From 464ca70118f48be3e5d72329dfe164cb714f0dc4 Mon Sep 17 00:00:00 2001 From: Yuri Schaeffer Date: Fri, 20 Sep 2013 10:23:24 +0000 Subject: [PATCH] sync with trunk git-svn-id: file:///svn/unbound/branches/edns-subnet@2965 be551aaa-1e26-0410-a405-d3ace91eadb9 --- acx_nlnetlabs.m4 | 8 +- configure | 44 ++-- configure.ac | 2 +- daemon/cachedump.c | 47 +++-- daemon/remote.c | 26 +-- daemon/unbound.c | 2 +- daemon/worker.c | 19 +- doc/Changelog | 54 +++++ doc/libunbound.3.in | 3 + iterator/iter_delegpt.c | 29 +-- iterator/iter_delegpt.h | 30 +-- iterator/iter_priv.c | 2 +- iterator/iter_scrub.c | 2 +- iterator/iter_utils.c | 18 +- iterator/iter_utils.h | 2 +- iterator/iterator.c | 32 ++- libunbound/libunbound.c | 30 ++- libunbound/libworker.c | 8 + libunbound/unbound.h | 4 + services/cache/dns.c | 40 ++-- services/cache/dns.h | 8 +- services/cache/infra.c | 22 +- services/cache/infra.h | 18 +- services/cache/rrset.c | 12 +- services/cache/rrset.h | 10 +- services/localzone.c | 10 +- services/mesh.c | 8 +- services/mesh.h | 2 +- services/outside_network.c | 18 +- services/outside_network.h | 2 +- testcode/fake_event.c | 8 +- testcode/replay.c | 10 +- testcode/replay.h | 2 +- testcode/streamtcp.1 | 66 ++++++ testcode/streamtcp.c | 2 +- testcode/unitmain.c | 4 +- testcode/unitmsgparse.c | 4 +- testcode/unitneg.c | 2 +- testcode/unitverify.c | 4 +- testdata/autotrust_revtp_use.rpl | 12 +- testdata/nss_compile.tpkg | Bin 1049 -> 1055 bytes testdata/val_cnametonsec.rpl | 36 +++- testdata/val_cnametooptin.rpl | 36 +++- util/config_file.c | 21 +- util/config_file.h | 2 +- util/configlexer.c | 332 ++++++++++++++++--------------- util/configlexer.lex | 16 +- util/configparser.c | 51 ++--- util/configparser.y | 1 + util/data/msgencode.c | 8 +- util/data/msgencode.h | 4 +- util/data/msgparse.h | 4 +- util/data/msgreply.c | 14 +- util/data/msgreply.h | 12 +- util/data/packed_rrset.c | 14 +- util/data/packed_rrset.h | 12 +- util/iana_ports.inc | 6 + util/log.c | 6 +- util/log.h | 2 +- util/mini_event.c | 4 +- util/mini_event.h | 4 +- util/module.h | 4 +- util/netevent.c | 6 +- util/netevent.h | 2 +- util/tube.c | 2 +- util/winsock_event.c | 18 +- util/winsock_event.h | 4 +- validator/autotrust.c | 82 ++++---- validator/autotrust.h | 6 +- validator/val_anchor.c | 2 +- validator/val_kcache.c | 2 +- validator/val_kcache.h | 2 +- validator/val_kentry.c | 10 +- validator/val_kentry.h | 12 +- validator/val_neg.c | 12 +- validator/val_neg.h | 4 +- validator/val_nsec.c | 2 +- validator/val_nsec.h | 2 +- validator/val_secalgo.c | 14 +- validator/val_sigcrypt.c | 8 +- validator/val_sigcrypt.h | 4 +- validator/val_utils.c | 6 +- validator/validator.c | 2 +- 83 files changed, 858 insertions(+), 559 deletions(-) create mode 100644 testcode/streamtcp.1 diff --git a/acx_nlnetlabs.m4 b/acx_nlnetlabs.m4 index 719112645..e1cf83a70 100644 --- a/acx_nlnetlabs.m4 +++ b/acx_nlnetlabs.m4 @@ -2,7 +2,9 @@ # Copyright 2009, Wouter Wijngaards, NLnet Labs. # BSD licensed. # -# Version 24 +# Version 26 +# 2013-09-19 FLTO help text improved. +# 2013-07-18 Enable ACX_CHECK_COMPILER_FLAG to test for -Wstrict-prototypes # 2013-06-25 FLTO has --disable-flto option. # 2013-05-03 Update W32_SLEEP for newer mingw that links but not defines it. # 2013-03-22 Fix ACX_RSRC_VERSION for long version numbers. @@ -119,7 +121,7 @@ AC_MSG_CHECKING(whether $CC supports -$1) cache=`echo $1 | sed 'y%.=/+-%___p_%'` AC_CACHE_VAL(cv_prog_cc_flag_$cache, [ -echo 'void f(){}' >conftest.c +echo 'void f(void){}' >conftest.c if test -z "`$CC $CPPFLAGS $CFLAGS -$1 -c conftest.c 2>&1`"; then eval "cv_prog_cc_flag_$cache=yes" else @@ -409,7 +411,7 @@ dnl Check if CC supports -flto. dnl in a way that supports clang and suncc (that flag does something else, dnl but fails to link). It sets it in CFLAGS if it works. AC_DEFUN([ACX_CHECK_FLTO], [ - AC_ARG_ENABLE([flto], AS_HELP_STRING([--disable-flto], [Disable link-time optimization])) + AC_ARG_ENABLE([flto], AS_HELP_STRING([--disable-flto], [Disable link-time optimization (gcc specific option)])) AS_IF([test "x$enable_flto" != "xno"], [ AC_MSG_CHECKING([if $CC supports -flto]) BAKCFLAGS="$CFLAGS" diff --git a/configure b/configure index 85db2d9b2..8f4bd08f0 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for unbound 1.4.21. +# Generated by GNU Autoconf 2.69 for unbound 1.4.22. # # Report bugs to . # @@ -590,8 +590,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='unbound' PACKAGE_TARNAME='unbound' -PACKAGE_VERSION='1.4.21' -PACKAGE_STRING='unbound 1.4.21' +PACKAGE_VERSION='1.4.22' +PACKAGE_STRING='unbound 1.4.22' PACKAGE_BUGREPORT='unbound-bugs@nlnetlabs.nl' PACKAGE_URL='' @@ -1382,7 +1382,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures unbound 1.4.21 to adapt to many kinds of systems. +\`configure' configures unbound 1.4.22 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1448,7 +1448,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of unbound 1.4.21:";; + short | recursive ) echo "Configuration of unbound 1.4.22:";; esac cat <<\_ACEOF @@ -1458,7 +1458,7 @@ Optional Features: --enable-FEATURE[=ARG] include FEATURE [ARG=yes] --enable-checking Enable warnings, asserts, makefile-dependencies --enable-debug same as enable-checking - --disable-flto Disable link-time optimization + --disable-flto Disable link-time optimization (gcc specific option) --enable-shared[=PKGS] build shared libraries [default=yes] --enable-static[=PKGS] build static libraries [default=yes] --enable-fast-install[=PKGS] @@ -1618,7 +1618,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -unbound configure 1.4.21 +unbound configure 1.4.22 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2144,7 +2144,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by unbound $as_me 1.4.21, which was +It was created by unbound $as_me 1.4.22, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -2496,7 +2496,7 @@ UNBOUND_VERSION_MAJOR=1 UNBOUND_VERSION_MINOR=4 -UNBOUND_VERSION_MICRO=21 +UNBOUND_VERSION_MICRO=22 LIBUNBOUND_CURRENT=4 @@ -4262,7 +4262,7 @@ if eval \${cv_prog_cc_flag_$cache+:} false; then : $as_echo_n "(cached) " >&6 else -echo 'void f(){}' >conftest.c +echo 'void f(void){}' >conftest.c if test -z "`$CC $CPPFLAGS $CFLAGS -g -c conftest.c 2>&1`"; then eval "cv_prog_cc_flag_$cache=yes" else @@ -4293,7 +4293,7 @@ if eval \${cv_prog_cc_flag_$cache+:} false; then : $as_echo_n "(cached) " >&6 else -echo 'void f(){}' >conftest.c +echo 'void f(void){}' >conftest.c if test -z "`$CC $CPPFLAGS $CFLAGS -O2 -c conftest.c 2>&1`"; then eval "cv_prog_cc_flag_$cache=yes" else @@ -4883,7 +4883,7 @@ if eval \${cv_prog_cc_flag_$cache+:} false; then : $as_echo_n "(cached) " >&6 else -echo 'void f(){}' >conftest.c +echo 'void f(void){}' >conftest.c if test -z "`$CC $CPPFLAGS $CFLAGS -Werror -c conftest.c 2>&1`"; then eval "cv_prog_cc_flag_$cache=yes" else @@ -4914,7 +4914,7 @@ if eval \${cv_prog_cc_flag_$cache+:} false; then : $as_echo_n "(cached) " >&6 else -echo 'void f(){}' >conftest.c +echo 'void f(void){}' >conftest.c if test -z "`$CC $CPPFLAGS $CFLAGS -Wall -c conftest.c 2>&1`"; then eval "cv_prog_cc_flag_$cache=yes" else @@ -4947,7 +4947,7 @@ if eval \${cv_prog_cc_flag_$cache+:} false; then : $as_echo_n "(cached) " >&6 else -echo 'void f(){}' >conftest.c +echo 'void f(void){}' >conftest.c if test -z "`$CC $CPPFLAGS $CFLAGS -std=c99 -c conftest.c 2>&1`"; then eval "cv_prog_cc_flag_$cache=yes" else @@ -4978,7 +4978,7 @@ if eval \${cv_prog_cc_flag_$cache+:} false; then : $as_echo_n "(cached) " >&6 else -echo 'void f(){}' >conftest.c +echo 'void f(void){}' >conftest.c if test -z "`$CC $CPPFLAGS $CFLAGS -xc99 -c conftest.c 2>&1`"; then eval "cv_prog_cc_flag_$cache=yes" else @@ -5645,7 +5645,7 @@ if eval \${cv_prog_cc_flag_$cache+:} false; then : $as_echo_n "(cached) " >&6 else -echo 'void f(){}' >conftest.c +echo 'void f(void){}' >conftest.c if test -z "`$CC $CPPFLAGS $CFLAGS -W -c conftest.c 2>&1`"; then eval "cv_prog_cc_flag_$cache=yes" else @@ -5676,7 +5676,7 @@ if eval \${cv_prog_cc_flag_$cache+:} false; then : $as_echo_n "(cached) " >&6 else -echo 'void f(){}' >conftest.c +echo 'void f(void){}' >conftest.c if test -z "`$CC $CPPFLAGS $CFLAGS -Wall -c conftest.c 2>&1`"; then eval "cv_prog_cc_flag_$cache=yes" else @@ -5707,7 +5707,7 @@ if eval \${cv_prog_cc_flag_$cache+:} false; then : $as_echo_n "(cached) " >&6 else -echo 'void f(){}' >conftest.c +echo 'void f(void){}' >conftest.c if test -z "`$CC $CPPFLAGS $CFLAGS -Wextra -c conftest.c 2>&1`"; then eval "cv_prog_cc_flag_$cache=yes" else @@ -5738,7 +5738,7 @@ if eval \${cv_prog_cc_flag_$cache+:} false; then : $as_echo_n "(cached) " >&6 else -echo 'void f(){}' >conftest.c +echo 'void f(void){}' >conftest.c if test -z "`$CC $CPPFLAGS $CFLAGS -Wdeclaration-after-statement -c conftest.c 2>&1`"; then eval "cv_prog_cc_flag_$cache=yes" else @@ -15621,7 +15621,7 @@ if eval \${cv_prog_cc_flag_$cache+:} false; then : $as_echo_n "(cached) " >&6 else -echo 'void f(){}' >conftest.c +echo 'void f(void){}' >conftest.c if test -z "`$CC $CPPFLAGS $CFLAGS -mt -c conftest.c 2>&1`"; then eval "cv_prog_cc_flag_$cache=yes" else @@ -18805,7 +18805,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by unbound $as_me 1.4.21, which was +This file was extended by unbound $as_me 1.4.22, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -18871,7 +18871,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -unbound config.status 1.4.21 +unbound config.status 1.4.22 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff --git a/configure.ac b/configure.ac index f98565697..1bf0caabc 100644 --- a/configure.ac +++ b/configure.ac @@ -9,7 +9,7 @@ sinclude(ac_pkg_swig.m4) # must be numbers. ac_defun because of later processing m4_define([VERSION_MAJOR],[1]) m4_define([VERSION_MINOR],[4]) -m4_define([VERSION_MICRO],[21]) +m4_define([VERSION_MICRO],[22]) AC_INIT(unbound, m4_defn([VERSION_MAJOR]).m4_defn([VERSION_MINOR]).m4_defn([VERSION_MICRO]), unbound-bugs@nlnetlabs.nl, unbound) AC_SUBST(UNBOUND_VERSION_MAJOR, [VERSION_MAJOR]) AC_SUBST(UNBOUND_VERSION_MINOR, [VERSION_MINOR]) diff --git a/daemon/cachedump.c b/daemon/cachedump.c index 46c625f06..df6a40188 100644 --- a/daemon/cachedump.c +++ b/daemon/cachedump.c @@ -60,7 +60,7 @@ /** convert to ldns rr */ static ldns_rr* to_rr(struct ub_packed_rrset_key* k, struct packed_rrset_data* d, - uint32_t now, size_t i, uint16_t type) + time_t now, size_t i, uint16_t type) { ldns_rr* rr = ldns_rr_new(); ldns_rdf* rdf; @@ -96,7 +96,7 @@ to_rr(struct ub_packed_rrset_key* k, struct packed_rrset_data* d, /** dump one rrset zonefile line */ static int dump_rrset_line(SSL* ssl, struct ub_packed_rrset_key* k, - struct packed_rrset_data* d, uint32_t now, size_t i, uint16_t type) + struct packed_rrset_data* d, time_t now, size_t i, uint16_t type) { char* s; ldns_rr* rr = to_rr(k, d, now, i, type); @@ -119,7 +119,7 @@ dump_rrset_line(SSL* ssl, struct ub_packed_rrset_key* k, /** dump rrset key and data info */ static int dump_rrset(SSL* ssl, struct ub_packed_rrset_key* k, - struct packed_rrset_data* d, uint32_t now) + struct packed_rrset_data* d, time_t now) { size_t i; /* rd lock held by caller */ @@ -127,9 +127,9 @@ dump_rrset(SSL* ssl, struct ub_packed_rrset_key* k, if(d->ttl < now) return 1; /* expired */ /* meta line */ - if(!ssl_printf(ssl, ";rrset%s %u %u %u %d %d\n", + if(!ssl_printf(ssl, ";rrset%s %lld %u %u %d %d\n", (k->rk.flags & PACKED_RRSET_NSEC_AT_APEX)?" nsec_apex":"", - (unsigned)(d->ttl - now), + (long long)(d->ttl - now), (unsigned)d->count, (unsigned)d->rrsig_count, (int)d->trust, (int)d->security )) @@ -149,7 +149,7 @@ dump_rrset(SSL* ssl, struct ub_packed_rrset_key* k, /** dump lruhash rrset cache */ static int -dump_rrset_lruhash(SSL* ssl, struct lruhash* h, uint32_t now) +dump_rrset_lruhash(SSL* ssl, struct lruhash* h, time_t now) { struct lruhash_entry* e; /* lruhash already locked by caller */ @@ -225,7 +225,7 @@ dump_msg_ref(SSL* ssl, struct ub_packed_rrset_key* k) /** dump message entry */ static int dump_msg(SSL* ssl, struct query_info* k, struct reply_info* d, - uint32_t now) + time_t now) { size_t i; char* nm, *tp, *cl; @@ -259,10 +259,10 @@ dump_msg(SSL* ssl, struct query_info* k, struct reply_info* d, } /* meta line */ - if(!ssl_printf(ssl, "msg %s %s %s %d %d %u %d %u %u %u\n", + if(!ssl_printf(ssl, "msg %s %s %s %d %d %lld %d %u %u %u\n", nm, cl, tp, (int)d->flags, (int)d->qdcount, - (unsigned)(d->ttl-now), (int)d->security, + (long long)(d->ttl-now), (int)d->security, (unsigned)d->an_numrrsets, (unsigned)d->ns_numrrsets, (unsigned)d->ar_numrrsets)) { @@ -387,7 +387,7 @@ read_fixed(SSL* ssl, ldns_buffer* buf, const char* str) static int load_rr(SSL* ssl, ldns_buffer* buf, struct regional* region, struct ub_packed_rrset_key* rk, struct packed_rrset_data* d, - unsigned int i, int is_rrsig, int* go_on, uint32_t now) + unsigned int i, int is_rrsig, int* go_on, time_t now) { ldns_rr* rr; ldns_status status; @@ -489,7 +489,7 @@ move_into_cache(struct ub_packed_rrset_key* k, return 0; } s = sizeof(*ad) + (sizeof(size_t) + sizeof(uint8_t*) + - sizeof(uint32_t))* num; + sizeof(time_t))* num; for(i=0; irr_len[i]; ad = (struct packed_rrset_data*)malloc(s); @@ -505,8 +505,8 @@ move_into_cache(struct ub_packed_rrset_key* k, p += sizeof(size_t)*num; memmove(p, &d->rr_data[0], sizeof(uint8_t*)*num); p += sizeof(uint8_t*)*num; - memmove(p, &d->rr_ttl[0], sizeof(uint32_t)*num); - p += sizeof(uint32_t)*num; + memmove(p, &d->rr_ttl[0], sizeof(time_t)*num); + p += sizeof(time_t)*num; for(i=0; irr_data[i], d->rr_len[i]); p += d->rr_len[i]; @@ -530,7 +530,8 @@ load_rrset(SSL* ssl, ldns_buffer* buf, struct worker* worker) struct regional* region = worker->scratchpad; struct ub_packed_rrset_key* rk; struct packed_rrset_data* d; - unsigned int ttl, rr_count, rrsig_count, trust, security; + unsigned int rr_count, rrsig_count, trust, security; + long long ttl; unsigned int i; int go_on = 1; regional_free_all(region); @@ -552,7 +553,7 @@ load_rrset(SSL* ssl, ldns_buffer* buf, struct worker* worker) s += 10; rk->rk.flags |= PACKED_RRSET_NSEC_AT_APEX; } - if(sscanf(s, " %u %u %u %u %u", &ttl, &rr_count, &rrsig_count, + if(sscanf(s, " %lld %u %u %u %u", &ttl, &rr_count, &rrsig_count, &trust, &security) != 5) { log_warn("error bad rrset spec %s", s); return 0; @@ -565,12 +566,12 @@ load_rrset(SSL* ssl, ldns_buffer* buf, struct worker* worker) d->rrsig_count = (size_t)rrsig_count; d->security = (enum sec_status)security; d->trust = (enum rrset_trust)trust; - d->ttl = (uint32_t)ttl + *worker->env.now; + d->ttl = (time_t)ttl + *worker->env.now; d->rr_len = regional_alloc_zero(region, sizeof(size_t)*(d->count+d->rrsig_count)); d->rr_ttl = regional_alloc_zero(region, - sizeof(uint32_t)*(d->count+d->rrsig_count)); + sizeof(time_t)*(d->count+d->rrsig_count)); d->rr_data = regional_alloc_zero(region, sizeof(uint8_t*)*(d->count+d->rrsig_count)); if(!d->rr_len || !d->rr_ttl || !d->rr_data) { @@ -718,7 +719,8 @@ load_msg(SSL* ssl, ldns_buffer* buf, struct worker* worker) struct query_info qinf; struct reply_info rep; char* s = (char*)ldns_buffer_begin(buf); - unsigned int flags, qdcount, ttl, security, an, ns, ar; + unsigned int flags, qdcount, security, an, ns, ar; + long long ttl; size_t i; int go_on = 1; @@ -735,14 +737,14 @@ load_msg(SSL* ssl, ldns_buffer* buf, struct worker* worker) } /* read remainder of line */ - if(sscanf(s, " %u %u %u %u %u %u %u", &flags, &qdcount, &ttl, + if(sscanf(s, " %u %u %lld %u %u %u %u", &flags, &qdcount, &ttl, &security, &an, &ns, &ar) != 7) { log_warn("error cannot parse numbers: %s", s); return 0; } rep.flags = (uint16_t)flags; rep.qdcount = (uint16_t)qdcount; - rep.ttl = (uint32_t)ttl; + rep.ttl = (time_t)ttl; rep.prefetch_ttl = PREFETCH_TTL_CALC(rep.ttl); rep.security = (enum sec_status)security; rep.an_numrrsets = (size_t)an; @@ -800,8 +802,9 @@ print_dp_details(SSL* ssl, struct worker* worker, struct delegpt* dp) { char buf[257]; struct delegpt_addr* a; - int lame, dlame, rlame, rto, edns_vs, to, delay, entry_ttl, + int lame, dlame, rlame, rto, edns_vs, to, delay, tA = 0, tAAAA = 0, tother = 0; + long long entry_ttl; struct rtt_info ri; uint8_t edns_lame_known; for(a = dp->target_list; a; a = a->next_target) { @@ -840,7 +843,7 @@ print_dp_details(SSL* ssl, struct worker* worker, struct delegpt* dp) return; continue; /* skip stuff not in infra cache */ } - if(!ssl_printf(ssl, "%s%s%s%srto %d msec, ttl %d, ping %d " + if(!ssl_printf(ssl, "%s%s%s%srto %d msec, ttl %lld, ping %d " "var %d rtt %d, tA %d, tAAAA %d, tother %d", lame?"LAME ":"", dlame?"NoDNSSEC ":"", a->lame?"AddrWasParentSide ":"", diff --git a/daemon/remote.c b/daemon/remote.c index 268c46771..615050225 100644 --- a/daemon/remote.c +++ b/daemon/remote.c @@ -629,8 +629,8 @@ print_stats(SSL* ssl, const char* nm, struct stats_info* s) if(!ssl_printf(ssl, "%s.requestlist.current.user"SQ"%u\n", nm, (unsigned)s->mesh_num_reply_states)) return 0; timeval_divide(&avg, &s->mesh_replies_sum_wait, s->mesh_replies_sent); - if(!ssl_printf(ssl, "%s.recursion.time.avg"SQ"%d.%6.6d\n", nm, - (int)avg.tv_sec, (int)avg.tv_usec)) return 0; + if(!ssl_printf(ssl, "%s.recursion.time.avg"SQ"%lld.%6.6d\n", nm, + (long long)avg.tv_sec, (int)avg.tv_usec)) return 0; if(!ssl_printf(ssl, "%s.recursion.time.median"SQ"%g\n", nm, s->mesh_time_median)) return 0; return 1; @@ -713,12 +713,12 @@ print_uptime(SSL* ssl, struct worker* worker, int reset) timeval_subtract(&dt, &now, &worker->daemon->time_last_stat); if(reset) worker->daemon->time_last_stat = now; - if(!ssl_printf(ssl, "time.now"SQ"%d.%6.6d\n", - (unsigned)now.tv_sec, (unsigned)now.tv_usec)) return 0; - if(!ssl_printf(ssl, "time.up"SQ"%d.%6.6d\n", - (unsigned)up.tv_sec, (unsigned)up.tv_usec)) return 0; - if(!ssl_printf(ssl, "time.elapsed"SQ"%d.%6.6d\n", - (unsigned)dt.tv_sec, (unsigned)dt.tv_usec)) return 0; + if(!ssl_printf(ssl, "time.now"SQ"%lld.%6.6d\n", + (long long)now.tv_sec, (unsigned)now.tv_usec)) return 0; + if(!ssl_printf(ssl, "time.up"SQ"%lld.%6.6d\n", + (long long)up.tv_sec, (unsigned)up.tv_usec)) return 0; + if(!ssl_printf(ssl, "time.elapsed"SQ"%lld.%6.6d\n", + (long long)dt.tv_sec, (unsigned)dt.tv_usec)) return 0; return 1; } @@ -1118,9 +1118,9 @@ struct del_info { /** labels */ int labs; /** now */ - uint32_t now; + time_t now; /** time to invalidate to */ - uint32_t expired; + time_t expired; /** number of rrsets removed */ size_t num_rrsets; /** number of msgs removed */ @@ -1716,7 +1716,7 @@ do_status(SSL* ssl, struct worker* worker) if(!ssl_printf(ssl, " ]\n")) return; uptime = (time_t)time(NULL) - (time_t)worker->daemon->time_boot.tv_sec; - if(!ssl_printf(ssl, "uptime: %u seconds\n", (unsigned)uptime)) + if(!ssl_printf(ssl, "uptime: %lld seconds\n", (long long)uptime)) return; if(!ssl_printf(ssl, "unbound (pid %d) is running...\n", (int)getpid())) @@ -1735,7 +1735,7 @@ get_mesh_age(struct mesh_state* m, char* buf, size_t len, while(r && r->next) r = r->next; timeval_subtract(&d, env->now_tv, &r->start_time); - snprintf(buf, len, "%d.%6.6d", (int)d.tv_sec, (int)d.tv_usec); + snprintf(buf, len, "%lld.%6.6d", (long long)d.tv_sec, (int)d.tv_usec); } else { snprintf(buf, len, "-"); } @@ -1836,7 +1836,7 @@ struct infra_arg { /** the SSL connection */ SSL* ssl; /** the time now */ - uint32_t now; + time_t now; }; /** callback for every host element in the infra cache */ diff --git a/daemon/unbound.c b/daemon/unbound.c index 73706c474..a772da2fa 100644 --- a/daemon/unbound.c +++ b/daemon/unbound.c @@ -521,7 +521,7 @@ perform_setup(struct daemon* daemon, struct config_file* cfg, int debug_mode, /* setusercontext does initgroups, setuid, setgid, and * also resource limits from login config, but we * still call setresuid, setresgid to be sure to set all uid*/ - if(setusercontext(NULL, pwd, uid, + if(setusercontext(NULL, pwd, uid, (unsigned) (unsigned int)LOGIN_SETALL & ~LOGIN_SETUSER & ~LOGIN_SETGROUP) != 0) log_warn("unable to setusercontext %s: %s", cfg->username, strerror(errno)); diff --git a/daemon/worker.c b/daemon/worker.c index 774f621df..544aab51c 100644 --- a/daemon/worker.c +++ b/daemon/worker.c @@ -453,7 +453,7 @@ answer_norec_from_cache(struct worker* worker, struct query_info* qinfo, */ uint16_t udpsize = edns->udp_size; int secure = 0; - uint32_t timenow = *worker->env.now; + time_t timenow = *worker->env.now; int must_validate = (!