From: Wouter Wijngaards Date: Fri, 19 Oct 2007 08:03:08 +0000 (+0000) Subject: - lex fix X-Git-Tag: release-0.6~42 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=086b257b1d2bc3a7dd504f14b26616b474042c6d;p=thirdparty%2Funbound.git - lex fix - unsecure validation neater - const cast warning removal git-svn-id: file:///svn/unbound/trunk@702 be551aaa-1e26-0410-a405-d3ace91eadb9 --- diff --git a/Makefile.in b/Makefile.in index 5a4185605..d04f8c374 100644 --- a/Makefile.in +++ b/Makefile.in @@ -143,8 +143,7 @@ util/config_file.c: util/configparser.h util/configlexer.c: $(srcdir)/util/configlexer.lex util/configparser.h $(INFO) Lex $< ifeq "$(strip $(LEX))" ":" - $Qecho "Need to rebuild lexer, but no lex program" - exit 1 + $Qecho "rebuild lexer, but no lex program, skipped" else @if test ! -d util; then $(INSTALL) -d util; fi $Qecho "#include \"util/configyyrename.h\"" > $@ diff --git a/checkconf/unbound-checkconf.c b/checkconf/unbound-checkconf.c index 9efedb5f5..2749d2603 100644 --- a/checkconf/unbound-checkconf.c +++ b/checkconf/unbound-checkconf.c @@ -138,7 +138,7 @@ morechecks(struct config_file* cfg) /** check config file */ static void -checkconf(const char* cfgfile) +checkconf(char* cfgfile) { struct config_file* cfg = config_create(); if(!cfg) diff --git a/daemon/unbound.c b/daemon/unbound.c index 5cfd162e2..31d2a0e3b 100644 --- a/daemon/unbound.c +++ b/daemon/unbound.c @@ -304,7 +304,7 @@ do_chroot(struct daemon* daemon, struct config_file* cfg, int debug_mode) * @param debug_mode: if set, do not daemonize. */ static void -run_daemon(const char* cfgfile, int cmdline_verbose, int debug_mode) +run_daemon(char* cfgfile, int cmdline_verbose, int debug_mode) { struct config_file* cfg = NULL; struct daemon* daemon = NULL; @@ -360,7 +360,7 @@ int main(int argc, char* argv[]) { int c; - const char* cfgfile = NULL; + char* cfgfile = NULL; int cmdline_verbose = 0; int debug_mode = 0; diff --git a/doc/Changelog b/doc/Changelog index e2bde3f5d..bea99ed86 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -4,6 +4,9 @@ and config.h.in. - added yacc/lex generated files, util/configlexer.c, util/configparser.c util/configparser.h, to svn. + - without lex no attempt to use it. + - unsecure response validation collated into one block. + - remove warning about const cast of cfgfile name. 18 October 2007: Wouter - addresses are logged with errors. diff --git a/util/config_file.c b/util/config_file.c index 751d2384e..a2172b71f 100644 --- a/util/config_file.c +++ b/util/config_file.c @@ -145,7 +145,7 @@ create_cfg_parser(struct config_file* cfg, char* filename) } int -config_read(struct config_file* cfg, const char* filename) +config_read(struct config_file* cfg, char* filename) { FILE *in; if(!filename) @@ -155,7 +155,7 @@ config_read(struct config_file* cfg, const char* filename) log_err("Could not open %s: %s", filename, strerror(errno)); return 0; } - create_cfg_parser(cfg, (char*)filename); + create_cfg_parser(cfg, filename); ub_c_in = in; ub_c_parse(); fclose(in); diff --git a/util/config_file.h b/util/config_file.h index 10d6ddca1..e412a617d 100644 --- a/util/config_file.h +++ b/util/config_file.h @@ -209,7 +209,7 @@ struct config_file* config_create(); * @param filename: name of configfile. If NULL nothing is done. * @return: false on error. */ -int config_read(struct config_file* config, const char* filename); +int config_read(struct config_file* config, char* filename); /** * Destroy the config file structure. diff --git a/validator/validator.c b/validator/validator.c index 9cfe53423..99b6f8a6f 100644 --- a/validator/validator.c +++ b/validator/validator.c @@ -1348,20 +1348,21 @@ processValidate(struct module_qstate* qstate, struct val_qstate* vq, /* This is the default next state. */ vq->state = VAL_FINISHED_STATE; + /* Unsigned responses must be underneath a "null" key entry.*/ + if(key_entry_isnull(vq->key_entry)) { + verbose(VERB_ALGO, "Verified that %sresponse is INSECURE", + vq->signer_name?"":"unsigned "); + vq->chase_reply->security = sec_status_insecure; + val_mark_insecure(vq->chase_reply, vq->key_entry, + qstate->env->rrset_cache); + return 1; + } + /* signerName being null is the indicator that this response was * unsigned */ if(vq->signer_name == NULL) { log_query_info(VERB_ALGO, "processValidate: state has no " "signer name", &vq->qchase); - /* Unsigned responses must be underneath a "null" key entry.*/ - if(key_entry_isnull(vq->key_entry)) { - verbose(VERB_ALGO, "Unsigned response was proven to " - "be validly INSECURE"); - vq->chase_reply->security = sec_status_insecure; - val_mark_insecure(vq->chase_reply, vq->key_entry, - qstate->env->rrset_cache); - return 1; - } verbose(VERB_DETAIL, "Could not establish validation of " "INSECURE status of unsigned response."); vq->chase_reply->security = sec_status_bogus; @@ -1376,14 +1377,6 @@ processValidate(struct module_qstate* qstate, struct val_qstate* vq, return 1; } - if(key_entry_isnull(vq->key_entry)) { - verbose(VERB_ALGO, "Verified that response is INSECURE"); - vq->chase_reply->security = sec_status_insecure; - val_mark_insecure(vq->chase_reply, vq->key_entry, - qstate->env->rrset_cache); - return 1; - } - /* check signatures in the message; * answer and authority must be valid, additional is only checked. */ if(!validate_msg_signatures(qstate->env, ve, &vq->qchase,