKLIBS"
- LIBSSL_LIBS="$BAKSSLLIBS"
- LIBS="$LIBS -ldl"
- LIBSSL_LIBS="$LIBSSL_LIBS -ldl"
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking if -lcrypto needs -ldl" >&5
-$as_echo_n "checking if -lcrypto needs -ldl... " >&6; }
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-int
-main ()
-{
-
- int HMAC_CTX_init(void);
- (void)HMAC_CTX_init();
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-
-
-$as_echo "#define HAVE_HMAC_CTX_INIT 1" >>confdefs.h
-
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-else
-
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
- as_fn_error $? "OpenSSL found in $ssldir, but version 0.9.7 or higher is required" "$LINENO" 5
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
- fi
-
-
- # openssl engine functionality needs dlopen().
- BAKLIBS="$LIBS"
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing dlopen" >&5
-$as_echo_n "checking for library containing dlopen... " >&6; }
-if ${ac_cv_search_dlopen+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-/* Override any GCC internal prototype to avoid an error.
- Use char because int might match the return type of a GCC
- builtin and then its argument prototype would still apply. */
-#ifdef __cplusplus
-extern "C"
-#endif
-char dlopen ();
-int
-main ()
-{
-return dlopen ();
- ;
- return 0;
-}
-_ACEOF
-for ac_lib in '' dl; do
- if test -z "$ac_lib"; then
- ac_res="none required"
- else
- ac_res=-l$ac_lib
- LIBS="-l$ac_lib $ac_func_search_save_LIBS"
- fi
- if ac_fn_c_try_link "$LINENO"; then :
- ac_cv_search_dlopen=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
- conftest$ac_exeext
- if ${ac_cv_search_dlopen+:} false; then :
- break
-fi
-done
-if ${ac_cv_search_dlopen+:} false; then :
-
-else
- ac_cv_search_dlopen=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_dlopen" >&5
-$as_echo "$ac_cv_search_dlopen" >&6; }
-ac_res=$ac_cv_search_dlopen
-if test "$ac_res" != no; then :
- test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-fi
-
- if test "$LIBS" != "$BAKLIBS"; then
- LIBSSL_LIBS="$LIBSSL_LIBS -ldl"
- fi
- fi
-for ac_header in openssl/ssl.h
-do :
- ac_fn_c_check_header_compile "$LINENO" "openssl/ssl.h" "ac_cv_header_openssl_ssl_h" "$ac_includes_default
-"
-if test "x$ac_cv_header_openssl_ssl_h" = xyes; then :
- cat >>confdefs.h <<_ACEOF
-#define HAVE_OPENSSL_SSL_H 1
-_ACEOF
-
-fi
-
-done
-
-for ac_header in openssl/err.h
-do :
- ac_fn_c_check_header_compile "$LINENO" "openssl/err.h" "ac_cv_header_openssl_err_h" "$ac_includes_default
-"
-if test "x$ac_cv_header_openssl_err_h" = xyes; then :
- cat >>confdefs.h <<_ACEOF
-#define HAVE_OPENSSL_ERR_H 1
-_ACEOF
-
-fi
-
-done
-
-for ac_header in openssl/rand.h
-do :
- ac_fn_c_check_header_compile "$LINENO" "openssl/rand.h" "ac_cv_header_openssl_rand_h" "$ac_includes_default
-"
-if test "x$ac_cv_header_openssl_rand_h" = xyes; then :
- cat >>confdefs.h <<_ACEOF
-#define HAVE_OPENSSL_RAND_H 1
-_ACEOF
-
-fi
-
-done
-
-
-
-
-
-
-
-
-CPPFLAGS="$tmp_CPPFLAGS"
-LDFLAGS="$tmp_LDFLAGS"
-LIBS="$tmp_LIBS"
-
-# use libcrypto to check the following:
-tmp_LDFLAGS="$LDFLAGS"
-tmp_LIBS="$LIBS"
-LDFLAGS="$LDFLAGS $LIBSSL_LDFLAGS"
-LIBS="$LIBS $LIBSSL_LIBS"
-# Check whether --enable-sha2 was given.
-if test "${enable_sha2+set}" = set; then :
- enableval=$enable_sha2;
-fi
-
-case "$enable_sha2" in
- no)
- ;;
- *)
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for SHA256 and SHA512" >&5
-$as_echo_n "checking for SHA256 and SHA512... " >&6; }
- ac_fn_c_check_func "$LINENO" "SHA256_Init" "ac_cv_func_SHA256_Init"
-if test "x$ac_cv_func_SHA256_Init" = xyes; then :
-
-else
-
- as_fn_error $? "SHA2 enabled, but no SHA2 functions found in OpenSSL" "$LINENO" 5
-
-fi
-
-
-cat >>confdefs.h <<_ACEOF
-#define USE_SHA2 1
-_ACEOF
-
- ;;
-esac
-
-# Check whether --enable-gost was given.
-if test "${enable_gost+set}" = set; then :
- enableval=$enable_gost;
-fi
-
-case "$enable_gost" in
- no)
- ;;
- *)
- if test "x$HAVE_SSL" != "xyes"; then
- as_fn_error $? "GOST enabled, but no SSL support" "$LINENO" 5
- fi
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for GOST" >&5
-$as_echo_n "checking for GOST... " >&6; }
- ac_fn_c_check_func "$LINENO" "EVP_PKEY_set_type_str" "ac_cv_func_EVP_PKEY_set_type_str"
-if test "x$ac_cv_func_EVP_PKEY_set_type_str" = xyes; then :
-
-else
- as_fn_error $? "OpenSSL >= 1.0.0 is needed for GOST support or rerun with --disable-gost" "$LINENO" 5
-fi
-
- ac_fn_c_check_func "$LINENO" "EC_KEY_new" "ac_cv_func_EC_KEY_new"
-if test "x$ac_cv_func_EC_KEY_new" = xyes; then :
-
-else
- as_fn_error $? "No ECC functions found in OpenSSL: please upgrade OpenSSL or rerun with --disable-gost" "$LINENO" 5
-fi
-
-
-cat >>confdefs.h <<_ACEOF
-#define USE_GOST 1
-_ACEOF
-
- ;;
-esac
-
-# Check whether --enable-ecdsa was given.
-if test "${enable_ecdsa+set}" = set; then :
- enableval=$enable_ecdsa;
-fi
-
-case "$enable_ecdsa" in
- yes)
- ac_fn_c_check_func "$LINENO" "ECDSA_sign" "ac_cv_func_ECDSA_sign"
-if test "x$ac_cv_func_ECDSA_sign" = xyes; then :
-
-else
- as_fn_error $? "OpenSSL does not support ECDSA" "$LINENO" 5
-fi
-
-
-cat >>confdefs.h <<_ACEOF
-#define USE_ECDSA 1
-_ACEOF
-
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING:
- *****************************************************************
- *** YOU HAVE ENABLED ECDSA WHICH IS EXPERIMENTAL AT THIS TIME ***
- *** PLEASE DO NOT USE THIS ON THE PUBLIC INTERNET ***
- *****************************************************************" >&5
-$as_echo "$as_me: WARNING:
- *****************************************************************
- *** YOU HAVE ENABLED ECDSA WHICH IS EXPERIMENTAL AT THIS TIME ***
- *** PLEASE DO NOT USE THIS ON THE PUBLIC INTERNET ***
- *****************************************************************" >&2;}
- ;;
- no|*)
- ;;
-esac
-
-LDFLAGS="$tmp_LDFLAGS"
-LIBS="$tmp_LIBS"
-
-#AC_CHECK_HEADER(ldns/ldns.h,, [
-# AC_MSG_ERROR([Can't find ldns headers (make copy-headers in devel source.)])
-# ], [AC_INCLUDES_DEFAULT]
-#)
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for pcap_open_offline in -lpcap" >&5
-$as_echo_n "checking for pcap_open_offline in -lpcap... " >&6; }
-if ${ac_cv_lib_pcap_pcap_open_offline+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- ac_check_lib_save_LIBS=$LIBS
-LIBS="-lpcap $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-/* Override any GCC internal prototype to avoid an error.
- Use char because int might match the return type of a GCC
- builtin and then its argument prototype would still apply. */
-#ifdef __cplusplus
-extern "C"
-#endif
-char pcap_open_offline ();
-int
-main ()
-{
-return pcap_open_offline ();
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
- ac_cv_lib_pcap_pcap_open_offline=yes
-else
- ac_cv_lib_pcap_pcap_open_offline=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_pcap_pcap_open_offline" >&5
-$as_echo "$ac_cv_lib_pcap_pcap_open_offline" >&6; }
-if test "x$ac_cv_lib_pcap_pcap_open_offline" = xyes; then :
- cat >>confdefs.h <<_ACEOF
-#define HAVE_LIBPCAP 1
-_ACEOF
-
- LIBS="-lpcap $LIBS"
-
-else
-
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Can't find pcap library (needed for ldns-dpa, will not build dpa now.)" >&5
-$as_echo "$as_me: WARNING: Can't find pcap library (needed for ldns-dpa, will not build dpa now.)" >&2;}
-
-
-fi
-
-
-
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for getaddrinfo" >&5
-$as_echo_n "checking for getaddrinfo... " >&6; }
-if ${ac_cv_func_getaddrinfo+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- ac_cv_func_getaddrinfo=no
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-#ifdef __cplusplus
-extern "C"
-{
-#endif
-char* getaddrinfo();
-char* (*f) () = getaddrinfo;
-#ifdef __cplusplus
-}
-#endif
-int main() {
- ;
- return 0;
-}
-
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
- ac_cv_func_getaddrinfo="yes"
-else
- ORIGLIBS="$LIBS"
-LIBS="$LIBS -lws2_32"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-#ifdef HAVE_WS2TCPIP_H
-#include <ws2tcpip.h>
-#endif
-
-int
-main ()
-{
-
- (void)getaddrinfo(NULL, NULL, NULL, NULL);
-
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
- ac_cv_func_getaddrinfo="yes"
-LDFLAGS="$LDFLAGS -lws2_32"
-
-else
- ac_cv_func_getaddrinfo="no"
-LIBS="$ORIGLIBS"
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
-
-fi
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_getaddrinfo" >&5
-$as_echo "$ac_cv_func_getaddrinfo" >&6; }
-if test $ac_cv_func_getaddrinfo = yes; then
-
-$as_echo "#define HAVE_GETADDRINFO 1" >>confdefs.h
-
-fi
-
-
-ac_fn_c_check_type "$LINENO" "pid_t" "ac_cv_type_pid_t" "$ac_includes_default"
-if test "x$ac_cv_type_pid_t" = xyes; then :
-
-else
-
-cat >>confdefs.h <<_ACEOF
-#define pid_t int
-_ACEOF
-
-fi
-
-for ac_header in vfork.h
-do :
- ac_fn_c_check_header_mongrel "$LINENO" "vfork.h" "ac_cv_header_vfork_h" "$ac_includes_default"
-if test "x$ac_cv_header_vfork_h" = xyes; then :
- cat >>confdefs.h <<_ACEOF
-#define HAVE_VFORK_H 1
-_ACEOF
-
-fi
-
-done
-
-for ac_func in fork vfork
-do :
- as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
-ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
- cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-done
-
-if test "x$ac_cv_func_fork" = xyes; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for working fork" >&5
-$as_echo_n "checking for working fork... " >&6; }
-if ${ac_cv_func_fork_works+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test "$cross_compiling" = yes; then :
- ac_cv_func_fork_works=cross
-else
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-$ac_includes_default
-int
-main ()
-{
-
- /* By Ruediger Kuhlmann. */
- return fork () < 0;
-
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
- ac_cv_func_fork_works=yes
-else
- ac_cv_func_fork_works=no
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
- conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_fork_works" >&5
-$as_echo "$ac_cv_func_fork_works" >&6; }
-
-else
- ac_cv_func_fork_works=$ac_cv_func_fork
-fi
-if test "x$ac_cv_func_fork_works" = xcross; then
- case $host in
- *-*-amigaos* | *-*-msdosdjgpp*)
- # Override, as these systems have only a dummy fork() stub
- ac_cv_func_fork_works=no
- ;;
- *)
- ac_cv_func_fork_works=yes
- ;;
- esac
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: result $ac_cv_func_fork_works guessed because of cross compilation" >&5
-$as_echo "$as_me: WARNING: result $ac_cv_func_fork_works guessed because of cross compilation" >&2;}
-fi
-ac_cv_func_vfork_works=$ac_cv_func_vfork
-if test "x$ac_cv_func_vfork" = xyes; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for working vfork" >&5
-$as_echo_n "checking for working vfork... " >&6; }
-if ${ac_cv_func_vfork_works+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- if test "$cross_compiling" = yes; then :
- ac_cv_func_vfork_works=cross
-else
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-/* Thanks to Paul Eggert for this test. */
-$ac_includes_default
-#include <sys/wait.h>
-#ifdef HAVE_VFORK_H
-# include <vfork.h>
-#endif
-/* On some sparc systems, changes by the child to local and incoming
- argument registers are propagated back to the parent. The compiler
- is told about this with #include <vfork.h>, but some compilers
- (e.g. gcc -O) don't grok <vfork.h>. Test for this by using a
- static variable whose address is put into a register that is
- clobbered by the vfork. */
-static void
-#ifdef __cplusplus
-sparc_address_test (int arg)
-# else
-sparc_address_test (arg) int arg;
-#endif
-{
- static pid_t child;
- if (!child) {
- child = vfork ();
- if (child < 0) {
- perror ("vfork");
- _exit(2);
- }
- if (!child) {
- arg = getpid();
- write(-1, "", 0);
- _exit (arg);
- }
- }
-}
-
-int
-main ()
-{
- pid_t parent = getpid ();
- pid_t child;
-
- sparc_address_test (0);
-
- child = vfork ();
-
- if (child == 0) {
- /* Here is another test for sparc vfork register problems. This
- test uses lots of local variables, at least as many local
- variables as main has allocated so far including compiler
- temporaries. 4 locals are enough for gcc 1.40.3 on a Solaris
- 4.1.3 sparc, but we use 8 to be safe. A buggy compiler should
- reuse the register of parent for one of the local variables,
- since it will think that parent can't possibly be used any more
- in this routine. Assigning to the local variable will thus
- munge parent in the parent process. */
- pid_t
- p = getpid(), p1 = getpid(), p2 = getpid(), p3 = getpid(),
- p4 = getpid(), p5 = getpid(), p6 = getpid(), p7 = getpid();
- /* Convince the compiler that p..p7 are live; otherwise, it might
- use the same hardware register for all 8 local variables. */
- if (p != p1 || p != p2 || p != p3 || p != p4
- || p != p5 || p != p6 || p != p7)
- _exit(1);
-
- /* On some systems (e.g. IRIX 3.3), vfork doesn't separate parent
- from child file descriptors. If the child closes a descriptor
- before it execs or exits, this munges the parent's descriptor
- as well. Test for this by closing stdout in the child. */
- _exit(close(fileno(stdout)) != 0);
- } else {
- int status;
- struct stat st;
-
- while (wait(&status) != child)
- ;
- return (
- /* Was there some problem with vforking? */
- child < 0
-
- /* Did the child fail? (This shouldn't happen.) */
- || status
-
- /* Did the vfork/compiler bug occur? */
- || parent != getpid()
-
- /* Did the file descriptor bug occur? */
- || fstat(fileno(stdout), &st) != 0
- );
- }
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
- ac_cv_func_vfork_works=yes
-else
- ac_cv_func_vfork_works=no
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
- conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_vfork_works" >&5
-$as_echo "$ac_cv_func_vfork_works" >&6; }
-
-fi;
-if test "x$ac_cv_func_fork_works" = xcross; then
- ac_cv_func_vfork_works=$ac_cv_func_vfork
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: result $ac_cv_func_vfork_works guessed because of cross compilation" >&5
-$as_echo "$as_me: WARNING: result $ac_cv_func_vfork_works guessed because of cross compilation" >&2;}
-fi
-
-if test "x$ac_cv_func_vfork_works" = xyes; then
-
-$as_echo "#define HAVE_WORKING_VFORK 1" >>confdefs.h
-
-else
-
-$as_echo "#define vfork fork" >>confdefs.h
-
-fi
-if test "x$ac_cv_func_fork_works" = xyes; then
-
-$as_echo "#define HAVE_WORKING_FORK 1" >>confdefs.h
-
-fi
-
-for ac_func in isblank srandom random sleep
-do :
- as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
-ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
- cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-done
-
-ac_fn_c_check_decl "$LINENO" "in6addr_any" "ac_cv_have_decl_in6addr_any" "$ac_includes_default
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_TIME_H
-#include <time.h>
-#endif
-#ifdef HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
-#ifdef HAVE_SYS_SELECT_H
-#include <sys/select.h>
-#endif
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_NETINET_UDP_H
-#include <netinet/udp.h>
-#endif
-#ifdef HAVE_NETINET_IGMP_H
-#include <netinet/igmp.h>
-#endif
-
-"
-if test "x$ac_cv_have_decl_in6addr_any" = xyes; then :
- ac_have_decl=1
-else
- ac_have_decl=0
-fi
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_DECL_IN6ADDR_ANY $ac_have_decl
-_ACEOF
-
-
-# check for ldns
-
-# Check whether --with-ldns was given.
-if test "${with_ldns+set}" = set; then :
- withval=$with_ldns;
- specialldnsdir="$withval"
- CPPFLAGS="$CPPFLAGS -I$withval/include"
- LDFLAGS="-L$withval -L$withval/lib $LDFLAGS"
- LDNSDIR="$withval"
-
-
-fi
-
-
-# check for ldns development source tree
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ldns devel source" >&5
-$as_echo_n "checking for ldns devel source... " >&6; }
-ldns_dev_dir=..
-if test -f $ldns_dev_dir/ldns/util.h && \
- grep LDNS_VERSION $ldns_dev_dir/ldns/util.h >/dev/null; then
- ldns_version=`grep LDNS_VERSION $ldns_dev_dir/ldns/util.h | sed -e 's/^.*"\(.*\)".*$/\1/'`
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: using $ldns_dev_dir with $ldns_version" >&5
-$as_echo "using $ldns_dev_dir with $ldns_version" >&6; }
- CPPFLAGS="$CPPFLAGS -I$ldns_dev_dir/include"
- LDFLAGS="-L$ldns_dev_dir -L$ldns_dev_dir/lib $LDFLAGS"
- LIBS="$LIBS -lldns"
-
-$as_echo "#define HAVE_LIBLDNS 1" >>confdefs.h
-
- LDNSDIR="$ldns_dev_dir"
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ldns_rr_new in -lldns" >&5
-$as_echo_n "checking for ldns_rr_new in -lldns... " >&6; }
-if ${ac_cv_lib_ldns_ldns_rr_new+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- ac_check_lib_save_LIBS=$LIBS
-LIBS="-lldns $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-/* Override any GCC internal prototype to avoid an error.
- Use char because int might match the return type of a GCC
- builtin and then its argument prototype would still apply. */
-#ifdef __cplusplus
-extern "C"
-#endif
-char ldns_rr_new ();
-int
-main ()
-{
-return ldns_rr_new ();
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
- ac_cv_lib_ldns_ldns_rr_new=yes
-else
- ac_cv_lib_ldns_ldns_rr_new=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ldns_ldns_rr_new" >&5
-$as_echo "$ac_cv_lib_ldns_ldns_rr_new" >&6; }
-if test "x$ac_cv_lib_ldns_ldns_rr_new" = xyes; then :
- cat >>confdefs.h <<_ACEOF
-#define HAVE_LIBLDNS 1
-_ACEOF
-
- LIBS="-lldns $LIBS"
-
-else
-
- as_fn_error $? "Can't find ldns library" "$LINENO" 5
-
-
-fi
-
-fi
-
-
-
-
-
-
-ac_config_files="$ac_config_files Makefile"
-
-ac_config_headers="$ac_config_headers config.h"
-
-cat >confcache <<\_ACEOF
-# This file is a shell script that caches the results of configure
-# tests run on this system so they can be shared between configure
-# scripts and configure runs, see configure's option --config-cache.
-# It is not useful on other systems. If it contains results you don't
-# want to keep, you may remove or edit it.
-#
-# config.status only pays attention to the cache file if you give it
-# the --recheck option to rerun configure.
-#
-# `ac_cv_env_foo' variables (set or unset) will be overridden when
-# loading this file, other *unset* `ac_cv_foo' will be assigned the
-# following values.
-
-_ACEOF
-
-# The following way of writing the cache mishandles newlines in values,
-# but we know of no workaround that is simple, portable, and efficient.
-# So, we kill variables containing newlines.
-# Ultrix sh set writes to stderr and can't be redirected directly,
-# and sets the high bit in the cache file unless we assign to the vars.
-(
- for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do
- eval ac_val=\$$ac_var
- case $ac_val in #(
- *${as_nl}*)
- case $ac_var in #(
- *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5
-$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;;
- esac
- case $ac_var in #(
- _ | IFS | as_nl) ;; #(
- BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #(
- *) { eval $ac_var=; unset $ac_var;} ;;
- esac ;;
- esac
- done
-
- (set) 2>&1 |
- case $as_nl`(ac_space=' '; set) 2>&1` in #(
- *${as_nl}ac_space=\ *)
- # `set' does not quote correctly, so add quotes: double-quote
- # substitution turns \\\\ into \\, and sed turns \\ into \.
- sed -n \
- "s/'/'\\\\''/g;
- s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p"
- ;; #(
- *)
- # `set' quotes correctly as required by POSIX, so do not add quotes.
- sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p"
- ;;
- esac |
- sort
-) |
- sed '
- /^ac_cv_env_/b end
- t clear
- :clear
- s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/
- t end
- s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/
- :end' >>confcache
-if diff "$cache_file" confcache >/dev/null 2>&1; then :; else
- if test -w "$cache_file"; then
- if test "x$cache_file" != "x/dev/null"; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5
-$as_echo "$as_me: updating cache $cache_file" >&6;}
- if test ! -f "$cache_file" || test -h "$cache_file"; then
- cat confcache >"$cache_file"
- else
- case $cache_file in #(
- */* | ?:*)
- mv -f confcache "$cache_file"$$ &&
- mv -f "$cache_file"$$ "$cache_file" ;; #(
- *)
- mv -f confcache "$cache_file" ;;
- esac
- fi
- fi
- else
- { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5
-$as_echo "$as_me: not updating unwritable cache $cache_file" >&6;}
- fi
-fi
-rm -f confcache
-
-test "x$prefix" = xNONE && prefix=$ac_default_prefix
-# Let make expand exec_prefix.
-test "x$exec_prefix" = xNONE && exec_prefix='${prefix}'
-
-DEFS=-DHAVE_CONFIG_H
-
-ac_libobjs=
-ac_ltlibobjs=
-U=
-for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue
- # 1. Remove the extension, and $U if already installed.
- ac_script='s/\$U\././;s/\.o$//;s/\.obj$//'
- ac_i=`$as_echo "$ac_i" | sed "$ac_script"`
- # 2. Prepend LIBOBJDIR. When used with automake>=1.10 LIBOBJDIR
- # will be set to the directory where LIBOBJS objects are built.
- as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext"
- as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo'
-done
-LIBOBJS=$ac_libobjs
-
-LTLIBOBJS=$ac_ltlibobjs
-
-
-
-: "${CONFIG_STATUS=./config.status}"
-ac_write_fail=0
-ac_clean_files_save=$ac_clean_files
-ac_clean_files="$ac_clean_files $CONFIG_STATUS"
-{ $as_echo "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5
-$as_echo "$as_me: creating $CONFIG_STATUS" >&6;}
-as_write_fail=0
-cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1
-#! $SHELL
-# Generated by $as_me.
-# Run this file to recreate the current configuration.
-# Compiler output produced by configure, useful for debugging
-# configure, is in config.log if it exists.
-
-debug=false
-ac_cs_recheck=false
-ac_cs_silent=false
-
-SHELL=\${CONFIG_SHELL-$SHELL}
-export SHELL
-_ASEOF
-cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1
-## -------------------- ##
-## M4sh Initialization. ##
-## -------------------- ##
-
-# Be more Bourne compatible
-DUALCASE=1; export DUALCASE # for MKS sh
-if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then :
- emulate sh
- NULLCMD=:
- # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
- # is contrary to our usage. Disable this feature.
- alias -g '${1+"$@"}'='"$@"'
- setopt NO_GLOB_SUBST
-else
- case `(set -o) 2>/dev/null` in #(
- *posix*) :
- set -o posix ;; #(
- *) :
- ;;
-esac
-fi
-
-
-as_nl='
-'
-export as_nl
-# Printing a long string crashes Solaris 7 /usr/bin/printf.
-as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
-as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo
-as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo
-# Prefer a ksh shell builtin over an external printf program on Solaris,
-# but without wasting forks for bash or zsh.
-if test -z "$BASH_VERSION$ZSH_VERSION" \
- && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then
- as_echo='print -r --'
- as_echo_n='print -rn --'
-elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then
- as_echo='printf %s\n'
- as_echo_n='printf %s'
-else
- if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then
- as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"'
- as_echo_n='/usr/ucb/echo -n'
- else
- as_echo_body='eval expr "X$1" : "X\\(.*\\)"'
- as_echo_n_body='eval
- arg=$1;
- case $arg in #(
- *"$as_nl"*)
- expr "X$arg" : "X\\(.*\\)$as_nl";
- arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;;
- esac;
- expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl"
- '
- export as_echo_n_body
- as_echo_n='sh -c $as_echo_n_body as_echo'
- fi
- export as_echo_body
- as_echo='sh -c $as_echo_body as_echo'
-fi
-
-# The user is always right.
-if test "${PATH_SEPARATOR+set}" != set; then
- PATH_SEPARATOR=:
- (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && {
- (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 ||
- PATH_SEPARATOR=';'
- }
-fi
-
-
-# IFS
-# We need space, tab and new line, in precisely that order. Quoting is
-# there to prevent editors from complaining about space-tab.
-# (If _AS_PATH_WALK were called with IFS unset, it would disable word
-# splitting by setting IFS to empty value.)
-IFS=" "" $as_nl"
-
-# Find who we are. Look in the path if we contain no directory separator.
-as_myself=
-case $0 in #((
- *[\\/]* ) as_myself=$0 ;;
- *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
- IFS=$as_save_IFS
- test -z "$as_dir" && as_dir=.
- test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break
- done
-IFS=$as_save_IFS
-
- ;;
-esac
-# We did not find ourselves, most probably we were run as `sh COMMAND'
-# in which case we are not to be found in the path.
-if test "x$as_myself" = x; then
- as_myself=$0
-fi
-if test ! -f "$as_myself"; then
- $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
- exit 1
-fi
-
-# Unset variables that we do not need and which cause bugs (e.g. in
-# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1"
-# suppresses any "Segmentation fault" message there. '((' could
-# trigger a bug in pdksh 5.2.14.
-for as_var in BASH_ENV ENV MAIL MAILPATH
-do eval test x\${$as_var+set} = xset \
- && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || :
-done
-PS1='$ '
-PS2='> '
-PS4='+ '
-
-# NLS nuisances.
-LC_ALL=C
-export LC_ALL
-LANGUAGE=C
-export LANGUAGE
-
-# CDPATH.
-(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
-
-
-# as_fn_error STATUS ERROR [LINENO LOG_FD]
-# ----------------------------------------
-# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are
-# provided, also output the error to LOG_FD, referencing LINENO. Then exit the
-# script with STATUS, using 1 if that was 0.
-as_fn_error ()
-{
- as_status=$1; test $as_status -eq 0 && as_status=1
- if test "$4"; then
- as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
- $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4
- fi
- $as_echo "$as_me: error: $2" >&2
- as_fn_exit $as_status
-} # as_fn_error
-
-
-# as_fn_set_status STATUS
-# -----------------------
-# Set $? to STATUS, without forking.
-as_fn_set_status ()
-{
- return $1
-} # as_fn_set_status
-
-# as_fn_exit STATUS
-# -----------------
-# Exit the shell with STATUS, even in a "trap 0" or "set -e" context.
-as_fn_exit ()
-{
- set +e
- as_fn_set_status $1
- exit $1
-} # as_fn_exit
-
-# as_fn_unset VAR
-# ---------------
-# Portably unset VAR.
-as_fn_unset ()
-{
- { eval $1=; unset $1;}
-}
-as_unset=as_fn_unset
-# as_fn_append VAR VALUE
-# ----------------------
-# Append the text in VALUE to the end of the definition contained in VAR. Take
-# advantage of any shell optimizations that allow amortized linear growth over
-# repeated appends, instead of the typical quadratic growth present in naive
-# implementations.
-if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then :
- eval 'as_fn_append ()
- {
- eval $1+=\$2
- }'
-else
- as_fn_append ()
- {
- eval $1=\$$1\$2
- }
-fi # as_fn_append
-
-# as_fn_arith ARG...
-# ------------------
-# Perform arithmetic evaluation on the ARGs, and store the result in the
-# global $as_val. Take advantage of shells that can avoid forks. The arguments
-# must be portable across $(()) and expr.
-if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then :
- eval 'as_fn_arith ()
- {
- as_val=$(( $* ))
- }'
-else
- as_fn_arith ()
- {
- as_val=`expr "$@" || test $? -eq 1`
- }
-fi # as_fn_arith
-
-
-if expr a : '\(a\)' >/dev/null 2>&1 &&
- test "X`expr 00001 : '.*\(...\)'`" = X001; then
- as_expr=expr
-else
- as_expr=false
-fi
-
-if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then
- as_basename=basename
-else
- as_basename=false
-fi
-
-if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then
- as_dirname=dirname
-else
- as_dirname=false
-fi
-
-as_me=`$as_basename -- "$0" ||
-$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
- X"$0" : 'X\(//\)$' \| \
- X"$0" : 'X\(/\)' \| . 2>/dev/null ||
-$as_echo X/"$0" |
- sed '/^.*\/\([^/][^/]*\)\/*$/{
- s//\1/
- q
- }
- /^X\/\(\/\/\)$/{
- s//\1/
- q
- }
- /^X\/\(\/\).*/{
- s//\1/
- q
- }
- s/.*/./; q'`
-
-# Avoid depending upon Character Ranges.
-as_cr_letters='abcdefghijklmnopqrstuvwxyz'
-as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
-as_cr_Letters=$as_cr_letters$as_cr_LETTERS
-as_cr_digits='0123456789'
-as_cr_alnum=$as_cr_Letters$as_cr_digits
-
-ECHO_C= ECHO_N= ECHO_T=
-case `echo -n x` in #(((((
--n*)
- case `echo 'xy\c'` in
- *c*) ECHO_T=' ';; # ECHO_T is single tab character.
- xy) ECHO_C='\c';;
- *) echo `echo ksh88 bug on AIX 6.1` > /dev/null
- ECHO_T=' ';;
- esac;;
-*)
- ECHO_N='-n';;
-esac
-
-rm -f conf$$ conf$$.exe conf$$.file
-if test -d conf$$.dir; then
- rm -f conf$$.dir/conf$$.file
-else
- rm -f conf$$.dir
- mkdir conf$$.dir 2>/dev/null
-fi
-if (echo >conf$$.file) 2>/dev/null; then
- if ln -s conf$$.file conf$$ 2>/dev/null; then
- as_ln_s='ln -s'
- # ... but there are two gotchas:
- # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
- # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
- # In both cases, we have to default to `cp -p'.
- ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
- as_ln_s='cp -p'
- elif ln conf$$.file conf$$ 2>/dev/null; then
- as_ln_s=ln
- else
- as_ln_s='cp -p'
- fi
-else
- as_ln_s='cp -p'
-fi
-rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file
-rmdir conf$$.dir 2>/dev/null
-
-
-# as_fn_mkdir_p
-# -------------
-# Create "$as_dir" as a directory, including parents if necessary.
-as_fn_mkdir_p ()
-{
-
- case $as_dir in #(
- -*) as_dir=./$as_dir;;
- esac
- test -d "$as_dir" || eval $as_mkdir_p || {
- as_dirs=
- while :; do
- case $as_dir in #(
- *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'(
- *) as_qdir=$as_dir;;
- esac
- as_dirs="'$as_qdir' $as_dirs"
- as_dir=`$as_dirname -- "$as_dir" ||
-$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$as_dir" : 'X\(//\)[^/]' \| \
- X"$as_dir" : 'X\(//\)$' \| \
- X"$as_dir" : 'X\(/\)' \| . 2>/dev/null ||
-$as_echo X"$as_dir" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
- s//\1/
- q
- }
- /^X\(\/\/\)[^/].*/{
- s//\1/
- q
- }
- /^X\(\/\/\)$/{
- s//\1/
- q
- }
- /^X\(\/\).*/{
- s//\1/
- q
- }
- s/.*/./; q'`
- test -d "$as_dir" && break
- done
- test -z "$as_dirs" || eval "mkdir $as_dirs"
- } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir"
-
-
-} # as_fn_mkdir_p
-if mkdir -p . 2>/dev/null; then
- as_mkdir_p='mkdir -p "$as_dir"'
-else
- test -d ./-p && rmdir ./-p
- as_mkdir_p=false
-fi
-
-if test -x / >/dev/null 2>&1; then
- as_test_x='test -x'
-else
- if ls -dL / >/dev/null 2>&1; then
- as_ls_L_option=L
- else
- as_ls_L_option=
- fi
- as_test_x='
- eval sh -c '\''
- if test -d "$1"; then
- test -d "$1/.";
- else
- case $1 in #(
- -*)set "./$1";;
- esac;
- case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #((
- ???[sx]*):;;*)false;;esac;fi
- '\'' sh
- '
-fi
-as_executable_p=$as_test_x
-
-# Sed expression to map a string onto a valid CPP name.
-as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
-
-# Sed expression to map a string onto a valid variable name.
-as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'"
-
-
-exec 6>&1
-## ----------------------------------- ##
-## Main body of $CONFIG_STATUS script. ##
-## ----------------------------------- ##
-_ASEOF
-test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1
-
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-# Save the log message, to keep $0 and so on meaningful, and to
-# report actual input values of CONFIG_FILES etc. instead of their
-# values after options handling.
-ac_log="
-This file was extended by ldns $as_me 1.6.9, which was
-generated by GNU Autoconf 2.68. Invocation command line was
-
- CONFIG_FILES = $CONFIG_FILES
- CONFIG_HEADERS = $CONFIG_HEADERS
- CONFIG_LINKS = $CONFIG_LINKS
- CONFIG_COMMANDS = $CONFIG_COMMANDS
- $ $0 $@
-
-on `(hostname || uname -n) 2>/dev/null | sed 1q`
-"
-
-_ACEOF
-
-case $ac_config_files in *"
-"*) set x $ac_config_files; shift; ac_config_files=$*;;
-esac
-
-case $ac_config_headers in *"
-"*) set x $ac_config_headers; shift; ac_config_headers=$*;;
-esac
-
-
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
-# Files that config.status was made for.
-config_files="$ac_config_files"
-config_headers="$ac_config_headers"
-
-_ACEOF
-
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-ac_cs_usage="\
-\`$as_me' instantiates files and other configuration actions
-from templates according to the current configuration. Unless the files
-and actions are specified as TAGs, all are instantiated by default.
-
-Usage: $0 [OPTION]... [TAG]...
-
- -h, --help print this help, then exit
- -V, --version print version number and configuration settings, then exit
- --config print configuration, then exit
- -q, --quiet, --silent
- do not print progress messages
- -d, --debug don't remove temporary files
- --recheck update $as_me by reconfiguring in the same conditions
- --file=FILE[:TEMPLATE]
- instantiate the configuration file FILE
- --header=FILE[:TEMPLATE]
- instantiate the configuration header FILE
-
-Configuration files:
-$config_files
-
-Configuration headers:
-$config_headers
-
-Report bugs to <libdns@nlnetlabs.nl>."
-
-_ACEOF
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
-ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
-ac_cs_version="\\
-ldns config.status 1.6.9
-configured by $0, generated by GNU Autoconf 2.68,
- with options \\"\$ac_cs_config\\"
-
-Copyright (C) 2010 Free Software Foundation, Inc.
-This config.status script is free software; the Free Software Foundation
-gives unlimited permission to copy, distribute and modify it."
-
-ac_pwd='$ac_pwd'
-srcdir='$srcdir'
-test -n "\$AWK" || AWK=awk
-_ACEOF
-
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-# The default lists apply if the user does not specify any file.
-ac_need_defaults=:
-while test $# != 0
-do
- case $1 in
- --*=?*)
- ac_option=`expr "X$1" : 'X\([^=]*\)='`
- ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'`
- ac_shift=:
- ;;
- --*=)
- ac_option=`expr "X$1" : 'X\([^=]*\)='`
- ac_optarg=
- ac_shift=:
- ;;
- *)
- ac_option=$1
- ac_optarg=$2
- ac_shift=shift
- ;;
- esac
-
- case $ac_option in
- # Handling of the options.
- -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r)
- ac_cs_recheck=: ;;
- --version | --versio | --versi | --vers | --ver | --ve | --v | -V )
- $as_echo "$ac_cs_version"; exit ;;
- --config | --confi | --conf | --con | --co | --c )
- $as_echo "$ac_cs_config"; exit ;;
- --debug | --debu | --deb | --de | --d | -d )
- debug=: ;;
- --file | --fil | --fi | --f )
- $ac_shift
- case $ac_optarg in
- *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;;
- '') as_fn_error $? "missing file argument" ;;
- esac
- as_fn_append CONFIG_FILES " '$ac_optarg'"
- ac_need_defaults=false;;
- --header | --heade | --head | --hea )
- $ac_shift
- case $ac_optarg in
- *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;;
- esac
- as_fn_append CONFIG_HEADERS " '$ac_optarg'"
- ac_need_defaults=false;;
- --he | --h)
- # Conflict between --help and --header
- as_fn_error $? "ambiguous option: \`$1'
-Try \`$0 --help' for more information.";;
- --help | --hel | -h )
- $as_echo "$ac_cs_usage"; exit ;;
- -q | -quiet | --quiet | --quie | --qui | --qu | --q \
- | -silent | --silent | --silen | --sile | --sil | --si | --s)
- ac_cs_silent=: ;;
-
- # This is an error.
- -*) as_fn_error $? "unrecognized option: \`$1'
-Try \`$0 --help' for more information." ;;
-
- *) as_fn_append ac_config_targets " $1"
- ac_need_defaults=false ;;
-
- esac
- shift
-done
-
-ac_configure_extra_args=
-
-if $ac_cs_silent; then
- exec 6>/dev/null
- ac_configure_extra_args="$ac_configure_extra_args --silent"
-fi
-
-_ACEOF
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
-if \$ac_cs_recheck; then
- set X '$SHELL' '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion
- shift
- \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6
- CONFIG_SHELL='$SHELL'
- export CONFIG_SHELL
- exec "\$@"
-fi
-
-_ACEOF
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-exec 5>>config.log
-{
- echo
- sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX
-## Running $as_me. ##
-_ASBOX
- $as_echo "$ac_log"
-} >&5
-
-_ACEOF
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
-_ACEOF
-
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-
-# Handling of arguments.
-for ac_config_target in $ac_config_targets
-do
- case $ac_config_target in
- "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;;
- "config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;;
-
- *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;;
- esac
-done
-
-
-# If the user did not use the arguments to specify the items to instantiate,
-# then the envvar interface is used. Set only those that are not.
-# We use the long form for the default assignment because of an extremely
-# bizarre bug on SunOS 4.1.3.
-if $ac_need_defaults; then
- test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files
- test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers
-fi
-
-# Have a temporary directory for convenience. Make it in the build tree
-# simply because there is no reason against having it here, and in addition,
-# creating and moving files from /tmp can sometimes cause problems.
-# Hook for its removal unless debugging.
-# Note that there is a small window in which the directory will not be cleaned:
-# after its creation but before its name has been assigned to `$tmp'.
-$debug ||
-{
- tmp= ac_tmp=
- trap 'exit_status=$?
- : "${ac_tmp:=$tmp}"
- { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status
-' 0
- trap 'as_fn_exit 1' 1 2 13 15
-}
-# Create a (secure) tmp directory for tmp files.
-
-{
- tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` &&
- test -d "$tmp"
-} ||
-{
- tmp=./conf$$-$RANDOM
- (umask 077 && mkdir "$tmp")
-} || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5
-ac_tmp=$tmp
-
-# Set up the scripts for CONFIG_FILES section.
-# No need to generate them if there are no CONFIG_FILES.
-# This happens for instance with `./config.status config.h'.
-if test -n "$CONFIG_FILES"; then
-
-
-ac_cr=`echo X | tr X '\015'`
-# On cygwin, bash can eat \r inside `` if the user requested igncr.
-# But we know of no other shell where ac_cr would be empty at this
-# point, so we can use a bashism as a fallback.
-if test "x$ac_cr" = x; then
- eval ac_cr=\$\'\\r\'
-fi
-ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' </dev/null 2>/dev/null`
-if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then
- ac_cs_awk_cr='\\r'
-else
- ac_cs_awk_cr=$ac_cr
-fi
-
-echo 'BEGIN {' >"$ac_tmp/subs1.awk" &&
-_ACEOF
-
-
-{
- echo "cat >conf$$subs.awk <<_ACEOF" &&
- echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' &&
- echo "_ACEOF"
-} >conf$$subs.sh ||
- as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5
-ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'`
-ac_delim='%!_!# '
-for ac_last_try in false false false false false :; do
- . ./conf$$subs.sh ||
- as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5
-
- ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X`
- if test $ac_delim_n = $ac_delim_num; then
- break
- elif $ac_last_try; then
- as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5
- else
- ac_delim="$ac_delim!$ac_delim _$ac_delim!! "
- fi
-done
-rm -f conf$$subs.sh
-
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
-cat >>"\$ac_tmp/subs1.awk" <<\\_ACAWK &&
-_ACEOF
-sed -n '
-h
-s/^/S["/; s/!.*/"]=/
-p
-g
-s/^[^!]*!//
-:repl
-t repl
-s/'"$ac_delim"'$//
-t delim
-:nl
-h
-s/\(.\{148\}\)..*/\1/
-t more1
-s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/
-p
-n
-b repl
-:more1
-s/["\\]/\\&/g; s/^/"/; s/$/"\\/
-p
-g
-s/.\{148\}//
-t nl
-:delim
-h
-s/\(.\{148\}\)..*/\1/
-t more2
-s/["\\]/\\&/g; s/^/"/; s/$/"/
-p
-b
-:more2
-s/["\\]/\\&/g; s/^/"/; s/$/"\\/
-p
-g
-s/.\{148\}//
-t delim
-' <conf$$subs.awk | sed '
-/^[^""]/{
- N
- s/\n//
-}
-' >>$CONFIG_STATUS || ac_write_fail=1
-rm -f conf$$subs.awk
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
-_ACAWK
-cat >>"\$ac_tmp/subs1.awk" <<_ACAWK &&
- for (key in S) S_is_set[key] = 1
- FS = "\a"
-
-}
-{
- line = $ 0
- nfields = split(line, field, "@")
- substed = 0
- len = length(field[1])
- for (i = 2; i < nfields; i++) {
- key = field[i]
- keylen = length(key)
- if (S_is_set[key]) {
- value = S[key]
- line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3)
- len += length(value) + length(field[++i])
- substed = 1
- } else
- len += 1 + keylen
- }
-
- print line
-}
-
-_ACAWK
-_ACEOF
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then
- sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g"
-else
- cat
-fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \
- || as_fn_error $? "could not setup config files machinery" "$LINENO" 5
-_ACEOF
-
-# VPATH may cause trouble with some makes, so we remove sole $(srcdir),
-# ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and
-# trailing colons and then remove the whole line if VPATH becomes empty
-# (actually we leave an empty line to preserve line numbers).
-if test "x$srcdir" = x.; then
- ac_vpsub='/^[ ]*VPATH[ ]*=[ ]*/{
-h
-s///
-s/^/:/
-s/[ ]*$/:/
-s/:\$(srcdir):/:/g
-s/:\${srcdir}:/:/g
-s/:@srcdir@:/:/g
-s/^:*//
-s/:*$//
-x
-s/\(=[ ]*\).*/\1/
-G
-s/\n//
-s/^[^=]*=[ ]*$//
-}'
-fi
-
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-fi # test -n "$CONFIG_FILES"
-
-# Set up the scripts for CONFIG_HEADERS section.
-# No need to generate them if there are no CONFIG_HEADERS.
-# This happens for instance with `./config.status Makefile'.
-if test -n "$CONFIG_HEADERS"; then
-cat >"$ac_tmp/defines.awk" <<\_ACAWK ||
-BEGIN {
-_ACEOF
-
-# Transform confdefs.h into an awk script `defines.awk', embedded as
-# here-document in config.status, that substitutes the proper values into
-# config.h.in to produce config.h.
-
-# Create a delimiter string that does not exist in confdefs.h, to ease
-# handling of long lines.
-ac_delim='%!_!# '
-for ac_last_try in false false :; do
- ac_tt=`sed -n "/$ac_delim/p" confdefs.h`
- if test -z "$ac_tt"; then
- break
- elif $ac_last_try; then
- as_fn_error $? "could not make $CONFIG_HEADERS" "$LINENO" 5
- else
- ac_delim="$ac_delim!$ac_delim _$ac_delim!! "
- fi
-done
-
-# For the awk script, D is an array of macro values keyed by name,
-# likewise P contains macro parameters if any. Preserve backslash
-# newline sequences.
-
-ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]*
-sed -n '
-s/.\{148\}/&'"$ac_delim"'/g
-t rset
-:rset
-s/^[ ]*#[ ]*define[ ][ ]*/ /
-t def
-d
-:def
-s/\\$//
-t bsnl
-s/["\\]/\\&/g
-s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\
-D["\1"]=" \3"/p
-s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2"/p
-d
-:bsnl
-s/["\\]/\\&/g
-s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\
-D["\1"]=" \3\\\\\\n"\\/p
-t cont
-s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2\\\\\\n"\\/p
-t cont
-d
-:cont
-n
-s/.\{148\}/&'"$ac_delim"'/g
-t clear
-:clear
-s/\\$//
-t bsnlc
-s/["\\]/\\&/g; s/^/"/; s/$/"/p
-d
-:bsnlc
-s/["\\]/\\&/g; s/^/"/; s/$/\\\\\\n"\\/p
-b cont
-' <confdefs.h | sed '
-s/'"$ac_delim"'/"\\\
-"/g' >>$CONFIG_STATUS || ac_write_fail=1
-
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
- for (key in D) D_is_set[key] = 1
- FS = "\a"
-}
-/^[\t ]*#[\t ]*(define|undef)[\t ]+$ac_word_re([\t (]|\$)/ {
- line = \$ 0
- split(line, arg, " ")
- if (arg[1] == "#") {
- defundef = arg[2]
- mac1 = arg[3]
- } else {
- defundef = substr(arg[1], 2)
- mac1 = arg[2]
- }
- split(mac1, mac2, "(") #)
- macro = mac2[1]
- prefix = substr(line, 1, index(line, defundef) - 1)
- if (D_is_set[macro]) {
- # Preserve the white space surrounding the "#".
- print prefix "define", macro P[macro] D[macro]
- next
- } else {
- # Replace #undef with comments. This is necessary, for example,
- # in the case of _POSIX_SOURCE, which is predefined and required
- # on some systems where configure will not decide to define it.
- if (defundef == "undef") {
- print "/*", prefix defundef, macro, "*/"
- next
- }
- }
-}
-{ print }
-_ACAWK
-_ACEOF
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
- as_fn_error $? "could not setup config headers machinery" "$LINENO" 5
-fi # test -n "$CONFIG_HEADERS"
-
-
-eval set X " :F $CONFIG_FILES :H $CONFIG_HEADERS "
-shift
-for ac_tag
-do
- case $ac_tag in
- :[FHLC]) ac_mode=$ac_tag; continue;;
- esac
- case $ac_mode$ac_tag in
- :[FHL]*:*);;
- :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5;;
- :[FH]-) ac_tag=-:-;;
- :[FH]*) ac_tag=$ac_tag:$ac_tag.in;;
- esac
- ac_save_IFS=$IFS
- IFS=:
- set x $ac_tag
- IFS=$ac_save_IFS
- shift
- ac_file=$1
- shift
-
- case $ac_mode in
- :L) ac_source=$1;;
- :[FH])
- ac_file_inputs=
- for ac_f
- do
- case $ac_f in
- -) ac_f="$ac_tmp/stdin";;
- *) # Look for the file first in the build tree, then in the source tree
- # (if the path is not absolute). The absolute path cannot be DOS-style,
- # because $ac_f cannot contain `:'.
- test -f "$ac_f" ||
- case $ac_f in
- [\\/$]*) false;;
- *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";;
- esac ||
- as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;;
- esac
- case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac
- as_fn_append ac_file_inputs " '$ac_f'"
- done
-
- # Let's still pretend it is `configure' which instantiates (i.e., don't
- # use $as_me), people would be surprised to read:
- # /* config.h. Generated by config.status. */
- configure_input='Generated from '`
- $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g'
- `' by configure.'
- if test x"$ac_file" != x-; then
- configure_input="$ac_file. $configure_input"
- { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5
-$as_echo "$as_me: creating $ac_file" >&6;}
- fi
- # Neutralize special characters interpreted by sed in replacement strings.
- case $configure_input in #(
- *\&* | *\|* | *\\* )
- ac_sed_conf_input=`$as_echo "$configure_input" |
- sed 's/[\\\\&|]/\\\\&/g'`;; #(
- *) ac_sed_conf_input=$configure_input;;
- esac
-
- case $ac_tag in
- *:-:* | *:-) cat >"$ac_tmp/stdin" \
- || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;;
- esac
- ;;
- esac
-
- ac_dir=`$as_dirname -- "$ac_file" ||
-$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
- X"$ac_file" : 'X\(//\)[^/]' \| \
- X"$ac_file" : 'X\(//\)$' \| \
- X"$ac_file" : 'X\(/\)' \| . 2>/dev/null ||
-$as_echo X"$ac_file" |
- sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
- s//\1/
- q
- }
- /^X\(\/\/\)[^/].*/{
- s//\1/
- q
- }
- /^X\(\/\/\)$/{
- s//\1/
- q
- }
- /^X\(\/\).*/{
- s//\1/
- q
- }
- s/.*/./; q'`
- as_dir="$ac_dir"; as_fn_mkdir_p
- ac_builddir=.
-
-case "$ac_dir" in
-.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;;
-*)
- ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'`
- # A ".." for each directory in $ac_dir_suffix.
- ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'`
- case $ac_top_builddir_sub in
- "") ac_top_builddir_sub=. ac_top_build_prefix= ;;
- *) ac_top_build_prefix=$ac_top_builddir_sub/ ;;
- esac ;;
-esac
-ac_abs_top_builddir=$ac_pwd
-ac_abs_builddir=$ac_pwd$ac_dir_suffix
-# for backward compatibility:
-ac_top_builddir=$ac_top_build_prefix
-
-case $srcdir in
- .) # We are building in place.
- ac_srcdir=.
- ac_top_srcdir=$ac_top_builddir_sub
- ac_abs_top_srcdir=$ac_pwd ;;
- [\\/]* | ?:[\\/]* ) # Absolute name.
- ac_srcdir=$srcdir$ac_dir_suffix;
- ac_top_srcdir=$srcdir
- ac_abs_top_srcdir=$srcdir ;;
- *) # Relative name.
- ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix
- ac_top_srcdir=$ac_top_build_prefix$srcdir
- ac_abs_top_srcdir=$ac_pwd/$srcdir ;;
-esac
-ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix
-
-
- case $ac_mode in
- :F)
- #
- # CONFIG_FILE
- #
-
-_ACEOF
-
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-# If the template does not know about datarootdir, expand it.
-# FIXME: This hack should be removed a few years after 2.60.
-ac_datarootdir_hack=; ac_datarootdir_seen=
-ac_sed_dataroot='
-/datarootdir/ {
- p
- q
-}
-/@datadir@/p
-/@docdir@/p
-/@infodir@/p
-/@localedir@/p
-/@mandir@/p'
-case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in
-*datarootdir*) ac_datarootdir_seen=yes;;
-*@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*)
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5
-$as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;}
-_ACEOF
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
- ac_datarootdir_hack='
- s&@datadir@&$datadir&g
- s&@docdir@&$docdir&g
- s&@infodir@&$infodir&g
- s&@localedir@&$localedir&g
- s&@mandir@&$mandir&g
- s&\\\${datarootdir}&$datarootdir&g' ;;
-esac
-_ACEOF
-
-# Neutralize VPATH when `$srcdir' = `.'.
-# Shell code in configure.ac might set extrasub.
-# FIXME: do we really want to maintain this feature?
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
-ac_sed_extra="$ac_vpsub
-$extrasub
-_ACEOF
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-:t
-/@[a-zA-Z_][a-zA-Z_0-9]*@/!b
-s|@configure_input@|$ac_sed_conf_input|;t t
-s&@top_builddir@&$ac_top_builddir_sub&;t t
-s&@top_build_prefix@&$ac_top_build_prefix&;t t
-s&@srcdir@&$ac_srcdir&;t t
-s&@abs_srcdir@&$ac_abs_srcdir&;t t
-s&@top_srcdir@&$ac_top_srcdir&;t t
-s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t
-s&@builddir@&$ac_builddir&;t t
-s&@abs_builddir@&$ac_abs_builddir&;t t
-s&@abs_top_builddir@&$ac_abs_top_builddir&;t t
-$ac_datarootdir_hack
-"
-eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \
- >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "$LINENO" 5
-
-test -z "$ac_datarootdir_hack$ac_datarootdir_seen" &&
- { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } &&
- { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' \
- "$ac_tmp/out"`; test -z "$ac_out"; } &&
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir'
-which seems to be undefined. Please make sure it is defined" >&5
-$as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir'
-which seems to be undefined. Please make sure it is defined" >&2;}
-
- rm -f "$ac_tmp/stdin"
- case $ac_file in
- -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";;
- *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";;
- esac \
- || as_fn_error $? "could not create $ac_file" "$LINENO" 5
- ;;
- :H)
- #
- # CONFIG_HEADER
- #
- if test x"$ac_file" != x-; then
- {
- $as_echo "/* $configure_input */" \
- && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs"
- } >"$ac_tmp/config.h" \
- || as_fn_error $? "could not create $ac_file" "$LINENO" 5
- if diff "$ac_file" "$ac_tmp/config.h" >/dev/null 2>&1; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_file is unchanged" >&5
-$as_echo "$as_me: $ac_file is unchanged" >&6;}
- else
- rm -f "$ac_file"
- mv "$ac_tmp/config.h" "$ac_file" \
- || as_fn_error $? "could not create $ac_file" "$LINENO" 5
- fi
- else
- $as_echo "/* $configure_input */" \
- && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" \
- || as_fn_error $? "could not create -" "$LINENO" 5
- fi
- ;;
-
-
- esac
-
-done # for ac_tag
-
-
-as_fn_exit 0
-_ACEOF
-ac_clean_files=$ac_clean_files_save
-
-test $ac_write_fail = 0 ||
- as_fn_error $? "write failure creating $CONFIG_STATUS" "$LINENO" 5
-
-
-# configure is writing to config.log, and then calls config.status.
-# config.status does its own redirection, appending to config.log.
-# Unfortunately, on DOS this fails, as config.log is still kept open
-# by configure, so config.status won't be able to write to it; its
-# output is simply discarded. So we exec the FD to /dev/null,
-# effectively closing config.log, so it can be properly (re)opened and
-# appended to by config.status. When coming back to configure, we
-# need to make the FD available again.
-if test "$no_create" != yes; then
- ac_cs_success=:
- ac_config_status_args=
- test "$silent" = yes &&
- ac_config_status_args="$ac_config_status_args --quiet"
- exec 5>/dev/null
- $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false
- exec 5>>config.log
- # Use ||, not &&, to avoid exiting from the if with $? = 1, which
- # would make configure fail if this is the last instruction.
- $ac_cs_success || as_fn_exit 1
-fi
-if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5
-$as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;}
-fi
-
+++ /dev/null
-# -*- Autoconf -*-
-# Process this file with autoconf to produce a configure script.
-
-AC_PREREQ(2.56)
-AC_INIT(ldns, 1.6.9, libdns@nlnetlabs.nl,libdns)
-AC_CONFIG_SRCDIR([ldns-read-zone.c])
-sinclude(../acx_nlnetlabs.m4)
-
-OURCPPFLAGS=''
-CPPFLAGS=${CPPFLAGS:-${OURCPPFLAGS}}
-OURCFLAGS='-g'
-CFLAGS=${CFLAGS:-${OURCFLAGS}}
-AC_DEFINE(WINVER, 0x0502, [the version of the windows API enabled])
-
-AC_AIX
-# Checks for programs.
-AC_PROG_CC
-AC_PROG_MAKE_SET
-AC_CHECK_PROGS(libtool, [glibtool libtool15 libtool], [../libtool])
-
-ACX_CHECK_COMPILER_FLAG(std=c99, [C99FLAG="-std=c99"])
-ACX_CHECK_COMPILER_FLAG(xc99, [C99FLAG="-xc99"])
-
-AC_ARG_ENABLE(rpath,
- [AC_HELP_STRING([--disable-rpath], [Disable hardcoded rpath (default=enabled)])],
- enable_rpath=$enableval, enable_rpath=yes)
-
-if test "x$enable_rpath" = xyes; then
- RPATH_VAL="-Wl,-rpath=\${libdir}"
-fi
-
-
-AC_TYPE_SIZE_T
-ACX_CHECK_COMPILER_FLAG(O2, [CFLAGS="$CFLAGS -O2"])
-
-ACX_CHECK_COMPILER_FLAG_NEEDED($C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600,
-[
-#include "confdefs.h"
-#include <stdlib.h>
-#include <ctype.h>
-#include <sys/time.h>
-#ifdef HAVE_TIME_H
-#include <time.h>
-#endif
-#include <unistd.h>
-#ifdef HAVE_GETOPT_H
-#include <getopt.h>
-#endif
-
-int test() {
- int a;
- char **opts = NULL;
- struct timeval tv;
- char *t;
- time_t time = 0;
- char *buf = NULL;
- t = ctime_r(&time, buf);
- tv.tv_usec = 10;
- srandom(32);
- a = getopt(2, opts, "a");
- a = isascii(32);
- return a;
-}
-], [CFLAGS="$CFLAGS $C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600"])
-
-
-ACX_CHECK_COMPILER_FLAG_NEEDED($C99FLAG, [#include <stdbool.h>], [CFLAGS="$CFLAGS $C99FLAG"])
-
-AC_C_INLINE
-AC_CHECK_TYPE(int8_t, char)
-AC_CHECK_TYPE(int16_t, short)
-AC_CHECK_TYPE(int32_t, int)
-AC_CHECK_TYPE(int64_t, long long)
-AC_CHECK_TYPE(uint8_t, unsigned char)
-AC_CHECK_TYPE(uint16_t, unsigned short)
-AC_CHECK_TYPE(uint32_t, unsigned int)
-AC_CHECK_TYPE(uint64_t, unsigned long long)
-AC_CHECK_TYPE(ssize_t, int)
-
-AC_CHECK_HEADERS([sys/types.h getopt.h stdlib.h stdio.h assert.h netinet/in.h ctype.h time.h pcap.h arpa/inet.h sys/time.h sys/socket.h sys/select.h netdb.h],,, [AC_INCLUDES_DEFAULT])
-AC_CHECK_HEADERS([winsock2.h ws2tcpip.h],,, [AC_INCLUDES_DEFAULT])
-AC_CHECK_HEADERS([netinet/in_systm.h net/if.h netinet/ip.h netinet/udp.h netinet/igmp.h netinet/if_ether.h netinet/ip6.h],,, [
-AC_INCLUDES_DEFAULT
-#ifdef HAVE_NETINET_IN_SYSTM_H
-#include <netinet/in_systm.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_NET_IF_H
-#include <net/if.h>
-#endif])
-
-ACX_TYPE_SOCKLEN_T
-AC_CHECK_HEADERS([sys/param.h sys/mount.h],,,
-[AC_INCLUDES_DEFAULT]
-[
- [
- #if HAVE_SYS_PARAM_H
- # include <sys/param.h>
- #endif
- ]
-])
-AC_CHECK_TYPE(in_addr_t, [], [AC_DEFINE([in_addr_t], [uint32_t], [in_addr_t])], [
-#if HAVE_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#if HAVE_NETINET_IN_H
-# include <netinet/in.h>
-#endif])
-AC_CHECK_TYPE(in_port_t, [], [AC_DEFINE([in_port_t], [uint16_t], [in_port_t])], [
-#if HAVE_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#if HAVE_NETINET_IN_H
-# include <netinet/in.h>
-#endif])
-
-# check to see if libraries are needed for these functions.
-AC_SEARCH_LIBS(socket, socket)
-tmp_LIBS="$LIBS"
-LIBS=
-AC_SEARCH_LIBS(inet_pton, nsl)
-AC_SUBST(LIBNSL_LIBS,$LIBS)
-LIBS="$tmp_LIBS"
-
-tmp_CPPFLAGS="$CPPFLAGS"
-tmp_LDFLAGS="$LDFLAGS"
-tmp_LIBS="$LIBS"
-
-ACX_WITH_SSL_OPTIONAL
-
-AC_SUBST(LIBSSL_CPPFLAGS)
-AC_SUBST(LIBSSL_LDFLAGS)
-AC_SUBST(LIBSSL_LIBS)
-
-CPPFLAGS="$tmp_CPPFLAGS"
-LDFLAGS="$tmp_LDFLAGS"
-LIBS="$tmp_LIBS"
-
-# use libcrypto to check the following:
-tmp_LDFLAGS="$LDFLAGS"
-tmp_LIBS="$LIBS"
-LDFLAGS="$LDFLAGS $LIBSSL_LDFLAGS"
-LIBS="$LIBS $LIBSSL_LIBS"
-AC_ARG_ENABLE(sha2, AC_HELP_STRING([--disable-sha2], [Disable SHA256 and SHA512 RRSIG support]))
-case "$enable_sha2" in
- no)
- ;;
- *)
- AC_MSG_CHECKING(for SHA256 and SHA512)
- AC_CHECK_FUNC(SHA256_Init,, [
- AC_MSG_ERROR([SHA2 enabled, but no SHA2 functions found in OpenSSL])
- ])
- AC_DEFINE_UNQUOTED([USE_SHA2], [1], [Define this to enable SHA256 and SHA512 support.])
- ;;
-esac
-
-AC_ARG_ENABLE(gost, AC_HELP_STRING([--disable-gost], [Disable GOST support]))
-case "$enable_gost" in
- no)
- ;;
- *)
- if test "x$HAVE_SSL" != "xyes"; then
- AC_MSG_ERROR([GOST enabled, but no SSL support])
- fi
- AC_MSG_CHECKING(for GOST)
- AC_CHECK_FUNC(EVP_PKEY_set_type_str, [],[AC_MSG_ERROR([OpenSSL >= 1.0.0 is needed for GOST support or rerun with --disable-gost])])
- AC_CHECK_FUNC(EC_KEY_new, [], [AC_MSG_ERROR([No ECC functions found in OpenSSL: please upgrade OpenSSL or rerun with --disable-gost])])
- AC_DEFINE_UNQUOTED([USE_GOST], [1], [Define this to enable GOST support.])
- ;;
-esac
-
-AC_ARG_ENABLE(ecdsa, AC_HELP_STRING([--enable-ecdsa], [Enable ECDSA support, experimental]))
-case "$enable_ecdsa" in
- yes)
- AC_CHECK_FUNC(ECDSA_sign,,[AC_MSG_ERROR([OpenSSL does not support ECDSA])])
- AC_DEFINE_UNQUOTED([USE_ECDSA], [1], [Define this to enable ECDSA support.])
- AC_WARN([
- *****************************************************************
- *** YOU HAVE ENABLED ECDSA WHICH IS EXPERIMENTAL AT THIS TIME ***
- *** PLEASE DO NOT USE THIS ON THE PUBLIC INTERNET ***
- *****************************************************************])
- ;;
- no|*)
- ;;
-esac
-
-LDFLAGS="$tmp_LDFLAGS"
-LIBS="$tmp_LIBS"
-
-#AC_CHECK_HEADER(ldns/ldns.h,, [
-# AC_MSG_ERROR([Can't find ldns headers (make copy-headers in devel source.)])
-# ], [AC_INCLUDES_DEFAULT]
-#)
-
-AC_CHECK_LIB(pcap, pcap_open_offline,, [
- AC_MSG_WARN([Can't find pcap library (needed for ldns-dpa, will not build dpa now.)])
- ]
-)
-
-
-AC_DEFUN([AC_CHECK_GETADDRINFO_WITH_INCLUDES],
-[AC_REQUIRE([AC_PROG_CC])
-AC_MSG_CHECKING(for getaddrinfo)
-AC_CACHE_VAL(ac_cv_func_getaddrinfo,
-[ac_cv_func_getaddrinfo=no
-AC_LINK_IFELSE(
-[
-#ifdef __cplusplus
-extern "C"
-{
-#endif
-char* getaddrinfo();
-char* (*f) () = getaddrinfo;
-#ifdef __cplusplus
-}
-#endif
-int main() {
- ;
- return 0;
-}
-],
-dnl this case on linux, solaris, bsd
-[ac_cv_func_getaddrinfo="yes"],
-dnl no quick getaddrinfo, try mingw32 and winsock2 library.
-ORIGLIBS="$LIBS"
-LIBS="$LIBS -lws2_32"
-AC_LINK_IFELSE(
-AC_LANG_PROGRAM(
-[
-#ifdef HAVE_WS2TCPIP_H
-#include <ws2tcpip.h>
-#endif
-],
-[
- (void)getaddrinfo(NULL, NULL, NULL, NULL);
-]
-),
-[ac_cv_func_getaddrinfo="yes"
-LDFLAGS="$LDFLAGS -lws2_32"
-],
-[ac_cv_func_getaddrinfo="no"
-LIBS="$ORIGLIBS"
-])
-)
-])
-
-AC_MSG_RESULT($ac_cv_func_getaddrinfo)
-if test $ac_cv_func_getaddrinfo = yes; then
- AC_DEFINE(HAVE_GETADDRINFO, 1, [Whether getaddrinfo is available])
-fi
-])dnl
-
-AC_CHECK_GETADDRINFO_WITH_INCLUDES
-
-AC_FUNC_FORK
-AC_CHECK_FUNCS(isblank srandom random sleep)
-AC_CHECK_DECLS([in6addr_any],,,[AC_INCLUDES_DEFAULT
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_TIME_H
-#include <time.h>
-#endif
-#ifdef HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
-#ifdef HAVE_SYS_SELECT_H
-#include <sys/select.h>
-#endif
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_NETINET_UDP_H
-#include <netinet/udp.h>
-#endif
-#ifdef HAVE_NETINET_IGMP_H
-#include <netinet/igmp.h>
-#endif
-])
-
-# check for ldns
-AC_ARG_WITH(ldns,
- AC_HELP_STRING([--with-ldns=PATH specify prefix of path of ldns library to use])
- ,
- [
- specialldnsdir="$withval"
- CPPFLAGS="$CPPFLAGS -I$withval/include"
- LDFLAGS="-L$withval -L$withval/lib $LDFLAGS"
- LDNSDIR="$withval"
- ]
-)
-
-# check for ldns development source tree
-AC_MSG_CHECKING([for ldns devel source])
-ldns_dev_dir=..
-if test -f $ldns_dev_dir/ldns/util.h && \
- grep LDNS_VERSION $ldns_dev_dir/ldns/util.h >/dev/null; then
- ldns_version=`grep LDNS_VERSION $ldns_dev_dir/ldns/util.h | sed -e 's/^.*"\(.*\)".*$/\1/'`
- AC_MSG_RESULT([using $ldns_dev_dir with $ldns_version])
- CPPFLAGS="$CPPFLAGS -I$ldns_dev_dir/include"
- LDFLAGS="-L$ldns_dev_dir -L$ldns_dev_dir/lib $LDFLAGS"
- LIBS="$LIBS -lldns"
- AC_DEFINE(HAVE_LIBLDNS, 1, [If the ldns library is available.])
- LDNSDIR="$ldns_dev_dir"
-else
- AC_MSG_RESULT([no])
- AC_CHECK_LIB(ldns, ldns_rr_new,, [
- AC_MSG_ERROR([Can't find ldns library])
- ]
- )
-fi
-
-AC_SUBST(LDNSDIR)
-
-
-AH_BOTTOM([
-
-#include <stdio.h>
-#include <string.h>
-#include <unistd.h>
-#include <assert.h>
-
-#if STDC_HEADERS
-#include <stdlib.h>
-#include <stddef.h>
-#endif
-
-#ifdef HAVE_STDINT_H
-#include <stdint.h>
-#endif
-
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-
-#ifdef HAVE_NETINET_UDP_H
-#include <netinet/udp.h>
-#endif
-
-#ifdef HAVE_TIME_H
-#include <time.h>
-#endif
-
-#ifdef HAVE_PCAP_H
-#include <pcap.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_SYSTM_H
-#include <netinet/in_systm.h>
-#endif
-
-#ifdef HAVE_NETINET_IP_H
-#include <netinet/ip.h>
-#endif
-
-#ifdef HAVE_NET_IF_H
-#include <net/if.h>
-#endif
-
-#ifdef HAVE_NETINET_IF_ETHER_H
-#include <netinet/if_ether.h>
-#endif
-
-#ifdef HAVE_WINSOCK2_H
-#define USE_WINSOCK 1
-#include <winsock2.h>
-#endif
-
-#ifdef HAVE_WS2TCPIP_H
-#include <ws2tcpip.h>
-#endif
-
-#ifndef HAVE_GETADDRINFO
-#include <fake-rfc2553.h>
-#endif
-
-#ifndef HAVE_RANDOM
-/* random can be replaced by rand for ldnsexamples */
-#define random rand
-#endif
-
-#ifndef HAVE_SRANDOM
-/* srandom can be replaced by srand for ldnsexamples */
-#define srandom srand
-#endif
-
-extern char *optarg;
-extern int optind, opterr;
-
-#ifndef EXIT_FAILURE
-#define EXIT_FAILURE 1
-#endif
-#ifndef EXIT_SUCCESS
-#define EXIT_SUCCESS 0
-#endif
-
-#ifdef S_SPLINT_S
-#define FD_ZERO(a) /* a */
-#define FD_SET(a,b) /* a, b */
-#endif
-])
-
-AC_CONFIG_FILES([Makefile])
-AC_CONFIG_HEADER([config.h])
-AC_OUTPUT
+++ /dev/null
-/* From openssh 4.3p2 filename openbsd-compat/fake-rfc2553.h */
-/*
- * Copyright (C) 2000-2003 Damien Miller. All rights reserved.
- * Copyright (C) 1999 WIDE Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the project nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/*
- * Pseudo-implementation of RFC2553 name / address resolution functions
- *
- * But these functions are not implemented correctly. The minimum subset
- * is implemented for ssh use only. For example, this routine assumes
- * that ai_family is AF_INET. Don't use it for another purpose.
- */
-
-#ifndef _FAKE_RFC2553_H
-#define _FAKE_RFC2553_H
-
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <netdb.h>
-#include <limits.h>
-
-/*
- * First, socket and INET6 related definitions
- */
-#ifndef HAVE_STRUCT_SOCKADDR_STORAGE
-#ifndef _SS_MAXSIZE
-# define _SS_MAXSIZE 128 /* Implementation specific max size */
-# define _SS_PADSIZE (_SS_MAXSIZE - sizeof (struct sockaddr))
-struct sockaddr_storage {
- struct sockaddr ss_sa;
- char __ss_pad2[_SS_PADSIZE];
-};
-# define ss_family ss_sa.sa_family
-#endif /* _SS_MAXSIZE */
-#endif /* !HAVE_STRUCT_SOCKADDR_STORAGE */
-
-#ifndef IN6_IS_ADDR_LOOPBACK
-# define IN6_IS_ADDR_LOOPBACK(a) \
- (((uint32_t *)(a))[0] == 0 && ((uint32_t *)(a))[1] == 0 && \
- ((uint32_t *)(a))[2] == 0 && ((uint32_t *)(a))[3] == htonl(1))
-#endif /* !IN6_IS_ADDR_LOOPBACK */
-
-#ifndef HAVE_STRUCT_IN6_ADDR
-struct in6_addr {
- uint8_t s6_addr[16];
-};
-#endif /* !HAVE_STRUCT_IN6_ADDR */
-
-#ifndef HAVE_STRUCT_SOCKADDR_IN6
-struct sockaddr_in6 {
- unsigned short sin6_family;
- uint16_t sin6_port;
- uint32_t sin6_flowinfo;
- struct in6_addr sin6_addr;
-};
-#endif /* !HAVE_STRUCT_SOCKADDR_IN6 */
-
-#ifndef AF_INET6
-/* Define it to something that should never appear */
-#define AF_INET6 AF_MAX
-#endif
-
-/*
- * Next, RFC2553 name / address resolution API
- */
-
-#ifndef NI_NUMERICHOST
-# define NI_NUMERICHOST (1)
-#endif
-#ifndef NI_NAMEREQD
-# define NI_NAMEREQD (1<<1)
-#endif
-#ifndef NI_NUMERICSERV
-# define NI_NUMERICSERV (1<<2)
-#endif
-
-#ifndef AI_PASSIVE
-# define AI_PASSIVE (1)
-#endif
-#ifndef AI_CANONNAME
-# define AI_CANONNAME (1<<1)
-#endif
-#ifndef AI_NUMERICHOST
-# define AI_NUMERICHOST (1<<2)
-#endif
-
-#ifndef NI_MAXSERV
-# define NI_MAXSERV 32
-#endif /* !NI_MAXSERV */
-#ifndef NI_MAXHOST
-# define NI_MAXHOST 1025
-#endif /* !NI_MAXHOST */
-
-#ifndef INT_MAX
-#define INT_MAX 0xffffffff
-#endif
-
-#ifndef EAI_NODATA
-# define EAI_NODATA (INT_MAX - 1)
-#endif
-#ifndef EAI_MEMORY
-# define EAI_MEMORY (INT_MAX - 2)
-#endif
-#ifndef EAI_NONAME
-# define EAI_NONAME (INT_MAX - 3)
-#endif
-#ifndef EAI_SYSTEM
-# define EAI_SYSTEM (INT_MAX - 4)
-#endif
-
-#ifndef HAVE_STRUCT_ADDRINFO
-struct addrinfo {
- int ai_flags; /* AI_PASSIVE, AI_CANONNAME */
- int ai_family; /* PF_xxx */
- int ai_socktype; /* SOCK_xxx */
- int ai_protocol; /* 0 or IPPROTO_xxx for IPv4 and IPv6 */
- size_t ai_addrlen; /* length of ai_addr */
- char *ai_canonname; /* canonical name for hostname */
- struct sockaddr *ai_addr; /* binary address */
- struct addrinfo *ai_next; /* next structure in linked list */
-};
-#endif /* !HAVE_STRUCT_ADDRINFO */
-
-#ifndef HAVE_GETADDRINFO
-#ifdef getaddrinfo
-# undef getaddrinfo
-#endif
-#define getaddrinfo(a,b,c,d) (ssh_getaddrinfo(a,b,c,d))
-int getaddrinfo(const char *, const char *,
- const struct addrinfo *, struct addrinfo **);
-#endif /* !HAVE_GETADDRINFO */
-
-#if !defined(HAVE_GAI_STRERROR) && !defined(HAVE_CONST_GAI_STRERROR_PROTO)
-#define gai_strerror(a) (ssh_gai_strerror(a))
-char *gai_strerror(int);
-#endif /* !HAVE_GAI_STRERROR */
-
-#ifndef HAVE_FREEADDRINFO
-#define freeaddrinfo(a) (ssh_freeaddrinfo(a))
-void freeaddrinfo(struct addrinfo *);
-#endif /* !HAVE_FREEADDRINFO */
-
-#ifndef HAVE_GETNAMEINFO
-#define getnameinfo(a,b,c,d,e,f,g) (ssh_getnameinfo(a,b,c,d,e,f,g))
-int getnameinfo(const struct sockaddr *, size_t, char *, size_t,
- char *, size_t, int);
-#endif /* !HAVE_GETNAMEINFO */
-
-#endif /* !_FAKE_RFC2553_H */
-
+++ /dev/null
-.TH ldns-chaos 1 "27 Apr 2005"
-.SH NAME
-ldns-chaos \- give some information about a nameserver
-.SH SYNOPSIS
-.B ldns-chaos
-.IR NAMESERVER
-
-.SH DESCRIPTION
-\fBldns-chaos\fR retrieves all the addresses of the nameserver and then queries
-each address for its \fIversion.bind\fR and \fIhostname.bind\fR.
-.PP
-\fBldns-chaos\fR is a bit more complex than \fBldns-mx\fR.
-
-.SH OPTIONS
-\fBldns-chaos\fR has no options.
-
-.SH AUTHOR
-Written by the ldns team as an example for ldns usage.
-
-.SH REPORTING BUGS
-Report bugs to <ldns-team@nlnetlabs.nl>.
-
-.SH COPYRIGHT
-Copyright (C) 2005 NLnet Labs. This is free software. There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
-PURPOSE.
+++ /dev/null
-/*
- * chaos is a small programs that prints some information
- * about a nameserver
- *
- * (c) NLnet Labs, 2005 - 2008
- *
- * See the file LICENSE for the license
- */
-
-#include "config.h"
-
-#include <ldns/ldns.h>
-
-static int
-usage(FILE *fp, char *prog) {
- fprintf(fp, "%s server\n", prog);
- fprintf(fp, " print out some information about server\n");
- return 0;
-}
-
-int
-main(int argc, char *argv[])
-{
- ldns_resolver *res;
- ldns_rdf *name;
- ldns_rdf *version, *id;
- ldns_pkt *p;
- ldns_rr_list *addr;
- ldns_rr_list *info;
- ldns_status s;
- ldns_rdf *pop;
- size_t i;
-
- if (argc != 2) {
- usage(stdout, argv[0]);
- exit(EXIT_FAILURE);
- } else {
- /* create a rdf from the command line arg */
- name = ldns_dname_new_frm_str(argv[1]);
- if (!name) {
- usage(stdout, argv[0]);
- exit(EXIT_FAILURE);
- }
- }
-
- /* create rdf for what we are going to ask */
- version = ldns_dname_new_frm_str("version.bind");
- id = ldns_dname_new_frm_str("hostname.bind");
-
- /* create a new resolver from /etc/resolv.conf */
- s = ldns_resolver_new_frm_file(&res, NULL);
- if (s != LDNS_STATUS_OK) {
- ldns_rdf_deep_free(name);
- exit(EXIT_FAILURE);
- }
- ldns_resolver_set_retry(res, 1); /* don't want to wait too long */
-
- /* use the resolver to send it a query for the a/aaaa of name */
- addr = ldns_get_rr_list_addr_by_name(res, name, LDNS_RR_CLASS_IN, LDNS_RD);
- if (!addr) {
- fprintf(stderr, " *** could not get an address for %s\n", argv[1]);
- ldns_rdf_deep_free(name);
- ldns_resolver_deep_free(res);
- exit(EXIT_FAILURE);
- }
-
- /* remove current list of nameservers from resolver */
- while((pop = ldns_resolver_pop_nameserver(res))) { ldns_rdf_deep_free(pop); }
-
-
- /* can be multihomed */
- for(i = 0; i < ldns_rr_list_rr_count(addr); i++) {
- if (i > 0) {
- fprintf(stdout, "\n");
- }
-
- if (ldns_resolver_push_nameserver_rr(res,
- ldns_rr_list_rr(addr, i)) != LDNS_STATUS_OK) {
- printf("Error adding nameserver to resolver\n");
- }
-
- ldns_rr_print(stdout, ldns_rr_list_rr(addr, i));
- fprintf(stdout, "\n");
-
- p = ldns_resolver_query(res, version, LDNS_RR_TYPE_TXT,
- LDNS_RR_CLASS_CH, LDNS_RD);
- if (p) {
- ldns_pkt_print(stdout, p);
- info = ldns_pkt_rr_list_by_type(p,
- LDNS_RR_TYPE_TXT, LDNS_SECTION_ANSWER);
-
- if (info) {
- ldns_rr_list_print(stdout, info);
- ldns_rr_list_deep_free(info);
- } else {
- printf(" *** version retrieval failed\n");
- }
- ldns_pkt_free(p);
- } else {
- printf(" *** query failed\n");
- }
-
- p = ldns_resolver_query(res, id, LDNS_RR_TYPE_TXT,
- LDNS_RR_CLASS_CH, LDNS_RD);
- if (p) {
- info = ldns_pkt_rr_list_by_type(p,
- LDNS_RR_TYPE_TXT, LDNS_SECTION_ANSWER);
- if (info) {
- ldns_rr_list_print(stdout, info);
- ldns_rr_list_deep_free(info);
- } else {
- printf(" *** id retrieval failed\n");
- }
- ldns_pkt_free(p);
- } else {
- printf(" *** query failed for\n");
- }
- ldns_rdf_deep_free(ldns_resolver_pop_nameserver(res));
-
- }
-
- ldns_rdf_deep_free(name);
- ldns_resolver_deep_free(res);
- exit(EXIT_SUCCESS);
-}
+++ /dev/null
-.TH ldns-compare-zones 1 "17 Oct 2007"
-.SH NAME
-ldns-compare-zones \- read and compare two zonefiles and print differences
-.SH SYNOPSIS
-.B ldns-compare-zones
-.IR [-c]
-.IR [-i]
-.IR [-d]
-.IR [-z]
-.IR [-s]
-.IR ZONEFILE1
-.IR ZONEFILE2
-.SH DESCRIPTION
-\fBldns-compare-zones\fR reads two DNS zone files and prints number of differences.
-.nf
-Output is formated to:
- +NUM_INS -NUM_DEL ~NUM_CHG
-
-.fi
-The major comparison is based on the owner name. If an owner name is present in zonefile 1, but not in zonefile 2, the resource records with this owner name are considered deleted, and counted as NUM_DEL. If an owner name is present in zonefile 2, but not in zonefile 1, the resource records with this owner name are considered inserted, and counted as NUM_INS. If an owner name is present in both, but there is a difference in the amount or content of the records, these are considered changed, and counted as NUM_CHG.
-.SH OPTIONS
-.TP
-\fB-c\fR
-Print resource records whose owner names are in both zone files, but with different resource records. (a.k.a. changed)
-.TP
-\fB-i\fR
-Print resource records whose owner names are present only in ZONEFILE2 (a.k.a. inserted)
-.TP
-\fB-d\fR
-Print resource records whose owner names are present only in ZONEFILE1 (a.k.a. deleted)
-.TP
-\fB-a\fR
-Print all changes. Specifying this option is the same as specifying -c -i
-amd -d.
-.TP
-\fB-z\fR
-Suppress zone sorting; this option is not recommended; it can cause records
-to be incorrectly marked as changed, depending of the nature of the changes.
-.TP
-\fB-s\fR
-Do not exclude the SOA record from the comparison. The SOA record may
-then show up as changed due to a new serial number. Off by default since
-you may be interested to know if (other zone apex elements) have changed.
-.TP
-\fB-h\fR
-Show usage and exit
-.TP
-\fB-v\fR
-Show the version and exit
-.SH AUTHOR
-Written by Ondřej Surý <ondrej@sury.org> for CZ.NIC, z.s.p.o. (czech domain registry)
-.SH REPORTING BUGS
-Report bugs to <ondrej@sury.org>.
-.SH COPYRIGHT
-Copyright (C) 2005 CZ.NIC, z.s.p.o.. This is free software. There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
-PURPOSE.
+++ /dev/null
-/*
- * ldns-compare-zones compares two zone files
- *
- * Written by Ondrej Sury in 2007
- *
- * Modified a bit by NLnet Labs.
- *
- * See the file LICENSE for the license
- */
-
-#include "config.h"
-#include <unistd.h>
-#include <stdlib.h>
-#include <stdarg.h>
-#include <time.h>
-
-#include <ldns/ldns.h>
-
-#include <errno.h>
-
-#define OP_INS '+'
-#define OP_DEL '-'
-#define OP_CHG '~'
-
-static void
-usage(int argc, char **argv)
-{
- printf("Usage: %s [-v] [-i] [-d] [-c] [-s] <zonefile1> <zonefile2>\n",
- argv[0]);
- printf(" -i - print inserted\n");
- printf(" -d - print deleted\n");
- printf(" -c - print changed\n");
- printf(" -a - print all differences (-i -d -c)\n");
- printf(" -s - do not exclude SOA record from comparison\n");
- printf(" -z - do not sort zones\n");
-}
-
-int
-main(int argc, char **argv)
-{
- char *fn1, *fn2;
- FILE *fp1, *fp2;
- ldns_zone *z1, *z2;
- ldns_status s;
- size_t i , j;
- ldns_rr_list *rrl1, *rrl2;
- int rr_cmp, rr_chg = 0;
- ldns_rr *rr1 = NULL, *rr2 = NULL, *rrx = NULL;
- int line_nr1 = 0, line_nr2 = 0;
- size_t rrc1 , rrc2;
- size_t num_ins = 0, num_del = 0, num_chg = 0;
- int c;
- bool opt_deleted = false, opt_inserted = false, opt_changed = false;
- bool sort = true, inc_soa = false;
- char op = 0;
-
- while ((c = getopt(argc, argv, "ahvdicsz")) != -1) {
- switch (c) {
- case 'h':
- usage(argc, argv);
- exit(EXIT_SUCCESS);
- break;
- case 'v':
- printf("%s version %s (ldns version %s)\n",
- argv[0],
- LDNS_VERSION,
- ldns_version());
- exit(EXIT_SUCCESS);
- break;
- case 's':
- inc_soa = true;
- break;
- case 'z':
- sort = false;
- break;
- case 'd':
- opt_deleted = true;
- break;
- case 'i':
- opt_inserted = true;
- break;
- case 'c':
- opt_changed = true;
- break;
- case 'a':
- opt_deleted = true;
- opt_inserted = true;
- opt_changed = true;
- break;
- }
- }
-
- argc -= optind;
- argv += optind;
-
- if (argc != 2) {
- argc -= optind;
- argv -= optind;
- usage(argc, argv);
- exit(EXIT_FAILURE);
- }
- fn1 = argv[0];
- fp1 = fopen(fn1, "r");
- if (!fp1) {
- fprintf(stderr, "Unable to open %s: %s\n", fn1, strerror(errno));
- exit(EXIT_FAILURE);
- }
- /* Read first zone */
- s = ldns_zone_new_frm_fp_l(&z1, fp1, NULL, 0,
- LDNS_RR_CLASS_IN, &line_nr1);
- if (s != LDNS_STATUS_OK) {
- fclose(fp1);
- fprintf(stderr, "%s: %s at %d\n",
- fn1,
- ldns_get_errorstr_by_id(s),
- line_nr1);
- exit(EXIT_FAILURE);
- }
- fclose(fp1);
-
- fn2 = argv[1];
- fp2 = fopen(fn2, "r");
- if (!fp2) {
- fprintf(stderr, "Unable to open %s: %s\n", fn2, strerror(errno));
- exit(EXIT_FAILURE);
- }
- /* Read second zone */
- s = ldns_zone_new_frm_fp_l(&z2, fp2, NULL, 0,
- LDNS_RR_CLASS_IN, &line_nr2);
- if (s != LDNS_STATUS_OK) {
- ldns_zone_deep_free(z1);
- fclose(fp2);
- fprintf(stderr, "%s: %s at %d\n",
- fn2,
- ldns_get_errorstr_by_id(s),
- line_nr2);
- exit(EXIT_FAILURE);
- }
- fclose(fp2);
-
- rrl1 = ldns_zone_rrs(z1);
- rrc1 = ldns_rr_list_rr_count(rrl1);
-
- rrl2 = ldns_zone_rrs(z2);
- rrc2 = ldns_rr_list_rr_count(rrl2);
-
- if (sort) {
- /* canonicalize zone 1 */
- ldns_rr2canonical(ldns_zone_soa(z1));
- for (i = 0; i < ldns_rr_list_rr_count(ldns_zone_rrs(z1)); i++) {
- ldns_rr2canonical(ldns_rr_list_rr(ldns_zone_rrs(z1), i));
- }
- /* sort zone 1 */
- ldns_zone_sort(z1);
- /* canonicalize zone 2 */
- ldns_rr2canonical(ldns_zone_soa(z2));
- for (i = 0; i < ldns_rr_list_rr_count(ldns_zone_rrs(z2)); i++) {
- ldns_rr2canonical(ldns_rr_list_rr(ldns_zone_rrs(z2), i));
- }
- /* sort zone 2 */
- ldns_zone_sort(z2);
- }
-
- if(inc_soa) {
- ldns_rr_list* wsoa = ldns_rr_list_new();
- ldns_rr_list_push_rr(wsoa, ldns_zone_soa(z1));
- ldns_rr_list_cat(wsoa, rrl1);
- rrl1 = wsoa;
- rrc1 = ldns_rr_list_rr_count(rrl1);
- wsoa = ldns_rr_list_new();
- ldns_rr_list_push_rr(wsoa, ldns_zone_soa(z2));
- ldns_rr_list_cat(wsoa, rrl2);
- rrl2 = wsoa;
- rrc2 = ldns_rr_list_rr_count(rrl2);
- if(sort) {
- ldns_rr_list_sort(rrl1);
- ldns_rr_list_sort(rrl2);
- }
- }
-
- /*
- * Walk through both zones. The previously seen resource record is
- * kept (in the variable rrx) so that we can recognize when we are
- * handling a new owner name. If the owner name changes, we have to
- * set the operator again.
- */
- for (i = 0, j = 0; i < rrc1 || j < rrc2;) {
- rr_cmp = 0;
- if (i < rrc1 && j < rrc2) {
- rr1 = ldns_rr_list_rr(rrl1, i);
- rr2 = ldns_rr_list_rr(rrl2, j);
- rr_cmp = ldns_rr_compare(rr1, rr2);
-
- /* Completely skip if the rrs are equal */
- if (rr_cmp == 0) {
- i++;
- j++;
- continue;
- }
- rr_chg = ldns_dname_compare(ldns_rr_owner(rr1),
- ldns_rr_owner(rr2));
- } else if (i >= rrc1) {
- /* we have reached the end of zone 1, so the current record
- * from zone 2 automatically sorts higher
- */
- rr1 = NULL;
- rr2 = ldns_rr_list_rr(rrl2, j);
- rr_chg = rr_cmp = 1;
- } else if (j >= rrc2) {
- /* we have reached the end of zone 2, so the current record
- * from zone 1 automatically sorts lower
- */
- rr1 = ldns_rr_list_rr(rrl1, i);
- rr2 = NULL;
- rr_chg = rr_cmp = -1;
- }
- if (rr_cmp < 0) {
- i++;
- if ((rrx != NULL) && (ldns_dname_compare(ldns_rr_owner(rr1),
- ldns_rr_owner(rrx)
- ) != 0)) {
- /* The owner name is different, forget previous rr */
- rrx = NULL;
- }
- if (rrx == NULL) {
- if (rr_chg == 0) {
- num_chg++;
- op = OP_CHG;
- } else {
- num_del++;
- op = OP_DEL;
- }
- rrx = rr1;
- }
- if (((op == OP_DEL) && opt_deleted) ||
- ((op == OP_CHG) && opt_changed)) {
- printf("%c-", op);
- ldns_rr_print(stdout, rr1);
- }
- } else if (rr_cmp > 0) {
- j++;
- if ((rrx != NULL) && (ldns_dname_compare(ldns_rr_owner(rr2),
- ldns_rr_owner(rrx)
- ) != 0)) {
- rrx = NULL;
- }
- if (rrx == NULL) {
- if (rr_chg == 0) {
- num_chg++;
- op = OP_CHG;
- } else {
- num_ins++;
- op = OP_INS;
- }
- /* remember this rr for it's name in the next iteration */
- rrx = rr2;
- }
- if (((op == OP_INS) && opt_inserted) ||
- ((op == OP_CHG) && opt_changed)) {
- printf("%c+", op);
- ldns_rr_print(stdout, rr2);
- }
- }
- }
-
- printf("\t%c%u\t%c%u\t%c%u\n",
- OP_INS,
- (unsigned int) num_ins,
- OP_DEL,
- (unsigned int) num_del,
- OP_CHG,
- (unsigned int) num_chg);
-
- /* Free resources */
- if(inc_soa) {
- ldns_rr_list_free(rrl1);
- ldns_rr_list_free(rrl2);
- }
- ldns_zone_deep_free(z2);
- ldns_zone_deep_free(z1);
-
- return 0;
-}
+++ /dev/null
-.TH dpa 1 "1 Nov 2005"
-.SH NAME
-dpa \- DNS Packet Analyzer. Analyze DNS packets in ip trace files
-.SH SYNOPSIS
-.B dpa
-[
-.IR OPTION
-]
-.IR TRACEFILE
-
-.SH DESCRIPTION
-\fBdpa\fR is used to analyze dns packets in trace files. It has 3 main options: count, filter, and count uniques (i.e. count all different occurences).
-
-.SH OPTIONS
-.TP
-\fB-c\fR \fIexpressionlist\fR
-Count occurrences of matching expressions
-
-.TP
-\fB-f\fR \fIexpression\fR
-Filter: only process packets that match the expression
-
-.TP
-\fB-h\fR
-Show usage
-
-.TP
-\fB-p\fR
-Show the total number of correct DNS packets, and percentage of -u and
--c values (of the total of matching on the -f filter. if no filter is
-given, percentages are on all correct dns packets)
-
-.TP
-\fB-of\fR \fIfile\fR
-Write all packets that match the -f flag to file, as pcap data.
-
-.TP
-\fB-ofh\fR \fIfile\fR
-Write all packets that match the -f flag to file, in hexadecimal format,
-readable by drill.
-
-.TP
-\fB-s\fR
-Show possible match names
-
-.TP
-\fB-s\fR \fImatchname\fR
-show possible match operators and values for name
-
-.TP
-\fB-sf\fR
-Only evaluate packets (in representation format) that match the -f filter.
-If no -f was given, evaluate all correct dns packets.
-
-.TP
-\fB-u\fR \fImatchnamelist\fR
-Count every occurence of every value of the matchname (for instance, count all packetsizes, see EXAMPLES in ldns-dpa(1) ).
-
-.TP
-\fB-ua\fR
-For every matchname in -u, show the average value of all matches. Behaviour for match types that do not have an integer value is undefined.
-
-.TP
-\fB-uac\fR
-For every matchname in -u, show the average number of times this value was encountered.
-
-.TP
-\fB-um\fR \fInumber\fR
-Only show the results from -u for values that occurred more than <number> times.
-
-.TP
-\fB-v\fR \fIlevel\fR
-Set verbosity to level (1-5, 5 being the highest). Mostly used for debugging.
-
-.TP
-\fB-notip\fR \fIfile\fR
-Write packets that were not recognized as IP packets to file (as pcap data).
-
-.TP
-\fB-baddns\fR \fIfile\fR
-Write dns packets that were too mangled to parse to file (as pcap data).
-
-.TP
-\fB-version\fR
-Show version and exit
-
-.SH LIST AND MATCHES
-
-A <matchnamelist> is a comma separated list of match names (use -s to see possible match names).
-A <expressionlist> is a comma separated list of expressions.
-
-An expression has the following form:
-<expr>: (<expr>)
- <expr> | <expr>
- <expr> & <expr>
- <match>
-
-<match>: <matchname> <operator> <value>
-
-<operator>:
- = equal to <value>
- != not equal to <value>
- > greater than <value>
- < lesser than <value>
- >= greater than or equal to <value>
- <= lesser than or equal to <value>
- ~= contains <value>
-
-See the -s option for possible matchnames, operators and values.
-
-.SH EXAMPLES
-
-.TP
-ldns-dpa -u packetsize -p test.tr
-Count all different packetsizes in test.tr and show the precentages.
-
-.TP
-ldns-dpa -f "edns=1&qr=0" -of edns.tr test.tr
-Filter out all edns enable queries in test.tr and put them in edns.tr
-
-.TP
-ldns-dpa -f edns=1 -c tc=1 -u rcode test.tr
-For all edns packets, count the number of truncated packets and all their rcodes in test.tr.
-
-.TP
-ldns-dpa -c tc=1,qr=0,qr=1,opcode=QUERY test.tr
-For all packets, count the number of truncated packets, the number of packets with qr=0, the number of packets with qr=1 and the number of queries in test.tr.
-
-.TP
-ldns-dpa -u packetsize -ua test.tr
-Show all packet sizes and the average packet size per packet.
-
-.TP
-ldns-dpa -u srcaddress -uac test.tr
-Show all packet source addresses and the average number of packets sent from this address.
-
-.TP
-sudo tcpdump -i eth0 -s 0 -U -w - port 53 | ldns-dpa -f qr=0 -sf
-Print all query packets seen on the specified interface.
-
-
-.SH AUTHOR
-Written by Jelte Jansen for NLnetLabs.
-
-.SH REPORTING BUGS
-Report bugs to <jelte@nlnetlabs.nl>.
-
-.SH COPYRIGHT
-Copyright (C) 2005 NLnet Labs. This is free software. There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
-PURPOSE.
+++ /dev/null
-/*
- * ldns-dpa inspects the (udp) DNS packets found in a pcap file
- * and provides statistics about them
- *
- * (C) NLnet Labs 2006 - 2008
- *
- * See the file LICENSE for the license
- */
-#include "config.h"
-
-#include <ldns/ldns.h>
-
-#ifdef HAVE_PCAP_H
-#ifdef HAVE_LIBPCAP
-
-#ifdef HAVE_NETINET_IP6_H
-#include <netinet/ip6.h>
-#endif
-#include <errno.h>
-
-#ifndef IP_OFFMASK
-#define IP_OFFMASK 0x1fff
-#endif
-
-int verbosity = 1;
-
-#define ETHER_HEADER_LENGTH 14
-#define UDP_HEADER_LENGTH 8
-#define IP6_HEADER_LENGTH 40
-
-/* some systems don't have this? */
-#ifndef ETHERTYPE_IPV6
-#define ETHERTYPE_IPV6 0x86dd
-#endif
-
-#define MAX_MATCHES 20
-#define MAX_OPERATORS 7
-
-
-/* global options */
-bool show_filter_matches = false;
-size_t total_nr_of_dns_packets = 0;
-size_t total_nr_of_filtered_packets = 0;
-size_t not_ip_packets = 0;
-size_t bad_dns_packets = 0;
-size_t arp_packets = 0;
-size_t udp_packets = 0;
-size_t tcp_packets = 0;
-size_t fragmented_packets = 0;
-size_t lost_packet_fragments = 0;
-FILE *hexdumpfile = NULL;
-pcap_dumper_t *dumper = NULL;
-pcap_dumper_t *not_ip_dump = NULL;
-pcap_dumper_t *bad_dns_dump = NULL;
-
-
-struct
-fragment_part {
- uint16_t ip_id;
- uint8_t data[65536];
- size_t cur_len;
-};
-
-struct fragment_part *fragment_p;
-
-/* To add a match,
- * - add it to the enum
- * - add it to the table_matches const
- * - add a handler to value_matches
- * - tell in get_string_value() where in the packet the data lies
- * - add to parser?
- * - add to show_match_ function
- */
-enum enum_match_ids {
- MATCH_ID,
- MATCH_OPCODE,
- MATCH_RCODE,
- MATCH_PACKETSIZE,
- MATCH_QR,
- MATCH_TC,
- MATCH_AD,
- MATCH_CD,
- MATCH_RD,
- MATCH_EDNS,
- MATCH_EDNS_PACKETSIZE,
- MATCH_DO,
- MATCH_QUESTION_SIZE,
- MATCH_ANSWER_SIZE,
- MATCH_AUTHORITY_SIZE,
- MATCH_ADDITIONAL_SIZE,
- MATCH_SRC_ADDRESS,
- MATCH_DST_ADDRESS,
- MATCH_TIMESTAMP,
- MATCH_QUERY,
- MATCH_QTYPE,
- MATCH_QNAME,
- MATCH_ANSWER,
- MATCH_AUTHORITY,
- MATCH_ADDITIONAL,
- MATCH_LAST
-};
-typedef enum enum_match_ids match_id;
-
-enum enum_counter_types {
- TYPE_INT,
- TYPE_BOOL,
- TYPE_OPCODE,
- TYPE_RCODE,
- TYPE_STRING,
- TYPE_TIMESTAMP,
- TYPE_ADDRESS,
- TYPE_RR,
- TYPE_RR_TYPE,
- TYPE_LAST
-};
-typedef enum enum_counter_types counter_type;
-
-const ldns_lookup_table lt_types[] = {
- {TYPE_INT, "int" },
- {TYPE_BOOL, "bool" },
- {TYPE_OPCODE, "opcode" },
- {TYPE_RCODE, "rcode" },
- {TYPE_STRING, "string" },
- {TYPE_TIMESTAMP, "timestamp" },
- {TYPE_ADDRESS, "address" },
- {TYPE_RR, "rr" },
- { 0, NULL }
-};
-
-enum enum_type_operators {
- OP_EQUAL,
- OP_NOTEQUAL,
- OP_GREATER,
- OP_LESSER,
- OP_GREATEREQUAL,
- OP_LESSEREQUAL,
- OP_CONTAINS,
- OP_LAST
-};
-typedef enum enum_type_operators type_operator;
-
-const ldns_lookup_table lt_operators[] = {
- { OP_EQUAL, "=" },
- { OP_NOTEQUAL, "!=" },
- { OP_GREATER, ">" },
- { OP_LESSER, "<" },
- { OP_GREATEREQUAL, ">=" },
- { OP_LESSEREQUAL, "<=" },
- { OP_CONTAINS, "~=" },
- { 0, NULL }
-};
-
-static const char *get_op_str(type_operator op) {
- const ldns_lookup_table *lt;
- lt = ldns_lookup_by_id((ldns_lookup_table *) lt_operators, op);
- if (lt) {
- return lt->name;
- } else {
- fprintf(stderr, "Unknown operator id: %u\n", op);
- exit(1);
- }
-}
-
-static type_operator
-get_op_id(char *op_str)
-{
- const ldns_lookup_table *lt;
- lt = ldns_lookup_by_name((ldns_lookup_table *) lt_operators, op_str);
- if (lt) {
- return (type_operator) lt->id;
- } else {
- fprintf(stderr, "Unknown operator: %s\n", op_str);
- exit(1);
- }
-}
-
-struct struct_type_operators {
- counter_type type;
- size_t operator_count;
- type_operator operators[10];
-};
-typedef struct struct_type_operators type_operators;
-
-const type_operators const_type_operators[] = {
- { TYPE_INT, 6, { OP_EQUAL, OP_NOTEQUAL, OP_GREATER, OP_LESSER, OP_GREATEREQUAL, OP_LESSEREQUAL, 0, 0, 0, 0 } },
- { TYPE_BOOL, 2, { OP_EQUAL, OP_NOTEQUAL, 0, 0, 0, 0, 0, 0, 0, 0} },
- { TYPE_OPCODE, 2, { OP_EQUAL, OP_NOTEQUAL, 0, 0, 0, 0, 0, 0, 0, 0} },
- { TYPE_RCODE, 2, { OP_EQUAL, OP_NOTEQUAL, 0, 0, 0, 0, 0, 0, 0, 0} },
- { TYPE_STRING, 3, { OP_EQUAL, OP_NOTEQUAL, OP_CONTAINS, 0, 0, 0, 0, 0, 0, 0} },
- { TYPE_TIMESTAMP, 6, { OP_EQUAL, OP_NOTEQUAL, OP_GREATER, OP_LESSER, OP_GREATEREQUAL, OP_LESSEREQUAL, 0, 0, 0, 0 } },
- { TYPE_ADDRESS, 3, { OP_EQUAL, OP_NOTEQUAL, OP_CONTAINS, 0, 0, 0, 0, 0, 0, 0} },
- { TYPE_RR, 3, { OP_EQUAL, OP_NOTEQUAL, OP_CONTAINS, 0, 0, 0, 0, 0, 0, 0} },
- { TYPE_RR_TYPE, 6, { OP_EQUAL, OP_NOTEQUAL, OP_GREATER, OP_LESSER, OP_GREATEREQUAL, OP_LESSEREQUAL, 0, 0, 0, 0 } },
- { 0, 0, { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 } }
-};
-
-const type_operators *
-get_type_operators(counter_type type) {
- const type_operators *to = const_type_operators;
- while (to) {
- if (to->type == type) {
- return to;
- }
- to++;
- }
- return NULL;
-}
-
-struct struct_match_table {
- match_id id;
- const char *name;
- const char *description;
- const counter_type type;
-};
-typedef struct struct_match_table match_table;
-
-/* order of entries has been changed after gprof analysis, and reasoning
- * about the uses of -u arguments
- */
-const match_table matches[] = {
- { MATCH_QUERY, "query", "String representation of the query RR", TYPE_RR },
- { MATCH_QTYPE, "qtype", "RR Type of the question RR, if present", TYPE_RR_TYPE },
- { MATCH_QNAME, "qname", "Owner name of the question RR, if present", TYPE_STRING },
- { MATCH_SRC_ADDRESS, "srcaddress", "address the packet was sent from", TYPE_ADDRESS },
- { MATCH_TIMESTAMP, "timestamp", "time the packet was sent", TYPE_TIMESTAMP },
- { MATCH_DST_ADDRESS, "dstaddress", "address the packet was sent to", TYPE_ADDRESS },
- { MATCH_EDNS_PACKETSIZE, "edns-packetsize", "packets size specified in edns rr", TYPE_INT },
- { MATCH_ID, "id", "id of the packet", TYPE_INT },
- { MATCH_OPCODE, "opcode", "opcode of packet (rfc1035)", TYPE_OPCODE },
- { MATCH_RCODE, "rcode", "response code of packet", TYPE_RCODE },
- { MATCH_PACKETSIZE, "packetsize", "size of packet in bytes", TYPE_INT },
- { MATCH_QR, "qr", "value of qr bit", TYPE_BOOL },
- { MATCH_TC, "tc", "value of tc bit", TYPE_BOOL },
- { MATCH_AD, "ad", "value of ad bit", TYPE_BOOL },
- { MATCH_CD, "cd", "value of cd bit", TYPE_BOOL },
- { MATCH_RD, "rd", "value of rd bit", TYPE_BOOL },
- { MATCH_EDNS, "edns", "existence of edns rr", TYPE_BOOL },
- { MATCH_DO, "do", "value of do bit", TYPE_BOOL },
- { MATCH_QUESTION_SIZE, "questionsize", "number of rrs in the question section", TYPE_INT },
- { MATCH_ANSWER_SIZE, "answersize", "number of rrs in the answer section", TYPE_INT },
- { MATCH_AUTHORITY_SIZE, "authoritysize", "number of rrs in the authority section", TYPE_INT },
- { MATCH_ADDITIONAL_SIZE, "additionalsize", "number of rrs in the additional section", TYPE_INT },
- { MATCH_ANSWER, "answer", "String representation of the answer RRs", TYPE_RR },
- { MATCH_AUTHORITY, "authority", "String representation of the authority RRs", TYPE_RR },
- { MATCH_ADDITIONAL, "additional", "String representation of the additional RRs", TYPE_RR },
- { 0, NULL , NULL, TYPE_INT}
-};
-
-enum enum_match_expression_operators {
- MATCH_EXPR_OR,
- MATCH_EXPR_AND,
- MATCH_EXPR_LEAF
-};
-typedef enum enum_match_expression_operators match_expression_operator;
-
-struct struct_match_operation {
- match_id id;
- type_operator operator;
- char *value;
-};
-typedef struct struct_match_operation match_operation;
-
-typedef struct struct_match_expression match_expression;
-struct struct_match_expression {
- /* and or or, or leaf (in which case there are no subtrees, but only a match_table */
- match_expression_operator op;
- match_expression *left;
- match_expression *right;
- match_operation *match;
- size_t count;
-};
-
-typedef struct struct_match_counters match_counters;
-struct struct_match_counters {
-/*
- match_expression **counter;
- size_t size;
-*/
- match_expression *match;
- match_counters *left;
- match_counters *right;
-};
-
-match_table *
-get_match_by_name(char *name) {
- match_table *mt = (match_table *) matches;
- if (name) {
- while (mt->name != NULL) {
- if (strcasecmp(name, mt->name) == 0) {
- return mt;
- }
- mt++;
- }
- }
- return NULL;
-}
-
-static match_table *
-get_match_by_id(match_id id) {
- match_table *mt = (match_table *) matches;
-
- while (mt->name != NULL) {
- if (mt->id == id) {
- return mt;
- }
- mt++;
- }
- return NULL;
-}
-
-static const char *
-get_match_name_str(match_id id) {
- match_table *mt = get_match_by_id(id);
- if (mt) {
- return mt->name;
- } else {
- fprintf(stderr, "Unknown match id: %u\n", id);
- exit(1);
- return "Unknown match id";
- }
-}
-
-static void
-print_match_operation(FILE *output, match_operation *mc)
-{
- match_table *mt = NULL;
- ldns_lookup_table *lt;
- struct timeval time;
- time_t time_tt;
- int value;
- size_t pos;
- char *tmp, *tmp2;
-
- if (mc) {
- mt = get_match_by_id(mc->id);
-
- if (mt) {
- fprintf(output, "%s %s ",mt->name, get_op_str(mc->operator));
-
- switch (mt->type) {
- case TYPE_INT:
- case TYPE_STRING:
- case TYPE_ADDRESS:
- case TYPE_RR:
- fprintf(output, "'%s'", mc->value);
- break;
- case TYPE_BOOL:
- if (strncmp(mc->value, "1", 2) == 0) {
- fprintf(output,"'true'");
- } else {
- fprintf(output,"'false'");
- }
- break;
- case TYPE_OPCODE:
- value = atoi(mc->value);
- lt = ldns_lookup_by_id(ldns_opcodes, value);
- if (lt) {
- fprintf(output, "%s", lt->name);
- } else {
- fprintf(output, "%s", mc->value);
- }
- break;
- case TYPE_RCODE:
- value = atoi(mc->value);
- lt = ldns_lookup_by_id(ldns_rcodes, value);
- if (lt) {
- fprintf(output, "%s", lt->name);
- } else {
- fprintf(output, "%s", mc->value);
- }
- break;
- case TYPE_TIMESTAMP:
-#ifndef S_SPLINT_S
- time.tv_sec = (long int) atol(mc->value);
-#endif
- time_tt = (time_t)time.tv_sec;
- tmp = ctime(&time_tt);
- tmp2 = malloc(strlen(tmp) + 1);
- for (pos = 0; pos < strlen(tmp); pos++) {
- if (tmp[pos] == '\n') {
- tmp2[pos] = '\0';
- } else {
- tmp2[pos] = tmp[pos];
- }
- }
- tmp2[pos] = '\0';
- fprintf(output, "%s", tmp2);
- free(tmp2);
- break;
- default:
- fprintf(output, "'%s'", mc->value);
- }
-
- } else {
- fprintf(output, "%u %s '%s'", mc->id, get_op_str(mc->operator), mc->value);
- }
- } else {
- fprintf(output, "(nil)");
- }
-}
-
-static void
-print_match_expression(FILE *output, match_expression *expr)
-{
- if (expr) {
- switch (expr->op) {
- case MATCH_EXPR_OR:
- fprintf(output, "(");
- print_match_expression(output, expr->left);
- fprintf(output, " | ");
- print_match_expression(output, expr->right);
- fprintf(output, ")");
- break;
- case MATCH_EXPR_AND:
- fprintf(output, "(");
- print_match_expression(output, expr->left);
- fprintf(output, " & ");
- print_match_expression(output, expr->right);
- fprintf(output, ")");
- break;
- case MATCH_EXPR_LEAF:
- print_match_operation(output, expr->match);
- break;
- default:
-/*
- fprintf(output, "ERROR PRINTING MATCH: unknown op: %u\n", expr->op);
- exit(1);
-*/
- fprintf(output, "(");
-if (expr->left) {
- print_match_expression(output, expr->left);
-}
- fprintf(output, " ? ");
-if (expr->right) {
- print_match_expression(output, expr->right);
-}
- fprintf(output, ") _");
-if (expr->match) {
- print_match_operation(output, expr->match);
-}
-fprintf(output, "_");
- }
- } else {
- printf("(nil)");
- }
-}
-
-static void
-print_counters(FILE *output, match_counters *counters, bool show_percentages, size_t total, int count_minimum)
-{
- double percentage;
-
- if (!counters || !output) {
- return;
- }
-
- if (counters->left) {
- print_counters(output, counters->left, show_percentages, total, count_minimum);
- }
- if (counters->match) {
- if (count_minimum < (int) counters->match->count) {
- print_match_expression(output, counters->match);
- printf(": %u", (unsigned int) counters->match->count);
- if (show_percentages) {
- percentage = (double) counters->match->count / (double) total * 100.0;
- printf(" (%.2f%%)", percentage);
- }
- printf("\n");
- }
- }
- if (counters->right) {
- print_counters(output, counters->right, show_percentages, total, count_minimum);
- }
-
- return;
-}
-
-static void
-ldns_pkt2file_hex(FILE *fp, const ldns_pkt *pkt)
-{
- uint8_t *wire;
- size_t size, i;
- ldns_status status;
-
- status = ldns_pkt2wire(&wire, pkt, &size);
-
- if (status != LDNS_STATUS_OK) {
- fprintf(stderr, "Unable to convert packet: error code %u", status);
- return;
- }
-
- fprintf(fp, "; 0");
- for (i = 1; i < 20; i++) {
- fprintf(fp, " %2u", (unsigned int) i);
- }
- fprintf(fp, "\n");
- fprintf(fp, ";--");
- for (i = 1; i < 20; i++) {
- fprintf(fp, " --");
- }
- fprintf(fp, "\n");
- for (i = 0; i < size; i++) {
- if (i % 20 == 0 && i > 0) {
- fprintf(fp, "\t; %4u-%4u\n", (unsigned int) i-19, (unsigned int) i);
- }
- fprintf(fp, " %02x", (unsigned int)wire[i]);
- }
- fprintf(fp, "\n\n");
-}
-
-/*
- * Calculate the total for all match operations with the same id as this one
- * (if they are 'under' this one in the tree, which should be the case in
- * the unique counter tree
- */
-static size_t
-calculate_total_value(match_counters *counters, match_operation *cur)
-{
- size_t result = 0;
-
- if (!counters) {
- return 0;
- }
-
- if (counters->match->match->id == cur->id) {
- result = (size_t) atol(counters->match->match->value) * counters->match->count;
- }
-
- if (counters->left) {
- result += calculate_total_value(counters->left, cur);
- }
- if (counters->right) {
- result += calculate_total_value(counters->right, cur);
- }
-
- return result;
-}
-
-static size_t
-calculate_total_count_matches(match_counters *counters, match_operation *cur)
-{
- size_t result = 0;
-
- if (!counters) {
- return 0;
- }
-
- if (counters->match->match->id == cur->id) {
- result = 1;
- }
-
- if (counters->left) {
- /* In some cases, you don't want the number of actual
- counted matches, for instance when calculating the
- average number of queries per second. In this case
- you want the number of seconds */
- if (cur->id == MATCH_TIMESTAMP) {
- result += (size_t) abs((int) (atol(counters->match->match->value) - atol(counters->left->match->match->value))) - 1;
- }
- result += calculate_total_count_matches(counters->left, cur);
- }
- if (counters->right) {
- if (cur->id == MATCH_TIMESTAMP) {
- result += (size_t) abs((int) (atol(counters->right->match->match->value) - atol(counters->match->match->value))) - 1;
- }
- result += calculate_total_count_matches(counters->right, cur);
- }
-
- return result;
-}
-
-/**
- * Returns true if there is a previous match operation with the given type
- * in the counters structure
- */
-static bool
-has_previous_match(match_counters *counters, match_operation *cur)
-{
- if (!counters) {
- return false;
- }
-
- if (counters->left) {
- if (counters->left->match->match->id == cur->id) {
- return true;
- } else if (has_previous_match(counters->left, cur)) {
- return true;
- } else if (counters->left->right) {
- if (counters->left->right->match->match->id == cur->id) {
- return true;
- } else if (has_previous_match(counters->left->right, cur)) {
- return true;
- }
- }
- }
- return false;
-}
-
-/**
- * Returns true if there is a later match operation with the given type
- * in the counters structure
- */
-static bool
-has_next_match(match_counters *counters, match_operation *cur)
-{
- if (!counters) {
- return false;
- }
-
- if (counters->right) {
- if (counters->right->match->match->id == cur->id) {
- return true;
- } else if (has_next_match(counters->right, cur)) {
- return true;
- } else if (counters->right->left) {
- if (counters->right->left->match->match->id == cur->id) {
- return true;
- } else if (has_next_match(counters->right->left, cur)) {
- return true;
- }
- }
- }
- return false;
-}
-
-/**
- * Returns the first match with the same type at *cur in
- * the counter list, or NULL if it is not found
- */
-static match_expression *
-get_first_match_expression(match_counters *counters, match_operation *cur)
-{
- if (!counters) {
- return NULL;
- }
-
- if (has_previous_match(counters, cur)) {
- return get_first_match_expression(counters->left, cur);
- } else if (counters->match->match->id == cur->id) {
- return counters->match;
- } else if (counters->right) {
- return get_first_match_expression(counters->right, cur);
- } else {
- return NULL;
- }
-}
-
-/**
- * Returns the second match expression with the same type at *cur in
- * the counter list, or NULL if it is not found
- */
-static match_expression *
-get_second_match_expression(match_counters *counters, match_operation *cur)
-{
- if (!counters) {
- return NULL;
- }
-
- if (has_previous_match(counters, cur)) {
- if (has_previous_match(counters->left, cur)) {
- return get_second_match_expression(counters->left, cur);
- } else {
- return counters->left->match;
- }
-/*
- } else if (counters->match->match->id == cur->id) {
- return counters->match->match->value;
-*/ } else if (counters->right) {
- return get_first_match_expression(counters->right, cur);
- } else {
- return NULL;
- }
-}
-
-/**
- * Returns the last match expression with the same type at *cur in
- * the counter list, or NULL if it is not found
- */
-static match_expression *
-get_last_match_expression(match_counters *counters, match_operation *cur)
-{
- if (!counters) {
- return NULL;
- }
-
- if (has_next_match(counters, cur)) {
- return get_last_match_expression(counters->right, cur);
- } else if (counters->match->match->id == cur->id) {
- return counters->match;
- } else if (counters->left) {
- return get_last_match_expression(counters->left, cur);
- } else {
- return NULL;
- }
-}
-
-/**
- * Returns the last but one match expression with the same type at *cur in
- * the counter list, or NULL if it is not found
- */
-static match_expression *
-get_last_but_one_match_expression(match_counters *counters, match_operation *cur)
-{
- if (!counters) {
- return NULL;
- }
-
- if (has_next_match(counters, cur)) {
- if (has_next_match(counters->right, cur)) {
- return get_last_but_one_match_expression(counters->right, cur);
- } else {
- return counters->match;
- }
-/*
- } else if (counters->match->match->id == cur->id) {
- return counters->match->match->value;
-*/ } else if (counters->left) {
- return get_last_match_expression(counters->right, cur);
- } else {
- return NULL;
- }
-}
-
-static size_t
-get_first_count(match_counters *counters, match_operation *cur)
-{
- match_expression *o = get_first_match_expression(counters, cur);
- if (o) {
- return o->count;
- } else {
- return 0;
- }
-}
-
-static size_t
-get_last_count(match_counters *counters, match_operation *cur)
-{
- match_expression *o = get_last_match_expression(counters, cur);
- if (o) {
- return o->count;
- } else {
- return 0;
- }
-}
-
-
-static size_t
-calculate_total_count(match_counters *counters, match_operation *cur)
-{
- size_t result = 0;
-
- if (!counters) {
- return 0;
- }
-
- if (counters->match->match->id == cur->id) {
- result = counters->match->count;
- }
-
- if (counters->left) {
- result += calculate_total_count(counters->left, cur);
- }
- if (counters->right) {
- result += calculate_total_count(counters->right, cur);
- }
-
- return result;
-}
-
-static void
-print_counter_averages(FILE *output, match_counters *counters, match_operation *cur)
-{
- size_t total_value;
- size_t total_count;
- match_table *mt;
-
- if (!counters || !output) {
- return;
- }
-
- if (!cur) {
- cur = counters->match->match;
- mt = get_match_by_id(cur->id);
- total_value = calculate_total_value(counters, cur);
- total_count = calculate_total_count(counters, cur);
- printf("Average for %s: (%u / %u) %.02f\n", mt->name, (unsigned int) total_value, (unsigned int) total_count, (float) total_value / (float) total_count);
- if (counters->left) {
- print_counter_averages(output, counters->left, cur);
- }
- if (counters->right) {
- print_counter_averages(output, counters->right, cur);
- }
- } else {
- if (counters->left) {
- if (counters->left->match->match->id != cur->id) {
- print_counter_averages(output, counters->left, NULL);
- }
- }
- if (counters->right) {
- if (counters->right->match->match->id != cur->id) {
- print_counter_averages(output, counters->right, NULL);
- }
- }
- }
-
- return;
-}
-
-static void
-print_counter_average_count(FILE *output, match_counters *counters, match_operation *cur, bool remove_first_last)
-{
- size_t total_matches;
- size_t total_count;
- match_table *mt;
-
- if (!counters || !output) {
- return;
- }
-
- if (!cur) {
- cur = counters->match->match;
- mt = get_match_by_id(cur->id);
- total_matches = calculate_total_count_matches(counters, cur);
- total_count = calculate_total_count(counters, cur);
- /* Remove the first and last for instance for timestamp average counts (half seconds drag down the average) */
- if (remove_first_last) {
- total_count -= get_first_count(counters, cur);
- total_count -= get_last_count(counters, cur);
- printf("Removing first count from average: %u\n", (unsigned int) get_first_count(counters,cur));
- printf("Removing last count from average: %u\n", (unsigned int) get_last_count(counters,cur));
- /* in the case where we count the differences between match values too
- * (like with timestamps) we need to subtract from the match count too
- */
- if (cur->id == MATCH_TIMESTAMP) {
- if (get_first_match_expression(counters, cur) && get_second_match_expression(counters, cur)) {
- total_matches -= atol(get_second_match_expression(counters, cur)->match->value) - atol(get_first_match_expression(counters, cur)->match->value);
- }
- if (get_last_match_expression(counters, cur) && get_last_but_one_match_expression(counters, cur)) {
- total_matches -= atol(get_last_match_expression(counters, cur)->match->value) - atol(get_last_but_one_match_expression(counters, cur)->match->value);
- }
- } else {
- total_matches -= 2;
- }
- }
- printf("Average count for %s: (%u / %u) %.02f\n", mt->name, (unsigned int) total_count, (unsigned int) total_matches, (float) total_count / (float) total_matches);
- if (counters->left) {
- print_counter_averages(output, counters->left, cur);
- }
- if (counters->right) {
- print_counter_averages(output, counters->right, cur);
- }
- } else {
- if (counters->left) {
- if (counters->left->match->match->id != cur->id) {
- print_counter_averages(output, counters->left, NULL);
- }
- }
- if (counters->right) {
- if (counters->right->match->match->id != cur->id) {
- print_counter_averages(output, counters->right, NULL);
- }
- }
- }
-
- return;
-}
-
-static bool
-match_int(type_operator operator,
- char *value,
- char *mvalue)
-{
- int a, b;
-
- if (!value || !mvalue) {
- return false;
- }
-
- a = atoi(value);
- b = atoi(mvalue);
-
- switch (operator) {
- case OP_EQUAL:
- return a == b;
- break;
- case OP_NOTEQUAL:
- return a != b;
- break;
- case OP_GREATER:
- return a > b;
- break;
- case OP_LESSER:
- return a < b;
- break;
- case OP_GREATEREQUAL:
- return a >= b;
- break;
- case OP_LESSEREQUAL:
- return a <= b;
- break;
- default:
- fprintf(stderr, "Unknown operator: %u\n", operator);
- exit(2);
- }
-}
-
-static bool
-match_opcode(type_operator operator,
- char *value,
- char *mvalue)
-{
- ldns_pkt_opcode a, b;
- int i;
- ldns_lookup_table *lt;
-
- /* try parse name first, then parse as int */
- lt = ldns_lookup_by_name(ldns_opcodes, value);
- if (lt) {
- a = lt->id;
- } else {
- i = atoi(value);
- if (i >= 0 && !isdigit(value[0]) == 0) {
- lt = ldns_lookup_by_id(ldns_opcodes, i);
- if (lt) {
- a = lt->id;
- } else {
- fprintf(stderr, "Unknown opcode: %s\n", value);
- exit(1);
- return false;
- }
- } else {
- fprintf(stderr, "Unknown opcode: %s\n", value);
- exit(1);
- return false;
- }
- }
-
- lt = ldns_lookup_by_name(ldns_opcodes, mvalue);
- if (lt) {
- b = lt->id;
- } else {
- i = atoi(mvalue);
- if (i >= 0 && !isdigit(mvalue[0]) == 0) {
- lt = ldns_lookup_by_id(ldns_opcodes, i);
- if (lt) {
- b = lt->id;
- } else {
- fprintf(stderr, "Unknown opcode: %s\n", mvalue);
- exit(1);
- return false;
- }
- } else {
- fprintf(stderr, "Unknown opcode: %s\n", mvalue);
- exit(1);
- return false;
- }
- }
-
- switch(operator) {
- case OP_EQUAL:
- return a == b;
- break;
- case OP_NOTEQUAL:
- return a != b;
- break;
- default:
- fprintf(stderr, "Error bad operator for opcode: %s\n", get_op_str(operator));
- return false;
- break;
- }
-}
-
-static bool
-match_str(type_operator operator,
- char *value,
- char *mvalue)
-{
- char *valuedup, *mvaluedup;
- size_t i;
- bool result;
-
- if (operator == OP_CONTAINS) {
- /* strcasestr is not C89
- return strcasestr(value, mvalue) != 0;
- */
- valuedup = strdup(value);
- mvaluedup = strdup(mvalue);
- for (i = 0; i < strlen(valuedup); i++) {
- valuedup[i] = tolower(valuedup[i]);
- }
- for (i = 0; i < strlen(mvaluedup); i++) {
- mvaluedup[i] = tolower(mvaluedup[i]);
- }
- result = strstr(valuedup, mvaluedup) != 0;
- free(valuedup);
- free(mvaluedup);
- return result;
- } else if (operator == OP_EQUAL) {
- return strcmp(value, mvalue) == 0;
- } else {
- return strcmp(value, mvalue) != 0;
- }
-}
-
-static bool
-match_rr_type(type_operator operator,
- char *value,
- char *mvalue)
-{
- ldns_rr_type a,b;
-
- a = ldns_get_rr_type_by_name(value);
- b = ldns_get_rr_type_by_name(mvalue);
-
- switch (operator) {
- case OP_EQUAL:
- return a == b;
- break;
- case OP_NOTEQUAL:
- return a != b;
- break;
- case OP_GREATER:
- return a > b;
- break;
- case OP_LESSER:
- return a < b;
- break;
- case OP_GREATEREQUAL:
- return a >= b;
- break;
- case OP_LESSEREQUAL:
- return a <= b;
- break;
- default:
- fprintf(stderr, "Unknown operator: %u\n", operator);
- exit(2);
- }
-}
-
-static bool
-match_rcode(type_operator operator,
- char *value,
- char *mvalue)
-{
- int a, b;
- int i;
- ldns_lookup_table *lt;
-
- /* try parse name first, then parse as int */
- lt = ldns_lookup_by_name(ldns_rcodes, value);
- if (lt) {
- a = lt->id;
- } else {
- i = atoi(value);
- if (i >= 0 && !isdigit(value[0]) == 0) {
- lt = ldns_lookup_by_id(ldns_rcodes, i);
- if (lt) {
- a = lt->id;
- } else {
- fprintf(stderr, "Unknown rcode: %s\n", value);
- exit(1);
- return false;
- }
- } else {
- fprintf(stderr, "Unknown rcode: %s\n", value);
- exit(1);
- return false;
- }
- }
-
- lt = ldns_lookup_by_name(ldns_rcodes, mvalue);
- if (lt) {
- b = lt->id;
- } else {
- i = atoi(mvalue);
-
- if (i >= 0 && !isdigit(mvalue[0]) == 0) {
- lt = ldns_lookup_by_id(ldns_rcodes, i);
- if (lt) {
- b = lt->id;
- } else {
- fprintf(stderr, "Unknown rcode: %s\n", mvalue);
- exit(1);
- return false;
- }
- } else {
- fprintf(stderr, "Unknown rcode: %s\n", mvalue);
- exit(1);
- return false;
- }
- }
-
- switch(operator) {
- case OP_EQUAL:
- return a == b;
- break;
- case OP_NOTEQUAL:
- return a != b;
- break;
- default:
- fprintf(stderr, "Error bad operator for rcode: %s\n", get_op_str(operator));
- return false;
- break;
- }
-}
-
-static bool
-value_matches(match_id id,
- type_operator operator,
- char *value,
- char *mvalue)
-{
- int result;
-
- if (verbosity >= 5) {
- printf("Match %s: %s %s %s: ", get_match_name_str(id), value, get_op_str(operator), mvalue);
- }
- switch(id) {
- case MATCH_OPCODE:
- result = match_opcode(operator, value, mvalue);
- break;
- case MATCH_RCODE:
- result = match_rcode(operator, value, mvalue);
- break;
- case MATCH_ID:
- case MATCH_QR:
- case MATCH_TC:
- case MATCH_AD:
- case MATCH_CD:
- case MATCH_RD:
- case MATCH_DO:
- case MATCH_PACKETSIZE:
- case MATCH_EDNS:
- case MATCH_EDNS_PACKETSIZE:
- case MATCH_QUESTION_SIZE:
- case MATCH_ANSWER_SIZE:
- case MATCH_AUTHORITY_SIZE:
- case MATCH_ADDITIONAL_SIZE:
- case MATCH_TIMESTAMP:
- result = match_int(operator, value, mvalue);
- break;
- case MATCH_QUERY:
- case MATCH_QNAME:
- case MATCH_ANSWER:
- case MATCH_AUTHORITY:
- case MATCH_ADDITIONAL:
- result = match_str(operator, value, mvalue);
- break;
- case MATCH_SRC_ADDRESS:
- case MATCH_DST_ADDRESS:
- result = match_str(operator, value, mvalue);
- break;
- case MATCH_QTYPE:
- result = match_rr_type(operator, value, mvalue);
- break;
- default:
- fprintf(stderr, "Error: value_matches() for operator %s not implemented yet.\n", get_op_str((type_operator) id));
- exit(3);
- }
- if (verbosity >= 5) {
- if (result) {
- printf("true\n");
- } else {
- printf("false\n");
- }
- }
- return result;
-}
-
-static char *
-get_string_value(match_id id, ldns_pkt *pkt, ldns_rdf *src_addr, ldns_rdf *dst_addr)
-{
- char *val;
- match_table *mt;
- size_t valsize = 100;
-
- val = malloc(valsize);
- memset(val, 0, valsize);
-
- switch(id) {
- case MATCH_QR:
- snprintf(val, valsize, "%u", (unsigned int) ldns_pkt_qr(pkt));
- break;
- case MATCH_ID:
- snprintf(val, valsize, "%u", (unsigned int) ldns_pkt_id(pkt));
- break;
- case MATCH_OPCODE:
- snprintf(val, valsize, "%u", (unsigned int) ldns_pkt_get_opcode(pkt));
- break;
- case MATCH_RCODE:
- snprintf(val, valsize, "%u", (unsigned int) ldns_pkt_get_rcode(pkt));
- break;
- case MATCH_PACKETSIZE:
- snprintf(val, valsize, "%u", (unsigned int) ldns_pkt_size(pkt));
- break;
- case MATCH_TC:
- snprintf(val, valsize, "%u", (unsigned int) ldns_pkt_tc(pkt));
- break;
- case MATCH_AD:
- snprintf(val, valsize, "%u", (unsigned int) ldns_pkt_ad(pkt));
- break;
- case MATCH_CD:
- snprintf(val, valsize, "%u", (unsigned int) ldns_pkt_cd(pkt));
- break;
- case MATCH_RD:
- snprintf(val, valsize, "%u", (unsigned int) ldns_pkt_rd(pkt));
- break;
- case MATCH_EDNS:
- snprintf(val, valsize, "%u", (unsigned int) ldns_pkt_edns(pkt));
- break;
- case MATCH_EDNS_PACKETSIZE:
- snprintf(val, valsize, "%u", (unsigned int) ldns_pkt_edns_udp_size(pkt));
- break;
- case MATCH_DO:
- snprintf(val, valsize, "%u", (unsigned int) ldns_pkt_edns_do(pkt));
- break;
- case MATCH_QUESTION_SIZE:
- snprintf(val, valsize, "%u", (unsigned int) ldns_pkt_qdcount(pkt));
- break;
- case MATCH_ANSWER_SIZE:
- snprintf(val, valsize, "%u", (unsigned int) ldns_pkt_ancount(pkt));
- break;
- case MATCH_AUTHORITY_SIZE:
- snprintf(val, valsize, "%u", (unsigned int) ldns_pkt_nscount(pkt));
- break;
- case MATCH_ADDITIONAL_SIZE:
- snprintf(val, valsize, "%u", (unsigned int) ldns_pkt_arcount(pkt));
- break;
- case MATCH_SRC_ADDRESS:
- free(val);
- val = ldns_rdf2str(src_addr);
- break;
- case MATCH_DST_ADDRESS:
- free(val);
- val = ldns_rdf2str(dst_addr);
- break;
- case MATCH_TIMESTAMP:
- snprintf(val, valsize, "%u", (unsigned int) ldns_pkt_timestamp(pkt).tv_sec);
- break;
- case MATCH_QUERY:
- if (ldns_pkt_qdcount(pkt) > 0) {
- free(val);
- val = ldns_rr2str(ldns_rr_list_rr(ldns_pkt_question(pkt), 0));
- /* replace \n for nicer printing later */
- if (strchr(val, '\n')) {
- *(strchr(val, '\n')) = '\0';
- }
- } else {
- val[0] = '\0';
- }
- break;
- case MATCH_QNAME:
- if (ldns_pkt_qdcount(pkt) > 0) {
- free(val);
- val = ldns_rdf2str(ldns_rr_owner(ldns_rr_list_rr(ldns_pkt_question(pkt), 0)));
- /* replace \n for nicer printing later */
- if (strchr(val, '\n')) {
- *(strchr(val, '\n')) = '\0';
- }
- } else {
- val[0] = '\0';
- }
- break;
- case MATCH_QTYPE:
- if (ldns_pkt_qdcount(pkt) > 0) {
- free(val);
- val = ldns_rr_type2str(ldns_rr_get_type(ldns_rr_list_rr(ldns_pkt_question(pkt), 0)));
- } else {
- val[0] = '\0';
- }
- break;
- case MATCH_ANSWER:
- if (ldns_pkt_ancount(pkt) > 0) {
- free(val);
- val = ldns_rr_list2str(ldns_pkt_answer(pkt));
- } else {
- val[0] = '\0';
- }
- break;
- case MATCH_AUTHORITY:
- if (ldns_pkt_nscount(pkt) > 0) {
- free(val);
- val = ldns_rr_list2str(ldns_pkt_authority(pkt));
- } else {
- val[0] = '\0';
- }
- break;
- case MATCH_ADDITIONAL:
- if (ldns_pkt_arcount(pkt) > 0) {
- free(val);
- val = ldns_rr_list2str(ldns_pkt_additional(pkt));
- } else {
- val[0] = '\0';
- }
- break;
- default:
- mt = get_match_by_id(id);
- if (!mt) {
- printf("ERROR UNKNOWN MATCH_TABLE ID %u\n", id);
- exit(1);
- }
- printf("Matcher for %s not implemented yet\n", mt->name);
- exit(1);
- return NULL;
- }
-
- return val;
-}
-
-static bool
-match_packet_to_operation(ldns_pkt *pkt, ldns_rdf *src_addr, ldns_rdf *dst_addr, match_operation *operation)
-{
- bool result;
- char *val;
-
- if (!pkt || !operation) {
- return false;
- } else {
- val = get_string_value(operation->id, pkt, src_addr, dst_addr);
- if (!val) {
- return false;
- }
- result = value_matches(operation->id, operation->operator, val, operation->value);
- free(val);
- return result;
- }
-}
-
-static int
-match_operation_compare(const void *a, const void *b)
-{
- match_operation *moa, *mob;
- match_table *mt;
- long ia, ib;
-
- if (!a) {
- return 1;
- } else if (!b) {
- return -1;
- } else {
- moa = (match_operation *) a;
- mob = (match_operation *) b;
-
- if (moa->id < mob->id) {
- return -1;
- } else if (moa->id > mob->id) {
- return 1;
- } else {
- if (moa->operator < mob->operator) {
- return -1;
- } else if (moa->operator > mob->operator) {
- return 1;
- } else {
- mt = get_match_by_id(moa->id);
- if (mt) {
- switch (mt->type) {
- case TYPE_INT:
- case TYPE_TIMESTAMP:
- case TYPE_BOOL:
- case TYPE_OPCODE:
- case TYPE_RCODE:
- ia = atol(moa->value);
- ib = atol(mob->value);
- return ia - ib;
- break;
- case TYPE_STRING:
- case TYPE_ADDRESS:
- case TYPE_RR:
- default:
- return strcmp(moa->value, mob->value);
- break;
- }
- } else {
- return strcmp(moa->value, mob->value);
- }
- }
- }
- }
-}
-
-static int
-match_expression_compare(const void *a, const void *b)
-{
- match_expression *mea, *meb;
-
- if (!a) {
- return 1;
- } else if (!b) {
- return -1;
- } else {
- mea = (match_expression *) a;
- meb = (match_expression *) b;
-
- if (mea->op < meb->op) {
- return -1;
- } else if (mea->op > meb->op) {
- return 1;
- } else {
- switch(mea->op) {
- case MATCH_EXPR_AND:
- case MATCH_EXPR_OR:
- if (match_expression_compare(mea->left, meb->left) < 0) {
- return -1;
- } else if (match_expression_compare(mea->left, meb->left) > 0) {
- return 1;
- } else {
- return match_expression_compare(mea->right, meb->right);
- }
- break;
- case MATCH_EXPR_LEAF:
- return match_operation_compare(mea->match, meb->match);
- break;
- default:
- fprintf(stderr, "Unknown Match Expression logic operator: %u\n", mea->op);
- exit(1);
- }
- }
- }
-}
-
-/**
- * If count is true, and the counter is found, its count is increased by 1
- */
-static int
-add_match_counter(match_counters *counters,
- match_expression *expr,
- bool count)
-{
- int cmp;
- match_counters *new;
-
- if (!counters || !expr) {
- return -1;
- } else {
- if (counters->match) {
- cmp = match_expression_compare(counters->match,
- expr);
- if (cmp > 0) {
- if (counters->left) {
- return add_match_counter(counters->left,
- expr,
- count);
- } else {
- new = malloc(sizeof(match_counters));
- new->left = NULL;
- new->right = NULL;
- new->match = expr;
- counters->left = new;
- return 0;
- }
- } else if (cmp < 0) {
- if (counters->right) {
- return add_match_counter(counters->right,
- expr,
- count);
- } else {
- new = malloc(sizeof(match_counters));
- new->left = NULL;
- new->right = NULL;
- new->match = expr;
- counters->right = new;
- return 0;
- }
- } else {
- /* already there? */
- if (count) {
- counters->match->count++;
- }
- return 1;
- }
- } else {
- /* shouldn't happen but anyway */
- counters->match = expr;
- }
- }
- return 0;
-}
-
-static bool
-match_dns_packet_to_expr(ldns_pkt *pkt, ldns_rdf *src_addr, ldns_rdf *dst_addr, match_expression *expr)
-{
- bool result;
-
- if (!pkt || !expr) {
- return false;
- }
-
- switch(expr->op) {
- case MATCH_EXPR_OR:
- result = (match_dns_packet_to_expr(pkt, src_addr, dst_addr, expr->left) ||
- match_dns_packet_to_expr(pkt, src_addr, dst_addr, expr->right));
- break;
- case MATCH_EXPR_AND:
- result = (match_dns_packet_to_expr(pkt, src_addr, dst_addr, expr->left) &&
- match_dns_packet_to_expr(pkt, src_addr, dst_addr, expr->right));
- break;
- case MATCH_EXPR_LEAF:
- result = match_packet_to_operation(pkt, src_addr, dst_addr, expr->match);
- break;
- default:
- fprintf(stderr, "Error, unknown expression operator %u\n", expr->op);
- fprintf(stderr, "full expression:\n");
- print_match_expression(stderr, expr);
- fprintf(stderr, "\n");
- exit(1);
- }
-
- if (result) {
- if (verbosity >= 5) {
- printf("Found Match:\n");
- print_match_expression(stdout, expr);
- printf("\nCount now %u\n", (unsigned int) expr->count);
- }
- expr->count++;
- }
-
- return result;
-}
-
-static void
-free_match_operation(match_operation *operation)
-{
- if (operation) {
- if (operation->value) {
- free(operation->value);
- }
- free(operation);
- }
-}
-
-static void
-free_match_expression(match_expression *expr)
-{
- if (expr) {
- switch(expr->op) {
- case MATCH_EXPR_OR:
- case MATCH_EXPR_AND:
- free_match_expression(expr->left);
- free_match_expression(expr->right);
- break;
- case MATCH_EXPR_LEAF:
- free_match_operation(expr->match);
- break;
- }
- free(expr);
- }
-}
-
-static void
-free_counters(match_counters *counters)
-{
- if (counters) {
- if (counters->left) {
- free_counters(counters->left);
- }
- if (counters->match) {
- free_match_expression(counters->match);
- }
- if (counters->right) {
- free_counters(counters->right);
- }
- free(counters);
- }
-}
-
-static void
-match_pkt_counters(ldns_pkt *pkt, ldns_rdf *src_addr, ldns_rdf *dst_addr, match_counters *counts)
-{
- if (counts->left) {
- match_pkt_counters(pkt, src_addr, dst_addr, counts->left);
- }
- if (counts->match) {
- if (match_dns_packet_to_expr(pkt, src_addr, dst_addr, counts->match)) {
-/*
- counts->match->count++;
-*/
- }
- }
- if (counts->right) {
- match_pkt_counters(pkt, src_addr, dst_addr, counts->right);
- }
-}
-
-static void
-match_pkt_uniques(ldns_pkt *pkt, ldns_rdf *src_addr, ldns_rdf *dst_addr, match_counters *uniques, match_id unique_ids[], size_t unique_id_count)
-{
- match_expression *me;
- size_t i;
- match_operation *mo;
- int add_result;
-
- for (i = 0; i < unique_id_count; i++) {
- mo = malloc(sizeof(match_operation));
- mo->id = unique_ids[i];
- mo->operator = OP_EQUAL;
- mo->value = get_string_value(mo->id, pkt, src_addr, dst_addr);
-
- me = malloc(sizeof(match_expression));
- me->op = MATCH_EXPR_LEAF;
- me->left = NULL;
- me->right = NULL;
- me->match = mo;
- me->count = 1;
-
- add_result = add_match_counter(uniques, me, true);
- /* if result=1 it was already found, so delete new one */
- if (add_result == 1) {
- free_match_expression(me);
- }
- }
-
-#if 0
- size_t i, j;
- bool found;
- match_expression *me;
- match_operation *mo;
-
- /* get the value, match uniques for that, if not match, add new */
- /* all unique values should be MATCH_EXPR_LEAF */
- found = false;
- for (j = 0; j < uniques->size; j++) {
- if (uniques->counter[j]->match->id == unique_ids[i]) {
- if (match_dns_packet_to_expr(pkt, src_addr, dst_addr, uniques->counter[j])) {
- found = true;
- }
- }
- }
- if (!found) {
- mo = malloc(sizeof(match_operation));
- mo->id = unique_ids[i];
- mo->operator = OP_EQUAL;
- mo->value = get_string_value(mo->id, pkt, src_addr, dst_addr);
-
- me = malloc(sizeof(match_expression));
- me->match = mo;
- me->op = MATCH_EXPR_LEAF;
- me->left = NULL;
- me->right = NULL;
- me->count = 1;
-
- add_counter(uniques, me);
- }
- }
-#endif
-}
-
-static match_expression *
-parse_match_expression(char *string)
-{
- match_expression *expr;
- size_t i,j;
- size_t leftstart, leftend = 0;
- char *left_str, *op, *val;
- match_table *mt;
- match_operation *mo = NULL;
- const type_operators *tos;
- match_expression *result;
- ldns_lookup_table *lt = NULL;
-
- /* remove whitespace */
- char *str = malloc(strlen(string) + 1);
-
- j = 0;
- for (i = 0; i < strlen(string); i++) {
- if(!isspace(string[i])) {
- str[j] = string[i];
- j++;
- }
- }
- str[j] = '\0';
-
- expr = malloc(sizeof(match_expression));
- expr->left = NULL;
- expr->right = NULL;
- expr->match = NULL;
- expr->count = 0;
- leftstart = 0;
- for (i = 0; i < strlen(str); i++) {
- if (str[i] == '&') {
- expr->op = MATCH_EXPR_AND;
- if (!expr->left) {
- left_str = malloc(leftend - leftstart + 2);
- strncpy(left_str, &str[leftstart], leftend-leftstart+1);
- left_str[leftend - leftstart + 1] = '\0';
- expr->left = parse_match_expression(left_str);
- free(left_str);
- }
- expr->right = parse_match_expression(&str[i+1]);
- if (expr->left && expr->right) {
- result = expr;
- goto done;
- } else {
- result = NULL;
- goto done;
- }
- } else if (str[i] == '|') {
- expr->op = MATCH_EXPR_OR;
- if (!expr->left) {
- left_str = malloc(leftend - leftstart + 2);
- strncpy(left_str, &str[leftstart], leftend-leftstart+1);
- left_str[leftend - leftstart + 1] = '\0';
- expr->left = parse_match_expression(left_str);
- free(left_str);
- }
- expr->right = parse_match_expression(&str[i+1]);
- expr->count = 0;
- if (expr->left && expr->right) {
- result = expr;
- goto done;
- } else {
- result = NULL;
- goto done;
- }
- } else if (str[i] == '(') {
- leftstart = i + 1;
- j = 1;
- while (j > 0) {
- i++;
- if (i > strlen(str)) {
- printf("parse error: no closing bracket: %s\n", str);
- printf(" ");
- for (j = 0; j < leftstart - 1; j++) {
- printf(" ");
- }
- printf("^\n");
- result = NULL;
- goto done;
- }
- if (str[i] == ')') {
- j--;
- } else if (str[i] == '(') {
- j++;
- } else {
- }
- }
- leftend = i-1;
- left_str = malloc(leftend - leftstart + 1);
- strncpy(left_str, &str[leftstart], leftend - leftstart + 1);
- expr->left = parse_match_expression(left_str);
- free(left_str);
- if (i >= strlen(str)-1) {
- result = expr->left;
- goto done;
- }
- } else if (str[i] == ')') {
- printf("parse error: ) without (\n");
- result = NULL;
- goto done;
- } else {
- leftend = i;
- }
- }
-
- /* no operators or hooks left, expr should be of the form
- <name><operator><value> now */
- for (i = 0; i < strlen(str); i++) {
- if (str[i] == '=' ||
- str[i] == '>' ||
- str[i] == '<' ||
- str[i] == '!' ||
- str[i] == '~'
- ) {
- leftend = i-1;
- op = malloc(3);
- j = 0;
- op[j] = str[i];
- i++;
- j++;
-
- if (i > strlen(str)) {
- printf("parse error no right hand side: %s\n", str);
- result = NULL;
- goto done;
- }
- if (str[i] == '=' ||
- str[i] == '>' ||
- str[i] == '<' ||
- str[i] == '!' ||
- str[i] == '~'
- ) {
- op[j] = str[i];
- i++;
- j++;
- if (i > strlen(str)) {
- printf("parse error no right hand side: %s\n", str);
- result = NULL;
- goto done;
- }
- }
- op[j] = '\0';
- left_str = malloc(leftend - leftstart + 2);
- strncpy(left_str, &str[leftstart], leftend - leftstart + 1);
- left_str[leftend - leftstart + 1] = '\0';
- mt = get_match_by_name(left_str);
- if (!mt) {
- printf("parse error: unknown match name: %s\n", left_str);
- result = NULL;
- goto done;
- } else {
- /* check if operator is allowed */
- tos = get_type_operators(mt->type);
- for (j = 0; j < tos->operator_count; j++) {
- if (get_op_id(op) == tos->operators[j]) {
- mo = malloc(sizeof(match_operation));
- mo->id = mt->id;
- mo->operator = get_op_id(op);
- switch (mt->type) {
- case TYPE_BOOL:
- val = malloc(2);
- if (strncmp(&str[i], "true", 5) == 0 ||
- strncmp(&str[i], "TRUE", 5) == 0 ||
- strncmp(&str[i], "True", 5) == 0 ||
- strncmp(&str[i], "1", 2) == 0
- ) {
- val[0] = '1';
- val[1] = '\0';
- } else if (strncmp(&str[i], "false", 5) == 0 ||
- strncmp(&str[i], "FALSE", 5) == 0 ||
- strncmp(&str[i], "False", 5) == 0 ||
- strncmp(&str[i], "0", 2) == 0
- ) {
-
- val[0] = '0';
- } else {
- fprintf(stderr, "Bad value for bool: %s\n", &str[i]);
- exit(EXIT_FAILURE);
- }
- val[1] = '\0';
- break;
- case TYPE_RR:
- /* convert first so we have the same strings for the same rrs in match_ later */
- /*
- qrr = ldns_rr_new_frm_str(&str[i], LDNS_DEFAULT_TTL, NULL);
- if (!qrr) {
- fprintf(stderr, "Bad value for RR: %s\n", &str[i]);
- exit(EXIT_FAILURE);
- }
- val = ldns_rr2str(qrr);
- */
- /* remove \n for readability */
- /*
- if (strchr(val, '\n')) {
- *(strchr(val, '\n')) = '\0';
- }
- ldns_rr_free(qrr);
- */
- val = strdup(&str[i]);
- break;
- case TYPE_OPCODE:
- lt = ldns_lookup_by_name(ldns_opcodes, &str[i]);
- if (lt) {
- val = malloc(4);
- snprintf(val, 3, "%u", (unsigned int) lt->id);
- } else {
- val = strdup(&str[i]);
- }
- break;
- case TYPE_RCODE:
- lt = ldns_lookup_by_name(ldns_rcodes, &str[i]);
- if (lt) {
- val = malloc(4);
- snprintf(val, 3, "%u", (unsigned int) lt->id);
- } else {
- val = strdup(&str[i]);
- }
- break;
- default:
- val = strdup(&str[i]);
- break;
- }
- mo->value = val;
- }
- }
- if (!mo) {
- printf("parse error: operator %s not allowed for match %s\n", op, left_str);
- result = NULL;
- goto done;
- }
- }
- free(left_str);
- free(op);
- expr->match = mo;
- expr->op = MATCH_EXPR_LEAF;
- result = expr;
- goto done;
- }
- }
-
- result = NULL;
-
- done:
- free(str);
- if (!result) {
- free_match_expression(expr);
- }
- return result;
-
-}
-/* end of matches and counts */
-void
-usage(FILE *output)
-{
- fprintf(output, "Usage: ldns-dpa [OPTIONS] <pcap file>\n");
- fprintf(output, "Options:\n");
- fprintf(output, "\t-c <exprlist>:\tCount occurrences of matching expressions\n");
- fprintf(output, "\t-f <expression>:\tFilter occurrences of matching expressions\n");
- fprintf(output, "\t-h:\t\tshow this help\n");
- fprintf(output, "\t-p:\t\tshow percentage of -u and -c values (of the total of\n\t\t\tmatching on the -f filter. if no filter is given,\n\t\t\tpercentages are on all correct dns packets)\n");
- fprintf(output, "\t-of <file>:\tWrite pcap packets that match the -f flag to file\n");
- fprintf(output, "\t-ofh <file>:\tWrite pcap packets that match the -f flag to file\n\t\tin a hexadecimal format readable by drill\n");
- fprintf(output, "\t-s:\t\tshow possible match names\n");
- fprintf(output, "\t-s <matchname>:\tshow possible match operators and values for <name>\n");
- fprintf(output, "\t-sf:\t\tPrint packet that match -f. If no -f is given, print\n\t\t\tall dns packets\n");
- fprintf(output, "\t-u <matchnamelist>:\tCount all occurrences of matchname\n");
- fprintf(output, "\t-ua:\t\tShow average value of every -u matchname\n");
- fprintf(output, "\t-uac:\t\tShow average count of every -u matchname\n");
- fprintf(output, "\t-um <number>:\tOnly show -u results that occured more than number times\n");
- fprintf(output, "\t-v <level>:\tbe more verbose\n");
- fprintf(output, "\t-notip <file>:\tDump pcap packets that were not recognized as\n\t\t\tIP packets to file\n");
- fprintf(output, "\t-baddns <file>:\tDump mangled dns packets to file\n");
- fprintf(output, "\t-version:\tShow the version and exit\n");
- fprintf(output, "\n");
- fprintf(output, "The filename '-' stands for stdin or stdout, so you can use \"-of -\" if you want to pipe the output to another process\n");
- fprintf(output, "\n");
- fprintf(output, "A <list> is a comma separated list of items\n");
- fprintf(output, "\n");
- fprintf(output, "An expression has the following form:\n");
- fprintf(output, "<expr>:\t(<expr>)\n");
- fprintf(output, "\t<expr> | <expr>\n");
- fprintf(output, "\t<expr> & <expr>\n");
- fprintf(output, "\t<match>\n");
- fprintf(output, "\n");
- fprintf(output, "<match>:\t<matchname> <operator> <value>\n");
- fprintf(output, "\n");
- fprintf(output, "See the -s option for possible matchnames, operators and values.\n");
-}
-
-void
-show_match_names(char *name)
-{
- size_t j;
- match_table *mt;
- ldns_lookup_table *lt;
- const type_operators *tos;
- char *str;
- size_t i;
-
- if (name) {
- mt = get_match_by_name(name);
- if (mt) {
- printf("%s:\n", mt->name);
- printf("\t%s.\n", mt->description);
- printf("\toperators: ");
- printf("\t");
- tos = get_type_operators(mt->type);
- if (tos) {
- for (j = 0; j < tos->operator_count; j++) {
- printf("%s ", get_op_str(tos->operators[j]));
-/*
- lt = ldns_lookup_by_id((ldns_lookup_table *) lt_operators, tos->operators[j]);
- if (lt) {
- printf("%s ", lt->name);
- } else {
- printf("? ");
- }
-*/
- }
- } else {
- printf("unknown type");
- }
-
- printf("\n");
- printf("\tValues:\n");
- switch (mt->type) {
- case TYPE_INT:
- printf("\t\t<Integer>\n");
- break;
- case TYPE_BOOL:
- printf("\t\t0\n");
- printf("\t\t1\n");
- printf("\t\ttrue\n");
- printf("\t\tfalse\n");
- break;
- case TYPE_OPCODE:
- printf("\t\t<Integer>\n");
- lt = ldns_opcodes;
- while (lt->name != NULL) {
- printf("\t\t%s\n", lt->name);
- lt++;
- }
- break;
- case TYPE_RCODE:
- printf("\t\t<Integer>\n");
- lt = ldns_rcodes;
- while (lt->name != NULL) {
- printf("\t\t%s\n", lt->name);
- lt++;
- }
- break;
- case TYPE_STRING:
- printf("\t\t<String>\n");
- break;
- case TYPE_TIMESTAMP:
- printf("\t\t<Integer> (seconds since epoch)\n");
- break;
- case TYPE_ADDRESS:
- printf("\t\t<IP address>\n");
- break;
- case TYPE_RR:
- printf("\t\t<Resource Record>\n");
- break;
- default:
- break;
- }
- } else {
- printf("Unknown match name: %s\n", name);
- }
- } else {
- mt = (match_table *) matches;
- while (mt->name != NULL) {
- str = (char *) mt->name;
- printf("%s:", str);
- i = strlen(str) + 1;
- while (i < 24) {
- printf(" ");
- i++;
- }
- printf("%s\n", mt->description);
- mt++;
- }
- }
-}
-
-int
-handle_ether_packet(const u_char *data, struct pcap_pkthdr cur_hdr, match_counters *count, match_expression *match_expr, match_counters *uniques, match_id unique_ids[], size_t unique_id_count)
-{
- struct ether_header *eptr;
- struct ip *iptr;
- struct ip6_hdr *ip6_hdr;
- int ip_hdr_size;
- uint8_t protocol;
- size_t data_offset = 0;
- ldns_rdf *src_addr, *dst_addr;
- uint8_t *ap;
- char *astr;
- bpf_u_int32 len = cur_hdr.caplen;
- struct timeval timestamp;
- uint16_t ip_flags;
- uint16_t ip_len;
- uint16_t ip_id;
- uint16_t ip_f_offset;
- const u_char *newdata = NULL;
-/*
-printf("timeval: %u ; %u\n", cur_hdr.ts.tv_sec, cur_hdr.ts.tv_usec);
-*/
-
- uint8_t *dnspkt;
-
- ldns_pkt *pkt;
- ldns_status status;
-
- /* lets start with the ether header... */
- eptr = (struct ether_header *) data;
- /* Do a couple of checks to see what packet type we have..*/
- if (ntohs (eptr->ether_type) == ETHERTYPE_IP)
- {
- if (verbosity >= 5) {
- printf("Ethernet type hex:%x dec:%u is an IP packet\n",
- (unsigned int) ntohs(eptr->ether_type),
- (unsigned int) ntohs(eptr->ether_type));
- }
-
- data_offset = ETHER_HEADER_LENGTH;
- iptr = (struct ip *) (data + data_offset);
- /*
- printf("IP_OFF: %u (%04x) %04x %04x (%d) (%d)\n", iptr->ip_off, iptr->ip_off, IP_MF, IP_DF, iptr->ip_off & 0x4000, iptr->ip_off & 0x2000);
- */
- ip_flags = ldns_read_uint16(&(iptr->ip_off));
- ip_id = ldns_read_uint16(&(iptr->ip_id));
- ip_len = ldns_read_uint16(&(iptr->ip_len));
- ip_f_offset = (ip_flags & IP_OFFMASK)*8;
- if (ip_flags & IP_MF && ip_f_offset == 0) {
- /*printf("First Frag id %u len\n", ip_id, ip_len);*/
- fragment_p->ip_id = ip_id;
- memset(fragment_p->data, 0, 65535);
- memcpy(fragment_p->data, iptr, ip_len);
- fragment_p->cur_len = ip_len + 20;
-/*
- for (ip_len = 0; ip_len < fragment_p->cur_len; ip_len++) {
- if (ip_len > 0 && ip_len % 20 == 0) {
- printf("\t; %u - %u\n", ip_len - 19, ip_len);
- }
- printf("%02x ", fragment_p->data[ip_len]);
- }
- printf("\t; ??? - %u\n", ip_len);
-*/
- return 0;
- } else
- if (ip_flags & IP_MF && ip_f_offset != 0) {
- /*printf("Next frag\n");*/
- if (ip_id == fragment_p->ip_id) {
- /*printf("add fragment to current id %u len %u offset %u\n", ip_id, ip_len, ip_f_offset);*/
- memcpy(fragment_p->data + (ip_f_offset) + 20, data+data_offset+20, ip_len - (iptr->ip_hl)*4);
- /*printf("COPIED %u\n", ip_len);*/
- fragment_p->cur_len = fragment_p->cur_len + ip_len - 20;
- /*printf("cur len now %u\n", fragment_p->cur_len);*/
-/*
- for (ip_len = 0; ip_len < fragment_p->cur_len; ip_len++) {
- if (ip_len > 0 && ip_len % 20 == 0) {
- printf("\t; %u - %u\n", ip_len - 19, ip_len);
- }
- printf("%02x ", fragment_p->data[ip_len]);
- }
- printf("\t; ??? - %u\n", ip_len);
-*/
- return 0;
- } else {
- /*printf("Lost fragment %u\n", iptr->ip_id);*/
- lost_packet_fragments++;
- return 1;
- }
- } else
- if (!(ip_flags & IP_MF) && ip_f_offset != 0) {
- /*printf("Last frag\n");*/
- if (ip_id == fragment_p->ip_id) {
- /*printf("add fragment to current id %u len %u offset %u\n", ip_id, ip_len, ip_f_offset);*/
- memcpy(fragment_p->data + ip_f_offset + 20, data+data_offset+20, ip_len - 20);
- fragment_p->cur_len = fragment_p->cur_len + ip_len - 20;
- iptr = (struct ip *) fragment_p->data;
- newdata = malloc(fragment_p->cur_len + data_offset);
- if (!newdata) {
- printf("Malloc failed, out of mem?\n");
- exit(4);
- }
- memcpy((char *) newdata, data, data_offset);
- memcpy((char *) newdata+data_offset, fragment_p->data, fragment_p->cur_len);
- iptr->ip_len = (u_short) ldns_read_uint16(&(fragment_p->cur_len));
- iptr->ip_off = 0;
- len = (bpf_u_int32) fragment_p->cur_len;
- cur_hdr.caplen = len;
- fragment_p->ip_id = 0;
- fragmented_packets++;
-/*
- for (ip_len = 0; ip_len < fragment_p->cur_len; ip_len++) {
- if (ip_len > 0 && ip_len % 20 == 0) {
- printf("\t; %u - %u\n", ip_len - 19, ip_len);
- }
- printf("%02x ", fragment_p->data[ip_len]);
- }
- printf("\t; ??? - %u\n", ip_len);
-*/
- } else {
- /*printf("Lost fragment %u\n", iptr->ip_id);*/
- lost_packet_fragments++;
- return 1;
- }
- } else {
- newdata = data;
- }
-/*
- if (iptr->ip_off & 0x0040) {
- printf("Don't fragment\n");
- }
-*/
-
- /* in_addr portability woes, going manual for now */
- /* ipv4 */
- ap = (uint8_t *) &(iptr->ip_src);
- astr = malloc(INET_ADDRSTRLEN);
- if (inet_ntop(AF_INET, ap, astr, INET_ADDRSTRLEN)) {
- if (ldns_str2rdf_a(&src_addr, astr) == LDNS_STATUS_OK) {
-
- }
- free(astr);
- }
- ap = (uint8_t *) &(iptr->ip_dst);
- astr = malloc(INET_ADDRSTRLEN);
- if (inet_ntop(AF_INET, ap, astr, INET_ADDRSTRLEN)) {
- if (ldns_str2rdf_a(&dst_addr, astr) == LDNS_STATUS_OK) {
-
- }
- free(astr);
- }
-
- ip_hdr_size = (int) iptr->ip_hl * 4;
- protocol = (uint8_t) iptr->ip_p;
-
- data_offset += ip_hdr_size;
-
- if (protocol == IPPROTO_UDP) {
- udp_packets++;
- data_offset += UDP_HEADER_LENGTH;
-
- dnspkt = (uint8_t *) (newdata + data_offset);
-
- /*printf("packet starts at byte %u\n", data_offset);*/
-
- /*printf("Len: %u\n", len);*/
-
- status = ldns_wire2pkt(&pkt, dnspkt, len - data_offset);
-
- if (status != LDNS_STATUS_OK) {
- if (verbosity >= 3) {
- printf("No dns packet: %s\n", ldns_get_errorstr_by_id(status));
- }
- if (verbosity >= 5) {
- for (ip_len = 0; ip_len < len - data_offset; ip_len++) {
- if (ip_len > 0 && ip_len % 20 == 0) {
- printf("\t; %u - %u\n", (unsigned int) ip_len - 19, (unsigned int) ip_len);
- }
- printf("%02x ", (unsigned int) dnspkt[ip_len]);
- }
- printf("\t; ??? - %u\n", (unsigned int) ip_len);
-
- }
- bad_dns_packets++;
- if (bad_dns_dump) {
- pcap_dump((u_char *)bad_dns_dump, &cur_hdr, newdata);
- }
- } else {
- timestamp.tv_sec = cur_hdr.ts.tv_sec;
- timestamp.tv_usec = cur_hdr.ts.tv_usec;
- ldns_pkt_set_timestamp(pkt, timestamp);
-
- if (verbosity >= 4) {
- printf("DNS packet\n");
- ldns_pkt_print(stdout, pkt);
- printf("\n\n");
- }
-
- total_nr_of_dns_packets++;
-
- if (match_expr) {
- if (match_dns_packet_to_expr(pkt, src_addr, dst_addr, match_expr)) {
- /* if outputfile write */
- if (dumper) {
- pcap_dump((u_char *)dumper, &cur_hdr, data);
- }
- if (hexdumpfile) {
- fprintf(hexdumpfile, ";; %u\n", (unsigned int) total_nr_of_dns_packets);
- ldns_pkt2file_hex(hexdumpfile, pkt);
- }
- if (show_filter_matches) {
- printf(";; From: ");
- ldns_rdf_print(stdout, src_addr);
- printf("\n");
- printf(";; To: ");
- ldns_rdf_print(stdout, dst_addr);
- printf("\n");
- ldns_pkt_print(stdout, pkt);
- printf("------------------------------------------------------------\n\n");
- }
- } else {
- ldns_pkt_free(pkt);
- ldns_rdf_deep_free(src_addr);
- ldns_rdf_deep_free(dst_addr);
- return 0;
- }
- } else {
- if (dumper) {
- pcap_dump((u_char *)dumper, &cur_hdr, data);
- }
- if (hexdumpfile) {
- fprintf(hexdumpfile, ";; %u\n", (unsigned int) total_nr_of_dns_packets);
- ldns_pkt2file_hex(hexdumpfile, pkt);
- }
- if (show_filter_matches) {
- printf(";; From: ");
- ldns_rdf_print(stdout, src_addr);
- printf("\n");
- printf(";; To: ");
- ldns_rdf_print(stdout, dst_addr);
- printf("\n");
- ldns_pkt_print(stdout, pkt);
- printf("------------------------------------------------------------\n\n");
- }
- }
-
- /* General counters here */
- total_nr_of_filtered_packets++;
-
- match_pkt_counters(pkt, src_addr, dst_addr, count);
- match_pkt_uniques(pkt, src_addr, dst_addr, uniques, unique_ids, unique_id_count);
-
- ldns_pkt_free(pkt);
- pkt = NULL;
- }
- ldns_rdf_deep_free(src_addr);
- ldns_rdf_deep_free(dst_addr);
-
- } else if (protocol == IPPROTO_TCP) {
- /* tcp packets are skipped */
- tcp_packets++;
- }
- /* don't have a define for ethertype ipv6 */
- } else if (ntohs (eptr->ether_type) == ETHERTYPE_IPV6) {
- /*printf("IPv6!\n");*/
-
-
- /* copied from ipv4, move this to function? */
-
- data_offset = ETHER_HEADER_LENGTH;
- ip6_hdr = (struct ip6_hdr *) (data + data_offset);
-
- newdata = data;
-
- /* in_addr portability woes, going manual for now */
- /* ipv6 */
- ap = (uint8_t *) &(ip6_hdr->ip6_src);
- astr = malloc(INET6_ADDRSTRLEN);
- if (inet_ntop(AF_INET6, ap, astr, INET6_ADDRSTRLEN)) {
- if (ldns_str2rdf_aaaa(&src_addr, astr) == LDNS_STATUS_OK) {
-
- }
- free(astr);
- }
- ap = (uint8_t *) &(ip6_hdr->ip6_dst);
- astr = malloc(INET6_ADDRSTRLEN);
- if (inet_ntop(AF_INET6, ap, astr, INET6_ADDRSTRLEN)) {
- if (ldns_str2rdf_aaaa(&dst_addr, astr) == LDNS_STATUS_OK) {
-
- }
- free(astr);
- }
-
- ip_hdr_size = IP6_HEADER_LENGTH;
- protocol = (uint8_t) ip6_hdr->ip6_ctlun.ip6_un1.ip6_un1_nxt;
-
- data_offset += ip_hdr_size;
-
- if (protocol == IPPROTO_UDP) {
- udp_packets++;
- /*printf("V6 UDP!\n");*/
- data_offset += UDP_HEADER_LENGTH;
-
- dnspkt = (uint8_t *) (newdata + data_offset);
-
- /*printf("Len: %u\n", len);*/
-
- status = ldns_wire2pkt(&pkt, dnspkt, len - data_offset);
-
- if (status != LDNS_STATUS_OK) {
- if (verbosity >= 3) {
- printf("No dns packet: %s\n", ldns_get_errorstr_by_id(status));
- }
- bad_dns_packets++;
- if (bad_dns_dump) {
- pcap_dump((u_char *)bad_dns_dump, &cur_hdr, newdata);
- }
- } else {
- timestamp.tv_sec = cur_hdr.ts.tv_sec;
- timestamp.tv_usec = cur_hdr.ts.tv_usec;
- ldns_pkt_set_timestamp(pkt, timestamp);
-
- if (verbosity >= 4) {
- printf("DNS packet\n");
- ldns_pkt_print(stdout, pkt);
- printf("\n\n");
- }
-
- total_nr_of_dns_packets++;
-
- if (match_expr) {
- if (match_dns_packet_to_expr(pkt, src_addr, dst_addr, match_expr)) {
- /* if outputfile write */
- if (dumper) {
- pcap_dump((u_char *)dumper, &cur_hdr, data);
- }
- if (show_filter_matches) {
- printf(";; From: ");
- ldns_rdf_print(stdout, src_addr);
- printf("\n");
- printf(";; To: ");
- ldns_rdf_print(stdout, dst_addr);
- printf("\n");
- ldns_pkt_print(stdout, pkt);
- printf("------------------------------------------------------------\n\n");
- }
- } else {
- ldns_pkt_free(pkt);
- ldns_rdf_deep_free(src_addr);
- ldns_rdf_deep_free(dst_addr);
- return 0;
- }
- } else {
- if (show_filter_matches) {
- printf(";; From: ");
- ldns_rdf_print(stdout, src_addr);
- printf("\n");
- printf(";; To: ");
- ldns_rdf_print(stdout, dst_addr);
- printf("\n");
- ldns_pkt_print(stdout, pkt);
- printf("------------------------------------------------------------\n\n");
- }
- }
-
- /* General counters here */
- total_nr_of_filtered_packets++;
-
- match_pkt_counters(pkt, src_addr, dst_addr, count);
- match_pkt_uniques(pkt, src_addr, dst_addr, uniques, unique_ids, unique_id_count);
-
- ldns_pkt_free(pkt);
- pkt = NULL;
- }
- ldns_rdf_deep_free(src_addr);
- ldns_rdf_deep_free(dst_addr);
-
- } else if (protocol == IPPROTO_TCP) {
- /* tcp packets are skipped */
- tcp_packets++;
- } else {
- printf("ipv6 unknown next header type: %u\n", (unsigned int) protocol);
- }
-
-
-
- } else if (ntohs (eptr->ether_type) == ETHERTYPE_ARP) {
- if (verbosity >= 5) {
- printf("Ethernet type hex:%x dec:%u is an ARP packet\n",
- (unsigned int) ntohs(eptr->ether_type),
- (unsigned int) ntohs(eptr->ether_type));
- }
- arp_packets++;
- } else {
- printf("Ethernet type %x not IP\n", (unsigned int) ntohs(eptr->ether_type));
- if (verbosity >= 5) {
- printf("Ethernet type %x not IP\n", (unsigned int) ntohs(eptr->ether_type));
- }
- not_ip_packets++;
- if (not_ip_dump) {
- pcap_dump((u_char *)not_ip_dump, &cur_hdr, data);
- }
- }
-
- return 0;
-}
-
-bool
-parse_match_list(match_counters *counters, char *string)
-{
- size_t i;
- match_expression *expr;
-/* match_counter *mc;*/
- size_t lastpos = 0;
- char *substring;
-
- /*printf("Parsing match list: '%s'\n", string);*/
-
- for (i = 0; i < strlen(string); i++) {
- if (string[i] == ',') {
- if (i<2) {
- fprintf(stderr, "Matchlist cannot start with ,\n");
- return false;
- } else {
- substring = malloc(strlen(string)+1);
- strncpy(substring, &string[lastpos], i - lastpos + 1);
- substring[i - lastpos] = '\0';
- expr = parse_match_expression(substring);
- if (!expr) {
- return false;
- }
- free(substring);
- /*
- if (expr->op != MATCH_EXPR_LEAF) {
- fprintf(stderr, "Matchlist can only contain <match>, not a logic expression\n");
- return false;
- }
- */
- add_match_counter(counters, expr, false);
- lastpos = i+1;
- }
- }
- }
- substring = malloc(strlen(string) + 1);
- strncpy(substring, &string[lastpos], i - lastpos + 1);
- substring[i - lastpos] = '\0';
- expr = parse_match_expression(substring);
-
- if (!expr) {
- fprintf(stderr, "Bad match: %s\n", substring);
- return false;
- }
- free(substring);
- /*
- if (expr->op != MATCH_EXPR_LEAF) {
- fprintf(stderr, "Matchlist can only contain <match>, not a logic expression\n");
- return false;
- }
- */
- add_match_counter(counters, expr, false);
- return true;
-}
-
-bool
-parse_uniques(match_id ids[], size_t *count, char *string)
-{
- size_t i, j, lastpos;
- char *str, *strpart;
- match_table *mt;
-
- /*printf("Parsing unique counts: '%s'\n", string);*/
- str = malloc(strlen(string) + 1);
- j = 0;
- for (i = 0; i < strlen(string); i++) {
- if (!isspace(string[i])) {
- str[j] = string[i];
- j++;
- }
- }
- str[j] = '\0';
-
- lastpos = 0;
- for (i = 0; i <= strlen(str); i++) {
- if (str[i] == ',' || i >= strlen(str)) {
- strpart = malloc(i - lastpos + 1);
- strncpy(strpart, &str[lastpos], i - lastpos);
- strpart[i - lastpos] = '\0';
- if ((mt = get_match_by_name(strpart))) {
- ids[*count] = mt->id;
- *count = *count + 1;
- } else {
- printf("Error parsing match list; unknown match name: %s\n", strpart);
- return false;
- }
- free(strpart);
- lastpos = i + 1;
- }
- }
- if (i > lastpos) {
- strpart = malloc(i - lastpos + 1);
- strncpy(strpart, &str[lastpos], i - lastpos);
- strpart[i - lastpos] = '\0';
- if ((mt = get_match_by_name(strpart))) {
- ids[*count] = mt->id;
- *count = *count + 1;
- } else {
- printf("Error parsing match list; unknown match name: %s\n", strpart);
- return false;
- }
- free(strpart);
- lastpos = i + 1;
- }
- free(str);
- return true;
-}
-
-int main(int argc, char *argv[]) {
-
- int i;
- int status = EXIT_SUCCESS;
- match_counters *count = malloc(sizeof(match_counters));
- const char *inputfile = NULL;
- char errbuf[PCAP_ERRBUF_SIZE];
- pcap_t *pc = NULL;
- const u_char *cur;
- struct pcap_pkthdr cur_hdr;
- match_expression *expr = NULL;
- match_id unique_ids[MAX_MATCHES];
- size_t unique_id_count = 0; /* number of unique counters */
- match_counters *uniques = malloc(sizeof(match_counters));
- char *dumpfile = NULL;
- char *hexdumpfilename = NULL;
- char *not_ip_dumpfile = NULL;
- char *bad_dns_dumpfile = NULL;
-
- bool show_percentages = false;
- bool show_averages = false;
- bool show_average_count = false;
- int unique_minimum = 0;
-
- count->left = NULL;
- count->match = NULL;
- count->right = NULL;
- uniques->left = NULL;
- uniques->match = NULL;
- uniques->right = NULL;
-
- fragment_p = malloc(sizeof(struct fragment_part));
- fragment_p->ip_id = 0;
- fragment_p->cur_len = 0;
-
- for (i = 1; i < argc; i++) {
-
- if (strncmp(argv[i], "-baddns", 8) == 0) {
- if (i + 1 < argc) {
- bad_dns_dumpfile = argv[i + 1];
- i++;
- } else {
- usage(stderr);
- status = EXIT_FAILURE;
- goto exit;
- }
- } else if (strncmp(argv[i], "-notip", 7) == 0) {
- if (i + 1 < argc) {
- not_ip_dumpfile = argv[i + 1];
- i++;
- } else {
- usage(stderr);
- status = EXIT_FAILURE;
- goto exit;
- }
- } else if (strncmp(argv[i], "-c", 3) == 0) {
- if (i + 1 < argc) {
- if (!parse_match_list(count, argv[i + 1])) {
- status = EXIT_FAILURE;
- goto exit;
- }
- i++;
- } else {
- usage(stderr);
- status = EXIT_FAILURE;
- goto exit;
- }
- } else if (strncmp(argv[i], "-f", 3) == 0) {
- if (i + 1 < argc) {
- if (expr || strchr(argv[i+1], ',')) {
- fprintf(stderr, "You can only specify 1 filter expression.\n");
- status = EXIT_FAILURE;
- goto exit;
- }
- expr = parse_match_expression(argv[i + 1]);
- i++;
- } else {
- usage(stderr);
- status = EXIT_FAILURE;
- goto exit;
- }
- } else if (strncmp(argv[i], "-h", 3) == 0) {
- usage(stdout);
- status = EXIT_SUCCESS;
- goto exit;
- } else if (strncmp(argv[i], "-p", 3) == 0) {
- show_percentages = true;
- } else if (strncmp(argv[i], "-of", 4) == 0) {
- if (i + 1 < argc) {
- dumpfile = argv[i + 1];
- i++;
- } else {
- usage(stderr);
- status = EXIT_FAILURE;
- goto exit;
- }
- } else if (strncmp(argv[i], "-ofh", 5) == 0) {
- if (i + 1 < argc) {
- hexdumpfilename = argv[i + 1];
- i++;
- } else {
- usage(stderr);
- status = EXIT_FAILURE;
- goto exit;
- }
- } else if (strncmp(argv[i], "-s", 3) == 0) {
- if (i + 1 < argc) {
- show_match_names(argv[i + 1]);
- } else {
- show_match_names(NULL);
- }
- status = EXIT_SUCCESS;
- goto exit;
- } else if (strncmp(argv[i], "-sf", 4) == 0) {
- show_filter_matches = true;
- } else if (strncmp(argv[i], "-u", 3) == 0) {
- if (i + 1 < argc) {
- if (!parse_uniques(unique_ids, &unique_id_count, argv[i + 1])) {
- status = EXIT_FAILURE;
- goto exit;
- }
- i++;
- } else {
- usage(stderr);
- status = EXIT_FAILURE;
- goto exit;
- }
- } else if (strcmp("-ua", argv[i]) == 0) {
- show_averages = true;
- } else if (strcmp("-uac", argv[i]) == 0) {
- show_average_count = true;
- } else if (strcmp("-um", argv[i]) == 0) {
- if (i + 1 < argc) {
- unique_minimum = atoi(argv[i+1]);
- i++;
- } else {
- fprintf(stderr, "-um requires an argument");
- usage(stderr);
- status = EXIT_FAILURE;
- goto exit;
- }
- } else if (strcmp("-v", argv[i]) == 0) {
- i++;
- if (i < argc) {
- verbosity = atoi(argv[i]);
- }
- } else if (strcmp("-version", argv[i]) == 0) {
- printf("dns packet analyzer, version %s (ldns version %s)\n", LDNS_VERSION, ldns_version());
- goto exit;
- } else {
- if (inputfile) {
- fprintf(stderr, "You can only specify 1 input file\n");
- exit(1);
- }
- inputfile = argv[i];
- }
- }
-
- if (!inputfile) {
- inputfile = "-";
- }
-
- if (verbosity >= 5) {
- printf("Filter:\n");
- print_match_expression(stdout, expr);
- printf("\n\n");
- }
-
- pc = pcap_open_offline(inputfile, errbuf);
-
- if (!pc) {
- if (errno != 0) {
- printf("Error opening pcap file %s: %s\n", inputfile, errbuf);
- exit(1);
- } else {
- goto showresult;
- }
- }
-
- if (dumpfile) {
- dumper = pcap_dump_open(pc, dumpfile);
-
- if (!dumper) {
- printf("Error opening pcap dump file %s: %s\n", dumpfile, errbuf);
- exit(1);
- }
- }
-
- if (hexdumpfilename) {
- if (strncmp(hexdumpfilename, "-", 2) != 0) {
- printf("hexdump is file\n");
- hexdumpfile = fopen(hexdumpfilename, "w");
- } else {
- printf("hexdump is stdout\n");
- hexdumpfile = stdout;
- }
-
- if (!hexdumpfile) {
- printf("Error opening hex dump file %s: %s\n", hexdumpfilename, strerror(errno));
- exit(1);
- }
- }
-
- if (not_ip_dumpfile) {
- not_ip_dump = pcap_dump_open(pc, not_ip_dumpfile);
- if (!not_ip_dump) {
- printf("Error opening pcap dump file NOT_IP: %s\n", errbuf);
- }
- }
- if (bad_dns_dumpfile) {
- bad_dns_dump = pcap_dump_open(pc, bad_dns_dumpfile);
- if (!bad_dns_dump) {
- printf("Error opening pcap dump file NOT_IP: %s\n", errbuf);
- }
- }
-
- while ((cur = pcap_next(pc, &cur_hdr))) {
- if (verbosity >= 5) {
- printf("\n\n\n[PKT_HDR] caplen: %u \tlen: %u\n", cur_hdr.caplen, cur_hdr.len);
- }
- handle_ether_packet(cur, cur_hdr, count, expr, uniques, unique_ids, unique_id_count);
- }
-
- if (not_ip_dump) {
- pcap_dump_close(not_ip_dump);
- }
-
- if (bad_dns_dump) {
- pcap_dump_close(bad_dns_dump);
- }
-
- if (dumper) {
- pcap_dump_close(dumper);
- }
-
- if (hexdumpfile && hexdumpfile != stdout) {
- fclose(hexdumpfile);
- }
-
- pcap_close(pc);
-
- showresult:
- if (show_percentages) {
- fprintf(stdout, "Packets that are not IP: %u\n", (unsigned int) not_ip_packets);
- fprintf(stdout, "bad dns packets: %u\n", (unsigned int) bad_dns_packets);
- fprintf(stdout, "arp packets: %u\n", (unsigned int) arp_packets);
- fprintf(stdout, "udp packets: %u\n", (unsigned int) udp_packets);
- fprintf(stdout, "tcp packets (skipped): %u\n", (unsigned int) tcp_packets);
- fprintf(stdout, "reassembled fragmented packets: %u\n", (unsigned int) fragmented_packets);
- fprintf(stdout, "packet fragments lost: %u\n", (unsigned int) lost_packet_fragments);
- fprintf(stdout, "Total number of DNS packets: %u\n", (unsigned int) total_nr_of_dns_packets);
- fprintf(stdout, "Total number of DNS packets after filter: %u\n", (unsigned int) total_nr_of_filtered_packets);
- }
- if (count->match) {
- print_counters(stdout, count, show_percentages, total_nr_of_filtered_packets, 0);
- }
- if (uniques->match) {
- print_counters(stdout, uniques, show_percentages, total_nr_of_filtered_packets, unique_minimum);
- if (show_averages) {
- print_counter_averages(stdout, uniques, NULL);
- }
- if (show_average_count) {
- print_counter_average_count(stdout, uniques, NULL, true);
- }
- }
-
- exit:
-
- free_match_expression(expr);
- free_counters(count);
- free_counters(uniques);
-
- return status;
-}
-
-#else
-int main() {
- fprintf(stderr, "ldns-dpa was not built because there is no pcap library on this system, or there was no pcap header file at compilation time. Please install pcap and rebuild.\n");
- return 1;
-}
-#endif
-#else
-int main() {
- fprintf(stderr, "ldns-dpa was not built because there is no pcap library on this system, or there was no pcap header file at compilation time. Please install pcap and rebuild.\n");
- return 1;
-}
-#endif
-
-
+++ /dev/null
-.TH ldns-key2ds 1 "30 May 2005"
-.SH NAME
-ldns-key2ds \- transform a DNSKEY RR to a DS RR
-.SH SYNOPSIS
-.B ldns-key2ds
-.IR file
-
-.SH DESCRIPTION
-\fBldns-key2ds\fR is used to transform a public DNSKEY RR to a DS RR.