(flags&BIT_CD) || worker->env.cfg->ignore_cd) && worker->env.need_to_validate; struct dns_msg *msg = NULL; @@ -531,7 +531,7 @@ answer_from_cache(struct worker* worker, struct query_info* qinfo, struct reply_info* rep, uint16_t id, uint16_t flags, struct comm_reply* repinfo, struct edns_data* edns) { - uint32_t timenow = *worker->env.now; + time_t timenow = *worker->env.now; uint16_t udpsize = edns->udp_size; int secure; int must_validate = (!(flags&BIT_CD) || worker->env.cfg->ignore_cd) @@ -621,7 +621,7 @@ answer_from_cache(struct worker* worker, struct query_info* qinfo, /** Reply to client and perform prefetch to keep cache up to date */ static void reply_and_prefetch(struct worker* worker, struct query_info* qinfo, - uint16_t flags, struct comm_reply* repinfo, uint32_t leeway) + uint16_t flags, struct comm_reply* repinfo, time_t leeway) { /* first send answer to client to keep its latency * as small as a cachereply */ @@ -837,15 +837,16 @@ worker_handle_request(struct comm_point* c, void* arg, int error, (int)edns.udp_size); log_addr(VERB_CLIENT,"from",&repinfo->addr, repinfo->addrlen); edns.udp_size = NORMAL_UDP_SIZE; - } else if(edns.edns_present && - edns.udp_size > worker->daemon->cfg->max_udp_size && + } + if(edns.udp_size > worker->daemon->cfg->max_udp_size && c->type == comm_udp) { - verbose(VERB_QUERY, "worker request: EDNS bufsize %d exceeds " - "max-udp-size, fixed", (int)edns.udp_size); + verbose(VERB_QUERY, + "worker request: max UDP reply size modified" + " (%d to max-udp-size)", (int)edns.udp_size); log_addr(VERB_CLIENT,"from",&repinfo->addr, repinfo->addrlen); edns.udp_size = worker->daemon->cfg->max_udp_size; } - if(edns.edns_present && edns.udp_size < LDNS_HEADER_SIZE) { + if(edns.udp_size < LDNS_HEADER_SIZE) { verbose(VERB_ALGO, "worker request: edns is too small."); log_addr(VERB_CLIENT, "from", &repinfo->addr, repinfo->addrlen); LDNS_QR_SET(ldns_buffer_begin(c->buffer)); @@ -909,7 +910,7 @@ worker_handle_request(struct comm_point* c, void* arg, int error, /* prefetch it if the prefetch TTL expired */ if(worker->env.cfg->prefetch && *worker->env.now >= ((struct reply_info*)e->data)->prefetch_ttl) { - uint32_t leeway = ((struct reply_info*)e-> + time_t leeway = ((struct reply_info*)e-> data)->ttl - *worker->env.now; lock_rw_unlock(&e->lock); reply_and_prefetch(worker, &qinfo, diff --git a/doc/Changelog b/doc/Changelog index 16016ba8b..e9c39a69e 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,3 +1,57 @@ +19 Sep 2013: Wouter + - 1.4.21 tag created. + - trunk has 1.4.22 number inside it. + - iana portlist updated. + - acx_nlnetlabs.m4 to 26; improve FLTO help text. + +16 Sep 2013: Wouter + - Fix#524: max-udp-size not effective to non-EDNS0 queries, from + Daisuke HIGASHI. + +10 Sep 2013: Wouter + - MIN_TTL and MAX_TTL also in time_t. + - tag 1.4.21rc1 made again. + +26 Aug 2013: Wouter + - More fixes for bug#519: for the threaded case test if the bg + thread has been killed, on ub_ctx_delete, to avoid hangs. + +22 Aug 2013: Wouter + - more fixes that I overlooked. + - review fixes from Willem. + +21 Aug 2013: Wouter + - Fix#520: Errors found by static analysis from Tomas Hozza(redhat). + +20 Aug 2013: Wouter + - Fix for 2038, with time_t instead of uint32_t. + +19 Aug 2013: Wouter + - Fix#519 ub_ctx_delete may hang in some scenarios (libunbound). + +14 Aug 2013: Wouter + - Fix uninit variable in fix#516. + +8 Aug 2013: Wouter + - Fix#516 dnssec lameness detection for answers that are improper. + +30 Jun 2013: Wouter + - tag 1.4.21rc1 + +29 Jun 2013: Wouter + - Fix#512 memleak in testcode for testbound (if it fails). + - Fix#512 NSS returned arrays out of setup function to be statics. + +26 Jun 2013: Wouter + - max include of 100.000 files (depth and globbed at one time). + This is to preserve system memory in bug cases, or endless cases. + - iana portlist updated. + +19 Jun 2013: Wouter + - streamtcp man page, contributed by Tomas Hozza. + - iana portlist updated. + - libunbound documentation on how to avoid openssl race conditions. + 25 Jun 2013: Wouter - Squelch sendto-permission denied errors when the network is not connected, to avoid spamming syslog. diff --git a/doc/libunbound.3.in b/doc/libunbound.3.in index 2a4184f71..8807ac128 100644 --- a/doc/libunbound.3.in +++ b/doc/libunbound.3.in @@ -171,6 +171,9 @@ by default. Use and .B ub_ctx_hosts to read them. +Before you call this, use the openssl functions CRYPTO_set_id_callback and +CRYPTO_set_locking_callback to set up asyncronous operation if you use +lib openssl (the application calls these functions once for initialisation). .TP .B ub_ctx_delete Delete validation context and free associated resources. diff --git a/iterator/iter_delegpt.c b/iterator/iter_delegpt.c index d2f5d7333..c204ddfec 100644 --- a/iterator/iter_delegpt.c +++ b/iterator/iter_delegpt.c @@ -71,7 +71,7 @@ struct delegpt* delegpt_copy(struct delegpt* dp, struct regional* region) copy->bogus = dp->bogus; copy->has_parent_side_NS = dp->has_parent_side_NS; for(ns = dp->nslist; ns; ns = ns->next) { - if(!delegpt_add_ns(copy, region, ns->name, (int)ns->lame)) + if(!delegpt_add_ns(copy, region, ns->name, ns->lame)) return NULL; copy->nslist->resolved = ns->resolved; copy->nslist->got4 = ns->got4; @@ -98,7 +98,7 @@ delegpt_set_name(struct delegpt* dp, struct regional* region, uint8_t* name) int delegpt_add_ns(struct delegpt* dp, struct regional* region, uint8_t* name, - int lame) + uint8_t lame) { struct delegpt_ns* ns; size_t len; @@ -119,7 +119,7 @@ delegpt_add_ns(struct delegpt* dp, struct regional* region, uint8_t* name, ns->resolved = 0; ns->got4 = 0; ns->got6 = 0; - ns->lame = (uint8_t)lame; + ns->lame = lame; ns->done_pside4 = 0; ns->done_pside6 = 0; return ns->name != 0; @@ -156,7 +156,7 @@ delegpt_find_addr(struct delegpt* dp, struct sockaddr_storage* addr, int delegpt_add_target(struct delegpt* dp, struct regional* region, uint8_t* name, size_t namelen, struct sockaddr_storage* addr, - socklen_t addrlen, int bogus, int lame) + socklen_t addrlen, uint8_t bogus, uint8_t lame) { struct delegpt_ns* ns = delegpt_find_ns(dp, name, namelen); log_assert(!dp->dp_type_mlc); @@ -176,8 +176,8 @@ delegpt_add_target(struct delegpt* dp, struct regional* region, int delegpt_add_addr(struct delegpt* dp, struct regional* region, - struct sockaddr_storage* addr, socklen_t addrlen, int bogus, - int lame) + struct sockaddr_storage* addr, socklen_t addrlen, uint8_t bogus, + uint8_t lame) { struct delegpt_addr* a; log_assert(!dp->dp_type_mlc); @@ -204,6 +204,7 @@ delegpt_add_addr(struct delegpt* dp, struct regional* region, a->attempts = 0; a->bogus = bogus; a->lame = lame; + a->dnsseclame = 0; return 1; } @@ -376,7 +377,7 @@ delegpt_from_message(struct dns_msg* msg, struct regional* region) int delegpt_rrset_add_ns(struct delegpt* dp, struct regional* region, - struct ub_packed_rrset_key* ns_rrset, int lame) + struct ub_packed_rrset_key* ns_rrset, uint8_t lame) { struct packed_rrset_data* nsdata = (struct packed_rrset_data*) ns_rrset->entry.data; @@ -398,7 +399,7 @@ delegpt_rrset_add_ns(struct delegpt* dp, struct regional* region, int delegpt_add_rrset_A(struct delegpt* dp, struct regional* region, - struct ub_packed_rrset_key* ak, int lame) + struct ub_packed_rrset_key* ak, uint8_t lame) { struct packed_rrset_data* d=(struct packed_rrset_data*)ak->entry.data; size_t i; @@ -422,7 +423,7 @@ delegpt_add_rrset_A(struct delegpt* dp, struct regional* region, int delegpt_add_rrset_AAAA(struct delegpt* dp, struct regional* region, - struct ub_packed_rrset_key* ak, int lame) + struct ub_packed_rrset_key* ak, uint8_t lame) { struct packed_rrset_data* d=(struct packed_rrset_data*)ak->entry.data; size_t i; @@ -446,7 +447,7 @@ delegpt_add_rrset_AAAA(struct delegpt* dp, struct regional* region, int delegpt_add_rrset(struct delegpt* dp, struct regional* region, - struct ub_packed_rrset_key* rrset, int lame) + struct ub_packed_rrset_key* rrset, uint8_t lame) { if(!rrset) return 1; @@ -548,7 +549,7 @@ int delegpt_set_name_mlc(struct delegpt* dp, uint8_t* name) return (dp->name != NULL); } -int delegpt_add_ns_mlc(struct delegpt* dp, uint8_t* name, int lame) +int delegpt_add_ns_mlc(struct delegpt* dp, uint8_t* name, uint8_t lame) { struct delegpt_ns* ns; size_t len; @@ -579,7 +580,7 @@ int delegpt_add_ns_mlc(struct delegpt* dp, uint8_t* name, int lame) } int delegpt_add_addr_mlc(struct delegpt* dp, struct sockaddr_storage* addr, - socklen_t addrlen, int bogus, int lame) + socklen_t addrlen, uint8_t bogus, uint8_t lame) { struct delegpt_addr* a; log_assert(dp->dp_type_mlc); @@ -605,11 +606,13 @@ int delegpt_add_addr_mlc(struct delegpt* dp, struct sockaddr_storage* addr, a->attempts = 0; a->bogus = bogus; a->lame = lame; + a->dnsseclame = 0; return 1; } int delegpt_add_target_mlc(struct delegpt* dp, uint8_t* name, size_t namelen, - struct sockaddr_storage* addr, socklen_t addrlen, int bogus, int lame) + struct sockaddr_storage* addr, socklen_t addrlen, uint8_t bogus, + uint8_t lame) { struct delegpt_ns* ns = delegpt_find_ns(dp, name, namelen); log_assert(dp->dp_type_mlc); diff --git a/iterator/iter_delegpt.h b/iterator/iter_delegpt.h index 7728031aa..d7e0767d6 100644 --- a/iterator/iter_delegpt.h +++ b/iterator/iter_delegpt.h @@ -140,9 +140,13 @@ struct delegpt_addr { int sel_rtt; /** if true, the A or AAAA RR was bogus, so this address is bad. * Also check the dp->bogus to see if everything is bogus. */ - int bogus; + uint8_t bogus; /** if true, this address is dispreferred: it is a lame IP address */ - int lame; + uint8_t lame; + /** if the address is dnsseclame, but this cannot be cached, this + * option is useful to mark the address dnsseclame. + * This value is not copied in addr-copy and dp-copy. */ + uint8_t dnsseclame; }; /** @@ -179,7 +183,7 @@ int delegpt_set_name(struct delegpt* dp, struct regional* regional, * @return false on error. */ int delegpt_add_ns(struct delegpt* dp, struct regional* regional, - uint8_t* name, int lame); + uint8_t* name, uint8_t lame); /** * Add NS rrset; calls add_ns repeatedly. @@ -190,7 +194,7 @@ int delegpt_add_ns(struct delegpt* dp, struct regional* regional, * @return 0 on alloc error. */ int delegpt_rrset_add_ns(struct delegpt* dp, struct regional* regional, - struct ub_packed_rrset_key* ns_rrset, int lame); + struct ub_packed_rrset_key* ns_rrset, uint8_t lame); /** * Add target address to the delegation point. @@ -207,7 +211,7 @@ int delegpt_rrset_add_ns(struct delegpt* dp, struct regional* regional, */ int delegpt_add_target(struct delegpt* dp, struct regional* regional, uint8_t* name, size_t namelen, struct sockaddr_storage* addr, - socklen_t addrlen, int bogus, int lame); + socklen_t addrlen, uint8_t bogus, uint8_t lame); /** * Add A RRset to delegpt. @@ -218,7 +222,7 @@ int delegpt_add_target(struct delegpt* dp, struct regional* regional, * @return 0 on alloc error. */ int delegpt_add_rrset_A(struct delegpt* dp, struct regional* regional, - struct ub_packed_rrset_key* rrset, int lame); + struct ub_packed_rrset_key* rrset, uint8_t lame); /** * Add AAAA RRset to delegpt. @@ -229,7 +233,7 @@ int delegpt_add_rrset_A(struct delegpt* dp, struct regional* regional, * @return 0 on alloc error. */ int delegpt_add_rrset_AAAA(struct delegpt* dp, struct regional* regional, - struct ub_packed_rrset_key* rrset, int lame); + struct ub_packed_rrset_key* rrset, uint8_t lame); /** * Add any RRset to delegpt. @@ -241,7 +245,7 @@ int delegpt_add_rrset_AAAA(struct delegpt* dp, struct regional* regional, * @return 0 on alloc error. */ int delegpt_add_rrset(struct delegpt* dp, struct regional* regional, - struct ub_packed_rrset_key* rrset, int lame); + struct ub_packed_rrset_key* rrset, uint8_t lame); /** * Add address to the delegation point. No servername is associated or checked. @@ -254,7 +258,8 @@ int delegpt_add_rrset(struct delegpt* dp, struct regional* regional, * @return false on error. */ int delegpt_add_addr(struct delegpt* dp, struct regional* regional, - struct sockaddr_storage* addr, socklen_t addrlen, int bogus, int lame); + struct sockaddr_storage* addr, socklen_t addrlen, + uint8_t bogus, uint8_t lame); /** * Find NS record in name list of delegation point. @@ -376,7 +381,7 @@ int delegpt_set_name_mlc(struct delegpt* dp, uint8_t* name); * @param lame: the name is lame, disprefer. * @return false on error. */ -int delegpt_add_ns_mlc(struct delegpt* dp, uint8_t* name, int lame); +int delegpt_add_ns_mlc(struct delegpt* dp, uint8_t* name, uint8_t lame); /** * add an address to a malloced delegation point. @@ -388,7 +393,7 @@ int delegpt_add_ns_mlc(struct delegpt* dp, uint8_t* name, int lame); * @return false on error. */ int delegpt_add_addr_mlc(struct delegpt* dp, struct sockaddr_storage* addr, - socklen_t addrlen, int bogus, int lame); + socklen_t addrlen, uint8_t bogus, uint8_t lame); /** * Add target address to the delegation point. @@ -403,7 +408,8 @@ int delegpt_add_addr_mlc(struct delegpt* dp, struct sockaddr_storage* addr, * @return false on error. */ int delegpt_add_target_mlc(struct delegpt* dp, uint8_t* name, size_t namelen, - struct sockaddr_storage* addr, socklen_t addrlen, int bogus, int lame); + struct sockaddr_storage* addr, socklen_t addrlen, uint8_t bogus, + uint8_t lame); /** get memory in use by dp */ size_t delegpt_get_mem(struct delegpt* dp); diff --git a/iterator/iter_priv.c b/iterator/iter_priv.c index 51f3e2ea2..572f701f3 100644 --- a/iterator/iter_priv.c +++ b/iterator/iter_priv.c @@ -213,7 +213,7 @@ static int remove_rr(const char* str, ldns_buffer* pkt, struct rrset_parse* rrset, struct rr_parse* prev, struct rr_parse** rr, struct sockaddr_storage* addr, socklen_t addrlen) { - if(verbosity >= VERB_QUERY && rrset->dname_len <= LDNS_MAX_DOMAINLEN) { + if(verbosity >= VERB_QUERY && rrset->dname_len <= LDNS_MAX_DOMAINLEN && str) { uint8_t buf[LDNS_MAX_DOMAINLEN+1]; dname_pkt_copy(pkt, buf, rrset->dname); log_name_addr(VERB_QUERY, str, buf, addr, addrlen); diff --git a/iterator/iter_scrub.c b/iterator/iter_scrub.c index 999f87802..a2407c27c 100644 --- a/iterator/iter_scrub.c +++ b/iterator/iter_scrub.c @@ -520,7 +520,7 @@ store_rrset(ldns_buffer* pkt, struct msg_parse* msg, struct module_env* env, struct ub_packed_rrset_key* k; struct packed_rrset_data* d; struct rrset_ref ref; - uint32_t now = *env->now; + time_t now = *env->now; k = alloc_special_obtain(env->alloc); if(!k) diff --git a/iterator/iter_utils.c b/iterator/iter_utils.c index a500c75e7..28f7dc241 100644 --- a/iterator/iter_utils.c +++ b/iterator/iter_utils.c @@ -177,7 +177,7 @@ iter_apply_cfg(struct iter_env* iter_env, struct config_file* cfg) */ static int iter_filter_unsuitable(struct iter_env* iter_env, struct module_env* env, - uint8_t* name, size_t namelen, uint16_t qtype, uint32_t now, + uint8_t* name, size_t namelen, uint16_t qtype, time_t now, struct delegpt_addr* a) { int rtt, lame, reclame, dnsseclame; @@ -217,14 +217,16 @@ iter_filter_unsuitable(struct iter_env* iter_env, struct module_env* env, /* select remainder from worst to best */ else if(reclame) return rtt+USEFUL_SERVER_TOP_TIMEOUT*3; /* nonpref */ - else if(dnsseclame ) + else if(dnsseclame || a->dnsseclame) return rtt+USEFUL_SERVER_TOP_TIMEOUT*2; /* nonpref */ else if(a->lame) return rtt+USEFUL_SERVER_TOP_TIMEOUT+1; /* nonpref */ else return rtt; } /* no server information present */ - if(a->lame) + if(a->dnsseclame) + return UNKNOWN_SERVER_NICENESS+USEFUL_SERVER_TOP_TIMEOUT*2; /* nonpref */ + else if(a->lame) return USEFUL_SERVER_TOP_TIMEOUT+1+UNKNOWN_SERVER_NICENESS; /* nonpref */ return UNKNOWN_SERVER_NICENESS; } @@ -232,7 +234,7 @@ iter_filter_unsuitable(struct iter_env* iter_env, struct module_env* env, /** lookup RTT information, and also store fastest rtt (if any) */ static int iter_fill_rtt(struct iter_env* iter_env, struct module_env* env, - uint8_t* name, size_t namelen, uint16_t qtype, uint32_t now, + uint8_t* name, size_t namelen, uint16_t qtype, time_t now, struct delegpt* dp, int* best_rtt, struct sock_list* blacklist) { int got_it = 0; @@ -261,7 +263,7 @@ iter_fill_rtt(struct iter_env* iter_env, struct module_env* env, * returns number of best targets (or 0, no suitable targets) */ static int iter_filter_order(struct iter_env* iter_env, struct module_env* env, - uint8_t* name, size_t namelen, uint16_t qtype, uint32_t now, + uint8_t* name, size_t namelen, uint16_t qtype, time_t now, struct delegpt* dp, int* selected_rtt, int open_target, struct sock_list* blacklist) { @@ -420,7 +422,7 @@ dns_copy_msg(struct dns_msg* from, struct regional* region) void iter_dns_store(struct module_env* env, struct query_info* msgqinf, - struct reply_info* msgrep, int is_referral, uint32_t leeway, int pside, + struct reply_info* msgrep, int is_referral, time_t leeway, int pside, struct regional* region) { if(!dns_cache_store(env, msgqinf, msgrep, is_referral, leeway, @@ -768,7 +770,7 @@ void iter_store_parentside_neg(struct module_env* env, /* TTL: NS from referral in iq->deleg_msg, * or first RR from iq->response, * or servfail5secs if !iq->response */ - uint32_t ttl = NORR_TTL; + time_t ttl = NORR_TTL; struct ub_packed_rrset_key* neg; struct packed_rrset_data* newd; if(rep) { @@ -798,7 +800,7 @@ void iter_store_parentside_neg(struct module_env* env, neg->entry.hash = rrset_key_hash(&neg->rk); newd = (struct packed_rrset_data*)regional_alloc_zero(env->scratch, sizeof(struct packed_rrset_data) + sizeof(size_t) + - sizeof(uint8_t*) + sizeof(uint32_t) + sizeof(uint16_t)); + sizeof(uint8_t*) + sizeof(time_t) + sizeof(uint16_t)); if(!newd) { log_err("out of memory in store_parentside_neg"); return; diff --git a/iterator/iter_utils.h b/iterator/iter_utils.h index 8f5a291af..2070622d4 100644 --- a/iterator/iter_utils.h +++ b/iterator/iter_utils.h @@ -131,7 +131,7 @@ struct dns_msg* dns_copy_msg(struct dns_msg* from, struct regional* regional); * but the query resolution can continue without cache storage. */ void iter_dns_store(struct module_env* env, struct query_info* qinf, - struct reply_info* rep, int is_referral, uint32_t leeway, int pside, + struct reply_info* rep, int is_referral, time_t leeway, int pside, struct regional* region); /** diff --git a/iterator/iterator.c b/iterator/iterator.c index 013d6be01..663284185 100644 --- a/iterator/iterator.c +++ b/iterator/iterator.c @@ -1473,7 +1473,7 @@ processLastResort(struct module_qstate* qstate, struct iter_qstate* iq, iq->chase_flags &= ~BIT_RD; /* go to authorities */ for(ns = p->nslist; ns; ns=ns->next) { (void)delegpt_add_ns(iq->dp, qstate->region, - ns->name, (int)ns->lame); + ns->name, ns->lame); } for(a = p->target_list; a; a=a->next_target) { (void)delegpt_add_addr(iq->dp, qstate->region, @@ -1914,12 +1914,23 @@ processQueryResponse(struct module_qstate* qstate, struct iter_qstate* iq, && type != RESPONSE_TYPE_UNTYPED) { /* a possible answer, see if it is missing DNSSEC */ /* but not when forwarding, so we dont mark fwder lame */ - /* also make sure the answer is from the zone we expected, - * otherwise, (due to parent,child on same server), we - * might mark the server,zone lame inappropriately */ - if(!iter_msg_has_dnssec(iq->response) && - iter_msg_from_zone(iq->response, iq->dp, type, - iq->qchase.qclass)) { + if(!iter_msg_has_dnssec(iq->response)) { + /* Mark this address as dnsseclame in this dp, + * because that will make serverselection disprefer + * it, but also, once it is the only final option, + * use dnssec-lame-bypass if it needs to query there.