aboutsummaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
authorDoug Barton <dougb@FreeBSD.org>2010-03-02 19:49:55 +0000
committerDoug Barton <dougb@FreeBSD.org>2010-03-02 19:49:55 +0000
commit841024d54f1f0a07feccf84d8938b00bc1f362b5 (patch)
treec470abc978aa6ca4f6b0033d7e09c8b7b09cd629 /lib
parent51917575cfd35d6a201b010726ea7404a0f9bb7e (diff)
downloadsrc-841024d54f1f0a07feccf84d8938b00bc1f362b5.tar.gz
src-841024d54f1f0a07feccf84d8938b00bc1f362b5.zip
Vendor import of BIND 9.6.2vendor/bind9/9.6.2
Notes
Notes: svn path=/vendor/bind9/dist/; revision=204599 svn path=/vendor/bind9/9.6.2/; revision=204600; tag=vendor/bind9/9.6.2
Diffstat (limited to 'lib')
-rw-r--r--lib/dns/api4
-rw-r--r--lib/dns/db.c6
-rw-r--r--lib/dns/dispatch.c28
-rw-r--r--lib/dns/dnssec.c69
-rw-r--r--lib/dns/dst_api.c53
-rw-r--r--lib/dns/dst_internal.h12
-rw-r--r--lib/dns/dst_parse.c18
-rw-r--r--lib/dns/include/dns/db.h6
-rw-r--r--lib/dns/include/dns/dnssec.h8
-rw-r--r--lib/dns/include/dns/journal.h11
-rw-r--r--lib/dns/include/dns/keyvalues.h6
-rw-r--r--lib/dns/include/dns/name.h8
-rw-r--r--lib/dns/include/dns/ncache.h4
-rw-r--r--lib/dns/include/dns/nsec3.h4
-rw-r--r--lib/dns/include/dns/rbt.h6
-rw-r--r--lib/dns/include/dns/types.h2
-rw-r--r--lib/dns/include/dns/zone.h20
-rw-r--r--lib/dns/include/dst/dst.h6
-rw-r--r--lib/dns/journal.c99
-rw-r--r--lib/dns/masterdump.c2
-rw-r--r--lib/dns/message.c4
-rw-r--r--lib/dns/nsec3.c25
-rw-r--r--lib/dns/opensslrsa_link.c504
-rw-r--r--lib/dns/rbt.c35
-rw-r--r--lib/dns/rbtdb.c127
-rw-r--r--lib/dns/rcode.c6
-rw-r--r--lib/dns/rdata/generic/ipseckey_45.c3
-rw-r--r--lib/dns/resolver.c46
-rw-r--r--lib/dns/sdb.c6
-rw-r--r--lib/dns/sdlz.c6
-rw-r--r--lib/dns/spnego.c18
-rw-r--r--lib/dns/validator.c2
-rw-r--r--lib/dns/view.c5
-rw-r--r--lib/dns/zone.c211
-rw-r--r--lib/isc/api4
-rw-r--r--lib/isc/base32.c4
-rw-r--r--lib/isc/base64.c8
-rw-r--r--lib/isc/heap.c14
-rw-r--r--lib/isc/httpd.c45
-rw-r--r--lib/isc/ia64/include/isc/atomic.h8
-rw-r--r--lib/isc/include/isc/entropy.h14
-rw-r--r--lib/isc/include/isc/netscope.h6
-rw-r--r--lib/isc/include/isc/portset.h4
-rw-r--r--lib/isc/include/isc/sha2.h10
-rw-r--r--lib/isc/include/isc/util.h14
-rw-r--r--lib/isc/inet_ntop.c11
-rw-r--r--lib/isc/powerpc/include/isc/atomic.h53
-rw-r--r--lib/isc/random.c27
-rw-r--r--lib/isc/sha2.c27
-rw-r--r--lib/isc/unix/ifiter_getifaddrs.c6
-rw-r--r--lib/isc/unix/socket.c31
-rw-r--r--lib/isccc/api2
-rw-r--r--lib/isccfg/aclconf.c23
-rw-r--r--lib/isccfg/api2
-rw-r--r--lib/isccfg/include/isccfg/namedconf.h6
-rw-r--r--lib/lwres/api2
-rw-r--r--lib/lwres/context.c15
-rw-r--r--lib/lwres/getipnode.c100
-rw-r--r--lib/lwres/man/lwres.34
-rw-r--r--lib/lwres/man/lwres.html16
-rw-r--r--lib/lwres/man/lwres_buffer.34
-rw-r--r--lib/lwres/man/lwres_buffer.html8
-rw-r--r--lib/lwres/man/lwres_config.34
-rw-r--r--lib/lwres/man/lwres_config.html14
-rw-r--r--lib/lwres/man/lwres_context.34
-rw-r--r--lib/lwres/man/lwres_context.html12
-rw-r--r--lib/lwres/man/lwres_gabn.34
-rw-r--r--lib/lwres/man/lwres_gabn.html12
-rw-r--r--lib/lwres/man/lwres_gai_strerror.34
-rw-r--r--lib/lwres/man/lwres_gai_strerror.html10
-rw-r--r--lib/lwres/man/lwres_getaddrinfo.34
-rw-r--r--lib/lwres/man/lwres_getaddrinfo.html12
-rw-r--r--lib/lwres/man/lwres_gethostent.34
-rw-r--r--lib/lwres/man/lwres_gethostent.html14
-rw-r--r--lib/lwres/man/lwres_getipnode.34
-rw-r--r--lib/lwres/man/lwres_getipnode.html12
-rw-r--r--lib/lwres/man/lwres_getnameinfo.34
-rw-r--r--lib/lwres/man/lwres_getnameinfo.html14
-rw-r--r--lib/lwres/man/lwres_getrrsetbyname.34
-rw-r--r--lib/lwres/man/lwres_getrrsetbyname.html12
-rw-r--r--lib/lwres/man/lwres_gnba.34
-rw-r--r--lib/lwres/man/lwres_gnba.html12
-rw-r--r--lib/lwres/man/lwres_hstrerror.34
-rw-r--r--lib/lwres/man/lwres_hstrerror.html12
-rw-r--r--lib/lwres/man/lwres_inetntop.34
-rw-r--r--lib/lwres/man/lwres_inetntop.html12
-rw-r--r--lib/lwres/man/lwres_noop.34
-rw-r--r--lib/lwres/man/lwres_noop.html12
-rw-r--r--lib/lwres/man/lwres_packet.34
-rw-r--r--lib/lwres/man/lwres_packet.html10
-rw-r--r--lib/lwres/man/lwres_resutil.34
-rw-r--r--lib/lwres/man/lwres_resutil.html12
92 files changed, 1467 insertions, 613 deletions
diff --git a/lib/dns/api b/lib/dns/api
index 4bcf883246ce..1505071b41bd 100644
--- a/lib/dns/api
+++ b/lib/dns/api
@@ -1,3 +1,3 @@
-LIBINTERFACE = 53
-LIBREVISION = 0
+LIBINTERFACE = 55
+LIBREVISION = 1
LIBAGE = 0
diff --git a/lib/dns/db.c b/lib/dns/db.c
index a4c28641701f..02ea6b596ec8 100644
--- a/lib/dns/db.c
+++ b/lib/dns/db.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004, 2005, 2007, 2008 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004, 2005, 2007-2009 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2001, 2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: db.c,v 1.88 2008/09/24 02:46:22 marka Exp $ */
+/* $Id: db.c,v 1.88.50.2 2009/06/23 00:19:34 tbox Exp $ */
/*! \file */
@@ -854,12 +854,14 @@ dns_db_unregister(dns_dbimplementation_t **dbimp) {
RUNTIME_CHECK(isc_once_do(&once, initialize) == ISC_R_SUCCESS);
imp = *dbimp;
+ *dbimp = NULL;
RWLOCK(&implock, isc_rwlocktype_write);
ISC_LIST_UNLINK(implementations, imp, link);
mctx = imp->mctx;
isc_mem_put(mctx, imp, sizeof(dns_dbimplementation_t));
isc_mem_detach(&mctx);
RWUNLOCK(&implock, isc_rwlocktype_write);
+ ENSURE(*dbimp == NULL);
}
isc_result_t
diff --git a/lib/dns/dispatch.c b/lib/dns/dispatch.c
index 9b4e9685f408..1d04961277be 100644
--- a/lib/dns/dispatch.c
+++ b/lib/dns/dispatch.c
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: dispatch.c,v 1.155.12.7 2009/04/28 21:39:45 jinmei Exp $ */
+/* $Id: dispatch.c,v 1.155.12.11 2009/12/02 23:26:28 marka Exp $ */
/*! \file */
@@ -746,13 +746,19 @@ new_portentry(dns_dispatch_t *disp, in_port_t port) {
return (portentry);
}
+/*%
+ * The caller must not hold the qid->lock.
+ */
static void
deref_portentry(dns_dispatch_t *disp, dispportentry_t **portentryp) {
dispportentry_t *portentry = *portentryp;
+ dns_qid_t *qid;
REQUIRE(disp->port_table != NULL);
REQUIRE(portentry != NULL && portentry->refs > 0);
+ qid = DNS_QID(disp);
+ LOCK(&qid->lock);
portentry->refs--;
if (portentry->refs == 0) {
ISC_LIST_UNLINK(disp->port_table[portentry->port %
@@ -762,6 +768,7 @@ deref_portentry(dns_dispatch_t *disp, dispportentry_t **portentryp) {
}
*portentryp = NULL;
+ UNLOCK(&qid->lock);
}
/*%
@@ -779,8 +786,9 @@ socket_search(dns_qid_t *qid, isc_sockaddr_t *dest, in_port_t port,
dispsock = ISC_LIST_HEAD(qid->sock_table[bucket]);
while (dispsock != NULL) {
- if (isc_sockaddr_equal(dest, &dispsock->host) &&
- dispsock->portentry->port == port)
+ if (dispsock->portentry != NULL &&
+ dispsock->portentry->port == port &&
+ isc_sockaddr_equal(dest, &dispsock->host))
return (dispsock);
dispsock = ISC_LIST_NEXT(dispsock, blink);
}
@@ -2048,8 +2056,18 @@ dns_dispatchmgr_setudp(dns_dispatchmgr_t *mgr,
/* Create or adjust buffer pool */
if (mgr->bpool != NULL) {
- isc_mempool_setmaxalloc(mgr->bpool, maxbuffers);
- mgr->maxbuffers = maxbuffers;
+ /*
+ * We only increase the maxbuffers to avoid accidental buffer
+ * shortage. Ideally we'd separate the manager-wide maximum
+ * from per-dispatch limits and respect the latter within the
+ * global limit. But at this moment that's deemed to be
+ * overkilling and isn't worth additional implementation
+ * complexity.
+ */
+ if (maxbuffers > mgr->maxbuffers) {
+ isc_mempool_setmaxalloc(mgr->bpool, maxbuffers);
+ mgr->maxbuffers = maxbuffers;
+ }
} else {
result = isc_mempool_create(mgr->mctx, buffersize, &mgr->bpool);
if (result != ISC_R_SUCCESS) {
diff --git a/lib/dns/dnssec.c b/lib/dns/dnssec.c
index baf3ec5b12ec..8ae29bceee92 100644
--- a/lib/dns/dnssec.c
+++ b/lib/dns/dnssec.c
@@ -16,7 +16,7 @@
*/
/*
- * $Id: dnssec.c,v 1.93.12.4 2009/06/08 23:47:00 tbox Exp $
+ * $Id: dnssec.c,v 1.93.12.6 2009/06/22 23:47:18 tbox Exp $
*/
/*! \file */
@@ -93,6 +93,7 @@ rdataset_to_sortedarray(dns_rdataset_t *set, isc_mem_t *mctx,
isc_result_t ret;
int i = 0, n;
dns_rdata_t *data;
+ dns_rdataset_t rdataset;
n = dns_rdataset_count(set);
@@ -100,8 +101,11 @@ rdataset_to_sortedarray(dns_rdataset_t *set, isc_mem_t *mctx,
if (data == NULL)
return (ISC_R_NOMEMORY);
- ret = dns_rdataset_first(set);
+ dns_rdataset_init(&rdataset);
+ dns_rdataset_clone(set, &rdataset);
+ ret = dns_rdataset_first(&rdataset);
if (ret != ISC_R_SUCCESS) {
+ dns_rdataset_disassociate(&rdataset);
isc_mem_put(mctx, data, n * sizeof(dns_rdata_t));
return (ret);
}
@@ -111,8 +115,8 @@ rdataset_to_sortedarray(dns_rdataset_t *set, isc_mem_t *mctx,
*/
do {
dns_rdata_init(&data[i]);
- dns_rdataset_current(set, &data[i++]);
- } while (dns_rdataset_next(set) == ISC_R_SUCCESS);
+ dns_rdataset_current(&rdataset, &data[i++]);
+ } while (dns_rdataset_next(&rdataset) == ISC_R_SUCCESS);
/*
* Sort the array.
@@ -120,6 +124,7 @@ rdataset_to_sortedarray(dns_rdataset_t *set, isc_mem_t *mctx,
qsort(data, n, sizeof(dns_rdata_t), rdata_compare_wrapper);
*rdata = data;
*nrdata = n;
+ dns_rdataset_disassociate(&rdataset);
return (ISC_R_SUCCESS);
}
@@ -890,3 +895,59 @@ failure:
return (result);
}
+
+/*%
+ * Does this key ('rdata') self sign the rrset ('rdataset')?
+ */
+isc_boolean_t
+dns_dnssec_selfsigns(dns_rdata_t *rdata, dns_name_t *name,
+ dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset,
+ isc_boolean_t ignoretime, isc_mem_t *mctx)
+{
+ dst_key_t *dstkey = NULL;
+ dns_keytag_t keytag;
+ dns_rdata_dnskey_t key;
+ dns_rdata_rrsig_t sig;
+ dns_rdata_t sigrdata = DNS_RDATA_INIT;
+ isc_result_t result;
+
+ INSIST(rdataset->type == dns_rdatatype_key ||
+ rdataset->type == dns_rdatatype_dnskey);
+ if (rdataset->type == dns_rdatatype_key) {
+ INSIST(sigrdataset->type == dns_rdatatype_sig);
+ INSIST(sigrdataset->covers == dns_rdatatype_key);
+ } else {
+ INSIST(sigrdataset->type == dns_rdatatype_rrsig);
+ INSIST(sigrdataset->covers == dns_rdatatype_dnskey);
+ }
+
+ result = dns_dnssec_keyfromrdata(name, rdata, mctx, &dstkey);
+ if (result != ISC_R_SUCCESS)
+ return (ISC_FALSE);
+ result = dns_rdata_tostruct(rdata, &key, NULL);
+ RUNTIME_CHECK(result == ISC_R_SUCCESS);
+
+ keytag = dst_key_id(dstkey);
+ for (result = dns_rdataset_first(sigrdataset);
+ result == ISC_R_SUCCESS;
+ result = dns_rdataset_next(sigrdataset))
+ {
+ dns_rdata_reset(&sigrdata);
+ dns_rdataset_current(sigrdataset, &sigrdata);
+ result = dns_rdata_tostruct(&sigrdata, &sig, NULL);
+ RUNTIME_CHECK(result == ISC_R_SUCCESS);
+
+ if (sig.algorithm == key.algorithm &&
+ sig.keyid == keytag) {
+ result = dns_dnssec_verify2(name, rdataset, dstkey,
+ ignoretime, mctx,
+ &sigrdata, NULL);
+ if (result == ISC_R_SUCCESS) {
+ dst_key_free(&dstkey);
+ return (ISC_TRUE);
+ }
+ }
+ }
+ dst_key_free(&dstkey);
+ return (ISC_FALSE);
+}
diff --git a/lib/dns/dst_api.c b/lib/dns/dst_api.c
index 144c685e1089..bbb0a09cc3a3 100644
--- a/lib/dns/dst_api.c
+++ b/lib/dns/dst_api.c
@@ -1,5 +1,5 @@
/*
- * Portions Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC")
+ * Portions Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC")
* Portions Copyright (C) 1999-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -31,7 +31,7 @@
/*
* Principal Author: Brian Wellington
- * $Id: dst_api.c,v 1.16.12.3 2009/03/02 02:00:34 marka Exp $
+ * $Id: dst_api.c,v 1.16.12.10 2010/01/15 19:38:53 each Exp $
*/
/*! \file */
@@ -183,9 +183,16 @@ dst_lib_init(isc_mem_t *mctx, isc_entropy_t *ectx, unsigned int eflags) {
RETERR(dst__hmacsha512_init(&dst_t_func[DST_ALG_HMACSHA512]));
#ifdef OPENSSL
RETERR(dst__openssl_init());
- RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSAMD5]));
- RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSASHA1]));
- RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_NSEC3RSASHA1]));
+ RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSAMD5],
+ DST_ALG_RSAMD5));
+ RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSASHA1],
+ DST_ALG_RSASHA1));
+ RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_NSEC3RSASHA1],
+ DST_ALG_NSEC3RSASHA1));
+ RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSASHA256],
+ DST_ALG_RSASHA256));
+ RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSASHA512],
+ DST_ALG_RSASHA512));
#ifdef HAVE_OPENSSL_DSA
RETERR(dst__openssldsa_init(&dst_t_func[DST_ALG_DSA]));
RETERR(dst__openssldsa_init(&dst_t_func[DST_ALG_NSEC3DSA]));
@@ -848,6 +855,8 @@ dst_key_sigsize(const dst_key_t *key, unsigned int *n) {
case DST_ALG_RSAMD5:
case DST_ALG_RSASHA1:
case DST_ALG_NSEC3RSASHA1:
+ case DST_ALG_RSASHA256:
+ case DST_ALG_RSASHA512:
*n = (key->key_size + 7) / 8;
break;
case DST_ALG_DSA:
@@ -1017,6 +1026,9 @@ dst_key_read_public(const char *filename, int type,
/* Read the next word: either TTL, class, or 'KEY' */
NEXTTOKEN(lex, opt, &token);
+ if (token.type != isc_tokentype_string)
+ BADTOKEN();
+
/* If it's a TTL, read the next one */
result = dns_ttl_fromtext(&token.value.as_textregion, &ttl);
if (result == ISC_R_SUCCESS)
@@ -1072,6 +1084,8 @@ issymmetric(const dst_key_t *key) {
case DST_ALG_RSAMD5:
case DST_ALG_RSASHA1:
case DST_ALG_NSEC3RSASHA1:
+ case DST_ALG_RSASHA256:
+ case DST_ALG_RSASHA512:
case DST_ALG_DSA:
case DST_ALG_NSEC3DSA:
case DST_ALG_DH:
@@ -1152,7 +1166,7 @@ write_public_key(const dst_key_t *key, int type, const char *directory) {
fprintf(fp, " ");
isc_buffer_usedregion(&classb, &r);
- fwrite(r.base, 1, r.length, fp);
+ isc_util_fwrite(r.base, 1, r.length, fp);
if ((type & DST_TYPE_KEY) != 0)
fprintf(fp, " KEY ");
@@ -1160,7 +1174,7 @@ write_public_key(const dst_key_t *key, int type, const char *directory) {
fprintf(fp, " DNSKEY ");
isc_buffer_usedregion(&textb, &r);
- fwrite(r.base, 1, r.length, fp);
+ isc_util_fwrite(r.base, 1, r.length, fp);
fputc('\n', fp);
fflush(fp);
@@ -1275,7 +1289,8 @@ algorithm_status(unsigned int alg) {
if (alg == DST_ALG_RSAMD5 || alg == DST_ALG_RSASHA1 ||
alg == DST_ALG_DSA || alg == DST_ALG_DH ||
alg == DST_ALG_HMACMD5 || alg == DST_ALG_NSEC3DSA ||
- alg == DST_ALG_NSEC3RSASHA1)
+ alg == DST_ALG_NSEC3RSASHA1 ||
+ alg == DST_ALG_RSASHA256 || alg == DST_ALG_RSASHA512)
return (DST_R_NOCRYPTO);
#endif
return (DST_R_UNSUPPORTEDALG);
@@ -1297,6 +1312,8 @@ addsuffix(char *filename, unsigned int len, const char *ofilename,
n = snprintf(filename, len, "%.*s%s", olen, ofilename, suffix);
if (n < 0)
+ return (ISC_R_FAILURE);
+ if ((unsigned int)n >= len)
return (ISC_R_NOSPACE);
return (ISC_R_SUCCESS);
}
@@ -1304,6 +1321,9 @@ addsuffix(char *filename, unsigned int len, const char *ofilename,
isc_result_t
dst__entropy_getdata(void *buf, unsigned int len, isc_boolean_t pseudo) {
unsigned int flags = dst_entropy_flags;
+
+ if (len == 0)
+ return (ISC_R_SUCCESS);
if (pseudo)
flags &= ~ISC_ENTROPY_GOODONLY;
return (isc_entropy_getdata(dst_entropy_pool, buf, len, NULL, flags));
@@ -1311,5 +1331,22 @@ dst__entropy_getdata(void *buf, unsigned int len, isc_boolean_t pseudo) {
unsigned int
dst__entropy_status(void) {
+#ifdef GSSAPI
+ unsigned int flags = dst_entropy_flags;
+ isc_result_t ret;
+ unsigned char buf[32];
+ static isc_boolean_t first = ISC_TRUE;
+
+ if (first) {
+ /* Someone believes RAND_status() initializes the PRNG */
+ flags &= ~ISC_ENTROPY_GOODONLY;
+ ret = isc_entropy_getdata(dst_entropy_pool, buf,
+ sizeof(buf), NULL, flags);
+ INSIST(ret == ISC_R_SUCCESS);
+ isc_entropy_putdata(dst_entropy_pool, buf,
+ sizeof(buf), 2 * sizeof(buf));
+ first = ISC_FALSE;
+ }
+#endif
return (isc_entropy_status(dst_entropy_pool));
}
diff --git a/lib/dns/dst_internal.h b/lib/dns/dst_internal.h
index 0c1a71c22560..16696487bc47 100644
--- a/lib/dns/dst_internal.h
+++ b/lib/dns/dst_internal.h
@@ -1,5 +1,5 @@
/*
- * Portions Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC")
+ * Portions Copyright (C) 2004-2008, 2010 Internet Systems Consortium, Inc. ("ISC")
* Portions Copyright (C) 2000-2002 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -29,7 +29,7 @@
* IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: dst_internal.h,v 1.11 2008/04/01 23:47:10 tbox Exp $ */
+/* $Id: dst_internal.h,v 1.11.120.2 2010/01/15 23:47:33 tbox Exp $ */
#ifndef DST_DST_INTERNAL_H
#define DST_DST_INTERNAL_H 1
@@ -42,6 +42,7 @@
#include <isc/types.h>
#include <isc/md5.h>
#include <isc/sha1.h>
+#include <isc/sha2.h>
#include <isc/hmacmd5.h>
#include <isc/hmacsha.h>
@@ -97,7 +98,7 @@ struct dst_key {
void *generic;
gss_ctx_id_t gssctx;
#ifdef OPENSSL
-#if USE_EVP_RSA
+#if !defined(USE_EVP) || !USE_EVP
RSA *rsa;
#endif
DSA *dsa;
@@ -124,6 +125,8 @@ struct dst_context {
dst_gssapi_signverifyctx_t *gssctx;
isc_md5_t *md5ctx;
isc_sha1_t *sha1ctx;
+ isc_sha256_t *sha256ctx;
+ isc_sha512_t *sha512ctx;
isc_hmacmd5_t *hmacmd5ctx;
isc_hmacsha1_t *hmacsha1ctx;
isc_hmacsha224_t *hmacsha224ctx;
@@ -183,7 +186,8 @@ isc_result_t dst__hmacsha224_init(struct dst_func **funcp);
isc_result_t dst__hmacsha256_init(struct dst_func **funcp);
isc_result_t dst__hmacsha384_init(struct dst_func **funcp);
isc_result_t dst__hmacsha512_init(struct dst_func **funcp);
-isc_result_t dst__opensslrsa_init(struct dst_func **funcp);
+isc_result_t dst__opensslrsa_init(struct dst_func **funcp,
+ unsigned char algorithm);
isc_result_t dst__openssldsa_init(struct dst_func **funcp);
isc_result_t dst__openssldh_init(struct dst_func **funcp);
isc_result_t dst__gssapi_init(struct dst_func **funcp);
diff --git a/lib/dns/dst_parse.c b/lib/dns/dst_parse.c
index 2da72ae6415a..e8ab34ff7573 100644
--- a/lib/dns/dst_parse.c
+++ b/lib/dns/dst_parse.c
@@ -1,5 +1,5 @@
/*
- * Portions Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC")
+ * Portions Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC")
* Portions Copyright (C) 1999-2002 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -31,7 +31,7 @@
/*%
* Principal Author: Brian Wellington
- * $Id: dst_parse.c,v 1.14.120.2 2009/03/02 23:47:11 tbox Exp $
+ * $Id: dst_parse.c,v 1.14.120.6 2010/01/15 19:38:53 each Exp $
*/
#include <config.h>
@@ -480,6 +480,18 @@ dst__privstruct_writefile(const dst_key_t *key, const dst_private_t *priv,
case DST_ALG_RSASHA1:
fprintf(fp, "(RSASHA1)\n");
break;
+ case DST_ALG_NSEC3DSA:
+ fprintf(fp, "(NSEC3DSA)\n");
+ break;
+ case DST_ALG_NSEC3RSASHA1:
+ fprintf(fp, "(NSEC3RSASHA1)\n");
+ break;
+ case DST_ALG_RSASHA256:
+ fprintf(fp, "(RSASHA256)\n");
+ break;
+ case DST_ALG_RSASHA512:
+ fprintf(fp, "(RSASHA512)\n");
+ break;
case DST_ALG_HMACMD5:
fprintf(fp, "(HMAC_MD5)\n");
break;
@@ -521,7 +533,7 @@ dst__privstruct_writefile(const dst_key_t *key, const dst_private_t *priv,
isc_buffer_usedregion(&b, &r);
fprintf(fp, "%s ", s);
- fwrite(r.base, 1, r.length, fp);
+ isc_util_fwrite(r.base, 1, r.length, fp);
fprintf(fp, "\n");
}
diff --git a/lib/dns/include/dns/db.h b/lib/dns/include/dns/db.h
index c75c774143f0..9a1126d7084f 100644
--- a/lib/dns/include/dns/db.h
+++ b/lib/dns/include/dns/db.h
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: db.h,v 1.93.50.3.12.1 2009/12/31 21:44:37 each Exp $ */
+/* $Id: db.h,v 1.93.50.5 2009/11/25 23:48:42 tbox Exp $ */
#ifndef DNS_DB_H
#define DNS_DB_H 1
@@ -695,6 +695,10 @@ dns_db_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version,
* For cache databases, glue is any rdataset with a trust of
* dns_trust_glue.
*
+ * \li If 'options' does not have #DNS_DBFIND_ADDITIONALOK set, then no
+ * additional records will be returned. Only caches can have
+ * rdataset with trust dns_trust_additional.