-When run it will read \fIfile\fR with a DNSKEY RR in it and
-it will create a .ds file with the DS RR in it.
-
-It prints out the basename for this file (K<name>+<alg>+<id>).
-
-By default it takes a pick of algorithm similar to the key algorithm,
-SHA1 for RSASHA1, and so on.
-
-.SH OPTIONS
-.TP
-\fB-n\fR
-Write the result DS Resource Record to stdout instead of a file
-
-.TP
-\fB-1\fR
-Use SHA1 as the hash function.
-
-.TP
-\fB-2\fR
-Use SHA256 as the hash function
-
-
-.SH AUTHOR
-Written by the ldns team as an example for ldns usage.
-
-.SH REPORTING BUGS
-Report bugs to <ldns-team@nlnetlabs.nl>.
-
-.SH COPYRIGHT
-Copyright (C) 2005 NLnet Labs. This is free software. There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
-PURPOSE.
+++ /dev/null
-/*
- * key2ds transforms a public key into its DS
- * It (currently) prints out the public key
- *
- * (c) NLnet Labs, 2005 - 2008
- * See the file LICENSE for the license
- */
-
-#include "config.h"
-
-#include <ldns/ldns.h>
-
-#include <errno.h>
-
-static void
-usage(FILE *fp, char *prog) {
- fprintf(fp, "%s [-fn] [-1|-2] keyfile\n", prog);
- fprintf(fp, " Generate a DS RR from the DNSKEYS in keyfile\n");
- fprintf(fp, " The following file will be created: ");
- fprintf(fp, "K<name>+<alg>+<id>.ds\n");
- fprintf(fp, " The base name (K<name>+<alg>+<id> will be printed to stdout\n");
- fprintf(fp, "Options:\n");
- fprintf(fp, " -f: ignore SEP flag (i.e. make DS records for any key)\n");
- fprintf(fp, " -n: do not write DS records to file(s) but to stdout\n");
- fprintf(fp, " (default) use similar hash to the key algorithm.\n");
- fprintf(fp, " -1: use SHA1 for the DS hash\n");
- fprintf(fp, " -2: use SHA256 for the DS hash\n");
-#ifdef USE_GOST
- fprintf(fp, " -g: use GOST for the DS hash\n");
-#endif
-#ifdef USE_ECDSA
- fprintf(fp, " -4: use SHA384 for the DS hash\n");
-#endif
-}
-
-static int
-is_suitable_dnskey(ldns_rr *rr, int sep_only)
-{
- if (!rr || ldns_rr_get_type(rr) != LDNS_RR_TYPE_DNSKEY) {
- return 0;
- }
- return !sep_only ||
- (ldns_rdf2native_int16(ldns_rr_dnskey_flags(rr)) &
- LDNS_KEY_SEP_KEY);
-}
-
-static ldns_hash
-suitable_hash(ldns_signing_algorithm algorithm)
-{
- switch (algorithm) {
- case LDNS_SIGN_RSASHA256:
- case LDNS_SIGN_RSASHA512:
- return LDNS_SHA256;
- case LDNS_SIGN_ECC_GOST:
-#ifdef USE_GOST
- return LDNS_HASH_GOST;
-#else
- return LDNS_SHA256;
-#endif
-#ifdef USE_ECDSA
- case LDNS_SIGN_ECDSAP256SHA256:
- return LDNS_SHA256;
- case LDNS_SIGN_ECDSAP384SHA384:
- return LDNS_SHA384;
-#endif
- default:
- return LDNS_SHA1;
- }
- return LDNS_SHA1;
-}
-
-int
-main(int argc, char *argv[])
-{
- FILE *keyfp, *dsfp;
- char *keyname;
- char *dsname;
- char *owner;
- ldns_rr *k, *ds;
- ldns_signing_algorithm alg;
- ldns_hash h;
- int similar_hash=1;
- char *program = argv[0];
- int nofile = 0;
- ldns_rdf *origin = NULL;
- ldns_status result = LDNS_STATUS_OK;
- int sep_only = 1;
-
- alg = 0;
- h = LDNS_SHA1;
-
- argv++, argc--;
- while (argc && argv[0][0] == '-') {
- if (strcmp(argv[0], "-1") == 0) {
- h = LDNS_SHA1;
- similar_hash = 0;
- }
- if (strcmp(argv[0], "-2") == 0) {
- h = LDNS_SHA256;
- similar_hash = 0;
- }
-#ifdef USE_GOST
- if (strcmp(argv[0], "-g") == 0) {
- if(!ldns_key_EVP_load_gost_id()) {
- fprintf(stderr, "error: libcrypto does not provide GOST\n");
- exit(EXIT_FAILURE);
- }
- h = LDNS_HASH_GOST;
- similar_hash = 0;
- }
-#endif
-#ifdef USE_ECDSA
- if (strcmp(argv[0], "-4") == 0) {
- h = LDNS_SHA384;
- similar_hash = 0;
- }
-#endif
- if (strcmp(argv[0], "-f") == 0) {
- sep_only = 0;
- }
- if (strcmp(argv[0], "-n") == 0) {
- nofile=1;
- }
- argv++, argc--;
- }
-
- if (argc != 1) {
- usage(stderr, program);
- exit(EXIT_FAILURE);
- }
- keyname = strdup(argv[0]);
-
- keyfp = fopen(keyname, "r");
- if (!keyfp) {
- fprintf(stderr, "Failed to open public key file %s: %s\n", keyname,
- strerror(errno));
- exit(EXIT_FAILURE);
- }
-
- while (result == LDNS_STATUS_OK) {
- result = ldns_rr_new_frm_fp(&k, keyfp, 0, &origin, NULL);
- while (result == LDNS_STATUS_SYNTAX_ORIGIN ||
- result == LDNS_STATUS_SYNTAX_TTL ||
- (result == LDNS_STATUS_OK && !is_suitable_dnskey(k, sep_only))
- ) {
- if (result == LDNS_STATUS_OK) {
- ldns_rr_free(k);
- }
- result = ldns_rr_new_frm_fp(&k, keyfp, 0, &origin, NULL);
- }
- if (result == LDNS_STATUS_SYNTAX_EMPTY) {
- /* we're done */
- break;
- }
- if (result != LDNS_STATUS_OK) {
- fprintf(stderr, "Could not read public key from file %s: %s\n", keyname, ldns_get_errorstr_by_id(result));
- exit(EXIT_FAILURE);
- }
-
- owner = ldns_rdf2str(ldns_rr_owner(k));
- alg = ldns_rdf2native_int8(ldns_rr_dnskey_algorithm(k));
- if(similar_hash)
- h = suitable_hash(alg);
-
- ds = ldns_key_rr2ds(k, h);
- if (!ds) {
- fprintf(stderr, "Conversion to a DS RR failed\n");
- ldns_rr_free(k);
- free(owner);
- exit(EXIT_FAILURE);
- }
-
- /* print the public key RR to .key */
- dsname = LDNS_XMALLOC(char, strlen(owner) + 16);
- snprintf(dsname, strlen(owner) + 15, "K%s+%03u+%05u.ds", owner, alg, (unsigned int) ldns_calc_keytag(k));
-
- if (nofile)
- ldns_rr_print(stdout,ds);
- else {
- dsfp = fopen(dsname, "w");
- if (!dsfp) {
- fprintf(stderr, "Unable to open %s: %s\n", dsname, strerror(errno));
- exit(EXIT_FAILURE);
- } else {
- ldns_rr_print(dsfp, ds);
- fclose(dsfp);
- fprintf(stdout, "K%s+%03u+%05u\n", owner, alg, (unsigned int) ldns_calc_keytag(k));
- }
- }
-
- ldns_rr_free(ds);
- ldns_rr_free(k);
- free(owner);
- LDNS_FREE(dsname);
- }
- fclose(keyfp);
- free(keyname);
- exit(EXIT_SUCCESS);
-}
+++ /dev/null
-.TH ldns-keyfetcher 1 "4 Apr 2006"
-.SH NAME
-ldns-keyfetcher \- retrieve the DNSSEC DNSKEYs for a zone
-.SH SYNOPSIS
-.B ldns-keyfetcher
-[
-.IR OPTIONS
-]
-.IR DOMAIN
-
-.SH DESCRIPTION
-\fBldns-keyfetcher\fR is used to retrieve the DNSKEYs of a zone.
-
-First it finds all authoritative nameservers of the zone by tracing it from
-the root down. All authoritative nameservers are then queried (using TCP)
-for the DNSKEY RRset of the zone apex. If the results are all the same,
-the key resource record set is printed.
-
-
-.SH OPTIONS
-\fB-4\fR \fI\fR
-Only use IPv4
-
-\fB-6\fR \fI\fR
-Only use IPv6
-
-\fB-h\fR \fI\fR
-Show a help text and exit
-
-\fB-i\fR
-Insecurer mode; there will only be one query for the DNSKEYS. There will not
-be crosschecking of all authoritative nameservers.
-
-\fB-v\fR \fIverbosity\fR
-
-Set the verbosity level. The following levels are available:
-
- 0: default, only print the DNSKEY RRset found, or an error on failure.
- 1: Show the nameservers that are queried
- 2: Show more info on what is checked
- 3: Show the intermediate results (authority and dnskey rrsets)
- 4: Print the answer packets that are returned
-
-\fB-r\fR \fIfile\fR
-
-Use file as the root hints file, should contain A records in presentation
-format. The default is /etc/named.root. You can get this file from
-http://www.internic.net/zones/named.root.
-
-\fB-s\fR \fI\fR
-Don't print the keys to stdout, but store them in files.
-
-The filenames will be of the format K<file>.+<alg>.+<keytag>.key
-
-.SH AUTHOR
-Written by Jelte Jansen for NLnet Labs.
-
-.SH REPORTING BUGS
-Report bugs to <ldns-team@nlnetlabs.nl>.
-
-.SH COPYRIGHT
-Copyright (C) 2006 NLnet Labs. This is free software. There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
-PURPOSE.
+++ /dev/null
-/*
- * ldns-keyfetcher retrieves the DNSKEYS for a certain domain
- * It traces the authoritatives nameservers down from the root
- * And uses TCP, to minimize spoofing danger.
- *
- * (c) NLnet Labs, 2006 - 2008
- * See the file LICENSE for the license
- */
-
-#include "config.h"
-#include <ldns/ldns.h>
-#include <errno.h>
-
-int verbosity = 0;
-/* 0=use both ip4 and ip6 (default). 1=ip4only. 2=ip6only. */
-uint8_t address_family = 0;
-bool store_in_file = false;
-
-static void
-usage(FILE *fp, char *prog) {
- fprintf(fp, "%s domain\n", prog);
- fprintf(fp, " retrieve the dnskeys for a domain\n");
- fprintf(fp, "Options:\n");
- fprintf(fp, "-4\t\tUse IPv4 only\n");
- fprintf(fp, "-6\t\tUse IPv6 only\n");
- fprintf(fp, "-h\t\tShow this help\n");
- fprintf(fp, "-i\t\tInsecurer mode; don't do checks, just query for the keys\n");
- fprintf(fp, "-r <file>\tUse file to read root hints from\n");
- fprintf(fp, "-s\t\tDon't print the keys but store them in files\n\t\tcalled K<file>.+<alg>.+<keytag>.key\n");
- fprintf(fp, "-v <int>\tVerbosity level (0-5, not verbose-very verbose)\n");
-}
-
-static ldns_rr_list *
-retrieve_dnskeys(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t,
- ldns_rr_class c, ldns_rr_list *dns_root)
-{
- ldns_resolver *res;
- ldns_pkt *p;
- ldns_rr_list *new_nss_a;
- ldns_rr_list *new_nss_aaaa;
- ldns_rr_list *final_answer;
- ldns_rr_list *new_nss;
- ldns_rr_list *ns_addr;
- ldns_rr_list *ns_addr2;
- uint16_t loop_count;
- ldns_rdf *pop;
- ldns_status status;
- size_t i;
-
- size_t nss_i;
- ldns_rr_list *answer_list = NULL;
- ldns_rr_list *authority_list = NULL;
-
- size_t last_nameserver_count;
- ldns_rdf **last_nameservers;
-
- loop_count = 0;
- new_nss_a = NULL;
- new_nss_aaaa = NULL;
- new_nss = NULL;
- ns_addr = NULL;
- ns_addr2 = NULL;
- final_answer = NULL;
- p = ldns_pkt_new();
- res = ldns_resolver_new();
-
- if (!p || !res) {
- fprintf(stderr, "Memory allocation failed");
- return NULL;
- }
-
- if (verbosity >= 2) {
- printf("Finding dnskey data for zone: ");
- ldns_rdf_print(stdout, name);
- printf("\n\n");
- }
-
- /* transfer some properties of local_res to res,
- * because they were given on the commandline */
- ldns_resolver_set_ip6(res,
- ldns_resolver_ip6(local_res));
- ldns_resolver_set_port(res,
- ldns_resolver_port(local_res));
- ldns_resolver_set_debug(res,
- ldns_resolver_debug(local_res));
- ldns_resolver_set_dnssec(res,
- ldns_resolver_dnssec(local_res));
- ldns_resolver_set_fail(res,
- ldns_resolver_fail(local_res));
- ldns_resolver_set_usevc(res,
- ldns_resolver_usevc(local_res));
- ldns_resolver_set_random(res,
- ldns_resolver_random(local_res));
- ldns_resolver_set_recursive(res, false);
-
- /* setup the root nameserver in the new resolver */
- status = ldns_resolver_push_nameserver_rr_list(res, dns_root);
- if (status != LDNS_STATUS_OK) {
- fprintf(stderr, "Error setting root nameservers in resolver: %s\n", ldns_get_errorstr_by_id(status));
- return NULL;
- }
-
- ldns_pkt_free(p);
- status = ldns_resolver_send(&p, res, name, t, c, 0);
- if (status != LDNS_STATUS_OK) {
- fprintf(stderr, "Error querying root servers: %s\n", ldns_get_errorstr_by_id(status));
- return NULL;
- }
-
- if (ldns_pkt_get_rcode(p) != LDNS_RCODE_NOERROR) {
- printf("Error in packet:\n");
- ldns_pkt_print(stdout, p);
- return NULL;
- }
-
- if (verbosity >= 4) {
- ldns_pkt_print(stdout, p);
- printf("\n\n");
- }
-
- /* from now on, use TCP */
- ldns_resolver_set_usevc(res, true);
-
- while(status == LDNS_STATUS_OK &&
- ldns_pkt_reply_type(p) == LDNS_PACKET_REFERRAL) {
-
- if (verbosity >= 3) {
- printf("This is a delegation!\n\n");
- }
- if (address_family == 0 || address_family == 1) {
- new_nss_a = ldns_pkt_rr_list_by_type(p,
- LDNS_RR_TYPE_A, LDNS_SECTION_ADDITIONAL);
- } else {
- new_nss_a = ldns_rr_list_new();
- }
- if (address_family == 0 || address_family == 2) {
- new_nss_aaaa = ldns_pkt_rr_list_by_type(p,
- LDNS_RR_TYPE_AAAA, LDNS_SECTION_ADDITIONAL);
- } else {
- new_nss_aaaa = ldns_rr_list_new();
- }
- new_nss = ldns_pkt_rr_list_by_type(p,
- LDNS_RR_TYPE_NS, LDNS_SECTION_AUTHORITY);
-
- /* remove the old nameserver from the resolver */
- while((pop = ldns_resolver_pop_nameserver(res))) { ldns_rdf_deep_free(pop); }
-
- /* also check for new_nss emptyness */
-
- if (!new_nss_aaaa && !new_nss_a) {
- /*
- * no nameserver found!!!
- * try to resolve the names we do got
- */
- if (verbosity >= 3) {
- printf("Did not get address record for nameserver, doing seperate query.\n");
- }
- ns_addr = ldns_rr_list_new();
- for(i = 0; (size_t) i < ldns_rr_list_rr_count(new_nss); i++) {
- /* get the name of the nameserver */
- pop = ldns_rr_rdf(ldns_rr_list_rr(new_nss, i), 0);
- if (!pop) {
- break;
- }
-
- /* retrieve it's addresses */
- ns_addr2 = ldns_get_rr_list_addr_by_name(local_res, pop, c, 0);
- if (!ldns_rr_list_cat(ns_addr, ns_addr2)) {
- fprintf(stderr, "Internal error adding nameserver address.\n");
- exit(EXIT_FAILURE);
- }
- ldns_rr_list_free(ns_addr2);
- }
-
- if (ns_addr) {
- if (ldns_resolver_push_nameserver_rr_list(res, ns_addr) !=
- LDNS_STATUS_OK) {
- fprintf(stderr, "Error adding new nameservers");
- ldns_pkt_free(p);
- return NULL;
- }
- ldns_rr_list_deep_free(ns_addr);
- } else {
- ldns_rr_list_print(stdout, ns_addr);
- fprintf(stderr, "Could not find the nameserver ip addr; abort");
- ldns_pkt_free(p);
- return NULL;
- }
- }
-
- /* normally, the first working ns is used, but we need all now, so do it one by one
- * if the answer is null, take it from the next resolver
- * if the answer is not, compare it to that of the next resolver
- * error if different, continue if the same
- * if answer list null and no resolvers left die.
- */
-
- ldns_rr_list_deep_free(answer_list);
- ldns_rr_list_deep_free(authority_list);
- answer_list = NULL;
- authority_list = NULL;
- for (nss_i = 0; nss_i < ldns_rr_list_rr_count(new_nss_aaaa); nss_i++) {
- while((pop = ldns_resolver_pop_nameserver(res))) { ldns_rdf_deep_free(pop); }
-
- status = ldns_resolver_push_nameserver(res, ldns_rr_rdf(ldns_rr_list_rr(new_nss_aaaa, nss_i), 0));
- if (status != LDNS_STATUS_OK) {
- fprintf(stderr, "Error adding nameserver to resolver: %s\n", ldns_get_errorstr_by_id(status));
- }
-
- if (verbosity >= 1) {
- fprintf(stdout, "Querying nameserver: ");
- ldns_rdf_print(stdout, ldns_rr_owner(ldns_rr_list_rr(new_nss_aaaa, nss_i)));
- fprintf(stdout, " (");
- ldns_rdf_print(stdout, ldns_rr_rdf(ldns_rr_list_rr(new_nss_aaaa, nss_i), 0));
- fprintf(stdout, ")\n");
- }
- status = ldns_resolver_push_nameserver(res, ldns_rr_rdf(ldns_rr_list_rr(new_nss_aaaa, nss_i), 0));
- if (status != LDNS_STATUS_OK) {
- fprintf(stderr, "Error adding nameserver to resolver: %s\n", ldns_get_errorstr_by_id(status));
- }
-
- ldns_pkt_free(p);
- status = ldns_resolver_send(&p, res, name, t, c, 0);
- if (status == LDNS_STATUS_OK && p) {
- if (ldns_pkt_get_rcode(p) != LDNS_RCODE_NOERROR) {
- printf("Error in packet:\n");
- ldns_pkt_print(stdout, p);
- return NULL;
- }
-
- if (verbosity >= 4) {
- ldns_pkt_print(stdout, p);
- printf("\n\n");
- }
-
- if (answer_list) {
- if (verbosity >= 2) {
- printf("Comparing answer list of answer to previous\n\n");
- }
- ldns_rr_list_sort(ldns_pkt_answer(p));
- ldns_rr_list_sort(answer_list);
- if (ldns_rr_list_compare(answer_list, ldns_pkt_answer(p)) != 0) {
- fprintf(stderr, "ERROR: different answer answer from nameserver\n");
- fprintf(stderr, "\nI had (from previous servers):\n");
- ldns_rr_list_print(stderr, answer_list);
- fprintf(stderr, "\nI received (from nameserver at ");
- ldns_rdf_print(stderr, ldns_resolver_nameservers(res)[0]);
- fprintf(stderr, "):\n");
- ldns_rr_list_print(stderr, ldns_pkt_answer(p));
- exit(EXIT_FAILURE);
- }
- } else {
- answer_list = ldns_rr_list_clone(ldns_pkt_answer(p));
- ldns_rr_list_sort(answer_list);
- if (verbosity >= 2) {
- printf("First answer list for this set, nothing to compare with\n\n");
- }
- }
- if (authority_list) {
- if (verbosity >= 2) {
- printf("Comparing authority list of answer to previous\n\n");
- }
- ldns_rr_list_sort(ldns_pkt_authority(p));
- ldns_rr_list_sort(authority_list);
- if (ldns_rr_list_compare(authority_list, ldns_pkt_authority(p)) != 0) {
- fprintf(stderr, "ERROR: different authority answer from nameserver\n");
- fprintf(stderr, "\nI had (from previous servers):\n");
- ldns_rr_list_print(stderr, authority_list);
- fprintf(stderr, "\nI received (from nameserver at ");
- ldns_rdf_print(stderr, ldns_resolver_nameservers(res)[0]);
- fprintf(stderr, "):\n");
- ldns_rr_list_print(stderr, ldns_pkt_authority(p));
- exit(EXIT_FAILURE);
- }
- } else {
- authority_list = ldns_rr_list_clone(ldns_pkt_authority(p));
- ldns_rr_list_sort(authority_list);
- if (verbosity >= 2) {
- printf("First authority list for this set, nothing to compare with\n\n");
- }
- if (verbosity >= 3) {
- printf("NS RRset:\n");
- ldns_rr_list_print(stdout, authority_list);
- printf("\n");
- }
- }
- }
- }
-
- ldns_rr_list_deep_free(answer_list);
- ldns_rr_list_deep_free(authority_list);
- answer_list = NULL;
- authority_list = NULL;
- for (nss_i = 0; nss_i < ldns_rr_list_rr_count(new_nss_a); nss_i++) {
-
- while((pop = ldns_resolver_pop_nameserver(res))) {ldns_rdf_deep_free(pop); }
-
- if (verbosity >= 1) {
- fprintf(stdout, "Querying nameserver: ");
- ldns_rdf_print(stdout, ldns_rr_owner(ldns_rr_list_rr(new_nss_a, nss_i)));
- fprintf(stdout, " (");
- ldns_rdf_print(stdout, ldns_rr_rdf(ldns_rr_list_rr(new_nss_a, nss_i), 0));
- fprintf(stdout, ")\n");
- }
- status = ldns_resolver_push_nameserver(res, ldns_rr_rdf(ldns_rr_list_rr(new_nss_a, nss_i), 0));
- if (status != LDNS_STATUS_OK) {
- fprintf(stderr, "Error adding nameserver to resolver: %s\n", ldns_get_errorstr_by_id(status));
- }
-
- ldns_pkt_free(p);
- status = ldns_resolver_send(&p, res, name, t, c, 0);
-
- if (status == LDNS_STATUS_OK) {
- if (ldns_pkt_get_rcode(p) != LDNS_RCODE_NOERROR) {
- printf("Error in packet:\n");
- ldns_pkt_print(stdout, p);
- return NULL;
- }
-
- if (verbosity >= 4) {
- ldns_pkt_print(stdout, p);
- printf("\n\n");
- }
-
- if (answer_list) {
- if (verbosity >= 2) {
- printf("Comparing answer list of answer to previous\n\n");
- }
- ldns_rr_list_sort(ldns_pkt_answer(p));
- ldns_rr_list_sort(answer_list);
- if (ldns_rr_list_compare(answer_list, ldns_pkt_answer(p)) != 0) {
- fprintf(stderr, "ERROR: different answer answer from nameserver\n");
- fprintf(stderr, "\nI had (from previous servers):\n");
- ldns_rr_list_print(stderr, answer_list);
- fprintf(stderr, "\nI received (from nameserver at ");
- ldns_rdf_print(stderr, ldns_resolver_nameservers(res)[0]);
- fprintf(stderr, "):\n");
- ldns_rr_list_print(stderr, ldns_pkt_answer(p));
- exit(EXIT_FAILURE);
- }
- } else {
- if (verbosity >= 2) {
- printf("First answer list for this set, nothing to compare with\n\n");
- }
- answer_list = ldns_rr_list_clone(ldns_pkt_answer(p));
- ldns_rr_list_sort(answer_list);
- }
- if (authority_list) {
- if (verbosity >= 2) {
- printf("Comparing authority list of answer to previous\n\n");
- }
- ldns_rr_list_sort(ldns_pkt_authority(p));
- ldns_rr_list_sort(authority_list);
- if (ldns_rr_list_compare(authority_list, ldns_pkt_authority(p)) != 0) {
- fprintf(stderr, "ERROR: different authority answer from nameserver\n");
- fprintf(stderr, "\nI had (from previous servers):\n");
- ldns_rr_list_print(stderr, authority_list);
- fprintf(stderr, "\nI received (from nameserver at ");
- ldns_rdf_print(stderr, ldns_resolver_nameservers(res)[0]);
- fprintf(stderr, "):\n");
- ldns_rr_list_print(stderr, ldns_pkt_authority(p));
- exit(EXIT_FAILURE);
- }
- } else {
- if (verbosity >= 2) {
- printf("First authority list for this set, nothing to compare with\n\n");
- }
- authority_list = ldns_rr_list_clone(ldns_pkt_authority(p));
- ldns_rr_list_sort(authority_list);
- if (verbosity >= 3) {
- printf("NS RRset:\n");
- ldns_rr_list_print(stdout, authority_list);
- printf("\n");
- }
- }
- }
- }
- ldns_rr_list_deep_free(authority_list);
- authority_list = NULL;
-
- if (loop_count++ > 20) {
- /* unlikely that we are doing something usefull */
- fprintf(stderr, "Looks like we are looping");
- ldns_pkt_free(p);
- return NULL;
- }
-
- ldns_pkt_free(p);
-
- if (verbosity >= 3) {
- fprintf(stdout, "This level ok. Continuing to next.\n\n");
- }
-
- status = ldns_resolver_send(&p, res, name, t, c, 0);
-
- if (status != LDNS_STATUS_OK) {
- fprintf(stderr, "Error querying root servers: %s\n", ldns_get_errorstr_by_id(status));
- return NULL;
- }
-
- if (ldns_pkt_get_rcode(p) != LDNS_RCODE_NOERROR) {
- printf("Error in packet:\n");
- ldns_pkt_print(stdout, p);
- return NULL;
- }
-
- if (verbosity >= 4) {
- ldns_pkt_print(stdout, p);
- printf("\n\n");
- }
-
-
- ldns_rr_list_deep_free(new_nss_aaaa);
- ldns_rr_list_deep_free(new_nss_a);
- ldns_rr_list_deep_free(new_nss);
- new_nss_aaaa = NULL;
- new_nss_a = NULL;
- ns_addr = NULL;
- }
-
- ldns_rr_list_deep_free(answer_list);
- answer_list = NULL;
- /* clone the nameserver list, we are going to handle them one by one */
- last_nameserver_count = 0;
- last_nameservers = LDNS_XMALLOC(ldns_rdf *, ldns_resolver_nameserver_count(res));
-
- pop = NULL;
- while((pop = ldns_resolver_pop_nameserver(res))) {
- last_nameservers[last_nameserver_count] = pop;
- last_nameserver_count++;
- }
-
- for (nss_i = 0; nss_i < last_nameserver_count; nss_i++) {
- /* remove previous nameserver */
- while((pop = ldns_resolver_pop_nameserver(res))) { ldns_rdf_deep_free(pop); }
-
- if (verbosity >= 1) {
- printf("Querying nameserver: ");
- ldns_rdf_print(stdout, last_nameservers[nss_i]);
- printf("\n");
- }
- status = ldns_resolver_push_nameserver(res, last_nameservers[nss_i]);
- if (status != LDNS_STATUS_OK) {
- fprintf(stderr, "Error adding nameserver to resolver: %s\n", ldns_get_errorstr_by_id(status));
- }
-
- ldns_pkt_free(p);
- status = ldns_resolver_send(&p, res, name, t, c, 0);
-
- if (!p) {
- fprintf(stderr, "no packet received\n");
- return NULL;
- }
-
- if (status == LDNS_STATUS_RES_NO_NS) {
- fprintf(stderr, "Error: nameserver at ");
- ldns_rdf_print(stderr, last_nameservers[nss_i]);
- fprintf(stderr, " not responding. Unable to check RRset here, aborting.\n");
- return NULL;
- }
-
- if (ldns_pkt_get_rcode(p) != LDNS_RCODE_NOERROR) {
- printf("Error in packet:\n");
- ldns_pkt_print(stdout, p);
- return NULL;
- }
-
- if (answer_list) {
- if (verbosity >= 2) {
- printf("1Comparing answer rr list of answer to previous\n");
- }
- ldns_rr_list_sort(ldns_pkt_answer(p));
- ldns_rr_list_sort(answer_list);
- if (ldns_rr_list_compare(answer_list, ldns_pkt_answer(p)) != 0) {
- printf("ERROR: different answer section in response from nameserver\n");
- fprintf(stderr, "\nI had:\n");
- ldns_rr_list_print(stderr, answer_list);
- fprintf(stderr, "\nI received (from nameserver at ");
- ldns_rdf_print(stderr, ldns_resolver_nameservers(res)[0]);
- fprintf(stderr, "):\n");
- ldns_rr_list_print(stderr, ldns_pkt_answer(p));
- exit(EXIT_FAILURE);
- }
- } else {
- if (verbosity >= 2) {
- printf("First answer rr list for this set, nothing to compare with\n");
- }
- answer_list = ldns_rr_list_clone(ldns_pkt_answer(p));
- if (verbosity >= 3) {
- printf("DNSKEY RRset:\n");
- ldns_rr_list_print(stdout, answer_list);
- }
- }
-
- }
-
- for (nss_i = 0; nss_i < last_nameserver_count; nss_i++) {
- ldns_rdf_deep_free(last_nameservers[nss_i]);
- }
- LDNS_FREE(last_nameservers);
- ldns_resolver_deep_free(res);
- ldns_pkt_free(p);
- return answer_list;
-}
-
-
-/*
- * The file with the given path should contain a list of NS RRs
- * for the root zone and A records for those NS RRs.
- * Read them, check them, and append the a records to the rr list given.
- */
-ldns_rr_list *
-read_root_hints(const char *filename)
-{
- FILE *fp = NULL;
- int line_nr = 0;
- ldns_zone *z;
- ldns_status status;
- ldns_rr_list *addresses = NULL;
- ldns_rr *rr;
- size_t i;
-
- fp = fopen(filename, "r");
- if (!fp) {
- fprintf(stderr, "Unable to open %s for reading: %s\n", filename, strerror(errno));
- return NULL;
- }
-
- status = ldns_zone_new_frm_fp_l(&z, fp, NULL, 0, 0, &line_nr);
- fclose(fp);
- if (status != LDNS_STATUS_OK) {
- fprintf(stderr, "Error reading root hints file: %s\n", ldns_get_errorstr_by_id(status));
- return NULL;
- } else {
- addresses = ldns_rr_list_new();
- for (i = 0; i < ldns_rr_list_rr_count(ldns_zone_rrs(z)); i++) {
- rr = ldns_rr_list_rr(ldns_zone_rrs(z), i);
- if ((address_family == 0 || address_family == 1) &&
- ldns_rr_get_type(rr) == LDNS_RR_TYPE_A ) {
- ldns_rr_list_push_rr(addresses, ldns_rr_clone(rr));
- }
- if ((address_family == 0 || address_family == 2) &&
- ldns_rr_get_type(rr) == LDNS_RR_TYPE_AAAA) {
- ldns_rr_list_push_rr(addresses, ldns_rr_clone(rr));
- }
- }
- ldns_zone_deep_free(z);
- return addresses;
- }
-}
-
-
-int
-main(int argc, char *argv[])
-{
- ldns_resolver *res;
- ldns_rdf *ns;
- ldns_rdf *domain;
- ldns_rr_list *l = NULL;
-
- ldns_rr_list *dns_root = NULL;
- const char *root_file = "/etc/named.root";
-
- ldns_status status;
-
- int i;
-
- char *domain_str;
- char *outputfile_str;
- ldns_buffer *outputfile_buffer;
- FILE *outputfile;
- ldns_rr *k;
-
- bool insecure = false;
- ldns_pkt *pkt;
-
- domain = NULL;
- res = NULL;
-
- if (argc < 2) {
- usage(stdout, argv[0]);
- exit(EXIT_FAILURE);
- } else {
- for (i = 1; i < argc; i++) {
- if (strncmp("-4", argv[i], 3) == 0) {
- if (address_family != 0) {
- fprintf(stderr, "Options -4 and -6 cannot be specified at the same time\n");
- exit(EXIT_FAILURE);
- }
- address_family = 1;
- } else if (strncmp("-6", argv[i], 3) == 0) {
- if (address_family != 0) {
- fprintf(stderr, "Options -4 and -6 cannot be specified at the same time\n");
- exit(EXIT_FAILURE);
- }
- address_family = 2;
- } else if (strncmp("-h", argv[i], 3) == 0) {
- usage(stdout, argv[0]);
- exit(EXIT_SUCCESS);
- } else if (strncmp("-i", argv[i], 2) == 0) {
- insecure = true;
- } else if (strncmp("-r", argv[i], 2) == 0) {
- if (strlen(argv[i]) > 2) {
- root_file = argv[i]+2;
- } else if (i+1 >= argc) {
- usage(stdout, argv[0]);
- exit(EXIT_FAILURE);
- } else {
- root_file = argv[i+1];
- i++;
- }
- } else if (strncmp("-s", argv[i], 3) == 0) {
- store_in_file = true;
- } else if (strncmp("-v", argv[i], 2) == 0) {
- if (strlen(argv[i]) > 2) {
- verbosity = atoi(argv[i]+2);
- } else if (i+1 > argc) {
- usage(stdout, argv[0]);
- exit(EXIT_FAILURE);
- } else {
- verbosity = atoi(argv[i+1]);
- i++;
- }
- } else {
- /* create a rdf from the command line arg */
- if (domain) {
- fprintf(stdout, "You can only specify one domain at a time\n");
- exit(EXIT_FAILURE);
- }
-
- domain = ldns_dname_new_frm_str(argv[i]);
- }
-
- }
- if (!domain) {
- usage(stdout, argv[0]);
- exit(EXIT_FAILURE);
- }
- }
-
- dns_root = read_root_hints(root_file);
- if (!dns_root) {
- fprintf(stderr, "cannot read the root hints file\n");
- exit(EXIT_FAILURE);
- }
-
- /* create a new resolver from /etc/resolv.conf */
- status = ldns_resolver_new_frm_file(&res, NULL);
-
- if (status != LDNS_STATUS_OK) {
- fprintf(stderr, "Warning: Unable to create stub resolver from /etc/resolv.conf:\n");
- fprintf(stderr, "%s\n", ldns_get_errorstr_by_id(status));
- fprintf(stderr, "defaulting to nameserver at 127.0.0.1 for separate nameserver name lookups\n");
- res = ldns_resolver_new();
- ns = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_A, "127.0.0.1");
- status = ldns_resolver_push_nameserver(res, ns);
- if (status != LDNS_STATUS_OK) {
- fprintf(stderr, "Unable to create stub resolver: %s\n", ldns_get_errorstr_by_id(status));
- exit(EXIT_FAILURE);
- }
- ldns_rdf_deep_free(ns);
- }
-
- ldns_resolver_set_ip6(res, address_family);
-
- if (insecure) {
- pkt = ldns_resolver_query(res, domain, LDNS_RR_TYPE_DNSKEY, LDNS_RR_CLASS_IN, LDNS_RD);
- if (pkt) {
- l = ldns_pkt_rr_list_by_type(pkt, LDNS_RR_TYPE_DNSKEY, LDNS_SECTION_ANY_NOQUESTION);
- }
- } else {
- l = retrieve_dnskeys(res, domain, LDNS_RR_TYPE_DNSKEY, LDNS_RR_CLASS_IN, dns_root);
- }
-
- /* separator for result data and verbosity data */
- if (verbosity > 0) {
- fprintf(stdout, "; ---------------------------\n");
- fprintf(stdout, "; Got the following keys:\n");
- }
- if (l) {
- if (store_in_file) {
- /* create filename:
- * K<domain>.+<alg>.+<id>.key
- */
- for (i = 0; (size_t) i < ldns_rr_list_rr_count(l); i++) {
- k = ldns_rr_list_rr(l, (size_t) i);
-
- outputfile_buffer = ldns_buffer_new(300);
- domain_str = ldns_rdf2str(ldns_rr_owner(k));
- ldns_buffer_printf(outputfile_buffer, "K%s+%03u+%05u.key", domain_str, ldns_rdf2native_int8(ldns_rr_rdf(k, 2)),
- (unsigned int) ldns_calc_keytag(k));
- outputfile_str = ldns_buffer_export(outputfile_buffer);
-
- if (verbosity >= 1) {
- fprintf(stdout, "Writing key to file %s\n", outputfile_str);
- }
-
- outputfile = fopen(outputfile_str, "w");
- if (!outputfile) {
- fprintf(stderr, "Error writing key to file %s: %s\n", outputfile_str, strerror(errno));
- } else {
- ldns_rr_print(outputfile, k);
- fclose(outputfile);
- }
-
- LDNS_FREE(domain_str);
- LDNS_FREE(outputfile_str);
- LDNS_FREE(outputfile_buffer);
- }
- } else {
- ldns_rr_list_print(stdout, l);
- }
- } else {
- fprintf(stderr, "no answer packet received, stub resolver config:\n");
- ldns_resolver_print(stderr, res);
- }
- printf("\n");
-
- ldns_rdf_deep_free(domain);
- ldns_resolver_deep_free(res);
- ldns_rr_list_deep_free(l);
- ldns_rr_list_deep_free(dns_root);
- return EXIT_SUCCESS;
-}
+++ /dev/null
-.TH ldns-keygen 1 "27 May 2008"
-.SH NAME
-ldns-keygen \- generate a DNSSEC key pair
-.SH SYNOPSIS
-.B ldns-keygen
-[
-.IR OPTION
-]
-.IR DOMAIN
-
-.SH DESCRIPTION
-\fBldns-keygen\fR is used to generate a private/public keypair. When run, it
-will create 3 files; a .key file with the public DNSKEY, a .private
-file with the private keydata and a .ds with the DS record of the
-DNSKEY record.
-
-It prints out the basename for these files: K<name>+<alg>+<id>
-
-.SH OPTIONS
-.TP
-\fB-a \fI<algorithm>\fR
-Create a key with this algorithm. Specifying 'list' here gives a list of supported algorithms.
-Several alias names are also accepted (from older versions and other software),
-the list gives names from the RFC. Also the plain algo number is accepted.
-
-.TP
-\fB-b \fI<bits>\fR
-Use this many bits for the key length.
-
-.TP
-\fB-k\fR
-When given, generate a key signing key. This just sets the flag field to
-257 instead of 256 in the DNSKEY RR in the .key file.
-
-.TP
-\fB-r \fIdevice\fR
-Make ldns-keygen use this file to seed the random generator with. This will
-default to /dev/random.
-
-.TP
-\fB-v\fR
-Show the version and exit
-
-.SH AUTHOR
-Written by the ldns team as an example for ldns usage.
-
-.SH REPORTING BUGS
-Report bugs to <ldns-team@nlnetlabs.nl>.
-
-.SH COPYRIGHT
-Copyright (C) 2005-2008 NLnet Labs. This is free software. There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
-PURPOSE.
+++ /dev/null
-/*
- * keygen is a small programs that generate a dnskey and private key
- * for a particular domain.
- *
- * (c) NLnet Labs, 2005 - 2008
- * See the file LICENSE for the license
- */
-
-#include "config.h"
-
-#include <ldns/ldns.h>
-
-#include <errno.h>
-
-#ifdef HAVE_SSL
-static void
-usage(FILE *fp, char *prog) {
- fprintf(fp, "%s -a <algorithm> [-b bits] [-r /dev/random] [-v] domain\n",
- prog);
- fprintf(fp, " generate a new key pair for domain\n");
- fprintf(fp, " -a <alg>\tuse the specified algorithm (-a list to");
- fprintf(fp, " show a list)\n");
- fprintf(fp, " -k\t\tset the flags to 257; key signing key\n");
- fprintf(fp, " -b <bits>\tspecify the keylength\n");
- fprintf(fp, " -r <random>\tspecify a random device (defaults to /dev/random)\n");
- fprintf(fp, "\t\tto seed the random generator with\n");
- fprintf(fp, " -v\t\tshow the version and exit\n");
- fprintf(fp, " The following files will be created:\n");
- fprintf(fp, " K<name>+<alg>+<id>.key\tPublic key in RR format\n");
- fprintf(fp, " K<name>+<alg>+<id>.private\tPrivate key in key format\n");
- fprintf(fp, " K<name>+<alg>+<id>.ds\tDS in RR format (only for DNSSEC keys)\n");
- fprintf(fp, " The base name (K<name>+<alg>+<id> will be printed to stdout\n");
-}
-
-static void
-show_algorithms(FILE *out)
-{
- ldns_lookup_table *lt = ldns_signing_algorithms;
- fprintf(out, "Possible algorithms:\n");
-
- while (lt->name) {
- fprintf(out, "%s\n", lt->name);
- lt++;
- }
-}
-
-int
-main(int argc, char *argv[])
-{
- int c;
- char *prog;
-
- /* default key size */
- uint16_t def_bits = 1024;
- uint16_t bits = def_bits;
- bool ksk;
-
- FILE *file;
- FILE *random;
- char *filename;
- char *owner;
-
- ldns_signing_algorithm algorithm;
- ldns_rdf *domain;
- ldns_rr *pubkey;
- ldns_key *key;
- ldns_rr *ds;
-
- prog = strdup(argv[0]);
- algorithm = 0;
- random = NULL;
- ksk = false; /* don't create a ksk per default */
-
- while ((c = getopt(argc, argv, "a:kb:r:v25")) != -1) {
- switch (c) {
- case 'a':
- if (algorithm != 0) {
- fprintf(stderr, "The -a argument can only be used once\n");
- exit(1);
- }
- if (strncmp(optarg, "list", 5) == 0) {
- show_algorithms(stdout);
- exit(EXIT_SUCCESS);
- }
- algorithm = ldns_get_signing_algorithm_by_name(optarg);
- if (algorithm == 0) {
- fprintf(stderr, "Algorithm %s not found\n", optarg);
- show_algorithms(stderr);
- exit(EXIT_FAILURE);
- }
- break;
- case 'b':
- bits = (uint16_t) atoi(optarg);
- if (bits == 0) {
- fprintf(stderr, "%s: %s %d", prog, "Can not parse the -b argument, setting it to the default\n", (int) def_bits);
- bits = def_bits;
- }
- break;
- case 'k':
- ksk = true;
- break;
- case 'r':
- random = fopen(optarg, "r");
- if (!random) {
- fprintf(stderr, "Cannot open random file %s: %s\n", optarg, strerror(errno));
- exit(EXIT_FAILURE);
- }
- break;
- case 'v':
- printf("DNSSEC key generator version %s (ldns version %s)\n", LDNS_VERSION, ldns_version());
- exit(EXIT_SUCCESS);
- break;
- default:
- usage(stderr, prog);
- exit(EXIT_FAILURE);
- }
- }
- argc -= optind;
- argv += optind;
-
- if (algorithm == 0) {
- printf("Please use the -a argument to provide an algorithm\n");
- exit(1);
- }
-
- if (argc != 1) {
- usage(stderr, prog);
- exit(EXIT_FAILURE);
- }
- free(prog);
-
- /* check whether key size is within RFC boundaries */
- switch (algorithm) {
- case LDNS_SIGN_RSAMD5:
- case LDNS_SIGN_RSASHA1:
- if (bits < 512 || bits > 4096) {
- fprintf(stderr, "For RSA, the key size must be between ");
- fprintf(stderr, " 512 and 4096 bytes. Aborting.\n");
- exit(1);
- }
- break;
- case LDNS_SIGN_DSA:
- if (bits < 512 || bits > 4096) {
- fprintf(stderr, "For DSA, the key size must be between ");
- fprintf(stderr, " 512 and 1024 bytes. Aborting.\n");
- exit(1);
- }
- break;
-#ifdef USE_GOST
- case LDNS_SIGN_ECC_GOST:
- if(!ldns_key_EVP_load_gost_id()) {
- fprintf(stderr, "error: libcrypto does not provide GOST\n");
- exit(EXIT_FAILURE);
- }
- break;
-#endif
-#ifdef USE_ECDSA
- case LDNS_SIGN_ECDSAP256SHA256:
- case LDNS_SIGN_ECDSAP384SHA384:
-#endif
- case LDNS_SIGN_HMACMD5:
- case LDNS_SIGN_HMACSHA1:
- case LDNS_SIGN_HMACSHA256:
- default:
- break;
- }
-
- if (!random) {
- random = fopen("/dev/random", "r");
- if (!random) {
- fprintf(stderr, "Cannot open random file %s: %s\n", optarg, strerror(errno));
- exit(EXIT_FAILURE);
- }
- }
-
- (void)ldns_init_random(random, (unsigned int) bits/8);
- fclose(random);
-
- /* create an rdf from the domain name */
- domain = ldns_dname_new_frm_str(argv[0]);
-
- /* generate a new key */
- key = ldns_key_new_frm_algorithm(algorithm, bits);
-
- /* set the owner name in the key - this is a /seperate/ step */
- ldns_key_set_pubkey_owner(key, domain);
-
- /* ksk flag */
- if (ksk) {
- ldns_key_set_flags(key, ldns_key_flags(key) + 1);
- }
-
- /* create the public from the ldns_key */
- pubkey = ldns_key2rr(key);
- if (!pubkey) {
- fprintf(stderr, "Could not extract the public key from the key structure...");
- ldns_key_deep_free(key);
- exit(EXIT_FAILURE);
- }
- owner = ldns_rdf2str(ldns_rr_owner(pubkey));
-
- /* calculate and set the keytag */
- ldns_key_set_keytag(key, ldns_calc_keytag(pubkey));
-
- /* build the DS record */
- switch (algorithm) {
-#ifdef USE_ECDSA
- case LDNS_SIGN_ECDSAP384SHA384:
- ds = ldns_key_rr2ds(pubkey, LDNS_SHA384);
- break;
- case LDNS_SIGN_ECDSAP256SHA256:
-#endif
- case LDNS_SIGN_RSASHA256:
- case LDNS_SIGN_RSASHA512:
- ds = ldns_key_rr2ds(pubkey, LDNS_SHA256);
- break;
- case LDNS_SIGN_ECC_GOST:
-#ifdef USE_GOST
- ds = ldns_key_rr2ds(pubkey, LDNS_HASH_GOST);
-#else
- ds = ldns_key_rr2ds(pubkey, LDNS_SHA256);
-#endif
- break;
- default:
- ds = ldns_key_rr2ds(pubkey, LDNS_SHA1);
- break;
- }
-
- /* print the public key RR to .key */
- filename = LDNS_XMALLOC(char, strlen(owner) + 17);
- snprintf(filename, strlen(owner) + 16, "K%s+%03u+%05u.key", owner, algorithm, (unsigned int) ldns_key_keytag(key));
- file = fopen(filename, "w");
- if (!file) {
- fprintf(stderr, "Unable to open %s: %s\n", filename, strerror(errno));
- ldns_key_deep_free(key);
- free(owner);
- ldns_rr_free(pubkey);
- ldns_rr_free(ds);
- LDNS_FREE(filename);
- exit(EXIT_FAILURE);
- } else {
- /* temporarily set question so that TTL is not printed */
- ldns_rr_set_question(pubkey, true);
- ldns_rr_print(file, pubkey);
- ldns_rr_set_question(pubkey, false);
- fclose(file);
- LDNS_FREE(filename);
- }
-
- /* print the priv key to stderr */
- filename = LDNS_XMALLOC(char, strlen(owner) + 21);
- snprintf(filename, strlen(owner) + 20, "K%s+%03u+%05u.private", owner, algorithm, (unsigned int) ldns_key_keytag(key));
- file = fopen(filename, "w");
- if (!file) {
- fprintf(stderr, "Unable to open %s: %s\n", filename, strerror(errno));
- ldns_key_deep_free(key);
- free(owner);
- ldns_rr_free(pubkey);
- ldns_rr_free(ds);
- LDNS_FREE(filename);
- exit(EXIT_FAILURE);
- } else {
- ldns_key_print(file, key);
- fclose(file);
- LDNS_FREE(filename);
- }
-
- /* print the DS to .ds */
- if (algorithm != LDNS_SIGN_HMACMD5 &&
- algorithm != LDNS_SIGN_HMACSHA1 &&
- algorithm != LDNS_SIGN_HMACSHA256) {
- filename = LDNS_XMALLOC(char, strlen(owner) + 16);
- snprintf(filename, strlen(owner) + 15, "K%s+%03u+%05u.ds", owner, algorithm, (unsigned int) ldns_key_keytag(key));
- file = fopen(filename, "w");
- if (!file) {
- fprintf(stderr, "Unable to open %s: %s\n", filename, strerror(errno));
- ldns_key_deep_free(key);
- free(owner);
- ldns_rr_free(pubkey);
- ldns_rr_free(ds);
- LDNS_FREE(filename);
- exit(EXIT_FAILURE);
- } else {
- /* temporarily set question so that TTL is not printed */
- ldns_rr_set_question(ds, true);
- ldns_rr_print(file, ds);
- ldns_rr_set_question(ds, false);
- fclose(file);
- LDNS_FREE(filename);
- }
- }
-
- fprintf(stdout, "K%s+%03u+%05u\n", owner, algorithm, (unsigned int) ldns_key_keytag(key));
- ldns_key_deep_free(key);
- free(owner);
- ldns_rr_free(pubkey);
- ldns_rr_free(ds);
- exit(EXIT_SUCCESS);
-}
-#else
-int
-main(int argc, char **argv)
-{
- fprintf(stderr, "ldns-keygen needs OpenSSL support, which has not been compiled in\n");
- return 1;
-}
-#endif /* HAVE_SSL */
+++ /dev/null
-.TH ldns-mx 1 "27 Apr 2005"
-.SH NAME
-ldns-mx \- print out the mx record(s) for a domain
-.SH SYNOPSIS
-.B ldns-mx
-.IR DOMAIN
-
-.SH DESCRIPTION
-\fBldns-mx\fR is used to print out mx information of a domain.
-
-.SH OPTIONS
-\fBldns-mx\fR has no options.
-
-.SH AUTHOR
-Written by the ldns team as an example for ldns usage.
-
-.SH REPORTING BUGS
-Report bugs to <ldns-team@nlnetlabs.nl>.
-
-.SH COPYRIGHT
-Copyright (C) 2005 NLnet Labs. This is free software. There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
-PURPOSE.
+++ /dev/null
-/*
- * mx is a small program that prints out the mx records
- * for a particular domain
- * (c) NLnet Labs, 2005 - 2008
- * See the file LICENSE for the license
- */
-
-#include "config.h"
-
-#include <ldns/ldns.h>
-
-static int
-usage(FILE *fp, char *prog) {
- fprintf(fp, "%s domain\n", prog);
- fprintf(fp, " print out the mx for domain\n");
- return 0;
-}
-
-int
-main(int argc, char *argv[])
-{
- ldns_resolver *res;
- ldns_rdf *domain;
- ldns_pkt *p;
- ldns_rr_list *mx;
- ldns_status s;
-
- p = NULL;
- mx = NULL;
- domain = NULL;
- res = NULL;
-
- if (argc != 2) {
- usage(stdout, argv[0]);
- exit(EXIT_FAILURE);
- } else {
- /* create a rdf from the command line arg */
- domain = ldns_dname_new_frm_str(argv[1]);
- if (!domain) {
- usage(stdout, argv[0]);
- exit(EXIT_FAILURE);
- }
- }
-
- /* create a new resolver from /etc/resolv.conf */
- s = ldns_resolver_new_frm_file(&res, NULL);
-
- if (s != LDNS_STATUS_OK) {
- exit(EXIT_FAILURE);
- }
-
- /* use the resolver to send a query for the mx
- * records of the domain given on the command line
- */
- p = ldns_resolver_query(res,
- domain,
- LDNS_RR_TYPE_MX,
- LDNS_RR_CLASS_IN,
- LDNS_RD);
-
- ldns_rdf_deep_free(domain);
-
- if (!p) {
- exit(EXIT_FAILURE);
- } else {
- /* retrieve the MX records from the answer section of that
- * packet
- */
- mx = ldns_pkt_rr_list_by_type(p,
- LDNS_RR_TYPE_MX,
- LDNS_SECTION_ANSWER);
- if (!mx) {
- fprintf(stderr,
- " *** invalid answer name %s after MX query for %s\n",
- argv[1], argv[1]);
- ldns_pkt_free(p);
- ldns_resolver_deep_free(res);
- exit(EXIT_FAILURE);
- } else {
- ldns_rr_list_sort(mx);
- ldns_rr_list_print(stdout, mx);
- ldns_rr_list_deep_free(mx);
- }
- }
- ldns_pkt_free(p);
- ldns_resolver_deep_free(res);
- return 0;
-}
+++ /dev/null
-.TH ldns-notify 1 "9 Jan 2007"
-.SH NAME
-ldns-notify \- notify DNS servers that updates are available
-.SH SYNOPSIS
-.B ldns-notify
-[options]
--z zone
-.IR servers
-
-.SH DESCRIPTION
-
-\fBldns-notify\fR sends a NOTIFY message to DNS servers. This tells them
-that an updated zone is available at the master servers. It can perform
-TSIG signatures and it can add a SOA serial number of the updated zone.
-If a server already has that serial number it will disregard the message.
-
-.SH OPTIONS
-.TP
-\fB-z zone\fR
-The zone that is updated.
-
-.TP
-\fB-h\fR
-Show usage and exit
-
-.TP
-\fB-v\fR
-Show the version and exit
-
-.TP
-\fB-s serial\fR
-Append a SOA record indicating the serial number of the updated zone.
-
-.TP
-\fB-p port\fR
-Use port as destination port (default the DNS port 53) for the UDP packets.
-
-.TP
-\fB-y key:data\fR
-Use the given TSIG key and base64-data to sign the NOTIFY. Uses the
-hmac-md5 algorithm.
-
-.TP
-\fB-d\fR
-Print verbose debug information. The query that is sent and the query
-that is received.
-
-.TP
-\fB-r num\fR
-Specify the maximum number of retries before notify gives up trying to
-send the UDP packet.
-
-.SH EXIT CODE
-The program exits with a 0 exit code if all servers replied an
-acknowledgement to the notify message, and a failure exit code otherwise.
-
-.SH AUTHOR
-Written by the ldns team as an example for ldns usage.
-
-.SH REPORTING BUGS
-Report bugs to <ldns-team@nlnetlabs.nl>.
-
-.SH COPYRIGHT
-Copyright (C) 2005 NLnet Labs. This is free software. There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
-PURPOSE.
+++ /dev/null
-/*
- * ldns-notify.c - ldns-notify(8)
- *
- * Copyright (c) 2001-2008, NLnet Labs, All right reserved
- *
- * See LICENSE for the license
- *
- * send a notify packet to a server
- */
-
-#include "config.h"
-
-/* ldns */
-#include <ldns/ldns.h>
-
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-#include <errno.h>
-
-static int verbose = 1;
-static int max_num_retry = 15; /* times to try */
-
-static void
-usage(void)
-{
- fprintf(stderr, "usage: ldns-notify [other options] -z zone <servers>\n");
- fprintf(stderr, "Ldns notify utility\n\n");
- fprintf(stderr, " Supported options:\n");
- fprintf(stderr, "\t-z zone\t\tThe zone\n");
- fprintf(stderr, "\t-s version\tSOA version number to include\n");
- fprintf(stderr, "\t-y key:data\tTSIG sign the query\n");
- fprintf(stderr, "\t-p port\t\tport to use to send to\n");
- fprintf(stderr, "\t-v\t\tPrint version information\n");
- fprintf(stderr, "\t-d\t\tPrint verbose debug information\n");
- fprintf(stderr, "\t-r num\t\tmax number of retries (%d)\n",
- max_num_retry);
- fprintf(stderr, "\t-h\t\tPrint this help information\n\n");
- fprintf(stderr, "Report bugs to <ldns-team@nlnetlabs.nl>\n");
- exit(1);
-}
-
-static void
-version(void)
-{
- fprintf(stderr, "%s version %s\n", PACKAGE_NAME, PACKAGE_VERSION);
- fprintf(stderr, "Written by NLnet Labs.\n\n");
- fprintf(stderr,
- "Copyright (C) 2001-2008 NLnet Labs. This is free software.\n"
- "There is NO warranty; not even for MERCHANTABILITY or FITNESS\n"
- "FOR A PARTICULAR PURPOSE.\n");
- exit(0);
-}
-
-static void
-notify_host(int s, struct addrinfo* res, uint8_t* wire, size_t wiresize,
- const char* addrstr)
-{
- int timeout_retry = 5; /* seconds */
- int num_retry = max_num_retry;
- fd_set rfds;
- struct timeval tv;
- int retval = 0;
- ssize_t received = 0;
- int got_ack = 0;
- socklen_t addrlen = 0;
- uint8_t replybuf[2048];
- ldns_status status;
- ldns_pkt* pkt = NULL;
-
- while(!got_ack) {
- /* send it */
- if(sendto(s, (void*)wire, wiresize, 0,
- res->ai_addr, res->ai_addrlen) == -1) {
- printf("warning: send to %s failed: %s\n",
- addrstr, strerror(errno));
-#ifndef USE_WINSOCK
- close(s);
-#else
- closesocket(s);
-#endif
- return;
- }
-
- /* wait for ACK packet */
- FD_ZERO(&rfds);
- FD_SET(s, &rfds);
-#ifndef S_SPLINT_S
- tv.tv_sec = timeout_retry; /* seconds */
-#endif
- tv.tv_usec = 0; /* microseconds */
- retval = select(s + 1, &rfds, NULL, NULL, &tv);
- if (retval == -1) {
- printf("error waiting for reply from %s: %s\n",
- addrstr, strerror(errno));
-#ifndef USE_WINSOCK
- close(s);
-#else
- closesocket(s);
-#endif
- return;
- }
- if(retval == 0) {
- num_retry--;
- if(num_retry == 0) {
- printf("error: failed to send notify to %s.\n",
- addrstr);
- exit(1);
- }
- printf("timeout (%d s) expired, retry notify to %s.\n",
- timeout_retry, addrstr);
- }
- if (retval == 1) {
- got_ack = 1;
- }
- }
-
- /* got reply */
- addrlen = res->ai_addrlen;
- received = recvfrom(s, (void*)replybuf, sizeof(replybuf), 0,
- res->ai_addr, &addrlen);
- res->ai_addrlen = addrlen;
-
-#ifndef USE_WINSOCK
- close(s);
-#else
- closesocket(s);
-#endif
- if (received == -1) {
- printf("recv %s failed: %s\n", addrstr, strerror(errno));
- return;
- }
-
- /* check reply */
- status = ldns_wire2pkt(&pkt, replybuf, (size_t)received);
- if(status != LDNS_STATUS_OK) {
- ssize_t i;
- printf("Could not parse reply packet: %s\n",
- ldns_get_errorstr_by_id(status));
- printf("hexdump of reply: ");
- for(i=0; i<received; i++)
- printf("%02x", (unsigned)replybuf[i]);
- printf("\n");
- exit(1);
- }
-
- if(verbose) {
- ssize_t i;
- printf("# reply from %s:\n", addrstr);
- ldns_pkt_print(stdout, pkt);
-
- printf("hexdump of reply: ");
- for(i=0; i<received; i++)
- printf("%02x", (unsigned)replybuf[i]);
- printf("\n");
- }
- ldns_pkt_free(pkt);
-}
-
-int
-main(int argc, char **argv)
-{
- int c;
- int i;
-
- /* LDNS types */
- ldns_pkt *notify;
- ldns_rr *question;
- ldns_resolver *res;
- ldns_rdf *ldns_zone_name = NULL;
- ldns_status status;
- const char *zone_name = NULL;
- int include_soa = 0;
- uint32_t soa_version = 0;
- ldns_tsig_credentials tsig_cred = {0,0,0};
- int do_hexdump = 1;
- uint8_t *wire = NULL;
- size_t wiresize = 0;
- char *port = "53";
-
- srandom(time(NULL) ^ getpid());
-
- while ((c = getopt(argc, argv, "vhdp:r:s:y:z:")) != -1) {
- switch (c) {
- case 'd':
- verbose = 1;
- break;
- case 'p':
- port = optarg;
- break;
- case 'r':
- max_num_retry = atoi(optarg);
- break;
- case 's':
- include_soa = 1;
- soa_version = (uint32_t)atoi(optarg);
- break;
- case 'y':
- tsig_cred.algorithm = "hmac-md5.sig-alg.reg.int.";
- tsig_cred.keyname = optarg;
- tsig_cred.keydata = strchr(optarg, ':');
- *tsig_cred.keydata = '\0';
- tsig_cred.keydata++;
- printf("Sign with %s : %s\n", tsig_cred.keyname,
- tsig_cred.keydata);
- break;
- case 'z':
- zone_name = optarg;
- ldns_zone_name = ldns_dname_new_frm_str(zone_name);
- if(!ldns_zone_name) {
- printf("cannot parse zone name: %s\n",
- zone_name);
- exit(1);
- }
- break;
- case 'v':
- version();
- case 'h':
- case '?':
- default:
- usage();
- }
- }
- argc -= optind;
- argv += optind;
-
- if (argc == 0 || zone_name == NULL) {
- usage();
- }
-
- notify = ldns_pkt_new();
- question = ldns_rr_new();
- res = ldns_resolver_new();
-
- if (!notify || !question || !res) {
- /* bail out */
- printf("error: cannot create ldns types\n");
- exit(1);
- }
-
- /* create the rr for inside the pkt */
- ldns_rr_set_class(question, LDNS_RR_CLASS_IN);
- ldns_rr_set_owner(question, ldns_zone_name);
- ldns_rr_set_type(question, LDNS_RR_TYPE_SOA);
- ldns_pkt_set_opcode(notify, LDNS_PACKET_NOTIFY);
- ldns_pkt_push_rr(notify, LDNS_SECTION_QUESTION, question);
- ldns_pkt_set_aa(notify, true);
- ldns_pkt_set_id(notify, random()&0xffff);
- if(include_soa) {
- char buf[10240];
- ldns_rr *soa_rr=NULL;
- ldns_rdf *prev=NULL;
- snprintf(buf, sizeof(buf), "%s 3600 IN SOA . . %u 0 0 0 0",
- zone_name, (unsigned)soa_version);
- /*printf("Adding soa %s\n", buf);*/
- status = ldns_rr_new_frm_str(&soa_rr, buf, 3600, NULL, &prev);
- if(status != LDNS_STATUS_OK) {
- printf("Error adding SOA version: %s\n",
- ldns_get_errorstr_by_id(status));
- }
- ldns_pkt_push_rr(notify, LDNS_SECTION_ANSWER, soa_rr);
- }
-
- if(tsig_cred.keyname) {
-#ifdef HAVE_SSL
- status = ldns_pkt_tsig_sign(notify, tsig_cred.keyname,
- tsig_cred.keydata, 300, tsig_cred.algorithm,
- NULL);
- if(status != LDNS_STATUS_OK) {
- printf("Error TSIG sign query: %s\n",
- ldns_get_errorstr_by_id(status));
- }
-#else
- fprintf(stderr, "Warning: TSIG needs OpenSSL support, which has not been compiled in, TSIG skipped\n");
-#endif
- }
-
- if(verbose) {
- printf("# Sending packet:\n");
- ldns_pkt_print(stdout, notify);
-
- }
-
- status = ldns_pkt2wire(&wire, notify, &wiresize);
- if(wiresize == 0) {
- printf("Error converting notify packet to hex.\n");
- exit(1);
- }
-
- if(do_hexdump && verbose) {
- printf("Hexdump of notify packet:\n");
- for(i=0; i<(int)wiresize; i++)
- printf("%02x", (unsigned)wire[i]);
- printf("\n");
- }
-
- for(i=0; i<argc; i++)
- {
- struct addrinfo hints, *res0, *res;
- int error;
- int default_family = AF_INET;
-
- if(verbose)
- printf("# sending to %s\n", argv[i]);
- memset(&hints, 0, sizeof(hints));
- hints.ai_family = default_family;
- hints.ai_socktype = SOCK_DGRAM;
- hints.ai_protocol = IPPROTO_UDP;
- error = getaddrinfo(argv[i], port, &hints, &res0);
- if (error) {
- printf("skipping bad address: %s: %s\n", argv[i],
- gai_strerror(error));
- continue;
- }
- for (res = res0; res; res = res->ai_next) {
- int s = socket(res->ai_family, res->ai_socktype,
- res->ai_protocol);
- if(s == -1)
- continue;
- /* send the notify */
- notify_host(s, res, wire, wiresize, argv[i]);
- }
- freeaddrinfo(res0);
- }
-
- ldns_pkt_free(notify);
- free(wire);
- return 0;
-}
+++ /dev/null
-.TH ldns-nsec3-hash.c 1 "10 Dec 2008"
-.SH NAME
-ldns-nsec3-hash \- print out the NSEC3 hash for a domain name
-.SH SYNOPSIS
-.B ldns-nsec3-hash
-.IR <domain_name>
-
-.SH DESCRIPTION
-\fBldns-nsec3-hash\fR is used to print out the NSEC3 hash for the given domain name.
-
-.SH OPTIONS
-.TP
-\fB-a\fR \fInumber\fR
-Use the given algorithm number for the hash calculation. Defaults to 1 (SHA-1).
-
-.TP
-\fB-s\fR \fIsalt\fR
-Use the given salt for the hash calculation. Salt value should be in hexadecimal format.
-
-.TP
-\fB-t\fR \fIcount\fR
-Use count iterations for the hash calculation.
-
-
-.SH AUTHOR
-Written by the ldns team as an example for ldns usage.
-
-.SH REPORTING BUGS
-Report bugs to <ldns-team@nlnetlabs.nl>.
-
-.SH COPYRIGHT
-Copyright (C) 2008 NLnet Labs. This is free software. There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
-PURPOSE.
+++ /dev/null
-/*
- * ldns-signzone signs a zone file
- *
- * (c) NLnet Labs, 2005 - 2008
- * See the file LICENSE for the license
- */
-
-#include "config.h"
-#include <stdlib.h>
-#include <unistd.h>
-
-#include <errno.h>
-
-#include <time.h>
-
-#include <ldns/ldns.h>
-#include <ldns/keys.h>
-
-#ifdef HAVE_SSL
-#include <openssl/conf.h>
-#include <openssl/engine.h>
-#endif /* HAVE_SSL */
-
-#define MAX_FILENAME_LEN 250
-int verbosity = 1;
-
-static void
-usage(FILE *fp, const char *prog) {
- fprintf(fp, "%s [OPTIONS] <domain name>\n", prog);
- fprintf(fp, " prints the NSEC3 hash of the given domain name\n");
- fprintf(fp, "-a [algorithm] hashing algorithm\n");
- fprintf(fp, "-t [number] number of hash iterations\n");
- fprintf(fp, "-s [string] salt\n");
-}
-
-int
-main(int argc, char *argv[])
-{
- ldns_rdf *dname, *hashed_dname;
- uint8_t nsec3_algorithm = 1;
- size_t nsec3_iterations_cmd = 1;
- uint16_t nsec3_iterations = 1;
- uint8_t nsec3_salt_length = 0;
- uint8_t *nsec3_salt = NULL;
-
- char *prog = strdup(argv[0]);
-
- int c;
- while ((c = getopt(argc, argv, "a:s:t:")) != -1) {
- switch (c) {
- case 'a':
- nsec3_algorithm = (uint8_t) atoi(optarg);
- break;
- case 's':
- if (strlen(optarg) % 2 != 0) {
- fprintf(stderr, "Salt value is not valid hex data, not a multiple of 2 characters\n");
- exit(EXIT_FAILURE);
- }
- if (strlen(optarg) > 512) {
- fprintf(stderr, "Salt too long\n");
- exit(EXIT_FAILURE);
- }
- nsec3_salt_length = (uint8_t) (strlen(optarg) / 2);
- nsec3_salt = LDNS_XMALLOC(uint8_t, nsec3_salt_length);
- for (c = 0; c < (int) strlen(optarg); c += 2) {
- if (isxdigit((int) optarg[c]) && isxdigit((int) optarg[c+1])) {
- nsec3_salt[c/2] = (uint8_t) ldns_hexdigit_to_int(optarg[c]) * 16 +
- ldns_hexdigit_to_int(optarg[c+1]);
- } else {
- fprintf(stderr, "Salt value is not valid hex data.\n");
- exit(EXIT_FAILURE);
- }
- }
-
- break;
- case 't':
- nsec3_iterations_cmd = (size_t) atol(optarg);
- if (nsec3_iterations_cmd > LDNS_NSEC3_MAX_ITERATIONS) {
- fprintf(stderr, "Iterations count can not exceed %u, quitting\n", LDNS_NSEC3_MAX_ITERATIONS);
- exit(EXIT_FAILURE);
- }
- nsec3_iterations = (uint16_t) nsec3_iterations_cmd;
- break;
- default:
- usage(stderr, prog);
- exit(EXIT_SUCCESS);
- }
- }
-
- argc -= optind;
- argv += optind;
-
- if (argc < 1) {
- printf("Error: not enough arguments\n");
- usage(stdout, prog);
- exit(EXIT_FAILURE);
- } else {
- dname = ldns_dname_new_frm_str(argv[0]);
- if (!dname) {
- fprintf(stderr,
- "Error: unable to parse domain name\n");
- return EXIT_FAILURE;
- }
- hashed_dname = ldns_nsec3_hash_name(dname,
- nsec3_algorithm,
- nsec3_iterations,
- nsec3_salt_length,
- nsec3_salt);
- if (!hashed_dname) {
- fprintf(stderr,
- "Error creating NSEC3 hash\n");
- return EXIT_FAILURE;
- }
- ldns_rdf_print(stdout, hashed_dname);
- printf("\n");
- ldns_rdf_deep_free(dname);
- ldns_rdf_deep_free(hashed_dname);
- }
-
- if (nsec3_salt) {
- free(nsec3_salt);
- }
-
- free(prog);
-
- return EXIT_SUCCESS;
-}
+++ /dev/null
-.TH ldns-read-zone 1 "30 May 2005"
-.SH NAME
-ldns-read-zone \- read a zonefile and print it
-.SH SYNOPSIS
-.B ldns-read-zone
-.IR ZONEFILE
-
-.SH DESCRIPTION
-
-\fBldns-read-zone\fR reads a DNS zone file and prints it. The output has 1
-resource record per line, and no pretty-printing makeup.
-
-.SH OPTIONS
-.TP
-\fB-c\fR
-Canonicalize all resource records in the zone before printing
-
-.TP
-\fB-d\fR
-Only print DNSSEC data from the zone. This option skips every record
-that is not of type NSEC, NSEC3, RRSIG or DNSKEY. DS records are not
-printed.
-
-.TP
-\fB-h\fR
-Show usage and exit
-
-.TP
-\fB-n\fR
-Do not print the SOA record
-
-.TP
-\fB-s\fR
-Strip DNSSEC data from the zone. This option skips every record
-that is of type NSEC, NSEC3, RRSIG or DNSKEY. DS records are still
-printed.
-
-.TP
-\fB-v\fR
-Show the version and exit
-
-.TP
-\fB-z\fR
-Sort the zone before printing (this implies -c)
-
-
-.SH AUTHOR
-Written by the ldns team as an example for ldns usage.
-
-.SH REPORTING BUGS
-Report bugs to <ldns-team@nlnetlabs.nl>.
-
-.SH COPYRIGHT
-Copyright (C) 2005 NLnet Labs. This is free software. There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
-PURPOSE.
+++ /dev/null
-/*
- * read a zone file from disk and prints it, one RR per line
- *
- * (c) NLnetLabs 2005-2008
- *
- * See the file LICENSE for the license
- */
-
-#include "config.h"
-#include <unistd.h>
-#include <stdlib.h>
-
-#include <ldns/ldns.h>
-
-#include <errno.h>
-
-int
-main(int argc, char **argv)
-{
- char *filename;
- FILE *fp;
- ldns_zone *z;
- int line_nr = 0;
- int c;
- bool canonicalize = false;
- bool sort = false;
- bool strip = false;
- bool only_dnssec = false;
- bool print_soa = true;
- ldns_status s;
- size_t i;
- ldns_rr_list *stripped_list;
- ldns_rr *cur_rr;
- ldns_rr_type cur_rr_type;
-
- while ((c = getopt(argc, argv, "cdhnsvz")) != -1) {
- switch(c) {
- case 'c':
- canonicalize = true;
- break;
- case 'd':
- only_dnssec = true;
- if (strip) {
- fprintf(stderr, "Warning: stripping both DNSSEC and non-DNSSEC records. Output will be sparse.\n");
- }
- break;
- case 'h':
- printf("Usage: %s [-c] [-v] [-z] <zonefile>\n", argv[0]);
- printf("\tReads the zonefile and prints it.\n");
- printf("\tThe RR count of the zone is printed to stderr.\n");
- printf("\t-c canonicalize all rrs in the zone.\n");
- printf("\t-d only show DNSSEC data from the zone\n");
- printf("\t-h show this text\n");
- printf("\t-n do not print the SOA record\n");
- printf("\t-s strip DNSSEC data from the zone\n");
- printf("\t-v shows the version and exits\n");
- printf("\t-z sort the zone (implies -c).\n");
- printf("\nif no file is given standard input is read\n");
- exit(EXIT_SUCCESS);
- break;
- case 'n':
- print_soa = false;
- break;
- case 's':
- strip = true;
- if (only_dnssec) {
- fprintf(stderr, "Warning: stripping both DNSSEC and non-DNSSEC records. Output will be sparse.\n");
- }
- break;
- case 'v':
- printf("read zone version %s (ldns version %s)\n", LDNS_VERSION, ldns_version());
- exit(EXIT_SUCCESS);
- break;
- case 'z':
- canonicalize = true;
- sort = true;
- break;
- }
- }
-
- argc -= optind;
- argv += optind;
-
- if (argc == 0) {
- fp = stdin;
- } else {
- filename = argv[0];
-
- fp = fopen(filename, "r");
- if (!fp) {
- fprintf(stderr, "Unable to open %s: %s\n", filename, strerror(errno));
- exit(EXIT_FAILURE);
- }
- }
-
- s = ldns_zone_new_frm_fp_l(&z, fp, NULL, 0, LDNS_RR_CLASS_IN, &line_nr);
-
- if (strip) {
- stripped_list = ldns_rr_list_new();
- while ((cur_rr = ldns_rr_list_pop_rr(ldns_zone_rrs(z)))) {
- cur_rr_type = ldns_rr_get_type(cur_rr);
- if (cur_rr_type == LDNS_RR_TYPE_RRSIG ||
- cur_rr_type == LDNS_RR_TYPE_NSEC ||
- cur_rr_type == LDNS_RR_TYPE_NSEC3 ||
- cur_rr_type == LDNS_RR_TYPE_NSEC3PARAMS
- ) {
- ldns_rr_free(cur_rr);
- } else {
- ldns_rr_list_push_rr(stripped_list, cur_rr);
- }
- }
- ldns_rr_list_free(ldns_zone_rrs(z));
- ldns_zone_set_rrs(z, stripped_list);
- }
- if (only_dnssec) {
- stripped_list = ldns_rr_list_new();
- while ((cur_rr = ldns_rr_list_pop_rr(ldns_zone_rrs(z)))) {
- cur_rr_type = ldns_rr_get_type(cur_rr);
- if (cur_rr_type == LDNS_RR_TYPE_RRSIG ||
- cur_rr_type == LDNS_RR_TYPE_NSEC ||
- cur_rr_type == LDNS_RR_TYPE_NSEC3 ||
- cur_rr_type == LDNS_RR_TYPE_NSEC3PARAMS
- ) {
- ldns_rr_list_push_rr(stripped_list, cur_rr);
- } else {
- ldns_rr_free(cur_rr);
- }
- }
- ldns_rr_list_free(ldns_zone_rrs(z));
- ldns_zone_set_rrs(z, stripped_list);
- }
-
- if (s == LDNS_STATUS_OK) {
- if (canonicalize) {
- ldns_rr2canonical(ldns_zone_soa(z));
- for (i = 0; i < ldns_rr_list_rr_count(ldns_zone_rrs(z)); i++) {
- ldns_rr2canonical(ldns_rr_list_rr(ldns_zone_rrs(z), i));
- }
- }
- if (sort) {
- ldns_zone_sort(z);
- }
-
- if (print_soa && ldns_zone_soa(z)) {
- ldns_rr_print(stdout, ldns_zone_soa(z));
- }
- ldns_rr_list_print(stdout, ldns_zone_rrs(z));
-
- ldns_zone_deep_free(z);
- } else {
- fprintf(stderr, "%s at %d\n",
- ldns_get_errorstr_by_id(s),
- line_nr);
- exit(EXIT_FAILURE);
- }
- fclose(fp);
-
- exit(EXIT_SUCCESS);
-}
+++ /dev/null
-.TH ldns-resolver 1 "27 Apr 2005"
-.SH NAME
-ldns-resolver \- tries to create a resolver from a resolv.conf file.
-.SH SYNOPSIS
-.B ldns-resolver
-.IR file
-
-.SH DESCRIPTION
-\fBldns-resolver\fR tries to create a resolver from a resolv.conf file.
-This is only useful to test the library for robusteness with input data.
-
-.SH OPTIONS
-\fBldns-resolver\fR takes a filename of the resolv.conf file as input.
-For example \fIldns-resolver /etc/resolv.conf\fR will show if the file can
-be parsed successfully.
-
-.SH AUTHOR
-Written by the ldns team as an example for ldns usage.
-
-.SH REPORTING BUGS
-Report bugs to <ldns-team@nlnetlabs.nl>.
-
-.SH COPYRIGHT
-Copyright (C) 2005 NLnet Labs. This is free software. There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
-PURPOSE.
+++ /dev/null
-/*
- * ldns-resolver tries to create a resolver structure from /dev/urandom
- * this is only useful to test the library for robusteness with input data
- *
- * (c) NLnet Labs 2006 - 2008
- * See the file LICENSE for the license
- */
-
-#include "config.h"
-#include "errno.h"
-
-#include <ldns/ldns.h>
-
-int
-main(int argc, char **argv) {
-
- ldns_resolver *r;
- int line = 1;
- FILE *rand;
- ldns_status s;
-
- if (argc != 2 || strncmp(argv[1], "-h", 3) == 0) {
- printf("Usage: ldns-resolver <file>\n");
- printf("Tries to create a stub resolver structure from the given file.\n");
- exit(EXIT_FAILURE);
- }
-
- if (!(rand = fopen(argv[1], "r"))) {
- printf("Error opening %s: %s\n", argv[1], strerror(errno));
- exit(EXIT_FAILURE);
- }
-
- printf("Trying to read from %s\n", argv[1]);
- s = ldns_resolver_new_frm_fp_l(&r, rand, &line);
- if (s != LDNS_STATUS_OK) {
- printf("Failed: %s at line %d\n", ldns_get_errorstr_by_id(s), line);
- exit(EXIT_FAILURE);
- } else {
- printf("Succes\n");
- ldns_resolver_print(stdout, r);
- ldns_resolver_deep_free(r);
- }
-
- fclose(rand);
-
- return EXIT_SUCCESS;
-}
+++ /dev/null
-.TH ldns-revoke 1 "23 Jul 2008"
-.SH NAME
-ldns-revoke \- sets the revoke bit of a DNSKEY
-.SH SYNOPSIS
-.B ldns-revoke
-.IR file
-
-.SH DESCRIPTION
-\fBldns-revoke\fR is used to revoke a public DNSKEY RR.
-When run it will read \fIfile\fR with a DNSKEY RR in it,
-sets the revoke bit and write back the output to \fIfile\fR .
-
-.SH OPTIONS
-.TP
-\fB-n\fR
-Write the result to stdout instead of a file
-
-.SH AUTHOR
-Written by the ldns team as an example for ldns usage.
-
-.SH REPORTING BUGS
-Report bugs to <ldns-team@nlnetlabs.nl>.
-
-.SH COPYRIGHT
-Copyright (C) 2008 NLnet Labs. This is free software. There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
-PURPOSE.
+++ /dev/null
-/*
- * revoke sets the revoke bit of a public key.
- *
- * (c) NLnet Labs, 2005 - 2008
- * See the file LICENSE for the license
- */
-
-#include "config.h"
-
-#include <ldns/ldns.h>
-#ifdef HAVE_SSL
-#include <openssl/ssl.h>
-#endif /* HAVE_SSL */
-
-#include <errno.h>
-
-static void
-usage(FILE *fp, char *prog) {
- fprintf(fp, "%s [-n] keyfile\n", prog);
- fprintf(fp, " Revokes a key\n");
- fprintf(fp, "Options:\n");
- fprintf(fp, " -n: do not write to file but to stdout\n");
-}
-
-int
-main(int argc, char *argv[])
-{
- FILE *keyfp;
- char *keyname;
- ldns_rr *k;
- uint16_t flags;
- char *program = argv[0];
- int nofile = 0;
- ldns_rdf *origin = NULL;
- ldns_status result;
-
- argv++, argc--;
- while (argc && argv[0][0] == '-') {
- if (strcmp(argv[0], "-n") == 0) {
- nofile=1;
- }
- else {
- usage(stderr, program);
- exit(EXIT_FAILURE);
- }
- argv++, argc--;
- }
-
- if (argc != 1) {
- usage(stderr, program);
- exit(EXIT_FAILURE);
- }
- keyname = strdup(argv[0]);
-
- keyfp = fopen(keyname, "r");
- if (!keyfp) {
- fprintf(stderr, "Failed to open public key file %s: %s\n", keyname,
- strerror(errno));
- exit(EXIT_FAILURE);
- }
-
- result = ldns_rr_new_frm_fp(&k, keyfp, 0, &origin, NULL);
- /* what does this while loop do? */
- while (result == LDNS_STATUS_SYNTAX_ORIGIN) {
- result = ldns_rr_new_frm_fp(&k, keyfp, 0, &origin, NULL);
- }
- if (result != LDNS_STATUS_OK) {
- fprintf(stderr, "Could not read public key from file %s: %s\n", keyname, ldns_get_errorstr_by_id(result));
- exit(EXIT_FAILURE);
- }
- fclose(keyfp);
-
- flags = ldns_read_uint16(ldns_rdf_data(ldns_rr_dnskey_flags(k)));
- flags |= LDNS_KEY_REVOKE_KEY;
-
- if (!ldns_rr_dnskey_set_flags(k,
- ldns_native2rdf_int16(LDNS_RDF_TYPE_INT16, flags)))
- {
- fprintf(stderr, "Revocation failed\n");
- exit(EXIT_FAILURE);
- }
-
- /* print the public key RR to .key */
-
- if (nofile)
- ldns_rr_print(stdout,k);
- else {
- keyfp = fopen(keyname, "w");
- if (!keyfp) {
- fprintf(stderr, "Unable to open %s: %s\n", keyname,
- strerror(errno));
- exit(EXIT_FAILURE);
- } else {
- ldns_rr_print(keyfp, k);
- fclose(keyfp);
- fprintf(stdout, "DNSKEY revoked\n");
- }
- }
-
- free(keyname);
- ldns_rr_free(k);
-
- exit(EXIT_SUCCESS);
-}
+++ /dev/null
-.TH ldns-rrsig 1 "27 Apr 2005"
-.SH NAME
-ldns-rrsig \- print out the inception and expiration dates in human
-readable form
-.SH SYNOPSIS
-.B ldns-rrsig
-.IR domain
-[
-.IR type
-]
-
-.SH DESCRIPTION
-\fBldns-rrsig\fR is used to print the expiration and inception date of
-a RRSIG. The first argument is a domain name. \fBldns-rrsig\fR will
-query the authoritative servers for that domain to get a list of RRSIGs.
-It will then print out the inception and experiration dates for the RRSIG
-covering the SOA record.
-.PP
-If the second argument \fBtype\fR is given the RRSIG covering that type will be shown.
-
-.SH AUTHOR
-Written by the ldns team as an example for ldns usage.
-
-.SH REPORTING BUGS
-Report bugs to <ldns-team@nlnetlabs.nl>.
-
-.SH COPYRIGHT
-Copyright (C) 2005 NLnet Labs. This is free software. There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
-PURPOSE.
+++ /dev/null
-/*
- * ldns-rrsig prints out the inception and expiration dates in a more readable
- * way than the normal RRSIG presentation format
- *
- * for a particulary domain
- * (c) NLnet Labs, 2005 - 2008
- * See the file LICENSE for the license
- */
-
-#include "config.h"
-
-#include <ldns/ldns.h>
-
-static int
-usage(FILE *fp, char *prog) {
- fprintf(fp, "%s domain [type]\n", prog);
- fprintf(fp, " print out the inception and expiration dates\n");
- fprintf(fp, " in a more human readable form\n");
- fprintf(fp, " <type>\tquery for RRSIG(<type>), defaults to SOA\n");
- return 0;
-}
-
-int
-main(int argc, char *argv[])
-{
- ldns_resolver *res;
- ldns_resolver *localres;
- ldns_rdf *domain;
- ldns_pkt *p;
- ldns_rr_list *rrsig;
- ldns_rr_list *rrsig_type;
- ldns_rr_list *ns;
- ldns_rr_list *ns_ip;
- uint8_t i, j;
- ldns_rr_type t;
- char * type_name;
- time_t incep, expir;
- char incep_buf[26];
- char expir_buf[26];
- ldns_status s;
-
- p = NULL;
- rrsig = NULL;
- rrsig_type = NULL;
- domain = NULL;
-
- /* option parsing */
-
- if (argc < 2) {
- usage(stdout, argv[0]);
- exit(EXIT_FAILURE);
- } else {
- /* create a rdf from the command line arg */
- domain = ldns_dname_new_frm_str(argv[1]);
- if (!domain) {
- usage(stdout, argv[0]);
- exit(EXIT_FAILURE);
- }
- }
-
- if (argc == 3) {
- /* optional type arg */
- type_name = strdup(argv[2]);
- t = ldns_rdf2rr_type(
- ldns_rdf_new_frm_str(LDNS_RDF_TYPE_TYPE, type_name));
- if (t == 0) {
- fprintf(stderr, " *** %s is not a valid RR type\n", type_name);
- exit(EXIT_FAILURE);
- }
- } else {
- t = LDNS_RR_TYPE_SOA;
- type_name = "SOA";
- }
-
- /* create a new resolver from /etc/resolv.conf */
- s = ldns_resolver_new_frm_file(&localres, NULL);
- if (s != LDNS_STATUS_OK) {
- exit(EXIT_FAILURE);
- }
-
- /* first get the nameserver of the domain in question */
- p = ldns_resolver_query(localres, domain, LDNS_RR_TYPE_NS,
- LDNS_RR_CLASS_IN, LDNS_RD);
- if (!p) {
- fprintf(stderr," *** Could not find any nameserver for %s", argv[1]);
- ldns_resolver_deep_free(localres);
- exit(EXIT_FAILURE);
- }
- ns = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_NS, LDNS_SECTION_ANSWER);
-
- if (!ns) {
- fprintf(stderr," *** Could not find any nameserver for %s", argv[1]);
- ldns_pkt_free(p);
- ldns_resolver_deep_free(localres);
- exit(EXIT_FAILURE);
- }
-
- /* use our local resolver to resolv the names in the for usage in our
- * new resolver */
- res = ldns_resolver_new();
- if (!res) {
- ldns_pkt_free(p);
- ldns_resolver_deep_free(localres);
- ldns_rr_list_deep_free(ns);
- exit(EXIT_FAILURE);
- }
- for(i = 0; i < ldns_rr_list_rr_count(ns); i++) {
- ns_ip = ldns_get_rr_list_addr_by_name(localres,
- ldns_rr_ns_nsdname(ldns_rr_list_rr(ns, i)),
- LDNS_RR_CLASS_IN, LDNS_RD);
- /* add these to new resolver */
- for(j = 0; j < ldns_rr_list_rr_count(ns_ip); j++) {
- if (ldns_resolver_push_nameserver(res,
- ldns_rr_a_address(ldns_rr_list_rr(ns_ip, j))) != LDNS_STATUS_OK) {
- printf("Error adding nameserver to resolver\n");
- ldns_pkt_free(p);
- ldns_resolver_deep_free(res);
- ldns_resolver_deep_free(localres);
- ldns_rr_list_deep_free(ns);
- exit(EXIT_FAILURE);
- }
- }
- ldns_rr_list_deep_free(ns_ip);
-
- }
-
- /* enable DNSSEC */
- ldns_resolver_set_dnssec(res, true);
- /* also set CD, we want EVERYTHING! */
- ldns_resolver_set_dnssec_cd(res, true);
-
- /* use the resolver to send it a query for the soa
- * records of the domain given on the command line
- */
- ldns_pkt_free(p);
- p = ldns_resolver_query(res, domain, LDNS_RR_TYPE_RRSIG, LDNS_RR_CLASS_IN, LDNS_RD);
-
- ldns_rdf_deep_free(domain);
-
- if (!p) {
- ldns_resolver_deep_free(localres);
- ldns_rr_list_deep_free(ns);
- exit(EXIT_FAILURE);
- } else {
- /* retrieve the RRSIG records from the answer section of that
- * packet
- */
- rrsig = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_RRSIG, LDNS_SECTION_ANSWER);
- if (!rrsig) {
- fprintf(stderr,
- " *** invalid answer name %s after RRSIG query for %s\n",
- argv[1], argv[1]);
- ldns_pkt_free(p);
- ldns_resolver_deep_free(res);
- ldns_rr_list_deep_free(ns);
- exit(EXIT_FAILURE);
- } else {
- rrsig_type = ldns_rr_list_new();
-
- for(i = 0; i < ldns_rr_list_rr_count(rrsig); i++) {
- if (ldns_rdf2rr_type(
- ldns_rr_rrsig_typecovered(
- ldns_rr_list_rr(rrsig, i))) == t) {
- ldns_rr_list_push_rr(rrsig_type,
- ldns_rr_list_rr(rrsig, i));
- }
- }
- if (ldns_rr_list_rr_count(rrsig_type) == 0) {
- fprintf(stderr, " *** No RRSIG(%s) type found\n",
- type_name);
- ldns_resolver_deep_free(localres);
- ldns_resolver_deep_free(res);
- ldns_pkt_free(p);
- ldns_rr_list_deep_free(ns);
- ldns_rr_list_free(rrsig);
- ldns_rr_list_deep_free(rrsig_type);
- exit(EXIT_FAILURE);
- }
-
- for(i = 0; i < ldns_rr_list_rr_count(rrsig_type); i++) {
- incep = ldns_rdf2native_time_t(
- ldns_rr_rrsig_inception(
- ldns_rr_list_rr(rrsig_type, i)));
- expir = ldns_rdf2native_time_t(
- ldns_rr_rrsig_expiration(
- ldns_rr_list_rr(rrsig_type, i)));
-
- /* convert to human readable */
- ctime_r(&incep, incep_buf);
- ctime_r(&expir, expir_buf);
- /* kill the newline */
- incep_buf[24] = '\0';
- expir_buf[24] = '\0';
-
- fprintf(stdout, "%s RRSIG(%s): %s - %s\n",
- argv[1], type_name, incep_buf, expir_buf);
- }
- ldns_rr_list_free(rrsig);
- ldns_rr_list_deep_free(rrsig_type);
- }
- }
- ldns_pkt_free(p);
- ldns_resolver_deep_free(localres);
- ldns_resolver_deep_free(res);
- ldns_rr_list_deep_free(ns);
- return 0;
-}
+++ /dev/null
-.TH ldns-signzone 1 "30 May 2005"
-.SH NAME
-ldns-signzone \- sign a zonefile with DNSSEC data
-.SH SYNOPSIS
-.B ldns-signzone
-[
-.IR OPTIONS
-]
-.IR ZONEFILE
-.IR
-KEY
-[KEY
-[KEY] ...
-]
-
-.SH DESCRIPTION
-
-\fBldns-signzone\fR is used to generate a DNSSEC signed zone. When run it
-will create a new zonefile that contains RRSIG and NSEC resource records, as
-specified in RFC 4033, RFC 4034 and RFC 4035.
-
-Keys must be specified by their base name (i.e. without .private). If
-the DNSKEY that belongs to the key in the .private file is not present
-in the zone, it will be read from the file <base name>.key. If that
-file does not exist, the DNSKEY value will be generated from the
-private key.
-
-Multiple keys can be specified, Key Signing Keys are used as such when
-they are either already present in the zone, or specified in a .key
-file, and have the KSK bit set.
-
-.SH OPTIONS
-.TP
-\fB-d\fR
-Normally, if the DNSKEY RR for a key that is used to sign the zone is
-not found in the zone file, it will be read from .key, or derived from
-the private key (in that order). This option turns that feature off,
-so that only the signatures are added to the zone.
-
-.TP
-\fB-e\fR \fIdate\fR
-Set expiration date of the signatures to this date, the format can be
-YYYYMMDD[hhmmss], or a timestamp.
-
-.TP
-\fB-f\fR \fIfile\fR
-Use this file to store the signed zone in (default <originalfile>.signed)
-
-.TP
-\fB-i\fR \fIdate\fR
-Set inception date of the signatures to this date, the format can be
-YYYYMMDD[hhmmss], or a timestamp.
-
-.TP
-\fB-l\fR
-Leave old DNSSEC RRSIGS and NSEC records intact (by default, they are
-removed from the zone)
-
-.TP
-\fB-o\fR \fIorigin\fR
-Use this as the origin of the zone
-
-.TP
-\fB-v\fR
-Print the version and exit
-
-.TP
-\fB-A\fR
-Sign the DNSKEY record with all keys. By default it is signed with a
-minimal number of keys, to keep the response size for the DNSKEY query
-small, and only the SEP keys that are passed are used. If there are no
-SEP keys, the DNSKEY RRset is signed with the non\-SEP keys. This option
-turns off the default and all keys are used to sign the DNSKEY RRset.
-
-.TP
-\fB-E\fR \fIname\fR
-Use the EVP cryptographic engine with the given name for signing. This
-can have some extra options; see ENGINE OPTIONS for more information.
-
-.TP
-\fB-k\fR \fIid,int\fR
-Use the key with the given id as the signing key for algorithm int as
-a Zone signing key. This option is used when you use an OpenSSL
-engine, see ENGINE OPTIONS for more information.
-
-.TP
-\fB-K\fR \fIid,int\fR
-
-Use the key with the given id as the signing key for algorithm int as
-a Key signing key. This options is used when you use an OpenSSL engine,
-see ENGINE OPTIONS for more information.
-
-.TP
-\fB-n\fR
-Use NSEC3 instead of NSEC.
-
-.TP
-If you use NSEC3, you can specify the following extra options:
-
-.TP
-\fB-a\fR \fIalgorithm\fR
-Algorithm used to create the hashed NSEC3 owner names
-
-.TP
-\fB-p\fR
-Opt-out. All NSEC3 records in the zone will have the Opt-out flag set. After signing, you can add insecure delegations to the signed zone.
-
-.TP
-\fB-s\fR \fIstring\fR
-Salt
-
-.TP
-\fB-t\fR \fInumber\fR
-Number of hash iterations
-
-.SH ENGINE OPTIONS
-You can modify the possible engines, if supported, by setting an
-OpenSSL configuration file. This is done through the environment
-variable OPENSSL_CONF. If you use -E with a non-existent engine name,
-ldns-signzone will print a list of engines supported by your
-configuration.
-
-The key options (-k and -K) work as follows; you specify a key id, and a DNSSEC algorithm number (for instance, 5 for RSASHA1). The key id can be any of the following:
-
- <id>
- <slot>:<id>
- id_<id>
- slot_<slot>-id_<id>
- label_<label>
- slot_<slot>-label_<label>
-
-Where '<id>' is the PKCS #11 key identifier in hexadecimal
-notation, '<label>' is the PKCS #11 human-readable label, and '<slot>'
-is the slot number where the token is present.
-
-If not already present, a DNSKEY RR is generated from the key
-data, and added to the zone.
-
-.SH EXAMPLES
-
-.TP
-ldns-signzone nlnetlabs.nl Knlnetlabs.nl.+005+12273
-Sign the zone in the file 'nlnetlabs.nl' with the key in the
-files 'Knlnetlabs.nl.+005+12273.private'. If the DNSKEY is not present
-in the zone, use the key in the
-file 'Knlnetlabs.nl.+005+12273.key'. If that is not present, generate
-one with default values from 'Knlnetlabs.nl.+005+12273.private'.
-
-
-.SH AUTHOR
-Written by the ldns team as an example for ldns usage.
-
-.SH REPORTING BUGS
-Report bugs to <ldns-team@nlnetlabs.nl>.
-
-.SH COPYRIGHT
-Copyright (C) 2005-2008 NLnet Labs. This is free software. There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
-PURPOSE.
+++ /dev/null
-/*
- * ldns-signzone signs a zone file
- *
- * (c) NLnet Labs, 2005 - 2008
- * See the file LICENSE for the license
- */
-
-#include "config.h"
-#include <stdlib.h>
-#include <unistd.h>
-
-#include <errno.h>
-
-#include <time.h>
-
-#include <ldns/ldns.h>
-#include <ldns/keys.h>
-
-#ifdef HAVE_SSL
-#include <openssl/conf.h>
-#include <openssl/engine.h>
-#endif /* HAVE_SSL */
-
-#define MAX_FILENAME_LEN 250
-int verbosity = 1;
-
-#ifdef HAVE_SSL
-#include <openssl/err.h>
-
-static void
-usage(FILE *fp, const char *prog) {
- fprintf(fp, "%s [OPTIONS] zonefile key [key [key]]\n", prog);
- fprintf(fp, " signs the zone with the given key(s)\n");
- fprintf(fp, " -d\t\tused keys are not added to the zone\n");
- fprintf(fp, " -e <date>\texpiration date\n");
- fprintf(fp, " -f <file>\toutput zone to file (default <name>.signed)\n");
- fprintf(fp, " -i <date>\tinception date\n");
- fprintf(fp, " -l\t\tLeave old DNSSEC RRSIGS and NSEC(3) records intact\n");
- fprintf(fp, " -o <domain>\torigin for the zone\n");
- fprintf(fp, " -v\t\tprint version and exit\n");
- fprintf(fp, " -A\t\tsign DNSKEY with all keys instead of minimal\n");
- fprintf(fp, " -E <name>\tuse <name> as the crypto engine for signing\n");
- fprintf(fp, " \tThis can have a lot of extra options, see the manual page for more info\n");
- fprintf(fp, " -k <id>,<int>\tuse key id with algorithm int from engine\n");
- fprintf(fp, " -K <id>,<int>\tuse key id with algorithm int from engine as KSK\n");
- fprintf(fp, "\t\tif no key is given (but an external one is used through the engine support, it might be necessary to provide the right algorithm number.\n");
- fprintf(fp, " -n\t\tuse NSEC3 instead of NSEC.\n");
- fprintf(fp, "\t\tIf you use NSEC3, you can specify the following extra options:\n");
- fprintf(fp, "\t\t-a [algorithm] hashing algorithm\n");
- fprintf(fp, "\t\t-t [number] number of hash iterations\n");
- fprintf(fp, "\t\t-s [string] salt\n");
- fprintf(fp, "\t\t-p set the opt-out flag on all nsec3 rrs\n");
- fprintf(fp, "\n");
- fprintf(fp, " keys must be specified by their base name (usually K<name>+<alg>+<id>),\n");
- fprintf(fp, " i.e. WITHOUT the .private extension.\n");
- fprintf(fp, " If the public part of the key is not present in the zone, the DNSKEY RR\n");
- fprintf(fp, " will be read from the file called <base name>.key. If that does not exist,\n");
- fprintf(fp, " a default DNSKEY will be generated from the private key and added to the zone.\n");
- fprintf(fp, " A date can be a timestamp (seconds since the epoch), or of\n the form <YYYYMMdd[hhmmss]>\n");
-}
-
-void
-usage_openssl(FILE *fp, const char *prog) {
- fprintf(fp, "Special commands for openssl engines:\n");
- fprintf(fp, "-c <file>\tOpenSSL config file\n");
-}
-
-static void check_tm(struct tm tm)
-{
- if (tm.tm_year < 70) {
- fprintf(stderr, "You cannot specify dates before 1970\n");
- exit(EXIT_FAILURE);
- }
- if (tm.tm_mon < 0 || tm.tm_mon > 11) {
- fprintf(stderr, "The month must be in the range 1 to 12\n");
- exit(EXIT_FAILURE);
- }
- if (tm.tm_mday < 1 || tm.tm_mday > 31) {
- fprintf(stderr, "The day must be in the range 1 to 31\n");
- exit(EXIT_FAILURE);
- }
-
- if (tm.tm_hour < 0 || tm.tm_hour > 23) {
- fprintf(stderr, "The hour must be in the range 0-23\n");
- exit(EXIT_FAILURE);
- }
-
- if (tm.tm_min < 0 || tm.tm_min > 59) {
- fprintf(stderr, "The minute must be in the range 0-59\n");
- exit(EXIT_FAILURE);
- }
-
- if (tm.tm_sec < 0 || tm.tm_sec > 59) {
- fprintf(stderr, "The second must be in the range 0-59\n");
- exit(EXIT_FAILURE);
- }
-
-}
-
-/*
- * if the ttls are different, make them equal
- * if one of the ttls equals LDNS_DEFAULT_TTL, that one is changed
- * otherwise, rr2 will get the ttl of rr1
- *
- * prints a warning if a non-default TTL is changed
- */
-static void
-equalize_ttls(ldns_rr *rr1, ldns_rr *rr2, uint32_t default_ttl)
-{
- uint32_t ttl1, ttl2;
-
- ttl1 = ldns_rr_ttl(rr1);
- ttl2 = ldns_rr_ttl(rr2);
-
- if (ttl1 != ttl2) {
- if (ttl1 == default_ttl) {
- ldns_rr_set_ttl(rr1, ttl2);
- } else if (ttl2 == default_ttl) {
- ldns_rr_set_ttl(rr2, ttl1);
- } else {
- ldns_rr_set_ttl(rr2, ttl1);
- fprintf(stderr,
- "warning: changing non-default TTL %u to %u\n",
- (unsigned int) ttl2, (unsigned int) ttl1);
- }
- }
-}
-
-static void
-equalize_ttls_rr_list(ldns_rr_list *rr_list, ldns_rr *rr, uint32_t default_ttl)
-{
- size_t i;
- ldns_rr *cur_rr;
-
- for (i = 0; i < ldns_rr_list_rr_count(rr_list); i++) {
- cur_rr = ldns_rr_list_rr(rr_list, i);
- if (ldns_rr_compare_no_rdata(cur_rr, rr) == 0) {
- equalize_ttls(cur_rr, rr, default_ttl);
- }
- }
-}
-
-static ldns_rr *
-find_key_in_zone(ldns_rr *pubkey_gen, ldns_zone *zone) {
- size_t key_i;
- ldns_rr *pubkey;
-
- for (key_i = 0;
- key_i < ldns_rr_list_rr_count(ldns_zone_rrs(zone));
- key_i++) {
- pubkey = ldns_rr_list_rr(ldns_zone_rrs(zone), key_i);
- if (ldns_rr_get_type(pubkey) == LDNS_RR_TYPE_DNSKEY &&
- (ldns_calc_keytag(pubkey)
- ==
- ldns_calc_keytag(pubkey_gen) ||
- /* KSK has gen-keytag + 1 */
- ldns_calc_keytag(pubkey)
- ==
- ldns_calc_keytag(pubkey_gen) + 1)
- ) {
- if (verbosity >= 2) {
- fprintf(stderr, "Found it in the zone!\n");
- }
- return pubkey;
- }
- }
- return NULL;
-}
-
-static ldns_rr *
-find_key_in_file(const char *keyfile_name_base, ldns_key *key, uint32_t zone_ttl)
-{
- char *keyfile_name;
- FILE *keyfile;
- int line_nr;
- uint32_t default_ttl = zone_ttl;
-
- ldns_rr *pubkey = NULL;
- keyfile_name = LDNS_XMALLOC(char,
- strlen(keyfile_name_base) + 5);
- snprintf(keyfile_name,
- strlen(keyfile_name_base) + 5,
- "%s.key",
- keyfile_name_base);
- if (verbosity >= 2) {
- fprintf(stderr, "Trying to read %s\n", keyfile_name);
- }
- keyfile = fopen(keyfile_name, "r");
- line_nr = 0;
- if (keyfile) {
- if (ldns_rr_new_frm_fp_l(&pubkey,
- keyfile,
- &default_ttl,
- NULL,
- NULL,
- &line_nr) ==
- LDNS_STATUS_OK) {
- if (verbosity >= 2) {
- printf("Key found in file: %s\n", keyfile_name);
- }
- }
- fclose(keyfile);
- }
- LDNS_FREE(keyfile_name);
- return pubkey;
-}
-
-/* this function tries to find the specified keys either in the zone that
- * has been read, or in a <basename>.key file. If the key is not found,
- * a public key is generated, and it is assumed the key is a ZSK
- *
- * if add_keys is true; the DNSKEYs are added to the zone prior to signing
- * if it is false, they are not added.
- * Even if keys are not added, the function is still needed, to check
- * whether keys of which we only have key data are KSKs or ZSKS
- */
-static ldns_status
-find_or_create_pubkey(const char *keyfile_name_base, ldns_key *key, ldns_zone *orig_zone, bool add_keys, uint32_t default_ttl) {
- ldns_rr *pubkey_gen, *pubkey;
- int key_in_zone;
-
- if (default_ttl == LDNS_DEFAULT_TTL) {
- default_ttl = ldns_rr_ttl(ldns_zone_soa(orig_zone));
- }
-
- if (!ldns_key_pubkey_owner(key)) {
- ldns_key_set_pubkey_owner(key, ldns_rdf_clone(ldns_rr_owner(ldns_zone_soa(orig_zone))));
- }
-
- /* find the public key in the zone, or in a
- * seperate file
- * we 'generate' one anyway,
- * then match that to any present in the zone,
- * if it matches, we drop our own. If not,
- * we try to see if there is a .key file present.
- * If not, we use our own generated one, with
- * some default values
- *
- * Even if -d (do-not-add-keys) is specified,
- * we still need to do this, because we need
- * to have any key flags that are set this way
- */
- pubkey_gen = ldns_key2rr(key);
- ldns_rr_set_ttl(pubkey_gen, default_ttl);
-
- if (verbosity >= 2) {
- fprintf(stderr,
- "Looking for key with keytag %u or %u\n",
- (unsigned int) ldns_calc_keytag(pubkey_gen),
- (unsigned int) ldns_calc_keytag(pubkey_gen)+1
- );
- }
-
- pubkey = find_key_in_zone(pubkey_gen, orig_zone);
- key_in_zone = 1;
- if (!pubkey) {
- key_in_zone = 0;
- /* it was not in the zone, try to read a .key file */
- pubkey = find_key_in_file(keyfile_name_base, key, default_ttl);
- if (!pubkey && !(ldns_key_flags(key) & LDNS_KEY_SEP_KEY)) {
- /* maybe it is a ksk? */
- ldns_key_set_keytag(key, ldns_key_keytag(key) + 1);
- pubkey = find_key_in_file(keyfile_name_base, key, default_ttl);
- if (!pubkey) {
- /* ok, no file, set back to ZSK */
- ldns_key_set_keytag(key, ldns_key_keytag(key) - 1);
- }
- }
- if(pubkey && ldns_dname_compare(ldns_rr_owner(pubkey), ldns_rr_owner(ldns_zone_soa(orig_zone))) != 0) {
- fprintf(stderr, "Error %s.key has wrong name: %s\n",
- keyfile_name_base, ldns_rdf2str(ldns_rr_owner(pubkey)));
- exit(EXIT_FAILURE); /* leak rdf2str, but we exit */
- }
- }
-
- if (!pubkey) {
- /* okay, no public key found,
- just use our generated one */
- pubkey = pubkey_gen;
- if (verbosity >= 2) {
- fprintf(stderr, "Not in zone, no .key file, generating ZSK DNSKEY from private key data\n");
- }
- } else {
- ldns_rr_free(pubkey_gen);
- }
- ldns_key_set_flags(key, ldns_rdf2native_int16(ldns_rr_rdf(pubkey, 0)));
- ldns_key_set_keytag(key, ldns_calc_keytag(pubkey));
-
- if (add_keys && !key_in_zone) {
- equalize_ttls_rr_list(ldns_zone_rrs(orig_zone), pubkey, default_ttl);
- ldns_zone_push_rr(orig_zone, pubkey);
- }
- return LDNS_STATUS_OK;
-}
-
-void
-strip_dnssec_records(ldns_zone *zone)
-{
- ldns_rr_list *new_list;
- ldns_rr *cur_rr;
-
- new_list = ldns_rr_list_new();
-
- while ((cur_rr = ldns_rr_list_pop_rr(ldns_zone_rrs(zone)))) {
- if (ldns_rr_get_type(cur_rr) == LDNS_RR_TYPE_RRSIG ||
- ldns_rr_get_type(cur_rr) == LDNS_RR_TYPE_NSEC ||
- ldns_rr_get_type(cur_rr) == LDNS_RR_TYPE_NSEC3
- ) {
-
- ldns_rr_free(cur_rr);
- } else {
- ldns_rr_list_push_rr(new_list, cur_rr);
- }
- }
- ldns_rr_list_free(ldns_zone_rrs(zone));
- ldns_zone_set_rrs(zone, new_list);
-}
-
-int
-main(int argc, char *argv[])
-{
- const char *zonefile_name;
- FILE *zonefile = NULL;
- int line_nr = 0;
- int c;
- int argi;
- ENGINE *engine = NULL;
-
- ldns_zone *orig_zone;
- ldns_rr_list *orig_rrs = NULL;
- ldns_rr *orig_soa = NULL;
- ldns_dnssec_zone *signed_zone;
-
- char *keyfile_name_base;
- char *keyfile_name = NULL;
- FILE *keyfile = NULL;
- ldns_key *key = NULL;
- ldns_key_list *keys;
- ldns_status s;
- size_t i;
- ldns_rr_list *added_rrs;
- ldns_status status;
-
- bool leave_old_dnssec_data = false;
-
- char *outputfile_name = NULL;
- FILE *outputfile;
-
- /* tmp vars for engine keys */
- char *eng_key_l;
- size_t eng_key_id_len;
- char *eng_key_id;
- int eng_key_algo;
-
- bool use_nsec3 = false;
- int signflags = 0;
-
- /* Add the given keys to the zone if they are not yet present */
- bool add_keys = true;
- uint8_t nsec3_algorithm = 1;
- uint8_t nsec3_flags = 0;
- size_t nsec3_iterations_cmd = 1;
- uint16_t nsec3_iterations = 1;
- uint8_t nsec3_salt_length = 0;
- uint8_t *nsec3_salt = NULL;
-
- /* we need to know the origin before reading ksk's,
- * so keep an array of filenames until we know it
- */
- struct tm tm;
- uint32_t inception;
- uint32_t expiration;
- ldns_rdf *origin = NULL;
- uint32_t ttl = LDNS_DEFAULT_TTL;
- ldns_rr_class class = LDNS_RR_CLASS_IN;
-
- char *prog = strdup(argv[0]);
- ldns_status result;
-
- inception = 0;
- expiration = 0;
-
- keys = ldns_key_list_new();
-
- OPENSSL_config(NULL);
-
- while ((c = getopt(argc, argv, "a:de:f:i:k:lno:ps:t:vAE:K:")) != -1) {
- switch (c) {
- case 'a':
- nsec3_algorithm = (uint8_t) atoi(optarg);
- break;
- case 'd':
- add_keys = false;
- break;
- case 'e':
- /* try to parse YYYYMMDD first,
- * if that doesn't work, it
- * should be a timestamp (seconds since epoch)
- */
- memset(&tm, 0, sizeof(tm));
-
- if (strlen(optarg) == 8 &&
- sscanf(optarg, "%4d%2d%2d", &tm.tm_year, &tm.tm_mon, &tm.tm_mday)
- ) {
- tm.tm_year -= 1900;
- tm.tm_mon--;
- check_tm(tm);
- expiration = (uint32_t) mktime_from_utc(&tm);
- } else if (strlen(optarg) == 14 &&
- sscanf(optarg, "%4d%2d%2d%2d%2d%2d", &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec)
- ) {
- tm.tm_year -= 1900;
- tm.tm_mon--;
- check_tm(tm);
- expiration = (uint32_t) mktime_from_utc(&tm);
- } else {
- expiration = (uint32_t) atol(optarg);
- }
- break;
- case 'f':
- outputfile_name = LDNS_XMALLOC(char, MAX_FILENAME_LEN);
- strncpy(outputfile_name, optarg, MAX_FILENAME_LEN);
- break;
- case 'i':
- memset(&tm, 0, sizeof(tm));
-
- if (strlen(optarg) == 8 &&
- sscanf(optarg, "%4d%2d%2d", &tm.tm_year, &tm.tm_mon, &tm.tm_mday)
- ) {
- tm.tm_year -= 1900;
- tm.tm_mon--;
- check_tm(tm);
- inception = (uint32_t) mktime_from_utc(&tm);
- } else if (strlen(optarg) == 14 &&
- sscanf(optarg, "%4d%2d%2d%2d%2d%2d", &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec)
- ) {
- tm.tm_year -= 1900;
- tm.tm_mon--;
- check_tm(tm);
- inception = (uint32_t) mktime_from_utc(&tm);
- } else {
- inception = (uint32_t) atol(optarg);
- }
- break;
- case 'l':
- leave_old_dnssec_data = true;
- break;
- case 'n':
- use_nsec3 = true;
- break;
- case 'o':
- if (ldns_str2rdf_dname(&origin, optarg) != LDNS_STATUS_OK) {
- fprintf(stderr, "Bad origin, not a correct domain name\n");
- usage(stderr, prog);
- exit(EXIT_FAILURE);
- }
-
- break;
- case 'p':
- nsec3_flags = nsec3_flags | LDNS_NSEC3_VARS_OPTOUT_MASK;
- break;
- case 'v':
- printf("zone signer version %s (ldns version %s)\n", LDNS_VERSION, ldns_version());
- exit(EXIT_SUCCESS);
- break;
- case 'A':
- signflags |= LDNS_SIGN_DNSKEY_WITH_ZSK;
- break;
- case 'E':
- ENGINE_load_builtin_engines();
- ENGINE_load_dynamic();
- ENGINE_load_cryptodev();
- engine = ENGINE_by_id(optarg);
- if (!engine) {
- printf("No such engine: %s\n", optarg);
- engine = ENGINE_get_first();
- printf("Available engines:\n");
- while (engine) {
- printf("%s\n", ENGINE_get_id(engine));
- engine = ENGINE_get_next(engine);
- }
- exit(EXIT_FAILURE);
- } else {
- if (!ENGINE_init(engine)) {
- printf("The engine couldn't initialize\n");
- exit(EXIT_FAILURE);
- }
- ENGINE_set_default_RSA(engine);
- ENGINE_set_default_DSA(engine);
- ENGINE_set_default(engine, 0);
- }
- break;
- case 'k':
- eng_key_l = strchr(optarg, ',');
- if (eng_key_l && strlen(eng_key_l) > 1) {
- if (eng_key_l > optarg) {
- eng_key_id_len = (size_t) (eng_key_l - optarg);
- eng_key_id = malloc(eng_key_id_len + 1);
- memcpy(eng_key_id, optarg, eng_key_id_len);
- eng_key_id[eng_key_id_len] = '\0';
- } else {
- /* no id given, use default from engine */
- eng_key_id = NULL;
- }
-
- eng_key_algo = atoi(eng_key_l + 1);
-
- printf("Engine key id: %s, algo %d\n", eng_key_id, eng_key_algo);
-
- if (expiration != 0) {
- ldns_key_set_expiration(key, expiration);
- }
- if (inception != 0) {
- ldns_key_set_inception(key, inception);
- }
-
- s = ldns_key_new_frm_engine(&key, engine, eng_key_id, eng_key_algo);
- if (s == LDNS_STATUS_OK) {
- /* must be dnssec key */
- switch (ldns_key_algorithm(key)) {
- case LDNS_SIGN_RSAMD5:
- case LDNS_SIGN_RSASHA1:
- case LDNS_SIGN_RSASHA1_NSEC3:
- case LDNS_SIGN_RSASHA256:
- case LDNS_SIGN_RSASHA512:
- case LDNS_SIGN_DSA:
- case LDNS_SIGN_DSA_NSEC3:
- case LDNS_SIGN_ECC_GOST:
-#ifdef USE_ECDSA
- case LDNS_SIGN_ECDSAP256SHA256:
- case LDNS_SIGN_ECDSAP384SHA384:
-#endif
- ldns_key_list_push_key(keys, key);
- /*printf("Added key at %p:\n", key);*/
- /*ldns_key_print(stdout, key);*/
- break;
- default:
- fprintf(stderr, "Warning, key not suitable for signing, ignoring key with algorithm %u\n", ldns_key_algorithm(key));
- break;
- }
- } else {
- printf("Error reading key '%s' from engine: %s\n", eng_key_id, ldns_get_errorstr_by_id(s));
- #ifdef HAVE_SSL
- if (ERR_peek_error()) {
- ERR_load_crypto_strings();
- ERR_print_errors_fp(stderr);
- ERR_free_strings();
- }
- #endif
- exit(EXIT_FAILURE);
- }
-
- if (eng_key_id) {
- free(eng_key_id);
- }
- } else {
- printf("Error: bad engine key specification (should be: -k <id>,<algorithm>)).\n");
- exit(EXIT_FAILURE);
- }
- break;
- case 'K':
- printf("Not implemented yet\n");
- exit(EXIT_FAILURE);
- break;
- case 's':
- if (strlen(optarg) % 2 != 0) {
- fprintf(stderr, "Salt value is not valid hex data, not a multiple of 2 characters\n");
- exit(EXIT_FAILURE);
- }
- nsec3_salt_length = (uint8_t) strlen(optarg) / 2;
- nsec3_salt = LDNS_XMALLOC(uint8_t, nsec3_salt_length);
- for (c = 0; c < (int) strlen(optarg); c += 2) {
- if (isxdigit((int) optarg[c]) && isxdigit((int) optarg[c+1])) {
- nsec3_salt[c/2] = (uint8_t) ldns_hexdigit_to_int(optarg[c]) * 16 +
- ldns_hexdigit_to_int(optarg[c+1]);
- } else {
- fprintf(stderr, "Salt value is not valid hex data.\n");
- exit(EXIT_FAILURE);
- }
- }
-
- break;
- case 't':
- nsec3_iterations_cmd = (size_t) atol(optarg);
- if (nsec3_iterations_cmd > LDNS_NSEC3_MAX_ITERATIONS) {
- fprintf(stderr, "Iterations count can not exceed %u, quitting\n", LDNS_NSEC3_MAX_ITERATIONS);
- exit(EXIT_FAILURE);
- }
- nsec3_iterations = (uint16_t) nsec3_iterations_cmd;
- break;
- default:
- usage(stderr, prog);
- exit(EXIT_SUCCESS);
- }
- }
-
- argc -= optind;
- argv += optind;
-
- if (argc < 1) {
- printf("Error: not enough arguments\n");
- usage(stdout, prog);
- exit(EXIT_FAILURE);
- } else {
- zonefile_name = argv[0];
- }
-
- /* read zonefile first to find origin if not specified */
-
- if (strncmp(zonefile_name, "-", 2) == 0) {
- s = ldns_zone_new_frm_fp_l(&orig_zone,
- stdin,
- origin,
- ttl,
- class,
- &line_nr);
- if (s != LDNS_STATUS_OK) {
- fprintf(stderr, "Zone not read, error: %s at stdin line %d\n",
- ldns_get_errorstr_by_id(s),
- line_nr);
- exit(EXIT_FAILURE);
- } else {
- orig_soa = ldns_zone_soa(orig_zone);
- if (!orig_soa) {
- fprintf(stderr,
- "Error reading zonefile: missing SOA record\n");
- exit(EXIT_FAILURE);
- }
- orig_rrs = ldns_zone_rrs(orig_zone);
- if (!orig_rrs) {
- fprintf(stderr,
- "Error reading zonefile: no resource records\n");
- exit(EXIT_FAILURE);
- }
- }
- } else {
- zonefile = fopen(zonefile_name, "r");
-
- if (!zonefile) {
- fprintf(stderr,
- "Error: unable to read %s (%s)\n",
- zonefile_name,
- strerror(errno));
- exit(EXIT_FAILURE);
- } else {
- s = ldns_zone_new_frm_fp_l(&orig_zone,
- zonefile,
- origin,
- ttl,
- class,
- &line_nr);
- if (s != LDNS_STATUS_OK) {
- fprintf(stderr, "Zone not read, error: %s at %s line %d\n",
- ldns_get_errorstr_by_id(s),
- zonefile_name, line_nr);
- exit(EXIT_FAILURE);
- } else {
- orig_soa = ldns_zone_soa(orig_zone);
- if (!orig_soa) {
- fprintf(stderr,
- "Error reading zonefile: missing SOA record\n");
- exit(EXIT_FAILURE);
- }
- orig_rrs = ldns_zone_rrs(orig_zone);
- if (!orig_rrs) {
- fprintf(stderr,
- "Error reading zonefile: no resource records\n");
- exit(EXIT_FAILURE);
- }
- }
- fclose(zonefile);
- }
- }
-
- if (!origin) {
- origin = ldns_rr_owner(orig_soa);
- }
-
- /* read the ZSKs */
- argi = 1;
- while (argi < argc) {
- keyfile_name_base = argv[argi];
- keyfile_name = LDNS_XMALLOC(char, strlen(keyfile_name_base) + 9);
- snprintf(keyfile_name,
- strlen(keyfile_name_base) + 9,
- "%s.private",
- keyfile_name_base);
- keyfile = fopen(keyfile_name, "r");
- line_nr = 0;
- if (!keyfile) {
- fprintf(stderr,
- "Error: unable to read %s: %s\n",
- keyfile_name,
- strerror(errno));
- } else {
- s = ldns_key_new_frm_fp_l(&key, keyfile, &line_nr);
- fclose(keyfile);
- if (s == LDNS_STATUS_OK) {
- /* set times in key? they will end up
- in the rrsigs
- */
- if (expiration != 0) {
- ldns_key_set_expiration(key, expiration);
- }
- if (inception != 0) {
- ldns_key_set_inception(key, inception);
- }
-
- LDNS_FREE(keyfile_name);
-
- ldns_key_list_push_key(keys, key);
- } else {
- fprintf(stderr, "Error reading key from %s at line %d: %s\n", argv[argi], line_nr, ldns_get_errorstr_by_id(s));
- }
- }
- /* and, if not unset by -p, find or create the corresponding DNSKEY record */
- if (key) {
- status = find_or_create_pubkey(keyfile_name_base,
- key, orig_zone,
- add_keys, ttl);
- }
- argi++;
- }
-
- if (ldns_key_list_key_count(keys) < 1) {
- fprintf(stderr, "Error: no keys to sign with. Aborting.\n\n");
- usage(stderr, prog);
- exit(EXIT_FAILURE);
- }
-
- signed_zone = ldns_dnssec_zone_new();
- if (ldns_dnssec_zone_add_rr(signed_zone, ldns_zone_soa(orig_zone)) !=
- LDNS_STATUS_OK) {
- fprintf(stderr,
- "Error adding SOA to dnssec zone, skipping record\n");
- }
-
- for (i = 0;
- i < ldns_rr_list_rr_count(ldns_zone_rrs(orig_zone));
- i++) {
- if (ldns_dnssec_zone_add_rr(signed_zone,
- ldns_rr_list_rr(ldns_zone_rrs(orig_zone),
- i)) !=
- LDNS_STATUS_OK) {
- fprintf(stderr,
- "Error adding RR to dnssec zone");
- fprintf(stderr, ", skipping record:\n");
- ldns_rr_print(stderr,
- ldns_rr_list_rr(ldns_zone_rrs(orig_zone), i));
- }
- }
-
- /* list to store newly created rrs, so we can free them later */
- added_rrs = ldns_rr_list_new();
-
- if (use_nsec3) {
- result = ldns_dnssec_zone_sign_nsec3_flg(signed_zone,
- added_rrs,
- keys,
- ldns_dnssec_default_replace_signatures,
- NULL,
- nsec3_algorithm,
- nsec3_flags,
- nsec3_iterations,
- nsec3_salt_length,
- nsec3_salt,
- signflags);
- } else {
- result = ldns_dnssec_zone_sign_flg(signed_zone,
- added_rrs,
- keys,
- ldns_dnssec_default_replace_signatures,
- NULL,
- signflags);
- }
- if (result != LDNS_STATUS_OK) {
- fprintf(stderr, "Error signing zone: %s\n",
- ldns_get_errorstr_by_id(result));
- }
-
- if (!outputfile_name) {
- outputfile_name = LDNS_XMALLOC(char, MAX_FILENAME_LEN);
- snprintf(outputfile_name, MAX_FILENAME_LEN, "%s.signed", zonefile_name);
- }
-
- if (signed_zone) {
- if (strncmp(outputfile_name, "-", 2) == 0) {
- ldns_dnssec_zone_print(stdout, signed_zone);
- } else {
- outputfile = fopen(outputfile_name, "w");
- if (!outputfile) {
- fprintf(stderr, "Unable to open %s for writing: %s\n",
- outputfile_name, strerror(errno));
- } else {
- ldns_dnssec_zone_print(outputfile, signed_zone);
- fclose(outputfile);
- }
- }
- } else {
- fprintf(stderr, "Error signing zone.\n");
-
-#ifdef HAVE_SSL
- if (ERR_peek_error()) {
- ERR_load_crypto_strings();
- ERR_print_errors_fp(stderr);
- ERR_free_strings();
- }
-#endif
- exit(EXIT_FAILURE);
- }
-
- ldns_key_list_free(keys);
- /* since the ldns_rr records are pointed to in both the ldns_zone
- * and the ldns_dnssec_zone, we can either deep_free the
- * dnssec_zone and 'shallow' free the original zone and added
- * records, or the other way around
- */
- ldns_dnssec_zone_free(signed_zone);
- ldns_zone_deep_free(orig_zone);
- ldns_rr_list_deep_free(added_rrs);
-
- LDNS_FREE(outputfile_name);
-
- CRYPTO_cleanup_all_ex_data();
-
- free(prog);
- exit(EXIT_SUCCESS);
-}
-#else
-int
-main(int argc, char **argv)
-{
- fprintf(stderr, "ldns-signzone needs OpenSSL support, which has not been compiled in\n");
- return 1;
-}
-#endif /* HAVE_SSL */
+++ /dev/null
-.TH ldns-test-edns 1 "14 Dec 2010"
-.SH NAME
-ldns-test-edns \- test if dns cache supports EDNS and DNSSEC.
-.SH SYNOPSIS
-.B ldns-test-edns
-[
-.IR -i
-]
-{
-.IR ip
-}
-.SH DESCRIPTION
-\fBldns-test-edns\fR tests a DNS cache and checks if it supports EDNS0 and
-DNSSEC types so that it can be used as a dnssec-enabled DNS cache. It sends
-two queries to the cache, one for the root key and one for a DS record.
-These must succeed, the answer must have EDNS, that type and signatures.
-.PP
-If the IP address is good for DNSSEC, it is printed with 'OK'. Otherwise
-short description is given of the failure.
-If OK is given, the cache should be good to use as a cache for a local
-configured DNSSEC validator.
-.PP
-The tool assumes the root is signed and Sweden is signed.
-Also, the queries are sent with the CD flag, the tool does not check that the
-results are validated, but that they \fBcan\fR be validated.
-.SH OPTIONS
-\fB-i\fR option enables a mode where the working IP addresses are printed
-after another, with no other explanations, and if none work or no IP addresses
-are on the input, 'off' is printed.
-.PP
-\fBldns-test-edns\fR takes one or more IP addresses, it checks them in turn.
-IPv4 and IPv6 addresses can be given. The exit value is for the last checked
-IP address: 0 is OK, 1 is failure, 2 is some sort of network failure.
-.SH AUTHOR
-Written by the ldns team as an example for ldns usage.
-.SH REPORTING BUGS
-Report bugs to <ldns-team@nlnetlabs.nl>.
-.SH COPYRIGHT
-Copyright (C) 2010 NLnet Labs. This is free software. There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
-PURPOSE.
+++ /dev/null
-/*
- * ldns-test-edns tries to get DNSKEY and RRSIG from an IP address.
- * This can be used to test if a DNS cache supports DNSSEC (caching RRSIGs),
- * i.e. for automatic configuration utilities or when you get a new DNS cache
- * from DHCP and wonder if your local validator could use that as a cache.
- *
- * (c) NLnet Labs 2010
- * See the file LICENSE for the license
- */
-
-#include "config.h"
-#include "errno.h"
-#include <ldns/ldns.h>
-
-/** print error details */
-static int verb = 1;
-
-/** parse IP address */
-static int
-convert_addr(char* str, int p, struct sockaddr_storage* addr, socklen_t* len)
-{
-#ifdef AF_INET6
- if(strchr(str, ':')) {
- *len = (socklen_t)sizeof(struct sockaddr_in6);
- ((struct sockaddr_in6*)addr)->sin6_family = AF_INET6;
- ((struct sockaddr_in6*)addr)->sin6_port = htons((uint16_t)p);
- if(inet_pton(AF_INET6, str,
- &((struct sockaddr_in6*)addr)->sin6_addr) == 1)
- return 1;
- } else {
-#endif
- *len = (socklen_t)sizeof(struct sockaddr_in);
- ((struct sockaddr_in*)addr)->sin_family = AF_INET;
- ((struct sockaddr_in*)addr)->sin_port = htons((uint16_t)p);
- if(inet_pton(AF_INET, str,
- &((struct sockaddr_in*)addr)->sin_addr) == 1)
- return 1;
-#ifdef AF_INET6
- }
-#endif
- if(verb) printf("error: cannot parse IP address %s\n", str);
- return 0;
-}
-
-/** create a query to test */
-static ldns_buffer*
-make_query(char* nm, int tp)
-{
- /* with EDNS DO and CDFLAG */
- ldns_buffer* b = ldns_buffer_new(512);
- ldns_pkt* p;
- ldns_status s;
- if(!b) {
- if(verb) printf("error: out of memory\n");
- return NULL;
- }
-
- s = ldns_pkt_query_new_frm_str(&p, nm, tp, LDNS_RR_CLASS_IN,
- (uint16_t)(LDNS_RD|LDNS_CD));
- if(s != LDNS_STATUS_OK) {
- if(verb) printf("error: %s\n", ldns_get_errorstr_by_id(s));
- ldns_buffer_free(b);
- return NULL;
- }
- if(!p) {
- if(verb) printf("error: out of memory\n");
- ldns_buffer_free(b);
- return NULL;
- }
-
- ldns_pkt_set_edns_do(p, 1);
- ldns_pkt_set_edns_udp_size(p, 4096);
- ldns_pkt_set_id(p, ldns_get_random());
- if( (s=ldns_pkt2buffer_wire(b, p)) != LDNS_STATUS_OK) {
- if(verb) printf("error: %s\n", ldns_get_errorstr_by_id(s));
- ldns_pkt_free(p);
- ldns_buffer_free(b);
- return NULL;
- }
- ldns_pkt_free(p);
-
- return b;
-}
-
-/** try 3 times to get an EDNS reply from the server, exponential backoff */
-static int
-get_packet(struct sockaddr_storage* addr, socklen_t len, char* nm, int tp,
- uint8_t **wire, size_t* wlen)
-{
- struct timeval t;
- ldns_buffer* qbin;
- ldns_status s;
- int tries = 0;
-
- memset(&t, 0, sizeof(t));
- t.tv_usec = 100 * 1000; /* 100 milliseconds (then 200, 400, 800) */
-
- qbin = make_query(nm, tp);
- if(!qbin)
- return 0;
- while(tries < 4) {
- tries ++;
- s = ldns_udp_send(wire, qbin, addr, len, t, wlen);
- if(s != LDNS_STATUS_NETWORK_ERR) {
- break;
- }
- t.tv_usec *= 2;
- if(t.tv_usec > 1000*1000) {
- t.tv_usec -= 1000*1000;
- t.tv_sec += 1;
- }
- }
- ldns_buffer_free(qbin);
- if(tries == 4) {
- if(verb) printf("timeout\n");
- return 0;
- }
- if(s != LDNS_STATUS_OK) {
- if(verb) printf("error: %s\n", ldns_get_errorstr_by_id(s));
- return 0;
- }
- return 1;
-}
-
-/** test if type is present in returned packet */
-static int
-check_type_in_answer(ldns_pkt* p, int t)
-{
- ldns_rr_list *l = ldns_pkt_rr_list_by_type(p, t, LDNS_SECTION_ANSWER);
- if(!l) {
- char* s = ldns_rr_type2str(t);
- if(verb) printf("no DNSSEC %s\n", s?s:"(out of memory)");
- LDNS_FREE(s);
- return 0;
- }
- ldns_rr_list_deep_free(l);
- return 1;
-}
-
-/** check the packet and make sure that EDNS and DO and the type and RRSIG */
-static int
-check_packet(uint8_t* wire, size_t len, int tp)
-{
- ldns_pkt *p = NULL;
- ldns_status s;
- if( (s=ldns_wire2pkt(&p, wire, len)) != LDNS_STATUS_OK) {
- if(verb) printf("error: %s\n", ldns_get_errorstr_by_id(s));
- goto failed;
- }
- if(!p) {
- if(verb) printf("error: out of memory\n");
- goto failed;
- }
-
- /* does DNS work? */
- if(ldns_pkt_get_rcode(p) != LDNS_RCODE_NOERROR) {
- char* r = ldns_pkt_rcode2str(ldns_pkt_get_rcode(p));
- if(verb) printf("no answer, %s\n", r?r:"(out of memory)");
- LDNS_FREE(r);
- goto failed;
- }
-
- /* test EDNS0 presence, of OPT record */
- /* LDNS forgets during pkt parse, but we test the ARCOUNT;
- * 0 additionals means no EDNS(on the wire), and after parsing the
- * same additional RRs as before means no EDNS OPT */
- if(LDNS_ARCOUNT(wire) == 0 ||
- ldns_pkt_arcount(p) == LDNS_ARCOUNT(wire)) {
- if(verb) printf("no EDNS\n");
- goto failed;
- }
-
- /* test if the type, RRSIG present */
- if(!check_type_in_answer(p, tp) ||
- !check_type_in_answer(p, LDNS_RR_TYPE_RRSIG)) {
- goto failed;
- }
-
- LDNS_FREE(wire);
- ldns_pkt_free(p);
- return 1;
-failed:
- LDNS_FREE(wire);
- ldns_pkt_free(p);
- return 0;
-}
-
-/** check EDNS at this IP and port */
-static int
-check_edns_ip(char* ip, int port, int info)
-{
- struct sockaddr_storage addr;
- socklen_t len = 0;
- uint8_t* wire;
- size_t wlen;
- memset(&addr, 0, sizeof(addr));
- if(verb) printf("%s ", ip);
- if(!convert_addr(ip, port, &addr, &len))
- return 2;
- /* try to send 3 times to the IP address, test root key */
- if(!get_packet(&addr, len, ".", LDNS_RR_TYPE_DNSKEY, &wire, &wlen))
- return 2;
- if(!check_packet(wire, wlen, LDNS_RR_TYPE_DNSKEY))
- return 1;
- /* check support for caching type DS for chains of trust */
- if(!get_packet(&addr, len, "se.", LDNS_RR_TYPE_DS, &wire, &wlen))
- return 2;
- if(!check_packet(wire, wlen, LDNS_RR_TYPE_DS))
- return 1;
- if(verb) printf("OK\n");
- if(info) printf(" %s", ip);
- return 0;
-}
-
-int
-main(int argc, char **argv)
-{
- int i, r, info=0, ok=0;
-#ifdef USE_WINSOCK
- WSADATA wsa_data;
- if(WSAStartup(MAKEWORD(2,2), &wsa_data) != 0) {
- printf("WSAStartup failed\n"); exit(1);
- }
-#endif
- if (argc < 2 || strncmp(argv[1], "-h", 3) == 0) {
- printf("Usage: ldns-test-edns [-i] {ip address}\n");
- printf("Tests if the DNS cache at IP address supports EDNS.\n");
- printf("if it works, print IP address OK.\n");
- printf("-i: print IPs that are OK or print 'off'.\n");
- printf("exit value, last IP is 0:OK, 1:fail, 2:net error.\n");
- exit(1);
- }
- if(strcmp(argv[1], "-i") == 0) {
- info = 1;
- verb = 0;
- }
-
- for(i=1+info; i<argc; i++) {
- r = check_edns_ip(argv[i], LDNS_PORT, info);
- if(r == 0)
- ok++;
- }
- if(info && !ok)
- printf("off\n");
- return r;
-}
+++ /dev/null
-.TH ldns-testns 1 "14 Dec 2006"
-.SH NAME
-ldns-testns \- simple fake nameserver tool
-.SH SYNOPSYS
-.B ldns-testns
-[
-.IR OPTION
-]
-.IR datafile
-
-.SH DESCRIPTION
-\fBldns-testns\fR can be used to provide answers to DNS queries for
-testing. The answers are premade, and can be tailored to testing
-needs. The answers can be wildly invalid or unparseable.
-
-This program is a debugging aid. It is not efficient, especially
-with a long config file, but it can give any reply to any query.
-This can help the developer pre-script replies for queries.
-
-It listens to IP4 UDP and TCP by default.
-You can specify a packet RR by RR with header flags to return.
-
-ldns-testns is not meant for production use.
-
-.SH OPTIONS
-.TP
-\fB-r\fR
-Listens to a random port. The port number is printed to stdout.
-
-.TP
-\fB-p\fR \fIport\fR
-Listens to the specified port.
-
-.TP
-\fB-f\fR \fInum\fR
-Forks this number of additional instances that serve the same ports and
-same datafile. They do not exit; printed is 'forked pid: <num>' and you
-have to kill them yourself.
-
-.TP
-\fB-v\fR
-Outputs more debug information. It is possible to give this option multiple
-times to increase verbosity level.
-
-.TP
-\fB-6\fR
-Bind to IP6 address instead of IP4. Use together with -p.
-
-.TP
-\fBdatafile\fR
-The data file is read on start up. It contains queries and the packets
-that should be sent in answer to those queries. The data file format is
-explained below.
-
-.SH DATA FILE FORMAT
-The data file format has ';' to denote comment. A number of entries
-are processed first to last. The first matching entry is used to answer
-the query with. This is a line based format. DNS resource records
-are entered in zone-file format.
-
-You can use $ORIGIN and $TTL directives. Zone file '(' and ')' to span
-multiple lines are not allowed.
-
-$ORIGIN origin
-$TTL default_ttl
-
-ENTRY_BEGIN
-
-; first give MATCH lines, that say what queries are matched
-; by this entry.
-; 'opcode' makes the query match the opcode from the reply
-; if you leave it out, any opcode matches this entry.
-; 'qtype' makes the query match the qtype from the reply
-; 'qname' makes the query match the qname from the reply
-; 'serial=1023' makes the query match if ixfr serial is 1023.
-
-MATCH [opcode] [qtype] [qname] [serial=<value>]
-MATCH [UDP|TCP]
-MATCH ...
-
-; Then the REPLY header is specified.
-
-REPLY opcode, rcode or flags.
- (opcode) QUERY IQUERY STATUS NOTIFY UPDATE
- (rcode) NOERROR FORMERR SERVFAIL NXDOMAIN NOTIMPL YXDOMAIN
- YXRRSET NXRRSET NOTAUTH NOTZONE
- (flags) QR AA TC RD CD RA AD
-
-REPLY ...
-
-; any additional actions to do.
-
-ADJUST copy_id ; 'copy_id' copies the ID from the query to the answer.
-
-; 'sleep=10' sleeps for 10 seconds before giving the answer (TCP is open)
-
-ADJUST [sleep=<num>] ; sleep before giving any reply
-ADJUST [packet_sleep=<num>] ; sleep before this packet in sequence
-
-SECTION QUESTION
-<RRs, one per line> ; the RRcount is determined automatically.
-
-SECTION ANSWER
-<RRs, one per line>
-
-SECTION AUTHORITY
-<RRs, one per line>
-
-SECTION ADDITIONAL
-<RRs, one per line>
-
-EXTRA_PACKET ; follow with SECTION, REPLY for more packets.
-HEX_ANSWER_BEGIN ; follow with hex data
- ; this replaces any answer packet constructed
- ; with the SECTION keywords (only SECTION QUERY
- ; is used to match queries). If the data cannot
- ; be parsed, ADJUST rules for the answer packet
- ; are ignored
-
-HEX_ANSWER_END
-
-ENTRY_END
-
-.SH AUTHOR
-Written by the ldns team as an example for ldns usage, and for testing purposes.
-.SH REPORTING BUGS
-Report bugs to <ldns-team@nlnetlabs.nl>.
-.SH COPYRIGHT
-Copyright (C) 2006-2008 NLnet Labs. This is free software. There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
-PURPOSE.
+++ /dev/null
-/*
- * ldns-testns. Light-weight DNS daemon, gives canned replies.
- *
- * Tiny dns server, that responds with specially crafted replies
- * to requests. For testing dns software.
- *
- * (c) NLnet Labs, 2005 - 2008
- * See the file LICENSE for the license
- */
-
-/*
- * This program is a debugging aid. It can is not efficient, especially
- * with a long config file, but it can give any reply to any query.
- * This can help the developer pre-script replies for queries.
- *
- * It listens to IP4 UDP and TCP by default.
- * You can specify a packet RR by RR with header flags to return.
- *
- * Missing features:
- * - matching content different from reply content.
- * - find way to adjust mangled packets?
- */
-
-/*
- The data file format is as follows:
-
- ; comment.
- ; a number of entries, these are processed first to last.
- ; a line based format.
-
- $ORIGIN origin
- $TTL default_ttl
-
- ENTRY_BEGIN
- ; first give MATCH lines, that say what queries are matched
- ; by this entry.
- ; 'opcode' makes the query match the opcode from the reply
- ; if you leave it out, any opcode matches this entry.
- ; 'qtype' makes the query match the qtype from the reply
- ; 'qname' makes the query match the qname from the reply
- ; 'serial=1023' makes the query match if ixfr serial is 1023.
- MATCH [opcode] [qtype] [qname] [serial=<value>]
- MATCH [UDP|TCP]
- MATCH ...
- ; Then the REPLY header is specified.
- REPLY opcode, rcode or flags.
- (opcode) QUERY IQUERY STATUS NOTIFY UPDATE
- (rcode) NOERROR FORMERR SERVFAIL NXDOMAIN NOTIMPL YXDOMAIN
- YXRRSET NXRRSET NOTAUTH NOTZONE
- (flags) QR AA TC RD CD RA AD
- REPLY ...
- ; any additional actions to do.
- ; 'copy_id' copies the ID from the query to the answer.
- ADJUST copy_id
- ; 'sleep=10' sleeps for 10 seconds before giving the answer (TCP is open)
- ADJUST [sleep=<num>] ; sleep before giving any reply
- ADJUST [packet_sleep=<num>] ; sleep before this packet in sequence
- SECTION QUESTION
- <RRs, one per line> ; the RRcount is determined automatically.
- SECTION ANSWER
- <RRs, one per line>
- SECTION AUTHORITY
- <RRs, one per line>
- SECTION ADDITIONAL
- <RRs, one per line>
- EXTRA_PACKET ; follow with SECTION, REPLY for more packets.
- HEX_ANSWER_BEGIN ; follow with hex data
- ; this replaces any answer packet constructed
- ; with the SECTION keywords (only SECTION QUERY
- ; is used to match queries). If the data cannot
- ; be parsed, ADJUST rules for the answer packet
- ; are ignored
- HEX_ANSWER_END
- ENTRY_END
-*/
-
-/* Example data file:
-$ORIGIN nlnetlabs.nl
-$TTL 3600
-
-ENTRY_BEGIN
-MATCH qname
-REPLY NOERROR
-ADJUST copy_id
-SECTION QUESTION
-www.nlnetlabs.nl. IN A
-SECTION ANSWER
-www.nlnetlabs.nl. IN A 195.169.215.155
-SECTION AUTHORITY
-nlnetlabs.nl. IN NS www.nlnetlabs.nl.
-ENTRY_END
-
-ENTRY_BEGIN
-MATCH qname
-REPLY NOERROR
-ADJUST copy_id
-SECTION QUESTION
-www2.nlnetlabs.nl. IN A
-HEX_ANSWER_BEGIN
-; 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
-;-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
- 00 bf 81 80 00 01 00 01 00 02 00 02 03 77 77 77 0b 6b 61 6e ; 1- 20
- 61 72 69 65 70 69 65 74 03 63 6f 6d 00 00 01 00 01 03 77 77 ; 21- 40
- 77 0b 6b 61 6e 61 72 69 65 70 69 65 74 03 63 6f 6d 00 00 01 ; 41- 60
- 00 01 00 01 50 8b 00 04 52 5e ed 32 0b 6b 61 6e 61 72 69 65 ; 61- 80
- 70 69 65 74 03 63 6f 6d 00 00 02 00 01 00 01 50 8b 00 11 03 ; 81- 100
- 6e 73 31 08 68 65 78 6f 6e 2d 69 73 02 6e 6c 00 0b 6b 61 6e ; 101- 120
- 61 72 69 65 70 69 65 74 03 63 6f 6d 00 00 02 00 01 00 01 50 ; 121- 140
- 8b 00 11 03 6e 73 32 08 68 65 78 6f 6e 2d 69 73 02 6e 6c 00 ; 141- 160
- 03 6e 73 31 08 68 65 78 6f 6e 2d 69 73 02 6e 6c 00 00 01 00 ; 161- 180
- 01 00 00 46 53 00 04 52 5e ed 02 03 6e 73 32 08 68 65 78 6f ; 181- 200
- 6e 2d 69 73 02 6e 6c 00 00 01 00 01 00 00 46 53 00 04 d4 cc ; 201- 220
- db 5b
-HEX_ANSWER_END
-ENTRY_END
-
-
-*/
-
-struct sockaddr_storage;
-#include "config.h"
-#include <ldns/ldns.h>
-#include "ldns-testpkts.h"
-
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_TIME_H
-#include <time.h>
-#endif
-#ifdef HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
-#ifdef HAVE_SYS_SELECT_H
-#include <sys/select.h>
-#endif
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_NETINET_UDP_H
-#include <netinet/udp.h>
-#endif
-#ifdef HAVE_NETINET_IGMP_H
-#include <netinet/igmp.h>
-#endif
-#include <errno.h>
-
-#define INBUF_SIZE 4096 /* max size for incoming queries */
-#define DEFAULT_PORT 53 /* default if no -p port is specified */
-#define CONN_BACKLOG 5 /* 5 connections queued up for tcp */
-static const char* prog_name = "ldns-testns";
-static FILE* logfile = 0;
-static int do_verbose = 0;
-
-static void usage()
-{
- printf("Usage: %s [options] <datafile>\n", prog_name);
- printf(" -r listens on random port. Port number is printed.\n");
- printf(" -p listens on the specified port, default %d.\n", DEFAULT_PORT);
- printf(" -f forks given number extra instances, default none.\n");
- printf(" -v more verbose, prints queries, answers and matching.\n");
- printf(" -6 listen on IP6 any address, instead of IP4 any address.\n");
- printf("The program answers queries with canned replies from the datafile.\n");
- exit(EXIT_FAILURE);
-}
-
-static void log_msg(const char* msg, ...)
-{
- va_list args;
- va_start(args, msg);
- vfprintf(logfile, msg, args);
- fflush(logfile);
- va_end(args);
-}
-
-static void error(const char* msg, ...)
-{
- va_list args;
- va_start(args, msg);
- fprintf(logfile, "%s error: ", prog_name);
- vfprintf(logfile, msg, args);
- fprintf(logfile, "\n");
- fflush(logfile);
- va_end(args);
- exit(EXIT_FAILURE);
-}
-
-void verbose(int lvl, const char* msg, ...)
-{
- va_list args;
- va_start(args, msg);
- if(do_verbose)
- vfprintf(logfile, msg, args);
- fflush(logfile);
- va_end(args);
-}
-
-static int bind_port(int sock, int port, int fam)
-{
- struct sockaddr_in addr;
-#if defined(AF_INET6) && defined(HAVE_GETADDRINFO)
- if(fam == AF_INET6) {
- struct sockaddr_in6 addr6;
- memset(&addr6, 0, sizeof(addr6));
- addr6.sin6_family = AF_INET6;
- addr6.sin6_port = (in_port_t)htons((uint16_t)port);
-# if HAVE_DECL_IN6ADDR_ANY
- addr6.sin6_addr = in6addr_any;
-# else
- memset(&addr6.sin6_addr, 0, sizeof(addr6.sin6_addr));
-# endif
- return bind(sock, (struct sockaddr *)&addr6, (socklen_t) sizeof(addr6));
- }
-#endif
-
- addr.sin_family = AF_INET;
- addr.sin_port = (in_port_t)htons((uint16_t)port);
- addr.sin_addr.s_addr = INADDR_ANY;
- return bind(sock, (struct sockaddr *)&addr, (socklen_t) sizeof(addr));
-}
-
-struct handle_udp_userdata {
- int udp_sock;
- struct sockaddr_storage addr_him;
- socklen_t hislen;
-};
-static void
-send_udp(uint8_t* buf, size_t len, void* data)
-{
- struct handle_udp_userdata *userdata = (struct handle_udp_userdata*)data;
- /* udp send reply */
- ssize_t nb;
- nb = sendto(userdata->udp_sock, (void*)buf, len, 0,
- (struct sockaddr*)&userdata->addr_him, userdata->hislen);
- if(nb == -1)
- log_msg("sendto(): %s\n", strerror(errno));
- else if((size_t)nb != len)
- log_msg("sendto(): only sent %d of %d octets.\n",
- (int)nb, (int)len);
-}
-
-static void
-handle_udp(int udp_sock, struct entry* entries, int *count)
-{
- ssize_t nb;
- uint8_t inbuf[INBUF_SIZE];
- struct handle_udp_userdata userdata;
- userdata.udp_sock = udp_sock;
-
- userdata.hislen = (socklen_t)sizeof(userdata.addr_him);
- /* udp recv */
- nb = recvfrom(udp_sock, (void*)inbuf, INBUF_SIZE, 0,
- (struct sockaddr*)&userdata.addr_him, &userdata.hislen);
- if (nb < 1) {
-#ifndef USE_WINSOCK
- log_msg("recvfrom(): %s\n", strerror(errno));
-#else
- if(WSAGetLastError() != WSAEINPROGRESS &&
- WSAGetLastError() != WSAECONNRESET &&
- WSAGetLastError()!= WSAEWOULDBLOCK)
- log_msg("recvfrom(): %d\n", WSAGetLastError());
-#endif
- return;
- }
- handle_query(inbuf, nb, entries, count, transport_udp, send_udp,
- &userdata, do_verbose?logfile:0);
-}
-
-static void
-read_n_bytes(int sock, uint8_t* buf, size_t sz)
-{
- size_t count = 0;
- while(count < sz) {
- ssize_t nb = recv(sock, (void*)(buf+count), sz-count, 0);
- if(nb < 0) {
- log_msg("recv(): %s\n", strerror(errno));
- return;
- }
- count += nb;
- }
-}
-
-static void
-write_n_bytes(int sock, uint8_t* buf, size_t sz)
-{
- size_t count = 0;
- while(count < sz) {
- ssize_t nb = send(sock, (void*)(buf+count), sz-count, 0);
- if(nb < 0) {
- log_msg("send(): %s\n", strerror(errno));
- return;
- }
- count += nb;
- }
-}
-
-struct handle_tcp_userdata {
- int s;
-};
-static void
-send_tcp(uint8_t* buf, size_t len, void* data)
-{
- struct handle_tcp_userdata *userdata = (struct handle_tcp_userdata*)data;
- uint16_t tcplen;
- /* tcp send reply */
- tcplen = htons(len);
- write_n_bytes(userdata->s, (uint8_t*)&tcplen, sizeof(tcplen));
- write_n_bytes(userdata->s, buf, len);
-}
-
-static void
-handle_tcp(int tcp_sock, struct entry* entries, int *count)
-{
- int s;
- struct sockaddr_storage addr_him;
- socklen_t hislen;
- uint8_t inbuf[INBUF_SIZE];
- uint16_t tcplen;
- struct handle_tcp_userdata userdata;
-
- /* accept */
- hislen = (socklen_t)sizeof(addr_him);
- if((s = accept(tcp_sock, (struct sockaddr*)&addr_him, &hislen)) < 0) {
- log_msg("accept(): %s\n", strerror(errno));
- return;
- }
- userdata.s = s;
-
- /* tcp recv */
- read_n_bytes(s, (uint8_t*)&tcplen, sizeof(tcplen));
- tcplen = ntohs(tcplen);
- if(tcplen >= INBUF_SIZE) {
- log_msg("query %d bytes too large, buffer %d bytes.\n",
- tcplen, INBUF_SIZE);
-#ifndef USE_WINSOCK
- close(s);
-#else
- closesocket(s);
-#endif
- return;
- }
- read_n_bytes(s, inbuf, tcplen);
-
- handle_query(inbuf, (ssize_t) tcplen, entries, count, transport_tcp,
- send_tcp, &userdata, do_verbose?logfile:0);
-#ifndef USE_WINSOCK
- close(s);
-#else
- closesocket(s);
-#endif
-
-}
-
-/** shared by the service and main routine (forked and threaded) */
-static int udp_sock, tcp_sock;
-static struct entry* entries;
-
-/**
- * Test DNS server service, uses global udpsock, tcpsock, reply entries
- * The signature is kept void so the function can be used as a thread function.
- */
-static void
-service(void)
-{
- fd_set rset, wset, eset;
- struct timeval timeout;
- int count;
- int maxfd;
-
- /* service */
- count = 0;
- timeout.tv_sec = 0;
- timeout.tv_usec = 0;
- while (1) {
- FD_ZERO(&rset);
- FD_ZERO(&wset);
- FD_ZERO(&eset);
- FD_SET(udp_sock, &rset);
- FD_SET(tcp_sock, &rset);
- maxfd = udp_sock;
- if(tcp_sock > maxfd)
- maxfd = tcp_sock;
- if(select(maxfd+1, &rset, &wset, &eset, NULL) < 0) {
- error("select(): %s\n", strerror(errno));
- }
- if(FD_ISSET(udp_sock, &rset)) {
- handle_udp(udp_sock, entries, &count);
- }
- if(FD_ISSET(tcp_sock, &rset)) {
- handle_tcp(tcp_sock, entries, &count);
- }
- }
-}
-
-static void
-forkit(int number)
-{
- int i;
- for(i=0; i<number; i++)
- {
-#ifndef HAVE_FORK
-#ifndef USE_WINSOCK
- log_msg("fork() not available.\n");
- exit(1);
-#else /* USE_WINSOCK */
- DWORD tid;
- HANDLE id = CreateThread(NULL, 0,
- (LPTHREAD_START_ROUTINE)service, NULL,
- 0, &tid);
- if(id == NULL) {
- log_msg("error CreateThread: %d\n", GetLastError());
- return;
- }
- log_msg("thread id: %d\n", (int)tid);
-#endif /* USE_WINSOCK */
-#else /* HAVE_FORK */
- pid_t pid = fork();
- if(pid == -1) {
- log_msg("error forking: %s\n", strerror(errno));
- return;
- }
- if(pid == 0)
- return; /* child starts serving */
- log_msg("forked pid: %d\n", (int)pid);
-#endif /* HAVE_FORK */
- }
-}
-
-int
-main(int argc, char **argv)
-{
- /* arguments */
- int c;
- int port = DEFAULT_PORT;
- const char* datafile;
- int forknum = 0;
-
- /* network */
- int fam = AF_INET;
- bool random_port_success;
-
-#ifdef USE_WINSOCK
- WSADATA wsa_data;
-#endif
-
- /* parse arguments */
- srandom(time(NULL) ^ getpid());
- logfile = stdout;
- prog_name = argv[0];
- log_msg("%s: start\n", prog_name);
- while((c = getopt(argc, argv, "6f:p:rv")) != -1) {
- switch(c) {
- case '6':
-#ifdef AF_INET6
- fam = AF_INET6;
-#else
- log_msg("cannot -6: no IP6 available\n");
- exit(1);
-#endif
- break;
- case 'r':
- port = 0;
- break;
- case 'f':
- forknum = atoi(optarg);
- if(forknum < 1)
- error("invalid forkno %s, give number", optarg);
- break;
- case 'p':
- port = atoi(optarg);
- if (port < 1) {
- error("Invalid port %s, use a number.", optarg);
- }
- break;
- case 'v':
- do_verbose++;
- break;
- default:
- usage();
- break;
- }
- }
- argc -= optind;
- argv += optind;
-
- if(argc == 0 || argc > 1)
- usage();
-
- datafile = argv[0];
- log_msg("Reading datafile %s\n", datafile);
- entries = read_datafile(datafile);
-
-#ifdef USE_WINSOCK
- if(WSAStartup(MAKEWORD(2,2), &wsa_data) != 0)
- error("WSAStartup failed\n");
-#endif
-
- if((udp_sock = socket(fam, SOCK_DGRAM, 0)) < 0) {
- error("udp socket(): %s\n", strerror(errno));
- }
- if((tcp_sock = socket(fam, SOCK_STREAM, 0)) < 0) {
- error("tcp socket(): %s\n", strerror(errno));
- }
- c = 1;
- if(setsockopt(tcp_sock, SOL_SOCKET, SO_REUSEADDR, (void*)&c, (socklen_t) sizeof(int)) < 0) {
- error("setsockopt(SO_REUSEADDR): %s\n", strerror(errno));
- }
-
- /* bind ip4 */
- if (port > 0) {
- if (bind_port(udp_sock, port, fam)) {
- error("cannot bind(): %s\n", strerror(errno));
- }
- if (bind_port(tcp_sock, port, fam)) {
- error("cannot bind(): %s\n", strerror(errno));
- }
- if (listen(tcp_sock, CONN_BACKLOG) < 0) {
- error("listen(): %s\n", strerror(errno));
- }
- } else {
- random_port_success = false;
- while (!random_port_success) {
- port = (random() % 64510) + 1025;
- log_msg("trying to bind to port %d\n", port);
- random_port_success = true;
- if (bind_port(udp_sock, port, fam)) {
-#ifdef EADDRINUSE
- if (errno != EADDRINUSE) {
-#elif defined(USE_WINSOCK)
- if (WSAGetLastError() != WSAEADDRINUSE) {
-#else
- if (1) {
-#endif
- perror("bind()");
- return -1;
- } else {
- random_port_success = false;
- }
- }
- if (random_port_success) {
- if (bind_port(tcp_sock, port, fam)) {
-#ifdef EADDRINUSE
- if (errno != EADDRINUSE) {
-#elif defined(USE_WINSOCK)
- if (WSAGetLastError()!=WSAEADDRINUSE){
-#else
- if (1) {
-#endif
- perror("bind()");
- return -1;
- } else {
- random_port_success = false;
- }
- }
- }
- if (random_port_success) {
- if (listen(tcp_sock, CONN_BACKLOG) < 0) {
- error("listen(): %s\n", strerror(errno));
- }
- }
-
- }
- }
- log_msg("Listening on port %d\n", port);
-
- /* forky! */
- if(forknum > 0)
- forkit(forknum);
-
- service();
-
- return 0;
-}
+++ /dev/null
-/*
- * ldns-testpkts. Data file parse for test packets, and query matching.
- *
- * Data storage for specially crafted replies for testing purposes.
- *
- * (c) NLnet Labs, 2005, 2006, 2007, 2008
- * See the file LICENSE for the license
- */
-
-/**
- * \file
- * This is a debugging aid. It is not efficient, especially
- * with a long config file, but it can give any reply to any query.
- * This can help the developer pre-script replies for queries.
- *
- * You can specify a packet RR by RR with header flags to return.
- *
- * Missing features:
- * - matching content different from reply content.
- * - find way to adjust mangled packets?
- */
-
-#include "config.h"
-struct sockaddr_storage;
-#include <ldns/ldns.h>
-#include <errno.h>
-#include "ldns-testpkts.h"
-
-/** max line length */
-#define MAX_LINE 10240
-/** string to show in warnings and errors */
-static const char* prog_name = "ldns-testpkts";
-
-#ifndef UTIL_LOG_H
-/** verbosity definition for compat */
-enum verbosity_value { NO_VERBOSE=0 };
-#endif
-/** logging routine, provided by caller */
-void verbose(enum verbosity_value lvl, const char* msg, ...) ATTR_FORMAT(printf, 2, 3);
-
-/** print error and exit */
-static void error(const char* msg, ...)
-{
- va_list args;
- va_start(args, msg);
- fprintf(stderr, "%s error: ", prog_name);
- vfprintf(stderr, msg, args);
- fprintf(stderr, "\n");
- fflush(stderr);
- va_end(args);
- exit(EXIT_FAILURE);
-}
-
-/** return if string is empty or comment */
-static bool isendline(char c)
-{
- if(c == ';' || c == '#'
- || c == '\n' || c == 0)
- return true;
- return false;
-}
-
-/** true if the string starts with the keyword given. Moves the str ahead.
- * @param str: before keyword, afterwards after keyword and spaces.
- * @param keyword: the keyword to match
- * @return: true if keyword present. False otherwise, and str unchanged.
-*/
-static bool str_keyword(char** str, const char* keyword)
-{
- size_t len = strlen(keyword);
- assert(str && keyword);
- if(strncmp(*str, keyword, len) != 0)
- return false;
- *str += len;
- while(isspace((int)**str))
- (*str)++;
- return true;
-}
-
-/** Add reply packet to entry */
-static struct reply_packet*
-entry_add_reply(struct entry* entry)
-{
- struct reply_packet* pkt = (struct reply_packet*)malloc(
- sizeof(struct reply_packet));
- struct reply_packet ** p = &entry->reply_list;
- pkt->next = NULL;
- pkt->packet_sleep = 0;
- pkt->reply = ldns_pkt_new();
- pkt->reply_from_hex = NULL;
- /* link at end */
- while(*p)
- p = &((*p)->next);
- *p = pkt;
- return pkt;
-}
-
-/** parse MATCH line */
-static void matchline(char* line, struct entry* e)
-{
- char* parse = line;
- while(*parse) {
- if(isendline(*parse))
- return;
- if(str_keyword(&parse, "opcode")) {
- e->match_opcode = true;
- } else if(str_keyword(&parse, "qtype")) {
- e->match_qtype = true;
- } else if(str_keyword(&parse, "qname")) {
- e->match_qname = true;
- } else if(str_keyword(&parse, "subdomain")) {
- e->match_subdomain = true;
- } else if(str_keyword(&parse, "all")) {
- e->match_all = true;
- } else if(str_keyword(&parse, "ttl")) {
- e->match_ttl = true;
- } else if(str_keyword(&parse, "DO")) {
- e->match_do = true;
- } else if(str_keyword(&parse, "noedns")) {
- e->match_noedns = true;
- } else if(str_keyword(&parse, "UDP")) {
- e->match_transport = transport_udp;
- } else if(str_keyword(&parse, "TCP")) {
- e->match_transport = transport_tcp;
- } else if(str_keyword(&parse, "serial")) {
- e->match_serial = true;
- if(*parse != '=' && *parse != ':')
- error("expected = or : in MATCH: %s", line);
- parse++;
- e->ixfr_soa_serial = (uint32_t)strtol(parse, (char**)&parse, 10);
- while(isspace((int)*parse))
- parse++;
- } else {
- error("could not parse MATCH: '%s'", parse);
- }
- }
-}
-
-/** parse REPLY line */
-static void replyline(char* line, ldns_pkt *reply)
-{
- char* parse = line;
- while(*parse) {
- if(isendline(*parse))
- return;
- /* opcodes */
- if(str_keyword(&parse, "QUERY")) {
- ldns_pkt_set_opcode(reply, LDNS_PACKET_QUERY);
- } else if(str_keyword(&parse, "IQUERY")) {
- ldns_pkt_set_opcode(reply, LDNS_PACKET_IQUERY);
- } else if(str_keyword(&parse, "STATUS")) {
- ldns_pkt_set_opcode(reply, LDNS_PACKET_STATUS);
- } else if(str_keyword(&parse, "NOTIFY")) {
- ldns_pkt_set_opcode(reply, LDNS_PACKET_NOTIFY);
- } else if(str_keyword(&parse, "UPDATE")) {
- ldns_pkt_set_opcode(reply, LDNS_PACKET_UPDATE);
- /* rcodes */
- } else if(str_keyword(&parse, "NOERROR")) {
- ldns_pkt_set_rcode(reply, LDNS_RCODE_NOERROR);
- } else if(str_keyword(&parse, "FORMERR")) {
- ldns_pkt_set_rcode(reply, LDNS_RCODE_FORMERR);
- } else if(str_keyword(&parse, "SERVFAIL")) {
- ldns_pkt_set_rcode(reply, LDNS_RCODE_SERVFAIL);
- } else if(str_keyword(&parse, "NXDOMAIN")) {
- ldns_pkt_set_rcode(reply, LDNS_RCODE_NXDOMAIN);
- } else if(str_keyword(&parse, "NOTIMPL")) {
- ldns_pkt_set_rcode(reply, LDNS_RCODE_NOTIMPL);
- } else if(str_keyword(&parse, "REFUSED")) {
- ldns_pkt_set_rcode(reply, LDNS_RCODE_REFUSED);
- } else if(str_keyword(&parse, "YXDOMAIN")) {
- ldns_pkt_set_rcode(reply, LDNS_RCODE_YXDOMAIN);
- } else if(str_keyword(&parse, "YXRRSET")) {
- ldns_pkt_set_rcode(reply, LDNS_RCODE_YXRRSET);
- } else if(str_keyword(&parse, "NXRRSET")) {
- ldns_pkt_set_rcode(reply, LDNS_RCODE_NXRRSET);
- } else if(str_keyword(&parse, "NOTAUTH")) {
- ldns_pkt_set_rcode(reply, LDNS_RCODE_NOTAUTH);
- } else if(str_keyword(&parse, "NOTZONE")) {
- ldns_pkt_set_rcode(reply, LDNS_RCODE_NOTZONE);
- /* flags */
- } else if(str_keyword(&parse, "QR")) {
- ldns_pkt_set_qr(reply, true);
- } else if(str_keyword(&parse, "AA")) {
- ldns_pkt_set_aa(reply, true);
- } else if(str_keyword(&parse, "TC")) {
- ldns_pkt_set_tc(reply, true);
- } else if(str_keyword(&parse, "RD")) {
- ldns_pkt_set_rd(reply, true);
- } else if(str_keyword(&parse, "CD")) {
- ldns_pkt_set_cd(reply, true);
- } else if(str_keyword(&parse, "RA")) {
- ldns_pkt_set_ra(reply, true);
- } else if(str_keyword(&parse, "AD")) {
- ldns_pkt_set_ad(reply, true);
- } else if(str_keyword(&parse, "DO")) {
- ldns_pkt_set_edns_udp_size(reply, 4096);
- ldns_pkt_set_edns_do(reply, true);
- } else {
- error("could not parse REPLY: '%s'", parse);
- }
- }
-}
-
-/** parse ADJUST line */
-static void adjustline(char* line, struct entry* e,
- struct reply_packet* pkt)
-{
- char* parse = line;
- while(*parse) {
- if(isendline(*parse))
- return;
- if(str_keyword(&parse, "copy_id")) {
- e->copy_id = true;
- } else if(str_keyword(&parse, "copy_query")) {
- e->copy_query = true;
- } else if(str_keyword(&parse, "sleep=")) {
- e->sleeptime = (unsigned int) strtol(parse, (char**)&parse, 10);
- while(isspace((int)*parse))
- parse++;
- } else if(str_keyword(&parse, "packet_sleep=")) {
- pkt->packet_sleep = (unsigned int) strtol(parse, (char**)&parse, 10);
- while(isspace((int)*parse))
- parse++;
- } else {
- error("could not parse ADJUST: '%s'", parse);
- }
- }
-}
-
-/** create new entry */
-static struct entry* new_entry()
-{
- struct entry* e = LDNS_MALLOC(struct entry);
- memset(e, 0, sizeof(e));
- e->match_opcode = false;
- e->match_qtype = false;
- e->match_qname = false;
- e->match_subdomain = false;
- e->match_all = false;
- e->match_ttl = false;
- e->match_do = false;
- e->match_noedns = false;
- e->match_serial = false;
- e->ixfr_soa_serial = 0;
- e->match_transport = transport_any;
- e->reply_list = NULL;
- e->copy_id = false;
- e->copy_query = false;
- e->sleeptime = 0;
- e->next = NULL;
- return e;
-}
-
-/**
- * Converts a hex string to binary data
- * @param hexstr: string of hex.
- * @param len: is the length of the string
- * @param buf: is the buffer to store the result in
- * @param offset: is the starting position in the result buffer
- * @param buf_len: is the length of buf.