*/ + if(qstate->reply) { + struct delegpt_addr* a = delegpt_find_addr( + iq->dp, &qstate->reply->addr, + qstate->reply->addrlen); + if(a) a->dnsseclame = 1; + } + /* test the answer is from the zone we expected, + * otherwise, (due to parent,child on same server), we + * might mark the server,zone lame inappropriately */ + if(!iter_msg_from_zone(iq->response, iq->dp, type, + iq->qchase.qclass)) + qstate->reply = NULL; type = RESPONSE_TYPE_LAME; dnsseclame = 1; } @@ -2159,8 +2170,7 @@ processQueryResponse(struct module_qstate* qstate, struct iter_qstate* iq, *qstate->env->now, dnsseclame, 0, iq->qchase.qtype)) log_err("mark host lame: out of memory"); - } else log_err("%slame response from cache", - dnsseclame?"DNSSEC ":""); + } } else if(type == RESPONSE_TYPE_REC_LAME) { /* Cache the LAMEness. */ verbose(VERB_DETAIL, "query response REC_LAME: " @@ -2368,12 +2378,12 @@ processTargetResponse(struct module_qstate* qstate, int id, rrset->rk.dname_len)) { /* if dpns->lame then set newcname ns lame too */ if(!delegpt_add_ns(foriq->dp, forq->region, - rrset->rk.dname, (int)dpns->lame)) + rrset->rk.dname, dpns->lame)) log_err("out of memory adding cnamed-ns"); } /* if dpns->lame then set the address(es) lame too */ if(!delegpt_add_rrset(foriq->dp, forq->region, rrset, - (int)dpns->lame)) + dpns->lame)) log_err("out of memory adding targets"); verbose(VERB_ALGO, "added target response"); delegpt_log(VERB_ALGO, foriq->dp); diff --git a/libunbound/libunbound.c b/libunbound/libunbound.c index ae865a71e..999478ef3 100644 --- a/libunbound/libunbound.c +++ b/libunbound/libunbound.c @@ -60,6 +60,9 @@ #include "services/localzone.h" #include "services/cache/infra.h" #include "services/cache/rrset.h" +#ifdef HAVE_PTHREAD +#include +#endif #if defined(UB_ON_WINDOWS) && defined (HAVE_WINDOWS_H) #include @@ -155,11 +158,9 @@ delq(rbnode_t* n, void* ATTR_UNUSED(arg)) context_query_delete(q); } -void -ub_ctx_delete(struct ub_ctx* ctx) +/** stop the bg thread */ +static void ub_stop_bg(struct ub_ctx* ctx) { - struct alloc_cache* a, *na; - if(!ctx) return; /* stop the bg thread */ lock_basic_lock(&ctx->cfglock); if(ctx->created_bg) { @@ -195,7 +196,28 @@ ub_ctx_delete(struct ub_ctx* ctx) else { lock_basic_unlock(&ctx->cfglock); } +} + +void +ub_ctx_delete(struct ub_ctx* ctx) +{ + struct alloc_cache* a, *na; + int do_stop = 1; + if(!ctx) return; + /* see if bg thread is created and if threads have been killed */ + /* no locks, because those may be held by terminated threads */ + /* for processes the read pipe is closed and we see that on read */ +#ifdef HAVE_PTHREAD + if(ctx->created_bg && ctx->dothread) { + if(pthread_kill(ctx->bg_tid, 0) == ESRCH) { + /* thread has been killed */ + do_stop = 0; + } + } +#endif /* HAVE_PTHREAD */ + if(do_stop) + ub_stop_bg(ctx); modstack_desetup(&ctx->mods, ctx->env); a = ctx->alloc_list; diff --git a/libunbound/libworker.c b/libunbound/libworker.c index d6c28b424..d9a7fbcc6 100644 --- a/libunbound/libworker.c +++ b/libunbound/libworker.c @@ -198,7 +198,10 @@ libworker_setup(struct ub_ctx* ctx, int is_bg) } numports = cfg_condense_ports(cfg, &ports); if(numports == 0) { + int locked = !w->is_bg || w->is_bg_thread; libworker_delete(w); + if(locked) + lock_basic_unlock(&ctx->cfglock); return NULL; } w->back = outside_network_create(w->base, cfg->msg_buffer_size, @@ -376,6 +379,11 @@ int libworker_bg(struct ub_ctx* ctx) case -1: return UB_FORKFAIL; default: + /* close non-used parts, so that the worker + * bgprocess gets 'pipe closed' when the + * main process exits */ + tube_close_read(ctx->qq_pipe); + tube_close_write(ctx->rr_pipe); break; } #endif /* HAVE_FORK */ diff --git a/libunbound/unbound.h b/libunbound/unbound.h index 01e8253e3..191338706 100644 --- a/libunbound/unbound.h +++ b/libunbound/unbound.h @@ -78,6 +78,10 @@ * ... same as async for non-threaded * ... the callbacks are called in the thread that calls process(ctx) * + * Openssl needs to have locking in place, and the application must set + * it up, because a mere library cannot do this, use the calls + * CRYPTO_set_id_callback and CRYPTO_set_locking_callback. + * * If no threading is compiled in, the above async example uses fork(2) to * create a process to perform the work. The forked process exits when the * calling process exits, or ctx_delete() is called. diff --git a/services/cache/dns.c b/services/cache/dns.c index 6e99b7fa4..7dadb5c39 100644 --- a/services/cache/dns.c +++ b/services/cache/dns.c @@ -66,8 +66,8 @@ * @param region: for qrep allocs. */ static void -store_rrsets(struct module_env* env, struct reply_info* rep, uint32_t now, - uint32_t leeway, int pside, struct reply_info* qrep, +store_rrsets(struct module_env* env, struct reply_info* rep, time_t now, + time_t leeway, int pside, struct reply_info* qrep, struct regional* region) { size_t i; @@ -105,11 +105,11 @@ store_rrsets(struct module_env* env, struct reply_info* rep, uint32_t now, void dns_cache_store_msg(struct module_env* env, struct query_info* qinfo, - hashvalue_t hash, struct reply_info* rep, uint32_t leeway, int pside, + hashvalue_t hash, struct reply_info* rep, time_t leeway, int pside, struct reply_info* qrep, struct regional* region) { struct msgreply_entry* e; - uint32_t ttl = rep->ttl; + time_t ttl = rep->ttl; size_t i; /* store RRsets */ @@ -142,7 +142,7 @@ dns_cache_store_msg(struct module_env* env, struct query_info* qinfo, /** find closest NS or DNAME and returns the rrset (locked) */ static struct ub_packed_rrset_key* find_closest_of_type(struct module_env* env, uint8_t* qname, size_t qnamelen, - uint16_t qclass, uint32_t now, uint16_t searchtype, int stripfront) + uint16_t qclass, time_t now, uint16_t searchtype, int stripfront) { struct ub_packed_rrset_key *rrset; uint8_t lablen; @@ -171,7 +171,7 @@ find_closest_of_type(struct module_env* env, uint8_t* qname, size_t qnamelen, /** add addr to additional section */ static void addr_to_additional(struct ub_packed_rrset_key* rrset, struct regional* region, - struct dns_msg* msg, uint32_t now) + struct dns_msg* msg, time_t now) { if((msg->rep->rrsets[msg->rep->rrset_count] = packed_rrset_copy_region(rrset, region, now))) { @@ -183,7 +183,7 @@ addr_to_additional(struct ub_packed_rrset_key* rrset, struct regional* region, /** lookup message in message cache */ static struct msgreply_entry* msg_cache_lookup(struct module_env* env, uint8_t* qname, size_t qnamelen, - uint16_t qtype, uint16_t qclass, uint32_t now, int wr) + uint16_t qtype, uint16_t qclass, time_t now, int wr) { struct lruhash_entry* e; struct query_info k; @@ -207,7 +207,7 @@ msg_cache_lookup(struct module_env* env, uint8_t* qname, size_t qnamelen, /** find and add A and AAAA records for nameservers in delegpt */ static int find_add_addrs(struct module_env* env, uint16_t qclass, - struct regional* region, struct delegpt* dp, uint32_t now, + struct regional* region, struct delegpt* dp, time_t now, struct dns_msg** msg) { struct delegpt_ns* ns; @@ -262,12 +262,12 @@ cache_fill_missing(struct module_env* env, uint16_t qclass, struct delegpt_ns* ns; struct msgreply_entry* neg; struct ub_packed_rrset_key* akey; - uint32_t now = *env->now; + time_t now = *env->now; for(ns = dp->nslist; ns; ns = ns->next) { akey = rrset_cache_lookup(env->rrset_cache, ns->name, ns->namelen, LDNS_RR_TYPE_A, qclass, 0, now, 0); if(akey) { - if(!delegpt_add_rrset_A(dp, region, akey, (int)ns->lame)) { + if(!delegpt_add_rrset_A(dp, region, akey, ns->lame)) { lock_rw_unlock(&akey->entry.lock); return 0; } @@ -285,7 +285,7 @@ cache_fill_missing(struct module_env* env, uint16_t qclass, akey = rrset_cache_lookup(env->rrset_cache, ns->name, ns->namelen, LDNS_RR_TYPE_AAAA, qclass, 0, now, 0); if(akey) { - if(!delegpt_add_rrset_AAAA(dp, region, akey, (int)ns->lame)) { + if(!delegpt_add_rrset_AAAA(dp, region, akey, ns->lame)) { lock_rw_unlock(&akey->entry.lock); return 0; } @@ -307,7 +307,7 @@ cache_fill_missing(struct module_env* env, uint16_t qclass, /** find and add DS or NSEC to delegation msg */ static void find_add_ds(struct module_env* env, struct regional* region, - struct dns_msg* msg, struct delegpt* dp, uint32_t now) + struct dns_msg* msg, struct delegpt* dp, time_t now) { /* Lookup the DS or NSEC at the delegation point. */ struct ub_packed_rrset_key* rrset = rrset_cache_lookup( @@ -369,7 +369,7 @@ dns_msg_create(uint8_t* qname, size_t qnamelen, uint16_t qtype, int dns_msg_authadd(struct dns_msg* msg, struct regional* region, - struct ub_packed_rrset_key* rrset, uint32_t now) + struct ub_packed_rrset_key* rrset, time_t now) { if(!(msg->rep->rrsets[msg->rep->rrset_count++] = packed_rrset_copy_region(rrset, region, now))) @@ -381,7 +381,7 @@ dns_msg_authadd(struct dns_msg* msg, struct regional* region, struct delegpt* dns_cache_find_delegation(struct module_env* env, uint8_t* qname, size_t qnamelen, uint16_t qtype, uint16_t qclass, - struct regional* region, struct dns_msg** msg, uint32_t now) + struct regional* region, struct dns_msg** msg, time_t now) { /* try to find closest NS rrset */ struct ub_packed_rrset_key* nskey; @@ -455,7 +455,7 @@ gen_dns_msg(struct regional* region, struct query_info* q, size_t num) /** generate dns_msg from cached message */ static struct dns_msg* tomsg(struct module_env* env, struct query_info* q, struct reply_info* r, - struct regional* region, uint32_t now, struct regional* scratch) + struct regional* region, time_t now, struct regional* scratch) { struct dns_msg* msg; size_t i; @@ -506,7 +506,7 @@ tomsg(struct module_env* env, struct query_info* q, struct reply_info* r, /** synthesize RRset-only response from cached RRset item */ static struct dns_msg* rrset_msg(struct ub_packed_rrset_key* rrset, struct regional* region, - uint32_t now, struct query_info* q) + time_t now, struct query_info* q) { struct dns_msg* msg; struct packed_rrset_data* d = (struct packed_rrset_data*) @@ -535,7 +535,7 @@ rrset_msg(struct ub_packed_rrset_key* rrset, struct regional* region, /** synthesize DNAME+CNAME response from cached DNAME item */ static struct dns_msg* synth_dname_msg(struct ub_packed_rrset_key* rrset, struct regional* region, - uint32_t now, struct query_info* q) + time_t now, struct query_info* q) { struct dns_msg* msg; struct ub_packed_rrset_key* ck; @@ -599,7 +599,7 @@ synth_dname_msg(struct ub_packed_rrset_key* rrset, struct regional* region, ck->entry.hash = rrset_key_hash(&ck->rk); newd = (struct packed_rrset_data*)regional_alloc_zero(region, sizeof(struct packed_rrset_data) + sizeof(size_t) + - sizeof(uint8_t*) + sizeof(uint32_t) + sizeof(uint16_t) + sizeof(uint8_t*) + sizeof(time_t) + sizeof(uint16_t) + newlen); if(!newd) return NULL; @@ -630,7 +630,7 @@ dns_cache_lookup(struct module_env* env, struct lruhash_entry* e; struct query_info k; hashvalue_t h; - uint32_t now = *env->now; + time_t now = *env->now; struct ub_packed_rrset_key* rrset; /* lookup first, this has both NXdomains and ANSWER responses */ @@ -739,7 +739,7 @@ dns_cache_lookup(struct module_env* env, int dns_cache_store(struct module_env* env, struct query_info* msgqinf, - struct reply_info* msgrep, int is_referral, uint32_t leeway, int pside, + struct reply_info* msgrep, int is_referral, time_t leeway, int pside, struct regional* region) { struct reply_info* rep = NULL; diff --git a/services/cache/dns.h b/services/cache/dns.h index bc9f57c9c..508f34441 100644 --- a/services/cache/dns.h +++ b/services/cache/dns.h @@ -82,7 +82,7 @@ struct dns_msg { * @return 0 on alloc error (out of memory). */ int dns_cache_store(struct module_env* env, struct query_info* qinf, - struct reply_info* rep, int is_referral, uint32_t leeway, int pside, + struct reply_info* rep, int is_referral, time_t leeway, int pside, struct regional* region); /** @@ -105,7 +105,7 @@ int dns_cache_store(struct module_env* env, struct query_info* qinf, * @param region: to allocate into for qmsg. */ void dns_cache_store_msg(struct module_env* env, struct query_info* qinfo, - hashvalue_t hash, struct reply_info* rep, uint32_t leeway, int pside, + hashvalue_t hash, struct reply_info* rep, time_t leeway, int pside, struct reply_info* qrep, struct regional* region); /** @@ -123,7 +123,7 @@ void dns_cache_store_msg(struct module_env* env, struct query_info* qinfo, */ struct delegpt* dns_cache_find_delegation(struct module_env* env, uint8_t* qname, size_t qnamelen, uint16_t qtype, uint16_t qclass, - struct regional* region, struct dns_msg** msg, uint32_t timenow); + struct regional* region, struct dns_msg** msg, time_t timenow); /** * Find cached message @@ -177,6 +177,6 @@ struct dns_msg* dns_msg_create(uint8_t* qname, size_t qnamelen, uint16_t qtype, * @return true if worked, false on fail */ int dns_msg_authadd(struct dns_msg* msg, struct regional* region, - struct ub_packed_rrset_key* rrset, uint32_t now); + struct ub_packed_rrset_key* rrset, time_t now); #endif /* SERVICES_CACHE_DNS_H */ diff --git a/services/cache/infra.c b/services/cache/infra.c index c674aca66..42d6acad1 100644 --- a/services/cache/infra.c +++ b/services/cache/infra.c @@ -189,7 +189,7 @@ infra_lookup_nottl(struct infra_cache* infra, struct sockaddr_storage* addr, /** init the data elements */ static void data_entry_init(struct infra_cache* infra, struct lruhash_entry* e, - uint32_t timenow) + time_t timenow) { struct infra_data* data = (struct infra_data*)e->data; data->ttl = timenow + infra->host_ttl; @@ -218,7 +218,7 @@ data_entry_init(struct infra_cache* infra, struct lruhash_entry* e, */ static struct lruhash_entry* new_entry(struct infra_cache* infra, struct sockaddr_storage* addr, - socklen_t addrlen, uint8_t* name, size_t namelen, uint32_t tm) + socklen_t addrlen, uint8_t* name, size_t namelen, time_t tm) { struct infra_data* data; struct infra_key* key = (struct infra_key*)malloc(sizeof(*key)); @@ -248,7 +248,7 @@ new_entry(struct infra_cache* infra, struct sockaddr_storage* addr, int infra_host(struct infra_cache* infra, struct sockaddr_storage* addr, - socklen_t addrlen, uint8_t* nm, size_t nmlen, uint32_t timenow, + socklen_t addrlen, uint8_t* nm, size_t nmlen, time_t timenow, int* edns_vs, uint8_t* edns_lame_known, int* to) { struct lruhash_entry* e = infra_lookup_nottl(infra, addr, addrlen, @@ -317,7 +317,7 @@ infra_host(struct infra_cache* infra, struct sockaddr_storage* addr, int infra_set_lame(struct infra_cache* infra, struct sockaddr_storage* addr, - socklen_t addrlen, uint8_t* nm, size_t nmlen, uint32_t timenow, + socklen_t addrlen, uint8_t* nm, size_t nmlen, time_t timenow, int dnsseclame, int reclame, uint16_t qtype) { struct infra_data* data; @@ -374,7 +374,7 @@ infra_update_tcp_works(struct infra_cache* infra, int infra_rtt_update(struct infra_cache* infra, struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* nm, size_t nmlen, int qtype, - int roundtrip, int orig_rtt, uint32_t timenow) + int roundtrip, int orig_rtt, time_t timenow) { struct lruhash_entry* e = infra_lookup_nottl(infra, addr, addrlen, nm, nmlen, 1); @@ -425,19 +425,19 @@ infra_rtt_update(struct infra_cache* infra, struct sockaddr_storage* addr, return rto; } -int infra_get_host_rto(struct infra_cache* infra, +long long infra_get_host_rto(struct infra_cache* infra, struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* nm, - size_t nmlen, struct rtt_info* rtt, int* delay, uint32_t timenow, + size_t nmlen, struct rtt_info* rtt, int* delay, time_t timenow, int* tA, int* tAAAA, int* tother) { struct lruhash_entry* e = infra_lookup_nottl(infra, addr, addrlen, nm, nmlen, 0); struct infra_data* data; - int ttl = -2; + long long ttl = -2; if(!e) return -1; data = (struct infra_data*)e->data; if(data->ttl >= timenow) { - ttl = (int)(data->ttl - timenow); + ttl = (long long)(data->ttl - timenow); memmove(rtt, &data->rtt, sizeof(*rtt)); if(timenow < data->probedelay) *delay = (int)(data->probedelay - timenow); @@ -453,7 +453,7 @@ int infra_get_host_rto(struct infra_cache* infra, int infra_edns_update(struct infra_cache* infra, struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* nm, size_t nmlen, int edns_version, - uint32_t timenow) + time_t timenow) { struct lruhash_entry* e = infra_lookup_nottl(infra, addr, addrlen, nm, nmlen, 1); @@ -485,7 +485,7 @@ int infra_get_lame_rtt(struct infra_cache* infra, struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* name, size_t namelen, uint16_t qtype, - int* lame, int* dnsseclame, int* reclame, int* rtt, uint32_t timenow) + int* lame, int* dnsseclame, int* reclame, int* rtt, time_t timenow) { struct infra_data* host; struct lruhash_entry* e = infra_lookup_nottl(infra, addr, addrlen, diff --git a/services/cache/infra.h b/services/cache/infra.h index 161f5ab43..d3976aed7 100644 --- a/services/cache/infra.h +++ b/services/cache/infra.h @@ -68,10 +68,10 @@ struct infra_key { */ struct infra_data { /** TTL value for this entry. absolute time. */ - uint32_t ttl; + time_t ttl; /** time in seconds (absolute) when probing re-commences, 0 disabled */ - uint32_t probedelay; + time_t probedelay; /** round trip times for timeout calculation */ struct rtt_info rtt; @@ -173,7 +173,7 @@ struct lruhash_entry* infra_lookup_nottl(struct infra_cache* infra, */ int infra_host(struct infra_cache* infra, struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* name, size_t namelen, - uint32_t timenow, int* edns_vs, uint8_t* edns_lame_known, int* to); + time_t timenow, int* edns_vs, uint8_t* edns_lame_known, int* to); /** * Set a host to be lame for the given zone. @@ -192,7 +192,7 @@ int infra_host(struct infra_cache* infra, struct sockaddr_storage* addr, */ int infra_set_lame(struct infra_cache* infra, struct sockaddr_storage* addr, socklen_t addrlen, - uint8_t* name, size_t namelen, uint32_t timenow, int dnsseclame, + uint8_t* name, size_t namelen, time_t timenow, int dnsseclame, int reclame, uint16_t qtype); /** @@ -212,7 +212,7 @@ int infra_set_lame(struct infra_cache* infra, */ int infra_rtt_update(struct infra_cache* infra, struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* name, size_t namelen, int qtype, - int roundtrip, int orig_rtt, uint32_t timenow); + int roundtrip, int orig_rtt, time_t timenow); /** * Update information for the host, store that a TCP transaction works. @@ -240,7 +240,7 @@ void infra_update_tcp_works(struct infra_cache* infra, */ int infra_edns_update(struct infra_cache* infra, struct sockaddr_storage* addr, socklen_t addrlen, - uint8_t* name, size_t namelen, int edns_version, uint32_t timenow); + uint8_t* name, size_t namelen, int edns_version, time_t timenow); /** * Get Lameness information and average RTT if host is in the cache. @@ -263,7 +263,7 @@ int infra_edns_update(struct infra_cache* infra, int infra_get_lame_rtt(struct infra_cache* infra, struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* name, size_t namelen, uint16_t qtype, - int* lame, int* dnsseclame, int* reclame, int* rtt, uint32_t timenow); + int* lame, int* dnsseclame, int* reclame, int* rtt, time_t timenow); /** * Get additional (debug) info on timing. @@ -281,9 +281,9 @@ int infra_get_lame_rtt(struct infra_cache* infra, * @return TTL the infra host element is valid for. If -1: not found in cache. * TTL -2: found but expired. */ -int infra_get_host_rto(struct infra_cache* infra, +long long infra_get_host_rto(struct infra_cache* infra, struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* name, - size_t namelen, struct rtt_info* rtt, int* delay, uint32_t timenow, + size_t namelen, struct rtt_info* rtt, int* delay, time_t timenow, int* tA, int* tAAAA, int* tother); /** diff --git a/services/cache/rrset.c b/services/cache/rrset.c index b9d20db0e..642236231 100644 --- a/services/cache/rrset.c +++ b/services/cache/rrset.c @@ -120,7 +120,7 @@ rrset_cache_touch(struct rrset_cache* r, struct ub_packed_rrset_key* key, /** see if rrset needs to be updated in the cache */ static int -need_to_update_rrset(void* nd, void* cd, uint32_t timenow, int equal, int ns) +need_to_update_rrset(void* nd, void* cd, time_t timenow, int equal, int ns) { struct packed_rrset_data* newd = (struct packed_rrset_data*)nd; struct packed_rrset_data* cached = (struct packed_rrset_data*)cd; @@ -181,7 +181,7 @@ rrset_update_id(struct rrset_ref* ref, struct alloc_cache* alloc) int rrset_cache_update(struct rrset_cache* r, struct rrset_ref* ref, - struct alloc_cache* alloc, uint32_t timenow) + struct alloc_cache* alloc, time_t timenow) { struct lruhash_entry* e; struct ub_packed_rrset_key* k = ref->key; @@ -237,7 +237,7 @@ rrset_cache_update(struct rrset_cache* r, struct rrset_ref* ref, struct ub_packed_rrset_key* rrset_cache_lookup(struct rrset_cache* r, uint8_t* qname, size_t qnamelen, - uint16_t qtype, uint16_t qclass, uint32_t flags, uint32_t timenow, + uint16_t qtype, uint16_t qclass, uint32_t flags, time_t timenow, int wr) { struct lruhash_entry* e; @@ -268,7 +268,7 @@ rrset_cache_lookup(struct rrset_cache* r, uint8_t* qname, size_t qnamelen, } int -rrset_array_lock(struct rrset_ref* ref, size_t count, uint32_t timenow) +rrset_array_lock(struct rrset_ref* ref, size_t count, time_t timenow) { size_t i; for(i=0; ientry.data; @@ -366,7 +366,7 @@ rrset_update_sec_status(struct rrset_cache* r, void rrset_check_sec_status(struct rrset_cache* r, - struct