#include "dnssectool.h"
/*
- * These are are set here for backwards compatibility. They are
+ * These are set here for backwards compatibility. They are
* raised to 2048 in FIPS mode.
*/
static int min_rsa = 1024;
dns_diff_init(isc_g_mctx, &diff);
/*
- * Update keylist with information from from the key repository.
+ * Update keylist with information from the key repository.
*/
dns_dnssec_updatekeys(&keylist, &matchkeys, NULL, gorigin, keyttl,
&diff, isc_g_mctx, report);
cleanup_tls:
/*
* Detach the TLS client context (whether the one created at the
- * begining of this function, or the previous running one)
+ * beginning of this function, or the previous running one)
*/
isc_tlsctx_cache_detach(&tlsctx_client_cache);
RETERR(isc_netaddr_totext(na, &addrb));
/*
- * IDN compatibility, as an IPv6 begining or ending with `::` will be
+ * IDN compatibility, as an IPv6 beginning or ending with `::` will be
* converted into `--` and RFC5890 section 2.3.1 states that an IDN
* label can't start or end with an hyphen.
*/
}
RUNTIME_CHECK(result == ISC_R_NOMORE);
isc_ht_iter_destroy(&iter2);
- /* At this moment catz->entries has to be be empty. */
+ /* At this moment catz->entries has to be empty. */
INSIST(isc_ht_count(catz->entries) == 0);
isc_ht_destroy(&catz->entries);
if (result == ISC_R_SUCCESS) {
/*
* A node at the same zonecut exists, and it is expired. Ignore
- * the return value, in case the overriden node would be removed
- * in meantime by someone else.
+ * the return value, in case the overridden node would be
+ * removed in meantime by someone else.
*/
(void)dns_qp_deletename(qp, zonecut, DNS_DBNAMESPACE_NORMAL,
NULL, NULL);
}
/*
- * Posible mapping of IPV4ONLY.ARPA A records into AAAA records
+ * Possible mapping of IPV4ONLY.ARPA A records into AAAA records
* for valid RFC6052 prefixes.
*/
static struct {
}
/*%<
- * Indicate whether a key is scheduled to to have CDS/CDNSKEY records
+ * Indicate whether a key is scheduled to have CDS/CDNSKEY records
* published now.
*
* Returns true if.
}
/*%<
- * Indicate whether a key is scheduled to to have CDS/CDNSKEY records
+ * Indicate whether a key is scheduled to have CDS/CDNSKEY records
* deleted now.
*
* Returns true if:
};
/*!<
- * When the caller recieves a callback from dns_adb_createfind(), the
+ * When the caller receives a callback from dns_adb_createfind(), the
* argument will a pointer to the dns_adbfind_t structure, which includes
* this includes a copy of the callback function and argument passed to
* dns_adb_createfind(), and a dns_adbstatus_t in the 'status' field,
*/
/*
- * Logarithms of hash set sizes. In the usual (small) case, allow for for a
+ * Logarithms of hash set sizes. In the usual (small) case, allow for a
* few dozen names in the hash set. (We can't actually use every slot because
* space is reserved for performance reasons.) For large messages, the number
* of names is limited by the minimum size of an RR (owner, type, class, ttl,
*
* \li 'db' is a valid database with zone semantics.
*
- * \li versionp != NULL && *verisonp == NULL
+ * \li versionp != NULL && *versionp == NULL
*
* Ensures:
*
*
* \li 'db' is a valid database with zone semantics.
*
- * \li versionp != NULL && *verisonp == NULL
+ * \li versionp != NULL && *versionp == NULL
*
* Ensures:
*
*
* Note: a NULL transport is different from a non-NULL transport of type
* DNS_TRANSPORT_TCP, though currently their behavior is the same.
- * This allows for different types of transactions to be seperated
+ * This allows for different types of transactions to be separated
* in the future if needed.
*
* Requires:
* as dns_nametree_add() before the name is removed from the tree.
*
* If the nametree type was set to DNS_NAMETREE_BITS, then 'value' is
- * a bit number within a bit field, which is sized to accomodate at least
+ * a bit number within a bit field, which is sized to accommodate at least
* 'value' bits. If the name already exists, then that bit will be set
* in the bitfield, other bits will be retained, and ISC_R_SUCCESS will be
- * returned. If 'value' excees the number of bits in the existing bit
+ * returned. If 'value' exceeds the number of bits in the existing bit
* field, the field will be expanded.
*
* Requires:
/***********************************************************************
*
- * functions - create, destory, enquire
+ * functions - create, destroy, enquire
*/
void
* The following are implementation functions for list-based rdatasets.
