diff options
96 files changed, 13216 insertions, 3275 deletions
diff --git a/Changelog b/Changelog index 93e53931d849..845d5b8a7388 100644 --- a/Changelog +++ b/Changelog @@ -1,3 +1,51 @@ +1.6.16 2012-11-13 + * Fix Makefile to build pyldns with BSD make + * Fix typo in exporting b32_* symbols to make pyldns load again + * Allow leaving the RR owner name empty in ldns-testns datafiles. + * Fix fail to create NSEC3 bitmap for empty non-terminal (bug + introduced in 1.6.14). + +1.6.15 2012-10-25 + * Remove LDNS_STATUS_EXISTS_ERR from ldns/error.h to make ldns + binary compatible with earlier releases again. + +1.6.14 2012-10-23 + * DANE support (RFC6698), including ldns-dane example tool. + * Configurable default CA certificate repository for ldns-dane with + --with-ca-file=CAFILE and --with-ca-path=CAPATH + * Configurable default trust anchor with --with-trust-anchor=FILE + for drill, ldns-verify-zone and ldns-dane + * bugfix #474: Define socklen_t when undefined (like in Win32) + * bugfix #473: Dead code removal and resource leak fix in drill + * bugfix #471: Let ldns_resolver_push_dnssec_anchor accept DS RR's too. + * Various bugfixes from code reviews from CZ.NIC and Paul Wouters + * ldns-notify TSIG option argument checking + * Let ldns_resolver_nameservers_randomize keep nameservers and rtt's + in sync. + * Let ldns_pkt_push_rr now return false on (memory) errors. + * Make buffer_export comply to documentation and fix buffer2str + * Various improvements and fixes of pyldns from Katel Slany + now documented in their own Changelog. + * bugfix: Make ldns_resolver_pop_nameserver clear the array when + there was only one. + * bugfix #459: Remove ldns_symbols and export symbols based on regex + * bugfix #458: Track all newly created signatures when signing. + * bugfix #454: Only set -g and -O2 CFLAGS when no CFLAGS was given. + * bugfix #457: Memory leak fix for ldns_key_new_frm_algorithm. + * pyldns memory handling fixes and the python3/ldns-signzone.py + examples script contribution from Karel Slany. + * bugfix #450: Base # bytes for P, G and Y (T) on the guaranteed + to be bigger (or equal) P in ldns_key_dsa2bin. + * bugfix #449: Deep free cloned rdf's in ldns_tsig_mac_new. + * bugfix #448: Copy nameserver value (in stead of reference) of the + answering nameserver to the answer packet in ldns_send_buffer, so + the original value may be deep freed with the ldns_resolver struct. + * New -0 option for ldns-read-zone to replace inception, expiration + and signature rdata fields with (null). Thanks Paul Wouters. + * New -p option for ldns-read-zone to prepend-pad SOA serial to take + up ten characters. + * Return error if printing RR fails due to unknown/null RDATA. + 1.6.13 2012-05-21 * New -S option for ldns-verify-zone to chase signatures online. * New -k option for ldns-verify-zone to validate using a trusted key. diff --git a/Makefile.in b/Makefile.in index dfe3f352b13d..68ee644b9272 100644 --- a/Makefile.in +++ b/Makefile.in @@ -23,6 +23,7 @@ pyldns_uninst = @PYLDNSUNINST@ pyldnsx_inst = @PYLDNSXINST@ pyldnsx_uninst = @PYLDNSXUNINST@ libtool = @libtool@ +CONFIG_FILES = @CONFIG_FILES@ # override $U variable which is used by autotools for deansification (for # K&R C compilers), but causes problems if $U is defined in the env). @@ -41,6 +42,7 @@ PYTHON_X_CFLAGS = @PYTHON_X_CFLAGS@ LIBSSL_CPPFLAGS = @LIBSSL_CPPFLAGS@ LIBSSL_LDFLAGS = @LIBSSL_LDFLAGS@ LIBSSL_LIBS = @LIBSSL_LIBS@ +LIBSSL_SSL_LIBS = @LIBSSL_SSL_LIBS@ LIBPCAP_LIBS = @LIBPCAP_LIBS@ RUNTIME_PATH = @RUNTIME_PATH@ LIBTOOL = $(libtool) --tag=CC --quiet @@ -60,12 +62,12 @@ DEPFLAG = @DEPFLAG@ INSTALL = $(srcdir)/install-sh LIBLOBJS = $(LIBOBJS:.o=.lo) -LDNS_LOBJS = buffer.lo dname.lo dnssec.lo dnssec_sign.lo dnssec_verify.lo dnssec_zone.lo duration.lo error.lo higher.lo host2str.lo host2wire.lo keys.lo net.lo packet.lo parse.lo rbtree.lo rdata.lo resolver.lo rr.lo rr_functions.lo sha1.lo sha2.lo str2host.lo tsig.lo update.lo util.lo wire2host.lo zone.lo +LDNS_LOBJS = buffer.lo dane.lo dname.lo dnssec.lo dnssec_sign.lo dnssec_verify.lo dnssec_zone.lo duration.lo error.lo higher.lo host2str.lo host2wire.lo keys.lo net.lo packet.lo parse.lo rbtree.lo rdata.lo resolver.lo rr.lo rr_functions.lo sha1.lo sha2.lo str2host.lo tsig.lo update.lo util.lo wire2host.lo zone.lo LDNS_LOBJS_EX = ^linktest\.c$$ LDNS_ALL_LOBJS = $(LDNS_LOBJS) $(LIBLOBJS) LIB = libldns.la -LDNS_HEADERS = buffer.h dname.h dnssec.h dnssec_sign.h dnssec_verify.h dnssec_zone.h duration.h error.h higher.h host2str.h host2wire.h keys.h ldns.h packet.h parse.h rbtree.h rdata.h resolver.h rr_functions.h rr.h sha1.h sha2.h str2host.h tsig.h update.h wire2host.h zone.h +LDNS_HEADERS = buffer.h dane.h dname.h dnssec.h dnssec_sign.h dnssec_verify.h dnssec_zone.h duration.h error.h higher.h host2str.h host2wire.h keys.h ldns.h packet.h parse.h rbtree.h rdata.h resolver.h rr_functions.h rr.h sha1.h sha2.h str2host.h tsig.h update.h wire2host.h zone.h LDNS_HEADERS_EX = ^config\.h|common\.h|util\.h|net\.h$$ LDNS_HEADERS_GEN= common.h util.h net.h @@ -73,14 +75,16 @@ PYLDNS_I_FILES = $(pywrapdir)/file_py3.i $(pywrapdir)/ldns_buffer.i $(pywrapdir) DRILL_LOBJS = drill/chasetrace.lo drill/dnssec.lo drill/drill.lo drill/drill_util.lo drill/error.lo drill/root.lo drill/securetrace.lo drill/work.lo -EXAMPLE_LOBJS = examples/ldns-chaos.lo examples/ldns-compare-zones.lo examples/ldnsd.lo examples/ldns-dpa.lo examples/ldns-gen-zone.lo examples/ldns-key2ds.lo examples/ldns-keyfetcher.lo examples/ldns-keygen.lo examples/ldns-mx.lo examples/ldns-notify.lo examples/ldns-nsec3-hash.lo examples/ldns-read-zone.lo examples/ldns-resolver.lo examples/ldns-revoke.lo examples/ldns-rrsig.lo examples/ldns-signzone.lo examples/ldns-test-edns.lo examples/ldns-testns.lo examples/ldns-testpkts.lo examples/ldns-update.lo examples/ldns-verify-zone.lo examples/ldns-version.lo examples/ldns-walk.lo examples/ldns-zcat.lo examples/ldns-zsplit.lo +EXAMPLE_LOBJS = examples/ldns-chaos.lo examples/ldns-compare-zones.lo examples/ldns-dane.lo examples/ldnsd.lo examples/ldns-dpa.lo examples/ldns-gen-zone.lo examples/ldns-key2ds.lo examples/ldns-keyfetcher.lo examples/ldns-keygen.lo examples/ldns-mx.lo examples/ldns-notify.lo examples/ldns-nsec3-hash.lo examples/ldns-read-zone.lo examples/ldns-resolver.lo examples/ldns-revoke.lo examples/ldns-rrsig.lo examples/ldns-signzone.lo examples/ldns-test-edns.lo examples/ldns-testns.lo examples/ldns-testpkts.lo examples/ldns-update.lo examples/ldns-verify-zone.lo examples/ldns-version.lo examples/ldns-walk.lo examples/ldns-zcat.lo examples/ldns-zsplit.lo EXAMPLE_PROGS = examples/ldns-chaos examples/ldns-compare-zones examples/ldnsd examples/ldns-gen-zone examples/ldns-key2ds examples/ldns-keyfetcher examples/ldns-keygen examples/ldns-mx examples/ldns-notify examples/ldns-read-zone examples/ldns-resolver examples/ldns-rrsig examples/ldns-test-edns examples/ldns-update examples/ldns-version examples/ldns-walk examples/ldns-zcat examples/ldns-zsplit -EX_PROGS_BASENM = ldns-chaos ldns-compare-zones ldnsd ldns-dpa ldns-gen-zone ldns-key2ds ldns-keyfetcher ldns-keygen ldns-mx ldns-notify ldns-nsec3-hash ldns-read-zone ldns-resolver ldns-revoke ldns-rrsig ldns-signzone ldns-test-edns ldns-testns ldns-testpkts ldns-update ldns-verify-zone ldns-version ldns-walk ldns-zcat ldns-zsplit -EXAMPLE_PROGS_EX= ^examples/ldns-testpkts\.c|examples/ldns-testns\.c|examples/ldns-dpa\.c|examples/ldns-nsec3-hash\.c|examples/ldns-revoke\.c|examples/ldns-signzone\.c|examples/ldns-verify-zone\.c$$ +EX_PROGS_BASENM = ldns-chaos ldns-compare-zones ldns-dane ldnsd ldns-dpa ldns-gen-zone ldns-key2ds ldns-keyfetcher ldns-keygen ldns-mx ldns-notify ldns-nsec3-hash ldns-read-zone ldns-resolver ldns-revoke ldns-rrsig ldns-signzone ldns-test-edns ldns-testns ldns-testpkts ldns-update ldns-verify-zone ldns-version ldns-walk ldns-zcat ldns-zsplit +EXAMPLE_PROGS_EX= ^examples/ldns-testpkts\.c|examples/ldns-testns\.c|examples/ldns-dane\.c|examples/ldns-dpa\.c|examples/ldns-nsec3-hash\.c|examples/ldns-revoke\.c|examples/ldns-signzone\.c|examples/ldns-verify-zone\.c$$ TESTNS = examples/ldns-testns TESTNS_LOBJS = examples/ldns-testns.lo examples/ldns-testpkts.lo LDNS_DPA = examples/ldns-dpa LDNS_DPA_LOBJS = examples/ldns-dpa.lo +LDNS_DANE = examples/ldns-dane +LDNS_DANE_LOBJS = examples/ldns-dane.lo EX_SSL_PROGS = examples/ldns-nsec3-hash examples/ldns-revoke examples/ldns-signzone examples/ldns-verify-zone EX_SSL_LOBJS = examples/ldns-nsec3-hash.lo examples/ldns-revoke.lo examples/ldns-signzone.lo examples/ldns-verify-zone.lo @@ -140,7 +144,7 @@ install-drill: drill/drill $(INSTALL) -m 755 -d $(DESTDIR)$(mandir) $(INSTALL) -m 755 -d $(DESTDIR)$(mandir)/man1 $(LIBTOOL) --mode=install cp drill/drill $(DESTDIR)$(bindir) - $(INSTALL) -m 644 $(srcdir)/drill/drill.1 $(DESTDIR)$(mandir)/man1/drill.1 + $(INSTALL) -m 644 drill/drill.1 $(DESTDIR)$(mandir)/man1/drill.1 uninstall-drill: rm -f $(DESTDIR)$(bindir)/drill $(DESTDIR)$(mandir)/man1/drill.1 @@ -150,7 +154,7 @@ uninstall-drill: clean-drill: $(LIBTOOL) --mode clean rm -f $(DRILL_LOBJS) drill/drill -examples: no-examples-config-h $(EXAMPLE_PROGS) $(TESTNS) $(LDNS_DPA) $(EX_SSL_PROGS) +examples: no-examples-config-h $(EXAMPLE_PROGS) $(TESTNS) $(LDNS_DPA) $(LDNS_DANE) $(EX_SSL_PROGS) no-examples-config-h: @if test -e $(srcdir)/examples/config.h -o -e examples/config.h ; \ then echo "A config.h was detected in the examples subdirectory." ; \ @@ -169,16 +173,23 @@ $(LDNS_DPA): $(LINK_EXE) $(LDNS_DPA_LOBJS) $(LIBS) $(LIBPCAP_LIBS) -lldns \ -o $(LDNS_DPA) +$(LDNS_DANE): + $(LINK_EXE) $(LDNS_DANE_LOBJS) $(LIBS) $(LIBSSL_SSL_LIBS) -lldns \ + -o $(LDNS_DANE) + $(EX_SSL_PROGS): $(LINK_EXE) $@.lo $(LIBS) $(LIBSSL_LIBS) -lldns -o $@ -install-examples: $(EXAMPLE_PROGS) $(TESTNS) $(LDNS_DPA) $(EX_SSL_PROGS) +install-examples: $(EXAMPLE_PROGS) $(TESTNS) $(LDNS_DPA) $(LDNS_DANE) $(EX_SSL_PROGS) $(INSTALL) -m 755 -d $(DESTDIR)$(bindir) $(INSTALL) -m 755 -d $(DESTDIR)$(mandir) $(INSTALL) -m 755 -d $(DESTDIR)$(mandir)/man1 - for p in $(EXAMPLE_PROGS) $(TESTNS) $(LDNS_DPA) $(EX_SSL_PROGS) ; do \ + for p in $(EXAMPLE_PROGS) $(TESTNS) $(LDNS_DPA) $(LDNS_DANE) $(EX_SSL_PROGS) ; do \ $(LIBTOOL) --mode=install cp $$p $(DESTDIR)$(bindir) ; \ - $(INSTALL) -m 644 $(srcdir)/$$p.1 $(DESTDIR)$(mandir)/man1 ; \ + if test -f $$p.1 ; \ + then $(INSTALL) -m 644 $$p.1 $(DESTDIR)$(mandir)/man1 ; \ + else $(INSTALL) -m 644 $(srcdir)/$$p.1 $(DESTDIR)$(mandir)/man1 ; \ + fi ; \ done uninstall-examples: @@ -190,7 +201,7 @@ uninstall-examples: clean-examples: $(LIBTOOL) --mode clean rm -f $(EXAMPLE_PROGS) - $(LIBTOOL) --mode clean rm -f $(TESTNS) $(LDNS_DPA) $(EX_SSL_PROGS) + $(LIBTOOL) --mode clean rm -f $(TESTNS) $(LDNS_DPA) $(LDNS_DANE) $(EX_SSL_PROGS) $(LIBTOOL) --mode clean rm -f $(EXAMPLE_LOBJS) linktest: $(srcdir)/linktest.c libldns.la @@ -201,7 +212,7 @@ lib: libldns.la lib-export-all: libldns.la-export-all libldns.la: $(LDNS_ALL_LOBJS) - $(LINK_LIB) $(LIBSSL_LDFLAGS) $(LIBSSL_LIBS) --export-symbols $(srcdir)/ldns_symbols.def -o libldns.la $(LDNS_ALL_LOBJS) -rpath $(libdir) $(RUNTIME_PATH) + $(LINK_LIB) $(LIBSSL_LDFLAGS) $(LIBSSL_LIBS) -export-symbols-regex '^(ldns_|b32_[pn]to[pn]|mktime_from_utc|qsort_rr_compare_nsec3)' -o libldns.la $(LDNS_ALL_LOBJS) -rpath $(libdir) $(RUNTIME_PATH) libldns.la-export-all: $(LDNS_ALL_LOBJS) $(LINK_LIB) -o libldns.la $(LDNS_ALL_LOBJS) -rpath $(libdir) $(RUNTIME_PATH) @@ -231,10 +242,10 @@ $(pywrapdir)/ldns_wrapper.c: $(PYLDNS_I_FILES) ldns/config.h $(swig) $(swigpy_flags) -o $@ $(CPPFLAGS) $(PYTHON_CPPFLAGS) $(pywrapdir)/ldns.i ldns_wrapper.lo: $(pywrapdir)/ldns_wrapper.c ldns/config.h - $(COMP_LIB) -I./include/ldns $(PYTHON_CPPFLAGS) $(PYTHON_X_CFLAGS) -c $< -o $@ + $(COMP_LIB) -I./include/ldns $(PYTHON_CPPFLAGS) $(PYTHON_X_CFLAGS) -c $(pywrapdir)/ldns_wrapper.c -o $@ _ldns.la: ldns_wrapper.lo libldns.la - $(LIBTOOL) --tag=CC --mode=link $(CC) $(CFLAGS) $(PYTHON_CFLAGS) $(LDFLAGS) $(PYTHON_LDFLAGS) -module -version-number $(version_info) -no-undefined -o $@ $< -rpath $(python_site) -L. -L.libs -lldns $(LIBS) + $(LIBTOOL) --tag=CC --mode=link $(CC) $(CFLAGS) $(PYTHON_CFLAGS) $(LDFLAGS) $(PYTHON_LDFLAGS) -module -version-number $(version_info) -no-undefined -o $@ ldns_wrapper.lo -rpath $(python_site) -L. -L.libs -lldns $(LIBS) install: install-h install-lib @INSTALL_CONFIG@ install-manpages $(pyldns_inst) $(pyldnsx_inst) @INSTALL_DRILL@ @INSTALL_EXAMPLES@ @@ -325,13 +336,8 @@ clean: @CLEAN_DRILL@ @CLEAN_EXAMPLES@ clean-manpages clean-lib putdown-builddir realclean: clean docclean rm -f config.status rm -f config.log - rm -f Makefile + rm -f $(CONFIG_FILES) rm -f ldns/config.h - rm -f ldns/util.h - rm -f ldns/common.h - rm -f ldns/net.h - rm -f packaging/ldns-config - rm -f packaging/libldns.pc if test -d packaging -a ! -f packaging/ldns-config.in ; then \ rmdir packaging || : ; fi rm -f libtool @@ -363,7 +369,8 @@ distclean: realclean ## No need for changes here -lint: @LINT_DRILL@ @LINT_EXAMPLES@ +lint: lint-lib @LINT_DRILL@ @LINT_EXAMPLES@ +lint-lib: for i in $(srcdir)/*.c; do \ $(LINT) $(LINTFLAGS) -I. -I$(srcdir) $(srcdir)/$$i ; \ if test $$? -ne 0 ; then exit 1 ; fi ; \ @@ -449,7 +456,7 @@ depend: >> $(DEPEND_TMP) ;\ done; \ done - for p in $(EXAMPLE_PROGS) $(LDNS_DPA) $(EX_SSL_PROGS); do \ + for p in $(EXAMPLE_PROGS) $(LDNS_DPA) $(LDNS_DANE) $(EX_SSL_PROGS); do \ echo "$$p: $$p.lo $$p.o \$$(LIB)" >> $(DEPEND_TMP) ; done echo "$(TESTNS): `for o in $(TESTNS_LOBJS) ; do \ echo -n "$$o $${o%lo}o " ; done` \$$(LIB)" \ @@ -468,610 +475,515 @@ depend: # Dependencies -buffer.lo buffer.o: $(srcdir)/buffer.