+ *
* \li If 'options' does not have #DNS_DBFIND_PENDINGOK set, then no
* pending data will be returned. This option is only meaningful for
* cache databases.
diff --git a/lib/dns/include/dns/dnssec.h b/lib/dns/include/dns/dnssec.h
index c5206be63bb3..14462664a1eb 100644
--- a/lib/dns/include/dns/dnssec.h
+++ b/lib/dns/include/dns/dnssec.h
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: dnssec.h,v 1.32.332.4 2009/06/08 23:47:00 tbox Exp $ */
+/* $Id: dnssec.h,v 1.32.332.6 2009/06/22 23:47:18 tbox Exp $ */
#ifndef DNS_DNSSEC_H
#define DNS_DNSSEC_H 1
@@ -178,6 +178,12 @@ dns_dnssec_verifymessage(isc_buffer_t *source, dns_message_t *msg,
*\li DST_R_*
*/
+isc_boolean_t
+dns_dnssec_selfsigns(dns_rdata_t *rdata, dns_name_t *name,
+ dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset,
+ isc_boolean_t ignoretime, isc_mem_t *mctx);
+
+
ISC_LANG_ENDDECLS
#endif /* DNS_DNSSEC_H */
diff --git a/lib/dns/include/dns/journal.h b/lib/dns/include/dns/journal.h
index 3917d8db9a0a..a1e16e448785 100644
--- a/lib/dns/include/dns/journal.h
+++ b/lib/dns/include/dns/journal.h
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: journal.h,v 1.33.120.2 2009/01/18 23:47:41 tbox Exp $ */
+/* $Id: journal.h,v 1.33.120.4 2009/11/04 23:47:25 tbox Exp $ */
#ifndef DNS_JOURNAL_H
#define DNS_JOURNAL_H 1
@@ -232,12 +232,19 @@ dns_journal_current_rr(dns_journal_t *j, dns_name_t **name, isc_uint32_t *ttl,
isc_result_t
dns_journal_rollforward(isc_mem_t *mctx, dns_db_t *db, unsigned int options,
const char *filename);
+
+isc_result_t
+dns_journal_rollforward2(isc_mem_t *mctx, dns_db_t *db, unsigned int options,
+ isc_uint32_t resign, const char *filename);
/*%<
* Roll forward (play back) the journal file "filename" into the
* database "db". This should be called when the server starts
- * after a shutdown or crash.
+ * after a shutdown or crash. 'resign' is how many seconds before
+ * a RRSIG is due to expire it should be scheduled to be regenerated.
*
* Requires:
+ *\li dns_journal_rollforward() requires that DNS_JOURNALOPT_RESIGN
+ * is not set.
*\li 'mctx' is a valid memory context.
*\li 'db' is a valid database which does not have a version
* open for writing.
diff --git a/lib/dns/include/dns/keyvalues.h b/lib/dns/include/dns/keyvalues.h
index 7f509e6ef13a..f4a50fa606f1 100644
--- a/lib/dns/include/dns/keyvalues.h
+++ b/lib/dns/include/dns/keyvalues.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2001, 2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: keyvalues.h,v 1.23.48.2 2009/06/04 02:56:14 tbox Exp $ */
+/* $Id: keyvalues.h,v 1.23.48.4 2010/01/15 23:47:33 tbox Exp $ */
#ifndef DNS_KEYVALUES_H
#define DNS_KEYVALUES_H 1
@@ -69,6 +69,8 @@
#define DNS_KEYALG_ECC 4
#define DNS_KEYALG_RSASHA1 5
#define DNS_KEYALG_NSEC3RSASHA1 7
+#define DNS_KEYALG_RSASHA256 8
+#define DNS_KEYALG_RSASHA512 10
#define DNS_KEYALG_INDIRECT 252
#define DNS_KEYALG_PRIVATEDNS 253
#define DNS_KEYALG_PRIVATEOID 254 /*%< Key begins with OID giving alg */
diff --git a/lib/dns/include/dns/name.h b/lib/dns/include/dns/name.h
index 0149301dcfbd..dc6e525c1c84 100644
--- a/lib/dns/include/dns/name.h
+++ b/lib/dns/include/dns/name.h
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: name.h,v 1.126.332.2 2009/01/18 23:47:41 tbox Exp $ */
+/* $Id: name.h,v 1.126.332.3 2009/12/24 00:34:59 each Exp $ */
#ifndef DNS_NAME_H
#define DNS_NAME_H 1
@@ -99,12 +99,6 @@ ISC_LANG_BEGINDECLS
*****/
/***
- *** Compression pointer chaining limit
- ***/
-
-#define DNS_POINTER_MAXHOPS 16
-
-/***
*** Types
***/
diff --git a/lib/dns/include/dns/ncache.h b/lib/dns/include/dns/ncache.h
index d61684df88c4..0677211719ec 100644
--- a/lib/dns/include/dns/ncache.h
+++ b/lib/dns/include/dns/ncache.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2002 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: ncache.h,v 1.25.142.1 2009/12/31 20:29:21 each Exp $ */
+/* $Id: ncache.h,v 1.25.48.2 2009/12/30 23:47:31 tbox Exp $ */
#ifndef DNS_NCACHE_H
#define DNS_NCACHE_H 1
diff --git a/lib/dns/include/dns/nsec3.h b/lib/dns/include/dns/nsec3.h
index 2d6a8dde8a72..6243fdb10f2b 100644
--- a/lib/dns/include/dns/nsec3.h
+++ b/lib/dns/include/dns/nsec3.h
@@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: nsec3.h,v 1.5.48.2 2009/01/18 23:47:41 tbox Exp $ */
+/* $Id: nsec3.h,v 1.5.48.3 2009/10/06 21:20:18 each Exp $ */
#ifndef DNS_NSEC3_H
#define DNS_NSEC3_H 1
@@ -28,6 +28,8 @@
#include <dns/rdatastruct.h>
#include <dns/types.h>
+#define DNS_NSEC3_SALTSIZE 255
+
/*
* hash = 1, flags =1, iterations = 2, salt length = 1, salt = 255 (max)
* hash length = 1, hash = 255 (max), bitmap = 8192 + 512 (max)
diff --git a/lib/dns/include/dns/rbt.h b/lib/dns/include/dns/rbt.h
index 6eea787af888..26155965c838 100644
--- a/lib/dns/include/dns/rbt.h
+++ b/lib/dns/include/dns/rbt.h
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: rbt.h,v 1.71.48.2 2009/01/18 23:47:41 tbox Exp $ */
+/* $Id: rbt.h,v 1.71.48.3 2009/10/20 05:06:04 marka Exp $ */
#ifndef DNS_RBT_H
#define DNS_RBT_H 1
@@ -105,11 +105,11 @@ struct dns_rbtnode {
unsigned int is_root : 1; /*%< range is 0..1 */
unsigned int color : 1; /*%< range is 0..1 */
unsigned int find_callback : 1; /*%< range is 0..1 */
- unsigned int attributes : 3; /*%< range is 0..2 */
+ unsigned int attributes : 4; /*%< range is 0..2 */
unsigned int nsec3 : 1; /*%< range is 0..1 */
unsigned int namelen : 8; /*%< range is 1..255 */
unsigned int offsetlen : 8; /*%< range is 1..128 */
- unsigned int padbytes : 9; /*%< range is 0..380 */
+ unsigned int oldnamelen : 8; /*%< range is 1..255 */
/*@}*/
#ifdef DNS_RBT_USEHASH
diff --git a/lib/dns/include/dns/types.h b/lib/dns/include/dns/types.h
index 525dd8d48921..10ce229ac970 100644
--- a/lib/dns/include/dns/types.h
+++ b/lib/dns/include/dns/types.h
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: types.h,v 1.130.50.3.12.2 2009/12/31 20:29:21 each Exp $ */
+/* $Id: types.h,v 1.130.50.5 2009/12/30 08:34:30 jinmei Exp $ */
#ifndef DNS_TYPES_H
#define DNS_TYPES_H 1
diff --git a/lib/dns/include/dns/zone.h b/lib/dns/include/dns/zone.h
index e2859ae5bbb5..746b43cdd6f6 100644
--- a/lib/dns/include/dns/zone.h
+++ b/lib/dns/include/dns/zone.h
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: zone.h,v 1.160.50.4 2009/01/29 22:40:35 jinmei Exp $ */
+/* $Id: zone.h,v 1.160.50.6 2009/10/05 21:57:00 each Exp $ */
#ifndef DNS_ZONE_H
#define DNS_ZONE_H 1
@@ -149,13 +149,24 @@ dns_zone_getclass(dns_zone_t *zone);
*\li 'zone' to be a valid zone.
*/
+isc_result_t
+dns_zone_getserial2(dns_zone_t *zone, isc_uint32_t *serialp);
+
isc_uint32_t
dns_zone_getserial(dns_zone_t *zone);
/*%<
- * Returns the current serial number of the zone.
+ * Returns the current serial number of the zone. On success, the SOA
+ * serial of the zone will be copied into '*serialp'.
+ * dns_zone_getserial() cannot catch failure cases and is deprecated by
+ * dns_zone_getserial2().
*
* Requires:
*\li 'zone' to be a valid zone.
+ *\li 'serialp' to be non NULL
+ *
+ * Returns:
+ *\li #ISC_R_SUCCESS
+ *\li #DNS_R_NOTLOADED zone DB is not loaded
*/
void
@@ -256,6 +267,9 @@ dns_zone_load(dns_zone_t *zone);
isc_result_t
dns_zone_loadnew(dns_zone_t *zone);
+
+isc_result_t
+dns_zone_loadandthaw(dns_zone_t *zone);
/*%<
* Cause the database to be loaded from its backing store.
* Confirm that the minimum requirements for the zone type are
@@ -264,6 +278,8 @@ dns_zone_loadnew(dns_zone_t *zone);
* dns_zone_loadnew() only loads zones that are not yet loaded.
* dns_zone_load() also loads zones that are already loaded and
* and whose master file has changed since the last load.
+ * dns_zone_loadandthaw() is similar to dns_zone_load() but will
+ * also re-enable DNS UPDATEs when the load completes.
*
* Require:
*\li 'zone' to be a valid zone.
diff --git a/lib/dns/include/dst/dst.h b/lib/dns/include/dst/dst.h
index 702ad719d21b..de262bdafb1a 100644
--- a/lib/dns/include/dst/dst.h
+++ b/lib/dns/include/dst/dst.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2008, 2010 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2000-2002 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: dst.h,v 1.12 2008/09/24 02:46:23 marka Exp $ */
+/* $Id: dst.h,v 1.12.50.2 2010/01/15 23:47:34 tbox Exp $ */
#ifndef DST_DST_H
#define DST_DST_H 1
@@ -53,6 +53,8 @@ typedef struct dst_context dst_context_t;
#define DST_ALG_RSASHA1 5
#define DST_ALG_NSEC3DSA 6
#define DST_ALG_NSEC3RSASHA1 7
+#define DST_ALG_RSASHA256 8
+#define DST_ALG_RSASHA512 10
#define DST_ALG_HMACMD5 157
#define DST_ALG_GSSAPI 160
#define DST_ALG_HMACSHA1 161 /* XXXMPA */
diff --git a/lib/dns/journal.c b/lib/dns/journal.c
index 8c21f1ece34b..638e64755b54 100644
--- a/lib/dns/journal.c
+++ b/lib/dns/journal.c
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: journal.c,v 1.103.48.2 2009/01/18 23:47:37 tbox Exp $ */
+/* $Id: journal.c,v 1.103.48.6 2009/11/04 23:47:25 tbox Exp $ */
#include <config.h>
@@ -1218,7 +1218,9 @@ dns_journal_destroy(dns_journal_t **journalp) {
/* XXX Share code with incoming IXFR? */
static isc_result_t
-roll_forward(dns_journal_t *j, dns_db_t *db, unsigned int options) {
+roll_forward(dns_journal_t *j, dns_db_t *db, unsigned int options,
+ isc_uint32_t resign)
+{
isc_buffer_t source; /* Transaction data from disk */
isc_buffer_t target; /* Ditto after _fromwire check */
isc_uint32_t db_serial; /* Database SOA serial */
@@ -1235,6 +1237,7 @@ roll_forward(dns_journal_t *j, dns_db_t *db, unsigned int options) {
REQUIRE(DNS_DB_VALID(db));
dns_diff_init(j->mctx, &diff);
+ diff.resign = resign;
/*
* Set up empty initial buffers for unchecked and checked
@@ -1353,6 +1356,14 @@ isc_result_t
dns_journal_rollforward(isc_mem_t *mctx, dns_db_t *db,
unsigned int options, const char *filename)
{
+ REQUIRE((options & DNS_JOURNALOPT_RESIGN) == 0);
+ return (dns_journal_rollforward2(mctx, db, options, 0, filename));
+}
+
+isc_result_t
+dns_journal_rollforward2(isc_mem_t *mctx, dns_db_t *db, unsigned int options,
+ isc_uint32_t resign, const char *filename)
+{
dns_journal_t *j;
isc_result_t result;
@@ -1371,7 +1382,7 @@ dns_journal_rollforward(isc_mem_t *mctx, dns_db_t *db,
if (JOURNAL_EMPTY(&j->header))
result = DNS_R_UPTODATE;
else
- result = roll_forward(j, db, options);
+ result = roll_forward(j, db, options, resign);
dns_journal_destroy(&j);
@@ -1850,18 +1861,11 @@ dns_diff_subtract(dns_diff_t diff[2], dns_diff_t *r) {
return (result);
}
-/*
- * Compare the databases 'dba' and 'dbb' and generate a journal
- * entry containing the changes to make 'dba' from 'dbb' (note
- * the order). This journal entry will consist of a single,
- * possibly very large transaction.
- */
-
-isc_result_t
-dns_db_diff(isc_mem_t *mctx,
- dns_db_t *dba, dns_dbversion_t *dbvera,
- dns_db_t *dbb, dns_dbversion_t *dbverb,
- const char *journal_filename)
+static isc_result_t
+diff_namespace(isc_mem_t *mctx,
+ dns_db_t *dba, dns_dbversion_t *dbvera,
+ dns_db_t *dbb, dns_dbversion_t *dbverb,
+ unsigned int options, dns_diff_t *resultdiff)
{
dns_db_t *db[2];
dns_dbversion_t *ver[2];
@@ -1869,30 +1873,24 @@ dns_db_diff(isc_mem_t *mctx,
isc_boolean_t have[2] = { ISC_FALSE, ISC_FALSE };
dns_fixedname_t fixname[2];
isc_result_t result, itresult[2];
- dns_diff_t diff[2], resultdiff;
+ dns_diff_t diff[2];
int i, t;
- dns_journal_t *journal = NULL;
db[0] = dba, db[1] = dbb;
ver[0] = dbvera, ver[1] = dbverb;
dns_diff_init(mctx, &diff[0]);
dns_diff_init(mctx, &diff[1]);
- dns_diff_init(mctx, &resultdiff);
dns_fixedname_init(&fixname[0]);
dns_fixedname_init(&fixname[1]);
- result = dns_journal_open(mctx, journal_filename, ISC_TRUE, &journal);
+ result = dns_db_createiterator(db[0], options, &dbit[0]);
if (result != ISC_R_SUCCESS)
return (result);
-
- result = dns_db_createiterator(db[0], 0, &dbit[0]);
- if (result != ISC_R_SUCCESS)
- goto cleanup_journal;
- result = dns_db_createiterator(db[1], 0, &dbit[1]);
+ result = dns_db_createiterator(db[1], options, &dbit[1]);
if (result != ISC_R_SUCCESS)
- goto cleanup_interator0;
+ goto cleanup_iterator;
itresult[0] = dns_dbiterator_first(dbit[0]);
itresult[1] = dns_dbiterator_first(dbit[1]);
@@ -1919,7 +1917,7 @@ dns_db_diff(isc_mem_t *mctx,
for (i = 0; i < 2; i++) {
if (! have[!i]) {
- ISC_LIST_APPENDLIST(resultdiff.tuples,
+ ISC_LIST_APPENDLIST(resultdiff->tuples,
diff[i].tuples, link);
INSIST(ISC_LIST_EMPTY(diff[i].tuples));
have[i] = ISC_FALSE;
@@ -1930,21 +1928,21 @@ dns_db_diff(isc_mem_t *mctx,
t = dns_name_compare(dns_fixedname_name(&fixname[0]),
dns_fixedname_name(&fixname[1]));
if (t < 0) {
- ISC_LIST_APPENDLIST(resultdiff.tuples,
+ ISC_LIST_APPENDLIST(resultdiff->tuples,
diff[0].tuples, link);
INSIST(ISC_LIST_EMPTY(diff[0].tuples));
have[0] = ISC_FALSE;
continue;
}
if (t > 0) {
- ISC_LIST_APPENDLIST(resultdiff.tuples,
+ ISC_LIST_APPENDLIST(resultdiff->tuples,
diff[1].tuples, link);
INSIST(ISC_LIST_EMPTY(diff[1].tuples));
have[1] = ISC_FALSE;
continue;
}
INSIST(t == 0);
- CHECK(dns_diff_subtract(diff, &resultdiff));
+ CHECK(dns_diff_subtract(diff, resultdiff));
INSIST(ISC_LIST_EMPTY(diff[0].tuples));
INSIST(ISC_LIST_EMPTY(diff[1].tuples));
have[0] = have[1] = ISC_FALSE;
@@ -1955,20 +1953,49 @@ dns_db_diff(isc_mem_t *mctx,
if (itresult[1] != ISC_R_NOMORE)
FAIL(itresult[1]);
+ INSIST(ISC_LIST_EMPTY(diff[0].tuples));
+ INSIST(ISC_LIST_EMPTY(diff[1].tuples));
+
+ failure:
+ dns_dbiterator_destroy(&dbit[1]);
+ cleanup_iterator:
+ dns_dbiterator_destroy(&dbit[0]);
+ return (result);
+}
+
+/*
+ * Compare the databases 'dba' and 'dbb' and generate a journal
+ * entry containing the changes to make 'dba' from 'dbb' (note
+ * the order). This journal entry will consist of a single,
+ * possibly very large transaction.
+ */
+isc_result_t
+dns_db_diff(isc_mem_t *mctx,
+ dns_db_t *dba, dns_dbversion_t *dbvera,
+ dns_db_t *dbb, dns_dbversion_t *dbverb,
+ const char *journal_filename)
+{
+ isc_result_t result;
+ dns_journal_t *journal = NULL;
+ dns_diff_t resultdiff;
+
+ result = dns_journal_open(mctx, journal_filename, ISC_TRUE, &journal);
+ if (result != ISC_R_SUCCESS)
+ return (result);
+
+ dns_diff_init(mctx, &resultdiff);
+
+ CHECK(diff_namespace(mctx, dba, dbvera, dbb, dbverb,
+ DNS_DB_NONSEC3, &resultdiff));
+ CHECK(diff_namespace(mctx, dba, dbvera, dbb, dbverb,
+ DNS_DB_NSEC3ONLY, &resultdiff));
if (ISC_LIST_EMPTY(resultdiff.tuples)) {
isc_log_write(JOURNAL_DEBUG_LOGARGS(3), "no changes");
} else {
CHECK(dns_journal_write_transaction(journal, &resultdiff));
}
- INSIST(ISC_LIST_EMPTY(diff[0].tuples));
- INSIST(ISC_LIST_EMPTY(diff[1].tuples));
-
failure:
dns_diff_clear(&resultdiff);
- dns_dbiterator_destroy(&dbit[1]);
- cleanup_interator0:
- dns_dbiterator_destroy(&dbit[0]);
- cleanup_journal:
dns_journal_destroy(&journal);
return (result);
}
diff --git a/lib/dns/masterdump.c b/lib/dns/masterdump.c
index 1dbb1e615e8b..314112ce5f1b 100644
--- a/lib/dns/masterdump.c
+++ b/lib/dns/masterdump.c
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: masterdump.c,v 1.94.50.2.12.1 2009/11/18 23:58:04 marka Exp $ */
+/* $Id: masterdump.c,v 1.94.50.3 2009/11/18 00:15:37 marka Exp $ */
/*! \file */
diff --git a/lib/dns/message.c b/lib/dns/message.c
index b541635abf03..2e34120f3b9b 100644
--- a/lib/dns/message.c
+++ b/lib/dns/message.c
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: message.c,v 1.245.50.2 2009/01/18 23:47:40 tbox Exp $ */
+/* $Id: message.c,v 1.245.50.3 2009/11/24 03:25:53 marka Exp $ */
/*! \file */
@@ -1888,6 +1888,8 @@ dns_message_rendersection(dns_message_t *msg, dns_section_t sectionid,
msg->counts[sectionid] += total;
return (result);
}
+ if (result == ISC_R_NOSPACE)
+ msg->flags |= DNS_MESSAGEFLAG_TC;
if (result != ISC_R_SUCCESS) {
INSIST(st.used < 65536);
dns_compress_rollback(msg->cctx,
diff --git a/lib/dns/nsec3.c b/lib/dns/nsec3.c
index f9b8cad21a70..ea6546d9e60f 100644
--- a/lib/dns/nsec3.c
+++ b/lib/dns/nsec3.c
@@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: nsec3.c,v 1.6.12.2 2009/06/04 02:56:14 tbox Exp $ */
+/* $Id: nsec3.c,v 1.6.12.4 2009/11/03 23:47:46 tbox Exp $ */
#include <config.h>
@@ -87,6 +87,8 @@ dns_nsec3_buildrdata(dns_db_t *db, dns_dbversion_t *version,
unsigned int i, window;
int octet;
isc_boolean_t found;
+ isc_boolean_t found_ns;
+ isc_boolean_t need_rrsig;
unsigned char *nsec_bits, *bm;
unsigned int max_type;
@@ -140,7 +142,7 @@ dns_nsec3_buildrdata(dns_db_t *db, dns_dbversion_t *version,
result = dns_db_allrdatasets(db, node, version, 0, &rdsiter);
if (result != ISC_R_SUCCESS)
return (result);
- found = ISC_FALSE;
+ found = found_ns = need_rrsig = ISC_FALSE;
for (result = dns_rdatasetiter_first(rdsiter);
result == ISC_R_SUCCESS;
result = dns_rdatasetiter_next(rdsiter))
@@ -152,13 +154,26 @@ dns_nsec3_buildrdata(dns_db_t *db, dns_dbversion_t *version,
if (rdataset.type > max_type)
max_type = rdataset.type;
set_bit(bm, rdataset.type, 1);
- /* Don't set RRSIG for insecure delegation. */
- if (rdataset.type != dns_rdatatype_ns)
+ /*
+ * Work out if we need to set the RRSIG bit for
+ * this node. We set the RRSIG bit if either of
+ * the following conditions are met:
+ * 1) We have a SOA or DS then we need to set
+ * the RRSIG bit as both always will be signed.
+ * 2) We set the RRSIG bit if we don't have
+ * a NS record but do have other data.
