From c6cfa47213d79dc7cc2c147a672124df5b3f51c3 Mon Sep 17 00:00:00 2001 From: Yuri Schaeffer Date: Tue, 19 Feb 2013 09:05:35 +0000 Subject: [PATCH] Sync with trunk git-svn-id: file:///svn/unbound/branches/edns-subnet@2847 be551aaa-1e26-0410-a405-d3ace91eadb9 --- daemon/daemon.c | 7 ++++--- daemon/unbound.c | 3 ++- doc/Changelog | 22 ++++++++++++++++++++++ doc/libunbound.3.in | 1 + doc/unbound.doxygen | 14 +++++++++++++- iterator/iter_fwd.c | 4 +++- iterator/iter_hints.c | 4 +++- libunbound/libworker.c | 26 ++++++++++++++++++++++++-- libunbound/unbound.h | 6 ++++++ services/localzone.c | 4 ++-- smallapp/unbound-host.c | 3 ++- testcode/do-tests.sh | 2 +- testcode/ldns-testpkts.h | 2 +- testcode/mini_tpkg.sh | 16 +++++++++------- testcode/unitmain.c | 3 ++- testdata/common.sh | 2 +- testdata/fwd_zero.tpkg | Bin 1479 -> 1529 bytes testdata/nss_compile.tpkg | Bin 0 -> 1049 bytes util/iana_ports.inc | 1 + util/net_help.c | 6 +++--- util/netevent.c | 6 +++++- util/random.c | 8 +++++--- util/storage/lookup3.c | 14 ++++++++++++++ validator/val_nsec3.c | 3 ++- validator/val_secalgo.c | 14 ++++++++------ winrc/win_svc.c | 3 +++ 26 files changed, 137 insertions(+), 37 deletions(-) create mode 100644 testdata/nss_compile.tpkg diff --git a/daemon/daemon.c b/daemon/daemon.c index 40cca8e90..5b81859eb 100644 --- a/daemon/daemon.c +++ b/daemon/daemon.c @@ -57,7 +57,8 @@ #endif #ifdef HAVE_NSS -#include +/* nss3 */ +#include "nss.h" #endif #include @@ -215,7 +216,7 @@ daemon_init(void) comp_meth = (void*)SSL_COMP_get_compression_methods(); # endif (void)SSL_library_init(); -# if defined(OPENSSL_THREADS) && !defined(THREADS_DISABLED) +# if defined(HAVE_SSL) && defined(OPENSSL_THREADS) && !defined(THREADS_DISABLED) if(!ub_openssl_lock_init()) fatal_exit("could not init openssl locks"); # endif @@ -594,7 +595,7 @@ daemon_delete(struct daemon* daemon) ERR_remove_state(0); ERR_free_strings(); RAND_cleanup(); -# if defined(OPENSSL_THREADS) && !defined(THREADS_DISABLED) +# if defined(HAVE_SSL) && defined(OPENSSL_THREADS) && !defined(THREADS_DISABLED) ub_openssl_lock_delete(); # endif #elif defined(HAVE_NSS) diff --git a/daemon/unbound.c b/daemon/unbound.c index 87679a088..934b75f4b 100644 --- a/daemon/unbound.c +++ b/daemon/unbound.c @@ -88,7 +88,8 @@ #endif #ifdef HAVE_NSS -# include +/* nss3 */ +# include "nss.h" #endif /** global debug value to keep track of heap memory allocation */ diff --git a/doc/Changelog b/doc/Changelog index 46a97ae96..38290b03c 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,3 +1,25 @@ +15 February 2013: Wouter + - fix defines in lookup3 for bigendian bsd alpha + +11 February 2013: Wouter + - Fixup openssl_thread init code to only run if compiled with SSL. + +7 February 2013: Wouter + - detect endianness in lookup3 on