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ +buffer.lo buffer.o: $(srcdir)/buffer.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ + $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ + $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h \ + $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ $(srcdir)/ldns/sha2.h -dname.lo dname.o: $(srcdir)/dname.c $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ +dane.lo dane.o: $(srcdir)/dane.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ + $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ + $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h \ + $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ $(srcdir)/ldns/sha2.h -dnssec.lo dnssec.o: $(srcdir)/dnssec.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ +dname.lo dname.o: $(srcdir)/dname.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ + $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ + $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h \ + $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ $(srcdir)/ldns/sha2.h -dnssec_sign.lo dnssec_sign.o: $(srcdir)/dnssec_sign.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ +dnssec.lo dnssec.o: $(srcdir)/dnssec.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ + $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ + $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h \ + $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ $(srcdir)/ldns/sha2.h -dnssec_verify.lo dnssec_verify.o: $(srcdir)/dnssec_verify.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ +dnssec_sign.lo dnssec_sign.o: $(srcdir)/dnssec_sign.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ + ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ + $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h \ + $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ $(srcdir)/ldns/sha2.h -dnssec_zone.lo dnssec_zone.o: $(srcdir)/dnssec_zone.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ +dnssec_verify.lo dnssec_verify.o: $(srcdir)/dnssec_verify.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ + ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ + $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h \ + $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ $(srcdir)/ldns/sha2.h -duration.lo duration.o: $(srcdir)/duration.c \ - $(srcdir)/ldns/duration.h -error.lo error.o: $(srcdir)/error.c $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ +dnssec_zone.lo dnssec_zone.o: $(srcdir)/dnssec_zone.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ + ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ + $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h \ + $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ $(srcdir)/ldns/sha2.h -higher.lo higher.o: $(srcdir)/higher.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ +duration.lo duration.o: $(srcdir)/duration.c ldns/config.h $(srcdir)/ldns/duration.h +error.lo error.o: $(srcdir)/error.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ + $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ + $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h \ + $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ $(srcdir)/ldns/sha2.h -host2str.lo host2str.o: $(srcdir)/host2str.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ +higher.lo higher.o: $(srcdir)/higher.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ + $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ + $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h \ + $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ $(srcdir)/ldns/sha2.h -host2wire.lo host2wire.o: $(srcdir)/host2wire.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ +host2str.lo host2str.o: $(srcdir)/host2str.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ + ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ + $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h \ + $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ $(srcdir)/ldns/sha2.h -keys.lo keys.o: $(srcdir)/keys.c $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ +host2wire.lo host2wire.o: $(srcdir)/host2wire.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ + ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ + $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h \ + $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ $(srcdir)/ldns/sha2.h -linktest.lo linktest.o: $(srcdir)/linktest.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -net.lo net.o: $(srcdir)/net.c $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -packet.lo packet.o: $(srcdir)/packet.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -parse.lo parse.o: $(srcdir)/parse.c $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ +keys.lo keys.o: $(srcdir)/keys.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ + $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ + $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h \ + $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ $(srcdir)/ldns/sha2.h -rbtree.lo rbtree.o: $(srcdir)/rbtree.c \ - $(srcdir)/ldns/rbtree.h \ - -rdata.lo rdata.o: $(srcdir)/rdata.c $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ +linktest.lo linktest.o: $(srcdir)/linktest.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ + ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ + $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h \ + $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ $(srcdir)/ldns/sha2.h -resolver.lo resolver.o: $(srcdir)/resolver.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ +net.lo net.o: $(srcdir)/net.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ + $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ + $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h \ + $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ $(srcdir)/ldns/sha2.h -rr.lo rr.o: $(srcdir)/rr.c $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -rr_functions.lo rr_functions.o: $(srcdir)/rr_functions.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -sha1.lo sha1.o: $(srcdir)/sha1.c $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -sha2.lo sha2.o: $(srcdir)/sha2.c $(srcdir)/ldns/sha2.h -str2host.lo str2host.o: $(srcdir)/str2host.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -tsig.lo tsig.o: $(srcdir)/tsig.c $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -update.lo update.o: $(srcdir)/update.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -util.lo util.o: $(srcdir)/util.c $(srcdir)/ldns/rdata.h \ - $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/rr.h $(srcdir)/ldns/buffer.h -wire2host.lo wire2host.o: $(srcdir)/wire2host.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -zone.lo zone.o: $(srcdir)/zone.c $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -compat/b32_ntop.lo compat/b32_ntop.o: $(srcdir)/compat/b32_ntop.c -compat/b32_pton.lo compat/b32_pton.o: $(srcdir)/compat/b32_pton.c -compat/b64_ntop.lo compat/b64_ntop.o: $(srcdir)/compat/b64_ntop.c -compat/b64_pton.lo compat/b64_pton.o: $(srcdir)/compat/b64_pton.c -compat/calloc.lo compat/calloc.o: $(srcdir)/compat/calloc.c -compat/ctime_r.lo compat/ctime_r.o: $(srcdir)/compat/ctime_r.c -compat/fake-rfc2553.lo compat/fake-rfc2553.o: $(srcdir)/compat/fake-rfc2553.c \ +packet.lo packet.o: $(srcdir)/packet.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ + $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ + $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h \ + $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ + $(srcdir)/ldns/sha2.h +parse.lo parse.o: $(srcdir)/parse.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ + $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ + $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h \ + $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ + $(srcdir)/ldns/sha2.h +rbtree.lo rbtree.o: $(srcdir)/rbtree.c ldns/config.h $(srcdir)/ldns/rbtree.h ldns/util.h ldns/common.h +rdata.lo rdata.o: $(srcdir)/rdata.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ + $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ + $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h \ + $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ + $(srcdir)/ldns/sha2.h +resolver.lo resolver.o: $(srcdir)/resolver.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ + ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ + $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h \ + $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ + $(srcdir)/ldns/sha2.h +rr.lo rr.o: $(srcdir)/rr.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ + $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ + $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h \ + $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ + $(srcdir)/ldns/sha2.h +rr_functions.lo rr_functions.o: $(srcdir)/rr_functions.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ + ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ + $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h \ + $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ + $(srcdir)/ldns/sha2.h +sha1.lo sha1.o: $(srcdir)/sha1.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ + $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ + $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h \ + $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ + $(srcdir)/ldns/sha2.h +sha2.lo sha2.o: $(srcdir)/sha2.c ldns/config.h $(srcdir)/ldns/sha2.h +str2host.lo str2host.o: $(srcdir)/str2host.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ + ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ + $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h \ + $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ + $(srcdir)/ldns/sha2.h +tsig.lo tsig.o: $(srcdir)/tsig.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ + $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ + $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h \ + $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ + $(srcdir)/ldns/sha2.h +update.lo update.o: $(srcdir)/update.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ + $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ + $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h \ + $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ + $(srcdir)/ldns/sha2.h +util.lo util.o: $(srcdir)/util.c ldns/config.h $(srcdir)/ldns/rdata.h ldns/common.h $(srcdir)/ldns/error.h \ + ldns/util.