ub_packed_rrset_key* rrset, uint32_t now) + struct ub_packed_rrset_key* rrset, time_t now) { struct packed_rrset_data* updata = (struct packed_rrset_data*)rrset->entry.data; diff --git a/services/cache/rrset.h b/services/cache/rrset.h index 22d36719e..92ced928b 100644 --- a/services/cache/rrset.h +++ b/services/cache/rrset.h @@ -131,7 +131,7 @@ void rrset_cache_touch(struct rrset_cache* r, struct ub_packed_rrset_key* key, * also the rdata is equal (but other parameters in cache are superior). */ int rrset_cache_update(struct rrset_cache* r, struct rrset_ref* ref, - struct alloc_cache* alloc, uint32_t timenow); + struct alloc_cache* alloc, time_t timenow); /** * Lookup rrset. You obtain read/write lock. You must unlock before lookup @@ -149,7 +149,7 @@ int rrset_cache_update(struct rrset_cache* r, struct rrset_ref* ref, */ struct ub_packed_rrset_key* rrset_cache_lookup(struct rrset_cache* r, uint8_t* qname, size_t qnamelen, uint16_t qtype, uint16_t qclass, - uint32_t flags, uint32_t timenow, int wr); + uint32_t flags, time_t timenow, int wr); /** * Obtain readlock on a (sorted) list of rrset references. @@ -163,7 +163,7 @@ struct ub_packed_rrset_key* rrset_cache_lookup(struct rrset_cache* r, * RRsets have been purged from the cache. * If true, you hold readlocks on all the ref items. */ -int rrset_array_lock(struct rrset_ref* ref, size_t count, uint32_t timenow); +int rrset_array_lock(struct rrset_ref* ref, size_t count, time_t timenow); /** * Unlock array (sorted) of rrset references. @@ -199,7 +199,7 @@ void rrset_array_unlock_touch(struct rrset_cache* r, struct regional* scratch, * @param now: current time. */ void rrset_update_sec_status(struct rrset_cache* r, - struct ub_packed_rrset_key* rrset, uint32_t now); + struct ub_packed_rrset_key* rrset, time_t now); /** * Looks up security status of an rrset. Looks up the rrset. @@ -211,7 +211,7 @@ void rrset_update_sec_status(struct rrset_cache* r, * @param now: current time. */ void rrset_check_sec_status(struct rrset_cache* r, - struct ub_packed_rrset_key* rrset, uint32_t now); + struct ub_packed_rrset_key* rrset, time_t now); /** * Remove an rrset from the cache, by name and type and flags diff --git a/services/localzone.c b/services/localzone.c index 9fdab51c1..4a2187ec4 100644 --- a/services/localzone.c +++ b/services/localzone.c @@ -225,7 +225,7 @@ lz_enter_zone(struct local_zones* zones, const char* name, const char* type, /** return name and class and rdata of rr; parses string */ static int get_rr_content(const char* str, uint8_t** nm, uint16_t* type, - uint16_t* dclass, uint32_t* ttl, ldns_buffer* rdata) + uint16_t* dclass, time_t* ttl, ldns_buffer* rdata) { ldns_rr* rr = NULL; ldns_status status = ldns_rr_new_frm_str(&rr, str, 3600, NULL, NULL); @@ -244,7 +244,7 @@ get_rr_content(const char* str, uint8_t** nm, uint16_t* type, } *dclass = ldns_rr_get_class(rr); *type = ldns_rr_get_type(rr); - *ttl = (uint32_t)ldns_rr_ttl(rr); + *ttl = (time_t)ldns_rr_ttl(rr); ldns_buffer_clear(rdata); ldns_buffer_skip(rdata, 2); status = ldns_rr_rdata2buffer_wire(rdata, rr); @@ -356,10 +356,10 @@ new_local_rrset(struct regional* region, struct local_data* node, /** insert RR into RRset data structure; Wastes a couple of bytes */ static int insert_rr(struct regional* region, struct packed_rrset_data* pd, - ldns_buffer* buf, uint32_t ttl) + ldns_buffer* buf, time_t ttl) { size_t* oldlen = pd->rr_len; - uint32_t* oldttl = pd->rr_ttl; + time_t* oldttl = pd->rr_ttl; uint8_t** olddata = pd->rr_data; /* add RR to rrset */ @@ -450,7 +450,7 @@ lz_enter_rr_into_zone(struct local_zone* z, ldns_buffer* buf, struct local_rrset* rrset; struct packed_rrset_data* pd; uint16_t rrtype = 0, rrclass = 0; - uint32_t ttl = 0; + time_t ttl = 0; if(!get_rr_content(rrstr, &nm, &rrtype, &rrclass, &ttl, buf)) { log_err("bad local-data: %s", rrstr); return 0; diff --git a/services/mesh.c b/services/mesh.c index 96e905dbe..09ff93977 100644 --- a/services/mesh.c +++ b/services/mesh.c @@ -507,7 +507,7 @@ mesh_new_callback(struct mesh_area* mesh, struct query_info* qinfo, } void mesh_new_prefetch(struct mesh_area* mesh, struct query_info* qinfo, - uint16_t qflags, uint32_t leeway) + uint16_t qflags, time_t leeway) { struct mesh_state* s = mesh_area_find(mesh, qinfo, qflags&BIT_RD, 0); #ifdef UNBOUND_DEBUG @@ -982,8 +982,8 @@ mesh_send_reply(struct mesh_state* m, int rcode, struct reply_info* rep, m->s.env->mesh->num_reply_addrs--; end_time = *m->s.env->now_tv; timeval_subtract(&duration, &end_time, &r->start_time); - verbose(VERB_ALGO, "query took %d.%6.6d sec", - (int)duration.tv_sec, (int)duration.tv_usec); + verbose(VERB_ALGO, "query took %lld.%6.6d sec", + (long long)duration.tv_sec, (int)duration.tv_usec); m->s.env->mesh->replies_sent++; timeval_add(&m->s.env->mesh->replies_sum_wait, &duration); timehist_insert(m->s.env->mesh->histogram, &duration); @@ -1232,7 +1232,7 @@ mesh_stats(struct mesh_area* mesh, const char* str) timeval_divide(&avg, &mesh->replies_sum_wait, mesh->replies_sent); log_info("average recursion processing time " - "%d.%6.6d sec", (int)avg.tv_sec, (int)avg.tv_usec); + "%lld.%6.6d sec", (long long)avg.tv_sec, (int)avg.tv_usec); log_info("histogram of recursion processing times"); timehist_log(mesh->histogram, "recursions"); } diff --git a/services/mesh.h b/services/mesh.h index 5f109779a..54a3cafec 100644 --- a/services/mesh.h +++ b/services/mesh.h @@ -307,7 +307,7 @@ int mesh_new_callback(struct mesh_area* mesh, struct query_info* qinfo, * @param leeway: TTL leeway what to expire earlier for this update. */ void mesh_new_prefetch(struct mesh_area* mesh, struct query_info* qinfo, - uint16_t qflags, uint32_t leeway); + uint16_t qflags, time_t leeway); /** * Handle new event from the wire. A serviced query has returned. diff --git a/services/outside_network.c b/services/outside_network.c index f4a8bc365..0ba65ceac 100644 --- a/services/outside_network.c +++ b/services/outside_network.c @@ -1384,7 +1384,7 @@ serviced_udp_send(struct serviced_query* sq, ldns_buffer* buff) { int rtt, vs; uint8_t edns_lame_known; - uint32_t now = *sq->outnet->now_secs; + time_t now = *sq->outnet->now_secs; if(!infra_host(sq->outnet->infra, &sq->addr, sq->addrlen, sq->zone, sq->zonelen, now, &vs, &edns_lame_known, &rtt)) @@ -1592,7 +1592,7 @@ serviced_tcp_callback(struct comm_point* c, void* arg, int error, (now.tv_sec == sq->last_sent_time.tv_sec && now.tv_usec > sq->last_sent_time.tv_usec)) { /* convert from microseconds to milliseconds */ - int roundtime = ((int)now.tv_sec - (int)sq->last_sent_time.tv_sec)*1000 + int roundtime = ((int)(now.tv_sec - sq->last_sent_time.tv_sec))*1000 + ((int)now.tv_usec - (int)sq->last_sent_time.tv_usec)/1000; verbose(VERB_ALGO, "measured TCP-time at %d msec", roundtime); log_assert(roundtime >= 0); @@ -1601,7 +1601,7 @@ serviced_tcp_callback(struct comm_point* c, void* arg, int error, if(roundtime < TCP_AUTH_QUERY_TIMEOUT*1000) { if(!infra_rtt_update(sq->outnet->infra, &sq->addr, sq->addrlen, sq->zone, sq->zonelen, sq->qtype, - roundtime, sq->last_rtt, (uint32_t)now.tv_sec)) + roundtime, sq->last_rtt, (time_t)now.tv_sec)) log_err("out of memory noting rtt."); } } @@ -1693,7 +1693,7 @@ serviced_udp_callback(struct comm_point* c, void* arg, int error, sq->retry++; if(!(rto=infra_rtt_update(outnet->infra, &sq->addr, sq->addrlen, sq->zone, sq->zonelen, sq->qtype, -1, sq->last_rtt, - (uint32_t)now.tv_sec))) + (time_t)now.tv_sec))) log_err("out of memory in UDP exponential backoff"); if(sq->retry < OUTBOUND_UDP_RETRY) { log_name_addr(VERB_ALGO, "retry query", sq->qbuf+10, @@ -1737,7 +1737,7 @@ serviced_udp_callback(struct comm_point* c, void* arg, int error, /* only store noEDNS in cache if domain is noDNSSEC */ if(!sq->want_dnssec) if(!infra_edns_update(outnet->infra, &sq->addr, sq->addrlen, - sq->zone, sq->zonelen, -1, (uint32_t)now.tv_sec)) { + sq->zone, sq->zonelen, -1, (time_t)now.tv_sec)) { log_err("Out of memory caching no edns for host"); } sq->status = serviced_query_UDP; @@ -1747,7 +1747,7 @@ serviced_udp_callback(struct comm_point* c, void* arg, int error, log_addr(VERB_ALGO, "serviced query: EDNS works for", &sq->addr, sq->addrlen); if(!infra_edns_update(outnet->infra, &sq->addr, sq->addrlen, - sq->zone, sq->zonelen, 0, (uint32_t)now.tv_sec)) { + sq->zone, sq->zonelen, 0, (time_t)now.tv_sec)) { log_err("Out of memory caching edns works"); } sq->edns_lame_known = 1; @@ -1764,7 +1764,7 @@ serviced_udp_callback(struct comm_point* c, void* arg, int error, log_addr(VERB_ALGO, "serviced query: EDNS fails for", &sq->addr, sq->addrlen); if(!infra_edns_update(outnet->infra, &sq->addr, sq->addrlen, - sq->zone, sq->zonelen, -1, (uint32_t)now.tv_sec)) { + sq->zone, sq->zonelen, -1, (time_t)now.tv_sec)) { log_err("Out of memory caching no edns for host"); } } else { @@ -1778,7 +1778,7 @@ serviced_udp_callback(struct comm_point* c, void* arg, int error, (now.tv_sec == sq->last_sent_time.tv_sec && now.tv_usec > sq->last_sent_time.tv_usec)) { /* convert from microseconds to milliseconds */ - int roundtime = ((int)now.tv_sec - (int)sq->last_sent_time.tv_sec)*1000 + int roundtime = ((int)(now.tv_sec - sq->last_sent_time.tv_sec))*1000 + ((int)now.tv_usec - (int)sq->last_sent_time.tv_usec)/1000; verbose(VERB_ALGO, "measured roundtrip at %d msec", roundtime); log_assert(roundtime >= 0); @@ -1787,7 +1787,7 @@ serviced_udp_callback(struct comm_point* c, void* arg, int error, if(roundtime < 60000) { if(!infra_rtt_update(outnet->infra, &sq->addr, sq->addrlen, sq->zone, sq->zonelen, sq->qtype, roundtime, - sq->last_rtt, (uint32_t)now.tv_sec)) + sq->last_rtt, (time_t)now.tv_sec)) log_err("out of memory noting rtt."); } } diff --git a/services/outside_network.h b/services/outside_network.h index e203fcddb..e2adb6c91 100644 --- a/services/outside_network.h +++ b/services/outside_network.h @@ -63,7 +63,7 @@ struct outside_network { /** Base for select calls */ struct comm_base* base; /** pointer to time in seconds */ - uint32_t* now_secs; + time_t* now_secs; /** pointer to time in microseconds */ struct timeval* now_tv; diff --git a/testcode/fake_event.c b/testcode/fake_event.c index ee3cdc4de..8bae58ecf 100644 --- a/testcode/fake_event.c +++ b/testcode/fake_event.c @@ -481,7 +481,7 @@ time_passes(struct replay_runtime* runtime, struct replay_moment* mom) #endif } timeval_add(&runtime->now_tv, &tv); - runtime->now_secs = (uint32_t)runtime->now_tv.tv_sec; + runtime->now_secs = (time_t)runtime->now_tv.tv_sec; #ifndef S_SPLINT_S log_info("elapsed %d.%6.6d now %d.%6.6d", (int)tv.tv_sec, (int)tv.tv_usec, @@ -804,7 +804,7 @@ comm_base_delete(struct comm_base* b) } void -comm_base_timept(struct comm_base* b, uint32_t** tt, struct timeval** tv) +comm_base_timept(struct comm_base* b, time_t** tt, struct timeval** tv) { struct replay_runtime* runtime = (struct replay_runtime*)b; *tt = &runtime->now_secs; @@ -929,8 +929,10 @@ outside_network_create(struct comm_base* base, size_t bufsize, outnet->edns_subnet_upstreams = edns_subnet_upstreams; #endif outnet->udp_buff = ldns_buffer_new(bufsize); - if(!outnet->udp_buff) + if(!outnet->udp_buff) { + free(outnet); return NULL; + } return outnet; } diff --git a/testcode/replay.c b/testcode/replay.c index 2ce647da1..ce050ed0a 100644 --- a/testcode/replay.c +++ b/testcode/replay.c @@ -792,15 +792,15 @@ macro_expand(rbtree_t* store, struct replay_runtime* runtime, char** text) /* check for functions */ if(strcmp(buf, "time") == 0) { - snprintf(buf, sizeof(buf), "%u", (unsigned)runtime->now_secs); + snprintf(buf, sizeof(buf), "%lld", (long long)runtime->now_secs); *text += len; return strdup(buf); } else if(strcmp(buf, "timeout") == 0) { - uint32_t res = 0; + time_t res = 0; struct fake_timer* t = first_timer(runtime); - if(t && (uint32_t)t->tv.tv_sec >= runtime->now_secs) - res = (uint32_t)t->tv.tv_sec - runtime->now_secs; - snprintf(buf, sizeof(buf), "%u", (unsigned)res); + if(t && (time_t)t->tv.tv_sec >= runtime->now_secs) + res = (time_t)t->tv.tv_sec - runtime->now_secs; + snprintf(buf, sizeof(buf), "%lld", (long long)res); *text += len; return strdup(buf); } else if(strncmp(buf, "ctime ", 6) == 0 || diff --git a/testcode/replay.h b/testcode/replay.h index 049db4e80..beac3ce83 100644 --- a/testcode/replay.h +++ b/testcode/replay.h @@ -293,7 +293,7 @@ struct replay_runtime { struct infra_cache* infra; /** the current time in seconds */ - uint32_t now_secs; + time_t now_secs; /** the current time in microseconds */ struct timeval now_tv; diff --git a/testcode/streamtcp.1 b/testcode/streamtcp.1 new file mode 100644 index 000000000..7c738d9d2 --- /dev/null +++ b/testcode/streamtcp.1 @@ -0,0 +1,66 @@ +.TH "unbound\-streamtcp" "1" "Mar 21, 2013" "NLnet Labs" "unbound" +.\" +.\" unbound-streamtcp.1 -- unbound DNS lookup utility +.\" +.SH "NAME" +.LP +.B unbound\-streamtcp +\- unbound DNS lookup utility +.SH "SYNOPSIS" +.LP +.B unbound\-streamtcp +.RB [ \-unsh ] +.RB [ \-f +.IR ipaddr[@port] ] +.I name +.I type +.I class +.SH "DESCRIPTION" +.LP +.B unbound\-streamtcp +sends a DNS Query of the given \fBtype\fR and \fBclass\fR for the given \fBname\fR +to the DNS server over TCP and displays the response. +.P +If the server to query is not given using the \fB\-f\fR option then localhost +(127.0.0.1) is used. More queries can be given on one commandline, they +are resolved in sequence. +.P +The available options are: +.TP +.I name +This name is resolved (looked up in the DNS). +.TP +.I type +Specify the type of data to lookup. +.TP +.I class +Specify the class to lookup for. +.TP +.B \-u +Use UDP instead of TCP. No retries are attempted. +.TP +.B \-n +Do not wait for the answer. +.TP +.B \-s +Use SSL. +.TP +.B \-h +Print program usage. +.TP +.B \-f \fIipaddr[@port] +Specify the server to send the queries to. If not specified localhost (127.0.0.1) is used. +.SH "EXAMPLES" +.LP +Some examples of use. +.P +$ unbound\-streamtcp www.example.com A IN +.P +$ unbound\-streamtcp \-f 192.168.1.1 www.example.com SOA IN +.P +$ unbound\-streamtcp \-f 192.168.1.1@1234 153.1.168.192.in\-addr.arpa. PTR IN +.SH "EXIT CODE" +The unbound\-streamtcp program exits with status code 1 on error, +0 on no error. +.SH "AUTHOR" +This manual page was written by Tomas Hozza . diff --git a/testcode/streamtcp.c b/testcode/streamtcp.c index dbdf1408c..06a18e4cf 100644 --- a/testcode/streamtcp.c +++ b/testcode/streamtcp.c @@ -121,9 +121,9 @@ write_q(int fd, int udp, SSL* ssl, ldns_buffer* buf, uint16_t id, exit(1); } qinfo.qname = memdup(ldns_rdf_data(rdf), ldns_rdf_size(rdf)); + if(!qinfo.qname) fatal_exit("out of memory"); (void)dname_count_size_labels(qinfo.qname, &qinfo.qname_len); ldns_rdf_deep_free(rdf); - if(!qinfo.qname) fatal_exit("out of memory"); /* qtype and qclass */ qinfo.qtype = ldns_get_rr_type_by_name(strtype); diff --git a/testcode/unitmain.c b/testcode/unitmain.c index 30316a6f7..514895ded 100644 --- a/testcode/unitmain.c +++ b/testcode/unitmain.c @@ -411,7 +411,7 @@ rtt_test(void) /* lookup and get key and data structs easily */ static struct infra_data* infra_lookup_host(struct infra_cache* infra, struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* zone, - size_t zonelen, int wr, uint32_t now, struct infra_key** k) + size_t zonelen, int wr, time_t now, struct infra_key** k) { struct infra_data* d; struct lruhash_entry* e = infra_lookup_nottl(infra, addr, addrlen, @@ -436,7 +436,7 @@ infra_test(void) size_t zonelen = 13; struct infra_cache* slab; struct config_file* cfg = config_create(); - uint32_t now = 0; + time_t now = 0; uint8_t edns_lame; int vs, to; struct infra_key* k; diff --git a/testcode/unitmsgparse.c b/testcode/unitmsgparse.c index 434239507..72f9b63a6 100644 --- a/testcode/unitmsgparse.c +++ b/testcode/unitmsgparse.c @@ -258,7 +258,7 @@ checkformerr(ldns_buffer* pkt) /** performance test message encoding */ static void perf_encode(struct query_info* qi, struct reply_info* rep, uint16_t id, - uint16_t flags, ldns_buffer* out, uint32_t timenow, + uint16_t flags, ldns_buffer* out, time_t timenow, struct edns_data* edns) { static int num = 0; @@ -299,7 +299,7 @@ perftestpkt(ldns_buffer* pkt, struct alloc_cache* alloc, ldns_buffer* out, int ret; uint16_t id; uint16_t flags; - uint32_t timenow = 0; + time_t timenow = 0; struct regional* region = regional_create(); struct edns_data edns; diff --git a/testcode/unitneg.c b/testcode/unitneg.c index e18aefc34..686ad0086 100644 --- a/testcode/unitneg.c +++ b/testcode/unitneg.c @@ -195,7 +195,7 @@ static void add_item(struct val_neg_cache* neg) struct packed_rrset_data rd; struct ub_packed_rrset_key nsec; size_t rr_len; - uint32_t rr_ttl; + time_t rr_ttl; uint8_t* rr_data; char* zname = get_random_zone(); char* from, *to; diff --git a/testcode/unitverify.c b/testcode/unitverify.c index d3fbf25f5..d2d268dfd 100644 --- a/testcode/unitverify.c +++ b/testcode/unitverify.c @@ -301,7 +301,7 @@ verifytest_file(const char* fname, const char* at_date) struct entry* list = read_datafile(fname, 1); struct module_env env; struct val_env ve; - uint32_t now = time(NULL); + time_t now = time(NULL); if(!list) fatal_exit("could not read %s: %s", fname, strerror(errno)); @@ -422,7 +422,7 @@ nsec3_hash_test_entry(struct entry* e, rbtree_t* ct, struct query_info qinfo; struct reply_info* rep = NULL; struct ub_packed_rrset_key* answer, *nsec3; - struct nsec3_cached_hash* hash; + struct nsec3_cached_hash* hash = NULL; int ret; uint8_t* qname; diff --git a/testdata/autotrust_revtp_use.rpl b/testdata/autotrust_revtp_use.rpl index a96bf1819..a6ff624ff 100644 --- a/testdata/autotrust_revtp_use.rpl +++ b/testdata/autotrust_revtp_use.rpl @@ -89,7 +89,7 @@ example.com. 10800 IN RRSIG DNSKEY 5 2 10800 20091124111500 20091018111500 16614 ENTRY_END ENTRY_BEGIN -MATCH opcode subdomain +MATCH opcode qname qtype ADJUST copy_id copy_query REPLY QR SECTION QUESTION @@ -97,8 +97,16 @@ www.example.com. IN A SECTION ANSWER www.example.com. IN A 10.20.30.40 ENTRY_END -RANGE_END +ENTRY_BEGIN +MATCH opcode qname qtype +ADJUST copy_id copy_query +REPLY QR +SECTION QUESTION +ns.example.com. IN AAAA +SECTION ANSWER +; no AAAA +ENTRY_END RANGE_END STEP 20 QUERY diff --git a/testdata/nss_compile.tpkg b/testdata/nss_compile.tpkg index 6be7bc46eccd4eddaff2c961aa34c091aa865104..20b778a1e4baeebffe57110a4e9d3c6ffc32fdff 100644 GIT binary patch literal 1055 zc-jFU1mOE0iwFQN3=&cR1MOFBZ`(Ey_Sf=P9F(ALvg*Z-9Ty55pmUOKSXu;2v3?k~ zgqCQFjZ6w8)g)W?-*=SX5aijz+89jyj!aH|p#(qSj8g*KI)eIh?tTQX8rO8ke#(Ox@3WO#UB*xRw8U z-!N^S!iG)oZl`l!{&#kIJGb)R!%qXEr!f8){^$AMfDPY=+gS(S-yj>HWvLPdCSx$6 z8ebniW2{EVg3F8v;HIgqR59`k_#+5{Ffhf%I6zu3oAE2Wd^uNiha9bx8YPS2%KS(w z-~y^P4stp~lLgh9i}B3V>Vy?5D2_fhSfK@{}4%k^(9p=L6w(po)AU4}*1vZEV*WWNK)Ce;+Vx z=mOX{U<@!4kmOP@*qlYLlEBSP-FYvOWuAgv6`Gl{n9W`)rKORI**BYsUL|SO+5=3H zkuvAMGw>7KfL!3ol;?Z(Ig8P)h2gr*HSJ5oi!@E$_Wet4GCb0Jt@FAUc3sYyDx{N*-Lb3=jCq$Osiw7lN(I}xKTfNT)m`3v_x8ubwJ=qq59qTSX`Zy2E}QnH zsZG12XYc1*a(_K4b1|Nc3nm}VHh?chehtS5N5^l!JMH_&VX0M!i-P8MtJz!BgXZAm zWGeUkA8G_HlDtfrC54spyM=}Fn&iv-4gc8dzme;;G<#&4?FZAkzBr}_^0NKNvY67z z>?Ho$SMR?957mFEPM*ZZBlTZ2t^Zn4w;e_8P8;jL-EPm-e_sUOQqA6DNfg&>K=LzF z8t>&8T0uk(m`)V0F7p@$QwG>`1>T>Yl7V8>iVmnjB}ahLV*KxPO=S4i(o0%55tzw z5^b}QNr9xAWXt~d9cB5EIFA8KS`_0CutoBI_uw5xozVI;mD7UfEXcSDH=Y4e6!khC zz-Qd+wr0;>WSE16Gmd-B4n%P$>b5ta^Blq4MyU-|7|Mk#4O92?9+TJmSUkTG zh+Fkvog1djQ~1DqbldHF>)&d{?RovX-Chh)GipWM4Tzq?`D6H>*MAc>eIIUD9ejV2 zY=V}hN*S05gDKUxefUfjjF1Hv6DEM0hPG10$Zz0}APB<16zAgrX+f>=JG^{3H*|*_ zy_6ayi{;AwNGjk0sxdBdIz*QR)tZZO?dqn&4KFuDgz(YKkasqb+6X#jXCCyylLZrj z$OSVw9cmnTyLK~zykO}>qFjKbyoOW?!$rv|Gag~NW^;~^1{ORaE5>Wca4_K-*kzIP zl$-p@LxoFjAR;49NMJL8`JPG<=m{A!b2_Exj2!=R(D!VT0*`Fwnb5gR`=0(RzSDY= zgyCAmA50M%gRf=97%oV-L;<8I>Zn9AHXGby{ut)i(Kyyhy33EeE+A z&(pUR&l3}qzX_S1;}ulpFr$W&w16tc`9io8s3Kp;!