* They are called by rdataset implementations in rdatalist.c, sdlz.c,
* and builtin.c. They are not meant to be used directly by callers of
- * those implmentations.
+ * those implementations.
*/
void
dns_rdatalist_disassociate(dns_rdataset_t *rdatasetp DNS__DB_FLARG);
/*%<
* Method prototype. Drivers implementing the SDLZ interface MUST
* supply a find zone method. This method is called when the DNS
- * server is performing a query to to determine if 'name' is a
+ * server is performing a query to determine if 'name' is a
* supported dns zone. The find zone method will be called with the
* longest possible name first, and continue to be called with
* successively shorter domain names, until any of the following
/*%<
* This function may optionally be called from the 'authority'
* callback to simplify construction of the SOA record for 'zone'. It
- * will provide a SOA listing 'mname' as as the primary server and
+ * will provide a SOA listing 'mname' as the primary server and
* 'rname' as the responsible person mailbox. It is the
* responsibility of the driver to increment the serial number between
* responses if necessary. All other SOA fields will have reasonable
* In dns_ssutable_checkrules(), 'addr' should only be
* set if the request received via TCP. This provides a
* weak assurance that the request was not spoofed.
- * 'addr' is to to validate dns_ssumatchtype_tcpself
+ * 'addr' is to validate dns_ssumatchtype_tcpself
* and dns_ssumatchtype_6to4self rules.
*
* In dns_ssutable_checkrules2(), 'addr' can also be passed for
* and will not expire if inception == expire.
*
* If generated is true (meaning the key was generated
- * via TKEY negotation), the creating identity (if any), should
+ * via TKEY negotiation), the creating identity (if any), should
* be specified in the creator parameter.
*
* If restored is true, this indicates the key was restored from
* and 'rawversion' is ignored.
*
* If 'format' is dns_masterformat_raw, 'style' is ignored, and
- * 'rawversion" specifies the format verson of the raw zone file:
+ * 'rawversion" specifies the format version of the raw zone file:
* version 0 raw files can be read by all BIND 9 releases;
* version 1 was introduced in BIND 9.9.
*
* Requires:
*\li 'zone' to be a valid initialised zone.
*\li 'mctx' is not NULL.
- *\li 'keys' is not NULL and has enough space form 'nkeys' keys.
+ *\li 'keys' is not NULL and has enough space for 'nkeys' keys.
*\li 'nkeys' is not NULL.
*
* Returns:
/*%<
* Set the post load integrity callback function 'checkisserverby'.
* 'checkisserverby' will be called if the NS TARGET is not within
- * the zone and there are A or AAAA records in the the zone.
+ * the zone and there are A or AAAA records in the zone.
*
* Require:
* 'zone' to be a valid zone.
unsigned int length);
/*%<
* If 'algorithm' is PRIVATEOID or PRIVATEDNS, extract the DNSSEC private
- * algorithm encoded at the begining of data and return the DST algorithm
+ * algorithm encoded at the beginning of data and return the DST algorithm
* number that corresponds to it; if the algorithm is unknown to DST,
* return 0.
*
*
* > In this scheme, an entire domain name or a list of labels at the
* > end of a domain name is replaced with a pointer to a prior
- * > occurance of the same name.
+ * > occurrence of the same name.
*
* The key word is "prior". This says that compression pointers must
* point strictly earlier in the message (before our "marker" variable),
*
* This table only handles the first bit in an escape sequence; we
* arrange that we can calculate the byte value for both bits by
- * adding the the second bit to the first bit's byte value.
+ * adding the second bit to the first bit's byte value.
*/
uint8_t dns_qp_byte_for_bit[SHIFT_OFFSET] = { 0 };
* In a branch node:
* - The 64-bit word is subdivided into three portions: the least
* significant bits are the node type (for a branch, 0x1); the
- * most sigificant 15 bits are an offset value into the key, and
+ * most significant 15 bits are an offset value into the key, and
* the 47 bits in the middle are a bitmap; see the documentation
* for the SHIFT_* enum below.
* - The 32-bit word is a reference (dns_qpref_t) to the packed sparse
*
* Packed reader nodes save us from having to track `dns_qpread_t`
* objects as distinct allocations: the packed reader nodes get
- * reclaimed when the the chunk containing their cells is reclaimed.
+ * reclaimed when the chunk containing their cells is reclaimed.
* When a real `dns_qpread_t` object is needed, it is allocated on the
* stack (it must not live longer than a isc_loop callback) and the
* packed reader is unpacked into it.
* and the database have both released the object) the object
* is freed.
*
- * Whenever 'erefs' is incremented from zero, we also aquire a
+ * Whenever 'erefs' is incremented from zero, we also acquire a
* node use reference (see 'qpcache->references' below), and
* release it when 'erefs' goes back to zero. This prevents the
* database from being shut down until every caller has released
* and the database have both released the object) the object
* is freed.