BSD. + - add libunbound.ttl at end of result structure, version bump for + libunbound and binary backwards compatible, but 1.4.19 is not + forward compatible with 1.4.20. + - update iana port list. + +30 January 2013: Wouter + - includes and have_ssl fixes for nss. + +29 January 2013: Wouter + - printout name of zone with duplicate fwd and hint errors. + +28 January 2013: Wouter + - updated fwd_zero for newer nc. Updated common.sh for newer netstat. + 17 January 2013: Wouter - unbound-anchors checks the emailAddress of the signer of the root.xml file, default is dnssec@iana.org. It also checks that diff --git a/doc/libunbound.3.in b/doc/libunbound.3.in index c825c2eb4..ce9c059b3 100644 --- a/doc/libunbound.3.in +++ b/doc/libunbound.3.in @@ -359,6 +359,7 @@ The result of the DNS resolution and validation is returned as int secure; /* true if result is secure */ int bogus; /* true if a security failure happened */ char* why_bogus; /* string with error if bogus */ + int ttl; /* number of seconds the result is valid */ }; .fi .P diff --git a/doc/unbound.doxygen b/doc/unbound.doxygen index 290380c66..2ae3deca8 100644 --- a/doc/unbound.doxygen +++ b/doc/unbound.doxygen @@ -559,6 +559,12 @@ MAX_INITIALIZER_LINES = 30 SHOW_USED_FILES = YES +# If the sources in your project are distributed over multiple directories +# then setting the SHOW_DIRECTORIES tag to YES will show the directory hierarchy +# in the documentation. The default is NO. + +#SHOW_DIRECTORIES = YES + # Set the SHOW_FILES tag to NO to disable the generation of the Files page. # This will remove the Files entry from the Quick Index and from the # Folder Tree View (if specified). The default is YES. @@ -970,6 +976,12 @@ HTML_COLORSTYLE_GAMMA = 80 HTML_TIMESTAMP = YES +# If the HTML_ALIGN_MEMBERS tag is set to YES, the members of classes, +# files or namespaces will be aligned in HTML using tables. If set to +# NO a bullet list will be used. + +#HTML_ALIGN_MEMBERS = YES + # If the HTML_DYNAMIC_SECTIONS tag is set to YES then the generated HTML # documentation will contain sections that can be hidden and shown after the # page has loaded. @@ -1163,7 +1175,7 @@ GENERATE_TREEVIEW = NO # documentation. Note that a value of 0 will completely suppress the enum # values from appearing in the overview section. -ENUM_VALUES_PER_LINE = 4 +#USE_INLINE_TREES = NO # If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be # used to set the initial width (in pixels) of the frame in which the tree diff --git a/iterator/iter_fwd.c b/iterator/iter_fwd.c index 3f91b527f..0b3b6525c 100644 --- a/iterator/iter_fwd.c +++ b/iterator/iter_fwd.c @@ -128,7 +128,9 @@ forwards_insert_data(struct iter_forwards* fwd, uint16_t c, uint8_t* nm, node->namelabs = nmlabs; node->dp = dp; if(!rbtree_insert(fwd->tree, &node->node)) { - log_err("duplicate forward zone ignored."); + char buf[257]; + dname_str(nm, buf); + log_err("duplicate forward zone %s ignored.", buf); delegpt_free_mlc(dp); free(node->name); free(node); diff --git a/iterator/iter_hints.c b/iterator/iter_hints.c index 53ac8ff0f..cde3a7e1b 100644 --- a/iterator/iter_hints.c +++ b/iterator/iter_hints.c @@ -172,7 +172,9 @@ hints_insert(struct iter_hints* hints, uint16_t c, struct delegpt* dp, node->noprime = (uint8_t)noprime; if(!name_tree_insert(&hints->tree, &node->node, dp->name, dp->namelen, dp->namelabs, c)) { - log_err("second hints ignored."); + char buf[257]; + dname_str(dp->name, buf); + log_err("second hints for zone %s ignored.", buf); delegpt_free_mlc(dp); free(node); } diff --git a/libunbound/libworker.c b/libunbound/libworker.c index 78d71f8e3..89068a5ad 100644 --- a/libunbound/libworker.c +++ b/libunbound/libworker.c @@ -44,7 +44,9 @@ #include "config.h" #include #include +#ifdef HAVE_SSL #include +#endif #include "libunbound/libworker.h" #include "libunbound/context.h" #include "libunbound/unbound.h" @@ -88,7 +90,9 @@ libworker_delete(struct libworker* w) ub_randfree(w->env->rnd); free(w->env); } +#ifdef HAVE_SSL SSL_CTX_free(w->sslctx); +#endif outside_network_delete(w->back); comm_base_delete(w->base); free(w); @@ -417,15 +421,18 @@ fill_canon(struct ub_result* res, uint8_t* s) /** fill data into result */ static int fill_res(struct ub_result* res, struct ub_packed_rrset_key* answer, - uint8_t* finalcname, struct query_info* rq) + uint8_t* finalcname, struct query_info* rq, struct reply_info* rep) { size_t i; struct packed_rrset_data* data; + res->ttl = 0; if(!answer) { if(finalcname) { if(!fill_canon(res, finalcname)) return 0; /* out of memory */ } + if(rep->rrset_count != 0) + res->ttl = (int)rep->ttl; res->data = (char**)calloc(1, sizeof(char*)); res->len = (int*)calloc(1, sizeof(int)); return (res->data && res->len); @@ -446,6 +453,21 @@ fill_res(struct ub_result* res, struct ub_packed_rrset_key* answer, if(!res->data[i]) return 0; /* out of memory */ } + /* ttl for positive answers, from CNAME and answer RRs */ + if(data->count != 0) { + size_t j; + res->ttl = (int)data->ttl; + for(j=0; jan_numrrsets; j++) { + struct packed_rrset_data* d = + (struct packed_rrset_data*)rep->rrsets[j]-> + entry.data; + if((int)d->ttl < res->ttl) + res->ttl = (int)d->ttl; + } + } + /* ttl for negative answers */ + if(data->count == 0 && rep->rrset_count != 0) + res->ttl = (int)rep->ttl; res->data[data->count] = NULL; res->len[data->count] = 0; return 1; @@ -465,7 +487,7 @@ libworker_enter_result(struct ub_result* res, ldns_buffer* buf, return; /* error parsing buf, or out of memory */ } if(!fill_res(res, reply_find_answer_rrset(&rq, rep), - reply_find_final_cname_target(&rq, rep), &rq)) + reply_find_final_cname_target(&rq, rep), &rq, rep)) return; /* out of memory */ /* rcode, havedata, nxdomain, secure, bogus */ res->rcode = (int)FLAGS_GET_RCODE(rep->flags); diff --git a/libunbound/unbound.h b/libunbound/unbound.h index 085f9f534..d435bf28d 100644 --- a/libunbound/unbound.h +++ b/libunbound/unbound.h @@ -193,6 +193,12 @@ struct ub_result { * Is NULL if the result is not bogus. */ char* why_bogus; + + /** + * TTL for the result, in seconds. If the security is bogus, then + * you also cannot trust this value. + */ + int ttl; }; /** diff --git a/services/localzone.c b/services/localzone.c index 98d69433e..9fdab51c1 100644 --- a/services/localzone.c +++ b/services/localzone.c @@ -449,8 +449,8 @@ lz_enter_rr_into_zone(struct local_zone* z, ldns_buffer* buf, struct local_data* node; struct local_rrset* rrset; struct packed_rrset_data* pd; - uint16_t rrtype, rrclass; - uint32_t ttl; + uint16_t rrtype = 0, rrclass = 0; + uint32_t ttl = 0; if(!get_rr_content(rrstr, &nm, &rrtype, &rrclass, &ttl, buf)) { log_err("bad local-data: %s", rrstr); return 0; diff --git a/smallapp/unbound-host.c b/smallapp/unbound-host.c index ed52a551f..715aa4a65 100644 --- a/smallapp/unbound-host.c +++ b/smallapp/unbound-host.c @@ -62,7 +62,8 @@ #include "libunbound/unbound.h" #include #ifdef HAVE_NSS -#include +/* nss3 */ +#include "nss.h" #endif /** verbosity for unbound-host app */ diff --git a/testcode/do-tests.sh b/testcode/do-tests.sh index 84d2ef566..2fc677161 100755 --- a/testcode/do-tests.sh +++ b/testcode/do-tests.sh @@ -51,7 +51,7 @@ for test in `ls *.tpkg`; do fi fi if test $SKIP -eq 0; then - echo $test + #echo -n "$test " sh ../testcode/mini_tpkg.sh -a ../.. exe $test else echo "skip $test" diff --git a/testcode/ldns-testpkts.h b/testcode/ldns-testpkts.h index b6acacccb..26a71dad8 100644 --- a/testcode/ldns-testpkts.h +++ b/testcode/ldns-testpkts.h @@ -207,7 +207,7 @@ struct entry { /** * reads the canned reply file and returns a list of structs * does an exit on error. - * @param name: path of file + * @param name: name of the file to read. * @param skip_whitespace: skip leftside whitespace. */ struct entry* read_datafile(const char* name, int skip_whitespace); diff --git a/testcode/mini_tpkg.sh b/testcode/mini_tpkg.sh index ebf27a7d4..cdc334e21 100755 --- a/testcode/mini_tpkg.sh +++ b/testcode/mini_tpkg.sh @@ -26,7 +26,7 @@ if test "$1" = "report" || test "$2" = "report"; then fi else if test -f "result.$name"; then - echo "!! FAILED !! : $name" + echo "\033[01;31m!! FAILED !!