- * @return This function returns the length of the result
- */
-static size_t
-hexstr2bin(char *hexstr, int len, uint8_t *buf, size_t offset, size_t buf_len)
-{
- char c;
- int i;
- uint8_t int8 = 0;
- int sec = 0;
- size_t bufpos = 0;
-
- if (len % 2 != 0) {
- return 0;
- }
-
- for (i=0; i<len; i++) {
- c = hexstr[i];
-
- /* case insensitive, skip spaces */
- if (c != ' ') {
- if (c >= '0' && c <= '9') {
- int8 += c & 0x0f;
- } else if (c >= 'a' && c <= 'z') {
- int8 += (c & 0x0f) + 9;
- } else if (c >= 'A' && c <= 'Z') {
- int8 += (c & 0x0f) + 9;
- } else {
- return 0;
- }
-
- if (sec == 0) {
- int8 = int8 << 4;
- sec = 1;
- } else {
- if (bufpos + offset + 1 <= buf_len) {
- buf[bufpos+offset] = int8;
- int8 = 0;
- sec = 0;
- bufpos++;
- } else {
- fprintf(stderr, "Buffer too small in hexstr2bin");
- }
- }
- }
- }
- return bufpos;
-}
-
-/** convert hex buffer to binary buffer */
-static ldns_buffer *
-data_buffer2wire(ldns_buffer *data_buffer)
-{
- ldns_buffer *wire_buffer = NULL;
- int c;
-
- /* stat hack
- * 0 = normal
- * 1 = comment (skip to end of line)
- * 2 = unprintable character found, read binary data directly
- */
- size_t data_buf_pos = 0;
- int state = 0;
- uint8_t *hexbuf;
- int hexbufpos = 0;
- size_t wirelen;
- uint8_t *data_wire = (uint8_t *) ldns_buffer_export(data_buffer);
- uint8_t *wire = LDNS_XMALLOC(uint8_t, LDNS_MAX_PACKETLEN);
-
- hexbuf = LDNS_XMALLOC(uint8_t, LDNS_MAX_PACKETLEN);
- for (data_buf_pos = 0; data_buf_pos < ldns_buffer_position(data_buffer); data_buf_pos++) {
- c = (int) data_wire[data_buf_pos];
-
- if (state < 2 && !isascii(c)) {
- /*verbose("non ascii character found in file: (%d) switching to raw mode\n", c);*/
- state = 2;
- }
- switch (state) {
- case 0:
- if ( (c >= '0' && c <= '9') ||
- (c >= 'a' && c <= 'f') ||
- (c >= 'A' && c <= 'F') )
- {
- hexbuf[hexbufpos] = (uint8_t) c;
- hexbufpos++;
- } else if (c == ';') {
- state = 1;
- } else if (c == ' ' || c == '\t' || c == '\n') {
- /* skip whitespace */
- }
- break;
- case 1:
- if (c == '\n' || c == EOF) {
- state = 0;
- }
- break;
- case 2:
- hexbuf[hexbufpos] = (uint8_t) c;
- hexbufpos++;
- break;
- default:
- error("unknown state while reading");
- LDNS_FREE(hexbuf);
- return 0;
- break;
- }
- }
-
- if (hexbufpos >= LDNS_MAX_PACKETLEN) {
- /*verbose("packet size reached\n");*/
- }
-
- /* lenient mode: length must be multiple of 2 */
- if (hexbufpos % 2 != 0) {
- hexbuf[hexbufpos] = (uint8_t) '0';
- hexbufpos++;
- }
-
- if (state < 2) {
- wirelen = hexstr2bin((char *) hexbuf, hexbufpos, wire, 0, LDNS_MAX_PACKETLEN);
- wire_buffer = ldns_buffer_new(wirelen);
- ldns_buffer_new_frm_data(wire_buffer, wire, wirelen);
- } else {
- error("Incomplete hex data, not at byte boundary\n");
- }
- LDNS_FREE(wire);
- LDNS_FREE(hexbuf);
- return wire_buffer;
-}
-
-/** parse ORIGIN */
-static void
-get_origin(const char* name, int lineno, ldns_rdf** origin, char* parse)
-{
- /* snip off rest of the text so as to make the parse work in ldns */
- char* end;
- char store;
- ldns_status status;
-
- ldns_rdf_free(*origin);
- *origin = NULL;
-
- end=parse;
- while(!isspace((int)*end) && !isendline(*end))
- end++;
- store = *end;
- *end = 0;
- verbose(3, "parsing '%s'\n", parse);
- status = ldns_str2rdf_dname(origin, parse);
- *end = store;
- if (status != LDNS_STATUS_OK)
- error("%s line %d:\n\t%s: %s", name, lineno,
- ldns_get_errorstr_by_id(status), parse);
-}
-
-/* Reads one entry from file. Returns entry or NULL on error. */
-struct entry*
-read_entry(FILE* in, const char* name, int *lineno, uint32_t* default_ttl,
- ldns_rdf** origin, ldns_rdf** prev_rr)
-{
- struct entry* current = NULL;
- char line[MAX_LINE];
- char* parse;
- ldns_pkt_section add_section = LDNS_SECTION_QUESTION;
- struct reply_packet *cur_reply = NULL;
- bool reading_hex = false;
- ldns_buffer* hex_data_buffer = NULL;
-
- while(fgets(line, (int)sizeof(line), in) != NULL) {
- line[MAX_LINE-1] = 0;
- parse = line;
- (*lineno) ++;
-
- while(isspace((int)*parse))
- parse++;
- /* test for keywords */
- if(isendline(*parse))
- continue; /* skip comment and empty lines */
- if(str_keyword(&parse, "ENTRY_BEGIN")) {
- if(current) {
- error("%s line %d: previous entry does not ENTRY_END",
- name, *lineno);
- }
- current = new_entry();
- current->lineno = *lineno;
- cur_reply = entry_add_reply(current);
- continue;
- } else if(str_keyword(&parse, "$ORIGIN")) {
- get_origin(name, *lineno, origin, parse);
- continue;
- } else if(str_keyword(&parse, "$TTL")) {
- *default_ttl = (uint32_t)atoi(parse);
- continue;
- }
-
- /* working inside an entry */
- if(!current) {
- error("%s line %d: expected ENTRY_BEGIN but got %s",
- name, *lineno, line);
- }
- if(str_keyword(&parse, "MATCH")) {
- matchline(parse, current);
- } else if(str_keyword(&parse, "REPLY")) {
- replyline(parse, cur_reply->reply);
- } else if(str_keyword(&parse, "ADJUST")) {
- adjustline(parse, current, cur_reply);
- } else if(str_keyword(&parse, "EXTRA_PACKET")) {
- cur_reply = entry_add_reply(current);
- } else if(str_keyword(&parse, "SECTION")) {
- if(str_keyword(&parse, "QUESTION"))
- add_section = LDNS_SECTION_QUESTION;
- else if(str_keyword(&parse, "ANSWER"))
- add_section = LDNS_SECTION_ANSWER;
- else if(str_keyword(&parse, "AUTHORITY"))
- add_section = LDNS_SECTION_AUTHORITY;
- else if(str_keyword(&parse, "ADDITIONAL"))
- add_section = LDNS_SECTION_ADDITIONAL;
- else error("%s line %d: bad section %s", name, *lineno, parse);
- } else if(str_keyword(&parse, "HEX_ANSWER_BEGIN")) {
- hex_data_buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN);
- reading_hex = true;
- } else if(str_keyword(&parse, "HEX_ANSWER_END")) {
- if (!reading_hex) {
- error("%s line %d: HEX_ANSWER_END read but no HEX_ANSWER_BEGIN keyword seen", name, *lineno);
- }
- reading_hex = false;
- cur_reply->reply_from_hex = data_buffer2wire(hex_data_buffer);
- ldns_buffer_free(hex_data_buffer);
- } else if(str_keyword(&parse, "ENTRY_END")) {
- return current;
- } else if(reading_hex) {
- ldns_buffer_printf(hex_data_buffer, line);
- } else {
- /* it must be a RR, parse and add to packet. */
- ldns_rr* n = NULL;
- ldns_status status;
- if(add_section == LDNS_SECTION_QUESTION)
- status = ldns_rr_new_question_frm_str(
- &n, parse, *origin, prev_rr);
- else status = ldns_rr_new_frm_str(&n, parse,
- *default_ttl, *origin, prev_rr);
- if(status != LDNS_STATUS_OK)
- error("%s line %d:\n\t%s: %s", name, *lineno,
- ldns_get_errorstr_by_id(status), parse);
- ldns_pkt_push_rr(cur_reply->reply, add_section, n);
- }
-
- }
- if (reading_hex) {
- error("%s: End of file reached while still reading hex, "
- "missing HEX_ANSWER_END\n", name);
- }
- if(current) {
- error("%s: End of file reached while reading entry. "
- "missing ENTRY_END\n", name);
- }
- return 0;
-}
-
-/* reads the canned reply file and returns a list of structs */
-struct entry*
-read_datafile(const char* name)
-{
- struct entry* list = NULL;
- struct entry* last = NULL;
- struct entry* current = NULL;
- FILE *in;
- int lineno = 0;
- uint32_t default_ttl = 0;
- ldns_rdf* origin = NULL;
- ldns_rdf* prev_rr = NULL;
- int entry_num = 0;
-
- if((in=fopen(name, "r")) == NULL) {
- error("could not open file %s: %s", name, strerror(errno));
- }
-
- while((current = read_entry(in, name, &lineno, &default_ttl,
- &origin, &prev_rr)))
- {
- if(last)
- last->next = current;
- else list = current;
- last = current;
- entry_num ++;
- }
- verbose(1, "%s: Read %d entries\n", prog_name, entry_num);
-
- fclose(in);
- ldns_rdf_deep_free(origin);
- ldns_rdf_deep_free(prev_rr);
- return list;
-}
-
-/** get qtype from rr */
-static ldns_rr_type get_qtype(ldns_pkt* p)
-{
- if(!ldns_rr_list_rr(ldns_pkt_question(p), 0))
- return 0;
- return ldns_rr_get_type(ldns_rr_list_rr(ldns_pkt_question(p), 0));
-}
-
-/** returns owner from rr */
-static ldns_rdf* get_owner(ldns_pkt* p)
-{
- if(!ldns_rr_list_rr(ldns_pkt_question(p), 0))
- return NULL;
- return ldns_rr_owner(ldns_rr_list_rr(ldns_pkt_question(p), 0));
-}
-
-/** get authority section SOA serial value */
-static uint32_t get_serial(ldns_pkt* p)
-{
- ldns_rr *rr = ldns_rr_list_rr(ldns_pkt_authority(p), 0);
- ldns_rdf *rdf;
- uint32_t val;
- if(!rr) return 0;
- rdf = ldns_rr_rdf(rr, 2);
- if(!rdf) return 0;
- val = ldns_rdf2native_int32(rdf);
- verbose(3, "found serial %u in msg. ", (int)val);
- return val;
-}
-
-/** match two rr lists */
-static int
-match_list(ldns_rr_list* q, ldns_rr_list *p, bool mttl)
-{
- size_t i;
- if(ldns_rr_list_rr_count(q) != ldns_rr_list_rr_count(p))
- return 0;
- for(i=0; i<ldns_rr_list_rr_count(q); i++)
- {
- if(ldns_rr_compare(ldns_rr_list_rr(q, i),
- ldns_rr_list_rr(p, i)) != 0) {
- verbose(3, "rr %d different", (int)i);
- return 0;
- }
- if(mttl && ldns_rr_ttl(ldns_rr_list_rr(q, i)) !=
- ldns_rr_ttl(ldns_rr_list_rr(p, i))) {
- verbose(3, "rr %d ttl different", (int)i);
- return 0;
- }
- }
- return 1;
-}
-
-/** compare two booleans */
-static int
-cmp_bool(int x, int y)
-{
- if(!x && !y) return 0;
- if(x && y) return 0;
- if(!x) return -1;
- return 1;
-}
-
-/** match all of the packet */
-static int
-match_all(ldns_pkt* q, ldns_pkt* p, bool mttl)
-{
- if(ldns_pkt_get_opcode(q) != ldns_pkt_get_opcode(p))
- { verbose(3, "allmatch: opcode different"); return 0;}
- if(ldns_pkt_get_rcode(q) != ldns_pkt_get_rcode(p))
- { verbose(3, "allmatch: rcode different"); return 0;}
- if(ldns_pkt_id(q) != ldns_pkt_id(p))
- { verbose(3, "allmatch: id different"); return 0;}
- if(cmp_bool(ldns_pkt_qr(q), ldns_pkt_qr(p)) != 0)
- { verbose(3, "allmatch: qr different"); return 0;}
- if(cmp_bool(ldns_pkt_aa(q), ldns_pkt_aa(p)) != 0)
- { verbose(3, "allmatch: aa different"); return 0;}
- if(cmp_bool(ldns_pkt_tc(q), ldns_pkt_tc(p)) != 0)
- { verbose(3, "allmatch: tc different"); return 0;}
- if(cmp_bool(ldns_pkt_rd(q), ldns_pkt_rd(p)) != 0)
- { verbose(3, "allmatch: rd different"); return 0;}
- if(cmp_bool(ldns_pkt_cd(q), ldns_pkt_cd(p)) != 0)
- { verbose(3, "allmatch: cd different"); return 0;}
- if(cmp_bool(ldns_pkt_ra(q), ldns_pkt_ra(p)) != 0)
- { verbose(3, "allmatch: ra different"); return 0;}
- if(cmp_bool(ldns_pkt_ad(q), ldns_pkt_ad(p)) != 0)
- { verbose(3, "allmatch: ad different"); return 0;}
- if(ldns_pkt_qdcount(q) != ldns_pkt_qdcount(p))
- { verbose(3, "allmatch: qdcount different"); return 0;}
- if(ldns_pkt_ancount(q) != ldns_pkt_ancount(p))
- { verbose(3, "allmatch: ancount different"); return 0;}
- if(ldns_pkt_nscount(q) != ldns_pkt_nscount(p))
- { verbose(3, "allmatch: nscount different"); return 0;}
- if(ldns_pkt_arcount(q) != ldns_pkt_arcount(p))
- { verbose(3, "allmatch: arcount different"); return 0;}
- if(!match_list(ldns_pkt_question(q), ldns_pkt_question(p), 0))
- { verbose(3, "allmatch: qd section different"); return 0;}
- if(!match_list(ldns_pkt_answer(q), ldns_pkt_answer(p), mttl))
- { verbose(3, "allmatch: an section different"); return 0;}
- if(!match_list(ldns_pkt_authority(q), ldns_pkt_authority(p), mttl))
- { verbose(3, "allmatch: ar section different"); return 0;}
- if(!match_list(ldns_pkt_additional(q), ldns_pkt_additional(p), mttl))
- { verbose(3, "allmatch: ns section different"); return 0;}
- return 1;
-}
-
-/* finds entry in list, or returns NULL */
-struct entry*
-find_match(struct entry* entries, ldns_pkt* query_pkt,
- enum transport_type transport)
-{
- struct entry* p = entries;
- ldns_pkt* reply = NULL;
- for(p=entries; p; p=p->next) {
- verbose(3, "comparepkt: ");
- reply = p->reply_list->reply;
- if(p->match_opcode && ldns_pkt_get_opcode(query_pkt) !=
- ldns_pkt_get_opcode(reply)) {
- verbose(3, "bad opcode\n");
- continue;
- }
- if(p->match_qtype && get_qtype(query_pkt) != get_qtype(reply)) {
- verbose(3, "bad qtype\n");
- continue;
- }
- if(p->match_qname) {
- if(!get_owner(query_pkt) || !get_owner(reply) ||
- ldns_dname_compare(
- get_owner(query_pkt), get_owner(reply)) != 0) {
- verbose(3, "bad qname\n");
- continue;
- }
- }
- if(p->match_subdomain) {
- if(!get_owner(query_pkt) || !get_owner(reply) ||
- (ldns_dname_compare(get_owner(query_pkt),
- get_owner(reply)) != 0 &&
- !ldns_dname_is_subdomain(
- get_owner(query_pkt), get_owner(reply))))
- {
- verbose(3, "bad subdomain\n");
- continue;
- }
- }
- if(p->match_serial && get_serial(query_pkt) != p->ixfr_soa_serial) {
- verbose(3, "bad serial\n");
- continue;
- }
- if(p->match_do && !ldns_pkt_edns_do(query_pkt)) {
- verbose(3, "no DO bit set\n");
- continue;
- }
- if(p->match_noedns && ldns_pkt_edns(query_pkt)) {
- verbose(3, "bad; EDNS OPT present\n");
- continue;
- }
- if(p->match_transport != transport_any && p->match_transport != transport) {
- verbose(3, "bad transport\n");
- continue;
- }
- if(p->match_all && !match_all(query_pkt, reply, p->match_ttl)) {
- verbose(3, "bad allmatch\n");
- continue;
- }
- verbose(3, "match!\n");
- return p;
- }
- return NULL;
-}
-
-void
-adjust_packet(struct entry* match, ldns_pkt* answer_pkt, ldns_pkt* query_pkt)
-{
- /* copy & adjust packet */
- if(match->copy_id)
- ldns_pkt_set_id(answer_pkt, ldns_pkt_id(query_pkt));
- if(match->copy_query) {
- ldns_rr_list* list = ldns_pkt_get_section_clone(query_pkt,
- LDNS_SECTION_QUESTION);
- ldns_rr_list_deep_free(ldns_pkt_question(answer_pkt));
- ldns_pkt_set_question(answer_pkt, list);
- }
- if(match->sleeptime > 0) {
- verbose(3, "sleeping for %d seconds\n", match->sleeptime);
-#ifdef HAVE_SLEEP
- sleep(match->sleeptime);
-#else
- Sleep(match->sleeptime * 1000);
-#endif
- }
-}
-
-/*
- * Parses data buffer to a query, finds the correct answer
- * and calls the given function for every packet to send.
- */
-void
-handle_query(uint8_t* inbuf, ssize_t inlen, struct entry* entries, int* count,
- enum transport_type transport, void (*sendfunc)(uint8_t*, size_t, void*),
- void* userdata, FILE* verbose_out)
-{
- ldns_status status;
- ldns_pkt *query_pkt = NULL;
- ldns_pkt *answer_pkt = NULL;
- struct reply_packet *p;
- ldns_rr *query_rr = NULL;
- uint8_t *outbuf = NULL;
- size_t answer_size = 0;
- struct entry* entry = NULL;
- ldns_rdf *stop_command = ldns_dname_new_frm_str("server.stop.");
-
- status = ldns_wire2pkt(&query_pkt, inbuf, (size_t)inlen);
- if (status != LDNS_STATUS_OK) {
- verbose(1, "Got bad packet: %s\n", ldns_get_errorstr_by_id(status));
- ldns_rdf_free(stop_command);
- return;
- }
-
- query_rr = ldns_rr_list_rr(ldns_pkt_question(query_pkt), 0);
- verbose(1, "query %d: id %d: %s %d bytes: ", ++(*count), (int)ldns_pkt_id(query_pkt),
- (transport==transport_tcp)?"TCP":"UDP", (int)inlen);
- if(verbose_out) ldns_rr_print(verbose_out, query_rr);
- if(verbose_out) ldns_pkt_print(verbose_out, query_pkt);
-
- if (ldns_rr_get_type(query_rr) == LDNS_RR_TYPE_TXT &&
- ldns_rr_get_class(query_rr) == LDNS_RR_CLASS_CH &&
- ldns_dname_compare(ldns_rr_owner(query_rr), stop_command) == 0) {
- exit(0);
- }
-
- /* fill up answer packet */
- entry = find_match(entries, query_pkt, transport);
- if(!entry || !entry->reply_list) {
- verbose(1, "no answer packet for this query, no reply.\n");
- ldns_pkt_free(query_pkt);
- ldns_rdf_free(stop_command);
- return;
- }
- for(p = entry->reply_list; p; p = p->next)
- {
- verbose(3, "Answer pkt:\n");
- if (p->reply_from_hex) {
- /* try to parse the hex packet, if it can be
- * parsed, we can use adjust rules. if not,
- * send packet literally */
- status = ldns_buffer2pkt_wire(&answer_pkt, p->reply_from_hex);
- if (status == LDNS_STATUS_OK) {
- adjust_packet(entry, answer_pkt, query_pkt);
- if(verbose_out) ldns_pkt_print(verbose_out, answer_pkt);
- status = ldns_pkt2wire(&outbuf, answer_pkt, &answer_size);
- verbose(2, "Answer packet size: %u bytes.\n", (unsigned int)answer_size);
- if (status != LDNS_STATUS_OK) {
- verbose(1, "Error creating answer: %s\n", ldns_get_errorstr_by_id(status));
- ldns_pkt_free(query_pkt);
- ldns_rdf_free(stop_command);
- return;
- }
- ldns_pkt_free(answer_pkt);
- answer_pkt = NULL;
- } else {
- verbose(3, "Could not parse hex data (%s), sending hex data directly.\n", ldns_get_errorstr_by_id(status));
- /* still try to adjust ID */
- answer_size = ldns_buffer_capacity(p->reply_from_hex);
- outbuf = LDNS_XMALLOC(uint8_t, answer_size);
- memcpy(outbuf, ldns_buffer_export(p->reply_from_hex), answer_size);
- if(entry->copy_id) {
- ldns_write_uint16(outbuf,
- ldns_pkt_id(query_pkt));
- }
- }
- } else {
- answer_pkt = ldns_pkt_clone(p->reply);
- adjust_packet(entry, answer_pkt, query_pkt);
- if(verbose_out) ldns_pkt_print(verbose_out, answer_pkt);
- status = ldns_pkt2wire(&outbuf, answer_pkt, &answer_size);
- verbose(1, "Answer packet size: %u bytes.\n", (unsigned int)answer_size);
- if (status != LDNS_STATUS_OK) {
- verbose(1, "Error creating answer: %s\n", ldns_get_errorstr_by_id(status));
- ldns_pkt_free(query_pkt);
- ldns_rdf_free(stop_command);
- return;
- }
- ldns_pkt_free(answer_pkt);
- answer_pkt = NULL;
- }
- if(p->packet_sleep) {
- verbose(3, "sleeping for next packet %d secs\n",
- p->packet_sleep);
-#ifdef HAVE_SLEEP
- sleep(p->packet_sleep);
-#else
- Sleep(p->packet_sleep * 1000);
-#endif
- verbose(3, "wakeup for next packet "
- "(slept %d secs)\n", p->packet_sleep);
- }
- sendfunc(outbuf, answer_size, userdata);
- LDNS_FREE(outbuf);
- outbuf = NULL;
- answer_size = 0;
- }
- ldns_pkt_free(query_pkt);
- ldns_rdf_free(stop_command);
-}
-
-/** delete the list of reply packets */
-void delete_replylist(struct reply_packet* replist)
-{
- struct reply_packet *p=replist, *np;
- while(p) {
- np = p->next;
- ldns_pkt_free(p->reply);
- ldns_buffer_free(p->reply_from_hex);
- free(p);
- p=np;
- }
-}
-
-void delete_entry(struct entry* list)
-{
- struct entry *p=list, *np;
- while(p) {
- np = p->next;
- delete_replylist(p->reply_list);
- free(p);
- p = np;
- }
-}
+++ /dev/null
-/*
- * ldns-testpkts. Data file parse for test packets, and query matching.
- *
- * Data storage for specially crafted replies for testing purposes.
- *
- * (c) NLnet Labs, 2005, 2006, 2007
- * See the file LICENSE for the license
- */
-
-#ifndef LDNS_TESTPKTS_H
-#define LDNS_TESTPKTS_H
-
-/**
- * \file
- *
- * This is a debugging aid. It is not efficient, especially
- * with a long config file, but it can give any reply to any query.
- * This can help the developer pre-script replies for queries.
- *
- * You can specify a packet RR by RR with header flags to return.
- *
- * Missing features:
- * - matching content different from reply content.
- * - find way to adjust mangled packets?
- *
- */
-
- /*
- The data file format is as follows:
-
- ; comment.
- ; a number of entries, these are processed first to last.
- ; a line based format.
-
- $ORIGIN origin
- $TTL default_ttl
-
- ENTRY_BEGIN
- ; first give MATCH lines, that say what queries are matched
- ; by this entry.
- ; 'opcode' makes the query match the opcode from the reply
- ; if you leave it out, any opcode matches this entry.
- ; 'qtype' makes the query match the qtype from the reply
- ; 'qname' makes the query match the qname from the reply
- ; 'subdomain' makes the query match subdomains of qname from the reply
- ; 'serial=1023' makes the query match if ixfr serial is 1023.
- ; 'all' has to match header byte for byte and all rrs in packet.
- ; 'ttl' used with all, rrs in packet must also have matching TTLs.
- ; 'DO' will match only queries with DO bit set.
- ; 'noedns' matches queries without EDNS OPT records.
- MATCH [opcode] [qtype] [qname] [serial=<value>] [all] [ttl]
- MATCH [UDP|TCP] DO
- MATCH ...
- ; Then the REPLY header is specified.
- REPLY opcode, rcode or flags.
- (opcode) QUERY IQUERY STATUS NOTIFY UPDATE
- (rcode) NOERROR FORMERR SERVFAIL NXDOMAIN NOTIMPL YXDOMAIN
- YXRRSET NXRRSET NOTAUTH NOTZONE
- (flags) QR AA TC RD CD RA AD DO
- REPLY ...
- ; any additional actions to do.
- ; 'copy_id' copies the ID from the query to the answer.
- ADJUST copy_id
- ; 'copy_query' copies the query name, type and class to the answer.
- ADJUST copy_query
- ; 'sleep=10' sleeps for 10 seconds before giving the answer (TCP is open)
- ADJUST [sleep=<num>] ; sleep before giving any reply
- ADJUST [packet_sleep=<num>] ; sleep before this packet in sequence
- SECTION QUESTION
- <RRs, one per line> ; the RRcount is determined automatically.
- SECTION ANSWER
- <RRs, one per line>
- SECTION AUTHORITY
- <RRs, one per line>
- SECTION ADDITIONAL
- <RRs, one per line>
- EXTRA_PACKET ; follow with SECTION, REPLY for more packets.
- HEX_ANSWER_BEGIN ; follow with hex data
- ; this replaces any answer packet constructed
- ; with the SECTION keywords (only SECTION QUERY
- ; is used to match queries). If the data cannot
- ; be parsed, ADJUST rules for the answer packet
- ; are ignored. Only copy_id is done.
- HEX_ANSWER_END
- ENTRY_END
-
-
- Example data file:
-$ORIGIN nlnetlabs.nl
-$TTL 3600
-
-ENTRY_BEGIN
-MATCH qname
-REPLY NOERROR
-ADJUST copy_id
-SECTION QUESTION
-www.nlnetlabs.nl. IN A
-SECTION ANSWER
-www.nlnetlabs.nl. IN A 195.169.215.155
-SECTION AUTHORITY
-nlnetlabs.nl. IN NS www.nlnetlabs.nl.
-ENTRY_END
-
-ENTRY_BEGIN
-MATCH qname
-REPLY NOERROR
-ADJUST copy_id
-SECTION QUESTION
-www2.nlnetlabs.nl. IN A
-HEX_ANSWER_BEGIN
-; 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
-;-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
- 00 bf 81 80 00 01 00 01 00 02 00 02 03 77 77 77 0b 6b 61 6e ; 1- 20
- 61 72 69 65 70 69 65 74 03 63 6f 6d 00 00 01 00 01 03 77 77 ; 21- 40
- 77 0b 6b 61 6e 61 72 69 65 70 69 65 74 03 63 6f 6d 00 00 01 ; 41- 60
- 00 01 00 01 50 8b 00 04 52 5e ed 32 0b 6b 61 6e 61 72 69 65 ; 61- 80
- 70 69 65 74 03 63 6f 6d 00 00 02 00 01 00 01 50 8b 00 11 03 ; 81- 100
- 6e 73 31 08 68 65 78 6f 6e 2d 69 73 02 6e 6c 00 0b 6b 61 6e ; 101- 120
- 61 72 69 65 70 69 65 74 03 63 6f 6d 00 00 02 00 01 00 01 50 ; 121- 140
- 8b 00 11 03 6e 73 32 08 68 65 78 6f 6e 2d 69 73 02 6e 6c 00 ; 141- 160
- 03 6e 73 31 08 68 65 78 6f 6e 2d 69 73 02 6e 6c 00 00 01 00 ; 161- 180
- 01 00 00 46 53 00 04 52 5e ed 02 03 6e 73 32 08 68 65 78 6f ; 181- 200
- 6e 2d 69 73 02 6e 6c 00 00 01 00 01 00 00 46 53 00 04 d4 cc ; 201- 220
- db 5b
-HEX_ANSWER_END
-ENTRY_END
-
-
-
- note that this file will link with your
- void verbose(int level, char* format, ...); output function.
-*/
-
-#include <ldns/ldns.h>
-
-/** Type of transport, since some entries match based on UDP or TCP of query */
-enum transport_type {transport_any = 0, transport_udp, transport_tcp };
-
-/** struct to keep a linked list of reply packets for a query */
-struct reply_packet {
- /** next in list of reply packets, for TCP multiple pkts on wire */
- struct reply_packet* next;
- /** the reply pkt */
- ldns_pkt* reply;
- /** or reply pkt in hex if not parsable */
- ldns_buffer* reply_from_hex;
- /** seconds to sleep before giving packet */
- unsigned int packet_sleep;
-};
-
-/** data structure to keep the canned queries in.
- format is the 'matching query' and the 'canned answer' */
-struct entry {
- /* match */
- /* How to match an incoming query with this canned reply */
- /** match query opcode with answer opcode */
- bool match_opcode;
- /** match qtype with answer qtype */
- bool match_qtype;
- /** match qname with answer qname */
- bool match_qname;
- /** match qname as subdomain of answer qname */
- bool match_subdomain;
- /** match SOA serial number, from auth section */
- bool match_serial;
- /** match all of the packet */
- bool match_all;
- /** match ttls in the packet */
- bool match_ttl;
- /** match DO bit */
- bool match_do;
- /** match absence of EDNS OPT record in query */
- bool match_noedns;
- /** match query serial with this value. */
- uint32_t ixfr_soa_serial;
- /** match on UDP/TCP */
- enum transport_type match_transport;
-
- /** pre canned reply */
- struct reply_packet *reply_list;
-
- /** how to adjust the reply packet */
- /** copy over the ID from the query into the answer */
- bool copy_id;
- /** copy the query nametypeclass from query into the answer */
- bool copy_query;
- /** in seconds */
- unsigned int sleeptime;
-
- /** some number that names this entry, line number in file or so */
- int lineno;
-
- /** next in list */
- struct entry* next;
-};
-
-/**
- * reads the canned reply file and returns a list of structs
- * does an exit on error.
- */
-struct entry* read_datafile(const char* name);
-
-/**
- * Delete linked list of entries.
- */
-void delete_entry(struct entry* list);
-
-/**
- * Read one entry from the data file.
- * @param in: file to read from. Filepos must be at the start of a new line.
- * @param name: name of the file for prettier errors.
- * @param lineno: line number in file, incremented as lines are read.
- * for prettier errors.
- * @param default_ttl: on first call set to default TTL for entries,
- * later it stores the $TTL value last seen. Try 3600 first call.
- * @param origin: domain name for origin appending. Can be &NULL on first call.
- * later it stores the $ORIGIN value last seen. Often &NULL or the zone
- * name on first call.
- * @param prev_rr: previous rr name for correcter parsing. &NULL on first call.
- * @return: The entry read (malloced) or NULL if no entry could be read.
- */
-struct entry* read_entry(FILE* in, const char* name, int *lineno,
- uint32_t* default_ttl, ldns_rdf** origin, ldns_rdf** prev_rr);
-
-/**
- * finds entry in list, or returns NULL.
- */
-struct entry* find_match(struct entry* entries, ldns_pkt* query_pkt,
- enum transport_type transport);
-
-/**
- * copy & adjust packet
- */
-void adjust_packet(struct entry* match, ldns_pkt* answer_pkt,
- ldns_pkt* query_pkt);
-
-/**
- * Parses data buffer to a query, finds the correct answer
- * and calls the given function for every packet to send.
- * if verbose_out filename is given, packets are dumped there.
- * @param inbuf: the packet that came in
- * @param inlen: length of packet.
- * @param entries: entries read in from datafile.
- * @param count: is increased to count number of queries answered.
- * @param transport: set to UDP or TCP to match some types of entries.
- * @param sendfunc: called to send answer (buffer, size, userarg).
- * @param userdata: userarg to give to sendfunc.
- * @param verbose_out: if not NULL, verbose messages are printed there.
- */
-void handle_query(uint8_t* inbuf, ssize_t inlen, struct entry* entries,
- int* count, enum transport_type transport,
- void (*sendfunc)(uint8_t*, size_t, void*), void* userdata,
- FILE* verbose_out);
-
-#endif /* LDNS_TESTPKTS_H */
+++ /dev/null
-.TH ldns-update 1 "30 May 2005"
-.SH NAME
-ldns-update \- send a dynamic update packet
-.SH SYNOPSIS
-.B ldns-update
-[
-.IR zone
-]
-.IR ip
-[
-.IR tsig_name
-.IR tsig_als
-.IR tsig_hmac
-]
-
-.SH DESCRIPTION
-\fBldns-update\fR is used to send a dynamic update packet.
-
-.SH OPTIONS
-.TP
-\fBzone\fR
-Use this zone instead of trying to read it from the zonefile's SOA record.
-
-.TP
-\fBip\fR
-Send the update to this IP address
-
-.TP
-\fBtsig_name tsig_alg tsig_hmac\fR
-Use TSIG (rfc2845) to authenticate.
-
-.SH EXAMPLE
-ldns-update my.example.org 1.2.3.4
-
-.SH AUTHOR
-Written by Jakob Schlyter and Håkan Olsson, as an addition to the ldns library from NLnet Labs.
-
-.SH REPORTING BUGS
-Report bugs to <ldns-team@nlnetlabs.nl>.
-
-.SH COPYRIGHT
-Copyright (C) 2005 NLnet Labs. This is free software. There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
-PURPOSE.
+++ /dev/null
-/* $Id: ldns-update.c,v 1.1 2005/09/13 09:37:05 ho Exp $ */
-/*
- * Example of the update functionality
- *
- * See the file LICENSE for the license
- */
-
-
-#include "config.h"
-
-#include <strings.h>
-#include <ldns/ldns.h>
-
-/* dynamic update stuff */
-static ldns_resolver *
-ldns_update_resolver_new(const char *fqdn, const char *zone,
- ldns_rr_class class, uint16_t port, ldns_tsig_credentials *tsig_cred, ldns_rdf **zone_rdf)
-{
- ldns_resolver *r1, *r2;
- ldns_pkt *query = NULL, *resp;
- ldns_rr_list *nslist, *iplist;
- ldns_rdf *soa_zone, *soa_mname, *ns_name;
- size_t i;
- ldns_status s;
-
- if (class == 0) {
- class = LDNS_RR_CLASS_IN;
- }
-
- if (port == 0) {
- port = LDNS_PORT;
- }
-
- /* First, get data from /etc/resolv.conf */
- s = ldns_resolver_new_frm_file(&r1, NULL);
- if (s != LDNS_STATUS_OK) {
- return NULL;
- }
-
- r2 = ldns_resolver_new();
- if (!r2) {
- goto bad;
- }
- ldns_resolver_set_port(r2, port);
-
- /* TSIG key data available? Copy into the resolver. */
- if (tsig_cred) {
- ldns_resolver_set_tsig_algorithm(r2, ldns_tsig_algorithm(tsig_cred));
- ldns_resolver_set_tsig_keyname(r2, ldns_tsig_keyname(tsig_cred));
- ldns_resolver_set_tsig_keydata(r2, ldns_tsig_keydata(tsig_cred));
- }
-
- /* Now get SOA zone, mname, NS, and construct r2. [RFC2136 4.3] */
-
- /* Explicit 'zone' or no? */
- if (zone) {
- soa_zone = ldns_dname_new_frm_str(zone);
- if (ldns_update_soa_mname(soa_zone, r1, class, &soa_mname)
- != LDNS_STATUS_OK) {
- goto bad;
- }
- } else {
- if (ldns_update_soa_zone_mname(fqdn, r1, class, &soa_zone,
- &soa_mname) != LDNS_STATUS_OK) {
- goto bad;
- }
- }
-
- /* Pass zone_rdf on upwards. */
- *zone_rdf = ldns_rdf_clone(soa_zone);
-
- /* NS */
- query = ldns_pkt_query_new(soa_zone, LDNS_RR_TYPE_NS, class, LDNS_RD);
- if (!query) {
- goto bad;
- }
- soa_zone = NULL;
-
- ldns_pkt_set_random_id(query);
-
- if (ldns_resolver_send_pkt(&resp, r1, query) != LDNS_STATUS_OK) {
- dprintf("%s", "NS query failed!\n");
- goto bad;
- }
- ldns_pkt_free(query);
- if (!resp) {
- goto bad;
- }
- /* Match SOA MNAME to NS list, adding it first */
- nslist = ldns_pkt_answer(resp);
- for (i = 0; i < ldns_rr_list_rr_count(nslist); i++) {
- ns_name = ldns_rr_rdf(ldns_rr_list_rr(nslist, i), 0);
- if (!ns_name)
- continue;
- if (ldns_rdf_compare(soa_mname, ns_name) == 0) {
- /* Match */
- iplist = ldns_get_rr_list_addr_by_name(r1, ns_name, class, 0);
- (void) ldns_resolver_push_nameserver_rr_list(r2, iplist);
- break;
- }
- }
-
- /* Then all the other NSs. XXX Randomize? */
- for (i = 0; i < ldns_rr_list_rr_count(nslist); i++) {
- ns_name = ldns_rr_rdf(ldns_rr_list_rr(nslist, i), 0);
- if (!ns_name)
- continue;
- if (ldns_rdf_compare(soa_mname, ns_name) != 0) {
- /* No match, add it now. */
- iplist = ldns_get_rr_list_addr_by_name(r1, ns_name, class, 0);
- (void) ldns_resolver_push_nameserver_rr_list(r2, iplist);
- }
- }
-
- ldns_resolver_set_random(r2, false);
- ldns_pkt_free(resp);
- ldns_resolver_deep_free(r1);
- return r2;
-
- bad:
- if (r1)
- ldns_resolver_deep_free(r1);
- if (r2)
- ldns_resolver_deep_free(r2);
- if (query)
- ldns_pkt_free(query);
- if (resp)
- ldns_pkt_free(resp);
- return NULL;
-}
-
-
-static ldns_status
-ldns_update_send_simple_addr(const char *fqdn, const char *zone,
- const char *ipaddr, uint16_t p, uint32_t ttl, ldns_tsig_credentials *tsig_cred)
-{
- ldns_resolver *res;
- ldns_pkt *u_pkt = NULL, *r_pkt;
- ldns_rr_list *up_rrlist;
- ldns_rr *up_rr;
- ldns_rdf *zone_rdf;
- char *rrstr;
- uint32_t rrstrlen, status = LDNS_STATUS_OK;
-
- if (!fqdn || strlen(fqdn) == 0)
- return LDNS_STATUS_ERR;
-
- /* Create resolver */
- res = ldns_update_resolver_new(fqdn, zone, 0, p, tsig_cred, &zone_rdf);
- if (!res || !zone_rdf) {
- goto cleanup;
- }
-
- /* Set up the update section. */
- up_rrlist = ldns_rr_list_new();
- if (!up_rrlist) {
- goto cleanup;
- }
- /* Create input for ldns_rr_new_frm_str() */
- if (ipaddr) {
- /* We're adding A or AAAA */
- rrstrlen = strlen(fqdn) + sizeof (" IN AAAA ") + strlen(ipaddr) + 1;
- rrstr = (char *)malloc(rrstrlen);
- if (!rrstr) {
- ldns_rr_list_deep_free(up_rrlist);
- goto cleanup;
- }
- snprintf(rrstr, rrstrlen, "%s IN %s %s", fqdn,
- strchr(ipaddr, ':') ? "AAAA" : "A", ipaddr);
-
- if (ldns_rr_new_frm_str(&up_rr, rrstr, ttl, NULL, NULL) !=
- LDNS_STATUS_OK) {
- ldns_rr_list_deep_free(up_rrlist);
- free(rrstr);
- goto cleanup;
- }
- free(rrstr);
- ldns_rr_list_push_rr(up_rrlist, up_rr);
- } else {
- /* We're removing A and/or AAAA from 'fqdn'. [RFC2136 2.5.2] */
- up_rr = ldns_rr_new();
- ldns_rr_set_owner(up_rr, ldns_dname_new_frm_str(fqdn));
- ldns_rr_set_ttl(up_rr, 0);
- ldns_rr_set_class(up_rr, LDNS_RR_CLASS_ANY);
-
- ldns_rr_set_type(up_rr, LDNS_RR_TYPE_A);
- ldns_rr_list_push_rr(up_rrlist, ldns_rr_clone(up_rr));
-
- ldns_rr_set_type(up_rr, LDNS_RR_TYPE_AAAA);
- ldns_rr_list_push_rr(up_rrlist, up_rr);
- }
-
- /* Create update packet. */
- u_pkt = ldns_update_pkt_new(zone_rdf, LDNS_RR_CLASS_IN, NULL, up_rrlist, NULL);
- zone_rdf = NULL;
- if (!u_pkt) {
- ldns_rr_list_deep_free(up_rrlist);
- goto cleanup;
- }
- ldns_pkt_set_random_id(u_pkt);
-
- /* Add TSIG */
- if (tsig_cred)
- if (ldns_update_pkt_tsig_add(u_pkt, res) != LDNS_STATUS_OK) {
- goto cleanup;
- }
-
- if (ldns_resolver_send_pkt(&r_pkt, res, u_pkt) != LDNS_STATUS_OK) {
- goto cleanup;
- }
- ldns_pkt_free(u_pkt);
- if (!r_pkt) {
- goto cleanup;
- }
- if (ldns_pkt_get_rcode(r_pkt) != LDNS_RCODE_NOERROR) {
- ldns_lookup_table *t = ldns_lookup_by_id(ldns_rcodes,
- (int)ldns_pkt_get_rcode(r_pkt));
- if (t) {
- dprintf(";; UPDATE response was %s\n", t->name);
- } else {
- dprintf(";; UPDATE response was (%d)\n", ldns_pkt_get_rcode(r_pkt));
- }
- status = LDNS_STATUS_ERR;
- }
- ldns_pkt_free(r_pkt);
- ldns_resolver_deep_free(res);
- return status;
-
- cleanup:
- if (res)
- ldns_resolver_deep_free(res);
- if (u_pkt)
- ldns_pkt_free(u_pkt);
- return LDNS_STATUS_ERR;
-}
-
-
-static void
-usage(FILE *fp, char *prog)
-{
- fprintf(fp, "%s domain [zone] ip tsig_name tsig_alg tsig_hmac\n", prog);
- fprintf(fp, " send a dynamic update packet to <ip>\n\n");
- fprintf(fp, " Use 'none' instead of ip to remove any previous address\n");
- fprintf(fp, " If 'zone' is not specified, try to figure it out from the zone's SOA\n");
- fprintf(fp, " Example: %s my.example.org 1.2.3.4\n", prog);
-}
-
-
-int
-main(int argc, char **argv)
-{
- char *fqdn, *ipaddr, *zone, *prog;
- ldns_status ret;
- ldns_tsig_credentials tsig_cr, *tsig_cred;
- int c = 2;
- uint32_t defttl = 300;
- uint32_t port = 5353;
-
- prog = strdup(argv[0]);
-
- switch (argc) {
- case 3:
- case 4:
- case 6:
- case 7:
- break;
- default:
- usage(stderr, prog);
- exit(EXIT_FAILURE);
- }
-
- fqdn = argv[1];
- c = 2;
- if (argc == 4 || argc == 7) {
- zone = argv[c++];
- } else {
- zone = NULL;
- }
-
- if (strcmp(argv[c], "none") == 0) {
- ipaddr = NULL;
- } else {
- ipaddr = argv[c];
- }
- c++;
- if (argc == 6 || argc == 7) {
- tsig_cr.keyname = argv[c++];
- if (strncasecmp(argv[c], "hmac-sha1", 9) == 0) {
- tsig_cr.algorithm = (char*)"hmac-sha1.";
- } else if (strncasecmp(argv[c], "hmac-md5", 8) == 0) {
- tsig_cr.algorithm = (char*)"hmac-md5.sig-alg.reg.int.";
- } else {
- fprintf(stderr, "Unknown algorithm, try \"hmac-md5\" "
- "or \"hmac-sha1\".\n");
- exit(EXIT_FAILURE);
- }
- tsig_cr.keydata = argv[++c];
- tsig_cred = &tsig_cr;
- } else {
- tsig_cred = NULL;
- }
-
- printf(";; trying UPDATE with FQDN \"%s\" and IP \"%s\"\n",
- fqdn, ipaddr ? ipaddr : "<none>");
- printf(";; tsig: \"%s\" \"%s\" \"%s\"\n", tsig_cr.keyname,
- tsig_cr.algorithm, tsig_cr.keydata);
-
- ret = ldns_update_send_simple_addr(fqdn, zone, ipaddr, port, defttl, tsig_cred);
- exit(ret);
-}
+++ /dev/null
-.TH ldns-verifyzone 1 "27 May 2008"
-.SH NAME
-ldns-verify-zone \- read a DNSSEC signed zone and verify it.
-.SH SYNOPSIS
-.B ldns-verify-zone
-.IR ZONEFILE
-
-.SH DESCRIPTION
-
-\fBldns-verify-zone\fR reads a DNS zone file and verifies it.
-
-RRSIG resource records are checked against the DNSKEY set at the zone apex.
-
-Each name is checked for an NSEC(3), if appropriate.
-
-.SH OPTIONS
-.TP
-.TP
-\fB-h\fR
-Show usage and exit
-
-.TP
-\fB-v\fR
-Show the version and exit
-
-.TP
-\fB-V\fR \fInumber\fR
-Set the verbosity level (default 3):
-
- 0: Be silent
- 1: Print result, and any errors
- 2: Same as 1 for now
- 3: Print result, any errors, and the names that are
- being checked
- 4: Same as 3 for now
- 5: Print the zone after it has been read, the result,
- any errors, and the names that are being checked
-
-
-.SH AUTHOR
-Written by the ldns team as an example for ldns usage.
-
-.SH REPORTING BUGS
-Report bugs to <ldns-team@nlnetlabs.nl>.
-
-.SH COPYRIGHT
-Copyright (C) 2008 NLnet Labs. This is free software. There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
-PURPOSE.
+++ /dev/null
-/*
- * read a zone file from disk and prints it, one RR per line
- *
- * (c) NLnetLabs 2008
- *
- * See the file LICENSE for the license
- *
- * Missing from the checks: empty non-terminals
- */
-
-#include "config.h"
-#include <unistd.h>
-#include <stdlib.h>
-
-#include <ldns/ldns.h>
-
-#include <errno.h>
-
-#ifdef HAVE_SSL
-#include <openssl/err.h>
-
-int verbosity = 3;
-
-/* returns 1 if the list is empty, or if there are only ns rrs in the
- * list, 0 otherwise */
-static int
-only_ns_in_rrsets(ldns_dnssec_rrsets *rrsets) {
- ldns_dnssec_rrsets *cur_rrset = rrsets;
-
- while (cur_rrset) {
- if (cur_rrset->type != LDNS_RR_TYPE_NS) {
- return 0;
- }
- cur_rrset = cur_rrset->next;
- }
- return 1;
-}
-
-static int
-zone_is_nsec3_optout(ldns_rbtree_t *zone_nodes)
-{
- /* simply find the first NSEC3 RR and check its flags */
- /* TODO: maybe create a general function that uses the active
- * NSEC3PARAM RR? */
- ldns_rbnode_t *cur_node;
- ldns_dnssec_name *cur_name;
- cur_node = ldns_rbtree_first(zone_nodes);
- while (cur_node != LDNS_RBTREE_NULL) {
- cur_name = (ldns_dnssec_name *) cur_node->data;
- if (cur_name && cur_name->nsec &&
- ldns_rr_get_type(cur_name->nsec) == LDNS_RR_TYPE_NSEC3) {
- if (ldns_nsec3_optout(cur_name->nsec)) {
- return 1;
- } else {
- return 0;
- }
- }
- cur_node = ldns_rbtree_next(cur_node);
- }
- return 0;
-}
-
-static bool
-ldns_rr_list_contains_name(const ldns_rr_list *rr_list,
- const ldns_rdf *name)
-{
- size_t i;
- for (i = 0; i < ldns_rr_list_rr_count(rr_list); i++) {
- if (ldns_dname_compare(name,
- ldns_rr_owner(ldns_rr_list_rr(rr_list, i))) == 0) {
- return true;
- }
- }
- return false;
-}
-
-static void
-print_type(ldns_rr_type type)
-{
- const ldns_rr_descriptor *descriptor;
-
- descriptor = ldns_rr_descript(type);
- if (descriptor && descriptor->_name) {
- fprintf(stdout, "%s", descriptor->_name);
- } else {
- fprintf(stdout, "TYPE%u",
- type);
- }
-
-}
-
-static ldns_dnssec_zone *
-create_dnssec_zone(ldns_zone *orig_zone)
-{
- size_t i;
- ldns_dnssec_zone *dnssec_zone;
- ldns_rr *cur_rr;
- ldns_status status;
-
- /* when reading NSEC3s, there is a chance that we encounter nsecs
- for empty nonterminals, whose nonterminals we cannot derive yet
- because the needed information is to be read later. in that case
- we keep a list of those nsec3's and retry to add them later */
- ldns_rr_list *failed_nsec3s = ldns_rr_list_new();
-
- dnssec_zone = ldns_dnssec_zone_new();
- if (ldns_dnssec_zone_add_rr(dnssec_zone, ldns_zone_soa(orig_zone)) !=
- LDNS_STATUS_OK) {
- if (verbosity > 0) {
- fprintf(stderr,
- "Error adding SOA to dnssec zone, skipping record\n");
- }
- }
-
- for (i = 0; i < ldns_rr_list_rr_count(ldns_zone_rrs(orig_zone)); i++) {
- cur_rr = ldns_rr_list_rr(ldns_zone_rrs(orig_zone), i);
- status = ldns_dnssec_zone_add_rr(dnssec_zone, cur_rr);
- if (status != LDNS_STATUS_OK) {
- if (status == LDNS_STATUS_DNSSEC_NSEC3_ORIGINAL_NOT_FOUND) {
- ldns_rr_list_push_rr(failed_nsec3s, cur_rr);
- } else {
- if (verbosity > 0) {
- fprintf(stderr, "Error adding RR to dnssec zone");
- fprintf(stderr, ", skipping record:\n");
- ldns_rr_print(stderr, cur_rr);
- }
- }
- }
- }
-
- if (ldns_rr_list_rr_count(failed_nsec3s) > 0) {
- (void) ldns_dnssec_zone_add_empty_nonterminals(dnssec_zone);
- for (i = 0; i < ldns_rr_list_rr_count(failed_nsec3s); i++) {
- cur_rr = ldns_rr_list_rr(failed_nsec3s, i);
- status = ldns_dnssec_zone_add_rr(dnssec_zone, cur_rr);
- }
- }
-
- ldns_rr_list_free(failed_nsec3s);
- return dnssec_zone;
-}
-
-static ldns_status
-verify_dnssec_rrset(ldns_rdf *zone_name,
- ldns_rdf *name,
- ldns_dnssec_rrsets *rrset,
- ldns_rr_list *keys,
- ldns_rr_list *glue_rrs)
-{
- ldns_rr_list *rrset_rrs;
- ldns_dnssec_rrs *cur_rr, *cur_sig;
- ldns_status status;
- ldns_rr_list *good_keys;
- ldns_status result = LDNS_STATUS_OK;
-
- if (!rrset->rrs) return LDNS_STATUS_OK;
-
- rrset_rrs = ldns_rr_list_new();
- cur_rr = rrset->rrs;
- while(cur_rr && cur_rr->rr) {
- ldns_rr_list_push_rr(rrset_rrs, cur_rr->rr);
- cur_rr = cur_rr->next;
- }
- cur_sig = rrset->signatures;
- if (cur_sig) {
- while (cur_sig) {
- good_keys = ldns_rr_list_new();
- status = ldns_verify_rrsig_keylist(rrset_rrs,
- cur_sig->rr,
- keys,
- good_keys);
- if (status != LDNS_STATUS_OK) {
- if (verbosity > 0) {
- printf("Error: %s",
- ldns_get_errorstr_by_id(status));
- printf(" for ");
- ldns_rdf_print(stdout,
- ldns_rr_owner(rrset->rrs->rr));
- printf("\t");
- print_type(rrset->type);
- printf("\n");
- if (result == LDNS_STATUS_OK) {
- result = status;
- }
- if (status == LDNS_STATUS_SSL_ERR) {
- ERR_load_crypto_strings();
- ERR_print_errors_fp(stdout);
- }
- if (verbosity >= 4) {
- printf("RRSet:\n");
- ldns_dnssec_rrs_print(stdout, rrset->rrs);
- printf("Signature:\n");
- ldns_rr_print(stdout, cur_sig->rr);
- printf("\n");
- }
- }
- }
- ldns_rr_list_free(good_keys);
-
- cur_sig = cur_sig->next;
- }
- } else {
- /* delegations are unsigned */
- if (rrset->type != LDNS_RR_TYPE_NS ||
- ldns_dname_compare(name, zone_name) == 0) {
- if (verbosity > 0) {
- printf("Error: no signatures for ");
- ldns_rdf_print(stdout, ldns_rr_owner(rrset->rrs->rr));
- printf("\t");
- print_type(rrset->type);
- printf("\n");
- }
- }
- }
- ldns_rr_list_free(rrset_rrs);
- return result;
-}
-
-static ldns_status
-verify_single_rr(ldns_rr *rr,
- ldns_dnssec_rrs *signature_rrs,
- ldns_rr_list *keys)
-{
- ldns_rr_list *rrset_rrs;
- ldns_rr_list *good_keys;
- ldns_dnssec_rrs *cur_sig;
- ldns_status status;
- ldns_status result = LDNS_STATUS_OK;
-
- rrset_rrs = ldns_rr_list_new();
- ldns_rr_list_push_rr(rrset_rrs, rr);
-
- cur_sig = signature_rrs;
- while (cur_sig) {
- good_keys = ldns_rr_list_new();
- status = ldns_verify_rrsig_keylist(rrset_rrs,
- cur_sig->rr,
- keys,
- good_keys);
- if (status != LDNS_STATUS_OK) {
- if (verbosity >= 1) {
- printf("Error: %s ", ldns_get_errorstr_by_id(status));
- if (result == LDNS_STATUS_OK) {
- result = status;
- }
- printf("for ");
- ldns_rdf_print(stdout, ldns_rr_owner(rr));
- printf("\t");
- print_type(ldns_rr_get_type(rr));
- printf("\n");
- if (status == LDNS_STATUS_SSL_ERR) {
- ERR_load_crypto_strings();
- ERR_print_errors_fp(stdout);
- }
- if (verbosity >= 4) {
- printf("RRSet:\n");
- ldns_rr_list_print(stdout, rrset_rrs);
- printf("Signature:\n");
- ldns_rr_print(stdout, cur_sig->rr);
- printf("\n");
- }
- }
- result = status;
- }
- ldns_rr_list_free(good_keys);
- cur_sig = cur_sig->next;
- }
-
- ldns_rr_list_free(rrset_rrs);
-
- return result;
-}
-
-static ldns_status
-verify_next_hashed_name(ldns_rbtree_t *zone_nodes,
- ldns_dnssec_name *name)
-{
- ldns_rbnode_t *next_node;
- ldns_dnssec_name *next_name;
- ldns_dnssec_name *cur_next_name = NULL;
- ldns_dnssec_name *cur_first_name = NULL;
- int cmp;
- char *next_owner_str;
- ldns_rdf *next_owner_dname;
-
- if (!name->hashed_name) {
- name->hashed_name = ldns_nsec3_hash_name_frm_nsec3(name->nsec,
- name->name);
- }
- next_node = ldns_rbtree_first(zone_nodes);
- while (next_node != LDNS_RBTREE_NULL) {
- next_name = (ldns_dnssec_name *)next_node->data;
- /* skip over names that have no NSEC3 records (whether it
- * actually should or should not should have been checked
- * already */
- if (!next_name->nsec) {
- next_node = ldns_rbtree_next(next_node);
- continue;
- }
- if (!next_name->hashed_name) {
- next_name->hashed_name = ldns_nsec3_hash_name_frm_nsec3(
- name->nsec, next_name->name);
- }
- /* we keep track of what 'so far' is the next hashed name;
- * it must of course be 'larger' than the current name
- * if we find one that is larger, but smaller than what we
- * previously thought was the next one, that one is the next
- */
- cmp = ldns_dname_compare(name->hashed_name,
- next_name->hashed_name);
- if (cmp < 0) {
- if (!cur_next_name) {
- cur_next_name = next_name;
- } else {
- cmp = ldns_dname_compare(next_name->hashed_name,
- cur_next_name->hashed_name);
- if (cmp < 0) {
- cur_next_name = next_name;
- }
- }
- }
- /* in case the hashed name of the nsec we are checking is the
- * last one, we need the first hashed name of the zone */
- if (!cur_first_name) {
- cur_first_name = next_name;
- } else {
- cmp = ldns_dname_compare(next_name->hashed_name,
- cur_first_name->hashed_name);
- if (cmp < 0) {
- cur_first_name = next_name;
- }
- }
- next_node = ldns_rbtree_next(next_node);
- }
- if (!cur_next_name) {
- cur_next_name = cur_first_name;
- }
-
- next_owner_str = ldns_rdf2str(ldns_nsec3_next_owner(name->nsec));
- next_owner_dname = ldns_dname_new_frm_str(next_owner_str);
- cmp = ldns_dname_compare(next_owner_dname,
- cur_next_name->hashed_name);
- ldns_rdf_deep_free(next_owner_dname);
- LDNS_FREE(next_owner_str);
- if (cmp != 0) {
- printf("Error: The NSEC3 record for ");
- ldns_rdf_print(stdout, name->name);
- printf(" points to the wrong next hashed owner name\n");
- printf("(should point to ");
- ldns_rdf_print(stdout, cur_next_name->name);
- printf("(whose hashed name is ");
- ldns_rdf_print(stdout, cur_next_name->hashed_name);
- printf(")\n");
- return LDNS_STATUS_ERR;
- } else {
- return LDNS_STATUS_OK;
- }
-}
-
-static ldns_rbnode_t *
-next_nonglue_node(ldns_rbnode_t *node, ldns_rr_list *glue_rrs)
-{
- ldns_rbnode_t *cur_node = ldns_rbtree_next(node);
- ldns_dnssec_name *cur_name;
- while (cur_node != LDNS_RBTREE_NULL) {
- cur_name = (ldns_dnssec_name *) cur_node->data;
- if (cur_name && cur_name->name) {
- if (!ldns_rr_list_contains_name(glue_rrs, cur_name->name)) {
- return cur_node;
- }
- }
- cur_node = ldns_rbtree_next(cur_node);
- }
- return LDNS_RBTREE_NULL;
-}
-
-static ldns_status
-verify_nsec(ldns_rbtree_t *zone_nodes,
- ldns_rbnode_t *cur_node,
- ldns_rr_list *keys,
- ldns_rr_list *glue_rrs
-)
-{
- ldns_rbnode_t *next_node;
- ldns_dnssec_name *name, *next_name;
- ldns_status status, result;
- result = LDNS_STATUS_OK;
-
- name = (ldns_dnssec_name *) cur_node->data;
- if (name->nsec) {
- if (name->nsec_signatures) {
- status = verify_single_rr(name->nsec,
- name->nsec_signatures,
- keys);
- if (result == LDNS_STATUS_OK) {
- result = status;
- }
- } else {
- if (verbosity >= 1) {
- printf("Error: the NSEC(3) record of ");
- ldns_rdf_print(stdout, name->name);
- printf(" has no signatures\n");
- }
- if (result == LDNS_STATUS_OK) {
- result = LDNS_STATUS_ERR;
- }
- }
- /* check whether the NSEC record points to the right name */
- switch (ldns_rr_get_type(name->nsec)) {
- case LDNS_RR_TYPE_NSEC:
- /* simply try next name */
- next_node = next_nonglue_node(cur_node, glue_rrs);
- if (next_node == LDNS_RBTREE_NULL) {
- next_node = ldns_rbtree_first(zone_nodes);
- }
- next_name = (ldns_dnssec_name *)next_node->data;
- if (ldns_dname_compare(next_name->name,
- ldns_rr_rdf(name->nsec, 0))
- != 0) {
- printf("Error: the NSEC record for ");
- ldns_rdf_print(stdout, name->name);
- printf(" points to the wrong next owner name\n");
- if (result == LDNS_STATUS_OK) {
- result = LDNS_STATUS_ERR;
- }
- }
- break;
- case LDNS_RR_TYPE_NSEC3:
- /* find the hashed next name in the tree */
- /* this is expensive, do we need to add support
- * for this in the structs? (ie. pointer to next
- * hashed name?)
- */
- status = verify_next_hashed_name(zone_nodes, name);
- if (result == LDNS_STATUS_OK) {
- result = status;
- }
- break;
- default:
- break;
- }
- } else {
- /* todo; do this once and cache result? */
- if (zone_is_nsec3_optout(zone_nodes) &&
- only_ns_in_rrsets(name->rrsets)) {
- /* ok, no problem, but we need to remember to check
- * whether the chain does not actually point to this
- * name later */
- } else {
- if (verbosity >= 1) {
- printf("Error: there is no NSEC(3) for ");
- ldns_rdf_print(stdout, name->name);
- printf("\n");
- }
- if (result == LDNS_STATUS_OK) {
- result = LDNS_STATUS_ERR;
- }
- }
- }
- return result;
-}
-
-static int
-ldns_dnssec_name_has_only_a(ldns_dnssec_name *cur_name)
-{
- ldns_dnssec_rrsets *cur_rrset;
- cur_rrset = cur_name->rrsets;
- while (cur_rrset) {
- if (cur_rrset->type != LDNS_RR_TYPE_A &&
- cur_rrset->type != LDNS_RR_TYPE_AAAA) {
- return 0;
- } else {
- cur_rrset = cur_rrset->next;
- }
- }
- return 1;
-}
-
-static ldns_status
-verify_dnssec_name(ldns_rdf *zone_name,
- ldns_dnssec_zone *zone,
- ldns_rbtree_t *zone_nodes,
- ldns_rbnode_t *cur_node,
- ldns_rr_list *keys,
- ldns_rr_list *glue_rrs)
-{
- ldns_status result = LDNS_STATUS_OK;
- ldns_status status;
- ldns_dnssec_rrsets *cur_rrset;
- ldns_dnssec_name *name;
- /* for NSEC chain checks */
-
- name = (ldns_dnssec_name *) cur_node->data;
- if (verbosity >= 3) {
- printf("Checking: ");
- ldns_rdf_print(stdout, name->name);
- printf("\n");
- }
-
- if (ldns_rr_list_contains_name(glue_rrs, name->name) &&
- ldns_dnssec_name_has_only_a(name)
- ) {
- /* glue */
- cur_rrset = name->rrsets;
- while (cur_rrset) {
- if (cur_rrset->signatures) {
- if (verbosity >= 1) {
- printf("Error: ");
- ldns_rdf_print(stdout, name->name);
- printf("\t");
- print_type(cur_rrset->type);
- printf(" has signature(s), but is glue\n");
- }
- result = LDNS_STATUS_ERR;
- }
- cur_rrset = cur_rrset->next;
- }
- if (name->nsec) {
- if (verbosity >= 1) {
- printf("Error: ");
- ldns_rdf_print(stdout, name->name);
- printf("\thas an NSEC(3), but is glue\n");
- }
- result = LDNS_STATUS_ERR;
- }
- } else {
- /* not glue, do real verify */
- cur_rrset = name->rrsets;
- while(cur_rrset) {
- if (cur_rrset->type != LDNS_RR_TYPE_A ||
- !ldns_dnssec_zone_find_rrset(zone, name->name, LDNS_RR_TYPE_NS)) {
- status = verify_dnssec_rrset(zone_name, name->name, cur_rrset, keys, glue_rrs);
- if (status != LDNS_STATUS_OK && result == LDNS_STATUS_OK) {
- result = status;
- }
- }
- cur_rrset = cur_rrset->next;
- }
-
- status = verify_nsec(zone_nodes, cur_node, keys, glue_rrs);
- if (result == LDNS_STATUS_OK) {
- result = status;
- }
- }
- return result;
-}
-
-static ldns_status
-verify_dnssec_zone(ldns_dnssec_zone *dnssec_zone,
- ldns_rdf *zone_name,
- ldns_rr_list *glue_rrs)
-{
- ldns_rr_list *keys;
- ldns_rbnode_t *cur_node;
- ldns_dnssec_rrsets *cur_key_rrset;
- ldns_dnssec_rrs *cur_key;
- ldns_dnssec_name *cur_name;
- ldns_status status;
- ldns_status result = LDNS_STATUS_OK;
-
- keys = ldns_rr_list_new();
- cur_key_rrset = ldns_dnssec_zone_find_rrset(dnssec_zone,
- zone_name,
- LDNS_RR_TYPE_DNSKEY);
- if (!cur_key_rrset || !cur_key_rrset->rrs) {
- if (verbosity >= 1) {
- printf("No DNSKEY records at zone apex\n");
- }
- result = LDNS_STATUS_ERR;
- } else {
- cur_key = cur_key_rrset->rrs;
- while (cur_key) {
- if (verbosity >= 4) {
- printf("DNSKEY: ");
- ldns_rr_print(stdout, cur_key->rr);
- }
- ldns_rr_list_push_rr(keys, cur_key->rr);
- cur_key = cur_key->next;
- }
-
- cur_node = ldns_rbtree_first(dnssec_zone->names);
- if (cur_node == LDNS_RBTREE_NULL) {
- if (verbosity >= 1) {
- printf("Empty zone?\n");
- }
- result = LDNS_STATUS_ERR;
- }
- while (cur_node != LDNS_RBTREE_NULL) {
- cur_name = (ldns_dnssec_name *) cur_node->data;
- status = verify_dnssec_name(zone_name,
- dnssec_zone,
- dnssec_zone->names,
- cur_node,
- keys,
- glue_rrs);
- if (status != LDNS_STATUS_OK && result == LDNS_STATUS_OK) {
- result = status;
- }
- cur_node = ldns_rbtree_next(cur_node);
- }
- }
-
- ldns_rr_list_free(keys);
- return result;
-}
-
-int
-main(int argc, char **argv)
-{
- char *filename;
- FILE *fp;
- ldns_zone *z;
- int line_nr = 0;
- int c;
- ldns_status s;
- ldns_dnssec_zone *dnssec_zone;
- ldns_status result = LDNS_STATUS_ERR;
- ldns_rr_list *glue_rrs;
-
- while ((c = getopt(argc, argv, "hvV:")) != -1) {
- switch(c) {
- case 'h':
- printf("Usage: %s [OPTIONS] <zonefile>\n", argv[0]);
- printf("\tReads the zonefile and checks for DNSSEC errors.\n");
- printf("\nIt checks whether NSEC(3)s are present,");
- printf(" and verifies all signatures\n");
- printf("It also checks the NSEC(3) chain, but it will error on opted-out delegations\n");
- printf("\nOPTIONS:\n");
- printf("\t-h show this text\n");
- printf("\t-v shows the version and exits\n");
- printf("\t-V [0-5]\tset verbosity level (default 3)\n");
- printf("\nif no file is given standard input is read\n");
- exit(EXIT_SUCCESS);
- break;
- case 'v':
- printf("read zone version %s (ldns version %s)\n",
- LDNS_VERSION, ldns_version());
- exit(EXIT_SUCCESS);
- break;
- case 'V':
- verbosity = atoi(optarg);
- break;
- }
- }
-
- argc -= optind;
- argv += optind;
-
- if (argc == 0) {
- fp = stdin;
- } else {
- filename = argv[0];
-
- fp = fopen(filename, "r");
- if (!fp) {
- fprintf(stderr,
- "Unable to open %s: %s\n",
- filename,
- strerror(errno));
- exit(EXIT_FAILURE);
- }
- }
-
- s = ldns_zone_new_frm_fp_l(&z, fp, NULL, 0, LDNS_RR_CLASS_IN, &line_nr);
-
- if (s == LDNS_STATUS_OK) {
- if (!ldns_zone_soa(z)) {
- fprintf(stderr, "; Error: no SOA in the zone\n");
- exit(1);
- }
-
- glue_rrs = ldns_zone_glue_rr_list(z);
- dnssec_zone = create_dnssec_zone(z);
-
- if (verbosity >= 5) {
- ldns_dnssec_zone_print(stdout, dnssec_zone);
- }
-
- result = verify_dnssec_zone(dnssec_zone,
- ldns_rr_owner(ldns_zone_soa(z)),
- glue_rrs);
-
-
- if (result == LDNS_STATUS_OK) {
- if (verbosity >= 1) {
- printf("Zone is verified and complete\n");
- }
- } else {
- if (verbosity >= 1) {
- printf("There were errors in the zone\n");
- }
- }
-
- ldns_zone_free(z);
- ldns_dnssec_zone_deep_free(dnssec_zone);
- } else {
- fprintf(stderr, "%s at %d\n",
- ldns_get_errorstr_by_id(s),
- line_nr);
- exit(EXIT_FAILURE);
- }
- fclose(fp);
-
- exit(result);
-}
-#else
-int
-main(int argc, char **argv)
-{
- fprintf(stderr, "ldns-verifyzone needs OpenSSL support, which has not been compiled in\n");
- return 1;
-}
-#endif /* HAVE_SSL */
+++ /dev/null
-.TH ldns-version 1 "27 Apr 2005"
-.SH NAME
-ldns-version \- print out the version of the ldns-library and tools on this system
-.SH SYNOPSIS
-.B ldns-version
-
-.SH DESCRIPTION
-\fBldns-version\fR is used to print out version information of the ldns library and tools
-
-.SH OPTIONS
-\fBldns-version\fR has no options.
-
-.SH AUTHOR
-Written by the ldns team as an example for ldns usage.
-
-.SH REPORTING BUGS
-Report bugs to <ldns-team@nlnetlabs.nl>.
-
-.SH COPYRIGHT
-Copyright (C) 2005 NLnet Labs. This is free software. There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
-PURPOSE.
+++ /dev/null
-/*
- * ldns-version shows ldns's version
- *
- * (c) NLnet Labs, 2005 - 2008
- * See the file LICENSE for the license
- */
-
-#include "config.h"
-#include <ldns/ldns.h>
-
-int
-main(void)
-{
- printf("%s\n", ldns_version());
- return 0;
-}
+++ /dev/null
-.TH ldns-walk 1 "21 Nov 2005"
-.SH NAME
-ldns-walk \- Retrieve the contents of a DNSSEC signed zone
-.SH SYNOPSIS
-.B ldns-walk
-[
-.IR OPTION
-]
-.IR ZONE
-
-.SH DESCRIPTION
-
-\fBldns-walk\fR is used to retrieve the contents of a DNSSEC signed zone.
-It does this through NSEC-walking (following the chain of NSEC records)
-and 'guessing' the next non-existent owner name for each NSEC.
-
-Note that it might get stuck on some wildcard records when used through a
-caching forwarder. This problem can be circumvented by querying the
-authoritative nameserver directly (with the @ argument).
-
-Of course the nameserver that is used must be DNSSEC-aware.
-
-.SH OPTIONS
-.TP
-\fB-f\fR
-Do a 'full' zone walk; by default, ldns-walk will only show the names, and types present at those names. If this option is given, all resource records will be printed.
-
-.TP
-\fB-s\fR \fIname\fR
-Start the walk with this owner name. Useful when continuing the walk for a
-large zone.
-
-.TP
-\fB@\fR \fInameserver\fR
-Send the queries to this nameserver.
-
-.SH BUGS
-The full zone walk function is not complete yet, it does not correctly print delegation records
-
-.SH AUTHOR
-Written by Jelte Jansen as an example for ldns usage.
-
-.SH REPORTING BUGS
-Report bugs to <ldns-team@nlnetlabs.nl>.
-
-.SH COPYRIGHT
-Copyright (C) 2005 NLnet Labs. This is free software. There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
-PURPOSE.
+++ /dev/null
-/*
- * ldns-walk uses educated guesses and NSEC data to retrieve the
- * contents of a dnssec signed zone
- *
- * (c) NLnet Labs, 2005 - 2008
- * See the file LICENSE for the license
- */
-
-#include "config.h"
-
-#include <ldns/ldns.h>
-
-int verbosity = 0;
-
-static int
-usage(FILE *fp, char *prog) {
- fprintf(fp, "%s [options] domain\n", prog);
- fprintf(fp, " print out the owner names for domain and the record types for those names\n");
- fprintf(fp, "OPTIONS:\n");
- fprintf(fp, "-4\t\tonly use IPv4\n");
- fprintf(fp, "-6\t\tonly use IPv6\n");
- fprintf(fp, "-f\t\tfull; get all rrsets instead of only a list of names and types\n");
- fprintf(fp, "-s <name>\t\tStart from this name\n");
- fprintf(fp, "-v <verbosity>\t\tVerbosity level [1-5]\n");
- fprintf(fp, "-version\tShow version and exit\n");
- fprintf(fp, "@<nameserver>\t\tUse this nameserver\n");
- return 0;
-}
-
-ldns_rdf *
-create_dname_plus_1(ldns_rdf *dname)
-{
- uint8_t *wire;
- ldns_rdf *newdname;
- uint8_t labellen;
- size_t pos;
- ldns_status status;
- size_t i;
-
- ldns_dname2canonical(dname);
- labellen = ldns_rdf_data(dname)[0];
- if (verbosity >= 3) {
- printf("Create +e for ");
- ldns_rdf_print(stdout, dname);
- printf("\n");
- }
- if (labellen < 63) {
- wire = malloc(ldns_rdf_size(dname) + 1);
- if (!wire) {
- fprintf(stderr, "Malloc error: out of memory?\n");
- exit(127);
- }
- wire[0] = labellen + 1;
- memcpy(&wire[1], ldns_rdf_data(dname) + 1, labellen);
- memcpy(&wire[labellen+1], ldns_rdf_data(dname) + labellen, ldns_rdf_size(dname) - labellen);
- wire[labellen+1] = (uint8_t) '\000';
- pos = 0;
- status = ldns_wire2dname(&newdname, wire, ldns_rdf_size(dname) + 1, &pos);
- free(wire);
- } else {
- wire = malloc(ldns_rdf_size(dname));
- if (!wire) {
- fprintf(stderr, "Malloc error: out of memory?\n");
- exit(127);
- }
- wire[0] = labellen;
- memcpy(&wire[1], ldns_rdf_data(dname) + 1, labellen);
- memcpy(&wire[labellen], ldns_rdf_data(dname) + labellen, ldns_rdf_size(dname) - labellen);
- i = labellen;
- while (wire[i] == 255) {
- if (i == 0) {
- printf("Error, don't know how to add 1 to a label with maximum length and all values on 255\n");
- exit(9);
- } else {
- i--;
- }
- }
- wire[i] = wire[i] + 1;
- pos = 0;
- status = ldns_wire2dname(&newdname, wire, ldns_rdf_size(dname) + 1, &pos);
- free(wire);
- }
- if (verbosity >= 3) {
- printf("result: ");
- ldns_rdf_print(stdout, newdname);
- printf("\n");
- }
-
- if (status != LDNS_STATUS_OK) {
- printf("Error: %s\n", ldns_get_errorstr_by_id(status));
- exit(10);
- }
-
- return newdname;
-}
-
-ldns_rdf *
-create_plus_1_dname(ldns_rdf *dname)
-{
- ldns_rdf *label;
- ldns_status status;
-
- if (verbosity >= 3) {
- printf("Creating n+e for: ");
- ldns_rdf_print(stdout, dname);
- printf("\n");
- }
-
- ldns_dname2canonical(dname);
- status = ldns_str2rdf_dname(&label, "\\000");
- if (status != LDNS_STATUS_OK) {
- printf("error creating \\000 dname: %s\n\n", ldns_get_errorstr_by_id(status));
- exit(2);
- }
- status = ldns_dname_cat(label, dname);
- if (status != LDNS_STATUS_OK) {
- printf("error catting \\000 dname: %s\n\n", ldns_get_errorstr_by_id(status));
- exit(3);
- }
- return label;
-}
-
-ldns_status
-query_type_bitmaps(ldns_resolver *res,
- uint16_t res_flags,
- const ldns_rdf *name,
- const ldns_rdf *rdf)
-{
- /* Note: this code is duplicated in higher.c in
- * ldns_nsec_type_check() function
- */
- uint8_t window_block_nr;
- uint8_t bitmap_length;
- uint16_t type;
- uint16_t pos = 0;
- uint16_t bit_pos;
- uint8_t *data = ldns_rdf_data(rdf);
-
- ldns_pkt *answer_pkt;
- char *errstr;
-
- if (verbosity >= 3) {
- printf("Getting Resource Records covered by NSEC at ");
- ldns_rdf_print(stdout, name);
- printf("\n");
- }
-
- while(pos < ldns_rdf_size(rdf)) {
- window_block_nr = data[pos];
- bitmap_length = data[pos + 1];
- pos += 2;
-
- for (bit_pos = 0; bit_pos < (bitmap_length) * 8; bit_pos++) {
- if (ldns_get_bit(&data[pos], bit_pos)) {
- type = 256 * (uint16_t) window_block_nr + bit_pos;
- /* skip nsec and rrsig */
- if (type != LDNS_RR_TYPE_NSEC &&
- type != LDNS_RR_TYPE_RRSIG) {
- if (verbosity >= 3) {
- printf("querying for:\n");
- ldns_rdf_print(stdout, name);
- printf(" type %u\n", (unsigned int) type);
- }
- answer_pkt = ldns_resolver_query(res, name, type,
- LDNS_RR_CLASS_IN,
- res_flags);
- if (answer_pkt) {
- if (verbosity >= 5) {
- ldns_pkt_print(stdout, answer_pkt);
- }
- /* hmm, this does not give us the right records
- * when askking for type NS above the delegation
- * (or, in fact, when the delegated zone is
- * served by this server either)
- * do we need to special case NS like NSEC?
- * or can we fix the query or the answer reading?
- * ...
- */
- ldns_rr_list_print(stdout,
- ldns_pkt_answer(answer_pkt));
- ldns_pkt_free(answer_pkt);
- } else {
- printf("Query error, bailing out\n");
- printf("Failed at ");
- ldns_rdf_print(stdout, name);
- errstr = ldns_rr_type2str(type);
- printf(" %s\n", errstr);
- free(errstr);
- exit(1);
- }
- }
- }
- }
-
- pos += (uint16_t) bitmap_length;
- }
-
- return LDNS_STATUS_OK;
-}
-
-
-int
-main(int argc, char *argv[])
-{
- ldns_status status;
-
- ldns_resolver *res;
- ldns_rdf *domain = NULL;
- ldns_pkt *p;
- ldns_rr *soa;
- ldns_rr_list *rrlist;
- ldns_rr_list *rrlist2;
- ldns_rr_list *nsec_sigs = NULL;
- ldns_rdf *soa_p1;
- ldns_rdf *next_dname;
- ldns_rdf *last_dname;
- ldns_rdf *last_dname_p;
- ldns_rdf *startpoint = NULL;
- ldns_rr *nsec_rr = NULL;
- const char* arg_domain = NULL;
- int full = 0;
-
- char *serv = NULL;
- ldns_rdf *serv_rdf;
- ldns_resolver *cmdline_res;
- ldns_rr_list *cmdline_rr_list;
- ldns_rdf *cmdline_dname;
-
- uint8_t fam = LDNS_RESOLV_INETANY;
- int result = 0;
- int i;
- char *arg_end_ptr = NULL;
- size_t j;
-
- p = NULL;
- rrlist = NULL;
- rrlist2 = NULL;
- soa = NULL;
- domain = NULL;
-
- if (argc < 2) {
- usage(stdout, argv[0]);
- exit(EXIT_FAILURE);
- } else {
- for (i = 1; i < argc; i++) {
- if (strncmp(argv[i], "-4", 3) == 0) {
- if (fam != LDNS_RESOLV_INETANY) {
- fprintf(stderr, "You can only specify one of -4 or -6\n");
- exit(1);
- }
- fam = LDNS_RESOLV_INET;
- } else if (strncmp(argv[i], "-6", 3) == 0) {
- if (fam != LDNS_RESOLV_INETANY) {
- fprintf(stderr, "You can only specify one of -4 or -6\n");
- exit(1);
- }
- fam = LDNS_RESOLV_INET6;
- } else if (strncmp(argv[i], "-f", 3) == 0) {
- full = true;
- } else if (strncmp(argv[i], "-s", 3) == 0) {
- if (i + 1 < argc) {
- if (!ldns_str2rdf_dname(&startpoint, argv[i + 1]) == LDNS_STATUS_OK) {
- printf("Bad start point name: %s\n", argv[i + 1]);
- exit(1);
- }
- } else {
- printf("Missing argument for -s\n");
- exit(1);
- }
- i++;
- } else if (strncmp(argv[i], "-v", 3) == 0) {
- if (i + 1 < argc) {
- verbosity = strtol(argv[i+1], &arg_end_ptr, 10);
- if (*arg_end_ptr != '\0') {
- printf("Bad argument for -v: %s\n", argv[i+1]);
- exit(1);
- }
- } else {
- printf("Missing argument for -v\n");
- exit(1);
- }
- i++;
- } else if (strcmp("-version", argv[i]) == 0) {
- printf("dns zone walker, version %s (ldns version %s)\n", LDNS_VERSION, ldns_version());
- goto exit;
- } else {
- if (argv[i][0] == '@') {
- if (strlen(argv[i]) == 1) {
- if (i + 1 < argc) {
- serv = argv[i + 1];
- i++;
- } else {
- printf("Missing argument for -s\n");
- exit(1);
- }
- } else {
- serv = argv[i] + 1;
- }
- } else {
- if (i < argc) {
- if (!domain) {
- /* create a rdf from the command line arg */
- arg_domain = argv[i];
- domain = ldns_dname_new_frm_str(arg_domain);
- if (!domain) {
- usage(stdout, argv[0]);
- exit(1);
- }
- } else {
- printf("One domain at a time please\n");
- exit(1);
- }
- } else {
- printf("No domain given to walk\n");
- exit(1);
- }
- }
- }
- }
- }
- if (!domain) {
- printf("Missing argument\n");
- exit(1);
- }
-
-
- /* create a new resolver from /etc/resolv.conf */
- if(!serv) {
- if (ldns_resolver_new_frm_file(&res, NULL) != LDNS_STATUS_OK) {
- fprintf(stderr, "%s", "Could not create resolver obj");
- result = EXIT_FAILURE;
- goto exit;
- }
- } else {
- res = ldns_resolver_new();
- if (!res || strlen(serv) <= 0) {
- result = EXIT_FAILURE;
- goto exit;
- }
- /* add the nameserver */
- serv_rdf = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_A, serv);
- if (!serv_rdf) {
- /* maybe ip6 */
- serv_rdf = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_AAAA, serv);
- }
- if (!serv_rdf) {
- /* try to resolv the name if possible */
- status = ldns_resolver_new_frm_file(&cmdline_res, NULL);
-
- if (status != LDNS_STATUS_OK) {
- fprintf(stderr, "%s", "@server ip could not be converted");
- result = EXIT_FAILURE;
- goto exit;
- }
-
- cmdline_dname = ldns_dname_new_frm_str(serv);
- cmdline_rr_list = ldns_get_rr_list_addr_by_name(
- cmdline_res,
- cmdline_dname,
- LDNS_RR_CLASS_IN,
- 0);
- ldns_rdf_deep_free(cmdline_dname);
- ldns_resolver_deep_free(cmdline_res);
- if (!cmdline_rr_list) {
- fprintf(stderr, "%s %s", "could not find any address for the name: ", serv);
- result = EXIT_FAILURE;
- goto exit;
- } else {
- if (ldns_resolver_push_nameserver_rr_list(
- res,
- cmdline_rr_list
- ) != LDNS_STATUS_OK) {
- fprintf(stderr, "%s", "pushing nameserver");
- result = EXIT_FAILURE;
- ldns_rr_list_deep_free(cmdline_rr_list);
- goto exit;
- }
- ldns_rr_list_deep_free(cmdline_rr_list);
- }
- } else {
- if (ldns_resolver_push_nameserver(res, serv_rdf) != LDNS_STATUS_OK) {
- fprintf(stderr, "%s", "pushing nameserver");
- result = EXIT_FAILURE;
- goto exit;
- } else {
- ldns_rdf_deep_free(serv_rdf);
- }
- }
-
- }
-
- ldns_resolver_set_dnssec(res, true);
- ldns_resolver_set_dnssec_cd(res, true);
- ldns_resolver_set_ip6(res, fam);
-
- if (!res) {
- exit(2);
- }
-
- /* use the resolver to send it a query for the soa
- * records of the domain given on the command line
- */
- if (verbosity >= 3) {
- printf("\nQuerying for: ");
- ldns_rdf_print(stdout, domain);
- printf("\n");
- }
- p = ldns_resolver_query(res, domain, LDNS_RR_TYPE_SOA, LDNS_RR_CLASS_IN, LDNS_RD);
- soa = NULL;
- if (verbosity >= 5) {
- if (p) {
- ldns_pkt_print(stdout, p);
- } else {
- fprintf(stdout, "No Packet Received from ldns_resolver_query()\n");
- }
- }
-
- if (!p) {
- exit(3);
- } else {
- /* retrieve the MX records from the answer section of that
- * packet
- */
- rrlist = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_SOA, LDNS_SECTION_ANSWER);
- if (!rrlist || ldns_rr_list_rr_count(rrlist) != 1) {
- if (rrlist) {
- printf(" *** > 1 SOA: %u\n", (unsigned int) ldns_rr_list_rr_count(rrlist));
- } else {
- printf(" *** No rrlist...\b");
- }
- /* TODO: conversion memory */
- fprintf(stderr,
- " *** invalid answer name after SOA query for %s\n",
- arg_domain);
- ldns_pkt_print(stdout, p);
- ldns_pkt_free(p);
- ldns_resolver_deep_free(res);
- exit(4);
- } else {
- soa = ldns_rr_clone(ldns_rr_list_rr(rrlist, 0));
- ldns_rr_list_deep_free(rrlist);
- rrlist = NULL;
- /* check if zone contains DNSSEC data */
- rrlist = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_RRSIG, LDNS_SECTION_ANSWER);
- if (!rrlist) {
- printf("No DNSSEC data received; either the zone is not secured or you should query it directly (with @nameserver)\n");
- ldns_pkt_free(p);
- ldns_resolver_deep_free(res);
- exit(5);
- }
- ldns_rr_list_deep_free(rrlist);
- }
- }
-
- /* add \001 to soa */
- status = ldns_str2rdf_dname(&soa_p1, "\\000");
- if (status != LDNS_STATUS_OK) {
- printf("error: %s\n", ldns_get_errorstr_by_id(status));
- }
- if (!soa) {
- printf("Error getting SOA\n");
- exit(1);
- }
-
- if (startpoint) {
- last_dname = startpoint;
- last_dname_p = create_dname_plus_1(last_dname);
- } else {
- last_dname = ldns_rdf_clone(domain);
- if (ldns_dname_cat(soa_p1, last_dname) != LDNS_STATUS_OK) {
- printf("Error concatenating dnames\n");
- exit(EXIT_FAILURE);
- }
- last_dname_p = ldns_rdf_clone(soa_p1);
- }
-
- if (!full) {
- ldns_rdf_print(stdout, ldns_rr_owner(soa));
- printf("\t");
- }
-
- next_dname = NULL;
- while (!next_dname || ldns_rdf_compare(next_dname, domain) != 0) {
- if (p) {
- ldns_pkt_free(p);
- p = NULL;
- }
- if (verbosity >= 4) {
- printf("Querying for: ");
- ldns_rdf_print(stdout, last_dname_p);
- printf("\n");
- }
- p = ldns_resolver_query(res, last_dname_p, LDNS_RR_TYPE_DS, LDNS_RR_CLASS_IN, LDNS_RD);
- if (verbosity >= 5) {
- if (p) {
- ldns_pkt_print(stdout, p);
- } else {
- fprintf(stdout, "No Packet Received from ldns_resolver_query()\n");
- }
- }
-
- if (next_dname) {
- ldns_rdf_deep_free(next_dname);
- ldns_rr_free(nsec_rr);
- next_dname = NULL;
- nsec_rr = NULL;
- }
-
- if (!p) {
- fprintf(stderr, "Error trying to resolve: ");
- ldns_rdf_print(stderr, last_dname_p);
- fprintf(stderr, "\n");
- while (!p) {
- if (verbosity >= 3) {
- printf("Querying for: ");
- ldns_rdf_print(stdout, last_dname_p);
- printf("\n");
- }
- p = ldns_resolver_query(res, last_dname_p, LDNS_RR_TYPE_DS, LDNS_RR_CLASS_IN, LDNS_RD);
- /* TODO: make a general option for this (something like ignore_rtt)? */
- for (j = 0; j < ldns_resolver_nameserver_count(res); j++) {
- if (ldns_resolver_nameserver_rtt(res, j) != 0) {
- ldns_resolver_set_nameserver_rtt(res, j, LDNS_RESOLV_RTT_MIN);
- }
- }
- if (verbosity >= 5) {
- if (p) {
- ldns_pkt_print(stdout, p);
- } else {
- fprintf(stdout, "No Packet Received from ldns_resolver_query()\n");
- }
- }
- }
- }
-
- /* if the current name is an empty non-terminal, bind returns
- * SERVFAIL on the plus1-query...
- * so requery with only the last dname
- */
- if (ldns_pkt_get_rcode(p) == LDNS_RCODE_SERVFAIL) {
- ldns_pkt_free(p);
- p = NULL;
- if (verbosity >= 3) {
- printf("Querying for: ");
- ldns_rdf_print(stdout, last_dname);
- printf("\n");
- }
- p = ldns_resolver_query(res, last_dname, LDNS_RR_TYPE_DS, LDNS_RR_CLASS_IN, LDNS_RD);
- if (verbosity >= 5) {
- if (p) {
- ldns_pkt_print(stdout, p);
- } else {
- fprintf(stdout, "No Packet Received from ldns_resolver_query()\n");
- }
- }
-
- if (!p) {
- exit(51);
- }
- rrlist = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_NSEC, LDNS_SECTION_AUTHORITY);
- rrlist2 = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_NSEC, LDNS_SECTION_ANSWER);
- } else {
- rrlist = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_NSEC, LDNS_SECTION_AUTHORITY);
- rrlist2 = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_NSEC, LDNS_SECTION_ANSWER);
- }
- if (rrlist && rrlist2) {
- ldns_rr_list_cat(rrlist, rrlist2);
- } else if (rrlist2) {
- rrlist = rrlist2;
- }
-
- if (!rrlist || ldns_rr_list_rr_count(rrlist) < 1) {
- if (!rrlist) {
- fflush(stdout);
- fprintf(stderr, "Zone does not seem to be DNSSEC secured,"
- "or it uses NSEC3.\n");
- fflush(stderr);
- goto exit;
- }
- } else {
- /* find correct nsec */
- next_dname = NULL;
- for (j = 0; j < ldns_rr_list_rr_count(rrlist); j++) {
- if (ldns_nsec_covers_name(ldns_rr_list_rr(rrlist, j), last_dname_p)) {
- if (verbosity >= 3) {
- printf("The domain name: ");
- ldns_rdf_print(stdout, last_dname_p);
- printf("\nis covered by NSEC: ");
- ldns_rr_print(stdout, ldns_rr_list_rr(rrlist, j));
- }
- next_dname = ldns_rdf_clone(ldns_rr_rdf(ldns_rr_list_rr(rrlist, j), 0));
- nsec_rr = ldns_rr_clone(ldns_rr_list_rr(rrlist, j));
- nsec_sigs = ldns_dnssec_pkt_get_rrsigs_for_name_and_type(p, ldns_rr_owner(nsec_rr), LDNS_RR_TYPE_NSEC);
- } else {
- if (verbosity >= 4) {
- printf("\n");
- ldns_rdf_print(stdout, last_dname_p);
- printf("\nNOT covered by NSEC: ");
- ldns_rr_print(stdout, ldns_rr_list_rr(rrlist, j));
- printf("\n");
- }
- }
- }
- if (!next_dname) {
- printf("Error no nsec for ");
- ldns_rdf_print(stdout, last_dname);
- printf("\n");
- exit(1);
- }
- ldns_rr_list_deep_free(rrlist);
- }
- if (!next_dname) {
- /* apparently the zone also has prepended data (i.e. a.example and www.a.example,
- * The www comes after the a but befpre a\\000, so we need to make another name (\\000.a)
- */
- if (last_dname_p) {
- ldns_rdf_deep_free(last_dname_p);
- }
- last_dname_p = create_plus_1_dname(last_dname);
- } else {
- if (last_dname) {
- if (ldns_rdf_compare(last_dname, next_dname) == 0) {
- printf("\n\nNext dname is the same as current, this would loop forever. This is a problem that usually occurs when walking through a caching forwarder. Try using the authoritative nameserver to walk (with @nameserver).\n");
- exit(2);
- }
- ldns_rdf_deep_free(last_dname);
- }
- last_dname = ldns_rdf_clone(next_dname);
- if (last_dname_p) {
- ldns_rdf_deep_free(last_dname_p);
- }
- last_dname_p = create_dname_plus_1(last_dname);
- if (!full) {
- ldns_rdf_print(stdout, ldns_rr_owner(nsec_rr));
- printf(" ");
- ldns_rdf_print(stdout, ldns_rr_rdf(nsec_rr, 1));
- printf("\n");
- } else {
- /* ok, so now we know all the types present at this name,
- * query for those one by one (...)
- */
- status = query_type_bitmaps(res, LDNS_RD, ldns_rr_owner(nsec_rr),
- ldns_rr_rdf(nsec_rr, 1));
- /* print this nsec and its signatures too */
- ldns_rr_print(stdout, nsec_rr);
- if (nsec_sigs) {
- ldns_rr_list_print(stdout, nsec_sigs);
- ldns_rr_list_free(nsec_sigs);
- nsec_sigs = NULL;
- }
- }
- }
-
- }
-
- ldns_rdf_deep_free(domain);
- ldns_rdf_deep_free(soa_p1);
- ldns_rdf_deep_free(last_dname_p);
- ldns_rdf_deep_free(last_dname);
- ldns_rdf_deep_free(next_dname);
- ldns_rr_free(nsec_rr);
- ldns_pkt_free(p);
-
- ldns_rr_free(soa);
-
- printf("\n\n");
- ldns_resolver_deep_free(res);
-
- exit:
- return result;
-}
+++ /dev/null
-.TH ldns-zcat 1 "15 Dec 2005"
-.SH NAME
-ldns-zcat \- reunite (z)split up a zone files
-.SH SYNOPSIS
-.B ldns-zcat
-.IR zonefiles
-
-.SH DESCRIPTION
-.B ldns-zcat
-will read in a bunch of (z)split up zonefiles and creates a new larger
-zone file. The SOA record in the first part is used as the SOA record
-in the generated zone.
-.PP
-The resulted zone file is printed to standard output.
-
-.SH OPTIONS
-.TP
-.B -o ORIGIN
-use ORIGIN when reading in the zone
-
-.SH AUTHOR
-Written by the ldns team as an example for ldns usage.
-
-.SH REPORTING BUGS
-Report bugs to <ldns-team@nlnetlabs.nl>.
-
-.SH COPYRIGHT
-Copyright (C) 2005, 2006 NLnet Labs. This is free software. There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
-PURPOSE.
+++ /dev/null
-/*
- * read a zone that is split up with ldns-zsplit and re-create
- * the original zone
- *
- * From:
- * zone1: SOA a b c d e f
- * zone2: SOA f g h i k l
- *
- * Go back to:
- * zone: SOA a b c d e f g h i j k l
- *
- * This is useful in combination with ldns-zsplit
- *
- * See the file LICENSE for the license
- */
-
-#include "config.h"
-#include <errno.h>
-#include <ldns/ldns.h>
-
-#define FIRST_ZONE 0
-#define MIDDLE_ZONE 1
-#define LAST_ZONE 2
-
-static void
-usage(FILE *f, char *progname)
-{
- fprintf(f, "Usage: %s [OPTIONS] <zonefiles>\n", progname);
- fprintf(f, " Concatenate signed zone snippets created with ldns-zsplit\n");
- fprintf(f, " back together. The generate zone file is printed to stdout\n");
- fprintf(f, " The new zone should be equal to the original zone (before splitting)\n");
- fprintf(f, "OPTIONS:\n");
- fprintf(f, "-o ORIGIN\tUse this as initial origin, for zones starting with @\n");
- fprintf(f, "-v\t\tShow the version number and exit\n");
-}
-
-int
-main(int argc, char **argv)
-{
- char *progname;
- FILE *fp;
- int c;
- ldns_rdf *origin;
- size_t i, j;
- int where;
- ldns_zone *z;
- ldns_rr_list *zrr;
- ldns_rr *current_rr;
- ldns_rr *soa;
- ldns_rdf *last_owner;
- ldns_rr *last_rr;
- ldns_rr *pop_rr;
-
- progname = strdup(argv[0]);
- origin = NULL;
-
- while ((c = getopt(argc, argv, "n:o:v")) != -1) {
- switch(c) {
- case 'o':
- origin = ldns_dname_new_frm_str(strdup(optarg));
- if (!origin) {
- fprintf(stderr, "Cannot convert the origin %s to a domainname\n", optarg);
- exit(EXIT_FAILURE);
- }
- break;
- case 'v':
- printf("zone file concatenator version %s (ldns version %s)\n", LDNS_VERSION, ldns_version());
- exit(EXIT_SUCCESS);
- break;
- default:
- fprintf(stderr, "Unrecognized option\n");
- usage(stdout, progname);
- exit(EXIT_FAILURE);
- }
- }
-
- argc -= optind;
- argv += optind;
-
- if (argc < 1) {
- usage(stdout, progname);
- exit(EXIT_FAILURE);
- }
-
- for (i = 0; i < (size_t)argc; i++) {
-
- if (!(fp = fopen(argv[i], "r"))) {
- fprintf(stderr, "Error opening key file %s: %s\n", argv[i], strerror(errno));
- exit(EXIT_FAILURE);
- }
-
- if (ldns_zone_new_frm_fp(&z, fp, origin, 0, 0) != LDNS_STATUS_OK) {
- fprintf(stderr, "Zone file %s could not be parsed correctly\n", argv[i]);
- exit(EXIT_FAILURE);
- }
-
- zrr = ldns_zone_rrs(z);
- soa = ldns_zone_soa(z); /* SOA is stored seperately */
-
- fprintf(stderr, "%s\n", argv[i]);
-
- if (0 == i) {
- where = FIRST_ZONE;
-
- /* remove the last equal named RRs */
- last_rr = ldns_rr_list_pop_rr(zrr);
- last_owner = ldns_rr_owner(last_rr);
- /* remove until no match */
- do {
- pop_rr = ldns_rr_list_pop_rr(zrr);
- } while(ldns_rdf_compare(last_owner, ldns_rr_owner(pop_rr)) == 0) ;
- /* we popped one to many, put it back */
- ldns_rr_list_push_rr(zrr, pop_rr);
- } else if ((size_t)(argc - 1) == i) {
- where = LAST_ZONE;
- } else {
- where = MIDDLE_ZONE;
-
- /* remove the last equal named RRs */
- last_rr = ldns_rr_list_pop_rr(zrr);
- last_owner = ldns_rr_owner(last_rr);
- /* remove until no match */
- do {
- pop_rr = ldns_rr_list_pop_rr(zrr);
- } while(ldns_rdf_compare(last_owner, ldns_rr_owner(pop_rr)) == 0) ;
- /* we popped one to many, put it back */
- ldns_rr_list_push_rr(zrr, pop_rr);
- }
-
- /* printing the RRs */
- for (j = 0; j < ldns_rr_list_rr_count(zrr); j++) {
-
- current_rr = ldns_rr_list_rr(zrr, j);
-
- switch(where) {
- case FIRST_ZONE:
- if (soa) {
- ldns_rr_print(stdout, soa);
- soa = NULL;
- }
- break;
- case MIDDLE_ZONE:
- /* rm SOA */
- /* SOA isn't printed by default */
-
- /* rm SOA aux records
- * this also takes care of the DNSKEYs + RRSIGS
- */
- if (ldns_rdf_compare(ldns_rr_owner(current_rr),
- ldns_rr_owner(soa)) == 0) {
- continue;
- }
- break;
- case LAST_ZONE:
- /* rm SOA */
- /* SOA isn't printed by default */
-
- /* rm SOA aux records
- * this also takes care of the DNSKEYs + RRSIGS
- */
- if (ldns_rdf_compare(ldns_rr_owner(current_rr),
- ldns_rr_owner(soa)) == 0) {
- continue;
- }
- break;
- }
- ldns_rr_print(stdout, current_rr);
- }
- }
- exit(EXIT_SUCCESS);
-}
+++ /dev/null
-.TH ldns-zsplit 1 "15 Dec 2005"
-.SH NAME
-ldns-zsplit \- split up a zone file
-.SH SYNOPSIS
-.B ldns-zsplit
-[
-.IR OPTIONS
-]
-.IR zonefile
-
-.SH DESCRIPTION
-
-.SH OPTIONS
-.TP
-.B -n NUMBER
-Split after NUMBER RRs, \fBldns-zsplit\fR will not split in
-the middle of an RRs.
-.PP
-Each part is saved with a numerical suffix, starting with .000. The
-largest suffix is thus .999.
-
-.TP
-.B -o ORIGIN
-use ORIGIN as origin when reading the zonefile.
-
-.TP
-.B -z
-Sort the zone before splitting.
-
-.SH AUTHOR
-Written by the ldns team as an example for ldns usage.
-
-.SH REPORTING BUGS
-Report bugs to <ldns-team@nlnetlabs.nl>.
-
-.SH COPYRIGHT
-Copyright (C) 2005, 2006 NLnet Labs. This is free software. There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
-PURPOSE.
+++ /dev/null
-/*
- * read a zone from disk and split it up:
- *
- * zone: SOA a b c d e f g h i j k l
- * becomes:
- * zone1: SOA a b c d e f
- * zone2: SOA f g h i k l
- *
- * ldns-catzone removes the last name and put
- * the zone back together.
- *
- * This way you can incremental sign a zone
- *
- * See the file LICENSE for the license
- */
-
-#include "config.h"
-#include <errno.h>
-#include <ldns/ldns.h>
-
-#define DEFAULT_SPLIT 1000
-#define FILE_SIZE 255
-#define SPLIT_MAX 999
-#define NO_SPLIT 0
-#define INTENT_TO_SPLIT 1
-#define SPLIT_NOW 2
-
-static void
-usage(FILE *f, char *progname)
-{
- fprintf(f, "Usage: %s [OPTIONS] <zonefile> [keys]\n", progname);
- fprintf(f, " Cut a zone file into pieces, each part is put in a file\n");
- fprintf(f, " named: '<zonefile>.NNN'. Where NNN is a integer ranging 000 to 999.\n");
- fprintf(f, " If key files are given they are inserted in each part.\n");
- fprintf(f, " The original SOA is also included in each part, making them correct DNS\n");
- fprintf(f, " (mini) zones.\n");
- fprintf(f, " This utility can be used to parallel sign a large zone.\n");
- fprintf(f, " To make it work the original zone needs to be canonical ordered.\n");
- fprintf(f, "\nOPTIONS:\n");
- fprintf(f, " -n NUMBER\tsplit after this many RRs\n");
- fprintf(f, " -o ORIGIN\tuse this as initial origin, for zones starting with @\n");
- fprintf(f, " -z\t\tsort the zone prior to splitting. The current ldns zone\n");
- fprintf(f, " \t\timplementation makes this unuseable for large zones.\n");
- fprintf(f, " -v\t\tshow version number and exit\n");
-}
-
-
-/* key the keys from the cmd line */
-static ldns_rr_list *
-open_keyfiles(char **files, uint16_t filec)
-{
- uint16_t i;
- ldns_rr_list *pubkeys;
- ldns_rr *k;
- FILE *kfp;
-
- pubkeys = ldns_rr_list_new();
-
- for (i = 0; i < filec; i++) {
- if (!(kfp = fopen(files[i], "r"))) {
- fprintf(stderr, "Error opening key file %s: %s\n", files[i], strerror(errno));
- return NULL;
- }
- if (ldns_rr_new_frm_fp(&k, kfp, NULL, NULL, NULL) != LDNS_STATUS_OK) {
- fprintf(stderr, "Error parsing the key file %s: %s\n", files[i], strerror(errno));
- return NULL;
- }
- fclose(kfp);
- ldns_rr_list_push_rr(pubkeys, k);
- }
- return pubkeys;
-}
-
-/* open a new zone file with the correct suffix */
-static FILE *
-open_newfile(char *basename, ldns_zone *z, size_t counter, ldns_rr_list *keys)
-{
- char filename[FILE_SIZE];
- FILE *fp;
-
- if (counter > SPLIT_MAX) {
- fprintf(stderr, "Maximum split count reached %u\n", (unsigned int) counter);
- return NULL;
- }
-
- snprintf(filename, FILE_SIZE, "%s.%03u", basename, (unsigned int) counter);
-
- if (!(fp = fopen(filename, "w"))) {
- fprintf(stderr, "Cannot open zone %s: %s\n", filename, strerror(errno));
- return NULL;
- } else {
- fprintf(stderr, "%s\n", filename);
- }
- ldns_rr_print(fp, ldns_zone_soa(z));
- if (keys) {
- ldns_rr_list_print(fp, keys);
-
- }
- return fp;
-}
-
-int
-main(int argc, char **argv)
-{
- char *progname;
- FILE *fp;
- ldns_zone *z;
- ldns_rr_list *zrrs;
- ldns_rdf *lastname;
- int c;
- int line_nr;
- size_t split;
- size_t i;
- int splitting;
- int compare;
- size_t file_counter;
- ldns_rdf *origin;
- ldns_rdf *current_rdf;
- ldns_rr *current_rr;
- ldns_rr_list *last_rrset;
- ldns_rr_list *pubkeys;
- bool sort;
- ldns_status s;
-
- progname = strdup(argv[0]);
- split = 0;
- splitting = NO_SPLIT;
- file_counter = 0;
- lastname = NULL;
- origin = NULL;
- last_rrset = ldns_rr_list_new();
- sort = false;
-
- while ((c = getopt(argc, argv, "n:o:zv")) != -1) {
- switch(c) {
- case 'n':
- split = (size_t)atoi(optarg);
- if (split == 0) {
- fprintf(stderr, "-n want a integer\n");
- exit(EXIT_FAILURE);
- }
- break;
- case 'o':
- origin = ldns_dname_new_frm_str(strdup(optarg));
- if (!origin) {
- fprintf(stderr, "Cannot convert the origin %s to a domainname\n", optarg);
- exit(EXIT_FAILURE);
- }
- break;
- case 'v':
- printf("zone file splitter version %s (ldns version %s)\n", LDNS_VERSION, ldns_version());
- exit(EXIT_SUCCESS);
- break;
- case 'z':
- sort = true;
- break;
- default:
- fprintf(stderr, "Unrecognized option\n");
- usage(stdout, progname);
- exit(EXIT_FAILURE);
- }
- }
- if (split == 0) {
- split = DEFAULT_SPLIT;
- }
-
- argc -= optind;
- argv += optind;
-
- if (argc < 1) {
- usage(stdout, progname);
- exit(EXIT_FAILURE);
- }
-
- if (!(fp = fopen(argv[0], "r"))) {
- fprintf(stderr, "Unable to open %s: %s\n", argv[0], strerror(errno));
- exit(EXIT_FAILURE);
- }
-
- /* get the keys */
- pubkeys = open_keyfiles(argv + 1, (uint16_t) argc - 1);
-
- /* suck in the entire zone ... */
- if (!origin) {
- origin = ldns_dname_new_frm_str(".");
- }
-
- s = ldns_zone_new_frm_fp_l(&z, fp, origin, 0, LDNS_RR_CLASS_IN, &line_nr);
- fclose(fp);
-
- if (s != LDNS_STATUS_OK) {
- fprintf(stderr, "Zone file %s could not be parsed correctly: %s at line %d\n",
- argv[0],
- ldns_get_errorstr_by_id(s),
- line_nr);
- exit(EXIT_FAILURE);
- }
- /* these kind of things can kill you... */
- if (sort) {
- ldns_zone_sort(z);
- }
-
- zrrs = ldns_zone_rrs(z);
- if (ldns_rr_list_rr_count(zrrs) / split > SPLIT_MAX) {
- fprintf(stderr, "The zone is too large for the used -n value: %u\n", (unsigned int) split);
- exit(EXIT_FAILURE);
- }
-
-
- /* Setup */
- if (!(fp = open_newfile(argv[0], z, file_counter, pubkeys))) {
- exit(EXIT_FAILURE);
- }
-
- for(i = 0; i < ldns_rr_list_rr_count(zrrs); i++) {
-
- current_rr = ldns_rr_list_rr(zrrs, i);
- current_rdf = ldns_rr_owner(current_rr);
-
- compare = ldns_dname_compare(current_rdf, lastname);
-
- if (compare == 0) {
- ldns_rr_list_push_rr(last_rrset, current_rr);
- }
-
- if (i > 0 && (i % split) == 0) {
- splitting = INTENT_TO_SPLIT;
- }
-
- if (splitting == INTENT_TO_SPLIT) {
- if (compare != 0) {
- splitting = SPLIT_NOW;
- }
- }
-
- if (splitting == SPLIT_NOW) {
- fclose(fp);
-
- lastname = NULL;
- splitting = NO_SPLIT;
- file_counter++;
- if (!(fp = open_newfile(argv[0], z, file_counter, pubkeys))) {
- exit(EXIT_FAILURE);
- }
-
- /* insert the last RRset in the new file */
- ldns_rr_list_print(fp, last_rrset);
-
- /* print the current rr */
- ldns_rr_print(fp, current_rr);
-
- /* remove them */
- ldns_rr_list_free(last_rrset);
- last_rrset = ldns_rr_list_new();
- /* add the current RR */
- ldns_rr_list_push_rr(last_rrset, current_rr);
- continue;
- }
- if (splitting == NO_SPLIT || splitting == INTENT_TO_SPLIT) {
- ldns_rr_print(fp, current_rr);
- }
- if (compare != 0) {
- /* remove them and then add the current one */
- ldns_rr_list_free(last_rrset);
- last_rrset = ldns_rr_list_new();
- ldns_rr_list_push_rr(last_rrset, current_rr);
- }
- lastname = current_rdf;
- }
- fclose(fp);
- exit(EXIT_SUCCESS);
-}
+++ /dev/null
-.TH ldnsd 1 "27 Apr 2005"
-.SH NAME
-ldnsd \- simple daemon example code
-.SH SYNOPSIS
-.B ldnsd
-.IR port
-.IR zone
-.IR zonefile
-
-.SH DESCRIPTION
-\fBldnsd\fR is a simple daemon that answers queries for a zone.
-This is NOT a full-fledged authoritative nameserver!
-
-.SH OPTIONS
-\fBldnsd\fR takes a port, zone and zonefile as arguments.
-
-.SH AUTHOR
-Written by the ldns team as an example for ldns usage.
-
-.SH REPORTING BUGS
-Report bugs to <ldns-team@nlnetlabs.nl>.
-
-.SH COPYRIGHT
-Copyright (C) 2005 NLnet Labs. This is free software. There is NO
-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
-PURPOSE.
+++ /dev/null
-/*
- * ldnsd. Light-weight DNS daemon
- *
- * Tiny dns server to show how a real one could be built.
- *
- * (c) NLnet Labs, 2005
- * See the file LICENSE for the license
- */
-
-#include "config.h"
-#include <ldns/ldns.h>
-
-#ifdef HAVE_SYS_SOCKET_H
-# include <sys/socket.h>
-#endif
-#ifdef HAVE_ARPA_INET_H
-# include <arpa/inet.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-# include <netinet/in.h>
-#endif
-#ifdef HAVE_NETINET_UDP_H
-# include <netinet/udp.h>
-#endif
-#ifdef HAVE_NETINET_IGMP_H
-# include <netinet/igmp.h>
-#endif
-
-#include <errno.h>
-
-#define INBUF_SIZE 4096
-
-void usage(FILE *output)
-{
- fprintf(output, "Usage: ldnsd <address> <port> <zone> <zonefile>\n");
- fprintf(output, "Listens on the specified port and answers queries for the given zone\n");
- fprintf(output, "This is NOT a full-fledged authoritative nameserver!\n");
-}
-
-static int udp_bind(int sock, int port, const char *my_address)
-{
- struct sockaddr_in addr;
- in_addr_t maddr = INADDR_ANY;
-
- if (my_address) {
-#ifdef AF_INET6
- if (inet_pton(AF_INET6, my_address, &maddr) < 1) {
-#else
- if (0) {
-#endif
- if (inet_pton(AF_INET, my_address, &maddr) < 1) {
- return -2;
- }
- }
- }
-
- addr.sin_family = AF_INET;
- addr.sin_port = (in_port_t) htons((uint16_t)port);
- addr.sin_addr.s_addr = maddr;
- return bind(sock, (struct sockaddr *)&addr, (socklen_t) sizeof(addr));
-}
-
-/* this will probably be moved to a better place in the library itself */
-ldns_rr_list *
-get_rrset(const ldns_zone *zone, const ldns_rdf *owner_name, const ldns_rr_type qtype, const ldns_rr_class qclass)
-{
- uint16_t i;
- ldns_rr_list *rrlist = ldns_rr_list_new();
- ldns_rr *cur_rr;
- if (!zone || !owner_name) {
- fprintf(stderr, "Warning: get_rrset called with NULL zone or owner name\n");
- return rrlist;
- }
-
- for (i = 0; i < ldns_zone_rr_count(zone); i++) {
- cur_rr = ldns_rr_list_rr(ldns_zone_rrs(zone), i);
- if (ldns_dname_compare(ldns_rr_owner(cur_rr), owner_name) == 0 &&
- ldns_rr_get_class(cur_rr) == qclass &&
- ldns_rr_get_type(cur_rr) == qtype
- ) {
- ldns_rr_list_push_rr(rrlist, ldns_rr_clone(cur_rr));
- }
- }
-
- printf("Found rrset of %u rrs\n", (unsigned int) ldns_rr_list_rr_count(rrlist));
-
- return rrlist;
-}
-
-int
-main(int argc, char **argv)
-{
- /* arguments */
- int port;
- const char *zone_file;
-
- /* network */
- int sock;
- ssize_t nb;
- struct sockaddr addr_me;
- struct sockaddr addr_him;
- socklen_t hislen = (socklen_t) sizeof(addr_him);
- uint8_t inbuf[INBUF_SIZE];
- uint8_t *outbuf;
-
- /* dns */
- ldns_status status;
- ldns_pkt *query_pkt;
- ldns_pkt *answer_pkt;
- size_t answer_size;
- ldns_rr *query_rr;
- ldns_rr_list *answer_qr;
- ldns_rr_list *answer_an;
- ldns_rr_list *answer_ns;
- ldns_rr_list *answer_ad;
- ldns_rdf *origin = NULL;
-
- /* zone */
- ldns_zone *zone;
- int line_nr;
- FILE *zone_fp;
-
- /* use this to listen on specified interfaces later? */
- char *my_address = NULL;
-
- if (argc < 5) {
- usage(stderr);
- exit(EXIT_FAILURE);
- } else {
- my_address = argv[1];
- port = atoi(argv[2]);
- if (port < 1) {
- usage(stderr);
- exit(EXIT_FAILURE);
- }
- if (ldns_str2rdf_dname(&origin, argv[3]) != LDNS_STATUS_OK) {
- fprintf(stderr, "Bad origin, not a correct domain name\n");
- usage(stderr);
- exit(EXIT_FAILURE);
- }
- zone_file = argv[4];
- }
-
- printf("Reading zone file %s\n", zone_file);
- zone_fp = fopen(zone_file, "r");
- if (!zone_fp) {
- fprintf(stderr, "Unable to open %s: %s\n", zone_file, strerror(errno));
- exit(EXIT_FAILURE);
- }
-
- line_nr = 0;
- status = ldns_zone_new_frm_fp_l(&zone, zone_fp, origin, 0, LDNS_RR_CLASS_IN, &line_nr);
-
- if (status != LDNS_STATUS_OK) {
- printf("Zone reader failed, aborting\n");
- exit(EXIT_FAILURE);
- } else {
- printf("Read %u resource records in zone file\n", (unsigned int) ldns_zone_rr_count(zone));
- }
- fclose(zone_fp);
-
- printf("Listening on port %d\n", port);
- sock = socket(AF_INET, SOCK_DGRAM, 0);
- if (sock < 0) {
- fprintf(stderr, "%s: socket(): %s\n", argv[0], strerror(errno));
- exit(1);
- }
- memset(&addr_me, 0, sizeof(addr_me));
-
- /* bind: try all ports in that range */
- if (udp_bind(sock, port, my_address)) {
- fprintf(stderr, "%s: cannot bind(): %s\n", argv[0], strerror(errno));
- exit(errno);
- }
-
- /* Done. Now receive */
- while (1) {
- nb = recvfrom(sock, (void*)inbuf, INBUF_SIZE, 0,
- &addr_him, &hislen);
- if (nb < 1) {
- fprintf(stderr, "%s: recvfrom(): %s\n",
- argv[0], strerror(errno));
- exit(1);
- }
-
- /*
- show(inbuf, nb, nn, hp, sp, ip, bp);
- */
- printf("Got query of %u bytes\n", (unsigned int) nb);
- status = ldns_wire2pkt(&query_pkt, inbuf, (size_t) nb);
- if (status != LDNS_STATUS_OK) {
- printf("Got bad packet: %s\n", ldns_get_errorstr_by_id(status));
- } else {
- ldns_pkt_print(stdout, query_pkt);
- }
-
- query_rr = ldns_rr_list_rr(ldns_pkt_question(query_pkt), 0);
- printf("QUERY RR: \n");
- ldns_rr_print(stdout, query_rr);
-
- answer_qr = ldns_rr_list_new();
- ldns_rr_list_push_rr(answer_qr, ldns_rr_clone(query_rr));
-
- answer_an = get_rrset(zone, ldns_rr_owner(query_rr), ldns_rr_get_type(query_rr), ldns_rr_get_class(query_rr));
- answer_pkt = ldns_pkt_new();
- answer_ns = ldns_rr_list_new();
- answer_ad = ldns_rr_list_new();
-
- ldns_pkt_set_qr(answer_pkt, 1);
- ldns_pkt_set_aa(answer_pkt, 1);
- ldns_pkt_set_id(answer_pkt, ldns_pkt_id(query_pkt));
-
- ldns_pkt_push_rr_list(answer_pkt, LDNS_SECTION_QUESTION, answer_qr);
- ldns_pkt_push_rr_list(answer_pkt, LDNS_SECTION_ANSWER, answer_an);
- ldns_pkt_push_rr_list(answer_pkt, LDNS_SECTION_AUTHORITY, answer_ns);
- ldns_pkt_push_rr_list(answer_pkt, LDNS_SECTION_ADDITIONAL, answer_ad);
-
- status = ldns_pkt2wire(&outbuf, answer_pkt, &answer_size);
-
- printf("Answer packet size: %u bytes.\n", (unsigned int) answer_size);
- if (status != LDNS_STATUS_OK) {
- printf("Error creating answer: %s\n", ldns_get_errorstr_by_id(status));
- } else {
- nb = sendto(sock, (void*)outbuf, answer_size, 0,
- &addr_him, hislen);
- }
-
- ldns_pkt_free(query_pkt);
- ldns_pkt_free(answer_pkt);
- LDNS_FREE(outbuf);
- ldns_rr_list_free(answer_qr);
- ldns_rr_list_free(answer_an);
- ldns_rr_list_free(answer_ns);
- ldns_rr_list_free(answer_ad);
- }
-
- ldns_rdf_deep_free(origin);
- ldns_zone_deep_free(zone);
-
- return 0;
-}
+++ /dev/null
-/*
- * higher.c
- *
- * Specify some higher level functions that would
- * be usefull to would be developers
- *
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2004-2006
- *
- * See the file LICENSE for the license
- */
-
-#include <ldns/config.h>
-
-#include <ldns/ldns.h>
-
-#ifdef HAVE_SSL
-#include <openssl/ssl.h>
-#include <openssl/sha.h>
-#endif /* HAVE_SSL */
-
-ldns_rr_list *
-ldns_get_rr_list_addr_by_name(ldns_resolver *res, ldns_rdf *name, ldns_rr_class c,
- uint16_t flags)
-{
- ldns_pkt *pkt;
- ldns_rr_list *aaaa;
- ldns_rr_list *a;
- ldns_rr_list *result = NULL;
- ldns_rr_list *hostsfilenames;
- size_t i;
- uint8_t ip6;
-
- a = NULL;
- aaaa = NULL;
- result = NULL;
-
- if (!res) {
- return NULL;
- }
- if (ldns_rdf_get_type(name) != LDNS_RDF_TYPE_DNAME) {
- return NULL;
- }
-
- ip6 = ldns_resolver_ip6(res); /* we use INET_ANY here, save
- what was there */
-
- ldns_resolver_set_ip6(res, LDNS_RESOLV_INETANY);
-
- hostsfilenames = ldns_get_rr_list_hosts_frm_file(NULL);
- for (i = 0; i < ldns_rr_list_rr_count(hostsfilenames); i++) {
- if (ldns_rdf_compare(name,
- ldns_rr_owner(ldns_rr_list_rr(hostsfilenames,
- i))) == 0) {
- if (!result) {
- result = ldns_rr_list_new();
- }
- ldns_rr_list_push_rr(result,
- ldns_rr_clone(ldns_rr_list_rr(hostsfilenames, i)));
- }
- }
- ldns_rr_list_deep_free(hostsfilenames);
-
- if (result) {
- return result;
- }
-
- /* add the RD flags, because we want an answer */
- pkt = ldns_resolver_query(res, name, LDNS_RR_TYPE_AAAA, c, flags | LDNS_RD);
- if (pkt) {
- /* extract the data we need */
- aaaa = ldns_pkt_rr_list_by_type(pkt, LDNS_RR_TYPE_AAAA,
- LDNS_SECTION_ANSWER);
- ldns_pkt_free(pkt);
- }
-
- pkt = ldns_resolver_query(res, name, LDNS_RR_TYPE_A, c, flags | LDNS_RD);
- if (pkt) {
- /* extract the data we need */
- a = ldns_pkt_rr_list_by_type(pkt, LDNS_RR_TYPE_A, LDNS_SECTION_ANSWER);
- ldns_pkt_free(pkt);
- }
- ldns_resolver_set_ip6(res, ip6);
-
- if (aaaa && a) {
- result = ldns_rr_list_cat_clone(aaaa, a);
- ldns_rr_list_deep_free(aaaa);
- ldns_rr_list_deep_free(a);
- return result;
- }
-
- if (aaaa) {
- result = ldns_rr_list_clone(aaaa);
- }
-
- if (a) {
- result = ldns_rr_list_clone(a);
- }
-
- ldns_rr_list_deep_free(aaaa);
- ldns_rr_list_deep_free(a);
- return result;
-}
-
-ldns_rr_list *
-ldns_get_rr_list_name_by_addr(ldns_resolver *res, ldns_rdf *addr, ldns_rr_class c,
- uint16_t flags)
-{
- ldns_pkt *pkt;
- ldns_rr_list *names;
- ldns_rdf *name;
-
- names = NULL;
-
- if (!res || !addr) {
- return NULL;
- }
-
- if (ldns_rdf_get_type(addr) != LDNS_RDF_TYPE_A &&
- ldns_rdf_get_type(addr) != LDNS_RDF_TYPE_AAAA) {
- return NULL;
- }
-
- name = ldns_rdf_address_reverse(addr);
-
- /* add the RD flags, because we want an answer */
- pkt = ldns_resolver_query(res, name, LDNS_RR_TYPE_PTR, c, flags | LDNS_RD);
- if (pkt) {
- /* extract the data we need */
- names = ldns_pkt_rr_list_by_type(pkt,
- LDNS_RR_TYPE_PTR, LDNS_SECTION_ANSWER);
- }
- return names;
-}
-
-/* read a line, put it in a buffer, parse the buffer */
-ldns_rr_list *
-ldns_get_rr_list_hosts_frm_fp(FILE *fp)
-{
- return ldns_get_rr_list_hosts_frm_fp_l(fp, NULL);
-}
-
-ldns_rr_list *
-ldns_get_rr_list_hosts_frm_fp_l(FILE *fp, int *line_nr)
-{
- ssize_t i, j;
- size_t cnt;
- char *line;
- char *word;
- char *addr;
- char *rr_str;
- ldns_buffer *linebuf;
- ldns_rr *rr;
- ldns_rr_list *list;
- ldns_rdf *tmp;
- bool ip6;
- ldns_status parse_result;
-
- line = LDNS_XMALLOC(char, LDNS_MAX_LINELEN + 1);
- word = LDNS_XMALLOC(char, LDNS_MAX_LINELEN + 1);
- addr = LDNS_XMALLOC(char, LDNS_MAX_LINELEN + 1);
- rr_str = LDNS_XMALLOC(char, LDNS_MAX_LINELEN + 1);
- ip6 = false;
- list = ldns_rr_list_new();
- rr = NULL;
- if(!line || !word || !addr || !rr_str || !list) {
- LDNS_FREE(line);
- LDNS_FREE(word);
- LDNS_FREE(addr);
- LDNS_FREE(rr_str);
- ldns_rr_list_free(list);
- return NULL;
- }
-
- for(i = ldns_fget_token_l(fp, line, "\n", LDNS_MAX_LINELEN, line_nr);
- i > 0; i = ldns_fget_token_l(fp, line, "\n", LDNS_MAX_LINELEN, line_nr)) {
- /* # is comment */
- if (line[0] == '#') {
- continue;
- }
- /* put it in a buffer for further processing */
- linebuf = LDNS_MALLOC(ldns_buffer);
- if(!linebuf) {
- LDNS_FREE(line);
- LDNS_FREE(word);
- LDNS_FREE(addr);
- LDNS_FREE(rr_str);
- ldns_rr_list_deep_free(list);
- return NULL;
- }
-
- ldns_buffer_new_frm_data(linebuf, line, (size_t) i);
- for(cnt = 0, j = ldns_bget_token(linebuf, word, LDNS_PARSE_NO_NL, LDNS_MAX_LINELEN);
- j > 0;
- j = ldns_bget_token(linebuf, word, LDNS_PARSE_NO_NL, LDNS_MAX_LINELEN), cnt++) {
- if (cnt == 0) {
- /* the address */
- if ((tmp = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_AAAA,
- word))) {
- /* ip6 */
- ldns_rdf_deep_free(tmp);
- ip6 = true;
- } else {
- if ((tmp = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_A,
- word))) {
- /* ip4 */
- ldns_rdf_deep_free(tmp);
- ip6 = false;
- } else {
- /* kaput */
- break;
- }
- }
- (void)strlcpy(addr, word, LDNS_MAX_LINELEN+1);
- } else {
- /* la al la la */
- if (ip6) {
- snprintf(rr_str, LDNS_MAX_LINELEN,
- "%s IN AAAA %s", word, addr);
- } else {
- snprintf(rr_str, LDNS_MAX_LINELEN,
- "%s IN A %s", word, addr);
- }
- parse_result = ldns_rr_new_frm_str(&rr, rr_str, 0, NULL, NULL);
- if (parse_result == LDNS_STATUS_OK && ldns_rr_owner(rr) && ldns_rr_rd_count(rr) > 0) {
- ldns_rr_list_push_rr(list, ldns_rr_clone(rr));
- }
- ldns_rr_free(rr);
- }
- }
- ldns_buffer_free(linebuf);
- }
- LDNS_FREE(line);
- LDNS_FREE(word);
- LDNS_FREE(addr);
- LDNS_FREE(rr_str);
- return list;
-}
-
-ldns_rr_list *
-ldns_get_rr_list_hosts_frm_file(char *filename)
-{
- ldns_rr_list *names;
- FILE *fp;
-
- if (!filename) {
- fp = fopen(LDNS_RESOLV_HOSTS, "r");
-
- } else {
- fp = fopen(filename, "r");
- }
- if (!fp) {
- return NULL;
- }
-
- names = ldns_get_rr_list_hosts_frm_fp(fp);
- fclose(fp);
- return names;
-}
-
-uint16_t
-ldns_getaddrinfo(ldns_resolver *res, ldns_rdf *node, ldns_rr_class c,
- ldns_rr_list **ret)
-{
- ldns_rdf_type t;
- uint16_t names_found;
- ldns_resolver *r;
- ldns_status s;
-
- t = ldns_rdf_get_type(node);
- names_found = 0;
- r = res;
-
- if (res == NULL) {
- /* prepare a new resolver, using /etc/resolv.conf as a guide */
- s = ldns_resolver_new_frm_file(&r, NULL);
- if (s != LDNS_STATUS_OK) {
- return 0;
- }
- }
-
- if (t == LDNS_RDF_TYPE_DNAME) {
- /* we're asked to query for a name */
- *ret = ldns_get_rr_list_addr_by_name(r, node, c, 0);
- names_found = ldns_rr_list_rr_count(*ret);
- }
-
- if (t == LDNS_RDF_TYPE_A || t == LDNS_RDF_TYPE_AAAA) {
- /* an address */
- *ret = ldns_get_rr_list_name_by_addr(r, node, c, 0);
- names_found = ldns_rr_list_rr_count(*ret);
- }
-
- if (res == NULL) {
- ldns_resolver_deep_free(r);
- }
-
- return names_found;
-}
-
-bool
-ldns_nsec_type_check(ldns_rr *nsec, ldns_rr_type t)
-{
- /* does the nsec cover the t given? */
- /* copied from host2str.c line 465: ldns_rdf2buffer_str_nsec */
- uint8_t window_block_nr;
- uint8_t bitmap_length;
- uint16_t type;
- uint16_t pos = 0;
- uint16_t bit_pos;
- ldns_rdf *nsec_type_list = ldns_rr_rdf(nsec, 1);
- uint8_t *data = ldns_rdf_data(nsec_type_list);
-
- while(pos < ldns_rdf_size(nsec_type_list)) {
- window_block_nr = data[pos];
- bitmap_length = data[pos + 1];
- pos += 2;
-
- for (bit_pos = 0; bit_pos < (bitmap_length) * 8; bit_pos++) {
- if (ldns_get_bit(&data[pos], bit_pos)) {
- type = 256 * (uint16_t) window_block_nr + bit_pos;
-
- if ((ldns_rr_type)type == t) {
- /* we have a winner */
- return true;
- }
- }
- }
- pos += (uint16_t) bitmap_length;
- }
- return false;
-}
-
-void
-ldns_print_rr_rdf(FILE *fp, ldns_rr *r, int rdfnum, ...)
-{
- int16_t rdf;
- ldns_rdf *rd;
- va_list va_rdf;
- va_start(va_rdf, rdfnum);
-
- for (rdf = (int16_t)rdfnum; rdf != -1; rdf = (int16_t)va_arg(va_rdf, int))
- {
- rd = ldns_rr_rdf(r, rdf);
- if (!rd) {
- continue;
- } else {
- ldns_rdf_print(fp, rd);
- fprintf(fp, " "); /* not sure if we want to do this */
- }
- }
- va_end(va_rdf);
-}
+++ /dev/null
-/*
- * host2str.c
- *
- * conversion routines from the host format
- * to the presentation format (strings)
- *
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2004-2006
- *
- * See the file LICENSE for the license
- */
-#include <ldns/config.h>
-
-#include <ldns/ldns.h>
-
-#include <limits.h>
-
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-#include <time.h>
-#ifndef _MSC_VER
-#include <sys/time.h>
-#endif
-
-#ifndef INET_ADDRSTRLEN
-#define INET_ADDRSTRLEN 16
-#endif
-#ifndef INET6_ADDRSTRLEN
-#define INET6_ADDRSTRLEN 46
-#endif
-
-/* lookup tables for standard DNS stuff */
-
-/* Taken from RFC 2535, section 7. */
-ldns_lookup_table ldns_algorithms[] = {
- { LDNS_RSAMD5, "RSAMD5" },
- { LDNS_DH, "DH" },
- { LDNS_DSA, "DSA" },
- { LDNS_ECC, "ECC" },
- { LDNS_RSASHA1, "RSASHA1" },
- { LDNS_DSA_NSEC3, "DSA-NSEC3-SHA1" },
- { LDNS_RSASHA1_NSEC3, "RSASHA1-NSEC3-SHA1" },
-#ifdef USE_SHA2
- { LDNS_RSASHA256, "RSASHA256"},
- { LDNS_RSASHA512, "RSASHA512"},
-#endif
-#ifdef USE_GOST
- { LDNS_ECC_GOST, "ECC-GOST"},
-#endif
-#ifdef USE_ECDSA
- { LDNS_ECDSAP256SHA256, "ECDSAP256SHA256"},
- { LDNS_ECDSAP384SHA384, "ECDSAP384SHA384"},
-#endif
- { LDNS_INDIRECT, "INDIRECT" },
- { LDNS_PRIVATEDNS, "PRIVATEDNS" },
- { LDNS_PRIVATEOID, "PRIVATEOID" },
- { 0, NULL }
-};
-
-/* Taken from RFC 4398 */
-ldns_lookup_table ldns_cert_algorithms[] = {
- { LDNS_CERT_PKIX, "PKIX" },
- { LDNS_CERT_SPKI, "SPKI" },
- { LDNS_CERT_PGP, "PGP" },
- { LDNS_CERT_IPKIX, "IPKIX" },
- { LDNS_CERT_ISPKI, "ISPKI" },
- { LDNS_CERT_IPGP, "IPGP" },
- { LDNS_CERT_ACPKIX, "ACPKIX" },
- { LDNS_CERT_IACPKIX, "IACPKIX" },
- { LDNS_CERT_URI, "URI" },
- { LDNS_CERT_OID, "OID" },
- { 0, NULL }
-};
-
-/* classes */
-ldns_lookup_table ldns_rr_classes[] = {
- { LDNS_RR_CLASS_IN, "IN" },
- { LDNS_RR_CLASS_CH, "CH" },
- { LDNS_RR_CLASS_HS, "HS" },
- { LDNS_RR_CLASS_NONE, "NONE" },
- { LDNS_RR_CLASS_ANY, "ANY" },
- { 0, NULL }
-};
-
-/* if these are used elsewhere */
-ldns_lookup_table ldns_rcodes[] = {
- { LDNS_RCODE_NOERROR, "NOERROR" },
- { LDNS_RCODE_FORMERR, "FORMERR" },
- { LDNS_RCODE_SERVFAIL, "SERVFAIL" },
- { LDNS_RCODE_NXDOMAIN, "NXDOMAIN" },
- { LDNS_RCODE_NOTIMPL, "NOTIMPL" },
- { LDNS_RCODE_REFUSED, "REFUSED" },
- { LDNS_RCODE_YXDOMAIN, "YXDOMAIN" },
- { LDNS_RCODE_YXRRSET, "YXRRSET" },
- { LDNS_RCODE_NXRRSET, "NXRRSET" },
- { LDNS_RCODE_NOTAUTH, "NOTAUTH" },
- { LDNS_RCODE_NOTZONE, "NOTZONE" },
- { 0, NULL }
-};
-
-ldns_lookup_table ldns_opcodes[] = {
- { LDNS_PACKET_QUERY, "QUERY" },
- { LDNS_PACKET_IQUERY, "IQUERY" },
- { LDNS_PACKET_STATUS, "STATUS" },
- { LDNS_PACKET_NOTIFY, "NOTIFY" },
- { LDNS_PACKET_UPDATE, "UPDATE" },
- { 0, NULL }
-};
-
-ldns_status
-ldns_pkt_opcode2buffer_str(ldns_buffer *output, ldns_pkt_opcode opcode)
-{
- ldns_lookup_table *lt = ldns_lookup_by_id(ldns_opcodes, opcode);
- if (lt && lt->name) {
- ldns_buffer_printf(output, "%s", lt->name);
- } else {
- ldns_buffer_printf(output, "OPCODE%u", opcode);
- }
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_pkt_rcode2buffer_str(ldns_buffer *output, ldns_pkt_rcode rcode)
-{
- ldns_lookup_table *lt = ldns_lookup_by_id(ldns_rcodes, rcode);
- if (lt && lt->name) {
- ldns_buffer_printf(output, "%s", lt->name);
- } else {
- ldns_buffer_printf(output, "RCODE%u", rcode);
- }
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_algorithm2buffer_str(ldns_buffer *output,
- ldns_algorithm algorithm)
-{
- ldns_lookup_table *lt = ldns_lookup_by_id(ldns_algorithms,
- algorithm);
- if (lt && lt->name) {
- ldns_buffer_printf(output, "%s", lt->name);
- } else {
- ldns_buffer_printf(output, "ALG%u", algorithm);
- }
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_cert_algorithm2buffer_str(ldns_buffer *output,
- ldns_cert_algorithm cert_algorithm)
-{
- ldns_lookup_table *lt = ldns_lookup_by_id(ldns_cert_algorithms,
- cert_algorithm);
- if (lt && lt->name) {
- ldns_buffer_printf(output, "%s", lt->name);
- } else {
- ldns_buffer_printf(output, "CERT_ALG%u",
- cert_algorithm);
- }
- return ldns_buffer_status(output);
-}
-
-char *
-ldns_pkt_opcode2str(ldns_pkt_opcode opcode)
-{
- char *str;
- ldns_buffer *buf;
-
- buf = ldns_buffer_new(12);
- if (!buf) {
- return NULL;
- }
-
- str = NULL;
- if (ldns_pkt_opcode2buffer_str(buf, opcode) == LDNS_STATUS_OK) {
- str = ldns_buffer2str(buf);
- }
-
- ldns_buffer_free(buf);
- return str;
-}
-
-char *
-ldns_pkt_rcode2str(ldns_pkt_rcode rcode)
-{
- char *str;
- ldns_buffer *buf;
-
- buf = ldns_buffer_new(10);
- if (!buf) {
- return NULL;
- }
-
- str = NULL;
- if (ldns_pkt_rcode2buffer_str(buf, rcode) == LDNS_STATUS_OK) {
- str = ldns_buffer2str(buf);
- }
-
- ldns_buffer_free(buf);
- return str;
-}
-
-char *
-ldns_pkt_algorithm2str(ldns_algorithm algorithm)
-{
- char *str;
- ldns_buffer *buf;
-
- buf = ldns_buffer_new(10);
- if (!buf) {
- return NULL;
- }
-
- str = NULL;
- if (ldns_algorithm2buffer_str(buf, algorithm)
- == LDNS_STATUS_OK) {
- str = ldns_buffer2str(buf);
- }
-
- ldns_buffer_free(buf);
- return str;
-}
-
-char *
-ldns_pkt_cert_algorithm2str(ldns_cert_algorithm cert_algorithm)
-{
- char *str;
- ldns_buffer *buf;
-
- buf = ldns_buffer_new(10);
- if (!buf) {
- return NULL;
- }
-
- str = NULL;
- if (ldns_cert_algorithm2buffer_str(buf, cert_algorithm)
- == LDNS_STATUS_OK) {
- str = ldns_buffer2str(buf);
- }
-
- ldns_buffer_free(buf);
- return str;
-}
-
-
-/* do NOT pass compressed data here :p */
-ldns_status
-ldns_rdf2buffer_str_dname(ldns_buffer *output, const ldns_rdf *dname)
-{
- /* can we do with 1 pos var? or without at all? */
- uint8_t src_pos = 0;
- uint8_t len;
- uint8_t *data;
- uint8_t i;
- unsigned char c;
-
- data = (uint8_t*)ldns_rdf_data(dname);
- len = data[src_pos];
-
- if (ldns_rdf_size(dname) > LDNS_MAX_DOMAINLEN) {
- /* too large, return */
- return LDNS_STATUS_DOMAINNAME_OVERFLOW;
- }
-
- /* special case: root label */
- if (1 == ldns_rdf_size(dname)) {
- ldns_buffer_printf(output, ".");
- } else {
- while ((len > 0) && src_pos < ldns_rdf_size(dname)) {
- src_pos++;
- for(i = 0; i < len; i++) {
- /* paranoia check for various 'strange'
- characters in dnames
- */
- c = (unsigned char) data[src_pos];
- if(c == '.' || c == ';' ||
- c == '(' || c == ')' ||
- c == '\\') {
- ldns_buffer_printf(output, "\\%c",
- data[src_pos]);
- } else if (!(isascii(c) && isgraph(c))) {
- ldns_buffer_printf(output, "\\%03u",
- data[src_pos]);
- } else {
- ldns_buffer_printf(output, "%c", data[src_pos]);
- }
- src_pos++;
- }
-
- if (src_pos < ldns_rdf_size(dname)) {
- ldns_buffer_printf(output, ".");
- }
- len = data[src_pos];
- }
- }
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_rdf2buffer_str_int8(ldns_buffer *output, const ldns_rdf *rdf)
-{
- uint8_t data = ldns_rdf_data(rdf)[0];
- ldns_buffer_printf(output, "%lu", (unsigned long) data);
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_rdf2buffer_str_int16(ldns_buffer *output, const ldns_rdf *rdf)
-{
- uint16_t data = ldns_read_uint16(ldns_rdf_data(rdf));
- ldns_buffer_printf(output, "%lu", (unsigned long) data);
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_rdf2buffer_str_int32(ldns_buffer *output, const ldns_rdf *rdf)
-{
- uint32_t data = ldns_read_uint32(ldns_rdf_data(rdf));
- ldns_buffer_printf(output, "%lu", (unsigned long) data);
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_rdf2buffer_str_time(ldns_buffer *output, const ldns_rdf *rdf)
-{
- /* create a YYYYMMDDHHMMSS string if possible */
- time_t data_time = (time_t) ldns_read_uint32(ldns_rdf_data(rdf));
- struct tm tm;
- char date_buf[16];
-
- memset(&tm, 0, sizeof(tm));
-
- if (gmtime_r(&data_time, &tm) && strftime(date_buf, 15, "%Y%m%d%H%M%S", &tm)) {
- ldns_buffer_printf(output, "%s", date_buf);
- }
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_rdf2buffer_str_a(ldns_buffer *output, const ldns_rdf *rdf)
-{
- char str[INET_ADDRSTRLEN];
-
- if (inet_ntop(AF_INET, ldns_rdf_data(rdf), str, INET_ADDRSTRLEN)) {
- ldns_buffer_printf(output, "%s", str);
- }
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_rdf2buffer_str_aaaa(ldns_buffer *output, const ldns_rdf *rdf)
-{
- char str[INET6_ADDRSTRLEN];
-
- if (inet_ntop(AF_INET6, ldns_rdf_data(rdf), str, INET6_ADDRSTRLEN)) {
- ldns_buffer_printf(output, "%s", str);
- }
-
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_rdf2buffer_str_str(ldns_buffer *output, const ldns_rdf *rdf)
-{
- const uint8_t *data = ldns_rdf_data(rdf);
- uint8_t length = data[0];
- size_t i;
-
- ldns_buffer_printf(output, "\"");
- for (i = 1; i <= length; ++i) {
- char ch = (char) data[i];
- if (isprint((int)ch) || ch=='\t') {
- if (ch=='\"'||ch=='\\')
- ldns_buffer_printf(output, "\\%c", ch);
- else
- ldns_buffer_printf(output, "%c", ch);
- } else {
- ldns_buffer_printf(output, "\\%03u",
- (unsigned)(uint8_t) ch);
- }
- }
- ldns_buffer_printf(output, "\"");
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_rdf2buffer_str_b64(ldns_buffer *output, const ldns_rdf *rdf)
-{
- size_t size = ldns_b64_ntop_calculate_size(ldns_rdf_size(rdf));
- char *b64 = LDNS_XMALLOC(char, size);
- if(!b64) return LDNS_STATUS_MEM_ERR;
- if (ldns_b64_ntop(ldns_rdf_data(rdf), ldns_rdf_size(rdf), b64, size)) {
- ldns_buffer_printf(output, "%s", b64);
- }
- LDNS_FREE(b64);
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_rdf2buffer_str_b32_ext(ldns_buffer *output, const ldns_rdf *rdf)
-{
- size_t size;
- char *b32;
- if(ldns_rdf_size(rdf) == 0)
- return LDNS_STATUS_OK;
- /* remove -1 for the b32-hash-len octet */
- size = ldns_b32_ntop_calculate_size(ldns_rdf_size(rdf) - 1);
- /* add one for the end nul for the string */
- b32 = LDNS_XMALLOC(char, size + 1);
- if(!b32) return LDNS_STATUS_MEM_ERR;
- size = (size_t) ldns_b32_ntop_extended_hex(ldns_rdf_data(rdf) + 1,
- ldns_rdf_size(rdf) - 1, b32, size+1);
- if (size > 0) {
- ldns_buffer_printf(output, "%s", b32);
- }
- LDNS_FREE(b32);
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_rdf2buffer_str_hex(ldns_buffer *output, const ldns_rdf *rdf)
-{
- size_t i;
- for (i = 0; i < ldns_rdf_size(rdf); i++) {
- ldns_buffer_printf(output, "%02x", ldns_rdf_data(rdf)[i]);
- }
-
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_rdf2buffer_str_type(ldns_buffer *output, const ldns_rdf *rdf)
-{
- uint16_t data = ldns_read_uint16(ldns_rdf_data(rdf));
- const ldns_rr_descriptor *descriptor;
-
- descriptor = ldns_rr_descript(data);
- if (descriptor && descriptor->_name) {
- ldns_buffer_printf(output, "%s", descriptor->_name);
- } else {
- ldns_buffer_printf(output, "TYPE%u", data);
- }
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_rdf2buffer_str_class(ldns_buffer *output, const ldns_rdf *rdf)
-{
- uint16_t data = ldns_read_uint16(ldns_rdf_data(rdf));
- ldns_lookup_table *lt;
-
- lt = ldns_lookup_by_id(ldns_rr_classes, (int) data);
- if (lt) {
- ldns_buffer_printf(output, "\t%s", lt->name);
- } else {
- ldns_buffer_printf(output, "\tCLASS%d", data);
- }
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_rdf2buffer_str_cert_alg(ldns_buffer *output, const ldns_rdf *rdf)
-{
- uint16_t data = ldns_read_uint16(ldns_rdf_data(rdf));
- ldns_lookup_table *lt;
- lt = ldns_lookup_by_id(ldns_cert_algorithms, (int) data);
- if (lt) {
- ldns_buffer_printf(output, "%s", lt->name);
- } else {
- ldns_buffer_printf(output, "%d", data);
- }
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_rdf2buffer_str_alg(ldns_buffer *output, const ldns_rdf *rdf)
-{
- /* don't use algorithm mnemonics in the presentation format
- this kind of got sneaked into the rfc's */
- uint8_t data = ldns_rdf_data(rdf)[0];
- ldns_buffer_printf(output, "%d", data);
- return ldns_buffer_status(output);
-}
-
-static void
-loc_cm_print(ldns_buffer *output, uint8_t mantissa, uint8_t exponent)
-{
- uint8_t i;
- /* is it 0.<two digits> ? */
- if(exponent < 2) {
- if(exponent == 1)
- mantissa *= 10;
- ldns_buffer_printf(output, "0.%02ld", (long)mantissa);
- return;
- }
- /* always <digit><string of zeros> */
- ldns_buffer_printf(output, "%d", (int)mantissa);
- for(i=0; i<exponent-2; i++)
- ldns_buffer_printf(output, "0");
-}
-
-ldns_status
-ldns_rr_type2buffer_str(ldns_buffer *output, const ldns_rr_type type)
-{
- const ldns_rr_descriptor *descriptor;
-
- descriptor = ldns_rr_descript(type);
-
- if (descriptor && descriptor->_name) {
- ldns_buffer_printf(output, "%s", descriptor->_name);
- } else {
- /* exceptions for pseudotypes */
- switch (type) {
- case LDNS_RR_TYPE_IXFR:
- ldns_buffer_printf(output, "IXFR");
- break;
- case LDNS_RR_TYPE_AXFR:
- ldns_buffer_printf(output, "AXFR");
- break;
- case LDNS_RR_TYPE_MAILA:
- ldns_buffer_printf(output, "MAILA");
- break;
- case LDNS_RR_TYPE_MAILB:
- ldns_buffer_printf(output, "MAILB");
- break;
- case LDNS_RR_TYPE_ANY:
- ldns_buffer_printf(output, "ANY");
- break;
- default:
- ldns_buffer_printf(output, "TYPE%u", type);
- }
- }
- return ldns_buffer_status(output);
-}
-
-char *
-ldns_rr_type2str(const ldns_rr_type type)
-{
- char *str;
- ldns_buffer *buf;
-
- buf = ldns_buffer_new(10);
- if (!buf) {
- return NULL;
- }
-
- str = NULL;
- if (ldns_rr_type2buffer_str(buf, type) == LDNS_STATUS_OK) {
- str = ldns_buffer2str(buf);
- }
-
- ldns_buffer_free(buf);
- return str;
-}
-
-
-ldns_status
-ldns_rr_class2buffer_str(ldns_buffer *output,
- const ldns_rr_class klass)
-{
- ldns_lookup_table *lt;
-
- lt = ldns_lookup_by_id(ldns_rr_classes, klass);
- if (lt) {
- ldns_buffer_printf(output, "%s", lt->name);
- } else {
- ldns_buffer_printf(output, "CLASS%d", klass);
- }
- return ldns_buffer_status(output);
-}
-
-char *
-ldns_rr_class2str(const ldns_rr_class klass)
-{
- ldns_buffer *buf;
- char *str;
-
- buf = ldns_buffer_new(10);
- if (!buf) {
- return NULL;
- }
-
- str = NULL;
- if (ldns_rr_class2buffer_str(buf, klass) == LDNS_STATUS_OK) {
- str = ldns_buffer2str(buf);
- }
- ldns_buffer_free(buf);
- return str;
-}
-
-ldns_status
-ldns_rdf2buffer_str_loc(ldns_buffer *output, const ldns_rdf *rdf)
-{
- /* we could do checking (ie degrees < 90 etc)? */
- uint8_t version = ldns_rdf_data(rdf)[0];
- uint8_t size;
- uint8_t horizontal_precision;
- uint8_t vertical_precision;
- uint32_t longitude;
- uint32_t latitude;
- uint32_t altitude;
- char northerness;
- char easterness;
- uint32_t h;
- uint32_t m;
- double s;
-
- uint32_t equator = (uint32_t) ldns_power(2, 31);
-
- if (version == 0) {
- size = ldns_rdf_data(rdf)[1];
- horizontal_precision = ldns_rdf_data(rdf)[2];
- vertical_precision = ldns_rdf_data(rdf)[3];
-
- latitude = ldns_read_uint32(&ldns_rdf_data(rdf)[4]);
- longitude = ldns_read_uint32(&ldns_rdf_data(rdf)[8]);
- altitude = ldns_read_uint32(&ldns_rdf_data(rdf)[12]);
-
- if (latitude > equator) {
- northerness = 'N';
- latitude = latitude - equator;
- } else {
- northerness = 'S';
- latitude = equator - latitude;
- }
- h = latitude / (1000 * 60 * 60);
- latitude = latitude % (1000 * 60 * 60);
- m = latitude / (1000 * 60);
- latitude = latitude % (1000 * 60);
- s = (double) latitude / 1000.0;
- ldns_buffer_printf(output, "%02u %02u %0.3f %c ",
- h, m, s, northerness);
-
- if (longitude > equator) {
- easterness = 'E';
- longitude = longitude - equator;
- } else {
- easterness = 'W';
- longitude = equator - longitude;
- }
- h = longitude / (1000 * 60 * 60);
- longitude = longitude % (1000 * 60 * 60);
- m = longitude / (1000 * 60);
- longitude = longitude % (1000 * 60);
- s = (double) longitude / (1000.0);
- ldns_buffer_printf(output, "%02u %02u %0.3f %c ",
- h, m, s, easterness);
-
-
- s = ((double) altitude) / 100;
- s -= 100000;
-
- if(altitude%100 != 0)
- ldns_buffer_printf(output, "%.2f", s);
- else
- ldns_buffer_printf(output, "%.0f", s);
-
- ldns_buffer_printf(output, "m ");
-
- loc_cm_print(output, (size & 0xf0) >> 4, size & 0x0f);
- ldns_buffer_printf(output, "m ");
-
- loc_cm_print(output, (horizontal_precision & 0xf0) >> 4,
- horizontal_precision & 0x0f);
- ldns_buffer_printf(output, "m ");
-
- loc_cm_print(output, (vertical_precision & 0xf0) >> 4,
- vertical_precision & 0x0f);
- ldns_buffer_printf(output, "m");
-
- return ldns_buffer_status(output);
- } else {
- return ldns_rdf2buffer_str_hex(output, rdf);
- }
-}
-
-ldns_status
-ldns_rdf2buffer_str_unknown(ldns_buffer *output, const ldns_rdf *rdf)
-{
- ldns_buffer_printf(output, "\\# %u ", ldns_rdf_size(rdf));
- return ldns_rdf2buffer_str_hex(output, rdf);
-}
-
-ldns_status
-ldns_rdf2buffer_str_nsap(ldns_buffer *output, const ldns_rdf *rdf)
-{
- ldns_buffer_printf(output, "0x");
- return ldns_rdf2buffer_str_hex(output, rdf);
-}
-
-ldns_status
-ldns_rdf2buffer_str_atma(ldns_buffer *output, const ldns_rdf *rdf)
-{
- return ldns_rdf2buffer_str_hex(output, rdf);
-}
-
-ldns_status
-ldns_rdf2buffer_str_wks(ldns_buffer *output, const ldns_rdf *rdf)
-{
- /* protocol, followed by bitmap of services */
- struct protoent *protocol;
- char *proto_name = NULL;
- uint8_t protocol_nr;
- struct servent *service;
- uint16_t current_service;
-
- protocol_nr = ldns_rdf_data(rdf)[0];
- protocol = getprotobynumber((int) protocol_nr);
- if (protocol && (protocol->p_name != NULL)) {
- proto_name = protocol->p_name;
- ldns_buffer_printf(output, "%s ", protocol->p_name);
- } else {
- ldns_buffer_printf(output, "%u ", protocol_nr);
- }
-
-#ifdef HAVE_ENDPROTOENT
- endprotoent();
-#endif
-
- for (current_service = 0;
- current_service < ldns_rdf_size(rdf) * 7; current_service++) {
- if (ldns_get_bit(&(ldns_rdf_data(rdf)[1]), current_service)) {
- service = getservbyport((int) htons(current_service),
- proto_name);
- if (service && service->s_name) {
- ldns_buffer_printf(output, "%s ", service->s_name);
- } else {
- ldns_buffer_printf(output, "%u ", current_service);
- }
-#ifdef HAVE_ENDSERVENT
- endservent();
-#endif
- }
- }
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_rdf2buffer_str_nsec(ldns_buffer *output, const ldns_rdf *rdf)
-{
- /* Note: this code is duplicated in higher.c in
- * ldns_nsec_type_check() function
- */
- uint8_t window_block_nr;
- uint8_t bitmap_length;
- uint16_t type;
- uint16_t pos = 0;
- uint16_t bit_pos;
- uint8_t *data = ldns_rdf_data(rdf);
- const ldns_rr_descriptor *descriptor;
-
- while(pos < ldns_rdf_size(rdf)) {
- window_block_nr = data[pos];
- bitmap_length = data[pos + 1];
- pos += 2;
-
- for (bit_pos = 0; bit_pos < (bitmap_length) * 8; bit_pos++) {
- if (ldns_get_bit(&data[pos], bit_pos)) {
- type = 256 * (uint16_t) window_block_nr + bit_pos;
- descriptor = ldns_rr_descript(type);
-
- if (descriptor && descriptor->_name) {
- ldns_buffer_printf(output, "%s ",
- descriptor->_name);
- } else {
- ldns_buffer_printf(output, "TYPE%u ", type);
- }
- }
- }
-
- pos += (uint16_t) bitmap_length;
- }
-
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_rdf2buffer_str_nsec3_salt(ldns_buffer *output, const ldns_rdf *rdf)
-{
- uint8_t salt_length;
- uint8_t salt_pos;
-
- uint8_t *data = ldns_rdf_data(rdf);
-
- if(ldns_rdf_size(rdf) == 0) {
- output->_status = LDNS_STATUS_ERR;
- return ldns_buffer_status(output);
- }
- salt_length = data[0];
- /* from now there are variable length entries so remember pos */
- if (salt_length == 0 || ((size_t)salt_length)+1 > ldns_rdf_size(rdf)) {
- ldns_buffer_printf(output, "- ");
- } else {
- for (salt_pos = 0; salt_pos < salt_length; salt_pos++) {
- ldns_buffer_printf(output, "%02x", data[1 + salt_pos]);
- }
- ldns_buffer_printf(output, " ");
- }
-
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_rdf2buffer_str_period(ldns_buffer *output, const ldns_rdf *rdf)
-{
- /* period is the number of seconds */
- uint32_t p = ldns_read_uint32(ldns_rdf_data(rdf));
- ldns_buffer_printf(output, "%u", p);
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_rdf2buffer_str_tsigtime(ldns_buffer *output,const ldns_rdf *rdf)
-{
- /* tsigtime is 48 bits network order unsigned integer */
- uint64_t tsigtime = 0;
- uint8_t *data = ldns_rdf_data(rdf);
-
- if (ldns_rdf_size(rdf) != 6) {
- return LDNS_STATUS_ERR;
- }
-
- tsigtime = ldns_read_uint16(data);
- tsigtime *= 65536;
- tsigtime += ldns_read_uint16(data+2);
- tsigtime *= 65536;
-
- ldns_buffer_printf(output, "%llu ", tsigtime);
-
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_rdf2buffer_str_apl(ldns_buffer *output, const ldns_rdf *rdf)
-{
- uint8_t *data = ldns_rdf_data(rdf);
- uint16_t address_family;
- uint8_t prefix;
- bool negation;
- uint8_t adf_length;
- size_t i;
- size_t pos = 0;
-
- while (pos < (unsigned int) ldns_rdf_size(rdf)) {
- if(pos + 3 >= (unsigned)ldns_rdf_size(rdf))
- return LDNS_STATUS_SYNTAX_RDATA_ERR;
- address_family = ldns_read_uint16(&data[pos]);
- prefix = data[pos + 2];
- negation = data[pos + 3] & LDNS_APL_NEGATION;
- adf_length = data[pos + 3] & LDNS_APL_MASK;
- if (address_family == LDNS_APL_IP4) {
- /* check if prefix < 32? */
- if (negation) {
- ldns_buffer_printf(output, "!");
- }
- ldns_buffer_printf(output, "%u:", address_family);
- /* address is variable length 0 - 4 */
- for (i = 0; i < 4; i++) {
- if (i > 0) {
- ldns_buffer_printf(output, ".");
- }
- if (i < (unsigned short) adf_length) {
- if(pos+i+4 >= ldns_rdf_size(rdf))
- return LDNS_STATUS_SYNTAX_RDATA_ERR;
- ldns_buffer_printf(output, "%d",
- data[pos + i + 4]);
- } else {
- ldns_buffer_printf(output, "0");
- }
- }
- ldns_buffer_printf(output, "/%u ", prefix);
- } else if (address_family == LDNS_APL_IP6) {
- /* check if prefix < 128? */
- if (negation) {
- ldns_buffer_printf(output, "!");
- }
- ldns_buffer_printf(output, "%u:", address_family);
- /* address is variable length 0 - 16 */
- for (i = 0; i < 16; i++) {
- if (i % 2 == 0 && i > 0) {
- ldns_buffer_printf(output, ":");
- }
- if (i < (unsigned short) adf_length) {
- if(pos+i+4 >= ldns_rdf_size(rdf))
- return LDNS_STATUS_SYNTAX_RDATA_ERR;
- ldns_buffer_printf(output, "%02x",
- data[pos + i + 4]);
- } else {
- ldns_buffer_printf(output, "00");
- }
- }
- ldns_buffer_printf(output, "/%u ", prefix);
-
- } else {
- /* unknown address family */
- ldns_buffer_printf(output, "Unknown address family: %u data: ",
- address_family);
- for (i = 1; i < (unsigned short) (4 + adf_length); i++) {
- if(pos+i >= ldns_rdf_size(rdf))
- return LDNS_STATUS_SYNTAX_RDATA_ERR;
- ldns_buffer_printf(output, "%02x", data[i]);
- }
- }
- pos += 4 + adf_length;
- }
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_rdf2buffer_str_int16_data(ldns_buffer *output, const ldns_rdf *rdf)
-{
- /* Subtract the size (2) of the number that specifies the length */
- size_t size = ldns_b64_ntop_calculate_size(ldns_rdf_size(rdf) - 2);
- char *b64 = LDNS_XMALLOC(char, size);
- if(!b64)
- return LDNS_STATUS_MEM_ERR;
-
- ldns_buffer_printf(output, "%u ", ldns_rdf_size(rdf) - 2);
-
- if (ldns_rdf_size(rdf) > 2 &&
- ldns_b64_ntop(ldns_rdf_data(rdf) + 2,
- ldns_rdf_size(rdf) - 2,
- b64, size)) {
- ldns_buffer_printf(output, "%s", b64);
- }
- LDNS_FREE(b64);
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_rdf2buffer_str_ipseckey(ldns_buffer *output, const ldns_rdf *rdf)
-{
- /* wire format from
- http://www.ietf.org/internet-drafts/draft-ietf-ipseckey-rr-12.txt
- */
- uint8_t *data = ldns_rdf_data(rdf);
- uint8_t precedence;
- uint8_t gateway_type;
- uint8_t algorithm;
-
- ldns_rdf *gateway = NULL;
- uint8_t *gateway_data;
-
- size_t public_key_size;
- uint8_t *public_key_data;
- ldns_rdf *public_key;
-
- size_t offset = 0;
- ldns_status status;
-
- precedence = data[0];
- gateway_type = data[1];
- algorithm = data[2];
- offset = 3;
-
- switch (gateway_type) {
- case 0:
- /* no gateway */
- break;
- case 1:
- gateway_data = LDNS_XMALLOC(uint8_t, LDNS_IP4ADDRLEN);
- if(!gateway_data)
- return LDNS_STATUS_MEM_ERR;
- memcpy(gateway_data, &data[offset], LDNS_IP4ADDRLEN);
- gateway = ldns_rdf_new(LDNS_RDF_TYPE_A, LDNS_IP4ADDRLEN , gateway_data);
- offset += LDNS_IP4ADDRLEN;
- if(!gateway) {
- LDNS_FREE(gateway_data);
- return LDNS_STATUS_MEM_ERR;
- }
- break;
- case 2:
- gateway_data = LDNS_XMALLOC(uint8_t, LDNS_IP6ADDRLEN);
- if(!gateway_data)
- return LDNS_STATUS_MEM_ERR;
- memcpy(gateway_data, &data[offset], LDNS_IP6ADDRLEN);
- offset += LDNS_IP6ADDRLEN;
- gateway =
- ldns_rdf_new(LDNS_RDF_TYPE_AAAA, LDNS_IP6ADDRLEN, gateway_data);
- if(!gateway) {
- LDNS_FREE(gateway_data);
- return LDNS_STATUS_MEM_ERR;
- }
- break;
- case 3:
- status = ldns_wire2dname(&gateway, data, ldns_rdf_size(rdf), &offset);
- if(status != LDNS_STATUS_OK)
- return status;
- break;
- default:
- /* error? */
- break;
- }
-
- public_key_size = ldns_rdf_size(rdf) - offset;
- public_key_data = LDNS_XMALLOC(uint8_t, public_key_size);
- if(!public_key_data) {
- ldns_rdf_free(gateway);
- return LDNS_STATUS_MEM_ERR;
- }
- memcpy(public_key_data, &data[offset], public_key_size);
- public_key = ldns_rdf_new(LDNS_RDF_TYPE_B64, public_key_size, public_key_data);
- if(!public_key) {
- LDNS_FREE(public_key_data);
- ldns_rdf_free(gateway);
- return LDNS_STATUS_MEM_ERR;
- }
-
- ldns_buffer_printf(output, "%u %u %u ", precedence, gateway_type, algorithm);
- if (gateway)
- (void) ldns_rdf2buffer_str(output, gateway);
- else
- ldns_buffer_printf(output, ".");
- ldns_buffer_printf(output, " ");
- (void) ldns_rdf2buffer_str(output, public_key);
-
- ldns_rdf_free(gateway);
- ldns_rdf_free(public_key);
-
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_rdf2buffer_str_tsig(ldns_buffer *output, const ldns_rdf *rdf)
-{
- /* TSIG RRs have no presentation format, make them #size <data> */
- return ldns_rdf2buffer_str_unknown(output, rdf);
-}
-
-
-ldns_status
-ldns_rdf2buffer_str(ldns_buffer *buffer, const ldns_rdf *rdf)
-{
- ldns_status res = LDNS_STATUS_OK;
-
- /*ldns_buffer_printf(buffer, "%u:", ldns_rdf_get_type(rdf));*/
- if (rdf) {
- switch(ldns_rdf_get_type(rdf)) {
- case LDNS_RDF_TYPE_NONE:
- break;
- case LDNS_RDF_TYPE_DNAME:
- res = ldns_rdf2buffer_str_dname(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_INT8:
- res = ldns_rdf2buffer_str_int8(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_INT16:
- res = ldns_rdf2buffer_str_int16(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_INT32:
- res = ldns_rdf2buffer_str_int32(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_PERIOD:
- res = ldns_rdf2buffer_str_period(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_TSIGTIME:
- res = ldns_rdf2buffer_str_tsigtime(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_A:
- res = ldns_rdf2buffer_str_a(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_AAAA:
- res = ldns_rdf2buffer_str_aaaa(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_STR:
- res = ldns_rdf2buffer_str_str(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_APL:
- res = ldns_rdf2buffer_str_apl(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_B32_EXT:
- res = ldns_rdf2buffer_str_b32_ext(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_B64:
- res = ldns_rdf2buffer_str_b64(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_HEX:
- res = ldns_rdf2buffer_str_hex(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_NSEC:
- res = ldns_rdf2buffer_str_nsec(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_NSEC3_SALT:
- res = ldns_rdf2buffer_str_nsec3_salt(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_TYPE:
- res = ldns_rdf2buffer_str_type(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_CLASS:
- res = ldns_rdf2buffer_str_class(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_CERT_ALG:
- res = ldns_rdf2buffer_str_cert_alg(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_ALG:
- res = ldns_rdf2buffer_str_alg(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_UNKNOWN:
- res = ldns_rdf2buffer_str_unknown(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_TIME:
- res = ldns_rdf2buffer_str_time(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_LOC:
- res = ldns_rdf2buffer_str_loc(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_WKS:
- case LDNS_RDF_TYPE_SERVICE:
- res = ldns_rdf2buffer_str_wks(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_NSAP:
- res = ldns_rdf2buffer_str_nsap(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_ATMA:
- res = ldns_rdf2buffer_str_atma(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_IPSECKEY:
- res = ldns_rdf2buffer_str_ipseckey(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_TSIG:
- res = ldns_rdf2buffer_str_tsig(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_INT16_DATA:
- res = ldns_rdf2buffer_str_int16_data(buffer, rdf);
- break;
- case LDNS_RDF_TYPE_NSEC3_NEXT_OWNER:
- res = ldns_rdf2buffer_str_b32_ext(buffer, rdf);
- break;
- }
- } else {
- ldns_buffer_printf(buffer, "(null) ");
- res = ldns_buffer_status(buffer);
- }
- return res;
-}
-
-ldns_status
-ldns_rr2buffer_str(ldns_buffer *output, const ldns_rr *rr)
-{
- uint16_t i, flags;
- ldns_status status = LDNS_STATUS_OK;
- if (!rr) {
- ldns_buffer_printf(output, "(null)\n");
- } else {
- if (ldns_rr_owner(rr)) {
- status = ldns_rdf2buffer_str_dname(output, ldns_rr_owner(rr));
- }
- if (status != LDNS_STATUS_OK) {
- return status;
- }
-
- /* TTL should NOT be printed if it is a question */
- if (!ldns_rr_is_question(rr)) {
- ldns_buffer_printf(output, "\t%d", ldns_rr_ttl(rr));
- }
-
- ldns_buffer_printf(output, "\t");
- status = ldns_rr_class2buffer_str(output, ldns_rr_get_class(rr));
- if (status != LDNS_STATUS_OK) {
- return status;
- }
- ldns_buffer_printf(output, "\t");
-
- status = ldns_rr_type2buffer_str(output, ldns_rr_get_type(rr));
- if (status != LDNS_STATUS_OK) {
- return status;
- }
-
- if (ldns_rr_rd_count(rr) > 0) {
- ldns_buffer_printf(output, "\t");
- } else if (!ldns_rr_is_question(rr)) {
- ldns_buffer_printf(output, "\t\\# 0");
- }
-
- for (i = 0; i < ldns_rr_rd_count(rr); i++) {
- status = ldns_rdf2buffer_str(output, ldns_rr_rdf(rr, i));
- if(status != LDNS_STATUS_OK)
- return status;
- if (i < ldns_rr_rd_count(rr) - 1) {
- ldns_buffer_printf(output, " ");
- }
- }
- /* per RR special comments - handy for DNSSEC types */
- /* check to prevent question sec. rr from
- * getting here */
- if (ldns_rr_rd_count(rr) > 0) {
- switch (ldns_rr_get_type(rr)) {
- case LDNS_RR_TYPE_DNSKEY:
- if (ldns_rr_rdf(rr, 0)) {
- flags = ldns_rdf2native_int16(ldns_rr_rdf(rr, 0));
- if (flags == 256 || flags == 384) {
- ldns_buffer_printf(output,
- " ;{id = %u (zsk), size = %db}",
- (unsigned int) ldns_calc_keytag(rr),
- ldns_rr_dnskey_key_size(rr));
- break;
- }
- if (flags == 257 || flags == 385) {
- ldns_buffer_printf(output,
- " ;{id = %u (ksk), size = %db}",
- (unsigned int) ldns_calc_keytag(rr),
- ldns_rr_dnskey_key_size(rr));
- break;
- }
- ldns_buffer_printf(output, " ;{id = %u, size = %db}",
- (unsigned int) ldns_calc_keytag(rr),
- ldns_rr_dnskey_key_size(rr));
- }
- break;
- case LDNS_RR_TYPE_RRSIG:
- ldns_buffer_printf(output, " ;{id = %d}",
- ldns_rdf2native_int16(ldns_rr_rdf(rr, 6)));
- break;
- case LDNS_RR_TYPE_DS:
- {
- uint8_t *data = ldns_rdf_data(ldns_rr_rdf(rr, 3));
- size_t len = ldns_rdf_size(ldns_rr_rdf(rr, 3));
- char *babble = ldns_bubblebabble(data, len);
- if(babble)
- ldns_buffer_printf(output, " ; %s", babble);
- LDNS_FREE(babble);
- }
- break;
- case LDNS_RR_TYPE_NSEC3:
- if (ldns_nsec3_optout(rr)) {
- ldns_buffer_printf(output, " ; flags: optout");
- }
- break;
- default:
- break;
-
- }
- }
- /* last */
- ldns_buffer_printf(output, "\n");
- }
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_rr_list2buffer_str(ldns_buffer *output, const ldns_rr_list *list)
-{
- uint16_t i;
-
- for(i = 0; i < ldns_rr_list_rr_count(list); i++) {
- (void) ldns_rr2buffer_str(output, ldns_rr_list_rr(list, i));
- }
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_pktheader2buffer_str(ldns_buffer *output, const ldns_pkt *pkt)
-{
- ldns_lookup_table *opcode = ldns_lookup_by_id(ldns_opcodes,
- (int) ldns_pkt_get_opcode(pkt));
- ldns_lookup_table *rcode = ldns_lookup_by_id(ldns_rcodes,
- (int) ldns_pkt_get_rcode(pkt));
-
- ldns_buffer_printf(output, ";; ->>HEADER<<- ");
- if (opcode) {
- ldns_buffer_printf(output, "opcode: %s, ", opcode->name);
- } else {
- ldns_buffer_printf(output, "opcode: ?? (%u), ",
- ldns_pkt_get_opcode(pkt));
- }
- if (rcode) {
- ldns_buffer_printf(output, "rcode: %s, ", rcode->name);
- } else {
- ldns_buffer_printf(output, "rcode: ?? (%u), ", ldns_pkt_get_rcode(pkt));
- }
- ldns_buffer_printf(output, "id: %d\n", ldns_pkt_id(pkt));
- ldns_buffer_printf(output, ";; flags: ");
-
- if (ldns_pkt_qr(pkt)) {
- ldns_buffer_printf(output, "qr ");
- }
- if (ldns_pkt_aa(pkt)) {
- ldns_buffer_printf(output, "aa ");
- }
- if (ldns_pkt_tc(pkt)) {
- ldns_buffer_printf(output, "tc ");
- }
- if (ldns_pkt_rd(pkt)) {
- ldns_buffer_printf(output, "rd ");
- }
- if (ldns_pkt_cd(pkt)) {
- ldns_buffer_printf(output, "cd ");
- }
- if (ldns_pkt_ra(pkt)) {
- ldns_buffer_printf(output, "ra ");
- }
- if (ldns_pkt_ad(pkt)) {
- ldns_buffer_printf(output, "ad ");
- }
- ldns_buffer_printf(output, "; ");
- ldns_buffer_printf(output, "QUERY: %u, ", ldns_pkt_qdcount(pkt));
- ldns_buffer_printf(output, "ANSWER: %u, ", ldns_pkt_ancount(pkt));
- ldns_buffer_printf(output, "AUTHORITY: %u, ", ldns_pkt_nscount(pkt));
- ldns_buffer_printf(output, "ADDITIONAL: %u ", ldns_pkt_arcount(pkt));
- return ldns_buffer_status(output);
-}
-
-ldns_status
-ldns_pkt2buffer_str(ldns_buffer *output, const ldns_pkt *pkt)
-{
- uint16_t i;
- ldns_status status = LDNS_STATUS_OK;
- char *tmp;
- struct timeval time;
- time_t time_tt;
-
- if (!pkt) {
- ldns_buffer_printf(output, "null");
- return LDNS_STATUS_OK;
- }
-
- if (ldns_buffer_status_ok(output)) {
- status = ldns_pktheader2buffer_str(output, pkt);
- if (status != LDNS_STATUS_OK) {
- return status;
- }
-
- ldns_buffer_printf(output, "\n");
-
- ldns_buffer_printf(output, ";; QUESTION SECTION:\n;; ");
-
-
- for (i = 0; i < ldns_pkt_qdcount(pkt); i++) {
- status = ldns_rr2buffer_str(output,
- ldns_rr_list_rr(ldns_pkt_question(pkt), i));
- if (status != LDNS_STATUS_OK) {
- return status;
- }
- }
- ldns_buffer_printf(output, "\n");
-
- ldns_buffer_printf(output, ";; ANSWER SECTION:\n");
- for (i = 0; i < ldns_pkt_ancount(pkt); i++) {
- status = ldns_rr2buffer_str(output,
- ldns_rr_list_rr(ldns_pkt_answer(pkt), i));
- if (status != LDNS_STATUS_OK) {
- return status;
- }
-
- }
- ldns_buffer_printf(output, "\n");
-
- ldns_buffer_printf(output, ";; AUTHORITY SECTION:\n");
-
- for (i = 0; i < ldns_pkt_nscount(pkt); i++) {
- status = ldns_rr2buffer_str(output,
- ldns_rr_list_rr(ldns_pkt_authority(pkt), i));
- if (status != LDNS_STATUS_OK) {
- return status;
- }
- }
- ldns_buffer_printf(output, "\n");
-
- ldns_buffer_printf(output, ";; ADDITIONAL SECTION:\n");
- for (i = 0; i < ldns_pkt_arcount(pkt); i++) {
- status = ldns_rr2buffer_str(output,
- ldns_rr_list_rr(ldns_pkt_additional(pkt), i));
- if (status != LDNS_STATUS_OK) {
- return status;
- }
-
- }
- ldns_buffer_printf(output, "\n");
- /* add some futher fields */
- ldns_buffer_printf(output, ";; Query time: %d msec\n",
- ldns_pkt_querytime(pkt));
- if (ldns_pkt_edns(pkt)) {
- ldns_buffer_printf(output,
- ";; EDNS: version %u; flags:",
- ldns_pkt_edns_version(pkt));
- if (ldns_pkt_edns_do(pkt)) {
- ldns_buffer_printf(output, " do");
- }
- /* the extended rcode is the value set, shifted four bits,
- * and or'd with the original rcode */
- if (ldns_pkt_edns_extended_rcode(pkt)) {
- ldns_buffer_printf(output, " ; ext-rcode: %d",
- (ldns_pkt_edns_extended_rcode(pkt) << 4 | ldns_pkt_get_rcode(pkt)));
- }
- ldns_buffer_printf(output, " ; udp: %u\n",
- ldns_pkt_edns_udp_size(pkt));
-
- if (ldns_pkt_edns_data(pkt)) {
- ldns_buffer_printf(output, ";; Data: ");
- (void)ldns_rdf2buffer_str(output,
- ldns_pkt_edns_data(pkt));
- ldns_buffer_printf(output, "\n");
- }
- }
- if (ldns_pkt_tsig(pkt)) {
- ldns_buffer_printf(output, ";; TSIG:\n;; ");
- (void) ldns_rr2buffer_str(output, ldns_pkt_tsig(pkt));
- ldns_buffer_printf(output, "\n");
- }
- if (ldns_pkt_answerfrom(pkt)) {
- tmp = ldns_rdf2str(ldns_pkt_answerfrom(pkt));
- ldns_buffer_printf(output, ";; SERVER: %s\n", tmp);
- LDNS_FREE(tmp);
- }
- time = ldns_pkt_timestamp(pkt);
- time_tt = (time_t)time.tv_sec;
- ldns_buffer_printf(output, ";; WHEN: %s",
- (char*)ctime(&time_tt));
-
- ldns_buffer_printf(output, ";; MSG SIZE rcvd: %d\n",
- (int)ldns_pkt_size(pkt));
- } else {
- return ldns_buffer_status(output);
- }
- return status;
-}
-
-#ifdef HAVE_SSL
-static ldns_status
-ldns_hmac_key2buffer_str(ldns_buffer *output, const ldns_key *k)
-{
- ldns_status status;
- size_t i;
- ldns_rdf *b64_bignum;
-
- ldns_buffer_printf(output, "Key: ");
-
- i = ldns_key_hmac_size(k);
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, ldns_key_hmac_key(k));
- status = ldns_rdf2buffer_str(output, b64_bignum);
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- return status;
-}
-#endif
-
-#if defined(HAVE_SSL) && defined(USE_GOST)
-static ldns_status
-ldns_gost_key2buffer_str(ldns_buffer *output, EVP_PKEY *p)
-{
- unsigned char* pp = NULL;
- int ret;
- ldns_rdf *b64_bignum;
- ldns_status status;
-
- ldns_buffer_printf(output, "GostAsn1: ");
-
- ret = i2d_PrivateKey(p, &pp);
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, (size_t)ret, pp);
- status = ldns_rdf2buffer_str(output, b64_bignum);
-
- ldns_rdf_deep_free(b64_bignum);
- OPENSSL_free(pp);
- ldns_buffer_printf(output, "\n");
- return status;
-}
-#endif
-
-ldns_status
-ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
-{
- ldns_status status = LDNS_STATUS_OK;
- unsigned char *bignum;
-#ifndef S_SPLINT_S
- uint16_t i;
-#endif
-
-#ifdef HAVE_SSL
- /* not used when ssl is not defined */
- ldns_rdf *b64_bignum = NULL;
-
- RSA *rsa;
- DSA *dsa;
-#endif /* HAVE_SSL */
-
- if (!k) {
- return LDNS_STATUS_ERR;
- }
-
- bignum = LDNS_XMALLOC(unsigned char, LDNS_MAX_KEYLEN);
- if (!bignum) {
- return LDNS_STATUS_ERR;
- }
-
- if (ldns_buffer_status_ok(output)) {
-#ifdef HAVE_SSL
- switch(ldns_key_algorithm(k)) {
- case LDNS_SIGN_RSASHA1:
- case LDNS_SIGN_RSASHA1_NSEC3:
- case LDNS_SIGN_RSASHA256:
- case LDNS_SIGN_RSASHA512:
- case LDNS_SIGN_RSAMD5:
- /* copied by looking at dnssec-keygen output */
- /* header */
- rsa = ldns_key_rsa_key(k);
-
- ldns_buffer_printf(output,"Private-key-format: v1.2\n");
- switch(ldns_key_algorithm(k)) {
- case LDNS_SIGN_RSAMD5:
- ldns_buffer_printf(output,
- "Algorithm: %u (RSA)\n",
- LDNS_RSAMD5);
- break;
- case LDNS_SIGN_RSASHA1:
- ldns_buffer_printf(output,
- "Algorithm: %u (RSASHA1)\n",
- LDNS_RSASHA1);
- break;
- case LDNS_SIGN_RSASHA1_NSEC3:
- ldns_buffer_printf(output,
- "Algorithm: %u (RSASHA1_NSEC3)\n",
- LDNS_RSASHA1_NSEC3);
- break;
-#ifdef USE_SHA2
- case LDNS_SIGN_RSASHA256:
- ldns_buffer_printf(output,
- "Algorithm: %u (RSASHA256)\n",
- LDNS_RSASHA256);
- break;
- case LDNS_SIGN_RSASHA512:
- ldns_buffer_printf(output,
- "Algorithm: %u (RSASHA512)\n",
- LDNS_RSASHA512);
- break;
-#endif
- default:
- fprintf(stderr, "Warning: unknown signature ");
- fprintf(stderr,
- "algorithm type %u\n",
- ldns_key_algorithm(k));
- ldns_buffer_printf(output,
- "Algorithm: %u (Unknown)\n",
- ldns_key_algorithm(k));
- break;
- }
-
- /* print to buf, convert to bin, convert to b64,
- * print to buf */
- ldns_buffer_printf(output, "Modulus: ");
-#ifndef S_SPLINT_S
- i = (uint16_t)BN_bn2bin(rsa->n, bignum);
- if (i > LDNS_MAX_KEYLEN) {
- goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- ldns_buffer_printf(output, "PublicExponent: ");
- i = (uint16_t)BN_bn2bin(rsa->e, bignum);
- if (i > LDNS_MAX_KEYLEN) {
- goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
-
- ldns_buffer_printf(output, "PrivateExponent: ");
- if (rsa->d) {
- i = (uint16_t)BN_bn2bin(rsa->d, bignum);
- if (i > LDNS_MAX_KEYLEN) {
- goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- } else {
- ldns_buffer_printf(output, "(Not available)\n");
- }
-
- ldns_buffer_printf(output, "Prime1: ");
- if (rsa->p) {
- i = (uint16_t)BN_bn2bin(rsa->p, bignum);
- if (i > LDNS_MAX_KEYLEN) {
- goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- } else {
- ldns_buffer_printf(output, "(Not available)\n");
- }
-
- ldns_buffer_printf(output, "Prime2: ");
- if (rsa->q) {
- i = (uint16_t)BN_bn2bin(rsa->q, bignum);
- if (i > LDNS_MAX_KEYLEN) {
- goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- } else {
- ldns_buffer_printf(output, "(Not available)\n");
- }
-
- ldns_buffer_printf(output, "Exponent1: ");
- if (rsa->dmp1) {
- i = (uint16_t)BN_bn2bin(rsa->dmp1, bignum);
- if (i > LDNS_MAX_KEYLEN) {
- goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- } else {
- ldns_buffer_printf(output, "(Not available)\n");
- }
-
- ldns_buffer_printf(output, "Exponent2: ");
- if (rsa->dmq1) {
- i = (uint16_t)BN_bn2bin(rsa->dmq1, bignum);
- if (i > LDNS_MAX_KEYLEN) {
- goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- } else {
- ldns_buffer_printf(output, "(Not available)\n");
- }
-
- ldns_buffer_printf(output, "Coefficient: ");
- if (rsa->iqmp) {
- i = (uint16_t)BN_bn2bin(rsa->iqmp, bignum);
- if (i > LDNS_MAX_KEYLEN) {
- goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- } else {
- ldns_buffer_printf(output, "(Not available)\n");
- }
-#endif /* splint */
-
- RSA_free(rsa);
- break;
- case LDNS_SIGN_DSA:
- case LDNS_SIGN_DSA_NSEC3:
- dsa = ldns_key_dsa_key(k);
-
- ldns_buffer_printf(output,"Private-key-format: v1.2\n");
- if (ldns_key_algorithm(k) == LDNS_SIGN_DSA) {
- ldns_buffer_printf(output,"Algorithm: 3 (DSA)\n");
- } else if (ldns_key_algorithm(k) == LDNS_SIGN_DSA_NSEC3) {
- ldns_buffer_printf(output,"Algorithm: 6 (DSA_NSEC3)\n");
- }
-
- /* print to buf, convert to bin, convert to b64,
- * print to buf */
- ldns_buffer_printf(output, "Prime(p): ");
-#ifndef S_SPLINT_S
- if (dsa->p) {
- i = (uint16_t)BN_bn2bin(dsa->p, bignum);
- if (i > LDNS_MAX_KEYLEN) {
- goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- } else {
- printf("(Not available)\n");
- }
-
- ldns_buffer_printf(output, "Subprime(q): ");
- if (dsa->q) {
- i = (uint16_t)BN_bn2bin(dsa->q, bignum);
- if (i > LDNS_MAX_KEYLEN) {
- goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- } else {
- printf("(Not available)\n");
- }
-
- ldns_buffer_printf(output, "Base(g): ");
- if (dsa->g) {
- i = (uint16_t)BN_bn2bin(dsa->g, bignum);
- if (i > LDNS_MAX_KEYLEN) {
- goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- } else {
- printf("(Not available)\n");
- }
-
- ldns_buffer_printf(output, "Private_value(x): ");
- if (dsa->priv_key) {
- i = (uint16_t)BN_bn2bin(dsa->priv_key, bignum);
- if (i > LDNS_MAX_KEYLEN) {
- goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- } else {
- printf("(Not available)\n");
- }
-
- ldns_buffer_printf(output, "Public_value(y): ");
- if (dsa->pub_key) {
- i = (uint16_t)BN_bn2bin(dsa->pub_key, bignum);
- if (i > LDNS_MAX_KEYLEN) {
- goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- } else {
- printf("(Not available)\n");
- }
-#endif /* splint */
- break;
- case LDNS_SIGN_ECC_GOST:
- /* no format defined, use blob */
-#if defined(HAVE_SSL) && defined(USE_GOST)
- ldns_buffer_printf(output, "Private-key-format: v1.2\n");
- ldns_buffer_printf(output, "Algorithm: %d (ECC-GOST)\n", LDNS_SIGN_ECC_GOST);
- status = ldns_gost_key2buffer_str(output,
-#ifndef S_SPLINT_S
- k->_key.key
-#else
- NULL
-#endif
- );
-
-#endif
- break;
-#ifdef USE_ECDSA
- case LDNS_SIGN_ECDSAP256SHA256:
- case LDNS_SIGN_ECDSAP384SHA384:
- ldns_buffer_printf(output, "Private-key-format: v1.2\n");
- ldns_buffer_printf(output, "Algorithm: %d (", ldns_key_algorithm(k));
- status=ldns_algorithm2buffer_str(output, (ldns_algorithm)ldns_key_algorithm(k));
-#ifndef S_SPLINT_S
- ldns_buffer_printf(output, ")\n");
- if(k->_key.key) {
- EC_KEY* ec = EVP_PKEY_get1_EC_KEY(k->_key.key);
- const BIGNUM* b = EC_KEY_get0_private_key(ec);
- ldns_buffer_printf(output, "PrivateKey: ");
- i = (uint16_t)BN_bn2bin(b, bignum);
- if (i > LDNS_MAX_KEYLEN) {
- goto error;
- }
- b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum);
- if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) {
- goto error;
- }
- ldns_rdf_deep_free(b64_bignum);
- ldns_buffer_printf(output, "\n");
- /* down reference count in EC_KEY
- * its still assigned to the PKEY */
- EC_KEY_free(ec);
- }
-#endif /* splint */
- break;
-#endif
- case LDNS_SIGN_HMACMD5:
- /* there's not much of a format defined for TSIG */
- /* It's just a binary blob, Same for all algorithms */
- ldns_buffer_printf(output, "Private-key-format: v1.2\n");
- ldns_buffer_printf(output, "Algorithm: 157 (HMAC_MD5)\n");
- status = ldns_hmac_key2buffer_str(output, k);
- break;
- case LDNS_SIGN_HMACSHA1:
- ldns_buffer_printf(output, "Private-key-format: v1.2\n");
- ldns_buffer_printf(output, "Algorithm: 158 (HMAC_SHA1)\n");
- status = ldns_hmac_key2buffer_str(output, k);
- break;
- case LDNS_SIGN_HMACSHA256:
- ldns_buffer_printf(output, "Private-key-format: v1.2\n");
- ldns_buffer_printf(output, "Algorithm: 159 (HMAC_SHA256)\n");
- status = ldns_hmac_key2buffer_str(output, k);
- break;
- }
-#endif /* HAVE_SSL */
- } else {
-#ifdef HAVE_SSL
- LDNS_FREE(b64_bignum);
-#endif
- LDNS_FREE(bignum);
- return ldns_buffer_status(output);
- }
- LDNS_FREE(bignum);
- return status;
-
-#ifdef HAVE_SSL
- /* compiles warn the label isn't used */
-error:
- LDNS_FREE(bignum);
- return LDNS_STATUS_ERR;
-#endif /* HAVE_SSL */
-
-}
-
-/*
- * Zero terminate the buffer and fix it to the size of the string.