*
- * Whenever 'erefs' is incremented from zero, we also aquire a
+ * Whenever 'erefs' is incremented from zero, we also acquire a
* node use reference (see 'qpzonedb->references' below), and
* release it when 'erefs' goes back to zero. This prevents the
* database from being shut down until every caller has released
INSIST(node->nspace == DNS_DBNAMESPACE_NSEC3 || !nsec3);
}
/*
- * ... if the lookup is unsucessful, and the caller didn't ask us
+ * ... if the lookup is unsuccessful, and the caller didn't ask us
* to create a new node, there is nothing to do. Return the result
* of the lookup to the caller, and set *nodep to NULL
*/
/* FALLTHROUGH */
case nonsec3:
/*
- * The final non-nsec node is before the the NSEC origin node.
+ * The final non-nsec node is before the NSEC origin node.
*/
result = dns_qp_lookup(qpdbiter->snap, &qpdb->common.origin,
DNS_DBNAMESPACE_NSEC, &qpdbiter->iter,
}
/*
- * Handle SPF exists targets when the seperating label is:
+ * Handle SPF exists targets when the separating label is:
* - "_spf" RFC7208, section 5.7
* - "_spf_verify" RFC7208, Appendix D1
* - "_spf_rate" RFC7208, Appendix D1
}
/*
- * But don't wait past the the final expiration of the fetch,
+ * But don't wait past the final expiration of the fetch,
* or for more than 10 seconds total.
*/
if (us > limit) {
*
* Since there's a good chance the server is broken and won't answer either
* query, and since an ADB find with two pending fetches is a very rare
- * occurrance anyway, we regard this theoretical SERVFAIL as the lesser
+ * occurrence anyway, we regard this theoretical SERVFAIL as the lesser
* evil.
*/
static bool
}
/*
- * We have got a CNAME or DNAME respone to the NS query
+ * We have got a CNAME or DNAME response to the NS query
* so we are done in almost all cases.
*/
if ((result == DNS_R_CNAME || result == DNS_R_DNAME) &&
* it is okay to skip recursion. After the first zone
* that has to wait for recursion, all the others have
* to wait as well, so we want to create a mask in which
- * all the trailing zeroes in zbits_req are are 1, and
+ * all the trailing zeroes in zbits_req are 1, and
* more significant bits are 0. (For instance,
* 0x0700 => 0x00ff, 0x0007 => 0x0000)
*/
/*
* Get a modulus for a hash function that is tolerably likely to be
- * relatively prime to most inputs. Of course, we get a prime for for initial
+ * relatively prime to most inputs. Of course, we get a prime for initial
* values not larger than the square of the last prime. We often get a prime
* after that.
* This works well in practice for hash tables up to at least 100
ucentry_backoff(const dns_unreachcache_t *uc, const isc_stdtime_t now,
dns_ucentry_t *new, const dns_ucentry_t *old) {
/*
- * Perform exponential backoff if this is an expired entry wating to be
+ * Perform exponential backoff if this is an expired entry waiting to be
* evicted. Otherwise it's a duplicate entry and no backoff is required
* as we will just update the cache with a new entry that has the same
* expiration time as the old one, but calculated freshly, based on the
* one value per bucket. There are CHUNKSIZE values before chunk 1
* which map to chunk 0, so it also has one value per bucket. (Hence
* the first two chunks have one value per bucket.) The values in
- * chunk 0 correspond to denormal nubers in floating point terms.
+ * chunk 0 correspond to denormal numbers in floating point terms.
* They are also the values where `63 - sigbits - clz` would be less
* than one if denormals were not handled specially.
*
}
static bool
-hashtable_is_overcommited(isc_ht_t *ht) {
+hashtable_is_overcommitted(isc_ht_t *ht) {
return ht->count >= (ht->size[ht->hindex] * HT_OVERCOMMIT);
}
if (rehashing_in_progress(ht)) {
/* Rehash in progress */
hashtable_rehash_one(ht);
- } else if (hashtable_is_overcommited(ht)) {
+ } else if (hashtable_is_overcommitted(ht)) {
/* Rehash requested */
maybe_rehash(ht, ht->count);
}
* `isc_hex_decodestring()`, which can be directly used for simpler cases.
* However, for more complex cases (or cases which, for instance, must not have
* white spaces, or if the input is not a null-terminated string) using those
- * lower-level API might be usefull.
+ * lower-level API might be useful.
*/
void
/*!
* \file isc/hmac.h
- * \brief This is the header for for message authentication code.
+ * \brief This is the header for message authentication code.