(g3Z2Ro|_GIO-Iw+EOA3;}F{ zJYpwU9;pm$)hVkaaDBZRyqC%{&%l;hGgB6|_R=UVja1C;tQNgWvud;pm~^EV_Dq*^C?R+O;_d_6>R(dJlzazHRP>#Z+|{mOH;M_fIa(W)Jm(iY}uEtw(OCv z_vc%3e?2R6FfGP>H9}vsa1%Fg68(+v7bc`8iV8GncVY# zS|MHN z7Y2V!CGfFICw%0e#F$c*X)-_qW2vqZAl8W#OqhfWrrAEjwkN~3gDgisvb;#hv10g# zU#oto5=^70TTR^=GmN0uezkn+5=ieEeR4h{|u4h{|u4h{|u4h{|u4h{|u T4h{|u&w_sdO4V8904M+em80}W diff --git a/testdata/val_cnametonsec.rpl b/testdata/val_cnametonsec.rpl index 9e5490938..282345307 100644 --- a/testdata/val_cnametonsec.rpl +++ b/testdata/val_cnametonsec.rpl @@ -56,11 +56,11 @@ a.gtld-servers.net. IN A 192.5.6.30 ENTRY_END ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id +MATCH opcode subdomain +ADJUST copy_id copy_query REPLY QR NOERROR SECTION QUESTION -www.example.com. IN A +example.com. IN A SECTION AUTHORITY example.com. IN NS ns.example.com. SECTION ADDITIONAL @@ -85,6 +85,36 @@ ns.example.com. IN A 1.2.3.4 ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} ENTRY_END +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +ns.example.com. IN AAAA +SECTION ANSWER +; no NSECs to prove this, not needed in test, but could be there +SECTION AUTHORITY +example.com. IN NS ns.example.com. +example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +ns.example.com. IN A +SECTION ANSWER +ns.example.com. IN A 1.2.3.4 +ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} +SECTION AUTHORITY +example.com. IN NS ns.example.com. +example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} +ENTRY_END + ; response to DNSKEY priming query ENTRY_BEGIN MATCH opcode qtype qname diff --git a/testdata/val_cnametooptin.rpl b/testdata/val_cnametooptin.rpl index 657dcd11e..93853a741 100644 --- a/testdata/val_cnametooptin.rpl +++ b/testdata/val_cnametooptin.rpl @@ -56,11 +56,11 @@ a.gtld-servers.net. IN A 192.5.6.30 ENTRY_END ENTRY_BEGIN -MATCH opcode qtype qname -ADJUST copy_id +MATCH opcode subdomain +ADJUST copy_id copy_query REPLY QR NOERROR SECTION QUESTION -www.example.com. IN A +example.com. IN A SECTION AUTHORITY example.com. IN NS ns.example.com. SECTION ADDITIONAL @@ -85,6 +85,36 @@ ns.example.com. IN A 1.2.3.4 ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} ENTRY_END +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +ns.example.com. IN AAAA +SECTION ANSWER +SECTION AUTHORITY +example.com. IN NS ns.example.com. +example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +ns.example.com. IN A +SECTION ANSWER +ns.example.com. IN A 1.2.3.4 +ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} +SECTION AUTHORITY +example.com. IN NS ns.example.com. +example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} +SECTION ADDITIONAL +ENTRY_END + ; response to DNSKEY priming query ENTRY_BEGIN MATCH opcode qtype qname diff --git a/util/config_file.c b/util/config_file.c index 4dc354186..8a80c4de4 100644 --- a/util/config_file.c +++ b/util/config_file.c @@ -72,6 +72,8 @@ int ub_c_parse(void); int ub_c_lex(void); /** wrap function */ int ub_c_wrap(void); +/** init lex state */ +void init_cfg_parse(void); /** init ports possible for use */ static void init_outgoing_availports(int* array, int num); @@ -377,9 +379,9 @@ int config_set_option(struct config_file* cfg, const char* opt, else S_YNO("prefetch:", prefetch) else S_YNO("prefetch-key:", prefetch_key) else if(strcmp(opt, "cache-max-ttl:") == 0) - { IS_NUMBER_OR_ZERO; cfg->max_ttl = atoi(val); MAX_TTL=cfg->max_ttl;} + { IS_NUMBER_OR_ZERO; cfg->max_ttl = atoi(val); MAX_TTL=(time_t)cfg->max_ttl;} else if(strcmp(opt, "cache-min-ttl:") == 0) - { IS_NUMBER_OR_ZERO; cfg->min_ttl = atoi(val); MIN_TTL=cfg->min_ttl;} + { IS_NUMBER_OR_ZERO; cfg->min_ttl = atoi(val); MIN_TTL=(time_t)cfg->min_ttl;} else S_NUMBER_OR_ZERO("infra-host-ttl:", host_ttl) else S_POW2("infra-cache-slabs:", infra_cache_slabs) else S_SIZET_NONZERO("infra-cache-numhosts:", infra_cache_numhosts) @@ -446,8 +448,10 @@ int config_set_option(struct config_file* cfg, const char* opt, #endif /* val_sig_skew_min and max are copied into val_env during init, * so this does not update val_env with set_option */ - else S_NUMBER_OR_ZERO("val-sig-skew-min:", val_sig_skew_min) - else S_NUMBER_OR_ZERO("val-sig-skew-max:", val_sig_skew_max) + else if(strcmp(opt, "val-sig-skew-min:") == 0) + { IS_NUMBER_OR_ZERO; cfg->val_sig_skew_min = (int32_t)atoi(val); } + else if(strcmp(opt, "val-sig-skew-max:") == 0) + { IS_NUMBER_OR_ZERO; cfg->val_sig_skew_max = (int32_t)atoi(val); } else if (strcmp(opt, "outgoing-interface:") == 0) { char* d = strdup(val); char** oi = (char**)malloc((cfg->num_out_ifs+1)*sizeof(char*)); @@ -728,6 +732,7 @@ create_cfg_parser(struct config_file* cfg, char* filename, const char* chroot) cfg_parser->errors = 0; cfg_parser->cfg = cfg; cfg_parser->chroot = chroot; + init_cfg_parse(); } int @@ -1087,10 +1092,10 @@ cfg_str2list_insert(struct config_str2list** head, char* item, char* i2) return 1; } -uint32_t +time_t cfg_convert_timeval(const char* str) { - uint32_t t; + time_t t; struct tm tm; memset(&tm, 0, sizeof(tm)); if(strlen(str) < 14) @@ -1194,8 +1199,8 @@ cfg_parse_memsize(const char* str, size_t* res) void config_apply(struct config_file* config) { - MAX_TTL = (uint32_t)config->max_ttl; - MIN_TTL = (uint32_t)config->min_ttl; + MAX_TTL = (time_t)config->max_ttl; + MIN_TTL = (time_t)config->min_ttl; EDNS_ADVERTISED_SIZE = (uint16_t)config->edns_buffer_size; #ifdef CLIENT_SUBNET EDNSSUBNET_OPCODE = (uint16_t)config->client_subnet_opcode; diff --git a/util/config_file.h b/util/config_file.h index 245ced814..4eb31f6cf 100644 --- a/util/config_file.h +++ b/util/config_file.h @@ -506,7 +506,7 @@ void config_delstubs(struct config_stub* list); * @param str: string of 14 digits * @return time value or 0 for error. */ -uint32_t cfg_convert_timeval(const char* str); +time_t cfg_convert_timeval(const char* str); /** * Count number of values in the string. diff --git a/util/configlexer.c b/util/configlexer.c index 6f42e2352..d93f0ab16 100644 --- a/util/configlexer.c +++ b/util/configlexer.c @@ -1602,14 +1602,27 @@ struct inc_state { struct inc_state* next; }; static struct inc_state* config_include_stack = NULL; +static int inc_depth = 0; static int inc_prev = 0; static int num_args = 0; +void init_cfg_parse(void) +{ + config_include_stack = NULL; + inc_depth = 0; + inc_prev = 0; + num_args = 0; +} + static void config_start_include(const char* filename) { FILE *input; struct inc_state* s; char* nm; + if(inc_depth++ > 100000) { + ub_c_error_msg("too many include files"); + return; + } if(strlen(filename) == 0) { ub_c_error_msg("empty include file name"); return; @@ -1625,7 +1638,7 @@ static void config_start_include(const char* filename) } nm = strdup(filename); if(!nm) { - ub_c_error_msg("include %s: malloc failure", filename); + ub_c_error_msg("include %s: strdup failure", filename); free(s); return; } @@ -1697,6 +1710,7 @@ static void config_start_include_glob(const char* filename) static void config_end_include(void) { struct inc_state* s = config_include_stack; + --inc_depth; if(!s) return; free(cfg_parser->filename); cfg_parser->filename = s->filename; @@ -1717,7 +1731,7 @@ static void config_end_include(void) #endif #define YY_NO_INPUT 1 -#line 164 "./util/configlexer.lex" +#line 178 "./util/configlexer.lex" #ifndef YY_NO_UNPUT #define YY_NO_UNPUT 1 #endif @@ -1725,7 +1739,7 @@ static void config_end_include(void) #define YY_NO_INPUT 1 #endif -#line 1727 "" +#line 1741 "" #define INITIAL 0 #define quotedstring 1 @@ -1915,9 +1929,9 @@ YY_DECL register char *yy_cp, *yy_bp; register int yy_act; -#line 184 "./util/configlexer.lex" +#line 198 "./util/configlexer.lex" -#line 1919 "" +#line 1933 "" if ( !(yy_init) ) { @@ -2008,652 +2022,652 @@ do_action: /* This label is used only to access EOF actions. */ case 1: YY_RULE_SETUP -#line 185 "./util/configlexer.lex" +#line 199 "./util/configlexer.lex" { LEXOUT(("SP ")); /* ignore */ } YY_BREAK case 2: YY_RULE_SETUP -#line 187 "./util/configlexer.lex" +#line 201 "./util/configlexer.lex" { /* note that flex makes the longest match and '.' is any but not nl */ LEXOUT(("comment(%s) ", yytext)); /* ignore */ } YY_BREAK case 3: YY_RULE_SETUP -#line 190 "./util/configlexer.lex" +#line 204 "./util/configlexer.lex" { YDVAR(0, VAR_SERVER) } YY_BREAK case 4: YY_RULE_SETUP -#line 191 "./util/configlexer.lex" +#line 205 "./util/configlexer.lex" { YDVAR(1, VAR_NUM_THREADS) } YY_BREAK case 5: YY_RULE_SETUP -#line 192 "./util/configlexer.lex" +#line 206 "./util/configlexer.lex" { YDVAR(1, VAR_VERBOSITY) } YY_BREAK case 6: YY_RULE_SETUP -#line 193 "./util/configlexer.lex" +#line 207 "./util/configlexer.lex" { YDVAR(1, VAR_PORT) } YY_BREAK case 7: YY_RULE_SETUP -#line 194 "./util/configlexer.lex" +#line 208 "./util/configlexer.lex" { YDVAR(1, VAR_OUTGOING_RANGE) } YY_BREAK case 8: YY_RULE_SETUP -#line 195 "./util/configlexer.lex" +#line 209 "./util/configlexer.lex" { YDVAR(1, VAR_OUTGOING_PORT_PERMIT) } YY_BREAK case 9: YY_RULE_SETUP -#line 196 "./util/configlexer.lex" +#line 210 "./util/configlexer.lex" { YDVAR(1, VAR_OUTGOING_PORT_AVOID) } YY_BREAK case 10: YY_RULE_SETUP -#line 197 "./util/configlexer.lex" +#line 211 "./util/configlexer.lex" { YDVAR(1, VAR_OUTGOING_NUM_TCP) } YY_BREAK case 11: YY_RULE_SETUP -#line 198 "./util/configlexer.lex" +#line 212 "./util/configlexer.lex" { YDVAR(1, VAR_INCOMING_NUM_TCP) } YY_BREAK case 12: YY_RULE_SETUP -#line 199 "./util/configlexer.lex" +#line 213 "./util/configlexer.lex" { YDVAR(1, VAR_DO_IP4) } YY_BREAK case 13: YY_RULE_SETUP -#line 200 "./util/configlexer.lex" +#line 214 "./util/configlexer.lex" { YDVAR(1, VAR_DO_IP6) } YY_BREAK case 14: YY_RULE_SETUP -#line 201 "./util/configlexer.lex" +#line 215 "./util/configlexer.lex" { YDVAR(1, VAR_DO_UDP) } YY_BREAK case 15: YY_RULE_SETUP -#line 202 "./util/configlexer.lex" +#line 216 "./util/configlexer.lex" { YDVAR(1, VAR_DO_TCP) } YY_BREAK case 16: YY_RULE_SETUP -#line 203 "./util/configlexer.lex" +#line 217 "./util/configlexer.lex" { YDVAR(1, VAR_TCP_UPSTREAM) } YY_BREAK case 17: YY_RULE_SETUP -#line 204 "./util/configlexer.lex" +#line 218 "./util/configlexer.lex" { YDVAR(1, VAR_SSL_UPSTREAM) } YY_BREAK case 18: YY_RULE_SETUP -#line 205 "./util/configlexer.lex" +#line 219 "./util/configlexer.lex" { YDVAR(1, VAR_SSL_SERVICE_KEY) } YY_BREAK case 19: YY_RULE_SETUP -#line 206 "./util/configlexer.lex" +#line 220 "./util/configlexer.lex" { YDVAR(1, VAR_SSL_SERVICE_PEM) } YY_BREAK case 20: YY_RULE_SETUP -#line 207 "./util/configlexer.lex" +#line 221 "./util/configlexer.lex" { YDVAR(1, VAR_SSL_PORT) } YY_BREAK case 21: YY_RULE_SETUP -#line 208 "./util/configlexer.lex" +#line 222 "./util/configlexer.lex" { YDVAR(1, VAR_DO_DAEMONIZE) } YY_BREAK case 22: YY_RULE_SETUP -#line 209 "./util/configlexer.lex" +#line 223 "./util/configlexer.lex" { YDVAR(1, VAR_INTERFACE) } YY_BREAK case 23: YY_RULE_SETUP -#line 210 "./util/configlexer.lex" +#line 224 "./util/configlexer.lex" { YDVAR(1, VAR_OUTGOING_INTERFACE) } YY_BREAK case 24: YY_RULE_SETUP -#line 211 "./util/configlexer.lex" +#line 225 "./util/configlexer.lex" { YDVAR(1, VAR_INTERFACE_AUTOMATIC) } YY_BREAK case 25: YY_RULE_SETUP -#line 212 "./util/configlexer.lex" +#line 226 "./util/configlexer.lex" { YDVAR(1, VAR_SO_RCVBUF) } YY_BREAK case 26: YY_RULE_SETUP -#line 213 "./util/configlexer.lex" +#line 227 "./util/configlexer.lex" { YDVAR(1, VAR_SO_SNDBUF) } YY_BREAK case 27: YY_RULE_SETUP -#line 214 "./util/configlexer.lex" +#line 228 "./util/configlexer.lex" { YDVAR(1, VAR_CHROOT) } YY_BREAK case 28: YY_RULE_SETUP -#line 215 "./util/configlexer.lex" +#line 229 "./util/configlexer.lex" { YDVAR(1, VAR_USERNAME) } YY_BREAK case 29: YY_RULE_SETUP -#line 216 "./util/configlexer.lex" +#line 230 "./util/configlexer.lex" { YDVAR(1, VAR_DIRECTORY) } YY_BREAK case 30: YY_RULE_SETUP -#line 217 "./util/configlexer.lex" +#line 231 "./util/configlexer.lex" { YDVAR(1, VAR_LOGFILE) } YY_BREAK case 31: YY_RULE_SETUP -#line 218 "./util/configlexer.lex" +#line 232 "./util/configlexer.lex" { YDVAR(1, VAR_PIDFILE) } YY_BREAK case 32: YY_RULE_SETUP -#line 219 "./util/configlexer.lex" +#line 233 "./util/configlexer.lex" { YDVAR(1, VAR_ROOT_HINTS) } YY_BREAK case 33: YY_RULE_SETUP -#line 220 "./util/configlexer.lex" +#line 234 "./util/configlexer.lex" { YDVAR(1, VAR_EDNS_BUFFER_SIZE) } YY_BREAK case 34: YY_RULE_SETUP -#line 221 "./util/configlexer.lex" +#line 235 "./util/configlexer.lex" { YDVAR(1, VAR_MSG_BUFFER_SIZE) } YY_BREAK case 35: YY_RULE_SETUP -#line 222 "./util/configlexer.lex" +#line 236 "./util/configlexer.lex" { YDVAR(1, VAR_MSG_CACHE_SIZE) } YY_BREAK case 36: YY_RULE_SETUP -#line 223 "./util/configlexer.lex" +#line 237 "./util/configlexer.lex" { YDVAR(1, VAR_MSG_CACHE_SLABS) } YY_BREAK case 37: YY_RULE_SETUP -#line 224 "./util/configlexer.lex" +#line 238 "./util/configlexer.lex" { YDVAR(1, VAR_RRSET_CACHE_SIZE) } YY_BREAK case 38: YY_RULE_SETUP -#line 225 "./util/configlexer.lex" +#line 239 "./util/configlexer.lex" { YDVAR(1, VAR_RRSET_CACHE_SLABS) } YY_BREAK case 39: YY_RULE_SETUP -#line 226 "./util/configlexer.lex" +#line 240 "./util/configlexer.lex" { YDVAR(1, VAR_CACHE_MAX_TTL) } YY_BREAK case 40: YY_RULE_SETUP -#line 227 "./util/configlexer.lex" +#line 241 "./util/configlexer.lex" { YDVAR(1, VAR_CACHE_MIN_TTL) } YY_BREAK case 41: YY_RULE_SETUP -#line 228 "./util/configlexer.lex" +#line 242 "./util/configlexer.lex" { YDVAR(1, VAR_INFRA_HOST_TTL) } YY_BREAK case 42: YY_RULE_SETUP -#line 229 "./util/configlexer.lex" +#line 243 "./util/configlexer.lex" { YDVAR(1, VAR_INFRA_LAME_TTL) } YY_BREAK case 43: YY_RULE_SETUP -#line 230 "./util/configlexer.lex" +#line 244 "./util/configlexer.lex" { YDVAR(1, VAR_INFRA_CACHE_SLABS) } YY_BREAK case 44: YY_RULE_SETUP -#line 231 "./util/configlexer.lex" +#line 245 "./util/configlexer.lex" { YDVAR(1, VAR_INFRA_CACHE_NUMHOSTS) } YY_BREAK case 45: YY_RULE_SETUP -#line 232 "./util/configlexer.lex" +#line 246 "./util/configlexer.lex" { YDVAR(1, VAR_INFRA_CACHE_LAME_SIZE) } YY_BREAK case 46: YY_RULE_SETUP -#line 233 "./util/configlexer.lex" +#line 247 "./util/configlexer.lex" { YDVAR(1, VAR_NUM_QUERIES_PER_THREAD) } YY_BREAK case 47: YY_RULE_SETUP -#line 234 "./util/configlexer.lex" +#line 248 "./util/configlexer.lex" { YDVAR(1, VAR_JOSTLE_TIMEOUT) } YY_BREAK case 48: YY_RULE_SETUP -#line 235 "./util/configlexer.lex" +#line 249 "./util/configlexer.lex" { YDVAR(1, VAR_TARGET_FETCH_POLICY) } YY_BREAK case 49: YY_RULE_SETUP -#line 236 "./util/configlexer.lex" +#line 250 "./util/configlexer.lex" { YDVAR(1, VAR_HARDEN_SHORT_BUFSIZE) } YY_BREAK case 50: YY_RULE_SETUP -#line 237 "./util/configlexer.lex" +#line 251 "./util/configlexer.lex" { YDVAR(1, VAR_HARDEN_LARGE_QUERIES) } YY_BREAK case 51: YY_RULE_SETUP -#line 238 "./util/configlexer.lex" +#line 252 "./util/configlexer.lex" { YDVAR(1, VAR_HARDEN_GLUE) } YY_BREAK case 52: YY_RULE_SETUP -#line 239 "./util/configlexer.lex" +#line 253 "./util/configlexer.lex" { YDVAR(1, VAR_HARDEN_DNSSEC_STRIPPED) } YY_BREAK case 53: YY_RULE_SETUP -#line 240 "./util/configlexer.lex" +#line 254 "./util/configlexer.lex" { YDVAR(1, VAR_HARDEN_BELOW_NXDOMAIN) } YY_BREAK case 54: YY_RULE_SETUP -#line 241 "./util/configlexer.lex" +#line 255 "./util/configlexer.lex" { YDVAR(1, VAR_HARDEN_REFERRAL_PATH) } YY_BREAK case 55: YY_RULE_SETUP -#line 242 "./util/configlexer.lex" +#line 256 "./util/configlexer.lex" { YDVAR(1, VAR_USE_CAPS_FOR_ID) } YY_BREAK case 56: YY_RULE_SETUP -#line 243 "./util/configlexer.lex" +#line 257 "./util/configlexer.lex" { YDVAR(1, VAR_UNWANTED_REPLY_THRESHOLD) } YY_BREAK case 57: YY_RULE_SETUP -#line 244 "./util/configlexer.lex" +#line 258 "./util/configlexer.lex" { YDVAR(1, VAR_PRIVATE_ADDRESS) } YY_BREAK case 58: YY_RULE_SETUP -#line 245 "./util/configlexer.lex" +#line 259 "./util/configlexer.lex" { YDVAR(1, VAR_PRIVATE_DOMAIN) } YY_BREAK case 59: YY_RULE_SETUP -#line 246 "./util/configlexer.lex" +#line 260 "./util/configlexer.lex" { YDVAR(1, VAR_PREFETCH_KEY) } YY_BREAK case 60: YY_RULE_SETUP -#line 247 "./util/configlexer.lex" +#line 261 "./util/configlexer.lex" { YDVAR(1, VAR_PREFETCH) } YY_BREAK case 61: YY_RULE_SETUP -#line 248 "./util/configlexer.lex" +#line 262 "./util/configlexer.lex" { YDVAR(0, VAR_STUB_ZONE) } YY_BREAK case 62: YY_RULE_SETUP -#line 249 "./util/configlexer.lex" +#line 263 "./util/configlexer.lex" { YDVAR(1, VAR_NAME) } YY_BREAK case 63: YY_RULE_SETUP -#line 250 "./util/configlexer.lex" +#line 264 "./util/configlexer.lex" { YDVAR(1, VAR_STUB_ADDR) } YY_BREAK case 64: YY_RULE_SETUP -#line 251 "./util/configlexer.lex" +#line 265 "./util/configlexer.lex" { YDVAR(1, VAR_STUB_HOST) } YY_BREAK case 65: YY_RULE_SETUP -#line 252 "./util/configlexer.lex" +#line 266 "./util/configlexer.lex" { YDVAR(1, VAR_STUB_PRIME) } YY_BREAK case 66: YY_RULE_SETUP -#line 253 "./util/configlexer.lex" +#line 267 "./util/configlexer.lex" { YDVAR(1, VAR_STUB_FIRST) } YY_BREAK case 67: YY_RULE_SETUP -#line 254 "./util/configlexer.lex" +#line 268 "./util/configlexer.lex" { YDVAR(0, VAR_FORWARD_ZONE) } YY_BREAK case 68: YY_RULE_SETUP -#line 255 "./util/configlexer.lex" +#line 269 "./util/configlexer.lex" { YDVAR(1, VAR_FORWARD_ADDR) } YY_BREAK case 69: YY_RULE_SETUP -#line 256 "./util/configlexer.lex" +#line 270 "./util/configlexer.lex" { YDVAR(1, VAR_FORWARD_HOST) } YY_BREAK case 70: YY_RULE_SETUP -#line 257 "./util/configlexer.lex" +#line 271 "./util/configlexer.lex" { YDVAR(1, VAR_FORWARD_FIRST) } YY_BREAK case 71: YY_RULE_SETUP -#line 258 "./util/configlexer.lex" +#line 272 "./util/configlexer.lex" { YDVAR(1, VAR_DO_NOT_QUERY_ADDRESS) } YY_BREAK case 72: YY_RULE_SETUP -#line 259 "./util/configlexer.lex" +#line 273 "./util/configlexer.lex" { YDVAR(1, VAR_DO_NOT_QUERY_LOCALHOST) } YY_BREAK case 73: YY_RULE_SETUP -#line 260 "./util/configlexer.lex" +#line 274 "./util/configlexer.lex" { YDVAR(2, VAR_ACCESS_CONTROL) } YY_BREAK case 74: YY_RULE_SETUP -#line 261 "./util/configlexer.lex" +#line 275 "./util/configlexer.lex" { YDVAR(1, VAR_SEND_CLIENT_SUBNET) } YY_BREAK case 75: YY_RULE_SETUP -#line 262 "./util/configlexer.lex" +#line 276 "./util/configlexer.lex" { YDVAR(1, VAR_CLIENT_SUBNET_OPCODE) } YY_BREAK case 76: YY_RULE_SETUP -#line 263 "./util/configlexer.lex" +#line 277 "./util/configlexer.lex" { YDVAR(1, VAR_MAX_CLIENT_SUBNET_IPV4) } YY_BREAK case 77: YY_RULE_SETUP -#line 264 "./util/configlexer.lex" +#line 278 "./util/configlexer.lex" { YDVAR(1, VAR_MAX_CLIENT_SUBNET_IPV6) } YY_BREAK case 78: YY_RULE_SETUP -#line 265 "./util/configlexer.lex" +#line 279 "./util/configlexer.lex" { YDVAR(1, VAR_HIDE_IDENTITY) } YY_BREAK case 79: YY_RULE_SETUP -#line 266 "./util/configlexer.lex" +#line 280 "./util/configlexer.lex" { YDVAR(1, VAR_HIDE_VERSION) } YY_BREAK case 80: YY_RULE_SETUP -#line 267 "./util/configlexer.lex" +#line 281 "./util/configlexer.lex" { YDVAR(1, VAR_IDENTITY) } YY_BREAK case 81: YY_RULE_SETUP -#line 268 "./util/configlexer.lex" +#line 282 "./util/configlexer.lex" { YDVAR(1, VAR_VERSION) } YY_BREAK case 82: YY_RULE_SETUP -#line 269 "./util/configlexer.lex" +#line 283 "./util/configlexer.lex" { YDVAR(1, VAR_MODULE_CONF) } YY_BREAK case 83: YY_RULE_SETUP -#line 270 "./util/configlexer.lex" +#line 284 "./util/configlexer.lex" { YDVAR(1, VAR_DLV_ANCHOR) } YY_BREAK case 84: YY_RULE_SETUP -#line 271 "./util/configlexer.lex" +#line 285 "./util/configlexer.lex" { YDVAR(1, VAR_DLV_ANCHOR_FILE) } YY_BREAK case 85: YY_RULE_SETUP -#line 272 "./util/configlexer.lex" +#line 286 "./util/configlexer.lex" { YDVAR(1, VAR_TRUST_ANCHOR_FILE) } YY_BREAK case 86: YY_RULE_SETUP -#line 273 "./util/configlexer.lex" +#line 287 "./util/configlexer.lex" { YDVAR(1, VAR_AUTO_TRUST_ANCHOR_FILE) } YY_BREAK case 87: YY_RULE_SETUP -#line 274 "./util/configlexer.lex" +#line 288 "./util/configlexer.lex" { YDVAR(1, VAR_TRUSTED_KEYS_FILE) } YY_BREAK case 88: YY_RULE_SETUP -#line 275 "./util/configlexer.lex" +#line 289 "./util/configlexer.lex" { YDVAR(1, VAR_TRUST_ANCHOR) } YY_BREAK case 89: YY_RULE_SETUP -#line 276 "./util/configlexer.lex" +#line 290 "./util/configlexer.lex" { YDVAR(1, VAR_VAL_OVERRIDE_DATE) } YY_BREAK case 90: YY_RULE_SETUP -#line 277 "./util/configlexer.lex" +#line 291 "./util/configlexer.lex" { YDVAR(1, VAR_VAL_SIG_SKEW_MIN) } YY_BREAK case 91: YY_RULE_SETUP -#line 278 "./util/configlexer.lex" +#line 292 "./util/configlexer.lex" { YDVAR(1, VAR_VAL_SIG_SKEW_MAX) } YY_BREAK case 92: YY_RULE_SETUP -#line 279 "./util/configlexer.lex" +#line 293 "./util/configlexer.lex" { YDVAR(1, VAR_BOGUS_TTL) } YY_BREAK case 93: YY_RULE_SETUP -#line 280 "./util/configlexer.lex" +#line 294 "./util/configlexer.lex" { YDVAR(1, VAR_VAL_CLEAN_ADDITIONAL) } YY_BREAK case 94: YY_RULE_SETUP -#line 281 "./util/configlexer.lex" +#line 295 "./util/configlexer.lex" { YDVAR(1, VAR_VAL_PERMISSIVE_MODE) } YY_BREAK case 95: YY_RULE_SETUP -#line 282 "./util/configlexer.lex" +#line 296 "./util/configlexer.lex" { YDVAR(1, VAR_IGNORE_CD_FLAG) } YY_BREAK case 96: YY_RULE_SETUP -#line 283 "./util/configlexer.lex" +#line 297 "./util/configlexer.lex" { YDVAR(1, VAR_VAL_LOG_LEVEL) } YY_BREAK case 97: YY_RULE_SETUP -#line 284 "./util/configlexer.lex" +#line 298 "./util/configlexer.lex" { YDVAR(1, VAR_KEY_CACHE_SIZE) } YY_BREAK case 98: YY_RULE_SETUP -#line 285 "./util/configlexer.lex" +#line 299 "./util/configlexer.lex" { YDVAR(1, VAR_KEY_CACHE_SLABS) } YY_BREAK case 99: YY_RULE_SETUP -#line 286 "./util/configlexer.lex" +#line 300 "./util/configlexer.lex" { YDVAR(1, VAR_NEG_CACHE_SIZE) } YY_BREAK case 100: YY_RULE_SETUP -#line 287 "./util/configlexer.lex" +#line 301 "./util/configlexer.lex" { YDVAR(1, VAR_VAL_NSEC3_KEYSIZE_ITERATIONS) } YY_BREAK case 101: YY_RULE_SETUP -#line 289 "./util/configlexer.lex" +#line 303 "./util/configlexer.lex" { YDVAR(1, VAR_ADD_HOLDDOWN) } YY_BREAK case 102: YY_RULE_SETUP -#line 290 "./util/configlexer.lex" +#line 304 "./util/configlexer.lex" { YDVAR(1, VAR_DEL_HOLDDOWN) } YY_BREAK case 103: YY_RULE_SETUP -#line 291 "./util/configlexer.lex" +#line 305 "./util/configlexer.lex" { YDVAR(1, VAR_KEEP_MISSING) } YY_BREAK case 104: YY_RULE_SETUP -#line 292 "./util/configlexer.lex" +#line 306 "./util/configlexer.lex" { YDVAR(1, VAR_USE_SYSLOG) } YY_BREAK case 105: YY_RULE_SETUP -#line 293 "./util/configlexer.lex" +#line 307 "./util/configlexer.lex" { YDVAR(1, VAR_LOG_TIME_ASCII) } YY_BREAK case 106: YY_RULE_SETUP -#line 294 "./util/configlexer.lex" +#line 308 "./util/configlexer.lex" { YDVAR(1, VAR_LOG_QUERIES) } YY_BREAK case 107: YY_RULE_SETUP -#line 295 "./util/configlexer.lex" +#line 309 "./util/configlexer.lex" { YDVAR(2, VAR_LOCAL_ZONE) } YY_BREAK case 108: YY_RULE_SETUP -#line 296 "./util/configlexer.lex" +#line 310 "./util/configlexer.lex" { YDVAR(1, VAR_LOCAL_DATA) } YY_BREAK case 109: YY_RULE_SETUP -#line 297 "./util/configlexer.lex" +#line 311 "./util/configlexer.lex" { YDVAR(1, VAR_LOCAL_DATA_PTR) } YY_BREAK case 110: YY_RULE_SETUP -#line 298 "./util/configlexer.lex" +#line 312 "./util/configlexer.lex" { YDVAR(1, VAR_STATISTICS_INTERVAL) } YY_BREAK case 111: YY_RULE_SETUP -#line 299 "./util/configlexer.lex" +#line 313 "./util/configlexer.lex" { YDVAR(1, VAR_STATISTICS_CUMULATIVE) } YY_BREAK case 112: YY_RULE_SETUP -#line 300 "./util/configlexer.lex" +#line 314 "./util/configlexer.lex" { YDVAR(1, VAR_EXTENDED_STATISTICS) } YY_BREAK case 113: YY_RULE_SETUP -#line 301 "./util/configlexer.lex" +#line 315 "./util/configlexer.lex" { YDVAR(0, VAR_REMOTE_CONTROL) } YY_BREAK case 114: YY_RULE_SETUP -#line 302 "./util/configlexer.lex" +#line 316 "./util/configlexer.lex" { YDVAR(1, VAR_CONTROL_ENABLE) } YY_BREAK case 115: YY_RULE_SETUP -#line 303 "./util/configlexer.lex" +#line 317 "./util/configlexer.lex" { YDVAR(1, VAR_CONTROL_INTERFACE) } YY_BREAK case 116: YY_RULE_SETUP -#line 304 "./util/configlexer.lex" +#line 318 "./util/configlexer.lex" { YDVAR(1, VAR_CONTROL_PORT) } YY_BREAK case 117: YY_RULE_SETUP -#line 305 "./util/configlexer.lex" +#line 319 "./util/configlexer.lex" { YDVAR(1, VAR_SERVER_KEY_FILE) } YY_BREAK case 118: YY_RULE_SETUP -#line 306 "./util/configlexer.lex" +#line 320 "./util/configlexer.lex" { YDVAR(1, VAR_SERVER_CERT_FILE) } YY_BREAK case 119: YY_RULE_SETUP -#line 307 "./util/configlexer.lex" +#line 321 "./util/configlexer.lex" { YDVAR(1, VAR_CONTROL_KEY_FILE) } YY_BREAK case 120: YY_RULE_SETUP -#line 308 "./util/configlexer.lex" +#line 322 "./util/configlexer.lex" { YDVAR(1, VAR_CONTROL_CERT_FILE) } YY_BREAK case 121: YY_RULE_SETUP -#line 309 "./util/configlexer.lex" +#line 323 "./util/configlexer.lex" { YDVAR(1, VAR_PYTHON_SCRIPT) } YY_BREAK case 122: YY_RULE_SETUP -#line 310 "./util/configlexer.lex" +#line 324 "./util/configlexer.lex" { YDVAR(0, VAR_PYTHON) } YY_BREAK case 123: YY_RULE_SETUP -#line 311 "./util/configlexer.lex" +#line 325 "./util/configlexer.lex" { YDVAR(1, VAR_DOMAIN_INSECURE) } YY_BREAK case 124: YY_RULE_SETUP -#line 312 "./util/configlexer.lex" +#line 326 "./util/configlexer.lex" { YDVAR(1, VAR_MINIMAL_RESPONSES) } YY_BREAK case 125: YY_RULE_SETUP -#line 313 "./util/configlexer.lex" +#line 327 "./util/configlexer.lex" { YDVAR(1, VAR_RRSET_ROUNDROBIN) } YY_BREAK case 126: YY_RULE_SETUP -#line 314 "./util/configlexer.lex" +#line 328 "./util/configlexer.lex" { YDVAR(1, VAR_MAX_UDP_SIZE) } YY_BREAK case 127: /* rule 127 can match eol */ YY_RULE_SETUP -#line 315 "./util/configlexer.lex" +#line 329 "./util/configlexer.lex" { LEXOUT(("NL\n")); cfg_parser->line++; } YY_BREAK /* Quoted strings. Strip leading and ending quotes */ case 128: YY_RULE_SETUP -#line 318 "./util/configlexer.lex" +#line 332 "./util/configlexer.lex" { BEGIN(quotedstring); LEXOUT(("QS ")); } YY_BREAK case YY_STATE_EOF(quotedstring): -#line 319 "./util/configlexer.lex" +#line 333 "./util/configlexer.lex" { yyerror("EOF inside quoted string"); if(--num_args == 0) { BEGIN(INITIAL); } @@ -2662,19 +2676,19 @@ case YY_STATE_EOF(quotedstring): YY_BREAK case 129: YY_RULE_SETUP -#line 324 "./util/configlexer.lex" +#line 338 "./util/configlexer.lex" { LEXOUT(("STR(%s) ", yytext)); yymore(); } YY_BREAK case 130: /* rule 130 can match eol */ YY_RULE_SETUP -#line 325 "./util/configlexer.lex" +#line 339 "./util/configlexer.lex" { yyerror("newline inside quoted string, no end \""); cfg_parser->line++; BEGIN(INITIAL); } YY_BREAK case 131: YY_RULE_SETUP -#line 327 "./util/configlexer.lex" +#line 341 "./util/configlexer.lex" { LEXOUT(("QE ")); if(--num_args == 0) { BEGIN(INITIAL); } @@ -2689,11 +2703,11 @@ YY_RULE_SETUP /* Single Quoted strings. Strip leading and ending quotes */ case 132: YY_RULE_SETUP -#line 339 "./util/configlexer.lex" +#line 353 "./util/configlexer.lex" { BEGIN(singlequotedstr); LEXOUT(("SQS ")); } YY_BREAK case YY_STATE_EOF(singlequotedstr): -#line 340 "./util/configlexer.lex" +#line 354 "./util/configlexer.lex" { yyerror("EOF inside quoted string"); if(--num_args == 0) { BEGIN(INITIAL); } @@ -2702,19 +2716,19 @@ case YY_STATE_EOF(singlequotedstr): YY_BREAK case 133: YY_RULE_SETUP -#line 345 "./util/configlexer.lex" +#line 359 "./util/configlexer.lex" { LEXOUT(("STR(%s) ", yytext)); yymore(); } YY_BREAK case 134: /* rule 134 can match eol */ YY_RULE_SETUP -#line 346 "./util/configlexer.lex" +#line 360 "./util/configlexer.lex" { yyerror("newline inside quoted string, no end '"); cfg_parser->line++; BEGIN(INITIAL); } YY_BREAK case 135: YY_RULE_SETUP -#line 348 "./util/configlexer.lex" +#line 362 "./util/configlexer.lex" { LEXOUT(("SQE ")); if(--num_args == 0) { BEGIN(INITIAL); } @@ -2729,12 +2743,12 @@ YY_RULE_SETUP /* include: directive */ case 136: YY_RULE_SETUP -#line 360 "./util/configlexer.lex" +#line 374 "./util/configlexer.lex" { LEXOUT(("v(%s) ", yytext)); inc_prev = YYSTATE; BEGIN(include); } YY_BREAK case YY_STATE_EOF(include): -#line 362 "./util/configlexer.lex" +#line 376 "./util/configlexer.lex" { yyerror("EOF inside include directive"); BEGIN(inc_prev); @@ -2742,23 +2756,23 @@ case YY_STATE_EOF(include): YY_BREAK case 137: YY_RULE_SETUP -#line 366 "./util/configlexer.lex" +#line 380 "./util/configlexer.lex" { LEXOUT(("ISP ")); /* ignore */ } YY_BREAK case 138: /* rule 138 can match eol */ YY_RULE_SETUP -#line 367 "./util/configlexer.lex" +#line 381 "./util/configlexer.lex" { LEXOUT(("NL\n")); cfg_parser->line++;} YY_BREAK case 139: YY_RULE_SETUP -#line 368 "./util/configlexer.lex" +#line 382 "./util/configlexer.lex" { LEXOUT(("IQS ")); BEGIN(include_quoted); } YY_BREAK case 140: YY_RULE_SETUP -#line 369 "./util/configlexer.lex" +#line 383 "./util/configlexer.lex" { LEXOUT(("Iunquotedstr(%s) ", yytext)); config_start_include_glob(yytext); @@ -2766,7 +2780,7 @@ YY_RULE_SETUP } YY_BREAK case YY_STATE_EOF(include_quoted): -#line 374 "./util/configlexer.lex" +#line 388 "./util/configlexer.lex" { yyerror("EOF inside quoted string"); BEGIN(inc_prev); @@ -2774,19 +2788,19 @@ case YY_STATE_EOF(include_quoted): YY_BREAK case 141: YY_RULE_SETUP -#line 378 "./util/configlexer.lex" +#line 392 "./util/configlexer.lex" { LEXOUT(("ISTR(%s) ", yytext)); yymore(); } YY_BREAK case 142: /* rule 142 can match eol */ YY_RULE_SETUP -#line 379 "./util/configlexer.lex" +#line 393 "./util/configlexer.lex" { yyerror("newline before \" in include name"); cfg_parser->line++; BEGIN(inc_prev); } YY_BREAK case 143: YY_RULE_SETUP -#line 381 "./util/configlexer.lex" +#line 395 "./util/configlexer.lex" { LEXOUT(("IQE ")); yytext[yyleng - 1] = '\0'; @@ -2796,7 +2810,7 @@ YY_RULE_SETUP YY_BREAK case YY_STATE_EOF(INITIAL): case YY_STATE_EOF(val): -#line 387 "./util/configlexer.lex" +#line 401 "./util/configlexer.lex" { LEXOUT(("LEXEOF ")); yy_set_bol(1); /* Set beginning of line, so "^" rules match. */ @@ -2810,31 +2824,31 @@ case YY_STATE_EOF(val): YY_BREAK case 144: YY_RULE_SETUP -#line 398 "./util/configlexer.lex" +#line 412 "./util/configlexer.lex" { LEXOUT(("unquotedstr(%s) ", yytext)); if(--num_args == 0) { BEGIN(INITIAL); } yylval.str = strdup(yytext); return STRING_ARG; } YY_BREAK case 145: YY_RULE_SETUP -#line 402 "./util/configlexer.lex" +#line 416 "./util/configlexer.lex" { ub_c_error_msg("unknown keyword '%s'", yytext); } YY_BREAK case 146: YY_RULE_SETUP -#line 406 "./util/configlexer.lex" +#line 420 "./util/configlexer.lex" { ub_c_error_msg("stray '%s'", yytext); } YY_BREAK case 147: YY_RULE_SETUP -#line 410 "./util/configlexer.lex" +#line 424 "./util/configlexer.lex" ECHO; YY_BREAK -#line 2836 "" +#line 2850 "" case YY_END_OF_BUFFER: { @@ -3793,7 +3807,7 @@ void yyfree (void * ptr ) #define YYTABLES_NAME "yytables" -#line 410 "./util/configlexer.lex" +#line 424 "./util/configlexer.lex" diff --git a/util/configlexer.lex b/util/configlexer.lex index 1e9e9f309..2b575f22b 100644 --- a/util/configlexer.lex +++ b/util/configlexer.lex @@ -43,14 +43,27 @@ struct inc_state { struct inc_state* next; }; static struct inc_state* config_include_stack = NULL; +static int inc_depth = 0; static int inc_prev = 0; static int num_args = 0; +void init_cfg_parse(void) +{ + config_include_stack = NULL; + inc_depth = 0; + inc_prev = 0; + num_args = 0; +} + static void config_start_include(const char* filename) { FILE *input; struct inc_state* s; char* nm; + if(inc_depth++ > 100000) { + ub_c_error_msg("too many include files"); + return; + } if(strlen(filename) == 0) { ub_c_error_msg("empty include file name"); return; @@ -66,7 +79,7 @@ static void config_start_include(const char* filename) } nm = strdup(filename); if(!nm) { - ub_c_error_msg("include %s: malloc failure", filename); + ub_c_error_msg("include %s: strdup failure", filename); free(s); return; } @@ -138,6 +151,7 @@ static void config_start_include_glob(const char* filename) static void config_end_include(void) { struct inc_state* s = config_include_stack; + --inc_depth; if(!s) return; free(cfg_parser->filename); cfg_parser->filename = s->filename; diff --git a/util/configparser.c b/util/configparser.c index d0ec5107f..88aa96e02 100644 --- a/util/configparser.c +++ b/util/configparser.c @@ -857,10 +857,10 @@ static const yytype_uint16 yyrline[] = 861, 871, 878, 885, 894, 903, 912, 919, 929, 943, 950, 968, 981, 994, 1003, 1012, 1021, 1031, 1041, 1050, 1059, 1066, 1075, 1084, 1093, 1101, 1114, 1122, 1144, 1151, - 1166, 1176, 1186, 1192, 1202, 1209, 1216, 1225, 1235, 1245, - 1252, 1259, 1268, 1273, 1274, 1275, 1275, 1275, 1276, 1276, - 1276, 1277, 1279, 1289, 1298, 1305, 1312, 1319, 1326, 1333, - 1338, 1339, 1340, 1342 + 1166, 1176, 1186, 1193, 1203, 1210, 1217, 1226, 1236, 1246, + 1253, 1260, 1269, 1274, 1275, 1276, 1276, 1276, 1277, 1277, + 1277, 1278, 1280, 1290, 1299, 1306, 1313, 1320, 1327, 1334, + 1339, 1340, 1341, 1343 }; #endif @@ -3418,12 +3418,13 @@ yyreduce: { OUTYY(("P(server_max_udp_size:%s)\n", (yyvsp[(2) - (2)].str))); cfg_parser->cfg->max_udp_size = atoi((yyvsp[(2) - (2)].str)); + free((yyvsp[(2) - (2)].str)); } break; case 233: /* Line 1787 of yacc.c */ -#line 1193 "./util/configparser.y" +#line 1194 "./util/configparser.y" { OUTYY(("P(name:%s)\n", (yyvsp[(2) - (2)].str))); if(cfg_parser->cfg->stubs->name) @@ -3436,7 +3437,7 @@ yyreduce: case 234: /* Line 1787 of yacc.c */ -#line 1203 "./util/configparser.y" +#line 1204 "./util/configparser.y" { OUTYY(("P(stub-host:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->hosts, (yyvsp[(2) - (2)].str))) @@ -3446,7 +3447,7 @@ yyreduce: case 235: /* Line 1787 of yacc.c */ -#line 1210 "./util/configparser.y" +#line 1211 "./util/configparser.y" { OUTYY(("P(stub-addr:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->stubs->addrs, (yyvsp[(2) - (2)].str))) @@ -3456,7 +3457,7 @@ yyreduce: case 236: /* Line 1787 of yacc.c */ -#line 1217 "./util/configparser.y" +#line 1218 "./util/configparser.y" { OUTYY(("P(stub-first:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -3468,7 +3469,7 @@ yyreduce: case 237: /* Line 1787 of yacc.c */ -#line 1226 "./util/configparser.y" +#line 1227 "./util/configparser.y" { OUTYY(("P(stub-prime:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -3481,7 +3482,7 @@ yyreduce: case 238: /* Line 1787 of yacc.c */ -#line 1236 "./util/configparser.y" +#line 1237 "./util/configparser.y" { OUTYY(("P(name:%s)\n", (yyvsp[(2) - (2)].str))); if(cfg_parser->cfg->forwards->name) @@ -3494,7 +3495,7 @@ yyreduce: case 239: /* Line 1787 of yacc.c */ -#line 1246 "./util/configparser.y" +#line 1247 "./util/configparser.y" { OUTYY(("P(forward-host:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->hosts, (yyvsp[(2) - (2)].str))) @@ -3504,7 +3505,7 @@ yyreduce: case 240: /* Line 1787 of yacc.c */ -#line 1253 "./util/configparser.y" +#line 1254 "./util/configparser.y" { OUTYY(("P(forward-addr:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->forwards->addrs, (yyvsp[(2) - (2)].str))) @@ -3514,7 +3515,7 @@ yyreduce: case 241: /* Line 1787 of yacc.c */ -#line 1260 "./util/configparser.y" +#line 1261 "./util/configparser.y" { OUTYY(("P(forward-first:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -3526,7 +3527,7 @@ yyreduce: case 242: /* Line 1787 of yacc.c */ -#line 1269 "./util/configparser.y" +#line 1270 "./util/configparser.y" { OUTYY(("\nP(remote-control:)\n")); } @@ -3534,7 +3535,7 @@ yyreduce: case 252: /* Line 1787 of yacc.c */ -#line 1280 "./util/configparser.y" +#line 1281 "./util/configparser.y" { OUTYY(("P(control_enable:%s)\n", (yyvsp[(2) - (2)].str))); if(strcmp((yyvsp[(2) - (2)].str), "yes") != 0 && strcmp((yyvsp[(2) - (2)].str), "no") != 0) @@ -3547,7 +3548,7 @@ yyreduce: case 253: /* Line 1787 of yacc.c */ -#line 1290 "./util/configparser.y" +#line 1291 "./util/configparser.y" { OUTYY(("P(control_port:%s)\n", (yyvsp[(2) - (2)].str))); if(atoi((yyvsp[(2) - (2)].str)) == 0) @@ -3559,7 +3560,7 @@ yyreduce: case 254: /* Line 1787 of yacc.c */ -#line 1299 "./util/configparser.y" +#line 1300 "./util/configparser.y" { OUTYY(("P(control_interface:%s)\n", (yyvsp[(2) - (2)].str))); if(!cfg_strlist_insert(&cfg_parser->cfg->control_ifs, (yyvsp[(2) - (2)].str))) @@ -3569,7 +3570,7 @@ yyreduce: case 255: /* Line 1787 of yacc.c */ -#line 1306 "./util/configparser.y" +#line 1307 "./util/configparser.y" { OUTYY(("P(rc_server_key_file:%s)\n", (yyvsp[(2) - (2)].str))); free(cfg_parser->cfg->server_key_file); @@ -3579,7 +3580,7 @@ yyreduce: case 256: /* Line 1787 of yacc.c */ -#line 1313 "./util/configparser.y" +#line 1314 "./util/configparser.y" { OUTYY(("P(rc_server_cert_file:%s)\n", (yyvsp[(2) - (2)].str))); free(cfg_parser->cfg->server_cert_file); @@ -3589,7 +3590,7 @@ yyreduce: case 257: /* Line 1787 of yacc.c */ -#line 1320 "./util/configparser.y" +#line 1321 "./util/configparser.y" { OUTYY(("P(rc_control_key_file:%s)\n", (yyvsp[(2) - (2)].str))); free(cfg_parser->cfg->control_key_file); @@ -3599,7 +3600,7 @@ yyreduce: case 258: /* Line 1787 of yacc.c */ -#line 1327 "./util/configparser.y" +#line 1328 "./util/configparser.y" { OUTYY(("P(rc_control_cert_file:%s)\n", (yyvsp[(2) - (2)].str))); free(cfg_parser->cfg->control_cert_file); @@ -3609,7 +3610,7 @@ yyreduce: case 259: /* Line 1787 of yacc.c */ -#line 1334 "./util/configparser.y" +#line 1335 "./util/configparser.y" { OUTYY(("\nP(python:)\n")); } @@ -3617,7 +3618,7 @@ yyreduce: case 263: /* Line 1787 of yacc.c */ -#line 1343 "./util/configparser.y" +#line 1344 "./util/configparser.y" { OUTYY(("P(python-script:%s)\n", (yyvsp[(2) - (2)].str))); free(cfg_parser->cfg->python_script); @@ -3627,7 +3628,7 @@ yyreduce: /* Line 1787 of yacc.c */ -#line 3631 "util/configparser.c" +#line 3632 "util/configparser.c" default: break; } /* User semantic actions sometimes alter yychar, and that requires @@ -3859,7 +3860,7 @@ yyreturn: /* Line 2050 of yacc.c */ -#line 1348 "./util/configparser.y" +#line 1349 "./util/configparser.y" /* parse helper routines could be here */ diff --git a/util/configparser.y b/util/configparser.y index 484ee42be..b15f62f42 100644 --- a/util/configparser.y +++ b/util/configparser.y @@ -1187,6 +1187,7 @@ server_max_udp_size: VAR_MAX_UDP_SIZE STRING_ARG { OUTYY(("P(server_max_udp_size:%s)\n", $2)); cfg_parser->cfg->max_udp_size = atoi($2); + free($2); } ; stub_name: VAR_NAME STRING_ARG diff --git a/util/data/msgencode.c b/util/data/msgencode.c index a1e56a491..a27464675 100644 --- a/util/data/msgencode.c +++ b/util/data/msgencode.c @@ -444,7 +444,7 @@ rrset_belongs_in_reply(ldns_pkt_section s, uint16_t rrtype, uint16_t qtype, /** store rrset in buffer in wireformat, return RETVAL_* */ static int packed_rrset_encode(struct ub_packed_rrset_key* key, ldns_buffer* pkt, - uint16_t* num_rrs, uint32_t timenow, struct regional* region, + uint16_t* num_rrs, time_t timenow, struct regional* region, int do_data, int do_sig, struct compress_tree_node** tree, ldns_pkt_section s, uint16_t qtype, int dnssec, size_t rr_offset) { @@ -531,7 +531,7 @@ packed_rrset_encode(struct ub_packed_rrset_key* key, ldns_buffer* pkt, /** store msg section in wireformat buffer, return RETVAL_* */ static int insert_section(struct reply_info* rep, size_t num_rrsets, uint16_t* num_rrs, - ldns_buffer* pkt, size_t rrsets_before, uint32_t timenow, + ldns_buffer* pkt, size_t rrsets_before, time_t timenow, struct regional* region, struct compress_tree_node** tree, ldns_pkt_section s, uint16_t qtype, int dnssec, size_t rr_offset) { @@ -627,7 +627,7 @@ positive_answer(struct reply_info* rep, uint16_t qtype) { int reply_info_encode(struct query_info* qinfo, struct reply_info* rep, - uint16_t id, uint16_t flags, ldns_buffer* buffer, uint32_t timenow, + uint16_t id, uint16_t flags, ldns_buffer* buffer, time_t timenow, struct regional* region, uint16_t udpsize, int dnssec) { uint16_t ancount=0, nscount=0, arcount=0; @@ -785,7 +785,7 @@ attach_edns_record(ldns_buffer* pkt, struct edns_data* edns) int reply_info_answer_encode(struct query_info* qinf, struct reply_info* rep, - uint16_t id, uint16_t qflags, ldns_buffer* pkt, uint32_t timenow, + uint16_t id, uint16_t qflags, ldns_buffer* pkt, time_t timenow, int cached, struct regional* region, uint16_t udpsize, struct edns_data* edns, int dnssec, int secure) { diff --git a/util/data/msgencode.h b/util/data/msgencode.h index 74d6c1fb2..13f0c1b4d 100644 --- a/util/data/msgencode.h +++ b/util/data/msgencode.h @@ -66,7 +66,7 @@ struct edns_data; * @return: 0 on error (server failure). */ int reply_info_answer_encode(struct query_info* qinf, struct reply_info* rep, - uint16_t id, uint16_t qflags, ldns_buffer* dest, uint32_t timenow, + uint16_t id, uint16_t qflags, ldns_buffer* dest, time_t timenow, int cached, struct regional* region, uint16_t udpsize, struct edns_data* edns, int dnssec, int secure); @@ -88,7 +88,7 @@ int reply_info_answer_encode(struct query_info* qinf, struct reply_info* rep, * 0 on error: malloc failure (no log_err has been done). */ int reply_info_encode(struct query_info* qinfo, struct reply_info* rep, - uint16_t id, uint16_t flags, ldns_buffer* buffer, uint32_t timenow, + uint16_t id, uint16_t flags, ldns_buffer* buffer, time_t timenow, struct regional* region, uint16_t udpsize, int dnssec); /** diff --git a/util/data/msgparse.h b/util/data/msgparse.h index 808771acc..115a7f310 100644 --- a/util/data/msgparse.h +++ b/util/data/msgparse.h @@ -74,9 +74,9 @@ struct regional; /** number of buckets in parse rrset hash table. Must be power of 2. */ #define PARSE_TABLE_SIZE 32 /** Maximum TTL that is allowed. */ -extern uint32_t MAX_TTL; +extern time_t MAX_TTL; /** Minimum TTL that is allowed. */ -extern uint32_t MIN_TTL; +extern time_t MIN_TTL; /** Negative cache time (for entries without any RRs.) */ #define