\033[00m : $name" else echo ">> SKIPPED<< : $name" fi @@ -66,6 +66,8 @@ else shell="sh" fi +echo -n "$name: \t" + # check already done if test -f .done-$name; then echo "minitpkg .done-$name exists. skip test." @@ -73,7 +75,7 @@ if test -f .done-$name; then fi # Extract -echo "minitpkg extract $1 to $dir" +#echo "minitpkg extract $1 to $dir" mkdir $dir gzip -cd $name.tpkg | (cd $dir; tar xf -) cd $dir @@ -84,7 +86,7 @@ echo "minitpkg exe $name" > $result grep "Description:" $name.dsc >> $result 2>&1 echo "DateRunStart: "`date "+%s" 2>/dev/null` >> $result if test -f $name.pre; then - echo "minitpkg exe $name.pre" + #echo "minitpkg exe $name.pre" echo "minitpkg exe $name.pre" >> $result $shell $name.pre $args >> $result if test $? -ne 0; then @@ -92,22 +94,22 @@ if test -f $name.pre; then fi fi if test -f $name.test; then - echo "minitpkg exe $name.test" + #echo "minitpkg exe $name.test" echo "minitpkg exe $name.test" >> $result $shell $name.test $args >>$result 2>&1 if test $? -ne 0; then echo "$name: FAILED" >> $result - echo "$name: FAILED" + echo "\033[01;31mFAILED\033[00m" success="no" else echo "$name: PASSED" >> $result echo "$name: PASSED" > ../.done-$name - echo "$name: PASSED" + echo "\033[01;32mPASSED\033[00m" success="yes" fi fi if test -f $name.post; then - echo "minitpkg exe $name.post" + #echo "minitpkg exe $name.post" echo "minitpkg exe $name.post" >> $result $shell $name.post $args >> $result if test $? -ne 0; then diff --git a/testcode/unitmain.c b/testcode/unitmain.c index 6dcb95eb9..122f09b86 100644 --- a/testcode/unitmain.c +++ b/testcode/unitmain.c @@ -57,7 +57,8 @@ #endif #ifdef HAVE_NSS -#include "nss3/nss.h" +/* nss3 */ +#include "nss.h" #endif #include diff --git a/testdata/common.sh b/testdata/common.sh index 8e3b2293e..2a8ec7bb3 100644 --- a/testdata/common.sh +++ b/testdata/common.sh @@ -116,7 +116,7 @@ get_random_port () { # depending on uname try to check for collisions in port numbers case "`uname`" in linux|Linux) - plist=`netstat -n -A ip -A ip6 -a | sed -e 's/^.*:\([0-9]*\) .*$/\1/'` + plist=`netstat -n -A ip -A ip6 -a 2>/dev/null | sed -e 's/^.*:\([0-9]*\) .*$/\1/'` ;; FreeBSD|freebsd|NetBSD|netbsd|OpenBSD|openbsd) plist=`netstat -n -a | grep "^[ut][dc]p[46] " | sed -e 's/^.*\.\([0-9]*\) .*$/\1/'` diff --git a/testdata/fwd_zero.tpkg b/testdata/fwd_zero.tpkg index 151d695635f297aa1c65b4e3efc617dd93ec8766..adadef133c850ddf703d0804c19178e1758dbdc7 100644 GIT binary patch literal 1529 zc-jH^1qS*biwFR!5EW4X1MOM=bJ{i(@2}{ucyn?|dz+1n!EWi23jw;OYk?B7UT@oR z#unfOEZ4G2==G1^lfT7e$+Fv}+0ya|SbCD4-jnp6-p84)-0>$Ca?SO^>Z311lv1nF z0DS6}X{1k!