- */
-char *
-ldns_buffer2str(ldns_buffer *buffer)
-{
- char *tmp_str;
- char *str;
-
- /* check if buffer ends with \0, if not, and
- if there is space, add it */
- if (*(ldns_buffer_at(buffer, ldns_buffer_position(buffer))) != 0) {
- if (!ldns_buffer_reserve(buffer, 1)) {
- return NULL;
- }
- ldns_buffer_write_u8(buffer, (uint8_t) '\0');
- if (!ldns_buffer_set_capacity(buffer, ldns_buffer_position(buffer))) {
- return NULL;
- }
- }
-
- tmp_str = ldns_buffer_export(buffer);
- str = LDNS_XMALLOC(char, strlen(tmp_str) + 1);
- if(!str) {
- return NULL;
- }
- memcpy(str, tmp_str, strlen(tmp_str) + 1);
-
- return str;
-}
-
-char *
-ldns_rdf2str(const ldns_rdf *rdf)
-{
- char *result = NULL;
- ldns_buffer *tmp_buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN);
-
- if (!tmp_buffer) {
- return NULL;
- }
- if (ldns_rdf2buffer_str(tmp_buffer, rdf) == LDNS_STATUS_OK) {
- /* export and return string, destroy rest */
- result = ldns_buffer2str(tmp_buffer);
- }
- ldns_buffer_free(tmp_buffer);
- return result;
-}
-
-char *
-ldns_rr2str(const ldns_rr *rr)
-{
- char *result = NULL;
- ldns_buffer *tmp_buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN);
-
- if (!tmp_buffer) {
- return NULL;
- }
- if (ldns_rr2buffer_str(tmp_buffer, rr) == LDNS_STATUS_OK) {
- /* export and return string, destroy rest */
- result = ldns_buffer2str(tmp_buffer);
- }
- ldns_buffer_free(tmp_buffer);
- return result;
-}
-
-char *
-ldns_pkt2str(const ldns_pkt *pkt)
-{
- char *result = NULL;
- ldns_buffer *tmp_buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN);
-
- if (!tmp_buffer) {
- return NULL;
- }
- if (ldns_pkt2buffer_str(tmp_buffer, pkt) == LDNS_STATUS_OK) {
- /* export and return string, destroy rest */
- result = ldns_buffer2str(tmp_buffer);
- }
-
- ldns_buffer_free(tmp_buffer);
- return result;
-}
-
-char *
-ldns_key2str(const ldns_key *k)
-{
- char *result = NULL;
- ldns_buffer *tmp_buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN);
-
- if (!tmp_buffer) {
- return NULL;
- }
- if (ldns_key2buffer_str(tmp_buffer, k) == LDNS_STATUS_OK) {
- /* export and return string, destroy rest */
- result = ldns_buffer2str(tmp_buffer);
- }
- ldns_buffer_free(tmp_buffer);
- return result;
-}
-
-char *
-ldns_rr_list2str(const ldns_rr_list *list)
-{
- char *result = NULL;
- ldns_buffer *tmp_buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN);
-
- if (!tmp_buffer) {
- return NULL;
- }
- if (list) {
- if (ldns_rr_list2buffer_str(tmp_buffer, list) == LDNS_STATUS_OK) {
- }
- } else {
- ldns_buffer_printf(tmp_buffer, "(null)\n");
- }
-
- /* export and return string, destroy rest */
- result = ldns_buffer2str(tmp_buffer);
- ldns_buffer_free(tmp_buffer);
- return result;
-}
-
-void
-ldns_rdf_print(FILE *output, const ldns_rdf *rdf)
-{
- char *str = ldns_rdf2str(rdf);
- if (str) {
- fprintf(output, "%s", str);
- } else {
- fprintf(output, "Unable to convert rdf to string\n");
- }
- LDNS_FREE(str);
-}
-
-void
-ldns_rr_print(FILE *output, const ldns_rr *rr)
-{
- char *str = ldns_rr2str(rr);
- if (str) {
- fprintf(output, "%s", str);
- } else {
- fprintf(output, "Unable to convert rr to string\n");
- }
- LDNS_FREE(str);
-}
-
-void
-ldns_pkt_print(FILE *output, const ldns_pkt *pkt)
-{
- char *str = ldns_pkt2str(pkt);
- if (str) {
- fprintf(output, "%s", str);
- } else {
- fprintf(output, "Unable to convert packet to string\n");
- }
- LDNS_FREE(str);
-}
-
-void
-ldns_rr_list_print(FILE *output, const ldns_rr_list *lst)
-{
- size_t i;
- for (i = 0; i < ldns_rr_list_rr_count(lst); i++) {
- ldns_rr_print(output, ldns_rr_list_rr(lst, i));
- }
-}
-
-void
-ldns_resolver_print(FILE *output, const ldns_resolver *r)
-{
- uint16_t i;
- ldns_rdf **n;
- ldns_rdf **s;
- size_t *rtt;
- if (!r) {
- return;
- }
- n = ldns_resolver_nameservers(r);
- s = ldns_resolver_searchlist(r);
- rtt = ldns_resolver_rtt(r);
-
- fprintf(output, "port: %d\n", (int)ldns_resolver_port(r));
- fprintf(output, "edns0 size: %d\n", (int)ldns_resolver_edns_udp_size(r));
- fprintf(output, "use ip6: %d\n", (int)ldns_resolver_ip6(r));
-
- fprintf(output, "recursive: %d\n", ldns_resolver_recursive(r));
- fprintf(output, "usevc: %d\n", ldns_resolver_usevc(r));
- fprintf(output, "igntc: %d\n", ldns_resolver_igntc(r));
- fprintf(output, "fail: %d\n", ldns_resolver_fail(r));
- fprintf(output, "retry: %d\n", (int)ldns_resolver_retry(r));
- fprintf(output, "retrans: %d\n", (int)ldns_resolver_retrans(r));
- fprintf(output, "fallback: %d\n", ldns_resolver_fallback(r));
- fprintf(output, "random: %d\n", ldns_resolver_random(r));
- fprintf(output, "timeout: %d\n", (int)ldns_resolver_timeout(r).tv_sec);
- fprintf(output, "dnssec: %d\n", ldns_resolver_dnssec(r));
- fprintf(output, "dnssec cd: %d\n", ldns_resolver_dnssec_cd(r));
- fprintf(output, "trust anchors (%d listed):\n",
- (int)ldns_rr_list_rr_count(ldns_resolver_dnssec_anchors(r)));
- ldns_rr_list_print(output, ldns_resolver_dnssec_anchors(r));
- fprintf(output, "tsig: %s %s\n",
- ldns_resolver_tsig_keyname(r)?ldns_resolver_tsig_keyname(r):"-",
- ldns_resolver_tsig_algorithm(r)?ldns_resolver_tsig_algorithm(r):"-");
- fprintf(output, "debug: %d\n", ldns_resolver_debug(r));
-
- fprintf(output, "default domain: ");
- ldns_rdf_print(output, ldns_resolver_domain(r));
- fprintf(output, "\n");
- fprintf(output, "apply default domain: %d\n", ldns_resolver_defnames(r));
-
- fprintf(output, "searchlist (%d listed):\n", (int)ldns_resolver_searchlist_count(r));
- for (i = 0; i < ldns_resolver_searchlist_count(r); i++) {
- fprintf(output, "\t");
- ldns_rdf_print(output, s[i]);
- fprintf(output, "\n");
- }
- fprintf(output, "apply search list: %d\n", ldns_resolver_dnsrch(r));
-
- fprintf(output, "nameservers (%d listed):\n", (int)ldns_resolver_nameserver_count(r));
- for (i = 0; i < ldns_resolver_nameserver_count(r); i++) {
- fprintf(output, "\t");
- ldns_rdf_print(output, n[i]);
-
- switch ((int)rtt[i]) {
- case LDNS_RESOLV_RTT_MIN:
- fprintf(output, " - reachable\n");
- break;
- case LDNS_RESOLV_RTT_INF:
- fprintf(output, " - unreachable\n");
- break;
- }
- }
-}
-
-void
-ldns_zone_print(FILE *output, const ldns_zone *z)
-{
- if(ldns_zone_soa(z))
- ldns_rr_print(output, ldns_zone_soa(z));
- ldns_rr_list_print(output, ldns_zone_rrs(z));
-}
+++ /dev/null
-/*
- * host2wire.c
- *
- * conversion routines from the host to the wire format.
- * This will usually just a re-ordering of the
- * data (as we store it in network format)
- *
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2004-2006
- *
- * See the file LICENSE for the license
- */
-
-#include <ldns/config.h>
-
-#include <ldns/ldns.h>
-
-/* TODO Jelte
- add a pointer to a 'possiblecompression' structure
- to all the needed functions?
- something like an array of name, pointer values?
- every dname part could be added to it
-*/
-
-ldns_status
-ldns_dname2buffer_wire(ldns_buffer *buffer, const ldns_rdf *name)
-{
- if (ldns_buffer_reserve(buffer, ldns_rdf_size(name))) {
- ldns_buffer_write(buffer, ldns_rdf_data(name), ldns_rdf_size(name));
- }
- return ldns_buffer_status(buffer);
-}
-
-ldns_status
-ldns_rdf2buffer_wire(ldns_buffer *buffer, const ldns_rdf *rdf)
-{
- if (ldns_buffer_reserve(buffer, ldns_rdf_size(rdf))) {
- ldns_buffer_write(buffer, ldns_rdf_data(rdf), ldns_rdf_size(rdf));
- }
- return ldns_buffer_status(buffer);
-}
-
-ldns_status
-ldns_rdf2buffer_wire_canonical(ldns_buffer *buffer, const ldns_rdf *rdf)
-{
- size_t i;
- uint8_t *rdf_data;
-
- if (ldns_rdf_get_type(rdf) == LDNS_RDF_TYPE_DNAME) {
- if (ldns_buffer_reserve(buffer, ldns_rdf_size(rdf))) {
- rdf_data = ldns_rdf_data(rdf);
- for (i = 0; i < ldns_rdf_size(rdf); i++) {
- ldns_buffer_write_u8(buffer,
- (uint8_t) LDNS_DNAME_NORMALIZE((int)rdf_data[i]));
- }
- }
- } else {
- /* direct copy for all other types */
- if (ldns_buffer_reserve(buffer, ldns_rdf_size(rdf))) {
- ldns_buffer_write(buffer,
- ldns_rdf_data(rdf),
- ldns_rdf_size(rdf));
- }
- }
- return ldns_buffer_status(buffer);
-}
-
-/* convert a rr list to wireformat */
-ldns_status
-ldns_rr_list2buffer_wire(ldns_buffer *buffer,const ldns_rr_list *rr_list)
-{
- uint16_t rr_count;
- uint16_t i;
-
- rr_count = ldns_rr_list_rr_count(rr_list);
- for(i = 0; i < rr_count; i++) {
- (void)ldns_rr2buffer_wire(buffer, ldns_rr_list_rr(rr_list, i),
- LDNS_SECTION_ANY);
- }
- return ldns_buffer_status(buffer);
-}
-
-ldns_status
-ldns_rr2buffer_wire_canonical(ldns_buffer *buffer,
- const ldns_rr *rr,
- int section)
-{
- uint16_t i;
- uint16_t rdl_pos = 0;
- bool pre_rfc3597 = false;
- switch (ldns_rr_get_type(rr)) {
- case LDNS_RR_TYPE_NS:
- case LDNS_RR_TYPE_MD:
- case LDNS_RR_TYPE_MF:
- case LDNS_RR_TYPE_CNAME:
- case LDNS_RR_TYPE_SOA:
- case LDNS_RR_TYPE_MB:
- case LDNS_RR_TYPE_MG:
- case LDNS_RR_TYPE_MR:
- case LDNS_RR_TYPE_PTR:
- case LDNS_RR_TYPE_HINFO:
- case LDNS_RR_TYPE_MINFO:
- case LDNS_RR_TYPE_MX:
- case LDNS_RR_TYPE_RP:
- case LDNS_RR_TYPE_AFSDB:
- case LDNS_RR_TYPE_RT:
- case LDNS_RR_TYPE_SIG:
- case LDNS_RR_TYPE_PX:
- case LDNS_RR_TYPE_NXT:
- case LDNS_RR_TYPE_NAPTR:
- case LDNS_RR_TYPE_KX:
- case LDNS_RR_TYPE_SRV:
- case LDNS_RR_TYPE_DNAME:
- case LDNS_RR_TYPE_A6:
- pre_rfc3597 = true;
- break;
- default:
- break;
- }
-
- if (ldns_rr_owner(rr)) {
- (void) ldns_rdf2buffer_wire_canonical(buffer, ldns_rr_owner(rr));
- }
-
- if (ldns_buffer_reserve(buffer, 4)) {
- (void) ldns_buffer_write_u16(buffer, ldns_rr_get_type(rr));
- (void) ldns_buffer_write_u16(buffer, ldns_rr_get_class(rr));
- }
-
- if (section != LDNS_SECTION_QUESTION) {
- if (ldns_buffer_reserve(buffer, 6)) {
- ldns_buffer_write_u32(buffer, ldns_rr_ttl(rr));
- /* remember pos for later */
- rdl_pos = ldns_buffer_position(buffer);
- ldns_buffer_write_u16(buffer, 0);
- }
-
- for (i = 0; i < ldns_rr_rd_count(rr); i++) {
- if (pre_rfc3597) {
- (void) ldns_rdf2buffer_wire_canonical(buffer,
- ldns_rr_rdf(rr, i));
- } else {
- (void) ldns_rdf2buffer_wire(buffer, ldns_rr_rdf(rr, i));
- }
- }
-
- if (rdl_pos != 0) {
- ldns_buffer_write_u16_at(buffer, rdl_pos,
- ldns_buffer_position(buffer)
- - rdl_pos - 2);
- }
- }
- return ldns_buffer_status(buffer);
-}
-
-ldns_status
-ldns_rr2buffer_wire(ldns_buffer *buffer, const ldns_rr *rr, int section)
-{
- uint16_t i;
- uint16_t rdl_pos = 0;
-
- if (ldns_rr_owner(rr)) {
- (void) ldns_dname2buffer_wire(buffer, ldns_rr_owner(rr));
- }
-
- if (ldns_buffer_reserve(buffer, 4)) {
- (void) ldns_buffer_write_u16(buffer, ldns_rr_get_type(rr));
- (void) ldns_buffer_write_u16(buffer, ldns_rr_get_class(rr));
- }
-
- if (section != LDNS_SECTION_QUESTION) {
- if (ldns_buffer_reserve(buffer, 6)) {
- ldns_buffer_write_u32(buffer, ldns_rr_ttl(rr));
- /* remember pos for later */
- rdl_pos = ldns_buffer_position(buffer);
- ldns_buffer_write_u16(buffer, 0);
- }
-
- for (i = 0; i < ldns_rr_rd_count(rr); i++) {
- (void) ldns_rdf2buffer_wire(buffer, ldns_rr_rdf(rr, i));
- }
-
- if (rdl_pos != 0) {
- ldns_buffer_write_u16_at(buffer, rdl_pos,
- ldns_buffer_position(buffer)
- - rdl_pos - 2);
- }
- }
- return ldns_buffer_status(buffer);
-}
-
-ldns_status
-ldns_rrsig2buffer_wire(ldns_buffer *buffer, const ldns_rr *rr)
-{
- uint16_t i;
-
- /* it must be a sig RR */
- if (ldns_rr_get_type(rr) != LDNS_RR_TYPE_RRSIG) {
- return LDNS_STATUS_ERR;
- }
-
- /* Convert all the rdfs, except the actual signature data
- * rdf number 8 - the last, hence: -1 */
- for (i = 0; i < ldns_rr_rd_count(rr) - 1; i++) {
- if (ldns_rr_rdf(rr, i)) {
- (void) ldns_rdf2buffer_wire(buffer, ldns_rr_rdf(rr, i));
- }
- }
-
- return ldns_buffer_status(buffer);
-}
-
-ldns_status
-ldns_rr_rdata2buffer_wire(ldns_buffer *buffer, const ldns_rr *rr)
-{
- uint16_t i;
- /* convert all the rdf's */
- for (i = 0; i < ldns_rr_rd_count(rr); i++) {
- (void) ldns_rdf2buffer_wire(buffer, ldns_rr_rdf(rr, i));
- }
-
- return ldns_buffer_status(buffer);
-}
-
-/*
- * Copies the packet header data to the buffer in wire format
- */
-static ldns_status
-ldns_hdr2buffer_wire(ldns_buffer *buffer, const ldns_pkt *packet)
-{
- uint8_t flags;
- uint16_t arcount;
-
- if (ldns_buffer_reserve(buffer, 12)) {
- ldns_buffer_write_u16(buffer, ldns_pkt_id(packet));
-
- flags = ldns_pkt_qr(packet) << 7
- | ldns_pkt_get_opcode(packet) << 3
- | ldns_pkt_aa(packet) << 2
- | ldns_pkt_tc(packet) << 1 | ldns_pkt_rd(packet);
- ldns_buffer_write_u8(buffer, flags);
-
- flags = ldns_pkt_ra(packet) << 7
- /*| ldns_pkt_z(packet) << 6*/
- | ldns_pkt_ad(packet) << 5
- | ldns_pkt_cd(packet) << 4 | ldns_pkt_get_rcode(packet);
- ldns_buffer_write_u8(buffer, flags);
-
- ldns_buffer_write_u16(buffer, ldns_pkt_qdcount(packet));
- ldns_buffer_write_u16(buffer, ldns_pkt_ancount(packet));
- ldns_buffer_write_u16(buffer, ldns_pkt_nscount(packet));
- /* add EDNS0 and TSIG to additional if they are there */
- arcount = ldns_pkt_arcount(packet);
- if (ldns_pkt_tsig(packet)) {
- arcount++;
- }
- if (ldns_pkt_edns(packet)) {
- arcount++;
- }
- ldns_buffer_write_u16(buffer, arcount);
- }
-
- return ldns_buffer_status(buffer);
-}
-
-ldns_status
-ldns_pkt2buffer_wire(ldns_buffer *buffer, const ldns_pkt *packet)
-{
- ldns_rr_list *rr_list;
- uint16_t i;
-
- /* edns tmp vars */
- ldns_rr *edns_rr;
- uint8_t edata[4];
-
- (void) ldns_hdr2buffer_wire(buffer, packet);
-
- rr_list = ldns_pkt_question(packet);
- if (rr_list) {
- for (i = 0; i < ldns_rr_list_rr_count(rr_list); i++) {
- (void) ldns_rr2buffer_wire(buffer,
- ldns_rr_list_rr(rr_list, i), LDNS_SECTION_QUESTION);
- }
- }
- rr_list = ldns_pkt_answer(packet);
- if (rr_list) {
- for (i = 0; i < ldns_rr_list_rr_count(rr_list); i++) {
- (void) ldns_rr2buffer_wire(buffer,
- ldns_rr_list_rr(rr_list, i), LDNS_SECTION_ANSWER);
- }
- }
- rr_list = ldns_pkt_authority(packet);
- if (rr_list) {
- for (i = 0; i < ldns_rr_list_rr_count(rr_list); i++) {
- (void) ldns_rr2buffer_wire(buffer,
- ldns_rr_list_rr(rr_list, i), LDNS_SECTION_AUTHORITY);
- }
- }
- rr_list = ldns_pkt_additional(packet);
- if (rr_list) {
- for (i = 0; i < ldns_rr_list_rr_count(rr_list); i++) {
- (void) ldns_rr2buffer_wire(buffer,
- ldns_rr_list_rr(rr_list, i), LDNS_SECTION_ADDITIONAL);
- }
- }
-
- /* add EDNS to additional if it is needed */
- if (ldns_pkt_edns(packet)) {
- edns_rr = ldns_rr_new();
- if(!edns_rr) return LDNS_STATUS_MEM_ERR;
- ldns_rr_set_owner(edns_rr,
- ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, "."));
- ldns_rr_set_type(edns_rr, LDNS_RR_TYPE_OPT);
- ldns_rr_set_class(edns_rr, ldns_pkt_edns_udp_size(packet));
- edata[0] = ldns_pkt_edns_extended_rcode(packet);
- edata[1] = ldns_pkt_edns_version(packet);
- ldns_write_uint16(&edata[2], ldns_pkt_edns_z(packet));
- ldns_rr_set_ttl(edns_rr, ldns_read_uint32(edata));
- /* don't forget to add the edns rdata (if any) */
- if (packet->_edns_data)
- ldns_rr_push_rdf (edns_rr, packet->_edns_data);
- (void)ldns_rr2buffer_wire(buffer, edns_rr, LDNS_SECTION_ADDITIONAL);
- /* take the edns rdata back out of the rr before we free rr */
- if (packet->_edns_data)
- (void)ldns_rr_pop_rdf (edns_rr);
- ldns_rr_free(edns_rr);
- }
-
- /* add TSIG to additional if it is there */
- if (ldns_pkt_tsig(packet)) {
- (void) ldns_rr2buffer_wire(buffer,
- ldns_pkt_tsig(packet), LDNS_SECTION_ADDITIONAL);
- }
-
- return LDNS_STATUS_OK;
-}
-
-ldns_status
-ldns_rdf2wire(uint8_t **dest, const ldns_rdf *rdf, size_t *result_size)
-{
- ldns_buffer *buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN);
- uint8_t *result = NULL;
- ldns_status status;
- *result_size = 0;
- *dest = NULL;
- if(!buffer) return LDNS_STATUS_MEM_ERR;
-
- status = ldns_rdf2buffer_wire(buffer, rdf);
- if (status == LDNS_STATUS_OK) {
- *result_size = ldns_buffer_position(buffer);
- result = (uint8_t *) ldns_buffer_export(buffer);
- } else {
- ldns_buffer_free(buffer);
- return status;
- }
-
- if (result) {
- *dest = LDNS_XMALLOC(uint8_t, ldns_buffer_position(buffer));
- if(!*dest) {
- ldns_buffer_free(buffer);
- return LDNS_STATUS_MEM_ERR;
- }
- memcpy(*dest, result, ldns_buffer_position(buffer));
- }
-
- ldns_buffer_free(buffer);
- return status;
-}
-
-ldns_status
-ldns_rr2wire(uint8_t **dest, const ldns_rr *rr, int section, size_t *result_size)
-{
- ldns_buffer *buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN);
- uint8_t *result = NULL;
- ldns_status status;
- *result_size = 0;
- *dest = NULL;
- if(!buffer) return LDNS_STATUS_MEM_ERR;
-
- status = ldns_rr2buffer_wire(buffer, rr, section);
- if (status == LDNS_STATUS_OK) {
- *result_size = ldns_buffer_position(buffer);
- result = (uint8_t *) ldns_buffer_export(buffer);
- } else {
- ldns_buffer_free(buffer);
- return status;
- }
-
- if (result) {
- *dest = LDNS_XMALLOC(uint8_t, ldns_buffer_position(buffer));
- if(!*dest) {
- ldns_buffer_free(buffer);
- return LDNS_STATUS_MEM_ERR;
- }
- memcpy(*dest, result, ldns_buffer_position(buffer));
- }
-
- ldns_buffer_free(buffer);
- return status;
-}
-
-ldns_status
-ldns_pkt2wire(uint8_t **dest, const ldns_pkt *packet, size_t *result_size)
-{
- ldns_buffer *buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN);
- uint8_t *result = NULL;
- ldns_status status;
- *result_size = 0;
- *dest = NULL;
- if(!buffer) return LDNS_STATUS_MEM_ERR;
-
- status = ldns_pkt2buffer_wire(buffer, packet);
- if (status == LDNS_STATUS_OK) {
- *result_size = ldns_buffer_position(buffer);
- result = (uint8_t *) ldns_buffer_export(buffer);
- } else {
- ldns_buffer_free(buffer);
- return status;
- }
-
- if (result) {
- *dest = LDNS_XMALLOC(uint8_t, ldns_buffer_position(buffer));
- if(!*dest) {
- ldns_buffer_free(buffer);
- return LDNS_STATUS_MEM_ERR;
- }
- memcpy(*dest, result, ldns_buffer_position(buffer));
- }
-
- ldns_buffer_free(buffer);
- return status;
-}
+++ /dev/null
-/*
- * keys.c handle private keys for use in DNSSEC
- *
- * This module should hide some of the openSSL complexities
- * and give a general interface for private keys and hmac
- * handling
- *
- * (c) NLnet Labs, 2004-2006
- *
- * See the file LICENSE for the license
- */
-
-#include <ldns/config.h>
-
-#include <ldns/ldns.h>
-
-#ifdef HAVE_SSL
-#include <openssl/ssl.h>
-#include <openssl/engine.h>
-#include <openssl/rand.h>
-#endif /* HAVE_SSL */
-
-ldns_lookup_table ldns_signing_algorithms[] = {
- { LDNS_SIGN_RSAMD5, "RSAMD5" },
- { LDNS_SIGN_RSASHA1, "RSASHA1" },
- { LDNS_SIGN_RSASHA1_NSEC3, "RSASHA1-NSEC3-SHA1" },
-#ifdef USE_SHA2
- { LDNS_SIGN_RSASHA256, "RSASHA256" },
- { LDNS_SIGN_RSASHA512, "RSASHA512" },
-#endif
-#ifdef USE_GOST
- { LDNS_SIGN_ECC_GOST, "ECC-GOST" },
-#endif
-#ifdef USE_ECDSA
- { LDNS_SIGN_ECDSAP256SHA256, "ECDSAP256SHA256" },
- { LDNS_SIGN_ECDSAP384SHA384, "ECDSAP384SHA384" },
-#endif
- { LDNS_SIGN_DSA, "DSA" },
- { LDNS_SIGN_DSA_NSEC3, "DSA-NSEC3-SHA1" },
- { LDNS_SIGN_HMACMD5, "hmac-md5.sig-alg.reg.int" },
- { LDNS_SIGN_HMACSHA1, "hmac-sha1" },
- { LDNS_SIGN_HMACSHA256, "hmac-sha256" },
- { 0, NULL }
-};
-
-ldns_key_list *
-ldns_key_list_new()
-{
- ldns_key_list *key_list = LDNS_MALLOC(ldns_key_list);
- if (!key_list) {
- return NULL;
- } else {
- key_list->_key_count = 0;
- key_list->_keys = NULL;
- return key_list;
- }
-}
-
-ldns_key *
-ldns_key_new()
-{
- ldns_key *newkey;
-
- newkey = LDNS_MALLOC(ldns_key);
- if (!newkey) {
- return NULL;
- } else {
- /* some defaults - not sure wether to do this */
- ldns_key_set_use(newkey, true);
- ldns_key_set_flags(newkey, LDNS_KEY_ZONE_KEY);
- ldns_key_set_origttl(newkey, 0);
- ldns_key_set_keytag(newkey, 0);
- ldns_key_set_inception(newkey, 0);
- ldns_key_set_expiration(newkey, 0);
- ldns_key_set_pubkey_owner(newkey, NULL);
-#ifdef HAVE_SSL
- ldns_key_set_evp_key(newkey, NULL);
-#endif /* HAVE_SSL */
- ldns_key_set_hmac_key(newkey, NULL);
- ldns_key_set_external_key(newkey, NULL);
- return newkey;
- }
-}
-
-ldns_status
-ldns_key_new_frm_fp(ldns_key **k, FILE *fp)
-{
- return ldns_key_new_frm_fp_l(k, fp, NULL);
-}
-
-#ifdef HAVE_SSL
-ldns_status
-ldns_key_new_frm_engine(ldns_key **key, ENGINE *e, char *key_id, ldns_algorithm alg)
-{
- ldns_key *k;
-
- k = ldns_key_new();
- if(!k) return LDNS_STATUS_MEM_ERR;
-#ifndef S_SPLINT_S
- k->_key.key = ENGINE_load_private_key(e, key_id, UI_OpenSSL(), NULL);
- if(!k->_key.key) {
- ldns_key_free(k);
- return LDNS_STATUS_ERR;
- }
- ldns_key_set_algorithm(k, (ldns_signing_algorithm) alg);
- if (!k->_key.key) {
- ldns_key_free(k);
- return LDNS_STATUS_ENGINE_KEY_NOT_LOADED;
- }
-#endif /* splint */
- *key = k;
- return LDNS_STATUS_OK;
-}
-#endif
-
-#ifdef USE_GOST
-/** store GOST engine reference loaded into OpenSSL library */
-ENGINE* ldns_gost_engine = NULL;
-
-int
-ldns_key_EVP_load_gost_id(void)
-{
- static int gost_id = 0;
- const EVP_PKEY_ASN1_METHOD* meth;
- ENGINE* e;
-
- if(gost_id) return gost_id;
-
- /* see if configuration loaded gost implementation from other engine*/
- meth = EVP_PKEY_asn1_find_str(NULL, "gost2001", -1);
- if(meth) {
- EVP_PKEY_asn1_get0_info(&gost_id, NULL, NULL, NULL, NULL, meth);
- return gost_id;
- }
-
- /* see if engine can be loaded already */
- e = ENGINE_by_id("gost");
- if(!e) {
- /* load it ourself, in case statically linked */
- ENGINE_load_builtin_engines();
- ENGINE_load_dynamic();
- e = ENGINE_by_id("gost");
- }
- if(!e) {
- /* no gost engine in openssl */
- return 0;
- }
- if(!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {
- ENGINE_finish(e);
- ENGINE_free(e);
- return 0;
- }
-
- meth = EVP_PKEY_asn1_find_str(&e, "gost2001", -1);
- if(!meth) {
- /* algo not found */
- ENGINE_finish(e);
- ENGINE_free(e);
- return 0;
- }
- /* Note: do not ENGINE_finish and ENGINE_free the acquired engine
- * on some platforms this frees up the meth and unloads gost stuff */
- ldns_gost_engine = e;
-
- EVP_PKEY_asn1_get0_info(&gost_id, NULL, NULL, NULL, NULL, meth);
- return gost_id;
-}
-
-void ldns_key_EVP_unload_gost(void)
-{
- if(ldns_gost_engine) {
- ENGINE_finish(ldns_gost_engine);
- ENGINE_free(ldns_gost_engine);
- ldns_gost_engine = NULL;
- }
-}
-
-/** read GOST private key */
-static EVP_PKEY*
-ldns_key_new_frm_fp_gost_l(FILE* fp, int* line_nr)
-{
- char token[16384];
- const unsigned char* pp;
- int gost_id;
- EVP_PKEY* pkey;
- ldns_rdf* b64rdf = NULL;
-
- gost_id = ldns_key_EVP_load_gost_id();
- if(!gost_id)
- return NULL;
-
- if (ldns_fget_keyword_data_l(fp, "GostAsn1", ": ", token, "\n",
- sizeof(token), line_nr) == -1)
- return NULL;
- while(strlen(token) < 96) {
- /* read more b64 from the file, b64 split on multiple lines */
- if(ldns_fget_token_l(fp, token+strlen(token), "\n",
- sizeof(token)-strlen(token), line_nr) == -1)
- return NULL;
- }
- if(ldns_str2rdf_b64(&b64rdf, token) != LDNS_STATUS_OK)
- return NULL;
- pp = (unsigned char*)ldns_rdf_data(b64rdf);
- pkey = d2i_PrivateKey(gost_id, NULL, &pp, (int)ldns_rdf_size(b64rdf));
- ldns_rdf_deep_free(b64rdf);
- return pkey;
-}
-#endif
-
-#ifdef USE_ECDSA
-/** calculate public key from private key */
-static int
-ldns_EC_KEY_calc_public(EC_KEY* ec)
-{
- EC_POINT* pub_key;
- const EC_GROUP* group;
- group = EC_KEY_get0_group(ec);
- pub_key = EC_POINT_new(group);
- if(!pub_key) return 0;
- if(!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group))) {
- EC_POINT_free(pub_key);
- return 0;
- }
- if(!EC_POINT_mul(group, pub_key, EC_KEY_get0_private_key(ec),
- NULL, NULL, NULL)) {
- EC_POINT_free(pub_key);
- return 0;
- }
- if(EC_KEY_set_public_key(ec, pub_key) == 0) {
- EC_POINT_free(pub_key);
- return 0;
- }
- EC_POINT_free(pub_key);
- return 1;
-}
-
-/** read ECDSA private key */
-static EVP_PKEY*
-ldns_key_new_frm_fp_ecdsa_l(FILE* fp, ldns_algorithm alg, int* line_nr)
-{
- char token[16384];
- ldns_rdf* b64rdf = NULL;
- unsigned char* pp;
- BIGNUM* bn;
- EVP_PKEY* evp_key;
- EC_KEY* ec;
- if (ldns_fget_keyword_data_l(fp, "PrivateKey", ": ", token, "\n",
- sizeof(token), line_nr) == -1)
- return NULL;
- if(ldns_str2rdf_b64(&b64rdf, token) != LDNS_STATUS_OK)
- return NULL;
- pp = (unsigned char*)ldns_rdf_data(b64rdf);
-
- if(alg == LDNS_ECDSAP256SHA256)
- ec = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
- else if(alg == LDNS_ECDSAP384SHA384)
- ec = EC_KEY_new_by_curve_name(NID_secp384r1);
- else ec = NULL;
- if(!ec) {
- ldns_rdf_deep_free(b64rdf);
- return NULL;
- }
- bn = BN_bin2bn(pp, (int)ldns_rdf_size(b64rdf), NULL);
- ldns_rdf_deep_free(b64rdf);
- if(!bn) {
- EC_KEY_free(ec);
- return NULL;
- }
- EC_KEY_set_private_key(ec, bn);
- BN_free(bn);
- if(!ldns_EC_KEY_calc_public(ec)) {
- EC_KEY_free(ec);
- return NULL;
- }
-
- evp_key = EVP_PKEY_new();
- if(!evp_key) {
- EC_KEY_free(ec);
- return NULL;
- }
- EVP_PKEY_assign_EC_KEY(evp_key, ec);
-
- return evp_key;
-}
-#endif
-
-ldns_status
-ldns_key_new_frm_fp_l(ldns_key **key, FILE *fp, int *line_nr)
-{
- ldns_key *k;
- char *d;
- ldns_signing_algorithm alg;
- ldns_rr *key_rr;
-#ifdef HAVE_SSL
- RSA *rsa;
- DSA *dsa;
- unsigned char *hmac;
- size_t hmac_size;
-#endif /* HAVE_SSL */
-
- k = ldns_key_new();
-
- d = LDNS_XMALLOC(char, LDNS_MAX_LINELEN);
- if (!k || !d) {
- ldns_key_free(k);
- LDNS_FREE(d);
- return LDNS_STATUS_MEM_ERR;
- }
-
- alg = 0;
-
- /* the file is highly structured. Do this in sequence */
- /* RSA:
- * Private-key-format: v1.2
- * Algorithm: 1 (RSA)
-
- */
- /* get the key format version number */
- if (ldns_fget_keyword_data_l(fp, "Private-key-format", ": ", d, "\n",
- LDNS_MAX_LINELEN, line_nr) == -1) {
- /* no version information */
- ldns_key_free(k);
- LDNS_FREE(d);
- return LDNS_STATUS_SYNTAX_ERR;
- }
- if (strncmp(d, "v1.2", strlen(d)) != 0) {
- ldns_key_free(k);
- LDNS_FREE(d);
- return LDNS_STATUS_SYNTAX_VERSION_ERR;
- }
-
- /* get the algorithm type, our file function strip ( ) so there are
- * not in the return string! */
- if (ldns_fget_keyword_data_l(fp, "Algorithm", ": ", d, "\n",
- LDNS_MAX_LINELEN, line_nr) == -1) {
- /* no alg information */
- ldns_key_free(k);
- LDNS_FREE(d);
- return LDNS_STATUS_SYNTAX_ALG_ERR;
- }
-
- if (strncmp(d, "1 RSA", 2) == 0) {
- alg = LDNS_SIGN_RSAMD5;
- }
- if (strncmp(d, "2 DH", 2) == 0) {
- alg = (ldns_signing_algorithm)LDNS_DH;
- }
- if (strncmp(d, "3 DSA", 2) == 0) {
- alg = LDNS_SIGN_DSA;
- }
- if (strncmp(d, "4 ECC", 2) == 0) {
- alg = (ldns_signing_algorithm)LDNS_ECC;
- }
- if (strncmp(d, "5 RSASHA1", 2) == 0) {
- alg = LDNS_SIGN_RSASHA1;
- }
- if (strncmp(d, "6 DSA", 2) == 0) {
- alg = LDNS_SIGN_DSA_NSEC3;
- }
- if (strncmp(d, "7 RSASHA1", 2) == 0) {
- alg = LDNS_SIGN_RSASHA1_NSEC3;
- }
-
- if (strncmp(d, "8 RSASHA256", 2) == 0) {
-#ifdef USE_SHA2
- alg = LDNS_SIGN_RSASHA256;
-#else
- fprintf(stderr, "Warning: SHA256 not compiled into this ");
- fprintf(stderr, "version of ldns\n");
-#endif
- }
- if (strncmp(d, "10 RSASHA512", 3) == 0) {
-#ifdef USE_SHA2
- alg = LDNS_SIGN_RSASHA512;
-#else
- fprintf(stderr, "Warning: SHA512 not compiled into this ");
- fprintf(stderr, "version of ldns\n");
-#endif
- }
- if (strncmp(d, "12 ECC-GOST", 3) == 0) {
-#ifdef USE_GOST
- alg = LDNS_SIGN_ECC_GOST;
-#else
- fprintf(stderr, "Warning: ECC-GOST not compiled into this ");
- fprintf(stderr, "version of ldns, use --enable-gost\n");
-#endif
- }
-#ifdef USE_ECDSA
- if (strncmp(d, "13 ECDSAP256SHA256", 3) == 0) {
- alg = LDNS_SIGN_ECDSAP256SHA256;
- }
- if (strncmp(d, "14 ECDSAP384SHA384", 3) == 0) {
- alg = LDNS_SIGN_ECDSAP384SHA384;
- }
-#endif
- if (strncmp(d, "157 HMAC-MD5", 4) == 0) {
- alg = LDNS_SIGN_HMACMD5;
- }
- if (strncmp(d, "158 HMAC-SHA1", 4) == 0) {
- alg = LDNS_SIGN_HMACSHA1;
- }
- if (strncmp(d, "159 HMAC-SHA256", 4) == 0) {
- alg = LDNS_SIGN_HMACSHA256;
- }
-
- LDNS_FREE(d);
-
- switch(alg) {
- case LDNS_SIGN_RSAMD5:
- case LDNS_SIGN_RSASHA1:
- case LDNS_SIGN_RSASHA1_NSEC3:
-#ifdef USE_SHA2
- case LDNS_SIGN_RSASHA256:
- case LDNS_SIGN_RSASHA512:
-#endif
- ldns_key_set_algorithm(k, alg);
-#ifdef HAVE_SSL
- rsa = ldns_key_new_frm_fp_rsa_l(fp, line_nr);
- if (!rsa) {
- ldns_key_free(k);
- return LDNS_STATUS_ERR;
- }
- ldns_key_set_rsa_key(k, rsa);
- RSA_free(rsa);
-#endif /* HAVE_SSL */
- break;
- case LDNS_SIGN_DSA:
- case LDNS_SIGN_DSA_NSEC3:
- ldns_key_set_algorithm(k, alg);
-#ifdef HAVE_SSL
- dsa = ldns_key_new_frm_fp_dsa_l(fp, line_nr);
- if (!dsa) {
- ldns_key_free(k);
- return LDNS_STATUS_ERR;
- }
- ldns_key_set_dsa_key(k, dsa);
- DSA_free(dsa);
-#endif /* HAVE_SSL */
- break;
- case LDNS_SIGN_HMACMD5:
- case LDNS_SIGN_HMACSHA1:
- case LDNS_SIGN_HMACSHA256:
- ldns_key_set_algorithm(k, alg);
-#ifdef HAVE_SSL
- hmac = ldns_key_new_frm_fp_hmac_l(fp, line_nr, &hmac_size);
- if (!hmac) {
- ldns_key_free(k);
- return LDNS_STATUS_ERR;
- }
- ldns_key_set_hmac_size(k, hmac_size);
- ldns_key_set_hmac_key(k, hmac);
-#endif /* HAVE_SSL */
- break;
- case LDNS_SIGN_ECC_GOST:
- ldns_key_set_algorithm(k, alg);
-#if defined(HAVE_SSL) && defined(USE_GOST)
- if(!ldns_key_EVP_load_gost_id()) {
- ldns_key_free(k);
- return LDNS_STATUS_CRYPTO_ALGO_NOT_IMPL;
- }
- ldns_key_set_evp_key(k,
- ldns_key_new_frm_fp_gost_l(fp, line_nr));
-#ifndef S_SPLINT_S
- if(!k->_key.key) {
- ldns_key_free(k);
- return LDNS_STATUS_ERR;
- }
-#endif /* splint */
-#endif
- break;
-#ifdef USE_ECDSA
- case LDNS_SIGN_ECDSAP256SHA256:
- case LDNS_SIGN_ECDSAP384SHA384:
- ldns_key_set_algorithm(k, alg);
- ldns_key_set_evp_key(k,
- ldns_key_new_frm_fp_ecdsa_l(fp, (ldns_algorithm)alg, line_nr));
-#ifndef S_SPLINT_S
- if(!k->_key.key) {
- ldns_key_free(k);
- return LDNS_STATUS_ERR;
- }
-#endif /* splint */
- break;
-#endif
- default:
- ldns_key_free(k);
- return LDNS_STATUS_SYNTAX_ALG_ERR;
- }
- key_rr = ldns_key2rr(k);
- ldns_key_set_keytag(k, ldns_calc_keytag(key_rr));
- ldns_rr_free(key_rr);
-
- if (key) {
- *key = k;
- return LDNS_STATUS_OK;
- }
- return LDNS_STATUS_ERR;
-}
-
-#ifdef HAVE_SSL
-RSA *
-ldns_key_new_frm_fp_rsa(FILE *f)
-{
- return ldns_key_new_frm_fp_rsa_l(f, NULL);
-}
-
-RSA *
-ldns_key_new_frm_fp_rsa_l(FILE *f, int *line_nr)
-{
- /* we parse
- * Modulus:
- * PublicExponent:
- * PrivateExponent:
- * Prime1:
- * Prime2:
- * Exponent1:
- * Exponent2:
- * Coefficient:
- *
- * man 3 RSA:
- *
- * struct
- * {
- * BIGNUM *n; // public modulus
- * BIGNUM *e; // public exponent
- * BIGNUM *d; // private exponent
- * BIGNUM *p; // secret prime factor
- * BIGNUM *q; // secret prime factor
- * BIGNUM *dmp1; // d mod (p-1)
- * BIGNUM *dmq1; // d mod (q-1)
- * BIGNUM *iqmp; // q^-1 mod p
- * // ...
- *
- */
- char *d;
- RSA *rsa;
- uint8_t *buf;
- int i;
-
- d = LDNS_XMALLOC(char, LDNS_MAX_LINELEN);
- buf = LDNS_XMALLOC(uint8_t, LDNS_MAX_LINELEN);
- rsa = RSA_new();
- if (!d || !rsa || !buf) {
- goto error;
- }
-
- /* I could use functions again, but that seems an overkill,
- * allthough this also looks tedious
- */
-
- /* Modules, rsa->n */
- if (ldns_fget_keyword_data_l(f, "Modulus", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
- goto error;
- }
- i = ldns_b64_pton((const char*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
-#ifndef S_SPLINT_S
- rsa->n = BN_bin2bn((const char unsigned*)buf, i, NULL);
- if (!rsa->n) {
- goto error;
- }
-
- /* PublicExponent, rsa->e */
- if (ldns_fget_keyword_data_l(f, "PublicExponent", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
- goto error;
- }
- i = ldns_b64_pton((const char*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
- rsa->e = BN_bin2bn((const char unsigned*)buf, i, NULL);
- if (!rsa->e) {
- goto error;
- }
-
- /* PrivateExponent, rsa->d */
- if (ldns_fget_keyword_data_l(f, "PrivateExponent", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
- goto error;
- }
- i = ldns_b64_pton((const char*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
- rsa->d = BN_bin2bn((const char unsigned*)buf, i, NULL);
- if (!rsa->d) {
- goto error;
- }
-
- /* Prime1, rsa->p */
- if (ldns_fget_keyword_data_l(f, "Prime1", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
- goto error;
- }
- i = ldns_b64_pton((const char*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
- rsa->p = BN_bin2bn((const char unsigned*)buf, i, NULL);
- if (!rsa->p) {
- goto error;
- }
-
- /* Prime2, rsa->q */
- if (ldns_fget_keyword_data_l(f, "Prime2", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
- goto error;
- }
- i = ldns_b64_pton((const char*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
- rsa->q = BN_bin2bn((const char unsigned*)buf, i, NULL);
- if (!rsa->q) {
- goto error;
- }
-
- /* Exponent1, rsa->dmp1 */
- if (ldns_fget_keyword_data_l(f, "Exponent1", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
- goto error;
- }
- i = ldns_b64_pton((const char*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
- rsa->dmp1 = BN_bin2bn((const char unsigned*)buf, i, NULL);
- if (!rsa->dmp1) {
- goto error;
- }
-
- /* Exponent2, rsa->dmq1 */
- if (ldns_fget_keyword_data_l(f, "Exponent2", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
- goto error;
- }
- i = ldns_b64_pton((const char*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
- rsa->dmq1 = BN_bin2bn((const char unsigned*)buf, i, NULL);
- if (!rsa->dmq1) {
- goto error;
- }
-
- /* Coefficient, rsa->iqmp */
- if (ldns_fget_keyword_data_l(f, "Coefficient", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
- goto error;
- }
- i = ldns_b64_pton((const char*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
- rsa->iqmp = BN_bin2bn((const char unsigned*)buf, i, NULL);
- if (!rsa->iqmp) {
- goto error;
- }
-#endif /* splint */
-
- LDNS_FREE(buf);
- LDNS_FREE(d);
- return rsa;
-
-error:
- RSA_free(rsa);
- LDNS_FREE(d);
- LDNS_FREE(buf);
- return NULL;
-}
-
-DSA *
-ldns_key_new_frm_fp_dsa(FILE *f)
-{
- return ldns_key_new_frm_fp_dsa_l(f, NULL);
-}
-
-DSA *
-ldns_key_new_frm_fp_dsa_l(FILE *f, int *line_nr)
-{
- int i;
- char *d;
- DSA *dsa;
- uint8_t *buf;
-
- line_nr = line_nr;
-
- d = LDNS_XMALLOC(char, LDNS_MAX_LINELEN);
- buf = LDNS_XMALLOC(uint8_t, LDNS_MAX_LINELEN);
- dsa = DSA_new();
- if (!d || !dsa || !buf) {
- goto error;
- }
-
- /* the line parser removes the () from the input... */
-
- /* Prime, dsa->p */
- if (ldns_fget_keyword_data_l(f, "Primep", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
- goto error;
- }
- i = ldns_b64_pton((const char*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
-#ifndef S_SPLINT_S
- dsa->p = BN_bin2bn((const char unsigned*)buf, i, NULL);
- if (!dsa->p) {
- goto error;
- }
-
- /* Subprime, dsa->q */
- if (ldns_fget_keyword_data_l(f, "Subprimeq", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
- goto error;
- }
- i = ldns_b64_pton((const char*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
- dsa->q = BN_bin2bn((const char unsigned*)buf, i, NULL);
- if (!dsa->q) {
- goto error;
- }
-
- /* Base, dsa->g */
- if (ldns_fget_keyword_data_l(f, "Baseg", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
- goto error;
- }
- i = ldns_b64_pton((const char*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
- dsa->g = BN_bin2bn((const char unsigned*)buf, i, NULL);
- if (!dsa->g) {
- goto error;
- }
-
- /* Private key, dsa->priv_key */
- if (ldns_fget_keyword_data_l(f, "Private_valuex", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
- goto error;
- }
- i = ldns_b64_pton((const char*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
- dsa->priv_key = BN_bin2bn((const char unsigned*)buf, i, NULL);
- if (!dsa->priv_key) {
- goto error;
- }
-
- /* Public key, dsa->priv_key */
- if (ldns_fget_keyword_data_l(f, "Public_valuey", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
- goto error;
- }
- i = ldns_b64_pton((const char*)d, buf, ldns_b64_ntop_calculate_size(strlen(d)));
- dsa->pub_key = BN_bin2bn((const char unsigned*)buf, i, NULL);
- if (!dsa->pub_key) {
- goto error;
- }
-#endif /* splint */
-
- LDNS_FREE(buf);
- LDNS_FREE(d);
-
- return dsa;
-
-error:
- LDNS_FREE(d);
- LDNS_FREE(buf);
- DSA_free(dsa);
- return NULL;
-}
-
-unsigned char *
-ldns_key_new_frm_fp_hmac(FILE *f, size_t *hmac_size)
-{
- return ldns_key_new_frm_fp_hmac_l(f, NULL, hmac_size);
-}
-
-unsigned char *
-ldns_key_new_frm_fp_hmac_l(FILE *f, int *line_nr, size_t *hmac_size)
-{
- size_t i;
- char *d;
- unsigned char *buf;
-
- line_nr = line_nr;
-
- d = LDNS_XMALLOC(char, LDNS_MAX_LINELEN);
- buf = LDNS_XMALLOC(unsigned char, LDNS_MAX_LINELEN);
- if(!d || !buf) {
- goto error;
- }
-
- if (ldns_fget_keyword_data_l(f, "Key", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) {
- goto error;
- }
- i = (size_t) ldns_b64_pton((const char*)d,
- buf,
- ldns_b64_ntop_calculate_size(strlen(d)));
-
- *hmac_size = i;
- return buf;
-
- error:
- LDNS_FREE(d);
- LDNS_FREE(buf);
- *hmac_size = 0;
- return NULL;
-}
-#endif /* HAVE_SSL */
-
-#ifdef USE_GOST
-static EVP_PKEY*
-ldns_gen_gost_key(void)
-{
- EVP_PKEY_CTX* ctx;
- EVP_PKEY* p = NULL;
- int gost_id = ldns_key_EVP_load_gost_id();
- if(!gost_id)
- return NULL;
- ctx = EVP_PKEY_CTX_new_id(gost_id, NULL);
- if(!ctx) {
- /* the id should be available now */
- return NULL;
- }
- if(EVP_PKEY_CTX_ctrl_str(ctx, "paramset", "A") <= 0) {
- /* cannot set paramset */
- EVP_PKEY_CTX_free(ctx);
- return NULL;
- }
-
- if(EVP_PKEY_keygen_init(ctx) <= 0) {
- EVP_PKEY_CTX_free(ctx);
- return NULL;
- }
- if(EVP_PKEY_keygen(ctx, &p) <= 0) {
- EVP_PKEY_free(p);
- EVP_PKEY_CTX_free(ctx);
- return NULL;
- }
- EVP_PKEY_CTX_free(ctx);
- return p;
-}
-#endif
-
-ldns_key *
-ldns_key_new_frm_algorithm(ldns_signing_algorithm alg, uint16_t size)
-{
- ldns_key *k;
-#ifdef HAVE_SSL
- DSA *d;
- RSA *r;
-# ifdef USE_ECDSA
- EC_KEY *ec = NULL;
-# endif
-#else
- int i;
- uint16_t offset = 0;
-#endif
- unsigned char *hmac;
-
- k = ldns_key_new();
- if (!k) {
- return NULL;
- }
- switch(alg) {
- case LDNS_SIGN_RSAMD5:
- case LDNS_SIGN_RSASHA1:
- case LDNS_SIGN_RSASHA1_NSEC3:
- case LDNS_SIGN_RSASHA256:
- case LDNS_SIGN_RSASHA512:
-#ifdef HAVE_SSL
- r = RSA_generate_key((int)size, RSA_F4, NULL, NULL);
- if(!r) {
- ldns_key_free(k);
- return NULL;
- }
- if (RSA_check_key(r) != 1) {
- ldns_key_free(k);
- return NULL;
- }
-
- ldns_key_set_rsa_key(k, r);
-#endif /* HAVE_SSL */
- break;
- case LDNS_SIGN_DSA:
- case LDNS_SIGN_DSA_NSEC3:
-#ifdef HAVE_SSL
- d = DSA_generate_parameters((int)size, NULL, 0, NULL, NULL, NULL, NULL);
- if (!d) {
- ldns_key_free(k);
- return NULL;
- }
- if (DSA_generate_key(d) != 1) {
- ldns_key_free(k);
- return NULL;
- }
- ldns_key_set_dsa_key(k, d);
-#endif /* HAVE_SSL */
- break;
- case LDNS_SIGN_HMACMD5:
- case LDNS_SIGN_HMACSHA1:
- case LDNS_SIGN_HMACSHA256:
-#ifdef HAVE_SSL
-#ifndef S_SPLINT_S
- k->_key.key = NULL;
-#endif /* splint */
-#endif /* HAVE_SSL */
- size = size / 8;
- ldns_key_set_hmac_size(k, size);
-
- hmac = LDNS_XMALLOC(unsigned char, size);
- if(!hmac) {
- ldns_key_free(k);
- return NULL;
- }
-#ifdef HAVE_SSL
- if (RAND_bytes(hmac, (int) size) != 1) {
- LDNS_FREE(hmac);
- ldns_key_free(k);
- return NULL;
- }
-#else
- while (offset + sizeof(i) < size) {
- i = random();
- memcpy(&hmac[offset], &i, sizeof(i));
- offset += sizeof(i);
- }
- if (offset < size) {
- i = random();
- memcpy(&hmac[offset], &i, size - offset);
- }
-#endif /* HAVE_SSL */
- ldns_key_set_hmac_key(k, hmac);
-
- ldns_key_set_flags(k, 0);
- break;
- case LDNS_SIGN_ECC_GOST:
-#if defined(HAVE_SSL) && defined(USE_GOST)
- ldns_key_set_evp_key(k, ldns_gen_gost_key());
-#ifndef S_SPLINT_S
- if(!k->_key.key) {
- ldns_key_free(k);
- return NULL;
- }
-#endif /* splint */
-#endif /* HAVE_SSL and USE_GOST */
- break;
-#ifdef USE_ECDSA
- case LDNS_SIGN_ECDSAP256SHA256:
- case LDNS_SIGN_ECDSAP384SHA384:
- if(alg == LDNS_SIGN_ECDSAP256SHA256)
- ec = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
- else if(alg == LDNS_SIGN_ECDSAP384SHA384)
- ec = EC_KEY_new_by_curve_name(NID_secp384r1);
- if(!ec) {
- ldns_key_free(k);
- return NULL;
- }
- if(!EC_KEY_generate_key(ec)) {
- ldns_key_free(k);
- EC_KEY_free(ec);
- return NULL;
- }
-#ifndef S_SPLINT_S
- k->_key.key = EVP_PKEY_new();
- if(!k->_key.key) {
- ldns_key_free(k);
- EC_KEY_free(ec);
- return NULL;
- }
- EVP_PKEY_assign_EC_KEY(k->_key.key, ec);
-#endif /* splint */
- break;
-#endif
- }
- ldns_key_set_algorithm(k, alg);
- return k;
-}
-
-void
-ldns_key_print(FILE *output, const ldns_key *k)
-{
- char *str = ldns_key2str(k);
- if (str) {
- fprintf(output, "%s", str);
- } else {
- fprintf(output, "Unable to convert private key to string\n");
- }
- LDNS_FREE(str);
-}
-
-
-void
-ldns_key_set_algorithm(ldns_key *k, ldns_signing_algorithm l)
-{
- k->_alg = l;
-}
-
-void
-ldns_key_set_flags(ldns_key *k, uint16_t f)
-{
- k->_extra.dnssec.flags = f;
-}
-
-#ifdef HAVE_SSL
-#ifndef S_SPLINT_S
-void
-ldns_key_set_evp_key(ldns_key *k, EVP_PKEY *e)
-{
- k->_key.key = e;
-}
-
-void
-ldns_key_set_rsa_key(ldns_key *k, RSA *r)
-{
- EVP_PKEY *key = EVP_PKEY_new();
- EVP_PKEY_set1_RSA(key, r);
- k->_key.key = key;
-}
-
-void
-ldns_key_set_dsa_key(ldns_key *k, DSA *d)
-{
- EVP_PKEY *key = EVP_PKEY_new();
- EVP_PKEY_set1_DSA(key, d);
- k->_key.key = key;
-}
-#endif /* splint */
-#endif /* HAVE_SSL */
-
-void
-ldns_key_set_hmac_key(ldns_key *k, unsigned char *hmac)
-{
- k->_key.hmac.key = hmac;
-}
-
-void
-ldns_key_set_hmac_size(ldns_key *k, size_t hmac_size)
-{
- k->_key.hmac.size = hmac_size;
-}
-
-void
-ldns_key_set_external_key(ldns_key *k, void *external_key)
-{
- k->_key.external_key = external_key;
-}
-
-void
-ldns_key_set_origttl(ldns_key *k, uint32_t t)
-{
- k->_extra.dnssec.orig_ttl = t;
-}
-
-void
-ldns_key_set_inception(ldns_key *k, uint32_t i)
-{
- k->_extra.dnssec.inception = i;
-}
-
-void
-ldns_key_set_expiration(ldns_key *k, uint32_t e)
-{
- k->_extra.dnssec.expiration = e;
-}
-
-void
-ldns_key_set_pubkey_owner(ldns_key *k, ldns_rdf *r)
-{
- k->_pubkey_owner = r;
-}
-
-void
-ldns_key_set_keytag(ldns_key *k, uint16_t tag)
-{
- k->_extra.dnssec.keytag = tag;
-}
-
-/* read */
-size_t
-ldns_key_list_key_count(const ldns_key_list *key_list)
-{
- return key_list->_key_count;
-}
-
-ldns_key *
-ldns_key_list_key(const ldns_key_list *key, size_t nr)
-{
- if (nr < ldns_key_list_key_count(key)) {
- return key->_keys[nr];
- } else {
- return NULL;
- }
-}
-
-ldns_signing_algorithm
-ldns_key_algorithm(const ldns_key *k)
-{
- return k->_alg;
-}
-
-void
-ldns_key_set_use(ldns_key *k, bool v)
-{
- if (k) {
- k->_use = v;
- }
-}
-
-bool
-ldns_key_use(const ldns_key *k)
-{
- if (k) {
- return k->_use;
- }
- return false;
-}
-
-#ifdef HAVE_SSL
-#ifndef S_SPLINT_S
-EVP_PKEY *
-ldns_key_evp_key(const ldns_key *k)
-{
- return k->_key.key;
-}
-
-RSA *
-ldns_key_rsa_key(const ldns_key *k)
-{
- if (k->_key.key) {
- return EVP_PKEY_get1_RSA(k->_key.key);
- } else {
- return NULL;
- }
-}
-
-DSA *
-ldns_key_dsa_key(const ldns_key *k)
-{
- if (k->_key.key) {
- return EVP_PKEY_get1_DSA(k->_key.key);
- } else {
- return NULL;
- }
-}
-#endif /* splint */
-#endif /* HAVE_SSL */
-
-unsigned char *
-ldns_key_hmac_key(const ldns_key *k)
-{
- if (k->_key.hmac.key) {
- return k->_key.hmac.key;
- } else {
- return NULL;
- }
-}
-
-size_t
-ldns_key_hmac_size(const ldns_key *k)
-{
- if (k->_key.hmac.size) {
- return k->_key.hmac.size;
- } else {
- return 0;
- }
-}
-
-void *
-ldns_key_external_key(const ldns_key *k)
-{
- return k->_key.external_key;
-}
-
-uint32_t
-ldns_key_origttl(const ldns_key *k)
-{
- return k->_extra.dnssec.orig_ttl;
-}
-
-uint16_t
-ldns_key_flags(const ldns_key *k)
-{
- return k->_extra.dnssec.flags;
-}
-
-uint32_t
-ldns_key_inception(const ldns_key *k)
-{
- return k->_extra.dnssec.inception;
-}
-
-uint32_t
-ldns_key_expiration(const ldns_key *k)
-{
- return k->_extra.dnssec.expiration;
-}
-
-uint16_t
-ldns_key_keytag(const ldns_key *k)
-{
- return k->_extra.dnssec.keytag;
-}
-
-ldns_rdf *
-ldns_key_pubkey_owner(const ldns_key *k)
-{
- return k->_pubkey_owner;
-}
-
-/* write */
-void
-ldns_key_list_set_use(ldns_key_list *keys, bool v)
-{
- size_t i;
-
- for (i = 0; i < ldns_key_list_key_count(keys); i++) {
- ldns_key_set_use(ldns_key_list_key(keys, i), v);
- }
-}
-
-void
-ldns_key_list_set_key_count(ldns_key_list *key, size_t count)
-{
- key->_key_count = count;
-}
-
-bool
-ldns_key_list_push_key(ldns_key_list *key_list, ldns_key *key)
-{
- size_t key_count;
- ldns_key **keys;
-
- key_count = ldns_key_list_key_count(key_list);
-
- /* grow the array */
- keys = LDNS_XREALLOC(
- key_list->_keys, ldns_key *, key_count + 1);
- if (!keys) {
- return false;
- }
-
- /* add the new member */
- key_list->_keys = keys;
- key_list->_keys[key_count] = key;
-
- ldns_key_list_set_key_count(key_list, key_count + 1);
- return true;
-}
-
-ldns_key *
-ldns_key_list_pop_key(ldns_key_list *key_list)
-{
- size_t key_count;
- ldns_key** a;
- ldns_key *pop;
-
- if (!key_list) {
- return NULL;
- }
-
- key_count = ldns_key_list_key_count(key_list);
- if (key_count == 0) {
- return NULL;
- }
-
- pop = ldns_key_list_key(key_list, key_count);
-
- /* shrink the array */
- a = LDNS_XREALLOC(key_list->_keys, ldns_key *, key_count - 1);
- if(a) {
- key_list->_keys = a;
- }
-
- ldns_key_list_set_key_count(key_list, key_count - 1);
-
- return pop;
-}
-
-#ifdef HAVE_SSL
-#ifndef S_SPLINT_S
-/* data pointer must be large enough (LDNS_MAX_KEYLEN) */
-static bool
-ldns_key_rsa2bin(unsigned char *data, RSA *k, uint16_t *size)
-{
- int i,j;
-
- if (!k) {
- return false;
- }
-
- if (BN_num_bytes(k->e) <= 256) {
- /* normally only this path is executed (small factors are
- * more common
- */
- data[0] = (unsigned char) BN_num_bytes(k->e);
- i = BN_bn2bin(k->e, data + 1);
- j = BN_bn2bin(k->n, data + i + 1);
- *size = (uint16_t) i + j;
- } else if (BN_num_bytes(k->e) <= 65536) {
- data[0] = 0;
- /* BN_bn2bin does bigendian, _uint16 also */
- ldns_write_uint16(data + 1, (uint16_t) BN_num_bytes(k->e));
-
- BN_bn2bin(k->e, data + 3);
- BN_bn2bin(k->n, data + 4 + BN_num_bytes(k->e));
- *size = (uint16_t) BN_num_bytes(k->n) + 6;
- } else {
- return false;
- }
- return true;
-}
-
-/* data pointer must be large enough (LDNS_MAX_KEYLEN) */
-static bool
-ldns_key_dsa2bin(unsigned char *data, DSA *k, uint16_t *size)
-{
- uint8_t T;
-
- if (!k) {
- return false;
- }
-
- /* See RFC2536 */
- *size = (uint16_t)BN_num_bytes(k->g);
- T = (*size - 64) / 8;
- memcpy(data, &T, 1);
-
- if (T > 8) {
- fprintf(stderr, "DSA key with T > 8 (ie. > 1024 bits)");
- fprintf(stderr, " not implemented\n");
- return false;
- }
-
- /* size = 64 + (T * 8); */
- data[0] = (unsigned char)T;
- BN_bn2bin(k->q, data + 1 ); /* 20 octects */
- BN_bn2bin(k->p, data + 21 ); /* offset octects */
- BN_bn2bin(k->g, data + 21 + *size); /* offset octets */
- BN_bn2bin(k->pub_key, data + 21 + *size + *size); /* offset octets */
- *size = 21 + (*size * 3);
- return true;
-}
-
-#ifdef USE_GOST
-static bool
-ldns_key_gost2bin(unsigned char* data, EVP_PKEY* k, uint16_t* size)
-{
- int i;
- unsigned char* pp = NULL;
- if(i2d_PUBKEY(k, &pp) != 37 + 64) {
- /* expect 37 byte(ASN header) and 64 byte(X and Y) */
- CRYPTO_free(pp);
- return false;
- }
- /* omit ASN header */
- for(i=0; i<64; i++)
- data[i] = pp[i+37];
- CRYPTO_free(pp);
- *size = 64;
- return true;
-}
-#endif /* USE_GOST */
-#endif /* splint */
-#endif /* HAVE_SSL */
-
-ldns_rr *
-ldns_key2rr(const ldns_key *k)
-{
- /* this function will convert a the keydata contained in
- * rsa/dsa pointers to a DNSKEY rr. It will fill in as
- * much as it can, but it does not know about key-flags
- * for instance
- */
- ldns_rr *pubkey;
- ldns_rdf *keybin;
- unsigned char *bin = NULL;
- uint16_t size = 0;
-#ifdef HAVE_SSL
- RSA *rsa = NULL;
- DSA *dsa = NULL;
-#endif /* HAVE_SSL */
-#ifdef USE_ECDSA
- EC_KEY* ec;
-#endif
- int internal_data = 0;
-
- pubkey = ldns_rr_new();
- if (!k) {
- return NULL;
- }
-
- switch (ldns_key_algorithm(k)) {
- case LDNS_SIGN_HMACMD5:
- case LDNS_SIGN_HMACSHA1:
- case LDNS_SIGN_HMACSHA256:
- ldns_rr_set_type(pubkey, LDNS_RR_TYPE_KEY);
- break;
- default:
- ldns_rr_set_type(pubkey, LDNS_RR_TYPE_DNSKEY);
- break;
- }
- /* zero-th rdf - flags */
- ldns_rr_push_rdf(pubkey,
- ldns_native2rdf_int16(LDNS_RDF_TYPE_INT16,
- ldns_key_flags(k)));
- /* first - proto */
- ldns_rr_push_rdf(pubkey,
- ldns_native2rdf_int8(LDNS_RDF_TYPE_INT8, LDNS_DNSSEC_KEYPROTO));
-
- if (ldns_key_pubkey_owner(k)) {
- ldns_rr_set_owner(pubkey, ldns_rdf_clone(ldns_key_pubkey_owner(k)));
- }
-
- /* third - da algorithm */
- switch(ldns_key_algorithm(k)) {
- case LDNS_SIGN_RSAMD5:
- case LDNS_SIGN_RSASHA1:
- case LDNS_SIGN_RSASHA1_NSEC3:
- case LDNS_SIGN_RSASHA256:
- case LDNS_SIGN_RSASHA512:
- ldns_rr_push_rdf(pubkey,
- ldns_native2rdf_int8(LDNS_RDF_TYPE_ALG, ldns_key_algorithm(k)));
-#ifdef HAVE_SSL
- rsa = ldns_key_rsa_key(k);
- if (rsa) {
- bin = LDNS_XMALLOC(unsigned char, LDNS_MAX_KEYLEN);
- if (!bin) {
- ldns_rr_free(pubkey);
- return NULL;
- }
- if (!ldns_key_rsa2bin(bin, rsa, &size)) {
- LDNS_FREE(bin);
- ldns_rr_free(pubkey);
- return NULL;
- }
- RSA_free(rsa);
- internal_data = 1;
- }
-#endif
- size++;
- break;
- case LDNS_SIGN_DSA:
- ldns_rr_push_rdf(pubkey,
- ldns_native2rdf_int8(LDNS_RDF_TYPE_ALG, LDNS_DSA));
-#ifdef HAVE_SSL
- dsa = ldns_key_dsa_key(k);
- if (dsa) {
- bin = LDNS_XMALLOC(unsigned char, LDNS_MAX_KEYLEN);
- if (!bin) {
- ldns_rr_free(pubkey);
- return NULL;
- }
- if (!ldns_key_dsa2bin(bin, dsa, &size)) {
- LDNS_FREE(bin);
- ldns_rr_free(pubkey);
- return NULL;
- }
- DSA_free(dsa);
- internal_data = 1;
- }
-#endif /* HAVE_SSL */
- break;
- case LDNS_SIGN_DSA_NSEC3:
- ldns_rr_push_rdf(pubkey,
- ldns_native2rdf_int8(LDNS_RDF_TYPE_ALG, LDNS_DSA_NSEC3));
-#ifdef HAVE_SSL
- dsa = ldns_key_dsa_key(k);
- if (dsa) {
- bin = LDNS_XMALLOC(unsigned char, LDNS_MAX_KEYLEN);
- if (!bin) {
- ldns_rr_free(pubkey);
- return NULL;
- }
- if (!ldns_key_dsa2bin(bin, dsa, &size)) {
- LDNS_FREE(bin);
- ldns_rr_free(pubkey);
- return NULL;
- }
- DSA_free(dsa);
- internal_data = 1;
- }
-#endif /* HAVE_SSL */
- break;
- case LDNS_SIGN_ECC_GOST:
- ldns_rr_push_rdf(pubkey, ldns_native2rdf_int8(
- LDNS_RDF_TYPE_ALG, ldns_key_algorithm(k)));
-#if defined(HAVE_SSL) && defined(USE_GOST)
- bin = LDNS_XMALLOC(unsigned char, LDNS_MAX_KEYLEN);
- if (!bin) {
- ldns_rr_free(pubkey);
- return NULL;
- }
-#ifndef S_SPLINT_S
- if (!ldns_key_gost2bin(bin, k->_key.key, &size)) {
- LDNS_FREE(bin);
- ldns_rr_free(pubkey);
- return NULL;
- }
-#endif /* splint */
- internal_data = 1;
-#endif /* HAVE_SSL and USE_GOST */
- break;
-#ifdef USE_ECDSA
- case LDNS_SIGN_ECDSAP256SHA256:
- case LDNS_SIGN_ECDSAP384SHA384:
- ldns_rr_push_rdf(pubkey, ldns_native2rdf_int8(
- LDNS_RDF_TYPE_ALG, ldns_key_algorithm(k)));
- bin = NULL;
-#ifndef S_SPLINT_S
- ec = EVP_PKEY_get1_EC_KEY(k->_key.key);
-#endif
- EC_KEY_set_conv_form(ec, POINT_CONVERSION_UNCOMPRESSED);
- size = (uint16_t)i2o_ECPublicKey(ec, NULL);
- if(!i2o_ECPublicKey(ec, &bin)) {
- EC_KEY_free(ec);
- ldns_rr_free(pubkey);
- return NULL;
- }
- if(size > 1) {
- /* move back one byte to shave off the 0x02
- * 'uncompressed' indicator that openssl made
- * Actually its 0x04 (from implementation).
- */
- assert(bin[0] == POINT_CONVERSION_UNCOMPRESSED);
- size -= 1;
- memmove(bin, bin+1, size);
- }
- /* down the reference count for ec, its still assigned
- * to the pkey */
- EC_KEY_free(ec);
- internal_data = 1;
- break;
-#endif
- case LDNS_SIGN_HMACMD5:
- case LDNS_SIGN_HMACSHA1:
- case LDNS_SIGN_HMACSHA256:
- bin = LDNS_XMALLOC(unsigned char, ldns_key_hmac_size(k));
- if (!bin) {
- ldns_rr_free(pubkey);
- return NULL;
- }
- ldns_rr_push_rdf(pubkey,
- ldns_native2rdf_int8(LDNS_RDF_TYPE_ALG,
- ldns_key_algorithm(k)));
- size = ldns_key_hmac_size(k);
- memcpy(bin, ldns_key_hmac_key(k), size);
- internal_data = 1;
- break;
- }
- /* fourth the key bin material */
- if (internal_data) {
- keybin = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, size, bin);
- LDNS_FREE(bin);
- ldns_rr_push_rdf(pubkey, keybin);
- }
- return pubkey;
-}
-
-void
-ldns_key_free(ldns_key *key)
-{
- LDNS_FREE(key);
-}
-
-void
-ldns_key_deep_free(ldns_key *key)
-{
- if (ldns_key_pubkey_owner(key)) {
- ldns_rdf_deep_free(ldns_key_pubkey_owner(key));
- }
-#ifdef HAVE_SSL
- if (ldns_key_evp_key(key)) {
- EVP_PKEY_free(ldns_key_evp_key(key));
- }
-#endif /* HAVE_SSL */
- if (ldns_key_hmac_key(key)) {
- free(ldns_key_hmac_key(key));
- }
- LDNS_FREE(key);
-}
-
-void
-ldns_key_list_free(ldns_key_list *key_list)
-{
- size_t i;
- for (i = 0; i < ldns_key_list_key_count(key_list); i++) {
- ldns_key_deep_free(ldns_key_list_key(key_list, i));
- }
- LDNS_FREE(key_list->_keys);
- LDNS_FREE(key_list);
-}
-
-ldns_rr *
-ldns_read_anchor_file(const char *filename)
-{
- FILE *fp;
- /*char line[LDNS_MAX_PACKETLEN];*/
- char *line = LDNS_XMALLOC(char, LDNS_MAX_PACKETLEN);
- int c;
- size_t i = 0;
- ldns_rr *r;
- ldns_status status;
- if(!line) {
- return NULL;
- }
-
- fp = fopen(filename, "r");
- if (!fp) {
- fprintf(stderr, "Unable to open %s: %s\n", filename, strerror(errno));
- LDNS_FREE(line);
- return NULL;
- }
-
- while ((c = fgetc(fp)) && i+1 < LDNS_MAX_PACKETLEN && c != EOF) {
- line[i] = c;
- i++;
- }
- line[i] = '\0';
-
- fclose(fp);
-
- if (i <= 0) {
- fprintf(stderr, "nothing read from %s", filename);
- LDNS_FREE(line);
- return NULL;
- } else {
- status = ldns_rr_new_frm_str(&r, line, 0, NULL, NULL);
- if (status == LDNS_STATUS_OK && (ldns_rr_get_type(r) == LDNS_RR_TYPE_DNSKEY || ldns_rr_get_type(r) == LDNS_RR_TYPE_DS)) {
- LDNS_FREE(line);
- return r;
- } else {
- fprintf(stderr, "Error creating DNSKEY or DS rr from %s: %s\n", filename, ldns_get_errorstr_by_id(status));
- LDNS_FREE(line);
- return NULL;
- }
- }
-}
-
-char *
-ldns_key_get_file_base_name(ldns_key *key)
-{
- ldns_buffer *buffer;
- char *file_base_name;
-
- buffer = ldns_buffer_new(255);
- ldns_buffer_printf(buffer, "K");
- (void)ldns_rdf2buffer_str_dname(buffer, ldns_key_pubkey_owner(key));
- ldns_buffer_printf(buffer,
- "+%03u+%05u",
- ldns_key_algorithm(key),
- ldns_key_keytag(key));
- file_base_name = strdup(ldns_buffer_export(buffer));
- ldns_buffer_free(buffer);
- return file_base_name;
-}
-
-int ldns_key_algo_supported(int algo)
-{
- ldns_lookup_table *lt = ldns_signing_algorithms;
- while(lt->name) {
- if(lt->id == algo)
- return 1;
- lt++;
- }
- return 0;
-}
-
-ldns_signing_algorithm ldns_get_signing_algorithm_by_name(const char* name)
-{
- /* list of (signing algorithm id, alias_name) */
- ldns_lookup_table aliases[] = {
- /* from bind dnssec-keygen */
- {LDNS_SIGN_HMACMD5, "HMAC-MD5"},
- {LDNS_SIGN_DSA_NSEC3, "NSEC3DSA"},
- {LDNS_SIGN_RSASHA1_NSEC3, "NSEC3RSASHA1"},
- /* old ldns usage, now RFC names */
- {LDNS_SIGN_DSA_NSEC3, "DSA_NSEC3" },
- {LDNS_SIGN_RSASHA1_NSEC3, "RSASHA1_NSEC3" },
-#ifdef USE_GOST
- {LDNS_SIGN_ECC_GOST, "GOST"},
-#endif
- /* compat with possible output */
- {LDNS_DH, "DH"},
- {LDNS_ECC, "ECC"},
- {LDNS_INDIRECT, "INDIRECT"},
- {LDNS_PRIVATEDNS, "PRIVATEDNS"},
- {LDNS_PRIVATEOID, "PRIVATEOID"},
- {0, NULL}};
- ldns_lookup_table* lt = ldns_signing_algorithms;
- while(lt->name) {
- if(strcasecmp(lt->name, name) == 0)
- return lt->id;
- lt++;
- }
- lt = aliases;
- while(lt->name) {
- if(strcasecmp(lt->name, name) == 0)
- return lt->id;
- lt++;
- }
- if(atoi(name) != 0)
- return atoi(name);
- return 0;
-}
+++ /dev/null
-/*
- * buffer.h -- generic memory buffer.
- *
- * Copyright (c) 2005-2008, NLnet Labs. All rights reserved.
- *
- * See LICENSE for the license.
- *
- *
- * The buffer module implements a generic buffer. The API is based on
- * the java.nio.Buffer interface.
- */
-
-#ifndef LDNS_BUFFER_H
-#define LDNS_BUFFER_H
-
-#include <assert.h>
-#include <stdarg.h>
-#include <string.h>
-
-#include <ldns/error.h>
-#include <ldns/common.h>
-
-#include "ldns/util.h"
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * number of initial bytes in buffer of
- * which we cannot tell the size before hand
- */
-#define LDNS_MIN_BUFLEN 512
-
-/**
- * \file buffer.h
- *
- * This file contains the definition of ldns_buffer, and functions to manipulate those.
- */
-
-/**
- * implementation of buffers to ease operations
- *
- * ldns_buffers can contain arbitrary information, per octet. You can write
- * to the current end of a buffer, read from the current position, and
- * access any data within it.
- *
- * Example use of buffers is in the source code of \ref host2str.c
- */
-struct ldns_struct_buffer
-{
- /** The current position used for reading/writing */
- size_t _position;
-
- /** The read/write limit */
- size_t _limit;
-
- /** The amount of data the buffer can contain */
- size_t _capacity;
-
- /** The data contained in the buffer */
- uint8_t *_data;
-
- /** If the buffer is fixed it cannot be resized */
- unsigned _fixed : 1;
-
- /** The current state of the buffer. If writing to the buffer fails
- * for any reason, this value is changed. This way, you can perform
- * multiple writes in sequence and check for success afterwards. */
- ldns_status _status;
-};
-typedef struct ldns_struct_buffer ldns_buffer;
-
-
-#ifdef NDEBUG
-INLINE void
-ldns_buffer_invariant(ldns_buffer *ATTR_UNUSED(buffer))
-{
-}
-#else
-INLINE void
-ldns_buffer_invariant(ldns_buffer *buffer)
-{
- assert(buffer != NULL);
- assert(buffer->_position <= buffer->_limit);
- assert(buffer->_limit <= buffer->_capacity);
- assert(buffer->_data != NULL);
-}
-#endif
-
-/**
- * creates a new buffer with the specified capacity.
- *
- * \param[in] capacity the size (in bytes) to allocate for the buffer
- * \return the created buffer
- */
-ldns_buffer *ldns_buffer_new(size_t capacity);
-
-/**
- * creates a buffer with the specified data. The data IS copied
- * and MEMORY allocations are done. The buffer is not fixed and can
- * be resized using buffer_reserve().
- *
- * \param[in] buffer pointer to the buffer to put the data in
- * \param[in] data the data to encapsulate in the buffer
- * \param[in] size the size of the data
- */
-void ldns_buffer_new_frm_data(ldns_buffer *buffer, void *data, size_t size);
-
-/**
- * clears the buffer and make it ready for writing. The buffer's limit
- * is set to the capacity and the position is set to 0.
- * \param[in] buffer the buffer to clear
- */
-INLINE void ldns_buffer_clear(ldns_buffer *buffer)
-{
- ldns_buffer_invariant(buffer);
-
- /* reset status here? */
-
- buffer->_position = 0;
- buffer->_limit = buffer->_capacity;
-}
-
-/**
- * makes the buffer ready for reading the data that has been written to
- * the buffer. The buffer's limit is set to the current position and
- * the position is set to 0.
- *
- * \param[in] buffer the buffer to flip
- * \return void
- */
-INLINE void ldns_buffer_flip(ldns_buffer *buffer)
-{
- ldns_buffer_invariant(buffer);
-
- buffer->_limit = buffer->_position;
- buffer->_position = 0;
-}
-
-/**
- * make the buffer ready for re-reading the data. The buffer's
- * position is reset to 0.
- * \param[in] buffer the buffer to rewind
- */
-INLINE void ldns_buffer_rewind(ldns_buffer *buffer)
-{
- ldns_buffer_invariant(buffer);
-
- buffer->_position = 0;
-}
-
-/**
- * returns the current position in the buffer (as a number of bytes)
- * \param[in] buffer the buffer
- * \return the current position
- */
-INLINE size_t
-ldns_buffer_position(ldns_buffer *buffer)
-{
- return buffer->_position;
-}
-
-/**
- * sets the buffer's position to MARK. The position must be less than
- * or equal to the buffer's limit.
- * \param[in] buffer the buffer
- * \param[in] mark the mark to use
- */
-INLINE void
-ldns_buffer_set_position(ldns_buffer *buffer, size_t mark)
-{
- assert(mark <= buffer->_limit);
- buffer->_position = mark;
-}
-
-/**
- * changes the buffer's position by COUNT bytes. The position must not
- * be moved behind the buffer's limit or before the beginning of the
- * buffer.
- * \param[in] buffer the buffer
- * \param[in] count the count to use
- */
-INLINE void
-ldns_buffer_skip(ldns_buffer *buffer, ssize_t count)
-{
- assert(buffer->_position + count <= buffer->_limit);
- buffer->_position += count;
-}
-
-/**
- * returns the maximum size of the buffer
- * \param[in] buffer
- * \return the size
- */
-INLINE size_t
-ldns_buffer_limit(ldns_buffer *buffer)
-{
- return buffer->_limit;
-}
-
-/**
- * changes the buffer's limit. If the buffer's position is greater
- * than the new limit the position is set to the limit.
- * \param[in] buffer the buffer
- * \param[in] limit the new limit
- */
-INLINE void
-ldns_buffer_set_limit(ldns_buffer *buffer, size_t limit)
-{
- assert(limit <= buffer->_capacity);
- buffer->_limit = limit;
- if (buffer->_position > buffer->_limit)
- buffer->_position = buffer->_limit;
-}
-
-/**
- * returns the number of bytes the buffer can hold.
- * \param[in] buffer the buffer
- * \return the number of bytes
- */
-INLINE size_t
-ldns_buffer_capacity(ldns_buffer *buffer)
-{
- return buffer->_capacity;
-}
-
-/**
- * changes the buffer's capacity. The data is reallocated so any
- * pointers to the data may become invalid. The buffer's limit is set
- * to the buffer's new capacity.
- * \param[in] buffer the buffer
- * \param[in] capacity the capacity to use
- * \return whether this failed or succeeded
- */
-bool ldns_buffer_set_capacity(ldns_buffer *buffer, size_t capacity);
-
-/**
- * ensures BUFFER can contain at least AMOUNT more bytes. The buffer's
- * capacity is increased if necessary using buffer_set_capacity().
- *
- * The buffer's limit is always set to the (possibly increased)
- * capacity.
- * \param[in] buffer the buffer
- * \param[in] amount amount to use
- * \return whether this failed or succeeded
- */
-bool ldns_buffer_reserve(ldns_buffer *buffer, size_t amount);
-
-/**
- * returns a pointer to the data at the indicated position.
- * \param[in] buffer the buffer
- * \param[in] at position
- * \return the pointer to the data
- */
-INLINE uint8_t *
-ldns_buffer_at(const ldns_buffer *buffer, size_t at)
-{
- assert(at <= buffer->_limit);
- return buffer->_data + at;
-}
-
-/**
- * returns a pointer to the beginning of the buffer (the data at
- * position 0).
- * \param[in] buffer the buffer
- * \return the pointer
- */
-INLINE uint8_t *
-ldns_buffer_begin(const ldns_buffer *buffer)
-{
- return ldns_buffer_at(buffer, 0);
-}
-
-/**
- * returns a pointer to the end of the buffer (the data at the buffer's
- * limit).
- * \param[in] buffer the buffer
- * \return the pointer
- */
-INLINE uint8_t *
-ldns_buffer_end(ldns_buffer *buffer)
-{
- return ldns_buffer_at(buffer, buffer->_limit);
-}
-
-/**
- * returns a pointer to the data at the buffer's current position.
- * \param[in] buffer the buffer
- * \return the pointer
- */
-INLINE uint8_t *
-ldns_buffer_current(ldns_buffer *buffer)
-{
- return ldns_buffer_at(buffer, buffer->_position);
-}
-
-/**
- * returns the number of bytes remaining between the indicated position and
- * the limit.
- * \param[in] buffer the buffer
- * \param[in] at indicated position
- * \return number of bytes
- */
-INLINE size_t
-ldns_buffer_remaining_at(ldns_buffer *buffer, size_t at)
-{
- ldns_buffer_invariant(buffer);
- assert(at <= buffer->_limit);
- return buffer->_limit - at;
-}
-
-/**
- * returns the number of bytes remaining between the buffer's position and
- * limit.
- * \param[in] buffer the buffer
- * \return the number of bytes
- */
-INLINE size_t
-ldns_buffer_remaining(ldns_buffer *buffer)
-{
- return ldns_buffer_remaining_at(buffer, buffer->_position);
-}
-
-/**
- * checks if the buffer has at least COUNT more bytes available.
- * Before reading or writing the caller needs to ensure enough space
- * is available!
- * \param[in] buffer the buffer
- * \param[in] at indicated position
- * \param[in] count how much is available
- * \return true or false (as int?)
- */
-INLINE int
-ldns_buffer_available_at(ldns_buffer *buffer, size_t at, size_t count)
-{
- return count <= ldns_buffer_remaining_at(buffer, at);
-}
-
-/**
- * checks if the buffer has count bytes available at the current position
- * \param[in] buffer the buffer
- * \param[in] count how much is available
- * \return true or false (as int?)
- */
-INLINE int
-ldns_buffer_available(ldns_buffer *buffer, size_t count)
-{
- return ldns_buffer_available_at(buffer, buffer->_position, count);
-}
-
-/**
- * writes the given data to the buffer at the specified position
- * \param[in] buffer the buffer
- * \param[in] at the position (in number of bytes) to write the data at
- * \param[in] data pointer to the data to write to the buffer
- * \param[in] count the number of bytes of data to write
- */
-INLINE void
-ldns_buffer_write_at(ldns_buffer *buffer, size_t at, const void *data, size_t count)
-{
- assert(ldns_buffer_available_at(buffer, at, count));
- memcpy(buffer->_data + at, data, count);
-}
-
-/**
- * writes count bytes of data to the current position of the buffer
- * \param[in] buffer the buffer
- * \param[in] data the data to write
- * \param[in] count the lenght of the data to write
- */
-INLINE void
-ldns_buffer_write(ldns_buffer *buffer, const void *data, size_t count)
-{
- ldns_buffer_write_at(buffer, buffer->_position, data, count);
- buffer->_position += count;
-}
-
-/**
- * copies the given (null-delimited) string to the specified position at the buffer
- * \param[in] buffer the buffer
- * \param[in] at the position in the buffer
- * \param[in] str the string to write
- */
-INLINE void
-ldns_buffer_write_string_at(ldns_buffer *buffer, size_t at, const char *str)
-{
- ldns_buffer_write_at(buffer, at, str, strlen(str));
-}
-
-/**
- * copies the given (null-delimited) string to the current position at the buffer
- * \param[in] buffer the buffer
- * \param[in] str the string to write
- */
-INLINE void
-ldns_buffer_write_string(ldns_buffer *buffer, const char *str)
-{
- ldns_buffer_write(buffer, str, strlen(str));
-}
-
-/**
- * writes the given byte of data at the given position in the buffer
- * \param[in] buffer the buffer
- * \param[in] at the position in the buffer
- * \param[in] data the 8 bits to write
- */
-INLINE void
-ldns_buffer_write_u8_at(ldns_buffer *buffer, size_t at, uint8_t data)
-{
- assert(ldns_buffer_available_at(buffer, at, sizeof(data)));
- buffer->_data[at] = data;
-}
-
-/**
- * writes the given byte of data at the current position in the buffer
- * \param[in] buffer the buffer
- * \param[in] data the 8 bits to write
- */
-INLINE void
-ldns_buffer_write_u8(ldns_buffer *buffer, uint8_t data)
-{
- ldns_buffer_write_u8_at(buffer, buffer->_position, data);
- buffer->_position += sizeof(data);
-}
-
-/**
- * writes the given 2 byte integer at the given position in the buffer
- * \param[in] buffer the buffer
- * \param[in] at the position in the buffer
- * \param[in] data the 16 bits to write
- */
-INLINE void
-ldns_buffer_write_u16_at(ldns_buffer *buffer, size_t at, uint16_t data)
-{
- assert(ldns_buffer_available_at(buffer, at, sizeof(data)));
- ldns_write_uint16(buffer->_data + at, data);
-}
-
-/**
- * writes the given 2 byte integer at the current position in the buffer
- * \param[in] buffer the buffer
- * \param[in] data the 16 bits to write
- */
-INLINE void
-ldns_buffer_write_u16(ldns_buffer *buffer, uint16_t data)
-{
- ldns_buffer_write_u16_at(buffer, buffer->_position, data);
- buffer->_position += sizeof(data);
-}
-
-/**
- * writes the given 4 byte integer at the given position in the buffer
- * \param[in] buffer the buffer
- * \param[in] at the position in the buffer
- * \param[in] data the 32 bits to write
- */
-INLINE void
-ldns_buffer_write_u32_at(ldns_buffer *buffer, size_t at, uint32_t data)
-{
- assert(ldns_buffer_available_at(buffer, at, sizeof(data)));
- ldns_write_uint32(buffer->_data + at, data);
-}
-
-/**
- * writes the given 4 byte integer at the current position in the buffer
- * \param[in] buffer the buffer
- * \param[in] data the 32 bits to write
- */
-INLINE void
-ldns_buffer_write_u32(ldns_buffer *buffer, uint32_t data)
-{
- ldns_buffer_write_u32_at(buffer, buffer->_position, data);
- buffer->_position += sizeof(data);
-}
-
-/**
- * copies count bytes of data at the given position to the given data-array
- * \param[in] buffer the buffer
- * \param[in] at the position in the buffer to start
- * \param[out] data buffer to copy to
- * \param[in] count the length of the data to copy
- */
-INLINE void
-ldns_buffer_read_at(ldns_buffer *buffer, size_t at, void *data, size_t count)
-{
- assert(ldns_buffer_available_at(buffer, at, count));
- memcpy(data, buffer->_data + at, count);
-}
-
-/**
- * copies count bytes of data at the current position to the given data-array
- * \param[in] buffer the buffer
- * \param[out] data buffer to copy to
- * \param[in] count the length of the data to copy
- */
-INLINE void
-ldns_buffer_read(ldns_buffer *buffer, void *data, size_t count)
-{
- ldns_buffer_read_at(buffer, buffer->_position, data, count);
- buffer->_position += count;
-}
-
-/**
- * returns the byte value at the given position in the buffer
- * \param[in] buffer the buffer
- * \param[in] at the position in the buffer
- * \return 1 byte integer
- */
-INLINE uint8_t
-ldns_buffer_read_u8_at(ldns_buffer *buffer, size_t at)
-{
- assert(ldns_buffer_available_at(buffer, at, sizeof(uint8_t)));
- return buffer->_data[at];
-}
-
-/**
- * returns the byte value at the current position in the buffer
- * \param[in] buffer the buffer
- * \return 1 byte integer
- */
-INLINE uint8_t
-ldns_buffer_read_u8(ldns_buffer *buffer)
-{
- uint8_t result = ldns_buffer_read_u8_at(buffer, buffer->_position);
- buffer->_position += sizeof(uint8_t);
- return result;
-}
-
-/**
- * returns the 2-byte integer value at the given position in the buffer
- * \param[in] buffer the buffer
- * \param[in] at position in the buffer
- * \return 2 byte integer
- */
-INLINE uint16_t
-ldns_buffer_read_u16_at(ldns_buffer *buffer, size_t at)
-{
- assert(ldns_buffer_available_at(buffer, at, sizeof(uint16_t)));
- return ldns_read_uint16(buffer->_data + at);
-}
-
-/**
- * returns the 2-byte integer value at the current position in the buffer
- * \param[in] buffer the buffer
- * \return 2 byte integer
- */
-INLINE uint16_t
-ldns_buffer_read_u16(ldns_buffer *buffer)
-{
- uint16_t result = ldns_buffer_read_u16_at(buffer, buffer->_position);
- buffer->_position += sizeof(uint16_t);
- return result;
-}
-
-/**
- * returns the 4-byte integer value at the given position in the buffer
- * \param[in] buffer the buffer
- * \param[in] at position in the buffer
- * \return 4 byte integer
- */
-INLINE uint32_t
-ldns_buffer_read_u32_at(ldns_buffer *buffer, size_t at)
-{
- assert(ldns_buffer_available_at(buffer, at, sizeof(uint32_t)));
- return ldns_read_uint32(buffer->_data + at);
-}
-
-/**
- * returns the 4-byte integer value at the current position in the buffer
- * \param[in] buffer the buffer
- * \return 4 byte integer
- */
-INLINE uint32_t
-ldns_buffer_read_u32(ldns_buffer *buffer)
-{
- uint32_t result = ldns_buffer_read_u32_at(buffer, buffer->_position);
- buffer->_position += sizeof(uint32_t);
- return result;
-}
-
-/**
- * returns the status of the buffer
- * \param[in] buffer
- * \return the status
- */
-INLINE ldns_status
-ldns_buffer_status(ldns_buffer *buffer)
-{
- return buffer->_status;
-}
-
-/**
- * returns true if the status of the buffer is LDNS_STATUS_OK, false otherwise
- * \param[in] buffer the buffer
- * \return true or false
- */
-INLINE bool
-ldns_buffer_status_ok(ldns_buffer *buffer)
-{
- if (buffer) {
- return ldns_buffer_status(buffer) == LDNS_STATUS_OK;
- } else {
- return false;
- }
-}
-
-/**
- * prints to the buffer, increasing the capacity if required using
- * buffer_reserve(). The buffer's position is set to the terminating
- * '\\0'. Returns the number of characters written (not including the
- * terminating '\\0') or -1 on failure.
- */
-int ldns_buffer_printf(ldns_buffer *buffer, const char *format, ...);
-/* ATTR_FORMAT(printf, 2, 3);*/
-
-/**
- * frees the buffer.
- * \param[in] *buffer the buffer to be freed
- * \return void
- */
-void ldns_buffer_free(ldns_buffer *buffer);
-
-/**
- * Makes the buffer fixed and returns a pointer to the data. The
- * caller is responsible for free'ing the result.
- * \param[in] *buffer the buffer to be exported
- * \return void
- */
-void *ldns_buffer_export(ldns_buffer *buffer);
-
-/**
- * Copy contents of the other buffer to this buffer. Silently truncated
- * if this buffer is too small.
- * \param[out] *result resulting buffer which is copied to.
- * \param[in] *from what to copy to result.
- */
-void ldns_buffer_copy(ldns_buffer* result, ldns_buffer* from);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* LDNS_BUFFER_H */
+++ /dev/null
-/**
- * \file common.h
- *
- * Common definitions for LDNS
- */
-
-/**
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2004-2006
- *
- * See the file LICENSE for the license
- */
-
-#ifndef LDNS_COMMON_H
-#define LDNS_COMMON_H
-
-#if !defined(__cplusplus) && !defined(__bool_true_false_are_defined)
-
-#if defined(HAVE_STDBOOL_H)
-#include <stdbool.h>
-#else
-
-/*@ignore@*/
-/* splint barfs on this construct */
-typedef unsigned int bool;
-#define bool bool
-#define false 0
-#define true 1
-#define __bool_true_false_are_defined 1
-/*@end@*/
-
-#endif
-
-#endif
-
-#ifdef HAVE_ATTR_FORMAT
-#define ATTR_FORMAT(archetype, string_index, first_to_check) \
- __attribute__ ((format (archetype, string_index, first_to_check)))
-#else /* !HAVE_ATTR_FORMAT */
-#define ATTR_FORMAT(archetype, string_index, first_to_check) /* empty */
-#endif /* !HAVE_ATTR_FORMAT */
-
-#if defined(__cplusplus)
-#define ATTR_UNUSED(x)
-#elif defined(HAVE_ATTR_UNUSED)
-#define ATTR_UNUSED(x) x __attribute__((unused))
-#else /* !HAVE_ATTR_UNUSED */
-#define ATTR_UNUSED(x) x
-#endif /* !HAVE_ATTR_UNUSED */
-
-#endif /* LDNS_COMMON_H */
+++ /dev/null
-/* ldns/config.h.in. Generated from configure.ac by autoheader. */
-
-/* Define if building universal (internal helper macro) */
-#undef AC_APPLE_UNIVERSAL_BUILD
-
-/* Define to 1 if you have the <arpa/inet.h> header file. */
-#undef HAVE_ARPA_INET_H
-
-/* Whether the C compiler accepts the "format" attribute */
-#undef HAVE_ATTR_FORMAT
-
-/* Whether the C compiler accepts the "unused" attribute */
-#undef HAVE_ATTR_UNUSED
-
-/* Define to 1 if you have the `b32_ntop' function. */
-#undef HAVE_B32_NTOP
-
-/* Define to 1 if you have the `b32_pton' function. */
-#undef HAVE_B32_PTON
-
-/* Define to 1 if you have the `b64_ntop' function. */
-#undef HAVE_B64_NTOP
-
-/* Define to 1 if you have the `b64_pton' function. */
-#undef HAVE_B64_PTON
-
-/* Define to 1 if you have the `ctime_r' function. */
-#undef HAVE_CTIME_R
-
-/* Define to 1 if you have the declaration of `NID_secp384r1', and to 0 if you
- don't. */
-#undef HAVE_DECL_NID_SECP384R1
-
-/* Define to 1 if you have the declaration of `NID_X9_62_prime256v1', and to 0
- if you don't. */
-#undef HAVE_DECL_NID_X9_62_PRIME256V1
-
-/* Define to 1 if you have the <dlfcn.h> header file. */
-#undef HAVE_DLFCN_H
-
-/* Define to 1 if you have the `endprotoent' function. */
-#undef HAVE_ENDPROTOENT
-
-/* Define to 1 if you have the `endservent' function. */
-#undef HAVE_ENDSERVENT
-
-/* Define to 1 if you have the `EVP_sha256' function. */
-#undef HAVE_EVP_SHA256
-
-/* Define to 1 if you have the `fcntl' function. */
-#undef HAVE_FCNTL
-
-/* Whether getaddrinfo is available */
-#undef HAVE_GETADDRINFO
-
-/* Define to 1 if you have the <getopt.h> header file. */
-#undef HAVE_GETOPT_H
-
-/* Define to 1 if you have the `gmtime_r' function. */
-#undef HAVE_GMTIME_R
-
-/* If you have HMAC_CTX_init */
-#undef HAVE_HMAC_CTX_INIT
-
-/* Define to 1 if you have the `inet_aton' function. */
-#undef HAVE_INET_ATON
-
-/* Define to 1 if you have the `inet_ntop' function. */
-#undef HAVE_INET_NTOP
-
-/* Define to 1 if you have the `inet_pton' function. */
-#undef HAVE_INET_PTON
-
-/* define if you have inttypes.h */
-#undef HAVE_INTTYPES_H
-
-/* if the function 'ioctlsocket' is available */
-#undef HAVE_IOCTLSOCKET
-
-/* Define to 1 if you have the `isascii' function. */
-#undef HAVE_ISASCII
-
-/* Define to 1 if you have the `isblank' function. */
-#undef HAVE_ISBLANK
-
-/* Define to 1 if your system has a GNU libc compatible `malloc' function, and
- to 0 otherwise. */
-#undef HAVE_MALLOC
-
-/* Define to 1 if you have the `memmove' function. */
-#undef HAVE_MEMMOVE
-
-/* Define to 1 if you have the <memory.h> header file. */
-#undef HAVE_MEMORY_H
-
-/* Define to 1 if you have the <netdb.h> header file. */
-#undef HAVE_NETDB_H
-
-/* Define to 1 if you have the <netinet/in.h> header file. */
-#undef HAVE_NETINET_IN_H
-
-/* Define to 1 if you have the <openssl/err.h> header file. */
-#undef HAVE_OPENSSL_ERR_H
-
-/* Define to 1 if you have the <openssl/rand.h> header file. */
-#undef HAVE_OPENSSL_RAND_H
-
-/* Define to 1 if you have the <openssl/ssl.h> header file. */
-#undef HAVE_OPENSSL_SSL_H
-
-/* Define if you have Python libraries and header files. */
-#undef HAVE_PYTHON
-
-/* Define to 1 if you have the `random' function. */
-#undef HAVE_RANDOM
-
-/* Define to 1 if your system has a GNU libc compatible `realloc' function,
- and to 0 otherwise. */
-#undef HAVE_REALLOC
-
-/* Define to 1 if you have the `sleep' function. */
-#undef HAVE_SLEEP
-
-/* Define to 1 if you have the `snprintf' function. */
-#undef HAVE_SNPRINTF
-
-/* Define if you have the SSL libraries installed. */
-#undef HAVE_SSL
-
-/* Define to 1 if you have the <stdarg.h> header file. */
-#undef HAVE_STDARG_H
-
-/* Define to 1 if you have the <stdbool.h> header file. */
-#undef HAVE_STDBOOL_H
-
-/* Define to 1 if you have the <stdint.h> header file. */
-#undef HAVE_STDINT_H
-
-/* Define to 1 if you have the <stdlib.h> header file. */
-#undef HAVE_STDLIB_H
-
-/* Define to 1 if you have the <strings.h> header file. */
-#undef HAVE_STRINGS_H
-
-/* Define to 1 if you have the <string.h> header file. */
-#undef HAVE_STRING_H
-
-/* Define to 1 if you have the `strlcpy' function. */
-#undef HAVE_STRLCPY
-
-/* Define to 1 if you have the `strtoul' function. */
-#undef HAVE_STRTOUL
-
-/* Define if you have Swig libraries and header files. */
-#undef HAVE_SWIG
-
-/* Define to 1 if you have the <sys/mount.h> header file. */
-#undef HAVE_SYS_MOUNT_H
-
-/* Define to 1 if you have the <sys/param.h> header file. */
-#undef HAVE_SYS_PARAM_H
-
-/* define if you have sys/socket.h */
-#undef HAVE_SYS_SOCKET_H
-
-/* Define to 1 if you have the <sys/stat.h> header file. */
-#undef HAVE_SYS_STAT_H
-
-/* define if you have sys/types.h */
-#undef HAVE_SYS_TYPES_H
-
-/* Define to 1 if you have the `timegm' function. */
-#undef HAVE_TIMEGM
-
-/* Define to 1 if you have the <time.h> header file. */
-#undef HAVE_TIME_H
-
-/* define if you have unistd.h */
-#undef HAVE_UNISTD_H
-
-/* Define to 1 if you have the <winsock2.h> header file. */
-#undef HAVE_WINSOCK2_H
-
-/* Define to 1 if you have the <ws2tcpip.h> header file. */
-#undef HAVE_WS2TCPIP_H
-
-/* Define to the sub-directory in which libtool stores uninstalled libraries.
- */
-#undef LT_OBJDIR
-
-/* Define to the address where bug reports for this package should be sent. */
-#undef PACKAGE_BUGREPORT
-
-/* Define to the full name of this package. */
-#undef PACKAGE_NAME
-
-/* Define to the full name and version of this package. */
-#undef PACKAGE_STRING
-
-/* Define to the one symbol short name of this package. */
-#undef PACKAGE_TARNAME
-
-/* Define to the home page for this package. */
-#undef PACKAGE_URL
-
-/* Define to the version of this package. */
-#undef PACKAGE_VERSION
-
-/* Define to 1 if you have the ANSI C header files. */
-#undef STDC_HEADERS
-
-/* System configuration dir */
-#undef SYSCONFDIR
-
-/* Define this to enable ECDSA support. */
-#undef USE_ECDSA
-
-/* Define this to enable GOST support. */
-#undef USE_GOST
-
-/* Define this to enable SHA256 and SHA512 support. */
-#undef USE_SHA2
-
-/* Enable extensions on AIX 3, Interix. */
-#ifndef _ALL_SOURCE
-# undef _ALL_SOURCE
-#endif
-/* Enable GNU extensions on systems that have them. */
-#ifndef _GNU_SOURCE
-# undef _GNU_SOURCE
-#endif
-/* Enable threading extensions on Solaris. */
-#ifndef _POSIX_PTHREAD_SEMANTICS
-# undef _POSIX_PTHREAD_SEMANTICS
-#endif
-/* Enable extensions on HP NonStop. */
-#ifndef _TANDEM_SOURCE
-# undef _TANDEM_SOURCE
-#endif
-/* Enable general extensions on Solaris. */
-#ifndef __EXTENSIONS__
-# undef __EXTENSIONS__
-#endif
-
-
-/* Whether the windows socket API is used */
-#undef USE_WINSOCK
-
-/* the version of the windows API enabled */
-#undef WINVER
-
-/* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most
- significant byte first (like Motorola and SPARC, unlike Intel). */
-#if defined AC_APPLE_UNIVERSAL_BUILD
-# if defined __BIG_ENDIAN__
-# define WORDS_BIGENDIAN 1
-# endif
-#else
-# ifndef WORDS_BIGENDIAN
-# undef WORDS_BIGENDIAN
-# endif
-#endif
-
-/* Define to 1 if on MINIX. */
-#undef _MINIX
-
-/* Define to 2 if the system does not provide POSIX.1 features except with
- this defined. */
-#undef _POSIX_1_SOURCE
-
-/* Define to 1 if you need to in order for `stat' and other things to work. */
-#undef _POSIX_SOURCE
-
-/* Define to empty if `const' does not conform to ANSI C. */
-#undef const
-
-/* in_addr_t */
-#undef in_addr_t
-
-/* in_port_t */
-#undef in_port_t
-
-/* Define to `__inline__' or `__inline' if that's what the C compiler
- calls it, or to nothing if 'inline' is not supported under any name. */
-#ifndef __cplusplus
-#undef inline
-#endif
-
-/* Define to `short' if <sys/types.h> does not define. */
-#undef int16_t
-
-/* Define to `int' if <sys/types.h> does not define. */
-#undef int32_t
-
-/* Define to `long long' if <sys/types.h> does not define. */
-#undef int64_t
-
-/* Define to `char' if <sys/types.h> does not define. */
-#undef int8_t
-
-/* Define to rpl_malloc if the replacement function should be used. */
-#undef malloc
-
-/* Define to rpl_realloc if the replacement function should be used. */
-#undef realloc
-
-/* Define to 'int' if not defined */
-#undef socklen_t
-
-/* Fallback member name for socket family in struct sockaddr_storage */
-#undef ss_family
-
-/* Define to `int' if <sys/types.h> does not define. */
-#undef ssize_t
-
-/* Define to `unsigned short' if <sys/types.h> does not define. */
-#undef uint16_t
-
-/* Define to `unsigned int' if <sys/types.h> does not define. */
-#undef uint32_t
-
-/* Define to `unsigned long long' if <sys/types.h> does not define. */
-#undef uint64_t
-
-/* Define to `unsigned char' if <sys/types.h> does not define. */
-#undef uint8_t
-
-
-#include <stdio.h>
-#include <string.h>
-#include <unistd.h>
-#include <assert.h>
-
-#ifndef LITTLE_ENDIAN
-#define LITTLE_ENDIAN 1234
-#endif
-
-#ifndef BIG_ENDIAN
-#define BIG_ENDIAN 4321
-#endif
-
-#ifndef BYTE_ORDER
-#ifdef WORDS_BIGENDIAN
-#define BYTE_ORDER BIG_ENDIAN
-#else
-#define BYTE_ORDER LITTLE_ENDIAN
-#endif /* WORDS_BIGENDIAN */
-#endif /* BYTE_ORDER */
-
-#if STDC_HEADERS
-#include <stdlib.h>
-#include <stddef.h>
-#endif
-
-#ifdef HAVE_STDINT_H
-#include <stdint.h>
-#endif
-
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-
-#ifdef HAVE_WINSOCK2_H
-#include <winsock2.h>
-#endif
-
-#ifdef HAVE_WS2TCPIP_H
-#include <ws2tcpip.h>
-#endif
-
-
-/* detect if we need to cast to unsigned int for FD_SET to avoid warnings */
-#ifdef HAVE_WINSOCK2_H
-#define FD_SET_T (u_int)
-#else
-#define FD_SET_T
-#endif
-
-
-
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#ifndef B64_PTON
-int ldns_b64_ntop(uint8_t const *src, size_t srclength,
- char *target, size_t targsize);
-/**
- * calculates the size needed to store the result of b64_ntop
- */
-/*@unused@*/
-static inline size_t ldns_b64_ntop_calculate_size(size_t srcsize)
-{
- return ((((srcsize + 2) / 3) * 4) + 1);
-}
-#endif /* !B64_PTON */
-#ifndef B64_NTOP
-int ldns_b64_pton(char const *src, uint8_t *target, size_t targsize);
-/**
- * calculates the size needed to store the result of ldns_b64_pton
- */
-/*@unused@*/
-static inline size_t ldns_b64_pton_calculate_size(size_t srcsize)
-{
- return (((((srcsize + 3) / 4) * 3)) + 1);
-}
-#endif /* !B64_NTOP */
-
-#ifndef HAVE_SLEEP
-/* use windows sleep, in millisecs, instead */
-#define sleep(x) Sleep((x)*1000)
-#endif
-
-#ifndef HAVE_RANDOM
-#define srandom(x) srand(x)
-#define random(x) rand(x)
-#endif
-
-#ifndef HAVE_TIMEGM
-#include <time.h>
-time_t timegm (struct tm *tm);
-#endif /* !TIMEGM */
-#ifndef HAVE_GMTIME_R
-struct tm *gmtime_r(const time_t *timep, struct tm *result);
-#endif
-#ifndef HAVE_ISBLANK
-int isblank(int c);
-#endif /* !HAVE_ISBLANK */
-#ifndef HAVE_ISASCII
-int isascii(int c);
-#endif /* !HAVE_ISASCII */
-#ifndef HAVE_SNPRINTF
-#include <stdarg.h>
-int snprintf (char *str, size_t count, const char *fmt, ...);
-int vsnprintf (char *str, size_t count, const char *fmt, va_list arg);
-#endif /* HAVE_SNPRINTF */
-#ifndef HAVE_INET_PTON
-int inet_pton(int af, const char* src, void* dst);
-#endif /* HAVE_INET_PTON */
-#ifndef HAVE_INET_NTOP
-const char *inet_ntop(int af, const void *src, char *dst, size_t size);
-#endif
-#ifndef HAVE_INET_ATON
-int inet_aton(const char *cp, struct in_addr *addr);
-#endif
-#ifndef HAVE_MEMMOVE
-void *memmove(void *dest, const void *src, size_t n);
-#endif
-#ifndef HAVE_STRLCPY
-size_t strlcpy(char *dst, const char *src, size_t siz);
-#endif
-#ifdef __cplusplus
-}
-#endif
-#ifndef HAVE_GETADDRINFO
-#include "compat/fake-rfc2553.h"
-#endif
-#ifndef HAVE_STRTOUL
-#define strtoul (unsigned long)strtol
-#endif
-#ifdef HAVE_B64_PTON
-#define ldns_b64_pton b64_pton
-#endif
-#ifdef HAVE_B64_NTOP
-#define ldns_b64_ntop b64_ntop
-#endif
-
+++ /dev/null
-/*
- * dname.h
- *
- * dname definitions
- *
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2004-2006
- *
- * See the file LICENSE for the license
- */
-
-/**
- * \file dname.h
- *
- * dname contains function to read and manipulate domain names.
- *
- * Example domain names are "www.nlnetlabs.nl." and "." (the root)
- *
- * If a domain name ends with a dot ("."), it is called a Fully Qualified
- * Domain Name (FQDN). In certain places (for instance when reading a zone
- * file), an origin (which is just another domain name) non-FQDNs will be
- * placed after the current. For instance, if i have a zone file where the
- * origin has been set to "nl.", and my file contains the name
- * "www.nlnetlabs", it will result in "www.nlnetlabs.nl.". Internally, dnames are
- * always absolute (the dot is added when it is missing and there is no origin).
- *
- * An FQDN is also
- * known as an absolute domain name, therefore the function to check this is
- * called \ref ldns_dname_str_absolute
- *
- * Domain names are stored in \ref ldns_rdf structures, with the type
- * \ref LDNS_RDF_TYPE_DNAME
- *
- * This module is *NOT* about the RR type called DNAME.
- */
-
-
-#ifndef LDNS_DNAME_H
-#define LDNS_DNAME_H
-
-#include <ldns/common.h>
-#include <ldns/rdata.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define LDNS_DNAME_NORMALIZE tolower
-
-/**
- * concatenates two dnames together
- * \param[in] rd1 the leftside
- * \param[in] rd2 the rightside
- * \return a new rdf with leftside/rightside
- */
-ldns_rdf *ldns_dname_cat_clone(const ldns_rdf *rd1, const ldns_rdf *rd2);
-
-/**
- * concatenates rd2 after rd1 (rd2 is copied, rd1 is modified)
- * \param[in] rd1 the leftside
- * \param[in] rd2 the rightside
- * \return LDNS_STATUS_OK on success
- */
-ldns_status ldns_dname_cat(ldns_rdf *rd1, ldns_rdf *rd2);
-
-/**
- * Returns a clone of the given dname with the labels
- * reversed
- * \param[in] d the dname to reverse
- * \return clone of the dname with the labels reversed.
- */
-ldns_rdf *ldns_dname_reverse(const ldns_rdf *d);
-
-/**
- * Clones the given dname from the nth label on
- * \param[in] d The dname to clone
- * \param[in] n the label nr to clone from, if this is 0, the complete
- * dname is cloned
- * \return A newly allocated *rdf structure, containing the cloned dname,
- * or NULL if either d was NULL, not a dname, or if n >=
- * label_count
- */
-ldns_rdf *
-ldns_dname_clone_from(const ldns_rdf *d, uint16_t n);
-
-/**
- * chop one label off the left side of a dname. so
- * wwww.nlnetlabs.nl, becomes nlnetlabs.nl
- * This new name is a clone and must be freed with ldns_deep_free()
- * \param[in] d the dname to chop
- * \return the remaining dname
- */
-ldns_rdf *ldns_dname_left_chop(const ldns_rdf *d);
-
-/**
- * count the number of labels inside a LDNS_RDF_DNAME type rdf.
- * \param[in] *r the rdf
- * \return the number of labels
- */
-uint8_t ldns_dname_label_count(const ldns_rdf *r);
-
-/**
- * creates a new dname rdf from a string.
- * \param[in] str string to use
- * \return ldns_rdf* or NULL in case of an error
- */
-ldns_rdf *ldns_dname_new_frm_str(const char *str);
-
-/**
- * Create a new dname rdf from a string
- * \param[in] s the size of the new dname
- * \param[in] *data pointer to the actual data
- * \return ldns_rdf*
- */
-ldns_rdf *ldns_dname_new(uint16_t s, void *data);
-
-/**
- * Create a new dname rdf from data (the data is copied)
- * \param[in] size the size of the data
- * \param[in] *data pointer to the actual data
- * \return ldns_rdf*
- */
-ldns_rdf *ldns_dname_new_frm_data(uint16_t size, const void *data);
-
-/**
- * Put a dname into canonical fmt - ie. lowercase it
- * \param[in] rdf the dname to lowercase
- * \return void
- */
-void ldns_dname2canonical(const ldns_rdf *rdf);
-
-/**
- * test wether the name sub falls under parent (i.e. is a subdomain
- * of parent). This function will return false if the given dnames are
- * equal.
- * \param[in] sub the name to test
- * \param[in] parent the parent's name
- * \return true if sub falls under parent, otherwise false
- */
-bool ldns_dname_is_subdomain(const ldns_rdf *sub, const ldns_rdf *parent);
-
-/**
- * Compares the two dname rdf's according to the algorithm for ordering
- * in RFC4034 Section 6.
- * \param[in] dname1 First dname rdf to compare
- * \param[in] dname2 Second dname rdf to compare
- * \return -1 if dname1 comes before dname2, 1 if dname1 comes after dname2, and 0 if they are equal.
- */
-int ldns_dname_compare(const ldns_rdf *dname1, const ldns_rdf *dname2);
-
-/**
- * Checks whether the dname matches the given wildcard
- * \param[in] dname The dname to check
- * \param[in] wildcard The wildcard to check with
- * \return 1 If the wildcard matches, OR if 'wildcard' is not a wildcard and
- * the names are *exactly* the same
- * 0 If the wildcard does not match, or if it is not a wildcard and
- * the names are not the same
- */
-int ldns_dname_match_wildcard(const ldns_rdf *dname, const ldns_rdf *wildcard);
-
-/**
- * check if middle lays in the interval defined by prev and next
- * prev <= middle < next. This is usefull for nsec checking
- * \param[in] prev the previous dname
- * \param[in] middle the dname to check
- * \param[in] next the next dname
- * return 0 on error or unknown, -1 when middle is in the interval, +1 when not
- */
-int ldns_dname_interval(const ldns_rdf *prev, const ldns_rdf *middle, const ldns_rdf *next);
-
-/**
- * Checks whether the given dname string is absolute (i.e. ends with a '.')
- * \param[in] *dname_str a string representing the dname
- * \return true or false
- */
-bool ldns_dname_str_absolute(const char *dname_str);
-
-/**
- * look inside the rdf and if it is an LDNS_RDF_TYPE_DNAME
- * try and retrieve a specific label. The labels are numbered
- * starting from 0 (left most).
- * \param[in] rdf the rdf to look in
- * \param[in] labelpos return the label with this number
- * \return a ldns_rdf* with the label as name or NULL on error
- */
-ldns_rdf * ldns_dname_label(const ldns_rdf *rdf, uint8_t labelpos);
-
-/**
- * Check if dname is a wildcard, starts with *.
- * \param[in] dname: the rdf to look in
- * \return true if a wildcard, false if not.
- */
-int ldns_dname_is_wildcard(const ldns_rdf* dname);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* LDNS_DNAME_H */
+++ /dev/null
-/*
- * dnssec.h -- defines for the Domain Name System (SEC) (DNSSEC)
- *
- * Copyright (c) 2005-2008, NLnet Labs. All rights reserved.
- *
- * See LICENSE for the license.
- *
- * A bunch of defines that are used in the DNS
- */
-
-/**
- * \file dnssec.h
- *
- * This module contains base functions for DNSSEC operations
- * (RFC4033 t/m RFC4035).
- *
- * Since those functions heavily rely op cryptographic operations,
- * this module is dependent on openssl.
- *
- */
-
-
-#ifndef LDNS_DNSSEC_H
-#define LDNS_DNSSEC_H
-
-#ifdef HAVE_SSL
-#include <openssl/ssl.h>
-#include <openssl/evp.h>
-#endif /* HAVE_SSL */
-#include <ldns/common.h>
-#include <ldns/packet.h>
-#include <ldns/keys.h>
-#include <ldns/zone.h>
-#include <ldns/resolver.h>
-#include <ldns/dnssec_zone.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define LDNS_MAX_KEYLEN 2048
-#define LDNS_DNSSEC_KEYPROTO 3
-/* default time before sigs expire */
-#define LDNS_DEFAULT_EXP_TIME 2419200 /* 4 weeks */
-
-/** return values for the old-signature callback */
-#define LDNS_SIGNATURE_LEAVE_ADD_NEW 0
-#define LDNS_SIGNATURE_LEAVE_NO_ADD 1
-#define LDNS_SIGNATURE_REMOVE_ADD_NEW 2
-#define LDNS_SIGNATURE_REMOVE_NO_ADD 3
-
-/**
- * Returns the first RRSIG rr that corresponds to the rrset
- * with the given name and type
- *
- * \param[in] name The dname of the RRset covered by the RRSIG to find
- * \param[in] type The type of the RRset covered by the RRSIG to find
- * \param[in] rrs List of rrs to search in
- * \returns Pointer to the first RRsig ldns_rr found, or NULL if it is
- * not present
- */
-ldns_rr *ldns_dnssec_get_rrsig_for_name_and_type(const ldns_rdf *name,
- const ldns_rr_type type,
- const ldns_rr_list *rrs);
-
-/**
- * Returns the DNSKEY that corresponds to the given RRSIG rr from the list, if
- * any
- *
- * \param[in] rrsig The rrsig to find the DNSKEY for
- * \param[in] rrs The rr list to find the key in
- * \return The DNSKEY that corresponds to the given RRSIG, or NULL if it was
- * not found.
- */
-ldns_rr *ldns_dnssec_get_dnskey_for_rrsig(const ldns_rr *rrsig, const ldns_rr_list *rrs);
-
-/**
- * Returns the rdata field that contains the bitmap of the covered types of
- * the given NSEC record
- *
- * \param[in] nsec The nsec to get the covered type bitmap of
- * \return An ldns_rdf containing the bitmap, or NULL on error
- */
-ldns_rdf *ldns_nsec_get_bitmap(ldns_rr *nsec);
-
-
-#define LDNS_NSEC3_MAX_ITERATIONS 65535
-
-/**
- * Returns the dname of the closest (provable) encloser
- */
-ldns_rdf *
-ldns_dnssec_nsec3_closest_encloser(ldns_rdf *qname,
- ldns_rr_type qtype,
- ldns_rr_list *nsec3s);
-
-/**
- * Checks whether the packet contains rrsigs
- */
-bool
-ldns_dnssec_pkt_has_rrsigs(const ldns_pkt *pkt);
-
-/**
- * Returns a ldns_rr_list containing the signatures covering the given name
- * and type
- */
-ldns_rr_list *ldns_dnssec_pkt_get_rrsigs_for_name_and_type(const ldns_pkt *pkt, ldns_rdf *name, ldns_rr_type type);
-
-/**
- * Returns a ldns_rr_list containing the signatures covering the given type
- */
-ldns_rr_list *ldns_dnssec_pkt_get_rrsigs_for_type(const ldns_pkt *pkt, ldns_rr_type type);
-
-/**
- * calculates a keytag of a key for use in DNSSEC.
- *
- * \param[in] key the key as an RR to use for the calc.
- * \return the keytag
- */
-uint16_t ldns_calc_keytag(const ldns_rr *key);
-
-/**
- * Calculates keytag of DNSSEC key, operates on wireformat rdata.
- * \param[in] key the key as uncompressed wireformat rdata.
- * \param[in] keysize length of key data.
- * \return the keytag
- */
-uint16_t ldns_calc_keytag_raw(uint8_t* key, size_t keysize);
-
-#ifdef HAVE_SSL
-/**
- * converts a buffer holding key material to a DSA key in openssl.
- *
- * \param[in] key the key to convert
- * \return a DSA * structure with the key material
- */
-DSA *ldns_key_buf2dsa(ldns_buffer *key);
-/**
- * Like ldns_key_buf2dsa, but uses raw buffer.
- * \param[in] key the uncompressed wireformat of the key.
- * \param[in] len length of key data
- * \return a DSA * structure with the key material
- */
-DSA *ldns_key_buf2dsa_raw(unsigned char* key, size_t len);
-
-/**
- * Utility function to calculate hash using generic EVP_MD pointer.
- * \param[in] data the data to hash.
- * \param[in] len length of data.
- * \param[out] dest the destination of the hash, must be large enough.
- * \param[in] md the message digest to use.
- * \return true if worked, false on failure.
- */
-int ldns_digest_evp(unsigned char* data, unsigned int len,
- unsigned char* dest, const EVP_MD* md);
-
-/**
- * Converts a holding buffer with key material to EVP PKEY in openssl.
- * Only available if ldns was compiled with GOST.
- * \param[in] key data to convert
- * \param[in] keylen length of the key data
- * \return the key or NULL on error.
- */
-EVP_PKEY* ldns_gost2pkey_raw(unsigned char* key, size_t keylen);
-
-/**
- * Converts a holding buffer with key material to EVP PKEY in openssl.
- * Only available if ldns was compiled with ECDSA.
- * \param[in] key data to convert
- * \param[in] keylen length of the key data
- * \param[in] algo precise algorithm to initialize ECC group values.
- * \return the key or NULL on error.
- */
-EVP_PKEY* ldns_ecdsa2pkey_raw(unsigned char* key, size_t keylen, uint8_t algo);
-
-#endif /* HAVE_SSL */
-
-#ifdef HAVE_SSL
-/**
- * converts a buffer holding key material to a RSA key in openssl.
- *
- * \param[in] key the key to convert
- * \return a RSA * structure with the key material
- */
-RSA *ldns_key_buf2rsa(ldns_buffer *key);
-
-/**
- * Like ldns_key_buf2rsa, but uses raw buffer.
- * \param[in] key the uncompressed wireformat of the key.
- * \param[in] len length of key data
- * \return a RSA * structure with the key material
- */
-RSA *ldns_key_buf2rsa_raw(unsigned char* key, size_t len);
-#endif /* HAVE_SSL */
-
-/**
- * returns a new DS rr that represents the given key rr.
- *
- * \param[in] *key the key to convert
- * \param[in] h the hash to use LDNS_SHA1/LDNS_SHA256
- * \return ldns_rr* a new rr pointer to a DS
- */
-ldns_rr *ldns_key_rr2ds(const ldns_rr *key, ldns_hash h);
-
-/**
- * Create the type bitmap for an NSEC(3) record
- */
-ldns_rdf *
-ldns_dnssec_create_nsec_bitmap(ldns_rr_type rr_type_list[],
- size_t size,
- ldns_rr_type nsec_type);
-
-/**
- * Creates NSEC
- */
-ldns_rr *
-ldns_dnssec_create_nsec(ldns_dnssec_name *from,
- ldns_dnssec_name *to,
- ldns_rr_type nsec_type);
-
-
-/**
- * Creates NSEC3
- */
-ldns_rr *
-ldns_dnssec_create_nsec3(ldns_dnssec_name *from,
- ldns_dnssec_name *to,
- ldns_rdf *zone_name,
- uint8_t algorithm,
- uint8_t flags,
- uint16_t iterations,
- uint8_t salt_length,
- uint8_t *salt);
-
-/**
- * Create a NSEC record
- * \param[in] cur_owner the current owner which should be taken as the starting point
- * \param[in] next_owner the rrlist which the nsec rr should point to
- * \param[in] rrs all rrs from the zone, to find all RR types of cur_owner in
- * \return a ldns_rr with the nsec record in it
- */
-ldns_rr * ldns_create_nsec(ldns_rdf *cur_owner, ldns_rdf *next_owner, ldns_rr_list *rrs);
-
-/**
- * Calculates the hashed name using the given parameters
- * \param[in] *name The owner name to calculate the hash for
- * \param[in] algorithm The hash algorithm to use
- * \param[in] iterations The number of hash iterations to use
- * \param[in] salt_length The length of the salt in bytes
- * \param[in] salt The salt to use
- * \return The hashed owner name rdf, without the domain name
- */
-ldns_rdf *ldns_nsec3_hash_name(ldns_rdf *name, uint8_t algorithm, uint16_t iterations, uint8_t salt_length, uint8_t *salt);
-
-/**
- * Sets all the NSEC3 options. The rr to set them in must be initialized with _new() and
- * type LDNS_RR_TYPE_NSEC3
- * \param[in] *rr The RR to set the values in
- * \param[in] algorithm The NSEC3 hash algorithm
- * \param[in] flags The flags field
- * \param[in] iterations The number of hash iterations
- * \param[in] salt_length The length of the salt in bytes
- * \param[in] salt The salt bytes
- */
-void ldns_nsec3_add_param_rdfs(ldns_rr *rr,
- uint8_t algorithm,
- uint8_t flags,
- uint16_t iterations,
- uint8_t salt_length,
- uint8_t *salt);
-
-/* this will NOT return the NSEC3 completed, you will have to run the
- finalize function on the rrlist later! */
-ldns_rr *
-ldns_create_nsec3(ldns_rdf *cur_owner,
- ldns_rdf *cur_zone,
- ldns_rr_list *rrs,
- uint8_t algorithm,
- uint8_t flags,
- uint16_t iterations,
- uint8_t salt_length,
- uint8_t *salt,
- bool emptynonterminal);
-
-/**
- * Returns the hash algorithm used in the given NSEC3 RR
- * \param[in] *nsec3_rr The RR to read from
- * \return The algorithm identifier, or 0 on error
- */
-uint8_t ldns_nsec3_algorithm(const ldns_rr *nsec3_rr);
-
-/**
- * Returns flags field
- */
-uint8_t
-ldns_nsec3_flags(const ldns_rr *nsec3_rr);
-
-/**
- * Returns true if the opt-out flag has been set in the given NSEC3 RR
- * \param[in] *nsec3_rr The RR to read from
- * \return true if the RR has type NSEC3 and the opt-out bit has been set, false otherwise
- */
-bool ldns_nsec3_optout(const ldns_rr *nsec3_rr);
-
-/**
- * Returns the number of hash iterations used in the given NSEC3 RR
- * \param[in] *nsec3_rr The RR to read from
- * \return The number of iterations
- */
-uint16_t ldns_nsec3_iterations(const ldns_rr *nsec3_rr);
-
-/**
- * Returns the salt used in the given NSEC3 RR
- * \param[in] *nsec3_rr The RR to read from
- * \return The salt rdf, or NULL on error
- */
-ldns_rdf *ldns_nsec3_salt(const ldns_rr *nsec3_rr);
-
-/**
- * Returns the length of the salt used in the given NSEC3 RR
- * \param[in] *nsec3_rr The RR to read from
- * \return The length of the salt in bytes
- */
-uint8_t ldns_nsec3_salt_length(const ldns_rr *nsec3_rr);
-
-/**
- * Returns the salt bytes used in the given NSEC3 RR
- * \param[in] *nsec3_rr The RR to read from
- * \return The salt in bytes, this is alloced, so you need to free it
- */
-uint8_t *ldns_nsec3_salt_data(const ldns_rr *nsec3_rr);
-
-/**
- * Returns the first label of the next ownername in the NSEC3 chain (ie. without the domain)
- * \param[in] nsec3_rr The RR to read from
- * \return The first label of the next owner name in the NSEC3 chain, or NULL on error
- */
-ldns_rdf *ldns_nsec3_next_owner(const ldns_rr *nsec3_rr);
-
-/**
- * Returns the bitmap specifying the covered types of the given NSEC3 RR
- * \param[in] *nsec3_rr The RR to read from
- * \return The covered type bitmap rdf
- */
-ldns_rdf *ldns_nsec3_bitmap(const ldns_rr *nsec3_rr);
-
-/**
- * Calculates the hashed name using the parameters of the given NSEC3 RR
- * \param[in] *nsec The RR to use the parameters from
- * \param[in] *name The owner name to calculate the hash for
- * \return The hashed owner name rdf, without the domain name
- */
-ldns_rdf *ldns_nsec3_hash_name_frm_nsec3(const ldns_rr *nsec, ldns_rdf *name);
-
-/**
- * Checks coverage of NSEC RR type bitmap
- * \param[in] nsec_bitmap The NSEC bitmap rdata field to check
- * \param[in] type The type to check
- * \return true if the NSEC RR covers the type
- */
-bool ldns_nsec_bitmap_covers_type(const ldns_rdf *nsec_bitmap, ldns_rr_type type);
-
-/**
- * Checks coverage of NSEC(3) RR name span
- * Remember that nsec and name must both be in canonical form (ie use
- * \ref ldns_rr2canonical and \ref ldns_dname2canonical prior to calling this
- * function)
- *
- * \param[in] nsec The NSEC RR to check
- * \param[in] name The owner dname to check, if the nsec record is a NSEC3 record, this should be the hashed name
- * \return true if the NSEC RR covers the owner name
- */
-bool ldns_nsec_covers_name(const ldns_rr *nsec, const ldns_rdf *name);
-
-#ifdef HAVE_SSL
-/**
- * verify a packet
- * \param[in] p the packet
- * \param[in] t the rr set type to check
- * \param[in] o the rr set name to check
- * \param[in] k list of keys
- * \param[in] s list of sigs (may be null)
- * \param[out] good_keys keys which validated the packet
- * \return status
- *
- */
-ldns_status ldns_pkt_verify(ldns_pkt *p, ldns_rr_type t, ldns_rdf *o, ldns_rr_list *k, ldns_rr_list *s, ldns_rr_list *good_keys);
-#endif
-
-/**
- * chains nsec3 list
- */
-ldns_status
-ldns_dnssec_chain_nsec3_list(ldns_rr_list *nsec3_rrs);
-
-/**
- * compare for nsec3 sort
- */
-int
-qsort_rr_compare_nsec3(const void *a, const void *b);
-
-/**
- * sort nsec3 list
- */
-void
-ldns_rr_list_sort_nsec3(ldns_rr_list *unsorted);
-
-/**
- * Default callback function to always leave present signatures, and
- * add new ones
- * \param[in] sig The signature to check for removal (unused)
- * \param[in] n Optional argument (unused)
- * \return LDNS_SIGNATURE_LEAVE_ADD_NEW
- */
-int ldns_dnssec_default_add_to_signatures(ldns_rr *sig, void *n);
-/**
- * Default callback function to always leave present signatures, and
- * add no new ones for the keys of these signatures
- * \param[in] sig The signature to check for removal (unused)
- * \param[in] n Optional argument (unused)
- * \return LDNS_SIGNATURE_LEAVE_NO_ADD
- */
-int ldns_dnssec_default_leave_signatures(ldns_rr *sig, void *n);
-/**
- * Default callback function to always remove present signatures, but
- * add no new ones
- * \param[in] sig The signature to check for removal (unused)
- * \param[in] n Optional argument (unused)
- * \return LDNS_SIGNATURE_REMOVE_NO_ADD
- */
-int ldns_dnssec_default_delete_signatures(ldns_rr *sig, void *n);
-/**
- * Default callback function to always leave present signatures, and
- * add new ones
- * \param[in] sig The signature to check for removal (unused)
- * \param[in] n Optional argument (unused)
- * \return LDNS_SIGNATURE_REMOVE_ADD_NEW
- */
-int ldns_dnssec_default_replace_signatures(ldns_rr *sig, void *n);
-
-#ifdef HAVE_SSL
-/**
- * Converts the DSA signature from ASN1 representation (RFC2459, as
- * used by OpenSSL) to raw signature data as used in DNS (rfc2536)
- *
- * \param[in] sig The signature in RFC2459 format
- * \param[in] sig_len The length of the signature
- * \return a new rdf with the signature
- */
-ldns_rdf *
-ldns_convert_dsa_rrsig_asn12rdf(const ldns_buffer *sig,
- const long sig_len);
-
-/**
- * Converts the RRSIG signature RDF (in rfc2536 format) to a buffer
- * with the signature in rfc2459 format
- *
- * \param[out] target_buffer buffer to place the signature data
- * \param[in] sig_rdf The signature rdf to convert
- * \return LDNS_STATUS_OK on success, error code otherwise
- */
-ldns_status
-ldns_convert_dsa_rrsig_rdf2asn1(ldns_buffer *target_buffer,
- const ldns_rdf *sig_rdf);
-
-/**
- * Converts the ECDSA signature from ASN1 representation (as
- * used by OpenSSL) to raw signature data as used in DNS
- * This routine is only present if ldns is compiled with ecdsa support.
- *
- * \param[in] sig The signature in ASN1 format
- * \param[in] sig_len The length of the signature
- * \return a new rdf with the signature
- */
-ldns_rdf *
-ldns_convert_ecdsa_rrsig_asn12rdf(const ldns_buffer *sig, const long sig_len);
-
-/**
- * Converts the RRSIG signature RDF (from DNS) to a buffer with the
- * signature in ASN1 format as openssl uses it.
- * This routine is only present if ldns is compiled with ecdsa support.
- *
- * \param[out] target_buffer buffer to place the signature data in ASN1.
- * \param[in] sig_rdf The signature rdf to convert
- * \return LDNS_STATUS_OK on success, error code otherwise
- */
-ldns_status
-ldns_convert_ecdsa_rrsig_rdf2asn1(ldns_buffer *target_buffer,
- const ldns_rdf *sig_rdf);
-
-#endif /* HAVE_SSL */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* LDNS_DNSSEC_H */
+++ /dev/null
-/** dnssec_verify */
-
-#ifndef LDNS_DNSSEC_SIGN_H
-#define LDNS_DNSSEC_SIGN_H
-
-#include <ldns/dnssec.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* sign functions */
-
-/** Sign flag that makes DNSKEY type signed by all keys, not only by SEP keys*/
-#define LDNS_SIGN_DNSKEY_WITH_ZSK 1
-
-/**
- * Create an empty RRSIG RR (i.e. without the actual signature data)
- * \param[in] rrset The RRset to create the signature for
- * \param[in] key The key that will create the signature
- * \return signature rr
- */
-ldns_rr *
-ldns_create_empty_rrsig(ldns_rr_list *rrset,
- ldns_key *key);
-
-/**
- * Sign the buffer which contains the wiredata of an rrset, and the
- * corresponding empty rrsig rr with the given key
- * \param[in] sign_buf the buffer with data to sign
- * \param[in] key the key to sign with
- * \return an rdata field with the signature data
- */
-ldns_rdf *
-ldns_sign_public_buffer(ldns_buffer *sign_buf, ldns_key *key);
-
-/**
- * Sign an rrset
- * \param[in] rrset the rrset
- * \param[in] keys the keys to use
- * \return a rr_list with the signatures
- */
-ldns_rr_list *ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys);
-
-#ifdef HAVE_SSL
-/**
- * Sign a buffer with the DSA key (hash with SHA1)
- * \param[in] to_sign buffer with the data
- * \param[in] key the key to use
- * \return a ldns_rdf with the signed data
- */
-ldns_rdf *ldns_sign_public_dsa(ldns_buffer *to_sign, DSA *key);
-
-/**
- * Sign data with EVP (general method for different algorithms)
- *
- * \param[in] to_sign The ldns_buffer containing raw data that is
- * to be signed
- * \param[in] key The EVP_PKEY key structure to sign with
- * \param[in] digest_type The digest algorithm to use in the creation of
- * the signature
- * \return ldns_rdf for the RRSIG ldns_rr
- */
-ldns_rdf *ldns_sign_public_evp(ldns_buffer *to_sign,
- EVP_PKEY *key,
- const EVP_MD *digest_type);
-
-/**
- * Sign a buffer with the RSA key (hash with SHA1)
- * \param[in] to_sign buffer with the data
- * \param[in] key the key to use
- * \return a ldns_rdf with the signed data
- */
-ldns_rdf *ldns_sign_public_rsasha1(ldns_buffer *to_sign, RSA *key);
-
-/**
- * Sign a buffer with the RSA key (hash with MD5)
- * \param[in] to_sign buffer with the data
- * \param[in] key the key to use
- * \return a ldns_rdf with the signed data
- */
-ldns_rdf *ldns_sign_public_rsamd5(ldns_buffer *to_sign, RSA *key);
-#endif /* HAVE_SSL */
-
-/**
- * Finds the first dnssec_name node in the rbtree that has not been marked
- * as glue, starting at the given node
- *
- * \param[in] node the first node to check
- * \return the first node that has not been marked as glue, or NULL
- * if not found (TODO: make that LDNS_RBTREE_NULL?)
- */
-ldns_rbnode_t *ldns_dnssec_name_node_next_nonglue(ldns_rbnode_t *node);
-
-/**
- * Adds NSEC records to the given dnssec_zone
- *
- * \param[in] zone the zone to add the records to
- * \param[in] new_rrs ldns_rr's created by this function are
- * added to this rr list, so the caller can free them later
- * \return LDNS_STATUS_OK on success, an error code otherwise
- */
-ldns_status ldns_dnssec_zone_create_nsecs(ldns_dnssec_zone *zone,
- ldns_rr_list *new_rrs);
-
-/**
- * Adds NSEC3 records to the zone
- */
-ldns_status
-ldns_dnssec_zone_create_nsec3s(ldns_dnssec_zone *zone,
- ldns_rr_list *new_rrs,
- uint8_t algorithm,
- uint8_t flags,
- uint16_t iterations,
- uint8_t salt_length,
- uint8_t *salt);
-
-/**
- * remove signatures if callback function tells to
- *
- * \param[in] signatures list of signatures to check, and
- * possibly remove, depending on the value of the
- * callback
- * \param[in] key_list these are marked to be used or not,
- * on the return value of the callback
- * \param[in] func this function is called to specify what to
- * do with each signature (and corresponding key)
- * \param[in] arg Optional argument for the callback function
- * \returns pointer to the new signatures rrs (the original
- * passed to this function may have been removed)
- */
-ldns_dnssec_rrs *ldns_dnssec_remove_signatures(ldns_dnssec_rrs *signatures,
- ldns_key_list *key_list,
- int (*func)(ldns_rr *, void *),
- void *arg);
-
-/**
- * Adds signatures to the zone
- *
- * \param[in] zone the zone to add RRSIG Resource Records to
- * \param[in] new_rrs the RRSIG RRs that are created are also
- * added to this list, so the caller can free them
- * later
- * \param[in] key_list list of keys to sign with.
- * \param[in] func Callback function to decide what keys to
- * use and what to do with old signatures
- * \param[in] arg Optional argument for the callback function
- * \param[in] flags option flags for signing process. 0 makes DNSKEY
- * RRset signed with the minimal key set, that is only SEP keys are used
- * for signing. If there are no SEP keys available, non-SEP keys will
- * be used. LDNS_SIGN_DNSKEY_WITH_ZSK makes DNSKEY type signed with all
- * keys. 0 is the default.
- * \return LDNS_STATUS_OK on success, error otherwise
- */
-ldns_status ldns_dnssec_zone_create_rrsigs_flg(ldns_dnssec_zone *zone,
- ldns_rr_list *new_rrs,
- ldns_key_list *key_list,
- int (*func)(ldns_rr *, void*),
- void *arg,
- int flags);
-
-/**
- * Adds signatures to the zone
- *
- * \param[in] zone the zone to add RRSIG Resource Records to
- * \param[in] new_rrs the RRSIG RRs that are created are also
- * added to this list, so the caller can free them
- * later
- * \param[in] key_list list of keys to sign with.
- * \param[in] func Callback function to decide what keys to
- * use and what to do with old signatures
- * \param[in] arg Optional argument for the callback function
- * \return LDNS_STATUS_OK on success, error otherwise
- */
-ldns_status ldns_dnssec_zone_create_rrsigs(ldns_dnssec_zone *zone,
- ldns_rr_list *new_rrs,
- ldns_key_list *key_list,
- int (*func)(ldns_rr *, void*),
- void *arg);
-
-/**
- * signs the given zone with the given keys
- *
- * \param[in] zone the zone to sign
- * \param[in] key_list the list of keys to sign the zone with
- * \param[in] new_rrs newly created resource records are added to this list, to free them later
- * \param[in] func callback function that decides what to do with old signatures
- * This function takes an ldns_rr* and an optional void *arg argument, and returns one of four values:
- * LDNS_SIGNATURE_LEAVE_ADD_NEW:
- * leave the signature and add a new one for the corresponding key
- * LDNS_SIGNATURE_REMOVE_ADD_NEW:
- * remove the signature and replace is with a new one from the same key
- * LDNS_SIGNATURE_LEAVE_NO_ADD:
- * leave the signature and do not add a new one with the corresponding key
- * LDNS_SIGNATURE_REMOVE_NO_ADD:
- * remove the signature and do not replace
- *
- * \param[in] arg optional argument for the callback function
- * \param[in] flags option flags for signing process. 0 makes DNSKEY
- * RRset signed with the minimal key set, that is only SEP keys are used
- * for signing. If there are no SEP keys available, non-SEP keys will
- * be used. LDNS_SIGN_DNSKEY_WITH_ZSK makes DNSKEY type signed with all
- * keys. 0 is the default.
- * \return LDNS_STATUS_OK on success, an error code otherwise
- */
-ldns_status ldns_dnssec_zone_sign_flg(ldns_dnssec_zone *zone,
- ldns_rr_list *new_rrs,
- ldns_key_list *key_list,
- int (*func)(ldns_rr *, void *),
- void *arg,
- int flags);
-
-/**
- * signs the given zone with the given new zone, with NSEC3
- *
- * \param[in] zone the zone to sign
- * \param[in] key_list the list of keys to sign the zone with
- * \param[in] new_rrs newly created resource records are added to this list, to free them later
- * \param[in] func callback function that decides what to do with old signatures
- * \param[in] arg optional argument for the callback function
- * \param[in] algorithm the NSEC3 hashing algorithm to use
- * \param[in] flags NSEC3 flags
- * \param[in] iterations the number of NSEC3 hash iterations to use
- * \param[in] salt_length the length (in octets) of the NSEC3 salt
- * \param[in] salt the NSEC3 salt data
- * \param[in] signflags option flags for signing process. 0 is the default.
- * \return LDNS_STATUS_OK on success, an error code otherwise
- */
-ldns_status ldns_dnssec_zone_sign_nsec3_flg(ldns_dnssec_zone *zone,
- ldns_rr_list *new_rrs,
- ldns_key_list *key_list,
- int (*func)(ldns_rr *, void *),
- void *arg,
- uint8_t algorithm,
- uint8_t flags,
- uint16_t iterations,
- uint8_t salt_length,
- uint8_t *salt,
- int signflags);
-
-/**
- * signs the given zone with the given keys
- *
- * \param[in] zone the zone to sign
- * \param[in] key_list the list of keys to sign the zone with
- * \param[in] new_rrs newly created resource records are added to this list, to free them later
- * \param[in] func callback function that decides what to do with old signatures
- * This function takes an ldns_rr* and an optional void *arg argument, and returns one of four values:
- * LDNS_SIGNATURE_LEAVE_ADD_NEW:
- * leave the signature and add a new one for the corresponding key
- * LDNS_SIGNATURE_REMOVE_ADD_NEW:
- * remove the signature and replace is with a new one from the same key
- * LDNS_SIGNATURE_LEAVE_NO_ADD:
- * leave the signature and do not add a new one with the corresponding key
- * LDNS_SIGNATURE_REMOVE_NO_ADD:
- * remove the signature and do not replace
- *
- * \param[in] arg optional argument for the callback function
- * \return LDNS_STATUS_OK on success, an error code otherwise
- */
-ldns_status ldns_dnssec_zone_sign(ldns_dnssec_zone *zone,
- ldns_rr_list *new_rrs,
- ldns_key_list *key_list,
- int (*func)(ldns_rr *, void *),
- void *arg);
-
-/**
- * signs the given zone with the given new zone, with NSEC3
- *
- * \param[in] zone the zone to sign
- * \param[in] key_list the list of keys to sign the zone with
- * \param[in] new_rrs newly created resource records are added to this list, to free them later
- * \param[in] func callback function that decides what to do with old signatures
- * \param[in] arg optional argument for the callback function
- * \param[in] algorithm the NSEC3 hashing algorithm to use
- * \param[in] flags NSEC3 flags
- * \param[in] iterations the number of NSEC3 hash iterations to use
- * \param[in] salt_length the length (in octets) of the NSEC3 salt
- * \param[in] salt the NSEC3 salt data
- * \return LDNS_STATUS_OK on success, an error code otherwise
- */
-ldns_status ldns_dnssec_zone_sign_nsec3(ldns_dnssec_zone *zone,
- ldns_rr_list *new_rrs,
- ldns_key_list *key_list,
- int (*func)(ldns_rr *, void *),
- void *arg,
- uint8_t algorithm,
- uint8_t flags,
- uint16_t iterations,
- uint8_t salt_length,
- uint8_t *salt);
-
-/**
- * Signs the zone, and returns a newly allocated signed zone
- * \param[in] zone the zone to sign
- * \param[in] key_list list of keys to sign with
- * \return signed zone
- */
-ldns_zone *ldns_zone_sign(const ldns_zone *zone, ldns_key_list *key_list);
-
-/**
- * Signs the zone with NSEC3, and returns a newly allocated signed zone
- * \param[in] zone the zone to sign
- * \param[in] key_list list of keys to sign with
- * \param[in] algorithm the NSEC3 hashing algorithm to use
- * \param[in] flags NSEC3 flags
- * \param[in] iterations the number of NSEC3 hash iterations to use
- * \param[in] salt_length the length (in octets) of the NSEC3 salt
- * \param[in] salt the NSEC3 salt data
- * \return signed zone
- */
-ldns_zone *ldns_zone_sign_nsec3(ldns_zone *zone, ldns_key_list *key_list, uint8_t algorithm, uint8_t flags, uint16_t iterations, uint8_t salt_length, uint8_t *salt);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+++ /dev/null
-/** dnssec_verify */
-
-#ifndef LDNS_DNSSEC_VERIFY_H
-#define LDNS_DNSSEC_VERIFY_H
-
-#define LDNS_DNSSEC_TRUST_TREE_MAX_PARENTS 10
-
-#include <ldns/dnssec.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * Chain structure that contains all DNSSEC data needed to
- * verify an rrset
- */
-typedef struct ldns_dnssec_data_chain_struct ldns_dnssec_data_chain;
-struct ldns_dnssec_data_chain_struct
-{
- ldns_rr_list *rrset;
- ldns_rr_list *signatures;
- ldns_rr_type parent_type;
- ldns_dnssec_data_chain *parent;
- ldns_pkt_rcode packet_rcode;
- ldns_rr_type packet_qtype;
- bool packet_nodata;
-};
-
-/**
- * Creates a new dnssec_chain structure
- * \return ldns_dnssec_data_chain *
- */
-ldns_dnssec_data_chain *ldns_dnssec_data_chain_new();
-
-/**
- * Frees a dnssec_data_chain structure
- *
- * \param[in] *chain The chain to free
- */
-void ldns_dnssec_data_chain_free(ldns_dnssec_data_chain *chain);
-
-/**
- * Frees a dnssec_data_chain structure, and all data
- * contained therein
- *
- * \param[in] *chain The dnssec_data_chain to free
- */
-void ldns_dnssec_data_chain_deep_free(ldns_dnssec_data_chain *chain);
-
-/**
- * Prints the dnssec_data_chain to the given file stream
- *
- * \param[in] *out The file stream to print to
- * \param[in] *chain The dnssec_data_chain to print
- */
-void ldns_dnssec_data_chain_print(FILE *out, const ldns_dnssec_data_chain *chain);
-
-/**
- * Build an ldns_dnssec_data_chain, which contains all
- * DNSSEC data that is needed to derive the trust tree later
- *
- * The data_set will be cloned
- *
- * \param[in] *res resolver structure for further needed queries
- * \param[in] qflags resolution flags
- * \param[in] *data_set The original rrset where the chain ends
- * \param[in] *pkt optional, can contain the original packet
- * (and hence the sigs and maybe the key)
- * \param[in] *orig_rr The original Resource Record
- *
- * \return the DNSSEC data chain
- */
-ldns_dnssec_data_chain *ldns_dnssec_build_data_chain(ldns_resolver *res,
- const uint16_t qflags,
- const ldns_rr_list *data_set,
- const ldns_pkt *pkt,
- ldns_rr *orig_rr);
-
-/**
- * Tree structure that contains the relation of DNSSEC data,
- * and their cryptographic status.
- *
- * This tree is derived from a data_chain, and can be used
- * to look whether there is a connection between an RRSET
- * and a trusted key. The tree only contains pointers to the
- * data_chain, and therefore one should *never* free() the
- * data_chain when there is still a trust tree derived from
- * that chain.
- *
- * Example tree:
- * key key key
- * \ | /
- * \ | /
- * \ | /
- * ds
- * |
- * key
- * |
- * key
- * |
- * rr
- *
- * For each signature there is a parent; if the parent
- * pointer is null, it couldn't be found and there was no
- * denial; otherwise is a tree which contains either a
- * DNSKEY, a DS, or a NSEC rr
- */
-typedef struct ldns_dnssec_trust_tree_struct ldns_dnssec_trust_tree;
-struct ldns_dnssec_trust_tree_struct
-{
- ldns_rr *rr;
- /* the complete rrset this rr was in */
- ldns_rr_list *rrset;
- ldns_dnssec_trust_tree *parents[LDNS_DNSSEC_TRUST_TREE_MAX_PARENTS];
- ldns_status parent_status[LDNS_DNSSEC_TRUST_TREE_MAX_PARENTS];
- /** for debugging, add signatures too (you might want
- those if they contain errors) */
- ldns_rr *parent_signature[LDNS_DNSSEC_TRUST_TREE_MAX_PARENTS];
- size_t parent_count;
-};
-
-/**
- * Creates a new (empty) dnssec_trust_tree structure
- *
- * \return ldns_dnssec_trust_tree *
- */
-ldns_dnssec_trust_tree *ldns_dnssec_trust_tree_new();
-
-/**
- * Frees the dnssec_trust_tree recursively
- *
- * There is no deep free; all data in the trust tree
- * consists of pointers to a data_chain
- *
- * \param[in] tree The tree to free
- */
-void ldns_dnssec_trust_tree_free(ldns_dnssec_trust_tree *tree);
-
-/**
- * returns the depth of the trust tree
- *
- * \param[in] tree tree to calculate the depth of
- * \return The depth of the tree
- */
-size_t ldns_dnssec_trust_tree_depth(ldns_dnssec_trust_tree *tree);
-
-/**
- * Prints the dnssec_trust_tree structure to the given file
- * stream.
- *
- * If a link status is not LDNS_STATUS_OK; the status and
- * relevant signatures are printed too
- *
- * \param[in] *out The file stream to print to
- * \param[in] tree The trust tree to print
- * \param[in] tabs Prepend each line with tabs*2 spaces
- * \param[in] extended If true, add little explanation lines to the output
- */
-void ldns_dnssec_trust_tree_print(FILE *out,
- ldns_dnssec_trust_tree *tree,
- size_t tabs,
- bool extended);
-
-/**
- * Adds a trust tree as a parent for the given trust tree
- *
- * \param[in] *tree The tree to add the parent to
- * \param[in] *parent The parent tree to add
- * \param[in] *parent_signature The RRSIG relevant to this parent/child
- * connection
- * \param[in] parent_status The DNSSEC status for this parent, child and RRSIG
- * \return LDNS_STATUS_OK if the addition succeeds, error otherwise
- */
-ldns_status ldns_dnssec_trust_tree_add_parent(ldns_dnssec_trust_tree *tree,
- const ldns_dnssec_trust_tree *parent,
- const ldns_rr *parent_signature,
- const ldns_status parent_status);
-
-/**
- * Generates a dnssec_trust_ttree for the given rr from the
- * given data_chain
- *
- * This does not clone the actual data; Don't free the
- * data_chain before you are done with this tree
- *
- * \param[in] *data_chain The chain to derive the trust tree from
- * \param[in] *rr The RR this tree will be about
- * \return ldns_dnssec_trust_tree *
- */
-ldns_dnssec_trust_tree *ldns_dnssec_derive_trust_tree(
- ldns_dnssec_data_chain *data_chain,
- ldns_rr *rr);
-
-/**
- * Sub function for derive_trust_tree that is used for a
- * 'normal' rrset
- *
- * \param[in] new_tree The trust tree that we are building
- * \param[in] data_chain The data chain containing the data for the trust tree
- * \param[in] cur_sig_rr The currently relevant signature
- */
-void ldns_dnssec_derive_trust_tree_normal_rrset(
- ldns_dnssec_trust_tree *new_tree,
- ldns_dnssec_data_chain *data_chain,
- ldns_rr *cur_sig_rr);
-
-/**
- * Sub function for derive_trust_tree that is used for DNSKEY rrsets
- *
- * \param[in] new_tree The trust tree that we are building
- * \param[in] data_chain The data chain containing the data for the trust tree
- * \param[in] cur_rr The currently relevant DNSKEY RR
- * \param[in] cur_sig_rr The currently relevant signature
- */
-void ldns_dnssec_derive_trust_tree_dnskey_rrset(
- ldns_dnssec_trust_tree *new_tree,
- ldns_dnssec_data_chain *data_chain,
- ldns_rr *cur_rr,
- ldns_rr *cur_sig_rr);
-
-/**
- * Sub function for derive_trust_tree that is used for DS rrsets
- *
- * \param[in] new_tree The trust tree that we are building
- * \param[in] data_chain The data chain containing the data for the trust tree
- * \param[in] cur_rr The currently relevant DS RR
- */
-void ldns_dnssec_derive_trust_tree_ds_rrset(
- ldns_dnssec_trust_tree *new_tree,
- ldns_dnssec_data_chain *data_chain,
- ldns_rr *cur_rr);
-
-/**
- * Sub function for derive_trust_tree that is used when there are no
- * signatures
- *
- * \param[in] new_tree The trust tree that we are building
- * \param[in] data_chain The data chain containing the data for the trust tree
- */
-void ldns_dnssec_derive_trust_tree_no_sig(
- ldns_dnssec_trust_tree *new_tree,
- ldns_dnssec_data_chain *data_chain);
-
-/**
- * Returns OK if there is a trusted path in the tree to one of
- * the DNSKEY or DS RRs in the given list
- *
- * \param *tree The trust tree so search
- * \param *keys A ldns_rr_list of DNSKEY and DS rrs to look for
- * \return LDNS_STATUS_OK if there is a trusted path to one of
- * the keys, or the *first* error encountered
- * if there were no paths
- */
-ldns_status ldns_dnssec_trust_tree_contains_keys(
- ldns_dnssec_trust_tree *tree,
- ldns_rr_list *keys);
-
-/**
- * Verifies a list of signatures for one rrset.
- *
- * \param[in] rrset the rrset to verify
- * \param[in] rrsig a list of signatures to check
- * \param[in] keys a list of keys to check with
- * \param[out] good_keys if this is a (initialized) list, the pointer to keys
- * from keys that validate one of the signatures
- * are added to it
- * \return status LDNS_STATUS_OK if there is at least one correct key
- */
-ldns_status ldns_verify(ldns_rr_list *rrset,
- ldns_rr_list *rrsig,
- const ldns_rr_list *keys,
- ldns_rr_list *good_keys);
-
-/**
- * Verifies a list of signatures for one rrset, but disregard the time.
- * Inception and Expiration are not checked.
- *
- * \param[in] rrset the rrset to verify
- * \param[in] rrsig a list of signatures to check
- * \param[in] keys a list of keys to check with
- * \param[out] good_keys if this is a (initialized) list, the pointer to keys
- * from keys that validate one of the signatures
- * are added to it
- * \return status LDNS_STATUS_OK if there is at least one correct key
- */
-ldns_status ldns_verify_notime(ldns_rr_list *rrset,
- ldns_rr_list *rrsig,
- const ldns_rr_list *keys,
- ldns_rr_list *good_keys);
-
-/**
- * Tries to build an authentication chain from the given
- * keys down to the queried domain.
- *
- * If we find a valid trust path, return the valid keys for the domain.
- *
- * \param[in] res the current resolver
- * \param[in] domain the domain we want valid keys for
- * \param[in] keys the current set of trusted keys
- * \param[out] status pointer to the status variable where the result
- * code will be stored
- * \return the set of trusted keys for the domain, or NULL if no
- * trust path could be built.
- */
-ldns_rr_list *ldns_fetch_valid_domain_keys(const ldns_resolver * res,
- const ldns_rdf * domain,
- const ldns_rr_list * keys,
- ldns_status *status);
-
-/**
- * Validates the DNSKEY RRset for the given domain using the provided
- * trusted keys.
- *
- * \param[in] res the current resolver
- * \param[in] domain the domain we want valid keys for
- * \param[in] keys the current set of trusted keys
- * \return the set of trusted keys for the domain, or NULL if the RRSET
- * could not be validated
- */
-ldns_rr_list *ldns_validate_domain_dnskey (const ldns_resolver *res,
- const ldns_rdf *domain,
- const ldns_rr_list *keys);
-
-/**
- * Validates the DS RRset for the given domain using the provided trusted keys.
- *
- * \param[in] res the current resolver
- * \param[in] domain the domain we want valid keys for
- * \param[in] keys the current set of trusted keys
- * \return the set of trusted keys for the domain, or NULL if the RRSET could not be validated
- */
-ldns_rr_list *ldns_validate_domain_ds(const ldns_resolver *res,
- const ldns_rdf *
- domain,
- const ldns_rr_list * keys);
-
-/**
- * Verifies a list of signatures for one RRset using a valid trust path.
- *
- * \param[in] res the current resolver
- * \param[in] rrset the rrset to verify
- * \param[in] rrsigs a list of signatures to check
- * \param[out] validating_keys if this is a (initialized) list, the
- * keys from keys that validate one of
- * the signatures are added to it
- * \return status LDNS_STATUS_OK if there is at least one correct key
- */
-ldns_status ldns_verify_trusted(ldns_resolver *res,
- ldns_rr_list *rrset,
- ldns_rr_list *rrsigs,
- ldns_rr_list *validating_keys);
-
-/**
- * denial is not just a river in egypt
- *
- * \param[in] rr The (query) RR to check the denial of existence for
- * \param[in] nsecs The list of NSEC RRs that are supposed to deny the
- * existence of the RR
- * \param[in] rrsigs The RRSIG RR covering the NSEC RRs
- * \return LDNS_STATUS_OK if the NSEC RRs deny the existence, error code
- * containing the reason they do not otherwise
- */
-ldns_status ldns_dnssec_verify_denial(ldns_rr *rr,
- ldns_rr_list *nsecs,
- ldns_rr_list *rrsigs);
-
-/**
- * Denial of existence using NSEC3 records
- * Since NSEC3 is a bit more complicated than normal denial, some
- * context arguments are needed
- *
- * \param[in] rr The (query) RR to check the denial of existence for
- * \param[in] nsecs The list of NSEC3 RRs that are supposed to deny the
- * existence of the RR
- * \param[in] rrsigs The RRSIG rr covering the NSEC RRs
- * \param[in] packet_rcode The RCODE value of the packet that provided the
- * NSEC3 RRs
- * \param[in] packet_qtype The original query RR type
- * \param[in] packet_nodata True if the providing packet had an empty ANSWER
- * section
- * \return LDNS_STATUS_OK if the NSEC3 RRs deny the existence, error code
- * containing the reason they do not otherwise
- */
-ldns_status ldns_dnssec_verify_denial_nsec3(ldns_rr *rr,
- ldns_rr_list *nsecs,
- ldns_rr_list *rrsigs,
- ldns_pkt_rcode packet_rcode,
- ldns_rr_type packet_qtype,
- bool packet_nodata);
-
-/**
- * Verifies the already processed data in the buffers
- * This function should probably not be used directly.
- *
- * \param[in] rawsig_buf Buffer containing signature data to use
- * \param[in] verify_buf Buffer containing data to verify
- * \param[in] key_buf Buffer containing key data to use
- * \param[in] algo Signing algorithm
- * \return status LDNS_STATUS_OK if the data verifies. Error if not.
- */
-ldns_status ldns_verify_rrsig_buffers(ldns_buffer *rawsig_buf,
- ldns_buffer *verify_buf,
- ldns_buffer *key_buf,
- uint8_t algo);
-
-/**
- * Like ldns_verify_rrsig_buffers, but uses raw data.
- *
- * \param[in] sig signature data to use
- * \param[in] siglen length of signature data to use
- * \param[in] verify_buf Buffer containing data to verify
- * \param[in] key key data to use
- * \param[in] keylen length of key data to use
- * \param[in] algo Signing algorithm
- * \return status LDNS_STATUS_OK if the data verifies. Error if not.
- */
-ldns_status ldns_verify_rrsig_buffers_raw(unsigned char* sig,
- size_t siglen,
- ldns_buffer *verify_buf,
- unsigned char* key,
- size_t keylen,
- uint8_t algo);
-
-/**
- * Verifies an rrsig. All keys in the keyset are tried.
- * \param[in] rrset the rrset to check
- * \param[in] rrsig the signature of the rrset
- * \param[in] keys the keys to try
- * \param[out] good_keys if this is a (initialized) list, the pointer to keys
- * from keys that validate one of the signatures
- * are added to it
- * \return a list of keys which validate the rrsig + rrset. Returns
- * status LDNS_STATUS_OK if at least one key matched. Else an error.
- */
-ldns_status ldns_verify_rrsig_keylist(ldns_rr_list *rrset,
- ldns_rr *rrsig,
- const ldns_rr_list *keys,
- ldns_rr_list *good_keys);
-
-/**
- * Verifies an rrsig. All keys in the keyset are tried. Time is not checked.
- * \param[in] rrset the rrset to check
- * \param[in] rrsig the signature of the rrset
- * \param[in] keys the keys to try
- * \param[out] good_keys if this is a (initialized) list, the pointer to keys
- * from keys that validate one of the signatures
- * are added to it
- * \return a list of keys which validate the rrsig + rrset. Returns
- * status LDNS_STATUS_OK if at least one key matched. Else an error.
- */
-ldns_status ldns_verify_rrsig_keylist_notime(ldns_rr_list *rrset,
- ldns_rr *rrsig,
- const ldns_rr_list *keys,
- ldns_rr_list *good_keys);
-
-/**
- * verify an rrsig with 1 key
- * \param[in] rrset the rrset
- * \param[in] rrsig the rrsig to verify
- * \param[in] key the key to use
- * \return status message wether verification succeeded.
- */
-ldns_status ldns_verify_rrsig(ldns_rr_list *rrset,
- ldns_rr *rrsig,
- ldns_rr *key);
-
-/**
- * verifies a buffer with signature data for a buffer with rrset data
- * with an EVP_PKEY
- *
- * \param[in] sig the signature data
- * \param[in] rrset the rrset data, sorted and processed for verification
- * \param[in] key the EVP key structure
- * \param[in] digest_type The digest type of the signature
- */
-#ifdef HAVE_SSL
-ldns_status ldns_verify_rrsig_evp(ldns_buffer *sig,
- ldns_buffer *rrset,
- EVP_PKEY *key,
- const EVP_MD *digest_type);
-#endif
-
-/**
- * Like ldns_verify_rrsig_evp, but uses raw signature data.
- * \param[in] sig the signature data, wireformat uncompressed
- * \param[in] siglen length of the signature data
- * \param[in] rrset the rrset data, sorted and processed for verification
- * \param[in] key the EVP key structure
- * \param[in] digest_type The digest type of the signature
- */
-#ifdef HAVE_SSL
-ldns_status ldns_verify_rrsig_evp_raw(unsigned char *sig,
- size_t siglen,
- ldns_buffer *rrset,
- EVP_PKEY *key,
- const EVP_MD *digest_type);
-#endif
-
-/**
- * verifies a buffer with signature data (DSA) for a buffer with rrset data
- * with a buffer with key data.
- *
- * \param[in] sig the signature data
- * \param[in] rrset the rrset data, sorted and processed for verification
- * \param[in] key the key data
- */
-ldns_status ldns_verify_rrsig_dsa(ldns_buffer *sig,
- ldns_buffer *rrset,
- ldns_buffer *key);
-
-/**
- * verifies a buffer with signature data (RSASHA1) for a buffer with rrset data
- * with a buffer with key data.
- *
- * \param[in] sig the signature data
- * \param[in] rrset the rrset data, sorted and processed for verification
- * \param[in] key the key data
- */
-ldns_status ldns_verify_rrsig_rsasha1(ldns_buffer *sig,
- ldns_buffer *rrset,
- ldns_buffer *key);
-
-/**
- * verifies a buffer with signature data (RSAMD5) for a buffer with rrset data
- * with a buffer with key data.
- *
- * \param[in] sig the signature data
- * \param[in] rrset the rrset data, sorted and processed for verification
- * \param[in] key the key data
- */
-ldns_status ldns_verify_rrsig_rsamd5(ldns_buffer *sig,
- ldns_buffer *rrset,
- ldns_buffer *key);
-
-/**
- * Like ldns_verify_rrsig_dsa, but uses raw signature and key data.
- * \param[in] sig raw uncompressed wireformat signature data
- * \param[in] siglen length of signature data
- * \param[in] rrset ldns buffer with prepared rrset data.
- * \param[in] key raw uncompressed wireformat key data
- * \param[in] keylen length of key data
- */
-ldns_status ldns_verify_rrsig_dsa_raw(unsigned char* sig,
- size_t siglen,
- ldns_buffer* rrset,
- unsigned char* key,
- size_t keylen);
-
-/**
- * Like ldns_verify_rrsig_rsasha1, but uses raw signature and key data.
- * \param[in] sig raw uncompressed wireformat signature data
- * \param[in] siglen length of signature data
- * \param[in] rrset ldns buffer with prepared rrset data.
- * \param[in] key raw uncompressed wireformat key data
- * \param[in] keylen length of key data
- */
-ldns_status ldns_verify_rrsig_rsasha1_raw(unsigned char* sig,
- size_t siglen,
- ldns_buffer* rrset,
- unsigned char* key,
- size_t keylen);
-
-/**
- * Like ldns_verify_rrsig_rsasha256, but uses raw signature and key data.
- * \param[in] sig raw uncompressed wireformat signature data
- * \param[in] siglen length of signature data
- * \param[in] rrset ldns buffer with prepared rrset data.
- * \param[in] key raw uncompressed wireformat key data
- * \param[in] keylen length of key data
- */
-
-ldns_status ldns_verify_rrsig_rsasha256_raw(unsigned char* sig,
- size_t siglen,
- ldns_buffer* rrset,
- unsigned char* key,
- size_t keylen);
-
-/**
- * Like ldns_verify_rrsig_rsasha512, but uses raw signature and key data.
- * \param[in] sig raw uncompressed wireformat signature data
- * \param[in] siglen length of signature data
- * \param[in] rrset ldns buffer with prepared rrset data.
- * \param[in] key raw uncompressed wireformat key data
- * \param[in] keylen length of key data
- */
-ldns_status ldns_verify_rrsig_rsasha512_raw(unsigned char* sig,
- size_t siglen,
- ldns_buffer* rrset,
- unsigned char* key,
- size_t keylen);
-
-/**
- * Like ldns_verify_rrsig_rsamd5, but uses raw signature and key data.
- * \param[in] sig raw uncompressed wireformat signature data
- * \param[in] siglen length of signature data
- * \param[in] rrset ldns buffer with prepared rrset data.
- * \param[in] key raw uncompressed wireformat key data
- * \param[in] keylen length of key data
- */
-ldns_status ldns_verify_rrsig_rsamd5_raw(unsigned char* sig,
- size_t siglen,
- ldns_buffer* rrset,
- unsigned char* key,
- size_t keylen);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
-
+++ /dev/null
-/*
- * special zone file structures and functions for better dnssec handling
- *
- * A zone contains a SOA dnssec_zone_rrset, and an AVL tree of 'normal'
- * dnssec_zone_rrsets, indexed by name and type
- */
-
-#ifndef LDNS_DNSSEC_ZONE_H
-#define LDNS_DNSSEC_ZONE_H
-
-#include <ldns/ldns.h>
-#include <ldns/rbtree.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * Singly linked list of rrs
- */
-typedef struct ldns_struct_dnssec_rrs ldns_dnssec_rrs;
-struct ldns_struct_dnssec_rrs
-{
- ldns_rr *rr;
- ldns_dnssec_rrs *next;
-};
-
-/**
- * Singly linked list of RRsets
- */
-typedef struct ldns_struct_dnssec_rrsets ldns_dnssec_rrsets;
-struct ldns_struct_dnssec_rrsets
-{
- ldns_dnssec_rrs *rrs;
- ldns_rr_type type;
- ldns_dnssec_rrs *signatures;
- ldns_dnssec_rrsets *next;
-};
-
-/**
- * Structure containing all resource records for a domain name
- * Including the derived NSEC3, if present
- */
-typedef struct ldns_struct_dnssec_name ldns_dnssec_name;
-struct ldns_struct_dnssec_name
-{
- /**
- * pointer to a dname containing the name.
- * Usually points to the owner name of the first RR of the first RRset
- */
- ldns_rdf *name;
- /**
- * Usually, the name is a pointer to the owner name of the first rr for
- * this name, but sometimes there is no actual data to point to,
- * for instance in
- * names representing empty nonterminals. If so, set alloced to true to
- * indicate that this data must also be freed when the name is freed
- */
- bool name_alloced;
- /**
- * The rrsets for this name
- */
- ldns_dnssec_rrsets *rrsets;
- /**
- * NSEC pointing to the next name (or NSEC3 pointing to the next NSEC3)
- */
- ldns_rr *nsec;
- /**
- * signatures for the NSEC record
- */
- ldns_dnssec_rrs *nsec_signatures;
- /**
- * Set to true if this name is glue
- * (as marked by ldns_dnssec_zone_mark_glue())
- */
- bool is_glue;
- /**
- * pointer to store the hashed name (only used when in an NSEC3 zone
- */
- ldns_rdf *hashed_name;
-};
-
-/**
- * Structure containing a dnssec zone
- */
-struct ldns_struct_dnssec_zone {
- /** points to the name containing the SOA RR */
- ldns_dnssec_name *soa;
- /** tree of ldns_dnssec_names */
- ldns_rbtree_t *names;
-};
-typedef struct ldns_struct_dnssec_zone ldns_dnssec_zone;
-
-/**
- * Creates a new entry for 1 pointer to an rr and 1 pointer to the next rrs
- * \return the allocated data
- */
-ldns_dnssec_rrs *ldns_dnssec_rrs_new();
-
-/**
- * Frees the list of rrs, but *not* the individual ldns_rr records
- * contained in the list
- *
- * \param[in] rrs the data structure to free
- */
-void ldns_dnssec_rrs_free(ldns_dnssec_rrs *rrs);
-
-/**
- * Frees the list of rrs, and the individual ldns_rr records
- * contained in the list
- *
- * \param[in] rrs the data structure to free
- */
-void ldns_dnssec_rrs_deep_free(ldns_dnssec_rrs *rrs);
-
-/**
- * Adds an RR to the list of RRs. The list will remain ordered
- *
- * \param[in] rrs the list to add to
- * \param[in] rr the RR to add
- * \return LDNS_STATUS_OK on success
- */
-ldns_status ldns_dnssec_rrs_add_rr(ldns_dnssec_rrs *rrs, ldns_rr *rr);
-
-/**
- * Prints the given rrs to the file descriptor
- *
- * \param[in] out the file descriptor to print to
- * \param[in] rrs the list of RRs to print
- */
-void ldns_dnssec_rrs_print(FILE *out, ldns_dnssec_rrs *rrs);
-
-/**
- * Creates a new list (entry) of RRsets
- * \return the newly allocated structure
- */
-ldns_dnssec_rrsets *ldns_dnssec_rrsets_new();
-
-/**
- * Frees the list of rrsets and their rrs, but *not* the ldns_rr
- * records in the sets
- *
- * \param[in] rrsets the data structure to free
- */
-void ldns_dnssec_rrsets_free(ldns_dnssec_rrsets *rrsets);
-
-/**
- * Frees the list of rrsets and their rrs, and the ldns_rr
- * records in the sets
- *
- * \param[in] rrsets the data structure to free
- */
-void ldns_dnssec_rrsets_deep_free(ldns_dnssec_rrsets *rrsets);
-
-/**
- * Returns the rr type of the rrset (that is head of the given list)
- *
- * \param[in] rrsets the rrset to get the type of
- * \return the rr type
- */
-ldns_rr_type ldns_dnssec_rrsets_type(ldns_dnssec_rrsets *rrsets);
-
-/**
- * Sets the RR type of the rrset (that is head of the given list)
- *
- * \param[in] rrsets the rrset to set the type of
- * \param[in] type the type to set
- * \return LDNS_STATUS_OK on success
- */
-ldns_status ldns_dnssec_rrsets_set_type(ldns_dnssec_rrsets *rrsets,
- ldns_rr_type type);
-
-/**
- * Add an ldns_rr to the corresponding RRset in the given list of RRsets.
- * If it is not present, add it as a new RRset with 1 record.
- *
- * \param[in] rrsets the list of rrsets to add the RR to
- * \param[in] rr the rr to add to the list of rrsets
- * \return LDNS_STATUS_OK on success
- */
-ldns_status ldns_dnssec_rrsets_add_rr(ldns_dnssec_rrsets *rrsets, ldns_rr *rr);
-
-/**
- * Print the given list of rrsets to the fiven file descriptor
- *
- * \param[in] out the file descriptor to print to
- * \param[in] rrsets the list of RRsets to print
- * \param[in] follow if set to false, only print the first RRset
- */
-void ldns_dnssec_rrsets_print(FILE *out,
- ldns_dnssec_rrsets *rrsets,
- bool follow);
-
-/**
- * Create a new data structure for a dnssec name
- * \return the allocated structure
- */
-ldns_dnssec_name *ldns_dnssec_name_new();
-
-/**
- * Create a new data structure for a dnssec name for the given RR
- *
- * \param[in] rr the RR to derive properties from, and to add to the name
- */
-ldns_dnssec_name *ldns_dnssec_name_new_frm_rr(ldns_rr *rr);
-
-/**
- * Frees the name structure and its rrs and rrsets.
- * Individual ldns_rr records therein are not freed
- *
- * \param[in] name the structure to free
- */
-void ldns_dnssec_name_free(ldns_dnssec_name *name);
-
-/**
- * Frees the name structure and its rrs and rrsets.
- * Individual ldns_rr records contained in the name are also freed
- *
- * \param[in] name the structure to free
- */
-void ldns_dnssec_name_deep_free(ldns_dnssec_name *name);
-
-/**
- * Returns the domain name of the given dnssec_name structure
- *
- * \param[in] name the dnssec name to get the domain name from
- * \return the domain name
- */
-ldns_rdf *ldns_dnssec_name_name(ldns_dnssec_name *name);
-
-
-/**
- * Sets the domain name of the given dnssec_name structure
- *
- * \param[in] name the dnssec name to set the domain name of
- * \param[in] dname the domain name to set it to. This data is *not* copied.
- */
-void ldns_dnssec_name_set_name(ldns_dnssec_name *name,
- ldns_rdf *dname);
-
-/**
- * Sets the NSEC(3) RR of the given dnssec_name structure
- *
- * \param[in] name the dnssec name to set the domain name of
- * \param[in] nsec the nsec rr to set it to. This data is *not* copied.
- */
-void ldns_dnssec_name_set_nsec(ldns_dnssec_name *name, ldns_rr *nsec);
-
-/**
- * Compares the domain names of the two arguments in their
- * canonical ordening.