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/buffer.h +wire2host.lo wire2host.o: $(srcdir)/wire2host.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ + ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ + $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h \ + $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ + $(srcdir)/ldns/sha2.h +zone.lo zone.o: $(srcdir)/zone.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ + $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ + $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h \ + $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ + $(srcdir)/ldns/sha2.h +compat/b32_ntop.lo compat/b32_ntop.o: $(srcdir)/compat/b32_ntop.c ldns/config.h +compat/b32_pton.lo compat/b32_pton.o: $(srcdir)/compat/b32_pton.c ldns/config.h +compat/b64_ntop.lo compat/b64_ntop.o: $(srcdir)/compat/b64_ntop.c ldns/config.h +compat/b64_pton.lo compat/b64_pton.o: $(srcdir)/compat/b64_pton.c ldns/config.h +compat/calloc.lo compat/calloc.o: $(srcdir)/compat/calloc.c ldns/config.h +compat/ctime_r.lo compat/ctime_r.o: $(srcdir)/compat/ctime_r.c ldns/config.h +compat/fake-rfc2553.lo compat/fake-rfc2553.o: $(srcdir)/compat/fake-rfc2553.c ldns/config.h ldns/common.h \ $(srcdir)/compat/fake-rfc2553.h -compat/gmtime_r.lo compat/gmtime_r.o: $(srcdir)/compat/gmtime_r.c -compat/inet_aton.lo compat/inet_aton.o: $(srcdir)/compat/inet_aton.c \ - -compat/inet_ntop.lo compat/inet_ntop.o: $(srcdir)/compat/inet_ntop.c \ - -compat/inet_pton.lo compat/inet_pton.o: $(srcdir)/compat/inet_pton.c \ - -compat/isascii.lo compat/isascii.o: $(srcdir)/compat/isascii.c -compat/isblank.lo compat/isblank.o: $(srcdir)/compat/isblank.c -compat/localtime_r.lo compat/localtime_r.o: $(srcdir)/compat/localtime_r.c \ - -compat/malloc.lo compat/malloc.o: $(srcdir)/compat/malloc.c -compat/memmove.lo compat/memmove.o: $(srcdir)/compat/memmove.c -compat/realloc.lo compat/realloc.o: $(srcdir)/compat/realloc.c -compat/snprintf.lo compat/snprintf.o: $(srcdir)/compat/snprintf.c -compat/strlcpy.lo compat/strlcpy.o: $(srcdir)/compat/strlcpy.c -compat/timegm.lo compat/timegm.o: $(srcdir)/compat/timegm.c -examples/ldns-chaos.lo examples/ldns-chaos.o: $(srcdir)/examples/ldns-chaos.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -examples/ldns-compare-zones.lo examples/ldns-compare-zones.o: $(srcdir)/examples/ldns-compare-zones.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -examples/ldnsd.lo examples/ldnsd.o: $(srcdir)/examples/ldnsd.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -examples/ldns-dpa.lo examples/ldns-dpa.o: $(srcdir)/examples/ldns-dpa.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ +compat/gmtime_r.lo compat/gmtime_r.o: $(srcdir)/compat/gmtime_r.c ldns/config.h +compat/inet_aton.lo compat/inet_aton.o: $(srcdir)/compat/inet_aton.c ldns/config.h +compat/inet_ntop.lo compat/inet_ntop.o: $(srcdir)/compat/inet_ntop.c ldns/config.h +compat/inet_pton.lo compat/inet_pton.o: $(srcdir)/compat/inet_pton.c ldns/config.h +compat/isascii.lo compat/isascii.o: $(srcdir)/compat/isascii.c ldns/config.h +compat/isblank.lo compat/isblank.o: $(srcdir)/compat/isblank.c ldns/config.h +compat/localtime_r.lo compat/localtime_r.o: $(srcdir)/compat/localtime_r.c ldns/config.h +compat/malloc.lo compat/malloc.o: $(srcdir)/compat/malloc.c ldns/config.h +compat/memmove.lo compat/memmove.o: $(srcdir)/compat/memmove.c ldns/config.h +compat/realloc.lo compat/realloc.o: $(srcdir)/compat/realloc.c ldns/config.h +compat/snprintf.lo compat/snprintf.o: $(srcdir)/compat/snprintf.c ldns/config.h +compat/strlcpy.lo compat/strlcpy.o: $(srcdir)/compat/strlcpy.c ldns/config.h +compat/timegm.lo compat/timegm.o: $(srcdir)/compat/timegm.c ldns/config.h +examples/ldns-chaos.lo examples/ldns-chaos.o: $(srcdir)/examples/ldns-chaos.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ + ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ + $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h \ + $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ + $(srcdir)/ldns/sha2.h +examples/ldns-compare-zones.lo examples/ldns-compare-zones.o: $(srcdir)/examples/ldns-compare-zones.c ldns/config.h $(srcdir)/ldns/ldns.h \ + ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h \ + $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h \ + $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ + $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ + $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ + $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ + $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h +examples/ldns-dane.lo examples/ldns-dane.o: $(srcdir)/examples/ldns-dane.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ + ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ + $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h \ + $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ + $(srcdir)/ldns/sha2.h +examples/ldnsd.lo examples/ldnsd.o: $(srcdir)/examples/ldnsd.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ + $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ + $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h \ + $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ + $(srcdir)/ldns/sha2.h +examples/ldns-dpa.lo examples/ldns-dpa.o: $(srcdir)/examples/ldns-dpa.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ + ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ + $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h \ + $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ $(srcdir)/ldns/sha2.h $(srcdir)/examples/ldns-dpa.h -examples/ldns-gen-zone.lo examples/ldns-gen-zone.o: $(srcdir)/examples/ldns-gen-zone.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ +examples/ldns-gen-zone.lo examples/ldns-gen-zone.o: $(srcdir)/examples/ldns-gen-zone.c ldns/config.h $(srcdir)/ldns/ldns.h \ + ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h \ + $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ + $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ + $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h +examples/ldns-key2ds.lo examples/ldns-key2ds.o: $(srcdir)/examples/ldns-key2ds.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ + ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ + $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h \ + $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ $(srcdir)/ldns/sha2.h -examples/ldns-key2ds.lo examples/ldns-key2ds.o: $(srcdir)/examples/ldns-key2ds.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ +examples/ldns-keyfetcher.lo examples/ldns-keyfetcher.o: $(srcdir)/examples/ldns-keyfetcher.c ldns/config.h $(srcdir)/ldns/ldns.h \ + ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h \ + $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ + $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ + $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h +examples/ldns-keygen.lo examples/ldns-keygen.o: $(srcdir)/examples/ldns-keygen.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ + ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ + $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h \ + $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ $(srcdir)/ldns/sha2.h -examples/ldns-keyfetcher.lo examples/ldns-keyfetcher.o: $(srcdir)/examples/ldns-keyfetcher.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -examples/ldns-keygen.lo examples/ldns-keygen.o: $(srcdir)/examples/ldns-keygen.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -examples/ldns-mx.lo examples/ldns-mx.o: $(srcdir)/examples/ldns-mx.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -examples/ldns-notify.lo examples/ldns-notify.o: $(srcdir)/examples/ldns-notify.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -examples/ldns-nsec3-hash.lo examples/ldns-nsec3-hash.o: $(srcdir)/examples/ldns-nsec3-hash.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -examples/ldns-read-zone.lo examples/ldns-read-zone.o: $(srcdir)/examples/ldns-read-zone.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ +examples/ldns-mx.lo examples/ldns-mx.o: $(srcdir)/examples/ldns-mx.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ + ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ + $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h \ + $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ $(srcdir)/ldns/sha2.h -examples/ldns-resolver.lo examples/ldns-resolver.o: $(srcdir)/examples/ldns-resolver.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ +examples/ldns-notify.lo examples/ldns-notify.o: $(srcdir)/examples/ldns-notify.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ + ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ + $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h \ + $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ $(srcdir)/ldns/sha2.h -examples/ldns-revoke.lo examples/ldns-revoke.o: $(srcdir)/examples/ldns-revoke.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ +examples/ldns-nsec3-hash.lo examples/ldns-nsec3-hash.o: $(srcdir)/examples/ldns-nsec3-hash.c ldns/config.h $(srcdir)/ldns/ldns.h \ + ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h \ + $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -examples/ldns-rrsig.lo examples/ldns-rrsig.o: $(srcdir)/examples/ldns-rrsig.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ + $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ + $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ + $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h +examples/ldns-read-zone.lo examples/ldns-read-zone.o: $(srcdir)/examples/ldns-read-zone.c ldns/config.h $(srcdir)/ldns/ldns.h \ + ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h \ + $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -examples/ldns-signzone.lo examples/ldns-signzone.o: $(srcdir)/examples/ldns-signzone.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ + $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ + $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ + $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h +examples/ldns-resolver.lo examples/ldns-resolver.o: $(srcdir)/examples/ldns-resolver.c ldns/config.h $(srcdir)/ldns/ldns.h \ + ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h \ + $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ + $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ + $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h +examples/ldns-revoke.lo examples/ldns-revoke.o: $(srcdir)/examples/ldns-revoke.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ + ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ + $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h \ + $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ $(srcdir)/ldns/sha2.h -examples/ldns-test-edns.lo examples/ldns-test-edns.o: $(srcdir)/examples/ldns-test-edns.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ +examples/ldns-rrsig.lo examples/ldns-rrsig.o: $(srcdir)/examples/ldns-rrsig.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ + ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ + $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h \ + $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ $(srcdir)/ldns/sha2.h -examples/ldns-testns.lo examples/ldns-testns.o: $(srcdir)/examples/ldns-testns.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ +examples/ldns-signzone.lo examples/ldns-signzone.o: $(srcdir)/examples/ldns-signzone.c ldns/config.h $(srcdir)/ldns/ldns.h \ + ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h \ + $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h $(srcdir)/examples/ldns-testpkts.h -examples/ldns-testpkts.lo examples/ldns-testpkts.o: $(srcdir)/examples/ldns-testpkts.