+ */
+ if (rdataset.type == dns_rdatatype_soa ||
+ rdataset.type == dns_rdatatype_ds)
+ need_rrsig = ISC_TRUE;
+ else if (rdataset.type == dns_rdatatype_ns)
+ found_ns = ISC_TRUE;
+ else
found = ISC_TRUE;
}
dns_rdataset_disassociate(&rdataset);
}
- if (found) {
+ if ((found && !found_ns) || need_rrsig) {
if (dns_rdatatype_rrsig > max_type)
max_type = dns_rdatatype_rrsig;
set_bit(bm, dns_rdatatype_rrsig, 1);
diff --git a/lib/dns/opensslrsa_link.c b/lib/dns/opensslrsa_link.c
index d557c43db258..95095d1186b7 100644
--- a/lib/dns/opensslrsa_link.c
+++ b/lib/dns/opensslrsa_link.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2000-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -17,21 +17,23 @@
/*
* Principal Author: Brian Wellington
- * $Id: opensslrsa_link.c,v 1.20.50.3 2009/01/18 23:25:16 marka Exp $
+ * $Id: opensslrsa_link.c,v 1.20.50.8 2010/01/22 02:36:49 marka Exp $
*/
#ifdef OPENSSL
+#include <config.h>
+
#ifndef USE_EVP
+#if !defined(HAVE_EVP_SHA256) || !defined(HAVE_EVP_SHA512)
+#define USE_EVP 0
+#else
#define USE_EVP 1
#endif
-#if USE_EVP
-#define USE_EVP_RSA 1
#endif
-#include <config.h>
-
#include <isc/entropy.h>
#include <isc/md5.h>
#include <isc/sha1.h>
+#include <isc/sha2.h>
#include <isc/mem.h>
#include <isc/string.h>
#include <isc/util.h>
@@ -112,23 +114,42 @@ static isc_result_t
opensslrsa_createctx(dst_key_t *key, dst_context_t *dctx) {
#if USE_EVP
EVP_MD_CTX *evp_md_ctx;
- const EVP_MD *type;
+ const EVP_MD *type = NULL;
#endif
UNUSED(key);
REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 ||
dctx->key->key_alg == DST_ALG_RSASHA1 ||
- dctx->key->key_alg == DST_ALG_NSEC3RSASHA1);
+ dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 ||
+ dctx->key->key_alg == DST_ALG_RSASHA256 ||
+ dctx->key->key_alg == DST_ALG_RSASHA512);
#if USE_EVP
evp_md_ctx = EVP_MD_CTX_create();
if (evp_md_ctx == NULL)
return (ISC_R_NOMEMORY);
- if (dctx->key->key_alg == DST_ALG_RSAMD5)
+ switch (dctx->key->key_alg) {
+ case DST_ALG_RSAMD5:
type = EVP_md5(); /* MD5 + RSA */
- else
+ break;
+ case DST_ALG_RSASHA1:
+ case DST_ALG_NSEC3RSASHA1:
type = EVP_sha1(); /* SHA1 + RSA */
+ break;
+#ifdef HAVE_EVP_SHA256
+ case DST_ALG_RSASHA256:
+ type = EVP_sha256(); /* SHA256 + RSA */
+ break;
+#endif
+#ifdef HAVE_EVP_SHA512
+ case DST_ALG_RSASHA512:
+ type = EVP_sha512();
+ break;
+#endif
+ default:
+ INSIST(0);
+ }
if (!EVP_DigestInit_ex(evp_md_ctx, type, NULL)) {
EVP_MD_CTX_destroy(evp_md_ctx);
@@ -136,22 +157,56 @@ opensslrsa_createctx(dst_key_t *key, dst_context_t *dctx) {
}
dctx->ctxdata.evp_md_ctx = evp_md_ctx;
#else
- if (dctx->key->key_alg == DST_ALG_RSAMD5) {
- isc_md5_t *md5ctx;
-
- md5ctx = isc_mem_get(dctx->mctx, sizeof(isc_md5_t));
- if (md5ctx == NULL)
- return (ISC_R_NOMEMORY);
- isc_md5_init(md5ctx);
- dctx->ctxdata.md5ctx = md5ctx;
- } else {
- isc_sha1_t *sha1ctx;
-
- sha1ctx = isc_mem_get(dctx->mctx, sizeof(isc_sha1_t));
- if (sha1ctx == NULL)
- return (ISC_R_NOMEMORY);
- isc_sha1_init(sha1ctx);
- dctx->ctxdata.sha1ctx = sha1ctx;
+ switch (dctx->key->key_alg) {
+ case DST_ALG_RSAMD5:
+ {
+ isc_md5_t *md5ctx;
+
+ md5ctx = isc_mem_get(dctx->mctx, sizeof(isc_md5_t));
+ if (md5ctx == NULL)
+ return (ISC_R_NOMEMORY);
+ isc_md5_init(md5ctx);
+ dctx->ctxdata.md5ctx = md5ctx;
+ }
+ break;
+ case DST_ALG_RSASHA1:
+ case DST_ALG_NSEC3RSASHA1:
+ {
+ isc_sha1_t *sha1ctx;
+
+ sha1ctx = isc_mem_get(dctx->mctx, sizeof(isc_sha1_t));
+ if (sha1ctx == NULL)
+ return (ISC_R_NOMEMORY);
+ isc_sha1_init(sha1ctx);
+ dctx->ctxdata.sha1ctx = sha1ctx;
+ }
+ break;
+ case DST_ALG_RSASHA256:
+ {
+ isc_sha256_t *sha256ctx;
+
+ sha256ctx = isc_mem_get(dctx->mctx,
+ sizeof(isc_sha256_t));
+ if (sha256ctx == NULL)
+ return (ISC_R_NOMEMORY);
+ isc_sha256_init(sha256ctx);
+ dctx->ctxdata.sha256ctx = sha256ctx;
+ }
+ break;
+ case DST_ALG_RSASHA512:
+ {
+ isc_sha512_t *sha512ctx;
+
+ sha512ctx = isc_mem_get(dctx->mctx,
+ sizeof(isc_sha512_t));
+ if (sha512ctx == NULL)
+ return (ISC_R_NOMEMORY);
+ isc_sha512_init(sha512ctx);
+ dctx->ctxdata.sha512ctx = sha512ctx;
+ }
+ break;
+ default:
+ INSIST(0);
}
#endif
@@ -166,7 +221,9 @@ opensslrsa_destroyctx(dst_context_t *dctx) {
REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 ||
dctx->key->key_alg == DST_ALG_RSASHA1 ||
- dctx->key->key_alg == DST_ALG_NSEC3RSASHA1);
+ dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 ||
+ dctx->key->key_alg == DST_ALG_RSASHA256 ||
+ dctx->key->key_alg == DST_ALG_RSASHA512);
#if USE_EVP
if (evp_md_ctx != NULL) {
@@ -174,22 +231,58 @@ opensslrsa_destroyctx(dst_context_t *dctx) {
dctx->ctxdata.evp_md_ctx = NULL;
}
#else
- if (dctx->key->key_alg == DST_ALG_RSAMD5) {
- isc_md5_t *md5ctx = dctx->ctxdata.md5ctx;
-
- if (md5ctx != NULL) {
- isc_md5_invalidate(md5ctx);
- isc_mem_put(dctx->mctx, md5ctx, sizeof(isc_md5_t));
- dctx->ctxdata.md5ctx = NULL;
+ switch (dctx->key->key_alg) {
+ case DST_ALG_RSAMD5:
+ {
+ isc_md5_t *md5ctx = dctx->ctxdata.md5ctx;
+
+ if (md5ctx != NULL) {
+ isc_md5_invalidate(md5ctx);
+ isc_mem_put(dctx->mctx, md5ctx,
+ sizeof(isc_md5_t));
+ dctx->ctxdata.md5ctx = NULL;
+ }
}
- } else {
- isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx;
-
- if (sha1ctx != NULL) {
- isc_sha1_invalidate(sha1ctx);
- isc_mem_put(dctx->mctx, sha1ctx, sizeof(isc_sha1_t));
- dctx->ctxdata.sha1ctx = NULL;
+ break;
+ case DST_ALG_RSASHA1:
+ case DST_ALG_NSEC3RSASHA1:
+ {
+ isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx;
+
+ if (sha1ctx != NULL) {
+ isc_sha1_invalidate(sha1ctx);
+ isc_mem_put(dctx->mctx, sha1ctx,
+ sizeof(isc_sha1_t));
+ dctx->ctxdata.sha1ctx = NULL;
+ }
+ }
+ break;
+ case DST_ALG_RSASHA256:
+ {
+ isc_sha256_t *sha256ctx = dctx->ctxdata.sha256ctx;
+
+ if (sha256ctx != NULL) {
+ isc_sha256_invalidate(sha256ctx);
+ isc_mem_put(dctx->mctx, sha256ctx,
+ sizeof(isc_sha256_t));
+ dctx->ctxdata.sha256ctx = NULL;
+ }
}
+ break;
+ case DST_ALG_RSASHA512:
+ {
+ isc_sha512_t *sha512ctx = dctx->ctxdata.sha512ctx;
+
+ if (sha512ctx != NULL) {
+ isc_sha512_invalidate(sha512ctx);
+ isc_mem_put(dctx->mctx, sha512ctx,
+ sizeof(isc_sha512_t));
+ dctx->ctxdata.sha512ctx = NULL;
+ }
+ }
+ break;
+ default:
+ INSIST(0);
}
#endif
}
@@ -202,24 +295,67 @@ opensslrsa_adddata(dst_context_t *dctx, const isc_region_t *data) {
REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 ||
dctx->key->key_alg == DST_ALG_RSASHA1 ||
- dctx->key->key_alg == DST_ALG_NSEC3RSASHA1);
+ dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 ||
+ dctx->key->key_alg == DST_ALG_RSASHA256 ||
+ dctx->key->key_alg == DST_ALG_RSASHA512);
#if USE_EVP
if (!EVP_DigestUpdate(evp_md_ctx, data->base, data->length)) {
return (ISC_R_FAILURE);
}
#else
- if (dctx->key->key_alg == DST_ALG_RSAMD5) {
- isc_md5_t *md5ctx = dctx->ctxdata.md5ctx;
- isc_md5_update(md5ctx, data->base, data->length);
- } else {
- isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx;
- isc_sha1_update(sha1ctx, data->base, data->length);
+ switch (dctx->key->key_alg) {
+ case DST_ALG_RSAMD5:
+ {
+ isc_md5_t *md5ctx = dctx->ctxdata.md5ctx;
+
+ isc_md5_update(md5ctx, data->base, data->length);
+ }
+ break;
+ case DST_ALG_RSASHA1:
+ case DST_ALG_NSEC3RSASHA1:
+ {
+ isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx;
+
+ isc_sha1_update(sha1ctx, data->base, data->length);
+ }
+ break;
+ case DST_ALG_RSASHA256:
+ {
+ isc_sha256_t *sha256ctx = dctx->ctxdata.sha256ctx;
+
+ isc_sha256_update(sha256ctx, data->base, data->length);
+ }
+ break;
+ case DST_ALG_RSASHA512:
+ {
+ isc_sha512_t *sha512ctx = dctx->ctxdata.sha512ctx;
+
+ isc_sha512_update(sha512ctx, data->base, data->length);
+ }
+ break;
+ default:
+ INSIST(0);
}
#endif
return (ISC_R_SUCCESS);
}
+#if ! USE_EVP && OPENSSL_VERSION_NUMBER < 0x00908000L
+/*
+ * Digest prefixes from RFC 5702.
+ */
+static unsigned char sha256_prefix[] =
+ { 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48,
+ 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20};
+static unsigned char sha512_prefix[] =
+ { 0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48,
+ 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40};
+#define PREFIXLEN sizeof(sha512_prefix)
+#else
+#define PREFIXLEN 0
+#endif
+
static isc_result_t
opensslrsa_sign(dst_context_t *dctx, isc_buffer_t *sig) {
dst_key_t *key = dctx->key;
@@ -230,20 +366,26 @@ opensslrsa_sign(dst_context_t *dctx, isc_buffer_t *sig) {
EVP_PKEY *pkey = key->keydata.pkey;
#else
RSA *rsa = key->keydata.rsa;
- /* note: ISC_SHA1_DIGESTLENGTH > ISC_MD5_DIGESTLENGTH */
- unsigned char digest[ISC_SHA1_DIGESTLENGTH];
- int status;
- int type;
- unsigned int digestlen;
+ /* note: ISC_SHA512_DIGESTLENGTH >= ISC_*_DIGESTLENGTH */
+ unsigned char digest[PREFIXLEN + ISC_SHA512_DIGESTLENGTH];
+ int status = 0;
+ int type = 0;
+ unsigned int digestlen = 0;
char *message;
unsigned long err;
const char* file;
int line;
+#if OPENSSL_VERSION_NUMBER < 0x00908000L
+ unsigned int prefixlen = 0;
+ const unsigned char *prefix = NULL;
+#endif
#endif
REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 ||
dctx->key->key_alg == DST_ALG_RSASHA1 ||
- dctx->key->key_alg == DST_ALG_NSEC3RSASHA1);
+ dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 ||
+ dctx->key->key_alg == DST_ALG_RSASHA256 ||
+ dctx->key->key_alg == DST_ALG_RSASHA512);
isc_buffer_availableregion(sig, &r);
@@ -258,19 +400,92 @@ opensslrsa_sign(dst_context_t *dctx, isc_buffer_t *sig) {
if (r.length < (unsigned int) RSA_size(rsa))
return (ISC_R_NOSPACE);
- if (dctx->key->key_alg == DST_ALG_RSAMD5) {
- isc_md5_t *md5ctx = dctx->ctxdata.md5ctx;
- isc_md5_final(md5ctx, digest);
- type = NID_md5;
- digestlen = ISC_MD5_DIGESTLENGTH;
- } else {
- isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx;
- isc_sha1_final(sha1ctx, digest);
- type = NID_sha1;
- digestlen = ISC_SHA1_DIGESTLENGTH;
+ switch (dctx->key->key_alg) {
+ case DST_ALG_RSAMD5:
+ {
+ isc_md5_t *md5ctx = dctx->ctxdata.md5ctx;
+
+ isc_md5_final(md5ctx, digest);
+ type = NID_md5;
+ digestlen = ISC_MD5_DIGESTLENGTH;
+ }
+ break;
+ case DST_ALG_RSASHA1:
+ case DST_ALG_NSEC3RSASHA1:
+ {
+ isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx;
+
+ isc_sha1_final(sha1ctx, digest);
+ type = NID_sha1;
+ digestlen = ISC_SHA1_DIGESTLENGTH;
+ }
+ break;
+ case DST_ALG_RSASHA256:
+ {
+ isc_sha256_t *sha256ctx = dctx->ctxdata.sha256ctx;
+
+ isc_sha256_final(digest, sha256ctx);
+ digestlen = ISC_SHA256_DIGESTLENGTH;
+#if OPENSSL_VERSION_NUMBER < 0x00908000L
+ prefix = sha256_prefix;
+ prefixlen = sizeof(sha256_prefix);
+#else
+ type = NID_sha256;
+#endif
+ }
+ break;
+ case DST_ALG_RSASHA512:
+ {
+ isc_sha512_t *sha512ctx = dctx->ctxdata.sha512ctx;
+
+ isc_sha512_final(digest, sha512ctx);
+ digestlen = ISC_SHA512_DIGESTLENGTH;
+#if OPENSSL_VERSION_NUMBER < 0x00908000L
+ prefix = sha512_prefix;
+ prefixlen = sizeof(sha512_prefix);
+#else
+ type = NID_sha512;
+#endif
+ }
+ break;
+ default:
+ INSIST(0);
}
+#if OPENSSL_VERSION_NUMBER < 0x00908000L
+ switch (dctx->key->key_alg) {
+ case DST_ALG_RSAMD5:
+ case DST_ALG_RSASHA1:
+ case DST_ALG_NSEC3RSASHA1:
+ INSIST(type != 0);
+ status = RSA_sign(type, digest, digestlen, r.base,
+ &siglen, rsa);
+ break;
+
+ case DST_ALG_RSASHA256:
+ case DST_ALG_RSASHA512:
+ INSIST(prefix != NULL);
+ INSIST(prefixlen != 0);
+ INSIST(prefixlen + digestlen <= sizeof(digest));
+
+ memmove(digest + prefixlen, digest, digestlen);
+ memcpy(digest, prefix, prefixlen);
+ status = RSA_private_encrypt(digestlen + prefixlen,
+ digest, r.base, rsa,
+ RSA_PKCS1_PADDING);
+ if (status < 0)
+ status = 0;
+ else
+ siglen = status;
+ break;
+
+ default:
+ INSIST(0);
+ }
+#else
+ INSIST(type != 0);
status = RSA_sign(type, digest, digestlen, r.base, &siglen, rsa);
+#endif
if (status == 0) {
err = ERR_peek_error_line(&file, &line);
if (err != 0U) {
@@ -293,37 +508,129 @@ opensslrsa_verify(dst_context_t *dctx, const isc_region_t *sig) {
EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx;
EVP_PKEY *pkey = key->keydata.pkey;
#else
- /* note: ISC_SHA1_DIGESTLENGTH > ISC_MD5_DIGESTLENGTH */
- unsigned char digest[ISC_SHA1_DIGESTLENGTH];
- int type;
- unsigned int digestlen;
+ /* note: ISC_SHA512_DIGESTLENGTH >= ISC_*_DIGESTLENGTH */
+ unsigned char digest[ISC_SHA512_DIGESTLENGTH];
+ int type = 0;
+ unsigned int digestlen = 0;
RSA *rsa = key->keydata.rsa;
+#if OPENSSL_VERSION_NUMBER < 0x00908000L
+ unsigned int prefixlen = 0;
+ const unsigned char *prefix = NULL;
+#endif
#endif
REQUIRE(dctx->key->key_alg == DST_ALG_RSAMD5 ||
dctx->key->key_alg == DST_ALG_RSASHA1 ||
- dctx->key->key_alg == DST_ALG_NSEC3RSASHA1);
+ dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 ||
+ dctx->key->key_alg == DST_ALG_RSASHA256 ||
+ dctx->key->key_alg == DST_ALG_RSASHA512);
#if USE_EVP
status = EVP_VerifyFinal(evp_md_ctx, sig->base, sig->length, pkey);
#else
- if (dctx->key->key_alg == DST_ALG_RSAMD5) {
- isc_md5_t *md5ctx = dctx->ctxdata.md5ctx;
- isc_md5_final(md5ctx, digest);
- type = NID_md5;
- digestlen = ISC_MD5_DIGESTLENGTH;
- } else {
- isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx;
- isc_sha1_final(sha1ctx, digest);
- type = NID_sha1;
- digestlen = ISC_SHA1_DIGESTLENGTH;
+ switch (dctx->key->key_alg) {
+ case DST_ALG_RSAMD5:
+ {
+ isc_md5_t *md5ctx = dctx->ctxdata.md5ctx;
+
+ isc_md5_final(md5ctx, digest);
+ type = NID_md5;
+ digestlen = ISC_MD5_DIGESTLENGTH;
+ }
+ break;
+ case DST_ALG_RSASHA1:
+ case DST_ALG_NSEC3RSASHA1:
+ {
+ isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx;
+
+ isc_sha1_final(sha1ctx, digest);
+ type = NID_sha1;
+ digestlen = ISC_SHA1_DIGESTLENGTH;
+ }
+ break;
+ case DST_ALG_RSASHA256:
+ {
+ isc_sha256_t *sha256ctx = dctx->ctxdata.sha256ctx;
+
+ isc_sha256_final(digest, sha256ctx);
+ digestlen = ISC_SHA256_DIGESTLENGTH;
+#if OPENSSL_VERSION_NUMBER < 0x00908000L
+ prefix = sha256_prefix;
+ prefixlen = sizeof(sha256_prefix);
+#else
+ type = NID_sha256;
+#endif
+ }
+ break;
+ case DST_ALG_RSASHA512:
+ {
+ isc_sha512_t *sha512ctx = dctx->ctxdata.sha512ctx;
+
+ isc_sha512_final(digest, sha512ctx);
+ digestlen = ISC_SHA512_DIGESTLENGTH;
+#if OPENSSL_VERSION_NUMBER < 0x00908000L
+ prefix = sha512_prefix;
+ prefixlen = sizeof(sha512_prefix);
+#else
+ type = NID_sha512;
+#endif
+ }
+ break;
+ default:
+ INSIST(0);
}
- if (sig->length < (unsigned int) RSA_size(rsa))
+ if (sig->length != (unsigned int) RSA_size(rsa))
return (DST_R_VERIFYFAILURE);
+#if OPENSSL_VERSION_NUMBER < 0x00908000L
+ switch (dctx->key->key_alg) {
+ case DST_ALG_RSAMD5:
+ case DST_ALG_RSASHA1:
+ case DST_ALG_NSEC3RSASHA1:
+ INSIST(type != 0);
+ status = RSA_verify(type, digest, digestlen, sig->base,
+ RSA_size(rsa), rsa);
+ break;
+
+ case DST_ALG_RSASHA256:
+ case DST_ALG_RSASHA512:
+ {
+ /*
+ * 1024 is big enough for all valid RSA bit sizes
+ * for use with DNSSEC.
+ */
+ unsigned char original[PREFIXLEN + 1024];
+
+ INSIST(prefix != NULL);
+ INSIST(prefixlen != 0U);
+
+ if (RSA_size(rsa) > (int)sizeof(original))
+ return (DST_R_VERIFYFAILURE);
+
+ status = RSA_public_decrypt(sig->length, sig->base,
+ original, rsa,
+ RSA_PKCS1_PADDING);
+ if (status <= 0)
+ return (DST_R_VERIFYFAILURE);
+ if (status != (int)(prefixlen + digestlen))
+ return (DST_R_VERIFYFAILURE);
+ if (memcmp(original, prefix, prefixlen))
+ return (DST_R_VERIFYFAILURE);
+ if (memcmp(original + prefixlen, digest, digestlen))
+ return (DST_R_VERIFYFAILURE);
+ status = 1;
+ }
+ break;
+
+ default:
+ INSIST(0);
+ }
+#else
+ INSIST(type != 0);
status = RSA_verify(type, digest, digestlen, sig->base,
- RSA_size(rsa), rsa);
+ RSA_size(rsa), rsa);
+#endif
#endif
if (status != 1)
return (dst__openssl_toresult(DST_R_VERIFYFAILURE));
@@ -552,19 +859,20 @@ opensslrsa_todns(const dst_key_t *key, isc_buffer_t *data) {
if (r.length < 1)
DST_RET(ISC_R_NOSPACE);
isc_buffer_putuint8(data, (isc_uint8_t) e_bytes);
+ isc_region_consume(&r, 1);
} else {
if (r.length < 3)
DST_RET(ISC_R_NOSPACE);
isc_buffer_putuint8(data, 0);
isc_buffer_putuint16(data, (isc_uint16_t) e_bytes);
+ isc_region_consume(&r, 3);
}
if (r.length < e_bytes + mod_bytes)
- return (ISC_R_NOSPACE);
- isc_buffer_availableregion(data, &r);
+ DST_RET(ISC_R_NOSPACE);
BN_bn2bin(rsa->e, r.base);
- r.base += e_bytes;
+ isc_region_consume(&r, e_bytes);
BN_bn2bin(rsa->n, r.base);
isc_buffer_add(data, e_bytes + mod_bytes);
@@ -805,8 +1113,8 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer) {
DST_RET(DST_R_NOENGINE);
pkey = ENGINE_load_private_key(e, label, NULL, NULL);
if (pkey == NULL) {
- ERR_print_errors_fp(stderr);
- DST_RET(ISC_R_FAILURE);
+ /* ERR_print_errors_fp(stderr); */
+ DST_RET(ISC_R_NOTFOUND);
}
key->engine = isc_mem_strdup(key->mctx, name);
if (key->engine == NULL)
@@ -924,7 +1232,7 @@ opensslrsa_fromlabel(dst_key_t *key, const char *engine, const char *label,
DST_RET(DST_R_NOENGINE);
pkey = ENGINE_load_private_key(e, label, NULL, NULL);
if (pkey == NULL)
- DST_RET(ISC_R_NOMEMORY);
+ DST_RET(ISC_R_NOTFOUND);
key->engine = isc_mem_strdup(key->mctx, label);
if (key->engine == NULL)
DST_RET(ISC_R_NOMEMORY);
@@ -969,10 +1277,26 @@ static dst_func_t opensslrsa_functions = {
};
isc_result_t
-dst__opensslrsa_init(dst_func_t **funcp) {
+dst__opensslrsa_init(dst_func_t **funcp, unsigned char algorithm) {
REQUIRE(funcp != NULL);
- if (*funcp == NULL)
- *funcp = &opensslrsa_functions;
+
+ if (*funcp == NULL) {
+ switch (algorithm) {
+ case DST_ALG_RSASHA256:
+#if defined(HAVE_EVP_SHA256) || !USE_EVP
+ *funcp = &opensslrsa_functions;
+#endif
+ break;
+ case DST_ALG_RSASHA512:
+#if defined(HAVE_EVP_SHA512) || !USE_EVP
+ *funcp = &opensslrsa_functions;
+#endif
+ break;
+ default:
+ *funcp = &opensslrsa_functions;
+ break;
+ }
+ }
return (ISC_R_SUCCESS);
}
diff --git a/lib/dns/rbt.c b/lib/dns/rbt.c
index ff8b3a36e379..62a9e2b03bb7 100644
--- a/lib/dns/rbt.c
+++ b/lib/dns/rbt.c
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: rbt.c,v 1.142.50.2 2009/01/18 23:47:40 tbox Exp $ */
+/* $Id: rbt.c,v 1.142.50.3 2009/10/20 05:06:04 marka Exp $ */
/*! \file */
@@ -85,9 +85,9 @@ struct dns_rbt {
#define HASHVAL(node) ((node)->hashval)
#define COLOR(node) ((node)->color)
#define NAMELEN(node) ((node)->namelen)
+#define OLDNAMELEN(node) ((node)->oldnamelen)
#define OFFSETLEN(node) ((node)->offsetlen)
#define ATTRS(node) ((node)->attributes)
-#define PADBYTES(node) ((node)->padbytes)
#define IS_ROOT(node) ISC_TF((node)->is_root == 1)
#define FINDCALLBACK(node) ISC_TF((node)->find_callback == 1)
@@ -100,13 +100,23 @@ struct dns_rbt {
#define LOCKNUM(node) ((node)->locknum)
/*%
- * The variable length stuff stored after the node.
+ * The variable length stuff stored after the node has the following
+ * structure.
+ *
+ * <name_data>{1..255}<oldoffsetlen>{1}<offsets>{1..128}
+ *
+ * <name_data> contains the name of the node when it was created.
+ * <oldoffsetlen> contains the length of <offsets> when the node was created.
+ * <offsets> contains the offets into name for each label when the node was
+ * created.
*/
+
#define NAME(node) ((unsigned char *)((node) + 1))
-#define OFFSETS(node) (NAME(node) + NAMELEN(node))
+#define OFFSETS(node) (NAME(node) + OLDNAMELEN(node) + 1)
+#define OLDOFFSETLEN(node) (OFFSETS(node)[-1])
#define NODE_SIZE(node) (sizeof(*node) + \
- NAMELEN(node) + OFFSETLEN(node) + PADBYTES(node))
+ OLDNAMELEN(node) + OLDOFFSETLEN(node) + 1)
/*%
* Color management.
@@ -553,11 +563,6 @@ dns_rbt_addnode(dns_rbt_t *rbt, dns_name_t *name, dns_rbtnode_t **nodep) {
NAMELEN(current) = prefix->length;
OFFSETLEN(current) = prefix->labels;
- memcpy(OFFSETS(current), prefix->offsets,
- prefix->labels);
- PADBYTES(current) +=
- (current_name.length - prefix->length) +
- (current_name.labels - prefix->labels);
/*
* Set up the new root of the next level.
@@ -1423,7 +1428,7 @@ create_node(isc_mem_t *mctx, dns_name_t *name, dns_rbtnode_t **nodep) {
* Allocate space for the node structure, the name, and the offsets.
*/
node = (dns_rbtnode_t *)isc_mem_get(mctx, sizeof(*node) +
- region.length + labels);
+ region.length + labels + 1);
if (node == NULL)
return (ISC_R_NOMEMORY);
@@ -1460,10 +1465,12 @@ create_node(isc_mem_t *mctx, dns_name_t *name, dns_rbtnode_t **nodep) {
* The offsets table could be made smaller by eliminating the
* first offset, which is always 0. This requires changes to
* lib/dns/name.c.
+ *
+ * Note: OLDOFFSETLEN *must* be assigned *after* OLDNAMELEN is assigned
+ * as it uses OLDNAMELEN.
*/
- NAMELEN(node) = region.length;
- PADBYTES(node) = 0;
- OFFSETLEN(node) = labels;
+ OLDNAMELEN(node) = NAMELEN(node) = region.length;
+ OLDOFFSETLEN(node) = OFFSETLEN(node) = labels;
ATTRS(node) = name->attributes;
memcpy(NAME(node), region.base, region.length);
diff --git a/lib/dns/rbtdb.c b/lib/dns/rbtdb.c
index d5b5b5c8194f..f841ebea5e94 100644
--- a/lib/dns/rbtdb.c
+++ b/lib/dns/rbtdb.c
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: rbtdb.c,v 1.270.12.6.10.2 2009/12/31 21:44:36 each Exp $ */
+/* $Id: rbtdb.c,v 1.270.12.16 2009/12/30 08:34:30 jinmei Exp $ */
/*! \file */
@@ -258,21 +258,8 @@ typedef struct rdatasetheader {
dns_rbtnode_t *node;
isc_stdtime_t last_used;
- ISC_LINK(struct rdatasetheader) lru_link;
- /*%<
- * Used for LRU-based cache management. We should probably make
- * these cache-DB specific. We might also make it a pointer and
- * ensure only the top header has a valid link to save memory.
- * The linked-list is locked by the rbtdb->lrulock.
- */
+ ISC_LINK(struct rdatasetheader) link;
- /*
- * It's possible this should not be here anymore, but instead
- * referenced from the bucket's heap directly.
- */
-#if 0
- isc_heap_t *heap;
-#endif
unsigned int heap_index;
/*%<
* Used for TTL-based cache cleaning.