- *
- * \param[in] a The first dnssec_name to compare
- * \param[in] b The second dnssec_name to compare
- * \return -1 if the domain name of a comes before that of b in canonical
- * ordening, 1 if it is the other way around, and 0 if they are
- * equal
- */
-int ldns_dnssec_name_cmp(const void *a, const void *b);
-
-/**
- * Inserts the given rr at the right place in the current dnssec_name
- * No checking is done whether the name matches
- *
- * \param[in] name The ldns_dnssec_name to add the RR to
- * \param[in] rr The RR to add
- * \return LDNS_STATUS_OK on success, error code otherwise
- */
-ldns_status ldns_dnssec_name_add_rr(ldns_dnssec_name *name,
- ldns_rr *rr);
-
-/**
- * Find the RRset with the given type in within this name structure
- *
- * \param[in] name the name to find the RRset in
- * \param[in] type the type of the RRset to find
- * \return the RRset, or NULL if not present
- */
-ldns_dnssec_rrsets *ldns_dnssec_name_find_rrset(ldns_dnssec_name *name,
- ldns_rr_type type);
-
-/**
- * Find the RRset with the given name and type in the zone
- *
- * \param[in] zone the zone structure to find the RRset in
- * \param[in] dname the domain name of the RRset to find
- * \param[in] type the type of the RRset to find
- * \return the RRset, or NULL if not present
- */
-ldns_dnssec_rrsets *ldns_dnssec_zone_find_rrset(ldns_dnssec_zone *zone,
- ldns_rdf *dname,
- ldns_rr_type type);
-
-/**
- * Prints the RRs in the dnssec name structure to the given
- * file descriptor
- *
- * \param[in] out the file descriptor to print to
- * \param[in] name the name structure to print the contents of
- */
-void ldns_dnssec_name_print(FILE *out, ldns_dnssec_name *name);
-
-/**
- * Creates a new dnssec_zone structure
- * \return the allocated structure
- */
-ldns_dnssec_zone *ldns_dnssec_zone_new();
-
-/**
- * Frees the given zone structure, and its rbtree of dnssec_names
- * Individual ldns_rr RRs within those names are *not* freed
- * \param[in] *zone the zone to free
- */
-void ldns_dnssec_zone_free(ldns_dnssec_zone *zone);
-
-/**
- * Frees the given zone structure, and its rbtree of dnssec_names
- * Individual ldns_rr RRs within those names are also freed
- * \param[in] *zone the zone to free
- */
-void ldns_dnssec_zone_deep_free(ldns_dnssec_zone *zone);
-
-/**
- * Adds the given RR to the zone.
- * It find whether there is a dnssec_name with that name present.
- * If so, add it to that, if not create a new one.
- * Special handling of NSEC and RRSIG provided
- *
- * \param[in] zone the zone to add the RR to
- * \param[in] rr The RR to add
- * \return LDNS_STATUS_OK on success, an error code otherwise
- */
-ldns_status ldns_dnssec_zone_add_rr(ldns_dnssec_zone *zone,
- ldns_rr *rr);
-
-/**
- * Prints the rbtree of ldns_dnssec_name structures to the file descriptor
- *
- * \param[in] out the file descriptor to print the names to
- * \param[in] tree the tree of ldns_dnssec_name structures to print
- * \param[in] print_soa if true, print SOA records, if false, skip them
- */
-void ldns_dnssec_zone_names_print(FILE *out, ldns_rbtree_t *tree, bool print_soa);
-
-/**
- * Prints the complete zone to the given file descriptor
- *
- * \param[in] out the file descriptor to print to
- * \param[in] zone the dnssec_zone to print
- */
-void ldns_dnssec_zone_print(FILE *out, ldns_dnssec_zone *zone);
-
-/**
- * Adds explicit dnssec_name structures for the empty nonterminals
- * in this zone. (this is needed for NSEC3 generation)
- *
- * \param[in] zone the zone to check for empty nonterminals
- * return LDNS_STATUS_OK on success.
- */
-ldns_status ldns_dnssec_zone_add_empty_nonterminals(ldns_dnssec_zone *zone);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+++ /dev/null
-/**
- * \file error.h
- *
- * Defines error numbers and functions to translate those to a readable string.
- *
- */
-
-/**
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2005-2006
- *
- * See the file LICENSE for the license
- */
-
-#ifndef LDNS_ERROR_H
-#define LDNS_ERROR_H
-
-#include <ldns/util.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-enum ldns_enum_status {
- LDNS_STATUS_OK,
- LDNS_STATUS_EMPTY_LABEL,
- LDNS_STATUS_LABEL_OVERFLOW,
- LDNS_STATUS_DOMAINNAME_OVERFLOW,
- LDNS_STATUS_DOMAINNAME_UNDERFLOW,
- LDNS_STATUS_DDD_OVERFLOW,
- LDNS_STATUS_PACKET_OVERFLOW,
- LDNS_STATUS_INVALID_POINTER,
- LDNS_STATUS_MEM_ERR,
- LDNS_STATUS_INTERNAL_ERR,
- LDNS_STATUS_SSL_ERR,
- LDNS_STATUS_ERR,
- LDNS_STATUS_INVALID_INT,
- LDNS_STATUS_INVALID_IP4,
- LDNS_STATUS_INVALID_IP6,
- LDNS_STATUS_INVALID_STR,
- LDNS_STATUS_INVALID_B32_EXT,
- LDNS_STATUS_INVALID_B64,
- LDNS_STATUS_INVALID_HEX,
- LDNS_STATUS_INVALID_TIME,
- LDNS_STATUS_NETWORK_ERR,
- LDNS_STATUS_ADDRESS_ERR,
- LDNS_STATUS_FILE_ERR,
- LDNS_STATUS_UNKNOWN_INET,
- LDNS_STATUS_NOT_IMPL,
- LDNS_STATUS_NULL,
- LDNS_STATUS_CRYPTO_UNKNOWN_ALGO,
- LDNS_STATUS_CRYPTO_ALGO_NOT_IMPL,
- LDNS_STATUS_CRYPTO_NO_RRSIG,
- LDNS_STATUS_CRYPTO_NO_DNSKEY,
- LDNS_STATUS_CRYPTO_NO_TRUSTED_DNSKEY,
- LDNS_STATUS_CRYPTO_NO_DS,
- LDNS_STATUS_CRYPTO_NO_TRUSTED_DS,
- LDNS_STATUS_CRYPTO_NO_MATCHING_KEYTAG_DNSKEY,
- LDNS_STATUS_CRYPTO_VALIDATED,
- LDNS_STATUS_CRYPTO_BOGUS,
- LDNS_STATUS_CRYPTO_SIG_EXPIRED,
- LDNS_STATUS_CRYPTO_SIG_NOT_INCEPTED,
- LDNS_STATUS_CRYPTO_TSIG_BOGUS,
- LDNS_STATUS_CRYPTO_TSIG_ERR,
- LDNS_STATUS_CRYPTO_EXPIRATION_BEFORE_INCEPTION,
- LDNS_STATUS_CRYPTO_TYPE_COVERED_ERR,
- LDNS_STATUS_ENGINE_KEY_NOT_LOADED,
- LDNS_STATUS_NSEC3_ERR,
- LDNS_STATUS_RES_NO_NS,
- LDNS_STATUS_RES_QUERY,
- LDNS_STATUS_WIRE_INCOMPLETE_HEADER,
- LDNS_STATUS_WIRE_INCOMPLETE_QUESTION,
- LDNS_STATUS_WIRE_INCOMPLETE_ANSWER,
- LDNS_STATUS_WIRE_INCOMPLETE_AUTHORITY,
- LDNS_STATUS_WIRE_INCOMPLETE_ADDITIONAL,
- LDNS_STATUS_NO_DATA,
- LDNS_STATUS_CERT_BAD_ALGORITHM,
- LDNS_STATUS_SYNTAX_TYPE_ERR,
- LDNS_STATUS_SYNTAX_CLASS_ERR,
- LDNS_STATUS_SYNTAX_TTL_ERR,
- LDNS_STATUS_SYNTAX_INCLUDE_ERR_NOTIMPL,
- LDNS_STATUS_SYNTAX_RDATA_ERR,
- LDNS_STATUS_SYNTAX_DNAME_ERR,
- LDNS_STATUS_SYNTAX_VERSION_ERR,
- LDNS_STATUS_SYNTAX_ALG_ERR,
- LDNS_STATUS_SYNTAX_KEYWORD_ERR,
- LDNS_STATUS_SYNTAX_TTL,
- LDNS_STATUS_SYNTAX_ORIGIN,
- LDNS_STATUS_SYNTAX_INCLUDE,
- LDNS_STATUS_SYNTAX_EMPTY,
- LDNS_STATUS_SYNTAX_ITERATIONS_OVERFLOW,
- LDNS_STATUS_SYNTAX_MISSING_VALUE_ERR,
- LDNS_STATUS_SYNTAX_INTEGER_OVERFLOW,
- LDNS_STATUS_SYNTAX_BAD_ESCAPE,
- LDNS_STATUS_SOCKET_ERROR,
- LDNS_STATUS_SYNTAX_ERR,
- LDNS_STATUS_DNSSEC_EXISTENCE_DENIED,
- LDNS_STATUS_DNSSEC_NSEC_RR_NOT_COVERED,
- LDNS_STATUS_DNSSEC_NSEC_WILDCARD_NOT_COVERED,
- LDNS_STATUS_DNSSEC_NSEC3_ORIGINAL_NOT_FOUND
-};
-typedef enum ldns_enum_status ldns_status;
-
-extern ldns_lookup_table ldns_error_str[];
-
-/**
- * look up a descriptive text by each error. This function
- * could use a better name
- * \param[in] err ldns_status number
- * \return the string for that error
- */
-const char *ldns_get_errorstr_by_id(ldns_status err);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* LDNS_ERROR_H */
+++ /dev/null
-/**
- * \file higher.h
- *
- * Specifies some higher level functions that could
- * be useful for certain applications
- */
-
-/*
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2005-2006
- *
- * See the file LICENSE for the license
- */
-
-#ifndef LDNS_HIGHER_H
-#define LDNS_HIGHER_H
-
-#include <ldns/resolver.h>
-#include <ldns/rdata.h>
-#include <ldns/rr.h>
-#include <ldns/host2str.h>
-#include <ldns/tsig.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * Ask the resolver about name
- * and return all address records
- * \param[in] r the resolver to use
- * \param[in] name the name to look for
- * \param[in] c the class to use
- * \param[in] flags give some optional flags to the query
- */
-ldns_rr_list *ldns_get_rr_list_addr_by_name(ldns_resolver *r, ldns_rdf *name, ldns_rr_class c, uint16_t flags);
-
-/**
- * ask the resolver about the address
- * and return the name
- * \param[in] r the resolver to use
- * \param[in] addr the addr to look for
- * \param[in] c the class to use
- * \param[in] flags give some optional flags to the query
- */
-ldns_rr_list *ldns_get_rr_list_name_by_addr(ldns_resolver *r, ldns_rdf *addr, ldns_rr_class c, uint16_t flags);
-
-/**
- * wade through fp (a /etc/hosts like file)
- * and return a rr_list containing all the
- * defined hosts in there
- * \param[in] fp the file pointer to use
- * \return ldns_rr_list * with the names
- */
-ldns_rr_list *ldns_get_rr_list_hosts_frm_fp(FILE *fp);
-
-/**
- * wade through fp (a /etc/hosts like file)
- * and return a rr_list containing all the
- * defined hosts in there
- * \param[in] fp the file pointer to use
- * \param[in] line_nr pointer to an integer containing the current line number (for debugging purposes)
- * \return ldns_rr_list * with the names
- */
-ldns_rr_list *ldns_get_rr_list_hosts_frm_fp_l(FILE *fp, int *line_nr);
-
-/**
- * wade through fp (a /etc/hosts like file)
- * and return a rr_list containing all the
- * defined hosts in there
- * \param[in] filename the filename to use (NULL for /etc/hosts)
- * \return ldns_rr_list * with the names
- */
-ldns_rr_list *ldns_get_rr_list_hosts_frm_file(char *filename);
-
-/**
- * This function is a wrapper function for ldns_get_rr_list_name_by_addr
- * and ldns_get_rr_list_addr_by_name. It's name is from the getaddrinfo()
- * library call. It tries to mimic that call, but without the lowlevel
- * stuff.
- * \param[in] res The resolver. If this value is NULL then a resolver will
- * be created by ldns_getaddrinfo.
- * \param[in] node the name or ip address to look up
- * \param[in] c the class to look in
- * \param[out] list put the found RR's in this list
- * \return the number of RR found.
- */
-uint16_t ldns_getaddrinfo(ldns_resolver *res, ldns_rdf *node, ldns_rr_class c, ldns_rr_list **list);
-
-/**
- * Check if t is enumerated in the nsec type rdata
- * \param[in] nsec the NSEC Record to look in
- * \param[in] t the type to check for
- * \return true when t is found, otherwise return false
- */
-bool ldns_nsec_type_check(ldns_rr *nsec, ldns_rr_type t);
-
-/**
- * Print a number of rdf's of the RR. The rdfnum-list must
- * be ended by -1, otherwise unpredictable things might happen.
- * rdfs may be printed multiple times
- * \param[in] fp FILE * to write to
- * \param[in] r RR to write
- * \param[in] rdfnum a list of rdf to print.
- */
-void ldns_print_rr_rdf(FILE *fp, ldns_rr *r, int rdfnum, ...);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* LDNS_HIGHER_H */
+++ /dev/null
-/**
- * host2str.h - txt presentation of RRs
- *
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2005-2006
- *
- * See the file LICENSE for the license
- */
-
-/**
- * \file
- *
- * Contains functions to translate the main structures to their text
- * representation, as well as functions to print them.
- */
-
-#ifndef LDNS_HOST2STR_H
-#define LDNS_HOST2STR_H
-
-#include <ldns/common.h>
-#include <ldns/error.h>
-#include <ldns/rr.h>
-#include <ldns/rdata.h>
-#include <ldns/packet.h>
-#include <ldns/buffer.h>
-#include <ldns/resolver.h>
-#include <ldns/zone.h>
-#include <ctype.h>
-
-#include "ldns/util.h"
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define LDNS_APL_IP4 1
-#define LDNS_APL_IP6 2
-#define LDNS_APL_MASK 0x7f
-#define LDNS_APL_NEGATION 0x80
-
-/**
- * Converts an ldns packet opcode value to its mnemonic, and adds that
- * to the output buffer
- * \param[in] *output the buffer to add the data to
- * \param[in] opcode to find the string representation of
- * \return LDNS_STATUS_OK on success, or a buffer failure mode on error
- */
-ldns_status
-ldns_pkt_opcode2buffer_str(ldns_buffer *output, ldns_pkt_opcode opcode);
-
-/**
- * Converts an ldns packet rcode value to its mnemonic, and adds that
- * to the output buffer
- * \param[in] *output the buffer to add the data to
- * \param[in] rcode to find the string representation of
- * \return LDNS_STATUS_OK on success, or a buffer failure mode on error
- */
-ldns_status
-ldns_pkt_rcode2buffer_str(ldns_buffer *output, ldns_pkt_rcode rcode);
-
-/**
- * Converts an ldns algorithm type to its mnemonic, and adds that
- * to the output buffer
- * \param[in] *output the buffer to add the data to
- * \param[in] algorithm to find the string representation of
- * \return LDNS_STATUS_OK on success, or a buffer failure mode on error
- */
-ldns_status
-ldns_algorithm2buffer_str(ldns_buffer *output,
- ldns_algorithm algorithm);
-
-/**
- * Converts an ldns certificate algorithm type to its mnemonic,
- * and adds that to the output buffer
- * \param[in] *output the buffer to add the data to
- * \param[in] cert_algorithm to find the string representation of
- * \return LDNS_STATUS_OK on success, or a buffer failure mode on error
- */
-ldns_status
-ldns_cert_algorithm2buffer_str(ldns_buffer *output,
- ldns_cert_algorithm cert_algorithm);
-
-
-/**
- * Converts a packet opcode to its mnemonic and returns that as
- * an allocated null-terminated string.
- * Remember to free it.
- *
- * \param[in] opcode the opcode to convert to text
- * \return null terminated char * data, or NULL on error
- */
-char *ldns_pkt_opcode2str(ldns_pkt_opcode opcode);
-
-/**
- * Converts a packet rcode to its mnemonic and returns that as
- * an allocated null-terminated string.
- * Remember to free it.
- *
- * \param[in] rcode the rcode to convert to text
- * \return null terminated char * data, or NULL on error
- */
-char *ldns_pkt_rcode2str(ldns_pkt_rcode rcode);
-
-/**
- * Converts a signing algorithms to its mnemonic and returns that as
- * an allocated null-terminated string.
- * Remember to free it.
- *
- * \param[in] algorithm the algorithm to convert to text
- * \return null terminated char * data, or NULL on error
- */
-char *ldns_pkt_algorithm2str(ldns_algorithm algorithm);
-
-/**
- * Converts a cert algorithm to its mnemonic and returns that as
- * an allocated null-terminated string.
- * Remember to free it.
- *
- * \param[in] cert_algorithm to convert to text
- * \return null terminated char * data, or NULL on error
- */
-char *ldns_pkt_cert_algorithm2str(ldns_cert_algorithm cert_algorithm);
-
-/**
- * Converts an LDNS_RDF_TYPE_A rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_a(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Converts an LDNS_RDF_TYPE_AAAA rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_aaaa(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Converts an LDNS_RDF_TYPE_STR rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_str(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Converts an LDNS_RDF_TYPE_B64 rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_b64(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Converts an LDNS_RDF_TYPE_B32_EXT rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_b32_ext(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Converts an LDNS_RDF_TYPE_HEX rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_hex(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Converts an LDNS_RDF_TYPE_TYPE rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_type(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Converts an LDNS_RDF_TYPE_CLASS rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_class(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Converts an LDNS_RDF_TYPE_ALG rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_alg(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Converts an ldns_rr_type value to its string representation,
- * and places it in the given buffer
- * \param[in] *output The buffer to add the data to
- * \param[in] type the ldns_rr_type to convert
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rr_type2buffer_str(ldns_buffer *output,
- const ldns_rr_type type);
-
-/**
- * Converts an ldns_rr_type value to its string representation,
- * and returns that string. For unknown types, the string
- * "TYPE<id>" is returned. This function allocates data that must be
- * freed by the caller
- * \param[in] type the ldns_rr_type to convert
- * \return a newly allocated string
- */
-char *ldns_rr_type2str(const ldns_rr_type type);
-
-/**
- * Converts an ldns_rr_class value to its string representation,
- * and places it in the given buffer
- * \param[in] *output The buffer to add the data to
- * \param[in] klass the ldns_rr_class to convert
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rr_class2buffer_str(ldns_buffer *output,
- const ldns_rr_class klass);
-
-/**
- * Converts an ldns_rr_class value to its string representation,
- * and returns that string. For unknown types, the string
- * "CLASS<id>" is returned. This function allocates data that must be
- * freed by the caller
- * \param[in] klass the ldns_rr_class to convert
- * \return a newly allocated string
- */
-char *ldns_rr_class2str(const ldns_rr_class klass);
-
-
-/**
- * Converts an LDNS_RDF_TYPE_CERT rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_cert_alg(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Converts an LDNS_RDF_TYPE_LOC rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_loc(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Converts an LDNS_RDF_TYPE_UNKNOWN rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_unknown(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Converts an LDNS_RDF_TYPE_NSAP rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_nsap(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Converts an LDNS_RDF_TYPE_ATMA rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_atma(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Converts an LDNS_RDF_TYPE_WKS rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_wks(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Converts an LDNS_RDF_TYPE_NSEC rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_nsec(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Converts an LDNS_RDF_TYPE_PERIOD rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_period(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Converts an LDNS_RDF_TYPE_TSIGTIME rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_tsigtime(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Converts an LDNS_RDF_TYPE_APL rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_apl(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Converts an LDNS_RDF_TYPE_INT16_DATA rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_int16_data(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Converts an LDNS_RDF_TYPE_IPSECKEY rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_ipseckey(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Converts an LDNS_RDF_TYPE_TSIG rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_tsig(ldns_buffer *output, const ldns_rdf *rdf);
-
-
-/**
- * Converts the data in the rdata field to presentation
- * format (as char *) and appends it to the given buffer
- *
- * \param[in] output pointer to the buffer to append the data to
- * \param[in] rdf the pointer to the rdafa field containing the data
- * \return status
- */
-ldns_status ldns_rdf2buffer_str(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Converts the data in the resource record to presentation
- * format (as char *) and appends it to the given buffer
- *
- * \param[in] output pointer to the buffer to append the data to
- * \param[in] rr the pointer to the rr field to convert
- * \return status
- */
-ldns_status ldns_rr2buffer_str(ldns_buffer *output, const ldns_rr *rr);
-
-/**
- * Converts the data in the DNS packet to presentation
- * format (as char *) and appends it to the given buffer
- *
- * \param[in] output pointer to the buffer to append the data to
- * \param[in] pkt the pointer to the packet to convert
- * \return status
- */
-ldns_status ldns_pkt2buffer_str(ldns_buffer *output, const ldns_pkt *pkt);
-
-/**
- * Converts an LDNS_RDF_TYPE_NSEC3_SALT rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_nsec3_salt(ldns_buffer *output, const ldns_rdf *rdf);
-
-
-/**
- * Converts the data in the DNS packet to presentation
- * format (as char *) and appends it to the given buffer
- *
- * \param[in] output pointer to the buffer to append the data to
- * \param[in] k the pointer to the private key to convert
- * \return status
- */
-ldns_status ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k);
-
-/**
- * Converts an LDNS_RDF_TYPE_INT8 rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_int8(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Converts an LDNS_RDF_TYPE_INT16 rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_int16(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Converts an LDNS_RDF_TYPE_INT32 rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_int32(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Converts an LDNS_RDF_TYPE_TIME rdata element to string format and adds it to the output buffer
- * \param[in] *rdf The rdata to convert
- * \param[in] *output The buffer to add the data to
- * \return LDNS_STATUS_OK on success, and error status on failure
- */
-ldns_status ldns_rdf2buffer_str_time(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Converts the data in the rdata field to presentation format and
- * returns that as a char *.
- * Remember to free it.
- *
- * \param[in] rdf The rdata field to convert
- * \return null terminated char * data, or NULL on error
- */
-char *ldns_rdf2str(const ldns_rdf *rdf);
-
-/**
- * Converts the data in the resource record to presentation format and
- * returns that as a char *.
- * Remember to free it.
- *
- * \param[in] rr The rdata field to convert
- * \return null terminated char * data, or NULL on error
- */
-char *ldns_rr2str(const ldns_rr *rr);
-
-/**
- * Converts the data in the DNS packet to presentation format and
- * returns that as a char *.
- * Remember to free it.
- *
- * \param[in] pkt The rdata field to convert
- * \return null terminated char * data, or NULL on error
- */
-char *ldns_pkt2str(const ldns_pkt *pkt);
-
-/**
- * Converts a private key to the test presentation fmt and
- * returns that as a char *.
- * Remember to free it.
- *
- * \param[in] k the key to convert to text
- * \return null terminated char * data, or NULL on error
- */
-char *ldns_key2str(const ldns_key *k);
-
-/**
- * Converts a list of resource records to presentation format
- * and returns that as a char *.
- * Remember to free it.
- *
- * \param[in] rr_list the rr_list to convert to text
- * \return null terminated char * data, or NULL on error
- */
-char *ldns_rr_list2str(const ldns_rr_list *rr_list);
-
-/**
- * Returns the data in the buffer as a null terminated char * string
- * Buffer data must be char * type, and must be freed by the caller
- *
- * \param[in] buffer buffer containing char * data
- * \return null terminated char * data, or NULL on error
- */
-char *ldns_buffer2str(ldns_buffer *buffer);
-
-/**
- * Prints the data in the rdata field to the given file stream
- * (in presentation format)
- *
- * \param[in] output the file stream to print to
- * \param[in] rdf the rdata field to print
- * \return void
- */
-void ldns_rdf_print(FILE *output, const ldns_rdf *rdf);
-
-/**
- * Prints the data in the resource record to the given file stream
- * (in presentation format)
- *
- * \param[in] output the file stream to print to
- * \param[in] rr the resource record to print
- * \return void
- */
-void ldns_rr_print(FILE *output, const ldns_rr *rr);
-
-/**
- * Prints the data in the DNS packet to the given file stream
- * (in presentation format)
- *
- * \param[in] output the file stream to print to
- * \param[in] pkt the packet to print
- * \return void
- */
-void ldns_pkt_print(FILE *output, const ldns_pkt *pkt);
-
-/**
- * Converts a rr_list to presentation format and appends it to
- * the output buffer
- * \param[in] output the buffer to append output to
- * \param[in] list the ldns_rr_list to print
- * \return ldns_status
- */
-ldns_status ldns_rr_list2buffer_str(ldns_buffer *output, const ldns_rr_list *list);
-
-/**
- * Converts the header of a packet to presentation format and appends it to
- * the output buffer
- * \param[in] output the buffer to append output to
- * \param[in] pkt the packet to convert the header of
- * \return ldns_status
- */
-ldns_status ldns_pktheader2buffer_str(ldns_buffer *output, const ldns_pkt *pkt);
-
-/**
- * print a rr_list to output
- * param[in] output the fd to print to
- * param[in] list the rr_list to print
- */
-void ldns_rr_list_print(FILE *output, const ldns_rr_list *list);
-
-/**
- * Print a resolver (in sofar that is possible) state
- * to output.
- * \param[in] output the fd to print to
- * \param[in] r the resolver to print
- */
-void ldns_resolver_print(FILE *output, const ldns_resolver *r);
-
-/**
- * Print a zone structure * to output. Note the SOA record
- * is included in this output
- * \param[in] output the fd to print to
- * \param[in] z the zone to print
- */
-void ldns_zone_print(FILE *output, const ldns_zone *z);
-
-/**
- * Print the ldns_rdf containing a dname to the buffer
- * \param[in] output the buffer to print to
- * \param[in] dname the dname to print
- * \return ldns_status message if the printing succeeded
- */
-ldns_status ldns_rdf2buffer_str_dname(ldns_buffer *output, const ldns_rdf *dname);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* LDNS_HOST2STR_H */
+++ /dev/null
-/*
- * host2wire.h - 2wire conversion routines
- *
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2005-2006
- *
- * See the file LICENSE for the license
- */
-
-/**
- * \file
- *
- * Contains all functions to translate the main structures to wire format
- */
-
-#ifndef LDNS_HOST2WIRE_H
-#define LDNS_HOST2WIRE_H
-
-#include <ldns/common.h>
-#include <ldns/error.h>
-#include <ldns/rr.h>
-#include <ldns/rdata.h>
-#include <ldns/packet.h>
-#include <ldns/buffer.h>
-#include <ctype.h>
-
-#include "ldns/util.h"
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * Copies the dname data to the buffer in wire format
- * \param[out] *buffer buffer to append the result to
- * \param[in] *name rdata dname to convert
- * \return ldns_status
- */
-ldns_status ldns_dname2buffer_wire(ldns_buffer *buffer, const ldns_rdf *name);
-
-/**
- * Copies the rdata data to the buffer in wire format
- * \param[out] *output buffer to append the result to
- * \param[in] *rdf rdata to convert
- * \return ldns_status
- */
-ldns_status ldns_rdf2buffer_wire(ldns_buffer *output, const ldns_rdf *rdf);
-
-/**
- * Copies the rdata data to the buffer in wire format
- * If the rdata is a dname, the letters will be lowercased
- * during the conversion
- * \param[out] *output buffer to append the result to
- * \param[in] *rdf rdata to convert
- * \return ldns_status
- */
-ldns_status ldns_rdf2buffer_wire_canonical(ldns_buffer *output,
- const ldns_rdf *rdf);
-
-/**
- * Copies the rr data to the buffer in wire format
- * \param[out] *output buffer to append the result to
- * \param[in] *rr resource record to convert
- * \param[in] section the section in the packet this rr is supposed to be in
- * (to determine whether to add rdata or not)
- * \return ldns_status
- */
-ldns_status ldns_rr2buffer_wire(ldns_buffer *output,
- const ldns_rr *rr,
- int section);
-
-/**
- * Copies the rr data to the buffer in wire format, in canonical format
- * according to RFC3597 (every dname in rdata fields of RR's mentioned in
- * that RFC will be lowercased)
- * \param[out] *output buffer to append the result to
- * \param[in] *rr resource record to convert
- * \param[in] section the section in the packet this rr is supposed to be in
- * (to determine whether to add rdata or not)
- * \return ldns_status
- */
-ldns_status ldns_rr2buffer_wire_canonical(ldns_buffer *output,
- const ldns_rr *rr,
- int section);
-
-
-/**
- * Converts a rrsig to wireformat BUT EXCLUDE the rrsig rdata
- * This is needed in DNSSEC verification
- * \param[out] output buffer to append the result to
- * \param[in] sigrr signature rr to operate on
- * \return ldns_status
- */
-ldns_status ldns_rrsig2buffer_wire(ldns_buffer *output, const ldns_rr *sigrr);
-
-/**
- * Converts an rr's rdata to wireformat, while excluding
- * the ownername and all the stuff before the rdata.
- * This is needed in DNSSEC keytag calculation, the ds
- * calcalution from the key and maybe elsewhere.
- *
- * \param[out] *output buffer where to put the result
- * \param[in] *rr rr to operate on
- * \return ldns_status
- */
-ldns_status ldns_rr_rdata2buffer_wire(ldns_buffer *output, const ldns_rr *rr);
-
-/**
- * Copies the packet data to the buffer in wire format
- * \param[out] *output buffer to append the result to
- * \param[in] *pkt packet to convert
- * \return ldns_status
- */
-ldns_status ldns_pkt2buffer_wire(ldns_buffer *output, const ldns_pkt *pkt);
-
-/**
- * Copies the rr_list data to the buffer in wire format
- * \param[out] *output buffer to append the result to
- * \param[in] *rrlist rr_list to to convert
- * \return ldns_status
- */
-ldns_status ldns_rr_list2buffer_wire(ldns_buffer *output, const ldns_rr_list *rrlist);
-
-/**
- * Allocates an array of uint8_t at dest, and puts the wireformat of the
- * given rdf in that array. The result_size value contains the
- * length of the array, if it succeeds, and 0 otherwise (in which case
- * the function also returns NULL)
- *
- * \param[out] dest pointer to the array of bytes to be created
- * \param[in] rdf the rdata field to convert
- * \param[out] size the size of the converted result
- */
-ldns_status ldns_rdf2wire(uint8_t **dest, const ldns_rdf *rdf, size_t *size);
-
-/**
- * Allocates an array of uint8_t at dest, and puts the wireformat of the
- * given rr in that array. The result_size value contains the
- * length of the array, if it succeeds, and 0 otherwise (in which case
- * the function also returns NULL)
- *
- * If the section argument is LDNS_SECTION_QUESTION, data like ttl and rdata
- * are not put into the result
- *
- * \param[out] dest pointer to the array of bytes to be created
- * \param[in] rr the rr to convert
- * \param[out] size the size of the converted result
- */
-ldns_status ldns_rr2wire(uint8_t **dest, const ldns_rr *rr, int, size_t *size);
-
-/**
- * Allocates an array of uint8_t at dest, and puts the wireformat of the
- * given packet in that array. The result_size value contains the
- * length of the array, if it succeeds, and 0 otherwise (in which case
- * the function also returns NULL)
- */
-ldns_status ldns_pkt2wire(uint8_t **dest, const ldns_pkt *p, size_t *size);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* LDNS_HOST2WIRE_H */
+++ /dev/null
-/*
- *
- * keys.h
- *
- * priv key definitions
- *
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2005-2006
- *
- * See the file LICENSE for the license
- */
-
-/**
- * \file
- *
- * Addendum to \ref dnssec.h, this module contains key and algorithm definitions and functions.
- */
-
-
-#ifndef LDNS_KEYS_H
-#define LDNS_KEYS_H
-
-#ifdef HAVE_SSL
-#include <openssl/ssl.h>
-#endif /* HAVE_SSL */
-#include <ldns/dnssec.h>
-#include <ldns/util.h>
-#include <errno.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-extern ldns_lookup_table ldns_signing_algorithms[];
-
-#define LDNS_KEY_ZONE_KEY 0x0100 /* rfc 4034 */
-#define LDNS_KEY_SEP_KEY 0x0001 /* rfc 4034 */
-#define LDNS_KEY_REVOKE_KEY 0x0080 /* rfc 5011 */
-
-/**
- * Algorithms used in dns
- */
-enum ldns_enum_algorithm
-{
- LDNS_RSAMD5 = 1, /* RFC 4034,4035 */
- LDNS_DH = 2,
- LDNS_DSA = 3,
- LDNS_ECC = 4,
- LDNS_RSASHA1 = 5,
- LDNS_DSA_NSEC3 = 6,
- LDNS_RSASHA1_NSEC3 = 7,
- LDNS_RSASHA256 = 8, /* RFC 5702 */
- LDNS_RSASHA512 = 10, /* RFC 5702 */
- LDNS_ECC_GOST = 12, /* RFC 5933 */
-#ifdef USE_ECDSA
- /* this ifdef has to be removed once it is no longer experimental,
- * to be able to use these values outside of the ldns library itself */
- LDNS_ECDSAP256SHA256 = 13, /* draft-hoffman-dnssec-ecdsa */
- LDNS_ECDSAP384SHA384 = 14, /* EXPERIMENTAL */
-#endif
- LDNS_INDIRECT = 252,
- LDNS_PRIVATEDNS = 253,
- LDNS_PRIVATEOID = 254
-};
-typedef enum ldns_enum_algorithm ldns_algorithm;
-
-/**
- * Hashing algorithms used in the DS record
- */
-enum ldns_enum_hash
-{
- LDNS_SHA1 = 1, /* RFC 4034 */
- LDNS_SHA256 = 2, /* RFC 4509 */
- LDNS_HASH_GOST = 3 /* RFC 5933 */
-#ifdef USE_ECDSA
- /* this ifdef has to be removed once it is no longer experimental,
- * to be able to use these values outside of the ldns library itself */
- ,LDNS_SHA384 = 4 /* draft-hoffman-dnssec-ecdsa EXPERIMENTAL */
-#endif
-};
-typedef enum ldns_enum_hash ldns_hash;
-
-/**
- * Algorithms used in dns for signing
- */
-enum ldns_enum_signing_algorithm
-{
- LDNS_SIGN_RSAMD5 = LDNS_RSAMD5,
- LDNS_SIGN_RSASHA1 = LDNS_RSASHA1,
- LDNS_SIGN_DSA = LDNS_DSA,
- LDNS_SIGN_RSASHA1_NSEC3 = LDNS_RSASHA1_NSEC3,
- LDNS_SIGN_RSASHA256 = LDNS_RSASHA256,
- LDNS_SIGN_RSASHA512 = LDNS_RSASHA512,
- LDNS_SIGN_DSA_NSEC3 = LDNS_DSA_NSEC3,
- LDNS_SIGN_ECC_GOST = LDNS_ECC_GOST,
-#ifdef USE_ECDSA
- /* this ifdef has to be removed once it is no longer experimental,
- * to be able to use these values outside of the ldns library itself */
- LDNS_SIGN_ECDSAP256SHA256 = LDNS_ECDSAP256SHA256,
- LDNS_SIGN_ECDSAP384SHA384 = LDNS_ECDSAP384SHA384,
-#endif
- LDNS_SIGN_HMACMD5 = 157, /* not official! This type is for TSIG, not DNSSEC */
- LDNS_SIGN_HMACSHA1 = 158, /* not official! This type is for TSIG, not DNSSEC */
- LDNS_SIGN_HMACSHA256 = 159 /* ditto */
-};
-typedef enum ldns_enum_signing_algorithm ldns_signing_algorithm;
-
-/**
- * General key structure, can contain all types of keys that
- * are used in DNSSEC. Mostly used to store private keys, since
- * public keys can also be stored in a \ref ldns_rr with type
- * \ref LDNS_RR_TYPE_DNSKEY.
- *
- * This structure can also store some variables that influence the
- * signatures generated by signing with this key, for instance the
- * inception date.
- */
-struct ldns_struct_key {
- ldns_signing_algorithm _alg;
- /** Whether to use this key when signing */
- bool _use;
- /** Storage pointers for the types of keys supported */
- /* TODO remove unions? */
- struct {
-#ifdef HAVE_SSL
-#ifndef S_SPLINT_S
- /* The key can be an OpenSSL EVP Key
- */
- EVP_PKEY *key;
-#endif
-#endif /* HAVE_SSL */
- /**
- * The key can be an HMAC key
- */
- struct {
- unsigned char *key;
- size_t size;
- } hmac;
- /** the key structure can also just point to some external
- * key data
- */
- void *external_key;
- } _key;
- /** Depending on the key we can have extra data */
- union {
- /** Some values that influence generated signatures */
- struct {
- /** The TTL of the rrset that is currently signed */
- uint32_t orig_ttl;
- /** The inception date of signatures made with this key. */
- uint32_t inception;
- /** The expiration date of signatures made with this key. */
- uint32_t expiration;
- /** The keytag of this key. */
- uint16_t keytag;
- /** The dnssec key flags as specified in RFC4035, like ZSK and KSK */
- uint16_t flags;
- } dnssec;
- } _extra;
- /** Owner name of the key */
- ldns_rdf *_pubkey_owner;
-};
-typedef struct ldns_struct_key ldns_key;
-
-/**
- * Same as rr_list, but now for keys
- */
-struct ldns_struct_key_list
-{
- size_t _key_count;
- ldns_key **_keys;
-};
-typedef struct ldns_struct_key_list ldns_key_list;
-
-
-/**
- * Creates a new empty key list
- * \return a new ldns_key_list structure pointer
- */
-ldns_key_list *ldns_key_list_new();
-
-/**
- * Creates a new empty key structure
- * \return a new ldns_key * structure
- */
-ldns_key *ldns_key_new();
-
-/**
- * Creates a new key based on the algorithm
- *
- * \param[in] a The algorithm to use
- * \param[in] size the number of bytes for the keysize
- * \return a new ldns_key structure with the key
- */
-ldns_key *ldns_key_new_frm_algorithm(ldns_signing_algorithm a, uint16_t size);
-
-/**
- * Creates a new priv key based on the
- * contents of the file pointed by fp.
- *
- * The file should be in Private-key-format v1.2.
- *
- * \param[out] k the new ldns_key structure
- * \param[in] fp the file pointer to use
- * \return an error or LDNS_STATUS_OK
- */
-ldns_status ldns_key_new_frm_fp(ldns_key **k, FILE *fp);
-
-/**
- * Creates a new private key based on the
- * contents of the file pointed by fp
- *
- * The file should be in Private-key-format v1.2.
- *
- * \param[out] k the new ldns_key structure
- * \param[in] fp the file pointer to use
- * \param[in] line_nr pointer to an integer containing the current line number (for debugging purposes)
- * \return an error or LDNS_STATUS_OK
- */
-ldns_status ldns_key_new_frm_fp_l(ldns_key **k, FILE *fp, int *line_nr);
-
-#ifdef HAVE_SSL
-/**
- * Read the key with the given id from the given engine and store it
- * in the given ldns_key structure. The algorithm type is set
- */
-ldns_status ldns_key_new_frm_engine(ldns_key **key, ENGINE *e, char *key_id, ldns_algorithm);
-
-
-/**
- * frm_fp helper function. This function parses the
- * remainder of the (RSA) priv. key file generated from bind9
- * \param[in] fp the file to parse
- * \return NULL on failure otherwise a RSA structure
- */
-RSA *ldns_key_new_frm_fp_rsa(FILE *fp);
-#endif /* HAVE_SSL */
-
-#ifdef HAVE_SSL
-/**
- * frm_fp helper function. This function parses the
- * remainder of the (RSA) priv. key file generated from bind9
- * \param[in] fp the file to parse
- * \param[in] line_nr pointer to an integer containing the current line number (for debugging purposes)
- * \return NULL on failure otherwise a RSA structure
- */
-RSA *ldns_key_new_frm_fp_rsa_l(FILE *fp, int *line_nr);
-#endif /* HAVE_SSL */
-
-#ifdef HAVE_SSL
-/**
- * frm_fp helper function. This function parses the
- * remainder of the (DSA) priv. key file
- * \param[in] fp the file to parse
- * \return NULL on failure otherwise a RSA structure
- */
-DSA *ldns_key_new_frm_fp_dsa(FILE *fp);
-#endif /* HAVE_SSL */
-
-#ifdef HAVE_SSL
-/**
- * frm_fp helper function. This function parses the
- * remainder of the (DSA) priv. key file
- * \param[in] fp the file to parse
- * \param[in] line_nr pointer to an integer containing the current line number (for debugging purposes)
- * \return NULL on failure otherwise a RSA structure
- */
-DSA *ldns_key_new_frm_fp_dsa_l(FILE *fp, int *line_nr);
-#endif /* HAVE_SSL */
-
-#ifdef HAVE_SSL
-/**
- * frm_fp helper function. This function parses the
- * remainder of the (HMAC-MD5) key file
- * This function allocated a buffer that needs to be freed
- * \param[in] fp the file to parse
- * \param[out] hmac_size the number of bits in the resulting buffer
- * \return NULL on failure otherwise a newly allocated char buffer
- */
-unsigned char *ldns_key_new_frm_fp_hmac(FILE *fp, size_t *hmac_size);
-#endif
-
-#ifdef HAVE_SSL
-/**
- * frm_fp helper function. This function parses the
- * remainder of the (HMAC-MD5) key file
- * This function allocated a buffer that needs to be freed
- * \param[in] fp the file to parse
- * \param[in] line_nr pointer to an integer containing the current line number (for error reporting purposes)
- * \param[out] hmac_size the number of bits in the resulting buffer
- * \return NULL on failure otherwise a newly allocated char buffer
- */
-unsigned char *ldns_key_new_frm_fp_hmac_l(FILE *fp, int *line_nr, size_t *hmac_size);
-#endif /* HAVE_SSL */
-
-/* acces write functions */
-/**
- * Set the key's algorithm
- * \param[in] k the key
- * \param[in] l the algorithm
- */
-void ldns_key_set_algorithm(ldns_key *k, ldns_signing_algorithm l);
-#ifdef HAVE_SSL
-/**
- * Set the key's evp key
- * \param[in] k the key
- * \param[in] e the evp key
- */
-void ldns_key_set_evp_key(ldns_key *k, EVP_PKEY *e);
-
-/**
- * Set the key's rsa data
- * \param[in] k the key
- * \param[in] r the rsa data
- */
-void ldns_key_set_rsa_key(ldns_key *k, RSA *r);
-/**
- * Set the key's dsa data
- * \param[in] k the key
- * \param[in] d the dsa data
- */
-void ldns_key_set_dsa_key(ldns_key *k, DSA *d);
-
-/**
- * Get the PKEY id for GOST, loads GOST into openssl as a side effect.
- * Only available if GOST is compiled into the library and openssl.
- * \return the gost id for EVP_CTX creation.
- */
-int ldns_key_EVP_load_gost_id(void);
-
-/** Release the engine reference held for the GOST engine. */
-void ldns_key_EVP_unload_gost(void);
-#endif /* HAVE_SSL */
-
-/**
- * Set the key's hmac data
- * \param[in] k the key
- * \param[in] hmac the raw key data
- */
-void ldns_key_set_hmac_key(ldns_key *k, unsigned char *hmac);
-
-/**
- * Set the key id data. This is used if the key points to
- * some externally stored key data
- *
- * Only the pointer is set, the data there is not copied,
- * and must be freed manually; ldns_key_deep_free() does
- * *not* free this data
- * \param[in] key the key
- * \param[in] external_key key id data
- */
-void ldns_key_set_external_key(ldns_key *key, void *external_key);
-
-/**
- * Set the key's hmac size
- * \param[in] k the key
- * \param[in] hmac_size the size of the hmac data
- */
-void ldns_key_set_hmac_size(ldns_key *k, size_t hmac_size);
-/**
- * Set the key's original ttl
- * \param[in] k the key
- * \param[in] t the ttl
- */
-void ldns_key_set_origttl(ldns_key *k, uint32_t t);
-/**
- * Set the key's inception date (seconds after epoch)
- * \param[in] k the key
- * \param[in] i the inception
- */
-void ldns_key_set_inception(ldns_key *k, uint32_t i);
-/**
- * Set the key's expiration date (seconds after epoch)
- * \param[in] k the key
- * \param[in] e the expiration
- */
-void ldns_key_set_expiration(ldns_key *k, uint32_t e);
-/**
- * Set the key's pubkey owner
- * \param[in] k the key
- * \param[in] r the owner
- */
-void ldns_key_set_pubkey_owner(ldns_key *k, ldns_rdf *r);
-/**
- * Set the key's key tag
- * \param[in] k the key
- * \param[in] tag the keytag
- */
-void ldns_key_set_keytag(ldns_key *k, uint16_t tag);
-/**
- * Set the key's flags
- * \param[in] k the key
- * \param[in] flags the flags
- */
-void ldns_key_set_flags(ldns_key *k, uint16_t flags);
-/**
- * Set the keylist's key count to count
- * \param[in] key the key
- * \param[in] count the cuont
- */
-void ldns_key_list_set_key_count(ldns_key_list *key, size_t count);
-
-/**
- * pushes a key to a keylist
- * \param[in] key_list the key_list to push to
- * \param[in] key the key to push
- * \return false on error, otherwise true
- */
-bool ldns_key_list_push_key(ldns_key_list *key_list, ldns_key *key);
-
-/**
- * returns the number of keys in the key list
- * \param[in] key_list the key_list
- * \return the numbers of keys in the list
- */
-size_t ldns_key_list_key_count(const ldns_key_list *key_list);
-
-/**
- * returns a pointer to the key in the list at the given position
- * \param[in] key the key
- * \param[in] nr the position in the list
- * \return the key
- */
-ldns_key *ldns_key_list_key(const ldns_key_list *key, size_t nr);
-
-#ifdef HAVE_SSL
-/**
- * returns the (openssl) RSA struct contained in the key
- * \param[in] k the key to look in
- * \return the RSA * structure in the key
- */
-RSA *ldns_key_rsa_key(const ldns_key *k);
-/**
- * returns the (openssl) EVP struct contained in the key
- * \param[in] k the key to look in
- * \return the RSA * structure in the key
- */
-EVP_PKEY *ldns_key_evp_key(const ldns_key *k);
-#endif /* HAVE_SSL */
-
-/**
- * returns the (openssl) DSA struct contained in the key
- */
-#ifdef HAVE_SSL
-DSA *ldns_key_dsa_key(const ldns_key *k);
-#endif /* HAVE_SSL */
-
-/**
- * return the signing alg of the key
- * \param[in] k the key
- * \return the algorithm
- */
-ldns_signing_algorithm ldns_key_algorithm(const ldns_key *k);
-/**
- * set the use flag
- * \param[in] k the key
- * \param[in] v the boolean value to set the _use field to
- */
-void ldns_key_set_use(ldns_key *k, bool v);
-/**
- * return the use flag
- * \param[in] k the key
- * \return the boolean value of the _use field
- */
-bool ldns_key_use(const ldns_key *k);
-/**
- * return the hmac key data
- * \param[in] k the key
- * \return the hmac key data
- */
-unsigned char *ldns_key_hmac_key(const ldns_key *k);
-/**
- * return the key id key data
- * \param[in] k the key
- * \return the key id data
- */
-void *ldns_key_external_key(const ldns_key *k);
-/**
- * return the hmac key size
- * \param[in] k the key
- * \return the hmac key size
- */
-size_t ldns_key_hmac_size(const ldns_key *k);
-/**
- * return the original ttl of the key
- * \param[in] k the key
- * \return the original ttl
- */
-uint32_t ldns_key_origttl(const ldns_key *k);
-/**
- * return the key's inception date
- * \param[in] k the key
- * \return the inception date
- */
-uint32_t ldns_key_inception(const ldns_key *k);
-/**
- * return the key's expiration date
- * \param[in] k the key
- * \return the experiration date
- */
-uint32_t ldns_key_expiration(const ldns_key *k);
-/**
- * return the keytag
- * \param[in] k the key
- * \return the keytag
- */
-uint16_t ldns_key_keytag(const ldns_key *k);
-/**
- * return the public key's owner
- * \param[in] k the key
- * \return the owner
- */
-ldns_rdf *ldns_key_pubkey_owner(const ldns_key *k);
-/**
- * Set the 'use' flag for all keys in the list
- * \param[in] keys The key_list
- * \param[in] v The value to set the use flags to
- */
-void
-ldns_key_list_set_use(ldns_key_list *keys, bool v);
-
-/**
- * return the flag of the key
- * \param[in] k the key
- * \return the flag
- */
-uint16_t ldns_key_flags(const ldns_key *k);
-
-/**
- * pops the last rr from a keylist
- * \param[in] key_list the rr_list to pop from
- * \return NULL if nothing to pop. Otherwise the popped RR
- */
-ldns_key *ldns_key_list_pop_key(ldns_key_list *key_list);
-
-/**
- * converts a ldns_key to a public key rr
- * If the key data exists at an external point, the corresponding
- * rdata field must still be added with ldns_rr_rdf_push() to the
- * result rr of this function
- *
- * \param[in] k the ldns_key to convert
- * \return ldns_rr representation of the key
- */
-ldns_rr *ldns_key2rr(const ldns_key *k);
-
-/**
- * print a private key to the file ouput
- *
- * \param[in] output the FILE descriptor where to print to
- * \param[in] k the ldns_key to print
- */
-void ldns_key_print(FILE *output, const ldns_key *k);
-
-/**
- * frees a key structure, but not its internal data structures
- *
- * \param[in] key the key object to free
- */
-void ldns_key_free(ldns_key *key);
-
-/**
- * frees a key structure and all its internal data structures, except
- * the data set by ldns_key_set_external_key()
- *
- * \param[in] key the key object to free
- */
-void ldns_key_deep_free(ldns_key *key);
-
-/**
- * Frees a key list structure
- * \param[in] key_list the key list object to free
- */
-void ldns_key_list_free(ldns_key_list *key_list);
-
-/**
- * Instantiates a DNSKEY or DS RR from file.
- * \param[in] filename the file to read the record from
- * \return the corresponding RR, or NULL if the parsing failed
- */
-ldns_rr * ldns_read_anchor_file(const char *filename);
-
-/**
- * Returns the 'default base name' for key files;
- * IE. K\<zone\>+\<alg\>+\<keytag\>
- * (without the .key or .private)
- * The memory for this is allocated by this function,
- * and should be freed by the caller
- *
- * \param[in] key the key to get the file name from
- * \returns A string containing the file base name
- */
-char *ldns_key_get_file_base_name(ldns_key *key);
-
-/**
- * See if a key algorithm is supported
- * \param[in] algo the signing algorithm number.
- * \returns true if supported.
- */
-int ldns_key_algo_supported(int algo);
-
-/**
- * Get signing algorithm by name. Comparison is case insensitive.
- * \param[in] name string with the name.
- * \returns 0 on parse failure or the algorithm number.
- */
-ldns_signing_algorithm ldns_get_signing_algorithm_by_name(const char* name);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* LDNS_KEYS_H */
+++ /dev/null
-/*
- * dns.h -- defines for the Domain Name System
- *
- * Copyright (c) 2005-2008, NLnet Labs. All rights reserved.
- *
- * See LICENSE for the license.
- *
- * This library was created by:
- * Jelte Jansen, Erik Rozendaal and Miek Gieben
- *
- * A bunch of defines that are used in the DNS.
- */
-
-
-/**
-\mainpage LDNS Documentation
-
-\section introduction Introduction
-
-The goal of ldns is to simplify DNS programming, it supports recent RFCs
-like the DNSSEC documents, and allow developers to easily create software
-conforming to current RFCs, and experimental software for current Internet
-drafts. A secondary benefit of using ldns is speed, because ldns is written
-in C, and although it is not optimized for performance, it should be a lot
-faster than Perl.
-
-The first main tool to use ldns is Drill, from which part of the library was
-derived. From version 1.0.0 on, drill is included in the ldns release
-and will not be distributed seperately anymore. The library also includes some
-other examples and tools to show how it can be used. These can be found in the
-examples/ directory in the tarball.
-
-ldns depends on OpenSSL for it's cryptographic functions.
-Feature list
-
- - Transparent IPv4 and IPv6 support (overridable if necessary),
- - TSIG support,
- - DNSSEC support; signing and verification,
- - small size,
- - online documentation as well as manual pages.
-
-If you want to send us patches please use the code from subversion (trunk).
-
-\section using_ldns Using ldns
-
-Almost all interaction between an application and ldns goes through the ldns
-data structures (\ref ldns_rr, \ref ldns_pkt, etc.). These are input or
-output to the functions of ldns. For example, \ref ldns_zone_new_frm_fp
-reads a zone from a \c FILE pointer, and returns an \ref ldns_zone
-structure.
-
-
-Let's use Drill as an example. Drill is a tool much like dig, whose most
-basic function is to send 1 query to a nameserver and print the response.
-
-To be able to do this, drill uses the resolver module of ldns, which acts as
-a stub resolver. The resolver module uses the net module to actually send
-the query that drill requested. It then uses the wire2host module to
-translate the response and place it in ldns' internal structures. These are
-passed back to drill, which then uses the host2str module to print the
-response in presentation format.
-
-\section gettingstarted Getting Started
-
-See the \ref design page for a very high level description of the design
-choices made for ldns.
-
-For an overview of the functions and types ldns provides, you can check out
-the \ref ldns ldns header file descriptions.
-
-If you want to see some libdns action, you can read our tutorials:
- - \ref tutorial1_mx
- - \ref tutorial2_zone
- - \ref tutorial3_signzone
-
-Or you can just use the menu above to browse through the API docs.
-
-<div style="visibility:hidden;">
-\image html LogoInGradientBar2-y100.png
-</div>
-*/
-
-/**
- * \file ldns.h
- *
- * Including this file will include all ldns files, and define some lookup tables.
- */
-
-#ifndef LDNS_DNS_H
-#define LDNS_DNS_H
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#include <ldns/util.h>
-#include <ldns/buffer.h>
-#include <ldns/common.h>
-#include <ldns/dname.h>
-#include <ldns/dnssec.h>
-#include <ldns/dnssec_verify.h>
-#include <ldns/dnssec_sign.h>
-#include <ldns/error.h>
-#include <ldns/higher.h>
-#include <ldns/host2str.h>
-#include <ldns/host2wire.h>
-#include <ldns/net.h>
-#include <ldns/packet.h>
-#include <ldns/rdata.h>
-#include <ldns/resolver.h>
-#include <ldns/rr.h>
-#include <ldns/str2host.h>
-#include <ldns/tsig.h>
-#include <ldns/update.h>
-#include <ldns/wire2host.h>
-#include <ldns/rr_functions.h>
-#include <ldns/keys.h>
-#include <ldns/parse.h>
-#include <ldns/zone.h>
-#include <ldns/dnssec_zone.h>
-#include <ldns/rbtree.h>
-#include <ldns/sha1.h>
-#include <ldns/sha2.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define LDNS_IP4ADDRLEN (32/8)
-#define LDNS_IP6ADDRLEN (128/8)
-#define LDNS_PORT 53
-#define LDNS_ROOT_LABEL_STR "."
-#define LDNS_DEFAULT_TTL 3600
-
-/* lookup tables for standard DNS stuff */
-
-/** Taken from RFC 2538, section 2.1. */
-extern ldns_lookup_table ldns_certificate_types[];
-/** Taken from RFC 2535, section 7. */
-extern ldns_lookup_table ldns_algorithms[];
-/** Taken from RFC 2538. */
-extern ldns_lookup_table ldns_cert_algorithms[];
-/** rr types */
-extern ldns_lookup_table ldns_rr_classes[];
-/** Response codes */
-extern ldns_lookup_table ldns_rcodes[];
-/** Operation codes */
-extern ldns_lookup_table ldns_opcodes[];
-/** EDNS flags */
-extern ldns_lookup_table ldns_edns_flags[];
-
-
-#ifdef USE_WINSOCK
-#define SOCK_INVALID INVALID_SOCKET
-#define close_socket(_s) if (_s > SOCK_INVALID) {closesocket(_s); _s = SOCK_INVALID;}
-#else
-#define SOCK_INVALID -1
-#define close_socket(_s) if (_s > SOCK_INVALID) {close(_s); _s = SOCK_INVALID;}
-#endif
-
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* LDNS_DNS_H */
+++ /dev/null
-/*
- * net.h
- *
- * DNS Resolver definitions
- *
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2005-2006
- *
- * See the file LICENSE for the license
- */
-
-#ifndef LDNS_NET_H
-#define LDNS_NET_H
-
-#include <ldns/ldns.h>
-@include_sys_socket_h@
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define LDNS_DEFAULT_TIMEOUT_SEC 2
-#define LDNS_DEFAULT_TIMEOUT_USEC 0
-
-/**
- * \file
- *
- * Contains functions to send and receive packets over a network.
- */
-
-/**
- * Sends a buffer to an ip using udp and return the respons as a ldns_pkt
- * \param[in] qbin the ldns_buffer to be send
- * \param[in] to the ip addr to send to
- * \param[in] tolen length of the ip addr
- * \param[in] timeout the timeout value for the network
- * \param[out] answersize size of the packet
- * \param[out] result packet with the answer
- * \return status
- */
-ldns_status ldns_udp_send(uint8_t **result, ldns_buffer *qbin, const struct sockaddr_storage *to, socklen_t tolen, struct timeval timeout, size_t *answersize);
-
-/**
- * Send an udp query and don't wait for an answer but return
- * the socket
- * \param[in] qbin the ldns_buffer to be send
- * \param[in] to the ip addr to send to
- * \param[in] tolen length of the ip addr
- * \param[in] timeout *unused*, was the timeout value for the network
- * \return the socket used
- */
-
-int ldns_udp_bgsend(ldns_buffer *qbin, const struct sockaddr_storage *to, socklen_t tolen, struct timeval timeout);
-
-/**
- * Send an tcp query and don't wait for an answer but return
- * the socket
- * \param[in] qbin the ldns_buffer to be send
- * \param[in] to the ip addr to send to
- * \param[in] tolen length of the ip addr
- * \param[in] timeout the timeout value for the connect attempt
- * \return the socket used
- */
-int ldns_tcp_bgsend(ldns_buffer *qbin, const struct sockaddr_storage *to, socklen_t tolen, struct timeval timeout);
-
-/**
- * Sends a buffer to an ip using tcp and return the respons as a ldns_pkt
- * \param[in] qbin the ldns_buffer to be send
- * \param[in] qbin the ldns_buffer to be send
- * \param[in] to the ip addr to send to
- * \param[in] tolen length of the ip addr
- * \param[in] timeout the timeout value for the network
- * \param[out] answersize size of the packet
- * \param[out] result packet with the answer
- * \return status
- */
-ldns_status ldns_tcp_send(uint8_t **result, ldns_buffer *qbin, const struct sockaddr_storage *to, socklen_t tolen, struct timeval timeout, size_t *answersize);
-
-/**
- * Sends ptk to the nameserver at the resolver object. Returns the data
- * as a ldns_pkt
- *
- * \param[out] pkt packet received from the nameserver
- * \param[in] r the resolver to use
- * \param[in] query_pkt the query to send
- * \return status
- */
-ldns_status ldns_send(ldns_pkt **pkt, ldns_resolver *r, const ldns_pkt *query_pkt);
-
-/**
- * Sends and ldns_buffer (presumably containing a packet to the nameserver at the resolver object. Returns the data
- * as a ldns_pkt
- *
- * \param[out] pkt packet received from the nameserver
- * \param[in] r the resolver to use
- * \param[in] qb the buffer to send
- * \param[in] tsig_mac the tsig MAC to authenticate the response with (NULL to do no TSIG authentication)
- * \return status
- */
-ldns_status ldns_send_buffer(ldns_pkt **pkt, ldns_resolver *r, ldns_buffer *qb, ldns_rdf *tsig_mac);
-
-/**
- * Create a tcp socket to the specified address
- * \param[in] to ip and family
- * \param[in] tolen length of to
- * \param[in] timeout timeout for the connect attempt
- * \return a socket descriptor
- */
-int ldns_tcp_connect(const struct sockaddr_storage *to, socklen_t tolen, struct timeval timeout);
-
-/**
- * Create a udp socket to the specified address
- * \param[in] to ip and family
- * \param[in] timeout *unused*, was timeout for the socket
- * \return a socket descriptor
- */
-int ldns_udp_connect(const struct sockaddr_storage *to, struct timeval timeout);
-
-/**
- * send a query via tcp to a server. Don't want for the answer
- *
- * \param[in] qbin the buffer to send
- * \param[in] sockfd the socket to use
- * \param[in] to which ip to send it
- * \param[in] tolen socketlen
- * \return number of bytes sent
- */
-ssize_t ldns_tcp_send_query(ldns_buffer *qbin, int sockfd, const struct sockaddr_storage *to, socklen_t tolen);
-
-/**
- * send a query via udp to a server. Don;t want for the answer
- *
- * \param[in] qbin the buffer to send
- * \param[in] sockfd the socket to use
- * \param[in] to which ip to send it
- * \param[in] tolen socketlen
- * \return number of bytes sent
- */
-ssize_t ldns_udp_send_query(ldns_buffer *qbin, int sockfd, const struct sockaddr_storage *to, socklen_t tolen);
-
-/**
- * Gives back a raw packet from the wire and reads the header data from the given
- * socket. Allocates the data (of size size) itself, so don't forget to free
- *
- * \param[in] sockfd the socket to read from
- * \param[out] size the number of bytes that are read
- * \param[in] timeout the time allowed between packets.
- * \return the data read
- */
-uint8_t *ldns_tcp_read_wire_timeout(int sockfd, size_t *size, struct timeval timeout);
-
-/**
- * This routine may block. Use ldns_tcp_read_wire_timeout, it checks timeouts.
- * Gives back a raw packet from the wire and reads the header data from the given
- * socket. Allocates the data (of size size) itself, so don't forget to free
- *
- * \param[in] sockfd the socket to read from
- * \param[out] size the number of bytes that are read
- * \return the data read
- */
-uint8_t *ldns_tcp_read_wire(int sockfd, size_t *size);
-
-/**
- * Gives back a raw packet from the wire and reads the header data from the given
- * socket. Allocates the data (of size size) itself, so don't forget to free
- *
- * \param[in] sockfd the socket to read from
- * \param[in] fr the address of the client (if applicable)
- * \param[in] *frlen the lenght of the client's addr (if applicable)
- * \param[out] size the number of bytes that are read
- * \return the data read
- */
-uint8_t *ldns_udp_read_wire(int sockfd, size_t *size, struct sockaddr_storage *fr, socklen_t *frlen);
-
-/**
- * returns the native sockaddr representation from the rdf.
- * \param[in] rd the ldns_rdf to operate on
- * \param[in] port what port to use. 0 means; use default (53)
- * \param[out] size what is the size of the sockaddr_storage
- * \return struct sockaddr* the address in the format so other
- * functions can use it (sendto)
- */
-struct sockaddr_storage * ldns_rdf2native_sockaddr_storage(const ldns_rdf *rd, uint16_t port, size_t *size);
-
-/**
- * returns an rdf with the sockaddr info. works for ip4 and ip6
- * \param[in] sock the struct sockaddr_storage to convert
- * \param[in] port what port was used. When NULL this is not set
- * \return ldns_rdf* wth the address
- */
-ldns_rdf * ldns_sockaddr_storage2rdf(struct sockaddr_storage *sock, uint16_t *port);
-
-/**
- * Prepares the resolver for an axfr query
- * The query is sent and the answers can be read with ldns_axfr_next
- * \param[in] resolver the resolver to use
- * \param[in] domain the domain to exfr
- * \param[in] c the class to use
- * \return ldns_status the status of the transfer
- */
-ldns_status ldns_axfr_start(ldns_resolver *resolver, ldns_rdf *domain, ldns_rr_class c);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* LDNS_NET_H */
+++ /dev/null
-/*
- * packet.h
- *
- * DNS packet definitions
- *
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2005-2006
- *
- * See the file LICENSE for the license
- */
-
-/**
- * \file
- *
- * Contains the definition of ldns_pkt and its parts, as well
- * as functions to manipulate those.
- */
-
-
-#ifndef LDNS_PACKET_H
-#define LDNS_PACKET_H
-
-#define LDNS_MAX_PACKETLEN 65535
-
-/* allow flags to be given to mk_query */
-#define LDNS_QR 1 /* QueRy - query flag */
-#define LDNS_AA 2 /* Authoritative Answer - server flag */
-#define LDNS_TC 4 /* TrunCated - server flag */
-#define LDNS_RD 8 /* Recursion Desired - query flag */
-#define LDNS_CD 16 /* Checking Disabled - query flag */
-#define LDNS_RA 32 /* Recursion Available - server flag */
-#define LDNS_AD 64 /* Authenticated Data - server flag */
-
-#include <ldns/error.h>
-#include <ldns/common.h>
-#include <ldns/rr.h>
-#ifdef _MSC_VER
-#include <time.h>
-#else
-#include <sys/time.h>
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* opcodes for pkt's */
-enum ldns_enum_pkt_opcode {
- LDNS_PACKET_QUERY = 0,
- LDNS_PACKET_IQUERY = 1,
- LDNS_PACKET_STATUS = 2, /* there is no 3?? DNS is weird */
- LDNS_PACKET_NOTIFY = 4,
- LDNS_PACKET_UPDATE = 5
-};
-typedef enum ldns_enum_pkt_opcode ldns_pkt_opcode;
-
-/* rcodes for pkts */
-enum ldns_enum_pkt_rcode {
- LDNS_RCODE_NOERROR = 0,
- LDNS_RCODE_FORMERR = 1,
- LDNS_RCODE_SERVFAIL = 2,
- LDNS_RCODE_NXDOMAIN = 3,
- LDNS_RCODE_NOTIMPL = 4,
- LDNS_RCODE_REFUSED = 5,
- LDNS_RCODE_YXDOMAIN = 6,
- LDNS_RCODE_YXRRSET = 7,
- LDNS_RCODE_NXRRSET = 8,
- LDNS_RCODE_NOTAUTH = 9,
- LDNS_RCODE_NOTZONE = 10
-};
-typedef enum ldns_enum_pkt_rcode ldns_pkt_rcode;
-
-/**
- * Header of a dns packet
- *
- * Contains the information about the packet itself, as specified in RFC1035
-<pre>
-4.1.1. Header section format
-
-The header contains the following fields:
-
- 1 1 1 1 1 1
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | ID |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- |QR| Opcode |AA|TC|RD|RA| Z | RCODE |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | QDCOUNT |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | ANCOUNT |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | NSCOUNT |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | ARCOUNT |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
-where:
-
-ID A 16 bit identifier assigned by the program that
- generates any kind of query. This identifier is copied
- the corresponding reply and can be used by the requester
- to match up replies to outstanding queries.
-
-QR A one bit field that specifies whether this message is a
- query (0), or a response (1).
-
-OPCODE A four bit field that specifies kind of query in this
- message. This value is set by the originator of a query
- and copied into the response. The values are:
-
- 0 a standard query (QUERY)
-
- 1 an inverse query (IQUERY)
-
- 2 a server status request (STATUS)
-
- 3-15 reserved for future use
-
-AA Authoritative Answer - this bit is valid in responses,
- and specifies that the responding name server is an
- authority for the domain name in question section.
-
- Note that the contents of the answer section may have
- multiple owner names because of aliases. The AA bit
-
- corresponds to the name which matches the query name, or
- the first owner name in the answer section.
-
-TC TrunCation - specifies that this message was truncated
- due to length greater than that permitted on the
- transmission channel.
-
-RD Recursion Desired - this bit may be set in a query and
- is copied into the response. If RD is set, it directs
- the name server to pursue the query recursively.
- Recursive query support is optional.
-
-RA Recursion Available - this be is set or cleared in a
- response, and denotes whether recursive query support is
- available in the name server.
-
-Z Reserved for future use. Must be zero in all queries
- and responses.
-
-RCODE Response code - this 4 bit field is set as part of
- responses. The values have the following
- interpretation:
-
- 0 No error condition
-
- 1 Format error - The name server was
- unable to interpret the query.
-
- 2 Server failure - The name server was
- unable to process this query due to a
- problem with the name server.
-
- 3 Name Error - Meaningful only for
- responses from an authoritative name
- server, this code signifies that the
- domain name referenced in the query does
- not exist.
-
- 4 Not Implemented - The name server does
- not support the requested kind of query.
-
- 5 Refused - The name server refuses to
- perform the specified operation for
- policy reasons. For example, a name
- server may not wish to provide the
- information to the particular requester,
- or a name server may not wish to perform
- a particular operation (e.g., zone
-
- transfer) for particular data.
-
- 6-15 Reserved for future use.
-
-QDCOUNT an unsigned 16 bit integer specifying the number of
- entries in the question section.
-
-ANCOUNT an unsigned 16 bit integer specifying the number of
- resource records in the answer section.
-
-NSCOUNT an unsigned 16 bit integer specifying the number of name
- server resource records in the authority records
- section.
-
-ARCOUNT an unsigned 16 bit integer specifying the number of
- resource records in the additional records section.
-
-</pre>
- */
-struct ldns_struct_hdr
-{
- /** Id of a packet */
- uint16_t _id;
- /** Query bit (0=query, 1=answer) */
- bool _qr;
- /** Authoritative answer */
- bool _aa;
- /** Packet truncated */
- bool _tc;
- /** Recursion desired */
- bool _rd;
- /** Checking disabled */
- bool _cd;
- /** Recursion available */
- bool _ra;
- /** Authentic data */
- bool _ad;
- /** Query type */
- ldns_pkt_opcode _opcode; /* XXX 8 bits? */
- /** Response code */
- uint8_t _rcode;
- /** question sec */
- uint16_t _qdcount;
- /** answer sec */
- uint16_t _ancount;
- /** auth sec */
- uint16_t _nscount;
- /** add sec */
- uint16_t _arcount;
-};
-typedef struct ldns_struct_hdr ldns_hdr;
-
-/**
- * DNS packet
- *
- * This structure contains a complete DNS packet (either a query or an answer)
- *
- * It is the complete representation of what you actually send to a
- * nameserver, and what it sends back (assuming you are the client here).
- */
-struct ldns_struct_pkt
-{
- /** Header section */
- ldns_hdr *_header;
- /* extra items needed in a packet */
- /** The size of the wire format of the packet in octets */
- ldns_rdf *_answerfrom;
- /** Timestamp of the time the packet was sent or created */
- struct timeval timestamp;
- /** The duration of the query this packet is an answer to */
- uint32_t _querytime;
- /** The size of the wire format of the packet in octets */
- size_t _size;
- /** Optional tsig rr */
- ldns_rr *_tsig_rr;
- /** EDNS0 available buffer size, see RFC2671 */
- uint16_t _edns_udp_size;
- /** EDNS0 Extended rcode */
- uint8_t _edns_extended_rcode;
- /** EDNS Version */
- uint8_t _edns_version;
- /** Reserved EDNS data bits */
- uint16_t _edns_z;
- /** Arbitrary EDNS rdata */
- ldns_rdf *_edns_data;
- /** Question section */
- ldns_rr_list *_question;
- /** Answer section */
- ldns_rr_list *_answer;
- /** Authority section */
- ldns_rr_list *_authority;
- /** Additional section */
- ldns_rr_list *_additional;
-};
-typedef struct ldns_struct_pkt ldns_pkt;
-
-/**
- * The sections of a packet
- */
-enum ldns_enum_pkt_section {
- LDNS_SECTION_QUESTION = 0,
- LDNS_SECTION_ANSWER = 1,
- LDNS_SECTION_AUTHORITY = 2,
- LDNS_SECTION_ADDITIONAL = 3,
- /** bogus section, if not interested */
- LDNS_SECTION_ANY = 4,
- /** used to get all non-question rrs from a packet */
- LDNS_SECTION_ANY_NOQUESTION = 5
-};
-typedef enum ldns_enum_pkt_section ldns_pkt_section;
-
-/**
- * The different types of packets
- */
-enum ldns_enum_pkt_type {
- LDNS_PACKET_QUESTION,
- LDNS_PACKET_REFERRAL,
- LDNS_PACKET_ANSWER,
- LDNS_PACKET_NXDOMAIN,
- LDNS_PACKET_NODATA,
- LDNS_PACKET_UNKNOWN
-};
-typedef enum ldns_enum_pkt_type ldns_pkt_type;
-
-/* prototypes */
-
-/* read */
-
-/**
- * Read the packet id
- * \param[in] p the packet
- * \return the packet id
- */
-uint16_t ldns_pkt_id(const ldns_pkt *p);
-/**
- * Read the packet's qr bit
- * \param[in] p the packet
- * \return value of the bit
- */
-bool ldns_pkt_qr(const ldns_pkt *p);
-/**
- * Read the packet's aa bit
- * \param[in] p the packet
- * \return value of the bit
- */
-bool ldns_pkt_aa(const ldns_pkt *p);
-/**
- * Read the packet's tc bit
- * \param[in] p the packet
- * \return value of the bit
- */
-bool ldns_pkt_tc(const ldns_pkt *p);
-/**
- * Read the packet's rd bit
- * \param[in] p the packet
- * \return value of the bit
- */
-bool ldns_pkt_rd(const ldns_pkt *p);
-/**
- * Read the packet's cd bit
- * \param[in] p the packet
- * \return value of the bit
- */
-bool ldns_pkt_cd(const ldns_pkt *p);
-/**
- * Read the packet's ra bit
- * \param[in] p the packet
- * \return value of the bit
- */
-bool ldns_pkt_ra(const ldns_pkt *p);
-/**
- * Read the packet's ad bit
- * \param[in] p the packet
- * \return value of the bit
- */
-bool ldns_pkt_ad(const ldns_pkt *p);
-/**
- * Read the packet's code
- * \param[in] p the packet
- * \return the opcode
- */
-ldns_pkt_opcode ldns_pkt_get_opcode(const ldns_pkt *p);
-/**
- * Return the packet's respons code
- * \param[in] p the packet
- * \return the respons code
- */
-ldns_pkt_rcode ldns_pkt_get_rcode(const ldns_pkt *p);
-/**
- * Return the packet's qd count
- * \param[in] p the packet
- * \return the qd count
- */
-uint16_t ldns_pkt_qdcount(const ldns_pkt *p);
-/**
- * Return the packet's an count
- * \param[in] p the packet
- * \return the an count
- */
-uint16_t ldns_pkt_ancount(const ldns_pkt *p);
-/**
- * Return the packet's ns count
- * \param[in] p the packet
- * \return the ns count
- */
-uint16_t ldns_pkt_nscount(const ldns_pkt *p);
-/**
- * Return the packet's ar count
- * \param[in] p the packet
- * \return the ar count
- */
-uint16_t ldns_pkt_arcount(const ldns_pkt *p);
-
-/**
- * Return the packet's answerfrom
- * \param[in] p packet
- * \return the name of the server
- */
-ldns_rdf *ldns_pkt_answerfrom(const ldns_pkt *p);
-
-/**
- * Return the packet's timestamp
- * \param[in] p the packet
- * \return the timestamp
- */
-struct timeval ldns_pkt_timestamp(const ldns_pkt *p);
-/**
- * Return the packet's querytime
- * \param[in] p the packet
- * \return the querytime
- */
-uint32_t ldns_pkt_querytime(const ldns_pkt *p);
-
-/**
- * Return the packet's size in bytes
- * \param[in] p the packet
- * \return the size
- */
-size_t ldns_pkt_size(const ldns_pkt *p);
-
-/**
- * Return the packet's tsig pseudo rr's
- * \param[in] p the packet
- * \return the tsig rr
- */
-ldns_rr *ldns_pkt_tsig(const ldns_pkt *p);
-
-/**
- * Return the packet's question section
- * \param[in] p the packet
- * \return the section
- */
-ldns_rr_list *ldns_pkt_question(const ldns_pkt *p);
-/**
- * Return the packet's answer section
- * \param[in] p the packet
- * \return the section
- */
-ldns_rr_list *ldns_pkt_answer(const ldns_pkt *p);
-/**
- * Return the packet's authority section
- * \param[in] p the packet
- * \return the section
- */
-ldns_rr_list *ldns_pkt_authority(const ldns_pkt *p);
-/**
- * Return the packet's additional section
- * \param[in] p the packet
- * \return the section
- */
-ldns_rr_list *ldns_pkt_additional(const ldns_pkt *p);
-/**
- * Return the packet's question, answer, authority and additional sections
- * concatenated, in a new rr_list clone.
- * \param[in] p the packet
- * \return the rrs
- */
-ldns_rr_list *ldns_pkt_all(const ldns_pkt *p);
-/**
- * Return the packet's answer, authority and additional sections concatenated,
- * in a new rr_list clone. Like ldns_pkt_all but without the questions.
- * \param[in] p the packet
- * \return the rrs except the question rrs
- */
-ldns_rr_list *ldns_pkt_all_noquestion(const ldns_pkt *p);
-
-/**
- * return all the rr_list's in the packet. Clone the lists, instead
- * of returning pointers.
- * \param[in] p the packet to look in
- * \param[in] s what section(s) to return
- * \return ldns_rr_list with the rr's or NULL if none were found
- */
-ldns_rr_list *ldns_pkt_get_section_clone(const ldns_pkt *p, ldns_pkt_section s);
-
-/**
- * return all the rr with a specific name from a packet. Optionally
- * specify from which section in the packet
- * \param[in] p the packet
- * \param[in] r the name
- * \param[in] s the packet's section
- * \return a list with the rr's or NULL if none were found
- */
-ldns_rr_list *ldns_pkt_rr_list_by_name(ldns_pkt *p, ldns_rdf *r, ldns_pkt_section s);
-/**
- * return all the rr with a specific type from a packet. Optionally
- * specify from which section in the packet
- * \param[in] p the packet
- * \param[in] t the type
- * \param[in] s the packet's section
- * \return a list with the rr's or NULL if none were found
- */
-ldns_rr_list *ldns_pkt_rr_list_by_type(const ldns_pkt *p, ldns_rr_type t, ldns_pkt_section s);
-/**
- * return all the rr with a specific type and type from a packet. Optionally
- * specify from which section in the packet
- * \param[in] packet the packet
- * \param[in] ownername the name
- * \param[in] type the type
- * \param[in] sec the packet's section
- * \return a list with the rr's or NULL if none were found
- */
-ldns_rr_list *ldns_pkt_rr_list_by_name_and_type(const ldns_pkt *packet, const ldns_rdf *ownername, ldns_rr_type type, ldns_pkt_section sec);
-
-
-/**
- * check to see if an rr exist in the packet
- * \param[in] pkt the packet to examine
- * \param[in] sec in which section to look
- * \param[in] rr the rr to look for
- */
-bool ldns_pkt_rr(ldns_pkt *pkt, ldns_pkt_section sec, ldns_rr *rr);
-
-
-/**
- * sets the flags in a packet.
- * \param[in] pkt the packet to operate on
- * \param[in] flags ORed values: LDNS_QR| LDNS_AR for instance
- * \return true on success otherwise false
- */
-bool ldns_pkt_set_flags(ldns_pkt *pkt, uint16_t flags);
-
-/**
- * Set the packet's id
- * \param[in] p the packet
- * \param[in] id the id to set
- */
-void ldns_pkt_set_id(ldns_pkt *p, uint16_t id);
-/**
- * Set the packet's id to a random value
- * \param[in] p the packet
- */
-void ldns_pkt_set_random_id(ldns_pkt *p);
-/**
- * Set the packet's qr bit
- * \param[in] p the packet
- * \param[in] b the value to set (boolean)
- */
-void ldns_pkt_set_qr(ldns_pkt *p, bool b);
-/**
- * Set the packet's aa bit
- * \param[in] p the packet
- * \param[in] b the value to set (boolean)
- */
-void ldns_pkt_set_aa(ldns_pkt *p, bool b);
-/**
- * Set the packet's tc bit
- * \param[in] p the packet
- * \param[in] b the value to set (boolean)
- */
-void ldns_pkt_set_tc(ldns_pkt *p, bool b);
-/**
- * Set the packet's rd bit
- * \param[in] p the packet
- * \param[in] b the value to set (boolean)
- */
-void ldns_pkt_set_rd(ldns_pkt *p, bool b);
-/**
- * Set the packet's cd bit
- * \param[in] p the packet
- * \param[in] b the value to set (boolean)
- */
-void ldns_pkt_set_cd(ldns_pkt *p, bool b);
-/**
- * Set the packet's ra bit
- * \param[in] p the packet
- * \param[in] b the value to set (boolean)
- */
-void ldns_pkt_set_ra(ldns_pkt *p, bool b);
-/**
- * Set the packet's ad bit
- * \param[in] p the packet
- * \param[in] b the value to set (boolean)
- */
-void ldns_pkt_set_ad(ldns_pkt *p, bool b);
-
-/**
- * Set the packet's opcode
- * \param[in] p the packet
- * \param[in] c the opcode
- */
-void ldns_pkt_set_opcode(ldns_pkt *p, ldns_pkt_opcode c);
-/**
- * Set the packet's respons code
- * \param[in] p the packet
- * \param[in] c the rcode
- */
-void ldns_pkt_set_rcode(ldns_pkt *p, uint8_t c);
-/**
- * Set the packet's qd count
- * \param[in] p the packet
- * \param[in] c the count
- */
-void ldns_pkt_set_qdcount(ldns_pkt *p, uint16_t c);
-/**
- * Set the packet's an count
- * \param[in] p the packet
- * \param[in] c the count
- */
-void ldns_pkt_set_ancount(ldns_pkt *p, uint16_t c);
-/**
- * Set the packet's ns count
- * \param[in] p the packet
- * \param[in] c the count
- */
-void ldns_pkt_set_nscount(ldns_pkt *p, uint16_t c);
-/**
- * Set the packet's arcount
- * \param[in] p the packet
- * \param[in] c the count
- */
-void ldns_pkt_set_arcount(ldns_pkt *p, uint16_t c);
-/**
- * Set the packet's answering server
- * \param[in] p the packet
- * \param[in] r the address
- */
-void ldns_pkt_set_answerfrom(ldns_pkt *p, ldns_rdf *r);
-/**
- * Set the packet's query time
- * \param[in] p the packet
- * \param[in] t the querytime in msec
- */
-void ldns_pkt_set_querytime(ldns_pkt *p, uint32_t t);
-/**
- * Set the packet's size
- * \param[in] p the packet
- * \param[in] s the size
- */
-void ldns_pkt_set_size(ldns_pkt *p, size_t s);
-
-/**
- * Set the packet's timestamp
- * \param[in] p the packet
- * \param[in] timeval the timestamp
- */
-void ldns_pkt_set_timestamp(ldns_pkt *p, struct timeval timeval);
-/**
- * Set a packet's section count to x
- * \param[in] p the packet
- * \param[in] s the section
- * \param[in] x the section count
- */
-void ldns_pkt_set_section_count(ldns_pkt *p, ldns_pkt_section s, uint16_t x);
-/**
- * Set the packet's tsig rr
- * \param[in] p the packet
- * \param[in] t the tsig rr
- */
-void ldns_pkt_set_tsig(ldns_pkt *p, ldns_rr *t);
-
-/**
- * looks inside the packet to determine
- * what kind of packet it is, AUTH, NXDOMAIN, REFERRAL, etc.
- * \param[in] p the packet to examine
- * \return the type of packet
- */
-ldns_pkt_type ldns_pkt_reply_type(ldns_pkt *p);
-
-/**
- * return the packet's edns udp size
- * \param[in] packet the packet
- * \return the size
- */
-uint16_t ldns_pkt_edns_udp_size(const ldns_pkt *packet);
-/**
- * return the packet's edns extended rcode
- * \param[in] packet the packet
- * \return the rcode
- */
-uint8_t ldns_pkt_edns_extended_rcode(const ldns_pkt *packet);
-/**
- * return the packet's edns version
- * \param[in] packet the packet
- * \return the version
- */
-uint8_t ldns_pkt_edns_version(const ldns_pkt *packet);
-/**
- * return the packet's edns z value
- * \param[in] packet the packet
- * \return the z value
- */
-uint16_t ldns_pkt_edns_z(const ldns_pkt *packet);
-/**
- * return the packet's edns data
- * \param[in] packet the packet
- * \return the data
- */
-ldns_rdf *ldns_pkt_edns_data(const ldns_pkt *packet);
-
-/**
- * return the packet's edns do bit
- * \param[in] packet the packet
- * \return the bit's value
- */
-bool ldns_pkt_edns_do(const ldns_pkt *packet);
-/**
- * Set the packet's edns do bit
- * \param[in] packet the packet
- * \param[in] value the bit's new value
- */
-void ldns_pkt_set_edns_do(ldns_pkt *packet, bool value);
-
-/**
- * returns true if this packet needs and EDNS rr to be sent.
- * At the moment the only reason is an expected packet
- * size larger than 512 bytes, but for instance dnssec would
- * be a good reason too.
- *
- * \param[in] packet the packet to check
- * \return true if packet needs edns rr
- */
-bool ldns_pkt_edns(const ldns_pkt *packet);
-
-/**
- * Set the packet's edns udp size
- * \param[in] packet the packet
- * \param[in] s the size
- */
-void ldns_pkt_set_edns_udp_size(ldns_pkt *packet, uint16_t s);
-/**
- * Set the packet's edns extended rcode
- * \param[in] packet the packet
- * \param[in] c the code
- */
-void ldns_pkt_set_edns_extended_rcode(ldns_pkt *packet, uint8_t c);
-/**
- * Set the packet's edns version
- * \param[in] packet the packet
- * \param[in] v the version
- */
-void ldns_pkt_set_edns_version(ldns_pkt *packet, uint8_t v);
-/**
- * Set the packet's edns z value
- * \param[in] packet the packet
- * \param[in] z the value
- */
-void ldns_pkt_set_edns_z(ldns_pkt *packet, uint16_t z);
-/**
- * Set the packet's edns data
- * \param[in] packet the packet
- * \param[in] data the data
- */
-void ldns_pkt_set_edns_data(ldns_pkt *packet, ldns_rdf *data);
-
-/**
- * allocates and initializes a ldns_pkt structure.
- * \return pointer to the new packet
- */
-ldns_pkt *ldns_pkt_new();
-
-/**
- * frees the packet structure and all data that it contains.
- * \param[in] packet The packet structure to free
- * \return void
- */
-void ldns_pkt_free(ldns_pkt *packet);
-
-/**
- * creates a query packet for the given name, type, class.
- * \param[out] p the packet to be returned
- * \param[in] rr_name the name to query for (as string)
- * \param[in] rr_type the type to query for
- * \param[in] rr_class the class to query for
- * \param[in] flags packet flags
- * \return LDNS_STATUS_OK or a ldns_status mesg with the error
- */
-ldns_status ldns_pkt_query_new_frm_str(ldns_pkt **p, const char *rr_name, ldns_rr_type rr_type, ldns_rr_class rr_class , uint16_t flags);
-
-/**
- * creates a packet with a query in it for the given name, type and class.
- * \param[in] rr_name the name to query for
- * \param[in] rr_type the type to query for
- * \param[in] rr_class the class to query for
- * \param[in] flags packet flags
- * \return ldns_pkt* a pointer to the new pkt
- */
-ldns_pkt *ldns_pkt_query_new(ldns_rdf *rr_name, ldns_rr_type rr_type, ldns_rr_class rr_class, uint16_t flags);
-
-/**
- * clones the given packet, creating a fully allocated copy
- *
- * \param[in] pkt the packet to clone
- * \return ldns_pkt* pointer to the new packet
- */
-ldns_pkt *ldns_pkt_clone(ldns_pkt *pkt);
-
-/**
- * directly set the additional section
- * \param[in] p packet to operate on
- * \param[in] rr rrlist to set
- */
-void ldns_pkt_set_additional(ldns_pkt *p, ldns_rr_list *rr);
-
-/**
- * directly set the answer section
- * \param[in] p packet to operate on
- * \param[in] rr rrlist to set
- */
-void ldns_pkt_set_answer(ldns_pkt *p, ldns_rr_list *rr);
-
-/**
- * directly set the question section
- * \param[in] p packet to operate on
- * \param[in] rr rrlist to set
- */
-void ldns_pkt_set_question(ldns_pkt *p, ldns_rr_list *rr);
-
-/**
- * directly set the auhority section
- * \param[in] p packet to operate on
- * \param[in] rr rrlist to set
- */
-void ldns_pkt_set_authority(ldns_pkt *p, ldns_rr_list *rr);
-
-/**
- * push an rr on a packet
- * \param[in] packet packet to operate on
- * \param[in] section where to put it
- * \param[in] rr rr to push
- * \return a boolean which is true when the rr was added
- */
-bool ldns_pkt_push_rr(ldns_pkt *packet, ldns_pkt_section section, ldns_rr *rr);
-
-/**
- * push an rr on a packet, provided the RR is not there.
- * \param[in] pkt packet to operate on
- * \param[in] sec where to put it
- * \param[in] rr rr to push
- * \return a boolean which is true when the rr was added
- */
-bool ldns_pkt_safe_push_rr(ldns_pkt *pkt, ldns_pkt_section sec, ldns_rr *rr);
-
-/**
- * push a rr_list on a packet
- * \param[in] packet packet to operate on
- * \param[in] section where to put it
- * \param[in] list the rr_list to push
- * \return a boolean which is true when the rr was added
- */
-bool ldns_pkt_push_rr_list(ldns_pkt *packet, ldns_pkt_section section, ldns_rr_list *list);
-
-/**
- * push an rr_list to a packet, provided the RRs are not already there.
- * \param[in] pkt packet to operate on
- * \param[in] sec where to put it
- * \param[in] list the rr_list to push
- * \return a boolean which is true when the rr was added
- */
-bool ldns_pkt_safe_push_rr_list(ldns_pkt *pkt, ldns_pkt_section sec, ldns_rr_list *list);
-
-/**
- * check if a packet is empty
- * \param[in] p packet
- * \return true: empty, false: not empty
- */
-bool ldns_pkt_empty(ldns_pkt *p);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* LDNS_PACKET_H */
+++ /dev/null
-/*
- * parse.h
- *
- * a Net::DNS like library for C
- * LibDNS Team @ NLnet Labs
- * (c) NLnet Labs, 2005-2006
- * See the file LICENSE for the license
- */
-
-#ifndef LDNS_PARSE_H
-#define LDNS_PARSE_H
-
-#include <ldns/common.h>
-#include <ldns/buffer.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define LDNS_PARSE_SKIP_SPACE "\f\n\r\v"
-#define LDNS_PARSE_NORMAL " \f\n\r\t\v"
-#define LDNS_PARSE_NO_NL " \t"
-#define LDNS_MAX_LINELEN 10230
-#define LDNS_MAX_KEYWORDLEN 32
-
-
-/**
- * \file
- *
- * Contains some low-level parsing functions, mostly used in the _frm_str
- * family of functions.
- */
-
-/**
- * different type of directives in zone files
- * We now deal with $TTL, $ORIGIN and $INCLUDE.
- * The latter is not implemented in ldns (yet)
- */
-enum ldns_enum_directive
-{
- LDNS_DIR_TTL,
- LDNS_DIR_ORIGIN,
- LDNS_DIR_INCLUDE
-};
-typedef enum ldns_enum_directive ldns_directive;
-
-/**
- * returns a token/char from the stream F.
- * This function deals with ( and ) in the stream,
- * and ignores them when encountered
- * \param[in] *f the file to read from
- * \param[out] *token the read token is put here
- * \param[in] *delim chars at which the parsing should stop
- * \param[in] *limit how much to read. If 0 the builtin maximum is used
- * \return 0 on error of EOF of the stream F. Otherwise return the length of what is read
- */
-ssize_t ldns_fget_token(FILE *f, char *token, const char *delim, size_t limit);
-
-/**
- * returns a token/char from the stream F.
- * This function deals with ( and ) in the stream,
- * and ignores when it finds them.
- * \param[in] *f the file to read from
- * \param[out] *token the token is put here
- * \param[in] *delim chars at which the parsing should stop
- * \param[in] *limit how much to read. If 0 use builtin maximum
- * \param[in] line_nr pointer to an integer containing the current line number (for debugging purposes)
- * \return 0 on error of EOF of F otherwise return the length of what is read
- */
-ssize_t ldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *line_nr);
-
-/**
- * returns a token/char from the buffer b.
- * This function deals with ( and ) in the buffer,
- * and ignores when it finds them.
- * \param[in] *b the buffer to read from
- * \param[out] *token the token is put here
- * \param[in] *delim chars at which the parsing should stop
- * \param[in] *limit how much to read. If 0 the builtin maximum is used
- * \returns 0 on error of EOF of b. Otherwise return the length of what is read
- */
-ssize_t ldns_bget_token(ldns_buffer *b, char *token, const char *delim, size_t limit);
-
-/*
- * searches for keyword and delim in a file. Gives everything back
- * after the keyword + k_del until we hit d_del
- * \param[in] f file pointer to read from
- * \param[in] keyword keyword to look for
- * \param[in] k_del keyword delimeter
- * \param[out] data the data found
- * \param[in] d_del the data delimeter
- * \param[in] data_limit maximum size the the data buffer
- * \return the number of character read
- */
-ssize_t ldns_fget_keyword_data(FILE *f, const char *keyword, const char *k_del, char *data, const char *d_del, size_t data_limit);
-
-/*
- * searches for keyword and delim. Gives everything back
- * after the keyword + k_del until we hit d_del
- * \param[in] f file pointer to read from
- * \param[in] keyword keyword to look for
- * \param[in] k_del keyword delimeter
- * \param[out] data the data found
- * \param[in] d_del the data delimeter
- * \param[in] data_limit maximum size the the data buffer
- * \param[in] line_nr pointer to an integer containing the current line number (for
-debugging purposes)
- * \return the number of character read
- */
-ssize_t ldns_fget_keyword_data_l(FILE *f, const char *keyword, const char *k_del, char *data, const char *d_del, size_t data_limit, int *line_nr);
-
-/*
- * searches for keyword and delim in a buffer. Gives everything back
- * after the keyword + k_del until we hit d_del
- * \param[in] b buffer pointer to read from
- * \param[in] keyword keyword to look for
- * \param[in] k_del keyword delimeter
- * \param[out] data the data found
- * \param[in] d_del the data delimeter
- * \param[in] data_limit maximum size the the data buffer
- * \return the number of character read
- */
-ssize_t ldns_bget_keyword_data(ldns_buffer *b, const char *keyword, const char *k_del, char *data, const char *d_del, size_t data_limit);
-
-/**
- * returns the next character from a buffer. Advances the position pointer with 1.
- * When end of buffer is reached returns EOF. This is the buffer's equivalent
- * for getc().
- * \param[in] *buffer buffer to read from
- * \return EOF on failure otherwise return the character
- */
-int ldns_bgetc(ldns_buffer *buffer);
-
-/**
- * skips all of the characters in the given string in the buffer, moving
- * the position to the first character that is not in *s.
- * \param[in] *buffer buffer to use
- * \param[in] *s characters to skip
- * \return void
- */
-void ldns_bskipcs(ldns_buffer *buffer, const char *s);
-
-/**
- * skips all of the characters in the given string in the fp, moving
- * the position to the first character that is not in *s.
- * \param[in] *fp file to use
- * \param[in] *s characters to skip
- * \return void
- */
-void ldns_fskipcs(FILE *fp, const char *s);
-
-
-/**
- * skips all of the characters in the given string in the fp, moving
- * the position to the first character that is not in *s.
- * \param[in] *fp file to use
- * \param[in] *s characters to skip
- * \param[in] line_nr pointer to an integer containing the current line number (for debugging purposes)
- * \return void
- */
-void ldns_fskipcs_l(FILE *fp, const char *s, int *line_nr);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* LDNS_PARSE_H */
+++ /dev/null
-/*
- * rbtree.h -- generic red-black tree
- *
- * Copyright (c) 2001-2008, NLnet Labs. All rights reserved.
- *
- * This software is open source.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above copyright notice,
- * this list of conditions and the following disclaimer in the documentation
- * and/or other materials provided with the distribution.
- *
- * Neither the name of the NLNET LABS nor the names of its contributors may
- * be used to endorse or promote products derived from this software without
- * specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-/**
- * \file
- * Red black tree. Implementation taken from NSD 3.0.5, adjusted for use
- * in unbound (memory allocation, logging and so on).
- */
-
-#ifndef LDNS_RBTREE_H_
-#define LDNS_RBTREE_H_
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * This structure must be the first member of the data structure in
- * the rbtree. This allows easy casting between an rbnode_t and the
- * user data (poor man's inheritance).
- * Or you can use the data pointer member to get to your data item.
- */
-typedef struct ldns_rbnode_t ldns_rbnode_t;
-/**
- * The rbnode_t struct definition.
- */
-struct ldns_rbnode_t {
- /** parent in rbtree, RBTREE_NULL for root */
- ldns_rbnode_t *parent;
- /** left node (smaller items) */
- ldns_rbnode_t *left;
- /** right node (larger items) */
- ldns_rbnode_t *right;
- /** pointer to sorting key */
- const void *key;
- /** pointer to data */
- const void *data;
- /** colour of this node */
- uint8_t color;
-};
-
-/** The nullpointer, points to empty node */
-#define LDNS_RBTREE_NULL &ldns_rbtree_null_node
-/** the global empty node */
-extern ldns_rbnode_t ldns_rbtree_null_node;
-
-/** An entire red black tree */
-typedef struct ldns_rbtree_t ldns_rbtree_t;
-/** definition for tree struct */
-struct ldns_rbtree_t {
- /** The root of the red-black tree */
- ldns_rbnode_t *root;
-
- /** The number of the nodes in the tree */
- size_t count;
-
- /**
- * Key compare function. <0,0,>0 like strcmp.
- * Return 0 on two NULL ptrs.
- */
- int (*cmp) (const void *, const void *);
-};
-
-/**
- * Create new tree (malloced) with given key compare function.
- * @param cmpf: compare function (like strcmp) takes pointers to two keys.
- * @return: new tree, empty.
- */
-ldns_rbtree_t *ldns_rbtree_create(int (*cmpf)(const void *, const void *));
-
-/**
- * Free the complete tree (but not its keys)
- * @param rbtree The tree to free
- */
-void ldns_rbtree_free(ldns_rbtree_t *rbtree);
-
-/**
- * Init a new tree (malloced by caller) with given key compare function.
- * @param rbtree: uninitialised memory for new tree, returned empty.
- * @param cmpf: compare function (like strcmp) takes pointers to two keys.
- */
-void ldns_rbtree_init(ldns_rbtree_t *rbtree, int (*cmpf)(const void *, const void *));
-
-/**
- * Insert data into the tree.
- * @param rbtree: tree to insert to.
- * @param data: element to insert.
- * @return: data ptr or NULL if key already present.
- */
-ldns_rbnode_t *ldns_rbtree_insert(ldns_rbtree_t *rbtree, ldns_rbnode_t *data);
-
-/**
- * Insert data into the tree (reversed arguments, for use as callback)
- * \param[in] data element to insert
- * \param[out] rbtree tree to insert in to
- * \return data ptr or NULL if key is already present
- */
-void ldns_rbtree_insert_vref(ldns_rbnode_t *data, void *rbtree);
-
-/**
- * Delete element from tree.
- * @param rbtree: tree to delete from.
- * @param key: key of item to delete.
- * @return: node that is now unlinked from the tree. User to delete it.
- * returns 0 if node not present
- */
-ldns_rbnode_t *ldns_rbtree_delete(ldns_rbtree_t *rbtree, const void *key);
-
-/**
- * Find key in tree. Returns NULL if not found.
- * @param rbtree: tree to find in.
- * @param key: key that must match.
- * @return: node that fits or NULL.
- */
-ldns_rbnode_t *ldns_rbtree_search(ldns_rbtree_t *rbtree, const void *key);
-
-/**
- * Find, but match does not have to be exact.
- * @param rbtree: tree to find in.
- * @param key: key to find position of.
- * @param result: set to the exact node if present, otherwise to element that
- * precedes the position of key in the tree. NULL if no smaller element.
- * @return: true if exact match in result. Else result points to <= element,
- * or NULL if key is smaller than the smallest key.
- */
-int ldns_rbtree_find_less_equal(ldns_rbtree_t *rbtree, const void *key,
- ldns_rbnode_t **result);
-
-/**
- * Returns first (smallest) node in the tree
- * @param rbtree: tree
- * @return: smallest element or NULL if tree empty.
- */
-ldns_rbnode_t *ldns_rbtree_first(ldns_rbtree_t *rbtree);
-
-/**
- * Returns last (largest) node in the tree
- * @param rbtree: tree
- * @return: largest element or NULL if tree empty.
- */
-ldns_rbnode_t *ldns_rbtree_last(ldns_rbtree_t *rbtree);
-
-/**
- * Returns next larger node in the tree
- * @param rbtree: tree
- * @return: next larger element or NULL if no larger in tree.
- */
-ldns_rbnode_t *ldns_rbtree_next(ldns_rbnode_t *rbtree);
-
-/**
- * Returns previous smaller node in the tree
- * @param rbtree: tree
- * @return: previous smaller element or NULL if no previous in tree.
- */
-ldns_rbnode_t *ldns_rbtree_previous(ldns_rbnode_t *rbtree);
-
-/**
- * split off 'elements' number of elements from the start
- * of the name tree and return a new tree containing those
- * elements
- */
-ldns_rbtree_t *ldns_rbtree_split(ldns_rbtree_t *tree, size_t elements);
-
-/**
- * add all node from the second tree to the first (removing them from the
- * second), and fix up nsec(3)s if present
- */
-void ldns_rbtree_join(ldns_rbtree_t *tree1, ldns_rbtree_t *tree2);
-
-/**
- * Call with node=variable of struct* with rbnode_t as first element.
- * with type is the type of a pointer to that struct.
- */
-#define LDNS_RBTREE_FOR(node, type, rbtree) \
- for(node=(type)ldns_rbtree_first(rbtree); \
- (ldns_rbnode_t*)node != LDNS_RBTREE_NULL; \
- node = (type)ldns_rbtree_next((ldns_rbnode_t*)node))
-
-/**
- * Call function for all elements in the redblack tree, such that
- * leaf elements are called before parent elements. So that all
- * elements can be safely free()d.
- * Note that your function must not remove the nodes from the tree.
- * Since that may trigger rebalances of the rbtree.
- * @param tree: the tree
- * @param func: function called with element and user arg.
- * The function must not alter the rbtree.
- * @param arg: user argument.
- */
-void ldns_traverse_postorder(ldns_rbtree_t* tree,
- void (*func)(ldns_rbnode_t*, void*), void* arg);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* UTIL_RBTREE_H_ */
+++ /dev/null
-/*
- * rdata.h
- *
- * rdata definitions
- *
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2005-2006
- *
- * See the file LICENSE for the license
- */
-
-
-/**
- * \file
- *
- * Defines ldns_rdf and functions to manipulate those.
- */
-
-
-#ifndef LDNS_RDATA_H
-#define LDNS_RDATA_H
-
-#include <ldns/common.h>
-#include <ldns/error.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define LDNS_MAX_RDFLEN 8192
-
-#define LDNS_RDF_SIZE_BYTE 1
-#define LDNS_RDF_SIZE_WORD 2
-#define LDNS_RDF_SIZE_DOUBLEWORD 4
-#define LDNS_RDF_SIZE_6BYTES 6
-#define LDNS_RDF_SIZE_16BYTES 16
-
-#define LDNS_NSEC3_VARS_OPTOUT_MASK 0x01
-
-/**
- * The different types of RDATA fields.
- */
-enum ldns_enum_rdf_type
-{
- /** none */
- LDNS_RDF_TYPE_NONE,
- /** domain name */
- LDNS_RDF_TYPE_DNAME,
- /** 8 bits */
- LDNS_RDF_TYPE_INT8,
- /** 16 bits */
- LDNS_RDF_TYPE_INT16,
- /** 32 bits */
- LDNS_RDF_TYPE_INT32,
- /** A record */
- LDNS_RDF_TYPE_A,
- /** AAAA record */
- LDNS_RDF_TYPE_AAAA,
- /** txt string */
- LDNS_RDF_TYPE_STR,
- /** apl data */
- LDNS_RDF_TYPE_APL,
- /** b32 string */
- LDNS_RDF_TYPE_B32_EXT,
- /** b64 string */
- LDNS_RDF_TYPE_B64,
- /** hex string */
- LDNS_RDF_TYPE_HEX,
- /** nsec type codes */
- LDNS_RDF_TYPE_NSEC,
- /** a RR type */
- LDNS_RDF_TYPE_TYPE,
- /** a class */
- LDNS_RDF_TYPE_CLASS,
- /** certificate algorithm */
- LDNS_RDF_TYPE_CERT_ALG,
- /** a key algorithm */
- LDNS_RDF_TYPE_ALG,
- /** unknown types */
- LDNS_RDF_TYPE_UNKNOWN,
- /** time (32 bits) */
- LDNS_RDF_TYPE_TIME,
- /** period */
- LDNS_RDF_TYPE_PERIOD,
- /** tsig time 48 bits */
- LDNS_RDF_TYPE_TSIGTIME,
- LDNS_RDF_TYPE_TSIG,
- /** variable length any type rdata where the length
- is specified by the first 2 bytes */
- LDNS_RDF_TYPE_INT16_DATA,
- /** protocol and port bitmaps */
- LDNS_RDF_TYPE_SERVICE,
- /** location data */
- LDNS_RDF_TYPE_LOC,
- /** well known services */
- LDNS_RDF_TYPE_WKS,
- /** NSAP */
- LDNS_RDF_TYPE_NSAP,
- /** ATMA */
- LDNS_RDF_TYPE_ATMA,
- /** IPSECKEY */
- LDNS_RDF_TYPE_IPSECKEY,
- /** nsec3 hash salt */
- LDNS_RDF_TYPE_NSEC3_SALT,
- /** nsec3 base32 string (with length byte on wire */
- LDNS_RDF_TYPE_NSEC3_NEXT_OWNER
-};
-typedef enum ldns_enum_rdf_type ldns_rdf_type;
-
-/**
- * algorithms used in CERT rrs
- */
-enum ldns_enum_cert_algorithm
-{
- LDNS_CERT_PKIX = 1,
- LDNS_CERT_SPKI = 2,
- LDNS_CERT_PGP = 3,
- LDNS_CERT_IPKIX = 4,
- LDNS_CERT_ISPKI = 5,
- LDNS_CERT_IPGP = 6,
- LDNS_CERT_ACPKIX = 7,
- LDNS_CERT_IACPKIX = 8,
- LDNS_CERT_URI = 253,
- LDNS_CERT_OID = 254
-};
-typedef enum ldns_enum_cert_algorithm ldns_cert_algorithm;
-
-
-
-/**
- * Resource record data field.
- *
- * The data is a network ordered array of bytes, which size is specified by
- * the (16-bit) size field. To correctly parse it, use the type
- * specified in the (16-bit) type field with a value from \ref ldns_rdf_type.
- */
-struct ldns_struct_rdf
-{
- /** The size of the data (in octets) */
- size_t _size;
- /** The type of the data */
- ldns_rdf_type _type;
- /** Pointer to the data (raw octets) */
- void *_data;
-};
-typedef struct ldns_struct_rdf ldns_rdf;
-
-/* prototypes */
-
-/* write access functions */
-
-/**
- * sets the size of the rdf.
- * \param[in] *rd the rdf to operate on
- * \param[in] size the new size
- * \return void
- */
-void ldns_rdf_set_size(ldns_rdf *rd, size_t size);
-
-/**
- * sets the size of the rdf.
- * \param[in] *rd the rdf to operate on
- * \param[in] type the new type
- * \return void
- */
-void ldns_rdf_set_type(ldns_rdf *rd, ldns_rdf_type type);
-
-/**
- * sets the size of the rdf.
- * \param[in] *rd the rdf to operate on
- * \param[in] *data pointer to the new data
- * \return void
- */
-void ldns_rdf_set_data(ldns_rdf *rd, void *data);
-
-/* read access */
-
-/**
- * returns the size of the rdf.
- * \param[in] *rd the rdf to read from
- * \return uint16_t with the size
- */
-size_t ldns_rdf_size(const ldns_rdf *rd);
-
-/**
- * returns the type of the rdf. We need to insert _get_
- * here to prevent conflict the the rdf_type TYPE.
- * \param[in] *rd the rdf to read from
- * \return ldns_rdf_type with the type
- */
-ldns_rdf_type ldns_rdf_get_type(const ldns_rdf *rd);
-
-/**
- * returns the data of the rdf.
- * \param[in] *rd the rdf to read from
- * \return uint8_t* pointer to the rdf's data
- */
-uint8_t *ldns_rdf_data(const ldns_rdf *rd);
-
-/* creator functions */
-
-/**
- * allocates a new rdf structure and fills it.
- * This function DOES NOT copy the contents from
- * the buffer, unlinke ldns_rdf_new_frm_data()
- * \param[in] type type of the rdf
- * \param[in] size size of the buffer
- * \param[in] data pointer to the buffer to be copied
- * \return the new rdf structure or NULL on failure
- */
-ldns_rdf *ldns_rdf_new(ldns_rdf_type type, size_t size, void *data);
-
-/**
- * allocates a new rdf structure and fills it.
- * This function _does_ copy the contents from
- * the buffer, unlinke ldns_rdf_new()
- * \param[in] type type of the rdf
- * \param[in] size size of the buffer
- * \param[in] data pointer to the buffer to be copied
- * \return the new rdf structure or NULL on failure
- */
-ldns_rdf *ldns_rdf_new_frm_data(ldns_rdf_type type, size_t size, const void *data);
-
-/**
- * creates a new rdf from a string.
- * \param[in] type type to use
- * \param[in] str string to use
- * \return ldns_rdf* or NULL in case of an error
- */
-ldns_rdf *ldns_rdf_new_frm_str(ldns_rdf_type type, const char *str);
-
-/**
- * creates a new rdf from a file containing a string.
- * \param[out] r the new rdf
- * \param[in] type type to use
- * \param[in] fp the file pointer to use
- * \return LDNS_STATUS_OK or the error
- */
-ldns_status ldns_rdf_new_frm_fp(ldns_rdf **r, ldns_rdf_type type, FILE *fp);
-
-/**
- * creates a new rdf from a file containing a string.
- * \param[out] r the new rdf
- * \param[in] type type to use
- * \param[in] fp the file pointer to use
- * \param[in] line_nr pointer to an integer containing the current line number (for debugging purposes)
- * \return LDNS_STATUS_OK or the error
- */
-ldns_status ldns_rdf_new_frm_fp_l(ldns_rdf **r, ldns_rdf_type type, FILE *fp, int *line_nr);
-
-/* destroy functions */
-
-/**
- * frees a rdf structure, leaving the
- * data pointer intact.
- * \param[in] rd the pointer to be freed
- * \return void
- */
-void ldns_rdf_free(ldns_rdf *rd);
-
-/**
- * frees a rdf structure _and_ frees the
- * data. rdf should be created with _new_frm_data
- * \param[in] rd the rdf structure to be freed
- * \return void
- */
-void ldns_rdf_deep_free(ldns_rdf *rd);
-
-/* conversion functions */
-
-/**
- * returns the rdf containing the native uint8_t repr.
- * \param[in] type the ldns_rdf type to use
- * \param[in] value the uint8_t to use
- * \return ldns_rdf* with the converted value
- */
-ldns_rdf *ldns_native2rdf_int8(ldns_rdf_type type, uint8_t value);
-
-/**
- * returns the rdf containing the native uint16_t representation.
- * \param[in] type the ldns_rdf type to use
- * \param[in] value the uint16_t to use
- * \return ldns_rdf* with the converted value
- */
-ldns_rdf *ldns_native2rdf_int16(ldns_rdf_type type, uint16_t value);
-
-/**
- * returns an rdf that contains the given int32 value.
- *
- * Because multiple rdf types can contain an int32, the
- * type must be specified
- * \param[in] type the ldns_rdf type to use
- * \param[in] value the uint32_t to use
- * \return ldns_rdf* with the converted value
- */
-ldns_rdf *ldns_native2rdf_int32(ldns_rdf_type type, uint32_t value);
-
-/**
- * returns an int16_data rdf that contains the data in the
- * given array, preceded by an int16 specifying the length.
- *
- * The memory is copied, and an LDNS_RDF_TYPE_INT16DATA is returned
- * \param[in] size the size of the data
- * \param[in] *data pointer to the actual data
- * \return ldns_rd* the rdf with the data
- */
-ldns_rdf *ldns_native2rdf_int16_data(size_t size, uint8_t *data);
-
-/**
- * reverses an rdf, only actually useful for AAAA and A records.
- * The returned rdf has the type LDNS_RDF_TYPE_DNAME!
- * \param[in] *rd rdf to be reversed
- * \return the reversed rdf (a newly created rdf)
- */
-ldns_rdf *ldns_rdf_address_reverse(ldns_rdf *rd);
-
-/**
- * returns the native uint8_t representation from the rdf.
- * \param[in] rd the ldns_rdf to operate on
- * \return uint8_t the value extracted
- */
-uint8_t ldns_rdf2native_int8(const ldns_rdf *rd);
-
-/**
- * returns the native uint16_t representation from the rdf.
- * \param[in] rd the ldns_rdf to operate on
- * \return uint16_t the value extracted
- */
-uint16_t ldns_rdf2native_int16(const ldns_rdf *rd);
-
-/**
- * returns the native uint32_t representation from the rdf.
- * \param[in] rd the ldns_rdf to operate on
- * \return uint32_t the value extracted
- */
-uint32_t ldns_rdf2native_int32(const ldns_rdf *rd);
-
-/**
- * returns the native time_t representation from the rdf.
- * \param[in] rd the ldns_rdf to operate on
- * \return time_t the value extracted (32 bits currently)
- */
-time_t ldns_rdf2native_time_t(const ldns_rdf *rd);
-
-/**
- * converts a ttl value (like 5d2h) to a long.
- * \param[in] nptr the start of the string
- * \param[out] endptr points to the last char in case of error
- * \return the convert duration value
- */
-uint32_t ldns_str2period(const char *nptr, const char **endptr);
-
-/**
- * removes \\DDD, \\[space] and other escapes from the input.
- * See RFC 1035, section 5.1.
- * \param[in] word what to check
- * \param[in] length the string
- * \return ldns_status mesg
- */
-ldns_status ldns_octet(char *word, size_t *length);
-
-/**
- * clones a rdf structure. The data is copied.
- * \param[in] rd rdf to be copied
- * \return a new rdf structure
- */
-ldns_rdf *ldns_rdf_clone(const ldns_rdf *rd);
-
-/**
- * compares two rdf's on their wire formats.
- * (To order dnames according to rfc4034, use ldns_dname_compare)
- * \param[in] rd1 the first one
- * \param[in] rd2 the second one
- * \return 0 if equal
- * \return -1 if rd1 comes before rd2
- * \return +1 if rd2 comes before rd1
- */
-int ldns_rdf_compare(const ldns_rdf *rd1, const ldns_rdf *rd2);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* LDNS_RDATA_H */
+++ /dev/null
-/*
- * resolver.h
- *
- * DNS Resolver definitions
- *
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2005-2006
- *
- * See the file LICENSE for the license
- */
-
-/**
- * \file
- *
- * Defines the ldns_resolver structure, a stub resolver that can send queries and parse answers.
- *
- */
-
-#ifndef LDNS_RESOLVER_H
-#define LDNS_RESOLVER_H
-
-#include <ldns/error.h>
-#include <ldns/common.h>
-#include <ldns/rr.h>
-#include <ldns/tsig.h>
-#include <ldns/rdata.h>
-#include <ldns/packet.h>
-#ifdef _MSC_VER
-#include <time.h>
-#else
-#include <sys/time.h>
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/** Default location of the resolv.conf file */
-#define LDNS_RESOLV_CONF "/etc/resolv.conf"
-/** Default location of the hosts file */
-#define LDNS_RESOLV_HOSTS "/etc/hosts"
-
-#define LDNS_RESOLV_KEYWORD -1
-#define LDNS_RESOLV_DEFDOMAIN 0
-#define LDNS_RESOLV_NAMESERVER 1
-#define LDNS_RESOLV_SEARCH 2
-#define LDNS_RESOLV_SORTLIST 3
-#define LDNS_RESOLV_OPTIONS 4
-#define LDNS_RESOLV_ANCHOR 5
-#define LDNS_RESOLV_KEYWORDS 6
-
-#define LDNS_RESOLV_INETANY 0
-#define LDNS_RESOLV_INET 1
-#define LDNS_RESOLV_INET6 2
-
-#define LDNS_RESOLV_RTT_INF 0 /* infinity */
-#define LDNS_RESOLV_RTT_MIN 1 /* reachable */
-
-/**
- * DNS stub resolver structure
- */
-struct ldns_struct_resolver
-{
- /** Port to send queries to */
- uint16_t _port;
-
- /** Array of nameservers to query (IP addresses or dnames) */
- ldns_rdf **_nameservers;
- /** Number of nameservers in \c _nameservers */
- size_t _nameserver_count; /* how many do we have */
-
- /** Round trip time; 0 -> infinity. Unit: ms? */
- size_t *_rtt;
-
- /** Wether or not to be recursive */
- bool _recursive;
-
- /** Print debug information */
- bool _debug;
-
- /** Default domain to add to non fully qualified domain names */
- ldns_rdf *_domain;
-
- /** Searchlist array, add the names in this array if a query cannot be found */
- ldns_rdf **_searchlist;
-
- /** Number of entries in the searchlist array */
- size_t _searchlist_count;
-
- /** Number of times to retry before giving up */
- uint8_t _retry;
- /** Time to wait before retrying */
- uint8_t _retrans;
- /** Use new fallback mechanism (try EDNS, then do TCP) */
- bool _fallback;
-
- /** Whether to do DNSSEC */
- bool _dnssec;
- /** Whether to set the CD bit on DNSSEC requests */
- bool _dnssec_cd;
- /** Optional trust anchors for complete DNSSEC validation */
- ldns_rr_list * _dnssec_anchors;
- /** Whether to use tcp or udp (tcp if the value is true)*/
- bool _usevc;
- /** Whether to ignore the tc bit */
- bool _igntc;
- /** Whether to use ip6, 0->does not matter, 1 is IPv4, 2 is IPv6 */
- uint8_t _ip6;
- /** If true append the default domain */
- bool _defnames;
- /** If true apply the search list */
- bool _dnsrch;
- /** Timeout for socket connections */
- struct timeval _timeout;
- /** Only try the first nameserver, and return with an error directly if it fails */
- bool _fail;
- /** Randomly choose a nameserver */
- bool _random;
- /** Keep some things to make AXFR possible */
- int _socket;
- /** Count the number of LDNS_RR_TYPE_SOA RRs we have seen so far
- * (the second one signifies the end of the AXFR)
- */
- int _axfr_soa_count;
- /* when axfring we get complete packets from the server
- but we want to give the caller 1 rr at a time, so
- keep the current pkt */
- /** Packet currently handled when doing part of an AXFR */
- ldns_pkt *_cur_axfr_pkt;
- /** Counter for within the AXFR packets */
- uint16_t _axfr_i;
- /* EDNS0 available buffer size */
- uint16_t _edns_udp_size;
-
- /* Optional tsig key for signing queries,
- outgoing messages are signed if and only if both are set
- */
- /** Name of the key to use with TSIG, if _tsig_keyname and _tsig_keydata both contain values, outgoing messages are automatically signed with TSIG. */
- char *_tsig_keyname;
- /** Secret key data to use with TSIG, if _tsig_keyname and _tsig_keydata both contain values, outgoing messages are automatically signed with TSIG. */
- char *_tsig_keydata;
- /** TSIG signing algorithm */
- char *_tsig_algorithm;
-};
-typedef struct ldns_struct_resolver ldns_resolver;
-
-/* prototypes */
-/* read access functions */
-
-/**
- * Get the port the resolver should use
- * \param[in] r the resolver
- * \return the port number
- */
-uint16_t ldns_resolver_port(const ldns_resolver *r);
-
-/**
- * Is the resolver set to recurse
- * \param[in] r the resolver
- * \return true if so, otherwise false
- */
-bool ldns_resolver_recursive(const ldns_resolver *r);
-
-/**
- * Get the debug status of the resolver
- * \param[in] r the resolver
- * \return true if so, otherwise false
- */
-bool ldns_resolver_debug(const ldns_resolver *r);
-
-/**
- * Get the number of retries
- * \param[in] r the resolver
- * \return the number of retries
- */
-uint8_t ldns_resolver_retry(const ldns_resolver *r);
-
-/**
- * Get the retransmit interval
- * \param[in] r the resolver
- * \return the retransmit interval
- */
-uint8_t ldns_resolver_retrans(const ldns_resolver *r);
-
-/**
- * Get the truncation fallback status
- * \param[in] r the resolver
- * \return whether the truncation fallback mechanism is used
- */
-bool ldns_resolver_fallback(const ldns_resolver *r);
-
-/**
- * Does the resolver use ip6 or ip4
- * \param[in] r the resolver
- * \return 0: both, 1: ip4, 2:ip6
- */
-uint8_t ldns_resolver_ip6(const ldns_resolver *r);
-
-/**
- * Get the resolver's udp size
- * \param[in] r the resolver
- * \return the udp mesg size
- */
-uint16_t ldns_resolver_edns_udp_size(const ldns_resolver *r);
-/**
- * Does the resolver use tcp or udp
- * \param[in] r the resolver
- * \return true: tcp, false: udp
- */
-bool ldns_resolver_usevc(const ldns_resolver *r);
-/**
- * Does the resolver only try the first nameserver
- * \param[in] r the resolver
- * \return true: yes, fail, false: no, try the others
- */
-bool ldns_resolver_fail(const ldns_resolver *r);
-/**
- * Does the resolver apply default domain name
- * \param[in] r the resolver
- * \return true: yes, false: no
- */
-bool ldns_resolver_defnames(const ldns_resolver *r);
-/**
- * Does the resolver apply search list
- * \param[in] r the resolver
- * \return true: yes, false: no
- */
-bool ldns_resolver_dnsrch(const ldns_resolver *r);
-/**
- * Does the resolver do DNSSEC
- * \param[in] r the resolver
- * \return true: yes, false: no
- */
-bool ldns_resolver_dnssec(const ldns_resolver *r);
-/**
- * Does the resolver set the CD bit
- * \param[in] r the resolver
- * \return true: yes, false: no
- */
-bool ldns_resolver_dnssec_cd(const ldns_resolver *r);
-/**
- * Get the resolver's DNSSEC anchors
- * \param[in] r the resolver
- * \return an rr_list containg trusted DNSSEC anchors
- */
-ldns_rr_list * ldns_resolver_dnssec_anchors(const ldns_resolver *r);
-/**
- * Does the resolver ignore the TC bit (truncated)
- * \param[in] r the resolver
- * \return true: yes, false: no
- */
-bool ldns_resolver_igntc(const ldns_resolver *r);
-/**
- * Does the resolver randomize the nameserver before usage
- * \param[in] r the resolver
- * \return true: yes, false: no
- */
-bool ldns_resolver_random(const ldns_resolver *r);
-/**
- * How many nameserver are configured in the resolver
- * \param[in] r the resolver
- * \return number of nameservers
- */
-size_t ldns_resolver_nameserver_count(const ldns_resolver *r);
-/**
- * What is the default dname to add to relative queries
- * \param[in] r the resolver
- * \return the dname which is added
- */
-ldns_rdf *ldns_resolver_domain(const ldns_resolver *r);
-/**
- * What is the timeout on socket connections
- * \param[in] r the resolver
- * \return the timeout as struct timeval
- */
-struct timeval ldns_resolver_timeout(const ldns_resolver *r);
-/**
- * What is the searchlist as used by the resolver
- * \param[in] r the resolver
- * \return a ldns_rdf pointer to a list of the addresses
- */
-ldns_rdf** ldns_resolver_searchlist(const ldns_resolver *r);
-/**
- * Return the configured nameserver ip address
- * \param[in] r the resolver
- * \return a ldns_rdf pointer to a list of the addresses
- */
-ldns_rdf** ldns_resolver_nameservers(const ldns_resolver *r);
-/**
- * Return the used round trip times for the nameservers
- * \param[in] r the resolver
- * \return a size_t* pointer to the list.
- * yet)
- */
-size_t * ldns_resolver_rtt(const ldns_resolver *r);
-/**
- * Return the used round trip time for a specific nameserver
- * \param[in] r the resolver
- * \param[in] pos the index to the nameserver
- * \return the rrt, 0: infinite, >0: undefined (as of * yet)
- */
-size_t ldns_resolver_nameserver_rtt(const ldns_resolver *r, size_t pos);
-/**
- * Return the tsig keyname as used by the nameserver
- * \param[in] r the resolver
- * \return the name used.
- */
-char *ldns_resolver_tsig_keyname(const ldns_resolver *r);
-/**
- * Return the tsig algorithm as used by the nameserver
- * \param[in] r the resolver
- * \return the algorithm used.
- */
-char *ldns_resolver_tsig_algorithm(const ldns_resolver *r);
-/**
- * Return the tsig keydata as used by the nameserver
- * \param[in] r the resolver
- * \return the keydata used.
- */
-char *ldns_resolver_tsig_keydata(const ldns_resolver *r);
-/**
- * pop the last nameserver from the resolver.
- * \param[in] r the resolver
- * \return the popped address or NULL if empty
- */
-ldns_rdf* ldns_resolver_pop_nameserver(ldns_resolver *r);
-
-/**
- * Return the resolver's searchlist count
- * \param[in] r the resolver
- * \return the searchlist count
- */
-size_t ldns_resolver_searchlist_count(const ldns_resolver *r);
-
-/* write access function */
-/**
- * Set the port the resolver should use
- * \param[in] r the resolver
- * \param[in] p the port number
- */
-void ldns_resolver_set_port(ldns_resolver *r, uint16_t p);
-
-/**
- * Set the resolver recursion
- * \param[in] r the resolver
- * \param[in] b true: set to recurse, false: unset
- */
-void ldns_resolver_set_recursive(ldns_resolver *r, bool b);
-
-/**
- * Set the resolver debugging
- * \param[in] r the resolver
- * \param[in] b true: debug on: false debug off
- */
-void ldns_resolver_set_debug(ldns_resolver *r, bool b);
-
-/**
- * Incremental the resolver's nameserver count.
- * \param[in] r the resolver
- */
-void ldns_resolver_incr_nameserver_count(ldns_resolver *r);
-
-/**
- * Decrement the resolver's nameserver count.
- * \param[in] r the resolver
- */
-void ldns_resolver_dec_nameserver_count(ldns_resolver *r);
-
-/**
- * Set the resolver's nameserver count directly.
- * \param[in] r the resolver
- * \param[in] c the nameserver count
- */
-void ldns_resolver_set_nameserver_count(ldns_resolver *r, size_t c);
-
-/**
- * Set the resolver's nameserver count directly by using an rdf list
- * \param[in] r the resolver
- * \param[in] rd the resolver addresses
- */
-void ldns_resolver_set_nameservers(ldns_resolver *r, ldns_rdf **rd);
-
-/**
- * Set the resolver's default domain. This gets appended when no
- * absolute name is given
- * \param[in] r the resolver
- * \param[in] rd the name to append
- */
-void ldns_resolver_set_domain(ldns_resolver *r, ldns_rdf *rd);
-
-/**
- * Set the resolver's socket time out when talking to remote hosts
- * \param[in] r the resolver
- * \param[in] timeout the timeout to use
- */
-void ldns_resolver_set_timeout(ldns_resolver *r, struct timeval timeout);
-
-/**
- * Push a new rd to the resolver's searchlist
- * \param[in] r the resolver
- * \param[in] rd to push
- */
-void ldns_resolver_push_searchlist(ldns_resolver *r, ldns_rdf *rd);
-
-/**
- * Whether the resolver uses the name set with _set_domain
- * \param[in] r the resolver
- * \param[in] b true: use the defaults, false: don't use them
- */
-void ldns_resolver_set_defnames(ldns_resolver *r, bool b);
-
-/**
- * Whether the resolver uses a virtual circuit (TCP)
- * \param[in] r the resolver
- * \param[in] b true: use TCP, false: don't use TCP
- */
-void ldns_resolver_set_usevc(ldns_resolver *r, bool b);
-
-/**
- * Whether the resolver uses the searchlist
- * \param[in] r the resolver
- * \param[in] b true: use the list, false: don't use the list
- */
-void ldns_resolver_set_dnsrch(ldns_resolver *r, bool b);
-
-/**
- * Whether the resolver uses DNSSEC
- * \param[in] r the resolver
- * \param[in] b true: use DNSSEC, false: don't use DNSSEC
- */
-void ldns_resolver_set_dnssec(ldns_resolver *r, bool b);
-
-/**
- * Whether the resolver uses the checking disable bit
- * \param[in] r the resolver
- * \param[in] b true: enable , false: don't use TCP
- */
-void ldns_resolver_set_dnssec_cd(ldns_resolver *r, bool b);
-/**
- * Set the resolver's DNSSEC anchor list directly. RRs should be of type DS or DNSKEY.
- * \param[in] r the resolver
- * \param[in] l the list of RRs to use as trust anchors
- */
-void ldns_resolver_set_dnssec_anchors(ldns_resolver *r, ldns_rr_list * l);
-
-/**
- * Push a new trust anchor to the resolver. It must be a DS or DNSKEY rr
- * \param[in] r the resolver.
- * \param[in] rr the RR to add as a trust anchor.
- * \return a status
- */
-ldns_status ldns_resolver_push_dnssec_anchor(ldns_resolver *r, ldns_rr *rr);
-
-/**
- * Set the resolver retrans timeout (in seconds)
- * \param[in] r the resolver
- * \param[in] re the retransmission interval in seconds
- */
-void ldns_resolver_set_retrans(ldns_resolver *r, uint8_t re);
-
-/**
- * Set whether the resolvers truncation fallback mechanism is used
- * when ldns_resolver_query() is called.
- * \param[in] r the resolver
- * \param[in] fallback whether to use the fallback mechanism
- */
-void ldns_resolver_set_fallback(ldns_resolver *r, bool fallback);
-
-/**
- * Set the resolver retry interval (in seconds)
- * \param[in] r the resolver
- * \param[in] re the retry interval
- */
-void ldns_resolver_set_retry(ldns_resolver *r, uint8_t re);
-
-/**
- * Whether the resolver uses ip6
- * \param[in] r the resolver
- * \param[in] i 0: no pref, 1: ip4, 2: ip6
- */
-void ldns_resolver_set_ip6(ldns_resolver *r, uint8_t i);
-
-/**
- * Whether or not to fail after one failed query
- * \param[in] r the resolver
- * \param[in] b true: yes fail, false: continue with next nameserver
- */
-void ldns_resolver_set_fail(ldns_resolver *r, bool b);
-
-/**
- * Whether or not to ignore the TC bit
- * \param[in] r the resolver
- * \param[in] b true: yes ignore, false: don't ignore
- */
-void ldns_resolver_set_igntc(ldns_resolver *r, bool b);
-
-/**
- * Set maximum udp size
- * \param[in] r the resolver
- * \param[in] s the udp max size
- */
-void ldns_resolver_set_edns_udp_size(ldns_resolver *r, uint16_t s);
-
-/**
- * Set the tsig key name
- * \param[in] r the resolver
- * \param[in] tsig_keyname the tsig key name
- */
-void ldns_resolver_set_tsig_keyname(ldns_resolver *r, char *tsig_keyname);
-
-/**
- * Set the tsig algorithm
- * \param[in] r the resolver
- * \param[in] tsig_algorithm the tsig algorithm
- */
-void ldns_resolver_set_tsig_algorithm(ldns_resolver *r, char *tsig_algorithm);
-
-/**
- * Set the tsig key data
- * \param[in] r the resolver
- * \param[in] tsig_keydata the key data
- */
-void ldns_resolver_set_tsig_keydata(ldns_resolver *r, char *tsig_keydata);
-
-/**
- * Set round trip time for all nameservers. Note this currently
- * differentiates between: unreachable and reachable.
- * \param[in] r the resolver
- * \param[in] rtt a list with the times
- */
-void ldns_resolver_set_rtt(ldns_resolver *r, size_t *rtt);
-
-/**
- * Set round trip time for a specific nameserver. Note this
- * currently differentiates between: unreachable and reachable.
- * \param[in] r the resolver
- * \param[in] pos the nameserver position
- * \param[in] value the rtt
- */
-void ldns_resolver_set_nameserver_rtt(ldns_resolver *r, size_t pos, size_t value);
-
-/**
- * Should the nameserver list be randomized before each use
- * \param[in] r the resolver
- * \param[in] b: true: randomize, false: don't
- */
-void ldns_resolver_set_random(ldns_resolver *r, bool b);
-
-/**
- * Push a new nameserver to the resolver. It must be an IP
- * address v4 or v6.
- * \param[in] r the resolver
- * \param[in] n the ip address
- * \return ldns_status a status
- */
-ldns_status ldns_resolver_push_nameserver(ldns_resolver *r, ldns_rdf *n);
-
-/**
- * Push a new nameserver to the resolver. It must be an
- * A or AAAA RR record type
- * \param[in] r the resolver
- * \param[in] rr the resource record
- * \return ldns_status a status
- */
-ldns_status ldns_resolver_push_nameserver_rr(ldns_resolver *r, ldns_rr *rr);
-
-/**
- * Push a new nameserver rr_list to the resolver.
- * \param[in] r the resolver
- * \param[in] rrlist the rr_list to push
- * \return ldns_status a status
- */
-ldns_status ldns_resolver_push_nameserver_rr_list(ldns_resolver *r, ldns_rr_list *rrlist);
-
-/**
- * Send the query for using the resolver and take the search list into account
- * The search algorithm is as follows:
- * If the name is absolute, try it as-is, otherwise apply the search list
- * \param[in] *r operate using this resolver
- * \param[in] *rdf query for this name
- * \param[in] t query for this type (may be 0, defaults to A)
- * \param[in] c query for this class (may be 0, default to IN)
- * \param[in] flags the query flags
- * \return ldns_pkt* a packet with the reply from the nameserver
- */
-ldns_pkt* ldns_resolver_search(const ldns_resolver *r, const ldns_rdf *rdf, ldns_rr_type t, ldns_rr_class c, uint16_t flags);
-
-/**
- * Form a query packet from a resolver and name/type/class combo
- * \param[out] **q a pointer to a ldns_pkt pointer (initialized by this function)
- * \param[in] *r operate using this resolver
- * \param[in] *name query for this name
- * \param[in] t query for this type (may be 0, defaults to A)
- * \param[in] c query for this class (may be 0, default to IN)
- * \param[in] f the query flags
- * \return ldns_pkt* a packet with the reply from the nameserver
- */
-ldns_status ldns_resolver_prepare_query_pkt(ldns_pkt **q, ldns_resolver *r, const ldns_rdf *name, ldns_rr_type t, ldns_rr_class c, uint16_t f);
-
-/**
- * Send the query for name as-is
- * \param[out] **answer a pointer to a ldns_pkt pointer (initialized by this function)
- * \param[in] *r operate using this resolver
- * \param[in] *name query for this name
- * \param[in] t query for this type (may be 0, defaults to A)
- * \param[in] c query for this class (may be 0, default to IN)
- * \param[in] flags the query flags
- * \return ldns_pkt* a packet with the reply from the nameserver
- */
-ldns_status ldns_resolver_send(ldns_pkt **answer, ldns_resolver *r, const ldns_rdf *name, ldns_rr_type t, ldns_rr_class c, uint16_t flags);
-
-/**
- * Send the given packet to a nameserver
- * \param[out] **answer a pointer to a ldns_pkt pointer (initialized by this function)
- * \param[in] *r operate using this resolver
- * \param[in] *query_pkt query
- */
-ldns_status ldns_resolver_send_pkt(ldns_pkt **answer, ldns_resolver *r, ldns_pkt *query_pkt);
-
-/**
- * Send a query to a nameserver
- * \param[in] *r operate using this resolver
- * \param[in] *name query for this name
- * \param[in] *t query for this type (may be 0, defaults to A)
- * \param[in] *c query for this class (may be 0, default to IN)
- * \param[in] flags the query flags
- * \return ldns_pkt* a packet with the reply from the nameserver
- * if _defnames is true the default domain will be added
- */
-ldns_pkt* ldns_resolver_query(const ldns_resolver *r, const ldns_rdf *name, ldns_rr_type t, ldns_rr_class c, uint16_t flags);
-
-
-/**
- * Create a new resolver structure
- * \return ldns_resolver* pointer to new strcture
- */
-ldns_resolver* ldns_resolver_new(void);
-
-/**
- * Create a resolver structure from a file like /etc/resolv.conf
- * \param[out] r the new resolver
- * \param[in] fp file pointer to create new resolver from
- * if NULL use /etc/resolv.conf
- * \return LDNS_STATUS_OK or the error
- */
-ldns_status ldns_resolver_new_frm_fp(ldns_resolver **r, FILE *fp);
-
-/**
- * Create a resolver structure from a file like /etc/resolv.conf
- * \param[out] r the new resolver
- * \param[in] fp file pointer to create new resolver from
- * if NULL use /etc/resolv.conf
- * \param[in] line_nr pointer to an integer containing the current line number (for debugging purposes)
- * \return LDNS_STATUS_OK or the error
- */
-ldns_status ldns_resolver_new_frm_fp_l(ldns_resolver **r, FILE *fp, int *line_nr);
-
-/**
- * Configure a resolver by means of a resolv.conf file
- * The file may be NULL in which case there will be
- * looked the RESOLV_CONF (defaults to /etc/resolv.conf
- * \param[out] r the new resolver
- * \param[in] filename the filename to use
- * \return LDNS_STATUS_OK or the error
- */
-ldns_status ldns_resolver_new_frm_file(ldns_resolver **r, const char *filename);
-
-/**
- * Frees the allocated space for this resolver. Only frees the resolver pionter! You should probably be using _deep_free.
- * \param res resolver to free
- */
-void ldns_resolver_free(ldns_resolver *res);
-
-/**
- * Frees the allocated space for this resolver and all it's data
- * \param res resolver to free
- */
-void ldns_resolver_deep_free(ldns_resolver *res);
-
-/**
- * Get the next stream of RRs in a AXFR
- * \param[in] resolver the resolver to use. First ldns_axfr_start() must be
- * called
- * \return ldns_rr the next RR from the AXFR stream
- * After you get this returned RR (not NULL: on error), then check if
- * ldns_axfr_complete() is true to see if the zone transfer has completed.
- */
-ldns_rr* ldns_axfr_next(ldns_resolver *resolver);
-
-/**
- * Returns true if the axfr transfer has completed (i.e. 2 SOA RRs and no errors were encountered
- * \param[in] resolver the resolver that is used
- * \return bool true if axfr transfer was completed without error
- */
-bool ldns_axfr_complete(const ldns_resolver *resolver);
-
-/**
- * Returns a pointer to the last ldns_pkt that was sent by the server in the AXFR transfer
- * uasable for instance to get the error code on failure
- * \param[in] res the resolver that was used in the axfr transfer
- * \return ldns_pkt the last packet sent
- */
-ldns_pkt *ldns_axfr_last_pkt(const ldns_resolver *res);
-
-/**
- * Randomize the nameserver list in the resolver
- * \param[in] r the resolver
- */
-void ldns_resolver_nameservers_randomize(ldns_resolver *r);
-
-/**
- * Returns true if at least one of the provided keys is a trust anchor
- * \param[in] r the current resolver
- * \param[in] keys the keyset to check
- * \param[out] trusted_keys the subset of trusted keys in the 'keys' rrset
- * \return true if at least one of the provided keys is a configured trust anchor
- */
-bool ldns_resolver_trusted_key(const ldns_resolver *r, ldns_rr_list * keys, ldns_rr_list * trusted_keys);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* LDNS_RESOLVER_H */
+++ /dev/null
-/*
- * rr.h - resource record definitions
- *
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2005-2006
- *
- * See the file LICENSE for the license
- */
-
-/**
- * \file
- *
- * Contains the definition of ldns_rr and functions to manipulate those.
- */
-
-
-#ifndef LDNS_RR_H
-#define LDNS_RR_H
-
-#include <ldns/common.h>
-#include <ldns/rdata.h>
-#include <ldns/buffer.h>
-#include <ldns/error.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/** Maximum length of a dname label */
-#define LDNS_MAX_LABELLEN 63
-/** Maximum length of a complete dname */
-#define LDNS_MAX_DOMAINLEN 255
-/** Maximum number of pointers in 1 dname */
-#define LDNS_MAX_POINTERS 65535
-/** The bytes TTL, CLASS and length use up in an rr */
-#define LDNS_RR_OVERHEAD 10
-
-/* The first fields are 'common' and can be referenced instantly */
-#define LDNS_RDATA_FIELD_DESCRIPTORS_COMMON 52
-
-
-
-/**
- * The different RR classes.
- */
-enum ldns_enum_rr_class
-{
- /** the Internet */
- LDNS_RR_CLASS_IN = 1,
- /** Chaos class */
- LDNS_RR_CLASS_CH = 3,
- /** Hesiod (Dyer 87) */
- LDNS_RR_CLASS_HS = 4,
- /** None class, dynamic update */
- LDNS_RR_CLASS_NONE = 254,
- /** Any class */
- LDNS_RR_CLASS_ANY = 255,
-
- LDNS_RR_CLASS_FIRST = 0,
- LDNS_RR_CLASS_LAST = 65535,
- LDNS_RR_CLASS_COUNT = LDNS_RR_CLASS_LAST - LDNS_RR_CLASS_FIRST + 1
-};
-typedef enum ldns_enum_rr_class ldns_rr_class;
-
-/**
- * Used to specify whether compression is allowed.
- */
-enum ldns_enum_rr_compress
-{
- /** compression is allowed */
- LDNS_RR_COMPRESS,
- LDNS_RR_NO_COMPRESS
-};
-typedef enum ldns_enum_rr_compress ldns_rr_compress;
-
-/**
- * The different RR types.
- */
-enum ldns_enum_rr_type
-{
- /** a host address */
- LDNS_RR_TYPE_A = 1,
- /** an authoritative name server */
- LDNS_RR_TYPE_NS = 2,
- /** a mail destination (Obsolete - use MX) */
- LDNS_RR_TYPE_MD = 3,
- /** a mail forwarder (Obsolete - use MX) */
- LDNS_RR_TYPE_MF = 4,
- /** the canonical name for an alias */
- LDNS_RR_TYPE_CNAME = 5,
- /** marks the start of a zone of authority */
- LDNS_RR_TYPE_SOA = 6,
- /** a mailbox domain name (EXPERIMENTAL) */
- LDNS_RR_TYPE_MB = 7,
- /** a mail group member (EXPERIMENTAL) */
- LDNS_RR_TYPE_MG = 8,
- /** a mail rename domain name (EXPERIMENTAL) */
- LDNS_RR_TYPE_MR = 9,
- /** a null RR (EXPERIMENTAL) */
- LDNS_RR_TYPE_NULL = 10,
- /** a well known service description */
- LDNS_RR_TYPE_WKS = 11,
- /** a domain name pointer */
- LDNS_RR_TYPE_PTR = 12,
- /** host information */
- LDNS_RR_TYPE_HINFO = 13,
- /** mailbox or mail list information */
- LDNS_RR_TYPE_MINFO = 14,
- /** mail exchange */
- LDNS_RR_TYPE_MX = 15,
- /** text strings */
- LDNS_RR_TYPE_TXT = 16,
- /** RFC1183 */
- LDNS_RR_TYPE_RP = 17,
- /** RFC1183 */
- LDNS_RR_TYPE_AFSDB = 18,
- /** RFC1183 */
- LDNS_RR_TYPE_X25 = 19,
- /** RFC1183 */
- LDNS_RR_TYPE_ISDN = 20,
- /** RFC1183 */
- LDNS_RR_TYPE_RT = 21,
- /** RFC1706 */
- LDNS_RR_TYPE_NSAP = 22,
- /** RFC1348 */
- LDNS_RR_TYPE_NSAP_PTR = 23,
- /** 2535typecode */
- LDNS_RR_TYPE_SIG = 24,
- /** 2535typecode */
- LDNS_RR_TYPE_KEY = 25,
- /** RFC2163 */
- LDNS_RR_TYPE_PX = 26,
- /** RFC1712 */
- LDNS_RR_TYPE_GPOS = 27,
- /** ipv6 address */
- LDNS_RR_TYPE_AAAA = 28,
- /** LOC record RFC1876 */
- LDNS_RR_TYPE_LOC = 29,
- /** 2535typecode */
- LDNS_RR_TYPE_NXT = 30,
- /** draft-ietf-nimrod-dns-01.txt */
- LDNS_RR_TYPE_EID = 31,
- /** draft-ietf-nimrod-dns-01.txt */
- LDNS_RR_TYPE_NIMLOC = 32,
- /** SRV record RFC2782 */
- LDNS_RR_TYPE_SRV = 33,
- /** http://www.jhsoft.com/rfc/af-saa-0069.000.rtf */
- LDNS_RR_TYPE_ATMA = 34,
- /** RFC2915 */
- LDNS_RR_TYPE_NAPTR = 35,
- /** RFC2230 */
- LDNS_RR_TYPE_KX = 36,
- /** RFC2538 */
- LDNS_RR_TYPE_CERT = 37,
- /** RFC2874 */
- LDNS_RR_TYPE_A6 = 38,
- /** RFC2672 */
- LDNS_RR_TYPE_DNAME = 39,
- /** dnsind-kitchen-sink-02.txt */
- LDNS_RR_TYPE_SINK = 40,
- /** Pseudo OPT record... */
- LDNS_RR_TYPE_OPT = 41,
- /** RFC3123 */
- LDNS_RR_TYPE_APL = 42,
- /** draft-ietf-dnsext-delegation */
- LDNS_RR_TYPE_DS = 43,
- /** SSH Key Fingerprint */
- LDNS_RR_TYPE_SSHFP = 44,
- /** draft-richardson-ipseckey-rr-11.txt */
- LDNS_RR_TYPE_IPSECKEY = 45,
- /** draft-ietf-dnsext-dnssec-25 */
- LDNS_RR_TYPE_RRSIG = 46,
- LDNS_RR_TYPE_NSEC = 47,
- LDNS_RR_TYPE_DNSKEY = 48,
- LDNS_RR_TYPE_DHCID = 49,
-
- LDNS_RR_TYPE_NSEC3 = 50,
- LDNS_RR_TYPE_NSEC3PARAMS = 51,
-
- /** draft-ietf-dnsop-trust-history */
- LDNS_RR_TYPE_TALINK = 58,
-
- LDNS_RR_TYPE_SPF = 99,
-
- LDNS_RR_TYPE_UINFO = 100,
- LDNS_RR_TYPE_UID = 101,
- LDNS_RR_TYPE_GID = 102,
- LDNS_RR_TYPE_UNSPEC = 103,
-
- LDNS_RR_TYPE_TSIG = 250,
- LDNS_RR_TYPE_IXFR = 251,
- LDNS_RR_TYPE_AXFR = 252,
- /** A request for mailbox-related records (MB, MG or MR) */
- LDNS_RR_TYPE_MAILB = 253,
- /** A request for mail agent RRs (Obsolete - see MX) */
- LDNS_RR_TYPE_MAILA = 254,
- /** any type (wildcard) */
- LDNS_RR_TYPE_ANY = 255,
-
- /* RFC 4431, 5074, DNSSEC Lookaside Validation */
- LDNS_RR_TYPE_DLV = 32769,
-
- /* type codes from nsec3 experimental phase
- LDNS_RR_TYPE_NSEC3 = 65324,
- LDNS_RR_TYPE_NSEC3PARAMS = 65325, */
- LDNS_RR_TYPE_FIRST = 0,
- LDNS_RR_TYPE_LAST = 65535,
- LDNS_RR_TYPE_COUNT = LDNS_RR_TYPE_LAST - LDNS_RR_TYPE_FIRST + 1
-};
-typedef enum ldns_enum_rr_type ldns_rr_type;
-
-/**
- * Resource Record
- *
- * This is the basic DNS element that contains actual data
- *
- * From RFC1035:
- * <pre>
-3.2.1. Format
-
-All RRs have the same top level format shown below:
-
- 1 1 1 1 1 1
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | |
- / /
- / NAME /
- | |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | TYPE |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | CLASS |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | TTL |
- | |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | RDLENGTH |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--|
- / RDATA /
- / /
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
-where:
-
-NAME an owner name, i.e., the name of the node to which this
- resource record pertains.
-
-TYPE two octets containing one of the RR TYPE codes.
-
-CLASS two octets containing one of the RR CLASS codes.
-
-TTL a 32 bit signed integer that specifies the time interval
- that the resource record may be cached before the source
- of the information should again be consulted. Zero
- values are interpreted to mean that the RR can only be
- used for the transaction in progress, and should not be
- cached. For example, SOA records are always distributed
- with a zero TTL to prohibit caching. Zero values can
- also be used for extremely volatile data.
-
-RDLENGTH an unsigned 16 bit integer that specifies the length in
- octets of the RDATA field.
-
-RDATA a variable length string of octets that describes the
- resource. The format of this information varies
- according to the TYPE and CLASS of the resource record.
- * </pre>
- *
- * The actual amount and type of rdata fields depend on the RR type of the
- * RR, and can be found by using \ref ldns_rr_descriptor functions.
- */
-struct ldns_struct_rr
-{
- /** Owner name, uncompressed */
- ldns_rdf *_owner;
- /** Time to live */
- uint32_t _ttl;
- /** Number of data fields */
- size_t _rd_count;
- /** the type of the RR. A, MX etc. */
- ldns_rr_type _rr_type;
- /** Class of the resource record. */
- ldns_rr_class _rr_class;
- /* everything in the rdata is in network order */
- /** The array of rdata's */
- ldns_rdf **_rdata_fields;
- /** question rr [it would be nicer if thous is after _rd_count]
- ABI change: Fix this in next major release
- */
- bool _rr_question;
-};
-typedef struct ldns_struct_rr ldns_rr;
-
-/**
- * List or Set of Resource Records
- *
- * Contains a list of rr's <br>
- * No official RFC-like checks are made
- */
-struct ldns_struct_rr_list
-{
- size_t _rr_count;
- size_t _rr_capacity;
- ldns_rr **_rrs;
-};
-typedef struct ldns_struct_rr_list ldns_rr_list;
-
-/**
- * Contains all information about resource record types.
- *
- * This structure contains, for all rr types, the rdata fields that are defined.
- */
-struct ldns_struct_rr_descriptor
-{
- /** Type of the RR that is described here */
- ldns_rr_type _type;
- /** Textual name of the RR type. */
- const char *_name;
- /** Minimum number of rdata fields in the RRs of this type. */
- uint8_t _minimum;
- /** Maximum number of rdata fields in the RRs of this type. */
- uint8_t _maximum;
- /** Wireformat specification for the rr, i.e. the types of rdata fields in their respective order. */
- const ldns_rdf_type *_wireformat;
- /** Special rdf types */
- ldns_rdf_type _variable;
- /** Specifies whether compression can be used for dnames in this RR type. */
- ldns_rr_compress _compress;
- /** The number of DNAMEs in the _wireformat string, for parsing. */
- uint8_t _dname_count;
-};
-typedef struct ldns_struct_rr_descriptor ldns_rr_descriptor;
-
-/**
- * creates a new rr structure.
- * \return ldns_rr *
- */
-ldns_rr* ldns_rr_new(void);
-
-/**
- * creates a new rr structure, based on the given type.
- * alloc enough space to hold all the rdf's
- */
-ldns_rr* ldns_rr_new_frm_type(ldns_rr_type t);
-
-/**
- * frees an RR structure
- * \param[in] *rr the RR to be freed
- * \return void
- */
-void ldns_rr_free(ldns_rr *rr);
-
-/**
- * creates an rr from a string.
- * The string should be a fully filled-in rr, like
- * ownername <space> TTL <space> CLASS <space>
- * TYPE <space> RDATA.
- * \param[out] n the rr to return
- * \param[in] str the string to convert
- * \param[in] default_ttl default ttl value for the rr.
- * If 0 DEF_TTL will be used
- * \param[in] origin when the owner is relative add this.
- * The caller must ldns_rdf_deep_free it.
- * \param[out] prev the previous ownername. if this value is not NULL,
- * the function overwrites this with the ownername found in this
- * string. The caller must then ldns_rdf_deep_free it.
- * \return a status msg describing an error or LDNS_STATUS_OK
- */
-ldns_status ldns_rr_new_frm_str(ldns_rr **n, const char *str,
- uint32_t default_ttl, ldns_rdf *origin,
- ldns_rdf **prev);
-
-/**
- * creates an rr for the question section from a string, i.e.
- * without RDATA fields
- * Origin and previous RR functionality are the same as in
- * ldns_rr_new_frm_str()
- * \param[out] n the rr to return
- * \param[in] str the string to convert
- * \param[in] origin when the owner is relative add this.
- * The caller must ldns_rdf_deep_free it.
- * \param prev the previous ownername. the function overwrite this with
- * the current found ownername. The caller must ldns_rdf_deep_free it.
- * \return a status msg describing an error or LDNS_STATUS_OK
- */
-ldns_status ldns_rr_new_question_frm_str(ldns_rr **n, const char *str,
- ldns_rdf *origin, ldns_rdf **prev);
-
-/**
- * creates a new rr from a file containing a string.
- * \param[out] rr the new rr
- * \param[in] fp the file pointer to use
- * \param[in] default_ttl pointer to a default ttl for the rr. If NULL DEF_TTL will be used
- * the pointer will be updated if the file contains a $TTL directive
- * \param[in] origin when the owner is relative add this
- * the pointer will be updated if the file contains a $ORIGIN directive
- * The caller must ldns_rdf_deep_free it.
- * \param[in] prev when the owner is whitespaces use this as the * ownername
- * the pointer will be updated after the call
- * The caller must ldns_rdf_deep_free it.
- * \return a ldns_status with an error or LDNS_STATUS_OK
- */
-ldns_status ldns_rr_new_frm_fp(ldns_rr **rr, FILE *fp, uint32_t *default_ttl, ldns_rdf **origin, ldns_rdf **prev);
-
-/**
- * creates a new rr from a file containing a string.
- * \param[out] rr the new rr
- * \param[in] fp the file pointer to use
- * \param[in] default_ttl a default ttl for the rr. If NULL DEF_TTL will be used
- * the pointer will be updated if the file contains a $TTL directive
- * \param[in] origin when the owner is relative add this
- * the pointer will be updated if the file contains a $ORIGIN directive
- * The caller must ldns_rdf_deep_free it.
- * \param[in] line_nr pointer to an integer containing the current line number (for debugging purposes)
- * \param[in] prev when the owner is whitespaces use this as the * ownername
- * the pointer will be updated after the call
- * The caller must ldns_rdf_deep_free it.
- * \return a ldns_status with an error or LDNS_STATUS_OK
- */
-ldns_status ldns_rr_new_frm_fp_l(ldns_rr **rr, FILE *fp, uint32_t *default_ttl, ldns_rdf **origin, ldns_rdf **prev, int *line_nr);
-
-/**
- * sets the owner in the rr structure.
- * \param[in] *rr rr to operate on
- * \param[in] *owner set to this owner
- * \return void
- */
-void ldns_rr_set_owner(ldns_rr *rr, ldns_rdf *owner);
-
-/**
- * sets the question flag in the rr structure.
- * \param[in] *rr rr to operate on
- * \param[in] question question flag
- * \return void
- */
-void ldns_rr_set_question(ldns_rr *rr, bool question);
-
-/**
- * sets the ttl in the rr structure.
- * \param[in] *rr rr to operate on
- * \param[in] ttl set to this ttl
- * \return void
- */
-void ldns_rr_set_ttl(ldns_rr *rr, uint32_t ttl);
-
-/**
- * sets the rd_count in the rr.
- * \param[in] *rr rr to operate on
- * \param[in] count set to this count
- * \return void
- */
-void ldns_rr_set_rd_count(ldns_rr *rr, size_t count);
-
-/**
- * sets the type in the rr.
- * \param[in] *rr rr to operate on
- * \param[in] rr_type set to this type
- * \return void
- */
-void ldns_rr_set_type(ldns_rr *rr, ldns_rr_type rr_type);
-
-/**
- * sets the class in the rr.
- * \param[in] *rr rr to operate on
- * \param[in] rr_class set to this class
- * \return void
- */
-void ldns_rr_set_class(ldns_rr *rr, ldns_rr_class rr_class);
-
-/**
- * sets a rdf member, it will be set on the
- * position given. The old value is returned, like pop.
- * \param[in] *rr the rr to operate on
- * \param[in] *f the rdf to set
- * \param[in] position the position the set the rdf
- * \return the old value in the rr, NULL on failyre
- */
-ldns_rdf* ldns_rr_set_rdf(ldns_rr *rr, const ldns_rdf *f, size_t position);
-
-/**
- * sets rd_field member, it will be
- * placed in the next available spot.
- * \param[in] *rr rr to operate on
- * \param[in] *f the data field member to set
- * \return bool
- */
-bool ldns_rr_push_rdf(ldns_rr *rr, const ldns_rdf *f);
-
-/**
- * removes a rd_field member, it will be
- * popped from the last position.
- * \param[in] *rr rr to operate on
- * \return rdf which was popped (null if nothing)
- */
-ldns_rdf* ldns_rr_pop_rdf(ldns_rr *rr);
-
-/**
- * returns the rdata field member counter.
- * \param[in] *rr rr to operate on
- * \param[in] nr the number of the rdf to return
- * \return ldns_rdf *
- */
-ldns_rdf* ldns_rr_rdf(const ldns_rr *rr, size_t nr);
-
-/**
- * returns the owner name of an rr structure.
- * \param[in] *rr rr to operate on
- * \return ldns_rdf *
- */
-ldns_rdf* ldns_rr_owner(const ldns_rr *rr);
-
-/**
- * returns the question flag of an rr structure.
- * \param[in] *rr rr to operate on
- * \return bool true if question
- */
-bool ldns_rr_is_question(const ldns_rr *rr);
-
-/**
- * returns the ttl of an rr structure.
- * \param[in] *rr the rr to read from
- * \return the ttl of the rr
- */
-uint32_t ldns_rr_ttl(const ldns_rr *rr);
-
-/**
- * returns the rd_count of an rr structure.
- * \param[in] *rr the rr to read from
- * \return the rd count of the rr
- */
-size_t ldns_rr_rd_count(const ldns_rr *rr);
-
-/**
- * returns the type of the rr.
- * \param[in] *rr the rr to read from
- * \return the type of the rr
- */
-ldns_rr_type ldns_rr_get_type(const ldns_rr *rr);
-
-/**
- * returns the class of the rr.
- * \param[in] *rr the rr to read from
- * \return the class of the rr
- */
-ldns_rr_class ldns_rr_get_class(const ldns_rr *rr);
-
-/* rr_lists */
-
-/**
- * returns the number of rr's in an rr_list.
- * \param[in] rr_list the rr_list to read from
- * \return the number of rr's
- */
-size_t ldns_rr_list_rr_count(const ldns_rr_list *rr_list);
-
-/**
- * sets the number of rr's in an rr_list.
- * \param[in] rr_list the rr_list to set the count on
- * \param[in] count the number of rr in this list
- * \return void
- */
-void ldns_rr_list_set_rr_count(ldns_rr_list *rr_list, size_t count);
-
-/**
- * set a rr on a specific index in a ldns_rr_list
- * \param[in] rr_list the rr_list to use
- * \param[in] r the rr to set
- * \param[in] count index into the rr_list
- * \return the old rr which was stored in the rr_list, or
- * NULL is the index was too large
- * set a specific rr */
-ldns_rr * ldns_rr_list_set_rr(ldns_rr_list *rr_list, const ldns_rr *r, size_t count);
-
-/**
- * returns a specific rr of an rrlist.
- * \param[in] rr_list the rr_list to read from
- * \param[in] nr return this rr
- * \return the rr at position nr
- */
-ldns_rr* ldns_rr_list_rr(const ldns_rr_list *rr_list, size_t nr);
-
-/**
- * creates a new rr_list structure.
- * \return a new rr_list structure
- */
-ldns_rr_list* ldns_rr_list_new();
-
-/**
- * frees an rr_list structure.
- * \param[in] rr_list the list to free
- */
-void ldns_rr_list_free(ldns_rr_list *rr_list);
-
-/**
- * frees an rr_list structure and all rrs contained therein.
- * \param[in] rr_list the list to free
- */
-void ldns_rr_list_deep_free(ldns_rr_list *rr_list);
-
-/**
- * concatenates two ldns_rr_lists together. This modifies
- * *left (to extend it and add the pointers from *right).
- * \param[in] left the leftside
- * \param[in] right the rightside
- * \return a left with right concatenated to it
- */
-bool ldns_rr_list_cat(ldns_rr_list *left, ldns_rr_list *right);
-
-/**
- * concatenates two ldns_rr_lists together, but makes clones of the rr's
- * (instead of pointer copying).
- * \param[in] left the leftside
- * \param[in] right the rightside
- * \return a new rr_list with leftside/rightside concatenated
- */
-ldns_rr_list* ldns_rr_list_cat_clone(ldns_rr_list *left, ldns_rr_list *right);
-
-/**
- * pushes an rr to an rrlist.
- * \param[in] rr_list the rr_list to push to
- * \param[in] rr the rr to push
- * \return false on error, otherwise true
- */
-bool ldns_rr_list_push_rr(ldns_rr_list *rr_list, const ldns_rr *rr);
-
-/**
- * pushes an rr_list to an rrlist.
- * \param[in] rr_list the rr_list to push to
- * \param[in] push_list the rr_list to push
- * \return false on error, otherwise true
- */
-bool ldns_rr_list_push_rr_list(ldns_rr_list *rr_list, const ldns_rr_list *push_list);
-
-/**
- * pops the last rr from an rrlist.
- * \param[in] rr_list the rr_list to pop from
- * \return NULL if nothing to pop. Otherwise the popped RR
- */
-ldns_rr* ldns_rr_list_pop_rr(ldns_rr_list *rr_list);
-
-/**
- * pops an rr_list of size s from an rrlist.
- * \param[in] rr_list the rr_list to pop from
- * \param[in] size the number of rr's to pop
- * \return NULL if nothing to pop. Otherwise the popped rr_list
- */
-ldns_rr_list* ldns_rr_list_pop_rr_list(ldns_rr_list *rr_list, size_t size);
-
-/**
- * returns true if the given rr is one of the rrs in the
- * list, or if it is equal to one
- * \param[in] rr_list the rr_list to check
- * \param[in] rr the rr to check
- * \return true if rr_list contains rr, false otherwise
- */
-bool ldns_rr_list_contains_rr(const ldns_rr_list *rr_list, ldns_rr *rr);
-
-/**
- * checks if an rr_list is a rrset.
- * \param[in] rr_list the rr_list to check
- * \return true if it is an rrset otherwise false
- */
-bool ldns_is_rrset(ldns_rr_list *rr_list);
-
-/**
- * pushes an rr to an rrset (which really are rr_list's).
- * \param[in] *rr_list the rrset to push the rr to
- * \param[in] *rr the rr to push
- * \return true if the push succeeded otherwise false
- */
-bool ldns_rr_set_push_rr(ldns_rr_list *rr_list, ldns_rr *rr);
-
-/**
- * pops the last rr from an rrset. This function is there only
- * for the symmetry.
- * \param[in] rr_list the rr_list to pop from
- * \return NULL if nothing to pop. Otherwise the popped RR
- *
- */
-ldns_rr* ldns_rr_set_pop_rr(ldns_rr_list *rr_list);
-
-/**
- * pops the first rrset from the list,
- * the list must be sorted, so that all rr's from each rrset
- * are next to each other
- */
-ldns_rr_list *ldns_rr_list_pop_rrset(ldns_rr_list *rr_list);
-
-
-/**
- * retrieves a rrtype by looking up its name.
- * \param[in] name a string with the name
- * \return the type which corresponds with the name
- */
-ldns_rr_type ldns_get_rr_type_by_name(const char *name);
-
-/**
- * retrieves a class by looking up its name.
- * \param[in] name string with the name
- * \return the cass which corresponds with the name
- */
-ldns_rr_class ldns_get_rr_class_by_name(const char *name);
-
-/**
- * clones a rr and all its data
- * \param[in] rr the rr to clone
- * \return the new rr or NULL on failure
- */
-ldns_rr* ldns_rr_clone(const ldns_rr *rr);
-
-/**
- * clones an rrlist.
- * \param[in] rrlist the rrlist to clone
- * \return the cloned rr list
- */
-ldns_rr_list* ldns_rr_list_clone(const ldns_rr_list *rrlist);
-
-/**
- * sorts an rr_list (canonical wire format). the sorting is done inband.
- * \param[in] unsorted the rr_list to be sorted
- * \return void
- */
-void ldns_rr_list_sort(ldns_rr_list *unsorted);
-
-/**
- * compares two rrs. The TTL is not looked at.
- * \param[in] rr1 the first one
- * \param[in] rr2 the second one
- * \return 0 if equal
- * -1 if rr1 comes before rr2
- * +1 if rr2 comes before rr1
- */
-int ldns_rr_compare(const ldns_rr *rr1, const ldns_rr *rr2);
-
-/**
- * compares two rrs, up to the rdata.
- * \param[in] rr1 the first one
- * \param[in] rr2 the second one
- * \return 0 if equal
- * -1 if rr1 comes before rr2
- * +1 if rr2 comes before rr1
- */
-int ldns_rr_compare_no_rdata(const ldns_rr *rr1, const ldns_rr *rr2);
-
-/**
- * compares the wireformat of two rrs, contained in the given buffers.
- * \param[in] rr1_buf the first one
- * \param[in] rr2_buf the second one
- * \return 0 if equal
- * -1 if rr1_buf comes before rr2_buf
- * +1 if rr2_buf comes before rr1_buf
- */
-int ldns_rr_compare_wire(ldns_buffer *rr1_buf, ldns_buffer *rr2_buf);
-
-/**
- * returns true of the given rr's are equal.
- * Also returns true if one record is a DS that represents the
- * same DNSKEY record as the other record
- * \param[in] rr1 the first rr
- * \param[in] rr2 the second rr
- * \return true if equal otherwise false
- */
-bool ldns_rr_compare_ds(const ldns_rr *rr1, const ldns_rr *rr2);
-
-/**
- * compares two rr listss.
- * \param[in] rrl1 the first one
- * \param[in] rrl2 the second one
- * \return 0 if equal
- * -1 if rrl1 comes before rrl2
- * +1 if rrl2 comes before rrl1
- */
-int ldns_rr_list_compare(const ldns_rr_list *rrl1, const ldns_rr_list *rrl2);
-
-/**
- * calculates the uncompressed size of an RR.
- * \param[in] r the rr to operate on
- * \return size of the rr
- */
-size_t ldns_rr_uncompressed_size(const ldns_rr *r);
-
-/**
- * converts each dname in a rr to its canonical form.
- * \param[in] rr the rr to work on
- * \return void
- */
-void ldns_rr2canonical(ldns_rr *rr);
-
-/**
- * converts each dname in each rr in a rr_list to its canonical form.
- * \param[in] rr_list the rr_list to work on
- * \return void
- */
-void ldns_rr_list2canonical(ldns_rr_list *rr_list);
-
-/**
- * counts the number of labels of the ownername.
- * \param[in] rr count the labels of this rr
- * \return the number of labels
- */
-uint8_t ldns_rr_label_count(ldns_rr *rr);
-
-/**
- * returns the resource record descriptor for the given rr type.
- *
- * \param[in] type the type value of the rr type
- *\return the ldns_rr_descriptor for this type
- */
-const ldns_rr_descriptor *ldns_rr_descript(uint16_t type);
-
-/**
- * returns the minimum number of rdata fields of the rr type this descriptor describes.
- *
- * \param[in] descriptor for an rr type
- * \return the minimum number of rdata fields
- */
-size_t ldns_rr_descriptor_minimum(const ldns_rr_descriptor *descriptor);
-
-/**
- * returns the maximum number of rdata fields of the rr type this descriptor describes.
- *
- * \param[in] descriptor for an rr type
- * \return the maximum number of rdata fields
- */
-size_t ldns_rr_descriptor_maximum(const ldns_rr_descriptor *descriptor);
-
-/**
- * returns the rdf type for the given rdata field number of the rr type for the given descriptor.
- *
- * \param[in] descriptor for an rr type
- * \param[in] field the field number
- * \return the rdf type for the field
- */
-ldns_rdf_type ldns_rr_descriptor_field_type(const ldns_rr_descriptor *descriptor, size_t field);
-
-/**
- * Return the rr_list which matches the rdf at position field. Think
- * type-covered stuff for RRSIG
- *
- * \param[in] l the rr_list to look in
- * \param[in] r the rdf to use for the comparison
- * \param[in] pos at which position can we find the rdf
- *
- * \return a new rr list with only the RRs that match
- *
- */
-ldns_rr_list *ldns_rr_list_subtype_by_rdf(ldns_rr_list *l, ldns_rdf *r, size_t pos);
-
-/**
- * convert an rdf of type LDNS_RDF_TYPE_TYPE to an actual
- * LDNS_RR_TYPE. This is usefull in the case when inspecting
- * the rrtype covered field of an RRSIG.
- * \param[in] rd the rdf to look at
- * \return a ldns_rr_type with equivalent LDNS_RR_TYPE
- *
- */
-ldns_rr_type ldns_rdf2rr_type(const ldns_rdf *rd);
-
-/**
- * Returns the type of the first element of the RR
- * If there are no elements present, 0 is returned
- *
- * \param[in] rr_list The rr list
- * \return rr_type of the first element, or 0 if the list is empty
- */
-ldns_rr_type
-ldns_rr_list_type(const ldns_rr_list *rr_list);
-
-/**
- * Returns the owner domain name rdf of the first element of the RR
- * If there are no elements present, NULL is returned
- *
- * \param[in] rr_list The rr list
- * \return dname of the first element, or NULL if the list is empty
- */
-ldns_rdf *
-ldns_rr_list_owner(const ldns_rr_list *rr_list);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* LDNS_RR_H */
+++ /dev/null
-/*
- * rr_functions.h
- *
- * the .h file with defs for the per rr
- * functions
- *
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2005-2006
- *
- * See the file LICENSE for the license
- */
-#ifndef LDNS_RR_FUNCTIONS_H
-#define LDNS_RR_FUNCTIONS_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \file
- *
- * Defines some extra convenience functions for ldns_rr structures
- */
-
-/* A / AAAA */
-/**
- * returns the address of a LDNS_RR_TYPE_A rr
- * \param[in] r the resource record
- * \return a ldns_rdf* with the address or NULL on failure
- */
-ldns_rdf* ldns_rr_a_address(const ldns_rr *r);
-
-/**
- * sets the address of a LDNS_RR_TYPE_A rr
- * \param[in] r the rr to use
- * \param[in] f the address to set
- * \return true on success, false otherwise
- */
-bool ldns_rr_a_set_address(ldns_rr *r, ldns_rdf *f);
-
-/* NS */
-/**
- * returns the name of a LDNS_RR_TYPE_NS rr
- * \param[in] r the resource record
- * \return a ldns_rdf* with the name or NULL on failure
- */
-ldns_rdf* ldns_rr_ns_nsdname(const ldns_rr *r);
-
-/* MX */
-/**
- * returns the mx pref. of a LDNS_RR_TYPE_MX rr
- * \param[in] r the resource record
- * \return a ldns_rdf* with the preference or NULL on failure
- */
-ldns_rdf* ldns_rr_mx_preference(const ldns_rr *r);
-/**
- * returns the mx host of a LDNS_RR_TYPE_MX rr
- * \param[in] r the resource record
- * \return a ldns_rdf* with the name of the MX host or NULL on failure
- */
-ldns_rdf* ldns_rr_mx_exchange(const ldns_rr *r);
-
-/* RRSIG */
-/**
- * returns the type covered of a LDNS_RR_TYPE_RRSIG rr
- * \param[in] r the resource record
- * \return a ldns_rdf* with the type covered or NULL on failure
- */
-ldns_rdf* ldns_rr_rrsig_typecovered(const ldns_rr *r);
-/**
- * sets the typecovered of a LDNS_RR_TYPE_RRSIG rr
- * \param[in] r the rr to use
- * \param[in] f the typecovered to set
- * \return true on success, false otherwise
- */
-bool ldns_rr_rrsig_set_typecovered(ldns_rr *r, ldns_rdf *f);
-/**
- * returns the algorithm of a LDNS_RR_TYPE_RRSIG RR
- * \param[in] r the resource record
- * \return a ldns_rdf* with the algorithm or NULL on failure
- */
-ldns_rdf* ldns_rr_rrsig_algorithm(const ldns_rr *r);
-/**
- * sets the algorithm of a LDNS_RR_TYPE_RRSIG rr
- * \param[in] r the rr to use
- * \param[in] f the algorithm to set
- * \return true on success, false otherwise
- */
-bool ldns_rr_rrsig_set_algorithm(ldns_rr *r, ldns_rdf *f);
-/**
- * returns the number of labels of a LDNS_RR_TYPE_RRSIG RR
- * \param[in] r the resource record
- * \return a ldns_rdf* with the number of labels or NULL on failure
- */
-ldns_rdf *ldns_rr_rrsig_labels(const ldns_rr *r);
-/**
- * sets the number of labels of a LDNS_RR_TYPE_RRSIG rr
- * \param[in] r the rr to use
- * \param[in] f the number of labels to set
- * \return true on success, false otherwise
- */
-bool ldns_rr_rrsig_set_labels(ldns_rr *r, ldns_rdf *f);
-/**
- * returns the original TTL of a LDNS_RR_TYPE_RRSIG RR
- * \param[in] r the resource record
- * \return a ldns_rdf* with the original TTL or NULL on failure
- */
-ldns_rdf* ldns_rr_rrsig_origttl(const ldns_rr *r);
-/**
- * sets the original TTL of a LDNS_RR_TYPE_RRSIG rr
- * \param[in] r the rr to use
- * \param[in] f the original TTL to set
- * \return true on success, false otherwise
- */
-bool ldns_rr_rrsig_set_origttl(ldns_rr *r, ldns_rdf *f);
-/**
- * returns the expiration time of a LDNS_RR_TYPE_RRSIG RR
- * \param[in] r the resource record
- * \return a ldns_rdf* with the expiration time or NULL on failure
- */
-ldns_rdf* ldns_rr_rrsig_expiration(const ldns_rr *r);
-/**
- * sets the expireation date of a LDNS_RR_TYPE_RRSIG rr
- * \param[in] r the rr to use
- * \param[in] f the expireation date to set
- * \return true on success, false otherwise
- */
-bool ldns_rr_rrsig_set_expiration(ldns_rr *r, ldns_rdf *f);
-/**
- * returns the inception time of a LDNS_RR_TYPE_RRSIG RR
- * \param[in] r the resource record
- * \return a ldns_rdf* with the inception time or NULL on failure
- */
-ldns_rdf* ldns_rr_rrsig_inception(const ldns_rr *r);
-/**
- * sets the inception date of a LDNS_RR_TYPE_RRSIG rr
- * \param[in] r the rr to use
- * \param[in] f the inception date to set
- * \return true on success, false otherwise
- */
-bool ldns_rr_rrsig_set_inception(ldns_rr *r, ldns_rdf *f);
-/**
- * returns the keytag of a LDNS_RR_TYPE_RRSIG RR
- * \param[in] r the resource record
- * \return a ldns_rdf* with the keytag or NULL on failure
- */
-ldns_rdf* ldns_rr_rrsig_keytag(const ldns_rr *r);
-/**
- * sets the keytag of a LDNS_RR_TYPE_RRSIG rr
- * \param[in] r the rr to use
- * \param[in] f the keytag to set
- * \return true on success, false otherwise
- */
-bool ldns_rr_rrsig_set_keytag(ldns_rr *r, ldns_rdf *f);
-/**
- * returns the signers name of a LDNS_RR_TYPE_RRSIG RR
- * \param[in] r the resource record
- * \return a ldns_rdf* with the signers name or NULL on failure
- */
-ldns_rdf* ldns_rr_rrsig_signame(const ldns_rr *r);
-/**
- * sets the signers name of a LDNS_RR_TYPE_RRSIG rr
- * \param[in] r the rr to use
- * \param[in] f the signers name to set
- * \return true on success, false otherwise
- */
-bool ldns_rr_rrsig_set_signame(ldns_rr *r, ldns_rdf *f);
-/**
- * returns the signature data of a LDNS_RR_TYPE_RRSIG RR
- * \param[in] r the resource record
- * \return a ldns_rdf* with the signature data or NULL on failure
- */
-ldns_rdf* ldns_rr_rrsig_sig(const ldns_rr *r);
-/**
- * sets the signature data of a LDNS_RR_TYPE_RRSIG rr
- * \param[in] r the rr to use
- * \param[in] f the signature data to set
- * \return true on success, false otherwise
- */
-bool ldns_rr_rrsig_set_sig(ldns_rr *r, ldns_rdf *f);
-
-/* DNSKEY */
-/**
- * returns the flags of a LDNS_RR_TYPE_DNSKEY rr
- * \param[in] r the resource record
- * \return a ldns_rdf* with the flags or NULL on failure
- */
-ldns_rdf* ldns_rr_dnskey_flags(const ldns_rr *r);
-/**
- * sets the flags of a LDNS_RR_TYPE_DNSKEY rr
- * \param[in] r the rr to use
- * \param[in] f the flags to set
- * \return true on success, false otherwise
- */
-bool ldns_rr_dnskey_set_flags(ldns_rr *r, ldns_rdf *f);
-/**
- * returns the protocol of a LDNS_RR_TYPE_DNSKEY rr
- * \param[in] r the resource record
- * \return a ldns_rdf* with the protocol or NULL on failure
- */
-ldns_rdf* ldns_rr_dnskey_protocol(const ldns_rr *r);
-/**
- * sets the protocol of a LDNS_RR_TYPE_DNSKEY rr
- * \param[in] r the rr to use
- * \param[in] f the protocol to set
- * \return true on success, false otherwise
- */
-bool ldns_rr_dnskey_set_protocol(ldns_rr *r, ldns_rdf *f);
-/**
- * returns the algorithm of a LDNS_RR_TYPE_DNSKEY rr
- * \param[in] r the resource record
- * \return a ldns_rdf* with the algorithm or NULL on failure
- */
-ldns_rdf* ldns_rr_dnskey_algorithm(const ldns_rr *r);
-/**
- * sets the algorithm of a LDNS_RR_TYPE_DNSKEY rr
- * \param[in] r the rr to use
- * \param[in] f the algorithm to set
- * \return true on success, false otherwise
- */
-bool ldns_rr_dnskey_set_algorithm(ldns_rr *r, ldns_rdf *f);
-/**
- * returns the key data of a LDNS_RR_TYPE_DNSKEY rr
- * \param[in] r the resource record
- * \return a ldns_rdf* with the key data or NULL on failure
- */
-ldns_rdf* ldns_rr_dnskey_key(const ldns_rr *r);
-/**
- * sets the key data of a LDNS_RR_TYPE_DNSKEY rr
- * \param[in] r the rr to use
- * \param[in] f the key data to set
- * \return true on success, false otherwise
- */
-bool ldns_rr_dnskey_set_key(ldns_rr *r, ldns_rdf *f);
-
-/**
- * get the length of the keydata in bits
- * \param[in] keydata the raw key data
- * \param[in] len the length of the keydata
- * \param[in] alg the cryptographic algorithm this is a key for
- * \return the keysize in bits, or 0 on error
- */
-size_t ldns_rr_dnskey_key_size_raw(const unsigned char *keydata,
- const size_t len,
- const ldns_algorithm alg);
-
-/**
- * get the length of the keydata in bits
- * \param[in] key the key rr to use
- * \return the keysize in bits
- */
-size_t ldns_rr_dnskey_key_size(const ldns_rr *key);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* LDNS_RR_FUNCTIONS_H */
+++ /dev/null
-#ifndef LDNS_SHA1_H
-#define LDNS_SHA1_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define LDNS_SHA1_BLOCK_LENGTH 64
-#define LDNS_SHA1_DIGEST_LENGTH 20
-
-typedef struct {
- uint32_t state[5];
- uint64_t count;
- unsigned char buffer[LDNS_SHA1_BLOCK_LENGTH];
-} ldns_sha1_ctx;
-
-void ldns_sha1_init(ldns_sha1_ctx * context);
-void ldns_sha1_transform(uint32_t state[5], const unsigned char buffer[LDNS_SHA1_BLOCK_LENGTH]);
-void ldns_sha1_update(ldns_sha1_ctx *context, const unsigned char *data, unsigned int len);
-void ldns_sha1_final(unsigned char digest[LDNS_SHA1_DIGEST_LENGTH], ldns_sha1_ctx *context);
-
-/**
- * Convenience function to digest a fixed block of data at once.