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ + $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ + $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ + $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h +examples/ldns-test-edns.lo examples/ldns-test-edns.o: $(srcdir)/examples/ldns-test-edns.c ldns/config.h $(srcdir)/ldns/ldns.h \ + ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h \ + $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ + $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ + $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h +examples/ldns-testns.lo examples/ldns-testns.o: $(srcdir)/examples/ldns-testns.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ + ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ + $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h \ + $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ $(srcdir)/ldns/sha2.h $(srcdir)/examples/ldns-testpkts.h -examples/ldns-update.lo examples/ldns-update.o: $(srcdir)/examples/ldns-update.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -examples/ldns-verify-zone.lo examples/ldns-verify-zone.o: $(srcdir)/examples/ldns-verify-zone.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -examples/ldns-version.lo examples/ldns-version.o: $(srcdir)/examples/ldns-version.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -examples/ldns-walk.lo examples/ldns-walk.o: $(srcdir)/examples/ldns-walk.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -examples/ldns-zcat.lo examples/ldns-zcat.o: $(srcdir)/examples/ldns-zcat.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -examples/ldns-zsplit.lo examples/ldns-zsplit.o: $(srcdir)/examples/ldns-zsplit.c \ - $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -drill/chasetrace.lo drill/chasetrace.o: $(srcdir)/drill/chasetrace.c $(srcdir)/drill/drill.h \ - $(srcdir)/drill/drill_util.h $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -drill/dnssec.lo drill/dnssec.o: $(srcdir)/drill/dnssec.c $(srcdir)/drill/drill.h \ - $(srcdir)/drill/drill_util.h $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -drill/drill.lo drill/drill.o: $(srcdir)/drill/drill.c $(srcdir)/drill/drill.h \ - $(srcdir)/drill/drill_util.h $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -drill/drill_util.lo drill/drill_util.o: $(srcdir)/drill/drill_util.c $(srcdir)/drill/drill.h \ - $(srcdir)/drill/drill_util.h $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -drill/error.lo drill/error.o: $(srcdir)/drill/error.c $(srcdir)/drill/drill.h \ - $(srcdir)/drill/drill_util.h $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -drill/root.lo drill/root.o: $(srcdir)/drill/root.c $(srcdir)/drill/drill.h \ - $(srcdir)/drill/drill_util.h $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -drill/securetrace.lo drill/securetrace.o: $(srcdir)/drill/securetrace.c $(srcdir)/drill/drill.h \ - $(srcdir)/drill/drill_util.h $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h -drill/work.lo drill/work.o: $(srcdir)/drill/work.c $(srcdir)/drill/drill.h \ - $(srcdir)/drill/drill_util.h $(srcdir)/ldns/ldns.h \ - $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ - $(srcdir)/ldns/dname.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/rr.h \ - $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ - $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ - $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ - $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ - $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ - $(srcdir)/ldns/sha2.h +examples/ldns-testpkts.lo examples/ldns-testpkts.o: $(srcdir)/examples/ldns-testpkts.c ldns/config.h $(srcdir)/ldns/ldns.h \ + ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h \ + $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h \ + $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ + $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ + $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ + $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ + $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h $(srcdir)/examples/ldns-testpkts.h +examples/ldns-update.lo examples/ldns-update.o: $(srcdir)/examples/ldns-update.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ + ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ + $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h \ + $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ + $(srcdir)/ldns/sha2.h +examples/ldns-verify-zone.lo examples/ldns-verify-zone.o: $(srcdir)/examples/ldns-verify-zone.c ldns/config.h $(srcdir)/ldns/ldns.h \ + ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h \ + $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h \ + $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ + $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ + $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ + $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ + $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h +examples/ldns-version.lo examples/ldns-version.o: $(srcdir)/examples/ldns-version.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ + ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ + $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h \ + $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ + $(srcdir)/ldns/sha2.h +examples/ldns-walk.lo examples/ldns-walk.o: $(srcdir)/examples/ldns-walk.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ + ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ + $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h \ + $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ + $(srcdir)/ldns/sha2.h +examples/ldns-zcat.lo examples/ldns-zcat.o: $(srcdir)/examples/ldns-zcat.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ + ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ + $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h \ + $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ + $(srcdir)/ldns/sha2.h +examples/ldns-zsplit.lo examples/ldns-zsplit.o: $(srcdir)/examples/ldns-zsplit.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ + ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ + $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h \ + $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ + $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ + $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ + $(srcdir)/ldns/sha2.h +drill/chasetrace.lo drill/chasetrace.o: $(srcdir)/drill/chasetrace.c $(srcdir)/drill/drill.h ldns/config.h \ + $(srcdir)/drill/drill_util.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h \ + $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h \ + $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h \ + $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h \ + $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h \ + $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ + $(srcdir)/ldns/sha2.h +drill/dnssec.lo drill/dnssec.o: $(srcdir)/drill/dnssec.c $(srcdir)/drill/drill.h ldns/config.h $(srcdir)/drill/drill_util.h \ + $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ + $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h \ + $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h \ + $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h \ + $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ + ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h \ + $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h +drill/drill.lo drill/drill.o: $(srcdir)/drill/drill.c $(srcdir)/drill/drill.h ldns/config.h $(srcdir)/drill/drill_util.h \ + $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ + $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h \ + $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h \ + $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h \ + $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ + ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h \ + $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h +drill/drill_util.lo drill/drill_util.o: $(srcdir)/drill/drill_util.c $(srcdir)/drill/drill.h ldns/config.h \ + $(srcdir)/drill/drill_util.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h \ + $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h \ + $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h \ + $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h \ + $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h \ + $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ + $(srcdir)/ldns/sha2.h +drill/error.lo drill/error.o: $(srcdir)/drill/error.c $(srcdir)/drill/drill.h ldns/config.h $(srcdir)/drill/drill_util.h \ + $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ + $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h \ + $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h \ + $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h \ + $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ + ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h \ + $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h +drill/root.lo drill/root.o: $(srcdir)/drill/root.c $(srcdir)/drill/drill.h ldns/config.h $(srcdir)/drill/drill_util.h \ + $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ + $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h \ + $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h \ + $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h \ + $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ + ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h \ + $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h +drill/securetrace.lo drill/securetrace.o: $(srcdir)/drill/securetrace.c $(srcdir)/drill/drill.h ldns/config.h \ + $(srcdir)/drill/drill_util.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h \ + $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h \ + $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h \ + $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h \ + $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h \ + $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ + $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h \ + $(srcdir)/ldns/sha2.h +drill/work.lo drill/work.o: $(srcdir)/drill/work.c $(srcdir)/drill/drill.h ldns/config.h $(srcdir)/drill/drill_util.h \ + $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ + $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h \ + $(srcdir)/ldns/packet.