@@ -396,7 +383,7 @@ typedef struct rbtdb_version {
isc_uint8_t flags;
isc_uint16_t iterations;
isc_uint8_t salt_length;
- unsigned char salt[NSEC3_MAX_HASH_LENGTH];
+ unsigned char salt[DNS_NSEC3_SALTSIZE];
} rbtdb_version_t;
typedef ISC_LIST(rbtdb_version_t) rbtdb_versionlist_t;
@@ -1227,7 +1214,7 @@ free_noqname(isc_mem_t *mctx, struct noqname **noqname) {
static inline void
init_rdataset(dns_rbtdb_t *rbtdb, rdatasetheader_t *h)
{
- ISC_LINK_INIT(h, lru_link);
+ ISC_LINK_INIT(h, link);
h->heap_index = 0;
#if TRACE_HEADER
@@ -1267,8 +1254,10 @@ free_rdataset(dns_rbtdb_t *rbtdb, isc_mem_t *mctx, rdatasetheader_t *rdataset)
}
idx = rdataset->node->locknum;
- if (ISC_LINK_LINKED(rdataset, lru_link))
- ISC_LIST_UNLINK(rbtdb->rdatasets[idx], rdataset, lru_link);
+ if (ISC_LINK_LINKED(rdataset, link)) {
+ INSIST(IS_CACHE(rbtdb));
+ ISC_LIST_UNLINK(rbtdb->rdatasets[idx], rdataset, link);
+ }
if (rdataset->heap_index != 0)
isc_heap_delete(rbtdb->heaps[idx], rdataset->heap_index);
rdataset->heap_index = 0;
@@ -2075,8 +2064,6 @@ setnsec3parameters(dns_db_t *db, rbtdb_version_t *version,
continue;
#endif
- INSIST(nsec3param.salt_length <=
- sizeof(version->salt));
memcpy(version->salt, nsec3param.salt,
nsec3param.salt_length);
version->hash = nsec3param.hash;
@@ -2284,17 +2271,18 @@ closeversion(dns_db_t *db, dns_dbversion_t **versionp, isc_boolean_t commit) {
for (header = HEAD(resigned_list);
header != NULL;
header = HEAD(resigned_list)) {
- ISC_LIST_UNLINK(resigned_list, header, lru_link);
- if (rollback) {
- nodelock_t *lock;
- lock = &rbtdb->node_locks[header->node->locknum].lock;
- NODE_LOCK(lock, isc_rwlocktype_write);
+ nodelock_t *lock;
+
+ ISC_LIST_UNLINK(resigned_list, header, link);
+
+ lock = &rbtdb->node_locks[header->node->locknum].lock;
+ NODE_LOCK(lock, isc_rwlocktype_write);
+ if (rollback)
resign_insert(rbtdb, header->node->locknum, header);
- NODE_UNLOCK(lock, isc_rwlocktype_write);
- }
decrement_reference(rbtdb, header->node, least_serial,
isc_rwlocktype_write, isc_rwlocktype_none,
ISC_FALSE);
+ NODE_UNLOCK(lock, isc_rwlocktype_write);
}
if (!EMPTY(cleanup_list)) {
@@ -3524,11 +3512,17 @@ zone_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version,
/*
* The node may be a zone cut itself. If it might be one,
* make sure we check for it later.
+ *
+ * DS records live above the zone cut in ordinary zone so
+ * we want to ignore any referral.
+ *
+ * Stub zones don't have anything "above" the delgation so
+ * we always return a referral.
*/
if (node->find_callback &&
- (node != search.rbtdb->origin_node ||
- IS_STUB(search.rbtdb)) &&
- !dns_rdatatype_atparent(type))
+ ((node != search.rbtdb->origin_node &&
+ !dns_rdatatype_atparent(type)) ||
+ IS_STUB(search.rbtdb)))
maybe_zonecut = ISC_TRUE;
}
@@ -3546,8 +3540,8 @@ zone_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version,
* We now go looking for rdata...
*/
- NODE_LOCK(&(search.rbtdb->node_locks[node->locknum].lock),
- isc_rwlocktype_read);
+ lock = &search.rbtdb->node_locks[node->locknum].lock;
+ NODE_LOCK(lock, isc_rwlocktype_read);
found = NULL;
foundsig = NULL;
@@ -3625,8 +3619,10 @@ zone_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version,
* we are using behave as if it isn't here.
*/
if (header->type == dns_rdatatype_nsec3 &&
- !matchparams(header, &search))
+ !matchparams(header, &search)) {
+ NODE_UNLOCK(lock, isc_rwlocktype_read);
goto partial_match;
+ }
/*
* If we found a type we were looking for,
* remember it.
@@ -3705,7 +3701,6 @@ zone_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version,
* we really have a partial match.
*/
if (!wild) {
- lock = &search.rbtdb->node_locks[node->locknum].lock;
NODE_UNLOCK(lock, isc_rwlocktype_read);
goto partial_match;
}
@@ -3722,7 +3717,6 @@ zone_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version,
*
* Return the delegation.
*/
- lock = &search.rbtdb->node_locks[node->locknum].lock;
NODE_UNLOCK(lock, isc_rwlocktype_read);
result = setup_delegation(&search, nodep, foundname,
rdataset, sigrdataset);
@@ -3744,7 +3738,6 @@ zone_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version,
goto node_exit;
}
- lock = &search.rbtdb->node_locks[node->locknum].lock;
NODE_UNLOCK(lock, isc_rwlocktype_read);
result = find_closest_nsec(&search, nodep, foundname,
rdataset, sigrdataset,
@@ -3829,7 +3822,6 @@ zone_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version,
if (result == DNS_R_GLUE &&
(search.options & DNS_DBFIND_VALIDATEGLUE) != 0 &&
!valid_glue(&search, foundname, type, node)) {
- lock = &search.rbtdb->node_locks[node->locknum].lock;
NODE_UNLOCK(lock, isc_rwlocktype_read);
result = setup_delegation(&search, nodep, foundname,
rdataset, sigrdataset);
@@ -3861,8 +3853,7 @@ zone_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version,
foundname->attributes |= DNS_NAMEATTR_WILDCARD;
node_exit:
- NODE_UNLOCK(&(search.rbtdb->node_locks[node->locknum].lock),
- isc_rwlocktype_read);
+ NODE_UNLOCK(lock, isc_rwlocktype_read);
tree_exit:
RWUNLOCK(&search.rbtdb->tree_lock, isc_rwlocktype_read);
@@ -5408,8 +5399,10 @@ static isc_result_t
resign_insert(dns_rbtdb_t *rbtdb, int idx, rdatasetheader_t *newheader) {
isc_result_t result;
+ INSIST(!IS_CACHE(rbtdb));
INSIST(newheader->heap_index == 0);
- INSIST(!ISC_LINK_LINKED(newheader, lru_link));
+ INSIST(!ISC_LINK_LINKED(newheader, link));
+
result = isc_heap_insert(rbtdb->heaps[idx], newheader);
return (result);
}
@@ -5735,7 +5728,7 @@ add(dns_rbtdb_t *rbtdb, dns_rbtnode_t *rbtnode, rbtdb_version_t *rbtversion,
idx = newheader->node->locknum;
if (IS_CACHE(rbtdb)) {
ISC_LIST_PREPEND(rbtdb->rdatasets[idx],
- newheader, lru_link);
+ newheader, link);
/*
* XXXMLG We don't check the return value
* here. If it fails, we will not do TTL
@@ -5794,7 +5787,7 @@ add(dns_rbtdb_t *rbtdb, dns_rbtnode_t *rbtnode, rbtdb_version_t *rbtversion,
idx = newheader->node->locknum;
if (IS_CACHE(rbtdb)) {
ISC_LIST_PREPEND(rbtdb->rdatasets[idx],
- newheader, lru_link);
+ newheader, link);
isc_heap_insert(rbtdb->heaps[idx], newheader);
} else if (RESIGN(newheader)) {
resign_insert(rbtdb, idx, newheader);
@@ -6519,11 +6512,17 @@ static void
delete_callback(void *data, void *arg) {
dns_rbtdb_t *rbtdb = arg;
rdatasetheader_t *current, *next;
+ unsigned int locknum;
- for (current = data; current != NULL; current = next) {
+ current = data;
+ locknum = current->node->locknum;
+ NODE_LOCK(&rbtdb->node_locks[locknum].lock, isc_rwlocktype_write);
+ while (current != NULL) {
next = current->next;
free_rdataset(rbtdb, rbtdb->common.mctx, current);
+ current = next;
}
+ NODE_UNLOCK(&rbtdb->node_locks[locknum].lock, isc_rwlocktype_write);
}
static isc_boolean_t
@@ -6642,8 +6641,8 @@ getnsec3parameters(dns_db_t *db, dns_dbversion_t *version, dns_hash_t *hash,
if (rbtversion->havensec3) {
if (hash != NULL)
*hash = rbtversion->hash;
- if (salt != NULL && salt_length != 0) {
- REQUIRE(*salt_length > rbtversion->salt_length);
+ if (salt != NULL && salt_length != NULL) {
+ REQUIRE(*salt_length >= rbtversion->salt_length);
memcpy(salt, rbtversion->salt, rbtversion->salt_length);
}
if (salt_length != NULL)
@@ -6707,27 +6706,35 @@ getsigningtime(dns_db_t *db, dns_rdataset_t *rdataset,
rdatasetheader_t *header = NULL, *this;
unsigned int i;
isc_result_t result = ISC_R_NOTFOUND;
+ unsigned int locknum;
REQUIRE(VALID_RBTDB(rbtdb));
RBTDB_LOCK(&rbtdb->lock, isc_rwlocktype_read);
for (i = 0; i < rbtdb->node_lock_count; i++) {
+ NODE_LOCK(&rbtdb->node_locks[i].lock, isc_rwlocktype_read);
this = isc_heap_element(rbtdb->heaps[i], 1);
- if (this == NULL)
+ if (this == NULL) {
+ NODE_UNLOCK(&rbtdb->node_locks[i].lock,
+ isc_rwlocktype_read);
continue;
+ }
if (header == NULL)
header = this;
- else if (isc_serial_lt(this->resign, header->resign))
+ else if (isc_serial_lt(this->resign, header->resign)) {
+ locknum = header->node->locknum;
+ NODE_UNLOCK(&rbtdb->node_locks[locknum].lock,
+ isc_rwlocktype_read);
header = this;
+ } else
+ NODE_UNLOCK(&rbtdb->node_locks[i].lock,
+ isc_rwlocktype_read);
}
if (header == NULL)
goto unlock;
- NODE_LOCK(&rbtdb->node_locks[header->node->locknum].lock,
- isc_rwlocktype_read);
-
bind_rdataset(rbtdb, header->node, header, 0, rdataset);
if (foundname != NULL)
@@ -6761,7 +6768,7 @@ resigned(dns_db_t *db, dns_rdataset_t *rdataset, dns_dbversion_t *version)
header = rdataset->private3;
header--;
- RBTDB_LOCK(&rbtdb->lock, isc_rwlocktype_read);
+ RBTDB_LOCK(&rbtdb->lock, isc_rwlocktype_write);
NODE_LOCK(&rbtdb->node_locks[node->locknum].lock,
isc_rwlocktype_write);
/*
@@ -6771,11 +6778,11 @@ resigned(dns_db_t *db, dns_rdataset_t *rdataset, dns_dbversion_t *version)
new_reference(rbtdb, node);
isc_heap_delete(rbtdb->heaps[node->locknum], header->heap_index);
header->heap_index = 0;
- ISC_LIST_APPEND(rbtversion->resigned_list, header, lru_link);
+ ISC_LIST_APPEND(rbtversion->resigned_list, header, link);
NODE_UNLOCK(&rbtdb->node_locks[node->locknum].lock,
isc_rwlocktype_write);
- RBTDB_UNLOCK(&rbtdb->lock, isc_rwlocktype_read);
+ RBTDB_UNLOCK(&rbtdb->lock, isc_rwlocktype_write);
}
static dns_stats_t *
@@ -8497,13 +8504,11 @@ update_header(dns_rbtdb_t *rbtdb, rdatasetheader_t *header,
INSIST(IS_CACHE(rbtdb));
/* To be checked: can we really assume this? XXXMLG */
- INSIST(ISC_LINK_LINKED(header, lru_link));
+ INSIST(ISC_LINK_LINKED(header, link));
- ISC_LIST_UNLINK(rbtdb->rdatasets[header->node->locknum],
- header, lru_link);
+ ISC_LIST_UNLINK(rbtdb->rdatasets[header->node->locknum], header, link);
header->last_used = now;
- ISC_LIST_PREPEND(rbtdb->rdatasets[header->node->locknum],
- header, lru_link);
+ ISC_LIST_PREPEND(rbtdb->rdatasets[header->node->locknum], header, link);
}
/*%
@@ -8539,7 +8544,7 @@ overmem_purge(dns_rbtdb_t *rbtdb, unsigned int locknum_start,
for (header = ISC_LIST_TAIL(rbtdb->rdatasets[locknum]);
header != NULL && purgecount > 0;
header = header_prev) {
- header_prev = ISC_LIST_PREV(header, lru_link);
+ header_prev = ISC_LIST_PREV(header, link);
/*
* Unlink the entry at this point to avoid checking it
* again even if it's currently used someone else and
@@ -8548,7 +8553,7 @@ overmem_purge(dns_rbtdb_t *rbtdb, unsigned int locknum_start,
* TTL was reset to 0.
*/
ISC_LIST_UNLINK(rbtdb->rdatasets[locknum], header,
- lru_link);
+ link);
expire_header(rbtdb, header, tree_locked);
purgecount--;
}
diff --git a/lib/dns/rcode.c b/lib/dns/rcode.c
index 58ade8587e8c..9feaeb07d9c0 100644
--- a/lib/dns/rcode.c
+++ b/lib/dns/rcode.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2008, 2010 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1998-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: rcode.c,v 1.8 2008/09/25 04:02:38 tbox Exp $ */
+/* $Id: rcode.c,v 1.8.48.2 2010/01/15 23:47:33 tbox Exp $ */
#include <config.h>
#include <ctype.h>
@@ -100,6 +100,8 @@
{ DNS_KEYALG_ECC, "ECC", 0 }, \
{ DNS_KEYALG_RSASHA1, "RSASHA1", 0 }, \
{ DNS_KEYALG_NSEC3RSASHA1, "NSEC3RSASHA1", 0 }, \
+ { DNS_KEYALG_RSASHA256, "RSASHA256", 0 }, \
+ { DNS_KEYALG_RSASHA512, "RSASHA512", 0 }, \
{ DNS_KEYALG_INDIRECT, "INDIRECT", 0 }, \
{ DNS_KEYALG_PRIVATEDNS, "PRIVATEDNS", 0 }, \
{ DNS_KEYALG_PRIVATEOID, "PRIVATEOID", 0 }, \
diff --git a/lib/dns/rdata/generic/ipseckey_45.c b/lib/dns/rdata/generic/ipseckey_45.c
index bc2b4e889d4b..6a58bc9bb4e8 100644
--- a/lib/dns/rdata/generic/ipseckey_45.c
+++ b/lib/dns/rdata/generic/ipseckey_45.c
@@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: ipseckey_45.c,v 1.4.332.2 2009/01/18 23:47:41 tbox Exp $ */
+/* $Id: ipseckey_45.c,v 1.4.332.3 2009/09/18 21:55:48 jinmei Exp $ */
#ifndef RDATA_GENERIC_IPSECKEY_45_C
#define RDATA_GENERIC_IPSECKEY_45_C
@@ -243,6 +243,7 @@ fromwire_ipseckey(ARGS_FROMWIRE) {
isc_buffer_forward(source, 3);
RETERR(dns_name_fromwire(&name, source, dctx, options, target));
isc_buffer_activeregion(source, &region);
+ isc_buffer_forward(source, region.length);
return(mem_tobuffer(target, region.base, region.length));
default:
diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c
index 1b4f407c87fe..02e96cda7099 100644
--- a/lib/dns/resolver.c
+++ b/lib/dns/resolver.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: resolver.c,v 1.384.14.14.8.2 2010/01/07 17:17:19 each Exp $ */
+/* $Id: resolver.c,v 1.384.14.20 2010/01/07 23:47:36 tbox Exp $ */
/*! \file */
@@ -2534,6 +2534,16 @@ findname(fetchctx_t *fctx, dns_name_t *name, in_port_t port,
}
}
+static isc_boolean_t
+isstrictsubdomain(dns_name_t *name1, dns_name_t *name2) {
+ int order;
+ unsigned int nlabels;
+ dns_namereln_t namereln;
+
+ namereln = dns_name_fullcompare(name1, name2, &order, &nlabels);
+ return (ISC_TF(namereln == dns_namereln_subdomain));
+}
+
static isc_result_t
fctx_getaddresses(fetchctx_t *fctx) {
dns_rdata_t rdata = DNS_RDATA_INIT;
@@ -2579,23 +2589,40 @@ fctx_getaddresses(fetchctx_t *fctx) {
dns_name_t *name = &fctx->name;
dns_name_t suffix;
unsigned int labels;
+ dns_fixedname_t fixed;
+ dns_name_t *domain;
/*
* DS records are found in the parent server.
* Strip label to get the correct forwarder (if any).
*/
- if (fctx->type == dns_rdatatype_ds &&
+ if (dns_rdatatype_atparent(fctx->type) &&
dns_name_countlabels(name) > 1) {
dns_name_init(&suffix, NULL);
labels = dns_name_countlabels(name);
dns_name_getlabelsequence(name, 1, labels - 1, &suffix);
name = &suffix;
}
- result = dns_fwdtable_find(fctx->res->view->fwdtable, name,
- &forwarders);
+
+ dns_fixedname_init(&fixed);
+ domain = dns_fixedname_name(&fixed);
+ result = dns_fwdtable_find2(fctx->res->view->fwdtable, name,
+ domain, &forwarders);
if (result == ISC_R_SUCCESS) {
sa = ISC_LIST_HEAD(forwarders->addrs);
fctx->fwdpolicy = forwarders->fwdpolicy;
+ if (fctx->fwdpolicy == dns_fwdpolicy_only &&
+ isstrictsubdomain(domain, &fctx->domain)) {
+ isc_mem_t *mctx;
+
+ mctx = res->buckets[fctx->bucketnum].mctx;
+ dns_name_free(&fctx->domain, mctx);
+ dns_name_init(&fctx->domain, NULL);
+ result = dns_name_dup(domain, mctx,
+ &fctx->domain);
+ if (result != ISC_R_SUCCESS)
+ return (result);
+ }
}
}
@@ -3477,21 +3504,22 @@ fctx_create(dns_resolver_t *res, dns_name_t *name, dns_rdatatype_t type,
if (domain == NULL) {
dns_forwarders_t *forwarders = NULL;
unsigned int labels;
+ dns_name_t *fwdname = name;
/*
* DS records are found in the parent server.
* Strip label to get the correct forwarder (if any).
*/
- if (fctx->type == dns_rdatatype_ds &&
+ if (dns_rdatatype_atparent(fctx->type) &&
dns_name_countlabels(name) > 1) {
dns_name_init(&suffix, NULL);
labels = dns_name_countlabels(name);
dns_name_getlabelsequence(name, 1, labels - 1, &suffix);
- name = &suffix;
+ fwdname = &suffix;
}
dns_fixedname_init(&fixed);
domain = dns_fixedname_name(&fixed);
- result = dns_fwdtable_find2(fctx->res->view->fwdtable, name,
+ result = dns_fwdtable_find2(fctx->res->view->fwdtable, fwdname,
domain, &forwarders);
if (result == ISC_R_SUCCESS)
fctx->fwdpolicy = forwarders->fwdpolicy;
@@ -3502,7 +3530,7 @@ fctx_create(dns_resolver_t *res, dns_name_t *name, dns_rdatatype_t type,
* nameservers, and we're not in forward-only mode,
* so find the best nameservers to use.
*/
- if (dns_rdatatype_atparent(type))
+ if (dns_rdatatype_atparent(fctx->type))
findoptions |= DNS_DBFIND_NOEXACT;
result = dns_view_findzonecut(res->view, name, domain,
0, findoptions, ISC_TRUE,
diff --git a/lib/dns/sdb.c b/lib/dns/sdb.c
index 03fca9ed63e6..ab9ff1967f68 100644
--- a/lib/dns/sdb.c
+++ b/lib/dns/sdb.c
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: sdb.c,v 1.66.48.2 2009/04/21 23:47:18 tbox Exp $ */
+/* $Id: sdb.c,v 1.66.48.3 2009/06/26 06:25:44 marka Exp $ */
/*! \file */
@@ -1458,9 +1458,11 @@ dbiterator_seek(dns_dbiterator_t *iterator, dns_name_t *name) {
sdb_dbiterator_t *sdbiter = (sdb_dbiterator_t *)iterator;
sdbiter->current = ISC_LIST_HEAD(sdbiter->nodelist);
- while (sdbiter->current != NULL)
+ while (sdbiter->current != NULL) {
if (dns_name_equal(sdbiter->current->name, name))
return (ISC_R_SUCCESS);
+ sdbiter->current = ISC_LIST_NEXT(sdbiter->current, link);
+ }
return (ISC_R_NOTFOUND);
}
diff --git a/lib/dns/sdlz.c b/lib/dns/sdlz.c
index 89cd0eea2a70..5e5f7e3d7a25 100644
--- a/lib/dns/sdlz.c
+++ b/lib/dns/sdlz.c
@@ -50,7 +50,7 @@
* USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: sdlz.c,v 1.18.50.2 2009/04/21 23:47:18 tbox Exp $ */
+/* $Id: sdlz.c,v 1.18.50.3 2009/06/26 06:25:44 marka Exp $ */
/*! \file */
@@ -1117,9 +1117,11 @@ dbiterator_seek(dns_dbiterator_t *iterator, dns_name_t *name) {
sdlz_dbiterator_t *sdlziter = (sdlz_dbiterator_t *)iterator;
sdlziter->current = ISC_LIST_HEAD(sdlziter->nodelist);
- while (sdlziter->current != NULL)
+ while (sdlziter->current != NULL) {
if (dns_name_equal(sdlziter->current->name, name))
return (ISC_R_SUCCESS);
+ sdlziter->current = ISC_LIST_NEXT(sdlziter->current, link);
+ }
return (ISC_R_NOTFOUND);
}
diff --git a/lib/dns/spnego.c b/lib/dns/spnego.c
index 0ae6ea233c0a..6c94e51baeea 100644
--- a/lib/dns/spnego.c
+++ b/lib/dns/spnego.c
@@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: spnego.c,v 1.8.118.2 2009/01/18 23:47:40 tbox Exp $ */
+/* $Id: spnego.c,v 1.8.118.4 2009/07/21 07:27:13 marka Exp $ */
/*! \file
* \brief
@@ -265,8 +265,7 @@ decode_oid(const unsigned char *p, size_t len,
oid * k, size_t * size);
static int
-decode_enumerated(const unsigned char *p, size_t len,
- unsigned *num, size_t *size);
+decode_enumerated(const unsigned char *p, size_t len, void *num, size_t *size);
static int
decode_octet_string(const unsigned char *, size_t, octet_string *, size_t *);
@@ -291,8 +290,7 @@ der_put_length_and_tag(unsigned char *, size_t, size_t,
Der_class, Der_type, int, size_t *);
static int
-encode_enumerated(unsigned char *p, size_t len,
- const unsigned *data, size_t *);
+encode_enumerated(unsigned char *p, size_t len, const void *data, size_t *);
static int
encode_octet_string(unsigned char *p, size_t len,
@@ -622,7 +620,7 @@ gss_accept_sec_context_spnego(OM_uint32 *minor_status,
}
for (i = 0; !found && i < init_token.mechTypes.len; ++i) {
- char mechbuf[17];
+ unsigned char mechbuf[17];
size_t mech_len;
ret = der_put_oid(mechbuf + sizeof(mechbuf) - 1,
@@ -956,8 +954,7 @@ der_match_tag_and_length(const unsigned char *p, size_t len,
}
static int
-decode_enumerated(const unsigned char *p, size_t len,
- unsigned *num, size_t *size)
+decode_enumerated(const unsigned char *p, size_t len, void *num, size_t *size)
{
size_t ret = 0;
size_t l, reallen;
@@ -1269,10 +1266,9 @@ der_put_length_and_tag(unsigned char *p, size_t len, size_t len_val,
}
static int
-encode_enumerated(unsigned char *p, size_t len, const unsigned *data,
- size_t *size)
+encode_enumerated(unsigned char *p, size_t len, const void *data, size_t *size)
{
- unsigned num = *data;
+ unsigned num = *(const unsigned *)data;
size_t ret = 0;
size_t l;
int e;
diff --git a/lib/dns/validator.c b/lib/dns/validator.c
index ce49daf2eb10..1e55a34055b3 100644
--- a/lib/dns/validator.c
+++ b/lib/dns/validator.c
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: validator.c,v 1.164.12.9.8.2 2009/12/31 20:29:21 each Exp $ */
+/* $Id: validator.c,v 1.164.12.11 2009/12/30 06:44:44 each Exp $ */
#include <config.h>
diff --git a/lib/dns/view.c b/lib/dns/view.c
index 5f1447ae06ed..961268e22c1c 100644
--- a/lib/dns/view.c
+++ b/lib/dns/view.c
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: view.c,v 1.150.84.2 2009/01/29 23:47:44 tbox Exp $ */
+/* $Id: view.c,v 1.150.84.3 2009/11/12 23:39:23 marka Exp $ */
/*! \file */
@@ -1250,7 +1250,8 @@ dns_view_getpeertsig(dns_view_t *view, isc_netaddr_t *peeraddr,
if (result != ISC_R_SUCCESS)
return (result);
- return (dns_view_gettsig(view, keyname, keyp));
+ result = dns_view_gettsig(view, keyname, keyp);
+ return ((result == ISC_R_NOTFOUND) ? ISC_R_FAILURE : result);
}
isc_result_t
diff --git a/lib/dns/zone.c b/lib/dns/zone.c
index 423b00578720..c21b1f05b118 100644
--- a/lib/dns/zone.c
+++ b/lib/dns/zone.c
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: zone.c,v 1.483.36.6 2009/03/26 22:57:07 marka Exp $ */
+/* $Id: zone.c,v 1.483.36.17 2009/12/21 04:32:42 marka Exp $ */
/*! \file */
@@ -200,7 +200,6 @@ struct dns_zone {
isc_time_t keywarntime;
isc_time_t signingtime;
isc_time_t nsec3chaintime;
- isc_uint32_t serial;
isc_uint32_t refresh;
isc_uint32_t retry;
isc_uint32_t expire;
@@ -351,11 +350,15 @@ struct dns_zone {
#define DNS_ZONEFLG_USEALTXFRSRC 0x00800000U
#define DNS_ZONEFLG_SOABEFOREAXFR 0x01000000U
#define DNS_ZONEFLG_NEEDCOMPACT 0x02000000U
+#define DNS_ZONEFLG_REFRESHING 0x04000000U /*%< Refreshing keydata */
+#define DNS_ZONEFLG_THAW 0x08000000U
#define DNS_ZONE_OPTION(z,o) (((z)->options & (o)) != 0)
/* Flags for zone_load() */
#define DNS_ZONELOADFLAG_NOSTAT 0x00000001U /* Do not stat() master files */
+#define DNS_ZONELOADFLAG_THAW 0x00000002U /* Thaw the zone on successful
+ load. */
#define UNREACH_CHACHE_SIZE 10U
#define UNREACH_HOLD_TIME 600 /* 10 minutes */
@@ -718,7 +721,6 @@ dns_zone_create(dns_zone_t **zonep, isc_mem_t *mctx) {
isc_time_settoepoch(&zone->keywarntime);
isc_time_settoepoch(&zone->signingtime);
isc_time_settoepoch(&zone->nsec3chaintime);
- zone->serial = 0;
zone->refresh = DNS_ZONE_DEFAULTREFRESH;
zone->retry = DNS_ZONE_DEFAULTRETRY;
zone->expire = 0;
@@ -967,16 +969,35 @@ dns_zone_setnotifytype(dns_zone_t *zone, dns_notifytype_t notifytype) {
UNLOCK_ZONE(zone);
}
-isc_uint32_t
-dns_zone_getserial(dns_zone_t *zone) {
- isc_uint32_t serial;
+isc_result_t
+dns_zone_getserial2(dns_zone_t *zone, isc_uint32_t *serialp) {
+ isc_result_t result;
REQUIRE(DNS_ZONE_VALID(zone));
+ REQUIRE(serialp != NULL);
LOCK_ZONE(zone);
- serial = zone->serial;
+ ZONEDB_LOCK(&zone->dblock, isc_rwlocktype_read);
+ if (zone->db != NULL) {
+ result = zone_get_from_db(zone, zone->db, NULL, NULL, serialp,
+ NULL, NULL, NULL, NULL, NULL);
+ } else
+ result = DNS_R_NOTLOADED;
+ ZONEDB_UNLOCK(&zone->dblock, isc_rwlocktype_read);
UNLOCK_ZONE(zone);
+ return (result);
+}
+
+isc_uint32_t
+dns_zone_getserial(dns_zone_t *zone) {
+ isc_result_t result;
+ isc_uint32_t serial;
+
+ result = dns_zone_getserial2(zone, &serial);
+ if (result != ISC_R_SUCCESS)
+ serial = 0; /* XXX: not really correct, but no other choice */
+
return (serial);
}
@@ -1314,7 +1335,9 @@ zone_load(dns_zone_t *zone, unsigned int flags) {
INSIST(zone->type != dns_zone_none);
if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_LOADING)) {
- result = ISC_R_SUCCESS;
+ if ((flags & DNS_ZONELOADFLAG_THAW) != 0)
+ DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_THAW);
+ result = DNS_R_CONTINUE;
goto cleanup;
}
@@ -1448,6 +1471,8 @@ zone_load(dns_zone_t *zone, unsigned int flags) {
if (result == DNS_R_CONTINUE) {
DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_LOADING);
+ if ((flags & DNS_ZONELOADFLAG_THAW) != 0)
+ DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_THAW);
goto cleanup;
}
@@ -1470,6 +1495,30 @@ dns_zone_loadnew(dns_zone_t *zone) {
return (zone_load(zone, DNS_ZONELOADFLAG_NOSTAT));
}
+isc_result_t
+dns_zone_loadandthaw(dns_zone_t *zone) {
+ isc_result_t result;
+
+ result = zone_load(zone, DNS_ZONELOADFLAG_THAW);
+ switch (result) {
+ case DNS_R_CONTINUE:
+ /* Deferred thaw. */
+ break;
+ case ISC_R_SUCCESS:
+ case DNS_R_UPTODATE:
+ case DNS_R_SEENINCLUDE:
+ zone->update_disabled = ISC_FALSE;
+ break;
+ case DNS_R_NOMASTERFILE:
+ zone->update_disabled = ISC_FALSE;
+ break;
+ default:
+ /* Error, remain in disabled state. */
+ break;
+ }
+ return (result);
+}
+
static unsigned int
get_master_options(dns_zone_t *zone) {
unsigned int options;
@@ -2148,7 +2197,8 @@ resume_signingwithkey(dns_zone_t *zone) {
}
result = zone_signwithkey(zone, rdata.data[0],
- (rdata.data[1] << 8) | rdata.data[2], ISC_TF(rdata.data[3]));
+ (rdata.data[1] << 8) | rdata.data[2],
+ ISC_TF(rdata.data[3]));
if (result != ISC_R_SUCCESS) {
dns_zone_log(zone, ISC_LOG_ERROR,
"zone_signwithkey failed: %s",
@@ -2291,7 +2341,6 @@ static void
set_resigntime(dns_zone_t *zone) {
dns_rdataset_t rdataset;
dns_fixedname_t fixed;
- char namebuf[DNS_NAME_FORMATSIZE];
unsigned int resign;
isc_result_t result;
isc_uint32_t nanosecs;
@@ -2305,7 +2354,6 @@ set_resigntime(dns_zone_t *zone) {
return;
}
resign = rdataset.resign;
- dns_name_format(dns_fixedname_name(&fixed), namebuf, sizeof(namebuf));
dns_rdataset_disassociate(&rdataset);
isc_random_get(&nanosecs);
nanosecs %= 1000000000;
@@ -2409,7 +2457,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime,
unsigned int soacount = 0;
unsigned int nscount = 0;
unsigned int errors = 0;
- isc_uint32_t serial, refresh, retry, expire, minimum;
+ isc_uint32_t serial, oldserial, refresh, retry, expire, minimum;
isc_time_t now;
isc_boolean_t needdump = ISC_FALSE;
isc_boolean_t hasinclude = DNS_ZONE_FLAG(zone, DNS_ZONEFLG_HASINCLUDE);
@@ -2463,8 +2511,9 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime,
options = DNS_JOURNALOPT_RESIGN;
else
options = 0;
- result = dns_journal_rollforward(zone->mctx, db, options,
- zone->journal);
+ result = dns_journal_rollforward2(zone->mctx, db, options,
+ zone->sigresigninginterval,
+ zone->journal);
if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND &&
result != DNS_R_UPTODATE && result != DNS_R_NOJOURNAL &&
result != ISC_R_RANGE) {
@@ -2544,14 +2593,18 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime,
* This is checked in zone_replacedb() for slave zones
* as they don't reload from disk.