- *
- * \param[in] data the data to digest
- * \param[in] data_len the length of data in bytes
- * \param[out] digest the length of data in bytes
- * This pointer MUST have LDNS_SHA1_DIGEST_LENGTH bytes
- * available
- * \return the SHA1 digest of the given data
- */
-unsigned char *ldns_sha1(unsigned char *data, unsigned int data_len, unsigned char *digest);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* LDNS_SHA1_H */
+++ /dev/null
-/*
- * FILE: sha2.h
- * AUTHOR: Aaron D. Gifford - http://www.aarongifford.com/
- *
- * Copyright (c) 2000-2001, Aaron D. Gifford
- * All rights reserved.
- *
- * Modified by Jelte Jansen to fit in ldns, and not clash with any
- * system-defined SHA code.
- * Changes:
- * - Renamed (external) functions and constants to fit ldns style
- * - Removed uintXX vs. u_intXX smartness, since ldns needs uintXX
- * anyway
- * - BYTE ORDER check replaced by simple ifdef as defined or not by
- * configure.ac
- * - Removed _End and _Data functions
- * - Added ldns_shaX(data, len, digest) functions
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the copyright holder nor the names of contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTOR(S) ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTOR(S) BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * $Id: sha2.h,v 1.1 2001/11/08 00:02:01 adg Exp adg $
- */
-
-#ifndef __LDNS_SHA2_H__
-#define __LDNS_SHA2_H__
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-
-/*
- * Import u_intXX_t size_t type definitions from system headers. You
- * may need to change this, or define these things yourself in this
- * file.
- *
- * (include ldns/config.h so HAVE_INTTYPES is defined (or not, depending
- * on the system))
- */
-#include <sys/types.h>
-
-#ifdef HAVE_INTTYPES_H
-
-#include <inttypes.h>
-
-#endif /* HAVE_INTTYPES_H */
-
-
-/*** SHA-256/384/512 Various Length Definitions ***********************/
-#define LDNS_SHA256_BLOCK_LENGTH 64
-#define LDNS_SHA256_DIGEST_LENGTH 32
-#define LDNS_SHA256_DIGEST_STRING_LENGTH (LDNS_SHA256_DIGEST_LENGTH * 2 + 1)
-#define LDNS_SHA384_BLOCK_LENGTH 128
-#define LDNS_SHA384_DIGEST_LENGTH 48
-#define LDNS_SHA384_DIGEST_STRING_LENGTH (LDNS_SHA384_DIGEST_LENGTH * 2 + 1)
-#define LDNS_SHA512_BLOCK_LENGTH 128
-#define LDNS_SHA512_DIGEST_LENGTH 64
-#define LDNS_SHA512_DIGEST_STRING_LENGTH (LDNS_SHA512_DIGEST_LENGTH * 2 + 1)
-
-
-/*** SHA-256/384/512 Context Structures *******************************/
-
-typedef struct _ldns_sha256_CTX {
- uint32_t state[8];
- uint64_t bitcount;
- uint8_t buffer[LDNS_SHA256_BLOCK_LENGTH];
-} ldns_sha256_CTX;
-typedef struct _ldns_sha512_CTX {
- uint64_t state[8];
- uint64_t bitcount[2];
- uint8_t buffer[LDNS_SHA512_BLOCK_LENGTH];
-} ldns_sha512_CTX;
-
-typedef ldns_sha512_CTX ldns_sha384_CTX;
-
-
-/*** SHA-256/384/512 Function Prototypes ******************************/
-void ldns_sha256_init(ldns_sha256_CTX *);
-void ldns_sha256_update(ldns_sha256_CTX*, const uint8_t*, size_t);
-void ldns_sha256_final(uint8_t[LDNS_SHA256_DIGEST_LENGTH], ldns_sha256_CTX*);
-
-void ldns_sha384_init(ldns_sha384_CTX*);
-void ldns_sha384_update(ldns_sha384_CTX*, const uint8_t*, size_t);
-void ldns_sha384_final(uint8_t[LDNS_SHA384_DIGEST_LENGTH], ldns_sha384_CTX*);
-
-void ldns_sha512_init(ldns_sha512_CTX*);
-void ldns_sha512_update(ldns_sha512_CTX*, const uint8_t*, size_t);
-void ldns_sha512_final(uint8_t[LDNS_SHA512_DIGEST_LENGTH], ldns_sha512_CTX*);
-
-/**
- * Convenience function to digest a fixed block of data at once.
- *
- * \param[in] data the data to digest
- * \param[in] data_len the length of data in bytes
- * \param[out] digest the length of data in bytes
- * This pointer MUST have LDNS_SHA256_DIGEST_LENGTH bytes
- * available
- * \return the SHA1 digest of the given data
- */
-unsigned char *ldns_sha256(unsigned char *data, unsigned int data_len, unsigned char *digest);
-
-/**
- * Convenience function to digest a fixed block of data at once.
- *
- * \param[in] data the data to digest
- * \param[in] data_len the length of data in bytes
- * \param[out] digest the length of data in bytes
- * This pointer MUST have LDNS_SHA384_DIGEST_LENGTH bytes
- * available
- * \return the SHA1 digest of the given data
- */
-unsigned char *ldns_sha384(unsigned char *data, unsigned int data_len, unsigned char *digest);
-
-/**
- * Convenience function to digest a fixed block of data at once.
- *
- * \param[in] data the data to digest
- * \param[in] data_len the length of data in bytes
- * \param[out] digest the length of data in bytes
- * This pointer MUST have LDNS_SHA512_DIGEST_LENGTH bytes
- * available
- * \return the SHA1 digest of the given data
- */
-unsigned char *ldns_sha512(unsigned char *data, unsigned int data_len, unsigned char *digest);
-
-#ifdef __cplusplus
-}
-#endif /* __cplusplus */
-
-#endif /* __LDNS_SHA2_H__ */
+++ /dev/null
-/**
- * str2host.h - conversion from str to the host fmt
- *
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2005-2006
- *
- * See the file LICENSE for the license
- */
-
-#ifndef LDNS_2HOST_H
-#define LDNS_2HOST_H
-
-#include <ldns/common.h>
-#include <ldns/error.h>
-#include <ldns/rr.h>
-#include <ldns/rdata.h>
-#include <ldns/packet.h>
-#include <ldns/buffer.h>
-#include <ctype.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \file
- *
- * Defines functions to convert dns data in presentation format or text files
- * to internal structures.
- */
-
-/**
- * convert a byte into wireformat
- * \param[in] rd the rdf where to put the data
- * \param[in] bytestr the string to be converted
- * \return ldns_status
- */
-ldns_status ldns_str2rdf_int8(ldns_rdf **rd, const char *bytestr);
-
-/**
- * convert a string to a int16 in wireformat
- * \param[in] rd the rdf where to put the data
- * \param[in] shortstr the string to be converted
- * \return ldns_status
- */
-ldns_status ldns_str2rdf_int16(ldns_rdf **rd, const char *shortstr);
-
-/**
- * convert a strings into a 4 byte int in wireformat
- * \param[in] rd the rdf where to put the data
- * \param[in] longstr the string to be converted
- * \return ldns_status
- */
-ldns_status ldns_str2rdf_int32(ldns_rdf **rd, const char *longstr);
-
-/**
- * convert a time string to a time value in wireformat
- * \param[in] rd the rdf where to put the data
- * \param[in] time the string to be converted
- * \return ldns_status
- */
-ldns_status ldns_str2rdf_time(ldns_rdf **rd, const char *time);
-
-/* convert string with NSEC3 salt to wireformat)
- * \param[in] rd the rdf where to put the data
- * \param[in] str the string to be converted
- * return ldns_status
- */
-ldns_status ldns_str2rdf_nsec3_salt(ldns_rdf **rd, const char *nsec3_salt);
-
-/* convert a time period (think TTL's) to wireformat)
- * \param[in] rd the rdf where to put the data
- * \param[in] str the string to be converted
- * return ldns_status
- */
-ldns_status ldns_str2rdf_period(ldns_rdf **rd, const char *str);
-
-/**
- * convert str with an A record into wireformat
- * \param[in] rd the rdf where to put the data
- * \param[in] str the string to be converted
- * \return ldns_status
- */
-ldns_status ldns_str2rdf_a(ldns_rdf **rd, const char *str);
-
-/**
- * convert the str with an AAAA record into wireformat
- * \param[in] rd the rdf where to put the data
- * \param[in] str the string to be converted
- * \return ldns_status
- */
-ldns_status ldns_str2rdf_aaaa(ldns_rdf **rd, const char *str);
-
-/**
- * convert a string into wireformat (think txt record)
- * \param[in] rd the rdf where to put the data
- * \param[in] str the string to be converted (NULL terminated)
- * \return ldns_status
- */
-ldns_status ldns_str2rdf_str(ldns_rdf **rd, const char *str);
-
-/**
- * convert str with the apl record into wireformat
- * \param[in] rd the rdf where to put the data
- * \param[in] str the string to be converted
- * \return ldns_status
- */
-ldns_status ldns_str2rdf_apl(ldns_rdf **rd, const char *str);
-
-/**
- * convert the string with the b64 data into wireformat
- * \param[in] rd the rdf where to put the data
- * \param[in] str the string to be converted
- * \return ldns_status
- */
-ldns_status ldns_str2rdf_b64(ldns_rdf **rd, const char *str);
-
-/**
- * convert the string with the b32 ext hex data into wireformat
- * \param[in] rd the rdf where to put the data
- * \param[in] str the string to be converted
- * \return ldns_status
- */
-ldns_status ldns_str2rdf_b32_ext(ldns_rdf **rd, const char *str);
-
-/**
- * convert a hex value into wireformat
- * \param[in] rd the rdf where to put the data
- * \param[in] str the string to be converted
- * \return ldns_status
- */
-ldns_status ldns_str2rdf_hex(ldns_rdf **rd, const char *str);
-
-/**
- * convert string with nsec into wireformat
- * \param[in] rd the rdf where to put the data
- * \param[in] str the string to be converted
- * \return ldns_status
- */
-ldns_status ldns_str2rdf_nsec(ldns_rdf **rd, const char *str);
-
-/**
- * convert a rrtype into wireformat
- * \param[in] rd the rdf where to put the data
- * \param[in] str the string to be converted
- * \return ldns_status
- */
-ldns_status ldns_str2rdf_type(ldns_rdf **rd, const char *str);
-
-/**
- * convert string with a classname into wireformat
- * \param[in] rd the rdf where to put the data
- * \param[in] str the string to be converted
- * \return ldns_status
- */
-ldns_status ldns_str2rdf_class(ldns_rdf **rd, const char *str);
-
-/**
- * convert an certificate algorithm value into wireformat
- * \param[in] rd the rdf where to put the data
- * \param[in] str the string to be converted
- * \return ldns_status
- */
-ldns_status ldns_str2rdf_cert_alg(ldns_rdf **rd, const char *str);
-
-/**
- * convert and algorithm value into wireformat
- * \param[in] rd the rdf where to put the data
- * \param[in] str the string to be converted
- * \return ldns_status
- */
-ldns_status ldns_str2rdf_alg(ldns_rdf **rd, const char *str);
-
-/**
- * convert a string with a unknown RR into wireformat
- * \param[in] rd the rdf where to put the data
- * \param[in] str the string to be converted
- * \return ldns_status
- */
-ldns_status ldns_str2rdf_unknown(ldns_rdf **rd, const char *str);
-
-/**
- * convert string with a tsig? RR into wireformat
- * \param[in] rd the rdf where to put the data
- * \param[in] str the string to be converted
- * \return ldns_status
- */
-ldns_status ldns_str2rdf_tsig(ldns_rdf **rd, const char *str);
-
-/**
- * convert string with a protocol service into wireformat
- * \param[in] rd the rdf where to put the data
- * \param[in] str the string to be converted
- * \return ldns_status
- */
-ldns_status ldns_str2rdf_service(ldns_rdf **rd, const char *str);
-
-/**
- * convert a string with a LOC RR into wireformat
- * \param[in] rd the rdf where to put the data
- * \param[in] str the string to be converted
- * \return ldns_status
- */
-ldns_status ldns_str2rdf_loc(ldns_rdf **rd, const char *str);
-
-/**
- * convert string with a WKS RR into wireformat
- * \param[in] rd the rdf where to put the data
- * \param[in] str the string to be converted
- * \return ldns_status
- */
-ldns_status ldns_str2rdf_wks(ldns_rdf **rd, const char *str);
-
-/**
- * convert a str with a NSAP RR into wireformat
- * \param[in] rd the rdf where to put the data
- * \param[in] str the string to be converted
- * \return ldns_status
- */
-ldns_status ldns_str2rdf_nsap(ldns_rdf **rd, const char *str);
-
-/**
- * convert a str with a ATMA RR into wireformat
- * \param[in] rd the rdf where to put the data
- * \param[in] str the string to be converted
- * \return ldns_status
- */
-ldns_status ldns_str2rdf_atma(ldns_rdf **rd, const char *str);
-
-/**
- * convert a str with a IPSECKEY RR into wireformat
- * \param[in] rd the rdf where to put the data
- * \param[in] str the string to be converted
- * \return ldns_status
- */
-ldns_status ldns_str2rdf_ipseckey(ldns_rdf **rd, const char *str);
-
-/**
- * convert a dname string into wireformat
- * \param[in] rd the rdf where to put the data
- * \param[in] str the string to be converted
- * \return ldns_status
- */
-ldns_status ldns_str2rdf_dname(ldns_rdf **rd, const char *str);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* LDNS_2HOST_H */
+++ /dev/null
-/*
- * tsig.h -- defines for TSIG [RFC2845]
- *
- * Copyright (c) 2005-2008, NLnet Labs. All rights reserved.
- *
- * See LICENSE for the license.
- */
-
-#ifndef LDNS_TSIG_H
-#define LDNS_TSIG_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \file
- *
- * Defines functions for TSIG usage
- */
-
-
-/**
- * Contains credentials for TSIG
-*/
-typedef struct ldns_tsig_credentials_struct
-{
- char *algorithm;
- char *keyname;
- char *keydata;
- /* XXX More eventually. */
-} ldns_tsig_credentials;
-
-char *ldns_tsig_algorithm(ldns_tsig_credentials *);
-char *ldns_tsig_keyname(ldns_tsig_credentials *);
-char *ldns_tsig_keydata(ldns_tsig_credentials *);
-char *ldns_tsig_keyname_clone(ldns_tsig_credentials *);
-char *ldns_tsig_keydata_clone(ldns_tsig_credentials *);
-
-/**
- * verifies the tsig rr for the given packet and key.
- * The wire must be given too because tsig does not sign normalized packets.
- * \param[in] pkt the packet to verify
- * \param[in] wire needed to verify the mac
- * \param[in] wire_size size of wire
- * \param[in] key_name the name of the shared key
- * \param[in] key_data the key in base 64 format
- * \param[in] mac original mac
- * \return true if tsig is correct, false if not, or if tsig is not set
- */
-bool ldns_pkt_tsig_verify(ldns_pkt *pkt, uint8_t *wire, size_t wire_size, const char *key_name, const char *key_data, ldns_rdf *mac);
-
-/**
- * verifies the tsig rr for the given packet and key.
- * The wire must be given too because tsig does not sign normalized packets.
- * \param[in] pkt the packet to verify
- * \param[in] wire needed to verify the mac
- * \param[in] wire_size size of wire
- * \param[in] key_name the name of the shared key
- * \param[in] key_data the key in base 64 format
- * \param[in] mac original mac
- * \param[in] tsig_timers_only must be zero for the first packet and positive for subsequent packets. If zero, all digest
- components are used to verify the _mac. If non-zero, only the TSIG timers are used to verify the mac.
- * \return true if tsig is correct, false if not, or if tsig is not set
- */
-bool ldns_pkt_tsig_verify_next(ldns_pkt *pkt, uint8_t *wire, size_t wire_size, const char *key_name, const char *key_data, ldns_rdf *mac,
- int tsig_timers_only);
-
-/**
- * creates a tsig rr for the given packet and key.
- * \param[in] pkt the packet to sign
- * \param[in] key_name the name of the shared key
- * \param[in] key_data the key in base 64 format
- * \param[in] fudge seconds of error permitted in time signed
- * \param[in] algorithm_name the name of the algorithm used
- * \param[in] query_mac is added to the digest if not NULL (so NULL is for signing queries, not NULL is for signing answers)
- * \return status (OK if success)
- */
-ldns_status ldns_pkt_tsig_sign(ldns_pkt *pkt, const char *key_name, const char *key_data, uint16_t fudge,
- const char *algorithm_name, ldns_rdf *query_mac);
-
-/**
- * creates a tsig rr for the given packet and key.
- * \param[in] pkt the packet to sign
- * \param[in] key_name the name of the shared key
- * \param[in] key_data the key in base 64 format
- * \param[in] fudge seconds of error permitted in time signed
- * \param[in] algorithm_name the name of the algorithm used
- * \param[in] query_mac is added to the digest if not NULL (so NULL is for signing queries, not NULL is for signing answers)
- * \param[in] tsig_timers_only must be zero for the first packet and positive for subsequent packets. If zero, all digest
- components are used to create the query_mac. If non-zero, only the TSIG timers are used to create the query_mac.
- * \return status (OK if success)
- */
-ldns_status ldns_pkt_tsig_sign_next(ldns_pkt *pkt, const char *key_name, const char *key_data, uint16_t fudge,
- const char *algorithm_name, ldns_rdf *query_mac, int tsig_timers_only);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* LDNS_TSIG_H */
+++ /dev/null
-/*
- * update.h
- *
- * Functions for RFC 2136 Dynamic Update
- *
- * Copyright (c) 2005-2008, NLnet Labs. All rights reserved.
- *
- * See LICENSE for the license.
- */
-
-/**
- * \file
- *
- * Defines functions to perform UPDATE queries
- */
-
-
-#ifndef LDNS_UPDATE_H
-#define LDNS_UPDATE_H
-
-#include <ldns/resolver.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * create an update packet from zone name, class and the rr lists
- * \param[in] zone_rdf name of the zone
- * \param[in] clas zone class
- * \param[in] pr_rrlist list of Prerequisite Section RRs
- * \param[in] up_rrlist list of Updates Section RRs
- * \param[in] ad_rrlist list of Additional Data Section RRs (currently unused)
- * \return the new packet
- */
-ldns_pkt *ldns_update_pkt_new(ldns_rdf *zone_rdf, ldns_rr_class clas, ldns_rr_list *pr_rrlist, ldns_rr_list *up_rrlist, ldns_rr_list *ad_rrlist);
-
-/**
- * add tsig credentials to
- * a packet from a resolver
- * \param[in] p packet to copy to
- * \param[in] r resolver to copy from
- *
- * \return status wether successfull or not
- */
-ldns_status ldns_update_pkt_tsig_add(ldns_pkt *p, ldns_resolver *r);
-
-/* access functions */
-
-/**
- * Get the zo count
- * \param[in] p the packet
- * \return the zo count
- */
-uint16_t ldns_update_zocount(const ldns_pkt *p);
-/**
- * Get the zo count
- * \param[in] p the packet
- * \return the pr count
- */
-uint16_t ldns_update_prcount(const ldns_pkt *p);
-/**
- * Get the zo count
- * \param[in] p the packet
- * \return the up count
- */
-uint16_t ldns_update_upcount(const ldns_pkt *p);
-/**
- * Get the zo count
- * \param[in] p the packet
- * \return the ad count
- */
-uint16_t ldns_update_ad(const ldns_pkt *p);
-/**
- * Set the zo count
- * \param[in] p the packet
- * \param[in] c the zo count to set
- */
-void ldns_update_set_zo(ldns_pkt *p, uint16_t c);
-/**
- * Set the pr count
- * \param[in] p the packet
- * \param[in] c the pr count to set
- */
-void ldns_update_set_prcount(ldns_pkt *p, uint16_t c);
-/**
- * Set the up count
- * \param[in] p the packet
- * \param[in] c the up count to set
- */
-void ldns_update_set_upcount(ldns_pkt *p, uint16_t c);
-/**
- * Set the ad count
- * \param[in] p the packet
- * \param[in] c the ad count to set
- */
-void ldns_update_set_adcount(ldns_pkt *p, uint16_t c);
-
-/* soa functions that need to be configured */
-/*
- * Not sure if we want to keep these like this, therefore
- * not documented
- */
-ldns_status ldns_update_soa_mname(ldns_rdf *zone, ldns_resolver *r, ldns_rr_class c, ldns_rdf **mname);
-/*
- * Not sure if we want to keep these like this, therefore
- * not documented
- */
-ldns_status ldns_update_soa_zone_mname(const char *fqdn, ldns_resolver *r, ldns_rr_class c, ldns_rdf **zone_rdf, ldns_rdf **mname_rdf);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* LDNS_UPDATE_H */
+++ /dev/null
-/*
- * util.h
- *
- * helper function header file
- *
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2004
- *
- * See the file LICENSE for the license
- */
-
-#ifndef _UTIL_H
-#define _UTIL_H
-
-@include_inttypes_h@
-@include_systypes_h@
-@include_unistd_h@
-#include <ldns/common.h>
-#include <time.h>
-#include <stdio.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define dprintf(X,Y) fprintf(stderr, (X), (Y))
-/* #define dprintf(X, Y) */
-
-#define LDNS_VERSION "@PACKAGE_VERSION@"
-#define LDNS_REVISION ((@LDNS_VERSION_MAJOR@<<16)|(@LDNS_VERSION_MINOR@<<8)|(@LDNS_VERSION_MICRO@))
-
-/**
- * splint static inline workaround
- */
-#ifdef S_SPLINT_S
-# define INLINE
-#else
-# ifdef SWIG
-# define INLINE static
-# else
-# define INLINE static inline
-# endif
-#endif
-
-/**
- * Memory management macros
- */
-#define LDNS_MALLOC(type) LDNS_XMALLOC(type, 1)
-
-#define LDNS_XMALLOC(type, count) ((type *) malloc((count) * sizeof(type)))
-
-#define LDNS_REALLOC(ptr, type) LDNS_XREALLOC((ptr), type, 1)
-
-#define LDNS_XREALLOC(ptr, type, count) \
- ((type *) realloc((ptr), (count) * sizeof(type)))
-
-#define LDNS_FREE(ptr) \
- do { free((ptr)); (ptr) = NULL; } while (0)
-
-#define LDNS_DEP printf("DEPRECATED FUNCTION!\n");
-
-/*
- * Copy data allowing for unaligned accesses in network byte order
- * (big endian).
- */
-INLINE uint16_t
-ldns_read_uint16(const void *src)
-{
-#ifdef ALLOW_UNALIGNED_ACCESSES
- return ntohs(*(uint16_t *) src);
-#else
- uint8_t *p = (uint8_t *) src;
- return ((uint16_t) p[0] << 8) | (uint16_t) p[1];
-#endif
-}
-
-INLINE uint32_t
-ldns_read_uint32(const void *src)
-{
-#ifdef ALLOW_UNALIGNED_ACCESSES
- return ntohl(*(uint32_t *) src);
-#else
- uint8_t *p = (uint8_t *) src;
- return ( ((uint32_t) p[0] << 24)
- | ((uint32_t) p[1] << 16)
- | ((uint32_t) p[2] << 8)
- | (uint32_t) p[3]);
-#endif
-}
-
-/*
- * Copy data allowing for unaligned accesses in network byte order
- * (big endian).
- */
-INLINE void
-ldns_write_uint16(void *dst, uint16_t data)
-{
-#ifdef ALLOW_UNALIGNED_ACCESSES
- * (uint16_t *) dst = htons(data);
-#else
- uint8_t *p = (uint8_t *) dst;
- p[0] = (uint8_t) ((data >> 8) & 0xff);
- p[1] = (uint8_t) (data & 0xff);
-#endif
-}
-
-INLINE void
-ldns_write_uint32(void *dst, uint32_t data)
-{
-#ifdef ALLOW_UNALIGNED_ACCESSES
- * (uint32_t *) dst = htonl(data);
-#else
- uint8_t *p = (uint8_t *) dst;
- p[0] = (uint8_t) ((data >> 24) & 0xff);
- p[1] = (uint8_t) ((data >> 16) & 0xff);
- p[2] = (uint8_t) ((data >> 8) & 0xff);
- p[3] = (uint8_t) (data & 0xff);
-#endif
-}
-
-/* warning. */
-INLINE void
-ldns_write_uint64_as_uint48(void *dst, uint64_t data)
-{
- uint8_t *p = (uint8_t *) dst;
- p[0] = (uint8_t) ((data >> 40) & 0xff);
- p[1] = (uint8_t) ((data >> 32) & 0xff);
- p[2] = (uint8_t) ((data >> 24) & 0xff);
- p[3] = (uint8_t) ((data >> 16) & 0xff);
- p[4] = (uint8_t) ((data >> 8) & 0xff);
- p[5] = (uint8_t) (data & 0xff);
-}
-
-
-/**
- * Structure to do a Schwartzian-like transformation, for instance when
- * sorting. If you need a transformation on the objects that are sorted,
- * you can sue this to store the transformed values, so you do not
- * need to do the transformation again for each comparison
- */
-struct ldns_schwartzian_compare_struct {
- void *original_object;
- void *transformed_object;
-};
-
-/** A general purpose lookup table
- *
- * Lookup tables are arrays of (id, name) pairs,
- * So you can for instance lookup the RCODE 3, which is "NXDOMAIN",
- * and vice versa. The lookup tables themselves are defined wherever needed,
- * for instance in \ref host2str.c
- */
-struct ldns_struct_lookup_table {
- int id;
- const char *name;
-};
-typedef struct ldns_struct_lookup_table ldns_lookup_table;
-
-/**
- * Looks up the table entry by name, returns NULL if not found.
- * \param[in] table the lookup table to search in
- * \param[in] name what to search for
- * \return the item found
- */
-ldns_lookup_table *ldns_lookup_by_name(ldns_lookup_table table[],
- const char *name);
-
-/**
- * Looks up the table entry by id, returns NULL if not found.
- * \param[in] table the lookup table to search in
- * \param[in] id what to search for
- * \return the item found
- */
-ldns_lookup_table *ldns_lookup_by_id(ldns_lookup_table table[], int id);
-
-/**
- * Returns the value of the specified bit
- * The bits are counted from left to right, so bit #0 is the
- * left most bit.
- * \param[in] bits array holding the bits
- * \param[in] index to the wanted bit
- * \return
- */
-int ldns_get_bit(uint8_t bits[], size_t index);
-
-
-/**
- * Returns the value of the specified bit
- * The bits are counted from right to left, so bit #0 is the
- * right most bit.
- * \param[in] bits array holding the bits
- * \param[in] index to the wanted bit
- * \return 1 or 0 depending no the bit state
- */
-int ldns_get_bit_r(uint8_t bits[], size_t index);
-
-/**
- * sets the specified bit in the specified byte to
- * 1 if value is true, 0 if false
- * The bits are counted from right to left, so bit #0 is the
- * right most bit.
- * \param[in] byte the bit to set the bit in
- * \param[in] bit_nr the bit to set (0 <= n <= 7)
- * \param[in] value whether to set the bit to 1 or 0
- * \return 1 or 0 depending no the bit state
- */
-void ldns_set_bit(uint8_t *byte, int bit_nr, bool value);
-
-/**
- * Returns the value of a to the power of b
- * (or 1 of b < 1)
- */
-/*@unused@*/
-INLINE long
-ldns_power(long a, long b) {
- long result = 1;
- while (b > 0) {
- if (b & 1) {
- result *= a;
- if (b == 1) {
- return result;
- }
- }
- a *= a;
- b /= 2;
- }
- return result;
-}
-
-/**
- * Returns the int value of the given (hex) digit
- * \param[in] ch the hex char to convert
- * \return the converted decimal value
- */
-int ldns_hexdigit_to_int(char ch);
-
-/**
- * Returns the char (hex) representation of the given int
- * \param[in] ch the int to convert
- * \return the converted hex char
- */
-char ldns_int_to_hexdigit(int ch);
-
-/**
- * Converts a hex string to binary data
- *
- * \param[out] data The binary result is placed here.
- * At least strlen(str)/2 bytes should be allocated
- * \param[in] str The hex string to convert.
- * This string should not contain spaces
- * \return The number of bytes of converted data, or -1 if one of the arguments * is NULL, or -2 if the string length is not an even number
- */
-int
-ldns_hexstring_to_data(uint8_t *data, const char *str);
-
-/**
- * Show the internal library version
- * \return a string with the version in it
- */
-const char * ldns_version(void);
-
-/**
- * Convert TM to seconds since epoch (midnight, January 1st, 1970).
- * Like timegm(3), which is not always available.
- * \param[in] tm a struct tm* with the date
- * \return the seconds since epoch
- */
-time_t mktime_from_utc(const struct tm *tm);
-
-/**
- * Seed the random function.
- * If the file descriptor is specified, the random generator is seeded with
- * data from that file. If not, /dev/urandom is used.
- *
- * applications should call this if they need entropy data within ldns
- * If openSSL is available, it is automatically seeded from /dev/urandom
- * or /dev/random.
- *
- * If you need more entropy, or have no openssl available, this function
- * MUST be called at the start of the program
- *
- * If openssl *is* available, this function just adds more entropy
- *
- * \param[in] fd a file providing entropy data for the seed
- * \param[in] size the number of bytes to use as entropy data. If this is 0,
- * only the minimal amount is taken (usually 4 bytes)
- * \return 0 if seeding succeeds, 1 if it fails
- */
-int ldns_init_random(FILE *fd, unsigned int size);
-
-/**
- * Get random number.
- * \return random number.
- *
- */
-uint16_t ldns_get_random(void);
-
-/**
- * Encode data as BubbleBabble
- *
- * \param[in] data a pointer to data to be encoded
- * \param[in] len size the number of bytes of data
- * \return a string of BubbleBabble
- */
-char *ldns_bubblebabble(uint8_t *data, size_t len);
-
-#ifndef B32_NTOP
-int ldns_b32_ntop(uint8_t const *src, size_t srclength,
- char *target, size_t targsize);
-int b32_ntop(uint8_t const *src, size_t srclength,
- char *target, size_t targsize);
-int ldns_b32_ntop_extended_hex(uint8_t const *src, size_t srclength,
- char *target, size_t targsize);
-int b32_ntop_extended_hex(uint8_t const *src, size_t srclength,
- char *target, size_t targsize);
-/**
- * calculates the size needed to store the result of b32_ntop
- */
-/*@unused@*/
-INLINE size_t ldns_b32_ntop_calculate_size(size_t srcsize)
-{
- size_t result = ((((srcsize / 5) * 8) - 2) + 2);
- return result;
-}
-#endif /* !B32_NTOP */
-#ifndef B32_PTON
-int ldns_b32_pton(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize);
-int b32_pton(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize);
-int ldns_b32_pton_extended_hex(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize);
-int b32_pton_extended_hex(char const *src, size_t hashed_owner_str_len, uint8_t *target, size_t targsize);
-/**
- * calculates the size needed to store the result of b32_pton
- */
-/*@unused@*/
-INLINE size_t ldns_b32_pton_calculate_size(size_t srcsize)
-{
- size_t result = ((((srcsize) / 8) * 5));
- return result;
-}
-#endif /* !B32_PTON */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* !_UTIL_H */
+++ /dev/null
-/*
- * wire2host.h - from wire conversion routines
- *
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2005-2006
- *
- * See the file LICENSE for the license
- */
-
-/**
- * \file
- *
- * Contains functions that translate dns data from the wire format (as sent
- * by servers and clients) to the internal structures.
- */
-
-#ifndef LDNS_WIRE2HOST_H
-#define LDNS_WIRE2HOST_H
-
-#include <ldns/rdata.h>
-#include <ldns/common.h>
-#include <ldns/error.h>
-#include <ldns/rr.h>
-#include <ldns/packet.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* The length of the header */
-#define LDNS_HEADER_SIZE 12
-
-/* First octet of flags */
-#define LDNS_RD_MASK 0x01U
-#define LDNS_RD_SHIFT 0
-#define LDNS_RD_WIRE(wirebuf) (*(wirebuf+2) & LDNS_RD_MASK)
-#define LDNS_RD_SET(wirebuf) (*(wirebuf+2) |= LDNS_RD_MASK)
-#define LDNS_RD_CLR(wirebuf) (*(wirebuf+2) &= ~LDNS_RD_MASK)
-
-#define LDNS_TC_MASK 0x02U
-#define LDNS_TC_SHIFT 1
-#define LDNS_TC_WIRE(wirebuf) (*(wirebuf+2) & LDNS_TC_MASK)
-#define LDNS_TC_SET(wirebuf) (*(wirebuf+2) |= LDNS_TC_MASK)
-#define LDNS_TC_CLR(wirebuf) (*(wirebuf+2) &= ~LDNS_TC_MASK)
-
-#define LDNS_AA_MASK 0x04U
-#define LDNS_AA_SHIFT 2
-#define LDNS_AA_WIRE(wirebuf) (*(wirebuf+2) & LDNS_AA_MASK)
-#define LDNS_AA_SET(wirebuf) (*(wirebuf+2) |= LDNS_AA_MASK)
-#define LDNS_AA_CLR(wirebuf) (*(wirebuf+2) &= ~LDNS_AA_MASK)
-
-#define LDNS_OPCODE_MASK 0x78U
-#define LDNS_OPCODE_SHIFT 3
-#define LDNS_OPCODE_WIRE(wirebuf) ((*(wirebuf+2) & LDNS_OPCODE_MASK) >> LDNS_OPCODE_SHIFT)
-#define LDNS_OPCODE_SET(wirebuf, opcode) \
- (*(wirebuf+2) = ((*(wirebuf+2)) & ~LDNS_OPCODE_MASK) | ((opcode) << LDNS_OPCODE_SHIFT))
-
-#define LDNS_QR_MASK 0x80U
-#define LDNS_QR_SHIFT 7
-#define LDNS_QR_WIRE(wirebuf) (*(wirebuf+2) & LDNS_QR_MASK)
-#define LDNS_QR_SET(wirebuf) (*(wirebuf+2) |= LDNS_QR_MASK)
-#define LDNS_QR_CLR(wirebuf) (*(wirebuf+2) &= ~LDNS_QR_MASK)
-
-/* Second octet of flags */
-#define LDNS_RCODE_MASK 0x0fU
-#define LDNS_RCODE_SHIFT 0
-#define LDNS_RCODE_WIRE(wirebuf) (*(wirebuf+3) & LDNS_RCODE_MASK)
-#define LDNS_RCODE_SET(wirebuf, rcode) \
- (*(wirebuf+3) = ((*(wirebuf+3)) & ~LDNS_RCODE_MASK) | (rcode))
-
-#define LDNS_CD_MASK 0x10U
-#define LDNS_CD_SHIFT 4
-#define LDNS_CD_WIRE(wirebuf) (*(wirebuf+3) & LDNS_CD_MASK)
-#define LDNS_CD_SET(wirebuf) (*(wirebuf+3) |= LDNS_CD_MASK)
-#define LDNS_CD_CLR(wirebuf) (*(wirebuf+3) &= ~LDNS_CD_MASK)
-
-#define LDNS_AD_MASK 0x20U
-#define LDNS_AD_SHIFT 5
-#define LDNS_AD_WIRE(wirebuf) (*(wirebuf+3) & LDNS_AD_MASK)
-#define LDNS_AD_SET(wirebuf) (*(wirebuf+3) |= LDNS_AD_MASK)
-#define LDNS_AD_CLR(wirebuf) (*(wirebuf+3) &= ~LDNS_AD_MASK)
-
-#define LDNS_Z_MASK 0x40U
-#define LDNS_Z_SHIFT 6
-#define LDNS_Z_WIRE(wirebuf) (*(wirebuf+3) & LDNS_Z_MASK)
-#define LDNS_Z_SET(wirebuf) (*(wirebuf+3) |= LDNS_Z_MASK)
-#define LDNS_Z_CLR(wirebuf) (*(wirebuf+3) &= ~LDNS_Z_MASK)
-
-#define LDNS_RA_MASK 0x80U
-#define LDNS_RA_SHIFT 7
-#define LDNS_RA_WIRE(wirebuf) (*(wirebuf+3) & LDNS_RA_MASK)
-#define LDNS_RA_SET(wirebuf) (*(wirebuf+3) |= LDNS_RA_MASK)
-#define LDNS_RA_CLR(wirebuf) (*(wirebuf+3) &= ~LDNS_RA_MASK)
-
-/* Query ID */
-#define LDNS_ID_WIRE(wirebuf) (ldns_read_uint16(wirebuf))
-#define LDNS_ID_SET(wirebuf, id) (ldns_write_uint16(wirebuf, id))
-
-/* Counter of the question section */
-#define LDNS_QDCOUNT_OFF 4
-/*
-#define QDCOUNT(wirebuf) (ntohs(*(uint16_t *)(wirebuf+QDCOUNT_OFF)))
-*/
-#define LDNS_QDCOUNT(wirebuf) (ldns_read_uint16(wirebuf+LDNS_QDCOUNT_OFF))
-
-/* Counter of the answer section */
-#define LDNS_ANCOUNT_OFF 6
-#define LDNS_ANCOUNT(wirebuf) (ldns_read_uint16(wirebuf+LDNS_ANCOUNT_OFF))
-
-/* Counter of the authority section */
-#define LDNS_NSCOUNT_OFF 8
-#define LDNS_NSCOUNT(wirebuf) (ldns_read_uint16(wirebuf+LDNS_NSCOUNT_OFF))
-
-/* Counter of the additional section */
-#define LDNS_ARCOUNT_OFF 10
-#define LDNS_ARCOUNT(wirebuf) (ldns_read_uint16(wirebuf+LDNS_ARCOUNT_OFF))
-
-/**
- * converts the data on the uint8_t bytearray (in wire format) to a DNS packet.
- * This function will initialize and allocate memory space for the packet
- * structure.
- *
- * \param[in] packet pointer to the structure to hold the packet
- * \param[in] data pointer to the buffer with the data
- * \param[in] len the length of the data buffer (in bytes)
- * \return LDNS_STATUS_OK if everything succeeds, error otherwise
- */
-ldns_status ldns_wire2pkt(ldns_pkt **packet, const uint8_t *data, size_t len);
-
-/**
- * converts the data on the uint8_t bytearray (in wire format) to a DNS packet.
- * This function will initialize and allocate memory space for the packet
- * structure.
- *
- * \param[in] packet pointer to the structure to hold the packet
- * \param[in] buffer the buffer with the data
- * \return LDNS_STATUS_OK if everything succeeds, error otherwise
- */
-ldns_status ldns_buffer2pkt_wire(ldns_pkt **packet, ldns_buffer *buffer);
-
-/**
- * converts the data on the uint8_t bytearray (in wire format) to a DNS
- * dname rdata field. This function will initialize and allocate memory
- * space for the dname structure. The length of the wiredata of this rdf
- * is added to the *pos value.
- *
- * \param[in] dname pointer to the structure to hold the rdata value
- * \param[in] wire pointer to the buffer with the data
- * \param[in] max the length of the data buffer (in bytes)
- * \param[in] pos the position of the rdf in the buffer (ie. the number of bytes
- * from the start of the buffer)
- * \return LDNS_STATUS_OK if everything succeeds, error otherwise
- */
-ldns_status ldns_wire2dname(ldns_rdf **dname, const uint8_t *wire, size_t max, size_t *pos);
-
-/**
- * converts the data on the uint8_t bytearray (in wire format) to DNS
- * rdata fields, and adds them to the list of rdfs of the given rr.
- * This function will initialize and allocate memory space for the dname
- * structures.
- * The length of the wiredata of these rdfs is added to the *pos value.
- *
- * All rdfs belonging to the RR are read; the rr should have no rdfs
- * yet. An error is returned if the format cannot be parsed.
- *
- * \param[in] rr pointer to the ldns_rr structure to hold the rdata value
- * \param[in] wire pointer to the buffer with the data
- * \param[in] max the length of the data buffer (in bytes)
- * \param[in] pos the position of the rdf in the buffer (ie. the number of bytes
- * from the start of the buffer)
- * \return LDNS_STATUS_OK if everything succeeds, error otherwise
- */
-ldns_status ldns_wire2rdf(ldns_rr *rr, const uint8_t *wire, size_t max, size_t *pos);
-
-/**
- * converts the data on the uint8_t bytearray (in wire format) to a DNS
- * resource record.
- * This function will initialize and allocate memory space for the rr
- * structure.
- * The length of the wiredata of this rr is added to the *pos value.
- *
- * \param[in] rr pointer to the structure to hold the rdata value
- * \param[in] wire pointer to the buffer with the data
- * \param[in] max the length of the data buffer (in bytes)
- * \param[in] pos the position of the rr in the buffer (ie. the number of bytes
- * from the start of the buffer)
- * \param[in] section the section in the packet the rr is meant for
- * \return LDNS_STATUS_OK if everything succeeds, error otherwise
- */
-ldns_status ldns_wire2rr(ldns_rr **rr, const uint8_t *wire, size_t max, size_t *pos, ldns_pkt_section section);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* LDNS_WIRE2HOST_H */
+++ /dev/null
-/**
- * zone.h
- *
- * zone definitions
- * - what is it
- * - get_glue function
- * - search etc
- *
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2005-2006
- *
- * See the file LICENSE for the license
- */
-
-/**
- * \file
- *
- * Defines the ldns_zone structure and functions to manipulate it.
- */
-
-
-#ifndef LDNS_ZONE_H
-#define LDNS_ZONE_H
-
-#include <ldns/common.h>
-#include <ldns/rdata.h>
-#include <ldns/rr.h>
-#include <ldns/error.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * DNS Zone
- *
- * A list of RR's with some
- * extra information which comes from the SOA RR
- * Note: nothing has been done to make this efficient (yet).
- */
-struct ldns_struct_zone
-{
- /** the soa defines a zone */
- ldns_rr *_soa;
- /* basicly a zone is a list of rr's */
- ldns_rr_list *_rrs;
- /* we could change this to be a b-tree etc etc todo */
-};
-typedef struct ldns_struct_zone ldns_zone;
-
-/**
- * create a new ldns_zone structure
- * \return a pointer to a ldns_zone structure
- */
-ldns_zone * ldns_zone_new(void);
-
-/**
- * Return the soa record of a zone
- * \param[in] z the zone to read from
- * \return the soa record in the zone
- */
-ldns_rr * ldns_zone_soa(const ldns_zone *z);
-
-/**
- * Returns the number of resource records in the zone, NOT counting the SOA record
- * \param[in] z the zone to read from
- * \return the number of rr's in the zone
- */
-size_t ldns_zone_rr_count(const ldns_zone *z);
-
-/**
- * Set the zone's soa record
- * \param[in] z the zone to put the new soa in
- * \param[in] soa the soa to set
- */
-void ldns_zone_set_soa(ldns_zone *z, ldns_rr *soa);
-
-/**
- * Get a list of a zone's content. Note that the SOA
- * isn't included in this list. You need to get the
- * with ldns_zone_soa.
- * \param[in] z the zone to read from
- * \return the rrs from this zone
- */
-ldns_rr_list * ldns_zone_rrs(const ldns_zone *z);
-
-/**
- * Set the zone's contents
- * \param[in] z the zone to put the new soa in
- * \param[in] rrlist the rrlist to use
- */
-void ldns_zone_set_rrs(ldns_zone *z, ldns_rr_list *rrlist);
-
-/**
- * push an rrlist to a zone structure. This function use pointer
- * copying, so the rr_list structure inside z is modified!
- * \param[in] z the zone to add to
- * \param[in] list the list to add
- * \return a true on succes otherwise falsed
- */
-bool ldns_zone_push_rr_list(ldns_zone *z, ldns_rr_list *list);
-
-/**
- * push an single rr to a zone structure. This function use pointer
- * copying, so the rr_list structure inside z is modified!
- * \param[in] z the zone to add to
- * \param[in] rr the rr to add
- * \return a true on succes otherwise falsed
- */
-bool ldns_zone_push_rr(ldns_zone *z, ldns_rr *rr);
-
-/**
- * Retrieve all resource records from the zone that are glue
- * records. The resulting list does are pointer references
- * to the zone's data.
- *
- * Due to the current zone implementation (as a list of rr's), this
- * function is extremely slow. Another (probably better) way to do this
- * is to use an ldns_dnssec_zone structure and the mark_glue function
- *
- * \param[in] z the zone to look for glue
- * \return the rr_list with the glue
- */
-ldns_rr_list *ldns_zone_glue_rr_list(const ldns_zone *z);
-
-/**
- * Create a new zone from a file
- * \param[out] z the new zone
- * \param[in] *fp the filepointer to use
- * \param[in] *origin the zones' origin
- * \param[in] ttl default ttl to use
- * \param[in] c default class to use (IN)
- *
- * \return ldns_status mesg with an error or LDNS_STATUS_OK
- */
-ldns_status ldns_zone_new_frm_fp(ldns_zone **z, FILE *fp, ldns_rdf *origin, uint32_t ttl, ldns_rr_class c);
-
-/**
- * Create a new zone from a file, keep track of the line numbering
- * \param[out] z the new zone
- * \param[in] *fp the filepointer to use
- * \param[in] *origin the zones' origin
- * \param[in] ttl default ttl to use
- * \param[in] c default class to use (IN)
- * \param[out] line_nr used for error msg, to get to the line number
- *
- * \return ldns_status mesg with an error or LDNS_STATUS_OK
- */
-ldns_status ldns_zone_new_frm_fp_l(ldns_zone **z, FILE *fp, ldns_rdf *origin, uint32_t ttl, ldns_rr_class c, int *line_nr);
-
-/**
- * Frees the allocated memory for the zone, and the rr_list structure in it
- * \param[in] zone the zone to free
- */
-void ldns_zone_free(ldns_zone *zone);
-
-/**
- * Frees the allocated memory for the zone, the soa rr in it,
- * and the rr_list structure in it, including the rr's in that. etc.
- * \param[in] zone the zone to free
- */
-void ldns_zone_deep_free(ldns_zone *zone);
-
-/**
- * Sort the rrs in a zone, with the current impl. this is slow
- * \param[in] zone the zone to sort
- */
-void ldns_zone_sort(ldns_zone *zone);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* LDNS_ZONE_H */
+++ /dev/null
-ldns_algorithm2buffer_str
-ldns_algorithms
-ldns_axfr_complete
-ldns_axfr_last_pkt
-ldns_axfr_next
-ldns_axfr_start
-ldns_b32_ntop
-ldns_b32_ntop_ar
-ldns_b32_ntop_extended_hex
-ldns_b32_pton
-ldns_b32_pton_ar
-ldns_b32_pton_extended_hex
-ldns_b64_ntop
-ldns_b64_pton
-ldns_bgetc
-ldns_bget_keyword_data
-ldns_bget_token
-ldns_bskipc
-ldns_bskipcs
-ldns_bubblebabble
-ldns_buffer2pkt_wire
-ldns_buffer2str
-ldns_buffer_copy
-ldns_buffer_export
-ldns_buffer_free
-ldns_buffer_new
-ldns_buffer_new_frm_data
-ldns_buffer_printf
-ldns_buffer_reserve
-ldns_buffer_set_capacity
-ldns_calc_keytag
-ldns_calc_keytag_raw
-ldns_cert_algorithm2buffer_str
-ldns_cert_algorithms
-ldns_convert_ecdsa_rrsig_asn12rdf
-ldns_convert_ecdsa_rrsig_rdf2asn1
-ldns_convert_dsa_rrsig_asn12rdf
-ldns_convert_dsa_rrsig_rdf2asn1
-ldns_create_empty_rrsig
-ldns_create_nsec
-ldns_create_nsec3
-ldns_directive_types
-ldns_dname2buffer_wire
-ldns_dname2canonical
-ldns_dname_cat
-ldns_dname_cat_clone
-ldns_dname_clone_from
-ldns_dname_compare
-ldns_dname_compare_v
-ldns_dname_interval
-ldns_dname_is_subdomain
-ldns_dname_is_wildcard
-ldns_dname_label
-ldns_dname_label_count
-ldns_dname_left_chop
-ldns_dname_match_wildcard
-ldns_dname_new
-ldns_dname_new_frm_data
-ldns_dname_new_frm_str
-ldns_dname_reverse
-ldns_dname_str_absolute
-ldns_dnssec_build_data_chain
-ldns_dnssec_build_data_chain_nokeyname
-ldns_dnssec_chain_nsec3_list
-ldns_dnssec_create_nsec
-ldns_dnssec_create_nsec3
-ldns_dnssec_create_nsec_bitmap
-ldns_dnssec_data_chain_deep_free
-ldns_dnssec_data_chain_free
-ldns_dnssec_data_chain_new
-ldns_dnssec_data_chain_print
-ldns_dnssec_default_add_to_signatures
-ldns_dnssec_default_delete_signatures
-ldns_dnssec_default_leave_signatures
-ldns_dnssec_default_replace_signatures
-ldns_dnssec_derive_trust_tree
-ldns_dnssec_derive_trust_tree_dnskey_rrset
-ldns_dnssec_derive_trust_tree_ds_rrset
-ldns_dnssec_derive_trust_tree_normal_rrset
-ldns_dnssec_derive_trust_tree_no_sig
-ldns_dnssec_get_dnskey_for_rrsig
-ldns_dnssec_get_rrsig_for_name_and_type
-ldns_dnssec_name_add_rr
-ldns_dnssec_name_cmp
-ldns_dnssec_name_deep_free
-ldns_dnssec_name_find_rrset
-ldns_dnssec_name_free
-ldns_dnssec_name_name
-ldns_dnssec_name_new
-ldns_dnssec_name_new_frm_rr
-ldns_dnssec_name_node_deep_free
-ldns_dnssec_name_node_free
-ldns_dnssec_name_node_next_nonglue
-ldns_dnssec_name_nsec
-ldns_dnssec_name_print
-ldns_dnssec_name_print_soa
-ldns_dnssec_name_set_name
-ldns_dnssec_name_set_nsec
-ldns_dnssec_nsec3_closest_encloser
-ldns_dnssec_pkt_get_rrsigs_for_name_and_type
-ldns_dnssec_pkt_get_rrsigs_for_type
-ldns_dnssec_pkt_has_rrsigs
-ldns_dnssec_remove_signatures
-ldns_dnssec_rrs_add_rr
-ldns_dnssec_rrs_deep_free
-ldns_dnssec_rrsets_add_rr
-ldns_dnssec_rrsets_contains_type
-ldns_dnssec_rrsets_deep_free
-ldns_dnssec_rrsets_free
-ldns_dnssec_rrsets_new
-ldns_dnssec_rrsets_new_frm_rr
-ldns_dnssec_rrsets_print
-ldns_dnssec_rrsets_print_soa
-ldns_dnssec_rrsets_set_type
-ldns_dnssec_rrsets_type
-ldns_dnssec_rrs_free
-ldns_dnssec_rrs_new
-ldns_dnssec_rrs_print
-ldns_dnssec_trust_tree_add_parent
-ldns_dnssec_trust_tree_contains_keys
-ldns_dnssec_trust_tree_depth
-ldns_dnssec_trust_tree_free
-ldns_dnssec_trust_tree_new
-ldns_dnssec_trust_tree_print
-ldns_dnssec_trust_tree_print_sm
-ldns_dnssec_verify_denial
-ldns_dnssec_verify_denial_nsec3
-ldns_dnssec_zone_add_empty_nonterminals
-ldns_dnssec_zone_add_rr
-ldns_dnssec_zone_create_nsec3s
-ldns_dnssec_zone_create_nsecs
-ldns_dnssec_zone_create_rrsigs
-ldns_dnssec_zone_create_rrsigs_flg
-ldns_dnssec_zone_deep_free
-ldns_dnssec_zone_find_nsec3_original
-ldns_dnssec_zone_find_rrset
-ldns_dnssec_zone_free
-ldns_dnssec_zone_mark_glue
-ldns_dnssec_zone_names_print
-ldns_dnssec_zone_new
-ldns_dnssec_zone_print
-ldns_dnssec_zone_sign
-ldns_dnssec_zone_sign_flg
-ldns_dnssec_zone_sign_nsec3
-ldns_dnssec_zone_sign_nsec3_flg
-ldns_ecdsa2pkey_raw
-ldns_edns_flags
-ldns_error_str
-ldns_fetch_valid_domain_keys
-ldns_fget_keyword_data
-ldns_fget_keyword_data_l
-ldns_fget_token
-ldns_fget_token_l
-ldns_fskipc
-ldns_fskipcs
-ldns_fskipcs_l
-ldns_getaddrinfo
-ldns_get_bit
-ldns_get_bit_r
-ldns_get_errorstr_by_id
-ldns_get_random
-ldns_get_rr_class_by_name
-ldns_get_rr_list_addr_by_name
-ldns_get_rr_list_hosts_frm_file
-ldns_get_rr_list_hosts_frm_fp
-ldns_get_rr_list_hosts_frm_fp_l
-ldns_get_rr_list_name_by_addr
-ldns_get_rr_type_by_name
-ldns_get_signing_algorithm_by_name
-ldns_gost2pkey_raw
-ldns_digest_evp
-ldns_key_EVP_load_gost_id
-ldns_key_EVP_unload_gost
-ldns_hexdigit_to_int
-ldns_hexstring_to_data
-ldns_init_random
-ldns_int_to_hexdigit
-ldns_is_rrset
-ldns_key2buffer_str
-ldns_key2rr
-ldns_key2str
-ldns_key_algo_supported
-ldns_key_algorithm
-ldns_key_buf2dsa
-ldns_key_buf2dsa_raw
-ldns_key_buf2rsa
-ldns_key_buf2rsa_raw
-ldns_key_deep_free
-ldns_key_dsa_key
-ldns_key_evp_key
-ldns_key_expiration
-ldns_key_external_key
-ldns_key_flags
-ldns_key_free
-ldns_key_get_file_base_name
-ldns_key_hmac_key
-ldns_key_hmac_size
-ldns_key_inception
-ldns_key_keytag
-ldns_key_list_free
-ldns_key_list_key
-ldns_key_list_key_count
-ldns_key_list_new
-ldns_key_list_pop_key
-ldns_key_list_push_key
-ldns_key_list_set_key_count
-ldns_key_list_set_use
-ldns_key_new
-ldns_key_new_frm_algorithm
-ldns_key_new_frm_engine
-ldns_key_new_frm_fp
-ldns_key_new_frm_fp_dsa
-ldns_key_new_frm_fp_dsa_l
-ldns_key_new_frm_fp_hmac
-ldns_key_new_frm_fp_hmac_l
-ldns_key_new_frm_fp_l
-ldns_key_new_frm_fp_rsa
-ldns_key_new_frm_fp_rsa_l
-ldns_key_origttl
-ldns_key_print
-ldns_key_pubkey_owner
-ldns_key_rr2ds
-ldns_key_rsa_key
-ldns_key_set_algorithm
-ldns_key_set_dsa_key
-ldns_key_set_evp_key
-ldns_key_set_expiration
-ldns_key_set_external_key
-ldns_key_set_flags
-ldns_key_set_hmac_key
-ldns_key_set_hmac_size
-ldns_key_set_inception
-ldns_key_set_keytag
-ldns_key_set_origttl
-ldns_key_set_pubkey_owner
-ldns_key_set_rsa_key
-ldns_key_set_use
-ldns_key_use
-ldns_lookup_by_id
-ldns_lookup_by_name
-ldns_native2rdf_int16
-ldns_native2rdf_int16_data
-ldns_native2rdf_int32
-ldns_native2rdf_int8
-ldns_nsec3_add_param_rdfs
-ldns_nsec3_algorithm
-ldns_nsec3_bitmap
-ldns_nsec3_flags
-ldns_nsec3_hash_name
-ldns_nsec3_hash_name_frm_nsec3
-ldns_nsec3_iterations
-ldns_nsec3_next_owner
-ldns_nsec3_optout
-ldns_nsec3_salt
-ldns_nsec3_salt_data
-ldns_nsec3_salt_length
-ldns_nsec_bitmap_covers_type
-ldns_nsec_covers_name
-ldns_nsec_get_bitmap
-ldns_nsec_type_check
-ldns_octet
-ldns_opcodes
-ldns_pkt2buffer_str
-ldns_pkt2buffer_wire
-ldns_pkt2str
-ldns_pkt2wire
-ldns_pkt_aa
-ldns_pkt_ad
-ldns_pkt_additional
-ldns_pkt_algorithm2str
-ldns_pkt_all
-ldns_pkt_all_noquestion
-ldns_pkt_ancount
-ldns_pkt_answer
-ldns_pkt_answerfrom
-ldns_pkt_arcount
-ldns_pkt_authority
-ldns_pkt_cd
-ldns_pkt_cert_algorithm2str
-ldns_pkt_clone
-ldns_pkt_edns
-ldns_pkt_edns_data
-ldns_pkt_edns_do
-ldns_pkt_edns_extended_rcode
-ldns_pkt_edns_udp_size
-ldns_pkt_edns_version
-ldns_pkt_edns_z
-ldns_pkt_empty
-ldns_pkt_free
-ldns_pkt_get_opcode
-ldns_pkt_get_rcode
-ldns_pkt_get_section_clone
-ldns_pktheader2buffer_str
-ldns_pkt_id
-ldns_pkt_new
-ldns_pkt_nscount
-ldns_pkt_opcode2buffer_str
-ldns_pkt_opcode2str
-ldns_pkt_print
-ldns_pkt_push_rr
-ldns_pkt_push_rr_list
-ldns_pkt_qdcount
-ldns_pkt_qr
-ldns_pkt_query_new
-ldns_pkt_query_new_frm_str
-ldns_pkt_querytime
-ldns_pkt_question
-ldns_pkt_ra
-ldns_pkt_rcode2buffer_str
-ldns_pkt_rcode2str
-ldns_pkt_rd
-ldns_pkt_reply_type
-ldns_pkt_rr
-ldns_pkt_rr_list_by_name
-ldns_pkt_rr_list_by_name_and_type
-ldns_pkt_rr_list_by_type
-ldns_pkt_safe_push_rr
-ldns_pkt_safe_push_rr_list
-ldns_pkt_section_count
-ldns_pkt_set_aa
-ldns_pkt_set_ad
-ldns_pkt_set_additional
-ldns_pkt_set_ancount
-ldns_pkt_set_answer
-ldns_pkt_set_answerfrom
-ldns_pkt_set_arcount
-ldns_pkt_set_authority
-ldns_pkt_set_cd
-ldns_pkt_set_edns_data
-ldns_pkt_set_edns_do
-ldns_pkt_set_edns_extended_rcode
-ldns_pkt_set_edns_udp_size
-ldns_pkt_set_edns_version
-ldns_pkt_set_edns_z
-ldns_pkt_set_flags
-ldns_pkt_set_id
-ldns_pkt_set_nscount
-ldns_pkt_set_opcode
-ldns_pkt_set_qdcount
-ldns_pkt_set_qr
-ldns_pkt_set_querytime
-ldns_pkt_set_question
-ldns_pkt_set_ra
-ldns_pkt_set_random_id
-ldns_pkt_set_rcode
-ldns_pkt_set_rd
-ldns_pkt_set_section_count
-ldns_pkt_set_size
-ldns_pkt_set_tc
-ldns_pkt_set_timestamp
-ldns_pkt_set_tsig
-ldns_pkt_size
-ldns_pkt_tc
-ldns_pkt_timestamp
-ldns_pkt_tsig
-ldns_pkt_tsig_sign
-ldns_pkt_tsig_sign_next
-ldns_pkt_tsig_verify
-ldns_pkt_tsig_verify_next
-ldns_pkt_verify
-ldns_print_rr_rdf
-ldns_rbtree_create
-ldns_rbtree_delete
-ldns_rbtree_find_less_equal
-ldns_rbtree_first
-ldns_rbtree_free
-ldns_rbtree_init
-ldns_rbtree_insert
-ldns_rbtree_insert_vref
-ldns_rbtree_join
-ldns_rbtree_last
-ldns_rbtree_next
-ldns_rbtree_null_node
-ldns_rbtree_previous
-ldns_rbtree_search
-ldns_rbtree_split
-ldns_rcodes
-ldns_rdf2buffer_str
-ldns_rdf2buffer_str_a
-ldns_rdf2buffer_str_aaaa
-ldns_rdf2buffer_str_alg
-ldns_rdf2buffer_str_apl
-ldns_rdf2buffer_str_b32_ext
-ldns_rdf2buffer_str_b64
-ldns_rdf2buffer_str_cert_alg
-ldns_rdf2buffer_str_class
-ldns_rdf2buffer_str_dname
-ldns_rdf2buffer_str_hex
-ldns_rdf2buffer_str_int16
-ldns_rdf2buffer_str_int16_data
-ldns_rdf2buffer_str_int32
-ldns_rdf2buffer_str_int8
-ldns_rdf2buffer_str_ipseckey
-ldns_rdf2buffer_str_loc
-ldns_rdf2buffer_str_nsap
-ldns_rdf2buffer_str_nsec
-ldns_rdf2buffer_str_nsec3_salt
-ldns_rdf2buffer_str_period
-ldns_rdf2buffer_str_str
-ldns_rdf2buffer_str_time
-ldns_rdf2buffer_str_tsig
-ldns_rdf2buffer_str_tsigtime
-ldns_rdf2buffer_str_type
-ldns_rdf2buffer_str_unknown
-ldns_rdf2buffer_str_wks
-ldns_rdf2buffer_wire
-ldns_rdf2buffer_wire_canonical
-ldns_rdf2native_int16
-ldns_rdf2native_int32
-ldns_rdf2native_int8
-ldns_rdf2native_sockaddr_storage
-ldns_rdf2native_time_t
-ldns_rdf2rr_type
-ldns_rdf2str
-ldns_rdf2wire
-ldns_rdf_address_reverse
-ldns_rdf_clone
-ldns_rdf_compare
-ldns_rdf_data
-ldns_rdf_deep_free
-ldns_rdf_free
-ldns_rdf_get_type
-ldns_rdf_new
-ldns_rdf_new_frm_data
-ldns_rdf_new_frm_fp
-ldns_rdf_new_frm_fp_l
-ldns_rdf_new_frm_str
-ldns_rdf_print
-ldns_rdf_set_data
-ldns_rdf_set_size
-ldns_rdf_set_type
-ldns_rdf_size
-ldns_read_anchor_file
-ldns_resolver_debug
-ldns_resolver_dec_nameserver_count
-ldns_resolver_deep_free
-ldns_resolver_defnames
-ldns_resolver_dnsrch
-ldns_resolver_dnssec
-ldns_resolver_dnssec_anchors
-ldns_resolver_dnssec_cd
-ldns_resolver_domain
-ldns_resolver_edns_udp_size
-ldns_resolver_fail
-ldns_resolver_fallback
-ldns_resolver_free
-ldns_resolver_igntc
-ldns_resolver_incr_nameserver_count
-ldns_resolver_ip6
-ldns_resolver_nameserver_count
-ldns_resolver_nameserver_rtt
-ldns_resolver_nameservers
-ldns_resolver_nameservers_randomize
-ldns_resolver_new
-ldns_resolver_new_frm_file
-ldns_resolver_new_frm_fp
-ldns_resolver_new_frm_fp_l
-ldns_resolver_pop_nameserver
-ldns_resolver_port
-ldns_resolver_prepare_query_pkt
-ldns_resolver_print
-ldns_resolver_push_dnssec_anchor
-ldns_resolver_push_nameserver
-ldns_resolver_push_nameserver_rr
-ldns_resolver_push_nameserver_rr_list
-ldns_resolver_push_searchlist
-ldns_resolver_query
-ldns_resolver_random
-ldns_resolver_recursive
-ldns_resolver_retrans
-ldns_resolver_retry
-ldns_resolver_rtt
-ldns_resolver_search
-ldns_resolver_searchlist
-ldns_resolver_searchlist_count
-ldns_resolver_send
-ldns_resolver_send_pkt
-ldns_resolver_set_debug
-ldns_resolver_set_defnames
-ldns_resolver_set_dnsrch
-ldns_resolver_set_dnssec
-ldns_resolver_set_dnssec_anchors
-ldns_resolver_set_dnssec_cd
-ldns_resolver_set_domain
-ldns_resolver_set_edns_udp_size
-ldns_resolver_set_fail
-ldns_resolver_set_fallback
-ldns_resolver_set_igntc
-ldns_resolver_set_ip6
-ldns_resolver_set_nameserver_count
-ldns_resolver_set_nameserver_rtt
-ldns_resolver_set_nameservers
-ldns_resolver_set_port
-ldns_resolver_set_random
-ldns_resolver_set_recursive
-ldns_resolver_set_retrans
-ldns_resolver_set_retry
-ldns_resolver_set_rtt
-ldns_resolver_set_searchlist_count
-ldns_resolver_set_timeout
-ldns_resolver_set_tsig_algorithm
-ldns_resolver_set_tsig_keydata
-ldns_resolver_set_tsig_keyname
-ldns_resolver_set_usevc
-ldns_resolver_timeout
-ldns_resolver_trusted_key
-ldns_resolver_tsig_algorithm
-ldns_resolver_tsig_keydata
-ldns_resolver_tsig_keyname
-ldns_resolver_usevc
-ldns_rr2buffer_str
-ldns_rr2buffer_wire
-ldns_rr2buffer_wire_canonical
-ldns_rr2canonical
-ldns_rr2str
-ldns_rr2wire
-ldns_rr_a_address
-ldns_rr_a_set_address
-ldns_rr_class2buffer_str
-ldns_rr_class2str
-ldns_rr_classes
-ldns_rr_clone
-ldns_rr_compare
-ldns_rr_compare_ds
-ldns_rr_compare_no_rdata
-ldns_rr_compare_wire
-ldns_rr_descript
-ldns_rr_descriptor_field_type
-ldns_rr_descriptor_maximum
-ldns_rr_descriptor_minimum
-ldns_rr_dnskey_algorithm
-ldns_rr_dnskey_flags
-ldns_rr_dnskey_key
-ldns_rr_dnskey_key_size
-ldns_rr_dnskey_key_size_raw
-ldns_rr_dnskey_protocol
-ldns_rr_dnskey_set_algorithm
-ldns_rr_dnskey_set_flags
-ldns_rr_dnskey_set_key
-ldns_rr_dnskey_set_protocol
-ldns_rr_free
-ldns_rr_get_class
-ldns_rr_get_type
-ldns_rr_label_count
-ldns_rr_list2buffer_str
-ldns_rr_list2buffer_wire
-ldns_rr_list2canonical
-ldns_rr_list2str
-ldns_rr_list_cat
-ldns_rr_list_cat_clone
-ldns_rr_list_clone
-ldns_rr_list_compare
-ldns_rr_list_contains_rr
-ldns_rr_list_deep_free
-ldns_rr_list_free
-ldns_rr_list_new
-ldns_rr_list_owner
-ldns_rr_list_pop_rr
-ldns_rr_list_pop_rr_list
-ldns_rr_list_pop_rrset
-ldns_rr_list_print
-ldns_rr_list_push_rr
-ldns_rr_list_push_rr_list
-ldns_rr_list_rr
-ldns_rr_list_rr_count
-ldns_rr_list_set_rr
-ldns_rr_list_set_rr_count
-ldns_rr_list_sort
-ldns_rr_list_sort_nsec3
-ldns_rr_list_subtype_by_rdf
-ldns_rr_list_type
-ldns_rr_mx_exchange
-ldns_rr_mx_preference
-ldns_rr_new
-ldns_rr_new_frm_fp
-ldns_rr_new_frm_fp_l
-ldns_rr_new_frm_str
-ldns_rr_new_frm_type
-ldns_rr_new_question_frm_str
-ldns_rr_ns_nsdname
-ldns_rr_owner
-ldns_rr_pop_rdf
-ldns_rr_print
-ldns_rr_push_rdf
-ldns_rr_rdata2buffer_wire
-ldns_rr_rd_count
-ldns_rr_rdf
-ldns_rr_rrsig_algorithm
-ldns_rr_rrsig_expiration
-ldns_rr_rrsig_inception
-ldns_rr_rrsig_keytag
-ldns_rr_rrsig_labels
-ldns_rr_rrsig_origttl
-ldns_rr_rrsig_set_algorithm
-ldns_rr_rrsig_set_expiration
-ldns_rr_rrsig_set_inception
-ldns_rr_rrsig_set_keytag
-ldns_rr_rrsig_set_labels
-ldns_rr_rrsig_set_origttl
-ldns_rr_rrsig_set_sig
-ldns_rr_rrsig_set_signame
-ldns_rr_rrsig_set_typecovered
-ldns_rr_rrsig_sig
-ldns_rr_rrsig_signame
-ldns_rr_rrsig_typecovered
-ldns_rr_set_class
-ldns_rr_set_owner
-ldns_rr_set_pop_rr
-ldns_rr_set_push_rr
-ldns_rr_set_rd_count
-ldns_rr_set_rdf
-ldns_rr_set_ttl
-ldns_rr_set_type
-ldns_rrsig2buffer_wire
-ldns_rr_ttl
-ldns_rr_type2buffer_str
-ldns_rr_type2str
-ldns_rr_uncompressed_size
-ldns_send
-ldns_send_buffer
-ldns_set_bit
-ldns_sha1
-ldns_sha1_final
-ldns_sha1_init
-ldns_sha1_transform
-ldns_sha1_update
-ldns_signing_algorithms
-ldns_sign_public
-ldns_sign_public_buffer
-ldns_sign_public_dsa
-ldns_sign_public_evp
-ldns_sign_public_rsamd5
-ldns_sign_public_rsasha1
-ldns_sockaddr_storage2rdf
-ldns_str2period
-ldns_str2rdf_a
-ldns_str2rdf_aaaa
-ldns_str2rdf_alg
-ldns_str2rdf_apl
-ldns_str2rdf_b32_ext
-ldns_str2rdf_b64
-ldns_str2rdf_cert_alg
-ldns_str2rdf_class
-ldns_str2rdf_dname
-ldns_str2rdf_hex
-ldns_str2rdf_int16
-ldns_str2rdf_int32
-ldns_str2rdf_int8
-ldns_str2rdf_loc
-ldns_str2rdf_nsap
-ldns_str2rdf_nsec
-ldns_str2rdf_nsec3_salt
-ldns_str2rdf_period
-ldns_str2rdf_service
-ldns_str2rdf_str
-ldns_str2rdf_time
-ldns_str2rdf_tsig
-ldns_str2rdf_type
-ldns_str2rdf_unknown
-ldns_str2rdf_wks
-ldns_tcp_bgsend
-ldns_tcp_connect
-ldns_tcp_read_wire
-ldns_tcp_read_wire_timeout
-ldns_tcp_send
-ldns_tcp_send_query
-ldns_traverse_postorder
-ldns_tsig_algorithm
-ldns_tsig_keydata
-ldns_tsig_keydata_clone
-ldns_tsig_keyname
-ldns_tsig_keyname_clone
-ldns_tsig_prepare_pkt_wire
-ldns_udp_bgsend
-ldns_udp_connect
-ldns_udp_read_wire
-ldns_udp_send
-ldns_udp_send_query
-ldns_update_ad
-ldns_update_pkt_new
-ldns_update_pkt_tsig_add
-ldns_update_prcount
-ldns_update_set_adcount
-ldns_update_set_prcount
-ldns_update_set_upcount
-ldns_update_set_zo
-ldns_update_soa_mname
-ldns_update_soa_zone_mname
-ldns_update_upcount
-ldns_update_zocount
-ldns_validate_domain_dnskey
-ldns_validate_domain_ds
-ldns_verify
-ldns_verify_notime
-ldns_verify_rrsig
-ldns_verify_rrsig_buffers
-ldns_verify_rrsig_buffers_raw
-ldns_verify_rrsig_dsa
-ldns_verify_rrsig_dsa_raw
-ldns_verify_rrsig_evp
-ldns_verify_rrsig_evp_raw
-ldns_verify_rrsig_keylist
-ldns_verify_rrsig_keylist_notime
-ldns_verify_rrsig_rsamd5
-ldns_verify_rrsig_rsamd5_raw
-ldns_verify_rrsig_rsasha1
-ldns_verify_rrsig_rsasha1_raw
-ldns_verify_rrsig_rsasha256_raw
-ldns_verify_rrsig_rsasha512_raw
-ldns_verify_trusted
-ldns_version
-ldns_wire2dname
-ldns_wire2pkt
-ldns_wire2rdf
-ldns_wire2rr
-ldns_zone_deep_free
-ldns_zone_free
-ldns_zone_glue_rr_list
-ldns_zone_new
-ldns_zone_new_frm_fp
-ldns_zone_new_frm_fp_l
-ldns_zone_print
-ldns_zone_push_rr
-ldns_zone_push_rr_list
-ldns_zone_rr_count
-ldns_zone_rrs
-ldns_zone_set_rrs
-ldns_zone_set_soa
-ldns_zone_sign
-ldns_zone_sign_nsec3
-ldns_zone_soa
-ldns_zone_sort
-ldns_zone_strip_glue_rrs
+++ /dev/null
-# Doxyfile 1.3.9.1
-
-# This file describes the settings to be used by the documentation system
-# doxygen (www.doxygen.org) for a project
-#
-# All text after a hash (#) is considered a comment and will be ignored
-# The format is:
-# TAG = value [value, ...]
-# For lists items can also be appended using:
-# TAG += value [value, ...]
-# Values that contain spaces should be placed between quotes (" ")
-
-#---------------------------------------------------------------------------
-# Project related configuration options
-#---------------------------------------------------------------------------
-
-# The PROJECT_NAME tag is a single word (or a sequence of words surrounded
-# by quotes) that should identify the project.
-
-PROJECT_NAME = ldns
-
-# The PROJECT_NUMBER tag can be used to enter a project or revision number.
-# This could be handy for archiving the generated documentation or
-# if some version control system is used.
-
-PROJECT_NUMBER = 1.6.7
-
-# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute)
-# base path where the generated documentation will be put.
-# If a relative path is entered, it will be relative to the location
-# where doxygen was started. If left blank the current directory will be used.
-
-OUTPUT_DIRECTORY = doc/
-
-# If the CREATE_SUBDIRS tag is set to YES, then doxygen will create
-# 4096 sub-directories (in 2 levels) under the output directory of each output
-# format and will distribute the generated files over these directories.
-# Enabling this option can be useful when feeding doxygen a huge amount of source
-# files, where putting all generated files in the same directory would otherwise
-# cause performance problems for the file system.
-
-CREATE_SUBDIRS = NO
-
-# The OUTPUT_LANGUAGE tag is used to specify the language in which all
-# documentation generated by doxygen is written. Doxygen will use this
-# information to generate all constant output in the proper language.
-# The default language is English, other supported languages are:
-# Brazilian, Catalan, Chinese, Chinese-Traditional, Croatian, Czech, Danish,
-# Dutch, Finnish, French, German, Greek, Hungarian, Italian, Japanese,
-# Japanese-en (Japanese with English messages), Korean, Korean-en, Norwegian,
-# Polish, Portuguese, Romanian, Russian, Serbian, Slovak, Slovene, Spanish,
-# Swedish, and Ukrainian.
-
-OUTPUT_LANGUAGE = English
-
-# This tag can be used to specify the encoding used in the generated output.
-# The encoding is not always determined by the language that is chosen,
-# but also whether or not the output is meant for Windows or non-Windows users.
-# If the BRIEF_MEMBER_DESC tag is set to YES (the default) Doxygen will
-# include brief member descriptions after the members that are listed in
-# the file and class documentation (similar to JavaDoc).
-# Set to NO to disable this.
-
-BRIEF_MEMBER_DESC = YES
-
-# If the REPEAT_BRIEF tag is set to YES (the default) Doxygen will prepend
-# the brief description of a member or function before the detailed description.
-# Note: if both HIDE_UNDOC_MEMBERS and BRIEF_MEMBER_DESC are set to NO, the
-# brief descriptions will be completely suppressed.
-
-REPEAT_BRIEF = YES
-
-# This tag implements a quasi-intelligent brief description abbreviator
-# that is used to form the text in various listings. Each string
-# in this list, if found as the leading text of the brief description, will be
-# stripped from the text and the result after processing the whole list, is used
-# as the annotated text. Otherwise, the brief description is used as-is. If left
-# blank, the following values are used ("$name" is automatically replaced with the
-# name of the entity): "The $name class" "The $name widget" "The $name file"
-# "is" "provides" "specifies" "contains" "represents" "a" "an" "the"
-
-ABBREVIATE_BRIEF =
-
-# If the ALWAYS_DETAILED_SEC and REPEAT_BRIEF tags are both set to YES then
-# Doxygen will generate a detailed section even if there is only a brief
-# description.
-
-ALWAYS_DETAILED_SEC = NO
-
-# If the INLINE_INHERITED_MEMB tag is set to YES, doxygen will show all inherited
-# members of a class in the documentation of that class as if those members were
-# ordinary class members. Constructors, destructors and assignment operators of
-# the base classes will not be shown.
-
-INLINE_INHERITED_MEMB = NO
-
-# If the FULL_PATH_NAMES tag is set to YES then Doxygen will prepend the full
-# path before files name in the file list and in the header files. If set
-# to NO the shortest path that makes the file name unique will be used.
-
-FULL_PATH_NAMES = YES
-
-# If the FULL_PATH_NAMES tag is set to YES then the STRIP_FROM_PATH tag
-# can be used to strip a user-defined part of the path. Stripping is
-# only done if one of the specified strings matches the left-hand part of
-# the path. The tag can be used to show relative paths in the file list.
-# If left blank the directory from which doxygen is run is used as the
-# path to strip.
-
-STRIP_FROM_PATH =
-
-# The STRIP_FROM_INC_PATH tag can be used to strip a user-defined part of
-# the path mentioned in the documentation of a class, which tells
-# the reader which header file to include in order to use a class.
-# If left blank only the name of the header file containing the class
-# definition is used. Otherwise one should specify the include paths that
-# are normally passed to the compiler using the -I flag.
-
-STRIP_FROM_INC_PATH =
-
-# If the SHORT_NAMES tag is set to YES, doxygen will generate much shorter
-# (but less readable) file names. This can be useful is your file systems
-# doesn't support long names like on DOS, Mac, or CD-ROM.
-
-SHORT_NAMES = NO
-
-# If the JAVADOC_AUTOBRIEF tag is set to YES then Doxygen
-# will interpret the first line (until the first dot) of a JavaDoc-style
-# comment as the brief description. If set to NO, the JavaDoc
-# comments will behave just like the Qt-style comments (thus requiring an
-# explicit @brief command for a brief description.
-
-JAVADOC_AUTOBRIEF = YES
-
-# The MULTILINE_CPP_IS_BRIEF tag can be set to YES to make Doxygen
-# treat a multi-line C++ special comment block (i.e. a block of //! or ///
-# comments) as a brief description. This used to be the default behaviour.
-# The new default is to treat a multi-line C++ comment block as a detailed
-# description. Set this tag to YES if you prefer the old behaviour instead.
-
-MULTILINE_CPP_IS_BRIEF = NO
-
-# If the DETAILS_AT_TOP tag is set to YES then Doxygen
-# will output the detailed description near the top, like JavaDoc.
-# If set to NO, the detailed description appears after the member
-# documentation.
-
-DETAILS_AT_TOP = NO
-
-# If the INHERIT_DOCS tag is set to YES (the default) then an undocumented
-# member inherits the documentation from any documented member that it
-# re-implements.
-
-INHERIT_DOCS = YES
-
-# If member grouping is used in the documentation and the DISTRIBUTE_GROUP_DOC
-# tag is set to YES, then doxygen will reuse the documentation of the first
-# member in the group (if any) for the other members of the group. By default
-# all members of a group must be documented explicitly.
-
-DISTRIBUTE_GROUP_DOC = NO
-
-# The TAB_SIZE tag can be used to set the number of spaces in a tab.
-# Doxygen uses this value to replace tabs by spaces in code fragments.
-
-TAB_SIZE = 8
-
-# This tag can be used to specify a number of aliases that acts
-# as commands in the documentation. An alias has the form "name=value".
-# For example adding "sideeffect=\par Side Effects:\n" will allow you to
-# put the command \sideeffect (or @sideeffect) in the documentation, which
-# will result in a user-defined paragraph with heading "Side Effects:".
-# You can put \n's in the value part of an alias to insert newlines.
-
-ALIASES =
-
-# Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C sources
-# only. Doxygen will then generate output that is more tailored for C.
-# For instance, some of the names that are used will be different. The list
-# of all members will be omitted, etc.
-
-OPTIMIZE_OUTPUT_FOR_C = YES
-
-# Set the OPTIMIZE_OUTPUT_JAVA tag to YES if your project consists of Java sources
-# only. Doxygen will then generate output that is more tailored for Java.
-# For instance, namespaces will be presented as packages, qualified scopes
-# will look different, etc.
-
-OPTIMIZE_OUTPUT_JAVA = NO
-
-# Set the SUBGROUPING tag to YES (the default) to allow class member groups of
-# the same type (for instance a group of public functions) to be put as a
-# subgroup of that type (e.g. under the Public Functions section). Set it to
-# NO to prevent subgrouping. Alternatively, this can be done per class using
-# the \nosubgrouping command.
-
-SUBGROUPING = YES
-
-#---------------------------------------------------------------------------
-# Build related configuration options
-#---------------------------------------------------------------------------
-
-# If the EXTRACT_ALL tag is set to YES doxygen will assume all entities in
-# documentation are documented, even if no documentation was available.
-# Private class members and static file members will be hidden unless
-# the EXTRACT_PRIVATE and EXTRACT_STATIC tags are set to YES
-
-EXTRACT_ALL = YES
-
-# If the EXTRACT_PRIVATE tag is set to YES all private members of a class
-# will be included in the documentation.
-
-EXTRACT_PRIVATE = NO
-
-# If the EXTRACT_STATIC tag is set to YES all static members of a file
-# will be included in the documentation.
-
-EXTRACT_STATIC = NO
-
-# If the EXTRACT_LOCAL_CLASSES tag is set to YES classes (and structs)
-# defined locally in source files will be included in the documentation.
-# If set to NO only classes defined in header files are included.
-
-EXTRACT_LOCAL_CLASSES = YES
-
-# This flag is only useful for Objective-C code. When set to YES local
-# methods, which are defined in the implementation section but not in
-# the interface are included in the documentation.
-# If set to NO (the default) only methods in the interface are included.
-
-EXTRACT_LOCAL_METHODS = NO
-
-# If the HIDE_UNDOC_MEMBERS tag is set to YES, Doxygen will hide all
-# undocumented members of documented classes, files or namespaces.
-# If set to NO (the default) these members will be included in the
-# various overviews, but no documentation section is generated.
-# This option has no effect if EXTRACT_ALL is enabled.
-
-HIDE_UNDOC_MEMBERS = NO
-
-# If the HIDE_UNDOC_CLASSES tag is set to YES, Doxygen will hide all
-# undocumented classes that are normally visible in the class hierarchy.
-# If set to NO (the default) these classes will be included in the various
-# overviews. This option has no effect if EXTRACT_ALL is enabled.
-
-HIDE_UNDOC_CLASSES = NO
-
-# If the HIDE_FRIEND_COMPOUNDS tag is set to YES, Doxygen will hide all
-# friend (class|struct|union) declarations.
-# If set to NO (the default) these declarations will be included in the
-# documentation.
-
-HIDE_FRIEND_COMPOUNDS = NO
-
-# If the HIDE_IN_BODY_DOCS tag is set to YES, Doxygen will hide any
-# documentation blocks found inside the body of a function.
-# If set to NO (the default) these blocks will be appended to the
-# function's detailed documentation block.
-
-HIDE_IN_BODY_DOCS = NO
-
-# The INTERNAL_DOCS tag determines if documentation
-# that is typed after a \internal command is included. If the tag is set
-# to NO (the default) then the documentation will be excluded.
-# Set it to YES to include the internal documentation.
-
-INTERNAL_DOCS = NO
-
-# If the CASE_SENSE_NAMES tag is set to NO then Doxygen will only generate
-# file names in lower-case letters. If set to YES upper-case letters are also
-# allowed. This is useful if you have classes or files whose names only differ
-# in case and if your file system supports case sensitive file names. Windows
-# and Mac users are advised to set this option to NO.
-
-CASE_SENSE_NAMES = YES
-
-# If the HIDE_SCOPE_NAMES tag is set to NO (the default) then Doxygen
-# will show members with their full class and namespace scopes in the
-# documentation. If set to YES the scope will be hidden.
-
-HIDE_SCOPE_NAMES = NO
-
-# If the SHOW_INCLUDE_FILES tag is set to YES (the default) then Doxygen
-# will put a list of the files that are included by a file in the documentation
-# of that file.
-
-SHOW_INCLUDE_FILES = NO
-
-# If the INLINE_INFO tag is set to YES (the default) then a tag [inline]
-# is inserted in the documentation for inline members.
-
-INLINE_INFO = YES
-
-# If the SORT_MEMBER_DOCS tag is set to YES (the default) then doxygen
-# will sort the (detailed) documentation of file and class members
-# alphabetically by member name. If set to NO the members will appear in
-# declaration order.
-
-SORT_MEMBER_DOCS = NO
-
-# If the SORT_BRIEF_DOCS tag is set to YES then doxygen will sort the
-# brief documentation of file, namespace and class members alphabetically
-# by member name. If set to NO (the default) the members will appear in
-# declaration order.
-
-SORT_BRIEF_DOCS = NO
-
-# If the SORT_BY_SCOPE_NAME tag is set to YES, the class list will be
-# sorted by fully-qualified names, including namespaces. If set to
-# NO (the default), the class list will be sorted only by class name,
-# not including the namespace part.
-# Note: This option is not very useful if HIDE_SCOPE_NAMES is set to YES.
-# Note: This option applies only to the class list, not to the
-# alphabetical list.
-
-SORT_BY_SCOPE_NAME = NO
-
-# The GENERATE_TODOLIST tag can be used to enable (YES) or
-# disable (NO) the todo list. This list is created by putting \todo
-# commands in the documentation.
-
-GENERATE_TODOLIST = YES
-
-# The GENERATE_TESTLIST tag can be used to enable (YES) or
-# disable (NO) the test list. This list is created by putting \test
-# commands in the documentation.
-
-GENERATE_TESTLIST = YES
-
-# The GENERATE_BUGLIST tag can be used to enable (YES) or
-# disable (NO) the bug list. This list is created by putting \bug
-# commands in the documentation.
-
-GENERATE_BUGLIST = YES
-
-# The GENERATE_DEPRECATEDLIST tag can be used to enable (YES) or
-# disable (NO) the deprecated list. This list is created by putting
-# \deprecated commands in the documentation.
-
-GENERATE_DEPRECATEDLIST= YES
-
-# The ENABLED_SECTIONS tag can be used to enable conditional
-# documentation sections, marked by \if sectionname ... \endif.
-
-ENABLED_SECTIONS =
-
-# The MAX_INITIALIZER_LINES tag determines the maximum number of lines
-# the initial value of a variable or define consists of for it to appear in
-# the documentation. If the initializer consists of more lines than specified
-# here it will be hidden. Use a value of 0 to hide initializers completely.
-# The appearance of the initializer of individual variables and defines in the
-# documentation can be controlled using \showinitializer or \hideinitializer
-# command in the documentation regardless of this setting.
-
-MAX_INITIALIZER_LINES = 30
-
-# Set the SHOW_USED_FILES tag to NO to disable the list of files generated
-# at the bottom of the documentation of classes and structs. If set to YES the
-# list will mention the files that were used to generate the documentation.
-
-SHOW_USED_FILES = NO
-
-# If the sources in your project are distributed over multiple directories
-# then setting the SHOW_DIRECTORIES tag to YES will show the directory hierarchy
-# in the documentation.
-
-SHOW_DIRECTORIES = YES
-
-#---------------------------------------------------------------------------
-# configuration options related to warning and progress messages
-#---------------------------------------------------------------------------
-
-# The QUIET tag can be used to turn on/off the messages that are generated
-# by doxygen. Possible values are YES and NO. If left blank NO is used.
-
-QUIET = YES
-
-# The WARNINGS tag can be used to turn on/off the warning messages that are
-# generated by doxygen. Possible values are YES and NO. If left blank
-# NO is used.
-
-WARNINGS = YES
-
-# If WARN_IF_UNDOCUMENTED is set to YES, then doxygen will generate warnings
-# for undocumented members. If EXTRACT_ALL is set to YES then this flag will
-# automatically be disabled.
-
-WARN_IF_UNDOCUMENTED = YES
-
-# If WARN_IF_DOC_ERROR is set to YES, doxygen will generate warnings for
-# potential errors in the documentation, such as not documenting some
-# parameters in a documented function, or documenting parameters that
-# don't exist or using markup commands wrongly.
-
-WARN_IF_DOC_ERROR = YES
-
-# The WARN_FORMAT tag determines the format of the warning messages that
-# doxygen can produce. The string should contain the $file, $line, and $text
-# tags, which will be replaced by the file and line number from which the
-# warning originated and the warning text.
-
-WARN_FORMAT = "doxygen: $file:$line: $text"
-
-# The WARN_LOGFILE tag can be used to specify a file to which warning
-# and error messages should be written. If left blank the output is written
-# to stderr.
-
-WARN_LOGFILE =
-
-#---------------------------------------------------------------------------
-# configuration options related to the input files
-#---------------------------------------------------------------------------
-
-# The INPUT tag can be used to specify the files and/or directories that contain
-# documented source files. You may enter file names like "myfile.cpp" or
-# directories like "/usr/src/myproject". Separate the files or directories
-# with spaces.
-
-INPUT = . ldns/ doc/ examples/ldns-mx.c examples/ldns-read-zone.c examples/ldns-signzone.c
-
-# If the value of the INPUT tag contains directories, you can use the
-# FILE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
-# and *.h) to filter out the source-files in the directories. If left
-# blank the following patterns are tested:
-# *.c *.cc *.cxx *.cpp *.c++ *.java *.ii *.ixx *.ipp *.i++ *.inl *.h *.hh *.hxx *.hpp
-# *.h++ *.idl *.odl *.cs *.php *.php3 *.inc *.m *.mm
-
-#FILE_PATTERNS = *.h *.c *.dox
-#FILE_PATTERNS = *.h *.dox
-
-# The RECURSIVE tag can be used to turn specify whether or not subdirectories
-# should be searched for input files as well. Possible values are YES and NO.
-# If left blank NO is used.
-
-RECURSIVE = NO
-
-# The EXCLUDE tag can be used to specify files and/or directories that should
-# excluded from the INPUT source files. This way you can easily exclude a
-# subdirectory from a directory tree whose root is specified with the INPUT tag.
-
-EXCLUDE =
-
-# The EXCLUDE_SYMLINKS tag can be used select whether or not files or directories
-# that are symbolic links (a Unix filesystem feature) are excluded from the input.
-
-EXCLUDE_SYMLINKS = NO
-
-# If the value of the INPUT tag contains directories, you can use the
-# EXCLUDE_PATTERNS tag to specify one or more wildcard patterns to exclude
-# certain files from those directories.
-
-EXCLUDE_PATTERNS =
-
-# The EXAMPLE_PATH tag can be used to specify one or more files or
-# directories that contain example code fragments that are included (see
-# the \include command).
-
-EXAMPLE_PATH = examples
-
-# If the value of the EXAMPLE_PATH tag contains directories, you can use the
-# EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
-# and *.h) to filter out the source-files in the directories. If left
-# blank all files are included.
-
-EXAMPLE_PATTERNS =
-
-# If the EXAMPLE_RECURSIVE tag is set to YES then subdirectories will be
-# searched for input files to be used with the \include or \dontinclude
-# commands irrespective of the value of the RECURSIVE tag.
-# Possible values are YES and NO. If left blank NO is used.
-
-EXAMPLE_RECURSIVE = NO
-
-# The IMAGE_PATH tag can be used to specify one or more files or
-# directories that contain image that are included in the documentation (see
-# the \image command).
-
-IMAGE_PATH = doc/images
-
-# The INPUT_FILTER tag can be used to specify a program that doxygen should
-# invoke to filter for each input file. Doxygen will invoke the filter program
-# by executing (via popen()) the command <filter> <input-file>, where <filter>
-# is the value of the INPUT_FILTER tag, and <input-file> is the name of an
-# input file. Doxygen will then use the output that the filter program writes
-# to standard output. If FILTER_PATTERNS is specified, this tag will be
-# ignored.
-
-INPUT_FILTER =
-
-# The FILTER_PATTERNS tag can be used to specify filters on a per file pattern
-# basis. Doxygen will compare the file name with each pattern and apply the
-# filter if there is a match. The filters are a list of the form:
-# pattern=filter (like *.cpp=my_cpp_filter). See INPUT_FILTER for further
-# info on how filters are used. If FILTER_PATTERNS is empty, INPUT_FILTER
-# is applied to all files.
-
-FILTER_PATTERNS =
-
-# If the FILTER_SOURCE_FILES tag is set to YES, the input filter (if set using
-# INPUT_FILTER) will be used to filter the input files when producing source
-# files to browse (i.e. when SOURCE_BROWSER is set to YES).
-
-FILTER_SOURCE_FILES = NO
-
-#---------------------------------------------------------------------------
-# configuration options related to source browsing
-#---------------------------------------------------------------------------
-
-# If the SOURCE_BROWSER tag is set to YES then a list of source files will
-# be generated. Documented entities will be cross-referenced with these sources.
-# Note: To get rid of all source code in the generated output, make sure also
-# VERBATIM_HEADERS is set to NO.
-
-SOURCE_BROWSER = YES
-
-# Setting the INLINE_SOURCES tag to YES will include the body
-# of functions and classes directly in the documentation.
-
-INLINE_SOURCES = NO
-
-# Setting the STRIP_CODE_COMMENTS tag to YES (the default) will instruct
-# doxygen to hide any special comment blocks from generated source code
-# fragments. Normal C and C++ comments will always remain visible.
-
-STRIP_CODE_COMMENTS = YES
-
-# If the REFERENCED_BY_RELATION tag is set to YES (the default)
-# then for each documented function all documented
-# functions referencing it will be listed.
-
-REFERENCED_BY_RELATION = NO
-
-# If the REFERENCES_RELATION tag is set to YES (the default)
-# then for each documented function all documented entities
-# called/used by that function will be listed.
-
-REFERENCES_RELATION = NO
-
-# If the VERBATIM_HEADERS tag is set to YES (the default) then Doxygen
-# will generate a verbatim copy of the header file for each class for
-# which an include is specified. Set to NO to disable this.
-
-VERBATIM_HEADERS = YES
-
-#---------------------------------------------------------------------------
-# configuration options related to the alphabetical class index
-#---------------------------------------------------------------------------
-
-# If the ALPHABETICAL_INDEX tag is set to YES, an alphabetical index
-# of all compounds will be generated. Enable this if the project
-# contains a lot of classes, structs, unions or interfaces.
-
-ALPHABETICAL_INDEX = YES
-
-# If the alphabetical index is enabled (see ALPHABETICAL_INDEX) then
-# the COLS_IN_ALPHA_INDEX tag can be used to specify the number of columns
-# in which this list will be split (can be a number in the range [1..20])
-
-COLS_IN_ALPHA_INDEX = 3
-
-# In case all classes in a project start with a common prefix, all
-# classes will be put under the same header in the alphabetical index.
-# The IGNORE_PREFIX tag can be used to specify one or more prefixes that
-# should be ignored while generating the index headers.
-
-IGNORE_PREFIX = ldns_
-
-#---------------------------------------------------------------------------
-# configuration options related to the HTML output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_HTML tag is set to YES (the default) Doxygen will
-# generate HTML output.
-
-GENERATE_HTML = YES
-
-# The HTML_OUTPUT tag is used to specify where the HTML docs will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank `html' will be used as the default path.
-
-HTML_OUTPUT = html
-
-# The HTML_FILE_EXTENSION tag can be used to specify the file extension for
-# each generated HTML page (for example: .htm,.php,.asp). If it is left blank
-# doxygen will generate files with .html extension.
-
-HTML_FILE_EXTENSION = .html
-
-# The HTML_HEADER tag can be used to specify a personal HTML header for
-# each generated HTML page. If it is left blank doxygen will generate a
-# standard header.
-
-HTML_HEADER = doc/header.html
-
-# The HTML_FOOTER tag can be used to specify a personal HTML footer for
-# each generated HTML page. If it is left blank doxygen will generate a
-# standard footer.
-
-HTML_FOOTER =
-
-# The HTML_STYLESHEET tag can be used to specify a user-defined cascading
-# style sheet that is used by each HTML page. It can be used to
-# fine-tune the look of the HTML output. If the tag is left blank doxygen
-# will generate a default style sheet. Note that doxygen will try to copy
-# the style sheet file to the HTML output directory, so don't put your own
-# stylesheet in the HTML output directory as well, or it will be erased!
-
-#HTML_STYLESHEET = doc/libdns.css
-
-# If the HTML_ALIGN_MEMBERS tag is set to YES, the members of classes,
-# files or namespaces will be aligned in HTML using tables. If set to
-# NO a bullet list will be used.
-
-HTML_ALIGN_MEMBERS = YES
-
-# If the GENERATE_HTMLHELP tag is set to YES, additional index files
-# will be generated that can be used as input for tools like the
-# Microsoft HTML help workshop to generate a compressed HTML help file (.chm)
-# of the generated HTML documentation.
-
-GENERATE_HTMLHELP = NO
-
-# If the GENERATE_HTMLHELP tag is set to YES, the CHM_FILE tag can
-# be used to specify the file name of the resulting .chm file. You
-# can add a path in front of the file if the result should not be
-# written to the html output directory.
-
-CHM_FILE =
-
-# If the GENERATE_HTMLHELP tag is set to YES, the HHC_LOCATION tag can
-# be used to specify the location (absolute path including file name) of
-# the HTML help compiler (hhc.exe). If non-empty doxygen will try to run
-# the HTML help compiler on the generated index.hhp.
-
-HHC_LOCATION =
-
-# If the GENERATE_HTMLHELP tag is set to YES, the GENERATE_CHI flag
-# controls if a separate .chi index file is generated (YES) or that
-# it should be included in the master .chm file (NO).
-
-GENERATE_CHI = NO
-
-# If the GENERATE_HTMLHELP tag is set to YES, the BINARY_TOC flag
-# controls whether a binary table of contents is generated (YES) or a
-# normal table of contents (NO) in the .chm file.
-
-BINARY_TOC = NO
-
-# The TOC_EXPAND flag can be set to YES to add extra items for group members
-# to the contents of the HTML help documentation and to the tree view.
-
-TOC_EXPAND = NO
-
-# The DISABLE_INDEX tag can be used to turn on/off the condensed index at
-# top of each HTML page. The value NO (the default) enables the index and
-# the value YES disables it.
-
-DISABLE_INDEX = NO
-
-# This tag can be used to set the number of enum values (range [1..20])
-# that doxygen will group on one line in the generated HTML documentation.
-
-ENUM_VALUES_PER_LINE = 4
-
-# If the GENERATE_TREEVIEW tag is set to YES, a side panel will be
-# generated containing a tree-like index structure (just like the one that
-# is generated for HTML Help). For this to work a browser that supports
-# JavaScript, DHTML, CSS and frames is required (for instance Mozilla 1.0+,
-# Netscape 6.0+, Internet explorer 5.0+, or Konqueror). Windows users are
-# probably better off using the HTML help feature.
-
-GENERATE_TREEVIEW = NO
-
-# If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be
-# used to set the initial width (in pixels) of the frame in which the tree
-# is shown.
-
-TREEVIEW_WIDTH = 250
-
-#---------------------------------------------------------------------------
-# configuration options related to the LaTeX output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_LATEX tag is set to YES (the default) Doxygen will
-# generate Latex output.
-
-GENERATE_LATEX = NO
-
-# The LATEX_OUTPUT tag is used to specify where the LaTeX docs will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank `latex' will be used as the default path.
-
-LATEX_OUTPUT = latex
-
-# The LATEX_CMD_NAME tag can be used to specify the LaTeX command name to be
-# invoked. If left blank `latex' will be used as the default command name.
-
-LATEX_CMD_NAME = latex
-
-# The MAKEINDEX_CMD_NAME tag can be used to specify the command name to
-# generate index for LaTeX. If left blank `makeindex' will be used as the
-# default command name.
-
-MAKEINDEX_CMD_NAME = makeindex
-
-# If the COMPACT_LATEX tag is set to YES Doxygen generates more compact
-# LaTeX documents. This may be useful for small projects and may help to
-# save some trees in general.
-
-COMPACT_LATEX = NO
-
-# The PAPER_TYPE tag can be used to set the paper type that is used
-# by the printer. Possible values are: a4, a4wide, letter, legal and
-# executive. If left blank a4wide will be used.
-
-PAPER_TYPE = a4wide
-
-# The EXTRA_PACKAGES tag can be to specify one or more names of LaTeX
-# packages that should be included in the LaTeX output.
-
-EXTRA_PACKAGES =
-
-# The LATEX_HEADER tag can be used to specify a personal LaTeX header for
-# the generated latex document. The header should contain everything until
-# the first chapter. If it is left blank doxygen will generate a
-# standard header. Notice: only use this tag if you know what you are doing!
-
-LATEX_HEADER =
-
-# If the PDF_HYPERLINKS tag is set to YES, the LaTeX that is generated
-# is prepared for conversion to pdf (using ps2pdf). The pdf file will
-# contain links (just like the HTML output) instead of page references
-# This makes the output suitable for online browsing using a pdf viewer.
-
-PDF_HYPERLINKS = YES
-
-# If the USE_PDFLATEX tag is set to YES, pdflatex will be used instead of
-# plain latex in the generated Makefile. Set this option to YES to get a
-# higher quality PDF documentation.
-
-USE_PDFLATEX = YES
-
-# If the LATEX_BATCHMODE tag is set to YES, doxygen will add the \\batchmode.
-# command to the generated LaTeX files. This will instruct LaTeX to keep
-# running if errors occur, instead of asking the user for help.
-# This option is also used when generating formulas in HTML.
-
-LATEX_BATCHMODE = YES
-
-# If LATEX_HIDE_INDICES is set to YES then doxygen will not
-# include the index chapters (such as File Index, Compound Index, etc.)
-# in the output.
-
-LATEX_HIDE_INDICES = NO
-
-#---------------------------------------------------------------------------
-# configuration options related to the RTF output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_RTF tag is set to YES Doxygen will generate RTF output
-# The RTF output is optimized for Word 97 and may not look very pretty with
-# other RTF readers or editors.
-
-GENERATE_RTF = NO
-
-# The RTF_OUTPUT tag is used to specify where the RTF docs will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank `rtf' will be used as the default path.
-
-RTF_OUTPUT = rtf
-
-# If the COMPACT_RTF tag is set to YES Doxygen generates more compact
-# RTF documents. This may be useful for small projects and may help to
-# save some trees in general.
-
-COMPACT_RTF = NO
-
-# If the RTF_HYPERLINKS tag is set to YES, the RTF that is generated
-# will contain hyperlink fields. The RTF file will
-# contain links (just like the HTML output) instead of page references.
-# This makes the output suitable for online browsing using WORD or other
-# programs which support those fields.
-# Note: wordpad (write) and others do not support links.
-
-RTF_HYPERLINKS = NO
-
-# Load stylesheet definitions from file. Syntax is similar to doxygen's
-# config file, i.e. a series of assignments. You only have to provide
-# replacements, missing definitions are set to their default value.
-
-RTF_STYLESHEET_FILE =
-
-# Set optional variables used in the generation of an rtf document.
-# Syntax is similar to doxygen's config file.
-
-RTF_EXTENSIONS_FILE =
-
-#---------------------------------------------------------------------------
-# configuration options related to the man page output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_MAN tag is set to YES (the default) Doxygen will
-# generate man pages
-
-GENERATE_MAN = NO
-
-# The MAN_OUTPUT tag is used to specify where the man pages will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank `man' will be used as the default path.
-
-MAN_OUTPUT = man
-
-# The MAN_EXTENSION tag determines the extension that is added to
-# the generated man pages (default is the subroutine's section .3)
-
-MAN_EXTENSION = .3
-
-# If the MAN_LINKS tag is set to YES and Doxygen generates man output,
-# then it will generate one additional man file for each entity
-# documented in the real man page(s). These additional files
-# only source the real man page, but without them the man command
-# would be unable to find the correct page. The default is NO.
-
-MAN_LINKS = NO
-
-#---------------------------------------------------------------------------
-# configuration options related to the XML output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_XML tag is set to YES Doxygen will
-# generate an XML file that captures the structure of
-# the code including all documentation.
-
-GENERATE_XML = NO
-
-# The XML_OUTPUT tag is used to specify where the XML pages will be put.
-# If a relative path is entered the value of OUTPUT_DIRECTORY will be
-# put in front of it. If left blank `xml' will be used as the default path.
-
-XML_OUTPUT = xml
-
-# The XML_SCHEMA tag can be used to specify an XML schema,
-# which can be used by a validating XML parser to check the
-# syntax of the XML files.
-
-XML_SCHEMA =
-
-# The XML_DTD tag can be used to specify an XML DTD,
-# which can be used by a validating XML parser to check the
-# syntax of the XML files.
-
-XML_DTD =
-
-# If the XML_PROGRAMLISTING tag is set to YES Doxygen will
-# dump the program listings (including syntax highlighting
-# and cross-referencing information) to the XML output. Note that
-# enabling this will significantly increase the size of the XML output.
-
-XML_PROGRAMLISTING = YES
-
-#---------------------------------------------------------------------------
-# configuration options for the AutoGen Definitions output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_AUTOGEN_DEF tag is set to YES Doxygen will
-# generate an AutoGen Definitions (see autogen.sf.net) file
-# that captures the structure of the code including all
-# documentation. Note that this feature is still experimental
-# and incomplete at the moment.
-
-GENERATE_AUTOGEN_DEF = NO
-
-#---------------------------------------------------------------------------
-# configuration options related to the Perl module output
-#---------------------------------------------------------------------------
-
-# If the GENERATE_PERLMOD tag is set to YES Doxygen will
-# generate a Perl module file that captures the structure of
-# the code including all documentation. Note that this
-# feature is still experimental and incomplete at the
-# moment.
-
-GENERATE_PERLMOD = NO
-
-# If the PERLMOD_LATEX tag is set to YES Doxygen will generate
-# the necessary Makefile rules, Perl scripts and LaTeX code to be able
-# to generate PDF and DVI output from the Perl module output.
-
-PERLMOD_LATEX = NO
-
-# If the PERLMOD_PRETTY tag is set to YES the Perl module output will be
-# nicely formatted so it can be parsed by a human reader. This is useful
-# if you want to understand what is going on. On the other hand, if this
-# tag is set to NO the size of the Perl module output will be much smaller
-# and Perl will parse it just the same.
-
-PERLMOD_PRETTY = YES
-
-# The names of the make variables in the generated doxyrules.make file
-# are prefixed with the string contained in PERLMOD_MAKEVAR_PREFIX.
-# This is useful so different doxyrules.make files included by the same
-# Makefile don't overwrite each other's variables.
-
-PERLMOD_MAKEVAR_PREFIX =
-
-#---------------------------------------------------------------------------
-# Configuration options related to the preprocessor
-#---------------------------------------------------------------------------
-
-# If the ENABLE_PREPROCESSING tag is set to YES (the default) Doxygen will
-# evaluate all C-preprocessor directives found in the sources and include
-# files.
-
-ENABLE_PREPROCESSING = YES
-
-# If the MACRO_EXPANSION tag is set to YES Doxygen will expand all macro
-# names in the source code. If set to NO (the default) only conditional
-# compilation will be performed. Macro expansion can be done in a controlled
-# way by setting EXPAND_ONLY_PREDEF to YES.
-
-MACRO_EXPANSION = YES
-
-# If the EXPAND_ONLY_PREDEF and MACRO_EXPANSION tags are both set to YES
-# then the macro expansion is limited to the macros specified with the
-# PREDEFINED and EXPAND_AS_PREDEFINED tags.
-
-EXPAND_ONLY_PREDEF = NO
-
-# If the SEARCH_INCLUDES tag is set to YES (the default) the includes files
-# in the INCLUDE_PATH (see below) will be search if a #include is found.
-
-SEARCH_INCLUDES = YES
-
-# The INCLUDE_PATH tag can be used to specify one or more directories that
-# contain include files that are not input files but should be processed by
-# the preprocessor.
-
-INCLUDE_PATH =
-
-# You can use the INCLUDE_FILE_PATTERNS tag to specify one or more wildcard
-# patterns (like *.h and *.hpp) to filter out the header-files in the
-# directories. If left blank, the patterns specified with FILE_PATTERNS will
-# be used.
-
-INCLUDE_FILE_PATTERNS =
-
-# The PREDEFINED tag can be used to specify one or more macro names that
-# are defined before the preprocessor is started (similar to the -D option of
-# gcc). The argument of the tag is a list of macros of the form: name
-# or name=definition (no spaces). If the definition and the = are
-# omitted =1 is assumed. To prevent a macro definition from being
-# undefined via #undef or recursively expanded use the := operator
-# instead of the = operator.
-
-PREDEFINED = HAVE_SSL
-
-# If the MACRO_EXPANSION and EXPAND_ONLY_PREDEF tags are set to YES then
-# this tag can be used to specify a list of macro names that should be expanded.
-# The macro definition that is found in the sources will be used.
-# Use the PREDEFINED tag if you want to use a different macro definition.
-
-EXPAND_AS_DEFINED =
-
-# If the SKIP_FUNCTION_MACROS tag is set to YES (the default) then
-# doxygen's preprocessor will remove all function-like macros that are alone
-# on a line, have an all uppercase name, and do not end with a semicolon. Such
-# function macros are typically used for boiler-plate code, and will confuse the
-# parser if not removed.
-
-SKIP_FUNCTION_MACROS = YES
-
-#---------------------------------------------------------------------------
-# Configuration::additions related to external references
-#---------------------------------------------------------------------------
-
-# The TAGFILES option can be used to specify one or more tagfiles.
-# Optionally an initial location of the external documentation
-# can be added for each tagfile. The format of a tag file without
-# this location is as follows:
-# TAGFILES = file1 file2 ...
-# Adding location for the tag files is done as follows:
-# TAGFILES = file1=loc1 "file2 = loc2" ...
-# where "loc1" and "loc2" can be relative or absolute paths or
-# URLs. If a location is present for each tag, the installdox tool
-# does not have to be run to correct the links.
-# Note that each tag file must have a unique name
-# (where the name does NOT include the path)
-# If a tag file is not located in the directory in which doxygen
-# is run, you must also specify the path to the tagfile here.
-
-TAGFILES =
-
-# When a file name is specified after GENERATE_TAGFILE, doxygen will create
-# a tag file that is based on the input files it reads.
-
-GENERATE_TAGFILE =
-
-# If the ALLEXTERNALS tag is set to YES all external classes will be listed
-# in the class index. If set to NO only the inherited external classes
-# will be listed.
-
-ALLEXTERNALS = NO
-
-# If the EXTERNAL_GROUPS tag is set to YES all external groups will be listed
-# in the modules index. If set to NO, only the current project's groups will
-# be listed.
-
-EXTERNAL_GROUPS = YES
-
-# The PERL_PATH should be the absolute path and name of the perl script
-# interpreter (i.e. the result of `which perl').
-
-PERL_PATH = /usr/bin/perl
-
-#---------------------------------------------------------------------------
-# Configuration options related to the dot tool
-#---------------------------------------------------------------------------
-
-# If the CLASS_DIAGRAMS tag is set to YES (the default) Doxygen will
-# generate a inheritance diagram (in HTML, RTF and LaTeX) for classes with base or
-# super classes. Setting the tag to NO turns the diagrams off. Note that this
-# option is superseded by the HAVE_DOT option below. This is only a fallback. It is
-# recommended to install and use dot, since it yields more powerful graphs.
-
-CLASS_DIAGRAMS = YES
-
-# If set to YES, the inheritance and collaboration graphs will hide
-# inheritance and usage relations if the target is undocumented
-# or is not a class.
-
-HIDE_UNDOC_RELATIONS = YES
-
-# If you set the HAVE_DOT tag to YES then doxygen will assume the dot tool is
-# available from the path. This tool is part of Graphviz, a graph visualization
-# toolkit from AT&T and Lucent Bell Labs. The other options in this section
-# have no effect if this option is set to NO (the default)
-
-HAVE_DOT = NO
-
-# If the CLASS_GRAPH and HAVE_DOT tags are set to YES then doxygen
-# will generate a graph for each documented class showing the direct and
-# indirect inheritance relations. Setting this tag to YES will force the
-# the CLASS_DIAGRAMS tag to NO.
-
-CLASS_GRAPH = YES
-
-# If the COLLABORATION_GRAPH and HAVE_DOT tags are set to YES then doxygen
-# will generate a graph for each documented class showing the direct and
-# indirect implementation dependencies (inheritance, containment, and
-# class references variables) of the class with other documented classes.
-
-COLLABORATION_GRAPH = YES
-
-# If the UML_LOOK tag is set to YES doxygen will generate inheritance and
-# collaboration diagrams in a style similar to the OMG's Unified Modeling
-# Language.
-
-UML_LOOK = NO
-
-# If set to YES, the inheritance and collaboration graphs will show the
-# relations between templates and their instances.
-
-TEMPLATE_RELATIONS = NO
-
-# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDE_GRAPH, and HAVE_DOT
-# tags are set to YES then doxygen will generate a graph for each documented
-# file showing the direct and indirect include dependencies of the file with
-# other documented files.
-
-INCLUDE_GRAPH = YES
-
-# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDED_BY_GRAPH, and
-# HAVE_DOT tags are set to YES then doxygen will generate a graph for each
-# documented header file showing the documented files that directly or
-# indirectly include this file.
-
-INCLUDED_BY_GRAPH = YES
-
-# If the CALL_GRAPH and HAVE_DOT tags are set to YES then doxygen will
-# generate a call dependency graph for every global function or class method.
-# Note that enabling this option will significantly increase the time of a run.
-# So in most cases it will be better to enable call graphs for selected
-# functions only using the \callgraph command.
-
-CALL_GRAPH = YES
-SOURCE_BROWSER = YES
-REFERENCES_RELATION = YES
-
-# If the GRAPHICAL_HIERARCHY and HAVE_DOT tags are set to YES then doxygen
-# will graphical hierarchy of all classes instead of a textual one.
-
-GRAPHICAL_HIERARCHY = YES
-
-# The DOT_IMAGE_FORMAT tag can be used to set the image format of the images
-# generated by dot. Possible values are png, jpg, or gif
-# If left blank png will be used.
-
-DOT_IMAGE_FORMAT = png
-
-# The tag DOT_PATH can be used to specify the path where the dot tool can be
-# found. If left blank, it is assumed the dot tool can be found on the path.
-
-DOT_PATH =
-
-# The DOTFILE_DIRS tag can be used to specify one or more directories that
-# contain dot files that are included in the documentation (see the
-# \dotfile command).
-
-DOTFILE_DIRS =
-
-# If the GENERATE_LEGEND tag is set to YES (the default) Doxygen will
-# generate a legend page explaining the meaning of the various boxes and
-# arrows in the dot generated graphs.
-
-GENERATE_LEGEND = YES
-
-# If the DOT_CLEANUP tag is set to YES (the default) Doxygen will
-# remove the intermediate dot files that are used to generate
-# the various graphs.
-
-DOT_CLEANUP = YES
-
-#---------------------------------------------------------------------------
-# Configuration::additions related to the search engine
-#---------------------------------------------------------------------------
-
-# The SEARCHENGINE tag specifies whether or not a search engine should be
-# used. If set to NO the values of all tags below this one will be ignored.
-
-SEARCHENGINE = NO
+++ /dev/null
-" Vim syntax file
-" Language: C libdns
-" Maintainer: miekg
-" Last change: 2004-12-15
-
-" util.h
-syn keyword ldnsMacro LDNS_MALLOC
-syn keyword ldnsMacro LDNS_XMALLOC
-syn keyword ldnsMacro LDNS_REALLOC
-syn keyword ldnsMacro LDNS_XREALLOC
-syn keyword ldnsMacro LDNS_FREE
-syn keyword ldnsMacro LDNS_DEP
-
-" ldns/tsig.h
-syn keyword ldnsType ldns_tsig_credentials
-
-" ldns/rdata.h
-syn keyword ldnsType ldns_rdf
-syn keyword ldnsType ldns_rdf_type
-syn keyword ldnsType ldns_hdr
-syn keyword ldnsType ldns_status
-syn keyword ldnsType ldns_rrset
-syn keyword ldnsType ldns_dname
-syn keyword ldnsConstant true
-syn keyword ldnsConstant false
-syn keyword ldnsFunction ldns_rdf_get_type
-
-syn keyword ldnsConstant LDNS_RDF_TYPE_NONE
-syn keyword ldnsConstant LDNS_RDF_TYPE_DNAME
-syn keyword ldnsConstant LDNS_RDF_TYPE_INT8
-syn keyword ldnsConstant LDNS_RDF_TYPE_INT16
-syn keyword ldnsConstant LDNS_RDF_TYPE_INT16_DATA
-syn keyword ldnsConstant LDNS_RDF_TYPE_INT32
-syn keyword ldnsConstant LDNS_RDF_TYPE_A
-syn keyword ldnsConstant LDNS_RDF_TYPE_AAAA
-syn keyword ldnsConstant LDNS_RDF_TYPE_STR
-syn keyword ldnsConstant LDNS_RDF_TYPE_APL
-syn keyword ldnsConstant LDNS_RDF_TYPE_B64
-syn keyword ldnsConstant LDNS_RDF_TYPE_HEX
-syn keyword ldnsConstant LDNS_RDF_TYPE_NSEC
-syn keyword ldnsConstant LDNS_RDF_TYPE_TYPE
-syn keyword ldnsConstant LDNS_RDF_TYPE_CLASS
-syn keyword ldnsConstant LDNS_RDF_TYPE_CERT
-syn keyword ldnsConstant LDNS_RDF_TYPE_CERT_ALG
-syn keyword ldnsConstant LDNS_RDF_TYPE_ALG
-syn keyword ldnsConstant LDNS_RDF_TYPE_UNKNOWN
-syn keyword ldnsConstant LDNS_RDF_TYPE_TIME
-syn keyword ldnsConstant LDNS_RDF_TYPE_PERIOD
-syn keyword ldnsConstant LDNS_RDF_TYPE_TSIGTIME
-syn keyword ldnsConstant LDNS_RDF_TYPE_SERVICE
-syn keyword ldnsConstant LDNS_RDF_TYPE_LOC
-syn keyword ldnsConstant LDNS_RDF_TYPE_WKS
-syn keyword ldnsConstant LDNS_RDF_TYPE_NSAP
-syn keyword ldnsConstant LDNS_RDF_TYPE_IPSECKEY
-syn keyword ldnsConstant LDNS_RDF_TYPE_TSIG
-syn keyword ldnsConstant LDNS_MAX_RDFLEN
-syn keyword ldnsConstant LDNS_RDF_SIZE_BYTE
-syn keyword ldnsConstant LDNS_RDF_SIZE_WORD
-syn keyword ldnsConstant LDNS_RDF_SIZE_DOUBLEWORD
-syn keyword ldnsConstant LDNS_RDF_SIZE_6BYTES
-syn keyword ldnsConstant LDNS_RDF_SIZE_16BYTES
-
-" ldns/ldns.h
-syn keyword ldnsConstant LDNS_PORT
-syn keyword ldnsConstant LDNS_IP4ADDRLEN
-syn keyword ldnsConstant LDNS_IP6ADDRLEN
-syn keyword ldnsConstant LDNS_ROOT_LABEL
-syn keyword ldnsConstant LDNS_DEFAULT_TTL
-
-" ldns/packet.h
-syn keyword ldnsType ldns_pkt
-syn keyword ldnsType ldns_pkt_section
-syn keyword ldnsType ldns_pkt_type
-syn keyword ldnsType ldns_pkt_opcode
-syn keyword ldnsType ldns_pkt_rcode
-syn keyword ldnsConstant LDNS_QR
-syn keyword ldnsConstant LDNS_AA
-syn keyword ldnsConstant LDNS_TC
-syn keyword ldnsConstant LDNS_CD
-syn keyword ldnsConstant LDNS_RA
-syn keyword ldnsConstant LDNS_AD
-syn keyword ldnsConstant LDNS_PACKET_QUESTION
-syn keyword ldnsConstant LDNS_PACKET_REFERRAL
-syn keyword ldnsConstant LDNS_PACKET_ANSWER
-syn keyword ldnsConstant LDNS_PACKET_NXDOMAIN
-syn keyword ldnsConstant LDNS_PACKET_NODATA
-syn keyword ldnsConstant LDNS_PACKET_UNKNOWN
-syn keyword ldnsConstant LDNS_SECTION_QUESTION
-syn keyword ldnsConstant LDNS_SECTION_ANSWER
-syn keyword ldnsConstant LDNS_SECTION_AUTHORITY
-syn keyword ldnsConstant LDNS_SECTION_ADDITIONAL
-syn keyword ldnsConstant LDNS_SECTION_ANY
-syn keyword ldnsConstant LDNS_SECTION_ANY_NOQUESTION
-syn keyword ldnsConstant LDNS_MAX_PACKETLEN
-syn keyword ldnsConstant LDNS_PACKET_QUERY
-syn keyword ldnsConstant LDNS_PACKET_IQUERY
-syn keyword ldnsConstant LDNS_PACKET_STATUS
-syn keyword ldnsConstant LDNS_PACKET_NOTIFY
-syn keyword ldnsConstant LDNS_PACKET_UPDATE
-
-syn keyword ldnsConstant LDNS_RCODE_NOERROR
-syn keyword ldnsConstant LDNS_RCODE_FORMERR
-syn keyword ldnsConstant LDNS_RCODE_SERVFAIL
-syn keyword ldnsConstant LDNS_RCODE_NXDOMAIN
-syn keyword ldnsConstant LDNS_RCODE_NOTIMPL
-syn keyword ldnsConstant LDNS_RCODE_REFUSED
-syn keyword ldnsConstant LDNS_RCODE_YXDOMAIN
-syn keyword ldnsConstant LDNS_RCODE_YXRRSET
-syn keyword ldnsConstant LDNS_RCODE_NXRRSET
-syn keyword ldnsConstant LDNS_RCODE_NOTAUTH
-syn keyword ldnsConstant LDNS_RCODE_NOTZONE
-
-" dns/error.h
-syn keyword ldnsMacro LDNS_STATUS_OK
-syn keyword ldnsMacro LDNS_STATUS_EMPTY_LABEL
-syn keyword ldnsMacro LDNS_STATUS_LABEL_OVERFLOW
-syn keyword ldnsMacro LDNS_STATUS_LABEL_UNDERFLOW
-syn keyword ldnsMacro LDNS_STATUS_DOMAINNAME_OVERFLOW
-syn keyword ldnsMacro LDNS_STATUS_DOMAINNAME_UNDERFLOW
-syn keyword ldnsMacro LDNS_STATUS_DDD_OVERFLOW
-syn keyword ldnsMacro LDNS_STATUS_PACKET_OVERFLOW
-syn keyword ldnsMacro LDNS_STATUS_MEM_ERR
-syn keyword ldnsMacro LDNS_STATUS_INTERNAL_ERR
-syn keyword ldnsMacro LDNS_STATUS_ERR
-syn keyword ldnsMacro LDNS_STATUS_ADDRESS_ERR
-syn keyword ldnsMacro LDNS_STATUS_NETWORK_ERR
-syn keyword ldnsMacro LDNS_STATUS_NO_NAMESERVERS_ERR
-syn keyword ldnsMacro LDNS_STATUS_INVALID_POINTER
-syn keyword ldnsMacro LDNS_STATUS_INVALID_INT
-syn keyword ldnsMacro LDNS_STATUS_INVALID_IP4
-syn keyword ldnsMacro LDNS_STATUS_INVALID_IP6
-syn keyword ldnsMacro LDNS_STATUS_INVALID_STR
-syn keyword ldnsMacro LDNS_STATUS_INVALID_B64
-syn keyword ldnsMacro LDNS_STATUS_INVALID_HEX
-syn keyword ldnsMacro LDNS_STATUS_UNKNOWN_INET
-syn keyword ldnsMacro LDNS_STATUS_NOT_IMPL
-syn keyword ldnsMacro LDNS_STATUS_CRYPTO_UNKNOWN_ALGO
-syn keyword ldnsMacro LDNS_STATUS_CRYPTO_VALIDATED
-syn keyword ldnsMacro LDNS_STATUS_CRYPTO_BOGUS
-syn keyword ldnsMacro LDNS_STATUS_INVALID_INT
-syn keyword ldnsMacro LDNS_STATUS_INVALID_TIME
-syn keyword ldnsMacro LDNS_STATUS_NETWORK_ERR
-syn keyword ldnsMacro LDNS_STATUS_ADDRESS_ERR
-syn keyword ldnsMacro LDNS_STATUS_CRYPTO_NO_RRSIG
-syn keyword ldnsMacro LDNS_STATUS_NULL
-syn keyword ldnsMacro LDNS_STATUS_CRYPTO_ALGO_NOT_IMPL
-syn keyword ldnsMacro LDNS_STATUS_CRYPTO_NO_DNSKEY
-syn keyword ldnsMacro LDNS_STATUS_CRYPTO_NO_TRUSTED_DNSKEY
-syn keyword ldnsMacro LDNS_STATUS_CRYPTO_NO_MATCHING_KEYTAG_DNSKEY
-syn keyword ldnsMacro LDNS_STATUS_CRYPTO_SIG_EXPIRED
-syn keyword ldnsMacro LDNS_STATUS_CRYPTO_SIG_NOT_INCEPTED
-syn keyword ldnsMacro LDNS_STATUS_CRYPTO_TSIG_ERR
-syn keyword ldnsMacro LDNS_STATUS_CRYPTO_TYPE_COVERED_ERR
-syn keyword ldnsMacro LDNS_STATUS_CRYPTO_TSIG_BOGUS
-syn keyword ldnsMacro LDNS_STATUS_CRYPTO_EXPIRATION_BEFORE_INCEPTION
-syn keyword ldnsMacro LDNS_STATUS_CRYPTO_TSIG_ERR
-syn keyword ldnsMacro LDNS_STATUS_RES_NO_NS
-syn keyword ldnsMacro LDNS_STATUS_RES_QUERY
-syn keyword ldnsMacro LDNS_STATUS_WIRE_INCOMPLETE_HEADER
-syn keyword ldnsMacro LDNS_STATUS_WIRE_INCOMPLETE_QUESTION
-syn keyword ldnsMacro LDNS_STATUS_WIRE_INCOMPLETE_ANSWER
-syn keyword ldnsMacro LDNS_STATUS_WIRE_INCOMPLETE_AUTHORITY
-syn keyword ldnsMacro LDNS_STATUS_WIRE_INCOMPLETE_ADDITIONAL
-syn keyword ldnsMacro LDNS_STATUS_NO_DATA
-syn keyword ldnsMacro LDNS_STATUS_CERT_BAD_ALGORITHM
-
-" ldns/resolver.h
-syn keyword ldnsType ldns_resolver
-
-" ldns/zone.h
-syn keyword ldnsType ldns_zone
-
-" ldns/rr.h
-syn keyword ldnsType ldns_rr_list
-syn keyword ldnsType ldns_rr_descriptor
-syn keyword ldnsType ldns_rr
-syn keyword ldnsType ldns_rr_type
-syn keyword ldnsType ldns_rr_class
-syn keyword ldnsType ldns_rr_compress
-
-syn keyword ldnsConstant LDNS_RR_CLASS_IN
-syn keyword ldnsConstant LDNS_RR_CLASS_CH
-syn keyword ldnsConstant LDNS_RR_CLASS_HS
-syn keyword ldnsConstant LDNS_RR_CLASS_NONE
-syn keyword ldnsConstant LDNS_RR_CLASS_ANY
-
-syn keyword ldnsConstant LDNS_RR_TYPE_A
-syn keyword ldnsConstant LDNS_RR_TYPE_NS
-syn keyword ldnsConstant LDNS_RR_TYPE_MD
-syn keyword ldnsConstant LDNS_RR_TYPE_MF
-syn keyword ldnsConstant LDNS_RR_TYPE_CNAME
-syn keyword ldnsConstant LDNS_RR_TYPE_SOA
-syn keyword ldnsConstant LDNS_RR_TYPE_MB
-syn keyword ldnsConstant LDNS_RR_TYPE_MG
-syn keyword ldnsConstant LDNS_RR_TYPE_MR
-syn keyword ldnsConstant LDNS_RR_TYPE_NULL
-syn keyword ldnsConstant LDNS_RR_TYPE_WKS
-syn keyword ldnsConstant LDNS_RR_TYPE_PTR
-syn keyword ldnsConstant LDNS_RR_TYPE_HINFO
-syn keyword ldnsConstant LDNS_RR_TYPE_MINFO
-syn keyword ldnsConstant LDNS_RR_TYPE_MX
-syn keyword ldnsConstant LDNS_RR_TYPE_TXT
-syn keyword ldnsConstant LDNS_RR_TYPE_RP
-syn keyword ldnsConstant LDNS_RR_TYPE_AFSDB
-syn keyword ldnsConstant LDNS_RR_TYPE_X25
-syn keyword ldnsConstant LDNS_RR_TYPE_ISDN
-syn keyword ldnsConstant LDNS_RR_TYPE_RT
-syn keyword ldnsConstant LDNS_RR_TYPE_NSAP
-syn keyword ldnsConstant LDNS_RR_TYPE_SIG
-syn keyword ldnsConstant LDNS_RR_TYPE_KEY
-syn keyword ldnsConstant LDNS_RR_TYPE_PX
-syn keyword ldnsConstant LDNS_RR_TYPE_GPOS
-syn keyword ldnsConstant LDNS_RR_TYPE_AAAA
-syn keyword ldnsConstant LDNS_RR_TYPE_LOC
-syn keyword ldnsConstant LDNS_RR_TYPE_NXT
-syn keyword ldnsConstant LDNS_RR_TYPE_SRV
-syn keyword ldnsConstant LDNS_RR_TYPE_NAPTR
-syn keyword ldnsConstant LDNS_RR_TYPE_KX
-syn keyword ldnsConstant LDNS_RR_TYPE_CERT
-syn keyword ldnsConstant LDNS_RR_TYPE_DNAME
-syn keyword ldnsConstant LDNS_RR_TYPE_OPT
-syn keyword ldnsConstant LDNS_RR_TYPE_APL
-syn keyword ldnsConstant LDNS_RR_TYPE_DS
-syn keyword ldnsConstant LDNS_RR_TYPE_SSHFP
-syn keyword ldnsConstant LDNS_RR_TYPE_RRSIG
-syn keyword ldnsConstant LDNS_RR_TYPE_NSEC
-syn keyword ldnsConstant LDNS_RR_TYPE_DNSKEY
-syn keyword ldnsConstant LDNS_RR_TYPE_EID
-syn keyword ldnsConstant LDNS_RR_TYPE_NIMLOC
-syn keyword ldnsConstant LDNS_RR_TYPE_ATMA
-syn keyword ldnsConstant LDNS_RR_TYPE_A6
-syn keyword ldnsConstant LDNS_RR_TYPE_SINK
-syn keyword ldnsConstant LDNS_RR_TYPE_IPSECKEY
-syn keyword ldnsConstant LDNS_RR_TYPE_UINFO
-syn keyword ldnsConstant LDNS_RR_TYPE_UID
-syn keyword ldnsConstant LDNS_RR_TYPE_GID
-syn keyword ldnsConstant LDNS_RR_TYPE_UNSPEC
-syn keyword ldnsConstant LDNS_RR_TYPE_TSIG
-syn keyword ldnsConstant LDNS_RR_TYPE_IXFR
-syn keyword ldnsConstant LDNS_RR_TYPE_AXFR
-syn keyword ldnsConstant LDNS_RR_TYPE_MAILB
-syn keyword ldnsConstant LDNS_RR_TYPE_MAILA
-syn keyword ldnsConstant LDNS_RR_TYPE_ANY
-syn keyword ldnsConstant LDNS_MAX_LABELLEN
-syn keyword ldnsConstant LDNS_MAX_DOMAINLEN
-syn keyword ldnsConstant LDNS_RR_COMPRESS
-syn keyword ldnsConstant LDNS_RR_NO_COMPRESS
-
-syn keyword ldnsMacro QHEADERSZ
-syn keyword ldnsMacro RD_MASK
-syn keyword ldnsMacro RD_SHIFT
-syn keyword ldnsMacro LDNS_RD
-syn keyword ldnsMacro RD_SET
-syn keyword ldnsMacro RD_CLR
-syn keyword ldnsMacro TC_MASK
-syn keyword ldnsMacro TC_SHIFT
-syn keyword ldnsMacro LDNS_TC
-syn keyword ldnsMacro TC_SET
-syn keyword ldnsMacro TC_CLR
-syn keyword ldnsMacro AA_MASK
-syn keyword ldnsMacro AA_SHIFT
-syn keyword ldnsMacro LDNS_AA
-syn keyword ldnsMacro AA_SET
-syn keyword ldnsMacro AA_CLR
-syn keyword ldnsMacro OPCODE_MASK
-syn keyword ldnsMacro OPCODE_SHIFT
-syn keyword ldnsMacro OPCODE
-syn keyword ldnsMacro OPCODE_SET
-syn keyword ldnsMacro QR_MASK
-syn keyword ldnsMacro QR_SHIFT
-syn keyword ldnsMacro LDNS_QR
-syn keyword ldnsMacro QR_SET
-syn keyword ldnsMacro QR_CLR
-syn keyword ldnsMacro RCODE_MASK
-syn keyword ldnsMacro RCODE_SHIFT
-syn keyword ldnsMacro RCODE
-syn keyword ldnsMacro RCODE_SET
-syn keyword ldnsMacro CD_MASK
-syn keyword ldnsMacro CD_SHIFT
-syn keyword ldnsMacro LDNS_CD
-syn keyword ldnsMacro CD_SET
-syn keyword ldnsMacro CD_CLR
-syn keyword ldnsMacro AD_MASK
-syn keyword ldnsMacro AD_SHIFT
-syn keyword ldnsMacro LDNS_AD
-syn keyword ldnsMacro AD_SET
-syn keyword ldnsMacro AD_CLR
-syn keyword ldnsMacro Z_MASK
-syn keyword ldnsMacro Z_SHIFT
-syn keyword ldnsMacro LDNS_Z
-syn keyword ldnsMacro Z_SET
-syn keyword ldnsMacro Z_CLR
-syn keyword ldnsMacro RA_MASK
-syn keyword ldnsMacro RA_SHIFT
-syn keyword ldnsMacro LDNS_RA
-syn keyword ldnsMacro RA_SET
-syn keyword ldnsMacro RA_CLR
-syn keyword ldnsMacro LDNS_ID
-syn keyword ldnsMacro QDCOUNT_OFF
-syn keyword ldnsMacro QDCOUNT
-syn keyword ldnsMacro ANCOUNT_OFF
-syn keyword ldnsMacro ANCOUNT
-syn keyword ldnsMacro NSCOUNT_OFF
-syn keyword ldnsMacro NSCOUNT
-syn keyword ldnsMacro ARCOUNT_OFF
-syn keyword ldnsMacro ARCOUNT
-
-" ldns/buffer.h
-syn keyword ldnsType ldns_buffer
-syn keyword ldnsConstant LDNS_MIN_BUFLEN
-
-" ldns/host2str.h
-syn keyword ldnsType ldns_lookup_table
-syn keyword ldnsConstant LDNS_APL_IP4
-syn keyword ldnsConstant LDNS_APL_IP6
-
-" ldns/keys.h
-syn keyword ldnsType ldns_key
-syn keyword ldnsType ldns_key_list
-syn keyword ldnsType ldns_signing_algorithm
-syn keyword ldnsType ldns_hash
-
-" ldns/dnssec.h
-syn keyword ldnsConstant LDNS_MAX_KEYLEN
-
-" Default highlighting
-command -nargs=+ HiLink hi def link <args>
-HiLink ldnsType Type
-HiLink ldnsFunction Function
-HiLink ldnsMacro Macro
-HiLink ldnsConstant Constant
-delcommand HiLink
+++ /dev/null
-
-#include "ldns/config.h"
-#include <ldns/ldns.h>
-
-int
-main(void)
-{
- ldns_rr *rr = ldns_rr_new();
-
- ldns_rr_free(rr);
- return 0;
-}
-
+++ /dev/null
-/*
- * net.c
- *
- * Network implementation
- * All network related functions are grouped here
- *
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2004-2006
- *
- * See the file LICENSE for the license
- */
-
-#include <ldns/config.h>
-
-#include <ldns/ldns.h>
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-#ifdef _MSC_VER
-#include <compat/gettimeofday.h>
-#include <time.h>
-#else
-#include <sys/time.h>
-#endif
-#include <errno.h>
-#include <fcntl.h>
-
-ldns_status
-ldns_send(ldns_pkt **result_packet, ldns_resolver *r, const ldns_pkt *query_pkt)
-{
- ldns_buffer *qb;
- ldns_status result;
- ldns_rdf *tsig_mac = NULL;
-
- qb = ldns_buffer_new(LDNS_MIN_BUFLEN);
-
- if (query_pkt && ldns_pkt_tsig(query_pkt)) {
- tsig_mac = ldns_rr_rdf(ldns_pkt_tsig(query_pkt), 3);
- }
-
- if (!query_pkt ||
- ldns_pkt2buffer_wire(qb, query_pkt) != LDNS_STATUS_OK) {
- result = LDNS_STATUS_ERR;
- } else {
- result = ldns_send_buffer(result_packet, r, qb, tsig_mac);
- }
-
- ldns_buffer_free(qb);
-
- return result;
-}
-
-ldns_status
-ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf *tsig_mac)
-{
- uint8_t i;
-
- struct sockaddr_storage *ns;
- size_t ns_len;
- struct timeval tv_s;
- struct timeval tv_e;
-
- ldns_rdf **ns_array;
- size_t *rtt;
- ldns_pkt *reply;
- bool all_servers_rtt_inf;
- uint8_t retries;
-
- uint8_t *reply_bytes = NULL;
- size_t reply_size = 0;
- ldns_status status, send_status;
-
- assert(r != NULL);
-
- status = LDNS_STATUS_OK;
- rtt = ldns_resolver_rtt(r);
- ns_array = ldns_resolver_nameservers(r);
- reply = NULL;
- ns_len = 0;
-
- all_servers_rtt_inf = true;
-
- if (ldns_resolver_random(r)) {
- ldns_resolver_nameservers_randomize(r);
- }
-
- /* loop through all defined nameservers */
- for (i = 0; i < ldns_resolver_nameserver_count(r); i++) {
- if (rtt[i] == LDNS_RESOLV_RTT_INF) {
- /* not reachable nameserver! */
- continue;
- }
-
- /* maybe verbosity setting?
- printf("Sending to ");
- ldns_rdf_print(stdout, ns_array[i]);
- printf("\n");
- */
- ns = ldns_rdf2native_sockaddr_storage(ns_array[i],
- ldns_resolver_port(r), &ns_len);
-
- if ((ns->ss_family == AF_INET) &&
- (ldns_resolver_ip6(r) == LDNS_RESOLV_INET6)) {
- /* not reachable */
- continue;
- }
-
- if ((ns->ss_family == AF_INET6) &&
- (ldns_resolver_ip6(r) == LDNS_RESOLV_INET)) {
- /* not reachable */
- continue;
- }
-
- all_servers_rtt_inf = false;
-
- gettimeofday(&tv_s, NULL);
-
- send_status = LDNS_STATUS_ERR;
-
- /* reply_bytes implicitly handles our error */
- if (1 == ldns_resolver_usevc(r)) {
- for (retries = ldns_resolver_retry(r); retries > 0; retries--) {
- send_status =
- ldns_tcp_send(&reply_bytes, qb, ns,
- (socklen_t)ns_len, ldns_resolver_timeout(r),
- &reply_size);
- if (send_status == LDNS_STATUS_OK) {
- break;
- }
- }
- } else {
- for (retries = ldns_resolver_retry(r); retries > 0; retries--) {
- /* ldns_rdf_print(stdout, ns_array[i]); */
- send_status =
- ldns_udp_send(&reply_bytes, qb, ns,
- (socklen_t)ns_len, ldns_resolver_timeout(r),
- &reply_size);
-
- if (send_status == LDNS_STATUS_OK) {
- break;
- }
- }
- }
-
- if (send_status != LDNS_STATUS_OK) {
- ldns_resolver_set_nameserver_rtt(r, i, LDNS_RESOLV_RTT_INF);
- status = send_status;
- }
-
- /* obey the fail directive */
- if (!reply_bytes) {
- /* the current nameserver seems to have a problem, blacklist it */
- if (ldns_resolver_fail(r)) {
- LDNS_FREE(ns);
- return LDNS_STATUS_ERR;
- } else {
- LDNS_FREE(ns);
- continue;
- }
- }
-
- status = ldns_wire2pkt(&reply, reply_bytes, reply_size);
- if (status != LDNS_STATUS_OK) {
- LDNS_FREE(reply_bytes);
- LDNS_FREE(ns);
- return status;
- }
-
- LDNS_FREE(ns);
- gettimeofday(&tv_e, NULL);
-
- if (reply) {
- ldns_pkt_set_querytime(reply, (uint32_t)
- ((tv_e.tv_sec - tv_s.tv_sec) * 1000) +
- (tv_e.tv_usec - tv_s.tv_usec) / 1000);
- ldns_pkt_set_answerfrom(reply, ns_array[i]);
- ldns_pkt_set_timestamp(reply, tv_s);
- ldns_pkt_set_size(reply, reply_size);
- break;
- } else {
- if (ldns_resolver_fail(r)) {
- /* if fail is set bail out, after the first
- * one */
- break;
- }
- }
-
- /* wait retrans seconds... */
- sleep((unsigned int) ldns_resolver_retrans(r));
- }
-
- if (all_servers_rtt_inf) {
- LDNS_FREE(reply_bytes);
- return LDNS_STATUS_RES_NO_NS;
- }
-#ifdef HAVE_SSL
- if (tsig_mac && reply_bytes) {
- if (!ldns_pkt_tsig_verify(reply,
- reply_bytes,
- reply_size,
- ldns_resolver_tsig_keyname(r),
- ldns_resolver_tsig_keydata(r), tsig_mac)) {
- status = LDNS_STATUS_CRYPTO_TSIG_BOGUS;
- }
- }
-#else
- (void)tsig_mac;
-#endif /* HAVE_SSL */
-
- LDNS_FREE(reply_bytes);
- if (result) {
- *result = reply;
- }
-
- return status;
-}
-
-/** best effort to set nonblocking */
-static void
-ldns_sock_nonblock(int sockfd)
-{
-#ifdef HAVE_FCNTL
- int flag;
- if((flag = fcntl(sockfd, F_GETFL)) != -1) {
- flag |= O_NONBLOCK;
- if(fcntl(sockfd, F_SETFL, flag) == -1) {
- /* ignore error, continue blockingly */
- }
- }
-#elif defined(HAVE_IOCTLSOCKET)
- unsigned long on = 1;
- if(ioctlsocket(sockfd, FIONBIO, &on) != 0) {
- /* ignore error, continue blockingly */
- }
-#endif
-}
-
-/** best effort to set blocking */
-static void
-ldns_sock_block(int sockfd)
-{
-#ifdef HAVE_FCNTL
- int flag;
- if((flag = fcntl(sockfd, F_GETFL)) != -1) {
- flag &= ~O_NONBLOCK;
- if(fcntl(sockfd, F_SETFL, flag) == -1) {
- /* ignore error, continue */
- }
- }
-#elif defined(HAVE_IOCTLSOCKET)
- unsigned long off = 0;
- if(ioctlsocket(sockfd, FIONBIO, &off) != 0) {
- /* ignore error, continue */
- }
-#endif
-}
-
-#ifndef WIN32
-#include <poll.h>
-#endif
-
-/** wait for a socket to become ready */
-static int
-ldns_sock_wait(int sockfd, struct timeval timeout, int write)
-{
- int ret;
-
-#ifdef WIN32
- fd_set fds;
-#ifndef S_SPLINT_S
- FD_ZERO(&fds);
- FD_SET(sockfd, &fds);
-#endif
- if(write)
- ret = select(sockfd+1, NULL, &fds, NULL, &timeout);
- else
- ret = select(sockfd+1, &fds, NULL, NULL, &timeout);
-#else
-
- struct pollfd pfds[2];
- int x = 0;
-
- memset(&pfds[0], 0, sizeof(pfds[0]) * 2);
-
- pfds[0].fd = sockfd;
- pfds[0].events = POLLIN|POLLERR;
-
- if (write) {
- pfds[0].events |= POLLOUT;
- }
-
- ret = poll(pfds, 1, timeout.tv_sec * 1000 + timeout.tv_usec / 1000);
-
-#endif
-
-
-
- if(ret == 0)
- /* timeout expired */
- return 0;
- else if(ret == -1)
- /* error */
- return 0;
- return 1;
-}
-
-ldns_status
-ldns_udp_send(uint8_t **result, ldns_buffer *qbin, const struct sockaddr_storage *to,
- socklen_t tolen, struct timeval timeout, size_t *answer_size)
-{
- int sockfd;
- uint8_t *answer;
-
- sockfd = ldns_udp_bgsend(qbin, to, tolen, timeout);
-
- if (sockfd == 0) {
- return LDNS_STATUS_SOCKET_ERROR;
- }
-
- /* wait for an response*/
- if(!ldns_sock_wait(sockfd, timeout, 0)) {
- close_socket(sockfd);
- return LDNS_STATUS_NETWORK_ERR;
- }
-
- /* set to nonblocking, so if the checksum is bad, it becomes
- * an EGAIN error and the ldns_udp_send function does not block,
- * but returns a 'NETWORK_ERROR' much like a timeout. */
- ldns_sock_nonblock(sockfd);
-
- answer = ldns_udp_read_wire(sockfd, answer_size, NULL, NULL);
- close_socket(sockfd);
-
- if (*answer_size == 0) {
- /* oops */
- return LDNS_STATUS_NETWORK_ERR;
- }
-
- *result = answer;
- return LDNS_STATUS_OK;
-}
-
-int
-ldns_udp_bgsend(ldns_buffer *qbin, const struct sockaddr_storage *to, socklen_t tolen,
- struct timeval timeout)
-{
- int sockfd;
-
- sockfd = ldns_udp_connect(to, timeout);
-
- if (sockfd == 0) {
- return 0;
- }
-
- if (ldns_udp_send_query(qbin, sockfd, to, tolen) == 0) {
- return 0;
- }
- return sockfd;
-}
-
-int
-ldns_udp_connect(const struct sockaddr_storage *to, struct timeval ATTR_UNUSED(timeout))
-{
- int sockfd;
-
- if ((sockfd = socket((int)((struct sockaddr*)to)->sa_family, SOCK_DGRAM,
- IPPROTO_UDP))
- == SOCK_INVALID) {
- return 0;
- }
-
- return sockfd;
-}
-
-int
-ldns_tcp_connect(const struct sockaddr_storage *to, socklen_t tolen,
- struct timeval timeout)
-{
- int sockfd;
-
- if ((sockfd = socket((int)((struct sockaddr*)to)->sa_family, SOCK_STREAM,
- IPPROTO_TCP)) == SOCK_INVALID) {
- return 0;
- }
-
- /* perform nonblocking connect, to be able to wait with select() */
- ldns_sock_nonblock(sockfd);
- if (connect(sockfd, (struct sockaddr*)to, tolen) == SOCK_INVALID) {
-#ifndef USE_WINSOCK
-#ifdef EINPROGRESS
- if(errno != EINPROGRESS) {
-#else
- if(1) {
-#endif
- close_socket(sockfd);
- return 0;
- }
-#else /* USE_WINSOCK */
- if(WSAGetLastError() != WSAEINPROGRESS &&
- WSAGetLastError() != WSAEWOULDBLOCK) {
- closesocket(sockfd);
- return 0;
- }
-#endif
- /* error was only telling us that it would block */
- }
-
- /* wait(write) until connected or error */
- while(1) {
- int error = 0;
- socklen_t len = (socklen_t)sizeof(error);
-
- if(!ldns_sock_wait(sockfd, timeout, 1)) {
- close_socket(sockfd);
- return 0;
- }
-
- /* check if there is a pending error for nonblocking connect */
- if(getsockopt(sockfd, SOL_SOCKET, SO_ERROR, (void*)&error,
- &len) < 0) {
-#ifndef USE_WINSOCK
- error = errno; /* on solaris errno is error */
-#else
- error = WSAGetLastError();
-#endif
- }
-#ifndef USE_WINSOCK
-#if defined(EINPROGRESS) && defined(EWOULDBLOCK)
- if(error == EINPROGRESS || error == EWOULDBLOCK)
- continue; /* try again */
-#endif
- else if(error != 0) {
- close_socket(sockfd);
- /* error in errno for our user */
- errno = error;
- return 0;
- }
-#else /* USE_WINSOCK */
- if(error == WSAEINPROGRESS)
- continue;
- else if(error == WSAEWOULDBLOCK)
- continue;
- else if(error != 0) {
- closesocket(sockfd);
- errno = error;
- return 0;
- }
-#endif /* USE_WINSOCK */
- /* connected */
- break;
- }
-
- /* set the socket blocking again */
- ldns_sock_block(sockfd);
-
- return sockfd;
-}
-
-ssize_t
-ldns_tcp_send_query(ldns_buffer *qbin, int sockfd,
- const struct sockaddr_storage *to, socklen_t tolen)
-{
- uint8_t *sendbuf;
- ssize_t bytes;
-
- /* add length of packet */
- sendbuf = LDNS_XMALLOC(uint8_t, ldns_buffer_position(qbin) + 2);
- if(!sendbuf) return 0;
- ldns_write_uint16(sendbuf, ldns_buffer_position(qbin));
- memcpy(sendbuf + 2, ldns_buffer_export(qbin), ldns_buffer_position(qbin));
-
- bytes = sendto(sockfd, (void*)sendbuf,
- ldns_buffer_position(qbin) + 2, 0, (struct sockaddr *)to, tolen);
-
- LDNS_FREE(sendbuf);
-
- if (bytes == -1 || (size_t) bytes != ldns_buffer_position(qbin) + 2 ) {
- return 0;
- }
- return bytes;
-}
-
-/* don't wait for an answer */
-ssize_t
-ldns_udp_send_query(ldns_buffer *qbin, int sockfd, const struct sockaddr_storage *to,
- socklen_t tolen)
-{
- ssize_t bytes;
-
- bytes = sendto(sockfd, (void*)ldns_buffer_begin(qbin),
- ldns_buffer_position(qbin), 0, (struct sockaddr *)to, tolen);
-
- if (bytes == -1 || (size_t)bytes != ldns_buffer_position(qbin)) {
- return 0;
- }
- if ((size_t) bytes != ldns_buffer_position(qbin)) {
- return 0;
- }
- return bytes;
-}
-
-uint8_t *
-ldns_udp_read_wire(int sockfd, size_t *size, struct sockaddr_storage *from,
- socklen_t *fromlen)
-{
- uint8_t *wire, *wireout;
- ssize_t wire_size;
-
- wire = LDNS_XMALLOC(uint8_t, LDNS_MAX_PACKETLEN);
- if (!wire) {
- *size = 0;
- return NULL;
- }
-
- wire_size = recvfrom(sockfd, (void*)wire, LDNS_MAX_PACKETLEN, 0,
- (struct sockaddr *)from, fromlen);
-
- /* recvfrom can also return 0 */
- if (wire_size == -1 || wire_size == 0) {
- *size = 0;
- LDNS_FREE(wire);
- return NULL;
- }
-
- *size = (size_t)wire_size;
- wireout = LDNS_XREALLOC(wire, uint8_t, (size_t)wire_size);
- if(!wireout) LDNS_FREE(wire);
-
- return wireout;
-}
-
-uint8_t *
-ldns_tcp_read_wire_timeout(int sockfd, size_t *size, struct timeval timeout)
-{
- uint8_t *wire;
- uint16_t wire_size;
- ssize_t bytes = 0, rc = 0;
-
- wire = LDNS_XMALLOC(uint8_t, 2);
- if (!wire) {
- *size = 0;
- return NULL;
- }
-
- while (bytes < 2) {
- if(!ldns_sock_wait(sockfd, timeout, 0)) {
- *size = 0;
- LDNS_FREE(wire);
- return NULL;
- }
- rc = recv(sockfd, (void*) (wire + bytes),
- (size_t) (2 - bytes), 0);
- if (rc == -1 || rc == 0) {
- *size = 0;
- LDNS_FREE(wire);
- return NULL;
- }
- bytes += rc;
- }
-
- wire_size = ldns_read_uint16(wire);
-
- LDNS_FREE(wire);
- wire = LDNS_XMALLOC(uint8_t, wire_size);
- if (!wire) {
- *size = 0;
- return NULL;
- }
- bytes = 0;
-
- while (bytes < (ssize_t) wire_size) {
- if(!ldns_sock_wait(sockfd, timeout, 0)) {
- *size = 0;
- LDNS_FREE(wire);
- return NULL;
- }
- rc = recv(sockfd, (void*) (wire + bytes),
- (size_t) (wire_size - bytes), 0);
- if (rc == -1 || rc == 0) {
- LDNS_FREE(wire);
- *size = 0;
- return NULL;
- }
- bytes += rc;
- }
-
- *size = (size_t) bytes;
- return wire;
-}
-
-uint8_t *
-ldns_tcp_read_wire(int sockfd, size_t *size)
-{
- uint8_t *wire;
- uint16_t wire_size;
- ssize_t bytes = 0, rc = 0;
-
- wire = LDNS_XMALLOC(uint8_t, 2);
- if (!wire) {
- *size = 0;
- return NULL;
- }
-
- while (bytes < 2) {
- rc = recv(sockfd, (void*) (wire + bytes),
- (size_t) (2 - bytes), 0);
- if (rc == -1 || rc == 0) {
- *size = 0;
- LDNS_FREE(wire);
- return NULL;
- }
- bytes += rc;
- }
-
- wire_size = ldns_read_uint16(wire);
-
- LDNS_FREE(wire);
- wire = LDNS_XMALLOC(uint8_t, wire_size);
- if (!wire) {
- *size = 0;
- return NULL;
- }
- bytes = 0;
-
- while (bytes < (ssize_t) wire_size) {
- rc = recv(sockfd, (void*) (wire + bytes),
- (size_t) (wire_size - bytes), 0);
- if (rc == -1 || rc == 0) {
- LDNS_FREE(wire);
- *size = 0;
- return NULL;
- }
- bytes += rc;
- }
-
- *size = (size_t) bytes;
- return wire;
-}
-
-/* keep in mind that in DNS tcp messages the first 2 bytes signal the
- * amount data to expect
- */
-ldns_status
-ldns_tcp_send(uint8_t **result, ldns_buffer *qbin, const struct sockaddr_storage *to,
- socklen_t tolen, struct timeval timeout, size_t *answer_size)
-{
- int sockfd;
- uint8_t *answer;
-
- sockfd = ldns_tcp_bgsend(qbin, to, tolen, timeout);
-
- if (sockfd == 0) {
- return LDNS_STATUS_ERR;
- }
-
- answer = ldns_tcp_read_wire_timeout(sockfd, answer_size, timeout);
- close_socket(sockfd);
-
- if (*answer_size == 0) {
- /* oops */
- return LDNS_STATUS_NETWORK_ERR;
- }
-
- /* resize accordingly */
- *result = (uint8_t*)LDNS_XREALLOC(answer, uint8_t *, (size_t)*answer_size);
- if(!*result) {
- LDNS_FREE(answer);
- return LDNS_STATUS_MEM_ERR;
- }
- return LDNS_STATUS_OK;
-}
-
-int
-ldns_tcp_bgsend(ldns_buffer *qbin, const struct sockaddr_storage *to, socklen_t tolen,
- struct timeval timeout)
-{
- int sockfd;
-
- sockfd = ldns_tcp_connect(to, tolen, timeout);
-
- if (sockfd == 0) {
- return 0;
- }
-
- if (ldns_tcp_send_query(qbin, sockfd, to, tolen) == 0) {
- return 0;
- }
-
- return sockfd;
-}
-
-/* code from rdata.c */
-struct sockaddr_storage *
-ldns_rdf2native_sockaddr_storage(const ldns_rdf *rd, uint16_t port, size_t *size)
-{
- struct sockaddr_storage *data;
- struct sockaddr_in *data_in;
- struct sockaddr_in6 *data_in6;
-
- data = LDNS_MALLOC(struct sockaddr_storage);
- if (!data) {
- return NULL;
- }
- /* zero the structure for portability */
- memset(data, 0, sizeof(struct sockaddr_storage));
- if (port == 0) {
- port = LDNS_PORT;
- }
-
- switch(ldns_rdf_get_type(rd)) {
- case LDNS_RDF_TYPE_A:
- data->ss_family = AF_INET;
- data_in = (struct sockaddr_in*) data;
- data_in->sin_port = (in_port_t)htons(port);
- memcpy(&(data_in->sin_addr), ldns_rdf_data(rd), ldns_rdf_size(rd));
- *size = sizeof(struct sockaddr_in);
- return data;
- case LDNS_RDF_TYPE_AAAA:
- data->ss_family = AF_INET6;
- data_in6 = (struct sockaddr_in6*) data;
- data_in6->sin6_port = (in_port_t)htons(port);
- memcpy(&data_in6->sin6_addr, ldns_rdf_data(rd), ldns_rdf_size(rd));
- *size = sizeof(struct sockaddr_in6);
- return data;
- default:
- LDNS_FREE(data);
- return NULL;
- }
-}
-
-ldns_rdf *
-ldns_sockaddr_storage2rdf(struct sockaddr_storage *sock, uint16_t *port)
-{
- ldns_rdf *addr;
- struct sockaddr_in *data_in;
- struct sockaddr_in6 *data_in6;
-
- switch(sock->ss_family) {
- case AF_INET:
- data_in = (struct sockaddr_in*)sock;
- if (port) {
- *port = ntohs((uint16_t)data_in->sin_port);
- }
- addr = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_A,
- LDNS_IP4ADDRLEN, &data_in->sin_addr);
- break;
- case AF_INET6:
- data_in6 = (struct sockaddr_in6*)sock;
- if (port) {
- *port = ntohs((uint16_t)data_in6->sin6_port);
- }
- addr = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_AAAA,
- LDNS_IP6ADDRLEN, &data_in6->sin6_addr);
- break;
- default:
- if (port) {
- *port = 0;
- }
- return NULL;
- }
- return addr;
-}
-
-/* code from resolver.c */
-ldns_status
-ldns_axfr_start(ldns_resolver *resolver, ldns_rdf *domain, ldns_rr_class class)
-{
- ldns_pkt *query;
- ldns_buffer *query_wire;
-
- struct sockaddr_storage *ns = NULL;
- size_t ns_len = 0;
- size_t ns_i;
- ldns_status status;
-
- if (!resolver || ldns_resolver_nameserver_count(resolver) < 1) {
- return LDNS_STATUS_ERR;
- }
-
- query = ldns_pkt_query_new(ldns_rdf_clone(domain), LDNS_RR_TYPE_AXFR, class, 0);
-
- if (!query) {
- return LDNS_STATUS_ADDRESS_ERR;
- }
- /* For AXFR, we have to make the connection ourselves */
- /* try all nameservers (which usually would mean v4 fallback if
- * @hostname is used */
- for (ns_i = 0;
- ns_i < ldns_resolver_nameserver_count(resolver) &&
- resolver->_socket == SOCK_INVALID;
- ns_i++) {
- ns = ldns_rdf2native_sockaddr_storage(
- resolver->_nameservers[ns_i],
- ldns_resolver_port(resolver), &ns_len);
-
- resolver->_socket = ldns_tcp_connect(ns, (socklen_t)ns_len,
- ldns_resolver_timeout(resolver));
- }
-
- if (resolver->_socket == SOCK_INVALID) {
- ldns_pkt_free(query);
- LDNS_FREE(ns);
- return LDNS_STATUS_NETWORK_ERR;
- }
-
-#ifdef HAVE_SSL
- if (ldns_resolver_tsig_keyname(resolver) && ldns_resolver_tsig_keydata(resolver)) {
- status = ldns_pkt_tsig_sign(query,
- ldns_resolver_tsig_keyname(resolver),
- ldns_resolver_tsig_keydata(resolver),
- 300, ldns_resolver_tsig_algorithm(resolver), NULL);
- if (status != LDNS_STATUS_OK) {
- /* RoRi: to prevent problems on subsequent calls to ldns_axfr_start
- we have to close the socket here! */
- close_socket(resolver->_socket);
- return LDNS_STATUS_CRYPTO_TSIG_ERR;
- }
- }
-#endif /* HAVE_SSL */
-
- /* Convert the query to a buffer
- * Is this necessary?
- */
- query_wire = ldns_buffer_new(LDNS_MAX_PACKETLEN);
- if(!query_wire) {
- ldns_pkt_free(query);
- LDNS_FREE(ns);
-
- close_socket(resolver->_socket);
-
- return LDNS_STATUS_MEM_ERR;
- }
- status = ldns_pkt2buffer_wire(query_wire, query);
- if (status != LDNS_STATUS_OK) {
- ldns_pkt_free(query);
- ldns_buffer_free(query_wire);
- LDNS_FREE(ns);
-
- /* RoRi: to prevent problems on subsequent calls to ldns_axfr_start
- we have to close the socket here! */
-
- close_socket(resolver->_socket);
-
- return status;
- }
- /* Send the query */
- if (ldns_tcp_send_query(query_wire, resolver->_socket, ns,
- (socklen_t)ns_len) == 0) {
- ldns_pkt_free(query);
- ldns_buffer_free(query_wire);
- LDNS_FREE(ns);
-
- /* RoRi: to prevent problems on subsequent calls to ldns_axfr_start
- we have to close the socket here! */
-
-
- close_socket(resolver->_socket);
-
- return LDNS_STATUS_NETWORK_ERR;
- }
-
- ldns_pkt_free(query);
- ldns_buffer_free(query_wire);
- LDNS_FREE(ns);
-
- /*
- * The AXFR is done once the second SOA record is sent
- */
- resolver->_axfr_soa_count = 0;
- return LDNS_STATUS_OK;
-}
+++ /dev/null
-%{?!with_python: %global with_python 1}
-
-%if %{with_python}
-%{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
-%{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
-%endif
-
-Summary: Lowlevel DNS(SEC) library with API
-Name: ldns
-Version: 1.6.9
-Release: 2%{?dist}
-License: BSD
-Url: http://www.nlnetlabs.nl/%{name}/
-Source: http://www.nlnetlabs.nl/downloads/%{name}-%{version}.tar.gz
-Group: System Environment/Libraries
-BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
-BuildRequires: libtool, autoconf, automake, gcc-c++, doxygen,
-BuildRequires: perl, libpcap-devel, openssl-devel
-
-%if %{with_python}
-BuildRequires: python-devel, swig
-%endif
-
-%description
-ldns is a library with the aim to simplify DNS programing in C. All
-lowlevel DNS/DNSSEC operations are supported. We also define a higher
-level API which allows a programmer to (for instance) create or sign
-packets.
-
-%package devel
-Summary: Development package that includes the ldns header files
-Group: Development/Libraries
-Requires: %{name} = %{version}-%{release}
-
-%description devel
-The devel package contains the ldns library and the include files
-
-%if %{with_python}
-%package python
-Summary: Python extensions for ldns
-Group: Applications/System
-Requires: %{name} = %{version}-%{release}
-
-%description python
-Python extensions for ldns
-%endif
-
-
-%prep
-%setup -q
-# To built svn snapshots
-#rm config.guess config.sub ltmain.sh
-#aclocal
-#libtoolize -c --install
-#autoreconf --install
-
-%build
-%configure --disable-rpath --disable-static --with-sha2 \
-%if %{with_python}
- --with-pyldns
-%endif
-
-(cd drill ; %configure --disable-rpath --disable-static --with-ldns=%{buildroot}/lib/ )
-(cd examples ; %configure --disable-rpath --disable-static --with-ldns=%{buildroot}/lib/ )
-
-make %{?_smp_mflags}
-( cd drill ; make %{?_smp_mflags} )
-( cd examples ; make %{?_smp_mflags} )
-make %{?_smp_mflags} doc
-
-%install
-rm -rf %{buildroot}
-
-make DESTDIR=%{buildroot} INSTALL="%{__install} -p" install
-make DESTDIR=%{buildroot} INSTALL="%{__install} -p" install-doc
-
-# don't package building script in doc
-rm doc/doxyparse.pl
-#remove doc stubs
-rm -rf doc/.svn
-#remove double set of man pages
-rm -rf doc/man
-
-# remove .la files
-rm -rf %{buildroot}%{_libdir}/*.la %{buildroot}%{python_sitelib}/*.la
-(cd drill ; make DESTDIR=%{buildroot} install)
-(cd examples; make DESTDIR=%{buildroot} install)
-
-%clean
-rm -rf %{buildroot}
-
-%files
-%defattr(-,root,root)
-%{_libdir}/libldns*so.*
-%{_bindir}/drill
-%{_bindir}/ldnsd
-#%{_bindir}/ldns-*
-%{_bindir}/ldns-chaos
-%{_bindir}/ldns-compare-zones
-%{_bindir}/ldns-[d-z]*
-%doc README LICENSE
-%{_mandir}/*/*
-
-%files devel
-%defattr(-,root,root,-)
-%{_libdir}/libldns*so
-%{_bindir}/ldns-config
-%dir %{_includedir}/ldns
-%{_includedir}/ldns/*.h
-%doc doc Changelog README
-
-%if %{with_python}
-%files python
-%defattr(-,root,root)
-%{python_sitelib}/*
-%endif
-
-%post -p /sbin/ldconfig
-
-%postun -p /sbin/ldconfig
-
-%changelog
-* Wed Mar 16 2011 Willem Toorop <willem@nlnetlabs.nl> - 1.6.9
-- Upgraded to 1.6.9.
-
-* Mon Nov 8 2010 Matthijs Mekking <matthijs@nlnetlabs.nl> - 1.6.8
-- Upgraded to 1.6.8.
-
-* Tue Aug 24 2010 Matthijs Mekking <matthijs@nlnetlabs.nl> - 1.6.7
-- Upgraded to 1.6.7.
-
-* Fri Jan 22 2010 Paul Wouters <paul@xelerance.com> - 1.6.4-2
-- Fix missing _ldns.so causing ldns-python to not work
-- Patch for installing ldns-python files
-- Patch for rpath in ldns-python
-- Don't install .a file for ldns-python
-
-* Wed Jan 20 2010 Paul Wouters <paul@xelerance.com> - 1.6.4-1
-- Upgraded to 1.6.4.
-- Added ldns-python sub package
-
-* Fri Dec 04 2009 Paul Wouters <paul@xelerance.com> - 1.6.3-1
-- Upgraded to 1.6.3, which has minor bugfixes
-
-* Fri Nov 13 2009 Paul Wouters <paul@xelerance.com> - 1.6.2-1
-- Upgraded to 1.6.2. This fixes various bugs.
- (upstream released mostly to default with sha2 for the imminent
- signed root, but we already enabled that in our builds)
-
-* Tue Aug 25 2009 Tomas Mraz <tmraz@redhat.com> - 1.6.1-3
-- rebuilt with new openssl
-
-* Sun Aug 16 2009 Paul Wouters <paul@xelerance.com> - 1.6.1-2
-- Added openssl dependancy back in, since we get more functionality
- when using openssl. Especially in 'drill'.
-
-* Sun Aug 16 2009 Paul Wouters <paul@xelerance.com> - 1.6.1-1
-- Updated to 1.6.1
-
-* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.6.0-5
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
-
-* Mon Jul 13 2009 Paul Wouters <paul@xelerance.com> - 1.6.0-4
-- Fixed the ssl patch so it can now compile --without-ssl
-
-* Sat Jul 11 2009 Paul Wouters <paul@xelerance.com> - 1.6.0-3
-- Added patch to compile with --without-ssl
-- Removed openssl dependancies
-- Recompiled with --without-ssl
-
-* Sat Jul 11 2009 Paul Wouters <paul@xelerance.com> - 1.6.0-2
-- Updated to 1.6.0
-- (did not yet compile with --without-ssl due to compile failures)
-
-* Fri Jul 10 2009 Paul Wouters <paul@xelerance.com> - 1.6.0-1
-- Updated to 1.6.0
-- Compile without openssl
-
-* Thu Apr 16 2009 Paul Wouters <paul@xelerance.com> - 1.5.1-4
-- Memory management bug when generating a sha256 key, see:
- https://bugzilla.redhat.com/show_bug.cgi?id=493953
-
-* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.5.1-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
-
-* Mon Feb 10 2009 Paul Wouters <paul@xelerance.com> - 1.5.1-1
-- Updated to new version, 1.5.0 had a bug preventing
- zone signing.
-
-* Mon Feb 9 2009 Paul Wouters <paul@xelerance.com> - 1.5.0-1
-- Updated to new version
-
-* Thu Feb 05 2009 Adam Tkac <atkac redhat com> - 1.4.0-3
-- fixed configure flags
-
-* Sat Jan 17 2009 Tomas Mraz <tmraz@redhat.com> - 1.4.0-2
-- rebuild with new openssl
-
-* Fri Nov 7 2008 Paul Wouters <paul@xelerance.com> - 1.4.0-1
-- Updated to 1.4.0
-
-* Wed May 28 2008 Paul Wouters <paul@xelerance.com> - 1.3.0-3
-- enable SHA2 functionality
-
-* Wed May 28 2008 Paul Wouters <paul@xelerance.com> - 1.3.0-2
-- re-tag (don't do builds while renaming local repo dirs)
-
-* Wed May 28 2008 Paul Wouters <paul@xelerance.com> - 1.3.0-1
-- Updated to latest release
-
-* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 1.2.2-3
-- Autorebuild for GCC 4.3
-
-* Wed Dec 5 2007 Paul Wouters <paul@xelerance.com> - 1.2.2-2
-- Rebuild for new libcrypto
-
-* Thu Nov 29 2007 Paul Wouters <paul@xelerance.com> - 1.2.2-1
-- Upgraded to 1.2.2. Removed no longer needed race workaround
-
-* Tue Nov 13 2007 Paul Wouters <paul@xelerance.com> - 1.2.1-4
-- Try to fix racing ln -s statements in parallel builds
-
-* Fri Nov 9 2007 Paul Wouters <paul@xelerance.com> - 1.2.1-3
-- Added patch for ldns-read-zone that does not put @. in RRDATA
-
-* Fri Oct 19 2007 Paul Wouters <paul@xelerance.com> - 1.2.1-2
-- Use install -p to work around multilib conflicts for .h files
-
-* Wed Oct 10 2007 Paul Wouters <paul@xelerance.com> - 1.2.1-1
-- Updated to 1.2.1
-- Removed patches that got moved into upstream
-
-* Wed Aug 8 2007 Paul Wouters <paul@xelerance.com> 1.2.0-11
-- Patch for ldns-key2ds to write to stdout
-- Again remove extra set of man pages from doc
-- own /usr/include/ldns (bug 233858)
-
-* Wed Aug 8 2007 Paul Wouters <paul@xelerance.com> 1.2.0-10
-- Added sha256 DS record patch to ldns-key2ds
-- Minor tweaks for proper doc/man page installation.
-- Workaround for parallel builds
-
-* Mon Aug 6 2007 Paul Wouters <paul@xelerance.com> 1.2.0-2
-- Own the /usr/include/ldns directory (bug #233858)
-- Removed obsoleted patch
-- Remove files form previous libtool run accidentally packages by upstream
-
-* Mon Sep 11 2006 Paul Wouters <paul@xelerance.com> 1.0.1-4
-- Commented out 1.1.0 make targets, put make 1.0.1 targets.
-
-* Mon Sep 11 2006 Paul Wouters <paul@xelerance.com> 1.0.1-3
-- Fixed changelog typo in date
-- Rebuild requested for PT_GNU_HASH support from gcc
-- Did not upgrade to 1.1.0 due to compile issues on x86_64
-
-* Fri Jan 6 2006 Paul Wouters <paul@xelerance.com> 1.0.1-1
-- Upgraded to 1.0.1. Removed temporary clean hack from spec file.
-
-* Sun Dec 18 2005 Paul Wouters <paul@xelerance.com> 1.0.0-8
-- Cannot use make clean because there are no Makefiles. Use hardcoded rm.