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h \ + $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h \ + $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ + ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h \ + $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h examples/ldns-chaos: examples/ldns-chaos.lo examples/ldns-chaos.o $(LIB) examples/ldns-compare-zones: examples/ldns-compare-zones.lo examples/ldns-compare-zones.o $(LIB) examples/ldnsd: examples/ldnsd.lo examples/ldnsd.o $(LIB) @@ -1091,6 +1003,7 @@ examples/ldns-walk: examples/ldns-walk.lo examples/ldns-walk.o $(LIB) examples/ldns-zcat: examples/ldns-zcat.lo examples/ldns-zcat.o $(LIB) examples/ldns-zsplit: examples/ldns-zsplit.lo examples/ldns-zsplit.o $(LIB) examples/ldns-dpa: examples/ldns-dpa.lo examples/ldns-dpa.o $(LIB) +examples/ldns-dane: examples/ldns-dane.lo examples/ldns-dane.o $(LIB) examples/ldns-nsec3-hash: examples/ldns-nsec3-hash.lo examples/ldns-nsec3-hash.o $(LIB) examples/ldns-revoke: examples/ldns-revoke.lo examples/ldns-revoke.o $(LIB) examples/ldns-signzone: examples/ldns-signzone.lo examples/ldns-signzone.o $(LIB) @@ -140,7 +140,8 @@ ldns_buffer_free(ldns_buffer *buffer) return; } - LDNS_FREE(buffer->_data); + if (!buffer->_fixed) + LDNS_FREE(buffer->_data); LDNS_FREE(buffer); } diff --git a/configure b/configure index 369365621029..be312d1e3f16 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for ldns 1.6.13. +# Generated by GNU Autoconf 2.68 for ldns 1.6.16. # # Report bugs to <libdns@nlnetlabs.nl>. # @@ -570,8 +570,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='ldns' PACKAGE_TARNAME='libdns' -PACKAGE_VERSION='1.6.13' -PACKAGE_STRING='ldns 1.6.13' +PACKAGE_VERSION='1.6.16' +PACKAGE_STRING='ldns 1.6.16' PACKAGE_BUGREPORT='libdns@nlnetlabs.nl' PACKAGE_URL='' @@ -613,17 +613,23 @@ ac_includes_default="\ #endif" ac_subst_vars='LTLIBOBJS +CONFIG_FILES ldns_build_config_have_attr_unused ldns_build_config_have_attr_format ldns_build_config_have_ssl +DEFAULT_CAPATH +DEFAULT_CAFILE +LDNS_TRUST_ANCHOR_FILE WINDRES LIBOBJS +ldns_build_config_have_socklen_t LIBPCAP_LIBS include_unistd_h include_systypes_h include_inttypes_h ldns_build_config_have_inttypes_h include_sys_socket_h +LIBSSL_SSL_LIBS LIBSSL_LIBS LIBSSL_LDFLAGS LIBSSL_CPPFLAGS @@ -767,6 +773,9 @@ enable_sha2 enable_gost enable_ecdsa enable_rpath +with_trust_anchor +with_ca_file +with_ca_path ' ac_precious_vars='build_alias host_alias @@ -1320,7 +1329,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures ldns 1.6.13 to adapt to many kinds of systems. +\`configure' configures ldns 1.6.16 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1385,7 +1394,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of ldns 1.6.13:";; + short | recursive ) echo "Configuration of ldns 1.6.16:";; esac cat <<\_ACEOF @@ -1421,6 +1430,12 @@ Optional Packages: --with-ssl=pathname enable SSL (will check /usr/local/ssl /usr/lib/ssl /usr/ssl /usr/pkg /usr/local /opt/local /usr/sfw /usr) + --with-trust-anchor=KEYFILE + Default location of the trust anchor file for drill + and ldns-dane. [default=SYSCONFDIR/unbound/root.key] + --with-ca-file=CAFILE File containing CA certificates for ldns-dane + --with-ca-path=CAPATH Directory containing CA certificate files for + ldns-dane Some influential environment variables: CC C compiler command @@ -1502,7 +1517,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -ldns configure 1.6.13 +ldns configure 1.6.16 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -2206,7 +2221,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by ldns $as_me 1.6.13, which was +It was created by ldns $as_me 1.6.16, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -2556,13 +2571,13 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu # needed to build correct soname -LIBTOOL_VERSION_INFO=1:6:13 +LIBTOOL_VERSION_INFO=1:6:16 LDNS_VERSION_MAJOR=1 LDNS_VERSION_MINOR=6 -LDNS_VERSION_MICRO=13 +LDNS_VERSION_MICRO=16 OURCPPFLAGS='' @@ -4684,6 +4699,7 @@ ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu +if test "x$CFLAGS" = "x" ; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC supports -g" >&5 @@ -4707,7 +4723,7 @@ if eval "test \"`echo '$cv_prog_cc_flag_'$cache`\" = yes"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } : -CFLAGS="-g $CFLAGS" +CFLAGS="-g" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } @@ -4746,6 +4762,7 @@ $as_echo "no" >&6; } fi +fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC supports -Wall" >&5 @@ -5931,6 +5948,7 @@ This does not work with the --with-drill option. Please remove the config.h from the drill subdirectory or do not use the --with-drill option." "$LINENO" 5 fi + DRILL_CONFIG=" drill/drill.1" else DRILL="" @@ -5942,6 +5960,7 @@ else LINT_DRILL="" + DRILL_CONFIG="" fi @@ -5971,6 +5990,7 @@ This does not work with the --with-examples option. Please remove the config.h from the examples subdirectory or do not use the --with-examples option." "$LINENO" 5 fi + EXAMPLES_CONFIG=" examples/ldns-dane.1 examples/ldns-verify-zone.1" else EXAMPLES="" @@ -5982,6 +6002,7 @@ else LINT_EXAMPLES="" + EXAMPLES_CONFIG="" fi # add option to disable installation of ldns-config script @@ -6981,7 +7002,6 @@ else fi - # Use libtool # skip these tests, we do not need them. @@ -14706,6 +14726,10 @@ esac +if test "x$HAVE_SSL" = "xyes"; then +LIBSSL_SSL_LIBS="$LIBSSL_LIBS -lssl" + +fi CPPFLAGS=$tmp_CPPFLAGS LDFLAGS=$tmp_LDFLAGS LIBS=$tmp_LIBS @@ -15452,6 +15476,13 @@ $as_echo "#define socklen_t int" >>confdefs.h fi +if test "x$ac_cv_type_socklen_t" = xyes; then + ldns_build_config_have_socklen_t=1 + +else + ldns_build_config_have_socklen_t=0 + +fi ac_fn_c_check_type "$LINENO" "size_t" "ac_cv_type_size_t" "$ac_includes_default" if test "x$ac_cv_type_size_t" = xyes; then : @@ -16514,6 +16545,91 @@ $as_echo "#define SYSCONFDIR sysconfdir" >>confdefs.h +# Check whether --with-trust-anchor was given. +if test "${with_trust_anchor+set}" = set; then : + withval=$with_trust_anchor; + LDNS_TRUST_ANCHOR_FILE="$withval" + +else + + if test "x$LDNS_TRUST_ANCHOR_FILE" = "x"; then + if test "x$sysconfdir" = 'x${prefix}/etc' ; then + if test "x$prefix" = 'xNONE' ; then + LDNS_TRUST_ANCHOR_FILE="/etc/unbound/root.key" + else + LDNS_TRUST_ANCHOR_FILE="${prefix}/etc/unbound/root.key" + fi + else + LDNS_TRUST_ANCHOR_FILE="${sysconfdir}/unbound/root.key" + fi + fi + +fi + + +cat >>confdefs.h <<_ACEOF +#define LDNS_TRUST_ANCHOR_FILE "$LDNS_TRUST_ANCHOR_FILE" +_ACEOF + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: Default trust anchor: $LDNS_TRUST_ANCHOR_FILE" >&5 +$as_echo "$as_me: Default trust anchor: $LDNS_TRUST_ANCHOR_FILE" >&6;} + + +# Check whether --with-ca-file was given. +if test "${with_ca_file+set}" = set; then : + withval=$with_ca_file; + +$as_echo "#define HAVE_DANE_CA_FILE 1" >>confdefs.h + + +cat >>confdefs.h <<_ACEOF +#define LDNS_DANE_CA_FILE "$withval" +_ACEOF + + { $as_echo "$as_me:${as_lineno-$LINENO}: Using CAfile: $withval" >&5 +$as_echo "$as_me: Using CAfile: $withval" >&6;} + DEFAULT_CAFILE="Default is $withval" + + +else + + +$as_echo "#define HAVE_DANE_CA_FILE 0" >>confdefs.h + + + +fi + + + +# Check whether --with-ca-path was given. +if test "${with_ca_path+set}" = set; then : + withval=$with_ca_path; + +$as_echo "#define HAVE_DANE_CA_PATH 1" >>confdefs.h + + +cat >>confdefs.h <<_ACEOF +#define LDNS_DANE_CA_PATH "$withval" +_ACEOF + + { $as_echo "$as_me:${as_lineno-$LINENO}: Using CApath: $withval" >&5 +$as_echo "$as_me: Using CApath: $withval" >&6;} + DEFAULT_CAPATH="Default is $withval" + + +else + + +$as_echo "#define HAVE_DANE_CA_PATH 0" >>confdefs.h + + + +fi + + + @@ -16539,7 +16655,9 @@ else fi -ac_config_files="$ac_config_files Makefile ldns/common.h ldns/net.h ldns/util.h packaging/libldns.pc packaging/ldns-config" +CONFIG_FILES="Makefile ldns/common.h ldns/net.h ldns/util.h packaging/libldns.pc packaging/ldns-config $DRILL_CONFIG $EXAMPLES_CONFIG" + +ac_config_files="$ac_config_files $CONFIG_FILES" ac_config_headers="$ac_config_headers ldns/config.h" @@ -17063,7 +17181,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by ldns $as_me 1.6.13, which was +This file was extended by ldns $as_me 1.6.16, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -17129,7 +17247,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -ldns config.status 1.6.13 +ldns config.status 1.6.16 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" @@ -17534,12 +17652,7 @@ do case $ac_config_target in "libtool") CONFIG_COMMANDS="$CONFIG_COMMANDS libtool" ;; "disable-rpath") CONFIG_COMMANDS="$CONFIG_COMMANDS disable-rpath" ;; - "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;; - "ldns/common.h") CONFIG_FILES="$CONFIG_FILES ldns/common.h" ;; - "ldns/net.h") CONFIG_FILES="$CONFIG_FILES ldns/net.h" ;; - "ldns/util.h") CONFIG_FILES="$CONFIG_FILES ldns/util.h" ;; - "packaging/libldns.pc") CONFIG_FILES="$CONFIG_FILES packaging/libldns.pc" ;; - "packaging/ldns-config") CONFIG_FILES="$CONFIG_FILES packaging/ldns-config" ;; + "$CONFIG_FILES") CONFIG_FILES="$CONFIG_FILES $CONFIG_FILES" ;; "ldns/config.h") CONFIG_HEADERS="$CONFIG_HEADERS ldns/config.h" ;; *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; diff --git a/configure.ac b/configure.ac index 500e8e674150..fae43271960a 100644 --- a/configure.ac +++ b/configure.ac @@ -6,7 +6,7 @@ sinclude(acx_nlnetlabs.m4) # must be numbers. ac_defun because of later processing. m4_define([VERSION_MAJOR],[1]) m4_define([VERSION_MINOR],[6]) -m4_define([VERSION_MICRO],[13]) +m4_define([VERSION_MICRO],[16]) AC_INIT(ldns, m4_defn([VERSION_MAJOR]).m4_defn([VERSION_MINOR]).m4_defn([VERSION_MICRO]), libdns@nlnetlabs.nl, libdns) AC_CONFIG_SRCDIR([packet.c]) # needed to build correct soname @@ -63,8 +63,10 @@ COPY_FILES($srcdir/$1/*.h, $2) # Checks for typedefs, structures, and compiler characteristics. AC_C_CONST AC_LANG_C -ACX_CHECK_COMPILER_FLAG(g, [CFLAGS="-g $CFLAGS"]) +if test "x$CFLAGS" = "x" ; then +ACX_CHECK_COMPILER_FLAG(g, [CFLAGS="-g"]) ACX_CHECK_COMPILER_FLAG(O2, [CFLAGS="-O2 $CFLAGS"]) +fi ACX_CHECK_COMPILER_FLAG(Wall, [CFLAGS="-Wall $CFLAGS"]) ACX_CHECK_COMPILER_FLAG(W, [CFLAGS="-W $CFLAGS"]) ACX_CHECK_COMPILER_FLAG(Wwrite-strings, [CFLAGS="-Wwrite-strings $CFLAGS"]) @@ -112,12 +114,14 @@ This does not work with the --with-drill option. Please remove the config.h from the drill subdirectory or do not use the --with-drill option.]) fi + DRILL_CONFIG=" drill/drill.1" else AC_SUBST(DRILL,[""]) AC_SUBST(INSTALL_DRILL,[""]) AC_SUBST(UNINSTALL_DRILL,[""]) AC_SUBST(CLEAN_DRILL,[""]) AC_SUBST(LINT_DRILL,[""]) + DRILL_CONFIG="" fi @@ -137,12 +141,14 @@ This does not work with the --with-examples option. Please remove the config.h from the examples subdirectory or do not use the --with-examples option.]) fi + EXAMPLES_CONFIG=" examples/ldns-dane.1 examples/ldns-verify-zone.1" else AC_SUBST(EXAMPLES,[""]) AC_SUBST(INSTALL_EXAMPLES,[""]) AC_SUBST(UNINSTALL_EXAMPLES,[""]) AC_SUBST(CLEAN_EXAMPLES,[""]) AC_SUBST(LINT_EXAMPLES,[""]) + EXAMPLES_CONFIG="" fi # add option to disable installation of ldns-config script @@ -249,7 +255,6 @@ else AC_SUBST(PYLDNSXUNINST, "") fi - # Use libtool ACX_LIBTOOL_C_ONLY @@ -318,6 +323,9 @@ esac AC_SUBST(LIBSSL_CPPFLAGS) AC_SUBST(LIBSSL_LDFLAGS) AC_SUBST(LIBSSL_LIBS) +if test "x$HAVE_SSL" = "xyes"; then +AC_SUBST(LIBSSL_SSL_LIBS, ["$LIBSSL_LIBS -lssl"]) +fi CPPFLAGS=$tmp_CPPFLAGS LDFLAGS=$tmp_LDFLAGS LIBS=$tmp_LIBS @@ -444,6 +452,11 @@ AC_INCLUDES_DEFAULT fi ACX_TYPE_SOCKLEN_T +if test "x$ac_cv_type_socklen_t" = xyes; then + AC_SUBST(ldns_build_config_have_socklen_t, 1) +else + AC_SUBST(ldns_build_config_have_socklen_t, 0) +fi AC_TYPE_SIZE_T AC_TYPE_SSIZE_T AC_TYPE_INTPTR_T @@ -507,6 +520,45 @@ fi AC_DEFINE([SYSCONFDIR], [sysconfdir], [System configuration dir]) +AC_ARG_WITH(trust-anchor, AC_HELP_STRING([--with-trust-anchor=KEYFILE], [Default location of the trust anchor file for drill and ldns-dane. [default=SYSCONFDIR/unbound/root.key]]), [ + LDNS_TRUST_ANCHOR_FILE="$withval" +],[ + if test "x$LDNS_TRUST_ANCHOR_FILE" = "x"; then + if test "x$sysconfdir" = 'x${prefix}/etc' ; then + if test "x$prefix" = 'xNONE' ; then + LDNS_TRUST_ANCHOR_FILE="/etc/unbound/root.key" + else + LDNS_TRUST_ANCHOR_FILE="${prefix}/etc/unbound/root.key" + fi + else + LDNS_TRUST_ANCHOR_FILE="${sysconfdir}/unbound/root.key" + fi + fi +]) +AC_DEFINE_UNQUOTED([LDNS_TRUST_ANCHOR_FILE], ["$LDNS_TRUST_ANCHOR_FILE"], [Default trust anchor file]) +AC_SUBST(LDNS_TRUST_ANCHOR_FILE) +AC_MSG_NOTICE([Default trust anchor: $LDNS_TRUST_ANCHOR_FILE]) + +AC_ARG_WITH(ca-file, AC_HELP_STRING([--with-ca-file=CAFILE], [File containing CA certificates for ldns-dane]), [ + AC_DEFINE([HAVE_DANE_CA_FILE], [1], [Is a CAFILE given at configure time]) + AC_DEFINE_UNQUOTED([LDNS_DANE_CA_FILE], ["$withval"], [Is a CAFILE given at configure time]) + AC_MSG_NOTICE([Using CAfile: $withval]) + AC_SUBST(DEFAULT_CAFILE, ["Default is $withval"]) +],[ + AC_DEFINE([HAVE_DANE_CA_FILE], [0], [Is a CAFILE given at configure time]) + AC_SUBST(DEFAULT_CAFILE, []) +]) + +AC_ARG_WITH(ca-path, AC_HELP_STRING([--with-ca-path=CAPATH], [Directory containing CA certificate files for ldns-dane]), [ + AC_DEFINE([HAVE_DANE_CA_PATH], [1], [Is a CAPATH given at configure time]) + AC_DEFINE_UNQUOTED([LDNS_DANE_CA_PATH], ["$withval"], [Is a CAPATH given at configure time]) + AC_MSG_NOTICE([Using CApath: $withval]) + AC_SUBST(DEFAULT_CAPATH, ["Default is $withval"]) +],[ + AC_DEFINE([HAVE_DANE_CA_PATH], [0], [Is a CAPATH given at configure time]) + AC_SUBST(DEFAULT_CAPATH, []) +]) + AH_BOTTOM([ #include <stdio.h> #include <string.h> @@ -663,7 +715,9 @@ else AC_SUBST(ldns_build_config_have_attr_unused, 0) fi -AC_CONFIG_FILES([Makefile