NORR_TTL 5 /* seconds */ diff --git a/util/data/msgreply.c b/util/data/msgreply.c index 6d711fff3..004d6c928 100644 --- a/util/data/msgreply.c +++ b/util/data/msgreply.c @@ -53,9 +53,9 @@ #include "util/data/msgencode.h" /** MAX TTL default for messages and rrsets */ -uint32_t MAX_TTL = 3600 * 24 * 10; /* ten days */ +time_t MAX_TTL = 3600 * 24 * 10; /* ten days */ /** MIN TTL default for messages and rrsets */ -uint32_t MIN_TTL = 0; +time_t MIN_TTL = 0; /** allocate qinfo, return 0 on error */ static int @@ -79,7 +79,7 @@ parse_create_qinfo(ldns_buffer* pkt, struct msg_parse* msg, /** constructor for replyinfo */ static struct reply_info* construct_reply_info_base(struct regional* region, uint16_t flags, size_t qd, - uint32_t ttl, uint32_t prettl, size_t an, size_t ns, size_t ar, + time_t ttl, time_t prettl, size_t an, size_t ns, size_t ar, size_t total, enum sec_status sec) { struct reply_info* rep; @@ -154,7 +154,7 @@ repinfo_alloc_rrset_keys(struct reply_info* rep, struct alloc_cache* alloc, /** do the rdata copy */ static int rdata_copy(ldns_buffer* pkt, struct packed_rrset_data* data, uint8_t* to, - struct rr_parse* rr, uint32_t* rr_ttl, uint16_t type) + struct rr_parse* rr, time_t* rr_ttl, uint16_t type) { uint16_t pkt_len; const ldns_rr_descriptor* desc; @@ -245,7 +245,7 @@ parse_rr_copy(ldns_buffer* pkt, struct rrset_parse* pset, data->rr_len = (size_t*)((uint8_t*)data + sizeof(struct packed_rrset_data)); data->rr_data = (uint8_t**)&(data->rr_len[total]); - data->rr_ttl = (uint32_t*)&(data->rr_data[total]); + data->rr_ttl = (time_t*)&(data->rr_data[total]); nextrdata = (uint8_t*)&(data->rr_ttl[total]); for(i=0; icount; i++) { data->rr_len[i] = rr->size; @@ -278,7 +278,7 @@ parse_create_rrset(ldns_buffer* pkt, struct rrset_parse* pset, /* allocate */ size_t s = sizeof(struct packed_rrset_data) + (pset->rr_count + pset->rrsig_count) * - (sizeof(size_t)+sizeof(uint8_t*)+sizeof(uint32_t)) + + (sizeof(size_t)+sizeof(uint8_t*)+sizeof(time_t)) + pset->size; if(region) *data = regional_alloc(region, s); @@ -465,7 +465,7 @@ reply_info_sortref(struct reply_info* rep) } void -reply_info_set_ttls(struct reply_info* rep, uint32_t timenow) +reply_info_set_ttls(struct reply_info* rep, time_t timenow) { size_t i, j; rep->ttl += timenow; diff --git a/util/data/msgreply.h b/util/data/msgreply.h index a32f2b1ed..6087c6b20 100644 --- a/util/data/msgreply.h +++ b/util/data/msgreply.h @@ -116,21 +116,21 @@ struct reply_info { */ uint8_t qdcount; + /** 32 bit padding to pad struct member alignment to 64 bits. */ + uint32_t padding; + /** * TTL of the entire reply (for negative caching). * only for use when there are 0 RRsets in this message. * if there are RRsets, check those instead. */ - uint32_t ttl; + time_t ttl; /** * TTL for prefetch. After it has expired, a prefetch is suitable. * Smaller than the TTL, otherwise the prefetch would not happen. */ - uint32_t prefetch_ttl; - - /** 32 bit padding to pad struct member alignment to 64 bits. */ - uint32_t padding; + time_t prefetch_ttl; /** * The security status from DNSSEC validation of this message. @@ -253,7 +253,7 @@ void reply_info_sortref(struct reply_info* rep); * Also refs must be filled in. * @param timenow: the current time. */ -void reply_info_set_ttls(struct reply_info* rep, uint32_t timenow); +void reply_info_set_ttls(struct reply_info* rep, time_t timenow); /** * Delete reply_info and packed_rrsets (while they are not yet added to the diff --git a/util/data/packed_rrset.c b/util/data/packed_rrset.c index e1fc2e529..1bf2e8f00 100644 --- a/util/data/packed_rrset.c +++ b/util/data/packed_rrset.c @@ -183,7 +183,7 @@ packed_rrset_ptr_fixup(struct packed_rrset_data* data) data->rr_len = (size_t*)((uint8_t*)data + sizeof(struct packed_rrset_data)); data->rr_data = (uint8_t**)&(data->rr_len[total]); - data->rr_ttl = (uint32_t*)&(data->rr_data[total]); + data->rr_ttl = (time_t*)&(data->rr_data[total]); nextrdata = (uint8_t*)&(data->rr_ttl[total]); for(i=0; irr_data[i] = nextrdata; @@ -215,7 +215,7 @@ get_cname_target(struct ub_packed_rrset_key* rrset, uint8_t** dname, } void -packed_rrset_ttl_add(struct packed_rrset_data* data, uint32_t add) +packed_rrset_ttl_add(struct packed_rrset_data* data, time_t add) { size_t i; size_t total = data->count + data->rrsig_count; @@ -266,7 +266,7 @@ void log_rrset_key(enum verbosity_value v, const char* str, ntohs(rrset->rk.type), ntohs(rrset->rk.rrset_class)); } -uint32_t +time_t ub_packed_rrset_ttl(struct ub_packed_rrset_key* key) { struct packed_rrset_data* d = (struct packed_rrset_data*)key-> @@ -276,7 +276,7 @@ ub_packed_rrset_ttl(struct ub_packed_rrset_key* key) struct ub_packed_rrset_key* packed_rrset_copy_region(struct ub_packed_rrset_key* key, - struct regional* region, uint32_t now) + struct regional* region, time_t now) { struct ub_packed_rrset_key* ck = regional_alloc(region, sizeof(struct ub_packed_rrset_key)); @@ -315,7 +315,7 @@ packed_rrset_copy_region(struct ub_packed_rrset_key* key, struct ub_packed_rrset_key* packed_rrset_copy_alloc(struct ub_packed_rrset_key* key, - struct alloc_cache* alloc, uint32_t now) + struct alloc_cache* alloc, time_t now) { struct packed_rrset_data* fd, *dd; struct ub_packed_rrset_key* dk = alloc_special_obtain(alloc); @@ -386,7 +386,7 @@ packed_rrset_heap_data(ldns_rr_list* rrset) /* allocate */ total = count + rrsig_count; - len += sizeof(*data) + total*(sizeof(size_t) + sizeof(uint32_t) + + len += sizeof(*data) + total*(sizeof(size_t) + sizeof(time_t) + sizeof(uint8_t*)); data = (struct packed_rrset_data*)calloc(1, len); if(!data) @@ -399,7 +399,7 @@ packed_rrset_heap_data(ldns_rr_list* rrset) data->rr_len = (size_t*)((uint8_t*)data + sizeof(struct packed_rrset_data)); data->rr_data = (uint8_t**)&(data->rr_len[total]); - data->rr_ttl = (uint32_t*)&(data->rr_data[total]); + data->rr_ttl = (time_t*)&(data->rr_data[total]); nextrdata = (uint8_t*)&(data->rr_ttl[total]); /* fill out len, ttl, fields */ diff --git a/util/data/packed_rrset.h b/util/data/packed_rrset.h index ad11a8042..9530aa604 100644 --- a/util/data/packed_rrset.h +++ b/util/data/packed_rrset.h @@ -215,7 +215,7 @@ enum sec_status { struct packed_rrset_data { /** TTL (in seconds like time()) of the rrset. * Same for all RRs see rfc2181(5.2). */ - uint32_t ttl; + time_t ttl; /** number of rrs. */ size_t count; /** number of rrsigs, if 0 no rrsigs */ @@ -227,7 +227,7 @@ struct packed_rrset_data { /** length of every rr's rdata, rr_len[i] is size of rr_data[i]. */ size_t* rr_len; /** ttl of every rr. rr_ttl[i] ttl of rr i. */ - uint32_t *rr_ttl; + time_t *rr_ttl; /** * Array of pointers to every rr's rdata. * The rr_data[i] rdata is stored in uncompressed wireformat. @@ -281,7 +281,7 @@ size_t packed_rrset_sizeof(struct packed_rrset_data* data); * @param key: rrset key, with data to examine. * @return ttl value. */ -uint32_t ub_packed_rrset_ttl(struct ub_packed_rrset_key* key); +time_t ub_packed_rrset_ttl(struct ub_packed_rrset_key* key); /** * Calculate memory size of rrset entry. For hash table usage. @@ -343,7 +343,7 @@ void packed_rrset_ptr_fixup(struct packed_rrset_data* data); * @param data: rrset data structure. Otherwise correctly filled in. * @param add: how many seconds to add, pass time(0) for example. */ -void packed_rrset_ttl_add(struct packed_rrset_data* data, uint32_t add); +void packed_rrset_ttl_add(struct packed_rrset_data* data, time_t add); /** * Utility procedure to extract CNAME target name from its rdata. @@ -392,7 +392,7 @@ void log_rrset_key(enum verbosity_value v, const char* str, */ struct ub_packed_rrset_key* packed_rrset_copy_region( struct ub_packed_rrset_key* key, struct regional* region, - uint32_t now); + time_t now); /** * Allocate rrset with malloc (from region or you are holding the lock). @@ -403,7 +403,7 @@ struct ub_packed_rrset_key* packed_rrset_copy_region( */ struct ub_packed_rrset_key* packed_rrset_copy_alloc( struct ub_packed_rrset_key* key, struct alloc_cache* alloc, - uint32_t now); + time_t now); /** * Create a ub_packed_rrset_key allocated on the heap. diff --git a/util/iana_ports.inc b/util/iana_ports.inc index 4ad222707..2d36bb6b2 100644 --- a/util/iana_ports.inc +++ b/util/iana_ports.inc @@ -4275,6 +4275,7 @@ 5681, 5682, 5683, +5684, 5688, 5689, 5713, @@ -4478,6 +4479,7 @@ 6627, 6628, 6633, +6653, 6657, 6670, 6671, @@ -5044,6 +5046,7 @@ 11371, 11600, 11720, +11723, 11751, 11796, 11876, @@ -5327,6 +5330,8 @@ 34963, 34964, 34980, +35001, +35004, 35355, 36001, 36865, @@ -5374,6 +5379,7 @@ 47624, 47806, 47808, +47809, 48000, 48001, 48002, diff --git a/util/log.c b/util/log.c index 8c09c7ce3..9b2daea32 100644 --- a/util/log.c +++ b/util/log.c @@ -73,7 +73,7 @@ static const char* ident="unbound"; static int logging_to_syslog = 0; #endif /* HAVE_SYSLOG_H */ /** time to print in log, if NULL, use time(2) */ -static uint32_t* log_now = NULL; +static time_t* log_now = NULL; /** print time in UTC or in secondsfrom1970 */ static int log_time_asc = 0; @@ -151,7 +151,7 @@ void log_ident_set(const char* id) ident = id; } -void log_set_time(uint32_t* t) +void log_set_time(time_t* t) { log_now = t; } @@ -228,7 +228,7 @@ log_vmsg(int pri, const char* type, ident, (int)getpid(), tid?*tid:0, type, message); } else #endif - fprintf(logfile, "[%u] %s[%d:%x] %s: %s\n", (unsigned)now, + fprintf(logfile, "[%lld] %s[%d:%x] %s: %s\n", (long long)now, ident, (int)getpid(), tid?*tid:0, type, message); #ifdef UB_ON_WINDOWS /* line buffering does not work on windows */ diff --git a/util/log.h b/util/log.h index 270ffc5c1..5ba1a0bc4 100644 --- a/util/log.h +++ b/util/log.h @@ -108,7 +108,7 @@ void log_ident_set(const char* id); * @param t: the point is copied and used to find the time. * if NULL, time(2) is used. */ -void log_set_time(uint32_t* t); +void log_set_time(time_t* t); /** * Set if the time value is printed ascii or decimal in log entries. diff --git a/util/mini_event.c b/util/mini_event.c index f66214ddb..a03edf1b3 100644 --- a/util/mini_event.c +++ b/util/mini_event.c @@ -79,13 +79,13 @@ settime(struct event_base* base) return -1; } #ifndef S_SPLINT_S - *base->time_secs = (uint32_t)base->time_tv->tv_sec; + *base->time_secs = (time_t)base->time_tv->tv_sec; #endif return 0; } /** create event base */ -void *event_init(uint32_t* time_secs, struct timeval* time_tv) +void *event_init(time_t* time_secs, struct timeval* time_tv) { struct event_base* base = (struct event_base*)malloc( sizeof(struct event_base)); diff --git a/util/mini_event.h b/util/mini_event.h index 248468ada..b04419123 100644 --- a/util/mini_event.h +++ b/util/mini_event.h @@ -103,7 +103,7 @@ struct event_base /** if we need to exit */ int need_to_exit; /** where to store time in seconds */ - uint32_t* time_secs; + time_t* time_secs; /** where to store time in microseconds */ struct timeval* time_tv; }; @@ -134,7 +134,7 @@ struct event { /* function prototypes (some are as they appear in event.h) */ /** create event base */ -void *event_init(uint32_t* time_secs, struct timeval* time_tv); +void *event_init(time_t* time_secs, struct timeval* time_tv); /** get version */ const char *event_get_version(void); /** get polling method, select */ diff --git a/util/module.h b/util/module.h index e270d4867..3725edea3 100644 --- a/util/module.h +++ b/util/module.h @@ -187,7 +187,7 @@ struct module_env { /** random table to generate random numbers */ struct ub_randstate* rnd; /** time in seconds, converted to integer */ - uint32_t* now; + time_t* now; /** time in microseconds. Relatively recent. */ struct timeval* now_tv; /** is validation required for messages, controls client-facing @@ -318,7 +318,7 @@ struct module_qstate { /** mesh related information for this query */ struct mesh_state* mesh_info; /** how many seconds before expiry is this prefetched (0 if not) */ - uint32_t prefetch_leeway; + time_t prefetch_leeway; }; /** diff --git a/util/netevent.c b/util/netevent.c index 82521a1ec..193fa8714 100644 --- a/util/netevent.c +++ b/util/netevent.c @@ -122,7 +122,7 @@ struct internal_base { /** libevent event_base type. */ struct event_base* base; /** seconds time pointer points here */ - uint32_t secs; + time_t secs; /** timeval with current time */ struct timeval now; /** the event used for slow_accept timeouts */ @@ -171,7 +171,7 @@ comm_base_now(struct comm_base* b) if(gettimeofday(&b->eb->now, NULL) < 0) { log_err("gettimeofday: %s", strerror(errno)); } - b->eb->secs = (uint32_t)b->eb->now.tv_sec; + b->eb->secs = (time_t)b->eb->now.tv_sec; } #endif /* USE_MINI_EVENT */ @@ -258,7 +258,7 @@ comm_base_delete(struct comm_base* b) } void -comm_base_timept(struct comm_base* b, uint32_t** tt, struct timeval** tv) +comm_base_timept(struct comm_base* b, time_t** tt, struct timeval** tv) { *tt = &b->eb->secs; *tv = &b->eb->now; diff --git a/util/netevent.h b/util/netevent.h index 0ea4cf041..86fa28569 100644 --- a/util/netevent.h +++ b/util/netevent.h @@ -308,7 +308,7 @@ void comm_base_delete(struct comm_base* b); * @param tt: pointer to time in seconds is returned. * @param tv: pointer to time in microseconds is returned. */ -void comm_base_timept(struct comm_base* b, uint32_t** tt, struct timeval** tv); +void comm_base_timept(struct comm_base* b, time_t** tt, struct timeval** tv); /** * Dispatch the comm base events. diff --git a/util/tube.c b/util/tube.c index 28c51d79d..fde84967f 100644 --- a/util/tube.c +++ b/util/tube.c @@ -368,7 +368,7 @@ int tube_read_msg(struct tube* tube, uint8_t** buf, uint32_t* len, return 0; } d = 0; - while(d != (ssize_t)*len) { + while(d < (ssize_t)*len) { if((r=read(fd, (*buf)+d, (size_t)((ssize_t)*len)-d)) == -1) { log_err("tube msg read failed: %s", strerror(errno)); (void)fd_set_nonblock(fd); diff --git a/util/winsock_event.c b/util/winsock_event.c index ff5c9b093..82e9ab06a 100644 --- a/util/winsock_event.c +++ b/util/winsock_event.c @@ -71,7 +71,7 @@ settime(struct event_base* base) return -1; } #ifndef S_SPLINT_S - *base->time_secs = (uint32_t)base->time_tv->tv_sec; + *base->time_secs = (time_t)base->time_tv->tv_sec; #endif return 0; } @@ -108,7 +108,7 @@ zero_waitfor(WSAEVENT waitfor[], WSAEVENT x) } } -void *event_init(uint32_t* time_secs, struct timeval* time_tv) +void *event_init(time_t* time_secs, struct timeval* time_tv) { struct event_base* base = (struct event_base*)malloc( sizeof(struct event_base)); @@ -181,8 +181,8 @@ static void handle_timeouts(struct event_base* base, struct timeval* now, wait->tv_usec = p->ev_timeout.tv_usec - now->tv_usec; } - verbose(VERB_CLIENT, "winsock_event wait=%d.%6.6d", - (int)wait->tv_sec, (int)wait->tv_usec); + verbose(VERB_CLIENT, "winsock_event wait=%lld.%6.6d", + (long long)wait->tv_sec, (int)wait->tv_usec); return; } #endif @@ -488,9 +488,9 @@ int event_base_set(struct event_base *base, struct event *ev) int event_add(struct event *ev, struct timeval *tv) { - verbose(VERB_ALGO, "event_add %p added=%d fd=%d tv=%d %s%s%s", + verbose(VERB_ALGO, "event_add %p added=%d fd=%d tv=%lld %s%s%s", ev, ev->added, ev->ev_fd, - (tv?(int)tv->tv_sec*1000+(int)tv->tv_usec/1000:-1), + (tv?(long long)tv->tv_sec*1000+(long long)tv->tv_usec/1000:-1), (ev->ev_events&EV_READ)?" EV_READ":"", (ev->ev_events&EV_WRITE)?" EV_WRITE":"", (ev->ev_events&EV_TIMEOUT)?" EV_TIMEOUT":""); @@ -569,10 +569,10 @@ int event_add(struct event *ev, struct timeval *tv) int event_del(struct event *ev) { - verbose(VERB_ALGO, "event_del %p added=%d fd=%d tv=%d %s%s%s", + verbose(VERB_ALGO, "event_del %p added=%d fd=%d tv=%lld %s%s%s", ev, ev->added, ev->ev_fd, - (ev->ev_events&EV_TIMEOUT)?(int)ev->ev_timeout.tv_sec*1000+ - (int)ev->ev_timeout.tv_usec/1000:-1, + (ev->ev_events&EV_TIMEOUT)?(long long)ev->ev_timeout.tv_sec*1000+ + (long long)ev->ev_timeout.tv_usec/1000:-1, (ev->ev_events&EV_READ)?" EV_READ":"", (ev->ev_events&EV_WRITE)?" EV_WRITE":"", (ev->ev_events&EV_TIMEOUT)?" EV_TIMEOUT":""); diff --git a/util/winsock_event.h b/util/winsock_event.h index 088283e12..f51f53478 100644 --- a/util/winsock_event.h +++ b/util/winsock_event.h @@ -129,7 +129,7 @@ struct event_base /** if we need to exit */ int need_to_exit; /** where to store time in seconds */ - uint32_t* time_secs; + time_t* time_secs; /** where to store time in microseconds */ struct timeval* time_tv; /** @@ -194,7 +194,7 @@ struct event { }; /** create event base */ -void *event_init(uint32_t* time_secs, struct timeval* time_tv); +void *event_init(time_t* time_secs, struct timeval* time_tv); /** get version */ const char *event_get_version(void); /** get polling method (select,epoll) */ diff --git a/validator/autotrust.c b/validator/autotrust.c index 4d4d6fa59..1a7702a82 100644 --- a/validator/autotrust.c +++ b/validator/autotrust.c @@ -242,7 +242,7 @@ parse_comments(char* str, struct autr_ta* ta) if (pos < 0 || !timestamp) ta->last_change = 0; else - ta->last_change = (uint32_t)timestamp; + ta->last_change = (time_t)timestamp; free(comment); return 1; @@ -677,12 +677,12 @@ parse_var_line(char* line, struct val_anchors* anchors, } else if(strncmp(line, ";;query_interval: ", 18) == 0) { if(!tp) return -1; lock_basic_lock(&tp->lock); - tp->autr->query_interval = (uint32_t)parse_int(line+18, &r); + tp->autr->query_interval = (time_t)parse_int(line+18, &r); lock_basic_unlock(&tp->lock); } else if(strncmp(line, ";;retry_time: ", 14) == 0) { if(!tp) return -1; lock_basic_lock(&tp->lock); - tp->autr->retry_time = (uint32_t)parse_int(line+14, &r); + tp->autr->retry_time = (time_t)parse_int(line+14, &r); lock_basic_unlock(&tp->lock); } return r; @@ -978,9 +978,13 @@ void autr_write_file(struct module_env* env, struct trust_anchor* tp) char* fname = tp->autr->file; char tempf[2048]; log_assert(tp->autr); + if(!env) { + log_err("autr_write_file: Module environment is NULL."); + return; + } /* unique name with pid number and thread number */ snprintf(tempf, sizeof(tempf), "%s.%d-%d", fname, (int)getpid(), - env&&env->worker?*(int*)env->worker:0); + env->worker?