*/
+ result = zone_get_from_db(zone, zone->db, NULL, NULL,
+ &oldserial, NULL, NULL, NULL,
+ NULL, NULL);
+ RUNTIME_CHECK(result == ISC_R_SUCCESS);
if (DNS_ZONE_OPTION(zone, DNS_ZONEOPT_IXFRFROMDIFFS) &&
- !isc_serial_gt(serial, zone->serial)) {
+ !isc_serial_gt(serial, oldserial)) {
isc_uint32_t serialmin, serialmax;
INSIST(zone->type == dns_zone_master);
- serialmin = (zone->serial + 1) & 0xffffffffU;
- serialmax = (zone->serial + 0x7fffffffU) &
+ serialmin = (oldserial + 1) & 0xffffffffU;
+ serialmax = (oldserial + 0x7fffffffU) &
0xffffffffU;
dns_zone_log(zone, ISC_LOG_ERROR,
"ixfr-from-differences: "
@@ -2560,10 +2613,10 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime,
serialmax);
result = DNS_R_BADZONE;
goto cleanup;
- } else if (!isc_serial_ge(serial, zone->serial))
+ } else if (!isc_serial_ge(serial, oldserial))
dns_zone_log(zone, ISC_LOG_ERROR,
"zone serial has gone backwards");
- else if (serial == zone->serial && !hasinclude)
+ else if (serial == oldserial && !hasinclude)
dns_zone_log(zone, ISC_LOG_ERROR,
"zone serial unchanged. "
"zone may fail to transfer "
@@ -2580,7 +2633,6 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime,
"3 * refresh.");
}
- zone->serial = serial;
zone->refresh = RANGE(refresh,
zone->minrefresh, zone->maxrefresh);
zone->retry = RANGE(retry,
@@ -2664,8 +2716,7 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime,
}
if (! dns_db_ispersistent(db))
- dns_zone_log(zone, ISC_LOG_INFO, "loaded serial %u%s",
- zone->serial,
+ dns_zone_log(zone, ISC_LOG_INFO, "loaded serial %u%s", serial,
dns_db_issecure(db) ? " (signed)" : "");
return (result);
@@ -2683,7 +2734,8 @@ zone_postload(dns_zone_t *zone, dns_db_t *db, isc_time_t loadtime,
if (zone->task != NULL)
zone_settimer(zone, &now);
result = ISC_R_SUCCESS;
- }
+ } else if (zone->type == dns_zone_master)
+ dns_zone_log(zone, ISC_LOG_ERROR, "not loaded due to errors.");
return (result);
}
@@ -4374,7 +4426,8 @@ updatesignwithkey(dns_signing_t *signing, dns_dbversion_t *version,
seen_done = ISC_TRUE;
else
CHECK(update_one_rr(signing->db, version, diff,
- DNS_DIFFOP_DEL, name, rdataset.ttl, &rdata));
+ DNS_DIFFOP_DEL, name,
+ rdataset.ttl, &rdata));
dns_rdata_reset(&rdata);
}
if (result == ISC_R_NOMORE)
@@ -5458,6 +5511,7 @@ zone_sign(dns_zone_t *zone) {
dst_key_t *zone_keys[MAXZONEKEYS];
isc_int32_t signatures;
isc_boolean_t check_ksk, is_ksk;
+ isc_boolean_t commit = ISC_FALSE;
isc_boolean_t delegation;
isc_boolean_t finishedakey = ISC_FALSE;
isc_boolean_t secureupdated = ISC_FALSE;
@@ -5745,6 +5799,7 @@ zone_sign(dns_zone_t *zone) {
goto failure;
}
}
+
if (finishedakey) {
/*
* We have changed the RRset above so we need to update
@@ -5770,6 +5825,15 @@ zone_sign(dns_zone_t *zone) {
goto failure;
}
}
+
+ /*
+ * Have we changed anything?
+ */
+ if (ISC_LIST_HEAD(sig_diff.tuples) == NULL)
+ goto pauseall;
+
+ commit = ISC_TRUE;
+
result = del_sigs(zone, db, version, &zone->origin, dns_rdatatype_soa,
&sig_diff, zone_keys, nkeys, now);
if (result != ISC_R_SUCCESS) {
@@ -5801,6 +5865,9 @@ zone_sign(dns_zone_t *zone) {
goto failure;
}
+ /*
+ * Write changes to journal file.
+ */
journalfile = dns_zone_getjournal(zone);
if (journalfile != NULL) {
dns_journal_t *journal = NULL;
@@ -5823,7 +5890,7 @@ zone_sign(dns_zone_t *zone) {
}
}
-
+ pauseall:
/*
* Pause all iterators so that dns_db_closeversion() can succeed.
*/
@@ -5840,7 +5907,7 @@ zone_sign(dns_zone_t *zone) {
/*
* Everything has succeeded. Commit the changes.
*/
- dns_db_closeversion(db, &version, ISC_TRUE);
+ dns_db_closeversion(db, &version, commit);
/*
* Everything succeeded so we can clean these up now.
@@ -5856,9 +5923,11 @@ zone_sign(dns_zone_t *zone) {
set_resigntime(zone);
- LOCK_ZONE(zone);
- zone_needdump(zone, DNS_DUMP_DELAY);
- UNLOCK_ZONE(zone);
+ if (commit) {
+ LOCK_ZONE(zone);
+ zone_needdump(zone, DNS_DUMP_DELAY);
+ UNLOCK_ZONE(zone);
+ }
failure:
/*
@@ -6498,6 +6567,7 @@ notify_isself(dns_zone_t *zone, isc_sockaddr_t *dst) {
isc_sockaddr_t any;
isc_boolean_t isself;
isc_netaddr_t dstaddr;
+ isc_result_t result;
if (zone->view == NULL || zone->isself == NULL)
return (ISC_FALSE);
@@ -6523,7 +6593,9 @@ notify_isself(dns_zone_t *zone, isc_sockaddr_t *dst) {
src = *dst;
isc_netaddr_fromsockaddr(&dstaddr, dst);
- (void)dns_view_getpeertsig(zone->view, &dstaddr, &key);
+ result = dns_view_getpeertsig(zone->view, &dstaddr, &key);
+ if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND)
+ return (ISC_FALSE);
isself = (zone->isself)(zone->view, key, &src, dst, zone->rdclass,
zone->isselfarg);
if (key != NULL)
@@ -6725,9 +6797,14 @@ notify_send_toaddr(isc_task_t *task, isc_event_t *event) {
goto cleanup;
isc_netaddr_fromsockaddr(&dstip, &notify->dst);
- (void)dns_view_getpeertsig(notify->zone->view, &dstip, &key);
-
isc_sockaddr_format(&notify->dst, addrbuf, sizeof(addrbuf));
+ result = dns_view_getpeertsig(notify->zone->view, &dstip, &key);
+ if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) {
+ notify_log(notify->zone, ISC_LOG_ERROR, "NOTIFY to %s not "
+ "sent. Peer TSIG key lookup failure.", addrbuf);
+ goto cleanup_message;
+ }
+
notify_log(notify->zone, ISC_LOG_DEBUG(3), "sending notify to %s",
addrbuf);
if (notify->zone->view->peers != NULL) {
@@ -6774,6 +6851,7 @@ notify_send_toaddr(isc_task_t *task, isc_event_t *event) {
cleanup_key:
if (key != NULL)
dns_tsigkey_detach(&key);
+ cleanup_message:
dns_message_destroy(&message);
cleanup:
UNLOCK_ZONE(notify->zone);
@@ -7386,7 +7464,7 @@ refresh_callback(isc_task_t *task, isc_event_t *event) {
dns_rdata_t rdata = DNS_RDATA_INIT;
dns_rdata_soa_t soa;
isc_result_t result;
- isc_uint32_t serial;
+ isc_uint32_t serial, oldserial;
unsigned int j;
zone = revent->ev_arg;
@@ -7609,12 +7687,17 @@ refresh_callback(isc_task_t *task, isc_event_t *event) {
RUNTIME_CHECK(result == ISC_R_SUCCESS);
serial = soa.serial;
-
- zone_debuglog(zone, me, 1, "serial: new %u, old %u",
- serial, zone->serial);
+ if (DNS_ZONE_FLAG(zone, DNS_ZONEFLG_LOADED)) {
+ result = dns_zone_getserial2(zone, &oldserial);
+ RUNTIME_CHECK(result == ISC_R_SUCCESS);
+ zone_debuglog(zone, me, 1, "serial: new %u, old %u",
+ serial, oldserial);
+ } else
+ zone_debuglog(zone, me, 1, "serial: new %u, old not loaded",
+ serial);
if (!DNS_ZONE_FLAG(zone, DNS_ZONEFLG_LOADED) ||
DNS_ZONE_FLAG(zone, DNS_ZONEFLG_FORCEXFER) ||
- isc_serial_gt(serial, zone->serial)) {
+ isc_serial_gt(serial, oldserial)) {
if (dns_zonemgr_unreachable(zone->zmgr, &zone->masteraddr,
&zone->sourceaddr, &now)) {
dns_zone_log(zone, ISC_LOG_INFO,
@@ -7638,7 +7721,7 @@ refresh_callback(isc_task_t *task, isc_event_t *event) {
}
if (msg != NULL)
dns_message_destroy(&msg);
- } else if (isc_serial_eq(soa.serial, zone->serial)) {
+ } else if (isc_serial_eq(soa.serial, oldserial)) {
if (zone->masterfile != NULL) {
result = ISC_R_FAILURE;
if (zone->journal != NULL)
@@ -7671,7 +7754,7 @@ refresh_callback(isc_task_t *task, isc_event_t *event) {
if (!DNS_ZONE_OPTION(zone, DNS_ZONEOPT_MULTIMASTER))
dns_zone_log(zone, ISC_LOG_INFO, "serial number (%u) "
"received from master %s < ours (%u)",
- soa.serial, master, zone->serial);
+ soa.serial, master, oldserial);
else
zone_debuglog(zone, me, 1, "ahead");
zone->mastersok[zone->curmaster] = ISC_TRUE;
@@ -7965,10 +8048,19 @@ soa_query(isc_task_t *task, isc_event_t *event) {
dns_name_format(keyname, namebuf, sizeof(namebuf));
dns_zone_log(zone, ISC_LOG_ERROR,
"unable to find key: %s", namebuf);
+ goto skip_master;
+ }
+ }
+ if (key == NULL) {
+ result = dns_view_getpeertsig(zone->view, &masterip, &key);
+ if (result != ISC_R_SUCCESS && result != ISC_R_NOTFOUND) {
+ char addrbuf[ISC_NETADDR_FORMATSIZE];
+ isc_netaddr_format(&masterip, addrbuf, sizeof(addrbuf));
+ dns_zone_log(zone, ISC_LOG_ERROR,
+ "unable to find TSIG key for %s", addrbuf);
+ goto skip_master;
}
}
- if (key == NULL)
- (void)dns_view_getpeertsig(zone->view, &masterip, &key);
have_xfrsource = ISC_FALSE;
reqnsid = zone->view->requestnsid;
@@ -8789,13 +8881,21 @@ dns_zone_notifyreceive(dns_zone_t *zone, isc_sockaddr_t *from,
if (result == ISC_R_SUCCESS)
result = dns_rdataset_first(rdataset);
if (result == ISC_R_SUCCESS) {
- isc_uint32_t serial = 0;
+ isc_uint32_t serial = 0, oldserial;
dns_rdataset_current(rdataset, &rdata);
result = dns_rdata_tostruct(&rdata, &soa, NULL);
RUNTIME_CHECK(result == ISC_R_SUCCESS);
serial = soa.serial;
- if (isc_serial_le(serial, zone->serial)) {
+ /*
+ * The following should safely be performed without DB
+ * lock and succeed in this context.
+ */
+ result = zone_get_from_db(zone, zone->db, NULL, NULL,
+ &oldserial, NULL, NULL, NULL,
+ NULL, NULL);
+ RUNTIME_CHECK(result == ISC_R_SUCCESS);
+ if (isc_serial_le(serial, oldserial)) {
dns_zone_log(zone, ISC_LOG_INFO,
"notify from %s: "
"zone is up to date",
@@ -9473,7 +9573,7 @@ zone_replacedb(dns_zone_t *zone, dns_db_t *db, isc_boolean_t dump) {
if (zone->db != NULL && zone->journal != NULL &&
DNS_ZONE_OPTION(zone, DNS_ZONEOPT_IXFRFROMDIFFS) &&
!DNS_ZONE_FLAG(zone, DNS_ZONEFLG_FORCEXFER)) {
- isc_uint32_t serial;
+ isc_uint32_t serial, oldserial;
dns_zone_log(zone, ISC_LOG_DEBUG(3), "generating diffs");
@@ -9488,11 +9588,15 @@ zone_replacedb(dns_zone_t *zone, dns_db_t *db, isc_boolean_t dump) {
/*
* This is checked in zone_postload() for master zones.
*/
+ result = zone_get_from_db(zone, zone->db, NULL, NULL,
+ &oldserial, NULL, NULL, NULL, NULL,
+ NULL);
+ RUNTIME_CHECK(result == ISC_R_SUCCESS);
if (zone->type == dns_zone_slave &&
- !isc_serial_gt(serial, zone->serial)) {
+ !isc_serial_gt(serial, oldserial)) {
isc_uint32_t serialmin, serialmax;
- serialmin = (zone->serial + 1) & 0xffffffffU;
- serialmax = (zone->serial + 0x7fffffffU) & 0xffffffffU;
+ serialmin = (oldserial + 1) & 0xffffffffU;
+ serialmax = (oldserial + 0x7fffffffU) & 0xffffffffU;
dns_zone_log(zone, ISC_LOG_ERROR,
"ixfr-from-differences: failed: "
"new serial (%u) out of range [%u - %u]",
@@ -9685,7 +9789,6 @@ zone_xfrdone(dns_zone_t *zone, isc_result_t result) {
zone_unload(zone);
goto next_master;
}
- zone->serial = serial;
zone->refresh = RANGE(refresh, zone->minrefresh,
zone->maxrefresh);
zone->retry = RANGE(retry, zone->minretry,
@@ -9723,7 +9826,7 @@ zone_xfrdone(dns_zone_t *zone, isc_result_t result) {
buf[0] = '\0';
dns_zone_log(zone, ISC_LOG_INFO,
"transferred serial %u%s",
- zone->serial, buf);
+ serial, buf);
}
/*
@@ -9873,6 +9976,13 @@ zone_loaddone(void *arg, isc_result_t result) {
(void)zone_postload(load->zone, load->db, load->loadtime, result);
zonemgr_putio(&load->zone->readio);
DNS_ZONE_CLRFLAG(load->zone, DNS_ZONEFLG_LOADING);
+ /*
+ * Leave the zone frozen if the reload fails.
+ */
+ if ((result == ISC_R_SUCCESS || result == DNS_R_SEENINCLUDE) &&
+ DNS_ZONE_FLAG(load->zone, DNS_ZONEFLG_THAW))
+ zone->update_disabled = ISC_FALSE;
+ DNS_ZONE_CLRFLAG(load->zone, DNS_ZONEFLG_THAW);
UNLOCK_ZONE(load->zone);
load->magic = 0;
@@ -11508,7 +11618,8 @@ zone_signwithkey(dns_zone_t *zone, dns_secalg_t algorithm, isc_uint16_t keyid,
cleanup:
if (signing != NULL) {
- dns_db_detach(&signing->db);
+ if (signing->db != NULL)
+ dns_db_detach(&signing->db);
if (signing->dbiterator != NULL)
dns_dbiterator_destroy(&signing->dbiterator);
isc_mem_put(zone->mctx, signing, sizeof *signing);
diff --git a/lib/isc/api b/lib/isc/api
index 5ef8dc035a3e..e55996b2690b 100644
--- a/lib/isc/api
+++ b/lib/isc/api
@@ -1,3 +1,3 @@
-LIBINTERFACE = 51
+LIBINTERFACE = 52
LIBREVISION = 1
-LIBAGE = 1
+LIBAGE = 2
diff --git a/lib/isc/base32.c b/lib/isc/base32.c
index 3000a84f2da1..d324da9760ae 100644
--- a/lib/isc/base32.c
+++ b/lib/isc/base32.c
@@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: base32.c,v 1.3.116.2 2009/01/18 23:47:41 tbox Exp $ */
+/* $Id: base32.c,v 1.3.116.3 2009/10/21 01:22:47 each Exp $ */
/*! \file */
@@ -112,6 +112,8 @@ base32_totext(isc_region_t *source, int wordlength, const char *wordbreak,
RETERR(str_totext(wordbreak, target));
}
}
+ if (source->length > 0)
+ isc_region_consume(source, source->length);
return (ISC_R_SUCCESS);
}
diff --git a/lib/isc/base64.c b/lib/isc/base64.c
index 13ed6b5c5c17..4844a4bf75b7 100644
--- a/lib/isc/base64.c
+++ b/lib/isc/base64.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004, 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1998-2001, 2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: base64.c,v 1.32 2007/06/19 23:47:17 tbox Exp $ */
+/* $Id: base64.c,v 1.32.332.2 2009/10/21 23:47:20 tbox Exp $ */
/*! \file */
@@ -85,11 +85,13 @@ isc_base64_totext(isc_region_t *source, int wordlength,
buf[2] = base64[((source->base[1]<<2)&0x3c)];
buf[3] = '=';
RETERR(str_totext(buf, target));
+ isc_region_consume(source, 2);
} else if (source->length == 1) {
buf[0] = base64[(source->base[0]>>2)&0x3f];
buf[1] = base64[((source->base[0]<<4)&0x30)];
buf[2] = buf[3] = '=';
RETERR(str_totext(buf, target));
+ isc_region_consume(source, 1);
}
return (ISC_R_SUCCESS);
}
@@ -217,7 +219,7 @@ isc_base64_decodestring(const char *cstr, isc_buffer_t *target) {
continue;
RETERR(base64_decode_char(&ctx, c));
}
- RETERR(base64_decode_finish(&ctx));
+ RETERR(base64_decode_finish(&ctx));
return (ISC_R_SUCCESS);
}
diff --git a/lib/isc/heap.c b/lib/isc/heap.c
index 91d78c06d468..dc32100d2f18 100644
--- a/lib/isc/heap.c
+++ b/lib/isc/heap.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2007, 2010 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1997-2001 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: heap.c,v 1.37 2007/10/19 17:15:53 explorer Exp $ */
+/* $Id: heap.c,v 1.37.240.3 2010/02/04 23:47:46 tbox Exp $ */
/*! \file
* Heap implementation of priority queues adapted from the following:
@@ -186,15 +186,17 @@ sink_down(isc_heap_t *heap, unsigned int i, void *elt) {
isc_result_t
isc_heap_insert(isc_heap_t *heap, void *elt) {
- unsigned int i;
+ unsigned int new_last;
REQUIRE(VALID_HEAP(heap));
- i = ++heap->last;
- if (heap->last >= heap->size && !resize(heap))
+ new_last = heap->last + 1;
+ RUNTIME_CHECK(new_last > 0); /* overflow check */
+ if (new_last >= heap->size && !resize(heap))
return (ISC_R_NOMEMORY);
+ heap->last = new_last;
- float_up(heap, i, elt);
+ float_up(heap, new_last, elt);
return (ISC_R_SUCCESS);
}
diff --git a/lib/isc/httpd.c b/lib/isc/httpd.c
index fa313253b3e9..066939d1f41e 100644
--- a/lib/isc/httpd.c
+++ b/lib/isc/httpd.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2006-2008 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2006-2008, 2010 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: httpd.c,v 1.16 2008/08/08 05:06:49 marka Exp $ */
+/* $Id: httpd.c,v 1.16.64.2 2010/02/04 23:47:46 tbox Exp $ */
/*! \file */
@@ -151,6 +151,7 @@ struct isc_httpdmgr {
ISC_LIST(isc_httpdurl_t) urls; /*%< urls we manage */
isc_httpdaction_t *render_404;
+ isc_httpdaction_t *render_500;
};
/*%
@@ -221,6 +222,11 @@ static isc_result_t render_404(const char *, const char *,
unsigned int *, const char **,
const char **, isc_buffer_t *,
isc_httpdfree_t **, void **);
+static isc_result_t render_500(const char *, const char *,
+ void *,
+ unsigned int *, const char **,
+ const char **, isc_buffer_t *,
+ isc_httpdfree_t **, void **);
static void
destroy_client(isc_httpd_t **httpdp)
@@ -300,6 +306,7 @@ isc_httpdmgr_create(isc_mem_t *mctx, isc_socket_t *sock, isc_task_t *task,
goto cleanup;
httpd->render_404 = render_404;
+ httpd->render_500 = render_500;
*httpdp = httpd;
return (ISC_R_SUCCESS);
@@ -623,6 +630,30 @@ render_404(const char *url, const char *querystring,
return (ISC_R_SUCCESS);
}
+static isc_result_t
+render_500(const char *url, const char *querystring,
+ void *arg,
+ unsigned int *retcode, const char **retmsg,
+ const char **mimetype, isc_buffer_t *b,
+ isc_httpdfree_t **freecb, void **freecb_args)
+{
+ static char msg[] = "Internal server failure.";
+
+ UNUSED(url);
+ UNUSED(querystring);
+ UNUSED(arg);
+
+ *retcode = 500;
+ *retmsg = "Internal server failure";
+ *mimetype = "text/plain";
+ isc_buffer_reinit(b, msg, strlen(msg));
+ isc_buffer_add(b, strlen(msg));
+ *freecb = NULL;
+ *freecb_args = NULL;
+
+ return (ISC_R_SUCCESS);
+}
+
static void
isc_httpd_recvdone(isc_task_t *task, isc_event_t *ev)
{
@@ -691,8 +722,14 @@ isc_httpd_recvdone(isc_task_t *task, isc_event_t *ev)
&httpd->mimetype, &httpd->bodybuffer,
&httpd->freecb, &httpd->freecb_arg);
if (result != ISC_R_SUCCESS) {
- destroy_client(&httpd);
- goto out;
+ result = httpd->mgr->render_500(httpd->url, httpd->querystring,
+ NULL,
+ &httpd->retcode,
+ &httpd->retmsg,
+ &httpd->mimetype,
+ &httpd->bodybuffer,
+ &httpd->freecb,
+ &httpd->freecb_arg);
}
isc_httpd_response(httpd);
diff --git a/lib/isc/ia64/include/isc/atomic.h b/lib/isc/ia64/include/isc/atomic.h
index 4c4679772044..d825819de3ff 100644
--- a/lib/isc/ia64/include/isc/atomic.h
+++ b/lib/isc/ia64/include/isc/atomic.h
@@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: atomic.h,v 1.4.326.2 2009/02/06 23:47:11 tbox Exp $ */
+/* $Id: atomic.h,v 1.4.326.3 2009/06/24 02:21:28 marka Exp $ */
#ifndef ISC_ATOMIC_H
#define ISC_ATOMIC_H 1
@@ -31,10 +31,10 @@
* (e.g., 1 and -1)?