%4b2K*L14avDvBv7V1=g1dT7G&j!UJvO`p5#p8&DH}|`(J+q^DJ`kFg z_rItFA-lsla6Qa={l@**80>^$n})1KVB*;1;Zi4lcZEEK3?9ez4AY1vgEmK7DOF9wqU%USe z@jtcVuI9KU{$tR``(M`$YSs*+Mlt?db;I1o|NEfl;M+?kSojeGb{c@Cd++v#CqJF^ zfL++jV8PIxmKxa|jb4LcQc6g-HyXYlA9t}2dD9xTUjh#t?lSlgtpog(Ldmc@c>NyU z4x!b8UcWmW_J^d^d3AO=!cY>d$DT`0yY10QzXxy6FqmP1tX8YaNw3l>T3Wr+cimyZ zujo{(QO%%Qon~5ed!7G*BRx>M-v4Fvyt_GW_5Zql)&FVT+WP-}Q0n$$0Y6@<(L7|fE1IB_icFZAkX-ghq=Jc?D%Jw;uqODNRPgjLC*mQFRut^)xiXAk zCBN;EgM4Qmavr69P(&!hL|SvX>hnnb5VLTtF1TYa=3GRH@GK8fKXIR-qS+X{`73#g z?Ybed^qQqn{OCtn&T*t{1H&zJ^ZkE!bKHvm3^T$14gA*XiT~@gzV-k6pey(<$pF44 z1XxB2q(2xPD5|FrZwkHx>O2JnpJ5iV0L=zPU4dYZz`VcevX50iUM!wVBYgrHr7~6u znR*FSV~9GEs0Ax8nx~l$OyUS5SCnN#KfniPf%?ParM*DwmMj~RgULgw4Q4o6Io&Gt zexhU@Cw1c~)l;vbWiqUUsAV>+r>1VY7BwBSK@HO|r>0A(f>vH!AUX;qVEmkzAN#P2 z=0FXK$O#)D4wt7`hHU(2+!qGu3rU)Y3*hrrx>eB}aZ#2?dIBMwhlApvFwsTmc-2OQ zNbXS)?-MY)p}}8PWmAD%xWr_58A+Z{5`>lm-=tE;T*Z(%bI!r`#fpW=iAWBCQpzut ze46YCRMMgSpK&`Dg5~udZnWf8*o7D2RVfcfQlt;y^10#tAHT==PwNf+^8KG-B=KKw zY~%lZ(AD>U{GQ`~X_h?T|J@w_IPgmgTn=k&M8TLO@|6#XpeyeL&oNAmF*}9)4Ood& zdK2^jT=`$o_5SY)=MLw%-T$ou|JC(c^8TN0{r_I**cPmpAgX-x$uBGv9`_OTX_R!B za6&JL62>S`&tyNCtRn_zodMvzxmW`xI4qR?U}}2{(njbgYaKg6;iH(rE87RaOrJK5 zXU*DEXm>Hep!6AeV|#vtU&Nu{h8n!n+FA=A-XH$VM%NXjjY4J#x+HDB3=jzVQIoWn zZifY!fFVL9m!+3%5j4plEZHRguR#V0pxg*`L|W9`On*r$zIY+?2oyDtM!8M$0xgPB f;MW=jwzQ=!ZD~te+R~P`^sUgJ?*oj104M+ewnqr* literal 1479 zc-jHS1vvU2iwFQ^231V}1ML`VbJ|AGU%6kg#f+UyD_IW^327J;AdS-m2*%B1+72V6 z0~CupS&v{c`SINo5|#+ACo>L7Q>`Dm+uOU{+q-?;bZL)2QlHDV< z^_mj*)oL~VCUBstHLa#8x~l63imKIB^#E#LNuC@;L1_8_2TLA>)c-d+>IeG}XumMc zp8uv}aW=g_9^!zF^?C0+f4!>W`K!8OXu7W9xLVWec>c=$iEumo&(9xs^?~{gQo{ce z9ysBu0U9YC0*e+>IQOY(2Mth3$>V<5fYU*LI65UI)P@wS0+-Jkz&I)4?V(o4eVkn` zBe7#o9hYJ!ViO)QTSg4xt+~&6xTX;bW#)pedp4IC52dS!`YXxhmg&xU5XOs7xxX}h zTl&ZuMM0A}GEPcIOxyMmg>FMu@JBs89ra^D%Y=Mu1%KzT+x|V&{r&N{%l@l1b<6+P zs(QV!|9!wA97+=84jv@wkQ_q5Bj2JB&M7R+0CfW&P*K9HVL7J^obWghqdp~nf;0tL zK9NK3awa30oXq$ej*ilWc8uq_gcNz-!DF*POq^RjH$=n^Yz`|N#D&pG@FjzIAz4Ub z@x_8OIhd16$92c(ouKmkZD%|<>trw&y=VQ4-WvO@59%wyZu_?b>mGUBZU6O6{I9B- zuzyV}?0+xt%nWERj;QJ3lRt2y4rdtkWrcKTVEK+0#)y$HIt;oX=wPx6DO_|0;8V|C zff=BN1RYFG$0cn{9Yn8VhPe1BqVUpW00yW^Lx0@R9znZ10!>jKlh>xhLj1!#1Z-c1 zw{lx<;m3K;W+s|$K-##-EY2=Sn=d>}1X$Q0?SyCtC~@d z<3ExW_P+<%ivMv~-DmtqwQfgs;b0uLNe3Krf-F6>M2F43Gz}nwVfSfSu*P~pYzln@ z#6<=yop26UqMCq76k?$f!d1BPDEtCfmW%A*!NPP=m<3IyJS5bbb0{}~S+HC#WqNHc zJeOj*ypS{056cPRq^dts)b%A-vVb>UfKoSV^+$$k*mcFQjGCewx-m6uMJdB4xW2YQ z@u&0}XOh}XG`k5Z`0;G#u$Q!FgfeXq+^zhEfh=I71mWhbCnKGx=C73K& zQol@`Dal-AU`qND?_unEy#M#&8lf@7p+h}UddP!;&lrZ zCFFK(7K{Y}3rOWvr*}Rcb*WJE3!s^LS*>}b!VyVo+^3bFvN8!o(zr#U zg?ULqyb5D9i2XXI#UN2Q4o>1H!M{#Vj&oW#J~>Xu*Kct#MJlHl{S|W0&CrBs61O%A zNP$7wYgb_cKC!J8qpTF~ov zhr|Amv^p;@&PV7_C$Y!FN*OJ}`OYcta7oxkl4H~3N}{Y#|i h_B!8zAr(+S0RhLV*KxPO=S4i(o0%55tzw z5^b}QNr9xAWXt~d9cB5EIFA8KS`_0CutoBI_uw5xozVI;mD7UfEXcSDH=Y4e6!khC zz-Qd+wr0;>WSE16Gmd-B4n%P$>b5ta^Blq4MyU-|7|Mk#4O92?9+TJmSUkTG zh+Fkvog1djQ~1DqbldHF>)&d{?RovX-Chh)GipWM4Tzq?`D6H>*MAc>eIIUD9ejV2 zY=V}hN*S05gDKUxefUfjjF1Hv6DEM0hPG10$Zz0}APB<16zAgrX+f>=JG^{3H*|*_ zy_6ayi{;AwNGjk0sxdBdIz*QR)tZZO?dqn&4KFuDgz(YKkasqb+6X#jXCCyylLZrj z$OSVw9cmnTyLK~zykO}>qFjKbyoOW?!$rv|Gag~NW^;~^1{ORaE5>Wca4_K-*kzIP zl$-p@LxoFjAR;49NMJL8`JPG<=m{A!b2_Exj2!