ldns/common.h ldns/net.h ldns/util.h packaging/libldns.pc packaging/ldns-config]) +CONFIG_FILES="Makefile ldns/common.h ldns/net.h ldns/util.h packaging/libldns.pc packaging/ldns-config $DRILL_CONFIG $EXAMPLES_CONFIG" +AC_SUBST(CONFIG_FILES) +AC_CONFIG_FILES([$CONFIG_FILES]) AC_CONFIG_HEADER([ldns/config.h]) AC_OUTPUT diff --git a/contrib/python/Changelog b/contrib/python/Changelog new file mode 100644 index 000000000000..aaa57e13692b --- /dev/null +++ b/contrib/python/Changelog @@ -0,0 +1,66 @@ +1.6.16 2012-11-13 + * Fix typo in ldns_struct_pkt.opcode2str + +1.6.14 2012-10-23 + * Added rich comparison methods for ldns_dname, ldns_rdf, ldns_rr and + ldns_rr_list classes. + * Added deprecation warnings into ldns_rr.new_frm_fp() and + ldns_rr.new_frm_fp_l() and others. + * Fixed ldns_rr.set_rdf(), which may cause memory leaks, because it + returns new objects (in the scope of Python). Also it leaked memory, + when the call was not successful. + * Fixed ldns_get_rr_list_hosts_frm_file, marked as newobject. + * Fixed ldns_rr_list.cat() to return bool as mentioned in documentation. + * Fixed ldns_rr_list_cat_clone, marked as newobject. + * Fixed ldns_rr_list.new_frm_file(). Exception argument was invalid. + * Fixed ldns_rr_list.push_rr() to return bool as mentioned in + documentation. + * Fixed ldns_rr_list.push_rr_list() to return bool as mentioned in + documentation. + * Fixed ldns_rr_list.set_rr(), which caused memory corruption, double free + problems and memory leaks. (The wrapper used original function instead + of its push cloned variant which was missing.) + * Fixed ldns_rr_list.set_rr_count(), added python exception raise in order + to avoid assertion failure. + * Fixed ldns_rr_list.subtype_by_rdf(), marked as newobject. + * Added ldns_rr.to_canonical(), ldns_rr.is_question(), + ldns_rr.type_by_name(), ldns_rr.class_by_name(), ldns_rr_list.new(), + ldns_rr.set_question(). + * Modified ldns_rr_list.owner() and ldns_rr.owner(), now returns ldns_dname. + * Fixed assertion failures for several methods when receiving incorrect but + syntactically valid arguments (i.e., ldns_rr.a_address(), + ldns_rr.dnskey_algorithm(), ldns_rr.dnskey_flags(), + ldns_rr.dnskey_key(), ldns_rr.dnskey_protocol(), + ldns_rr.mx_exchange(), ldns_rr.mx_preference(), ldns_rr.ns_nsdname(), + ldns_rr.owner(), ldns_rr.rdf(), ldns_rr.rrsig_algorithm(), + ldns_rr.rrsig_expiration(), ldns_rr.rrsig_inception(), + ldns_rr.rrsig_keytag(), ldns_rr.rrsig_labels(), ldns_rr.rrsig_origttl(), + ldns_rr.rrsig_sig(), ldns_rr.rrsig_signame(), + ldns_rr.rrsig_typecovered(), ldns_rr_list.owner(), ldns_rr_list.rr()) + * Fixed ldns_rr.a_address(), which was asserting when called + on non A or AAAA type rr. Now returns None when fails. + * Added scripts for testing the basic functionality of the ldns_rr, + ldns_rr_descriptor and ldns_rr_list class code. + * Improved documentation of ldns_rr, ldns_rr_descriptor and ldns_rr_list. + * Fixed automatic conversion from Python string to ldns_rdf and + ldns_dname. Caused memory corruption when using Python 3. + * The Python 3 wrapper code now raises TypeError instead of ValueError + when receiving a non FILE * argument when it should be a FILE *. + * Fixed wrong handling of _ldns_rr_list_free() and + _ldns_rr_list_deep_free() when compiling with LDNS_DEBUG directive. + * Fixed malfunctioning ldns.ldns_rdf_new_frm_fp_l(). + * Fixed malfunctioning ldns_drf.absolute() and ldns_dname.absolute(). + * Marked several functions related to ldns_rdf and ldns_buffer as + returning new objects. + * Method operating on ldns_dnames and returning dname ldns_rdfs now + return ldns_dname instances. + * Improved documentation of ldns_buffer, ldns_rdf and ldns_dname + classes. + * Methods ldns_buffer.available() and ldns_buffer.available_at() now + return bool types as described in the documentation. + * Added scripts for testing the basic functionality of the ldns_buffer, + ldns_rdf, ldns_dname class code. + * Added deprecation warnings to ldns_rdf methods operating on dname + rdfs. The user is encouraged to converts dname ldns_rdfs to + ldns_dnames. + * Extended ldns_dname constructor to accept ldns_rdfs containing dnames. diff --git a/contrib/python/Makefile b/contrib/python/Makefile index c43970509a4e..927685764bbf 100644 --- a/contrib/python/Makefile +++ b/contrib/python/Makefile @@ -28,6 +28,9 @@ # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. + +.PHONY: help clean testenv test doc te bw bw3 sw sw3 + help: @echo "Please use \`make <target>' where <target> is one of" @echo " testenv to make test environment and run bash " @@ -41,27 +44,65 @@ help: _ldns.so: ../../Makefile $(MAKE) -C ../.. -../../.libs/ldns.so.1: ../../Makefile +../../.libs/libldns.so.1: ../../Makefile $(MAKE) -C ../.. clean: - rm -rdf examples/ldns + rm -rf examples/ldns rm -f _ldns.so ldns_wrapper.o $(MAKE) -C ../.. clean testenv: ../../.libs/libldns.so.1 _ldns.so - rm -rdf examples/ldns - cd examples && mkdir ldns && ln -s ../../ldns.py ldns/__init__.py && ln -s ../../_ldns.so ldns/_ldns.so && ln -s ../../../../.libs/libldns.so.1 ldns/libldns.so.1 && ls -la + rm -rf examples/ldns + cd examples && mkdir ldns && ln -s ../../ldns.py ldns/__init__.py && ln -s ../../../../.libs/_ldns.so ldns/_ldns.so && ln -s ../../../../.libs/libldns.so.1 ldns/libldns.so.1 && ls -la @echo "Run a script by typing ./script_name.py" cd examples && LD_LIBRARY_PATH=ldns bash - rm -rdf examples/ldns + rm -rf examples/ldns + +test: ../../.libs/libldns.so.1 _ldns.so examples/test_buffer.py examples/test_rdf.py examples/test_dname.py examples/test_rr.py + @rm -rf examples/ldns + @cd examples && mkdir ldns && ln -s ../../ldns.py ldns/__init__.py && ln -s ../../../../.libs/_ldns.so ldns/_ldns.so && ln -s ../../../../.libs/libldns.so.1 ldns/libldns.so.1 + @cd examples && LD_LIBRARY_PATH=ldns ./test_buffer.py 2>/dev/null + @cd examples && LD_LIBRARY_PATH=ldns ./test_rdf.py 2>/dev/null + @cd examples && LD_LIBRARY_PATH=ldns ./test_dname.py 2>/dev/null + @cd examples && LD_LIBRARY_PATH=ldns ./test_rr.py 2>/dev/null + @rm -rf examples/ldns -doc: ../../.libs/ldns.so.1 _ldns.so +doc: ../../.libs/libldns.so.1 _ldns.so + echo @VERSION_MAJOR@ + rm -f _ldns.so + ln -s ../../.libs/_ldns.so $(MAKE) -C docs html + rm -f _ldns.so + +# For development only: + +# Test environment, does not build the wrapper from dependencies. +te: + rm -rf examples/ldns + cd examples && mkdir ldns && ln -s ../../ldns.py ldns/__init__.py && ln -s ../../../../.libs/_ldns.so ldns/_ldns.so && ln -s ../../../../.libs/libldns.so.1 ldns/libldns.so.1 && ls -la + @echo "Run a script by typing ./script_name.py" + cd examples && LD_LIBRARY_PATH=ldns bash + rm -rf examples/ldns + +# Builds Python 2 wrapper from present wrapper C code. +bw: + gcc -c ldns_wrapper.c -O9 -fPIC -I../.. -I../../ldns -I/usr/include/python2.7 -I. -o ldns_wrapper.o + mkdir -p ../../.libs + ld -shared ldns_wrapper.o -L../../.libs -lldns -o ../../.libs/_ldns.so + +# Builds Python 3 wrapper from present wrapper C code. +bw3: + gcc -c ldns_wrapper.c -O9 -fPIC -I../.. -I../../ldns -I/usr/include/python3.2 -I. -o ldns_wrapper.o + mkdir -p ../../.libs + ld -shared ldns_wrapper.o -L../../.libs -ldns -o ../../.libs/_ldns.so -#for development only -swig: ldns.i - swig -python -py3 -o ldns_wrapper.c -I../.. ldns.i - gcc -c ldns_wrapper.c -O9 -fPIC -I../.. -I../../ldns -I/usr/include/python3.1 -I. -o ldns_wrapper.o - ld -shared ldns_wrapper.o -L../../.libs -lldns -o _ldns.so +# Builds Python 2 wrapper from interface file. +sw: ldns.i + swig -python -o ldns_wrapper.c -I../.. ldns.i + $(MAKE) bw +# Builds Python 3 wrapper from interface file. +sw3: ldns.i + swig -python -py3 -DPY3 -o ldns_wrapper.c -I../.. ldns.i + $(MAKE) bw3 diff --git a/contrib/python/docs/source/conf.py b/contrib/python/docs/source/conf.py index 22b73bcd712d..4d891543b1a3 100644 --- a/contrib/python/docs/source/conf.py +++ b/contrib/python/docs/source/conf.py @@ -43,9 +43,9 @@ copyright = '2009, Karel Slany, Zdenek Vasicek' # other places throughout the built documents. # # The short X.Y version. -version = '1.0' +version = '1.6' # The full version, including alpha/beta/rc tags. -release = '1.0.0' +release = '1.6.16' # There are two options for replacing |today|: either, you set today to some # non-false value, then it is used: diff --git a/contrib/python/docs/source/install.rst b/contrib/python/docs/source/install.rst index b3845b6e21b8..03d0f53facbf 100644 --- a/contrib/python/docs/source/install.rst +++ b/contrib/python/docs/source/install.rst @@ -3,44 +3,70 @@ Installation **Prerequisites** -Python 2.4 or higher, SWIG 1.3 or higher, GNU make +SWIG 1.3 and GNU make are required to build modules for Python 2.4 and higher +(but lower than 3). In order to build modules for Python 3.2 or higher, +SWIG in version 2.0.4 or higher is required. + +Note that Python 3.0 and 3.1 are not supported. + +In order to build this documentation the Sphinx Python documentation generator +is required. **Download** -You can download the source codes `here`_. -The latest release is 1.4.1, Jan 15, 2009. +The lates source codes can be downloaded from `here`_. -.. _here: ldns-1.4.1-py.tar.gz +.. _here: http://nlnetlabs.nl/projects/ldns/ **Compiling** -After downloading, you can compile the library by doing:: +After downloading the source code archive (this example uses +ldns-1.6.13.tar.gz), pyLDNS can be enabled and compiled by typing:: - > tar -xzf ldns-1.4.1-py.tar.gz - > cd ldns-1.4.1 + > tar -xzf ldns-1.6.13.tar.gz + > cd ldns-1.6.13 > ./configure --with-pyldns > make -You need GNU make to compile pyLDNS; SWIG and Python development libraries to compile extension module. +You need GNU make to compile pyLDNS; SWIG and Python development libraries to +compile the extension module. + +**Selecting Target Python Interpreter** + +By default, the pyLDNS module builds for the default Python interpreter (i.e., +the Python interpreter which can be accessed by just typing ``python`` in +the command line). If you desire to build the pyLDNS module for a different +Python version then you must specify the desired Python version by setting +the ``PYTHON_VERSION`` variable during the configure phase:: + > PYTHON_VERSION=3.2 ./configure --with-pyldns + > make + +By default the pyLDNS compiles from sources for a single Python interpreter. +Remember to execute scripts requiring pyLDNS in those Python interpreters which +have pyLDNS installed. **Testing** -If the compilation is successfull, you can test the python LDNS extension module by:: +If the compilation is successful, you can test the python LDNS extension module +by executing the commands:: > cd contrib/python > make testenv > ./ldns-mx.py -This will start a new shell, during which the symbolic links will be working. -When you exit the shell, then symbolic links will be deleted. +Again, remember to use the Python interpreter version which the pyLDNS module +has been compiled with. -In ``contrib/examples`` you can find many simple applications in python which demostrates the capabilities of LDNS library. +The commands will start a new shell, in which several symbolic links will be +set-up. When you exit the shell, then symbolic links will be deleted. + +In ``contrib/python/examples`` several simple Python scripts utilising pyLDNS +can be found. These scripts demonstrate the capabilities of the LDNS library. **Installation** -To install libraries and extension type:: +To install the libraries and it's extensions type:: - > cd ldns-1.4.1 + > cd ldns-1.6.13 > make install - diff --git a/contrib/python/examples/ldns-keygen.py b/contrib/python/examples/ldns-keygen.py index 3ddf41a946e6..71375fce205c 100755 --- a/contrib/python/examples/ldns-keygen.py +++ b/contrib/python/examples/ldns-keygen.py @@ -7,7 +7,7 @@ import ldns algorithm = ldns.LDNS_SIGN_DSA bits = 512 -ldns.ldns_init_random(open("/dev/random","rb"), (bits+7)//8) +ldns.ldns_init_random(open("/dev/urandom","rb"), (bits+7)//8) domain = ldns.ldns_dname("example.") diff --git a/contrib/python/examples/python3/ldns-signzone.py b/contrib/python/examples/python3/ldns-signzone.py new file mode 100755 index 000000000000..cac5d32165b5 --- /dev/null +++ b/contrib/python/examples/python3/ldns-signzone.py @@ -0,0 +1,65 @@ +#!