-
-* Sun Dec 18 2005 Paul Wouters <paul@xelerance.com> 1.0.0-7
-- Patched 'make clean' target to get rid of object files shipped with 1.0.0
-
-* Sun Dec 13 2005 Paul Wouters <paul@xelerance.com> 1.0.0-6
-- added a make clean for 2.3.3 since .o files were left behind upstream,
- causing failure on ppc platform
-
-* Sun Dec 11 2005 Tom "spot" Callaway <tcallawa@redhat.com> 1.0.0-5
-- minor cleanups
-
-* Wed Oct 5 2005 Paul Wouters <paul@xelerance.com> 0.70_1205
-- reworked for svn version
-
-* Sun Sep 25 2005 Paul Wouters <paul@xelerance.com> - 0.70
-- Initial version
+++ /dev/null
-#!/bin/sh
-
-prefix="@prefix@"
-exec_prefix="@exec_prefix@"
-VERSION="@PACKAGE_VERSION@"
-CFLAGS="@CFLAGS@"
-CPPFLAGS="@CPPFLAGS@ @LIBSSL_CPPFLAGS@ @PYTHON_CPPFLAGS@"
-LDFLAGS="@LDFLAGS@ @LIBSSL_LDFLAGS@ @PYTHON_LDFLAGS@"
-LIBS="@LIBS@ @LIBSSL_LIBS@"
-LIBDIR="@libdir@"
-INCLUDEDIR="@includedir@"
-
-for arg in $@
-do
- if [ $arg = "--cflags" ]
- then
- echo "-I${INCLUDEDIR}"
- fi
- if [ $arg = "--libs" ]
- then
- echo "${LDFLAGS} -L${LIBDIR} ${LIBS} -lldns"
- fi
- if [ $arg = "-h" ] || [ $arg = "--help" ]
- then
- echo "Usage: $0 [--cflags] [--libs] [--version]"
- fi
- if [ $arg = "--version" ]
- then
- echo "${VERSION}"
- fi
-done
+++ /dev/null
-prefix=@prefix@
-exec_prefix=@exec_prefix@
-libdir=@libdir@
-includedir=@includedir@
-
-Name: ldns
-Description: Library for DNS programming
-URL: http://www.nlnetlabs.nl/projects/ldns
-Version: @PACKAGE_VERSION@
-Requires:
-Libs: -L${libdir} -lldns
-Libs.private: @LDFLAGS@
-Cflags: -I${includedir}
+++ /dev/null
-/*
- * packet.c
- *
- * dns packet implementation
- *
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2004-2006
- *
- * See the file LICENSE for the license
- */
-
-#include <ldns/config.h>
-
-#include <ldns/ldns.h>
-
-#ifdef _MSC_VER
-#include <string.h>
-#else
-#include <strings.h>
-#endif
-#include <limits.h>
-
-#ifdef HAVE_SSL
-#include <openssl/rand.h>
-#endif
-
-/* Access functions
- * do this as functions to get type checking
- */
-
-#define LDNS_EDNS_MASK_DO_BIT 0x8000
-
-/* TODO defines for 3600 */
-/* convert to and from numerical flag values */
-ldns_lookup_table ldns_edns_flags[] = {
- { 3600, "do"},
- { 0, NULL}
-};
-
-/* read */
-uint16_t
-ldns_pkt_id(const ldns_pkt *packet)
-{
- return packet->_header->_id;
-}
-
-bool
-ldns_pkt_qr(const ldns_pkt *packet)
-{
- return packet->_header->_qr;
-}
-
-bool
-ldns_pkt_aa(const ldns_pkt *packet)
-{
- return packet->_header->_aa;
-}
-
-bool
-ldns_pkt_tc(const ldns_pkt *packet)
-{
- return packet->_header->_tc;
-}
-
-bool
-ldns_pkt_rd(const ldns_pkt *packet)
-{
- return packet->_header->_rd;
-}
-
-bool
-ldns_pkt_cd(const ldns_pkt *packet)
-{
- return packet->_header->_cd;
-}
-
-bool
-ldns_pkt_ra(const ldns_pkt *packet)
-{
- return packet->_header->_ra;
-}
-
-bool
-ldns_pkt_ad(const ldns_pkt *packet)
-{
- return packet->_header->_ad;
-}
-
-ldns_pkt_opcode
-ldns_pkt_get_opcode(const ldns_pkt *packet)
-{
- return packet->_header->_opcode;
-}
-
-ldns_pkt_rcode
-ldns_pkt_get_rcode(const ldns_pkt *packet)
-{
- return packet->_header->_rcode;
-}
-
-uint16_t
-ldns_pkt_qdcount(const ldns_pkt *packet)
-{
- return packet->_header->_qdcount;
-}
-
-uint16_t
-ldns_pkt_ancount(const ldns_pkt *packet)
-{
- return packet->_header->_ancount;
-}
-
-uint16_t
-ldns_pkt_nscount(const ldns_pkt *packet)
-{
- return packet->_header->_nscount;
-}
-
-uint16_t
-ldns_pkt_arcount(const ldns_pkt *packet)
-{
- return packet->_header->_arcount;
-}
-
-ldns_rr_list *
-ldns_pkt_question(const ldns_pkt *packet)
-{
- return packet->_question;
-}
-
-ldns_rr_list *
-ldns_pkt_answer(const ldns_pkt *packet)
-{
- return packet->_answer;
-}
-
-ldns_rr_list *
-ldns_pkt_authority(const ldns_pkt *packet)
-{
- return packet->_authority;
-}
-
-ldns_rr_list *
-ldns_pkt_additional(const ldns_pkt *packet)
-{
- return packet->_additional;
-}
-
-/* return ALL section concatenated */
-ldns_rr_list *
-ldns_pkt_all(const ldns_pkt *packet)
-{
- ldns_rr_list *all, *prev_all;
-
- all = ldns_rr_list_cat_clone(
- ldns_pkt_question(packet),
- ldns_pkt_answer(packet));
- prev_all = all;
- all = ldns_rr_list_cat_clone(all,
- ldns_pkt_authority(packet));
- ldns_rr_list_deep_free(prev_all);
- prev_all = all;
- all = ldns_rr_list_cat_clone(all,
- ldns_pkt_additional(packet));
- ldns_rr_list_deep_free(prev_all);
- return all;
-}
-
-ldns_rr_list *
-ldns_pkt_all_noquestion(const ldns_pkt *packet)
-{
- ldns_rr_list *all, *all2;
-
- all = ldns_rr_list_cat_clone(
- ldns_pkt_answer(packet),
- ldns_pkt_authority(packet));
- all2 = ldns_rr_list_cat_clone(all,
- ldns_pkt_additional(packet));
-
- ldns_rr_list_deep_free(all);
- return all2;
-}
-
-size_t
-ldns_pkt_size(const ldns_pkt *packet)
-{
- return packet->_size;
-}
-
-uint32_t
-ldns_pkt_querytime(const ldns_pkt *packet)
-{
- return packet->_querytime;
-}
-
-ldns_rdf *
-ldns_pkt_answerfrom(const ldns_pkt *packet)
-{
- return packet->_answerfrom;
-}
-
-struct timeval
-ldns_pkt_timestamp(const ldns_pkt *packet)
-{
- return packet->timestamp;
-}
-
-uint16_t
-ldns_pkt_edns_udp_size(const ldns_pkt *packet)
-{
- return packet->_edns_udp_size;
-}
-
-uint8_t
-ldns_pkt_edns_extended_rcode(const ldns_pkt *packet)
-{
- return packet->_edns_extended_rcode;
-}
-
-uint8_t
-ldns_pkt_edns_version(const ldns_pkt *packet)
-{
- return packet->_edns_version;
-}
-
-uint16_t
-ldns_pkt_edns_z(const ldns_pkt *packet)
-{
- return packet->_edns_z;
-}
-
-bool
-ldns_pkt_edns_do(const ldns_pkt *packet)
-{
- return (packet->_edns_z & LDNS_EDNS_MASK_DO_BIT);
-}
-
-void
-ldns_pkt_set_edns_do(ldns_pkt *packet, bool value)
-{
- if (value) {
- packet->_edns_z = packet->_edns_z | LDNS_EDNS_MASK_DO_BIT;
- } else {
- packet->_edns_z = packet->_edns_z & ~LDNS_EDNS_MASK_DO_BIT;
- }
-}
-
-ldns_rdf *
-ldns_pkt_edns_data(const ldns_pkt *packet)
-{
- return packet->_edns_data;
-}
-
-/* return only those rr that share the ownername */
-ldns_rr_list *
-ldns_pkt_rr_list_by_name(ldns_pkt *packet,
- ldns_rdf *ownername,
- ldns_pkt_section sec)
-{
- ldns_rr_list *rrs;
- ldns_rr_list *new;
- ldns_rr_list *ret;
- uint16_t i;
-
- if (!packet) {
- return NULL;
- }
-
- rrs = ldns_pkt_get_section_clone(packet, sec);
- new = ldns_rr_list_new();
- ret = NULL;
-
- for(i = 0; i < ldns_rr_list_rr_count(rrs); i++) {
- if (ldns_rdf_compare(ldns_rr_owner(
- ldns_rr_list_rr(rrs, i)),
- ownername) == 0) {
- /* owner names match */
- ldns_rr_list_push_rr(new, ldns_rr_list_rr(rrs, i));
- ret = new;
- }
- }
- return ret;
-}
-
-/* return only those rr that share a type */
-ldns_rr_list *
-ldns_pkt_rr_list_by_type(const ldns_pkt *packet,
- ldns_rr_type type,
- ldns_pkt_section sec)
-{
- ldns_rr_list *rrs;
- ldns_rr_list *new;
- uint16_t i;
-
- if(!packet) {
- return NULL;
- }
-
- rrs = ldns_pkt_get_section_clone(packet, sec);
- new = ldns_rr_list_new();
-
- for(i = 0; i < ldns_rr_list_rr_count(rrs); i++) {
- if (type == ldns_rr_get_type(ldns_rr_list_rr(rrs, i))) {
- /* types match */
- ldns_rr_list_push_rr(new,
- ldns_rr_clone(
- ldns_rr_list_rr(rrs, i))
- );
- }
- }
- ldns_rr_list_deep_free(rrs);
-
- if (ldns_rr_list_rr_count(new) == 0) {
- ldns_rr_list_free(new);
- return NULL;
- } else {
- return new;
- }
-}
-
-/* return only those rrs that share name and type */
-ldns_rr_list *
-ldns_pkt_rr_list_by_name_and_type(const ldns_pkt *packet,
- const ldns_rdf *ownername,
- ldns_rr_type type,
- ldns_pkt_section sec)
-{
- ldns_rr_list *rrs;
- ldns_rr_list *new;
- ldns_rr_list *ret;
- uint16_t i;
-
- if(!packet) {
- return NULL;
- }
-
- rrs = ldns_pkt_get_section_clone(packet, sec);
- new = ldns_rr_list_new();
- ret = NULL;
-
- for(i = 0; i < ldns_rr_list_rr_count(rrs); i++) {
- if (type == ldns_rr_get_type(ldns_rr_list_rr(rrs, i)) &&
- ldns_rdf_compare(ldns_rr_owner(ldns_rr_list_rr(rrs, i)),
- ownername
- ) == 0
- ) {
- /* types match */
- ldns_rr_list_push_rr(new, ldns_rr_clone(ldns_rr_list_rr(rrs, i)));
- ret = new;
- }
- }
- ldns_rr_list_deep_free(rrs);
- if (!ret) {
- ldns_rr_list_free(new);
- }
- return ret;
-}
-
-bool
-ldns_pkt_rr(ldns_pkt *pkt, ldns_pkt_section sec, ldns_rr *rr)
-{
- bool result = false;
-
- switch (sec) {
- case LDNS_SECTION_QUESTION:
- return ldns_rr_list_contains_rr(ldns_pkt_question(pkt), rr);
- case LDNS_SECTION_ANSWER:
- return ldns_rr_list_contains_rr(ldns_pkt_answer(pkt), rr);
- case LDNS_SECTION_AUTHORITY:
- return ldns_rr_list_contains_rr(ldns_pkt_authority(pkt), rr);
- case LDNS_SECTION_ADDITIONAL:
- return ldns_rr_list_contains_rr(ldns_pkt_additional(pkt), rr);
- case LDNS_SECTION_ANY:
- result = ldns_rr_list_contains_rr(ldns_pkt_question(pkt), rr);
- case LDNS_SECTION_ANY_NOQUESTION:
- result = result
- || ldns_rr_list_contains_rr(ldns_pkt_answer(pkt), rr)
- || ldns_rr_list_contains_rr(ldns_pkt_authority(pkt), rr)
- || ldns_rr_list_contains_rr(ldns_pkt_additional(pkt), rr);
- }
-
- return result;
-}
-
-uint16_t
-ldns_pkt_section_count(const ldns_pkt *packet, ldns_pkt_section s)
-{
- switch(s) {
- case LDNS_SECTION_QUESTION:
- return ldns_pkt_qdcount(packet);
- case LDNS_SECTION_ANSWER:
- return ldns_pkt_ancount(packet);
- case LDNS_SECTION_AUTHORITY:
- return ldns_pkt_nscount(packet);
- case LDNS_SECTION_ADDITIONAL:
- return ldns_pkt_arcount(packet);
- case LDNS_SECTION_ANY:
- return ldns_pkt_qdcount(packet) +
- ldns_pkt_ancount(packet) +
- ldns_pkt_nscount(packet) +
- ldns_pkt_arcount(packet);
- case LDNS_SECTION_ANY_NOQUESTION:
- return ldns_pkt_ancount(packet) +
- ldns_pkt_nscount(packet) +
- ldns_pkt_arcount(packet);
- default:
- return 0;
- }
-}
-
-bool
-ldns_pkt_empty(ldns_pkt *p)
-{
- if (!p) {
- return true; /* NULL is empty? */
- }
- if (ldns_pkt_section_count(p, LDNS_SECTION_ANY) > 0) {
- return false;
- } else {
- return true;
- }
-}
-
-
-ldns_rr_list *
-ldns_pkt_get_section_clone(const ldns_pkt *packet, ldns_pkt_section s)
-{
- switch(s) {
- case LDNS_SECTION_QUESTION:
- return ldns_rr_list_clone(ldns_pkt_question(packet));
- case LDNS_SECTION_ANSWER:
- return ldns_rr_list_clone(ldns_pkt_answer(packet));
- case LDNS_SECTION_AUTHORITY:
- return ldns_rr_list_clone(ldns_pkt_authority(packet));
- case LDNS_SECTION_ADDITIONAL:
- return ldns_rr_list_clone(ldns_pkt_additional(packet));
- case LDNS_SECTION_ANY:
- /* these are already clones */
- return ldns_pkt_all(packet);
- case LDNS_SECTION_ANY_NOQUESTION:
- return ldns_pkt_all_noquestion(packet);
- default:
- return NULL;
- }
-}
-
-ldns_rr *ldns_pkt_tsig(const ldns_pkt *pkt) {
- return pkt->_tsig_rr;
-}
-
-/* write */
-void
-ldns_pkt_set_id(ldns_pkt *packet, uint16_t id)
-{
- packet->_header->_id = id;
-}
-
-void
-ldns_pkt_set_random_id(ldns_pkt *packet)
-{
- uint16_t rid = ldns_get_random();
- ldns_pkt_set_id(packet, rid);
-}
-
-
-void
-ldns_pkt_set_qr(ldns_pkt *packet, bool qr)
-{
- packet->_header->_qr = qr;
-}
-
-void
-ldns_pkt_set_aa(ldns_pkt *packet, bool aa)
-{
- packet->_header->_aa = aa;
-}
-
-void
-ldns_pkt_set_tc(ldns_pkt *packet, bool tc)
-{
- packet->_header->_tc = tc;
-}
-
-void
-ldns_pkt_set_rd(ldns_pkt *packet, bool rd)
-{
- packet->_header->_rd = rd;
-}
-
-void
-ldns_pkt_set_additional(ldns_pkt *p, ldns_rr_list *rr)
-{
- p->_additional = rr;
-}
-
-void
-ldns_pkt_set_question(ldns_pkt *p, ldns_rr_list *rr)
-{
- p->_question = rr;
-}
-
-void
-ldns_pkt_set_answer(ldns_pkt *p, ldns_rr_list *rr)
-{
- p->_answer = rr;
-}
-
-void
-ldns_pkt_set_authority(ldns_pkt *p, ldns_rr_list *rr)
-{
- p->_authority = rr;
-}
-
-void
-ldns_pkt_set_cd(ldns_pkt *packet, bool cd)
-{
- packet->_header->_cd = cd;
-}
-
-void
-ldns_pkt_set_ra(ldns_pkt *packet, bool ra)
-{
- packet->_header->_ra = ra;
-}
-
-void
-ldns_pkt_set_ad(ldns_pkt *packet, bool ad)
-{
- packet->_header->_ad = ad;
-}
-
-void
-ldns_pkt_set_opcode(ldns_pkt *packet, ldns_pkt_opcode opcode)
-{
- packet->_header->_opcode = opcode;
-}
-
-void
-ldns_pkt_set_rcode(ldns_pkt *packet, uint8_t rcode)
-{
- packet->_header->_rcode = rcode;
-}
-
-void
-ldns_pkt_set_qdcount(ldns_pkt *packet, uint16_t qdcount)
-{
- packet->_header->_qdcount = qdcount;
-}
-
-void
-ldns_pkt_set_ancount(ldns_pkt *packet, uint16_t ancount)
-{
- packet->_header->_ancount = ancount;
-}
-
-void
-ldns_pkt_set_nscount(ldns_pkt *packet, uint16_t nscount)
-{
- packet->_header->_nscount = nscount;
-}
-
-void
-ldns_pkt_set_arcount(ldns_pkt *packet, uint16_t arcount)
-{
- packet->_header->_arcount = arcount;
-}
-
-void
-ldns_pkt_set_querytime(ldns_pkt *packet, uint32_t time)
-{
- packet->_querytime = time;
-}
-
-void
-ldns_pkt_set_answerfrom(ldns_pkt *packet, ldns_rdf *answerfrom)
-{
- packet->_answerfrom = answerfrom;
-}
-
-void
-ldns_pkt_set_timestamp(ldns_pkt *packet, struct timeval timeval)
-{
- packet->timestamp.tv_sec = timeval.tv_sec;
- packet->timestamp.tv_usec = timeval.tv_usec;
-}
-
-void
-ldns_pkt_set_size(ldns_pkt *packet, size_t s)
-{
- packet->_size = s;
-}
-
-void
-ldns_pkt_set_edns_udp_size(ldns_pkt *packet, uint16_t s)
-{
- packet->_edns_udp_size = s;
-}
-
-void
-ldns_pkt_set_edns_extended_rcode(ldns_pkt *packet, uint8_t c)
-{
- packet->_edns_extended_rcode = c;
-}
-
-void
-ldns_pkt_set_edns_version(ldns_pkt *packet, uint8_t v)
-{
- packet->_edns_version = v;
-}
-
-void
-ldns_pkt_set_edns_z(ldns_pkt *packet, uint16_t z)
-{
- packet->_edns_z = z;
-}
-
-void
-ldns_pkt_set_edns_data(ldns_pkt *packet, ldns_rdf *data)
-{
- packet->_edns_data = data;
-}
-
-void
-ldns_pkt_set_section_count(ldns_pkt *packet, ldns_pkt_section s, uint16_t count)
-{
- switch(s) {
- case LDNS_SECTION_QUESTION:
- ldns_pkt_set_qdcount(packet, count);
- break;
- case LDNS_SECTION_ANSWER:
- ldns_pkt_set_ancount(packet, count);
- break;
- case LDNS_SECTION_AUTHORITY:
- ldns_pkt_set_nscount(packet, count);
- break;
- case LDNS_SECTION_ADDITIONAL:
- ldns_pkt_set_arcount(packet, count);
- break;
- case LDNS_SECTION_ANY:
- case LDNS_SECTION_ANY_NOQUESTION:
- break;
- }
-}
-
-void ldns_pkt_set_tsig(ldns_pkt *pkt, ldns_rr *rr)
-{
- pkt->_tsig_rr = rr;
-}
-
-bool
-ldns_pkt_push_rr(ldns_pkt *packet, ldns_pkt_section section, ldns_rr *rr)
-{
- switch(section) {
- case LDNS_SECTION_QUESTION:
- ldns_rr_list_push_rr(ldns_pkt_question(packet), rr);
- ldns_pkt_set_qdcount(packet, ldns_pkt_qdcount(packet) + 1);
- break;
- case LDNS_SECTION_ANSWER:
- ldns_rr_list_push_rr(ldns_pkt_answer(packet), rr);
- ldns_pkt_set_ancount(packet, ldns_pkt_ancount(packet) + 1);
- break;
- case LDNS_SECTION_AUTHORITY:
- ldns_rr_list_push_rr(ldns_pkt_authority(packet), rr);
- ldns_pkt_set_nscount(packet, ldns_pkt_nscount(packet) + 1);
- break;
- case LDNS_SECTION_ADDITIONAL:
- ldns_rr_list_push_rr(ldns_pkt_additional(packet), rr);
- ldns_pkt_set_arcount(packet, ldns_pkt_arcount(packet) + 1);
- break;
- case LDNS_SECTION_ANY:
- case LDNS_SECTION_ANY_NOQUESTION:
- /* shouldn't this error? */
- break;
- }
- return true;
-}
-
-bool
-ldns_pkt_safe_push_rr(ldns_pkt *pkt, ldns_pkt_section sec, ldns_rr *rr)
-{
-
- /* check to see if its there */
- if (ldns_pkt_rr(pkt, sec, rr)) {
- /* already there */
- return false;
- }
- return ldns_pkt_push_rr(pkt, sec, rr);
-}
-
-bool
-ldns_pkt_push_rr_list(ldns_pkt *p, ldns_pkt_section s, ldns_rr_list *list)
-{
- size_t i;
- for(i = 0; i < ldns_rr_list_rr_count(list); i++) {
- if (!ldns_pkt_push_rr(p, s, ldns_rr_list_rr(list, i))) {
- return false;
- }
- }
- return true;
-}
-
-bool
-ldns_pkt_safe_push_rr_list(ldns_pkt *p, ldns_pkt_section s, ldns_rr_list *list)
-{
- size_t i;
- for(i = 0; i < ldns_rr_list_rr_count(list); i++) {
- if (!ldns_pkt_safe_push_rr(p, s, ldns_rr_list_rr(list, i))) {
- return false;
- }
- }
- return true;
-}
-
-bool
-ldns_pkt_edns(const ldns_pkt *pkt) {
- return (ldns_pkt_edns_udp_size(pkt) > 0 ||
- ldns_pkt_edns_extended_rcode(pkt) > 0 ||
- ldns_pkt_edns_data(pkt) ||
- ldns_pkt_edns_do(pkt)
- );
-}
-
-
-/* Create/destroy/convert functions
- */
-ldns_pkt *
-ldns_pkt_new()
-{
- ldns_pkt *packet;
- packet = LDNS_MALLOC(ldns_pkt);
- if (!packet) {
- return NULL;
- }
-
- packet->_header = LDNS_MALLOC(ldns_hdr);
- if (!packet->_header) {
- LDNS_FREE(packet);
- return NULL;
- }
-
- packet->_question = ldns_rr_list_new();
- packet->_answer = ldns_rr_list_new();
- packet->_authority = ldns_rr_list_new();
- packet->_additional = ldns_rr_list_new();
-
- /* default everything to false */
- ldns_pkt_set_qr(packet, false);
- ldns_pkt_set_aa(packet, false);
- ldns_pkt_set_tc(packet, false);
- ldns_pkt_set_rd(packet, false);
- ldns_pkt_set_ra(packet, false);
- ldns_pkt_set_ad(packet, false);
- ldns_pkt_set_cd(packet, false);
-
- ldns_pkt_set_opcode(packet, LDNS_PACKET_QUERY);
- ldns_pkt_set_rcode(packet, 0);
- ldns_pkt_set_id(packet, 0);
- ldns_pkt_set_size(packet, 0);
- ldns_pkt_set_querytime(packet, 0);
- memset(&packet->timestamp, 0, sizeof(packet->timestamp));
- ldns_pkt_set_answerfrom(packet, NULL);
- ldns_pkt_set_section_count(packet, LDNS_SECTION_QUESTION, 0);
- ldns_pkt_set_section_count(packet, LDNS_SECTION_ANSWER, 0);
- ldns_pkt_set_section_count(packet, LDNS_SECTION_AUTHORITY, 0);
- ldns_pkt_set_section_count(packet, LDNS_SECTION_ADDITIONAL, 0);
-
- ldns_pkt_set_edns_udp_size(packet, 0);
- ldns_pkt_set_edns_extended_rcode(packet, 0);
- ldns_pkt_set_edns_version(packet, 0);
- ldns_pkt_set_edns_z(packet, 0);
- ldns_pkt_set_edns_data(packet, NULL);
-
- ldns_pkt_set_tsig(packet, NULL);
-
- return packet;
-}
-
-void
-ldns_pkt_free(ldns_pkt *packet)
-{
- if (packet) {
- LDNS_FREE(packet->_header);
- ldns_rr_list_deep_free(packet->_question);
- ldns_rr_list_deep_free(packet->_answer);
- ldns_rr_list_deep_free(packet->_authority);
- ldns_rr_list_deep_free(packet->_additional);
- ldns_rr_free(packet->_tsig_rr);
- ldns_rdf_deep_free(packet->_edns_data);
- LDNS_FREE(packet);
- }
-}
-
-bool
-ldns_pkt_set_flags(ldns_pkt *packet, uint16_t flags)
-{
- if (!packet) {
- return false;
- }
- if ((flags & LDNS_QR) == LDNS_QR) {
- ldns_pkt_set_qr(packet, true);
- }
- if ((flags & LDNS_AA) == LDNS_AA) {
- ldns_pkt_set_aa(packet, true);
- }
- if ((flags & LDNS_RD) == LDNS_RD) {
- ldns_pkt_set_rd(packet, true);
- }
- if ((flags & LDNS_TC) == LDNS_TC) {
- ldns_pkt_set_tc(packet, true);
- }
- if ((flags & LDNS_CD) == LDNS_CD) {
- ldns_pkt_set_cd(packet, true);
- }
- if ((flags & LDNS_RA) == LDNS_RA) {
- ldns_pkt_set_ra(packet, true);
- }
- if ((flags & LDNS_AD) == LDNS_AD) {
- ldns_pkt_set_ad(packet, true);
- }
- return true;
-}
-
-ldns_status
-ldns_pkt_query_new_frm_str(ldns_pkt **p, const char *name, ldns_rr_type rr_type,
- ldns_rr_class rr_class, uint16_t flags)
-{
- ldns_pkt *packet;
- ldns_rr *question_rr;
- ldns_rdf *name_rdf;
-
- packet = ldns_pkt_new();
- if (!packet) {
- return LDNS_STATUS_MEM_ERR;
- }
-
- if (!ldns_pkt_set_flags(packet, flags)) {
- return LDNS_STATUS_ERR;
- }
-
- question_rr = ldns_rr_new();
- if (!question_rr) {
- return LDNS_STATUS_MEM_ERR;
- }
-
- if (rr_type == 0) {
- rr_type = LDNS_RR_TYPE_A;
- }
- if (rr_class == 0) {
- rr_class = LDNS_RR_CLASS_IN;
- }
-
- if (ldns_str2rdf_dname(&name_rdf, name) == LDNS_STATUS_OK) {
- ldns_rr_set_owner(question_rr, name_rdf);
- ldns_rr_set_type(question_rr, rr_type);
- ldns_rr_set_class(question_rr, rr_class);
- ldns_rr_set_question(question_rr, true);
-
- ldns_pkt_push_rr(packet, LDNS_SECTION_QUESTION, question_rr);
- } else {
- ldns_rr_free(question_rr);
- ldns_pkt_free(packet);
- return LDNS_STATUS_ERR;
- }
-
- packet->_tsig_rr = NULL;
-
- ldns_pkt_set_answerfrom(packet, NULL);
- if (p) {
- *p = packet;
- return LDNS_STATUS_OK;
- } else {
- return LDNS_STATUS_NULL;
- }
-}
-
-ldns_pkt *
-ldns_pkt_query_new(ldns_rdf *rr_name, ldns_rr_type rr_type, ldns_rr_class rr_class,
- uint16_t flags)
-{
- ldns_pkt *packet;
- ldns_rr *question_rr;
-
- packet = ldns_pkt_new();
- if (!packet) {
- return NULL;
- }
-
- if (!ldns_pkt_set_flags(packet, flags)) {
- return NULL;
- }
-
- question_rr = ldns_rr_new();
- if (!question_rr) {
- return NULL;
- }
-
- if (rr_type == 0) {
- rr_type = LDNS_RR_TYPE_A;
- }
- if (rr_class == 0) {
- rr_class = LDNS_RR_CLASS_IN;
- }
-
- ldns_rr_set_owner(question_rr, rr_name);
- ldns_rr_set_type(question_rr, rr_type);
- ldns_rr_set_class(question_rr, rr_class);
- ldns_rr_set_question(question_rr, true);
-
- packet->_tsig_rr = NULL;
-
- ldns_pkt_push_rr(packet, LDNS_SECTION_QUESTION, question_rr);
-
- return packet;
-}
-
-ldns_pkt_type
-ldns_pkt_reply_type(ldns_pkt *p)
-{
- ldns_rr_list *tmp;
-
- if (!p) {
- return LDNS_PACKET_UNKNOWN;
- }
-
- if (ldns_pkt_get_rcode(p) == LDNS_RCODE_NXDOMAIN) {
- return LDNS_PACKET_NXDOMAIN;
- }
-
- if (ldns_pkt_ancount(p) == 0 && ldns_pkt_arcount(p) == 0
- && ldns_pkt_nscount(p) == 1) {
-
- /* check for SOA */
- tmp = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_SOA,
- LDNS_SECTION_AUTHORITY);
- if (tmp) {
- ldns_rr_list_deep_free(tmp);
- return LDNS_PACKET_NODATA;
- } else {
- /* I have no idea ... */
- }
- }
-
- if (ldns_pkt_ancount(p) == 0 && ldns_pkt_nscount(p) > 0) {
- tmp = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_NS,
- LDNS_SECTION_AUTHORITY);
- if (tmp) {
- /* there are nameservers here */
- ldns_rr_list_deep_free(tmp);
- return LDNS_PACKET_REFERRAL;
- } else {
- /* I have no idea */
- }
- ldns_rr_list_deep_free(tmp);
- }
-
- /* if we cannot determine the packet type, we say it's an
- * answer...
- */
- return LDNS_PACKET_ANSWER;
-}
-
-ldns_pkt *
-ldns_pkt_clone(ldns_pkt *pkt)
-{
- ldns_pkt *new_pkt;
-
- if (!pkt) {
- return NULL;
- }
- new_pkt = ldns_pkt_new();
-
- ldns_pkt_set_id(new_pkt, ldns_pkt_id(pkt));
- ldns_pkt_set_qr(new_pkt, ldns_pkt_qr(pkt));
- ldns_pkt_set_aa(new_pkt, ldns_pkt_aa(pkt));
- ldns_pkt_set_tc(new_pkt, ldns_pkt_tc(pkt));
- ldns_pkt_set_rd(new_pkt, ldns_pkt_rd(pkt));
- ldns_pkt_set_cd(new_pkt, ldns_pkt_cd(pkt));
- ldns_pkt_set_ra(new_pkt, ldns_pkt_ra(pkt));
- ldns_pkt_set_ad(new_pkt, ldns_pkt_ad(pkt));
- ldns_pkt_set_opcode(new_pkt, ldns_pkt_get_opcode(pkt));
- ldns_pkt_set_rcode(new_pkt, ldns_pkt_get_rcode(pkt));
- ldns_pkt_set_qdcount(new_pkt, ldns_pkt_qdcount(pkt));
- ldns_pkt_set_ancount(new_pkt, ldns_pkt_ancount(pkt));
- ldns_pkt_set_nscount(new_pkt, ldns_pkt_nscount(pkt));
- ldns_pkt_set_arcount(new_pkt, ldns_pkt_arcount(pkt));
- ldns_pkt_set_answerfrom(new_pkt, ldns_pkt_answerfrom(pkt));
- ldns_pkt_set_querytime(new_pkt, ldns_pkt_querytime(pkt));
- ldns_pkt_set_size(new_pkt, ldns_pkt_size(pkt));
- ldns_pkt_set_tsig(new_pkt, ldns_rr_clone(ldns_pkt_tsig(pkt)));
-
- ldns_pkt_set_edns_udp_size(new_pkt, ldns_pkt_edns_udp_size(pkt));
- ldns_pkt_set_edns_extended_rcode(new_pkt,
- ldns_pkt_edns_extended_rcode(pkt));
- ldns_pkt_set_edns_version(new_pkt, ldns_pkt_edns_version(pkt));
- ldns_pkt_set_edns_z(new_pkt, ldns_pkt_edns_z(pkt));
- if(ldns_pkt_edns_data(pkt))
- ldns_pkt_set_edns_data(new_pkt,
- ldns_rdf_clone(ldns_pkt_edns_data(pkt)));
- ldns_pkt_set_edns_do(new_pkt, ldns_pkt_edns_do(pkt));
-
- ldns_rr_list_deep_free(new_pkt->_question);
- ldns_rr_list_deep_free(new_pkt->_answer);
- ldns_rr_list_deep_free(new_pkt->_authority);
- ldns_rr_list_deep_free(new_pkt->_additional);
- new_pkt->_question = ldns_rr_list_clone(ldns_pkt_question(pkt));
- new_pkt->_answer = ldns_rr_list_clone(ldns_pkt_answer(pkt));
- new_pkt->_authority = ldns_rr_list_clone(ldns_pkt_authority(pkt));
- new_pkt->_additional = ldns_rr_list_clone(ldns_pkt_additional(pkt));
- return new_pkt;
-}
+++ /dev/null
-/*
- * a generic (simple) parser. Use to parse rr's, private key
- * information and /etc/resolv.conf files
- *
- * a Net::DNS like library for C
- * LibDNS Team @ NLnet Labs
- * (c) NLnet Labs, 2005-2006
- * See the file LICENSE for the license
- */
-#include <ldns/config.h>
-#include <ldns/ldns.h>
-
-#include <limits.h>
-#ifdef _MSC_VER
-#include <string.h>
-#else
-#include <strings.h>
-#endif
-
-ldns_lookup_table ldns_directive_types[] = {
- { LDNS_DIR_TTL, "$TTL" },
- { LDNS_DIR_ORIGIN, "$ORIGIN" },
- { LDNS_DIR_INCLUDE, "$INCLUDE" },
- { 0, NULL }
-};
-
-/* add max_limit here? */
-ssize_t
-ldns_fget_token(FILE *f, char *token, const char *delim, size_t limit)
-{
- return ldns_fget_token_l(f, token, delim, limit, NULL);
-}
-
-ssize_t
-ldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *line_nr)
-{
- int c, prev_c;
- int p; /* 0 -> no parenthese seen, >0 nr of ( seen */
- int com, quoted;
- char *t;
- size_t i;
- const char *d;
- const char *del;
-
- /* standard delimeters */
- if (!delim) {
- /* from isspace(3) */
- del = LDNS_PARSE_NORMAL;
- } else {
- del = delim;
- }
-
- p = 0;
- i = 0;
- com = 0;
- quoted = 0;
- prev_c = 0;
- t = token;
- if (del[0] == '"') {
- quoted = 1;
- }
- while ((c = getc(f)) != EOF) {
- if (c == '(' && prev_c != '\\' && !quoted) {
- /* this only counts for non-comments */
- if (com == 0) {
- p++;
- }
- prev_c = c;
- continue;
- }
-
- if (c == ')' && prev_c != '\\' && !quoted) {
- /* this only counts for non-comments */
- if (com == 0) {
- p--;
- }
- prev_c = c;
- continue;
- }
-
- if (p < 0) {
- /* more ) then ( - close off the string */
- *t = '\0';
- return 0;
- }
-
- /* do something with comments ; */
- if (c == ';' && quoted == 0) {
- if (prev_c != '\\') {
- com = 1;
- }
- }
- if (c == '\"' && com == 0 && prev_c != '\\') {
- quoted = 1 - quoted;
- }
-
- if (c == '\n' && com != 0) {
- /* comments */
- com = 0;
- *t = ' ';
- if (line_nr) {
- *line_nr = *line_nr + 1;
- }
- if (p == 0 && i > 0) {
- goto tokenread;
- } else {
- prev_c = c;
- continue;
- }
- }
-
- if (com == 1) {
- *t = ' ';
- prev_c = c;
- continue;
- }
-
-
- if (c == '\n' && p != 0 && t > token) {
- /* in parentheses */
- if (line_nr) {
- *line_nr = *line_nr + 1;
- }
- *t++ = ' ';
- prev_c = c;
- continue;
- }
-
- /* check if we hit the delim */
- for (d = del; *d; d++) {
- if (c == *d && i > 0 && prev_c != '\\') {
- if (c == '\n' && line_nr) {
- *line_nr = *line_nr + 1;
- }
- goto tokenread;
- }
- }
- if (c != '\0' && c != '\n') {
- *t++ = c;
- i++;
- }
- if (limit > 0 && i >= limit) {
- *t = '\0';
- return -1;
- }
- if (c == '\\' && prev_c == '\\')
- prev_c = 0;
- else prev_c = c;
- }
- *t = '\0';
- if (c == EOF) {
- return (ssize_t)i;
- }
-
- if (i == 0) {
- /* nothing read */
- return -1;
- }
- if (p != 0) {
- return -1;
- }
- return (ssize_t)i;
-
-tokenread:
- ldns_fskipcs_l(f, delim, line_nr);
- *t = '\0';
- if (p != 0) {
- return -1;
- }
-
- return (ssize_t)i;
-}
-
-ssize_t
-ldns_fget_keyword_data(FILE *f, const char *keyword, const char *k_del, char *data,
- const char *d_del, size_t data_limit)
-{
- return ldns_fget_keyword_data_l(f, keyword, k_del, data, d_del,
- data_limit, NULL);
-}
-
-ssize_t
-ldns_fget_keyword_data_l(FILE *f, const char *keyword, const char *k_del, char *data,
- const char *d_del, size_t data_limit, int *line_nr)
-{
- /* we assume: keyword|sep|data */
- char *fkeyword;
- ssize_t i;
-
- if(strlen(keyword) >= LDNS_MAX_KEYWORDLEN)
- return -1;
- fkeyword = LDNS_XMALLOC(char, LDNS_MAX_KEYWORDLEN);
- if(!fkeyword)
- return -1;
-
- i = ldns_fget_token(f, fkeyword, k_del, LDNS_MAX_KEYWORDLEN);
- if(i==0 || i==-1) {
- LDNS_FREE(fkeyword);
- return -1;
- }
-
- /* case??? i instead of strlen? */
- if (strncmp(fkeyword, keyword, LDNS_MAX_KEYWORDLEN - 1) == 0) {
- /* whee! */
- /* printf("%s\n%s\n", "Matching keyword", fkeyword); */
- i = ldns_fget_token_l(f, data, d_del, data_limit, line_nr);
- LDNS_FREE(fkeyword);
- return i;
- } else {
- /*printf("no match for %s (read: %s)\n", keyword, fkeyword);*/
- LDNS_FREE(fkeyword);
- return -1;
- }
-}
-
-
-ssize_t
-ldns_bget_token(ldns_buffer *b, char *token, const char *delim, size_t limit)
-{
- int c, lc;
- int p; /* 0 -> no parenthese seen, >0 nr of ( seen */
- int com, quoted;
- char *t;
- size_t i;
- const char *d;
- const char *del;
-
- /* standard delimiters */
- if (!delim) {
- /* from isspace(3) */
- del = LDNS_PARSE_NORMAL;
- } else {
- del = delim;
- }
-
- p = 0;
- i = 0;
- com = 0;
- quoted = 0;
- t = token;
- lc = 0;
- if (del[0] == '"') {
- quoted = 1;
- }
-
- while ((c = ldns_bgetc(b)) != EOF) {
- if (c == '(' && lc != '\\' && !quoted) {
- /* this only counts for non-comments */
- if (com == 0) {
- p++;
- }
- lc = c;
- continue;
- }
-
- if (c == ')' && lc != '\\' && !quoted) {
- /* this only counts for non-comments */
- if (com == 0) {
- p--;
- }
- lc = c;
- continue;
- }
-
- if (p < 0) {
- /* more ) then ( */
- *t = '\0';
- return 0;
- }
-
- /* do something with comments ; */
- if (c == ';' && quoted == 0) {
- if (lc != '\\') {
- com = 1;
- }
- }
- if (c == '"' && com == 0 && lc != '\\') {
- quoted = 1 - quoted;
- }
-
- if (c == '\n' && com != 0) {
- /* comments */
- com = 0;
- *t = ' ';
- lc = c;
- continue;
- }
-
- if (com == 1) {
- *t = ' ';
- lc = c;
- continue;
- }
-
- if (c == '\n' && p != 0) {
- /* in parentheses */
- *t++ = ' ';
- lc = c;
- continue;
- }
-
- /* check if we hit the delim */
- for (d = del; *d; d++) {
- if (c == *d && lc != '\\') {
- goto tokenread;
- }
- }
-
- *t++ = c;
- i++;
- if (limit > 0 && i >= limit) {
- *t = '\0';
- return -1;
- }
-
- if (c == '\\' && lc == '\\') {
- lc = 0;
- } else {
- lc = c;
- }
- }
- *t = '\0';
- if (i == 0) {
- /* nothing read */
- return -1;
- }
- if (p != 0) {
- return -1;
- }
- return (ssize_t)i;
-
-tokenread:
- ldns_bskipcs(b, delim);
- *t = '\0';
-
- if (p != 0) {
- return -1;
- }
- return (ssize_t)i;
-}
-
-void
-ldns_bskipc(ldns_buffer *buffer, char c)
-{
- while (c == (char) ldns_buffer_read_u8_at(buffer, ldns_buffer_position(buffer))) {
- if (ldns_buffer_available_at(buffer,
- buffer->_position + sizeof(char), sizeof(char))) {
- buffer->_position += sizeof(char);
- } else {
- return;
- }
- }
-}
-
-void
-ldns_bskipcs(ldns_buffer *buffer, const char *s)
-{
- bool found;
- char c;
- const char *d;
-
- while(ldns_buffer_available_at(buffer, buffer->_position, sizeof(char))) {
- c = (char) ldns_buffer_read_u8_at(buffer, buffer->_position);
- found = false;
- for (d = s; *d; d++) {
- if (*d == c) {
- found = true;
- }
- }
- if (found && buffer->_limit > buffer->_position) {
- buffer->_position += sizeof(char);
- } else {
- return;
- }
- }
-}
-
-void
-ldns_fskipc(FILE *fp, char c)
-{
- fp = fp;
- c = c;
-}
-
-
-void
-ldns_fskipcs(FILE *fp, const char *s)
-{
- ldns_fskipcs_l(fp, s, NULL);
-}
-
-void
-ldns_fskipcs_l(FILE *fp, const char *s, int *line_nr)
-{
- bool found;
- int c;
- const char *d;
-
- while ((c = fgetc(fp)) != EOF) {
- if (line_nr && c == '\n') {
- *line_nr = *line_nr + 1;
- }
- found = false;
- for (d = s; *d; d++) {
- if (*d == c) {
- found = true;
- }
- }
- if (!found) {
- /* with getc, we've read too far */
- ungetc(c, fp);
- return;
- }
- }
-}
-
-ssize_t
-ldns_bget_keyword_data(ldns_buffer *b, const char *keyword, const char *k_del, char
-*data, const char *d_del, size_t data_limit)
-{
- /* we assume: keyword|sep|data */
- char *fkeyword;
- ssize_t i;
-
- if(strlen(keyword) >= LDNS_MAX_KEYWORDLEN)
- return -1;
- fkeyword = LDNS_XMALLOC(char, LDNS_MAX_KEYWORDLEN);
- if(!fkeyword)
- return -1; /* out of memory */
-
- i = ldns_bget_token(b, fkeyword, k_del, data_limit);
- if(i==0 || i==-1) {
- LDNS_FREE(fkeyword);
- return -1; /* nothing read */
- }
-
- /* case??? */
- if (strncmp(fkeyword, keyword, strlen(keyword)) == 0) {
- LDNS_FREE(fkeyword);
- /* whee, the match! */
- /* retrieve it's data */
- i = ldns_bget_token(b, data, d_del, 0);
- return i;
- } else {
- LDNS_FREE(fkeyword);
- return -1;
- }
-}
-
+++ /dev/null
-/*
- * rbtree.c -- generic red black tree
- *
- * Taken from Unbound, modified for ldns
- *
- * Copyright (c) 2001-2008, NLnet Labs. All rights reserved.
- *
- * This software is open source.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * Redistributions of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above copyright notice,
- * this list of conditions and the following disclaimer in the documentation
- * and/or other materials provided with the distribution.
- *
- * Neither the name of the NLNET LABS nor the names of its contributors may
- * be used to endorse or promote products derived from this software without
- * specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-/**
- * \file
- * Implementation of a redblack tree.
- */
-
-#include <ldns/config.h>
-#include <ldns/rbtree.h>
-#include <stdlib.h>
-
-/** Node colour black */
-#define BLACK 0
-/** Node colour red */
-#define RED 1
-
-/** the NULL node, global alloc */
-ldns_rbnode_t ldns_rbtree_null_node = {
- LDNS_RBTREE_NULL, /* Parent. */
- LDNS_RBTREE_NULL, /* Left. */
- LDNS_RBTREE_NULL, /* Right. */
- NULL, /* Key. */
- NULL, /* Data. */
- BLACK /* Color. */
-};
-
-/** rotate subtree left (to preserve redblack property) */
-static void ldns_rbtree_rotate_left(ldns_rbtree_t *rbtree, ldns_rbnode_t *node);
-/** rotate subtree right (to preserve redblack property) */
-static void ldns_rbtree_rotate_right(ldns_rbtree_t *rbtree, ldns_rbnode_t *node);
-/** Fixup node colours when insert happened */
-static void ldns_rbtree_insert_fixup(ldns_rbtree_t *rbtree, ldns_rbnode_t *node);
-/** Fixup node colours when delete happened */
-static void ldns_rbtree_delete_fixup(ldns_rbtree_t* rbtree, ldns_rbnode_t* child, ldns_rbnode_t* child_parent);
-
-/*
- * Creates a new red black tree, intializes and returns a pointer to it.
- *
- * Return NULL on failure.
- *
- */
-ldns_rbtree_t *
-ldns_rbtree_create (int (*cmpf)(const void *, const void *))
-{
- ldns_rbtree_t *rbtree;
-
- /* Allocate memory for it */
- rbtree = (ldns_rbtree_t *) malloc(sizeof(ldns_rbtree_t));
- if (!rbtree) {
- return NULL;
- }
-
- /* Initialize it */
- ldns_rbtree_init(rbtree, cmpf);
-
- return rbtree;
-}
-
-void
-ldns_rbtree_init(ldns_rbtree_t *rbtree, int (*cmpf)(const void *, const void *))
-{
- /* Initialize it */
- rbtree->root = LDNS_RBTREE_NULL;
- rbtree->count = 0;
- rbtree->cmp = cmpf;
-}
-
-void
-ldns_rbtree_free(ldns_rbtree_t *rbtree)
-{
- free(rbtree);
-}
-
-/*
- * Rotates the node to the left.
- *
- */
-static void
-ldns_rbtree_rotate_left(ldns_rbtree_t *rbtree, ldns_rbnode_t *node)
-{
- ldns_rbnode_t *right = node->right;
- node->right = right->left;
- if (right->left != LDNS_RBTREE_NULL)
- right->left->parent = node;
-
- right->parent = node->parent;
-
- if (node->parent != LDNS_RBTREE_NULL) {
- if (node == node->parent->left) {
- node->parent->left = right;
- } else {
- node->parent->right = right;
- }
- } else {
- rbtree->root = right;
- }
- right->left = node;
- node->parent = right;
-}
-
-/*
- * Rotates the node to the right.
- *
- */
-static void
-ldns_rbtree_rotate_right(ldns_rbtree_t *rbtree, ldns_rbnode_t *node)
-{
- ldns_rbnode_t *left = node->left;
- node->left = left->right;
- if (left->right != LDNS_RBTREE_NULL)
- left->right->parent = node;
-
- left->parent = node->parent;
-
- if (node->parent != LDNS_RBTREE_NULL) {
- if (node == node->parent->right) {
- node->parent->right = left;
- } else {
- node->parent->left = left;
- }
- } else {
- rbtree->root = left;
- }
- left->right = node;
- node->parent = left;
-}
-
-static void
-ldns_rbtree_insert_fixup(ldns_rbtree_t *rbtree, ldns_rbnode_t *node)
-{
- ldns_rbnode_t *uncle;
-
- /* While not at the root and need fixing... */
- while (node != rbtree->root && node->parent->color == RED) {
- /* If our parent is left child of our grandparent... */
- if (node->parent == node->parent->parent->left) {
- uncle = node->parent->parent->right;
-
- /* If our uncle is red... */
- if (uncle->color == RED) {
- /* Paint the parent and the uncle black... */
- node->parent->color = BLACK;
- uncle->color = BLACK;
-
- /* And the grandparent red... */
- node->parent->parent->color = RED;
-
- /* And continue fixing the grandparent */
- node = node->parent->parent;
- } else { /* Our uncle is black... */
- /* Are we the right child? */
- if (node == node->parent->right) {
- node = node->parent;
- ldns_rbtree_rotate_left(rbtree, node);
- }
- /* Now we're the left child, repaint and rotate... */
- node->parent->color = BLACK;
- node->parent->parent->color = RED;
- ldns_rbtree_rotate_right(rbtree, node->parent->parent);
- }
- } else {
- uncle = node->parent->parent->left;
-
- /* If our uncle is red... */
- if (uncle->color == RED) {
- /* Paint the parent and the uncle black... */
- node->parent->color = BLACK;
- uncle->color = BLACK;
-
- /* And the grandparent red... */
- node->parent->parent->color = RED;
-
- /* And continue fixing the grandparent */
- node = node->parent->parent;
- } else { /* Our uncle is black... */
- /* Are we the right child? */
- if (node == node->parent->left) {
- node = node->parent;
- ldns_rbtree_rotate_right(rbtree, node);
- }
- /* Now we're the right child, repaint and rotate... */
- node->parent->color = BLACK;
- node->parent->parent->color = RED;
- ldns_rbtree_rotate_left(rbtree, node->parent->parent);
- }
- }
- }
- rbtree->root->color = BLACK;
-}
-
-void
-ldns_rbtree_insert_vref(ldns_rbnode_t *data, void *rbtree)
-{
- (void) ldns_rbtree_insert((ldns_rbtree_t *) rbtree,
- data);
-}
-
-/*
- * Inserts a node into a red black tree.
- *
- * Returns NULL on failure or the pointer to the newly added node
- * otherwise.
- */
-ldns_rbnode_t *
-ldns_rbtree_insert (ldns_rbtree_t *rbtree, ldns_rbnode_t *data)
-{
- /* XXX Not necessary, but keeps compiler quiet... */
- int r = 0;
-
- /* We start at the root of the tree */
- ldns_rbnode_t *node = rbtree->root;
- ldns_rbnode_t *parent = LDNS_RBTREE_NULL;
-
- /* Lets find the new parent... */
- while (node != LDNS_RBTREE_NULL) {
- /* Compare two keys, do we have a duplicate? */
- if ((r = rbtree->cmp(data->key, node->key)) == 0) {
- return NULL;
- }
- parent = node;
-
- if (r < 0) {
- node = node->left;
- } else {
- node = node->right;
- }
- }
-
- /* Initialize the new node */
- data->parent = parent;
- data->left = data->right = LDNS_RBTREE_NULL;
- data->color = RED;
- rbtree->count++;
-
- /* Insert it into the tree... */
- if (parent != LDNS_RBTREE_NULL) {
- if (r < 0) {
- parent->left = data;
- } else {
- parent->right = data;
- }
- } else {
- rbtree->root = data;
- }
-
- /* Fix up the red-black properties... */
- ldns_rbtree_insert_fixup(rbtree, data);
-
- return data;
-}
-
-/*
- * Searches the red black tree, returns the data if key is found or NULL otherwise.
- *
- */
-ldns_rbnode_t *
-ldns_rbtree_search (ldns_rbtree_t *rbtree, const void *key)
-{
- ldns_rbnode_t *node;
-
- if (ldns_rbtree_find_less_equal(rbtree, key, &node)) {
- return node;
- } else {
- return NULL;
- }
-}
-
-/** helpers for delete: swap node colours */
-static void swap_int8(uint8_t* x, uint8_t* y)
-{
- uint8_t t = *x; *x = *y; *y = t;
-}
-
-/** helpers for delete: swap node pointers */
-static void swap_np(ldns_rbnode_t** x, ldns_rbnode_t** y)
-{
- ldns_rbnode_t* t = *x; *x = *y; *y = t;
-}
-
-/** Update parent pointers of child trees of 'parent' */
-static void change_parent_ptr(ldns_rbtree_t* rbtree, ldns_rbnode_t* parent, ldns_rbnode_t* old, ldns_rbnode_t* new)
-{
- if(parent == LDNS_RBTREE_NULL)
- {
- if(rbtree->root == old) rbtree->root = new;
- return;
- }
- if(parent->left == old) parent->left = new;
- if(parent->right == old) parent->right = new;
-}
-/** Update parent pointer of a node 'child' */
-static void change_child_ptr(ldns_rbnode_t* child, ldns_rbnode_t* old, ldns_rbnode_t* new)
-{
- if(child == LDNS_RBTREE_NULL) return;
- if(child->parent == old) child->parent = new;
-}
-
-ldns_rbnode_t*
-ldns_rbtree_delete(ldns_rbtree_t *rbtree, const void *key)
-{
- ldns_rbnode_t *to_delete;
- ldns_rbnode_t *child;
- if((to_delete = ldns_rbtree_search(rbtree, key)) == 0) return 0;
- rbtree->count--;
-
- /* make sure we have at most one non-leaf child */
- if(to_delete->left != LDNS_RBTREE_NULL &&
- to_delete->right != LDNS_RBTREE_NULL)
- {
- /* swap with smallest from right subtree (or largest from left) */
- ldns_rbnode_t *smright = to_delete->right;
- while(smright->left != LDNS_RBTREE_NULL)
- smright = smright->left;
- /* swap the smright and to_delete elements in the tree,
- * but the ldns_rbnode_t is first part of user data struct
- * so cannot just swap the keys and data pointers. Instead
- * readjust the pointers left,right,parent */
-
- /* swap colors - colors are tied to the position in the tree */
- swap_int8(&to_delete->color, &smright->color);
-
- /* swap child pointers in parents of smright/to_delete */
- change_parent_ptr(rbtree, to_delete->parent, to_delete, smright);
- if(to_delete->right != smright)
- change_parent_ptr(rbtree, smright->parent, smright, to_delete);
-
- /* swap parent pointers in children of smright/to_delete */
- change_child_ptr(smright->left, smright, to_delete);
- change_child_ptr(smright->left, smright, to_delete);
- change_child_ptr(smright->right, smright, to_delete);
- change_child_ptr(smright->right, smright, to_delete);
- change_child_ptr(to_delete->left, to_delete, smright);
- if(to_delete->right != smright)
- change_child_ptr(to_delete->right, to_delete, smright);
- if(to_delete->right == smright)
- {
- /* set up so after swap they work */
- to_delete->right = to_delete;
- smright->parent = smright;
- }
-
- /* swap pointers in to_delete/smright nodes */
- swap_np(&to_delete->parent, &smright->parent);
- swap_np(&to_delete->left, &smright->left);
- swap_np(&to_delete->right, &smright->right);
-
- /* now delete to_delete (which is at the location where the smright previously was) */
- }
-
- if(to_delete->left != LDNS_RBTREE_NULL) child = to_delete->left;
- else child = to_delete->right;
-
- /* unlink to_delete from the tree, replace to_delete with child */
- change_parent_ptr(rbtree, to_delete->parent, to_delete, child);
- change_child_ptr(child, to_delete, to_delete->parent);
-
- if(to_delete->color == RED)
- {
- /* if node is red then the child (black) can be swapped in */
- }
- else if(child->color == RED)
- {
- /* change child to BLACK, removing a RED node is no problem */
- if(child!=LDNS_RBTREE_NULL) child->color = BLACK;
- }
- else ldns_rbtree_delete_fixup(rbtree, child, to_delete->parent);
-
- /* unlink completely */
- to_delete->parent = LDNS_RBTREE_NULL;
- to_delete->left = LDNS_RBTREE_NULL;
- to_delete->right = LDNS_RBTREE_NULL;
- to_delete->color = BLACK;
- return to_delete;
-}
-
-static void ldns_rbtree_delete_fixup(ldns_rbtree_t* rbtree, ldns_rbnode_t* child, ldns_rbnode_t* child_parent)
-{
- ldns_rbnode_t* sibling;
- int go_up = 1;
-
- /* determine sibling to the node that is one-black short */
- if(child_parent->right == child) sibling = child_parent->left;
- else sibling = child_parent->right;
-
- while(go_up)
- {
- if(child_parent == LDNS_RBTREE_NULL)
- {
- /* removed parent==black from root, every path, so ok */
- return;
- }
-
- if(sibling->color == RED)
- { /* rotate to get a black sibling */
- child_parent->color = RED;
- sibling->color = BLACK;
- if(child_parent->right == child)
- ldns_rbtree_rotate_right(rbtree, child_parent);
- else ldns_rbtree_rotate_left(rbtree, child_parent);
- /* new sibling after rotation */
- if(child_parent->right == child) sibling = child_parent->left;
- else sibling = child_parent->right;
- }
-
- if(child_parent->color == BLACK
- && sibling->color == BLACK
- && sibling->left->color == BLACK
- && sibling->right->color == BLACK)
- { /* fixup local with recolor of sibling */
- if(sibling != LDNS_RBTREE_NULL)
- sibling->color = RED;
-
- child = child_parent;
- child_parent = child_parent->parent;
- /* prepare to go up, new sibling */
- if(child_parent->right == child) sibling = child_parent->left;
- else sibling = child_parent->right;
- }
- else go_up = 0;
- }
-
- if(child_parent->color == RED
- && sibling->color == BLACK
- && sibling->left->color == BLACK
- && sibling->right->color == BLACK)
- {
- /* move red to sibling to rebalance */
- if(sibling != LDNS_RBTREE_NULL)
- sibling->color = RED;
- child_parent->color = BLACK;
- return;
- }
-
- /* get a new sibling, by rotating at sibling. See which child
- of sibling is red */
- if(child_parent->right == child
- && sibling->color == BLACK
- && sibling->right->color == RED
- && sibling->left->color == BLACK)
- {
- sibling->color = RED;
- sibling->right->color = BLACK;
- ldns_rbtree_rotate_left(rbtree, sibling);
- /* new sibling after rotation */
- if(child_parent->right == child) sibling = child_parent->left;
- else sibling = child_parent->right;
- }
- else if(child_parent->left == child
- && sibling->color == BLACK
- && sibling->left->color == RED
- && sibling->right->color == BLACK)
- {
- sibling->color = RED;
- sibling->left->color = BLACK;
- ldns_rbtree_rotate_right(rbtree, sibling);
- /* new sibling after rotation */
- if(child_parent->right == child) sibling = child_parent->left;
- else sibling = child_parent->right;
- }
-
- /* now we have a black sibling with a red child. rotate and exchange colors. */
- sibling->color = child_parent->color;
- child_parent->color = BLACK;
- if(child_parent->right == child)
- {
- sibling->left->color = BLACK;
- ldns_rbtree_rotate_right(rbtree, child_parent);
- }
- else
- {
- sibling->right->color = BLACK;
- ldns_rbtree_rotate_left(rbtree, child_parent);
- }
-}
-
-int
-ldns_rbtree_find_less_equal(ldns_rbtree_t *rbtree, const void *key, ldns_rbnode_t **result)
-{
- int r;
- ldns_rbnode_t *node;
-
- /* We start at root... */
- node = rbtree->root;
-
- *result = NULL;
-
- /* While there are children... */
- while (node != LDNS_RBTREE_NULL) {
- r = rbtree->cmp(key, node->key);
- if (r == 0) {
- /* Exact match */
- *result = node;
- return 1;
- }
- if (r < 0) {
- node = node->left;
- } else {
- /* Temporary match */
- *result = node;
- node = node->right;
- }
- }
- return 0;
-}
-
-/*
- * Finds the first element in the red black tree
- *
- */
-ldns_rbnode_t *
-ldns_rbtree_first (ldns_rbtree_t *rbtree)
-{
- ldns_rbnode_t *node = rbtree->root;
-
- if (rbtree->root != LDNS_RBTREE_NULL) {
- for (node = rbtree->root; node->left != LDNS_RBTREE_NULL; node = node->left);
- }
- return node;
-}
-
-ldns_rbnode_t *
-ldns_rbtree_last (ldns_rbtree_t *rbtree)
-{
- ldns_rbnode_t *node = rbtree->root;
-
- if (rbtree->root != LDNS_RBTREE_NULL) {
- for (node = rbtree->root; node->right != LDNS_RBTREE_NULL; node = node->right);
- }
- return node;
-}
-
-/*
- * Returns the next node...
- *
- */
-ldns_rbnode_t *
-ldns_rbtree_next (ldns_rbnode_t *node)
-{
- ldns_rbnode_t *parent;
-
- if (node->right != LDNS_RBTREE_NULL) {
- /* One right, then keep on going left... */
- for (node = node->right;
- node->left != LDNS_RBTREE_NULL;
- node = node->left);
- } else {
- parent = node->parent;
- while (parent != LDNS_RBTREE_NULL && node == parent->right) {
- node = parent;
- parent = parent->parent;
- }
- node = parent;
- }
- return node;
-}
-
-ldns_rbnode_t *
-ldns_rbtree_previous(ldns_rbnode_t *node)
-{
- ldns_rbnode_t *parent;
-
- if (node->left != LDNS_RBTREE_NULL) {
- /* One left, then keep on going right... */
- for (node = node->left;
- node->right != LDNS_RBTREE_NULL;
- node = node->right);
- } else {
- parent = node->parent;
- while (parent != LDNS_RBTREE_NULL && node == parent->left) {
- node = parent;
- parent = parent->parent;
- }
- node = parent;
- }
- return node;
-}
-
-/**
- * split off elements number of elements from the start
- * of the name tree and return a new tree
- */
-ldns_rbtree_t *
-ldns_rbtree_split(ldns_rbtree_t *tree,
- size_t elements)
-{
- ldns_rbtree_t *new_tree;
- ldns_rbnode_t *cur_node;
- ldns_rbnode_t *move_node;
- size_t count = 0;
-
- new_tree = ldns_rbtree_create(tree->cmp);
-
- cur_node = ldns_rbtree_first(tree);
- while (count < elements && cur_node != LDNS_RBTREE_NULL) {
- move_node = ldns_rbtree_delete(tree, cur_node->key);
- (void)ldns_rbtree_insert(new_tree, move_node);
- cur_node = ldns_rbtree_first(tree);
- count++;
- }
-
- return new_tree;
-}
-
-/*
- * add all node from the second tree to the first (removing them from the
- * second), and fix up nsec(3)s if present
- */
-void
-ldns_rbtree_join(ldns_rbtree_t *tree1, ldns_rbtree_t *tree2)
-{
- ldns_traverse_postorder(tree2, ldns_rbtree_insert_vref, tree1);
-}
-
-/** recursive descent traverse */
-static void
-traverse_post(void (*func)(ldns_rbnode_t*, void*), void* arg,
- ldns_rbnode_t* node)
-{
- if(!node || node == LDNS_RBTREE_NULL)
- return;
- /* recurse */
- traverse_post(func, arg, node->left);
- traverse_post(func, arg, node->right);
- /* call user func */
- (*func)(node, arg);
-}
-
-void
-ldns_traverse_postorder(ldns_rbtree_t* tree,
- void (*func)(ldns_rbnode_t*, void*), void* arg)
-{
- traverse_post(func, arg, tree->root);
-}
+++ /dev/null
-/*
- * rdata.c
- *
- * rdata implementation
- *
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2004-2006
- *
- * See the file LICENSE for the license
- */
-
-#include <ldns/config.h>
-
-#include <ldns/ldns.h>
-
-/*
- * Access functions
- * do this as functions to get type checking
- */
-
-/* read */
-size_t
-ldns_rdf_size(const ldns_rdf *rd)
-{
- assert(rd != NULL);
- return rd->_size;
-}
-
-ldns_rdf_type
-ldns_rdf_get_type(const ldns_rdf *rd)
-{
- assert(rd != NULL);
- return rd->_type;
-}
-
-uint8_t *
-ldns_rdf_data(const ldns_rdf *rd)
-{
- assert(rd != NULL);
- return rd->_data;
-}
-
-/* write */
-void
-ldns_rdf_set_size(ldns_rdf *rd, size_t size)
-{
- assert(rd != NULL);
- rd->_size = size;
-}
-
-void
-ldns_rdf_set_type(ldns_rdf *rd, ldns_rdf_type type)
-{
- assert(rd != NULL);
- rd->_type = type;
-}
-
-void
-ldns_rdf_set_data(ldns_rdf *rd, void *data)
-{
- /* only copy the pointer */
- assert(rd != NULL);
- rd->_data = data;
-}
-
-/* for types that allow it, return
- * the native/host order type */
-uint8_t
-ldns_rdf2native_int8(const ldns_rdf *rd)
-{
- uint8_t data;
-
- /* only allow 8 bit rdfs */
- if (ldns_rdf_size(rd) != LDNS_RDF_SIZE_BYTE) {
- return 0;
- }
-
- memcpy(&data, ldns_rdf_data(rd), sizeof(data));
- return data;
-}
-
-uint16_t
-ldns_rdf2native_int16(const ldns_rdf *rd)
-{
- uint16_t data;
-
- /* only allow 16 bit rdfs */
- if (ldns_rdf_size(rd) != LDNS_RDF_SIZE_WORD) {
- return 0;
- }
-
- memcpy(&data, ldns_rdf_data(rd), sizeof(data));
- return ntohs(data);
-}
-
-uint32_t
-ldns_rdf2native_int32(const ldns_rdf *rd)
-{
- uint32_t data;
-
- /* only allow 32 bit rdfs */
- if (ldns_rdf_size(rd) != LDNS_RDF_SIZE_DOUBLEWORD) {
- return 0;
- }
-
- memcpy(&data, ldns_rdf_data(rd), sizeof(data));
- return ntohl(data);
-}
-
-time_t
-ldns_rdf2native_time_t(const ldns_rdf *rd)
-{
- uint32_t data;
-
- switch(ldns_rdf_get_type(rd)) {
- case LDNS_RDF_TYPE_TIME:
- memcpy(&data, ldns_rdf_data(rd), sizeof(data));
- return (time_t)ntohl(data);
- default:
- return 0;
- }
-}
-
-ldns_rdf *
-ldns_native2rdf_int8(ldns_rdf_type type, uint8_t value)
-{
- return ldns_rdf_new_frm_data(type, LDNS_RDF_SIZE_BYTE, &value);
-}
-
-ldns_rdf *
-ldns_native2rdf_int16(ldns_rdf_type type, uint16_t value)
-{
- uint16_t *rdf_data = LDNS_XMALLOC(uint16_t, 1);
- ldns_rdf* rdf;
- if (!rdf_data) {
- return NULL;
- }
- ldns_write_uint16(rdf_data, value);
- rdf = ldns_rdf_new(type, LDNS_RDF_SIZE_WORD, rdf_data);
- if(!rdf)
- LDNS_FREE(rdf_data);
- return rdf;
-}
-
-ldns_rdf *
-ldns_native2rdf_int32(ldns_rdf_type type, uint32_t value)
-{
- uint32_t *rdf_data = LDNS_XMALLOC(uint32_t, 1);
- ldns_rdf* rdf;
- if (!rdf_data) {
- return NULL;
- }
- ldns_write_uint32(rdf_data, value);
- rdf = ldns_rdf_new(type, LDNS_RDF_SIZE_DOUBLEWORD, rdf_data);
- if(!rdf)
- LDNS_FREE(rdf_data);
- return rdf;
-}
-
-ldns_rdf *
-ldns_native2rdf_int16_data(size_t size, uint8_t *data)
-{
- uint8_t *rdf_data = LDNS_XMALLOC(uint8_t, size + 2);
- ldns_rdf* rdf;
- if (!rdf_data) {
- return NULL;
- }
- ldns_write_uint16(rdf_data, size);
- memcpy(rdf_data + 2, data, size);
- rdf = ldns_rdf_new(LDNS_RDF_TYPE_INT16_DATA, size + 2, rdf_data);
- if(!rdf)
- LDNS_FREE(rdf_data);
- return rdf;
-}
-
-/* note: data must be allocated memory */
-ldns_rdf *
-ldns_rdf_new(ldns_rdf_type type, size_t size, void *data)
-{
- ldns_rdf *rd;
- rd = LDNS_MALLOC(ldns_rdf);
- if (!rd) {
- return NULL;
- }
- ldns_rdf_set_size(rd, size);
- ldns_rdf_set_type(rd, type);
- ldns_rdf_set_data(rd, data);
- return rd;
-}
-
-ldns_rdf *
-ldns_rdf_new_frm_data(ldns_rdf_type type, size_t size, const void *data)
-{
- ldns_rdf *rdf;
-
- /* if the size is too big, fail */
- if (size > LDNS_MAX_RDFLEN) {
- return NULL;
- }
-
- /* allocate space */
- rdf = LDNS_MALLOC(ldns_rdf);
- if (!rdf) {
- return NULL;
- }
- rdf->_data = LDNS_XMALLOC(uint8_t, size);
- if (!rdf->_data) {
- LDNS_FREE(rdf);
- return NULL;
- }
-
- /* set the values */
- ldns_rdf_set_type(rdf, type);
- ldns_rdf_set_size(rdf, size);
- memcpy(rdf->_data, data, size);
-
- return rdf;
-}
-
-ldns_rdf *
-ldns_rdf_clone(const ldns_rdf *rd)
-{
- assert(rd != NULL);
- return (ldns_rdf_new_frm_data( ldns_rdf_get_type(rd),
- ldns_rdf_size(rd), ldns_rdf_data(rd)));
-}
-
-void
-ldns_rdf_deep_free(ldns_rdf *rd)
-{
- if (rd) {
- if (rd->_data) {
- LDNS_FREE(rd->_data);
- }
- LDNS_FREE(rd);
- }
-}
-
-void
-ldns_rdf_free(ldns_rdf *rd)
-{
- if (rd) {
- LDNS_FREE(rd);
- }
-}
-
-ldns_rdf *
-ldns_rdf_new_frm_str(ldns_rdf_type type, const char *str)
-{
- ldns_rdf *rdf = NULL;
- ldns_status status;
-
- switch (type) {
- case LDNS_RDF_TYPE_DNAME:
- status = ldns_str2rdf_dname(&rdf, str);
- break;
- case LDNS_RDF_TYPE_INT8:
- status = ldns_str2rdf_int8(&rdf, str);
- break;
- case LDNS_RDF_TYPE_INT16:
- status = ldns_str2rdf_int16(&rdf, str);
- break;
- case LDNS_RDF_TYPE_INT32:
- status = ldns_str2rdf_int32(&rdf, str);
- break;
- case LDNS_RDF_TYPE_A:
- status = ldns_str2rdf_a(&rdf, str);
- break;
- case LDNS_RDF_TYPE_AAAA:
- status = ldns_str2rdf_aaaa(&rdf, str);
- break;
- case LDNS_RDF_TYPE_STR:
- status = ldns_str2rdf_str(&rdf, str);
- break;
- case LDNS_RDF_TYPE_APL:
- status = ldns_str2rdf_apl(&rdf, str);
- break;
- case LDNS_RDF_TYPE_B64:
- status = ldns_str2rdf_b64(&rdf, str);
- break;
- case LDNS_RDF_TYPE_B32_EXT:
- status = ldns_str2rdf_b32_ext(&rdf, str);
- break;
- case LDNS_RDF_TYPE_HEX:
- status = ldns_str2rdf_hex(&rdf, str);
- break;
- case LDNS_RDF_TYPE_NSEC:
- status = ldns_str2rdf_nsec(&rdf, str);
- break;
- case LDNS_RDF_TYPE_TYPE:
- status = ldns_str2rdf_type(&rdf, str);
- break;
- case LDNS_RDF_TYPE_CLASS:
- status = ldns_str2rdf_class(&rdf, str);
- break;
- case LDNS_RDF_TYPE_CERT_ALG:
- status = ldns_str2rdf_cert_alg(&rdf, str);
- break;
- case LDNS_RDF_TYPE_ALG:
- status = ldns_str2rdf_alg(&rdf, str);
- break;
- case LDNS_RDF_TYPE_UNKNOWN:
- status = ldns_str2rdf_unknown(&rdf, str);
- break;
- case LDNS_RDF_TYPE_TIME:
- status = ldns_str2rdf_time(&rdf, str);
- break;
- case LDNS_RDF_TYPE_PERIOD:
- status = ldns_str2rdf_period(&rdf, str);
- break;
- case LDNS_RDF_TYPE_TSIG:
- status = ldns_str2rdf_tsig(&rdf, str);
- break;
- case LDNS_RDF_TYPE_SERVICE:
- status = ldns_str2rdf_service(&rdf, str);
- break;
- case LDNS_RDF_TYPE_LOC:
- status = ldns_str2rdf_loc(&rdf, str);
- break;
- case LDNS_RDF_TYPE_WKS:
- status = ldns_str2rdf_wks(&rdf, str);
- break;
- case LDNS_RDF_TYPE_NSAP:
- status = ldns_str2rdf_nsap(&rdf, str);
- break;
- case LDNS_RDF_TYPE_ATMA:
- status = ldns_str2rdf_atma(&rdf, str);
- break;
- case LDNS_RDF_TYPE_IPSECKEY:
- status = ldns_str2rdf_ipseckey(&rdf, str);
- break;
- case LDNS_RDF_TYPE_NSEC3_SALT:
- status = ldns_str2rdf_nsec3_salt(&rdf, str);
- break;
- case LDNS_RDF_TYPE_NSEC3_NEXT_OWNER:
- status = ldns_str2rdf_b32_ext(&rdf, str);
- break;
- case LDNS_RDF_TYPE_NONE:
- default:
- /* default default ??? */
- status = LDNS_STATUS_ERR;
- break;
- }
- if (LDNS_STATUS_OK == status) {
- ldns_rdf_set_type(rdf, type);
- return rdf;
- }
- if (rdf) {
- LDNS_FREE(rdf);
- }
- return NULL;
-}
-
-ldns_status
-ldns_rdf_new_frm_fp(ldns_rdf **rdf, ldns_rdf_type type, FILE *fp)
-{
- return ldns_rdf_new_frm_fp_l(rdf, type, fp, NULL);
-}
-
-ldns_status
-ldns_rdf_new_frm_fp_l(ldns_rdf **rdf, ldns_rdf_type type, FILE *fp, int *line_nr)
-{
- char *line;
- ldns_rdf *r;
- ssize_t t;
-
- line = LDNS_XMALLOC(char, LDNS_MAX_LINELEN + 1);
- if (!line) {
- return LDNS_STATUS_MEM_ERR;
- }
-
- /* read an entire line in from the file */
- if ((t = ldns_fget_token_l(fp, line, LDNS_PARSE_SKIP_SPACE, 0, line_nr)) == -1 || t == 0) {
- LDNS_FREE(line);
- return LDNS_STATUS_SYNTAX_RDATA_ERR;
- }
- r = ldns_rdf_new_frm_str(type, (const char*) line);
- LDNS_FREE(line);
- if (rdf) {
- *rdf = r;
- return LDNS_STATUS_OK;
- } else {
- return LDNS_STATUS_NULL;
- }
-}
-
-ldns_rdf *
-ldns_rdf_address_reverse(ldns_rdf *rd)
-{
- uint8_t buf_4[LDNS_IP4ADDRLEN];
- uint8_t buf_6[LDNS_IP6ADDRLEN * 2];
- ldns_rdf *rev;
- ldns_rdf *in_addr;
- ldns_rdf *ret_dname;
- uint8_t octet;
- uint8_t nnibble;
- uint8_t nibble;
- uint8_t i, j;
-
- char *char_dname;
- int nbit;
-
- if (ldns_rdf_get_type(rd) != LDNS_RDF_TYPE_A &&
- ldns_rdf_get_type(rd) != LDNS_RDF_TYPE_AAAA) {
- return NULL;
- }
-
- in_addr = NULL;
- ret_dname = NULL;
-
- switch(ldns_rdf_get_type(rd)) {
- case LDNS_RDF_TYPE_A:
- /* the length of the buffer is 4 */
- buf_4[3] = ldns_rdf_data(rd)[0];
- buf_4[2] = ldns_rdf_data(rd)[1];
- buf_4[1] = ldns_rdf_data(rd)[2];
- buf_4[0] = ldns_rdf_data(rd)[3];
- in_addr = ldns_dname_new_frm_str("in-addr.arpa.");
- if (!in_addr) {
- return NULL;
- }
- /* make a new rdf and convert that back */
- rev = ldns_rdf_new_frm_data( LDNS_RDF_TYPE_A,
- LDNS_IP4ADDRLEN, (void*)&buf_4);
- if (!rev) {
- LDNS_FREE(in_addr);
- return NULL;
- }
-
- /* convert rev to a string */
- char_dname = ldns_rdf2str(rev);
- if (!char_dname) {
- LDNS_FREE(in_addr);
- ldns_rdf_deep_free(rev);
- return NULL;
- }
- /* transform back to rdf with type dname */
- ret_dname = ldns_dname_new_frm_str(char_dname);
- if (!ret_dname) {
- LDNS_FREE(in_addr);
- ldns_rdf_deep_free(rev);
- LDNS_FREE(char_dname);
- return NULL;
- }
- /* not needed anymore */
- ldns_rdf_deep_free(rev);
- LDNS_FREE(char_dname);
- break;
- case LDNS_RDF_TYPE_AAAA:
- /* some foo magic to reverse the nibbles ... */
-
- for (nbit = 127; nbit >= 0; nbit = nbit - 4) {
- /* calculate octett (8 bit) */
- octet = ( ((unsigned int) nbit) & 0x78) >> 3;
- /* calculate nibble */
- nnibble = ( ((unsigned int) nbit) & 0x04) >> 2;
- /* extract nibble */
- nibble = (ldns_rdf_data(rd)[octet] & ( 0xf << (4 * (1 -
- nnibble)) ) ) >> ( 4 * (1 -
- nnibble));
-
- buf_6[(LDNS_IP6ADDRLEN * 2 - 1) -
- (octet * 2 + nnibble)] =
- (uint8_t)ldns_int_to_hexdigit((int)nibble);
- }
-
- char_dname = LDNS_XMALLOC(char, (LDNS_IP6ADDRLEN * 4));
- if (!char_dname) {
- return NULL;
- }
- char_dname[LDNS_IP6ADDRLEN * 4 - 1] = '\0'; /* closure */
-
- /* walk the string and add . 's */
- for (i = 0, j = 0; i < LDNS_IP6ADDRLEN * 2; i++, j = j + 2) {
- char_dname[j] = (char)buf_6[i];
- if (i != LDNS_IP6ADDRLEN * 2 - 1) {
- char_dname[j + 1] = '.';
- }
- }
- in_addr = ldns_dname_new_frm_str("ip6.arpa.");
- if (!in_addr) {
- LDNS_FREE(char_dname);
- return NULL;
- }
-
- /* convert rev to a string */
- ret_dname = ldns_dname_new_frm_str(char_dname);
- LDNS_FREE(char_dname);
- if (!ret_dname) {
- ldns_rdf_deep_free(in_addr);
- return NULL;
- }
- break;
- default:
- break;
- }
- /* add the suffix */
- rev = ldns_dname_cat_clone(ret_dname, in_addr);
-
- ldns_rdf_deep_free(ret_dname);
- ldns_rdf_deep_free(in_addr);
- return rev;
-}
-
-ldns_status
-ldns_octet(char *word, size_t *length)
-{
- char *s;
- char *p;
- *length = 0;
-
- for (s = p = word; *s != '\0'; s++,p++) {
- switch (*s) {
- case '.':
- if (s[1] == '.') {
- return LDNS_STATUS_EMPTY_LABEL;
- }
- *p = *s;
- (*length)++;
- break;
- case '\\':
- if ('0' <= s[1] && s[1] <= '9' &&
- '0' <= s[2] && s[2] <= '9' &&
- '0' <= s[3] && s[3] <= '9') {
- /* \DDD seen */
- int val = ((s[1] - '0') * 100 +
- (s[2] - '0') * 10 + (s[3] - '0'));
-
- if (0 <= val && val <= 255) {
- /* this also handles \0 */
- s += 3;
- *p = val;
- (*length)++;
- } else {
- return LDNS_STATUS_DDD_OVERFLOW;
- }
- } else {
- /* an espaced character, like \<space> ?
- * remove the '\' keep the rest */
- *p = *++s;
- (*length)++;
- }
- break;
- case '\"':
- /* non quoted " Is either first or the last character in
- * the string */
-
- *p = *++s; /* skip it */
- (*length)++;
- /* I'm not sure if this is needed in libdns... MG */
- if ( *s == '\0' ) {
- /* ok, it was the last one */
- *p = '\0';
- return LDNS_STATUS_OK;
- }
- break;
- default:
- *p = *s;
- (*length)++;
- break;
- }
- }
- *p = '\0';
- return LDNS_STATUS_OK;
-}
-
-int
-ldns_rdf_compare(const ldns_rdf *rd1, const ldns_rdf *rd2)
-{
- uint16_t i1, i2, i;
- uint8_t *d1, *d2;
-
- /* only when both are not NULL we can say anything about them */
- if (!rd1 && !rd2) {
- return 0;
- }
- if (!rd1 || !rd2) {
- return -1;
- }
- i1 = ldns_rdf_size(rd1);
- i2 = ldns_rdf_size(rd2);
-
- if (i1 < i2) {
- return -1;
- } else if (i1 > i2) {
- return +1;
- } else {
- d1 = (uint8_t*)ldns_rdf_data(rd1);
- d2 = (uint8_t*)ldns_rdf_data(rd2);
- for(i = 0; i < i1; i++) {
- if (d1[i] < d2[i]) {
- return -1;
- } else if (d1[i] > d2[i]) {
- return +1;
- }
- }
- }
- return 0;
-}
-
-uint32_t
-ldns_str2period(const char *nptr, const char **endptr)
-{
- int sign = 0;
- uint32_t i = 0;
- uint32_t seconds = 0;
-
- for(*endptr = nptr; **endptr; (*endptr)++) {
- switch (**endptr) {
- case ' ':
- case '\t':
- break;
- case '-':
- if(sign == 0) {
- sign = -1;
- } else {
- return seconds;
- }
- break;
- case '+':
- if(sign == 0) {
- sign = 1;
- } else {
- return seconds;
- }
- break;
- case 's':
- case 'S':
- seconds += i;
- i = 0;
- break;
- case 'm':
- case 'M':
- seconds += i * 60;
- i = 0;
- break;
- case 'h':
- case 'H':
- seconds += i * 60 * 60;
- i = 0;
- break;
- case 'd':
- case 'D':
- seconds += i * 60 * 60 * 24;
- i = 0;
- break;
- case 'w':
- case 'W':
- seconds += i * 60 * 60 * 24 * 7;
- i = 0;
- break;
- case '0':
- case '1':
- case '2':
- case '3':
- case '4':
- case '5':
- case '6':
- case '7':
- case '8':
- case '9':
- i *= 10;
- i += (**endptr - '0');
- break;
- default:
- seconds += i;
- /* disregard signedness */
- return seconds;
- }
- }
- seconds += i;
- /* disregard signedness */
- return seconds;
-}
+++ /dev/null
-/*
- * resolver.c
- *
- * resolver implementation
- *
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2004-2006
- *
- * See the file LICENSE for the license
- */
-
-#include <ldns/config.h>
-
-#include <ldns/ldns.h>
-#ifdef _MSC_VER
-#include <string.h>
-#else
-#include <strings.h>
-#endif
-
-/* Access function for reading
- * and setting the different Resolver
- * options */
-
-/* read */
-uint16_t
-ldns_resolver_port(const ldns_resolver *r)
-{
- return r->_port;
-}
-
-uint16_t
-ldns_resolver_edns_udp_size(const ldns_resolver *r)
-{
- return r->_edns_udp_size;
-}
-
-uint8_t
-ldns_resolver_retry(const ldns_resolver *r)
-{
- return r->_retry;
-}
-
-uint8_t
-ldns_resolver_retrans(const ldns_resolver *r)
-{
- return r->_retrans;
-}
-
-bool
-ldns_resolver_fallback(const ldns_resolver *r)
-{
- return r->_fallback;
-}
-
-uint8_t
-ldns_resolver_ip6(const ldns_resolver *r)
-{
- return r->_ip6;
-}
-
-bool
-ldns_resolver_recursive(const ldns_resolver *r)
-{
- return r->_recursive;
-}
-
-bool
-ldns_resolver_debug(const ldns_resolver *r)
-{
- return r->_debug;
-}
-
-bool
-ldns_resolver_dnsrch(const ldns_resolver *r)
-{
- return r->_dnsrch;
-}
-
-bool
-ldns_resolver_fail(const ldns_resolver *r)
-{
- return r->_fail;
-}
-
-bool
-ldns_resolver_defnames(const ldns_resolver *r)
-{
- return r->_defnames;
-}
-
-ldns_rdf *
-ldns_resolver_domain(const ldns_resolver *r)
-{
- return r->_domain;
-}
-
-ldns_rdf **
-ldns_resolver_searchlist(const ldns_resolver *r)
-{
- return r->_searchlist;
-}
-
-ldns_rdf **
-ldns_resolver_nameservers(const ldns_resolver *r)
-{
- return r->_nameservers;
-}
-
-size_t
-ldns_resolver_nameserver_count(const ldns_resolver *r)
-{
- return r->_nameserver_count;
-}
-
-bool
-ldns_resolver_dnssec(const ldns_resolver *r)
-{
- return r->_dnssec;
-}
-
-bool
-ldns_resolver_dnssec_cd(const ldns_resolver *r)
-{
- return r->_dnssec_cd;
-}
-
-ldns_rr_list *
-ldns_resolver_dnssec_anchors(const ldns_resolver *r)
-{
- return r->_dnssec_anchors;
-}
-
-bool
-ldns_resolver_trusted_key(const ldns_resolver *r, ldns_rr_list * keys, ldns_rr_list * trusted_keys)
-{
- size_t i;
- bool result = false;
-
- ldns_rr_list * trust_anchors;
- ldns_rr * cur_rr;
-
- if (!r || !keys) { return false; }
-
- trust_anchors = ldns_resolver_dnssec_anchors(r);
-
- if (!trust_anchors) { return false; }
-
- for (i = 0; i < ldns_rr_list_rr_count(keys); i++) {
-
- cur_rr = ldns_rr_list_rr(keys, i);
- if (ldns_rr_list_contains_rr(trust_anchors, cur_rr)) {
- if (trusted_keys) { ldns_rr_list_push_rr(trusted_keys, cur_rr); }
- result = true;
- }
- }
-
- return result;
-}
-
-bool
-ldns_resolver_igntc(const ldns_resolver *r)
-{
- return r->_igntc;
-}
-
-bool
-ldns_resolver_usevc(const ldns_resolver *r)
-{
- return r->_usevc;
-}
-
-size_t *
-ldns_resolver_rtt(const ldns_resolver *r)
-{
- return r->_rtt;
-}
-
-size_t
-ldns_resolver_nameserver_rtt(const ldns_resolver *r, size_t pos)
-{
- size_t *rtt;
-
- assert(r != NULL);
-
- rtt = ldns_resolver_rtt(r);
-
- if (pos >= ldns_resolver_nameserver_count(r)) {
- /* error ?*/
- return 0;
- } else {
- return rtt[pos];
- }
-
-}
-
-struct timeval
-ldns_resolver_timeout(const ldns_resolver *r)
-{
- return r->_timeout;
-}
-
-char *
-ldns_resolver_tsig_keyname(const ldns_resolver *r)
-{
- return r->_tsig_keyname;
-}
-
-char *
-ldns_resolver_tsig_algorithm(const ldns_resolver *r)
-{
- return r->_tsig_algorithm;
-}
-
-char *
-ldns_resolver_tsig_keydata(const ldns_resolver *r)
-{
- return r->_tsig_keydata;
-}
-
-bool
-ldns_resolver_random(const ldns_resolver *r)
-{
- return r->_random;
-}
-
-size_t
-ldns_resolver_searchlist_count(const ldns_resolver *r)
-{
- return r->_searchlist_count;
-}
-
-/* write */
-void
-ldns_resolver_set_port(ldns_resolver *r, uint16_t p)
-{
- r->_port = p;
-}
-
-ldns_rdf *
-ldns_resolver_pop_nameserver(ldns_resolver *r)
-{
- ldns_rdf **nameservers;
- ldns_rdf *pop;
- size_t ns_count;
- size_t *rtt;
-
- assert(r != NULL);
-
- ns_count = ldns_resolver_nameserver_count(r);
- nameservers = ldns_resolver_nameservers(r);
- rtt = ldns_resolver_rtt(r);
- if (ns_count == 0 || !nameservers) {
- return NULL;
- }
-
- pop = nameservers[ns_count - 1];
-
- nameservers = LDNS_XREALLOC(nameservers, ldns_rdf *, (ns_count - 1));
- rtt = LDNS_XREALLOC(rtt, size_t, (ns_count - 1));
-
- if(nameservers)
- ldns_resolver_set_nameservers(r, nameservers);
- if(rtt)
- ldns_resolver_set_rtt(r, rtt);
- /* decr the count */
- ldns_resolver_dec_nameserver_count(r);
- return pop;
-}
-
-ldns_status
-ldns_resolver_push_nameserver(ldns_resolver *r, ldns_rdf *n)
-{
- ldns_rdf **nameservers;
- size_t ns_count;
- size_t *rtt;
-
- if (ldns_rdf_get_type(n) != LDNS_RDF_TYPE_A &&
- ldns_rdf_get_type(n) != LDNS_RDF_TYPE_AAAA) {
- return LDNS_STATUS_ERR;
- }
-
- ns_count = ldns_resolver_nameserver_count(r);
- nameservers = ldns_resolver_nameservers(r);
- rtt = ldns_resolver_rtt(r);
-
- /* make room for the next one */
- if (ns_count == 0) {
- nameservers = LDNS_XMALLOC(ldns_rdf *, 1);
- } else {
- nameservers = LDNS_XREALLOC(nameservers, ldns_rdf *, (ns_count + 1));
- }
- if(!nameservers)
- return LDNS_STATUS_MEM_ERR;
-
- /* set the new value in the resolver */
- ldns_resolver_set_nameservers(r, nameservers);
-
- /* don't forget the rtt */
- if (ns_count == 0) {
- rtt = LDNS_XMALLOC(size_t, 1);
- } else {
- rtt = LDNS_XREALLOC(rtt, size_t, (ns_count + 1));
- }
- if(!rtt)
- return LDNS_STATUS_MEM_ERR;
-
- /* slide n in its slot. */
- /* we clone it here, because then we can free the original
- * rr's where it stood */
- nameservers[ns_count] = ldns_rdf_clone(n);
- rtt[ns_count] = LDNS_RESOLV_RTT_MIN;
- ldns_resolver_incr_nameserver_count(r);
- ldns_resolver_set_rtt(r, rtt);
- return LDNS_STATUS_OK;
-}
-
-ldns_status
-ldns_resolver_push_nameserver_rr(ldns_resolver *r, ldns_rr *rr)
-{
- ldns_rdf *address;
- if ((!rr) || (ldns_rr_get_type(rr) != LDNS_RR_TYPE_A &&
- ldns_rr_get_type(rr) != LDNS_RR_TYPE_AAAA)) {
- return LDNS_STATUS_ERR;
- }
- address = ldns_rr_rdf(rr, 0); /* extract the ip number */
- if (address) {
- return ldns_resolver_push_nameserver(r, address);
- } else {
- return LDNS_STATUS_ERR;
- }
-}
-
-ldns_status
-ldns_resolver_push_nameserver_rr_list(ldns_resolver *r, ldns_rr_list *rrlist)
-{
- ldns_rr *rr;
- ldns_status stat;
- size_t i;
-
- stat = LDNS_STATUS_OK;
- if (rrlist) {
- for(i = 0; i < ldns_rr_list_rr_count(rrlist); i++) {
- rr = ldns_rr_list_rr(rrlist, i);
- if (ldns_resolver_push_nameserver_rr(r, rr) != LDNS_STATUS_OK) {
- stat = LDNS_STATUS_ERR;
- break;
- }
- }
- return stat;
- } else {
- return LDNS_STATUS_ERR;
- }
-}
-
-void
-ldns_resolver_set_edns_udp_size(ldns_resolver *r, uint16_t s)
-{
- r->_edns_udp_size = s;
-}
-
-void
-ldns_resolver_set_recursive(ldns_resolver *r, bool re)
-{
- r->_recursive = re;
-}
-
-void
-ldns_resolver_set_dnssec(ldns_resolver *r, bool d)
-{
- r->_dnssec = d;
-}
-
-void
-ldns_resolver_set_dnssec_cd(ldns_resolver *r, bool d)
-{
- r->_dnssec_cd = d;
-}
-
-void
-ldns_resolver_set_dnssec_anchors(ldns_resolver *r, ldns_rr_list * l)
-{
- r->_dnssec_anchors = l;
-}
-
-ldns_status
-ldns_resolver_push_dnssec_anchor(ldns_resolver *r, ldns_rr *rr)
-{
- ldns_rr_list * trust_anchors;
-
- if ((!rr) || (ldns_rr_get_type(rr) != LDNS_RR_TYPE_DNSKEY)) {
- return LDNS_STATUS_ERR;
- }
-
- if (!(trust_anchors = ldns_resolver_dnssec_anchors(r))) { /* Initialize */
- trust_anchors = ldns_rr_list_new();
- ldns_resolver_set_dnssec_anchors(r, trust_anchors);
- }
-
- return (ldns_rr_list_push_rr(trust_anchors, ldns_rr_clone(rr))) ? LDNS_STATUS_OK : LDNS_STATUS_ERR;
-}
-
-void
-ldns_resolver_set_igntc(ldns_resolver *r, bool i)
-{
- r->_igntc = i;
-}
-
-void
-ldns_resolver_set_usevc(ldns_resolver *r, bool vc)
-{
- r->_usevc = vc;
-}
-
-void
-ldns_resolver_set_debug(ldns_resolver *r, bool d)
-{
- r->_debug = d;
-}
-
-void
-ldns_resolver_set_ip6(ldns_resolver *r, uint8_t ip6)
-{
- r->_ip6 = ip6;
-}
-
-void
-ldns_resolver_set_fail(ldns_resolver *r, bool f)
-{
- r->_fail =f;
-}
-
-void
-ldns_resolver_set_searchlist_count(ldns_resolver *r, size_t c)
-{
- r->_searchlist_count = c;
-}
-
-void
-ldns_resolver_set_nameserver_count(ldns_resolver *r, size_t c)
-{
- r->_nameserver_count = c;
-}
-
-void
-ldns_resolver_set_dnsrch(ldns_resolver *r, bool d)
-{
- r->_dnsrch = d;
-}
-
-void
-ldns_resolver_set_retry(ldns_resolver *r, uint8_t retry)
-{
- r->_retry = retry;
-}
-
-void
-ldns_resolver_set_retrans(ldns_resolver *r, uint8_t retrans)
-{
- r->_retrans = retrans;
-}
-
-void
-ldns_resolver_set_fallback(ldns_resolver *r, bool fallback)
-{
- r->_fallback = fallback;
-}
-
-void
-ldns_resolver_set_nameservers(ldns_resolver *r, ldns_rdf **n)
-{
- r->_nameservers = n;
-}
-
-void
-ldns_resolver_set_defnames(ldns_resolver *r, bool d)
-{
- r->_defnames = d;
-}
-
-void
-ldns_resolver_set_rtt(ldns_resolver *r, size_t *rtt)
-{
- r->_rtt = rtt;
-}
-
-void
-ldns_resolver_set_nameserver_rtt(ldns_resolver *r, size_t pos, size_t value)
-{
- size_t *rtt;
-
- assert(r != NULL);
-
- rtt = ldns_resolver_rtt(r);
-
- if (pos >= ldns_resolver_nameserver_count(r)) {
- /* error ?*/
- } else {
- rtt[pos] = value;
- }
-
-}
-
-void
-ldns_resolver_incr_nameserver_count(ldns_resolver *r)
-{
- size_t c;
-
- c = ldns_resolver_nameserver_count(r);
- ldns_resolver_set_nameserver_count(r, ++c);
-}
-
-void
-ldns_resolver_dec_nameserver_count(ldns_resolver *r)
-{
- size_t c;
-
- c = ldns_resolver_nameserver_count(r);
- if (c == 0) {
- return;
- } else {
- ldns_resolver_set_nameserver_count(r, --c);
- }
-}
-
-void
-ldns_resolver_set_domain(ldns_resolver *r, ldns_rdf *d)
-{
- r->_domain = d;
-}
-
-void
-ldns_resolver_set_timeout(ldns_resolver *r, struct timeval timeout)
-{
- r->_timeout.tv_sec = timeout.tv_sec;
- r->_timeout.tv_usec = timeout.tv_usec;
-}
-
-void
-ldns_resolver_push_searchlist(ldns_resolver *r, ldns_rdf *d)
-{
- ldns_rdf **searchlist;
- size_t list_count;
-
- if (ldns_rdf_get_type(d) != LDNS_RDF_TYPE_DNAME) {
- return;
- }
-
- list_count = ldns_resolver_searchlist_count(r);
- searchlist = ldns_resolver_searchlist(r);
-
- searchlist = LDNS_XREALLOC(searchlist, ldns_rdf *, (list_count + 1));
- if (searchlist) {
- r->_searchlist = searchlist;
-
- searchlist[list_count] = ldns_rdf_clone(d);
- ldns_resolver_set_searchlist_count(r, list_count + 1);
- } /* no way to report mem err */
-}
-
-void
-ldns_resolver_set_tsig_keyname(ldns_resolver *r, char *tsig_keyname)
-{
- LDNS_FREE(r->_tsig_keyname);
- r->_tsig_keyname = strdup(tsig_keyname);
-}
-
-void
-ldns_resolver_set_tsig_algorithm(ldns_resolver *r, char *tsig_algorithm)
-{
- LDNS_FREE(r->_tsig_algorithm);
- r->_tsig_algorithm = strdup(tsig_algorithm);
-}
-
-void
-ldns_resolver_set_tsig_keydata(ldns_resolver *r, char *tsig_keydata)
-{
- LDNS_FREE(r->_tsig_keydata);
- r->_tsig_keydata = strdup(tsig_keydata);
-}
-
-void
-ldns_resolver_set_random(ldns_resolver *r, bool b)
-{
- r->_random = b;
-}
-
-/* more sophisticated functions */
-ldns_resolver *
-ldns_resolver_new(void)
-{
- ldns_resolver *r;
-
- r = LDNS_MALLOC(ldns_resolver);
- if (!r) {
- return NULL;
- }
-
- r->_searchlist = NULL;
- r->_nameservers = NULL;
- r->_rtt = NULL;
-
- /* defaults are filled out */
- ldns_resolver_set_searchlist_count(r, 0);
- ldns_resolver_set_nameserver_count(r, 0);
- ldns_resolver_set_usevc(r, 0);
- ldns_resolver_set_port(r, LDNS_PORT);
- ldns_resolver_set_domain(r, NULL);
- ldns_resolver_set_defnames(r, false);
- ldns_resolver_set_retry(r, 3);
- ldns_resolver_set_retrans(r, 2);
- ldns_resolver_set_fallback(r, true);
- ldns_resolver_set_fail(r, false);
- ldns_resolver_set_edns_udp_size(r, 0);
- ldns_resolver_set_dnssec(r, false);
- ldns_resolver_set_dnssec_cd(r, false);
- ldns_resolver_set_dnssec_anchors(r, NULL);
- ldns_resolver_set_ip6(r, LDNS_RESOLV_INETANY);
- ldns_resolver_set_igntc(r, false);
- ldns_resolver_set_recursive(r, false);
- ldns_resolver_set_dnsrch(r, true);
-
- /* randomize the nameserver to be queried
- * when there are multiple
- */
- ldns_resolver_set_random(r, true);
-
- ldns_resolver_set_debug(r, 0);
-
- r->_timeout.tv_sec = LDNS_DEFAULT_TIMEOUT_SEC;
- r->_timeout.tv_usec = LDNS_DEFAULT_TIMEOUT_USEC;
-
- r->_socket = -1;
- r->_axfr_soa_count = 0;
- r->_axfr_i = 0;
- r->_cur_axfr_pkt = NULL;
-
- r->_tsig_keyname = NULL;
- r->_tsig_keydata = NULL;
- r->_tsig_algorithm = NULL;
- return r;
-}
-
-ldns_status
-ldns_resolver_new_frm_fp(ldns_resolver **res, FILE *fp)
-{
- return ldns_resolver_new_frm_fp_l(res, fp, NULL);
-}
-
-ldns_status
-ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr)
-{
- ldns_resolver *r;
- const char *keyword[LDNS_RESOLV_KEYWORDS];
- char word[LDNS_MAX_LINELEN + 1];
- int8_t expect;
- uint8_t i;
- ldns_rdf *tmp;
-#ifdef HAVE_SSL
- ldns_rr *tmp_rr;
-#endif
- ssize_t gtr, bgtr;
- ldns_buffer *b;
- int lnr = 0, oldline;
- if(!line_nr) line_nr = &lnr;
-
- /* do this better
- * expect =
- * 0: keyword
- * 1: default domain dname
- * 2: NS aaaa or a record
- */
-
- /* recognized keywords */
- keyword[LDNS_RESOLV_NAMESERVER] = "nameserver";
- keyword[LDNS_RESOLV_DEFDOMAIN] = "domain";
- keyword[LDNS_RESOLV_SEARCH] = "search";
- /* these two are read but not used atm TODO */
- keyword[LDNS_RESOLV_SORTLIST] = "sortlist";
- keyword[LDNS_RESOLV_OPTIONS] = "options";
- keyword[LDNS_RESOLV_ANCHOR] = "anchor";
- expect = LDNS_RESOLV_KEYWORD;
-
- r = ldns_resolver_new();
- if (!r) {
- return LDNS_STATUS_MEM_ERR;
- }
-
- gtr = 1;
- word[0] = 0;
- oldline = *line_nr;
- expect = LDNS_RESOLV_KEYWORD;
- while (gtr > 0) {
- /* check comments */
- if (word[0] == '#') {
- word[0]='x';
- if(oldline == *line_nr) {
- /* skip until end of line */
- int c;
- do {
- c = fgetc(fp);
- } while(c != EOF && c != '\n');
- if(c=='\n' && line_nr) (*line_nr)++;
- }
- /* and read next to prepare for further parsing */
- oldline = *line_nr;
- continue;
- }
- oldline = *line_nr;
- switch(expect) {
- case LDNS_RESOLV_KEYWORD:
- /* keyword */
- gtr = ldns_fget_token_l(fp, word, LDNS_PARSE_NORMAL, 0, line_nr);
- if (gtr != 0) {
- if(word[0] == '#') continue;
- for(i = 0; i < LDNS_RESOLV_KEYWORDS; i++) {
- if (strcasecmp(keyword[i], word) == 0) {
- /* chosen the keyword and
- * expect values carefully
- */
- expect = i;
- break;
- }
- }
- /* no keyword recognized */
- if (expect == LDNS_RESOLV_KEYWORD) {
- /* skip line */
- /*
- ldns_resolver_deep_free(r);
- return LDNS_STATUS_SYNTAX_KEYWORD_ERR;
- */
- }
- }
- break;
- case LDNS_RESOLV_DEFDOMAIN:
- /* default domain dname */
- gtr = ldns_fget_token_l(fp, word, LDNS_PARSE_NORMAL, 0, line_nr);
- if (gtr == 0) {
- return LDNS_STATUS_SYNTAX_MISSING_VALUE_ERR;
- }
- if(word[0] == '#') {
- expect = LDNS_RESOLV_KEYWORD;
- continue;
- }
- tmp = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, word);
- if (!tmp) {
- ldns_resolver_deep_free(r);
- return LDNS_STATUS_SYNTAX_DNAME_ERR;
- }
-
- /* DOn't free, because we copy the pointer */
- ldns_resolver_set_domain(r, tmp);
- expect = LDNS_RESOLV_KEYWORD;
- break;
- case LDNS_RESOLV_NAMESERVER:
- /* NS aaaa or a record */
- gtr = ldns_fget_token_l(fp, word, LDNS_PARSE_NORMAL, 0, line_nr);
- if (gtr == 0) {
- return LDNS_STATUS_SYNTAX_MISSING_VALUE_ERR;
- }
- if(word[0] == '#') {
- expect = LDNS_RESOLV_KEYWORD;
- continue;
- }
- if(strchr(word, '%')) {
- /* snip off interface labels,
- * fe80::222:19ff:fe31:4222%eth0 */
- strchr(word, '%')[0]=0;
- }
- tmp = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_AAAA, word);
- if (!tmp) {
- /* try ip4 */
- tmp = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_A, word);
- }
- /* could not parse it, exit */
- if (!tmp) {
- ldns_resolver_deep_free(r);
- return LDNS_STATUS_SYNTAX_ERR;
- }
- (void)ldns_resolver_push_nameserver(r, tmp);
- ldns_rdf_deep_free(tmp);
- expect = LDNS_RESOLV_KEYWORD;
- break;
- case LDNS_RESOLV_SEARCH:
- /* search list domain dname */
- gtr = ldns_fget_token_l(fp, word, LDNS_PARSE_SKIP_SPACE, 0, line_nr);
- b = LDNS_MALLOC(ldns_buffer);
- if(!b) {
- ldns_resolver_deep_free(r);
- return LDNS_STATUS_MEM_ERR;
- }
-
- ldns_buffer_new_frm_data(b, word, (size_t) gtr);
- if(ldns_buffer_status(b) != LDNS_STATUS_OK) {
- LDNS_FREE(b);
- ldns_resolver_deep_free(r);
- return LDNS_STATUS_MEM_ERR;
- }
- bgtr = ldns_bget_token(b, word, LDNS_PARSE_NORMAL, (size_t) gtr + 1);
- while (bgtr > 0) {
- gtr -= bgtr;
- if(word[0] == '#') {
- expect = LDNS_RESOLV_KEYWORD;
- ldns_buffer_free(b);
- continue;
- }
- tmp = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, word);
- if (!tmp) {
- ldns_resolver_deep_free(r);
- ldns_buffer_free(b);
- return LDNS_STATUS_SYNTAX_DNAME_ERR;
- }
-
- ldns_resolver_push_searchlist(r, tmp);
-
- ldns_rdf_deep_free(tmp);
- bgtr = ldns_bget_token(b, word, LDNS_PARSE_NORMAL,
- (size_t) gtr + 1);
- }
- ldns_buffer_free(b);
- gtr = 1;
- expect = LDNS_RESOLV_KEYWORD;
- break;
- case LDNS_RESOLV_SORTLIST:
- gtr = ldns_fget_token_l(fp, word, LDNS_PARSE_SKIP_SPACE, 0, line_nr);
- /* sortlist not implemented atm */
- expect = LDNS_RESOLV_KEYWORD;
- break;
- case LDNS_RESOLV_OPTIONS:
- gtr = ldns_fget_token_l(fp, word, LDNS_PARSE_SKIP_SPACE, 0, line_nr);
- /* options not implemented atm */
- expect = LDNS_RESOLV_KEYWORD;
- break;
- case LDNS_RESOLV_ANCHOR:
- /* a file containing a DNSSEC trust anchor */
- gtr = ldns_fget_token_l(fp, word, LDNS_PARSE_NORMAL, 0, line_nr);
- if (gtr == 0) {
- ldns_resolver_deep_free(r);
- return LDNS_STATUS_SYNTAX_MISSING_VALUE_ERR;
- }
- if(word[0] == '#') {
- expect = LDNS_RESOLV_KEYWORD;
- continue;
- }
-
-#ifdef HAVE_SSL
- tmp_rr = ldns_read_anchor_file(word);
- (void) ldns_resolver_push_dnssec_anchor(r, tmp_rr);
- ldns_rr_free(tmp_rr);
-#endif
- expect = LDNS_RESOLV_KEYWORD;
- break;
- }
- }
-
- if (res) {
- *res = r;
- return LDNS_STATUS_OK;
- } else {
- ldns_resolver_deep_free(r);
- return LDNS_STATUS_NULL;
- }
-}
-
-ldns_status
-ldns_resolver_new_frm_file(ldns_resolver **res, const char *filename)
-{
- ldns_resolver *r;
- FILE *fp;
- ldns_status s;
-
- if (!filename) {
- fp = fopen(LDNS_RESOLV_CONF, "r");
-
- } else {
- fp = fopen(filename, "r");
- }
- if (!fp) {
- return LDNS_STATUS_FILE_ERR;
- }
-
- s = ldns_resolver_new_frm_fp(&r, fp);
- fclose(fp);
- if (s == LDNS_STATUS_OK) {
- if (res) {
- *res = r;
- return LDNS_STATUS_OK;
- } else {
- return LDNS_STATUS_NULL;
- }
- }
- return s;
-}
-
-void
-ldns_resolver_free(ldns_resolver *res)
-{
- LDNS_FREE(res);
-}
-
-void
-ldns_resolver_deep_free(ldns_resolver *res)
-{
- size_t i;
-
- if (res) {
- close_socket(res->_socket);
-
- if (res->_searchlist) {
- for (i = 0; i < ldns_resolver_searchlist_count(res); i++) {
- ldns_rdf_deep_free(res->_searchlist[i]);
- }
- LDNS_FREE(res->_searchlist);
- }
- if (res->_nameservers) {
- for (i = 0; i < res->_nameserver_count; i++) {
- ldns_rdf_deep_free(res->_nameservers[i]);
- }
- LDNS_FREE(res->_nameservers);
- }
- if (ldns_resolver_domain(res)) {
- ldns_rdf_deep_free(ldns_resolver_domain(res));
- }
- if (res->_tsig_keyname) {
- LDNS_FREE(res->_tsig_keyname);
- }
- if (res->_tsig_keydata) {
- LDNS_FREE(res->_tsig_keydata);
- }
- if (res->_tsig_algorithm) {
- LDNS_FREE(res->_tsig_algorithm);
- }
-
- if (res->_cur_axfr_pkt) {
- ldns_pkt_free(res->_cur_axfr_pkt);
- }
-
- if (res->_rtt) {
- LDNS_FREE(res->_rtt);
- }
- if (res->_dnssec_anchors) {
- ldns_rr_list_deep_free(res->_dnssec_anchors);
- }
- LDNS_FREE(res);
- }
-}
-
-ldns_pkt *
-ldns_resolver_search(const ldns_resolver *r,const ldns_rdf *name,
- ldns_rr_type t, ldns_rr_class c, uint16_t flags)
-{
-
- char *str_dname;
- ldns_rdf *new_name;
- ldns_rdf **search_list;
- size_t i;
- ldns_pkt *p;
-
- str_dname = ldns_rdf2str(name);
-
- if (ldns_dname_str_absolute(str_dname)) {
- /* query as-is */
- return ldns_resolver_query(r, name, t, c, flags);
- } else if (ldns_resolver_dnsrch(r)) {
- search_list = ldns_resolver_searchlist(r);
- for (i = 0; i < ldns_resolver_searchlist_count(r); i++) {
- new_name = ldns_dname_cat_clone(name, search_list[i]);
-
- p = ldns_resolver_query(r, new_name, t, c, flags);
- ldns_rdf_free(new_name);
- if (p) {
- if (ldns_pkt_get_rcode(p) == LDNS_RCODE_NOERROR) {
- return p;
- } else {
- ldns_pkt_free(p);
- p = NULL;
- }
- }
- }
- }
- return NULL;
-}
-
-ldns_pkt *
-ldns_resolver_query(const ldns_resolver *r, const ldns_rdf *name,
- ldns_rr_type t, ldns_rr_class c, uint16_t flags)
-{
- ldns_rdf *newname;
- ldns_pkt *pkt;
- ldns_status status;
-
- pkt = NULL;
-
- if (!ldns_resolver_defnames(r)) {
- status = ldns_resolver_send(&pkt, (ldns_resolver *)r, name,
- t, c, flags);
- if (status == LDNS_STATUS_OK) {
- return pkt;
- } else {
- if (pkt) {
- ldns_pkt_free(pkt);
- }
- return NULL;
- }
- }
-
- if (!ldns_resolver_domain(r)) {
- /* _defnames is set, but the domain is not....?? */
- status = ldns_resolver_send(&pkt, (ldns_resolver *)r, name,
- t, c, flags);
- if (status == LDNS_STATUS_OK) {
- return pkt;
- } else {
- if (pkt) {
- ldns_pkt_free(pkt);
- }
- return NULL;
- }
- }
-
- newname = ldns_dname_cat_clone((const ldns_rdf*)name, ldns_resolver_domain(r));
- if (!newname) {
- if (pkt) {
- ldns_pkt_free(pkt);
- }
- return NULL;
- }
-
- (void)ldns_resolver_send(&pkt, (ldns_resolver *)r, newname, t, c,
- flags);
-
- ldns_rdf_free(newname);
-
- return pkt;
-}
-
-ldns_status
-ldns_resolver_send_pkt(ldns_pkt **answer, ldns_resolver *r,
- ldns_pkt *query_pkt)
-{
- ldns_pkt *answer_pkt = NULL;
- ldns_status stat = LDNS_STATUS_OK;
-
- stat = ldns_send(&answer_pkt, (ldns_resolver *)r, query_pkt);
- if (stat != LDNS_STATUS_OK) {
- if(answer_pkt) {
- ldns_pkt_free(answer_pkt);
- answer_pkt = NULL;
- }
- } else {
- /* if tc=1 fall back to EDNS and/or TCP */
- /* check for tcp first (otherwise we don't care about tc=1) */
- if (!ldns_resolver_usevc(r) && ldns_resolver_fallback(r)) {
- if (ldns_pkt_tc(answer_pkt)) {
- /* was EDNS0 set? */
- if (ldns_pkt_edns_udp_size(query_pkt) == 0) {
- ldns_pkt_set_edns_udp_size(query_pkt, 4096);
- ldns_pkt_free(answer_pkt);
- stat = ldns_send(&answer_pkt, r, query_pkt);
- }
- /* either way, if it is still truncated, use TCP */
- if (stat != LDNS_STATUS_OK ||
- ldns_pkt_tc(answer_pkt)) {
- ldns_resolver_set_usevc(r, true);
- ldns_pkt_free(answer_pkt);
- stat = ldns_send(&answer_pkt, r, query_pkt);
- ldns_resolver_set_usevc(r, false);
- }
- }
- }
- }
-
- if (answer) {
- *answer = answer_pkt;
- }
-
- return stat;
-}
-
-ldns_status
-ldns_resolver_prepare_query_pkt(ldns_pkt **query_pkt, ldns_resolver *r,
- const ldns_rdf *name, ldns_rr_type t,
- ldns_rr_class c, uint16_t flags)
-{
- struct timeval now;
-
- /* prepare a question pkt from the parameters
- * and then send this */
- *query_pkt = ldns_pkt_query_new(ldns_rdf_clone(name), t, c, flags);
- if (!*query_pkt) {
- return LDNS_STATUS_ERR;
- }
-
- /* set DO bit if necessary */
- if (ldns_resolver_dnssec(r)) {
- if (ldns_resolver_edns_udp_size(r) == 0) {
- ldns_resolver_set_edns_udp_size(r, 4096);
- }
- ldns_pkt_set_edns_do(*query_pkt, true);
- if (ldns_resolver_dnssec_cd(r) || (flags & LDNS_CD)) {
- ldns_pkt_set_cd(*query_pkt, true);
- }
- }
-
- /* transfer the udp_edns_size from the resolver to the packet */
- if (ldns_resolver_edns_udp_size(r) != 0) {
- ldns_pkt_set_edns_udp_size(*query_pkt, ldns_resolver_edns_udp_size(r));
- }
-
- /* set the timestamp */
- now.tv_sec = time(NULL);
- now.tv_usec = 0;
- ldns_pkt_set_timestamp(*query_pkt, now);
-
-
- if (ldns_resolver_debug(r)) {
- ldns_pkt_print(stdout, *query_pkt);
- }
-
- /* only set the id if it is not set yet */
- if (ldns_pkt_id(*query_pkt) == 0) {
- ldns_pkt_set_random_id(*query_pkt);
- }
-
- return LDNS_STATUS_OK;
-}
-
-
-ldns_status
-ldns_resolver_send(ldns_pkt **answer, ldns_resolver *r, const ldns_rdf *name,
- ldns_rr_type t, ldns_rr_class c, uint16_t flags)
-{
- ldns_pkt *query_pkt;
- ldns_pkt *answer_pkt;
- ldns_status status;
-
- assert(r != NULL);
- assert(name != NULL);
-
- answer_pkt = NULL;
-
- /* do all the preprocessing here, then fire of an query to
- * the network */
-
- if (0 == t) {
- t= LDNS_RR_TYPE_A;
- }
- if (0 == c) {
- c= LDNS_RR_CLASS_IN;
- }
- if (0 == ldns_resolver_nameserver_count(r)) {
- return LDNS_STATUS_RES_NO_NS;
- }
- if (ldns_rdf_get_type(name) != LDNS_RDF_TYPE_DNAME) {
- return LDNS_STATUS_RES_QUERY;
- }
-
- status = ldns_resolver_prepare_query_pkt(&query_pkt, r, name,
- t, c, flags);
- if (status != LDNS_STATUS_OK) {
- return status;
- }
-
- /* if tsig values are set, tsign it */
- /* TODO: make last 3 arguments optional too? maybe make complete
- rr instead of seperate values in resolver (and packet)
- Jelte
- should this go in pkt_prepare?
- */
- if (ldns_resolver_tsig_keyname(r) && ldns_resolver_tsig_keydata(r)) {
-#ifdef HAVE_SSL
- status = ldns_pkt_tsig_sign(query_pkt,
- ldns_resolver_tsig_keyname(r),
- ldns_resolver_tsig_keydata(r),
- 300, ldns_resolver_tsig_algorithm(r), NULL);
- if (status != LDNS_STATUS_OK) {
- return LDNS_STATUS_CRYPTO_TSIG_ERR;
- }
-#else
- return LDNS_STATUS_CRYPTO_TSIG_ERR;
-#endif /* HAVE_SSL */
- }
-
- status = ldns_resolver_send_pkt(&answer_pkt, r, query_pkt);
- ldns_pkt_free(query_pkt);
-
- /* allows answer to be NULL when not interested in return value */
- if (answer) {
- *answer = answer_pkt;
- }
- return status;
-}
-
-ldns_rr *
-ldns_axfr_next(ldns_resolver *resolver)
-{
- ldns_rr *cur_rr;
- uint8_t *packet_wire;
- size_t packet_wire_size;
- ldns_lookup_table *rcode;
- ldns_status status;
-
- /* check if start() has been called */
- if (!resolver || resolver->_socket == -1) {
- return NULL;
- }
-
- if (resolver->_cur_axfr_pkt) {
- if (resolver->_axfr_i == ldns_pkt_ancount(resolver->_cur_axfr_pkt)) {
- ldns_pkt_free(resolver->_cur_axfr_pkt);
- resolver->_cur_axfr_pkt = NULL;
- return ldns_axfr_next(resolver);
- }
- cur_rr = ldns_rr_clone(ldns_rr_list_rr(
- ldns_pkt_answer(resolver->_cur_axfr_pkt),
- resolver->_axfr_i));
- resolver->_axfr_i++;
- if (ldns_rr_get_type(cur_rr) == LDNS_RR_TYPE_SOA) {
- resolver->_axfr_soa_count++;
- if (resolver->_axfr_soa_count >= 2) {
-
- close_socket(resolver->_socket);
-
- ldns_pkt_free(resolver->_cur_axfr_pkt);
- resolver->_cur_axfr_pkt = NULL;
- }
- }
- return cur_rr;
- } else {
- packet_wire = ldns_tcp_read_wire(resolver->_socket, &packet_wire_size);
- if(!packet_wire)
- return NULL;
-
- status = ldns_wire2pkt(&resolver->_cur_axfr_pkt, packet_wire,
- packet_wire_size);
- free(packet_wire);
-
- resolver->_axfr_i = 0;
- if (status != LDNS_STATUS_OK) {
- /* TODO: make status return type of this function (...api change) */
- fprintf(stderr, "Error parsing rr during AXFR: %s\n", ldns_get_errorstr_by_id(status));
-
- /* RoRi: we must now also close the socket, otherwise subsequent uses of the
- same resolver structure will fail because the link is still open or
- in an undefined state */
-
- close_socket(resolver->_socket);
-
- return NULL;
- } else if (ldns_pkt_get_rcode(resolver->_cur_axfr_pkt) != 0) {
- rcode = ldns_lookup_by_id(ldns_rcodes, (int) ldns_pkt_get_rcode(resolver->_cur_axfr_pkt));
- fprintf(stderr, "Error in AXFR: %s\n", rcode->name);
-
- /* RoRi: we must now also close the socket, otherwise subsequent uses of the
- same resolver structure will fail because the link is still open or
- in an undefined state */
-
- close_socket(resolver->_socket);
-
- return NULL;
- } else {
- return ldns_axfr_next(resolver);
- }
-
- }
-
-}
-
-bool
-ldns_axfr_complete(const ldns_resolver *res)
-{
- /* complete when soa count is 2? */
- return res->_axfr_soa_count == 2;
-}
-
-ldns_pkt *
-ldns_axfr_last_pkt(const ldns_resolver *res)
-{
- return res->_cur_axfr_pkt;
-}
-
-/* random isn't really that good */
-void
-ldns_resolver_nameservers_randomize(ldns_resolver *r)
-{
- uint16_t i, j;
- ldns_rdf **ns, *tmp;
-
- /* should I check for ldns_resolver_random?? */
- assert(r != NULL);
-
- ns = ldns_resolver_nameservers(r);
- for (i = 0; i < ldns_resolver_nameserver_count(r); i++) {
- j = ldns_get_random() % ldns_resolver_nameserver_count(r);
- tmp = ns[i];
- ns[i] = ns[j];
- ns[j] = tmp;
- }
- ldns_resolver_set_nameservers(r, ns);
-}
-
+++ /dev/null
-/* rr.c
- *
- * access functions for ldns_rr -
- * a Net::DNS like library for C
- * LibDNS Team @ NLnet Labs
- *
- * (c) NLnet Labs, 2004-2006
- * See the file LICENSE for the license
- */
-#include <ldns/config.h>
-
-#include <ldns/ldns.h>
-
-#ifdef _MSC_VER
-#include <string.h>
-#else
-#include <strings.h>
-#endif
-#include <limits.h>
-
-#include <errno.h>
-
-#define LDNS_SYNTAX_DATALEN 16
-#define LDNS_TTL_DATALEN 21
-#define LDNS_RRLIST_INIT 8
-
-ldns_rr *
-ldns_rr_new(void)
-{
- ldns_rr *rr;
- rr = LDNS_MALLOC(ldns_rr);
- if (!rr) {
- return NULL;
- }
-
- ldns_rr_set_owner(rr, NULL);
- ldns_rr_set_question(rr, false);
- ldns_rr_set_rd_count(rr, 0);
- rr->_rdata_fields = NULL;
- ldns_rr_set_class(rr, LDNS_RR_CLASS_IN);
- ldns_rr_set_ttl(rr, LDNS_DEFAULT_TTL);
- return rr;
-}
-
-ldns_rr *
-ldns_rr_new_frm_type(ldns_rr_type t)
-{
- ldns_rr *rr;
- const ldns_rr_descriptor *desc;
- size_t i;
-
- rr = LDNS_MALLOC(ldns_rr);
- if (!rr) {
- return NULL;
- }
-
- desc = ldns_rr_descript(t);
-
- rr->_rdata_fields = LDNS_XMALLOC(ldns_rdf *, ldns_rr_descriptor_minimum(desc));
- if(!rr->_rdata_fields) {
- LDNS_FREE(rr);
- return NULL;
- }
- for (i = 0; i < ldns_rr_descriptor_minimum(desc); i++) {
- rr->_rdata_fields[i] = NULL;
- }
-
- ldns_rr_set_owner(rr, NULL);
- ldns_rr_set_question(rr, false);
- /* set the count to minimum */
- ldns_rr_set_rd_count(rr, ldns_rr_descriptor_minimum(desc));
- ldns_rr_set_class(rr, LDNS_RR_CLASS_IN);
- ldns_rr_set_ttl(rr, LDNS_DEFAULT_TTL);
- ldns_rr_set_type(rr, t);
- return rr;
-}
-
-void
-ldns_rr_free(ldns_rr *rr)
-{
- size_t i;
- if (rr) {
- if (ldns_rr_owner(rr)) {
- ldns_rdf_deep_free(ldns_rr_owner(rr));
- }
- for (i = 0; i < ldns_rr_rd_count(rr); i++) {
- ldns_rdf_deep_free(ldns_rr_rdf(rr, i));
- }
- LDNS_FREE(rr->_rdata_fields);
- LDNS_FREE(rr);
- }
-}
-
-/*
- * trailing spaces are allowed
- * leading spaces are not allowed
- * allow ttl to be optional
- * class is optional too
- * if ttl is missing, and default_ttl is 0, use DEF_TTL
- * allow ttl to be written as 1d3h
- * So the RR should look like. e.g.
- * miek.nl. 3600 IN MX 10 elektron.atoom.net
- * or
- * miek.nl. 1h IN MX 10 elektron.atoom.net
- * or
- * miek.nl. IN MX 10 elektron.atoom.net
- */
-static ldns_status
-ldns_rr_new_frm_str_internal(ldns_rr **newrr, const char *str,
- uint32_t default_ttl, ldns_rdf *origin,
- ldns_rdf **prev, bool question)
-{
- ldns_rr *new;
- const ldns_rr_descriptor *desc;
- ldns_rr_type rr_type;
- ldns_buffer *rr_buf = NULL;
- ldns_buffer *rd_buf = NULL;
- uint32_t ttl_val;
- char *owner = NULL;
- char *ttl = NULL;
- ldns_rr_class clas_val;
- char *clas = NULL;
- char *type = NULL;
- char *rdata = NULL;
- char *rd = NULL;
- char *b64 = NULL;
- size_t rd_strlen;
- const char *delimiters;
- ssize_t c;
- ldns_rdf *owner_dname;
- const char* endptr;
- int was_unknown_rr_format = 0;
- ldns_status status = LDNS_STATUS_OK;
-
- /* used for types with unknown number of rdatas */
- bool done;
- bool quoted;
-
- ldns_rdf *r = NULL;
- uint16_t r_cnt;
- uint16_t r_min;
- uint16_t r_max;
- size_t pre_data_pos;
-
- new = ldns_rr_new();
-
- owner = LDNS_XMALLOC(char, LDNS_MAX_DOMAINLEN + 1);
- ttl = LDNS_XMALLOC(char, LDNS_TTL_DATALEN);
- clas = LDNS_XMALLOC(char, LDNS_SYNTAX_DATALEN);
- rdata = LDNS_XMALLOC(char, LDNS_MAX_PACKETLEN + 1);
- rr_buf = LDNS_MALLOC(ldns_buffer);
- rd_buf = LDNS_MALLOC(ldns_buffer);
- rd = LDNS_XMALLOC(char, LDNS_MAX_RDFLEN);
- b64 = LDNS_XMALLOC(char, LDNS_MAX_RDFLEN);
- if (!new || !owner || !ttl || !clas || !rdata || !rr_buf || !rd_buf || !rd || !b64 ) {
- status = LDNS_STATUS_MEM_ERR;
- LDNS_FREE(rr_buf);
- goto ldnserror;
- }
-
- ldns_buffer_new_frm_data(rr_buf, (char*)str, strlen(str));
-
- /* split the rr in its parts -1 signals trouble */
- if (ldns_bget_token(rr_buf, owner, "\t\n ", LDNS_MAX_DOMAINLEN) == -1) {
- status = LDNS_STATUS_SYNTAX_ERR;
- ldns_buffer_free(rr_buf);
- goto ldnserror;
- }
-
- if (ldns_bget_token(rr_buf, ttl, "\t\n ", LDNS_TTL_DATALEN) == -1) {
- status = LDNS_STATUS_SYNTAX_TTL_ERR;
- ldns_buffer_free(rr_buf);
- goto ldnserror;
- }
- ttl_val = (uint32_t) ldns_str2period(ttl, &endptr);
-
- if (strlen(ttl) > 0 && !isdigit((int) ttl[0])) {
- /* ah, it's not there or something */
- if (default_ttl == 0) {
- ttl_val = LDNS_DEFAULT_TTL;
- } else {
- ttl_val = default_ttl;
- }
- /* we not ASSUMING the TTL is missing and that
- * the rest of the RR is still there. That is
- * CLASS TYPE RDATA
- * so ttl value we read is actually the class
- */
- clas_val = ldns_get_rr_class_by_name(ttl);
- /* class can be left out too, assume IN, current
- * token must be type
- */
- if (clas_val == 0) {
- clas_val = LDNS_RR_CLASS_IN;
- type = LDNS_XMALLOC(char, strlen(ttl) + 1);
- if(!type) {
- status = LDNS_STATUS_MEM_ERR;
- ldns_buffer_free(rr_buf);
- goto ldnserror;
- }
- strncpy(type, ttl, strlen(ttl) + 1);
- }
- } else {
- if (ldns_bget_token(rr_buf, clas, "\t\n ", LDNS_SYNTAX_DATALEN) == -1) {
- status = LDNS_STATUS_SYNTAX_CLASS_ERR;
- ldns_buffer_free(rr_buf);
- goto ldnserror;
- }
- clas_val = ldns_get_rr_class_by_name(clas);
- /* class can be left out too, assume IN, current
- * token must be type
- */
- if (clas_val == 0) {
- clas_val = LDNS_RR_CLASS_IN;
- type = LDNS_XMALLOC(char, strlen(clas) + 1);
- if(!type) {
- status = LDNS_STATUS_MEM_ERR;
- ldns_buffer_free(rr_buf);
- goto ldnserror;
- }
- strncpy(type, clas, strlen(clas) + 1);
- }
- }
- /* the rest should still be waiting for us */
-
- if (!type) {
- type = LDNS_XMALLOC(char, LDNS_SYNTAX_DATALEN);
- if(!type) {
- status = LDNS_STATUS_MEM_ERR;
- ldns_buffer_free(rr_buf);
- goto ldnserror;
- }
- if (ldns_bget_token(rr_buf, type, "\t\n ", LDNS_SYNTAX_DATALEN) == -1) {
- status = LDNS_STATUS_SYNTAX_TYPE_ERR;
- ldns_buffer_free(rr_buf);
- goto ldnserror;
- }
- }
-
- if (ldns_bget_token(rr_buf, rdata, "\0", LDNS_MAX_PACKETLEN) == -1) {
- /* apparently we are done, and it's only a question RR
- * so do not set status and go to ldnserror here
- */
- }
-
- ldns_buffer_new_frm_data(rd_buf, rdata, strlen(rdata));
-
- if (strlen(owner) <= 1 && strncmp(owner, "@", 1) == 0) {
- if (origin) {
- ldns_rr_set_owner(new, ldns_rdf_clone(origin));
- } else if (prev && *prev) {
- ldns_rr_set_owner(new, ldns_rdf_clone(*prev));
- } else {
- /* default to root */
- ldns_rr_set_owner(new, ldns_dname_new_frm_str("."));
- }
-
- /* @ also overrides prev */
- if (prev) {
- ldns_rdf_deep_free(*prev);
- *prev = ldns_rdf_clone(ldns_rr_owner(new));
- if (!*prev) {
- status = LDNS_STATUS_MEM_ERR;
- ldns_buffer_free(rr_buf);
- goto ldnserror;
- }
- }
- } else {
- if (strlen(owner) == 0) {
- /* no ownername was given, try prev, if that fails
- * origin, else default to root */
- if (prev && *prev) {
- ldns_rr_set_owner(new, ldns_rdf_clone(*prev));
- } else if (origin) {
- ldns_rr_set_owner(new, ldns_rdf_clone(origin));
- } else {
- ldns_rr_set_owner(new, ldns_dname_new_frm_str("."));
- }
- if(!ldns_rr_owner(new)) {
- status = LDNS_STATUS_MEM_ERR;
- ldns_buffer_free(rr_buf);
- goto ldnserror;
- }
- } else {
- owner_dname = ldns_dname_new_frm_str(owner);
- if (!owner_dname) {
- status = LDNS_STATUS_SYNTAX_ERR;
- ldns_buffer_free(rr_buf);
- goto ldnserror;
- }
-
- ldns_rr_set_owner(new, owner_dname);
- if (!ldns_dname_str_absolute(owner) && origin) {
- if(ldns_dname_cat(ldns_rr_owner(new),
- origin) != LDNS_STATUS_OK) {
- status = LDNS_STATUS_SYNTAX_ERR;
- ldns_buffer_free(rr_buf);
- goto ldnserror;
- }
- }
- if (prev) {
- ldns_rdf_deep_free(*prev);
- *prev = ldns_rdf_clone(ldns_rr_owner(new));
- if(!*prev) {
- status = LDNS_STATUS_MEM_ERR;
- ldns_buffer_free(rr_buf);
- goto ldnserror;
- }
- }
- }
- }
- LDNS_FREE(owner);
- owner = NULL;
-
- ldns_rr_set_question(new, question);
-
- ldns_rr_set_ttl(new, ttl_val);
- LDNS_FREE(ttl);
- ttl = NULL;
-
- ldns_rr_set_class(new, clas_val);
- LDNS_FREE(clas);
- clas = NULL;
-
- rr_type = ldns_get_rr_type_by_name(type);
- LDNS_FREE(type);
- type = NULL;
-
- desc = ldns_rr_descript((uint16_t)rr_type);
- ldns_rr_set_type(new, rr_type);
- if (desc) {
- /* only the rdata remains */
- r_max = ldns_rr_descriptor_maximum(desc);
- r_min = ldns_rr_descriptor_minimum(desc);
- } else {
- r_min = 0;
- r_max = 1;
- }
-
- /* depending on the rr_type we need to extract
- * the rdata differently, e.g. NSEC/NSEC3 */
- switch(rr_type) {
- default:
- done = false;
-
- for (r_cnt = 0; !done && r_cnt < r_max; r_cnt++) {
- quoted = false;
- /* if type = B64, the field may contain spaces */
- if (ldns_rr_descriptor_field_type(desc,
- r_cnt) == LDNS_RDF_TYPE_B64 ||
- ldns_rr_descriptor_field_type(desc,
- r_cnt) == LDNS_RDF_TYPE_HEX ||
- ldns_rr_descriptor_field_type(desc,
- r_cnt) == LDNS_RDF_TYPE_LOC ||
- ldns_rr_descriptor_field_type(desc,
- r_cnt) == LDNS_RDF_TYPE_WKS ||
- ldns_rr_descriptor_field_type(desc,
- r_cnt) == LDNS_RDF_TYPE_IPSECKEY ||
- ldns_rr_descriptor_field_type(desc,
- r_cnt) == LDNS_RDF_TYPE_NSEC) {
- delimiters = "\n\t";
- } else {
- delimiters = "\n\t ";
- }
-
- if (ldns_rr_descriptor_field_type(desc,
- r_cnt) == LDNS_RDF_TYPE_STR &&
- ldns_buffer_remaining(rd_buf) > 0) {
- /* skip spaces */
- while (*(ldns_buffer_current(rd_buf)) == ' ') {
- ldns_buffer_skip(rd_buf, 1);
- }
-
- if (*(ldns_buffer_current(rd_buf)) == '\"') {
- delimiters = "\"\0";
- ldns_buffer_skip(rd_buf, 1);
- quoted = true;
- }
- }
-
- /* because number of fields can be variable, we can't
- rely on _maximum() only */
- /* skip spaces */
- while (ldns_buffer_position(rd_buf) < ldns_buffer_limit(rd_buf) &&
- *(ldns_buffer_current(rd_buf)) == ' ' && !quoted
- ) {
- ldns_buffer_skip(rd_buf, 1);
- }
-
- pre_data_pos = ldns_buffer_position(rd_buf);
- if ((c = ldns_bget_token(rd_buf, rd, delimiters,
- LDNS_MAX_RDFLEN)) != -1) {
- /* hmmz, rfc3597 specifies that any type can be represented with
- * \# method, which can contain spaces...
- * it does specify size though...
- */
- rd_strlen = strlen(rd);
-
- /* unknown RR data */
- if (strncmp(rd, "\\#", 2) == 0 && !quoted && (rd_strlen == 2 || rd[2]==' ')) {
- uint16_t hex_data_size;
- char *hex_data_str;
- uint16_t cur_hex_data_size;
-
- was_unknown_rr_format = 1;
- /* go back to before \# and skip it while setting delimiters better */
- ldns_buffer_set_position(rd_buf, pre_data_pos);
- delimiters = "\n\t ";
- (void)ldns_bget_token(rd_buf, rd, delimiters, LDNS_MAX_RDFLEN);
- /* read rdata octet length */
- c = ldns_bget_token(rd_buf, rd, delimiters, LDNS_MAX_RDFLEN);
- if (c == -1) {
- /* something goes very wrong here */
- LDNS_FREE(rd);
- LDNS_FREE(b64);
- ldns_buffer_free(rd_buf);
- ldns_buffer_free(rr_buf);
- LDNS_FREE(rdata);
- ldns_rr_free(new);
- return LDNS_STATUS_SYNTAX_RDATA_ERR;
- }
- hex_data_size = (uint16_t) atoi(rd);
- /* copy the hex chars into hex str (which is 2 chars per byte) */
- hex_data_str = LDNS_XMALLOC(char, 2 * hex_data_size + 1);
- if (!hex_data_str) {
- /* malloc error */
- LDNS_FREE(rd);
- LDNS_FREE(b64);
- ldns_buffer_free(rd_buf);
- ldns_buffer_free(rr_buf);
- LDNS_FREE(rdata);
- ldns_rr_free(new);
- return LDNS_STATUS_SYNTAX_RDATA_ERR;
- }
- cur_hex_data_size = 0;
- while(cur_hex_data_size < 2 * hex_data_size) {
- c = ldns_bget_token(rd_buf, rd, delimiters, LDNS_MAX_RDFLEN);
- rd_strlen = strlen(rd);
- strncpy(hex_data_str + cur_hex_data_size, rd, rd_strlen);
- cur_hex_data_size += rd_strlen;
- }
- hex_data_str[cur_hex_data_size] = '\0';
-
- /* correct the rdf type */
- /* if *we* know the type, interpret it as wireformat */
- if (desc) {
- size_t hex_pos = 0;
- uint8_t *hex_data = LDNS_XMALLOC(uint8_t, hex_data_size + 2);
- ldns_status s;
- if(!hex_data) {
- LDNS_FREE(hex_data_str);
- LDNS_FREE(rd);
- LDNS_FREE(b64);
- ldns_buffer_free(rd_buf);
- ldns_buffer_free(rr_buf);
- LDNS_FREE(rdata);
- ldns_rr_free(new);
- return LDNS_STATUS_MEM_ERR;
- }
- ldns_write_uint16(hex_data, hex_data_size);
- ldns_hexstring_to_data(hex_data + 2, hex_data_str);
- s = ldns_wire2rdf(new, hex_data,
- hex_data_size+2, &hex_pos);
- if(s != LDNS_STATUS_OK) {
- LDNS_FREE(hex_data_str);
- LDNS_FREE(rd);
- LDNS_FREE(b64);
- ldns_buffer_free(rd_buf);
- ldns_buffer_free(rr_buf);
- LDNS_FREE(rdata);
- ldns_rr_free(new);
- return s;
- }
- LDNS_FREE(hex_data);
- } else {
- r = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_HEX, hex_data_str);
- if(!r) {
- LDNS_FREE(hex_data_str);
- LDNS_FREE(rd);
- LDNS_FREE(b64);
- ldns_buffer_free(rd_buf);
- ldns_buffer_free(rr_buf);
- LDNS_FREE(rdata);
- ldns_rr_free(new);
- return LDNS_STATUS_MEM_ERR;
- }
- ldns_rdf_set_type(r, LDNS_RDF_TYPE_UNKNOWN);
- if(!ldns_rr_push_rdf(new, r)) {
- LDNS_FREE(hex_data_str);
- LDNS_FREE(rd);
- LDNS_FREE(b64);
- ldns_buffer_free(rd_buf);
- ldns_buffer_free(rr_buf);
- LDNS_FREE(rdata);
- ldns_rr_free(new);
- return LDNS_STATUS_MEM_ERR;
- }
- }
- LDNS_FREE(hex_data_str);
- } else {
- /* Normal RR */
- switch(ldns_rr_descriptor_field_type(desc, r_cnt)) {
- case LDNS_RDF_TYPE_HEX:
- case LDNS_RDF_TYPE_B64:
- /* can have spaces, and will always be the last
- * record of the rrdata. Read in the rest */
- if ((c = ldns_bget_token(rd_buf,
- b64,
- "\n",
- LDNS_MAX_RDFLEN))
- != -1) {
- rd = strncat(rd,
- b64,
- LDNS_MAX_RDFLEN
- - strlen(rd) - 1);
- }
- r = ldns_rdf_new_frm_str(
- ldns_rr_descriptor_field_type(desc, r_cnt),
- rd);
- break;
- case LDNS_RDF_TYPE_DNAME:
- r = ldns_rdf_new_frm_str(
- ldns_rr_descriptor_field_type(desc, r_cnt),
- rd);
-
- /* check if the origin should be used or concatenated */
- if (r && ldns_rdf_size(r) > 1 && ldns_rdf_data(r)[0] == 1
- && ldns_rdf_data(r)[1] == '@') {
- ldns_rdf_deep_free(r);
- if (origin) {
- r = ldns_rdf_clone(origin);
- } else {
- /* if this is the SOA, use its own owner name */
- if (rr_type == LDNS_RR_TYPE_SOA) {
- r = ldns_rdf_clone(ldns_rr_owner(new));
- } else {
- r = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, ".");
- }
- }
- } else if (r && rd_strlen >= 1 && !ldns_dname_str_absolute(rd) && origin) {
- if (ldns_dname_cat(r, origin) != LDNS_STATUS_OK) {
- LDNS_FREE(rd);
- LDNS_FREE(b64);
- ldns_buffer_free(rd_buf);
- ldns_buffer_free(rr_buf);
- LDNS_FREE(rdata);
- ldns_rr_free(new);
- return LDNS_STATUS_ERR;
- }
- }
- break;
- default:
- r = ldns_rdf_new_frm_str(
- ldns_rr_descriptor_field_type(desc, r_cnt),
- rd);
- break;
- }
- if (r) {
- ldns_rr_push_rdf(new, r);
- } else {
- LDNS_FREE(rd);
- LDNS_FREE(b64);
- ldns_buffer_free(rd_buf);
- ldns_buffer_free(rr_buf);
- LDNS_FREE(rdata);
- ldns_rr_free(new);
- return LDNS_STATUS_SYNTAX_RDATA_ERR;
- }
- }
- if (quoted) {
- if (ldns_buffer_available(rd_buf, 1)) {
- ldns_buffer_skip(rd_buf, 1);
- } else {
- done = true;
- }
- }
- } else {
- done = true;
- }
- }
- }
- LDNS_FREE(rd);
- LDNS_FREE(b64);
- ldns_buffer_free(rd_buf);
- ldns_buffer_free(rr_buf);
- LDNS_FREE(rdata);
-
- if (!question && desc && !was_unknown_rr_format && ldns_rr_rd_count(new) < r_min) {
- ldns_rr_free(new);
- return LDNS_STATUS_SYNTAX_MISSING_VALUE_ERR;
- }
-
- if (newrr) {
- *newrr = new;
- }
- return LDNS_STATUS_OK;
-
-ldnserror:
- LDNS_FREE(type);
- LDNS_FREE(owner);
- LDNS_FREE(ttl);
- LDNS_FREE(clas);
- LDNS_FREE(rdata);
- LDNS_FREE(rd);
- LDNS_FREE(rd_buf);
- LDNS_FREE(b64);
- ldns_rr_free(new);
- return status;
-}
-
-ldns_status
-ldns_rr_new_frm_str(ldns_rr **newrr, const char *str,
- uint32_t default_ttl, ldns_rdf *origin,
- ldns_rdf **prev)
-{
- return ldns_rr_new_frm_str_internal(newrr,
- str,
- default_ttl,
- origin,
- prev,
- false);
-}
-
-ldns_status
-ldns_rr_new_question_frm_str(ldns_rr **newrr, const char *str,
- ldns_rdf *origin, ldns_rdf **prev)
-{
- return ldns_rr_new_frm_str_internal(newrr,
- str,
- 0,
- origin,
- prev,
- true);
-}
-
-ldns_status
-ldns_rr_new_frm_fp(ldns_rr **newrr, FILE *fp, uint32_t *ttl, ldns_rdf **origin, ldns_rdf **prev)
-{
- return ldns_rr_new_frm_fp_l(newrr, fp, ttl, origin, prev, NULL);
-}
-
-ldns_status
-ldns_rr_new_frm_fp_l(ldns_rr **newrr, FILE *fp, uint32_t *default_ttl, ldns_rdf **origin, ldns_rdf **prev, int *line_nr)
-{
- char *line;
- const char *endptr; /* unused */
- ldns_rr *rr;
- uint32_t ttl;
- ldns_rdf *tmp;
- ldns_status s;
- ssize_t size;
- int offset = 0;
-
- if (default_ttl) {
- ttl = *default_ttl;
- } else {
- ttl = 0;
- }
-
- line = LDNS_XMALLOC(char, LDNS_MAX_LINELEN + 1);
- if (!line) {
- return LDNS_STATUS_MEM_ERR;
- }
-
- /* read an entire line in from the file */
- if ((size = ldns_fget_token_l(fp, line, LDNS_PARSE_SKIP_SPACE, LDNS_MAX_LINELEN, line_nr)) == -1) {
- LDNS_FREE(line);
- /* if last line was empty, we are now at feof, which is not
- * always a parse error (happens when for instance last line
- * was a comment)
- */
- return LDNS_STATUS_SYNTAX_ERR;
- }
-
- /* we can have the situation, where we've read ok, but still got
- * no bytes to play with, in this case size is 0
- */
- if (size == 0) {
- LDNS_FREE(line);
- return LDNS_STATUS_SYNTAX_EMPTY;
- }
-
- if (strncmp(line, "$ORIGIN", 7) == 0 && isspace(line[7])) {
- if (*origin) {
- ldns_rdf_deep_free(*origin);
- *origin = NULL;
- }
- offset = 8;
- while (isspace(line[offset])) {
- offset++;
- }
- tmp = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, line + offset);
- if (!tmp) {
- /* could not parse what next to $ORIGIN */
- LDNS_FREE(line);
- return LDNS_STATUS_SYNTAX_DNAME_ERR;
- }
- *origin = tmp;
- s = LDNS_STATUS_SYNTAX_ORIGIN;
- } else if (strncmp(line, "$TTL", 4) == 0 && isspace(line[4])) {
- offset = 5;
- while (isspace(line[offset])) {
- offset++;
- }
- if (default_ttl) {
- *default_ttl = ldns_str2period(line + offset, &endptr);
- }
- s = LDNS_STATUS_SYNTAX_TTL;
- } else if (strncmp(line, "$INCLUDE", 8) == 0) {
- s = LDNS_STATUS_SYNTAX_INCLUDE;
- } else {
- if (origin && *origin) {
- s = ldns_rr_new_frm_str(&rr, (const char*) line, ttl, *origin, prev);
- } else {
- s = ldns_rr_new_frm_str(&rr, (const char*) line, ttl, NULL, prev);
- }
- }
- LDNS_FREE(line);
- if (newrr && s == LDNS_STATUS_OK) {
- *newrr = rr;
- }
- return s;
-}
-
-void
-ldns_rr_set_owner(ldns_rr *rr, ldns_rdf *owner)
-{
- rr->_owner = owner;
-}
-
-void
-ldns_rr_set_question(ldns_rr *rr, bool question)
-{
- rr->_rr_question = question;
-}
-
-void
-ldns_rr_set_ttl(ldns_rr *rr, uint32_t ttl)
-{
- rr->_ttl = ttl;
-}
-
-void
-ldns_rr_set_rd_count(ldns_rr *rr, size_t count)
-{
- rr->_rd_count = count;
-}
-
-void
-ldns_rr_set_type(ldns_rr *rr, ldns_rr_type rr_type)
-{
- rr->_rr_type = rr_type;
-}
-
-void
-ldns_rr_set_class(ldns_rr *rr, ldns_rr_class rr_class)
-{
- rr->_rr_class = rr_class;
-}
-
-ldns_rdf *
-ldns_rr_set_rdf(ldns_rr *rr, const ldns_rdf *f, size_t position)
-{
- size_t rd_count;
- ldns_rdf *pop;
-
- rd_count = ldns_rr_rd_count(rr);
- if (position < rd_count) {
- /* dicard the old one */
- pop = rr->_rdata_fields[position];
- rr->_rdata_fields[position] = (ldns_rdf*)f;
- return pop;
- } else {
- return NULL;
- }
-}
-
-bool
-ldns_rr_push_rdf(ldns_rr *rr, const ldns_rdf *f)
-{
- size_t rd_count;
- ldns_rdf **rdata_fields;
-
- rd_count = ldns_rr_rd_count(rr);
-
- /* grow the array */
- rdata_fields = LDNS_XREALLOC(
- rr->_rdata_fields, ldns_rdf *, rd_count + 1);
- if (!rdata_fields) {
- return false;
- }
-
- /* add the new member */
- rr->_rdata_fields = rdata_fields;
- rr->_rdata_fields[rd_count] = (ldns_rdf*)f;
-
- ldns_rr_set_rd_count(rr, rd_count + 1);
- return true;
-}
-
-ldns_rdf *
-ldns_rr_pop_rdf(ldns_rr *rr)
-{
- size_t rd_count;
- ldns_rdf *pop;
- ldns_rdf** newrd;
-
- rd_count = ldns_rr_rd_count(rr);
-
- if (rd_count == 0) {
- return NULL;
- }
-
- pop = rr->_rdata_fields[rd_count - 1];
-
- /* try to shrink the array */
- if(rd_count > 1) {
- newrd = LDNS_XREALLOC(
- rr->_rdata_fields, ldns_rdf *, rd_count - 1);
- if(newrd)
- rr->_rdata_fields = newrd;
- } else {
- LDNS_FREE(rr->_rdata_fields);
- }
-
- ldns_rr_set_rd_count(rr, rd_count - 1);
- return pop;
-}
-
-ldns_rdf *
-ldns_rr_rdf(const ldns_rr *rr, size_t nr)
-{
- if (nr < ldns_rr_rd_count(rr)) {
- return rr->_rdata_fields[nr];
- } else {
- return NULL;
- }
-}
-
-ldns_rdf *
-ldns_rr_owner(const ldns_rr *rr)
-{
- return rr->_owner;
-}
-
-bool
-ldns_rr_is_question(const ldns_rr *rr)
-{
- return rr->_rr_question;
-}
-
-uint32_t
-ldns_rr_ttl(const ldns_rr *rr)
-{
- return rr->_ttl;
-}
-
-size_t
-ldns_rr_rd_count(const ldns_rr *rr)
-{
- return rr->_rd_count;
-}
-
-ldns_rr_type
-ldns_rr_get_type(const ldns_rr *rr)
-{
- return rr->_rr_type;
-}
-
-ldns_rr_class
-ldns_rr_get_class(const ldns_rr *rr)
-{
- return rr->_rr_class;
-}
-
-/* rr_lists */
-
-size_t
-ldns_rr_list_rr_count(const ldns_rr_list *rr_list)
-{
- if (rr_list) {
- return rr_list->_rr_count;
- } else {
- return 0;
- }
-}
-
-ldns_rr *
-ldns_rr_list_set_rr(ldns_rr_list *rr_list, const ldns_rr *r, size_t count)
-{
- ldns_rr *old;
-
- if (count > ldns_rr_list_rr_count(rr_list)) {
- return NULL;
- }
-
- old = ldns_rr_list_rr(rr_list, count);
-
- /* overwrite old's pointer */
- rr_list->_rrs[count] = (ldns_rr*)r;
- return old;
-}
-
-void
-ldns_rr_list_set_rr_count(ldns_rr_list *rr_list, size_t count)
-{
- assert(count <= rr_list->_rr_capacity);
- rr_list->_rr_count = count;
-}
-
-ldns_rr *
-ldns_rr_list_rr(const ldns_rr_list *rr_list, size_t nr)
-{
- if (nr < ldns_rr_list_rr_count(rr_list)) {
- return rr_list->_rrs[nr];
- } else {
- return NULL;
- }
-}
-
-ldns_rr_list *
-ldns_rr_list_new()
-{
- ldns_rr_list *rr_list = LDNS_MALLOC(ldns_rr_list);
- if(!rr_list) return NULL;
- rr_list->_rr_count = 0;
- rr_list->_rr_capacity = 0;
- rr_list->_rrs = NULL;
- return rr_list;
-}
-
-void
-ldns_rr_list_free(ldns_rr_list *rr_list)
-{
- if (rr_list) {
- LDNS_FREE(rr_list->_rrs);
- LDNS_FREE(rr_list);
- }
-}
-
-void
-ldns_rr_list_deep_free(ldns_rr_list *rr_list)
-{
- size_t i;
-
- if (rr_list) {
- for (i=0; i < ldns_rr_list_rr_count(rr_list); i++) {
- ldns_rr_free(ldns_rr_list_rr(rr_list, i));
- }
- LDNS_FREE(rr_list->_rrs);
- LDNS_FREE(rr_list);
- }
-}
-
-
-/* add right to left. So we modify *left! */
-bool
-ldns_rr_list_cat(ldns_rr_list *left, ldns_rr_list *right)
-{
- size_t r_rr_count;
- size_t i;
-
- if (!left) {
- return false;
- }
-
- if (right) {
- r_rr_count = ldns_rr_list_rr_count(right);
- } else {
- r_rr_count = 0;
- }
-
- /* push right to left */
- for(i = 0; i < r_rr_count; i++) {
- ldns_rr_list_push_rr(left, ldns_rr_list_rr(right, i));
- }
- return true;
-}
-
-ldns_rr_list *
-ldns_rr_list_cat_clone(ldns_rr_list *left, ldns_rr_list *right)
-{
- size_t l_rr_count;
- size_t r_rr_count;
- size_t i;
- ldns_rr_list *cat;
-
- if (left) {
- l_rr_count = ldns_rr_list_rr_count(left);
- } else {
- return ldns_rr_list_clone(right);
- }
-
- if (right) {
- r_rr_count = ldns_rr_list_rr_count(right);
- } else {
- r_rr_count = 0;
- }
-
- cat = ldns_rr_list_new();
-
- if (!cat) {
- return NULL;
- }
-
- /* left */
- for(i = 0; i < l_rr_count; i++) {
- ldns_rr_list_push_rr(cat,
- ldns_rr_clone(ldns_rr_list_rr(left, i)));
- }
- /* right */
- for(i = 0; i < r_rr_count; i++) {
- ldns_rr_list_push_rr(cat,
- ldns_rr_clone(ldns_rr_list_rr(right, i)));
- }
- return cat;
-}
-
-ldns_rr_list *
-ldns_rr_list_subtype_by_rdf(ldns_rr_list *l, ldns_rdf *r, size_t pos)
-{
- size_t i;
- ldns_rr_list *subtyped;
- ldns_rdf *list_rdf;
-
- subtyped = ldns_rr_list_new();
-
- for(i = 0; i < ldns_rr_list_rr_count(l); i++) {
- list_rdf = ldns_rr_rdf(
- ldns_rr_list_rr(l, i),
- pos);
- if (!list_rdf) {
- /* pos is too large or any other error */
- ldns_rr_list_deep_free(subtyped);
- return NULL;
- }
-
- if (ldns_rdf_compare(list_rdf, r) == 0) {
- /* a match */
- ldns_rr_list_push_rr(subtyped,
- ldns_rr_clone(ldns_rr_list_rr(l, i)));
- }
- }
-
- if (ldns_rr_list_rr_count(subtyped) > 0) {
- return subtyped;
- } else {
- ldns_rr_list_free(subtyped);
- return NULL;
- }
-}
-
-bool
-ldns_rr_list_push_rr(ldns_rr_list *rr_list, const ldns_rr *rr)
-{
- size_t rr_count;
- size_t cap;
-
- rr_count = ldns_rr_list_rr_count(rr_list);
- cap = rr_list->_rr_capacity;
-
- /* grow the array */
- if(rr_count+1 > cap) {
- ldns_rr **rrs;
-
- if(cap == 0)
- cap = LDNS_RRLIST_INIT; /* initial list size */
- else cap *= 2;
- rrs = LDNS_XREALLOC(rr_list->_rrs, ldns_rr *, cap);
- if (!rrs) {
- return false;
- }
- rr_list->_rrs = rrs;
- rr_list->_rr_capacity = cap;
- }
-
- /* add the new member */
- rr_list->_rrs[rr_count] = (ldns_rr*)rr;
-
- ldns_rr_list_set_rr_count(rr_list, rr_count + 1);
- return true;
-}
-
-bool
-ldns_rr_list_push_rr_list(ldns_rr_list *rr_list, const ldns_rr_list *push_list)
-{
- size_t i;
-
- for(i = 0; i < ldns_rr_list_rr_count(push_list); i++) {
- if (!ldns_rr_list_push_rr(rr_list,
- ldns_rr_list_rr(push_list, i))) {
- return false;
- }
- }
- return true;
-}
-
-ldns_rr *
-ldns_rr_list_pop_rr(ldns_rr_list *rr_list)
-{
- size_t rr_count;
- size_t cap;
- ldns_rr *pop;
-
- rr_count = ldns_rr_list_rr_count(rr_list);
-
- if (rr_count == 0) {
- return NULL;
- }
-
- cap = rr_list->_rr_capacity;
- pop = ldns_rr_list_rr(rr_list, rr_count - 1);
-
- /* shrink the array */
- if(cap > LDNS_RRLIST_INIT && rr_count-1 <= cap/2) {
- ldns_rr** a;
- cap /= 2;
- a = LDNS_XREALLOC(rr_list->_rrs, ldns_rr *, cap);
- if(a) {
- rr_list->_rrs = a;
- rr_list->_rr_capacity = cap;
- }
- }
-
- ldns_rr_list_set_rr_count(rr_list, rr_count - 1);
-
- return pop;
-}
-
-ldns_rr_list *
-ldns_rr_list_pop_rr_list(ldns_rr_list *rr_list, size_t howmany)
-{
- /* pop a number of rr's and put them in a rr_list */
- ldns_rr_list *popped;
- ldns_rr *p;
- size_t i = howmany;
-
- popped = ldns_rr_list_new();
-
- if (!popped) {
- return NULL;
- }
-
-
- while(i > 0 &&
- (p = ldns_rr_list_pop_rr(rr_list)) != NULL) {
- ldns_rr_list_push_rr(popped, p);
- i--;
- }
-
- if (i == howmany) {
- return NULL;
- } else {
- return popped;
- }
-}
-
-
-bool
-ldns_rr_list_contains_rr(const ldns_rr_list *rr_list, ldns_rr *rr)
-{
- size_t i;
-
- if (!rr_list || !rr || ldns_rr_list_rr_count(rr_list) == 0) {
- return false;
- }
-
- for (i = 0; i < ldns_rr_list_rr_count(rr_list); i++) {
- if (rr == ldns_rr_list_rr(rr_list, i)) {
- return true;
- } else if (ldns_rr_compare(rr, ldns_rr_list_rr(rr_list, i)) == 0) {
- return true;
- }
- }
- return false;
-}
-
-bool
-ldns_is_rrset(ldns_rr_list *rr_list)
-{
- ldns_rr_type t;
- ldns_rr_class c;
- ldns_rdf *o;
- ldns_rr *tmp;
- size_t i;
-
- if (!rr_list || ldns_rr_list_rr_count(rr_list) == 0) {
- return false;
- }
-
- tmp = ldns_rr_list_rr(rr_list, 0);
-
- t = ldns_rr_get_type(tmp);
- c = ldns_rr_get_class(tmp);
- o = ldns_rr_owner(tmp);
-
- /* compare these with the rest of the rr_list, start with 1 */
- for (i = 1; i < ldns_rr_list_rr_count(rr_list); i++) {
- tmp = ldns_rr_list_rr(rr_list, i);
- if (t != ldns_rr_get_type(tmp)) {
- return false;
- }
- if (c != ldns_rr_get_class(tmp)) {
- return false;
- }
- if (ldns_rdf_compare(o, ldns_rr_owner(tmp)) != 0) {
- return false;
- }
- }
- return true;
-}
-
-bool
-ldns_rr_set_push_rr(ldns_rr_list *rr_list, ldns_rr *rr)
-{
- size_t rr_count;
- size_t i;
- ldns_rr *last;
-
- assert(rr != NULL);
-
- rr_count = ldns_rr_list_rr_count(rr_list);
-
- if (rr_count == 0) {
- /* nothing there, so checking it is
- * not needed */
- return ldns_rr_list_push_rr(rr_list, rr);
- } else {
- /* check with the final rr in the rr_list */
- last = ldns_rr_list_rr(rr_list, rr_count - 1);
-
- if (ldns_rr_get_class(last) != ldns_rr_get_class(rr)) {
- return false;
- }
- if (ldns_rr_get_type(last) != ldns_rr_get_type(rr)) {
- return false;
- }
- /* only check if not equal to RRSIG */
- if (ldns_rr_get_type(rr) != LDNS_RR_TYPE_RRSIG) {
- if (ldns_rr_ttl(last) != ldns_rr_ttl(rr)) {
- return false;
- }
- }
- if (ldns_rdf_compare(ldns_rr_owner(last),
- ldns_rr_owner(rr)) != 0) {
- return false;
- }
- /* ok, still alive - check if the rr already
- * exists - if so, dont' add it */
- for(i = 0; i < rr_count; i++) {
- if(ldns_rr_compare(
- ldns_rr_list_rr(rr_list, i), rr) == 0) {
- return false;
- }
- }
- /* it's safe, push it */
- return ldns_rr_list_push_rr(rr_list, rr);
- }
-}
-
-ldns_rr *
-ldns_rr_set_pop_rr(ldns_rr_list *rr_list)
-{
- return ldns_rr_list_pop_rr(rr_list);
-}
-
-ldns_rr_list *
-ldns_rr_list_pop_rrset(ldns_rr_list *rr_list)
-{
- ldns_rr_list *rrset;
- ldns_rr *last_rr = NULL;
- ldns_rr *next_rr;
-
- if (!rr_list) {
- return NULL;
- }
-
- rrset = ldns_rr_list_new();
- if (!last_rr) {
- last_rr = ldns_rr_list_pop_rr(rr_list);
- if (!last_rr) {
- ldns_rr_list_free(rrset);
- return NULL;
- } else {
- ldns_rr_list_push_rr(rrset, last_rr);
- }
- }
-
- if (ldns_rr_list_rr_count(rr_list) > 0) {
- next_rr = ldns_rr_list_rr(rr_list, ldns_rr_list_rr_count(rr_list) - 1);
- } else {
- next_rr = NULL;
- }
-
- while (next_rr) {
- if (
- ldns_rdf_compare(ldns_rr_owner(next_rr),
- ldns_rr_owner(last_rr)) == 0
- &&
- ldns_rr_get_type(next_rr) == ldns_rr_get_type(last_rr)
- &&
- ldns_rr_get_class(next_rr) == ldns_rr_get_class(last_rr)
- ) {
- ldns_rr_list_push_rr(rrset, ldns_rr_list_pop_rr(rr_list));
- if (ldns_rr_list_rr_count(rr_list) > 0) {
- last_rr = next_rr;
- next_rr = ldns_rr_list_rr(rr_list, ldns_rr_list_rr_count(rr_list) - 1);
- } else {
- next_rr = NULL;
- }
- } else {
- next_rr = NULL;
- }
- }
-
- return rrset;
-}
-
-ldns_rr *
-ldns_rr_clone(const ldns_rr *rr)
-{
- size_t i;
- ldns_rr *new_rr;
-
- if (!rr) {
- return NULL;
- }
-
- new_rr = ldns_rr_new();
- if (!new_rr) {
- return NULL;
- }
- if (ldns_rr_owner(rr)) {
- ldns_rr_set_owner(new_rr, ldns_rdf_clone(ldns_rr_owner(rr)));
- }
- ldns_rr_set_ttl(new_rr, ldns_rr_ttl(rr));
- ldns_rr_set_type(new_rr, ldns_rr_get_type(rr));
- ldns_rr_set_class(new_rr, ldns_rr_get_class(rr));
- ldns_rr_set_question(new_rr, ldns_rr_is_question(rr));
-
- for (i = 0; i < ldns_rr_rd_count(rr); i++) {
- if (ldns_rr_rdf(rr,i)) {
- ldns_rr_push_rdf(new_rr, ldns_rdf_clone(ldns_rr_rdf(rr, i)));
- }
- }
-
- return new_rr;
-}
-
-ldns_rr_list *
-ldns_rr_list_clone(const ldns_rr_list *rrlist)
-{
- size_t i;
- ldns_rr_list *new_list;
- ldns_rr *r;
-
- if (!rrlist) {
- return NULL;
- }
-
- new_list = ldns_rr_list_new();
- if (!new_list) {
- return NULL;
- }
- for (i = 0; i < ldns_rr_list_rr_count(rrlist); i++) {
- r = ldns_rr_clone(
- ldns_rr_list_rr(rrlist, i)
- );
- if (!r) {
- /* huh, failure in cloning */
- ldns_rr_list_deep_free(new_list);
- return NULL;
- }
- ldns_rr_list_push_rr(new_list, r);
- }
- return new_list;
-}
-
-
-int
-qsort_rr_compare(const void *a, const void *b)
-{
- const ldns_rr *rr1 = * (const ldns_rr **) a;
- const ldns_rr *rr2 = * (const ldns_rr **) b;
-
- if (rr1 == NULL && rr2 == NULL) {
- return 0;
- }
- if (rr1 == NULL) {
- return -1;
- }
- if (rr2 == NULL) {
- return 1;
- }
- return ldns_rr_compare(rr1, rr2);
-}
-
-int
-qsort_schwartz_rr_compare(const void *a, const void *b)
-{
- int result = 0;
- ldns_rr *rr1, *rr2;
- ldns_buffer *rr1_buf, *rr2_buf;
- struct ldns_schwartzian_compare_struct *sa = *(struct ldns_schwartzian_compare_struct **) a;
- struct ldns_schwartzian_compare_struct *sb = *(struct ldns_schwartzian_compare_struct **) b;
- /* if we are doing 2wire, we need to do lowercasing on the dname (and maybe on the rdata)
- * this must be done for comparison only, so we need to have a temp var for both buffers,
- * which is only used when the transformed object value isn't there yet
- */
- ldns_rr *canonical_a, *canonical_b;
-
- rr1 = (ldns_rr *) sa->original_object;
- rr2 = (ldns_rr *) sb->original_object;
-
- result = ldns_rr_compare_no_rdata(rr1, rr2);
-
- if (result == 0) {
- if (!sa->transformed_object) {
- canonical_a = ldns_rr_clone(sa->original_object);
- ldns_rr2canonical(canonical_a);
- sa->transformed_object = ldns_buffer_new(ldns_rr_uncompressed_size(canonical_a));
- if (ldns_rr2buffer_wire(sa->transformed_object, canonical_a, LDNS_SECTION_ANY) != LDNS_STATUS_OK) {
- ldns_buffer_free((ldns_buffer *)sa->transformed_object);
- sa->transformed_object = NULL;
- ldns_rr_free(canonical_a);
- return 0;
- }
- ldns_rr_free(canonical_a);
- }
- if (!sb->transformed_object) {
- canonical_b = ldns_rr_clone(sb->original_object);
- ldns_rr2canonical(canonical_b);
- sb->transformed_object = ldns_buffer_new(ldns_rr_uncompressed_size(canonical_b));
- if (ldns_rr2buffer_wire(sb->transformed_object, canonical_b, LDNS_SECTION_ANY) != LDNS_STATUS_OK) {
- ldns_buffer_free((ldns_buffer *)sa->transformed_object);
- ldns_buffer_free((ldns_buffer *)sb->transformed_object);
- sa->transformed_object = NULL;
- sb->transformed_object = NULL;
- ldns_rr_free(canonical_b);
- return 0;
- }
- ldns_rr_free(canonical_b);
- }
- rr1_buf = (ldns_buffer *) sa->transformed_object;
- rr2_buf = (ldns_buffer *) sb->transformed_object;
-
- result = ldns_rr_compare_wire(rr1_buf, rr2_buf);
- }
-
- return result;
-}
-
-void
-ldns_rr_list_sort(ldns_rr_list *unsorted)
-{
- struct ldns_schwartzian_compare_struct **sortables;
- size_t item_count;
- size_t i;
-
- if (unsorted) {
- item_count = ldns_rr_list_rr_count(unsorted);
-
- sortables = LDNS_XMALLOC(struct ldns_schwartzian_compare_struct *,
- item_count);
- if(!sortables) return; /* no way to return error */
- for (i = 0; i < item_count; i++) {
- sortables[i] = LDNS_XMALLOC(struct ldns_schwartzian_compare_struct, 1);
- if(!sortables[i]) {
- /* free the allocated parts */
- while(i>0) {
- i--;
- LDNS_FREE(sortables[i]);
- }
- /* no way to return error */
- return;
- }
- sortables[i]->original_object = ldns_rr_list_rr(unsorted, i);
- sortables[i]->transformed_object = NULL;
- }
- qsort(sortables,
- item_count,
- sizeof(struct ldns_schwartzian_compare_struct *),
- qsort_schwartz_rr_compare);
- for (i = 0; i < item_count; i++) {
- unsorted->_rrs[i] = sortables[i]->original_object;
- if (sortables[i]->transformed_object) {
- ldns_buffer_free(sortables[i]->transformed_object);
- }
- LDNS_FREE(sortables[i]);
- }
- LDNS_FREE(sortables);
- }
-}
-
-int
-ldns_rr_compare_no_rdata(const ldns_rr *rr1, const ldns_rr *rr2)
-{
- size_t rr1_len;
- size_t rr2_len;
- size_t offset;
-
- assert(rr1 != NULL);
- assert(rr2 != NULL);
-
- rr1_len = ldns_rr_uncompressed_size(rr1);
- rr2_len = ldns_rr_uncompressed_size(rr2);
-
- if (ldns_dname_compare(ldns_rr_owner(rr1), ldns_rr_owner(rr2)) < 0) {
- return -1;
- } else if (ldns_dname_compare(ldns_rr_owner(rr1), ldns_rr_owner(rr2)) > 0) {
- return 1;
- }
-
- /* should return -1 if rr1 comes before rr2, so need to do rr1 - rr2, not rr2 - rr1 */
- if (ldns_rr_get_class(rr1) != ldns_rr_get_class(rr2)) {
- return ldns_rr_get_class(rr1) - ldns_rr_get_class(rr2);
- }
-
- /* should return -1 if rr1 comes before rr2, so need to do rr1 - rr2, not rr2 - rr1 */
- if (ldns_rr_get_type(rr1) != ldns_rr_get_type(rr2)) {
- return ldns_rr_get_type(rr1) - ldns_rr_get_type(rr2);
- }
-
- /* offset is the owername length + ttl + type + class + rdlen == start of wire format rdata */
- offset = ldns_rdf_size(ldns_rr_owner(rr1)) + 4 + 2 + 2 + 2;
- /* if either record doesn't have any RDATA... */
- if (offset > rr1_len || offset > rr2_len) {
- if (rr1_len == rr2_len) {
- return 0;
- }
- return ((int) rr2_len - (int) rr1_len);
- }
-
- return 0;
-}
-
-int ldns_rr_compare_wire(ldns_buffer *rr1_buf, ldns_buffer *rr2_buf)
-{
- size_t rr1_len, rr2_len, min_len, i, offset;
-
- rr1_len = ldns_buffer_capacity(rr1_buf);
- rr2_len = ldns_buffer_capacity(rr2_buf);
-
- /* jump past dname (checked in earlier part)
- * and especially past TTL */
- offset = 0;
- while (offset < rr1_len && *ldns_buffer_at(rr1_buf, offset) != 0) {
- offset += *ldns_buffer_at(rr1_buf, offset) + 1;
- }
- /* jump to rdata section (PAST the rdata length field, otherwise
- rrs with different lengths might be sorted erroneously */
- offset += 11;
- min_len = (rr1_len < rr2_len) ? rr1_len : rr2_len;
- /* Compare RRs RDATA byte for byte. */
- for(i = offset; i < min_len; i++) {
- if (*ldns_buffer_at(rr1_buf,i) < *ldns_buffer_at(rr2_buf,i)) {
- return -1;
- } else if (*ldns_buffer_at(rr1_buf,i) > *ldns_buffer_at(rr2_buf,i)) {
- return +1;
- }
- }
-
- /* If both RDATAs are the same up to min_len, then the shorter one sorts first. */
- if (rr1_len < rr2_len) {
- return -1;
- } else if (rr1_len > rr2_len) {
- return +1;
- }
- /* The RDATAs are equal. */
- return 0;
-
-}
-
-int
-ldns_rr_compare(const ldns_rr *rr1, const ldns_rr *rr2)
-{
- int result;
- size_t rr1_len, rr2_len;
-
- ldns_buffer *rr1_buf;
- ldns_buffer *rr2_buf;
-
- result = ldns_rr_compare_no_rdata(rr1, rr2);
- if (result == 0) {
- rr1_len = ldns_rr_uncompressed_size(rr1);
- rr2_len = ldns_rr_uncompressed_size(rr2);
-
- rr1_buf = ldns_buffer_new(rr1_len);
- rr2_buf = ldns_buffer_new(rr2_len);
-
- if (ldns_rr2buffer_wire_canonical(rr1_buf,
- rr1,
- LDNS_SECTION_ANY)
- != LDNS_STATUS_OK) {
- ldns_buffer_free(rr1_buf);
- ldns_buffer_free(rr2_buf);
- return 0;
- }
- if (ldns_rr2buffer_wire_canonical(rr2_buf,
- rr2,
- LDNS_SECTION_ANY)
- != LDNS_STATUS_OK) {
- ldns_buffer_free(rr1_buf);
- ldns_buffer_free(rr2_buf);
- return 0;
- }
-
- result = ldns_rr_compare_wire(rr1_buf, rr2_buf);
-
- ldns_buffer_free(rr1_buf);
- ldns_buffer_free(rr2_buf);
- }
-
- return result;
-}
-
-/* convert dnskey to a ds with the given algorithm,
- * then compare the result with the given ds */
-static int
-ldns_rr_compare_ds_dnskey(ldns_rr *ds,
- ldns_rr *dnskey)
-{
- ldns_rr *ds_gen;
- bool result = false;
- ldns_hash algo;
-
- if (!dnskey || !ds ||
- ldns_rr_get_type(ds) != LDNS_RR_TYPE_DS ||
- ldns_rr_get_type(dnskey) != LDNS_RR_TYPE_DNSKEY) {
- return false;
- }
-
-algo = ldns_rdf2native_int8(ldns_rr_rdf(ds, 2));
-
- ds_gen = ldns_key_rr2ds(dnskey, algo);
- if (ds_gen) {
- result = ldns_rr_compare(ds, ds_gen) == 0;
- ldns_rr_free(ds_gen);
- }
- return result;
-}
-
-bool
-ldns_rr_compare_ds(const ldns_rr *orr1, const ldns_rr *orr2)
-{
- bool result;
- ldns_rr *rr1 = ldns_rr_clone(orr1);
- ldns_rr *rr2 = ldns_rr_clone(orr2);
-
- /* set ttls to zero */
- ldns_rr_set_ttl(rr1, 0);
- ldns_rr_set_ttl(rr2, 0);
-
- if (ldns_rr_get_type(rr1) == LDNS_RR_TYPE_DS &&
- ldns_rr_get_type(rr2) == LDNS_RR_TYPE_DNSKEY) {
- result = ldns_rr_compare_ds_dnskey(rr1, rr2);
- } else if (ldns_rr_get_type(rr1) == LDNS_RR_TYPE_DNSKEY &&
- ldns_rr_get_type(rr2) == LDNS_RR_TYPE_DS) {
- result = ldns_rr_compare_ds_dnskey(rr2, rr1);
- } else {
- result = (ldns_rr_compare(rr1, rr2) == 0);
- }
-
- ldns_rr_free(rr1);
- ldns_rr_free(rr2);
-
- return result;
-}
-
-int
-ldns_rr_list_compare(const ldns_rr_list *rrl1, const ldns_rr_list *rrl2)
-{
- size_t i = 0;
- int rr_cmp;
-
- assert(rrl1 != NULL);
- assert(rrl2 != NULL);
-
- for (i = 0; i < ldns_rr_list_rr_count(rrl1) && i < ldns_rr_list_rr_count(rrl2); i++) {
- rr_cmp = ldns_rr_compare(ldns_rr_list_rr(rrl1, i), ldns_rr_list_rr(rrl2, i));
- if (rr_cmp != 0) {
- return rr_cmp;
- }
- }
-
- if (i == ldns_rr_list_rr_count(rrl1) &&
- i != ldns_rr_list_rr_count(rrl2)) {
- return 1;
- } else if (i == ldns_rr_list_rr_count(rrl2) &&
- i != ldns_rr_list_rr_count(rrl1)) {
- return -1;
- } else {
- return 0;
- }
-}
-
-size_t
-ldns_rr_uncompressed_size(const ldns_rr *r)
-{
- size_t rrsize;
- size_t i;
-
- rrsize = 0;
- /* add all the rdf sizes */
- for(i = 0; i < ldns_rr_rd_count(r); i++) {
- rrsize += ldns_rdf_size(ldns_rr_rdf(r, i));
- }
- /* ownername */
- rrsize += ldns_rdf_size(ldns_rr_owner(r));
- rrsize += LDNS_RR_OVERHEAD;
- return rrsize;
-}
-
-void
-ldns_rr2canonical(ldns_rr *rr)
-{
- uint16_t i;
-
- if (!rr) {
- return;
- }
-
- ldns_dname2canonical(ldns_rr_owner(rr));
-
- /*
- * lowercase the rdata dnames if the rr type is one
- * of the list in chapter 7 of RFC3597
- */
- switch(ldns_rr_get_type(rr)) {
- case LDNS_RR_TYPE_NS:
- case LDNS_RR_TYPE_MD:
- case LDNS_RR_TYPE_MF:
- case LDNS_RR_TYPE_CNAME:
- case LDNS_RR_TYPE_SOA:
- case LDNS_RR_TYPE_MB:
- case LDNS_RR_TYPE_MG:
- case LDNS_RR_TYPE_MR:
- case LDNS_RR_TYPE_PTR:
- case LDNS_RR_TYPE_HINFO:
- case LDNS_RR_TYPE_MINFO:
- case LDNS_RR_TYPE_MX:
- case LDNS_RR_TYPE_RP:
- case LDNS_RR_TYPE_AFSDB:
- case LDNS_RR_TYPE_RT:
- case LDNS_RR_TYPE_SIG:
- case LDNS_RR_TYPE_PX:
- case LDNS_RR_TYPE_NXT:
- case LDNS_RR_TYPE_NAPTR:
- case LDNS_RR_TYPE_KX:
- case LDNS_RR_TYPE_SRV:
- case LDNS_RR_TYPE_DNAME:
- case LDNS_RR_TYPE_A6:
- for (i = 0; i < ldns_rr_rd_count(rr); i++) {
- ldns_dname2canonical(ldns_rr_rdf(rr, i));
- }
- return;
- default:
- /* do nothing */
- return;
- }
-}
-
-void
-ldns_rr_list2canonical(ldns_rr_list *rr_list)
-{
- size_t i;
- for (i = 0; i < ldns_rr_list_rr_count(rr_list); i++) {
- ldns_rr2canonical(ldns_rr_list_rr(rr_list, i));
- }
-}
-
-uint8_t
-ldns_rr_label_count(ldns_rr *rr)
-{
- if (!rr) {
- return 0;
- }
- return ldns_dname_label_count(
- ldns_rr_owner(rr));
-}
-
-/** \cond */
-static const ldns_rdf_type type_0_wireformat[] = { LDNS_RDF_TYPE_UNKNOWN };
-static const ldns_rdf_type type_a_wireformat[] = { LDNS_RDF_TYPE_A };
-static const ldns_rdf_type type_ns_wireformat[] = { LDNS_RDF_TYPE_DNAME };
-static const ldns_rdf_type type_md_wireformat[] = { LDNS_RDF_TYPE_DNAME };
-static const ldns_rdf_type type_mf_wireformat[] = { LDNS_RDF_TYPE_DNAME };
-static const ldns_rdf_type type_cname_wireformat[] = { LDNS_RDF_TYPE_DNAME };
-static const ldns_rdf_type type_soa_wireformat[] = {
- LDNS_RDF_TYPE_DNAME, LDNS_RDF_TYPE_DNAME, LDNS_RDF_TYPE_INT32,
- LDNS_RDF_TYPE_PERIOD, LDNS_RDF_TYPE_PERIOD, LDNS_RDF_TYPE_PERIOD,
- LDNS_RDF_TYPE_PERIOD
-};
-static const ldns_rdf_type type_mb_wireformat[] = { LDNS_RDF_TYPE_DNAME };
-static const ldns_rdf_type type_mg_wireformat[] = { LDNS_RDF_TYPE_DNAME };
-static const ldns_rdf_type type_mr_wireformat[] = { LDNS_RDF_TYPE_DNAME };
-static const ldns_rdf_type type_wks_wireformat[] = {
- LDNS_RDF_TYPE_A, LDNS_RDF_TYPE_WKS
-};
-static const ldns_rdf_type type_ptr_wireformat[] = { LDNS_RDF_TYPE_DNAME };
-static const ldns_rdf_type type_hinfo_wireformat[] = {
- LDNS_RDF_TYPE_STR, LDNS_RDF_TYPE_STR
-};
-static const ldns_rdf_type type_minfo_wireformat[] = {
- LDNS_RDF_TYPE_DNAME, LDNS_RDF_TYPE_DNAME
-};
-static const ldns_rdf_type type_mx_wireformat[] = {
- LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_DNAME
-};
-static const ldns_rdf_type type_rp_wireformat[] = {
- LDNS_RDF_TYPE_DNAME, LDNS_RDF_TYPE_DNAME
-};
-static const ldns_rdf_type type_afsdb_wireformat[] = {
- LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_DNAME
-};
-static const ldns_rdf_type type_x25_wireformat[] = { LDNS_RDF_TYPE_STR };
-static const ldns_rdf_type type_isdn_wireformat[] = {
- LDNS_RDF_TYPE_STR, LDNS_RDF_TYPE_STR
-};
-static const ldns_rdf_type type_rt_wireformat[] = {
- LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_DNAME
-};
-static const ldns_rdf_type type_nsap_wireformat[] = {
- LDNS_RDF_TYPE_NSAP
-};
-static const ldns_rdf_type type_nsap_ptr_wireformat[] = {
- LDNS_RDF_TYPE_STR
-};
-static const ldns_rdf_type type_sig_wireformat[] = {
- LDNS_RDF_TYPE_TYPE, LDNS_RDF_TYPE_ALG, LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_INT32,
- LDNS_RDF_TYPE_TIME, LDNS_RDF_TYPE_TIME, LDNS_RDF_TYPE_INT16,
- LDNS_RDF_TYPE_DNAME, LDNS_RDF_TYPE_B64
-};
-static const ldns_rdf_type type_key_wireformat[] = {
- LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_B64
-};
-static const ldns_rdf_type type_px_wireformat[] = {
- LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_DNAME, LDNS_RDF_TYPE_DNAME
-};
-static const ldns_rdf_type type_gpos_wireformat[] = {
- LDNS_RDF_TYPE_STR,
- LDNS_RDF_TYPE_STR,
- LDNS_RDF_TYPE_STR
-};
-static const ldns_rdf_type type_aaaa_wireformat[] = { LDNS_RDF_TYPE_AAAA };
-static const ldns_rdf_type type_loc_wireformat[] = { LDNS_RDF_TYPE_LOC };
-static const ldns_rdf_type type_nxt_wireformat[] = {
- LDNS_RDF_TYPE_DNAME, LDNS_RDF_TYPE_UNKNOWN
-};
-static const ldns_rdf_type type_eid_wireformat[] = {
- LDNS_RDF_TYPE_HEX
-};
-static const ldns_rdf_type type_nimloc_wireformat[] = {
- LDNS_RDF_TYPE_HEX
-};
-static const ldns_rdf_type type_srv_wireformat[] = {
- LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_DNAME
-};
-static const ldns_rdf_type type_atma_wireformat[] = {
- LDNS_RDF_TYPE_ATMA
-};
-static const ldns_rdf_type type_naptr_wireformat[] = {
- LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_STR, LDNS_RDF_TYPE_STR, LDNS_RDF_TYPE_STR, LDNS_RDF_TYPE_DNAME
-};
-static const ldns_rdf_type type_kx_wireformat[] = {
- LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_DNAME
-};
-static const ldns_rdf_type type_cert_wireformat[] = {
- LDNS_RDF_TYPE_CERT_ALG, LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_ALG, LDNS_RDF_TYPE_B64
-};
-static const ldns_rdf_type type_a6_wireformat[] = { LDNS_RDF_TYPE_UNKNOWN };
-static const ldns_rdf_type type_dname_wireformat[] = { LDNS_RDF_TYPE_DNAME };
-static const ldns_rdf_type type_sink_wireformat[] = { LDNS_RDF_TYPE_INT8,
- LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_B64
-};
-static const ldns_rdf_type type_apl_wireformat[] = {
- LDNS_RDF_TYPE_APL
-};
-static const ldns_rdf_type type_ds_wireformat[] = {
- LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_ALG, LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_HEX
-};
-static const ldns_rdf_type type_sshfp_wireformat[] = {
- LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_HEX
-};
-static const ldns_rdf_type type_ipseckey_wireformat[] = {
- LDNS_RDF_TYPE_IPSECKEY
-};
-static const ldns_rdf_type type_rrsig_wireformat[] = {
- LDNS_RDF_TYPE_TYPE, LDNS_RDF_TYPE_ALG, LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_INT32,
- LDNS_RDF_TYPE_TIME, LDNS_RDF_TYPE_TIME, LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_DNAME, LDNS_RDF_TYPE_B64
-};
-static const ldns_rdf_type type_nsec_wireformat[] = {
- LDNS_RDF_TYPE_DNAME, LDNS_RDF_TYPE_NSEC
-};
-static const ldns_rdf_type type_dhcid_wireformat[] = {
- LDNS_RDF_TYPE_B64
-};
-static const ldns_rdf_type type_talink_wireformat[] = {
- LDNS_RDF_TYPE_DNAME, LDNS_RDF_TYPE_DNAME
-};
-/* nsec3 is some vars, followed by same type of data of nsec */
-static const ldns_rdf_type type_nsec3_wireformat[] = {
-/* LDNS_RDF_TYPE_NSEC3_VARS, LDNS_RDF_TYPE_NSEC3_NEXT_OWNER, LDNS_RDF_TYPE_NSEC*/
- LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_INT8, LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_NSEC3_SALT, LDNS_RDF_TYPE_NSEC3_NEXT_OWNER, LDNS_RDF_TYPE_NSEC
-};
-
-static const ldns_rdf_type type_nsec3params_wireformat[] = {
-/* LDNS_RDF_TYPE_NSEC3_PARAMS_VARS*/
- LDNS_RDF_TYPE_INT8,
- LDNS_RDF_TYPE_INT8,
- LDNS_RDF_TYPE_INT16,
- LDNS_RDF_TYPE_NSEC3_SALT
-};
-
-static const ldns_rdf_type type_dnskey_wireformat[] = {
- LDNS_RDF_TYPE_INT16,
- LDNS_RDF_TYPE_INT8,
- LDNS_RDF_TYPE_ALG,
- LDNS_RDF_TYPE_B64
-};
-static const ldns_rdf_type type_tsig_wireformat[] = {
- LDNS_RDF_TYPE_DNAME,
- LDNS_RDF_TYPE_TSIGTIME,
- LDNS_RDF_TYPE_INT16,
- LDNS_RDF_TYPE_INT16_DATA,
- LDNS_RDF_TYPE_INT16,
- LDNS_RDF_TYPE_INT16,
- LDNS_RDF_TYPE_INT16_DATA
-};
-/** \endcond */
-
-/** \cond */
-/* All RR's defined in 1035 are well known and can thus
- * be compressed. See RFC3597. These RR's are:
- * CNAME HINFO MB MD MF MG MINFO MR MX NULL NS PTR SOA TXT
- */
-static ldns_rr_descriptor rdata_field_descriptors[] = {
- /* 0 */
- { 0, NULL, 0, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 1 */
- {LDNS_RR_TYPE_A, "A", 1, 1, type_a_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 2 */
- {LDNS_RR_TYPE_NS, "NS", 1, 1, type_ns_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_COMPRESS, 1 },
- /* 3 */
- {LDNS_RR_TYPE_MD, "MD", 1, 1, type_md_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_COMPRESS, 1 },
- /* 4 */
- {LDNS_RR_TYPE_MF, "MF", 1, 1, type_mf_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_COMPRESS, 1 },
- /* 5 */
- {LDNS_RR_TYPE_CNAME, "CNAME", 1, 1, type_cname_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_COMPRESS, 1 },
- /* 6 */
- {LDNS_RR_TYPE_SOA, "SOA", 7, 7, type_soa_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_COMPRESS, 2 },
- /* 7 */
- {LDNS_RR_TYPE_MB, "MB", 1, 1, type_mb_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_COMPRESS, 1 },
- /* 8 */
- {LDNS_RR_TYPE_MG, "MG", 1, 1, type_mg_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_COMPRESS, 1 },
- /* 9 */
- {LDNS_RR_TYPE_MR, "MR", 1, 1, type_mr_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_COMPRESS, 1 },
- /* 10 */
- {LDNS_RR_TYPE_NULL, "NULL", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 11 */
- {LDNS_RR_TYPE_WKS, "WKS", 2, 2, type_wks_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 12 */
- {LDNS_RR_TYPE_PTR, "PTR", 1, 1, type_ptr_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_COMPRESS, 1 },
- /* 13 */
- {LDNS_RR_TYPE_HINFO, "HINFO", 2, 2, type_hinfo_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 14 */
- {LDNS_RR_TYPE_MINFO, "MINFO", 2, 2, type_minfo_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_COMPRESS, 2 },
- /* 15 */
- {LDNS_RR_TYPE_MX, "MX", 2, 2, type_mx_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_COMPRESS, 1 },
- /* 16 */
- {LDNS_RR_TYPE_TXT, "TXT", 1, 0, NULL, LDNS_RDF_TYPE_STR, LDNS_RR_NO_COMPRESS, 0 },
- /* 17 */
- {LDNS_RR_TYPE_RP, "RP", 2, 2, type_rp_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 2 },
- /* 18 */
- {LDNS_RR_TYPE_AFSDB, "AFSDB", 2, 2, type_afsdb_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 },
- /* 19 */
- {LDNS_RR_TYPE_X25, "X25", 1, 1, type_x25_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 20 */
- {LDNS_RR_TYPE_ISDN, "ISDN", 1, 2, type_isdn_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 21 */
- {LDNS_RR_TYPE_RT, "RT", 2, 2, type_rt_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 },
- /* 22 */
- {LDNS_RR_TYPE_NSAP, "NSAP", 1, 1, type_nsap_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 23 */
- {LDNS_RR_TYPE_NSAP_PTR, "NSAP-PTR", 1, 1, type_nsap_ptr_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 24 */
- {LDNS_RR_TYPE_SIG, "SIG", 9, 9, type_sig_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 },
- /* 25 */
- {LDNS_RR_TYPE_KEY, "KEY", 4, 4, type_key_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 26 */
- {LDNS_RR_TYPE_PX, "PX", 3, 3, type_px_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 2 },
- /* 27 */
- {LDNS_RR_TYPE_GPOS, "GPOS", 1, 1, type_gpos_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 28 */
- {LDNS_RR_TYPE_AAAA, "AAAA", 1, 1, type_aaaa_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 29 */
- {LDNS_RR_TYPE_LOC, "LOC", 1, 1, type_loc_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 30 */
- {LDNS_RR_TYPE_NXT, "NXT", 2, 2, type_nxt_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 },
- /* 31 */
- {LDNS_RR_TYPE_EID, "EID", 1, 1, type_eid_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 32 */
- {LDNS_RR_TYPE_NIMLOC, "NIMLOC", 1, 1, type_nimloc_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 33 */
- {LDNS_RR_TYPE_SRV, "SRV", 4, 4, type_srv_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 },
- /* 34 */
- {LDNS_RR_TYPE_ATMA, "ATMA", 1, 1, type_atma_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 35 */
- {LDNS_RR_TYPE_NAPTR, "NAPTR", 6, 6, type_naptr_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 },
- /* 36 */
- {LDNS_RR_TYPE_KX, "KX", 2, 2, type_kx_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 },
- /* 37 */
- {LDNS_RR_TYPE_CERT, "CERT", 4, 4, type_cert_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 38 */
- {LDNS_RR_TYPE_A6, "A6", 1, 1, type_a6_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 39 */
- {LDNS_RR_TYPE_DNAME, "DNAME", 1, 1, type_dname_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 },
- /* 40 */
- {LDNS_RR_TYPE_SINK, "SINK", 1, 1, type_sink_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 41 */
- {LDNS_RR_TYPE_OPT, "OPT", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 42 */
- {LDNS_RR_TYPE_APL, "APL", 0, 0, type_apl_wireformat, LDNS_RDF_TYPE_APL, LDNS_RR_NO_COMPRESS, 0 },
- /* 43 */
- {LDNS_RR_TYPE_DS, "DS", 4, 4, type_ds_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 44 */
- {LDNS_RR_TYPE_SSHFP, "SSHFP", 3, 3, type_sshfp_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 45 */
- {LDNS_RR_TYPE_IPSECKEY, "IPSECKEY", 1, 1, type_ipseckey_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 46 */
- {LDNS_RR_TYPE_RRSIG, "RRSIG", 9, 9, type_rrsig_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 },
- /* 47 */
- {LDNS_RR_TYPE_NSEC, "NSEC", 1, 2, type_nsec_wireformat, LDNS_RDF_TYPE_NSEC, LDNS_RR_NO_COMPRESS, 1 },
- /* 48 */
- {LDNS_RR_TYPE_DNSKEY, "DNSKEY", 4, 4, type_dnskey_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 49 */
-{LDNS_RR_TYPE_DHCID, "DHCID", 1, 1, type_dhcid_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 50 */
- {LDNS_RR_TYPE_NSEC3, "NSEC3", 5, 6, type_nsec3_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 51 */
-{LDNS_RR_TYPE_NSEC3PARAMS, "NSEC3PARAM", 4, 4, type_nsec3params_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
- /* 52 */
-{LDNS_RR_TYPE_NULL, "TYPE52", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE53", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE54", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE55", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE56", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE57", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_TALINK, "TALINK", 2, 2, type_talink_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 2 },
-{LDNS_RR_TYPE_NULL, "TYPE59", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE60", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE61", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE62", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE63", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE64", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE65", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE66", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE67", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE68", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE69", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE70", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE71", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE72", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE73", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE74", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE75", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE76", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE77", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE78", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE79", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE80", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE81", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE82", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE83", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE84", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE85", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE86", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE87", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE88", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE89", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE90", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE91", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE92", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE93", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE94", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE95", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE96", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE97", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE98", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_SPF, "SPF", 1, 0, NULL, LDNS_RDF_TYPE_STR, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE100", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE101", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE102", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE103", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE104", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE105", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE106", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE107", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE108", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE109", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE110", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE111", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE112", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE113", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE114", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE115", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE116", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE117", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE118", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE119", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE120", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE121", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE122", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE123", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE124", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE125", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE126", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE127", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE128", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE129", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE130", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE131", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE132", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE133", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE134", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE135", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE136", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE137", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE138", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE139", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE140", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE141", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE142", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE143", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE144", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE145", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE146", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE147", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE148", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE149", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE150", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE151", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE152", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE153", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE154", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE155", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE156", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE157", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE158", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE159", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE160", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE161", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE162", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE163", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE164", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE165", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE166", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE167", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE168", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE169", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE170", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE171", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE172", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE173", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE174", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE175", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE176", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE177", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE178", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE179", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE180", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE181", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE182", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE183", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE184", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE185", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE186", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE187", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE188", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE189", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE190", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE191", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE192", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE193", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE194", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE195", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE196", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE197", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE198", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE199", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE200", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE201", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE202", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE203", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE204", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE205", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE206", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE207", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE208", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE209", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE210", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE211", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE212", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE213", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE214", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE215", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE216", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE217", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE218", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE219", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE220", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE221", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE222", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE223", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE224", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE225", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE226", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE227", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE228", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE229", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE230", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE231", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE232", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE233", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE234", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE235", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE236", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE237", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE238", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE239", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE240", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE241", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE242", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE243", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE244", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE245", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE246", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE247", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE248", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE249", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_TSIG, "TSIG", 8, 9, type_tsig_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-/* split in array, no longer contiguous */
-{LDNS_RR_TYPE_DLV, "DLV", 4, 4, type_ds_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }
-};
-/** \endcond */
-
-/**
- * \def LDNS_RDATA_FIELD_DESCRIPTORS_COUNT
- * computes the number of rdata fields
- */
-#define LDNS_RDATA_FIELD_DESCRIPTORS_COUNT \
- (sizeof(rdata_field_descriptors)/sizeof(rdata_field_descriptors[0]))
-
-const ldns_rr_descriptor *
-ldns_rr_descript(uint16_t type)
-{
- size_t i;
- if (type <= LDNS_RDATA_FIELD_DESCRIPTORS_COMMON) {
- return &rdata_field_descriptors[type];
- } else {
- /* because not all array index equals type code */
- for (i = LDNS_RDATA_FIELD_DESCRIPTORS_COMMON;
- i < LDNS_RDATA_FIELD_DESCRIPTORS_COUNT;
- i++) {
- if (rdata_field_descriptors[i]._type == type) {
- return &rdata_field_descriptors[i];
- }
- }
- return &rdata_field_descriptors[0];
- }
-}
-
-size_t
-ldns_rr_descriptor_minimum(const ldns_rr_descriptor *descriptor)
-{
- if (descriptor) {
- return descriptor->_minimum;
- } else {
- return 0;
- }
-}
-
-size_t
-ldns_rr_descriptor_maximum(const ldns_rr_descriptor *descriptor)
-{
- if (descriptor) {
- if (descriptor->_variable != LDNS_RDF_TYPE_NONE) {
- /* Should really be SIZE_MAX... bad FreeBSD. */
- return UINT_MAX;
- } else {
- return descriptor->_maximum;
- }
- } else {
- return 0;
- }
-}
-
-ldns_rdf_type
-ldns_rr_descriptor_field_type(const ldns_rr_descriptor *descriptor,
- size_t index)
-{
- assert(descriptor != NULL);
- assert(index < descriptor->_maximum
- || descriptor->_variable != LDNS_RDF_TYPE_NONE);
- if (index < descriptor->_maximum) {
- return descriptor->_wireformat[index];
- } else {
- return descriptor->_variable;
- }
-}
-
-ldns_rr_type
-ldns_get_rr_type_by_name(const char *name)
-{
- unsigned int i;
- const char *desc_name;
- const ldns_rr_descriptor *desc;
-
- /* TYPEXX representation */
- if (strlen(name) > 4 && strncasecmp(name, "TYPE", 4) == 0) {
- return atoi(name + 4);
- }
-
- /* Normal types */
- for (i = 0; i < (unsigned int) LDNS_RDATA_FIELD_DESCRIPTORS_COUNT; i++) {
- desc = &rdata_field_descriptors[i];
- desc_name = desc->_name;
- if(desc_name &&
- strlen(name) == strlen(desc_name) &&
- strncasecmp(name, desc_name, strlen(desc_name)) == 0) {
- /* because not all array index equals type code */
- return desc->_type;
- }
- }
-
- /* special cases for query types */
- if (strlen(name) == 4 && strncasecmp(name, "IXFR", 4) == 0) {
- return 251;
- } else if (strlen(name) == 4 && strncasecmp(name, "AXFR", 4) == 0) {
- return 252;
- } else if (strlen(name) == 5 && strncasecmp(name, "MAILB", 5) == 0) {
- return 253;
- } else if (strlen(name) == 5 && strncasecmp(name, "MAILA", 5) == 0) {
- return 254;
- } else if (strlen(name) == 3 && strncasecmp(name, "ANY", 3) == 0) {
- return 255;
- }
-
- return 0;
-}
-
-ldns_rr_class
-ldns_get_rr_class_by_name(const char *name)
-{
- ldns_lookup_table *lt;
-
- /* CLASSXX representation */
- if (strlen(name) > 5 && strncasecmp(name, "CLASS", 5) == 0) {
- return atoi(name + 5);
- }
-
- /* Normal types */
- lt = ldns_lookup_by_name(ldns_rr_classes, name);
-
- if (lt) {
- return lt->id;
- }
- return 0;
-}
-
-
-ldns_rr_type
-ldns_rdf2rr_type(const ldns_rdf *rd)
-{
- ldns_rr_type r;
-
- if (!rd) {
- return 0;
- }
-
- if (ldns_rdf_get_type(rd) != LDNS_RDF_TYPE_TYPE) {
- return 0;
- }
-
- r = (ldns_rr_type) ldns_rdf2native_int16(rd);
- return r;
-}
-
-ldns_rr_type
-ldns_rr_list_type(const ldns_rr_list *rr_list)
-{
- if (rr_list && ldns_rr_list_rr_count(rr_list) > 0) {
- return ldns_rr_get_type(ldns_rr_list_rr(rr_list, 0));
- } else {
- return 0;
- }
-}
-
-ldns_rdf *
-ldns_rr_list_owner(const ldns_rr_list *rr_list)
-{
- if (rr_list && ldns_rr_list_rr_count(rr_list) > 0) {
- return ldns_rr_owner(ldns_rr_list_rr(rr_list, 0));
- } else {
- return NULL;
- }
-}
+++ /dev/null
-/*
- * rr_function.c
- *
- * function that operate on specific rr types
- *
- * (c) NLnet Labs, 2004-2006
- * See the file LICENSE for the license
- */
-
-/*
- * These come strait from perldoc Net::DNS::RR::xxx
- * first the read variant, then the write. This is
- * not complete.