*(int*)env->worker:0); verbose(VERB_ALGO, "autotrust: write to disk: %s", tempf); out = fopen(tempf, "w"); if(!out) { @@ -1033,23 +1037,23 @@ verify_dnskey(struct module_env* env, struct val_env* ve, } /** Find minimum expiration interval from signatures */ -static uint32_t +static time_t min_expiry(struct module_env* env, ldns_rr_list* rrset) { size_t i; - uint32_t t, r = 15 * 24 * 3600; /* 15 days max */ + int32_t t, r = 15 * 24 * 3600; /* 15 days max */ for(i=0; inow > 0) { + if((int32_t)t - (int32_t)*env->now > 0) { t -= *env->now; if(t < r) r = t; } } - return r; + return (time_t)r; } /** Is rr self-signed revoked key */ @@ -1241,7 +1245,7 @@ add_key(struct trust_anchor* tp, ldns_rr* rr) } /** get TTL from DNSKEY rrset */ -static uint32_t +static time_t key_ttl(struct ub_packed_rrset_key* k) { struct packed_rrset_data* d = (struct packed_rrset_data*)k->entry.data; @@ -1250,10 +1254,10 @@ key_ttl(struct ub_packed_rrset_key* k) /** update the time values for the trustpoint */ static void -set_tp_times(struct trust_anchor* tp, uint32_t rrsig_exp_interval, - uint32_t origttl, int* changed) +set_tp_times(struct trust_anchor* tp, time_t rrsig_exp_interval, + time_t origttl, int* changed) { - uint32_t x, qi = tp->autr->query_interval, rt = tp->autr->retry_time; + time_t x, qi = tp->autr->query_interval, rt = tp->autr->retry_time; /* x = MIN(15days, ttl/2, expire/2) */ x = 15 * 24 * 3600; @@ -1446,21 +1450,21 @@ update_events(struct module_env* env, struct val_env* ve, * @param holddown: the timer value * @return number of seconds the holddown has passed. */ -static int -check_holddown(struct module_env* env, struct autr_ta* ta, +static time_t +check_holddown(struct module_env* env, struct autr_ta* ta, unsigned int holddown) { - unsigned int elapsed; - if((unsigned)*env->now < (unsigned)ta->last_change) { + time_t elapsed; + if(*env->now < ta->last_change) { log_warn("time goes backwards. delaying key holddown"); return 0; } - elapsed = (unsigned)*env->now - (unsigned)ta->last_change; - if (elapsed > holddown) { - return (int) (elapsed-holddown); + elapsed = *env->now - ta->last_change; + if (elapsed > (time_t)holddown) { + return elapsed-(time_t)holddown; } - verbose_key(ta, VERB_ALGO, "holddown time %d seconds to go", - (int) (holddown-elapsed)); + verbose_key(ta, VERB_ALGO, "holddown time %lld seconds to go", + (long long) ((time_t)holddown-elapsed)); return 0; } @@ -1500,11 +1504,11 @@ do_addtime(struct module_env* env, struct autr_ta* anchor, int* c) /* This not according to RFC, this is 30 days, but the RFC demands * MAX(30days, TTL expire time of first DNSKEY set with this key), * The value may be too small if a very large TTL was used. */ - int exceeded = check_holddown(env, anchor, env->cfg->add_holddown); + time_t exceeded = check_holddown(env, anchor, env->cfg->add_holddown); if (exceeded && anchor->s == AUTR_STATE_ADDPEND) { verbose_key(anchor, VERB_ALGO, "add-holddown time exceeded " - "%d seconds ago, and pending-count %d", exceeded, - anchor->pending_count); + "%lld seconds ago, and pending-count %d", + (long long)exceeded, anchor->pending_count); if(anchor->pending_count >= MIN_PENDINGCOUNT) { set_trustanchor_state(env, anchor, c, AUTR_STATE_VALID); anchor->pending_count = 0; @@ -1519,10 +1523,10 @@ do_addtime(struct module_env* env, struct autr_ta* anchor, int* c) static void do_remtime(struct module_env* env, struct autr_ta* anchor, int* c) { - int exceeded = check_holddown(env, anchor, env->cfg->del_holddown); + time_t exceeded = check_holddown(env, anchor, env->cfg->del_holddown); if(exceeded && anchor->s == AUTR_STATE_REVOKED) { verbose_key(anchor, VERB_ALGO, "del-holddown time exceeded " - "%d seconds ago", exceeded); + "%lld seconds ago", (long long)exceeded); set_trustanchor_state(env, anchor, c, AUTR_STATE_REMOVED); } } @@ -1651,7 +1655,7 @@ remove_missing_trustanchors(struct module_env* env, struct trust_anchor* tp, int* changed) { struct autr_ta* anchor; - int exceeded; + time_t exceeded; int valid = 0; /* see if we have anchors that are valid */ for(anchor = tp->autr->keys; anchor; anchor = anchor->next) { @@ -1699,8 +1703,8 @@ remove_missing_trustanchors(struct module_env* env, struct trust_anchor* tp, * one valid KSK: remove missing trust anchor */ if (exceeded && valid > 0) { verbose_key(anchor, VERB_ALGO, "keep-missing time " - "exceeded %d seconds ago, [%d key(s) VALID]", - exceeded, valid); + "exceeded %lld seconds ago, [%d key(s) VALID]", + (long long)exceeded, valid); set_trustanchor_state(env, anchor, changed, AUTR_STATE_REMOVED); } @@ -1764,15 +1768,15 @@ autr_cleanup_keys(struct trust_anchor* tp) /** calculate next probe time */ static time_t -calc_next_probe(struct module_env* env, uint32_t wait) +calc_next_probe(struct module_env* env, time_t wait) { /* make it random, 90-100% */ - uint32_t rnd, rest; + time_t rnd, rest; if(wait < 3600) wait = 3600; rnd = wait/10; rest = wait-rnd; - rnd = (uint32_t)ub_random_max(env->rnd, (long int)rnd); + rnd = (time_t)ub_random_max(env->rnd, (long int)rnd); return (time_t)(*env->now + rest + rnd); } @@ -1792,7 +1796,7 @@ reset_worker_timer(struct module_env* env) { struct timeval tv; #ifndef S_SPLINT_S - uint32_t next = (uint32_t)wait_probe_time(env->anchors); + time_t next = (time_t)wait_probe_time(env->anchors); /* in case this is libunbound, no timer */ if(!env->probe_timer) return; @@ -1802,7 +1806,7 @@ reset_worker_timer(struct module_env* env) #endif tv.tv_usec = 0; comm_timer_set(env->probe_timer, &tv); - verbose(VERB_ALGO, "scheduled next probe in %d sec", (int)tv.tv_sec); + verbose(VERB_ALGO, "scheduled next probe in %lld sec", (long long)tv.tv_sec); } /** set next probe for trust anchor */ @@ -2161,7 +2165,7 @@ probe_anchor(struct module_env* env, struct trust_anchor* tp) /** fetch first to-probe trust-anchor and lock it and set retrytime */ static struct trust_anchor* -todo_probe(struct module_env* env, uint32_t* next) +todo_probe(struct module_env* env, time_t* next) { struct trust_anchor* tp; rbnode_t* el; @@ -2176,9 +2180,9 @@ todo_probe(struct module_env* env, uint32_t* next) lock_basic_lock(&tp->lock); /* is it eligible? */ - if((uint32_t)tp->autr->next_probe_time > *env->now) { + if((time_t)tp->autr->next_probe_time > *env->now) { /* no more to probe */ - *next = (uint32_t)tp->autr->next_probe_time - *env->now; + *next = (time_t)tp->autr->next_probe_time - *env->now; lock_basic_unlock(&tp->lock); lock_basic_unlock(&env->anchors->lock); return NULL; @@ -2193,11 +2197,11 @@ todo_probe(struct module_env* env, uint32_t* next) return tp; } -uint32_t +time_t autr_probe_timer(struct module_env* env) { struct trust_anchor* tp; - uint32_t next_probe = 3600; + time_t next_probe = 3600; int num = 0; verbose(VERB_ALGO, "autotrust probe timer callback"); /* while there are still anchors to probe */ diff --git a/validator/autotrust.h b/validator/autotrust.h index 4e88ed320..193135cb6 100644 --- a/validator/autotrust.h +++ b/validator/autotrust.h @@ -104,9 +104,9 @@ struct autr_point_data { time_t next_probe_time; /** when to query if !failed */ - uint32_t query_interval; + time_t query_interval; /** when to retry if failed */ - uint32_t retry_time; + time_t retry_time; /** * How many times did it fail. diagnostic only (has no effect). @@ -151,7 +151,7 @@ size_t autr_get_num_anchors(struct val_anchors* anchors); * @return time of next probe (in seconds from now). * If 0, then there is no next probe anymore (trust points deleted). */ -uint32_t autr_probe_timer(struct module_env* env); +time_t autr_probe_timer(struct module_env* env); /** probe tree compare function */ int probetree_cmp(const void* x, const void* y); diff --git a/validator/val_anchor.c b/validator/val_anchor.c index c46e94215..e710f2f24 100644 --- a/validator/val_anchor.c +++ b/validator/val_anchor.c @@ -902,7 +902,7 @@ assemble_it(struct trust_anchor* ta, size_t num, uint16_t type) free(pkey); return NULL; } - pd->rr_ttl = (uint32_t*)malloc(num*sizeof(uint32_t)); + pd->rr_ttl = (time_t*)malloc(num*sizeof(time_t)); if(!pd->rr_ttl) { free(pd->rr_len); free(pd); diff --git a/validator/val_kcache.c b/validator/val_kcache.c index 68e8c3f61..6d4ad8f32 100644 --- a/validator/val_kcache.c +++ b/validator/val_kcache.c @@ -126,7 +126,7 @@ key_cache_search(struct key_cache* kcache, uint8_t* name, size_t namelen, struct key_entry_key* key_cache_obtain(struct key_cache* kcache, uint8_t* name, size_t namelen, - uint16_t key_class, struct regional* region, uint32_t now) + uint16_t key_class, struct regional* region, time_t now) { /* keep looking until we find a nonexpired entry */ while(1) { diff --git a/validator/val_kcache.h b/validator/val_kcache.h index c37cf1ecb..8f5621096 100644 --- a/validator/val_kcache.h +++ b/validator/val_kcache.h @@ -106,7 +106,7 @@ void key_cache_remove(struct key_cache* kcache, */ struct key_entry_key* key_cache_obtain(struct key_cache* kcache, uint8_t* name, size_t namelen, uint16_t key_class, - struct regional* region, uint32_t now); + struct regional* region, time_t now); /** * Get memory in use by the key cache. diff --git a/validator/val_kentry.c b/validator/val_kentry.c index ddac140d3..e9144838f 100644 --- a/validator/val_kentry.c +++ b/validator/val_kentry.c @@ -275,8 +275,8 @@ key_entry_setup(struct regional* region, struct key_entry_key* key_entry_create_null(struct regional* region, - uint8_t* name, size_t namelen, uint16_t dclass, uint32_t ttl, - uint32_t now) + uint8_t* name, size_t namelen, uint16_t dclass, time_t ttl, + time_t now) { struct key_entry_key* k; struct key_entry_data* d; @@ -294,7 +294,7 @@ key_entry_create_null(struct regional* region, struct key_entry_key* key_entry_create_rrset(struct regional* region, uint8_t* name, size_t namelen, uint16_t dclass, - struct ub_packed_rrset_key* rrset, uint8_t* sigalg, uint32_t now) + struct ub_packed_rrset_key* rrset, uint8_t* sigalg, time_t now) { struct key_entry_key* k; struct key_entry_data* d; @@ -321,8 +321,8 @@ key_entry_create_rrset(struct regional* region, struct key_entry_key* key_entry_create_bad(struct regional* region, - uint8_t* name, size_t namelen, uint16_t dclass, uint32_t ttl, - uint32_t now) + uint8_t* name, size_t namelen, uint16_t dclass, time_t ttl, + time_t now) { struct key_entry_key* k; struct key_entry_data* d; diff --git a/validator/val_kentry.h b/validator/val_kentry.h index d14ffe588..6a308f160 100644 --- a/validator/val_kentry.h +++ b/validator/val_kentry.h @@ -75,7 +75,7 @@ struct key_entry_key { */ struct key_entry_data { /** the TTL of this entry (absolute time) */ - uint32_t ttl; + time_t ttl; /** the key rrdata. can be NULL to signal keyless name. */ struct packed_rrset_data* rrset_data; /** not NULL sometimes to give reason why bogus */ @@ -169,8 +169,8 @@ char* key_entry_get_reason(struct key_entry_key* kkey); * @return new key entry or NULL on alloc failure */ struct key_entry_key* key_entry_create_null(struct regional* region, - uint8_t* name, size_t namelen, uint16_t dclass, uint32_t ttl, - uint32_t now); + uint8_t* name, size_t namelen, uint16_t dclass, time_t ttl, + time_t now); /** * Create a key entry from an rrset, in the given region. @@ -185,7 +185,7 @@ struct key_entry_key* key_entry_create_null(struct regional* region, */ struct key_entry_key* key_entry_create_rrset(struct regional* region, uint8_t* name, size_t namelen, uint16_t dclass, - struct ub_packed_rrset_key* rrset, uint8_t* sigalg, uint32_t now); + struct ub_packed_rrset_key* rrset, uint8_t* sigalg, time_t now); /** * Create a bad entry, in the given region. @@ -198,8 +198,8 @@ struct key_entry_key* key_entry_create_rrset(struct regional* region, * @return new key entry or NULL on alloc failure */ struct key_entry_key* key_entry_create_bad(struct regional* region, - uint8_t* name, size_t namelen, uint16_t dclass, uint32_t ttl, - uint32_t now); + uint8_t* name, size_t namelen, uint16_t dclass, time_t ttl, + time_t now); /** * Obtain rrset from a key entry, allocated in region. diff --git a/validator/val_neg.c b/validator/val_neg.c index 83f0df5a3..e8d9d56ad 100644 --- a/validator/val_neg.c +++ b/validator/val_neg.c @@ -917,7 +917,7 @@ static int neg_closest_data(struct val_neg_zone* zone, } int val_neg_dlvlookup(struct val_neg_cache* neg, uint8_t* qname, size_t len, - uint16_t qclass, struct rrset_cache* rrset_cache, uint32_t now) + uint16_t qclass, struct rrset_cache* rrset_cache, time_t now) { /* lookup closest zone */ struct val_neg_zone* zone; @@ -1138,7 +1138,7 @@ static struct ub_packed_rrset_key* grab_nsec(struct rrset_cache* rrset_cache, uint8_t* qname, size_t qname_len, uint16_t qtype, uint16_t qclass, uint32_t flags, struct regional* region, int checkbit, uint16_t checktype, - uint32_t now) + time_t now) { struct ub_packed_rrset_key* r, *k = rrset_cache_lookup(rrset_cache, qname, qname_len, qtype, qclass, flags, now, 0); @@ -1225,7 +1225,7 @@ neg_params_ok(struct val_neg_zone* zone, struct ub_packed_rrset_key* rrset) static struct ub_packed_rrset_key* neg_nsec3_getnc(struct val_neg_zone* zone, uint8_t* hashnc, size_t nclen, struct rrset_cache* rrset_cache, struct regional* region, - uint32_t now, uint8_t* b32, size_t maxb32) + time_t now, uint8_t* b32, size_t maxb32) { struct ub_packed_rrset_key* nc_rrset; struct val_neg_data* data; @@ -1258,7 +1258,7 @@ neg_nsec3_getnc(struct val_neg_zone* zone, uint8_t* hashnc, size_t nclen, static struct dns_msg* neg_nsec3_proof_ds(struct val_neg_zone* zone, uint8_t* qname, size_t qname_len, int qlabs, ldns_buffer* buf, struct rrset_cache* rrset_cache, - struct regional* region, uint32_t now, uint8_t* topname) + struct regional* region, time_t now, uint8_t* topname) { struct dns_msg* msg; struct val_neg_data* data; @@ -1356,7 +1356,7 @@ neg_nsec3_proof_ds(struct val_neg_zone* zone, uint8_t* qname, size_t qname_len, * @param zone: val_neg_zone if we have one. * @return false on lookup or alloc failure. */ -static int add_soa(struct rrset_cache* rrset_cache, uint32_t now, +static int add_soa(struct rrset_cache* rrset_cache, time_t now, struct regional* region, struct dns_msg* msg, struct val_neg_zone* zone) { struct ub_packed_rrset_key* soa; @@ -1388,7 +1388,7 @@ static int add_soa(struct rrset_cache* rrset_cache, uint32_t now, struct dns_msg* val_neg_getmsg(struct val_neg_cache* neg, struct query_info* qinfo, struct regional* region, struct rrset_cache* rrset_cache, - ldns_buffer* buf, uint32_t now, int addsoa, uint8_t* topname) + ldns_buffer* buf, time_t now, int addsoa, uint8_t* topname) { struct dns_msg* msg; struct ub_packed_rrset_key* rrset; diff --git a/validator/val_neg.h b/validator/val_neg.h index 01b423e1a..ec4f42f6a 100644 --- a/validator/val_neg.h +++ b/validator/val_neg.h @@ -229,7 +229,7 @@ void val_neg_addreferral(struct val_neg_cache* neg, struct reply_info* rep, * thus, qname DLV qclass does not exist. */ int val_neg_dlvlookup(struct val_neg_cache* neg, uint8_t* qname, size_t len, - uint16_t qclass, struct rrset_cache* rrset_cache, uint32_t now); + uint16_t qclass, struct rrset_cache* rrset_cache, time_t now); /** * For the given query, try to get a reply out of the negative cache. @@ -255,7 +255,7 @@ int val_neg_dlvlookup(struct val_neg_cache* neg, uint8_t* qname, size_t len, */ struct dns_msg* val_neg_getmsg(struct val_neg_cache* neg, struct query_info* qinfo, struct regional* region, - struct rrset_cache* rrset_cache, ldns_buffer* buf, uint32_t now, + struct rrset_cache* rrset_cache, ldns_buffer* buf, time_t now, int addsoa, uint8_t* topname); diff --git a/validator/val_nsec.c b/validator/val_nsec.c index 8bda8dabc..e377ca4b9 100644 --- a/validator/val_nsec.c +++ b/validator/val_nsec.c @@ -197,7 +197,7 @@ nsec_verify_rrset(struct module_env* env, struct val_env* ve, enum sec_status val_nsec_prove_nodata_dsreply(struct module_env* env, struct val_env* ve, struct query_info* qinfo, struct reply_info* rep, - struct key_entry_key* kkey, uint32_t* proof_ttl, char** reason) + struct key_entry_key* kkey, time_t* proof_ttl, char** reason) { struct ub_packed_rrset_key* nsec = reply_find_rrset_section_ns( rep, qinfo->qname, qinfo->qname_len, LDNS_RR_TYPE_NSEC, diff --git a/validator/val_nsec.h b/validator/val_nsec.h index 34f7f63b4..2e86fa978 100644 --- a/validator/val_nsec.h +++ b/validator/val_nsec.h @@ -73,7 +73,7 @@ struct key_entry_key; enum sec_status val_nsec_prove_nodata_dsreply(struct module_env* env, struct val_env* ve, struct query_info* qinfo, struct reply_info* rep, struct key_entry_key* kkey, - uint32_t* proof_ttl, char** reason); + time_t* proof_ttl, char** reason); /** * nsec typemap check, takes an NSEC-type bitmap as argument, checks for type. diff --git a/validator/val_secalgo.c b/validator/val_secalgo.c index 5cca578b1..92fd0cc4c 100644 --- a/validator/val_secalgo.c +++ b/validator/val_secalgo.c @@ -669,12 +669,12 @@ static SECKEYPublicKey* nss_buf2ecdsa(unsigned char* key, size_t len, int algo) SECKEYPublicKey* pk; SECItem pub = {siBuffer, NULL, 0}; SECItem params = {siBuffer, NULL, 0}; - unsigned char param256[] = { + static unsigned char param256[] = { /* OBJECTIDENTIFIER 1.2.840.10045.3.1.7 (P-256) * {iso(1) member-body(2) us(840) ansi-x962(10045) curves(3) prime(1) prime256v1(7)} */ 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07 }; - unsigned char param384[] = { + static unsigned char param384[] = { /* OBJECTIDENTIFIER 1.3.132.0.34 (P-384) * {iso(1) identified-organization(3) certicom(132) curve(0) ansip384r1(34)} */ 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22 @@ -845,19 +845,19 @@ nss_setup_key_digest(int algo, SECKEYPublicKey** pubkey, HASH_HashType* htype, /* uses libNSS */ /* hash prefix for md5, RFC2537 */ - unsigned char p_md5[] = {0x30, 0x20, 0x30, 0x0c, 0x06, 0x08, 0x2a, + static unsigned char p_md5[] = {0x30, 0x20, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x05, 0x05, 0x00, 0x04, 0x10}; /* hash prefix to prepend to hash output, from RFC3110 */ - unsigned char p_sha1[] = {0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2B, + static unsigned char p_sha1[] = {0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x05, 0x00, 0x04, 0x14}; /* from RFC5702 */ - unsigned char p_sha256[] = {0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, + static unsigned char p_sha256[] = {0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20}; - unsigned char p_sha512[] = {0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, + static unsigned char p_sha512[] = {0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40}; /* from RFC6234 */ /* for future RSASHA384 .. - unsigned char p_sha384[] = {0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, + static unsigned char p_sha384[] = {0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, 0x05, 0x00, 0x04, 0x30}; */ diff --git a/validator/val_sigcrypt.c b/validator/val_sigcrypt.c index 4642ea6da..37e1ce14e 100644 --- a/validator/val_sigcrypt.c +++ b/validator/val_sigcrypt.c @@ -579,7 +579,7 @@ dnskey_verify_rrset(struct module_env* env, struct val_env* ve, enum sec_status dnskeyset_verify_rrset_sig(struct module_env* env, struct val_env* ve, - uint32_t now, struct ub_packed_rrset_key* rrset, + time_t now, struct ub_packed_rrset_key* rrset, struct ub_packed_rrset_key* dnskey, size_t sig_idx, struct rbtree_t** sortree, char** reason) { @@ -1220,12 +1220,12 @@ adjust_ttl(struct val_env* ve, uint32_t unow, * * Use the smallest of these. */ - if(d->ttl > (uint32_t)origttl) { + if(d->ttl > (time_t)origttl) { verbose(VERB_QUERY, "rrset TTL larger than original TTL," " adjusting TTL downwards"); d->ttl = origttl; } - if(expittl > 0 && d->ttl > (uint32_t)expittl) { + if(expittl > 0 && d->ttl > (time_t)expittl) { verbose(VERB_ALGO, "rrset TTL larger than sig expiration ttl," " adjusting TTL downwards"); d->ttl = expittl; @@ -1234,7 +1234,7 @@ adjust_ttl(struct val_env* ve, uint32_t unow, enum sec_status dnskey_verify_rrset_sig(struct regional* region, ldns_buffer* buf, - struct val_env* ve, uint32_t now, + struct val_env* ve, time_t now, struct ub_packed_rrset_key* rrset, struct ub_packed_rrset_key* dnskey, size_t dnskey_idx, size_t sig_idx, struct rbtree_t** sortree, int* buf_canon, char** reason) diff --git a/validator/val_sigcrypt.h b/validator/val_sigcrypt.h index c220b0083..9859d3c39 100644 --- a/validator/val_sigcrypt.h +++ b/validator/val_sigcrypt.h @@ -274,7 +274,7 @@ enum sec_status dnskey_verify_rrset(struct module_env* env, * or unchecked on error. */ enum sec_status dnskeyset_verify_rrset_sig(struct module_env* env, - struct val_env* ve, uint32_t now, struct ub_packed_rrset_key* rrset, + struct val_env* ve, time_t now, struct ub_packed_rrset_key* rrset, struct ub_packed_rrset_key* dnskey, size_t sig_idx, struct rbtree_t** sortree, char** reason); @@ -298,7 +298,7 @@ enum sec_status dnskeyset_verify_rrset_sig(struct module_env* env, * bogus if it did not validate. */ enum sec_status dnskey_verify_rrset_sig(struct regional* region, - ldns_buffer* buf, struct val_env* ve, uint32_t now, + ldns_buffer* buf, struct val_env* ve, time_t now, struct ub_packed_rrset_key* rrset, struct ub_packed_rrset_key* dnskey, size_t dnskey_idx, size_t sig_idx, struct rbtree_t** sortree, int* buf_canon, char** reason); diff --git a/validator/val_utils.c b/validator/val_utils.c index 768f2368a..73e7dbd90 100644 --- a/validator/val_utils.c +++ b/validator/val_utils.c @@ -486,7 +486,7 @@ val_verify_DNSKEY_with_DS(struct module_env* env, struct val_env* ve, /* Once we see a single DS with a known digestID and * algorithm, we cannot return INSECURE (with a * "null" KeyEntry). */ - has_useful_ds = true; + has_useful_ds = 1; sec = verify_dnskeys_with_ds_rr(env, ve, dnskey_rrset, ds_rrset, i, reason); @@ -596,7 +596,7 @@ val_verify_DNSKEY_with_TA(struct module_env* env, struct val_env* ve, /* Once we see a single DS with a known digestID and * algorithm, we cannot return INSECURE (with a * "null" KeyEntry). */ - has_useful_ta = true; + has_useful_ta = 1; sec = verify_dnskeys_with_ds_rr(env, ve, dnskey_rrset, ta_ds, i, reason); @@ -622,7 +622,7 @@ val_verify_DNSKEY_with_TA(struct module_env* env, struct val_env* ve, continue; /* we saw a useful TA */ - has_useful_ta = true; + has_useful_ta = 1; sec = dnskey_verify_rrset(env, ve, dnskey_rrset, ta_dnskey, i, reason); diff --git a/validator/validator.c b/validator/validator.c index c90e57ebc..3be745b27 100644 --- a/validator/validator.c +++ b/validator/validator.c @@ -2406,7 +2406,7 @@ ds_response_to_ke(struct module_qstate* qstate, struct val_qstate* vq, subtype == VAL_CLASS_NAMEERROR) { /* NODATA means that the qname exists, but that there was * no DS. This is a pretty normal case. */ - uint32_t proof_ttl = 0; + time_t proof_ttl = 0; enum sec_status sec; /* make sure there are NSECs or NSEC3s with signatures */ -- 2.47.2