=R(D!VT0*`Fwnb5gR`=0(RzSDY= zgyCAmA50M%gRf=97%oV-L;<8I>Zn9AHXGby{ut)i(Kyyhy33EeE+A z&(pUR&l3}qzX_S1;}ulpFr$W&w16tc`9io8s3Kp;!(g3Z2Ro|_GIO-Iw+EOA3;}F{ zJYpwU9;pm$)hVkaaDBZRyqC%{&%l;hGgB6|_R=UVja1C;tQNgWvud;pm~^EV_Dq*^C?R+O;_d_6>R(dJlzazHRP>#Z+|{mOH;M_fIa(W)Jm(iY}uEtw(OCv z_vc%3e?2R6FfGP>H9}vsa1%Fg68(+v7bc`8iV8GncVY# zS|MHN z7Y2V!CGfFICw%0e#F$c*X)-_qW2vqZAl8W#OqhfWrrAEjwkN~3gDgisvb;#hv10g# zU#oto5=^70TTR^=GmN0uezkn+5=ieEeR4h{|u4h{|u4h{|u4h{|u4h{|u T4h{|u&w_sdO4V8904M+em80}W literal 0 Hc-jL100001 diff --git a/util/iana_ports.inc b/util/iana_ports.inc index d6d2ceedf..3d26078f6 100644 --- a/util/iana_ports.inc +++ b/util/iana_ports.inc @@ -4664,6 +4664,7 @@ 7799, 7800, 7801, +7802, 7810, 7845, 7846, diff --git a/util/net_help.c b/util/net_help.c index 054fa5086..64bd876dc 100644 --- a/util/net_help.c +++ b/util/net_help.c @@ -726,7 +726,7 @@ void* outgoing_ssl_fd(void* sslctx, int fd) #endif } -#if defined(OPENSSL_THREADS) && !defined(THREADS_DISABLED) +#if defined(HAVE_SSL) && defined(OPENSSL_THREADS) && !defined(THREADS_DISABLED) /** global lock list for openssl locks */ static lock_basic_t *ub_openssl_locks = NULL; @@ -751,7 +751,7 @@ ub_crypto_lock_cb(int mode, int type, const char *ATTR_UNUSED(file), int ub_openssl_lock_init(void) { -#if defined(OPENSSL_THREADS) && !defined(THREADS_DISABLED) +#if defined(HAVE_SSL) && defined(OPENSSL_THREADS) && !defined(THREADS_DISABLED) int i; ub_openssl_locks = (lock_basic_t*)malloc( sizeof(lock_basic_t)*CRYPTO_num_locks()); @@ -768,7 +768,7 @@ int ub_openssl_lock_init(void) void ub_openssl_lock_delete(void) { -#if defined(OPENSSL_THREADS) && !defined(THREADS_DISABLED) +#if defined(HAVE_SSL) && defined(OPENSSL_THREADS) && !defined(THREADS_DISABLED) int i; if(!ub_openssl_locks) return; diff --git a/util/netevent.c b/util/netevent.c index 3c1c69d7e..e30302a47 100644 --- a/util/netevent.c +++ b/util/netevent.c @@ -95,7 +95,11 @@ # endif /* USE_WINSOCK */ #else /* USE_MINI_EVENT */ /* we use libevent */ -# include +# ifdef HAVE_EVENT_H +# include +# else +# include "event.h" +# endif #endif /* USE_MINI_EVENT */ /** diff --git a/util/random.c b/util/random.c index 5b61aef7f..5d71fcfa4 100644 --- a/util/random.c +++ b/util/random.c @@ -65,9 +65,11 @@ #include #include #elif defined(HAVE_NSS) -#include -#include -#include +/* nspr4 */ +#include "prerror.h" +/* nss3 */ +#include "secport.h" +#include "pk11pub.h" #endif /** diff --git a/util/storage/lookup3.c b/util/storage/lookup3.c index 8195775d1..a8c49863e 100644 --- a/util/storage/lookup3.c +++ b/util/storage/lookup3.c @@ -1,4 +1,5 @@ /* + February 2013(Wouter) patch defines for BSD endianness, from Brad Smith. January 2012(Wouter) added randomised initial value, fallout from 28c3. March 2007(Wouter) adapted from lookup3.c original, add