*/
static inline isc_int32_t
-isc_atomic_xadd(isc_int32_t *p, isc_int32_t val)
#ifdef __GNUC__
__attribute__ ((unused))
#endif
+isc_atomic_xadd(isc_int32_t *p, isc_int32_t val)
{
isc_int32_t prev, swapped;
@@ -57,10 +57,10 @@ __attribute__ ((unused))
* This routine atomically stores the value 'val' in 'p'.
*/
static inline void
-isc_atomic_store(isc_int32_t *p, isc_int32_t val)
#ifdef __GNUC__
__attribute__ ((unused))
#endif
+isc_atomic_store(isc_int32_t *p, isc_int32_t val)
{
__asm__ volatile(
"st4.rel %0=%1"
@@ -76,10 +76,10 @@ __attribute__ ((unused))
* case.
*/
static inline isc_int32_t
-isc_atomic_cmpxchg(isc_int32_t *p, isc_int32_t cmpval, isc_int32_t val)
#ifdef __GNUC__
__attribute__ ((unused))
#endif
+isc_atomic_cmpxchg(isc_int32_t *p, isc_int32_t cmpval, isc_int32_t val)
{
isc_int32_t ret;
diff --git a/lib/isc/include/isc/entropy.h b/lib/isc/include/isc/entropy.h
index e9e59c495141..125669ca856d 100644
--- a/lib/isc/include/isc/entropy.h
+++ b/lib/isc/include/isc/entropy.h
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: entropy.h,v 1.32.332.2 2009/01/18 23:47:41 tbox Exp $ */
+/* $Id: entropy.h,v 1.32.332.3 2009/10/19 02:46:07 marka Exp $ */
#ifndef ISC_ENTROPY_H
#define ISC_ENTROPY_H 1
@@ -182,8 +182,8 @@ isc_result_t
isc_entropy_createsamplesource(isc_entropy_t *ent,
isc_entropysource_t **sourcep);
/*!<
- * \brief Create an entropy source that consists of samples. Each sample is added
- * to the source via isc_entropy_addsamples(), below.
+ * \brief Create an entropy source that consists of samples. Each sample is
+ * added to the source via isc_entropy_addsamples(), below.
*/
isc_result_t
@@ -254,11 +254,11 @@ void
isc_entropy_putdata(isc_entropy_t *ent, void *data, unsigned int length,
isc_uint32_t entropy);
/*!<
- * \brief Add "length" bytes in "data" to the entropy pool, incrementing the pool's
- * entropy count by "entropy."
+ * \brief Add "length" bytes in "data" to the entropy pool, incrementing the
+ * pool's entropy count by "entropy."
*
- * These bytes will prime the pseudorandom portion even no entropy is actually
- * added.
+ * These bytes will prime the pseudorandom portion even if no entropy is
+ * actually added.
*/
void
diff --git a/lib/isc/include/isc/netscope.h b/lib/isc/include/isc/netscope.h
index ba4e792a40a4..0883140acdb5 100644
--- a/lib/isc/include/isc/netscope.h
+++ b/lib/isc/include/isc/netscope.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2007, 2009 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2002 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: netscope.h,v 1.11 2007/06/19 23:47:18 tbox Exp $ */
+/* $Id: netscope.h,v 1.11.332.2 2009/06/25 23:47:24 tbox Exp $ */
#ifndef ISC_NETSCOPE_H
#define ISC_NETSCOPE_H 1
@@ -40,4 +40,4 @@ isc_netscope_pton(int af, char *scopename, void *addr, isc_uint32_t *zoneid);
ISC_LANG_ENDDECLS
-#endif /* ISC_NETADDR_H */
+#endif /* ISC_NETSCOPE_H */
diff --git a/lib/isc/include/isc/portset.h b/lib/isc/include/isc/portset.h
index dc1f85616eab..a7ad3d695324 100644
--- a/lib/isc/include/isc/portset.h
+++ b/lib/isc/include/isc/portset.h
@@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: portset.h,v 1.3.90.2 2009/01/18 23:47:41 tbox Exp $ */
+/* $Id: portset.h,v 1.3.90.3 2009/06/25 05:31:51 marka Exp $ */
/*! \file isc/portset.h
* \brief Transport Protocol Port Manipulation Module
@@ -138,4 +138,4 @@ isc_portset_removerange(isc_portset_t *portset, in_port_t port_lo,
ISC_LANG_ENDDECLS
-#endif /* ISC_NETADDR_H */
+#endif /* ISC_PORTSET_H */
diff --git a/lib/isc/include/isc/sha2.h b/lib/isc/include/isc/sha2.h
index 211e25505a95..edafa611bc22 100644
--- a/lib/isc/include/isc/sha2.h
+++ b/lib/isc/include/isc/sha2.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2005-2007 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2005-2007, 2010 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: sha2.h,v 1.9 2007/06/19 23:47:18 tbox Exp $ */
+/* $Id: sha2.h,v 1.9.332.2 2010/01/15 23:47:34 tbox Exp $ */
/* $FreeBSD$ */
/* $KAME: sha2.h,v 1.3 2001/03/12 08:27:48 itojun Exp $ */
@@ -39,7 +39,7 @@
* 3. Neither the name of the copyright holder nor the names of contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
- *
+ *
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) AND CONTRIBUTOR(S) ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -104,24 +104,28 @@ typedef isc_sha512_t isc_sha384_t;
/*** SHA-224/256/384/512 Function Prototypes ******************************/
void isc_sha224_init (isc_sha224_t *);
+void isc_sha224_invalidate (isc_sha224_t *);
void isc_sha224_update (isc_sha224_t *, const isc_uint8_t *, size_t);
void isc_sha224_final (isc_uint8_t[ISC_SHA224_DIGESTLENGTH], isc_sha224_t *);
char *isc_sha224_end (isc_sha224_t *, char[ISC_SHA224_DIGESTSTRINGLENGTH]);
char *isc_sha224_data (const isc_uint8_t *, size_t, char[ISC_SHA224_DIGESTSTRINGLENGTH]);
void isc_sha256_init (isc_sha256_t *);
+void isc_sha256_invalidate (isc_sha256_t *);
void isc_sha256_update (isc_sha256_t *, const isc_uint8_t *, size_t);
void isc_sha256_final (isc_uint8_t[ISC_SHA256_DIGESTLENGTH], isc_sha256_t *);
char *isc_sha256_end (isc_sha256_t *, char[ISC_SHA256_DIGESTSTRINGLENGTH]);
char *isc_sha256_data (const isc_uint8_t *, size_t, char[ISC_SHA256_DIGESTSTRINGLENGTH]);
void isc_sha384_init (isc_sha384_t *);
+void isc_sha384_invalidate (isc_sha384_t *);
void isc_sha384_update (isc_sha384_t *, const isc_uint8_t *, size_t);
void isc_sha384_final (isc_uint8_t[ISC_SHA384_DIGESTLENGTH], isc_sha384_t *);
char *isc_sha384_end (isc_sha384_t *, char[ISC_SHA384_DIGESTSTRINGLENGTH]);
char *isc_sha384_data (const isc_uint8_t *, size_t, char[ISC_SHA384_DIGESTSTRINGLENGTH]);
void isc_sha512_init (isc_sha512_t *);
+void isc_sha512_invalidate (isc_sha512_t *);
void isc_sha512_update (isc_sha512_t *, const isc_uint8_t *, size_t);
void isc_sha512_final (isc_uint8_t[ISC_SHA512_DIGESTLENGTH], isc_sha512_t *);
char *isc_sha512_end (isc_sha512_t *, char[ISC_SHA512_DIGESTSTRINGLENGTH]);
diff --git a/lib/isc/include/isc/util.h b/lib/isc/include/isc/util.h
index 8a3b95d9da36..85846b6e807b 100644
--- a/lib/isc/include/isc/util.h
+++ b/lib/isc/include/isc/util.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2007, 2010 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1998-2001 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: util.h,v 1.30 2007/06/19 23:47:18 tbox Exp $ */
+/* $Id: util.h,v 1.30.332.2 2010/01/11 23:47:22 tbox Exp $ */
#ifndef ISC_UTIL_H
#define ISC_UTIL_H 1
@@ -230,4 +230,14 @@
*/
#define TIME_NOW(tp) RUNTIME_CHECK(isc_time_now((tp)) == ISC_R_SUCCESS)
+/*%
+ * Prevent Linux spurious warnings
+ */
+#if defined(__GNUC__) && (__GNUC__ > 3)
+#define isc_util_fwrite(a, b, c, d) \
+ __builtin_expect(fwrite((a), (b), (c), (d)), (c))
+#else
+#define isc_util_fwrite(a, b, c, d) fwrite((a), (b), (c), (d))
+#endif
+
#endif /* ISC_UTIL_H */
diff --git a/lib/isc/inet_ntop.c b/lib/isc/inet_ntop.c
index dc053ededfba..c37be5c0b5b8 100644
--- a/lib/isc/inet_ntop.c
+++ b/lib/isc/inet_ntop.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004, 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1996-2001 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -19,7 +19,7 @@
#if defined(LIBC_SCCS) && !defined(lint)
static char rcsid[] =
- "$Id: inet_ntop.c,v 1.19 2007/06/19 23:47:17 tbox Exp $";
+ "$Id: inet_ntop.c,v 1.19.332.2 2009/07/18 23:47:25 tbox Exp $";
#endif /* LIBC_SCCS and not lint */
#include <config.h>
@@ -52,7 +52,7 @@ static const char *inet_ntop6(const unsigned char *src, char *dst,
* convert a network format address to presentation format.
* \return
* pointer to presentation format address (`dst'), or NULL (see errno).
- * \author
+ * \author
* Paul Vixie, 1996.
*/
const char *
@@ -169,8 +169,9 @@ inet_ntop6(const unsigned char *src, char *dst, size_t size)
if (i != 0)
*tp++ = ':';
/* Is this address an encapsulated IPv4? */
- if (i == 6 && best.base == 0 &&
- (best.len == 6 || (best.len == 5 && words[5] == 0xffff))) {
+ if (i == 6 && best.base == 0 && (best.len == 6 ||
+ (best.len == 7 && words[7] != 0x0001) ||
+ (best.len == 5 && words[5] == 0xffff))) {
if (!inet_ntop4(src+12, tp,
sizeof(tmp) - (tp - tmp)))
return (NULL);
diff --git a/lib/isc/powerpc/include/isc/atomic.h b/lib/isc/powerpc/include/isc/atomic.h
index 765cb6d72a8c..2114767b361d 100644
--- a/lib/isc/powerpc/include/isc/atomic.h
+++ b/lib/isc/powerpc/include/isc/atomic.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: atomic.h,v 1.6 2007/06/18 23:47:47 tbox Exp $ */
+/* $Id: atomic.h,v 1.6.332.2 2009/10/14 23:47:14 tbox Exp $ */
#ifndef ISC_ATOMIC_H
#define ISC_ATOMIC_H 1
@@ -46,25 +46,56 @@
#include <sys/atomic_op.h>
-#define isc_atomic_xadd(p, v) fetch_and_add(p, v)
#define isc_atomic_store(p, v) _clear_lock(p, v)
#ifdef __GNUC__
+static inline isc_int32_t
+#else
+static isc_int32_t
+#endif
+isc_atomic_xadd(isc_int32_t *p, isc_int32_t val) {
+ int ret;
+
+#ifdef __GNUC__
+ asm("ics");
+#else
+ __isync();
+#endif
+
+ ret = fetch_and_add((atomic_p)p, (int)val);
+
+#ifdef __GNUC__
+ asm("ics");
+#else
+ __isync();
+#endif
+
+ return (ret);
+}
+
+#ifdef __GNUC__
static inline int
#else
static int
#endif
isc_atomic_cmpxchg(atomic_p p, int old, int new) {
- int orig = old;
+ int orig = old;
#ifdef __GNUC__
- asm("ics");
+ asm("ics");
#else
- __isync();
+ __isync();
#endif
- if (compare_and_swap(p, &orig, new))
- return (old);
- return (orig);
+ if (compare_and_swap(p, &orig, new))
+ orig = old;
+
+#ifdef __GNUC__
+ asm("ics");
+#else
+ __isync();
+#endif
+
+ return (orig);
}
#elif defined(ISC_PLATFORM_USEGCCASM) || defined(ISC_PLATFORM_USEMACASM)
@@ -76,14 +107,14 @@ isc_atomic_xadd(isc_int32_t *p, isc_int32_t val) {
#ifdef ISC_PLATFORM_USEMACASM
"1:"
"lwarx r6, 0, %1\n"
- "mr %0, r6\n"
+ "mr %0, r6\n"
"add r6, r6, %2\n"
"stwcx. r6, 0, %1\n"
"bne- 1b"
#else
"1:"
"lwarx 6, 0, %1\n"
- "mr %0, 6\n"
+ "mr %0, 6\n"
"add 6, 6, %2\n"
"stwcx. 6, 0, %1\n"
"bne- 1b"
diff --git a/lib/isc/random.c b/lib/isc/random.c
index 0329abde72b2..84ba6a0daab2 100644
--- a/lib/isc/random.c
+++ b/lib/isc/random.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004, 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: random.c,v 1.25 2007/06/19 23:47:17 tbox Exp $ */
+/* $Id: random.c,v 1.25.332.2 2009/07/16 23:47:17 tbox Exp $ */
/*! \file */
@@ -43,7 +43,7 @@ initialize_rand(void)
{
#ifndef HAVE_ARC4RANDOM
unsigned int pid = getpid();
-
+
/*
* The low bits of pid generally change faster.
* Xor them with the high bits of time which change slowly.
@@ -84,7 +84,16 @@ isc_random_get(isc_uint32_t *val)
* rand()'s lower bits are not random.
* rand()'s upper bit is zero.
*/
+#if RAND_MAX >= 0xfffff
+ /* We have at least 20 bits. Use lower 16 excluding lower most 4 */
*val = ((rand() >> 4) & 0xffff) | ((rand() << 12) & 0xffff0000);
+#elif RAND_MAX >= 0x7fff
+ /* We have at least 15 bits. Use lower 10/11 excluding lower most 4 */
+ *val = ((rand() >> 4) & 0x000007ff) | ((rand() << 7) & 0x003ff800) |
+ ((rand() << 18) & 0xffc00000);
+#else
+#error RAND_MAX is too small
+#endif
#else
*val = arc4random();
#endif
@@ -92,13 +101,13 @@ isc_random_get(isc_uint32_t *val)
isc_uint32_t
isc_random_jitter(isc_uint32_t max, isc_uint32_t jitter) {
+ isc_uint32_t rnd;
+
REQUIRE(jitter < max);
+
if (jitter == 0)
return (max);
- else
-#ifndef HAVE_ARC4RANDOM
- return (max - rand() % jitter);
-#else
- return (max - arc4random() % jitter);
-#endif
+
+ isc_random_get(&rnd);
+ return (max - rnd % jitter);
}
diff --git a/lib/isc/sha2.c b/lib/isc/sha2.c
index 70eea4f96700..ff19274837a6 100644
--- a/lib/isc/sha2.c
+++ b/lib/isc/sha2.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2005-2007, 2009 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2005-2007, 2009, 2010 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: sha2.c,v 1.13.332.2 2009/01/18 23:47:41 tbox Exp $ */
+/* $Id: sha2.c,v 1.13.332.4 2010/01/15 23:47:34 tbox Exp $ */
/* $FreeBSD$ */
/* $KAME: sha2.c,v 1.8 2001/11/08 01:07:52 itojun Exp $ */
@@ -415,6 +415,11 @@ isc_sha224_init(isc_sha224_t *context) {
}
void
+isc_sha224_invalidate(isc_sha224_t *context) {
+ memset(context, 0, sizeof(isc_sha224_t));
+}
+
+void
isc_sha224_update(isc_sha224_t *context, const isc_uint8_t* data, size_t len) {
isc_sha256_update((isc_sha256_t *)context, data, len);
}
@@ -651,6 +656,11 @@ isc_sha256_transform(isc_sha256_t *context, const isc_uint32_t* data) {
#endif /* ISC_SHA2_UNROLL_TRANSFORM */
void
+isc_sha256_invalidate(isc_sha256_t *context) {
+ memset(context, 0, sizeof(isc_sha256_t));
+}
+
+void
isc_sha256_update(isc_sha256_t *context, const isc_uint8_t *data, size_t len) {
unsigned int freespace, usedspace;
@@ -990,7 +1000,13 @@ isc_sha512_transform(isc_sha512_t *context, const isc_uint64_t* data) {
#endif /* ISC_SHA2_UNROLL_TRANSFORM */
-void isc_sha512_update(isc_sha512_t *context, const isc_uint8_t *data, size_t len) {
+void
+isc_sha512_invalidate(isc_sha512_t *context) {
+ memset(context, 0, sizeof(isc_sha512_t));
+}
+
+void
+isc_sha512_update(isc_sha512_t *context, const isc_uint8_t *data, size_t len) {
unsigned int freespace, usedspace;
if (len == 0U) {
@@ -1164,6 +1180,11 @@ isc_sha384_init(isc_sha384_t *context) {
}
void
+isc_sha384_invalidate(isc_sha384_t *context) {
+ memset(context, 0, sizeof(isc_sha384_t));
+}
+
+void
isc_sha384_update(isc_sha384_t *context, const isc_uint8_t* data, size_t len) {
isc_sha512_update((isc_sha512_t *)context, data, len);
}
diff --git a/lib/isc/unix/ifiter_getifaddrs.c b/lib/isc/unix/ifiter_getifaddrs.c
index b576d4632fbb..87ef9ba7f500 100644
--- a/lib/isc/unix/ifiter_getifaddrs.c
+++ b/lib/isc/unix/ifiter_getifaddrs.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004, 2005, 2007, 2008 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004, 2005, 2007-2009 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: ifiter_getifaddrs.c,v 1.11 2008/03/20 23:47:00 tbox Exp $ */
+/* $Id: ifiter_getifaddrs.c,v 1.11.120.2 2009/09/24 23:47:34 tbox Exp $ */
/*! \file
* \brief
@@ -181,7 +181,7 @@ internal_current(isc_interfaceiter_t *iter) {
ifa->ifa_name);
if (ifa->ifa_dstaddr != NULL &&
- (iter->current.flags & IFF_POINTOPOINT) != 0)
+ (iter->current.flags & INTERFACE_F_POINTTOPOINT) != 0)
get_addr(family, &iter->current.dstaddress, ifa->ifa_dstaddr,
ifa->ifa_name);
diff --git a/lib/isc/unix/socket.c b/lib/isc/unix/socket.c
index d09fe51ab57c..004a038a3a88 100644
--- a/lib/isc/unix/socket.c
+++ b/lib/isc/unix/socket.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1998-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: socket.c,v 1.308.12.8 2009/04/18 01:29:26 jinmei Exp $ */
+/* $Id: socket.c,v 1.308.12.12 2010/01/31 23:47:31 tbox Exp $ */
/*! \file */
@@ -1520,12 +1520,22 @@ doio_recv(isc_socket_t *sock, isc_socketevent_t *dev) {
}
/*
- * On TCP, zero length reads indicate EOF, while on
- * UDP, zero length reads are perfectly valid, although
- * strange.
+ * On TCP and UNIX sockets, zero length reads indicate EOF,
+ * while on UDP sockets, zero length reads are perfectly valid,
+ * although strange.
*/
- if ((sock->type == isc_sockettype_tcp) && (cc == 0))
- return (DOIO_EOF);
+ switch (sock->type) {
+ case isc_sockettype_tcp:
+ case isc_sockettype_unix:
+ if (cc == 0)
+ return (DOIO_EOF);
+ break;
+ case isc_sockettype_udp:
+ break;
+ case isc_sockettype_fdwatch:
+ default:
+ INSIST(0);
+ }
if (sock->type == isc_sockettype_udp) {
dev->address.length = msghdr.msg_namelen;
@@ -3645,7 +3655,7 @@ setup_watcher(isc_mem_t *mctx, isc_socketmgr_t *manager) {
manager->maxsocks);
if (manager->fdpollinfo == NULL) {
isc_mem_put(mctx, manager->events,
- sizeof(pollinfo_t) * manager->maxsocks);
+ sizeof(struct pollfd) * manager->nevents);
return (ISC_R_NOMEMORY);
}
memset(manager->fdpollinfo, 0, sizeof(pollinfo_t) * manager->maxsocks);
@@ -4851,6 +4861,7 @@ isc_socket_connect(isc_socket_t *sock, isc_sockaddr_t *addr,
isc_socketmgr_t *manager;
int cc;
char strbuf[ISC_STRERRORSIZE];
+ char addrbuf[ISC_SOCKADDR_FORMATSIZE];
REQUIRE(VALID_SOCKET(sock));
REQUIRE(addr != NULL);
@@ -4919,7 +4930,9 @@ isc_socket_connect(isc_socket_t *sock, isc_sockaddr_t *addr,
sock->connected = 0;
isc__strerror(errno, strbuf, sizeof(strbuf));
- UNEXPECTED_ERROR(__FILE__, __LINE__, "%d/%s", errno, strbuf);
+ isc_sockaddr_format(addr, addrbuf, sizeof(addrbuf));
+ UNEXPECTED_ERROR(__FILE__, __LINE__, "connect(%s) %d/%s",
+ addrbuf, errno, strbuf);
UNLOCK(&sock->lock);
inc_stats(sock->manager->stats,
diff --git a/lib/isccc/api b/lib/isccc/api
index 8459d4239fcc..2240cdda3ac8 100644
--- a/lib/isccc/api
+++ b/lib/isccc/api
@@ -1,3 +1,3 @@
LIBINTERFACE = 50
-LIBREVISION = 0
+LIBREVISION = 1
LIBAGE = 0
diff --git a/lib/isccfg/aclconf.c b/lib/isccfg/aclconf.c
index ad3d58e2c148..92839e4d77fe 100644
--- a/lib/isccfg/aclconf.c
+++ b/lib/isccfg/aclconf.c
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: aclconf.c,v 1.22.34.2 2009/01/18 23:47:41 tbox Exp $ */
+/* $Id: aclconf.c,v 1.22.34.4 2009/10/01 23:47:17 tbox Exp $ */
#include <config.h>
@@ -168,26 +168,36 @@ convert_keyname(const cfg_obj_t *keyobj, isc_log_t *lctx, isc_mem_t *mctx,
* parent.
*/
static int
-count_acl_elements(const cfg_obj_t *caml, const cfg_obj_t *cctx)
+count_acl_elements(const cfg_obj_t *caml, const cfg_obj_t *cctx,
+ isc_boolean_t *has_negative)
{
const cfg_listelt_t *elt;
const cfg_obj_t *cacl = NULL;
isc_result_t result;
int n = 0;
+ if (has_negative != NULL)
+ *has_negative = ISC_FALSE;
+
for (elt = cfg_list_first(caml);
elt != NULL;
elt = cfg_list_next(elt)) {
const cfg_obj_t *ce = cfg_listelt_value(elt);
/* negated element; just get the value. */
- if (cfg_obj_istuple(ce))
+ if (cfg_obj_istuple(ce)) {
ce = cfg_tuple_get(ce, "value");
+ if (has_negative != NULL)
+ *has_negative = ISC_TRUE;
+ }
if (cfg_obj_istype(ce, &cfg_type_keyref)) {
n++;
} else if (cfg_obj_islist(ce)) {
- n += count_acl_elements(ce, cctx);
+ isc_boolean_t negative;
+ n += count_acl_elements(ce, cctx, &negative);
+ if (negative)
+ n++;
} else if (cfg_obj_isstring(ce)) {
const char *name = cfg_obj_asstring(ce);
if (strcasecmp(name, "localhost") == 0 ||
@@ -197,7 +207,8 @@ count_acl_elements(const cfg_obj_t *caml, const cfg_obj_t *cctx)
strcasecmp(name, "none") != 0) {
result = get_acl_def(cctx, name, &cacl);
if (result == ISC_R_SUCCESS)
- n += count_acl_elements(cacl, cctx) + 1;
+ n += count_acl_elements(cacl, cctx,
+ NULL) + 1;
}
}
}
@@ -246,7 +257,7 @@ cfg_acl_fromconfig(const cfg_obj_t *caml,
int nelem;
if (nest_level == 0)
- nelem = count_acl_elements(caml, cctx);
+ nelem = count_acl_elements(caml, cctx, NULL);
else
nelem = cfg_list_length(caml, ISC_FALSE);
diff --git a/lib/isccfg/api b/lib/isccfg/api
index 8459d4239fcc..2240cdda3ac8 100644
--- a/lib/isccfg/api
+++ b/lib/isccfg/api
@@ -1,3 +1,3 @@
LIBINTERFACE = 50
-LIBREVISION = 0
+LIBREVISION = 1
LIBAGE = 0
diff --git a/lib/isccfg/include/isccfg/namedconf.h b/lib/isccfg/include/isccfg/namedconf.h
index 9689a2ae7bdd..55c5a81813aa 100644
--- a/lib/isccfg/include/isccfg/namedconf.h
+++ b/lib/isccfg/include/isccfg/namedconf.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2007, 2009 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2002 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: namedconf.h,v 1.9 2007/06/19 23:47:22 tbox Exp $ */
+/* $Id: namedconf.h,v 1.9.332.2 2009/06/25 23:47:28 tbox Exp $ */
#ifndef ISCCFG_NAMEDCONF_H
#define ISCCFG_NAMEDCONF_H 1
@@ -42,4 +42,4 @@ LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_rndckey;
LIBISCCFG_EXTERNAL_DATA extern cfg_type_t cfg_type_keyref;
/*%< A key reference, used as an ACL element */
-#endif /* ISCCFG_CFG_H */
+#endif /* ISCCFG_NAMEDCONF_H */
diff --git a/lib/lwres/api b/lib/lwres/api
index 39934b4fbd2c..fbbf923b5324 100644
--- a/lib/lwres/api
+++ b/lib/lwres/api
@@ -1,3 +1,3 @@
LIBINTERFACE = 50
-LIBREVISION = 2
+LIBREVISION = 3
LIBAGE = 0
diff --git a/lib/lwres/context.c b/lib/lwres/context.c
index 464a2cf9f2d3..d042c87271d0 100644
--- a/lib/lwres/context.c
+++ b/lib/lwres/context.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004, 2005, 2007, 2008 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004, 2005, 2007-2009 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2000, 2001, 2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: context.c,v 1.50.332.2 2008/12/30 23:46:49 tbox Exp $ */
+/* $Id: context.c,v 1.50.332.5 2009/09/01 23:47:05 tbox Exp $ */
/*! \file context.c
lwres_context_create() creates a #lwres_context_t structure for use in
@@ -471,6 +471,17 @@ lwres_context_sendrecv(lwres_context_t *ctx,
result = lwres_context_send(ctx, sendbase, sendlen);
if (result != LWRES_R_SUCCESS)
return (result);
+
+ /*
+ * If this is not checked, select() can overflow,
+ * causing corruption elsewhere.