/usr/bin/python +# This example shows how to sign a given zone file with private key + +import ldns +import sys, os, time + +#private key TAG which identifies the private key +#use ldns-keygen.py in order to obtain private key +keytag = 30761 + +# Read zone file +#------------------------------------------------------------- + +zone = ldns.ldns_zone.new_frm_fp(open("zone.txt","r"), None, 0, ldns.LDNS_RR_CLASS_IN) +soa = zone.soa() +origin = soa.owner() + +# Prepare keys +#------------------------------------------------------------- + +#Read private key from file +keyfile = open("key-%s-%d.private" % (origin, keytag), "r"); +key = ldns.ldns_key.new_frm_fp(keyfile) + +#Read public key from file +pubfname = "key-%s-%d.key" % (origin, keytag) +pubkey = None +if os.path.isfile(pubfname): + pubkeyfile = open(pubfname, "r"); + pubkey,_,_,_ = ldns.ldns_rr.new_frm_fp(pubkeyfile) + +if not pubkey: + #Create new public key + pubkey = key.key_to_rr() + +#Set key expiration +key.set_expiration(int(time.time()) + 365*60*60*24) #365 days + +#Set key owner (important step) +key.set_pubkey_owner(origin) + +#Insert DNSKEY RR +zone.push_rr(pubkey) + +# Sign zone +#------------------------------------------------------------- + +#Create keylist and push private key +keys = ldns.ldns_key_list() +keys.push_key(key) + +#Add SOA +signed_zone = ldns.ldns_dnssec_zone() +signed_zone.add_rr(soa) + +#Add RRs +for rr in zone.rrs().rrs(): + print("RR:", str(rr), end=" ") + signed_zone.add_rr(rr) + +added_rrs = ldns.ldns_rr_list() +status = signed_zone.sign(added_rrs, keys) +if (status == ldns.LDNS_STATUS_OK): + signed_zone.print_to_file(open("zone_signed.txt","w")) + diff --git a/contrib/python/examples/test_buffer.py b/contrib/python/examples/test_buffer.py new file mode 100755 index 000000000000..0baf76f6ab02 --- /dev/null +++ b/contrib/python/examples/test_buffer.py @@ -0,0 +1,843 @@ +#!/usr/bin/env python + +# +# ldns_buffer testing script. +# +# Do not use constructs that differ between Python 2 and 3. +# Use write on stdout or stderr. +# + + +import ldns +import sys +import os +import inspect + + +class_name = "ldns_buffer" +method_name = None +error_detected = False + + +def set_error(): + """ + Writes an error message and sets error flag. + """ + global class_name + global method_name + global error_detected + error_detected = True + sys.stderr.write("(line %d): malfunctioning method %s.\n" % \ + (inspect.currentframe().f_back.f_lineno, method_name)) + + +# Buffer creation. +capacity = 1024 + +#if not error_detected: +if True: + method_name = "ldns_buffer.__init__()" + try: + buf = ldns.ldns_buffer(1024) + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.__str__()" + buf.printf("abcedf") + try: + string = buf.__str__() + except: + set_error() + if not isinstance(string, str): + # Should be string. + set_error() + buf.clear() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.at()" + try: + ret = buf.at(512) + except: + set_error() + try: + # Must raise TypeError. + ret = buf.at("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.available()" + try: + ret = buf.available(capacity) + except: + set_error() + if not isinstance(ret, bool): + # Should be bool. + set_error() + if not buf.available(capacity): + # Should return True. + set_error() + if buf.available(capacity + 1): + # Should return False. + set_error() + try: + # Must raise TypeError. + ret = buf.available("") + set_error() + except TypeError: + pass + except: + set_error() +# try: +# # Must raise ValueError. +# ret = buf.available("") +# set_error() +# except ValueError: +# pass +# except: +# set_error() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.available_at()" + try: + ret = buf.available_at(512, capacity - 512) + except: + set_error() + if not isinstance(ret, bool): + # Should be bool. + set_error() + if not buf.available_at(512, capacity - 512): + # Should return True. + set_error() + if buf.available_at(512, capacity - 512 + 1): + # Should return False. + set_error() + try: + # Must raise TypeError. + ret = buf.available_at("", 1) + set_error() + except TypeError: + pass + except: + set_error() + try: + # Must raise TypeError. + ret = buf.available_at(1, "") + set_error() + except TypeError: + pass + except: + set_error() +# try: +# # Must raise ValueError. +# ret = buf.available_at(-1, 512) +# set_error() +# except ValueError: +# pass +# except: +# set_error() +# try: +# # Must raise ValueError. +# ret = buf.available_at(512, -1) +# set_error() +# except ValueError: +# pass +# except: +# set_error() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.begin()" + try: + ret = buf.begin() + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.capacity()" + try: + ret = buf.capacity() + except: + set_error() + if not isinstance(ret, int): + # Should be int. + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.clear()" + try: + buf.clear() + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.copy()" + sys.stderr.write("%s not tested.\n" % (method_name)) +# buf2 = ldns.ldns_buffer(10) +# buf2.printf("abcdef") +# try: +# buf.copy(buf2) +# print buf.capacity() +# print buf2.capacity() +# except: +# set_error() +# buf.printf("2") +# print buf + + +#if not error_detected: +if True: + method_name = "ldns_buffer.current()" + try: + ret = buf.current() + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.end()" + try: + ret = buf.end() + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.export()" + sys.stderr.write("%s not tested.\n" % (method_name)) + + +#if not error_detected: +if True: + mehod_name = "ldns_buffer.flip()" + buf.printf("abcdef") + try: + buf.flip() + except: + set_error() +# if buf.remaining() != capacity: +# # Should be at beginning. +# set_error() + buf.clear() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.getc()" + buf.printf("a") + buf.rewind() + try: + ret = buf.getc() + except: + set_error() + if ret != ord("a"): + set_error() +# Test return value for -1 + buf.clear() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.invariant()" + try: + buf.invariant() + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.limit()" + try: + ret = buf.limit() + except: + set_error() + if ret != capacity: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.position()" + try: + ret = buf.position() + except: + set_error() + if not isinstance(ret, int): + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.printf()" + try: + ret = buf.printf("abcdef") + except: + set_error() + if not isinstance(ret, int): + set_error() + try: + ret = buf.printf(10) + set_error() + except TypeError: + pass + except: + set_error() + buf.clear() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.read()" + sys.stderr.write("%s not tested.\n" % (method_name)) + + +#if not error_detected: +if True: + method_name = "ldns_buffer.read_at()" + sys.stderr.write("%s not tested.\n" % (method_name)) + + +#if not error_detected: +if True: + method_name = "ldns_buffer.read_u16()" + buf.printf("aac") + buf.rewind() + try: + ret = buf.read_u16() + except: + set_error() + if not isinstance(ret, int): + set_error() + if ret != (ord("a") * 0x0101): + set_error() + buf.clear() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.read_u16_at()" + buf.printf("abbc") + try: + ret = buf.read_u16_at(1) + except: + set_error() + if not isinstance(ret, int): + set_error() + if ret != (ord("b") * 0x0101): + set_error() + try: + ret = buf.read_u16_at("") + set_error() + except TypeError: + pass + except: + set_error() +# try: +# ret = buf.read_u16_at(-1) +# set_error() +# except ValueError: +# pass +# except: +# set_error() + buf.clear() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.read_u32()" + buf.printf("aaaac") + buf.rewind() + try: + ret = buf.read_u32() + except: + set_error() + if not isinstance(ret, int): + set_error() + if ret != (ord("a") * 0x01010101): + set_error() + buf.clear() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.read_u32_at()" + buf.printf("abbbbc") + try: + ret = buf.read_u32_at(1) + except: + set_error() + if not isinstance(ret, int): + set_error() + if ret != (ord("b") * 0x01010101): + set_error() + try: + ret = buf.read_u32_at("") + set_error() + except TypeError: + pass + except: + set_error() +# try: +# ret = buf.read_u32_at(-1) +# set_error() +# except ValueError: +# pass +# except: +# set_error() + buf.clear() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.read_u8()" + buf.printf("ac") + buf.rewind() + try: + ret = buf.read_u8() + except: + set_error() + if not isinstance(ret, int): + set_error() + if ret != ord("a"): + set_error() + buf.clear() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.read_u8_at()" + buf.printf("abc") + try: + ret = buf.read_u8_at(1) + except: + set_error() + if not isinstance(ret, int): + set_error() + if ret != ord("b"): + set_error() + try: + ret = buf.read_u8_at("") + set_error() + except TypeError: + pass + except: + set_error() +# try: +# ret = buf.read_u8_at(-1) +# set_error() +# except ValueError: +# pass +# except: +# set_error() + buf.clear() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.remaining()" + buf.printf("abcdef") + try: + ret = buf.remaining() + except: + set_error() + if not isinstance(ret, int): + set_error() + if ret != (capacity - 6): + set_error() + buf.clear() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.remaining_at()" + buf.printf("abcdef") + try: + ret = buf.remaining_at(1) + except: + set_error() + if not isinstance(ret, int): + set_error() + if ret != (capacity - 1): + set_error() + try: + ret = buf.remaining_at("") + set_error() + except TypeError: + pass + except: + set_error() +# try: +# ret = buf.remaining_at(-1) +# set_error() +# except ValueError: +# pass +# except: +# set_error() + buf.clear() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.reserve()" + buf2 = ldns.ldns_buffer(512) + try: + ret = buf2.reserve(1024) + except: + set_error() + if not isinstance(ret, bool): + set_error() + try: + ret = buf2.reserve("") + set_error() + except TypeError: + pass + except: + set_error() +# try: +# ret = buf2.reserve(-1) +# set_error() +# except ValueError: +# pass +# except: +# set_error() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.rewind()" + buf.printf("abcdef") + try: + buf.rewind() + except: + set_error() + if buf.position() != 0: + set_error() + buf.clear() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.set_capacity()" + try: + ret = buf.set_capacity(capacity) + except: + set_error() + if not isinstance(ret, bool): + set_error() + try: + ret = buf.set_capacity("") + set_error() + except TypeError: + pass + except: + set_error() +# try: +# ret = buf.set_capacity(-1) +# set_error() +# except ValueError: +# pass +# except: +# set_error() + buf.clear() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.set_limit()" + try: + buf.set_limit(0) + except: + set_error() + try: + buf.set_limit("") + set_error() + except TypeError: + pass + except: + set_error() +# try: +# buf.set_limit(-1) +# set_error() +# except ValueError: +# pass +# except: +# set_error() + buf.clear() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.set_position()" + try: + buf.set_position(0) + except: + set_error() + try: + buf.set_position("") + except TypeError: + pass + except: + set_error() +# try: +# buf.set_position(-1) +# except ValueError: +# pass +# except: +# set_error() + buf.clear() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.skip()" + try: + buf.skip(10) + except: + set_error() + try: + buf.skip(-1) + except: + set_error() + try: + buf.skip("") + set_error() + except TypeError: + pass + except: + set_error() + buf.clear() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.status()" + try: + ret = buf.status() + except: + set_error() + # Returned status is an integer. + if not isinstance(ret, int): + set_error() + buf.clear() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.status_ok()" + try: + ret = buf.status_ok() + except: + set_error() + if not isinstance(ret, bool): + set_error() + buf.clear() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.write()" + sys.stderr.write("%s not tested.