config.h include. added #ifdef VALGRIND to remove 298,384,660 'unused variable k8' warnings. @@ -52,6 +53,12 @@ on 1 byte), but shoehorning those bytes into integers efficiently is messy. #ifdef linux # include /* attempt to define endianness */ #endif +#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__DragonFly__) +#include /* attempt to define endianness */ +#endif +#ifdef __OpenBSD__ +#include /* attempt to define endianness */ +#endif /* random initial value */ static uint32_t raninit = (uint32_t)0xdeadbeef; @@ -68,12 +75,19 @@ hash_set_raninit(uint32_t v) */ #if (defined(__BYTE_ORDER) && defined(__LITTLE_ENDIAN) && \ __BYTE_ORDER == __LITTLE_ENDIAN) || \ + (defined(_BYTE_ORDER) && defined(_LITTLE_ENDIAN) && \ + _BYTE_ORDER == _LITTLE_ENDIAN) || \ (defined(i386) || defined(__i386__) || defined(__i486__) || \ defined(__i586__) || defined(__i686__) || defined(vax) || defined(MIPSEL)) # define HASH_LITTLE_ENDIAN 1 # define HASH_BIG_ENDIAN 0 +#elif (!defined(_BYTE_ORDER) && !defined(__BYTE_ORDER) && defined(_BIG_ENDIAN)) +# define HASH_LITTLE_ENDIAN 0 +# define HASH_BIG_ENDIAN 1 #elif (defined(__BYTE_ORDER) && defined(__BIG_ENDIAN) && \ __BYTE_ORDER == __BIG_ENDIAN) || \ + (defined(_BYTE_ORDER) && defined(_BIG_ENDIAN) && \ + _BYTE_ORDER == _BIG_ENDIAN) || \ (defined(sparc) || defined(POWERPC) || defined(mc68000) || defined(sel)) # define HASH_LITTLE_ENDIAN 0 # define HASH_BIG_ENDIAN 1 diff --git a/validator/val_nsec3.c b/validator/val_nsec3.c index bb75aeb6f..20580c0d7 100644 --- a/validator/val_nsec3.c +++ b/validator/val_nsec3.c @@ -46,7 +46,8 @@ #include "openssl/ssl.h" #endif #ifdef HAVE_NSS -#include +/* nss3 */ +#include "sechash.h" #endif #include "validator/val_nsec3.h" #include "validator/validator.h" diff --git a/validator/val_secalgo.c b/validator/val_secalgo.c index 676399733..5cca578b1 100644 --- a/validator/val_secalgo.c +++ b/validator/val_secalgo.c @@ -553,12 +553,14 @@ verify_canonrrset(ldns_buffer* buf, int algo, unsigned char* sigblock, /**************************************************/ #elif defined(HAVE_NSS) /* libnss implementation */ -#include -#include -#include -#include -#include -#include +/* nss3 */ +#include "sechash.h" +#include "pk11pub.h" +#include "keyhi.h" +#include "secerr.h" +#include "cryptohi.h" +/* nspr4 */ +#include "prerror.h" size_t ds_digest_size_supported(int algo) diff --git a/winrc/win_svc.c b/winrc/win_svc.c index 7ac8b2611..cafda7bca 100644 --- a/winrc/win_svc.c +++ b/winrc/win_svc.c @@ -380,6 +380,9 @@ service_deinit(struct daemon* daemon, struct config_file* cfg) daemon_delete(daemon); } +#ifdef DOXYGEN +#define ATTR_UNUSED(x) x +#endif /** * The main function for the service. * Called by the services API when starting unbound on windows in background. -- 2.47.2