- */
-
-#include <ldns/config.h>
-
-#include <ldns/ldns.h>
-
-#include <limits.h>
-#ifdef _MSC_VER
-#include <string.h>
-#else
-#include <strings.h>
-#endif
-
-/**
- * return a specific rdf
- * \param[in] type type of RR
- * \param[in] rr the rr itself
- * \param[in] pos at which postion to get it
- * \return the rdf sought
- */
-static ldns_rdf *
-ldns_rr_function(ldns_rr_type type, const ldns_rr *rr, size_t pos)
-{
- if (!rr || ldns_rr_get_type(rr) != type) {
- return NULL;
- }
- return ldns_rr_rdf(rr, pos);
-}
-
-/**
- * set a specific rdf
- * \param[in] type type of RR
- * \param[in] rr the rr itself
- * \param[in] rdf the rdf to set
- * \param[in] pos at which postion to set it
- * \return true or false
- */
-static bool
-ldns_rr_set_function(ldns_rr_type type, ldns_rr *rr, ldns_rdf *rdf, size_t pos)
-{
- ldns_rdf *pop;
- if (!rr || ldns_rr_get_type(rr) != type) {
- return false;
- }
- pop = ldns_rr_set_rdf(rr, rdf, pos);
- ldns_rdf_deep_free(pop);
- return true;
-}
-
-/* A/AAAA records */
-ldns_rdf *
-ldns_rr_a_address(const ldns_rr *r)
-{
- /* 2 types to check, cannot use the macro */
- if (!r || (ldns_rr_get_type(r) != LDNS_RR_TYPE_A &&
- ldns_rr_get_type(r) != LDNS_RR_TYPE_AAAA)) {
- return NULL;
- }
- return ldns_rr_rdf(r, 0);
-}
-
-bool
-ldns_rr_a_set_address(ldns_rr *r, ldns_rdf *f)
-{
- /* 2 types to check, cannot use the macro... */
- ldns_rdf *pop;
- if (!r || (ldns_rr_get_type(r) != LDNS_RR_TYPE_A &&
- ldns_rr_get_type(r) != LDNS_RR_TYPE_AAAA)) {
- return false;
- }
- pop = ldns_rr_set_rdf(r, f, 0);
- if (pop) {
- LDNS_FREE(pop);
- return true;
- } else {
- return false;
- }
-}
-
-/* NS record */
-ldns_rdf *
-ldns_rr_ns_nsdname(const ldns_rr *r)
-{
- return ldns_rr_function(LDNS_RR_TYPE_NS, r, 0);
-}
-
-/* MX record */
-ldns_rdf *
-ldns_rr_mx_preference(const ldns_rr *r)
-{
- return ldns_rr_function(LDNS_RR_TYPE_MX, r, 0);
-}
-
-ldns_rdf *
-ldns_rr_mx_exchange(const ldns_rr *r)
-{
- return ldns_rr_function(LDNS_RR_TYPE_MX, r, 1);
-}
-
-/* RRSIG record */
-ldns_rdf *
-ldns_rr_rrsig_typecovered(const ldns_rr *r)
-{
- return ldns_rr_function(LDNS_RR_TYPE_RRSIG, r, 0);
-}
-
-bool
-ldns_rr_rrsig_set_typecovered(ldns_rr *r, ldns_rdf *f)
-{
- return ldns_rr_set_function(LDNS_RR_TYPE_RRSIG, r, f, 0);
-}
-
-ldns_rdf *
-ldns_rr_rrsig_algorithm(const ldns_rr *r)
-{
- return ldns_rr_function(LDNS_RR_TYPE_RRSIG, r, 1);
-}
-
-bool
-ldns_rr_rrsig_set_algorithm(ldns_rr *r, ldns_rdf *f)
-{
- return ldns_rr_set_function(LDNS_RR_TYPE_RRSIG, r, f, 1);
-}
-
-ldns_rdf *
-ldns_rr_rrsig_labels(const ldns_rr *r)
-{
- return ldns_rr_function(LDNS_RR_TYPE_RRSIG, r, 2);
-}
-
-bool
-ldns_rr_rrsig_set_labels(ldns_rr *r, ldns_rdf *f)
-{
- return ldns_rr_set_function(LDNS_RR_TYPE_RRSIG, r, f, 2);
-}
-
-ldns_rdf *
-ldns_rr_rrsig_origttl(const ldns_rr *r)
-{
- return ldns_rr_function(LDNS_RR_TYPE_RRSIG, r, 3);
-}
-
-bool
-ldns_rr_rrsig_set_origttl(ldns_rr *r, ldns_rdf *f)
-{
- return ldns_rr_set_function(LDNS_RR_TYPE_RRSIG, r, f, 3);
-}
-
-ldns_rdf *
-ldns_rr_rrsig_expiration(const ldns_rr *r)
-{
- return ldns_rr_function(LDNS_RR_TYPE_RRSIG, r, 4);
-}
-
-bool
-ldns_rr_rrsig_set_expiration(ldns_rr *r, ldns_rdf *f)
-{
- return ldns_rr_set_function(LDNS_RR_TYPE_RRSIG, r, f, 4);
-}
-
-ldns_rdf *
-ldns_rr_rrsig_inception(const ldns_rr *r)
-{
- return ldns_rr_function(LDNS_RR_TYPE_RRSIG, r, 5);
-}
-
-bool
-ldns_rr_rrsig_set_inception(ldns_rr *r, ldns_rdf *f)
-{
- return ldns_rr_set_function(LDNS_RR_TYPE_RRSIG, r, f, 5);
-}
-
-ldns_rdf *
-ldns_rr_rrsig_keytag(const ldns_rr *r)
-{
- return ldns_rr_function(LDNS_RR_TYPE_RRSIG, r, 6);
-}
-
-bool
-ldns_rr_rrsig_set_keytag(ldns_rr *r, ldns_rdf *f)
-{
- return ldns_rr_set_function(LDNS_RR_TYPE_RRSIG, r, f, 6);
-}
-
-ldns_rdf *
-ldns_rr_rrsig_signame(const ldns_rr *r)
-{
- return ldns_rr_function(LDNS_RR_TYPE_RRSIG, r, 7);
-}
-
-bool
-ldns_rr_rrsig_set_signame(ldns_rr *r, ldns_rdf *f)
-{
- return ldns_rr_set_function(LDNS_RR_TYPE_RRSIG, r, f, 7);
-}
-
-ldns_rdf *
-ldns_rr_rrsig_sig(const ldns_rr *r)
-{
- return ldns_rr_function(LDNS_RR_TYPE_RRSIG, r, 8);
-}
-
-bool
-ldns_rr_rrsig_set_sig(ldns_rr *r, ldns_rdf *f)
-{
- return ldns_rr_set_function(LDNS_RR_TYPE_RRSIG, r, f, 8);
-}
-
-/* DNSKEY record */
-ldns_rdf *
-ldns_rr_dnskey_flags(const ldns_rr *r)
-{
- return ldns_rr_function(LDNS_RR_TYPE_DNSKEY, r, 0);
-}
-
-bool
-ldns_rr_dnskey_set_flags(ldns_rr *r, ldns_rdf *f)
-{
- return ldns_rr_set_function(LDNS_RR_TYPE_DNSKEY, r, f, 0);
-}
-
-ldns_rdf *
-ldns_rr_dnskey_protocol(const ldns_rr *r)
-{
- return ldns_rr_function(LDNS_RR_TYPE_DNSKEY, r, 1);
-}
-
-bool
-ldns_rr_dnskey_set_protocol(ldns_rr *r, ldns_rdf *f)
-{
- return ldns_rr_set_function(LDNS_RR_TYPE_DNSKEY, r, f, 1);
-}
-
-ldns_rdf *
-ldns_rr_dnskey_algorithm(const ldns_rr *r)
-{
- return ldns_rr_function(LDNS_RR_TYPE_DNSKEY, r, 2);
-}
-
-bool
-ldns_rr_dnskey_set_algorithm(ldns_rr *r, ldns_rdf *f)
-{
- return ldns_rr_set_function(LDNS_RR_TYPE_DNSKEY, r, f, 2);
-}
-
-ldns_rdf *
-ldns_rr_dnskey_key(const ldns_rr *r)
-{
- return ldns_rr_function(LDNS_RR_TYPE_DNSKEY, r, 3);
-}
-
-bool
-ldns_rr_dnskey_set_key(ldns_rr *r, ldns_rdf *f)
-{
- return ldns_rr_set_function(LDNS_RR_TYPE_DNSKEY, r, f, 3);
-}
-
-size_t
-ldns_rr_dnskey_key_size_raw(const unsigned char* keydata,
- const size_t len,
- const ldns_algorithm alg)
-{
- /* for DSA keys */
- uint8_t t;
-
- /* for RSA keys */
- uint16_t exp;
- uint16_t int16;
-
- switch ((ldns_signing_algorithm)alg) {
- case LDNS_SIGN_DSA:
- case LDNS_SIGN_DSA_NSEC3:
- if (len > 0) {
- t = keydata[0];
- return (64 + t*8)*8;
- } else {
- return 0;
- }
- break;
- case LDNS_SIGN_RSAMD5:
- case LDNS_SIGN_RSASHA1:
- case LDNS_SIGN_RSASHA1_NSEC3:
-#ifdef USE_SHA2
- case LDNS_SIGN_RSASHA256:
- case LDNS_SIGN_RSASHA512:
-#endif
- if (len > 0) {
- if (keydata[0] == 0) {
- /* big exponent */
- if (len > 3) {
- memmove(&int16, keydata + 1, 2);
- exp = ntohs(int16);
- return (len - exp - 3)*8;
- } else {
- return 0;
- }
- } else {
- exp = keydata[0];
- return (len-exp-1)*8;
- }
- } else {
- return 0;
- }
- break;
-#ifdef USE_GOST
- case LDNS_SIGN_ECC_GOST:
- return 512;
-#endif
-#ifdef USE_ECDSA
- case LDNS_SIGN_ECDSAP256SHA256:
- return 256;
- case LDNS_SIGN_ECDSAP384SHA384:
- return 384;
-#endif
- case LDNS_SIGN_HMACMD5:
- return len;
- default:
- return 0;
- }
-}
-
-size_t
-ldns_rr_dnskey_key_size(const ldns_rr *key)
-{
- if (!key) {
- return 0;
- }
- return ldns_rr_dnskey_key_size_raw((unsigned char*)ldns_rdf_data(ldns_rr_dnskey_key(key)),
- ldns_rdf_size(ldns_rr_dnskey_key(key)),
- ldns_rdf2native_int8(ldns_rr_dnskey_algorithm(key))
- );
-}
+++ /dev/null
-/*
- * modified for ldns by Jelte Jansen, original taken from OpenBSD:
- *
- * SHA-1 in C
- * By Steve Reid <steve@edmweb.com>
- * 100% Public Domain
- *
- * Test Vectors (from FIPS PUB 180-1)
- * "abc"
- * A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D
- * "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
- * 84983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F1
- * A million repetitions of "a"
- * 34AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F
-*/
-
-/* #define LITTLE_ENDIAN * This should be #define'd already, if true. */
-/* #define SHA1HANDSOFF * Copies data before messing with it. */
-
-#include <ldns/config.h>
-#include <ldns/ldns.h>
-#ifdef _MSC_VER
-#include <string.h>
-#else
-#include <strings.h>
-#endif
-
-#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))
-
-/* blk0() and blk() perform the initial expand. */
-/* I got the idea of expanding during the round function from SSLeay */
-#if BYTE_ORDER == LITTLE_ENDIAN
-#define blk0(i) (block->l[i] = (rol(block->l[i],24)&0xFF00FF00) \
- |(rol(block->l[i],8)&0x00FF00FF))
-#else
-#define blk0(i) block->l[i]
-#endif
-#define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] \
- ^block->l[(i+2)&15]^block->l[i&15],1))
-
-/* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */
-#define R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30);
-#define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30);
-#define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30);
-#define R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30);
-#define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30);
-
-/* Hash a single 512-bit block. This is the core of the algorithm. */
-
-void
-ldns_sha1_transform(uint32_t state[5], const unsigned char buffer[LDNS_SHA1_BLOCK_LENGTH])
-{
- uint32_t a, b, c, d, e;
- typedef union {
- unsigned char c[64];
- unsigned int l[16];
- } CHAR64LONG16;
- CHAR64LONG16* block;
-#ifdef SHA1HANDSOFF
- unsigned char workspace[LDNS_SHA1_BLOCK_LENGTH];
-
- block = (CHAR64LONG16 *)workspace;
- memmove(block, buffer, LDNS_SHA1_BLOCK_LENGTH);
-#else
- block = (CHAR64LONG16 *)buffer;
-#endif
- /* Copy context->state[] to working vars */
- a = state[0];
- b = state[1];
- c = state[2];
- d = state[3];
- e = state[4];
-
- /* 4 rounds of 20 operations each. Loop unrolled. */
- R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
- R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
- R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
- R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
- R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
- R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
- R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
- R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
- R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
- R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
- R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
- R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
- R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
- R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
- R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
- R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
- R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
- R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
- R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
- R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
-
- /* Add the working vars back into context.state[] */
- state[0] += a;
- state[1] += b;
- state[2] += c;
- state[3] += d;
- state[4] += e;
- /* Wipe variables */
- a = b = c = d = e = 0;
-}
-
-
-/* SHA1Init - Initialize new context */
-
-void
-ldns_sha1_init(ldns_sha1_ctx *context)
-{
- /* SHA1 initialization constants */
- context->count = 0;
- context->state[0] = 0x67452301;
- context->state[1] = 0xEFCDAB89;
- context->state[2] = 0x98BADCFE;
- context->state[3] = 0x10325476;
- context->state[4] = 0xC3D2E1F0;
-}
-
-
-/* Run your data through this. */
-
-void
-ldns_sha1_update(ldns_sha1_ctx *context, const unsigned char *data, unsigned int len)
-{
- unsigned int i;
- unsigned int j;
-
- j = (unsigned)(uint32_t)((context->count >> 3) & 63);
- context->count += (len << 3);
- if ((j + len) > 63) {
- memmove(&context->buffer[j], data, (i = 64 - j));
- ldns_sha1_transform(context->state, context->buffer);
- for ( ; i + 63 < len; i += 64) {
- ldns_sha1_transform(context->state, &data[i]);
- }
- j = 0;
- }
- else i = 0;
- memmove(&context->buffer[j], &data[i], len - i);
-}
-
-
-/* Add padding and return the message digest. */
-
-void
-ldns_sha1_final(unsigned char digest[LDNS_SHA1_DIGEST_LENGTH], ldns_sha1_ctx *context)
-{
- unsigned int i;
- unsigned char finalcount[8];
-
- for (i = 0; i < 8; i++) {
- finalcount[i] = (unsigned char)((context->count >>
- ((7 - (i & 7)) * 8)) & 255); /* Endian independent */
- }
- ldns_sha1_update(context, (unsigned char *)"\200", 1);
- while ((context->count & 504) != 448) {
- ldns_sha1_update(context, (unsigned char *)"\0", 1);
- }
- ldns_sha1_update(context, finalcount, 8); /* Should cause a SHA1Transform() */
-
- if (digest != NULL)
- for (i = 0; i < LDNS_SHA1_DIGEST_LENGTH; i++) {
- digest[i] = (unsigned char)((context->state[i >> 2] >>
- ((3 - (i & 3)) * 8)) & 255);
- }
-#ifdef SHA1HANDSOFF /* make SHA1Transform overwrite its own static vars */
- ldns_sha1_transform(context->state, context->buffer);
-#endif
-}
-
-unsigned char *
-ldns_sha1(unsigned char *data, unsigned int data_len, unsigned char *digest)
-{
- ldns_sha1_ctx ctx;
- ldns_sha1_init(&ctx);
- ldns_sha1_update(&ctx, data, data_len);
- ldns_sha1_final(digest, &ctx);
- return digest;
-}
+++ /dev/null
-/*
- * FILE: sha2.c
- * AUTHOR: Aaron D. Gifford - http://www.aarongifford.com/
- *
- * Copyright (c) 2000-2001, Aaron D. Gifford
- * All rights reserved.
- *
- * Modified by Jelte Jansen to fit in ldns, and not clash with any
- * system-defined SHA code.
- * Changes:
- * - Renamed (external) functions and constants to fit ldns style
- * - Removed _End and _Data functions
- * - Added ldns_shaX(data, len, digest) convenience functions
- * - Removed prototypes of _Transform functions and made those static
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the copyright holder nor the names of contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTOR(S) ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTOR(S) BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * $Id: sha2.c,v 1.1 2001/11/08 00:01:51 adg Exp adg $
- */
-
-#include <ldns/config.h>
-#include <string.h> /* memcpy()/memset() or bcopy()/bzero() */
-#include <assert.h> /* assert() */
-#include <ldns/sha2.h>
-
-/*
- * ASSERT NOTE:
- * Some sanity checking code is included using assert(). On my FreeBSD
- * system, this additional code can be removed by compiling with NDEBUG
- * defined. Check your own systems manpage on assert() to see how to
- * compile WITHOUT the sanity checking code on your system.
- *
- * UNROLLED TRANSFORM LOOP NOTE:
- * You can define SHA2_UNROLL_TRANSFORM to use the unrolled transform
- * loop version for the hash transform rounds (defined using macros
- * later in this file). Either define on the command line, for example:
- *
- * cc -DSHA2_UNROLL_TRANSFORM -o sha2 sha2.c sha2prog.c
- *
- * or define below:
- *
- * #define SHA2_UNROLL_TRANSFORM
- *
- */
-
-
-/*** SHA-256/384/512 Machine Architecture Definitions *****************/
-/*
- * BYTE_ORDER NOTE:
- *
- * Please make sure that your system defines BYTE_ORDER. If your
- * architecture is little-endian, make sure it also defines
- * LITTLE_ENDIAN and that the two (BYTE_ORDER and LITTLE_ENDIAN) are
- * equivilent.
- *
- * If your system does not define the above, then you can do so by
- * hand like this:
- *
- * #define LITTLE_ENDIAN 1234
- * #define BIG_ENDIAN 4321
- *
- * And for little-endian machines, add:
- *
- * #define BYTE_ORDER LITTLE_ENDIAN
- *
- * Or for big-endian machines:
- *
- * #define BYTE_ORDER BIG_ENDIAN
- *
- * The FreeBSD machine this was written on defines BYTE_ORDER
- * appropriately by including <sys/types.h> (which in turn includes
- * <machine/endian.h> where the appropriate definitions are actually
- * made).
- */
-#if !defined(BYTE_ORDER) || (BYTE_ORDER != LITTLE_ENDIAN && BYTE_ORDER != BIG_ENDIAN)
-#error Define BYTE_ORDER to be equal to either LITTLE_ENDIAN or BIG_ENDIAN
-#endif
-
-typedef uint8_t sha2_byte; /* Exactly 1 byte */
-typedef uint32_t sha2_word32; /* Exactly 4 bytes */
-#ifdef S_SPLINT_S
-typedef unsigned long long sha2_word64; /* lint 8 bytes */
-#else
-typedef uint64_t sha2_word64; /* Exactly 8 bytes */
-#endif
-
-/*** SHA-256/384/512 Various Length Definitions ***********************/
-/* NOTE: Most of these are in sha2.h */
-#define ldns_sha256_SHORT_BLOCK_LENGTH (LDNS_SHA256_BLOCK_LENGTH - 8)
-#define ldns_sha384_SHORT_BLOCK_LENGTH (LDNS_SHA384_BLOCK_LENGTH - 16)
-#define ldns_sha512_SHORT_BLOCK_LENGTH (LDNS_SHA512_BLOCK_LENGTH - 16)
-
-
-/*** ENDIAN REVERSAL MACROS *******************************************/
-#if BYTE_ORDER == LITTLE_ENDIAN
-#define REVERSE32(w,x) { \
- sha2_word32 tmp = (w); \
- tmp = (tmp >> 16) | (tmp << 16); \
- (x) = ((tmp & 0xff00ff00UL) >> 8) | ((tmp & 0x00ff00ffUL) << 8); \
-}
-#ifndef S_SPLINT_S
-#define REVERSE64(w,x) { \
- sha2_word64 tmp = (w); \
- tmp = (tmp >> 32) | (tmp << 32); \
- tmp = ((tmp & 0xff00ff00ff00ff00ULL) >> 8) | \
- ((tmp & 0x00ff00ff00ff00ffULL) << 8); \
- (x) = ((tmp & 0xffff0000ffff0000ULL) >> 16) | \
- ((tmp & 0x0000ffff0000ffffULL) << 16); \
-}
-#else /* splint */
-#define REVERSE64(w,x) /* splint */
-#endif /* splint */
-#endif /* BYTE_ORDER == LITTLE_ENDIAN */
-
-/*
- * Macro for incrementally adding the unsigned 64-bit integer n to the
- * unsigned 128-bit integer (represented using a two-element array of
- * 64-bit words):
- */
-#define ADDINC128(w,n) { \
- (w)[0] += (sha2_word64)(n); \
- if ((w)[0] < (n)) { \
- (w)[1]++; \
- } \
-}
-#ifdef S_SPLINT_S
-#undef ADDINC128
-#define ADDINC128(w,n) /* splint */
-#endif
-
-/*
- * Macros for copying blocks of memory and for zeroing out ranges
- * of memory. Using these macros makes it easy to switch from
- * using memset()/memcpy() and using bzero()/bcopy().
- *
- * Please define either SHA2_USE_MEMSET_MEMCPY or define
- * SHA2_USE_BZERO_BCOPY depending on which function set you
- * choose to use:
- */
-#if !defined(SHA2_USE_MEMSET_MEMCPY) && !defined(SHA2_USE_BZERO_BCOPY)
-/* Default to memset()/memcpy() if no option is specified */
-#define SHA2_USE_MEMSET_MEMCPY 1
-#endif
-#if defined(SHA2_USE_MEMSET_MEMCPY) && defined(SHA2_USE_BZERO_BCOPY)
-/* Abort with an error if BOTH options are defined */
-#error Define either SHA2_USE_MEMSET_MEMCPY or SHA2_USE_BZERO_BCOPY, not both!
-#endif
-
-#ifdef SHA2_USE_MEMSET_MEMCPY
-#define MEMSET_BZERO(p,l) memset((p), 0, (l))
-#define MEMCPY_BCOPY(d,s,l) memcpy((d), (s), (l))
-#endif
-#ifdef SHA2_USE_BZERO_BCOPY
-#define MEMSET_BZERO(p,l) bzero((p), (l))
-#define MEMCPY_BCOPY(d,s,l) bcopy((s), (d), (l))
-#endif
-
-
-/*** THE SIX LOGICAL FUNCTIONS ****************************************/
-/*
- * Bit shifting and rotation (used by the six SHA-XYZ logical functions:
- *
- * NOTE: The naming of R and S appears backwards here (R is a SHIFT and
- * S is a ROTATION) because the SHA-256/384/512 description document
- * (see http://csrc.nist.gov/cryptval/shs/sha256-384-512.pdf) uses this
- * same "backwards" definition.
- */
-/* Shift-right (used in SHA-256, SHA-384, and SHA-512): */
-#define R(b,x) ((x) >> (b))
-/* 32-bit Rotate-right (used in SHA-256): */
-#define S32(b,x) (((x) >> (b)) | ((x) << (32 - (b))))
-/* 64-bit Rotate-right (used in SHA-384 and SHA-512): */
-#define S64(b,x) (((x) >> (b)) | ((x) << (64 - (b))))
-
-/* Two of six logical functions used in SHA-256, SHA-384, and SHA-512: */
-#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z)))
-#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
-
-/* Four of six logical functions used in SHA-256: */
-#define Sigma0_256(x) (S32(2, (x)) ^ S32(13, (x)) ^ S32(22, (x)))
-#define Sigma1_256(x) (S32(6, (x)) ^ S32(11, (x)) ^ S32(25, (x)))
-#define sigma0_256(x) (S32(7, (x)) ^ S32(18, (x)) ^ R(3 , (x)))
-#define sigma1_256(x) (S32(17, (x)) ^ S32(19, (x)) ^ R(10, (x)))
-
-/* Four of six logical functions used in SHA-384 and SHA-512: */
-#define Sigma0_512(x) (S64(28, (x)) ^ S64(34, (x)) ^ S64(39, (x)))
-#define Sigma1_512(x) (S64(14, (x)) ^ S64(18, (x)) ^ S64(41, (x)))
-#define sigma0_512(x) (S64( 1, (x)) ^ S64( 8, (x)) ^ R( 7, (x)))
-#define sigma1_512(x) (S64(19, (x)) ^ S64(61, (x)) ^ R( 6, (x)))
-
-/*** SHA-XYZ INITIAL HASH VALUES AND CONSTANTS ************************/
-/* Hash constant words K for SHA-256: */
-static const sha2_word32 K256[64] = {
- 0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL,
- 0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL,
- 0xd807aa98UL, 0x12835b01UL, 0x243185beUL, 0x550c7dc3UL,
- 0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL, 0xc19bf174UL,
- 0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL,
- 0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL,
- 0x983e5152UL, 0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL,
- 0xc6e00bf3UL, 0xd5a79147UL, 0x06ca6351UL, 0x14292967UL,
- 0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL, 0x53380d13UL,
- 0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL,
- 0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL,
- 0xd192e819UL, 0xd6990624UL, 0xf40e3585UL, 0x106aa070UL,
- 0x19a4c116UL, 0x1e376c08UL, 0x2748774cUL, 0x34b0bcb5UL,
- 0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL, 0x682e6ff3UL,
- 0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL,
- 0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL
-};
-
-/* initial hash value H for SHA-256: */
-static const sha2_word32 ldns_sha256_initial_hash_value[8] = {
- 0x6a09e667UL,
- 0xbb67ae85UL,
- 0x3c6ef372UL,
- 0xa54ff53aUL,
- 0x510e527fUL,
- 0x9b05688cUL,
- 0x1f83d9abUL,
- 0x5be0cd19UL
-};
-
-/* Hash constant words K for SHA-384 and SHA-512: */
-static const sha2_word64 K512[80] = {
- 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL,
- 0xb5c0fbcfec4d3b2fULL, 0xe9b5dba58189dbbcULL,
- 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL,
- 0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL,
- 0xd807aa98a3030242ULL, 0x12835b0145706fbeULL,
- 0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL,
- 0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL,
- 0x9bdc06a725c71235ULL, 0xc19bf174cf692694ULL,
- 0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL,
- 0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL,
- 0x2de92c6f592b0275ULL, 0x4a7484aa6ea6e483ULL,
- 0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL,
- 0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL,
- 0xb00327c898fb213fULL, 0xbf597fc7beef0ee4ULL,
- 0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL,
- 0x06ca6351e003826fULL, 0x142929670a0e6e70ULL,
- 0x27b70a8546d22ffcULL, 0x2e1b21385c26c926ULL,
- 0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL,
- 0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL,
- 0x81c2c92e47edaee6ULL, 0x92722c851482353bULL,
- 0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL,
- 0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL,
- 0xd192e819d6ef5218ULL, 0xd69906245565a910ULL,
- 0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL,
- 0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL,
- 0x2748774cdf8eeb99ULL, 0x34b0bcb5e19b48a8ULL,
- 0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL,
- 0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL,
- 0x748f82ee5defb2fcULL, 0x78a5636f43172f60ULL,
- 0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL,
- 0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL,
- 0xbef9a3f7b2c67915ULL, 0xc67178f2e372532bULL,
- 0xca273eceea26619cULL, 0xd186b8c721c0c207ULL,
- 0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL,
- 0x06f067aa72176fbaULL, 0x0a637dc5a2c898a6ULL,
- 0x113f9804bef90daeULL, 0x1b710b35131c471bULL,
- 0x28db77f523047d84ULL, 0x32caab7b40c72493ULL,
- 0x3c9ebe0a15c9bebcULL, 0x431d67c49c100d4cULL,
- 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL,
- 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL
-};
-
-/* initial hash value H for SHA-384 */
-static const sha2_word64 sha384_initial_hash_value[8] = {
- 0xcbbb9d5dc1059ed8ULL,
- 0x629a292a367cd507ULL,
- 0x9159015a3070dd17ULL,
- 0x152fecd8f70e5939ULL,
- 0x67332667ffc00b31ULL,
- 0x8eb44a8768581511ULL,
- 0xdb0c2e0d64f98fa7ULL,
- 0x47b5481dbefa4fa4ULL
-};
-
-/* initial hash value H for SHA-512 */
-static const sha2_word64 sha512_initial_hash_value[8] = {
- 0x6a09e667f3bcc908ULL,
- 0xbb67ae8584caa73bULL,
- 0x3c6ef372fe94f82bULL,
- 0xa54ff53a5f1d36f1ULL,
- 0x510e527fade682d1ULL,
- 0x9b05688c2b3e6c1fULL,
- 0x1f83d9abfb41bd6bULL,
- 0x5be0cd19137e2179ULL
-};
-
-/*** SHA-256: *********************************************************/
-void ldns_sha256_init(ldns_sha256_CTX* context) {
- if (context == (ldns_sha256_CTX*)0) {
- return;
- }
- MEMCPY_BCOPY(context->state, ldns_sha256_initial_hash_value, LDNS_SHA256_DIGEST_LENGTH);
- MEMSET_BZERO(context->buffer, LDNS_SHA256_BLOCK_LENGTH);
- context->bitcount = 0;
-}
-
-#ifdef SHA2_UNROLL_TRANSFORM
-
-/* Unrolled SHA-256 round macros: */
-
-#if BYTE_ORDER == LITTLE_ENDIAN
-
-#define ROUND256_0_TO_15(a,b,c,d,e,f,g,h) \
- REVERSE32(*data++, W256[j]); \
- T1 = (h) + Sigma1_256(e) + Ch((e), (f), (g)) + \
- K256[j] + W256[j]; \
- (d) += T1; \
- (h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \
- j++
-
-
-#else /* BYTE_ORDER == LITTLE_ENDIAN */
-
-#define ROUND256_0_TO_15(a,b,c,d,e,f,g,h) \
- T1 = (h) + Sigma1_256(e) + Ch((e), (f), (g)) + \
- K256[j] + (W256[j] = *data++); \
- (d) += T1; \
- (h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \
- j++
-
-#endif /* BYTE_ORDER == LITTLE_ENDIAN */
-
-#define ROUND256(a,b,c,d,e,f,g,h) \
- s0 = W256[(j+1)&0x0f]; \
- s0 = sigma0_256(s0); \
- s1 = W256[(j+14)&0x0f]; \
- s1 = sigma1_256(s1); \
- T1 = (h) + Sigma1_256(e) + Ch((e), (f), (g)) + K256[j] + \
- (W256[j&0x0f] += s1 + W256[(j+9)&0x0f] + s0); \
- (d) += T1; \
- (h) = T1 + Sigma0_256(a) + Maj((a), (b), (c)); \
- j++
-
-static void ldns_sha256_Transform(ldns_sha256_CTX* context,
- const sha2_word32* data) {
- sha2_word32 a, b, c, d, e, f, g, h, s0, s1;
- sha2_word32 T1, *W256;
- int j;
-
- W256 = (sha2_word32*)context->buffer;
-
- /* initialize registers with the prev. intermediate value */
- a = context->state[0];
- b = context->state[1];
- c = context->state[2];
- d = context->state[3];
- e = context->state[4];
- f = context->state[5];
- g = context->state[6];
- h = context->state[7];
-
- j = 0;
- do {
- /* Rounds 0 to 15 (unrolled): */
- ROUND256_0_TO_15(a,b,c,d,e,f,g,h);
- ROUND256_0_TO_15(h,a,b,c,d,e,f,g);
- ROUND256_0_TO_15(g,h,a,b,c,d,e,f);
- ROUND256_0_TO_15(f,g,h,a,b,c,d,e);
- ROUND256_0_TO_15(e,f,g,h,a,b,c,d);
- ROUND256_0_TO_15(d,e,f,g,h,a,b,c);
- ROUND256_0_TO_15(c,d,e,f,g,h,a,b);
- ROUND256_0_TO_15(b,c,d,e,f,g,h,a);
- } while (j < 16);
-
- /* Now for the remaining rounds to 64: */
- do {
- ROUND256(a,b,c,d,e,f,g,h);
- ROUND256(h,a,b,c,d,e,f,g);
- ROUND256(g,h,a,b,c,d,e,f);
- ROUND256(f,g,h,a,b,c,d,e);
- ROUND256(e,f,g,h,a,b,c,d);
- ROUND256(d,e,f,g,h,a,b,c);
- ROUND256(c,d,e,f,g,h,a,b);
- ROUND256(b,c,d,e,f,g,h,a);
- } while (j < 64);
-
- /* Compute the current intermediate hash value */
- context->state[0] += a;
- context->state[1] += b;
- context->state[2] += c;
- context->state[3] += d;
- context->state[4] += e;
- context->state[5] += f;
- context->state[6] += g;
- context->state[7] += h;
-
- /* Clean up */
- a = b = c = d = e = f = g = h = T1 = 0;
-}
-
-#else /* SHA2_UNROLL_TRANSFORM */
-
-static void ldns_sha256_Transform(ldns_sha256_CTX* context,
- const sha2_word32* data) {
- sha2_word32 a, b, c, d, e, f, g, h, s0, s1;
- sha2_word32 T1, T2, *W256;
- int j;
-
- W256 = (sha2_word32*)context->buffer;
-
- /* initialize registers with the prev. intermediate value */
- a = context->state[0];
- b = context->state[1];
- c = context->state[2];
- d = context->state[3];
- e = context->state[4];
- f = context->state[5];
- g = context->state[6];
- h = context->state[7];
-
- j = 0;
- do {
-#if BYTE_ORDER == LITTLE_ENDIAN
- /* Copy data while converting to host byte order */
- REVERSE32(*data++,W256[j]);
- /* Apply the SHA-256 compression function to update a..h */
- T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + W256[j];
-#else /* BYTE_ORDER == LITTLE_ENDIAN */
- /* Apply the SHA-256 compression function to update a..h with copy */
- T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + (W256[j] = *data++);
-#endif /* BYTE_ORDER == LITTLE_ENDIAN */
- T2 = Sigma0_256(a) + Maj(a, b, c);
- h = g;
- g = f;
- f = e;
- e = d + T1;
- d = c;
- c = b;
- b = a;
- a = T1 + T2;
-
- j++;
- } while (j < 16);
-
- do {
- /* Part of the message block expansion: */
- s0 = W256[(j+1)&0x0f];
- s0 = sigma0_256(s0);
- s1 = W256[(j+14)&0x0f];
- s1 = sigma1_256(s1);
-
- /* Apply the SHA-256 compression function to update a..h */
- T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] +
- (W256[j&0x0f] += s1 + W256[(j+9)&0x0f] + s0);
- T2 = Sigma0_256(a) + Maj(a, b, c);
- h = g;
- g = f;
- f = e;
- e = d + T1;
- d = c;
- c = b;
- b = a;
- a = T1 + T2;
-
- j++;
- } while (j < 64);
-
- /* Compute the current intermediate hash value */
- context->state[0] += a;
- context->state[1] += b;
- context->state[2] += c;
- context->state[3] += d;
- context->state[4] += e;
- context->state[5] += f;
- context->state[6] += g;
- context->state[7] += h;
-
- /* Clean up */
- a = b = c = d = e = f = g = h = T1 = T2 = 0;
-}
-
-#endif /* SHA2_UNROLL_TRANSFORM */
-
-void ldns_sha256_update(ldns_sha256_CTX* context, const sha2_byte *data, size_t len) {
- size_t freespace, usedspace;
-
- if (len == 0) {
- /* Calling with no data is valid - we do nothing */
- return;
- }
-
- /* Sanity check: */
- assert(context != (ldns_sha256_CTX*)0 && data != (sha2_byte*)0);
-
- usedspace = (context->bitcount >> 3) % LDNS_SHA256_BLOCK_LENGTH;
- if (usedspace > 0) {
- /* Calculate how much free space is available in the buffer */
- freespace = LDNS_SHA256_BLOCK_LENGTH - usedspace;
-
- if (len >= freespace) {
- /* Fill the buffer completely and process it */
- MEMCPY_BCOPY(&context->buffer[usedspace], data, freespace);
- context->bitcount += freespace << 3;
- len -= freespace;
- data += freespace;
- ldns_sha256_Transform(context, (sha2_word32*)context->buffer);
- } else {
- /* The buffer is not yet full */
- MEMCPY_BCOPY(&context->buffer[usedspace], data, len);
- context->bitcount += len << 3;
- /* Clean up: */
- usedspace = freespace = 0;
- return;
- }
- }
- while (len >= LDNS_SHA256_BLOCK_LENGTH) {
- /* Process as many complete blocks as we can */
- ldns_sha256_Transform(context, (sha2_word32*)data);
- context->bitcount += LDNS_SHA256_BLOCK_LENGTH << 3;
- len -= LDNS_SHA256_BLOCK_LENGTH;
- data += LDNS_SHA256_BLOCK_LENGTH;
- }
- if (len > 0) {
- /* There's left-overs, so save 'em */
- MEMCPY_BCOPY(context->buffer, data, len);
- context->bitcount += len << 3;
- }
- /* Clean up: */
- usedspace = freespace = 0;
-}
-
-void ldns_sha256_final(sha2_byte digest[], ldns_sha256_CTX* context) {
- sha2_word32 *d = (sha2_word32*)digest;
- size_t usedspace;
-
- /* Sanity check: */
- assert(context != (ldns_sha256_CTX*)0);
-
- /* If no digest buffer is passed, we don't bother doing this: */
- if (digest != (sha2_byte*)0) {
- usedspace = (context->bitcount >> 3) % LDNS_SHA256_BLOCK_LENGTH;
-#if BYTE_ORDER == LITTLE_ENDIAN
- /* Convert FROM host byte order */
- REVERSE64(context->bitcount,context->bitcount);
-#endif
- if (usedspace > 0) {
- /* Begin padding with a 1 bit: */
- context->buffer[usedspace++] = 0x80;
-
- if (usedspace <= ldns_sha256_SHORT_BLOCK_LENGTH) {
- /* Set-up for the last transform: */
- MEMSET_BZERO(&context->buffer[usedspace], ldns_sha256_SHORT_BLOCK_LENGTH - usedspace);
- } else {
- if (usedspace < LDNS_SHA256_BLOCK_LENGTH) {
- MEMSET_BZERO(&context->buffer[usedspace], LDNS_SHA256_BLOCK_LENGTH - usedspace);
- }
- /* Do second-to-last transform: */
- ldns_sha256_Transform(context, (sha2_word32*)context->buffer);
-
- /* And set-up for the last transform: */
- MEMSET_BZERO(context->buffer, ldns_sha256_SHORT_BLOCK_LENGTH);
- }
- } else {
- /* Set-up for the last transform: */
- MEMSET_BZERO(context->buffer, ldns_sha256_SHORT_BLOCK_LENGTH);
-
- /* Begin padding with a 1 bit: */
- *context->buffer = 0x80;
- }
- /* Set the bit count: */
- *(sha2_word64*)&context->buffer[ldns_sha256_SHORT_BLOCK_LENGTH] = context->bitcount;
-
- /* final transform: */
- ldns_sha256_Transform(context, (sha2_word32*)context->buffer);
-
-#if BYTE_ORDER == LITTLE_ENDIAN
- {
- /* Convert TO host byte order */
- int j;
- for (j = 0; j < 8; j++) {
- REVERSE32(context->state[j],context->state[j]);
- *d++ = context->state[j];
- }
- }
-#else
- MEMCPY_BCOPY(d, context->state, LDNS_SHA256_DIGEST_LENGTH);
-#endif
- }
-
- /* Clean up state data: */
- MEMSET_BZERO(context, sizeof(context));
- usedspace = 0;
-}
-
-unsigned char *
-ldns_sha256(unsigned char *data, unsigned int data_len, unsigned char *digest)
-{
- ldns_sha256_CTX ctx;
- ldns_sha256_init(&ctx);
- ldns_sha256_update(&ctx, data, data_len);
- ldns_sha256_final(digest, &ctx);
- return digest;
-}
-
-/*** SHA-512: *********************************************************/
-void ldns_sha512_init(ldns_sha512_CTX* context) {
- if (context == (ldns_sha512_CTX*)0) {
- return;
- }
- MEMCPY_BCOPY(context->state, sha512_initial_hash_value, LDNS_SHA512_DIGEST_LENGTH);
- MEMSET_BZERO(context->buffer, LDNS_SHA512_BLOCK_LENGTH);
- context->bitcount[0] = context->bitcount[1] = 0;
-}
-
-#ifdef SHA2_UNROLL_TRANSFORM
-
-/* Unrolled SHA-512 round macros: */
-#if BYTE_ORDER == LITTLE_ENDIAN
-
-#define ROUND512_0_TO_15(a,b,c,d,e,f,g,h) \
- REVERSE64(*data++, W512[j]); \
- T1 = (h) + Sigma1_512(e) + Ch((e), (f), (g)) + \
- K512[j] + W512[j]; \
- (d) += T1, \
- (h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)), \
- j++
-
-
-#else /* BYTE_ORDER == LITTLE_ENDIAN */
-
-#define ROUND512_0_TO_15(a,b,c,d,e,f,g,h) \
- T1 = (h) + Sigma1_512(e) + Ch((e), (f), (g)) + \
- K512[j] + (W512[j] = *data++); \
- (d) += T1; \
- (h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)); \
- j++
-
-#endif /* BYTE_ORDER == LITTLE_ENDIAN */
-
-#define ROUND512(a,b,c,d,e,f,g,h) \
- s0 = W512[(j+1)&0x0f]; \
- s0 = sigma0_512(s0); \
- s1 = W512[(j+14)&0x0f]; \
- s1 = sigma1_512(s1); \
- T1 = (h) + Sigma1_512(e) + Ch((e), (f), (g)) + K512[j] + \
- (W512[j&0x0f] += s1 + W512[(j+9)&0x0f] + s0); \
- (d) += T1; \
- (h) = T1 + Sigma0_512(a) + Maj((a), (b), (c)); \
- j++
-
-static void ldns_sha512_Transform(ldns_sha512_CTX* context,
- const sha2_word64* data) {
- sha2_word64 a, b, c, d, e, f, g, h, s0, s1;
- sha2_word64 T1, *W512 = (sha2_word64*)context->buffer;
- int j;
-
- /* initialize registers with the prev. intermediate value */
- a = context->state[0];
- b = context->state[1];
- c = context->state[2];
- d = context->state[3];
- e = context->state[4];
- f = context->state[5];
- g = context->state[6];
- h = context->state[7];
-
- j = 0;
- do {
- ROUND512_0_TO_15(a,b,c,d,e,f,g,h);
- ROUND512_0_TO_15(h,a,b,c,d,e,f,g);
- ROUND512_0_TO_15(g,h,a,b,c,d,e,f);
- ROUND512_0_TO_15(f,g,h,a,b,c,d,e);
- ROUND512_0_TO_15(e,f,g,h,a,b,c,d);
- ROUND512_0_TO_15(d,e,f,g,h,a,b,c);
- ROUND512_0_TO_15(c,d,e,f,g,h,a,b);
- ROUND512_0_TO_15(b,c,d,e,f,g,h,a);
- } while (j < 16);
-
- /* Now for the remaining rounds up to 79: */
- do {
- ROUND512(a,b,c,d,e,f,g,h);
- ROUND512(h,a,b,c,d,e,f,g);
- ROUND512(g,h,a,b,c,d,e,f);
- ROUND512(f,g,h,a,b,c,d,e);
- ROUND512(e,f,g,h,a,b,c,d);
- ROUND512(d,e,f,g,h,a,b,c);
- ROUND512(c,d,e,f,g,h,a,b);
- ROUND512(b,c,d,e,f,g,h,a);
- } while (j < 80);
-
- /* Compute the current intermediate hash value */
- context->state[0] += a;
- context->state[1] += b;
- context->state[2] += c;
- context->state[3] += d;
- context->state[4] += e;
- context->state[5] += f;
- context->state[6] += g;
- context->state[7] += h;
-
- /* Clean up */
- a = b = c = d = e = f = g = h = T1 = 0;
-}
-
-#else /* SHA2_UNROLL_TRANSFORM */
-
-static void ldns_sha512_Transform(ldns_sha512_CTX* context,
- const sha2_word64* data) {
- sha2_word64 a, b, c, d, e, f, g, h, s0, s1;
- sha2_word64 T1, T2, *W512 = (sha2_word64*)context->buffer;
- int j;
-
- /* initialize registers with the prev. intermediate value */
- a = context->state[0];
- b = context->state[1];
- c = context->state[2];
- d = context->state[3];
- e = context->state[4];
- f = context->state[5];
- g = context->state[6];
- h = context->state[7];
-
- j = 0;
- do {
-#if BYTE_ORDER == LITTLE_ENDIAN
- /* Convert TO host byte order */
- REVERSE64(*data++, W512[j]);
- /* Apply the SHA-512 compression function to update a..h */
- T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + W512[j];
-#else /* BYTE_ORDER == LITTLE_ENDIAN */
- /* Apply the SHA-512 compression function to update a..h with copy */
- T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + (W512[j] = *data++);
-#endif /* BYTE_ORDER == LITTLE_ENDIAN */
- T2 = Sigma0_512(a) + Maj(a, b, c);
- h = g;
- g = f;
- f = e;
- e = d + T1;
- d = c;
- c = b;
- b = a;
- a = T1 + T2;
-
- j++;
- } while (j < 16);
-
- do {
- /* Part of the message block expansion: */
- s0 = W512[(j+1)&0x0f];
- s0 = sigma0_512(s0);
- s1 = W512[(j+14)&0x0f];
- s1 = sigma1_512(s1);
-
- /* Apply the SHA-512 compression function to update a..h */
- T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] +
- (W512[j&0x0f] += s1 + W512[(j+9)&0x0f] + s0);
- T2 = Sigma0_512(a) + Maj(a, b, c);
- h = g;
- g = f;
- f = e;
- e = d + T1;
- d = c;
- c = b;
- b = a;
- a = T1 + T2;
-
- j++;
- } while (j < 80);
-
- /* Compute the current intermediate hash value */
- context->state[0] += a;
- context->state[1] += b;
- context->state[2] += c;
- context->state[3] += d;
- context->state[4] += e;
- context->state[5] += f;
- context->state[6] += g;
- context->state[7] += h;
-
- /* Clean up */
- a = b = c = d = e = f = g = h = T1 = T2 = 0;
-}
-
-#endif /* SHA2_UNROLL_TRANSFORM */
-
-void ldns_sha512_update(ldns_sha512_CTX* context, const sha2_byte *data, size_t len) {
- size_t freespace, usedspace;
-
- if (len == 0) {
- /* Calling with no data is valid - we do nothing */
- return;
- }
-
- /* Sanity check: */
- assert(context != (ldns_sha512_CTX*)0 && data != (sha2_byte*)0);
-
- usedspace = (context->bitcount[0] >> 3) % LDNS_SHA512_BLOCK_LENGTH;
- if (usedspace > 0) {
- /* Calculate how much free space is available in the buffer */
- freespace = LDNS_SHA512_BLOCK_LENGTH - usedspace;
-
- if (len >= freespace) {
- /* Fill the buffer completely and process it */
- MEMCPY_BCOPY(&context->buffer[usedspace], data, freespace);
- ADDINC128(context->bitcount, freespace << 3);
- len -= freespace;
- data += freespace;
- ldns_sha512_Transform(context, (sha2_word64*)context->buffer);
- } else {
- /* The buffer is not yet full */
- MEMCPY_BCOPY(&context->buffer[usedspace], data, len);
- ADDINC128(context->bitcount, len << 3);
- /* Clean up: */
- usedspace = freespace = 0;
- return;
- }
- }
- while (len >= LDNS_SHA512_BLOCK_LENGTH) {
- /* Process as many complete blocks as we can */
- ldns_sha512_Transform(context, (sha2_word64*)data);
- ADDINC128(context->bitcount, LDNS_SHA512_BLOCK_LENGTH << 3);
- len -= LDNS_SHA512_BLOCK_LENGTH;
- data += LDNS_SHA512_BLOCK_LENGTH;
- }
- if (len > 0) {
- /* There's left-overs, so save 'em */
- MEMCPY_BCOPY(context->buffer, data, len);
- ADDINC128(context->bitcount, len << 3);
- }
- /* Clean up: */
- usedspace = freespace = 0;
-}
-
-static void ldns_sha512_Last(ldns_sha512_CTX* context) {
- size_t usedspace;
-
- usedspace = (context->bitcount[0] >> 3) % LDNS_SHA512_BLOCK_LENGTH;
-#if BYTE_ORDER == LITTLE_ENDIAN
- /* Convert FROM host byte order */
- REVERSE64(context->bitcount[0],context->bitcount[0]);
- REVERSE64(context->bitcount[1],context->bitcount[1]);
-#endif
- if (usedspace > 0) {
- /* Begin padding with a 1 bit: */
- context->buffer[usedspace++] = 0x80;
-
- if (usedspace <= ldns_sha512_SHORT_BLOCK_LENGTH) {
- /* Set-up for the last transform: */
- MEMSET_BZERO(&context->buffer[usedspace], ldns_sha512_SHORT_BLOCK_LENGTH - usedspace);
- } else {
- if (usedspace < LDNS_SHA512_BLOCK_LENGTH) {
- MEMSET_BZERO(&context->buffer[usedspace], LDNS_SHA512_BLOCK_LENGTH - usedspace);
- }
- /* Do second-to-last transform: */
- ldns_sha512_Transform(context, (sha2_word64*)context->buffer);
-
- /* And set-up for the last transform: */
- MEMSET_BZERO(context->buffer, LDNS_SHA512_BLOCK_LENGTH - 2);
- }
- } else {
- /* Prepare for final transform: */
- MEMSET_BZERO(context->buffer, ldns_sha512_SHORT_BLOCK_LENGTH);
-
- /* Begin padding with a 1 bit: */
- *context->buffer = 0x80;
- }
- /* Store the length of input data (in bits): */
- *(sha2_word64*)&context->buffer[ldns_sha512_SHORT_BLOCK_LENGTH] = context->bitcount[1];
- *(sha2_word64*)&context->buffer[ldns_sha512_SHORT_BLOCK_LENGTH+8] = context->bitcount[0];
-
- /* final transform: */
- ldns_sha512_Transform(context, (sha2_word64*)context->buffer);
-}
-
-void ldns_sha512_final(sha2_byte digest[], ldns_sha512_CTX* context) {
- sha2_word64 *d = (sha2_word64*)digest;
-
- /* Sanity check: */
- assert(context != (ldns_sha512_CTX*)0);
-
- /* If no digest buffer is passed, we don't bother doing this: */
- if (digest != (sha2_byte*)0) {
- ldns_sha512_Last(context);
-
- /* Save the hash data for output: */
-#if BYTE_ORDER == LITTLE_ENDIAN
- {
- /* Convert TO host byte order */
- int j;
- for (j = 0; j < 8; j++) {
- REVERSE64(context->state[j],context->state[j]);
- *d++ = context->state[j];
- }
- }
-#else
- MEMCPY_BCOPY(d, context->state, LDNS_SHA512_DIGEST_LENGTH);
-#endif
- }
-
- /* Zero out state data */
- MEMSET_BZERO(context, sizeof(context));
-}
-
-unsigned char *
-ldns_sha512(unsigned char *data, unsigned int data_len, unsigned char *digest)
-{
- ldns_sha512_CTX ctx;
- ldns_sha512_init(&ctx);
- ldns_sha512_update(&ctx, data, data_len);
- ldns_sha512_final(digest, &ctx);
- return digest;
-}
-
-/*** SHA-384: *********************************************************/
-void ldns_sha384_init(ldns_sha384_CTX* context) {
- if (context == (ldns_sha384_CTX*)0) {
- return;
- }
- MEMCPY_BCOPY(context->state, sha384_initial_hash_value, LDNS_SHA512_DIGEST_LENGTH);
- MEMSET_BZERO(context->buffer, LDNS_SHA384_BLOCK_LENGTH);
- context->bitcount[0] = context->bitcount[1] = 0;
-}
-
-void ldns_sha384_update(ldns_sha384_CTX* context, const sha2_byte* data, size_t len) {
- ldns_sha512_update((ldns_sha512_CTX*)context, data, len);
-}
-
-void ldns_sha384_final(sha2_byte digest[], ldns_sha384_CTX* context) {
- sha2_word64 *d = (sha2_word64*)digest;
-
- /* Sanity check: */
- assert(context != (ldns_sha384_CTX*)0);
-
- /* If no digest buffer is passed, we don't bother doing this: */
- if (digest != (sha2_byte*)0) {
- ldns_sha512_Last((ldns_sha512_CTX*)context);
-
- /* Save the hash data for output: */
-#if BYTE_ORDER == LITTLE_ENDIAN
- {
- /* Convert TO host byte order */
- int j;
- for (j = 0; j < 6; j++) {
- REVERSE64(context->state[j],context->state[j]);
- *d++ = context->state[j];
- }
- }
-#else
- MEMCPY_BCOPY(d, context->state, LDNS_SHA384_DIGEST_LENGTH);
-#endif
- }
-
- /* Zero out state data */
- MEMSET_BZERO(context, sizeof(context));
-}
-
-unsigned char *
-ldns_sha384(unsigned char *data, unsigned int data_len, unsigned char *digest)
-{
- ldns_sha384_CTX ctx;
- ldns_sha384_init(&ctx);
- ldns_sha384_update(&ctx, data, data_len);
- ldns_sha384_final(digest, &ctx);
- return digest;
-}
+++ /dev/null
-/*
- * str2host.c
- *
- * conversion routines from the presentation format
- * to the host format
- *
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2004-2006
- *
- * See the file LICENSE for the license
- */
-#include <ldns/config.h>
-
-#include <ldns/ldns.h>
-
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-#include <time.h>
-
-#include <errno.h>
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-
-#include <limits.h>
-#ifdef HAVE_SYS_PARAM_H
-#include <sys/param.h>
-#endif
-
-ldns_status
-ldns_str2rdf_int16(ldns_rdf **rd, const char *shortstr)
-{
- char *end = NULL;
- uint16_t *r;
- r = LDNS_MALLOC(uint16_t);
- if(!r) return LDNS_STATUS_MEM_ERR;
-
- *r = htons((uint16_t)strtol((char *)shortstr, &end, 10));
-
- if(*end != 0) {
- LDNS_FREE(r);
- return LDNS_STATUS_INVALID_INT;
- } else {
- *rd = ldns_rdf_new_frm_data(
- LDNS_RDF_TYPE_INT16, sizeof(uint16_t), r);
- LDNS_FREE(r);
- return *rd?LDNS_STATUS_OK:LDNS_STATUS_MEM_ERR;
- }
-}
-
-ldns_status
-ldns_str2rdf_time(ldns_rdf **rd, const char *time)
-{
- /* convert a time YYYYDDMMHHMMSS to wireformat */
- uint16_t *r = NULL;
- struct tm tm;
- uint32_t l;
- char *end;
-
- /* Try to scan the time... */
- r = (uint16_t*)LDNS_MALLOC(uint32_t);
- if(!r) return LDNS_STATUS_MEM_ERR;
-
- memset(&tm, 0, sizeof(tm));
-
- if (strlen(time) == 14 &&
- sscanf(time, "%4d%2d%2d%2d%2d%2d", &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec) == 6
- ) {
- tm.tm_year -= 1900;
- tm.tm_mon--;
- /* Check values */
- if (tm.tm_year < 70) {
- goto bad_format;
- }
- if (tm.tm_mon < 0 || tm.tm_mon > 11) {
- goto bad_format;
- }
- if (tm.tm_mday < 1 || tm.tm_mday > 31) {
- goto bad_format;
- }
-
- if (tm.tm_hour < 0 || tm.tm_hour > 23) {
- goto bad_format;
- }
-
- if (tm.tm_min < 0 || tm.tm_min > 59) {
- goto bad_format;
- }
-
- if (tm.tm_sec < 0 || tm.tm_sec > 59) {
- goto bad_format;
- }
-
- l = htonl(mktime_from_utc(&tm));
- memcpy(r, &l, sizeof(uint32_t));
- *rd = ldns_rdf_new_frm_data(
- LDNS_RDF_TYPE_TIME, sizeof(uint32_t), r);
- LDNS_FREE(r);
- return *rd?LDNS_STATUS_OK:LDNS_STATUS_MEM_ERR;
- } else {
- /* handle it as 32 bits timestamp */
- l = htonl((uint32_t)strtol((char*)time, &end, 10));
- if(*end != 0) {
- LDNS_FREE(r);
- return LDNS_STATUS_ERR;
- } else {
- memcpy(r, &l, sizeof(uint32_t));
- *rd = ldns_rdf_new_frm_data(
- LDNS_RDF_TYPE_INT32, sizeof(uint32_t), r);
- LDNS_FREE(r);
- return *rd?LDNS_STATUS_OK:LDNS_STATUS_MEM_ERR;
- }
- }
-
- bad_format:
- LDNS_FREE(r);
- return LDNS_STATUS_INVALID_TIME;
-}
-
-ldns_status
-ldns_str2rdf_nsec3_salt(ldns_rdf **rd, const char *salt_str)
-{
- uint8_t salt_length;
- int c;
- int salt_length_str;
-
- uint8_t *salt;
- uint8_t *data;
- if(rd == NULL) {
- return LDNS_STATUS_NULL;
- }
-
- salt_length_str = (int)strlen(salt_str);
- if (salt_length_str == 1 && salt_str[0] == '-') {
- salt_length_str = 0;
- } else if (salt_length_str % 2 != 0) {
- return LDNS_STATUS_INVALID_HEX;
- }
- if (salt_length_str > 512) {
- return LDNS_STATUS_INVALID_HEX;
- }
-
- salt = LDNS_XMALLOC(uint8_t, salt_length_str / 2);
- if(!salt) {
- return LDNS_STATUS_MEM_ERR;
- }
- for (c = 0; c < salt_length_str; c += 2) {
- if (isxdigit((int) salt_str[c]) && isxdigit((int) salt_str[c+1])) {
- salt[c/2] = (uint8_t) ldns_hexdigit_to_int(salt_str[c]) * 16 +
- ldns_hexdigit_to_int(salt_str[c+1]);
- } else {
- LDNS_FREE(salt);
- return LDNS_STATUS_INVALID_HEX;
- }
- }
- salt_length = (uint8_t) (salt_length_str / 2);
-
- data = LDNS_XMALLOC(uint8_t, 1 + salt_length);
- if(!data) {
- LDNS_FREE(salt);
- return LDNS_STATUS_MEM_ERR;
- }
- data[0] = salt_length;
- memcpy(&data[1], salt, salt_length);
- *rd = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_NSEC3_SALT, 1 + salt_length, data);
- LDNS_FREE(data);
- LDNS_FREE(salt);
-
- return *rd?LDNS_STATUS_OK:LDNS_STATUS_MEM_ERR;
-}
-
-ldns_status
-ldns_str2rdf_period(ldns_rdf **rd,const char *period)
-{
- uint32_t p;
- const char *end;
-
- /* Allocate required space... */
- p = ldns_str2period(period, &end);
-
- if (*end != 0) {
- return LDNS_STATUS_ERR;
- } else {
- p = (uint32_t) htonl(p);
- *rd = ldns_rdf_new_frm_data(
- LDNS_RDF_TYPE_PERIOD, sizeof(uint32_t), &p);
- }
- return *rd?LDNS_STATUS_OK:LDNS_STATUS_MEM_ERR;
-}
-
-ldns_status
-ldns_str2rdf_int32(ldns_rdf **rd, const char *longstr)
-{
- char *end;
- uint16_t *r = NULL;
- uint32_t l;
-
- r = (uint16_t*)LDNS_MALLOC(uint32_t);
- if(!r) return LDNS_STATUS_MEM_ERR;
- errno = 0; /* must set to zero before call,
- note race condition on errno */
- if(*longstr == '-')
- l = htonl((uint32_t)strtol((char*)longstr, &end, 10));
- else l = htonl((uint32_t)strtoul((char*)longstr, &end, 10));
-
- if(*end != 0) {
- LDNS_FREE(r);
- return LDNS_STATUS_ERR;
- } else {
- if (errno == ERANGE) {
- LDNS_FREE(r);
- return LDNS_STATUS_SYNTAX_INTEGER_OVERFLOW;
- }
- memcpy(r, &l, sizeof(uint32_t));
- *rd = ldns_rdf_new_frm_data(
- LDNS_RDF_TYPE_INT32, sizeof(uint32_t), r);
- LDNS_FREE(r);
- return *rd?LDNS_STATUS_OK:LDNS_STATUS_MEM_ERR;
- }
-}
-
-ldns_status
-ldns_str2rdf_int8(ldns_rdf **rd, const char *bytestr)
-{
- char *end;
- uint8_t *r = NULL;
-
- r = LDNS_MALLOC(uint8_t);
- if(!r) return LDNS_STATUS_MEM_ERR;
-
- *r = (uint8_t)strtol((char*)bytestr, &end, 10);
-
- if(*end != 0) {
- LDNS_FREE(r);
- return LDNS_STATUS_ERR;
- } else {
- *rd = ldns_rdf_new_frm_data(
- LDNS_RDF_TYPE_INT8, sizeof(uint8_t), r);
- LDNS_FREE(r);
- return *rd?LDNS_STATUS_OK:LDNS_STATUS_MEM_ERR;
- }
-}
-
-
-/*
- * Checks whether the escaped value at **s is an octal value or
- * a 'normally' escaped character (and not eos)
- *
- * The string pointer at *s is increased by either 0 (on error), 1 (on
- * normal escapes), or 3 (on octals)
- *
- * Returns the number of bytes read from the escaped string, or
- * 0 on error
- */
-static int
-parse_escape(uint8_t *s, uint8_t *q) {
- uint8_t val;
- if (strlen((char *)s) > 3 &&
- isdigit((int) s[1]) &&
- isdigit((int) s[2]) &&
- isdigit((int) s[3])) {
- /* cast this so it fits */
- val = (uint8_t) ldns_hexdigit_to_int((char) s[1]) * 100 +
- ldns_hexdigit_to_int((char) s[2]) * 10 +
- ldns_hexdigit_to_int((char) s[3]);
- *q = val;
- return 3;
- } else {
- s++;
- if (*s == '\0' || isdigit((int) *s)) {
- /* apparently the string terminator
- * or a digit has been escaped...
- */
- return 0;
- }
- *q = *s;
- return 1;
- }
-}
-
-/*
- * No special care is taken, all dots are translated into
- * label seperators.
- * Could be made more efficient....we do 3 memcpy's in total...
- */
-ldns_status
-ldns_str2rdf_dname(ldns_rdf **d, const char *str)
-{
- size_t len;
-
- int esc;
- uint8_t *s, *q, *pq, label_len;
- uint8_t buf[LDNS_MAX_DOMAINLEN + 1];
- *d = NULL;
-
- len = strlen((char*)str);
- /* octet representation can make strings a lot longer than actual length */
- if (len > LDNS_MAX_DOMAINLEN * 4) {
- return LDNS_STATUS_DOMAINNAME_OVERFLOW;
- }
- if (0 == len) {
- return LDNS_STATUS_DOMAINNAME_UNDERFLOW;
- }
-
- /* root label */
- if (1 == len && *str == '.') {
- *d = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_DNAME, 1, "\0");
- return LDNS_STATUS_OK;
- }
-
- /* get on with the rest */
-
- /* s is on the current character in the string
- * pq points to where the labellength is going to go
- * label_len keeps track of the current label's length
- * q builds the dname inside the buf array
- */
- len = 0;
- q = buf+1;
- pq = buf;
- label_len = 0;
- for (s = (uint8_t *)str; *s; s++, q++) {
- if (q > buf + LDNS_MAX_DOMAINLEN) {
- return LDNS_STATUS_DOMAINNAME_OVERFLOW;
- }
- *q = 0;
- switch (*s) {
- case '.':
- if (label_len > LDNS_MAX_LABELLEN) {
- return LDNS_STATUS_LABEL_OVERFLOW;
- }
- if (label_len == 0) {
- return LDNS_STATUS_EMPTY_LABEL;
- }
- len += label_len + 1;
- *pq = label_len;
- label_len = 0;
- pq = q;
- break;
- case '\\':
- /* octet value or literal char */
- esc = parse_escape(s, q);
- if (esc > 0) {
- s += esc;
- label_len++;
- } else {
- return LDNS_STATUS_SYNTAX_BAD_ESCAPE;
- }
- break;
- default:
- *q = *s;
- label_len++;
- }
- }
-
- /* add root label if last char was not '.' */
- if (!ldns_dname_str_absolute(str)) {
- if (q > buf + LDNS_MAX_DOMAINLEN) {
- return LDNS_STATUS_DOMAINNAME_OVERFLOW;
- }
- if (label_len > LDNS_MAX_LABELLEN) {
- return LDNS_STATUS_LABEL_OVERFLOW;
- }
- if (label_len == 0) { /* label_len 0 but not . at end? */
- return LDNS_STATUS_EMPTY_LABEL;
- }
- len += label_len + 1;
- *pq = label_len;
- *q = 0;
- }
- len++;
-
- *d = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_DNAME, len, buf);
- return LDNS_STATUS_OK;
-}
-
-ldns_status
-ldns_str2rdf_a(ldns_rdf **rd, const char *str)
-{
- in_addr_t address;
- if (inet_pton(AF_INET, (char*)str, &address) != 1) {
- return LDNS_STATUS_INVALID_IP4;
- } else {
- *rd = ldns_rdf_new_frm_data(
- LDNS_RDF_TYPE_A, sizeof(address), &address);
- }
- return *rd?LDNS_STATUS_OK:LDNS_STATUS_MEM_ERR;
-}
-
-ldns_status
-ldns_str2rdf_aaaa(ldns_rdf **rd, const char *str)
-{
- uint8_t address[LDNS_IP6ADDRLEN + 1];
-
- if (inet_pton(AF_INET6, (char*)str, address) != 1) {
- return LDNS_STATUS_INVALID_IP6;
- } else {
- *rd = ldns_rdf_new_frm_data(
- LDNS_RDF_TYPE_AAAA, sizeof(address) - 1, &address);
- }
- return *rd?LDNS_STATUS_OK:LDNS_STATUS_MEM_ERR;
-}
-
-ldns_status
-ldns_str2rdf_str(ldns_rdf **rd, const char *str)
-{
- uint8_t *data;
- size_t i, str_i, esc_i;
-
- if (strlen(str) > 255) {
- return LDNS_STATUS_INVALID_STR;
- }
-
- data = LDNS_XMALLOC(uint8_t, strlen(str) + 1);
- if(!data) return LDNS_STATUS_MEM_ERR;
- i = 1;
-
- for (str_i = 0; str_i < strlen(str); str_i++) {
- if (str[str_i] == '\\') {
- /* octet value or literal char */
- esc_i = (size_t) parse_escape((uint8_t*) &str[str_i], (uint8_t*) &data[i]);
- if (esc_i == 0) {
- LDNS_FREE(data);
- return LDNS_STATUS_SYNTAX_BAD_ESCAPE;
- }
- str_i += esc_i;
- } else {
- data[i] = (uint8_t) str[str_i];
- }
- i++;
- }
- data[0] = i - 1;
- *rd = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_STR, i, data);
-
- LDNS_FREE(data);
- return *rd?LDNS_STATUS_OK:LDNS_STATUS_MEM_ERR;
-}
-
-ldns_status
-ldns_str2rdf_apl(ldns_rdf **rd, const char *str)
-{
- const char *my_str = str;
-
- char *my_ip_str;
- size_t ip_str_len;
-
- uint16_t family;
- bool negation;
- uint8_t afdlength = 0;
- uint8_t *afdpart;
- uint8_t prefix;
-
- uint8_t *data;
-
- size_t i = 0;
-
- /* [!]afi:address/prefix */
- if (strlen(my_str) < 2) {
- return LDNS_STATUS_INVALID_STR;
- }
-
- if (my_str[0] == '!') {
- negation = true;
- my_str += 1;
- } else {
- negation = false;
- }
-
- family = (uint16_t) atoi(my_str);
-
- my_str = strchr(my_str, ':') + 1;
-
- /* need ip addr and only ip addr for inet_pton */
- ip_str_len = (size_t) (strchr(my_str, '/') - my_str);
- my_ip_str = LDNS_XMALLOC(char, ip_str_len + 1);
- if(!my_ip_str) return LDNS_STATUS_MEM_ERR;
- strncpy(my_ip_str, my_str, ip_str_len + 1);
- my_ip_str[ip_str_len] = '\0';
-
- if (family == 1) {
- /* ipv4 */
- afdpart = LDNS_XMALLOC(uint8_t, 4);
- if(!afdpart) {
- LDNS_FREE(my_ip_str);
- return LDNS_STATUS_MEM_ERR;
- }
- if (inet_pton(AF_INET, my_ip_str, afdpart) == 0) {
- LDNS_FREE(my_ip_str);
- LDNS_FREE(afdpart);
- return LDNS_STATUS_INVALID_STR;
- }
- for (i = 0; i < 4; i++) {
- if (afdpart[i] != 0) {
- afdlength = i + 1;
- }
- }
- } else if (family == 2) {
- /* ipv6 */
- afdpart = LDNS_XMALLOC(uint8_t, 16);
- if(!afdpart) {
- LDNS_FREE(my_ip_str);
- return LDNS_STATUS_MEM_ERR;
- }
- if (inet_pton(AF_INET6, my_ip_str, afdpart) == 0) {
- LDNS_FREE(my_ip_str);
- LDNS_FREE(afdpart);
- return LDNS_STATUS_INVALID_STR;
- }
- for (i = 0; i < 16; i++) {
- if (afdpart[i] != 0) {
- afdlength = i + 1;
- }
- }
- } else {
- /* unknown family */
- LDNS_FREE(my_ip_str);
- return LDNS_STATUS_INVALID_STR;
- }
-
- my_str = strchr(my_str, '/') + 1;
- prefix = (uint8_t) atoi(my_str);
-
- data = LDNS_XMALLOC(uint8_t, 4 + afdlength);
- if(!data) {
- LDNS_FREE(my_ip_str);
- return LDNS_STATUS_INVALID_STR;
- }
- ldns_write_uint16(data, family);
- data[2] = prefix;
- data[3] = afdlength;
- if (negation) {
- /* set bit 1 of byte 3 */
- data[3] = data[3] | 0x80;
- }
-
- memcpy(data + 4, afdpart, afdlength);
-
- *rd = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_APL, afdlength + 4, data);
- LDNS_FREE(afdpart);
- LDNS_FREE(data);
- LDNS_FREE(my_ip_str);
-
- return *rd?LDNS_STATUS_OK:LDNS_STATUS_MEM_ERR;
-}
-
-ldns_status
-ldns_str2rdf_b64(ldns_rdf **rd, const char *str)
-{
- uint8_t *buffer;
- int16_t i;
-
- buffer = LDNS_XMALLOC(uint8_t, ldns_b64_ntop_calculate_size(strlen(str)));
- if(!buffer) {
- return LDNS_STATUS_MEM_ERR;
- }
-
- i = (uint16_t)ldns_b64_pton((const char*)str, buffer,
- ldns_b64_ntop_calculate_size(strlen(str)));
- if (-1 == i) {
- LDNS_FREE(buffer);
- return LDNS_STATUS_INVALID_B64;
- } else {
- *rd = ldns_rdf_new_frm_data(
- LDNS_RDF_TYPE_B64, (uint16_t) i, buffer);
- }
- LDNS_FREE(buffer);
-
- return *rd?LDNS_STATUS_OK:LDNS_STATUS_MEM_ERR;
-}
-
-ldns_status
-ldns_str2rdf_b32_ext(ldns_rdf **rd, const char *str)
-{
- uint8_t *buffer;
- int i;
- /* first byte contains length of actual b32 data */
- uint8_t len = ldns_b32_pton_calculate_size(strlen(str));
- buffer = LDNS_XMALLOC(uint8_t, len + 1);
- if(!buffer) {
- return LDNS_STATUS_MEM_ERR;
- }
- buffer[0] = len;
-
- i = ldns_b32_pton_extended_hex((const char*)str, strlen(str), buffer + 1,
- ldns_b32_ntop_calculate_size(strlen(str)));
- if (i < 0) {
- LDNS_FREE(buffer);
- return LDNS_STATUS_INVALID_B32_EXT;
- } else {
- *rd = ldns_rdf_new_frm_data(
- LDNS_RDF_TYPE_B32_EXT, (uint16_t) i + 1, buffer);
- }
- LDNS_FREE(buffer);
-
- return *rd?LDNS_STATUS_OK:LDNS_STATUS_MEM_ERR;
-}
-
-ldns_status
-ldns_str2rdf_hex(ldns_rdf **rd, const char *str)
-{
- uint8_t *t, *t_orig;
- int i;
- size_t len;
-
- len = strlen(str);
-
- if (len > LDNS_MAX_RDFLEN * 2) {
- return LDNS_STATUS_LABEL_OVERFLOW;
- } else {
- t = LDNS_XMALLOC(uint8_t, (len / 2) + 1);
- if(!t) {
- return LDNS_STATUS_MEM_ERR;
- }
- t_orig = t;
- /* Now process octet by octet... */
- while (*str) {
- *t = 0;
- if (isspace((int) *str)) {
- str++;
- } else {
- for (i = 16; i >= 1; i -= 15) {
- while (*str && isspace((int) *str)) { str++; }
- if (*str) {
- if (isxdigit((int) *str)) {
- *t += ldns_hexdigit_to_int(*str) * i;
- } else {
- LDNS_FREE(t_orig);
- return LDNS_STATUS_ERR;
- }
- ++str;
- }
- }
- ++t;
- }
- }
- *rd = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_HEX,
- (size_t) (t - t_orig),
- t_orig);
- LDNS_FREE(t_orig);
- }
- return *rd?LDNS_STATUS_OK:LDNS_STATUS_MEM_ERR;
-}
-
-ldns_status
-ldns_str2rdf_nsec(ldns_rdf **rd, const char *str)
-{
- const char *delimiters = "\n\t ";
- char *token = LDNS_XMALLOC(char, LDNS_MAX_RDFLEN);
- ldns_buffer *str_buf;
- ssize_t c;
- uint16_t cur_type;
- size_t type_count = 0;
- ldns_rr_type type_list[65536];
- if(!token) return LDNS_STATUS_MEM_ERR;
- if(rd == NULL) {
- LDNS_FREE(token);
- return LDNS_STATUS_NULL;
- }
-
- str_buf = LDNS_MALLOC(ldns_buffer);
- if(!str_buf) {
- LDNS_FREE(token);
- return LDNS_STATUS_MEM_ERR;
- }
- ldns_buffer_new_frm_data(str_buf, (char *)str, strlen(str));
- if(ldns_buffer_status(str_buf) != LDNS_STATUS_OK) {
- LDNS_FREE(str_buf);
- LDNS_FREE(token);
- return LDNS_STATUS_MEM_ERR;
- }
-
- while ((c = ldns_bget_token(str_buf, token, delimiters, LDNS_MAX_RDFLEN)) != -1 && c != 0) {
- if(type_count >= sizeof(type_list)) {
- LDNS_FREE(str_buf);
- LDNS_FREE(token);
- return LDNS_STATUS_ERR;
- }
- cur_type = ldns_get_rr_type_by_name(token);
- type_list[type_count] = cur_type;
- type_count++;
- }
-
- *rd = ldns_dnssec_create_nsec_bitmap(type_list,
- type_count,
- LDNS_RR_TYPE_NSEC);
-
- LDNS_FREE(token);
- ldns_buffer_free(str_buf);
- return *rd?LDNS_STATUS_OK:LDNS_STATUS_MEM_ERR;
-}
-
-ldns_status
-ldns_str2rdf_type(ldns_rdf **rd, const char *str)
-{
- uint16_t type;
- type = htons(ldns_get_rr_type_by_name(str));
- /* ldns_rr_type is a 16 bit value */
- *rd = ldns_rdf_new_frm_data(
- LDNS_RDF_TYPE_TYPE, sizeof(uint16_t), &type);
- return *rd?LDNS_STATUS_OK:LDNS_STATUS_MEM_ERR;
-}
-
-ldns_status
-ldns_str2rdf_class(ldns_rdf **rd, const char *str)
-{
- uint16_t klass;
- klass = htons(ldns_get_rr_class_by_name(str));
- /* class is 16 bit */
- *rd = ldns_rdf_new_frm_data(
- LDNS_RDF_TYPE_CLASS, sizeof(uint16_t), &klass);
- return *rd?LDNS_STATUS_OK:LDNS_STATUS_MEM_ERR;
-}
-
-/* An certificate alg field can either be specified as a 8 bits number
- * or by its symbolic name. Handle both
- */
-ldns_status
-ldns_str2rdf_cert_alg(ldns_rdf **rd, const char *str)
-{
- ldns_lookup_table *lt;
- ldns_status st;
- uint8_t idd[2];
- lt = ldns_lookup_by_name(ldns_cert_algorithms, str);
- st = LDNS_STATUS_OK;
-
- if (lt) {
- ldns_write_uint16(idd, (uint16_t) lt->id);
- *rd = ldns_rdf_new_frm_data(
- LDNS_RDF_TYPE_INT16, sizeof(uint16_t), idd);
- if (!*rd) {
- st = LDNS_STATUS_ERR;
- }
- } else {
- /* try as-is (a number) */
- st = ldns_str2rdf_int16(rd, str);
- if (st == LDNS_STATUS_OK &&
- ldns_rdf2native_int16(*rd) == 0) {
- st = LDNS_STATUS_CERT_BAD_ALGORITHM;
- }
- }
-
- return st;
-}
-
-/* An alg field can either be specified as a 8 bits number
- * or by its symbolic name. Handle both
- */
-ldns_status
-ldns_str2rdf_alg(ldns_rdf **rd, const char *str)
-{
- ldns_lookup_table *lt;
- ldns_status st;
-
- lt = ldns_lookup_by_name(ldns_algorithms, str);
- st = LDNS_STATUS_OK;
-
- if (lt) {
- /* it was given as a integer */
- *rd = ldns_native2rdf_int8(LDNS_RDF_TYPE_INT8, (uint8_t) lt->id);
- if (!*rd) {
- st = LDNS_STATUS_ERR;
- }
- } else {
- /* try as-is (a number) */
- st = ldns_str2rdf_int8(rd, str);
- }
- return st;
-}
-
-ldns_status
-ldns_str2rdf_unknown(ldns_rdf **rd, const char *str)
-{
- /* this should be caught in an earlier time (general str2host for
- rr's */
- rd = rd;
- str = str;
- return LDNS_STATUS_NOT_IMPL;
-}
-
-ldns_status
-ldns_str2rdf_tsig(ldns_rdf **rd, const char *str)
-{
- /* there is no strign representation for TSIG rrs */
- rd = rd;
- str = str;
- return LDNS_STATUS_NOT_IMPL;
-}
-
-ldns_status
-ldns_str2rdf_service(ldns_rdf **rd, const char *str)
-{
- /* is this used? is this actually WKS? or SRV? */
- rd = rd;
- str = str;
- return LDNS_STATUS_NOT_IMPL;
-}
-
-static int
-loc_parse_cm(char* my_str, char** endstr, uint8_t* m, uint8_t* e)
-{
- /* read <digits>[.<digits>][mM] */
- /* into mantissa exponent format for LOC type */
- uint32_t meters = 0, cm = 0, val;
- while (isblank(*my_str)) {
- my_str++;
- }
- meters = (uint32_t)strtol(my_str, &my_str, 10);
- if (*my_str == '.') {
- my_str++;
- cm = (uint32_t)strtol(my_str, &my_str, 10);
- }
- if (meters >= 1) {
- *e = 2;
- val = meters;
- } else {
- *e = 0;
- val = cm;
- }
- while(val >= 10) {
- (*e)++;
- val /= 10;
- }
- *m = (uint8_t)val;
-
- if (*e > 9)
- return 0;
- if (*my_str == 'm' || *my_str == 'M') {
- my_str++;
- }
- *endstr = my_str;
- return 1;
-}
-
-ldns_status
-ldns_str2rdf_loc(ldns_rdf **rd, const char *str)
-{
- uint32_t latitude = 0;
- uint32_t longitude = 0;
- uint32_t altitude = 0;
-
- uint8_t *data;
- uint32_t equator = (uint32_t) ldns_power(2, 31);
-
- uint32_t h = 0;
- uint32_t m = 0;
- uint8_t size_b = 1, size_e = 2;
- uint8_t horiz_pre_b = 1, horiz_pre_e = 6;
- uint8_t vert_pre_b = 1, vert_pre_e = 3;
-
- double s = 0.0;
- bool northerness;
- bool easterness;
-
- char *my_str = (char *) str;
-
- /* only support version 0 */
- if (isdigit((int) *my_str)) {
- h = (uint32_t) strtol(my_str, &my_str, 10);
- } else {
- return LDNS_STATUS_INVALID_STR;
- }
-
- while (isblank((int) *my_str)) {
- my_str++;
- }
-
- if (isdigit((int) *my_str)) {
- m = (uint32_t) strtol(my_str, &my_str, 10);
- } else if (*my_str == 'N' || *my_str == 'S') {
- goto north;
- } else {
- return LDNS_STATUS_INVALID_STR;
- }
-
- while (isblank((int) *my_str)) {
- my_str++;
- }
-
- if (isdigit((int) *my_str)) {
- s = strtod(my_str, &my_str);
- }
-north:
- while (isblank((int) *my_str)) {
- my_str++;
- }
-
- if (*my_str == 'N') {
- northerness = true;
- } else if (*my_str == 'S') {
- northerness = false;
- } else {
- return LDNS_STATUS_INVALID_STR;
- }
-
- my_str++;
-
- /* store number */
- s = 1000.0 * s;
- /* add a little to make floor in conversion a round */
- s += 0.0005;
- latitude = (uint32_t) s;
- latitude += 1000 * 60 * m;
- latitude += 1000 * 60 * 60 * h;
- if (northerness) {
- latitude = equator + latitude;
- } else {
- latitude = equator - latitude;
- }
- while (isblank(*my_str)) {
- my_str++;
- }
-
- if (isdigit((int) *my_str)) {
- h = (uint32_t) strtol(my_str, &my_str, 10);
- } else {
- return LDNS_STATUS_INVALID_STR;
- }
-
- while (isblank((int) *my_str)) {
- my_str++;
- }
-
- if (isdigit((int) *my_str)) {
- m = (uint32_t) strtol(my_str, &my_str, 10);
- } else if (*my_str == 'E' || *my_str == 'W') {
- goto east;
- } else {
- return LDNS_STATUS_INVALID_STR;
- }
-
- while (isblank(*my_str)) {
- my_str++;
- }
-
- if (isdigit((int) *my_str)) {
- s = strtod(my_str, &my_str);
- }
-
-east:
- while (isblank(*my_str)) {
- my_str++;
- }
-
- if (*my_str == 'E') {
- easterness = true;
- } else if (*my_str == 'W') {
- easterness = false;
- } else {
- return LDNS_STATUS_INVALID_STR;
- }
-
- my_str++;
-
- /* store number */
- s *= 1000.0;
- /* add a little to make floor in conversion a round */
- s += 0.0005;
- longitude = (uint32_t) s;
- longitude += 1000 * 60 * m;
- longitude += 1000 * 60 * 60 * h;
-
- if (easterness) {
- longitude += equator;
- } else {
- longitude = equator - longitude;
- }
-
- altitude = (uint32_t)(strtod(my_str, &my_str)*100.0 +
- 10000000.0 + 0.5);
- if (*my_str == 'm' || *my_str == 'M') {
- my_str++;
- }
-
- if (strlen(my_str) > 0) {
- if(!loc_parse_cm(my_str, &my_str, &size_b, &size_e))
- return LDNS_STATUS_INVALID_STR;
- }
-
- if (strlen(my_str) > 0) {
- if(!loc_parse_cm(my_str, &my_str, &horiz_pre_b, &horiz_pre_e))
- return LDNS_STATUS_INVALID_STR;
- }
-
- if (strlen(my_str) > 0) {
- if(!loc_parse_cm(my_str, &my_str, &vert_pre_b, &vert_pre_e))
- return LDNS_STATUS_INVALID_STR;
- }
-
- data = LDNS_XMALLOC(uint8_t, 16);
- if(!data) {
- return LDNS_STATUS_MEM_ERR;
- }
- data[0] = 0;
- data[1] = 0;
- data[1] = ((size_b << 4) & 0xf0) | (size_e & 0x0f);
- data[2] = ((horiz_pre_b << 4) & 0xf0) | (horiz_pre_e & 0x0f);
- data[3] = ((vert_pre_b << 4) & 0xf0) | (vert_pre_e & 0x0f);
- ldns_write_uint32(data + 4, latitude);
- ldns_write_uint32(data + 8, longitude);
- ldns_write_uint32(data + 12, altitude);
-
- *rd = ldns_rdf_new_frm_data(
- LDNS_RDF_TYPE_LOC, 16, data);
-
- LDNS_FREE(data);
- return *rd?LDNS_STATUS_OK:LDNS_STATUS_MEM_ERR;
-}
-
-ldns_status
-ldns_str2rdf_wks(ldns_rdf **rd, const char *str)
-{
- uint8_t *bitmap = NULL;
- uint8_t *data;
- int bm_len = 0;
-
- struct protoent *proto = NULL;
- struct servent *serv = NULL;
- int serv_port;
-
- ldns_buffer *str_buf;
-
- char *proto_str = NULL;
- char *token;
- if(strlen(str) == 0)
- token = LDNS_XMALLOC(char, 50);
- else token = LDNS_XMALLOC(char, strlen(str)+2);
- if(!token) return LDNS_STATUS_MEM_ERR;
-
- str_buf = LDNS_MALLOC(ldns_buffer);
- if(!str_buf) {LDNS_FREE(token); return LDNS_STATUS_MEM_ERR;}
- ldns_buffer_new_frm_data(str_buf, (char *)str, strlen(str));
- if(ldns_buffer_status(str_buf) != LDNS_STATUS_OK) {
- LDNS_FREE(str_buf);
- LDNS_FREE(token);
- return LDNS_STATUS_MEM_ERR;
- }
-
- while(ldns_bget_token(str_buf, token, "\t\n ", strlen(str)) > 0) {
- if (!proto_str) {
- proto_str = strdup(token);
- if (!proto_str) {
- LDNS_FREE(bitmap);
- LDNS_FREE(token);
- ldns_buffer_free(str_buf);
- return LDNS_STATUS_INVALID_STR;
- }
- } else {
- serv = getservbyname(token, proto_str);
- if (serv) {
- serv_port = (int) ntohs((uint16_t) serv->s_port);
- } else {
- serv_port = atoi(token);
- }
- if (serv_port / 8 >= bm_len) {
- uint8_t *b2 = LDNS_XREALLOC(bitmap, uint8_t, (serv_port / 8) + 1);
- if(!b2) {
- LDNS_FREE(bitmap);
- LDNS_FREE(token);
- ldns_buffer_free(str_buf);
- free(proto_str);
- return LDNS_STATUS_INVALID_STR;
- }
- bitmap = b2;
- /* set to zero to be sure */
- for (; bm_len <= serv_port / 8; bm_len++) {
- bitmap[bm_len] = 0;
- }
- }
- ldns_set_bit(bitmap + (serv_port / 8), 7 - (serv_port % 8), true);
- }
- }
-
- if (!proto_str || !bitmap) {
- LDNS_FREE(bitmap);
- LDNS_FREE(token);
- ldns_buffer_free(str_buf);
- free(proto_str);
- return LDNS_STATUS_INVALID_STR;
- }
-
- data = LDNS_XMALLOC(uint8_t, bm_len + 1);
- if(!data) {
- LDNS_FREE(token);
- ldns_buffer_free(str_buf);
- LDNS_FREE(bitmap);
- free(proto_str);
- return LDNS_STATUS_INVALID_STR;
- }
- if (proto_str)
- proto = getprotobyname(proto_str);
- if (proto) {
- data[0] = (uint8_t) proto->p_proto;
- } else if (proto_str) {
- data[0] = (uint8_t) atoi(proto_str);
- } else {
- data[0] = 0;
- }
- memcpy(data + 1, bitmap, (size_t) bm_len);
-
- *rd = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_WKS, (uint16_t) (bm_len + 1), data);
-
- LDNS_FREE(data);
- LDNS_FREE(token);
- ldns_buffer_free(str_buf);
- LDNS_FREE(bitmap);
- free(proto_str);
-#ifdef HAVE_ENDSERVENT
- endservent();
-#endif
-#ifdef HAVE_ENDPROTOENT
- endprotoent();
-#endif
-
- if(!*rd) return LDNS_STATUS_MEM_ERR;
-
- return LDNS_STATUS_OK;
-}
-
-ldns_status
-ldns_str2rdf_nsap(ldns_rdf **rd, const char *str)
-{
- size_t len, i;
- char* nsap_str = (char*) str;
-
- /* just a hex string with optional dots? */
- if (str[0] != '0' || str[1] != 'x') {
- return LDNS_STATUS_INVALID_STR;
- } else {
- len = strlen(str);
- for (i=0; i < len; i++) {
- if (nsap_str[i] == '.')
- nsap_str[i] = ' ';
- }
- return ldns_str2rdf_hex(rd, str+2);
- }
-}
-
-ldns_status
-ldns_str2rdf_atma(ldns_rdf **rd, const char *str)
-{
- size_t len, i;
- char* atma_str = (char*) str;
- ldns_status status;
-
- /* just a hex string with optional dots? */
- len = strlen(str);
- for (i=0; i < len; i++) {
- if (atma_str[i] == '.')
- atma_str[i] = ' ';
- }
- status = ldns_str2rdf_hex(rd, str);
- if (status != LDNS_STATUS_OK) {
- ; /* probably in e.164 format than */
- }
- return status;
-}
-
-ldns_status
-ldns_str2rdf_ipseckey(ldns_rdf **rd, const char *str)
-{
- uint8_t precedence = 0;
- uint8_t gateway_type = 0;
- uint8_t algorithm = 0;
- char* gateway = NULL;
- char* publickey = NULL;
- uint8_t *data;
- ldns_buffer *str_buf;
- char *token;
- int token_count = 0;
- int ipseckey_len = 0;
- ldns_rdf* gateway_rdf = NULL;
- ldns_rdf* publickey_rdf = NULL;
- ldns_status status = LDNS_STATUS_OK;
-
- if(strlen(str) == 0)
- token = LDNS_XMALLOC(char, 256);
- else token = LDNS_XMALLOC(char, strlen(str)+2);
- if(!token) return LDNS_STATUS_MEM_ERR;
-
- str_buf = LDNS_MALLOC(ldns_buffer);
- if(!str_buf) {LDNS_FREE(token); return LDNS_STATUS_MEM_ERR;}
- ldns_buffer_new_frm_data(str_buf, (char *)str, strlen(str));
- if(ldns_buffer_status(str_buf) != LDNS_STATUS_OK) {
- LDNS_FREE(str_buf);
- LDNS_FREE(token);
- return LDNS_STATUS_MEM_ERR;
- }
- while(ldns_bget_token(str_buf, token, "\t\n ", strlen(str)) > 0) {
- switch (token_count) {
- case 0:
- precedence = (uint8_t)atoi(token);
- break;
- case 1:
- gateway_type = (uint8_t)atoi(token);
- break;
- case 2:
- algorithm = (uint8_t)atoi(token);
- break;
- case 3:
- gateway = strdup(token);
- if (!gateway || (gateway_type == 0 &&
- (token[0] != '.' || token[1] != '\0'))) {
- LDNS_FREE(gateway);
- LDNS_FREE(token);
- ldns_buffer_free(str_buf);
- return LDNS_STATUS_INVALID_STR;
- }
- break;
- case 4:
- publickey = strdup(token);
- break;
- default:
- LDNS_FREE(token);
- ldns_buffer_free(str_buf);
- return LDNS_STATUS_INVALID_STR;
- break;
- }
- token_count++;
- }
-
- if (!gateway || !publickey) {
- if (gateway)
- LDNS_FREE(gateway);
- if (publickey)
- LDNS_FREE(publickey);
- LDNS_FREE(token);
- ldns_buffer_free(str_buf);
- return LDNS_STATUS_INVALID_STR;
- }
-
- if (gateway_type == 1) {
- status = ldns_str2rdf_a(&gateway_rdf, gateway);
- } else if (gateway_type == 2) {
- status = ldns_str2rdf_aaaa(&gateway_rdf, gateway);
- } else if (gateway_type == 3) {
- status = ldns_str2rdf_dname(&gateway_rdf, gateway);
- }
-
- if (status != LDNS_STATUS_OK) {
- if (gateway)
- LDNS_FREE(gateway);
- if (publickey)
- LDNS_FREE(publickey);
- LDNS_FREE(token);
- ldns_buffer_free(str_buf);
- return LDNS_STATUS_INVALID_STR;
- }
-
- status = ldns_str2rdf_b64(&publickey_rdf, publickey);
-
- if (status != LDNS_STATUS_OK) {
- if (gateway)
- LDNS_FREE(gateway);
- if (publickey)
- LDNS_FREE(publickey);
- LDNS_FREE(token);
- ldns_buffer_free(str_buf);
- if (gateway_rdf) ldns_rdf_free(gateway_rdf);
- return LDNS_STATUS_INVALID_STR;
- }
-
- /* now copy all into one ipseckey rdf */
- if (gateway_type)
- ipseckey_len = 3 + (int)ldns_rdf_size(gateway_rdf) + (int)ldns_rdf_size(publickey_rdf);
- else
- ipseckey_len = 3 + (int)ldns_rdf_size(publickey_rdf);
-
- data = LDNS_XMALLOC(uint8_t, ipseckey_len);
- if(!data) {
- if (gateway)
- LDNS_FREE(gateway);
- if (publickey)
- LDNS_FREE(publickey);
- LDNS_FREE(token);
- ldns_buffer_free(str_buf);
- if (gateway_rdf) ldns_rdf_free(gateway_rdf);
- if (publickey_rdf) ldns_rdf_free(publickey_rdf);
- return LDNS_STATUS_MEM_ERR;
- }
-
- data[0] = precedence;
- data[1] = gateway_type;
- data[2] = algorithm;
-
- if (gateway_type) {
- memcpy(data + 3,
- ldns_rdf_data(gateway_rdf), ldns_rdf_size(gateway_rdf));
- memcpy(data + 3 + ldns_rdf_size(gateway_rdf),
- ldns_rdf_data(publickey_rdf), ldns_rdf_size(publickey_rdf));
- } else {
- memcpy(data + 3,
- ldns_rdf_data(publickey_rdf), ldns_rdf_size(publickey_rdf));
- }
-
- *rd = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_IPSECKEY, (uint16_t) ipseckey_len, data);
-
- if (gateway)
- LDNS_FREE(gateway);
- if (publickey)
- LDNS_FREE(publickey);
- LDNS_FREE(token);
- ldns_buffer_free(str_buf);
- ldns_rdf_free(gateway_rdf);
- ldns_rdf_free(publickey_rdf);
- LDNS_FREE(data);
- if(!*rd) return LDNS_STATUS_MEM_ERR;
- return LDNS_STATUS_OK;
-}
+++ /dev/null
-/*
- * tsig.c
- *
- * contains the functions needed for TSIG [RFC2845]
- *
- * (c) 2005-2006 NLnet Labs
- * See the file LICENSE for the license
- */
-
-#include <ldns/config.h>
-
-#include <ldns/ldns.h>
-
-#ifdef _MSC_VER
-#include <string.h>
-#else
-#include <strings.h>
-#endif
-
-#ifdef HAVE_SSL
-#include <openssl/hmac.h>
-#include <openssl/md5.h>
-#endif /* HAVE_SSL */
-
-char *
-ldns_tsig_algorithm(ldns_tsig_credentials *tc)
-{
- return tc->algorithm;
-}
-
-char *
-ldns_tsig_keyname(ldns_tsig_credentials *tc)
-{
- return tc->keyname;
-}
-
-char *
-ldns_tsig_keydata(ldns_tsig_credentials *tc)
-{
- return tc->keydata;
-}
-
-char *
-ldns_tsig_keyname_clone(ldns_tsig_credentials *tc)
-{
- return strdup(tc->keyname);
-}
-
-char *
-ldns_tsig_keydata_clone(ldns_tsig_credentials *tc)
-{
- return strdup(tc->keydata);
-}
-
-/*
- * Makes an exact copy of the wire, but with the tsig rr removed
- */
-uint8_t *
-ldns_tsig_prepare_pkt_wire(uint8_t *wire, size_t wire_len, size_t *result_len)
-{
- uint8_t *wire2 = NULL;
- uint16_t qd_count;
- uint16_t an_count;
- uint16_t ns_count;
- uint16_t ar_count;
- ldns_rr *rr;
-
- size_t pos;
- uint16_t i;
-
- ldns_status status;
-
- if(wire_len < LDNS_HEADER_SIZE) {
- return NULL;
- }
- /* fake parse the wire */
- qd_count = LDNS_QDCOUNT(wire);
- an_count = LDNS_ANCOUNT(wire);
- ns_count = LDNS_NSCOUNT(wire);
- ar_count = LDNS_ARCOUNT(wire);
-
- if (ar_count > 0) {
- ar_count--;
- } else {
- return NULL;
- }
-
- pos = LDNS_HEADER_SIZE;
-
- for (i = 0; i < qd_count; i++) {
- status = ldns_wire2rr(&rr, wire, wire_len, &pos, LDNS_SECTION_QUESTION);
- if (status != LDNS_STATUS_OK) {
- return NULL;
- }
- ldns_rr_free(rr);
- }
-
- for (i = 0; i < an_count; i++) {
- status = ldns_wire2rr(&rr, wire, wire_len, &pos, LDNS_SECTION_ANSWER);
- if (status != LDNS_STATUS_OK) {
- return NULL;
- }
- ldns_rr_free(rr);
- }
-
- for (i = 0; i < ns_count; i++) {
- status = ldns_wire2rr(&rr, wire, wire_len, &pos, LDNS_SECTION_AUTHORITY);
- if (status != LDNS_STATUS_OK) {
- return NULL;
- }
- ldns_rr_free(rr);
- }
-
- for (i = 0; i < ar_count; i++) {
- status = ldns_wire2rr(&rr, wire, wire_len, &pos,
- LDNS_SECTION_ADDITIONAL);
- if (status != LDNS_STATUS_OK) {
- return NULL;
- }
- ldns_rr_free(rr);
- }
-
- *result_len = pos;
- wire2 = LDNS_XMALLOC(uint8_t, *result_len);
- if(!wire2) {
- return NULL;
- }
- memcpy(wire2, wire, *result_len);
-
- ldns_write_uint16(wire2 + LDNS_ARCOUNT_OFF, ar_count);
-
- return wire2;
-}
-
-#ifdef HAVE_SSL
-static const EVP_MD *
-ldns_digest_function(char *name)
-{
- /* these are the mandatory algorithms from RFC4635 */
- /* The optional algorithms are not yet implemented */
- if (strlen(name) == 12 && strncasecmp(name, "hmac-sha256.", 11) == 0) {
-#ifdef HAVE_EVP_SHA256
- return EVP_sha256();
-#else
- return NULL;
-#endif
- } else if (strlen(name) == 10 && strncasecmp(name, "hmac-sha1.", 9) == 0)
- return EVP_sha1();
- else if (strlen(name) == 25 && strncasecmp(name,
- "hmac-md5.sig-alg.reg.int.", 25) == 0)
- return EVP_md5();
- else
- return NULL;
-}
-#endif
-
-#ifdef HAVE_SSL
-static ldns_status
-ldns_tsig_mac_new(ldns_rdf **tsig_mac, uint8_t *pkt_wire, size_t pkt_wire_size,
- const char *key_data, ldns_rdf *key_name_rdf, ldns_rdf *fudge_rdf,
- ldns_rdf *algorithm_rdf, ldns_rdf *time_signed_rdf, ldns_rdf *error_rdf,
- ldns_rdf *other_data_rdf, ldns_rdf *orig_mac_rdf, int tsig_timers_only)
-{
- char *wireformat;
- int wiresize;
- unsigned char *mac_bytes;
- unsigned char *key_bytes;
- int key_size;
- const EVP_MD *digester;
- char *algorithm_name;
- unsigned int md_len = EVP_MAX_MD_SIZE;
- ldns_rdf *result = NULL;
- ldns_buffer *data_buffer = NULL;
-
- /*
- * prepare the digestable information
- */
- data_buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN);
- if(!data_buffer) {
- return LDNS_STATUS_MEM_ERR;
- }
- /* if orig_mac is not NULL, add it too */
- if (orig_mac_rdf) {
- (void) ldns_rdf2buffer_wire(data_buffer, orig_mac_rdf);
- }
- ldns_buffer_write(data_buffer, pkt_wire, pkt_wire_size);
- if (!tsig_timers_only) {
- (void)ldns_rdf2buffer_wire(data_buffer, key_name_rdf);
- ldns_buffer_write_u16(data_buffer, LDNS_RR_CLASS_ANY);
- ldns_buffer_write_u32(data_buffer, 0);
- (void)ldns_rdf2buffer_wire(data_buffer, algorithm_rdf);
- }
- (void)ldns_rdf2buffer_wire(data_buffer, time_signed_rdf);
- (void)ldns_rdf2buffer_wire(data_buffer, fudge_rdf);
- if (!tsig_timers_only) {
- (void)ldns_rdf2buffer_wire(data_buffer, error_rdf);
- (void)ldns_rdf2buffer_wire(data_buffer, other_data_rdf);
- }
-
- wireformat = (char *) data_buffer->_data;
- wiresize = (int) ldns_buffer_position(data_buffer);
-
- algorithm_name = ldns_rdf2str(algorithm_rdf);
- if(!algorithm_name) {
- ldns_buffer_free(data_buffer);
- return LDNS_STATUS_MEM_ERR;
- }
-
- /* prepare the key */
- key_bytes = LDNS_XMALLOC(unsigned char,
- ldns_b64_pton_calculate_size(strlen(key_data)));
- if(!key_bytes) {
- LDNS_FREE(algorithm_name);
- ldns_buffer_free(data_buffer);
- return LDNS_STATUS_MEM_ERR;
- }
- key_size = ldns_b64_pton(key_data, key_bytes,
- ldns_b64_pton_calculate_size(strlen(key_data)));
- if (key_size < 0) {
- LDNS_FREE(algorithm_name);
- LDNS_FREE(key_bytes);
- ldns_buffer_free(data_buffer);
- /* LDNS_STATUS_INVALID_B64 */
- return LDNS_STATUS_INVALID_B64;
- }
- /* hmac it */
- /* 2 spare bytes for the length */
- mac_bytes = LDNS_XMALLOC(unsigned char, md_len+2);
- if(!mac_bytes) {
- LDNS_FREE(algorithm_name);
- LDNS_FREE(key_bytes);
- ldns_buffer_free(data_buffer);
- return LDNS_STATUS_MEM_ERR;
- }
- memset(mac_bytes, 0, md_len+2);
-
- digester = ldns_digest_function(algorithm_name);
-
- if (digester) {
- (void) HMAC(digester, key_bytes, key_size, (void *)wireformat,
- (size_t) wiresize, mac_bytes + 2, &md_len);
-
- ldns_write_uint16(mac_bytes, md_len);
- result = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_INT16_DATA, md_len + 2,
- mac_bytes);
- } else {
- LDNS_FREE(algorithm_name);
- LDNS_FREE(mac_bytes);
- LDNS_FREE(key_bytes);
- ldns_buffer_free(data_buffer);
- return LDNS_STATUS_CRYPTO_UNKNOWN_ALGO;
- }
-
- LDNS_FREE(algorithm_name);
- LDNS_FREE(mac_bytes);
- LDNS_FREE(key_bytes);
- ldns_buffer_free(data_buffer);
-
- *tsig_mac = result;
-
- return LDNS_STATUS_OK;
-}
-#endif /* HAVE_SSL */
-
-
-#ifdef HAVE_SSL
-bool
-ldns_pkt_tsig_verify(ldns_pkt *pkt, uint8_t *wire, size_t wirelen, const char *key_name,
- const char *key_data, ldns_rdf *orig_mac_rdf)
-{
- return ldns_pkt_tsig_verify_next(pkt, wire, wirelen, key_name, key_data, orig_mac_rdf, 0);
-}
-
-bool
-ldns_pkt_tsig_verify_next(ldns_pkt *pkt, uint8_t *wire, size_t wirelen, const char* key_name,
- const char *key_data, ldns_rdf *orig_mac_rdf, int tsig_timers_only)
-{
- ldns_rdf *fudge_rdf;
- ldns_rdf *algorithm_rdf;
- ldns_rdf *time_signed_rdf;
- ldns_rdf *orig_id_rdf;
- ldns_rdf *error_rdf;
- ldns_rdf *other_data_rdf;
- ldns_rdf *pkt_mac_rdf;
- ldns_rdf *my_mac_rdf;
- ldns_rdf *key_name_rdf = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, key_name);
- uint16_t pkt_id, orig_pkt_id;
- ldns_status status;
-
- uint8_t *prepared_wire = NULL;
- size_t prepared_wire_size = 0;
-
- ldns_rr *orig_tsig = ldns_pkt_tsig(pkt);
-
- if (!orig_tsig) {
- ldns_rdf_deep_free(key_name_rdf);
- return false;
- }
- algorithm_rdf = ldns_rr_rdf(orig_tsig, 0);
- time_signed_rdf = ldns_rr_rdf(orig_tsig, 1);
- fudge_rdf = ldns_rr_rdf(orig_tsig, 2);
- pkt_mac_rdf = ldns_rr_rdf(orig_tsig, 3);
- orig_id_rdf = ldns_rr_rdf(orig_tsig, 4);
- error_rdf = ldns_rr_rdf(orig_tsig, 5);
- other_data_rdf = ldns_rr_rdf(orig_tsig, 6);
-
- /* remove temporarily */
- ldns_pkt_set_tsig(pkt, NULL);
- /* temporarily change the id to the original id */
- pkt_id = ldns_pkt_id(pkt);
- orig_pkt_id = ldns_rdf2native_int16(orig_id_rdf);
- ldns_pkt_set_id(pkt, orig_pkt_id);
-
- prepared_wire = ldns_tsig_prepare_pkt_wire(wire, wirelen, &prepared_wire_size);
-
- status = ldns_tsig_mac_new(&my_mac_rdf, prepared_wire, prepared_wire_size,
- key_data, key_name_rdf, fudge_rdf, algorithm_rdf,
- time_signed_rdf, error_rdf, other_data_rdf, orig_mac_rdf, tsig_timers_only);
-
- LDNS_FREE(prepared_wire);
-
- if (status != LDNS_STATUS_OK) {
- ldns_rdf_deep_free(key_name_rdf);
- return false;
- }
- /* Put back the values */
- ldns_pkt_set_tsig(pkt, orig_tsig);
- ldns_pkt_set_id(pkt, pkt_id);
-
- ldns_rdf_deep_free(key_name_rdf);
-
- if (ldns_rdf_compare(pkt_mac_rdf, my_mac_rdf) == 0) {
- ldns_rdf_deep_free(my_mac_rdf);
- return true;
- } else {
- ldns_rdf_deep_free(my_mac_rdf);
- return false;
- }
-}
-#endif /* HAVE_SSL */
-
-#ifdef HAVE_SSL
-ldns_status
-ldns_pkt_tsig_sign(ldns_pkt *pkt, const char *key_name, const char *key_data,
- uint16_t fudge, const char *algorithm_name, ldns_rdf *query_mac)
-{
- return ldns_pkt_tsig_sign_next(pkt, key_name, key_data, fudge, algorithm_name, query_mac, 0);
-}
-
-ldns_status
-ldns_pkt_tsig_sign_next(ldns_pkt *pkt, const char *key_name, const char *key_data,
- uint16_t fudge, const char *algorithm_name, ldns_rdf *query_mac, int tsig_timers_only)
-{
- ldns_rr *tsig_rr;
- ldns_rdf *key_name_rdf = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, key_name);
- ldns_rdf *fudge_rdf = NULL;
- ldns_rdf *orig_id_rdf = NULL;
- ldns_rdf *algorithm_rdf;
- ldns_rdf *error_rdf = NULL;
- ldns_rdf *mac_rdf = NULL;
- ldns_rdf *other_data_rdf = NULL;
-
- ldns_status status = LDNS_STATUS_OK;
-
- uint8_t *pkt_wire = NULL;
- size_t pkt_wire_len;
-
- struct timeval tv_time_signed;
- uint8_t *time_signed = NULL;
- ldns_rdf *time_signed_rdf = NULL;
-
- algorithm_rdf = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, algorithm_name);
- if(!key_name_rdf || !algorithm_rdf) {
- status = LDNS_STATUS_MEM_ERR;
- goto clean;
- }
-
- /* eww don't have create tsigtime rdf yet :( */
- /* bleh :p */
- if (gettimeofday(&tv_time_signed, NULL) == 0) {
- time_signed = LDNS_XMALLOC(uint8_t, 6);
- if(!time_signed) {
- status = LDNS_STATUS_MEM_ERR;
- goto clean;
- }
- ldns_write_uint64_as_uint48(time_signed,
- (uint64_t)tv_time_signed.tv_sec);
- } else {
- status = LDNS_STATUS_INTERNAL_ERR;
- goto clean;
- }
-
- time_signed_rdf = ldns_rdf_new(LDNS_RDF_TYPE_TSIGTIME, 6, time_signed);
- if(!time_signed_rdf) {
- LDNS_FREE(time_signed);
- status = LDNS_STATUS_MEM_ERR;
- goto clean;
- }
-
- fudge_rdf = ldns_native2rdf_int16(LDNS_RDF_TYPE_INT16, fudge);
-
- orig_id_rdf = ldns_native2rdf_int16(LDNS_RDF_TYPE_INT16, ldns_pkt_id(pkt));
-
- error_rdf = ldns_native2rdf_int16(LDNS_RDF_TYPE_INT16, 0);
-
- other_data_rdf = ldns_native2rdf_int16_data(0, NULL);
-
- if(!fudge_rdf || !orig_id_rdf || !error_rdf || !other_data_rdf) {
- status = LDNS_STATUS_MEM_ERR;
- goto clean;
- }
-
- if (ldns_pkt2wire(&pkt_wire, pkt, &pkt_wire_len) != LDNS_STATUS_OK) {
- status = LDNS_STATUS_ERR;
- goto clean;
- }
-
- status = ldns_tsig_mac_new(&mac_rdf, pkt_wire, pkt_wire_len,
- key_data, key_name_rdf, fudge_rdf, algorithm_rdf,
- time_signed_rdf, error_rdf, other_data_rdf, query_mac, tsig_timers_only);
-
- if (!mac_rdf) {
- goto clean;
- }
-
- LDNS_FREE(pkt_wire);
-
- /* Create the TSIG RR */
- tsig_rr = ldns_rr_new();
- if(!tsig_rr) {
- status = LDNS_STATUS_MEM_ERR;
- goto clean;
- }
- ldns_rr_set_owner(tsig_rr, key_name_rdf);
- ldns_rr_set_class(tsig_rr, LDNS_RR_CLASS_ANY);
- ldns_rr_set_type(tsig_rr, LDNS_RR_TYPE_TSIG);
- ldns_rr_set_ttl(tsig_rr, 0);
-
- ldns_rr_push_rdf(tsig_rr, algorithm_rdf);
- ldns_rr_push_rdf(tsig_rr, time_signed_rdf);
- ldns_rr_push_rdf(tsig_rr, fudge_rdf);
- ldns_rr_push_rdf(tsig_rr, mac_rdf);
- ldns_rr_push_rdf(tsig_rr, orig_id_rdf);
- ldns_rr_push_rdf(tsig_rr, error_rdf);
- ldns_rr_push_rdf(tsig_rr, other_data_rdf);
-
- ldns_pkt_set_tsig(pkt, tsig_rr);
-
- return status;
-
- clean:
- LDNS_FREE(pkt_wire);
- ldns_rdf_free(key_name_rdf);
- ldns_rdf_free(algorithm_rdf);
- ldns_rdf_free(time_signed_rdf);
- ldns_rdf_free(fudge_rdf);
- ldns_rdf_free(orig_id_rdf);
- ldns_rdf_free(error_rdf);
- ldns_rdf_free(other_data_rdf);
- return status;
-}
-#endif /* HAVE_SSL */
+++ /dev/null
-/* update.c
- *
- * Functions for RFC 2136 Dynamic Update
- *
- * Copyright (c) 2005-2008, NLnet Labs. All rights reserved.
- *
- * See LICENSE for the license.
- */
-
-#include <ldns/config.h>
-
-#include <ldns/ldns.h>
-
-#ifdef _MSC_VER
-#include <string.h>
-#else
-#include <strings.h>
-#endif
-#include <stdlib.h>
-#include <limits.h>
-
-/*
- * RFC 2136 sections mapped to RFC 1035:
- * zone/ZO -- QD/question
- * prerequisites/PR -- AN/answers
- * updates/UP -- NS/authority records
- * additional data/AD -- AR/additional records
- */
-
-ldns_pkt *
-ldns_update_pkt_new(ldns_rdf *zone_rdf, ldns_rr_class c,
- ldns_rr_list *pr_rrlist, ldns_rr_list *up_rrlist, ldns_rr_list *ad_rrlist)
-{
- ldns_pkt *p;
-
- if (!zone_rdf || !up_rrlist) {
- return NULL;
- }
-
- if (c == 0) {
- c = LDNS_RR_CLASS_IN;
- }
-
- /* Create packet, fill in Zone Section. */
- p = ldns_pkt_query_new(zone_rdf, LDNS_RR_TYPE_SOA, c, LDNS_RD);
- if (!p) {
- return NULL;
- }
- zone_rdf = NULL; /* No longer safe to use. */
-
- ldns_pkt_set_opcode(p, LDNS_PACKET_UPDATE);
-
- ldns_rr_list_deep_free(p->_authority);
-
- ldns_pkt_set_authority(p, ldns_rr_list_clone(up_rrlist));
-
- ldns_update_set_upcount(p, ldns_rr_list_rr_count(up_rrlist));
-
- if (pr_rrlist) {
- ldns_rr_list_deep_free(p->_answer); /*XXX access function */
- ldns_pkt_set_answer(p, ldns_rr_list_clone(pr_rrlist));
- ldns_update_set_prcount(p, ldns_rr_list_rr_count(pr_rrlist));
- }
-
- if (ad_rrlist) {
- ldns_rr_list_deep_free(p->_additional);
- ldns_pkt_set_additional(p, ldns_rr_list_clone(ad_rrlist));
- ldns_update_set_adcount(p, ldns_rr_list_rr_count(ad_rrlist));
- }
- return p;
-}
-
-ldns_status
-ldns_update_pkt_tsig_add(ldns_pkt *p, ldns_resolver *r)
-{
-#ifdef HAVE_SSL
- uint16_t fudge = 300; /* Recommended fudge. [RFC2845 6.4] */
- if (ldns_resolver_tsig_keyname(r) && ldns_resolver_tsig_keydata(r))
- return ldns_pkt_tsig_sign(p, ldns_resolver_tsig_keyname(r),
- ldns_resolver_tsig_keydata(r), fudge,
- ldns_resolver_tsig_algorithm(r), NULL);
-#else
- /* do nothing */
- (void)p;
- (void)r;
-#endif /* HAVE_SSL */
- /* No TSIG to do. */
- return LDNS_STATUS_OK;
-}
-
-/* Move to higher.c or similar? */
-/* XXX doc */
-ldns_status
-ldns_update_soa_mname(ldns_rdf *zone, ldns_resolver *r,
- ldns_rr_class c, ldns_rdf **mname)
-{
- ldns_rr *soa_rr;
- ldns_pkt *query, *resp;
-
- /* Nondestructive, so clone 'zone' here */
- query = ldns_pkt_query_new(ldns_rdf_clone(zone), LDNS_RR_TYPE_SOA,
- c, LDNS_RD);
- if (!query) {
- return LDNS_STATUS_ERR;
- }
-
- ldns_pkt_set_random_id(query);
- if (ldns_resolver_send_pkt(&resp, r, query) != LDNS_STATUS_OK) {
- ldns_pkt_free(query);
- return LDNS_STATUS_ERR;
- }
- ldns_pkt_free(query);
- if (!resp) {
- return LDNS_STATUS_ERR;
- }
-
- /* Expect a SOA answer. */
- *mname = NULL;
- while ((soa_rr = ldns_rr_list_pop_rr(ldns_pkt_answer(resp)))) {
- if (ldns_rr_get_type(soa_rr) != LDNS_RR_TYPE_SOA)
- continue;
- /* [RFC1035 3.3.13] */
- *mname = ldns_rdf_clone(ldns_rr_rdf(soa_rr, 0));
- break;
- }
- ldns_pkt_free(resp);
-
- return *mname ? LDNS_STATUS_OK : LDNS_STATUS_ERR;
-}
-
-/* Try to get zone and MNAME from SOA queries. */
-ldns_status
-ldns_update_soa_zone_mname(const char *fqdn, ldns_resolver *r,
- ldns_rr_class c, ldns_rdf **zone_rdf, ldns_rdf **mname_rdf)
-{
- ldns_rr *soa_rr, *rr;
- ldns_rdf *soa_zone = NULL, *soa_mname = NULL;
- ldns_rdf *ipaddr, *fqdn_rdf, *tmp;
- ldns_rdf **nslist;
- ldns_pkt *query, *resp;
- size_t i;
-
- /*
- * XXX Ok, this cannot be the best way to find this...?
- * XXX (I run into weird cache-related stuff here)
- */
-
- /* Step 1 - first find a nameserver that should know *something* */
- fqdn_rdf = ldns_dname_new_frm_str(fqdn);
- query = ldns_pkt_query_new(fqdn_rdf, LDNS_RR_TYPE_SOA, c, LDNS_RD);
- if (!query) {
- return LDNS_STATUS_ERR;
- }
- fqdn_rdf = NULL;
-
- ldns_pkt_set_random_id(query);
- if (ldns_resolver_send_pkt(&resp, r, query) != LDNS_STATUS_OK) {
- ldns_pkt_free(query);
- return LDNS_STATUS_ERR;
- }
- ldns_pkt_free(query);
- if (!resp) {
- return LDNS_STATUS_ERR;
- }
-
- /* XXX Is it safe to only look in authority section here? */
- while ((soa_rr = ldns_rr_list_pop_rr(ldns_pkt_authority(resp)))) {
- if (ldns_rr_get_type(soa_rr) != LDNS_RR_TYPE_SOA)
- continue;
- /* [RFC1035 3.3.13] */
- soa_mname = ldns_rdf_clone(ldns_rr_rdf(soa_rr, 0));
- break;
- }
- ldns_pkt_free(resp);
- if (!soa_rr) {
- return LDNS_STATUS_ERR;
- }
-
- /* Step 2 - find SOA MNAME IP address, add to resolver */
- query = ldns_pkt_query_new(soa_mname, LDNS_RR_TYPE_A, c, LDNS_RD);
- if (!query) {
- return LDNS_STATUS_ERR;
- }
- soa_mname = NULL;
-
- ldns_pkt_set_random_id(query);
- if (ldns_resolver_send_pkt(&resp, r, query) != LDNS_STATUS_OK) {
- ldns_pkt_free(query);
- return LDNS_STATUS_ERR;
- }
- ldns_pkt_free(query);
- if (!resp) {
- return LDNS_STATUS_ERR;
- }
-
- if (ldns_pkt_ancount(resp) == 0) {
- ldns_pkt_free(resp);
- return LDNS_STATUS_ERR;
- }
-
- /* XXX There may be more than one answer RR here. */
- rr = ldns_rr_list_pop_rr(ldns_pkt_answer(resp));
- ipaddr = ldns_rr_rdf(rr, 0);
-
- /* Put the SOA mname IP first in the nameserver list. */
- nslist = ldns_resolver_nameservers(r);
- for (i = 0; i < ldns_resolver_nameserver_count(r); i++) {
- if (ldns_rdf_compare(ipaddr, nslist[i]) == 0) {
- if (i) {
- tmp = nslist[0];
- nslist[0] = nslist[i];
- nslist[i] = tmp;
- }
- break;
- }
- }
- if (i >= ldns_resolver_nameserver_count(r)) {
- /* SOA mname was not part of the resolver so add it first. */
- (void) ldns_resolver_push_nameserver(r, ipaddr);
- nslist = ldns_resolver_nameservers(r);
- i = ldns_resolver_nameserver_count(r) - 1;
- tmp = nslist[0];
- nslist[0] = nslist[i];
- nslist[i] = tmp;
- }
- ldns_pkt_free(resp);
-
- /* Make sure to ask the first in the list, i.e SOA mname */
- ldns_resolver_set_random(r, false);
-
- /* Step 3 - Redo SOA query, sending to SOA MNAME directly. */
- fqdn_rdf = ldns_dname_new_frm_str(fqdn);
- query = ldns_pkt_query_new(fqdn_rdf, LDNS_RR_TYPE_SOA, c, LDNS_RD);
- if (!query) {
- return LDNS_STATUS_ERR;
- }
- fqdn_rdf = NULL;
-
- ldns_pkt_set_random_id(query);
- if (ldns_resolver_send_pkt(&resp, r, query) != LDNS_STATUS_OK) {
- ldns_pkt_free(query);
- return LDNS_STATUS_ERR;
- }
- ldns_pkt_free(query);
- if (!resp) {
- return LDNS_STATUS_ERR;
- }
-
- /* XXX Is it safe to only look in authority section here, too? */
- while ((soa_rr = ldns_rr_list_pop_rr(ldns_pkt_authority(resp)))) {
- if (ldns_rr_get_type(soa_rr) != LDNS_RR_TYPE_SOA)
- continue;
- /* [RFC1035 3.3.13] */
- soa_mname = ldns_rdf_clone(ldns_rr_rdf(soa_rr, 0));
- soa_zone = ldns_rdf_clone(ldns_rr_owner(soa_rr));
- break;
- }
- ldns_pkt_free(resp);
- if (!soa_rr) {
- return LDNS_STATUS_ERR;
- }
-
- /* That seems to have worked, pass results to caller. */
- *zone_rdf = soa_zone;
- *mname_rdf = soa_mname;
- return LDNS_STATUS_OK;
-}
-
-/*
- * ldns_update_{get,set}_{zo,pr,up,ad}count
- */
-
-uint16_t
-ldns_update_zocount(const ldns_pkt *p)
-{
- return ldns_pkt_qdcount(p);
-}
-
-uint16_t
-ldns_update_prcount(const ldns_pkt *p)
-{
- return ldns_pkt_ancount(p);
-}
-
-uint16_t
-ldns_update_upcount(const ldns_pkt *p)
-{
- return ldns_pkt_nscount(p);
-}
-
-uint16_t
-ldns_update_ad(const ldns_pkt *p)
-{
- return ldns_pkt_arcount(p);
-}
-
-void
-ldns_update_set_zo(ldns_pkt *p, uint16_t v)
-{
- ldns_pkt_set_qdcount(p, v);
-}
-
-void
-ldns_update_set_prcount(ldns_pkt *p, uint16_t v)
-{
- ldns_pkt_set_ancount(p, v);
-}
-
-void
-ldns_update_set_upcount(ldns_pkt *p, uint16_t v)
-{
- ldns_pkt_set_nscount(p, v);
-}
-
-void
-ldns_update_set_adcount(ldns_pkt *p, uint16_t v)
-{
- ldns_pkt_set_arcount(p, v);
-}
+++ /dev/null
-/*
- * util.c
- *
- * some general memory functions
- *
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2004-2006
- *
- * See the file LICENSE for the license
- */
-
-#include <ldns/config.h>
-
-#include <ldns/rdata.h>
-#include <ldns/rr.h>
-#include <ldns/util.h>
-#ifdef _MSC_VER
-#include <string.h>
-#else
-#include <strings.h>
-#endif
-#include <stdlib.h>
-#include <stdio.h>
-#ifndef _MSC_VER
-#include <sys/time.h>
-#else
-#include <compat/gettimeofday.h>
-#endif
-#include <time.h>
-
-#ifdef HAVE_SSL
-#include <openssl/rand.h>
-#endif
-
-/* put this here tmp. for debugging */
-void
-xprintf_rdf(ldns_rdf *rd)
-{
- /* assume printable string */
- fprintf(stderr, "size\t:%u\n", (unsigned int)ldns_rdf_size(rd));
- fprintf(stderr, "type\t:%u\n", (unsigned int)ldns_rdf_get_type(rd));
- fprintf(stderr, "data\t:[%.*s]\n", (int)ldns_rdf_size(rd),
- (char*)ldns_rdf_data(rd));
-}
-
-void
-xprintf_rr(ldns_rr *rr)
-{
- /* assume printable string */
- uint16_t count, i;
-
- count = ldns_rr_rd_count(rr);
-
- for(i = 0; i < count; i++) {
- fprintf(stderr, "print rd %u\n", (unsigned int) i);
- xprintf_rdf(rr->_rdata_fields[i]);
- }
-}
-
-void xprintf_hex(uint8_t *data, size_t len)
-{
- size_t i;
- for (i = 0; i < len; i++) {
- if (i > 0 && i % 20 == 0) {
- printf("\t; %u - %u\n", (unsigned int) i - 19, (unsigned int) i);
- }
- printf("%02x ", (unsigned int) data[i]);
- }
- printf("\n");
-}
-
-ldns_lookup_table *
-ldns_lookup_by_name(ldns_lookup_table *table, const char *name)
-{
- while (table->name != NULL) {
- if (strcasecmp(name, table->name) == 0)
- return table;
- table++;
- }
- return NULL;
-}
-
-ldns_lookup_table *
-ldns_lookup_by_id(ldns_lookup_table *table, int id)
-{
- while (table->name != NULL) {
- if (table->id == id)
- return table;
- table++;
- }
- return NULL;
-}
-
-int
-ldns_get_bit(uint8_t bits[], size_t index)
-{
- /*
- * The bits are counted from left to right, so bit #0 is the
- * left most bit.
- */
- return (int) (bits[index / 8] & (1 << (7 - index % 8)));
-}
-
-int
-ldns_get_bit_r(uint8_t bits[], size_t index)
-{
- /*
- * The bits are counted from right to left, so bit #0 is the
- * right most bit.
- */
- return (int) bits[index / 8] & (1 << (index % 8));
-}
-
-void
-ldns_set_bit(uint8_t *byte, int bit_nr, bool value)
-{
- if (bit_nr >= 0 && bit_nr < 8) {
- if (value) {
- *byte = *byte | (0x01 << bit_nr);
- } else {
- *byte = *byte & ~(0x01 << bit_nr);
- }
- }
-}
-
-int
-ldns_hexdigit_to_int(char ch)
-{
- switch (ch) {
- case '0': return 0;
- case '1': return 1;
- case '2': return 2;
- case '3': return 3;
- case '4': return 4;
- case '5': return 5;
- case '6': return 6;
- case '7': return 7;
- case '8': return 8;
- case '9': return 9;
- case 'a': case 'A': return 10;
- case 'b': case 'B': return 11;
- case 'c': case 'C': return 12;
- case 'd': case 'D': return 13;
- case 'e': case 'E': return 14;
- case 'f': case 'F': return 15;
- default:
- return -1;
- }
-}
-
-char
-ldns_int_to_hexdigit(int i)
-{
- switch (i) {
- case 0: return '0';
- case 1: return '1';
- case 2: return '2';
- case 3: return '3';
- case 4: return '4';
- case 5: return '5';
- case 6: return '6';
- case 7: return '7';
- case 8: return '8';
- case 9: return '9';
- case 10: return 'a';
- case 11: return 'b';
- case 12: return 'c';
- case 13: return 'd';
- case 14: return 'e';
- case 15: return 'f';
- default:
- abort();
- }
-}
-
-int
-ldns_hexstring_to_data(uint8_t *data, const char *str)
-{
- size_t i;
-
- if (!str || !data) {
- return -1;
- }
-
- if (strlen(str) % 2 != 0) {
- return -2;
- }
-
- for (i = 0; i < strlen(str) / 2; i++) {
- data[i] =
- 16 * (uint8_t) ldns_hexdigit_to_int(str[i*2]) +
- (uint8_t) ldns_hexdigit_to_int(str[i*2 + 1]);
- }
-
- return (int) i;
-}
-
-const char *
-ldns_version(void)
-{
- return (char*)LDNS_VERSION;
-}
-
-/* Number of days per month (except for February in leap years). */
-static const int mdays[] = {
- 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31
-};
-
-static int
-is_leap_year(int year)
-{
- return year % 4 == 0 && (year % 100 != 0 || year % 400 == 0);
-}
-
-static int
-leap_days(int y1, int y2)
-{
- --y1;
- --y2;
- return (y2/4 - y1/4) - (y2/100 - y1/100) + (y2/400 - y1/400);
-}
-
-/*
- * Code adapted from Python 2.4.1 sources (Lib/calendar.py).
- */
-time_t
-mktime_from_utc(const struct tm *tm)
-{
- int year = 1900 + tm->tm_year;
- time_t days = 365 * ((time_t) year - 1970) + leap_days(1970, year);
- time_t hours;
- time_t minutes;
- time_t seconds;
- int i;
-
- for (i = 0; i < tm->tm_mon; ++i) {
- days += mdays[i];
- }
- if (tm->tm_mon > 1 && is_leap_year(year)) {
- ++days;
- }
- days += tm->tm_mday - 1;
-
- hours = days * 24 + tm->tm_hour;
- minutes = hours * 60 + tm->tm_min;
- seconds = minutes * 60 + tm->tm_sec;
-
- return seconds;
-}
-
-/**
- * Init the random source
- * applications should call this if they need entropy data within ldns
- * If openSSL is available, it is automatically seeded from /dev/urandom
- * or /dev/random
- *
- * If you need more entropy, or have no openssl available, this function
- * MUST be called at the start of the program
- *
- * If openssl *is* available, this function just adds more entropy
- **/
-int
-ldns_init_random(FILE *fd, unsigned int size)
-{
- /* if fp is given, seed srandom with data from file
- otherwise use /dev/urandom */
- FILE *rand_f;
- uint8_t *seed;
- size_t read = 0;
- unsigned int seed_i;
- struct timeval tv;
-
- /* we'll need at least sizeof(unsigned int) bytes for the
- standard prng seed */
- if (size < (unsigned int) sizeof(seed_i)){
- size = (unsigned int) sizeof(seed_i);
- }
-
- seed = LDNS_XMALLOC(uint8_t, size);
- if(!seed) {
- return 1;
- }
-
- if (!fd) {
- if ((rand_f = fopen("/dev/urandom", "r")) == NULL) {
- /* no readable /dev/urandom, try /dev/random */
- if ((rand_f = fopen("/dev/random", "r")) == NULL) {
- /* no readable /dev/random either, and no entropy
- source given. we'll have to improvise */
- for (read = 0; read < size; read++) {
- gettimeofday(&tv, NULL);
- seed[read] = (uint8_t) (tv.tv_usec % 256);
- }
- } else {
- read = fread(seed, 1, size, rand_f);
- }
- } else {
- read = fread(seed, 1, size, rand_f);
- }
- } else {
- rand_f = fd;
- read = fread(seed, 1, size, rand_f);
- }
-
- if (read < size) {
- LDNS_FREE(seed);
- return 1;
- } else {
-#ifdef HAVE_SSL
- /* Seed the OpenSSL prng (most systems have it seeded
- automatically, in that case this call just adds entropy */
- RAND_seed(seed, (int) size);
-#else
- /* Seed the standard prng, only uses the first
- * unsigned sizeof(unsiged int) bytes found in the entropy pool
- */
- memcpy(&seed_i, seed, sizeof(seed_i));
- srandom(seed_i);
-#endif
- LDNS_FREE(seed);
- }
-
- if (!fd) {
- if (rand_f) fclose(rand_f);
- }
-
- return 0;
-}
-
-/**
- * Get random number.
- *
- */
-uint16_t
-ldns_get_random(void)
-{
- uint16_t rid = 0;
-#ifdef HAVE_SSL
- if (RAND_bytes((unsigned char*)&rid, 2) != 1) {
- rid = (uint16_t) random();
- }
-#else
- rid = (uint16_t) random();
-#endif
- return rid;
-}
-
-/*
- * BubbleBabble code taken from OpenSSH
- * Copyright (c) 2001 Carsten Raskgaard. All rights reserved.
- */
-char *
-ldns_bubblebabble(uint8_t *data, size_t len)
-{
- char vowels[] = { 'a', 'e', 'i', 'o', 'u', 'y' };
- char consonants[] = { 'b', 'c', 'd', 'f', 'g', 'h', 'k', 'l', 'm',
- 'n', 'p', 'r', 's', 't', 'v', 'z', 'x' };
- size_t i, j = 0, rounds, seed = 1;
- char *retval;
-
- rounds = (len / 2) + 1;
- retval = LDNS_XMALLOC(char, rounds * 6);
- if(!retval) return NULL;
- retval[j++] = 'x';
- for (i = 0; i < rounds; i++) {
- size_t idx0, idx1, idx2, idx3, idx4;
- if ((i + 1 < rounds) || (len % 2 != 0)) {
- idx0 = (((((size_t)(data[2 * i])) >> 6) & 3) +
- seed) % 6;
- idx1 = (((size_t)(data[2 * i])) >> 2) & 15;
- idx2 = ((((size_t)(data[2 * i])) & 3) +
- (seed / 6)) % 6;
- retval[j++] = vowels[idx0];
- retval[j++] = consonants[idx1];
- retval[j++] = vowels[idx2];
- if ((i + 1) < rounds) {
- idx3 = (((size_t)(data[(2 * i) + 1])) >> 4) & 15;
- idx4 = (((size_t)(data[(2 * i) + 1]))) & 15;
- retval[j++] = consonants[idx3];
- retval[j++] = '-';
- retval[j++] = consonants[idx4];
- seed = ((seed * 5) +
- ((((size_t)(data[2 * i])) * 7) +
- ((size_t)(data[(2 * i) + 1])))) % 36;
- }
- } else {
- idx0 = seed % 6;
- idx1 = 16;
- idx2 = seed / 6;
- retval[j++] = vowels[idx0];
- retval[j++] = consonants[idx1];
- retval[j++] = vowels[idx2];
- }
- }
- retval[j++] = 'x';
- retval[j++] = '\0';
- return retval;
-}
+++ /dev/null
-/*
- * wire2host.c
- *
- * conversion routines from the wire to the host
- * format.
- * This will usually just a re-ordering of the
- * data (as we store it in network format)
- *
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2004-2006
- *
- * See the file LICENSE for the license
- */
-
-
-#include <ldns/config.h>
-
-#include <ldns/ldns.h>
-/*#include <ldns/wire2host.h>*/
-
-#ifdef _MSC_VER
-#include <string.h>
-#else
-#include <strings.h>
-#endif
-#include <limits.h>
-
-
-
-/*
- * Set of macro's to deal with the dns message header as specified
- * in RFC1035 in portable way.
- *
- */
-
-/*
- *
- * 1 1 1 1 1 1
- * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
- * +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- * | ID |
- * +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- * |QR| Opcode |AA|TC|RD|RA| Z|AD|CD| RCODE |
- * +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- * | QDCOUNT |
- * +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- * | ANCOUNT |
- * +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- * | NSCOUNT |
- * +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- * | ARCOUNT |
- * +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- *
- */
-
-
-/* allocates memory to *dname! */
-ldns_status
-ldns_wire2dname(ldns_rdf **dname, const uint8_t *wire, size_t max, size_t *pos)
-{
- uint8_t label_size;
- uint16_t pointer_target;
- uint8_t pointer_target_buf[2];
- size_t dname_pos = 0;
- size_t uncompressed_length = 0;
- size_t compression_pos = 0;
- uint8_t tmp_dname[LDNS_MAX_DOMAINLEN];
- unsigned int pointer_count = 0;
-
- if (*pos >= max) {
- return LDNS_STATUS_PACKET_OVERFLOW;
- }
-
- label_size = wire[*pos];
- while (label_size > 0) {
- /* compression */
- while (label_size >= 192) {
- if (compression_pos == 0) {
- compression_pos = *pos + 2;
- }
-
- pointer_count++;
-
- /* remove first two bits */
- if (*pos + 2 > max) {
- return LDNS_STATUS_PACKET_OVERFLOW;
- }
- pointer_target_buf[0] = wire[*pos] & 63;
- pointer_target_buf[1] = wire[*pos + 1];
- pointer_target = ldns_read_uint16(pointer_target_buf);
-
- if (pointer_target == 0) {
- return LDNS_STATUS_INVALID_POINTER;
- } else if (pointer_target >= max) {
- return LDNS_STATUS_INVALID_POINTER;
- } else if (pointer_count > LDNS_MAX_POINTERS) {
- return LDNS_STATUS_INVALID_POINTER;
- }
- *pos = pointer_target;
- label_size = wire[*pos];
- }
- if(label_size == 0)
- break; /* break from pointer to 0 byte */
- if (label_size > LDNS_MAX_LABELLEN) {
- return LDNS_STATUS_LABEL_OVERFLOW;
- }
- if (*pos + 1 + label_size > max) {
- return LDNS_STATUS_LABEL_OVERFLOW;
- }
-
- /* check space for labelcount itself */
- if (dname_pos + 1 > LDNS_MAX_DOMAINLEN) {
- return LDNS_STATUS_DOMAINNAME_OVERFLOW;
- }
- tmp_dname[dname_pos] = label_size;
- if (label_size > 0) {
- dname_pos++;
- }
- *pos = *pos + 1;
- if (dname_pos + label_size > LDNS_MAX_DOMAINLEN) {
- return LDNS_STATUS_DOMAINNAME_OVERFLOW;
- }
- memcpy(&tmp_dname[dname_pos], &wire[*pos], label_size);
- uncompressed_length += label_size + 1;
- dname_pos += label_size;
- *pos = *pos + label_size;
-
- if (*pos < max) {
- label_size = wire[*pos];
- }
- }
-
- if (compression_pos > 0) {
- *pos = compression_pos;
- } else {
- *pos = *pos + 1;
- }
-
- if (dname_pos >= LDNS_MAX_DOMAINLEN) {
- return LDNS_STATUS_DOMAINNAME_OVERFLOW;
- }
-
- tmp_dname[dname_pos] = 0;
- dname_pos++;
-
- *dname = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_DNAME,
- (uint16_t) dname_pos, tmp_dname);
- if (!*dname) {
- return LDNS_STATUS_MEM_ERR;
- }
- return LDNS_STATUS_OK;
-}
-
-/* maybe make this a goto error so data can be freed or something/ */
-#define LDNS_STATUS_CHECK_RETURN(st) {if (st != LDNS_STATUS_OK) { return st; }}
-#define LDNS_STATUS_CHECK_GOTO(st, label) {if (st != LDNS_STATUS_OK) { /*printf("STG %s:%d: status code %d\n", __FILE__, __LINE__, st);*/ goto label; }}
-
-ldns_status
-ldns_wire2rdf(ldns_rr *rr, const uint8_t *wire, size_t max, size_t *pos)
-{
- size_t end;
- size_t cur_rdf_length;
- uint8_t rdf_index;
- uint8_t *data;
- uint16_t rd_length;
- ldns_rdf *cur_rdf = NULL;
- ldns_rdf_type cur_rdf_type;
- const ldns_rr_descriptor *descriptor = ldns_rr_descript(ldns_rr_get_type(rr));
- ldns_status status;
-
- if (*pos + 2 > max) {
- return LDNS_STATUS_PACKET_OVERFLOW;
- }
-
- rd_length = ldns_read_uint16(&wire[*pos]);
- *pos = *pos + 2;
-
- if (*pos + rd_length > max) {
- return LDNS_STATUS_PACKET_OVERFLOW;
- }
-
- end = *pos + (size_t) rd_length;
-
- for (rdf_index = 0;
- rdf_index < ldns_rr_descriptor_maximum(descriptor); rdf_index++) {
- if (*pos >= end) {
- break;
- }
- cur_rdf_length = 0;
-
- cur_rdf_type = ldns_rr_descriptor_field_type(descriptor, rdf_index);
- /* handle special cases immediately, set length
- for fixed length rdata and do them below */
- switch (cur_rdf_type) {
- case LDNS_RDF_TYPE_DNAME:
- status = ldns_wire2dname(&cur_rdf, wire, max, pos);
- LDNS_STATUS_CHECK_RETURN(status);
- break;
- case LDNS_RDF_TYPE_CLASS:
- case LDNS_RDF_TYPE_ALG:
- case LDNS_RDF_TYPE_INT8:
- cur_rdf_length = LDNS_RDF_SIZE_BYTE;
- break;
- case LDNS_RDF_TYPE_TYPE:
- case LDNS_RDF_TYPE_INT16:
- case LDNS_RDF_TYPE_CERT_ALG:
- cur_rdf_length = LDNS_RDF_SIZE_WORD;
- break;
- case LDNS_RDF_TYPE_TIME:
- case LDNS_RDF_TYPE_INT32:
- case LDNS_RDF_TYPE_A:
- case LDNS_RDF_TYPE_PERIOD:
- cur_rdf_length = LDNS_RDF_SIZE_DOUBLEWORD;
- break;
- case LDNS_RDF_TYPE_TSIGTIME:
- cur_rdf_length = LDNS_RDF_SIZE_6BYTES;
- break;
- case LDNS_RDF_TYPE_AAAA:
- cur_rdf_length = LDNS_RDF_SIZE_16BYTES;
- break;
- case LDNS_RDF_TYPE_STR:
- case LDNS_RDF_TYPE_NSEC3_SALT:
- /* len is stored in first byte
- * it should be in the rdf too, so just
- * copy len+1 from this position
- */
- cur_rdf_length = ((size_t) wire[*pos]) + 1;
- break;
- case LDNS_RDF_TYPE_INT16_DATA:
- cur_rdf_length = (size_t) ldns_read_uint16(&wire[*pos]) + 2;
- break;
- case LDNS_RDF_TYPE_B32_EXT:
- case LDNS_RDF_TYPE_NSEC3_NEXT_OWNER:
- /* length is stored in first byte */
- cur_rdf_length = ((size_t) wire[*pos]) + 1;
- break;
- case LDNS_RDF_TYPE_APL:
- case LDNS_RDF_TYPE_B64:
- case LDNS_RDF_TYPE_HEX:
- case LDNS_RDF_TYPE_NSEC:
- case LDNS_RDF_TYPE_UNKNOWN:
- case LDNS_RDF_TYPE_SERVICE:
- case LDNS_RDF_TYPE_LOC:
- case LDNS_RDF_TYPE_WKS:
- case LDNS_RDF_TYPE_NSAP:
- case LDNS_RDF_TYPE_ATMA:
- case LDNS_RDF_TYPE_IPSECKEY:
- case LDNS_RDF_TYPE_TSIG:
- case LDNS_RDF_TYPE_NONE:
- /*
- * Read to end of rr rdata
- */
- cur_rdf_length = end - *pos;
- break;
- }
-
- /* fixed length rdata */
- if (cur_rdf_length > 0) {
- if (cur_rdf_length + *pos > end) {
- return LDNS_STATUS_PACKET_OVERFLOW;
- }
- data = LDNS_XMALLOC(uint8_t, rd_length);
- if (!data) {
- return LDNS_STATUS_MEM_ERR;
- }
- memcpy(data, &wire[*pos], cur_rdf_length);
-
- cur_rdf = ldns_rdf_new(cur_rdf_type, cur_rdf_length, data);
- *pos = *pos + cur_rdf_length;
- }
-
- if (cur_rdf) {
- ldns_rr_push_rdf(rr, cur_rdf);
- cur_rdf = NULL;
- }
- }
-
- return LDNS_STATUS_OK;
-}
-
-
-/* TODO:
- can *pos be incremented at READ_INT? or maybe use something like
- RR_CLASS(wire)?
- uhhm Jelte??
-*/
-ldns_status
-ldns_wire2rr(ldns_rr **rr_p, const uint8_t *wire, size_t max,
- size_t *pos, ldns_pkt_section section)
-{
- ldns_rdf *owner = NULL;
- ldns_rr *rr = ldns_rr_new();
- ldns_status status;
-
- status = ldns_wire2dname(&owner, wire, max, pos);
- LDNS_STATUS_CHECK_GOTO(status, status_error);
-
- ldns_rr_set_owner(rr, owner);
-
- if (*pos + 4 > max) {
- status = LDNS_STATUS_PACKET_OVERFLOW;
- goto status_error;
- }
-
- ldns_rr_set_type(rr, ldns_read_uint16(&wire[*pos]));
- *pos = *pos + 2;
-
- ldns_rr_set_class(rr, ldns_read_uint16(&wire[*pos]));
- *pos = *pos + 2;
-
- if (section != LDNS_SECTION_QUESTION) {
- if (*pos + 4 > max) {
- status = LDNS_STATUS_PACKET_OVERFLOW;
- goto status_error;
- }
- ldns_rr_set_ttl(rr, ldns_read_uint32(&wire[*pos]));
-
- *pos = *pos + 4;
- status = ldns_wire2rdf(rr, wire, max, pos);
-
- LDNS_STATUS_CHECK_GOTO(status, status_error);
- ldns_rr_set_question(rr, false);
- } else {
- ldns_rr_set_question(rr, true);
- }
-
- *rr_p = rr;
- return LDNS_STATUS_OK;
-
-status_error:
- ldns_rr_free(rr);
- return status;
-}
-
-static ldns_status
-ldns_wire2pkt_hdr(ldns_pkt *packet, const uint8_t *wire, size_t max, size_t *pos)
-{
- if (*pos + LDNS_HEADER_SIZE > max) {
- return LDNS_STATUS_WIRE_INCOMPLETE_HEADER;
- } else {
- ldns_pkt_set_id(packet, LDNS_ID_WIRE(wire));
- ldns_pkt_set_qr(packet, LDNS_QR_WIRE(wire));
- ldns_pkt_set_opcode(packet, LDNS_OPCODE_WIRE(wire));
- ldns_pkt_set_aa(packet, LDNS_AA_WIRE(wire));
- ldns_pkt_set_tc(packet, LDNS_TC_WIRE(wire));
- ldns_pkt_set_rd(packet, LDNS_RD_WIRE(wire));
- ldns_pkt_set_ra(packet, LDNS_RA_WIRE(wire));
- ldns_pkt_set_ad(packet, LDNS_AD_WIRE(wire));
- ldns_pkt_set_cd(packet, LDNS_CD_WIRE(wire));
- ldns_pkt_set_rcode(packet, LDNS_RCODE_WIRE(wire));
-
- ldns_pkt_set_qdcount(packet, LDNS_QDCOUNT(wire));
- ldns_pkt_set_ancount(packet, LDNS_ANCOUNT(wire));
- ldns_pkt_set_nscount(packet, LDNS_NSCOUNT(wire));
- ldns_pkt_set_arcount(packet, LDNS_ARCOUNT(wire));
-
- *pos += LDNS_HEADER_SIZE;
-
- return LDNS_STATUS_OK;
- }
-}
-
-ldns_status
-ldns_buffer2pkt_wire(ldns_pkt **packet, ldns_buffer *buffer)
-{
- /* lazy */
- return ldns_wire2pkt(packet, ldns_buffer_begin(buffer),
- ldns_buffer_limit(buffer));
-
-}
-
-ldns_status
-ldns_wire2pkt(ldns_pkt **packet_p, const uint8_t *wire, size_t max)
-{
- size_t pos = 0;
- uint16_t i;
- ldns_rr *rr;
- ldns_pkt *packet = ldns_pkt_new();
- ldns_status status = LDNS_STATUS_OK;
- int have_edns = 0;
-
- uint8_t data[4];
-
- status = ldns_wire2pkt_hdr(packet, wire, max, &pos);
- LDNS_STATUS_CHECK_GOTO(status, status_error);
-
- for (i = 0; i < ldns_pkt_qdcount(packet); i++) {
-
- status = ldns_wire2rr(&rr, wire, max, &pos, LDNS_SECTION_QUESTION);
- if (status == LDNS_STATUS_PACKET_OVERFLOW) {
- status = LDNS_STATUS_WIRE_INCOMPLETE_QUESTION;
- }
- LDNS_STATUS_CHECK_GOTO(status, status_error);
- if (!ldns_rr_list_push_rr(ldns_pkt_question(packet), rr)) {
- ldns_pkt_free(packet);
- return LDNS_STATUS_INTERNAL_ERR;
- }
- }
- for (i = 0; i < ldns_pkt_ancount(packet); i++) {
- status = ldns_wire2rr(&rr, wire, max, &pos, LDNS_SECTION_ANSWER);
- if (status == LDNS_STATUS_PACKET_OVERFLOW) {
- status = LDNS_STATUS_WIRE_INCOMPLETE_ANSWER;
- }
- LDNS_STATUS_CHECK_GOTO(status, status_error);
- if (!ldns_rr_list_push_rr(ldns_pkt_answer(packet), rr)) {
- ldns_pkt_free(packet);
- return LDNS_STATUS_INTERNAL_ERR;
- }
- }
- for (i = 0; i < ldns_pkt_nscount(packet); i++) {
- status = ldns_wire2rr(&rr, wire, max, &pos, LDNS_SECTION_AUTHORITY);
- if (status == LDNS_STATUS_PACKET_OVERFLOW) {
- status = LDNS_STATUS_WIRE_INCOMPLETE_AUTHORITY;
- }
- LDNS_STATUS_CHECK_GOTO(status, status_error);
- if (!ldns_rr_list_push_rr(ldns_pkt_authority(packet), rr)) {
- ldns_pkt_free(packet);
- return LDNS_STATUS_INTERNAL_ERR;
- }
- }
- for (i = 0; i < ldns_pkt_arcount(packet); i++) {
- status = ldns_wire2rr(&rr, wire, max, &pos, LDNS_SECTION_ADDITIONAL);
- if (status == LDNS_STATUS_PACKET_OVERFLOW) {
- status = LDNS_STATUS_WIRE_INCOMPLETE_ADDITIONAL;
- }
- LDNS_STATUS_CHECK_GOTO(status, status_error);
-
- if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_OPT) {
- ldns_pkt_set_edns_udp_size(packet, ldns_rr_get_class(rr));
- ldns_write_uint32(data, ldns_rr_ttl(rr));
- ldns_pkt_set_edns_extended_rcode(packet, data[0]);
- ldns_pkt_set_edns_version(packet, data[1]);
- ldns_pkt_set_edns_z(packet, ldns_read_uint16(&data[2]));
- /* edns might not have rdfs */
- if (ldns_rr_rdf(rr, 0)) {
- ldns_pkt_set_edns_data(packet, ldns_rdf_clone(ldns_rr_rdf(rr, 0)));
- }
- ldns_rr_free(rr);
- have_edns += 1;
- } else if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_TSIG) {
- ldns_pkt_set_tsig(packet, rr);
- ldns_pkt_set_arcount(packet, ldns_pkt_arcount(packet) - 1);
- } else if (!ldns_rr_list_push_rr(ldns_pkt_additional(packet), rr)) {
- ldns_pkt_free(packet);
- return LDNS_STATUS_INTERNAL_ERR;
- }
- }
- ldns_pkt_set_size(packet, max);
- if(have_edns)
- ldns_pkt_set_arcount(packet, ldns_pkt_arcount(packet)
- - have_edns);
-
- *packet_p = packet;
- return status;
-
-status_error:
- ldns_pkt_free(packet);
- return status;
-}
+++ /dev/null
-/* zone.c
- *
- * Functions for ldns_zone structure
- * a Net::DNS like library for C
- *
- * (c) NLnet Labs, 2005-2006
- * See the file LICENSE for the license
- */
-#include <ldns/config.h>
-
-#include <ldns/ldns.h>
-
-#ifdef _MSC_VER
-#include <string.h>
-#else
-#include <strings.h>
-#endif
-#include <limits.h>
-
-ldns_rr *
-ldns_zone_soa(const ldns_zone *z)
-{
- return z->_soa;
-}
-
-size_t
-ldns_zone_rr_count(const ldns_zone *z)
-{
- return ldns_rr_list_rr_count(z->_rrs);
-}
-
-void
-ldns_zone_set_soa(ldns_zone *z, ldns_rr *soa)
-{
- z->_soa = soa;
-}
-
-ldns_rr_list *
-ldns_zone_rrs(const ldns_zone *z)
-{
- return z->_rrs;
-}
-
-void
-ldns_zone_set_rrs(ldns_zone *z, ldns_rr_list *rrlist)
-{
- z->_rrs = rrlist;
-}
-
-bool
-ldns_zone_push_rr_list(ldns_zone *z, ldns_rr_list *list)
-{
- return ldns_rr_list_cat(ldns_zone_rrs(z), list);
-
-}
-
-bool
-ldns_zone_push_rr(ldns_zone *z, ldns_rr *rr)
-{
- return ldns_rr_list_push_rr( ldns_zone_rrs(z), rr);
-}
-
-/* return a clone of the given rr list, without the glue records
- * rr list should be the complete zone
- * if present, stripped records are added to the list *glue_records
- */
-ldns_rr_list *
-ldns_zone_strip_glue_rrs(const ldns_rdf *zone_name, const ldns_rr_list *rrs, ldns_rr_list *glue_rrs)
-{
- ldns_rr_list *new_list;
-
- /* when do we find glue? It means we find an IP address
- * (AAAA/A) for a nameserver listed in the zone
- *
- * Alg used here:
- * first find all the zonecuts (NS records)
- * find all the AAAA or A records (can be done it the
- * above loop).
- *
- * Check if the aaaa/a list are subdomains under the
- * NS domains.
- * If yes -> glue, if no -> not glue
- */
-
- ldns_rr_list *zone_cuts;
- ldns_rr_list *addr;
- ldns_rr *r, *ns, *a;
- ldns_rdf *dname_a, *ns_owner;
- uint16_t i,j;
-
- new_list = NULL;
- zone_cuts = NULL;
- addr = NULL;
-
- new_list = ldns_rr_list_new();
- if (!new_list) goto memory_error;
- zone_cuts = ldns_rr_list_new();
- if (!zone_cuts) goto memory_error;
- addr = ldns_rr_list_new();
- if (!addr) goto memory_error;
-
- for(i = 0; i < ldns_rr_list_rr_count(rrs); i++) {
- r = ldns_rr_list_rr(rrs, i);
- if (ldns_rr_get_type(r) == LDNS_RR_TYPE_A ||
- ldns_rr_get_type(r) == LDNS_RR_TYPE_AAAA) {
- /* possibly glue */
- if (!ldns_rr_list_push_rr(addr, r)) goto memory_error;
- continue;
- }
- if (ldns_rr_get_type(r) == LDNS_RR_TYPE_NS) {
- /* multiple zones will end up here -
- * for now; not a problem
- */
- /* don't add NS records for the current zone itself */
- if (ldns_rdf_compare(ldns_rr_owner(r),
- zone_name) != 0) {
- if (!ldns_rr_list_push_rr(zone_cuts, r)) goto memory_error;
- }
- continue;
- }
- }
-
- /* will sorting make it quicker ?? */
- for(i = 0; i < ldns_rr_list_rr_count(zone_cuts); i++) {
- ns = ldns_rr_list_rr(zone_cuts, i);
- ns_owner = ldns_rr_owner(ns);
- for(j = 0; j < ldns_rr_list_rr_count(addr); j++) {
- a = ldns_rr_list_rr(addr, j);
- dname_a = ldns_rr_owner(a);
-
- if (ldns_dname_is_subdomain(dname_a, ns_owner)) {
- /* GLUE! */
- if (glue_rrs) {
- if (!ldns_rr_list_push_rr(glue_rrs, a)) goto memory_error;
- }
- break;
- } else {
- if (!ldns_rr_list_push_rr(new_list, a)) goto memory_error;
- }
- }
- }
-
- ldns_rr_list_free(addr);
- ldns_rr_list_free(zone_cuts);
-
- return new_list;
-
-memory_error:
- if (new_list) {
- ldns_rr_list_free(new_list);
- }
- if (zone_cuts) {
- ldns_rr_list_free(zone_cuts);
- }
- if (addr) {
- ldns_rr_list_free(addr);
- }
- return NULL;
-}
-
-/*
- * Get the list of glue records in a zone
- * XXX: there should be a way for this to return error, other than NULL,
- * since NULL is a valid return
- */
-ldns_rr_list *
-ldns_zone_glue_rr_list(const ldns_zone *z)
-{
- /* when do we find glue? It means we find an IP address
- * (AAAA/A) for a nameserver listed in the zone
- *
- * Alg used here:
- * first find all the zonecuts (NS records)
- * find all the AAAA or A records (can be done it the
- * above loop).
- *
- * Check if the aaaa/a list are subdomains under the
- * NS domains.
- * If yes -> glue, if no -> not glue
- */
-
- ldns_rr_list *zone_cuts;
- ldns_rr_list *addr;
- ldns_rr_list *glue;
- ldns_rr *r, *ns, *a;
- ldns_rdf *dname_a, *ns_owner;
- size_t i,j;
-
- zone_cuts = NULL;
- addr = NULL;
- glue = NULL;
-
- /* we cannot determine glue in a 'zone' without a SOA */
- if (!ldns_zone_soa(z)) {
- return NULL;
- }
-
- zone_cuts = ldns_rr_list_new();
- if (!zone_cuts) goto memory_error;
- addr = ldns_rr_list_new();
- if (!addr) goto memory_error;
- glue = ldns_rr_list_new();
- if (!glue) goto memory_error;
-
- for(i = 0; i < ldns_zone_rr_count(z); i++) {
- r = ldns_rr_list_rr(ldns_zone_rrs(z), i);
- if (ldns_rr_get_type(r) == LDNS_RR_TYPE_A ||
- ldns_rr_get_type(r) == LDNS_RR_TYPE_AAAA) {
- /* possibly glue */
- if (!ldns_rr_list_push_rr(addr, r)) goto memory_error;
- continue;
- }
- if (ldns_rr_get_type(r) == LDNS_RR_TYPE_NS) {
- /* multiple zones will end up here -
- * for now; not a problem
- */
- /* don't add NS records for the current zone itself */
- if (ldns_rdf_compare(ldns_rr_owner(r),
- ldns_rr_owner(ldns_zone_soa(z))) != 0) {
- if (!ldns_rr_list_push_rr(zone_cuts, r)) goto memory_error;
- }
- continue;
- }
- }
-
- /* will sorting make it quicker ?? */
- for(i = 0; i < ldns_rr_list_rr_count(zone_cuts); i++) {
- ns = ldns_rr_list_rr(zone_cuts, i);
- ns_owner = ldns_rr_owner(ns);
-
- for(j = 0; j < ldns_rr_list_rr_count(addr); j++) {
- a = ldns_rr_list_rr(addr, j);
- dname_a = ldns_rr_owner(a);
-
- if (ldns_dname_is_subdomain(dname_a, ns_owner)) {
- /* GLUE! */
- if (!ldns_rr_list_push_rr(glue, a)) goto memory_error;
- }
- }
- }
-
- ldns_rr_list_free(addr);
- ldns_rr_list_free(zone_cuts);
-
- if (ldns_rr_list_rr_count(glue) == 0) {
- ldns_rr_list_free(glue);
- return NULL;
- } else {
- return glue;
- }
-
-memory_error:
- if (zone_cuts) {
- LDNS_FREE(zone_cuts);
- }
- if (addr) {
- ldns_rr_list_free(addr);
- }
- if (glue) {
- ldns_rr_list_free(glue);
- }
- return NULL;
-}
-
-ldns_zone *
-ldns_zone_new(void)
-{
- ldns_zone *z;
-
- z = LDNS_MALLOC(ldns_zone);
- if (!z) {
- return NULL;
- }
-
- z->_rrs = ldns_rr_list_new();
- if (!z->_rrs) {
- LDNS_FREE(z);
- return NULL;
- }
- ldns_zone_set_soa(z, NULL);
- return z;
-}
-
-/* we regocnize:
- * $TTL, $ORIGIN
- */
-ldns_status
-ldns_zone_new_frm_fp(ldns_zone **z, FILE *fp, ldns_rdf *origin, uint32_t ttl, ldns_rr_class c)
-{
- return ldns_zone_new_frm_fp_l(z, fp, origin, ttl, c, NULL);
-}
-
-/* XXX: class is never used */
-ldns_status
-ldns_zone_new_frm_fp_l(ldns_zone **z, FILE *fp, ldns_rdf *origin, uint32_t ttl,
- ldns_rr_class ATTR_UNUSED(c), int *line_nr)
-{
- ldns_zone *newzone;
- ldns_rr *rr;
- uint32_t my_ttl;
- ldns_rdf *my_origin;
- ldns_rdf *my_prev;
- bool soa_seen = false; /* 2 soa are an error */
- ldns_status s;
- ldns_status ret;
-
- /* most cases of error are memory problems */
- ret = LDNS_STATUS_MEM_ERR;
-
- newzone = NULL;
- my_origin = NULL;
- my_prev = NULL;
-
- my_ttl = ttl;
-
- if (origin) {
- my_origin = ldns_rdf_clone(origin);
- if (!my_origin) goto error;
- /* also set the prev */
- my_prev = ldns_rdf_clone(origin);
- if (!my_prev) goto error;
- }
-
- newzone = ldns_zone_new();
- if (!newzone) goto error;
-
- while(!feof(fp)) {
- s = ldns_rr_new_frm_fp_l(&rr, fp, &my_ttl, &my_origin, &my_prev, line_nr);
- switch (s) {
- case LDNS_STATUS_OK:
- if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_SOA) {
- if (soa_seen) {
- /* second SOA
- * just skip, maybe we want to say
- * something??? */
- ldns_rr_free(rr);
- continue;
- }
- soa_seen = true;
- ldns_zone_set_soa(newzone, rr);
- /* set origin to soa if not specified */
- if (!my_origin) {
- my_origin = ldns_rdf_clone(ldns_rr_owner(rr));
- }
- continue;
- }
-
- /* a normal RR - as sofar the DNS is normal */
- if (!ldns_zone_push_rr(newzone, rr)) goto error;
-
- case LDNS_STATUS_SYNTAX_EMPTY:
- /* empty line was seen */
- case LDNS_STATUS_SYNTAX_TTL:
- /* the function set the ttl */
- break;
- case LDNS_STATUS_SYNTAX_ORIGIN:
- /* the function set the origin */
- break;
- case LDNS_STATUS_SYNTAX_INCLUDE:
- ret = LDNS_STATUS_SYNTAX_INCLUDE_ERR_NOTIMPL;
- break;
- default:
- ret = s;
- goto error;
- }
- }
-
- if (my_origin) {
- ldns_rdf_deep_free(my_origin);
- }
- if (my_prev) {
- ldns_rdf_deep_free(my_prev);
- }
- if (z) {
- *z = newzone;
- } else {
- ldns_zone_free(newzone);
- }
-
- return LDNS_STATUS_OK;
-
-error:
- if (my_origin) {
- ldns_rdf_deep_free(my_origin);
- }
- if (my_prev) {
- ldns_rdf_deep_free(my_prev);
- }
- if (newzone) {
- ldns_zone_free(newzone);
- }
- return ret;
-}
-
-void
-ldns_zone_sort(ldns_zone *zone)
-{
- ldns_rr_list *zrr;
- assert(zone != NULL);
-
- zrr = ldns_zone_rrs(zone);
- ldns_rr_list_sort(zrr);
-}
-
-#if 0
-/**
- * ixfr function. Work on a ldns_zone and remove and add
- * the rrs from the rrlist
- * \param[in] z the zone to work on
- * \param[in] del rr_list to remove from the zone
- * \param[in] add rr_list to add to the zone
- * \return Tja, wat zouden we eens returnen TODO
- */
-void
-ldns_zone_ixfr_del_add(ldns_zone *z, ldns_rr_list *del, ldns_rr_list *add)
-{
-
-}
-#endif
-
-void
-ldns_zone_free(ldns_zone *zone)
-{
- ldns_rr_list_free(zone->_rrs);
- LDNS_FREE(zone);
-}
-
-void
-ldns_zone_deep_free(ldns_zone *zone)
-{
- ldns_rr_free(zone->_soa);
- ldns_rr_list_deep_free(zone->_rrs);
- LDNS_FREE(zone);
-}
include $(top_srcdir)/build/modmake.rulesam
MODNAME=mod_enum
-LDNS=ldns
-LDNS_DIR=$(switch_srcdir)/libs/$(LDNS)
-LDNS_BUILDDIR=$(switch_builddir)/libs/$(LDNS)
-LDNS_LA=$(LDNS_BUILDDIR)/libldns.la
-
+if HAVE_LDNS
mod_LTLIBRARIES = mod_enum.la
mod_enum_la_SOURCES = mod_enum.c
-mod_enum_la_CFLAGS = $(AM_CFLAGS) -I$(LDNS_DIR) -I$(LDNS_DIR)/include -I$(LDNS_BUILDDIR)
-mod_enum_la_LIBADD = $(switch_builddir)/libfreeswitch.la $(LDNS_LA)
+mod_enum_la_CFLAGS = $(AM_CFLAGS)
+mod_enum_la_CPPFLAGS = $(LDNS_CFLAGS) $(AM_CPPFLAGS)
+mod_enum_la_LIBADD = $(LDNS_LIBS) $(switch_builddir)/libfreeswitch.la
mod_enum_la_LDFLAGS = -avoid-version -module -no-undefined -shared
-
-BUILT_SOURCES=$(LDNS_BUILDDIR)/ldns/util.h
-
-$(LDNS_BUILDDIR)/ldns/util.h $(LDNS_BUILDDIR)/Makefile: $(LDNS_DIR)/Makefile.in
- mkdir -p $(LDNS_BUILDDIR)
- cd $(LDNS_BUILDDIR) && $(DEFAULT_VARS) $(LDNS_DIR)/configure $(DEFAULT_ARGS) --srcdir=$(LDNS_DIR) --disable-gost --without-ssl --disable-sha2 --disable-shared --with-pic
- $(TOUCH_TARGET)
-
-$(LDNS_LA): $(LDNS_BUILDDIR)/Makefile
- cd $(LDNS_BUILDDIR) && $(MAKE)
- $(TOUCH_TARGET)
+else
+install: error
+all: error
+error:
+ $(error You must install libdns-dev to build mod_enum)
+endif
projects / thirdparty / freeswitch.git / commitdiff