*/
#pragma once
/*%
* These functions are wrappers around the corresponding stdio functions.
*
- * They return a detailed error code in the form of an an isc_result_t. ANSI C
+ * They return a detailed error code in the form of an isc_result_t. ANSI C
* does not guarantee that stdio functions set errno, hence these functions
* must use platform dependent methods (e.g., the POSIX errno) to construct the
* error code.
void
isc_tlsctx_enable_http2server_alpn(isc_tlsctx_t *ctx);
/*%<
- * Enable HTTP/2 Application Layer Protocol Negotation for 'ctx'.
+ * Enable HTTP/2 Application Layer Protocol Negotiation for 'ctx'.
*
* Requires:
*\li 'ctx' is not NULL.
void
isc_tlsctx_enable_dot_server_alpn(isc_tlsctx_t *ctx);
/*%<
- * Enable DoT Application Layer Protocol Negotation for 'ctx'.
+ * Enable DoT Application Layer Protocol Negotiation for 'ctx'.
*
* Requires:
*\li 'ctx' is not NULL.
if (cb != NULL) {
/*
* Case 0: The callback is specified, that means that a DNS
- * message is ready. Let's flush the the buffer.
+ * message is ready. Let's flush the buffer.
*/
total = max_total_write_size;
} else if (max_total_write_size >= FLUSH_HTTP_WRITE_BUFFER_AFTER) {
} else if (session->sending > 0 && total > 0) {
/*
* Case 2: There is one or more write requests in flight and
- * we have some new data form nghttp2 to send.
+ * we have some new data from nghttp2 to send.
* Then let's return from the function: as soon as the
- * "in-flight" write callback get's called or we have reached
+ * "in-flight" write callback gets called or we have reached
* FLUSH_HTTP_WRITE_BUFFER_AFTER bytes in the write buffer, we
* will flush the buffer. */
INSIST(cb == NULL);
/*
* We need to initialize the tcp and timer before failing because
- * isc__nm_tcp_close() can't handle uninitalized TCP nmsocket.
+ * isc__nm_tcp_close() can't handle uninitialized TCP nmsocket.
*/
if (isc__nmsocket_closing(csock)) {
CLEANUP(ISC_R_CANCELED);
}
decoder->_hex_count = 0;
decoder->_state = CHUNKED_IN_CHUNK_EXT;
- /* fallthru */
+ /* fall through */
case CHUNKED_IN_CHUNK_EXT:
/* RFC 7230 A.2 "Line folding in chunk extensions is
* disallowed" */
}
}
decoder->_state = CHUNKED_IN_CHUNK_DATA;
- /* fallthru */
+ /* fall through */
case CHUNKED_IN_CHUNK_DATA: {
size_t avail = bufsz - src;
if (avail < decoder->bytes_left_in_chunk) {
decoder->bytes_left_in_chunk = 0;
decoder->_state = CHUNKED_IN_CHUNK_CRLF;
}
- /* fallthru */
+ /* fall through */
case CHUNKED_IN_CHUNK_CRLF:
for (;; ++src) {
if (src == bufsz) {
goto Complete;
}
decoder->_state = CHUNKED_IN_TRAILERS_LINE_MIDDLE;
- /* fallthru */
+ /* fall through */
case CHUNKED_IN_TRAILERS_LINE_MIDDLE:
for (;; ++src) {
if (src == bufsz) {
#endif /* HAVE_LIBNGHTTP2 */
static isc_result_t
-check_tls_defintion(const cfg_obj_t *tlsobj, const char *name,
- isc_symtab_t *symtab) {
+check_tls_definition(const cfg_obj_t *tlsobj, const char *name,
+ isc_symtab_t *symtab) {
isc_result_t result = ISC_R_SUCCESS, tresult;
const cfg_obj_t *tls_proto_list = NULL, *tls_key = NULL,
*tls_cert = NULL, *tls_ciphers = NULL,
const char *name;
obj = cfg_listelt_value(elt);
name = cfg_obj_asstring(cfg_map_getname(obj));
- tresult = check_tls_defintion(obj, name, symtab);
+ tresult = check_tls_definition(obj, name, symtab);
if (result == ISC_R_SUCCESS) {
result = tresult;
}
* Construct a new dns_acl_t from configuration data in 'caml' and
* 'cctx'. Memory is allocated through 'mctx'.
*
- * Any named ACLs referred to within 'caml' will be be converted
+ * Any named ACLs referred to within 'caml' will be converted
* into nested dns_acl_t objects. Multiple references to the same
* named ACLs will be converted into shared references to a single
* nested dns_acl_t object when the referring objects were created
projects / thirdparty / bind9.git / commitdiff