+ */
+ if (ctx->sock >= (int)FD_SETSIZE) {
+ close(ctx->sock);
+ ctx->sock = -1;
+ return (LWRES_R_IOERROR);
+ }
+
again:
FD_ZERO(&readfds);
FD_SET(ctx->sock, &readfds);
diff --git a/lib/lwres/getipnode.c b/lib/lwres/getipnode.c
index a6c50c28b803..4331638bcf09 100644
--- a/lib/lwres/getipnode.c
+++ b/lib/lwres/getipnode.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004, 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2003 Internet Software Consortium.
*
* Permission to use, copy, modify, and/or distribute this software for any
@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: getipnode.c,v 1.42 2007/06/18 23:47:51 tbox Exp $ */
+/* $Id: getipnode.c,v 1.42.332.5 2009/09/01 23:47:05 tbox Exp $ */
/*! \file */
@@ -23,7 +23,7 @@
* These functions perform thread safe, protocol independent
* nodename-to-address and address-to-nodename translation as defined in
* RFC2553. This use a struct hostent which is defined in namedb.h:
- *
+ *
* \code
* struct hostent {
* char *h_name; // official name of host
@@ -34,90 +34,90 @@
* };
* #define h_addr h_addr_list[0] // address, for backward compatibility
* \endcode
- *
+ *
* The members of this structure are:
- *
+ *
* \li h_name:
* The official (canonical) name of the host.
- *
+ *
* \li h_aliases:
* A NULL-terminated array of alternate names (nicknames) for the
* host.
- *
+ *
* \li h_addrtype:
* The type of address being returned - usually PF_INET or
* PF_INET6.
- *
+ *
* \li h_length:
* The length of the address in bytes.
- *
+ *
* \li h_addr_list:
* A NULL terminated array of network addresses for the host. Host
* addresses are returned in network byte order.
- *
+ *
* lwres_getipnodebyname() looks up addresses of protocol family af for
* the hostname name. The flags parameter contains ORed flag bits to
* specify the types of addresses that are searched for, and the types of
* addresses that are returned. The flag bits are:
- *
+ *
* \li #AI_V4MAPPED:
* This is used with an af of #AF_INET6, and causes IPv4 addresses
* to be returned as IPv4-mapped IPv6 addresses.
- *
+ *
* \li #AI_ALL:
* This is used with an af of #AF_INET6, and causes all known
* addresses (IPv6 and IPv4) to be returned. If #AI_V4MAPPED is
* also set, the IPv4 addresses are return as mapped IPv6
* addresses.
- *
+ *
* \li #AI_ADDRCONFIG:
* Only return an IPv6 or IPv4 address if here is an active
* network interface of that type. This is not currently
* implemented in the BIND 9 lightweight resolver, and the flag is
* ignored.
- *
+ *
* \li #AI_DEFAULT:
* This default sets the #AI_V4MAPPED and #AI_ADDRCONFIG flag bits.
- *
+ *
* lwres_getipnodebyaddr() performs a reverse lookup of address src which
* is len bytes long. af denotes the protocol family, typically PF_INET
* or PF_INET6.
- *
+ *
* lwres_freehostent() releases all the memory associated with the struct
* hostent pointer. Any memory allocated for the h_name, h_addr_list
* and h_aliases is freed, as is the memory for the hostent structure
* itself.
- *
+ *
* \section getipnode_return Return Values
- *
+ *
* If an error occurs, lwres_getipnodebyname() and
* lwres_getipnodebyaddr() set *error_num to an appropriate error code
* and the function returns a NULL pointer. The error codes and their
* meanings are defined in \link netdb.h <lwres/netdb.h>\endlink:
- *
+ *
* \li #HOST_NOT_FOUND:
* No such host is known.
- *
+ *
* \li #NO_ADDRESS:
* The server recognised the request and the name but no address
* is available. Another type of request to the name server for
* the domain might return an answer.
- *
+ *
* \li #TRY_AGAIN:
* A temporary and possibly transient error occurred, such as a
* failure of a server to respond. The request may succeed if
* retried.
- *
+ *
* \li #NO_RECOVERY:
* An unexpected failure occurred, and retrying the request is
* pointless.
- *
+ *
* lwres_hstrerror() translates these error codes to suitable error
* messages.
- *
+ *
* \section getipnode_see See Also
- *
- * getaddrinfo.c, gethost.c, getnameinfo.c, herror.c, RFC2553
+ *
+ * getaddrinfo.c, gethost.c, getnameinfo.c, herror.c, RFC2553
*/
#include <config.h>
@@ -146,21 +146,21 @@ LIBLWRES_EXTERNAL_DATA const struct in6_addr in6addr_any = IN6ADDR_ANY_INIT;
#ifndef IN6_IS_ADDR_V4COMPAT
static const unsigned char in6addr_compat[12] = {
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
};
#define IN6_IS_ADDR_V4COMPAT(x) (!memcmp((x)->s6_addr, in6addr_compat, 12) && \
- ((x)->s6_addr[12] != 0 || \
- (x)->s6_addr[13] != 0 || \
- (x)->s6_addr[14] != 0 || \
- ((x)->s6_addr[15] != 0 && \
- (x)->s6_addr[15] != 1)))
+ ((x)->s6_addr[12] != 0 || \
+ (x)->s6_addr[13] != 0 || \
+ (x)->s6_addr[14] != 0 || \
+ ((x)->s6_addr[15] != 0 && \
+ (x)->s6_addr[15] != 1)))
#endif
#ifndef IN6_IS_ADDR_V4MAPPED
#define IN6_IS_ADDR_V4MAPPED(x) (!memcmp((x)->s6_addr, in6addr_mapped, 12))
#endif
static const unsigned char in6addr_mapped[12] = {
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xff, 0xff
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xff, 0xff
};
/***
@@ -202,7 +202,7 @@ lwres_getipnodebyname(const char *name, int af, int flags, int *error_num) {
struct in6_addr in6;
struct hostent he, *he1 = NULL, *he2 = NULL, *he3 = NULL;
int v4 = 0, v6 = 0;
- int tmp_err;
+ int tmp_err = 0;
lwres_context_t *lwrctx = NULL;
lwres_gabnresponse_t *by = NULL;
int n;
@@ -275,7 +275,6 @@ lwres_getipnodebyname(const char *name, int af, int flags, int *error_num) {
(void) lwres_conf_parse(lwrctx, lwres_resolv_conf);
tmp_err = NO_RECOVERY;
if (have_v6 && af == AF_INET6) {
-
n = lwres_getaddrsbyname(lwrctx, name, LWRES_ADDRTYPE_V6, &by);
if (n == 0) {
he1 = hostfromname(by, AF_INET6);
@@ -285,7 +284,12 @@ lwres_getipnodebyname(const char *name, int af, int flags, int *error_num) {
goto cleanup;
}
} else {
- tmp_err = HOST_NOT_FOUND;
+ if (n == LWRES_R_NOTFOUND)
+ tmp_err = HOST_NOT_FOUND;
+ else {
+ *error_num = NO_RECOVERY;
+ goto cleanup;
+ }
}
}
@@ -437,9 +441,15 @@ lwres_getipnodebyaddr(const void *src, size_t len, int af, int *error_num) {
if (n != 0) {
lwres_conf_clear(lwrctx);
lwres_context_destroy(&lwrctx);
- *error_num = HOST_NOT_FOUND;
+
+ if (n == LWRES_R_NOTFOUND)
+ *error_num = HOST_NOT_FOUND;
+ else
+ *error_num = NO_RECOVERY;
+
return (NULL);
}
+
he1 = hostfromaddr(by, AF_INET6, src);
lwres_gnbaresponse_free(lwrctx, &by);
if (he1 == NULL)
@@ -492,7 +502,7 @@ lwres_freehostent(struct hostent *he) {
*/
#if defined(SIOCGLIFCONF) && defined(SIOCGLIFADDR) && \
- !defined(IRIX_EMUL_IOCTL_SIOCGIFCONF)
+ !defined(IRIX_EMUL_IOCTL_SIOCGIFCONF)
#ifdef __hpux
#define lifc_len iflc_len
@@ -504,7 +514,7 @@ lwres_freehostent(struct hostent *he) {
#define ISC_HAVE_LIFC_FLAGS 1
#define LIFCONF lifconf
#endif
-
+
#ifdef __hpux
#define lifr_addr iflr_addr
#define lifr_name iflr_name
@@ -557,7 +567,7 @@ scan_interfaces6(int *have_v4, int *have_v6) {
/*
* Some OS's just return what will fit rather
* than set EINVAL if the buffer is too small
- * to fit all the interfaces in. If
+ * to fit all the interfaces in. If
* lifc.lifc_len is too near to the end of the
* buffer we will grow it just in case and
* retry.
@@ -619,13 +629,13 @@ scan_interfaces6(int *have_v4, int *have_v6) {
if ((lifreq.lifr_flags & IFF_UP) == 0)
break;
*have_v4 = 1;
- }
+ }
break;
case AF_INET6:
if (*have_v6 == 0) {
memcpy(&in6,
&((struct sockaddr_in6 *)
- &lifreq.lifr_addr)->sin6_addr,
+ &lifreq.lifr_addr)->sin6_addr,
sizeof(in6));
if (memcmp(&in6, &in6addr_any,
sizeof(in6)) == 0)
@@ -675,7 +685,7 @@ scan_interfaces(int *have_v4, int *have_v6) {
InitSockets();
#endif
#if defined(SIOCGLIFCONF) && defined(SIOCGLIFADDR) && \
- !defined(IRIX_EMUL_IOCTL_SIOCGIFCONF)
+ !defined(IRIX_EMUL_IOCTL_SIOCGIFCONF)
/*
* Try to scan the interfaces using IPv6 ioctls().
*/
@@ -721,7 +731,7 @@ scan_interfaces(int *have_v4, int *have_v6) {
/*
* Some OS's just return what will fit rather
* than set EINVAL if the buffer is too small
- * to fit all the interfaces in. If
+ * to fit all the interfaces in. If
* ifc.ifc_len is too near to the end of the
* buffer we will grow it just in case and
* retry.
@@ -786,7 +796,7 @@ scan_interfaces(int *have_v4, int *have_v6) {
if ((u.ifreq.ifr_flags & IFF_UP) == 0)
break;
*have_v4 = 1;
- }
+ }
break;
case AF_INET6:
if (*have_v6 == 0) {
diff --git a/lib/lwres/man/lwres.3 b/lib/lwres/man/lwres.3
index e1f87936f377..14c719adb377 100644
--- a/lib/lwres/man/lwres.3
+++ b/lib/lwres/man/lwres.3
@@ -1,7 +1,7 @@
.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
-.\" Permission to use, copy, modify, and distribute this software for any
+.\" Permission to use, copy, modify, and/or distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
@@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: lwres.3,v 1.28 2007/01/30 00:24:59 marka Exp $
+.\" $Id: lwres.3,v 1.28.418.1 2009/07/11 01:55:21 tbox Exp $
.\"
.hy 0
.ad l
diff --git a/lib/lwres/man/lwres.html b/lib/lwres/man/lwres.html
index 986918a8cf7d..c90bcbd575f2 100644
--- a/lib/lwres/man/lwres.html
+++ b/lib/lwres/man/lwres.html
@@ -2,7 +2,7 @@
- Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- - Permission to use, copy, modify, and distribute this software for any
+ - Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
@@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres.html,v 1.23.514.1 2009/12/31 23:17:47 tbox Exp $ -->
+<!-- $Id: lwres.html,v 1.23.418.1 2009/07/11 01:55:21 tbox Exp $ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476267"></a><div class="titlepage"></div>
+<a name="id2476275"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres &#8212; introduction to the lightweight resolver library</p>
@@ -32,7 +32,7 @@
<div class="funcsynopsis"><pre class="funcsynopsisinfo">#include &lt;lwres/lwres.h&gt;</pre></div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543346"></a><h2>DESCRIPTION</h2>
+<a name="id2543348"></a><h2>DESCRIPTION</h2>
<p>
The BIND 9 lightweight resolver library is a simple, name service
independent stub resolver library. It provides hostname-to-address
@@ -47,7 +47,7 @@
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543358"></a><h2>OVERVIEW</h2>
+<a name="id2543361"></a><h2>OVERVIEW</h2>
<p>
The lwresd library implements multiple name service APIs.
The standard
@@ -101,7 +101,7 @@
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543422"></a><h2>CLIENT-SIDE LOW-LEVEL API CALL FLOW</h2>
+<a name="id2543425"></a><h2>CLIENT-SIDE LOW-LEVEL API CALL FLOW</h2>
<p>
When a client program wishes to make an lwres request using the
native low-level API, it typically performs the following
@@ -149,7 +149,7 @@
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543571"></a><h2>SERVER-SIDE LOW-LEVEL API CALL FLOW</h2>
+<a name="id2543573"></a><h2>SERVER-SIDE LOW-LEVEL API CALL FLOW</h2>
<p>
When implementing the server side of the lightweight resolver
protocol using the lwres library, a sequence of actions like the
@@ -191,7 +191,7 @@
<p></p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543654"></a><h2>SEE ALSO</h2>
+<a name="id2543656"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">lwres_gethostent</span>(3)</span>,
<span class="citerefentry"><span class="refentrytitle">lwres_getipnode</span>(3)</span>,
diff --git a/lib/lwres/man/lwres_buffer.3 b/lib/lwres/man/lwres_buffer.3
index cc0959d8908f..e8fe6313aeb1 100644
--- a/lib/lwres/man/lwres_buffer.3
+++ b/lib/lwres/man/lwres_buffer.3
@@ -1,7 +1,7 @@
.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
-.\" Permission to use, copy, modify, and distribute this software for any
+.\" Permission to use, copy, modify, and/or distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
@@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: lwres_buffer.3,v 1.26 2007/01/30 00:24:59 marka Exp $
+.\" $Id: lwres_buffer.3,v 1.26.418.1 2009/07/11 01:55:21 tbox Exp $
.\"
.hy 0
.ad l
diff --git a/lib/lwres/man/lwres_buffer.html b/lib/lwres/man/lwres_buffer.html
index 7ed5407c53aa..b546bcf155d0 100644
--- a/lib/lwres/man/lwres_buffer.html
+++ b/lib/lwres/man/lwres_buffer.html
@@ -2,7 +2,7 @@
- Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- - Permission to use, copy, modify, and distribute this software for any
+ - Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
@@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_buffer.html,v 1.21.514.1 2009/12/31 23:17:47 tbox Exp $ -->
+<!-- $Id: lwres_buffer.html,v 1.21.418.1 2009/07/11 01:55:21 tbox Exp $ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476267"></a><div class="titlepage"></div>
+<a name="id2476275"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_buffer_init, lwres_buffer_invalidate, lwres_buffer_add, lwres_buffer_subtract, lwres_buffer_clear, lwres_buffer_first, lwres_buffer_forward, lwres_buffer_back, lwres_buffer_getuint8, lwres_buffer_putuint8, lwres_buffer_getuint16, lwres_buffer_putuint16, lwres_buffer_getuint32, lwres_buffer_putuint32, lwres_buffer_putmem, lwres_buffer_getmem &#8212; lightweight resolver buffer management</p>
@@ -262,7 +262,7 @@ void
</div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543890"></a><h2>DESCRIPTION</h2>
+<a name="id2543892"></a><h2>DESCRIPTION</h2>
<p>
These functions provide bounds checked access to a region of memory
where data is being read or written.
diff --git a/lib/lwres/man/lwres_config.3 b/lib/lwres/man/lwres_config.3
index 6184cb23827a..2d3b8137e121 100644
--- a/lib/lwres/man/lwres_config.3
+++ b/lib/lwres/man/lwres_config.3
@@ -1,7 +1,7 @@
.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
-.\" Permission to use, copy, modify, and distribute this software for any
+.\" Permission to use, copy, modify, and/or distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
@@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: lwres_config.3,v 1.26 2007/01/30 00:24:59 marka Exp $
+.\" $Id: lwres_config.3,v 1.26.418.1 2009/07/11 01:55:21 tbox Exp $
.\"
.hy 0
.ad l
diff --git a/lib/lwres/man/lwres_config.html b/lib/lwres/man/lwres_config.html
index 050fd5de361c..fb29b7fbaec6 100644
--- a/lib/lwres/man/lwres_config.html
+++ b/lib/lwres/man/lwres_config.html
@@ -2,7 +2,7 @@
- Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- - Permission to use, copy, modify, and distribute this software for any
+ - Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
@@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_config.html,v 1.22.514.1 2009/12/31 23:17:47 tbox Exp $ -->
+<!-- $Id: lwres_config.html,v 1.22.418.1 2009/07/11 01:55:21 tbox Exp $ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476267"></a><div class="titlepage"></div>
+<a name="id2476275"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_conf_init, lwres_conf_clear, lwres_conf_parse, lwres_conf_print, lwres_conf_get &#8212; lightweight resolver configuration</p>
@@ -90,7 +90,7 @@ lwres_conf_t *
</div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543438"></a><h2>DESCRIPTION</h2>
+<a name="id2543441"></a><h2>DESCRIPTION</h2>
<p><code class="function">lwres_conf_init()</code>
creates an empty
<span class="type">lwres_conf_t</span>
@@ -123,7 +123,7 @@ lwres_conf_t *
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543506"></a><h2>RETURN VALUES</h2>
+<a name="id2543508"></a><h2>RETURN VALUES</h2>
<p><code class="function">lwres_conf_parse()</code>
returns <span class="errorcode">LWRES_R_SUCCESS</span>
if it successfully read and parsed
@@ -142,13 +142,13 @@ lwres_conf_t *
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543543"></a><h2>SEE ALSO</h2>
+<a name="id2543545"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">stdio</span>(3)</span>,
<span class="citerefentry"><span class="refentrytitle">resolver</span>(5)</span>.
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543569"></a><h2>FILES</h2>
+<a name="id2543571"></a><h2>FILES</h2>
<p><code class="filename">/etc/resolv.conf</code>
</p>
</div>
diff --git a/lib/lwres/man/lwres_context.3 b/lib/lwres/man/lwres_context.3
index b1022d860992..dae7ee5313d3 100644
--- a/lib/lwres/man/lwres_context.3
+++ b/lib/lwres/man/lwres_context.3
@@ -1,7 +1,7 @@
.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001, 2003 Internet Software Consortium.
.\"
-.\" Permission to use, copy, modify, and distribute this software for any
+.\" Permission to use, copy, modify, and/or distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
@@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: lwres_context.3,v 1.28 2007/01/30 00:24:59 marka Exp $
+.\" $Id: lwres_context.3,v 1.28.418.1 2009/07/11 01:55:21 tbox Exp $
.\"
.hy 0
.ad l
diff --git a/lib/lwres/man/lwres_context.html b/lib/lwres/man/lwres_context.html
index d6fada9b918e..22bdcd3c1e40 100644
--- a/lib/lwres/man/lwres_context.html
+++ b/lib/lwres/man/lwres_context.html
@@ -2,7 +2,7 @@
- Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001, 2003 Internet Software Consortium.
-
- - Permission to use, copy, modify, and distribute this software for any
+ - Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
@@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_context.html,v 1.23.514.1 2009/12/31 23:17:47 tbox Exp $ -->
+<!-- $Id: lwres_context.html,v 1.23.418.1 2009/07/11 01:55:21 tbox Exp $ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476267"></a><div class="titlepage"></div>
+<a name="id2476275"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_context_create, lwres_context_destroy, lwres_context_nextserial, lwres_context_initserial, lwres_context_freemem, lwres_context_allocmem, lwres_context_sendrecv &#8212; lightweight resolver context management</p>
@@ -172,7 +172,7 @@ void *
</div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543529"></a><h2>DESCRIPTION</h2>
+<a name="id2543531"></a><h2>DESCRIPTION</h2>
<p><code class="function">lwres_context_create()</code>
creates a <span class="type">lwres_context_t</span> structure for use in
lightweight resolver operations. It holds a socket and other
@@ -258,7 +258,7 @@ void *
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543717"></a><h2>RETURN VALUES</h2>
+<a name="id2543719"></a><h2>RETURN VALUES</h2>
<p><code class="function">lwres_context_create()</code>
returns <span class="errorcode">LWRES_R_NOMEMORY</span> if memory for
the <span class="type">struct lwres_context</span> could not be allocated,
@@ -283,7 +283,7 @@ void *
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543767"></a><h2>SEE ALSO</h2>
+<a name="id2543769"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">lwres_conf_init</span>(3)</span>,
<span class="citerefentry"><span class="refentrytitle">malloc</span>(3)</span>,
diff --git a/lib/lwres/man/lwres_gabn.3 b/lib/lwres/man/lwres_gabn.3
index 0c143847559c..64846d1846e5 100644
--- a/lib/lwres/man/lwres_gabn.3
+++ b/lib/lwres/man/lwres_gabn.3
@@ -1,7 +1,7 @@
.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
-.\" Permission to use, copy, modify, and distribute this software for any
+.\" Permission to use, copy, modify, and/or distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
@@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: lwres_gabn.3,v 1.27 2007/01/30 00:24:59 marka Exp $
+.\" $Id: lwres_gabn.3,v 1.27.418.1 2009/07/11 01:55:21 tbox Exp $
.\"
.hy 0
.ad l
diff --git a/lib/lwres/man/lwres_gabn.html b/lib/lwres/man/lwres_gabn.html
index efb152a381d4..e5cb4d31c025 100644
--- a/lib/lwres/man/lwres_gabn.html
+++ b/lib/lwres/man/lwres_gabn.html
@@ -2,7 +2,7 @@
- Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- - Permission to use, copy, modify, and distribute this software for any
+ - Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
@@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_gabn.html,v 1.24.514.1 2009/12/31 23:17:47 tbox Exp $ -->
+<!-- $Id: lwres_gabn.html,v 1.24.418.1 2009/07/11 01:55:21 tbox Exp $ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476267"></a><div class="titlepage"></div>
+<a name="id2476275"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_gabnrequest_render, lwres_gabnresponse_render, lwres_gabnrequest_parse, lwres_gabnresponse_parse, lwres_gabnresponse_free, lwres_gabnrequest_free &#8212; lightweight resolver getaddrbyname message handling</p>
@@ -178,7 +178,7 @@ void
</div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543520"></a><h2>DESCRIPTION</h2>
+<a name="id2543522"></a><h2>DESCRIPTION</h2>
<p>
These are low-level routines for creating and parsing
lightweight resolver name-to-address lookup request and
@@ -278,7 +278,7 @@ typedef struct {
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543665"></a><h2>RETURN VALUES</h2>
+<a name="id2543667"></a><h2>RETURN VALUES</h2>
<p>
The getaddrbyname opcode functions
<code class="function">lwres_gabnrequest_render()</code>,
@@ -316,7 +316,7 @@ typedef struct {
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543731"></a><h2>SEE ALSO</h2>
+<a name="id2543733"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">lwres_packet</span>(3)</span>
</p>
</div>
diff --git a/lib/lwres/man/lwres_gai_strerror.3 b/lib/lwres/man/lwres_gai_strerror.3
index e412b8f89d27..46b54c0f7d30 100644
--- a/lib/lwres/man/lwres_gai_strerror.3
+++ b/lib/lwres/man/lwres_gai_strerror.3
@@ -1,7 +1,7 @@
.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
-.\" Permission to use, copy, modify, and distribute this software for any
+.\" Permission to use, copy, modify, and/or distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
@@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: lwres_gai_strerror.3,v 1.27 2007/01/30 00:24:59 marka Exp $
+.\" $Id: lwres_gai_strerror.3,v 1.27.418.1 2009/07/11 01:55:21 tbox Exp $
.\"
.hy 0
.ad l
diff --git a/lib/lwres/man/lwres_gai_strerror.html b/lib/lwres/man/lwres_gai_strerror.html
index aeb0967e3e06..994782dbb273 100644
--- a/lib/lwres/man/lwres_gai_strerror.html
+++ b/lib/lwres/man/lwres_gai_strerror.html
@@ -2,7 +2,7 @@
- Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- - Permission to use, copy, modify, and distribute this software for any
+ - Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
@@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_gai_strerror.html,v 1.24.514.1 2009/12/31 23:17:48 tbox Exp $ -->
+<!-- $Id: lwres_gai_strerror.html,v 1.24.418.1 2009/07/11 01:55:21 tbox Exp $ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476267"></a><div class="titlepage"></div>
+<a name="id2476275"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_gai_strerror &#8212; print suitable error string</p>
@@ -42,7 +42,7 @@ char *
</div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543358"></a><h2>DESCRIPTION</h2>
+<a name="id2543361"></a><h2>DESCRIPTION</h2>
<p><code class="function">lwres_gai_strerror()</code>
returns an error message corresponding to an error code returned by
<code class="function">getaddrinfo()</code>.
@@ -110,7 +110,7 @@ char *
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543574"></a><h2>SEE ALSO</h2>
+<a name="id2543576"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">strerror</span>(3)</span>,
<span class="citerefentry"><span class="refentrytitle">lwres_getaddrinfo</span>(3)</span>,
diff --git a/lib/lwres/man/lwres_getaddrinfo.3 b/lib/lwres/man/lwres_getaddrinfo.3
index 7a1b5d76a816..edac0516ee5b 100644
--- a/lib/lwres/man/lwres_getaddrinfo.3
+++ b/lib/lwres/man/lwres_getaddrinfo.3
@@ -1,7 +1,7 @@
.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001, 2003 Internet Software Consortium.
.\"
-.\" Permission to use, copy, modify, and distribute this software for any
+.\" Permission to use, copy, modify, and/or distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
@@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: lwres_getaddrinfo.3,v 1.31 2007/01/30 00:24:59 marka Exp $
+.\" $Id: lwres_getaddrinfo.3,v 1.31.418.1 2009/07/11 01:55:21 tbox Exp $
.\"
.hy 0
.ad l
diff --git a/lib/lwres/man/lwres_getaddrinfo.html b/lib/lwres/man/lwres_getaddrinfo.html
index ec0083952a2b..d3f6e0ba3583 100644
--- a/lib/lwres/man/lwres_getaddrinfo.html
+++ b/lib/lwres/man/lwres_getaddrinfo.html
@@ -2,7 +2,7 @@
- Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001, 2003 Internet Software Consortium.
-
- - Permission to use, copy, modify, and distribute this software for any
+ - Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
@@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_getaddrinfo.html,v 1.27.514.1 2009/12/31 23:17:48 tbox Exp $ -->
+<!-- $Id: lwres_getaddrinfo.html,v 1.27.418.1 2009/07/11 01:55:21 tbox Exp $ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476267"></a><div class="titlepage"></div>
+<a name="id2476275"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_getaddrinfo, lwres_freeaddrinfo &#8212; socket address structure to host and service name</p>
@@ -89,7 +89,7 @@ struct addrinfo {
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543410"></a><h2>DESCRIPTION</h2>
+<a name="id2543412"></a><h2>DESCRIPTION</h2>
<p><code class="function">lwres_getaddrinfo()</code>
is used to get a list of IP addresses and port numbers for host
<em class="parameter"><code>hostname</code></em> and service
@@ -283,7 +283,7 @@ struct addrinfo {
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543787"></a><h2>RETURN VALUES</h2>
+<a name="id2543789"></a><h2>RETURN VALUES</h2>
<p><code class="function">lwres_getaddrinfo()</code>
returns zero on success or one of the error codes listed in
<span class="citerefentry"><span class="refentrytitle">gai_strerror</span>(3)</span>
@@ -294,7 +294,7 @@ struct addrinfo {
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2542118"></a><h2>SEE ALSO</h2>
+<a name="id2543827"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>,
<span class="citerefentry"><span class="refentrytitle">lwres_getaddrinfo</span>(3)</span>,
diff --git a/lib/lwres/man/lwres_gethostent.3 b/lib/lwres/man/lwres_gethostent.3
index 847d88243383..688c618d9ae8 100644
--- a/lib/lwres/man/lwres_gethostent.3
+++ b/lib/lwres/man/lwres_gethostent.3
@@ -1,7 +1,7 @@
.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2001 Internet Software Consortium.
.\"
-.\" Permission to use, copy, modify, and distribute this software for any
+.\" Permission to use, copy, modify, and/or distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
@@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: lwres_gethostent.3,v 1.29 2007/01/30 00:24:59 marka Exp $
+.\" $Id: lwres_gethostent.3,v 1.29.418.1 2009/07/11 01:55:21 tbox Exp $
.\"
.hy 0
.ad l
diff --git a/lib/lwres/man/lwres_gethostent.html b/lib/lwres/man/lwres_gethostent.html
index 9465440bd51a..3bccc48ceb84 100644
--- a/lib/lwres/man/lwres_gethostent.html
+++ b/lib/lwres/man/lwres_gethostent.html
@@ -2,7 +2,7 @@
- Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2001 Internet Software Consortium.
-
- - Permission to use, copy, modify, and distribute this software for any
+ - Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
@@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_gethostent.html,v 1.24.514.1 2009/12/31 23:17:52 tbox Exp $ -->
+<!-- $Id: lwres_gethostent.html,v 1.24.418.1 2009/07/11 01:55:21 tbox Exp $ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476267"></a><div class="titlepage"></div>
+<a name="id2476275"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_gethostbyname, lwres_gethostbyname2, lwres_gethostbyaddr, lwres_gethostent, lwres_sethostent, lwres_endhostent, lwres_gethostbyname_r, lwres_gethostbyaddr_r, lwres_gethostent_r, lwres_sethostent_r, lwres_endhostent_r &#8212; lightweight resolver get network host entry</p>
@@ -228,7 +228,7 @@ void
</div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543606"></a><h2>DESCRIPTION</h2>
+<a name="id2543608"></a><h2>DESCRIPTION</h2>
<p>
These functions provide hostname-to-address and
address-to-hostname lookups by means of the lightweight resolver.
@@ -366,7 +366,7 @@ struct hostent {
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543957"></a><h2>RETURN VALUES</h2>
+<a name="id2543959"></a><h2>RETURN VALUES</h2>
<p>
The functions
<code class="function">lwres_gethostbyname()</code>,
@@ -430,7 +430,7 @@ struct hostent {
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2544190"></a><h2>SEE ALSO</h2>
+<a name="id2544193"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">gethostent</span>(3)</span>,
<span class="citerefentry"><span class="refentrytitle">lwres_getipnode</span>(3)</span>,
@@ -439,7 +439,7 @@ struct hostent {
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2544225"></a><h2>BUGS</h2>
+<a name="id2544227"></a><h2>BUGS</h2>
<p><code class="function">lwres_gethostbyname()</code>,
<code class="function">lwres_gethostbyname2()</code>,
<code class="function">lwres_gethostbyaddr()</code>
diff --git a/lib/lwres/man/lwres_getipnode.3 b/lib/lwres/man/lwres_getipnode.3
index e5c51a999cc2..b74b342e337f 100644
--- a/lib/lwres/man/lwres_getipnode.3
+++ b/lib/lwres/man/lwres_getipnode.3
@@ -1,7 +1,7 @@
.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001, 2003 Internet Software Consortium.
.\"
-.\" Permission to use, copy, modify, and distribute this software for any
+.\" Permission to use, copy, modify, and/or distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
@@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: lwres_getipnode.3,v 1.28 2007/01/30 00:24:59 marka Exp $
+.\" $Id: lwres_getipnode.3,v 1.28.418.1 2009/07/11 01:55:21 tbox Exp $
.\"
.hy 0
.ad l
diff --git a/lib/lwres/man/lwres_getipnode.html b/lib/lwres/man/lwres_getipnode.html
index c92c51cb2802..5d9eb9d83182 100644
--- a/lib/lwres/man/lwres_getipnode.html
+++ b/lib/lwres/man/lwres_getipnode.html
@@ -2,7 +2,7 @@
- Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001, 2003 Internet Software Consortium.
-
- - Permission to use, copy, modify, and distribute this software for any
+ - Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
@@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_getipnode.html,v 1.25.514.1 2009/12/31 23:17:52 tbox Exp $ -->
+<!-- $Id: lwres_getipnode.html,v 1.25.418.1 2009/07/11 01:55:21 tbox Exp $ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476267"></a><div class="titlepage"></div>
+<a name="id2476275"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_getipnodebyname, lwres_getipnodebyaddr, lwres_freehostent &#8212; lightweight resolver nodename / address translation API</p>
@@ -98,7 +98,7 @@ void
</div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543429"></a><h2>DESCRIPTION</h2>
+<a name="id2543431"></a><h2>DESCRIPTION</h2>
<p>
These functions perform thread safe, protocol independent
nodename-to-address and address-to-nodename
@@ -217,7 +217,7 @@ struct hostent {
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543687"></a><h2>RETURN VALUES</h2>
+<a name="id2543689"></a><h2>RETURN VALUES</h2>
<p>
If an error occurs,
<code class="function">lwres_getipnodebyname()</code>
@@ -261,7 +261,7 @@ struct hostent {
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543784"></a><h2>SEE ALSO</h2>
+<a name="id2543786"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">RFC2553</span></span>,
<span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>,
diff --git a/lib/lwres/man/lwres_getnameinfo.3 b/lib/lwres/man/lwres_getnameinfo.3
index c477f7982a35..d77776b6c2af 100644
--- a/lib/lwres/man/lwres_getnameinfo.3
+++ b/lib/lwres/man/lwres_getnameinfo.3
@@ -1,7 +1,7 @@
.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
-.\" Permission to use, copy, modify, and distribute this software for any
+.\" Permission to use, copy, modify, and/or distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
@@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: lwres_getnameinfo.3,v 1.29 2007/01/30 00:24:59 marka Exp $
+.\" $Id: lwres_getnameinfo.3,v 1.29.418.1 2009/07/11 01:55:21 tbox Exp $
.\"
.hy 0
.ad l
diff --git a/lib/lwres/man/lwres_getnameinfo.html b/lib/lwres/man/lwres_getnameinfo.html
index 7730131cfdac..200f93feac44 100644
--- a/lib/lwres/man/lwres_getnameinfo.html
+++ b/lib/lwres/man/lwres_getnameinfo.html
@@ -2,7 +2,7 @@
- Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- - Permission to use, copy, modify, and distribute this software for any
+ - Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
@@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_getnameinfo.html,v 1.23.514.1 2009/12/31 23:17:52 tbox Exp $ -->
+<!-- $Id: lwres_getnameinfo.html,v 1.23.418.1 2009/07/11 01:55:21 tbox Exp $ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476267"></a><div class="titlepage"></div>
+<a name="id2476275"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_getnameinfo &#8212; lightweight resolver socket address structure to hostname and
@@ -82,7 +82,7 @@ int
</div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543390"></a><h2>DESCRIPTION</h2>
+<a name="id2543393"></a><h2>DESCRIPTION</h2>
<p>
This function is equivalent to the
<span class="citerefentry"><span class="refentrytitle">getnameinfo</span>(3)</span> function defined in RFC2133.
@@ -149,13 +149,13 @@ int
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543532"></a><h2>RETURN VALUES</h2>
+<a name="id2543534"></a><h2>RETURN VALUES</h2>
<p><code class="function">lwres_getnameinfo()</code>
returns 0 on success or a non-zero error code if an error occurs.
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543544"></a><h2>SEE ALSO</h2>
+<a name="id2543546"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">RFC2133</span></span>,
<span class="citerefentry"><span class="refentrytitle">getservbyport</span>(3)</span>,
<span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>,
@@ -165,7 +165,7 @@ int
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543602"></a><h2>BUGS</h2>
+<a name="id2543604"></a><h2>BUGS</h2>
<p>
RFC2133 fails to define what the nonzero return values of
<span class="citerefentry"><span class="refentrytitle">getnameinfo</span>(3)</span>
diff --git a/lib/lwres/man/lwres_getrrsetbyname.3 b/lib/lwres/man/lwres_getrrsetbyname.3
index 8419fff36082..bda5aa215659 100644
--- a/lib/lwres/man/lwres_getrrsetbyname.3
+++ b/lib/lwres/man/lwres_getrrsetbyname.3
@@ -1,7 +1,7 @@
.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
-.\" Permission to use, copy, modify, and distribute this software for any
+.\" Permission to use, copy, modify, and/or distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
@@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: lwres_getrrsetbyname.3,v 1.25 2007/01/30 00:24:59 marka Exp $
+.\" $Id: lwres_getrrsetbyname.3,v 1.25.418.1 2009/07/11 01:55:21 tbox Exp $
.\"
.hy 0
.ad l
diff --git a/lib/lwres/man/lwres_getrrsetbyname.html b/lib/lwres/man/lwres_getrrsetbyname.html
index 15bfb82dc644..be8c05aa0e99 100644
--- a/lib/lwres/man/lwres_getrrsetbyname.html
+++ b/lib/lwres/man/lwres_getrrsetbyname.html
@@ -2,7 +2,7 @@
- Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- - Permission to use, copy, modify, and distribute this software for any
+ - Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
@@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_getrrsetbyname.html,v 1.23.514.1 2009/12/31 23:17:53 tbox Exp $ -->
+<!-- $Id: lwres_getrrsetbyname.html,v 1.23.418.1 2009/07/11 01:55:21 tbox Exp $ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476267"></a><div class="titlepage"></div>
+<a name="id2476275"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_getrrsetbyname, lwres_freerrset &#8212; retrieve DNS records</p>
@@ -102,7 +102,7 @@ struct rrsetinfo {
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543412"></a><h2>DESCRIPTION</h2>
+<a name="id2543414"></a><h2>DESCRIPTION</h2>
<p><code class="function">lwres_getrrsetbyname()</code>
gets a set of resource records associated with a
<em class="parameter"><code>hostname</code></em>, <em class="parameter"><code>class</code></em>,
@@ -150,7 +150,7 @@ struct rrsetinfo {
<p></p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543524"></a><h2>RETURN VALUES</h2>
+<a name="id2543526"></a><h2>RETURN VALUES</h2>
<p><code class="function">lwres_getrrsetbyname()</code>
returns zero on success, and one of the following error codes if
an error occurred:
@@ -184,7 +184,7 @@ struct rrsetinfo {
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543624"></a><h2>SEE ALSO</h2>
+<a name="id2543626"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>.
</p>
</div>
diff --git a/lib/lwres/man/lwres_gnba.3 b/lib/lwres/man/lwres_gnba.3
index 39a1b9d278fa..e04fa8f3ba1d 100644
--- a/lib/lwres/man/lwres_gnba.3
+++ b/lib/lwres/man/lwres_gnba.3
@@ -1,7 +1,7 @@
.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
-.\" Permission to use, copy, modify, and distribute this software for any
+.\" Permission to use, copy, modify, and/or distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
@@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: lwres_gnba.3,v 1.27 2007/01/30 00:24:59 marka Exp $
+.\" $Id: lwres_gnba.3,v 1.27.418.1 2009/07/11 01:55:21 tbox Exp $
.\"
.hy 0
.ad l
diff --git a/lib/lwres/man/lwres_gnba.html b/lib/lwres/man/lwres_gnba.html
index 80c909ec212e..bd1ce6036f1d 100644
--- a/lib/lwres/man/lwres_gnba.html
+++ b/lib/lwres/man/lwres_gnba.html
@@ -2,7 +2,7 @@
- Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- - Permission to use, copy, modify, and distribute this software for any
+ - Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
@@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_gnba.html,v 1.24.514.1 2009/12/31 23:17:47 tbox Exp $ -->
+<!-- $Id: lwres_gnba.html,v 1.24.418.1 2009/07/11 01:55:21 tbox Exp $ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476267"></a><div class="titlepage"></div>
+<a name="id2476275"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_gnbarequest_render, lwres_gnbaresponse_render, lwres_gnbarequest_parse, lwres_gnbaresponse_parse, lwres_gnbaresponse_free, lwres_gnbarequest_free &#8212; lightweight resolver getnamebyaddress message handling</p>
@@ -183,7 +183,7 @@ void
</div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543523"></a><h2>DESCRIPTION</h2>
+<a name="id2543525"></a><h2>DESCRIPTION</h2>
<p>
These are low-level routines for creating and parsing
lightweight resolver address-to-name lookup request and
@@ -270,7 +270,7 @@ typedef struct {
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543662"></a><h2>RETURN VALUES</h2>
+<a name="id2543665"></a><h2>RETURN VALUES</h2>
<p>
The getnamebyaddr opcode functions
<code class="function">lwres_gnbarequest_render()</code>,
@@ -308,7 +308,7 @@ typedef struct {
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543729"></a><h2>SEE ALSO</h2>
+<a name="id2543731"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">lwres_packet</span>(3)</span>.
</p>
</div>
diff --git a/lib/lwres/man/lwres_hstrerror.3 b/lib/lwres/man/lwres_hstrerror.3
index 5998238e7b62..badb5fed58bd 100644
--- a/lib/lwres/man/lwres_hstrerror.3
+++ b/lib/lwres/man/lwres_hstrerror.3
@@ -1,7 +1,7 @@
.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
-.\" Permission to use, copy, modify, and distribute this software for any
+.\" Permission to use, copy, modify, and/or distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
@@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: lwres_hstrerror.3,v 1.27 2007/01/30 00:24:59 marka Exp $
+.\" $Id: lwres_hstrerror.3,v 1.27.418.1 2009/07/11 01:55:21 tbox Exp $
.\"
.hy 0
.ad l
diff --git a/lib/lwres/man/lwres_hstrerror.html b/lib/lwres/man/lwres_hstrerror.html
index b166e3d7780d..fce6c318eb8e 100644
--- a/lib/lwres/man/lwres_hstrerror.html
+++ b/lib/lwres/man/lwres_hstrerror.html
@@ -2,7 +2,7 @@
- Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- - Permission to use, copy, modify, and distribute this software for any
+ - Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
@@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_hstrerror.html,v 1.23.514.1 2009/12/31 23:17:54 tbox Exp $ -->
+<!-- $Id: lwres_hstrerror.html,v 1.23.418.1 2009/07/11 01:55:21 tbox Exp $ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476267"></a><div class="titlepage"></div>
+<a name="id2476275"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_herror, lwres_hstrerror &#8212; lightweight resolver error message generation</p>
@@ -50,7 +50,7 @@ const char *
</div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543377"></a><h2>DESCRIPTION</h2>
+<a name="id2543379"></a><h2>DESCRIPTION</h2>
<p><code class="function">lwres_herror()</code>
prints the string <em class="parameter"><code>s</code></em> on
<span class="type">stderr</span> followed by the string generated by
@@ -84,7 +84,7 @@ const char *
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543495"></a><h2>RETURN VALUES</h2>
+<a name="id2543497"></a><h2>RETURN VALUES</h2>
<p>
The string <span class="errorname">Unknown resolver error</span> is returned by
<code class="function">lwres_hstrerror()</code>
@@ -94,7 +94,7 @@ const char *
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543515"></a><h2>SEE ALSO</h2>
+<a name="id2543517"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">herror</span>(3)</span>,
<span class="citerefentry"><span class="refentrytitle">lwres_hstrerror</span>(3)</span>.
diff --git a/lib/lwres/man/lwres_inetntop.3 b/lib/lwres/man/lwres_inetntop.3
index c7d3d1263262..1f9e097479e0 100644
--- a/lib/lwres/man/lwres_inetntop.3
+++ b/lib/lwres/man/lwres_inetntop.3
@@ -1,7 +1,7 @@
.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
-.\" Permission to use, copy, modify, and distribute this software for any
+.\" Permission to use, copy, modify, and/or distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
@@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: lwres_inetntop.3,v 1.26 2007/01/30 00:24:59 marka Exp $
+.\" $Id: lwres_inetntop.3,v 1.26.418.1 2009/07/11 01:55:21 tbox Exp $
.\"
.hy 0
.ad l
diff --git a/lib/lwres/man/lwres_inetntop.html b/lib/lwres/man/lwres_inetntop.html
index 3522a1dc1912..37bd95fdbc46 100644
--- a/lib/lwres/man/lwres_inetntop.html
+++ b/lib/lwres/man/lwres_inetntop.html
@@ -2,7 +2,7 @@
- Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- - Permission to use, copy, modify, and distribute this software for any
+ - Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
@@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_inetntop.html,v 1.23.514.1 2009/12/31 23:17:48 tbox Exp $ -->
+<!-- $Id: lwres_inetntop.html,v 1.23.418.1 2009/07/11 01:55:21 tbox Exp $ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476267"></a><div class="titlepage"></div>
+<a name="id2476275"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_net_ntop &#8212; lightweight resolver IP address presentation</p>
@@ -62,7 +62,7 @@ const char *
</div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543377"></a><h2>DESCRIPTION</h2>
+<a name="id2543379"></a><h2>DESCRIPTION</h2>
<p><code class="function">lwres_net_ntop()</code>
converts an IP address of protocol family
<em class="parameter"><code>af</code></em> &#8212; IPv4 or IPv6 &#8212; at
@@ -80,7 +80,7 @@ const char *
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543409"></a><h2>RETURN VALUES</h2>
+<a name="id2543411"></a><h2>RETURN VALUES</h2>
<p>
If successful, the function returns <em class="parameter"><code>dst</code></em>:
a pointer to a string containing the presentation format of the
@@ -93,7 +93,7 @@ const char *
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543442"></a><h2>SEE ALSO</h2>
+<a name="id2543444"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">RFC1884</span></span>,
<span class="citerefentry"><span class="refentrytitle">inet_ntop</span>(3)</span>,
<span class="citerefentry"><span class="refentrytitle">errno</span>(3)</span>.
diff --git a/lib/lwres/man/lwres_noop.3 b/lib/lwres/man/lwres_noop.3
index 0e4ed719472c..6c39ce6fdf34 100644
--- a/lib/lwres/man/lwres_noop.3
+++ b/lib/lwres/man/lwres_noop.3
@@ -1,7 +1,7 @@
.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
-.\" Permission to use, copy, modify, and distribute this software for any
+.\" Permission to use, copy, modify, and/or distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
@@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: lwres_noop.3,v 1.28 2007/01/30 00:24:59 marka Exp $
+.\" $Id: lwres_noop.3,v 1.28.418.1 2009/07/11 01:55:21 tbox Exp $
.\"
.hy 0
.ad l
diff --git a/lib/lwres/man/lwres_noop.html b/lib/lwres/man/lwres_noop.html
index 18a41fa0a542..c8fad5d37033 100644
--- a/lib/lwres/man/lwres_noop.html
+++ b/lib/lwres/man/lwres_noop.html
@@ -2,7 +2,7 @@
- Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- - Permission to use, copy, modify, and distribute this software for any
+ - Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
@@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_noop.html,v 1.25.514.1 2009/12/31 23:17:54 tbox Exp $ -->
+<!-- $Id: lwres_noop.html,v 1.25.418.1 2009/07/11 01:55:21 tbox Exp $ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476267"></a><div class="titlepage"></div>
+<a name="id2476275"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_nooprequest_render, lwres_noopresponse_render, lwres_nooprequest_parse, lwres_noopresponse_parse, lwres_noopresponse_free, lwres_nooprequest_free &#8212; lightweight resolver no-op message handling</p>
@@ -179,7 +179,7 @@ void
</div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543520"></a><h2>DESCRIPTION</h2>
+<a name="id2543522"></a><h2>DESCRIPTION</h2>
<p>
These are low-level routines for creating and parsing
lightweight resolver no-op request and response messages.
@@ -270,7 +270,7 @@ typedef struct {
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543670"></a><h2>RETURN VALUES</h2>
+<a name="id2543672"></a><h2>RETURN VALUES</h2>
<p>
The no-op opcode functions
<code class="function">lwres_nooprequest_render()</code>,
@@ -309,7 +309,7 @@ typedef struct {
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543736"></a><h2>SEE ALSO</h2>
+<a name="id2543738"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">lwres_packet</span>(3)</span>
</p>
</div>
diff --git a/lib/lwres/man/lwres_packet.3 b/lib/lwres/man/lwres_packet.3
index 1e1f98fe9b97..068d24105c53 100644
--- a/lib/lwres/man/lwres_packet.3
+++ b/lib/lwres/man/lwres_packet.3
@@ -1,7 +1,7 @@
.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
-.\" Permission to use, copy, modify, and distribute this software for any
+.\" Permission to use, copy, modify, and/or distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
@@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: lwres_packet.3,v 1.29 2007/01/30 00:24:59 marka Exp $
+.\" $Id: lwres_packet.3,v 1.29.418.1 2009/07/11 01:55:21 tbox Exp $
.\"
.hy 0
.ad l
diff --git a/lib/lwres/man/lwres_packet.html b/lib/lwres/man/lwres_packet.html
index 11601e86b122..17aed04dcd2a 100644
--- a/lib/lwres/man/lwres_packet.html
+++ b/lib/lwres/man/lwres_packet.html
@@ -2,7 +2,7 @@
- Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- - Permission to use, copy, modify, and distribute this software for any
+ - Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
@@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_packet.html,v 1.26.514.1 2009/12/31 23:17:54 tbox Exp $ -->
+<!-- $Id: lwres_packet.html,v 1.26.418.1 2009/07/11 01:55:21 tbox Exp $ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476267"></a><div class="titlepage"></div>
+<a name="id2476275"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_lwpacket_renderheader, lwres_lwpacket_parseheader &#8212; lightweight resolver packet handling functions</p>
@@ -66,7 +66,7 @@ lwres_result_t
</div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543387"></a><h2>DESCRIPTION</h2>
+<a name="id2543389"></a><h2>DESCRIPTION</h2>
<p>
These functions rely on a
<span class="type">struct lwres_lwpacket</span>
@@ -219,7 +219,7 @@ struct lwres_lwpacket {
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543704"></a><h2>RETURN VALUES</h2>
+<a name="id2543706"></a><h2>RETURN VALUES</h2>
<p>
Successful calls to
<code class="function">lwres_lwpacket_renderheader()</code> and
diff --git a/lib/lwres/man/lwres_resutil.3 b/lib/lwres/man/lwres_resutil.3
index d26f77c52531..2297cb73956e 100644
--- a/lib/lwres/man/lwres_resutil.3
+++ b/lib/lwres/man/lwres_resutil.3
@@ -1,7 +1,7 @@
.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (C) 2000, 2001 Internet Software Consortium.
.\"
-.\" Permission to use, copy, modify, and distribute this software for any
+.\" Permission to use, copy, modify, and/or distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
@@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: lwres_resutil.3,v 1.28 2007/01/30 00:24:59 marka Exp $
+.\" $Id: lwres_resutil.3,v 1.28.418.1 2009/07/11 01:55:21 tbox Exp $
.\"
.hy 0
.ad l
diff --git a/lib/lwres/man/lwres_resutil.html b/lib/lwres/man/lwres_resutil.html
index e67ac0aa7968..3cde25b7917b 100644
--- a/lib/lwres/man/lwres_resutil.html
+++ b/lib/lwres/man/lwres_resutil.html
@@ -2,7 +2,7 @@
- Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2000, 2001 Internet Software Consortium.
-
- - Permission to use, copy, modify, and distribute this software for any
+ - Permission to use, copy, modify, and/or distribute this software for any
- purpose with or without fee is hereby granted, provided that the above
- copyright notice and this permission notice appear in all copies.
-
@@ -14,7 +14,7 @@
- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- PERFORMANCE OF THIS SOFTWARE.
-->
-<!-- $Id: lwres_resutil.html,v 1.25.514.1 2009/12/31 23:17:54 tbox Exp $ -->
+<!-- $Id: lwres_resutil.html,v 1.25.418.1 2009/07/11 01:55:21 tbox Exp $ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476267"></a><div class="titlepage"></div>
+<a name="id2476275"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>lwres_string_parse, lwres_addr_parse, lwres_getaddrsbyname, lwres_getnamebyaddr &#8212; lightweight resolver utility functions</p>
@@ -134,7 +134,7 @@ lwres_result_t
</div>
</div>
<div class="refsect1" lang="en">
-<a name="id2543464"></a><h2>DESCRIPTION</h2>
+<a name="id2543466"></a><h2>DESCRIPTION</h2>
<p><code class="function">lwres_string_parse()</code>
retrieves a DNS-encoded string starting the current pointer of
lightweight resolver buffer <em class="parameter"><code>b</code></em>: i.e.
@@ -210,7 +210,7 @@ typedef struct {
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543603"></a><h2>RETURN VALUES</h2>
+<a name="id2543605"></a><h2>RETURN VALUES</h2>
<p>
Successful calls to
<code class="function">lwres_string_parse()</code>
@@ -248,7 +248,7 @@ typedef struct {
</p>
</div>
<div class="refsect1" lang="en">
-<a name="id2543674"></a><h2>SEE ALSO</h2>
+<a name="id2543676"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">lwres_buffer</span>(3)</span>,
<span class="citerefentry"><span class="refentrytitle">lwres_gabn</span>(3)</span>.