\n" % (method_name)) + + +#if not error_detected: +if True: + method_name = "ldns_buffer.write_at()" + sys.stderr.write("%s not tested.\n" % (method_name)) + + +#if not error_detected: +if True: + method_name = "ldns_buffer.write_string()" + try: + buf.write_string("abcdef") + except: + set_error() +# try: +# buf.write_sring(-1) +# set_error() +# except TypeError: +# pass +# except: +# set_error() + sys.stderr.write("%s not tested for parameter correctness.\n" % \ + (method_name)) + buf.clear() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.write_string_at()" + sys.stderr.write("%s not tested.\n" % (method_name)) + + +#if not error_detected: +if True: + method_name = "ldns_buffer.write_u16()" + try: + buf.write_u16(ord("b") * 0x0101) + except: + set_error() + try: + buf.write_u16("") + set_error() + except TypeError: + pass + except: + set_error() + buf.clear() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.write_u16_at()" + buf.printf("a") + try: + buf.write_u16_at(1, ord("b") * 0x0101) + except: + set_error() + try: + buf.write_u16_at("", ord("b") * 0x0101) + set_error() + except TypeError: + pass + except: + set_error() +# try: +# buf.write_u16_at(-1, ord("b") * 0x0101) +# set_error() +# except ValueError: +# pass +# except: +# set_error() + try: + buf.write_u16_at(1, "") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.write_u32()" + try: + buf.write_u32(ord("b") * 0x01010101) + except: + set_error() + try: + buf.write_u32("") + set_error() + except TypeError: + pass + except: + set_error() + buf.clear() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.write_u32_at()" + buf.printf("a") + try: + buf.write_u32_at(1, ord("b") * 0x01010101) + except: + set_error() + try: + buf.write_u32_at("", ord("b") * 0x01010101) + set_error() + except TypeError: + pass + except: + set_error() +# try: +# buf.write_u32_at(-1, ord("b") * 0x01010101) +# set_error() +# except ValueError: +# pass +# except: +# set_error() + try: + buf.write_u32_at(1, "") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.write_u8()" + try: + buf.write_u8(ord("b")) + except: + set_error() + try: + buf.write_u8("") + set_error() + except TypeError: + pass + except: + set_error() + buf.clear() + + +#if not error_detected: +if True: + method_name = "ldns_buffer.write_u8_at()" + buf.printf("a") + try: + buf.write_u8_at(1, ord("b")) + except: + set_error() + try: + buf.write_u8_at("", ord("b")) + set_error() + except TypeError: + pass + except: + set_error() +# try: +# buf.write_u8_at(-1, ord("b")) +# set_error() +# except ValueError: +# pass +# except: +# set_error() + try: + buf.write_u8_at(1, "") + set_error() + except TypeError: + pass + except: + set_error() + + +if not error_detected: + sys.stdout.write("%s: passed.\n" % (os.path.basename(__file__))) +else: + sys.stdout.write("%s: errors detected.\n" % (os.path.basename(__file__))) + sys.exit(1) diff --git a/contrib/python/examples/test_dname.py b/contrib/python/examples/test_dname.py new file mode 100755 index 000000000000..d69170737acc --- /dev/null +++ b/contrib/python/examples/test_dname.py @@ -0,0 +1,474 @@ +#!/usr/bin/env python + +# +# ldns_dname testing script. +# +# Do not use constructs that differ between Python 2 and 3. +# Use write on stdout or stderr. +# + + +import ldns +import sys +import os +import inspect + + +class_name = "ldns_dname" +method_name = None +error_detected = False +temp_fname = "tmp_dname.txt" + + +def set_error(): + """ + Writes an error message and sets error flag. + """ + global class_name + global method_name + global error_detected + error_detected = True + sys.stderr.write("(line %d): malfunctioning method %s.\n" % \ + (inspect.currentframe().f_back.f_lineno, method_name)) + + +#if not error_detected: +if True: + method_name = class_name + ".__init__()" + rdf1 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "test.nic.cz.") + rdf2 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "217.31.205.50") + try: + dname = ldns.ldns_dname("www.nic.cz.") + if not isinstance(dname, ldns.ldns_dname): + set_error() + except: + set_error() + # + # Error when printing a dname wich was created fron an empty string. + # Must find out why. + # + try: + dname = ldns.ldns_dname(rdf1) + if not isinstance(dname, ldns.ldns_dname): + set_error() + except: + set_error() + # Test whether rdf1 and dname independent. + dname.cat(dname) + if dname.__str__() == rdf1.__str__(): + set_error() + # Test whether rdf1 and dname are dependent. + dname = ldns.ldns_dname(rdf1, clone=False) + dname.cat(dname) + if dname.__str__() != rdf1.__str__(): + set_error() + # Test whether constructs from non-dname rdfs. + try: + dname = ldns.ldns_dname(rdf2) + set_error() + except TypeError: + pass + except: + set_error() + try: + dname = ldns.ldns_dname(1) + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".[comparison operators]" + dn1 = ldns.ldns_dname("a.test") + dn2 = ldns.ldns_dname("b.test") + try: + ret = dn1 < dn2 + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = dn2 < dn1 + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + ret = dn1 <= dn2 + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = dn2 <= dn1 + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + ret = dn1 == dn2 + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + ret = dn1 == dn1 + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = dn1 != dn2 + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = dn1 != dn1 + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + ret = dn1 > dn2 + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + ret = dn2 > dn1 + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = dn1 >= dn2 + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + ret = dn2 >= dn1 + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".absolute()" + dname = ldns.ldns_dname("www.nic.cz.") + try: + ret = dname.absolute() + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".cat()" + rdf1 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "test.nic.cz.") + rdf2 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "217.31.205.50") + dname = ldns.ldns_dname("www.nic.cz.") + try: + ret = dname.cat(dname) + if ret != ldns.LDNS_STATUS_OK: + set_error() + if dname.__str__() != "www.nic.cz.www.nic.cz.": + set_error() + except: + set_error() + try: + ret = dname.cat(rdf1) + if ret != ldns.LDNS_STATUS_OK: + set_error() + if dname.__str__() != "www.nic.cz.www.nic.cz.test.nic.cz.": + set_error() + except: + set_error() + try: + ret = dname.cat(rdf2) + if ret == ldns.LDNS_STATUS_OK: + set_error() + except: + set_error() + try: + ret = dname.cat("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".cat_clone()" + rdf1 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "test.nic.cz.") + rdf2 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "217.31.205.50") + dname = ldns.ldns_dname("www.nic.cz.") + try: + ret = dname.cat_clone(dname) + if not isinstance(ret, ldns.ldns_dname): + set_error() + if ret.__str__() != "www.nic.cz.www.nic.cz.": + set_error() + except: + set_error() + try: + ret = dname.cat_clone(rdf1) + if not isinstance(ret, ldns.ldns_dname): + set_error() + if ret.__str__() != "www.nic.cz.test.nic.cz.": + set_error() + except: + set_error() + try: + ret = dname.cat_clone(rdf2) + if ret != None: + set_error() + except: + set_error() + try: + ret = dname.cat_clone("") + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".interval()" + dn1 = ldns.ldns_dname("a.ns.nic.cz.") + dn2 = ldns.ldns_dname("b.ns.nic.cz.") + dn3 = ldns.ldns_dname("c.ns.nic.cz.") + try: + ret = dn1.interval(dn2, dn3) + if ret != -1: + set_error() + except: + set_error() + try: + ret = dn2.interval(dn1, dn3) + if ret != 1: + set_error() + except: + set_error() + rdf4 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "d.ns.nic.cz.") + rdf5 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "194.0.12.1") + try: + ret = dn1.interval(dn2, rdf4) + if ret != -1: + set_error() + except: + set_error() + try: + ret = dn2.interval(dn1, rdf4) + if ret != 1: + set_error() + except: + set_error() + try: + ret = dn1.interval(dn2, rdf5) + set_error() + except Exception: + pass + except: + set_error() + try: + ret = dn1.interval(dn2, "") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".is_subdomain()" + dn1 = ldns.ldns_dname("nic.cz.") + dn2 = ldns.ldns_dname("www.nic.cz.") + rdf3 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.") + try: + ret = dn1.is_subdomain(dn2) + if not isinstance(ret, bool): + set_error() + if ret == True: + set_error() + ret = dn2.is_subdomain(dn1) + if ret != True: + set_error() + except: + set_error() + try: + ret = dn1.is_subdomain(rdf3) + if not isinstance(ret, bool): + set_error() + if ret == True: + set_error() + except: + set_error() + rdf4 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "194.0.12.1") + try: + ret = dn1.is_subdomain(rdf4) + if ret != False: + set_error() + except: + set_error() + try: + ret = dn1.is_subdomain("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".label()" + dn = ldns.ldns_dname("nic.cz.") + try: + ret = dn.label(0) + if not isinstance(ret, ldns.ldns_dname): + set_error() + except: + set_error() + try: + ret = dn.label(10) + if ret != None: + set_error() + except: + set_error() + try: + ret = dn.label("") + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".label_count()" + dn = ldns.ldns_dname("www.nic.cz.") + try: + ret = dn.label_count() + if not isinstance(ret, int): + set_error() + if ret != 3: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".left_chop()" + dn = ldns.ldns_dname("www.nic.cz.") + try: + ret = dn.left_chop() + if not isinstance(ret, ldns.ldns_dname): + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".make_canonical()" + dn = ldns.ldns_dname("WWW.NIC.CZ.") + try: + dn.make_canonical() + if dn.__str__() != "www.nic.cz.": + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".new_frm_rdf()" + # Tested via constructor call. + + +#if not error_detected: +if True: + method_name = class_name + ".new_frm_str()" + # Tested via constructor call. + + +#if not error_detected: +if True: + method_name = class_name + ".reverse()" + dn = ldns.ldns_dname("www.nic.cz.") + try: + ret = dn.reverse() + if not isinstance(ret, ldns.ldns_dname): + set_error() + if ret.__str__() != "cz.nic.www.": + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".write_to_buffer()" + dn = ldns.ldns_dname("www.nic.cz.") + buf = ldns.ldns_buffer(1024) + try: + ret = dn.write_to_buffer(buf) + if ret != ldns.LDNS_STATUS_OK: + set_error() + if buf.position() != 12: + set_error() + except: + set_error() + try: + ret = dn.write_to_buffer("") + except TypeError: + pass + except: + set_error() + + +if not error_detected: + sys.stdout.write("%s: passed.\n" % (os.path.basename(__file__))) +else: + sys.stdout.write("%s: errors detected.\n" % (os.path.basename(__file__))) + sys.exit(1) diff --git a/contrib/python/examples/test_rdf.py b/contrib/python/examples/test_rdf.py new file mode 100755 index 000000000000..4991288c83f2 --- /dev/null +++ b/contrib/python/examples/test_rdf.py @@ -0,0 +1,805 @@ +#!/usr/bin/env python + +# +# ldns_rdf testing script. +# +# Do not use constructs that differ between Python 2 and 3. +# Use write on stdout or stderr. +# + + +import ldns +import sys +import os +import inspect + + +class_name = "ldns_rdf" +method_name = None +error_detected = False +temp_fname = "tmp_rdf.txt" + + +def set_error(): + """ + Writes an error message and sets error flag. + """ + global class_name + global method_name + global error_detected + error_detected = True + sys.stderr.write("(line %d): malfunctioning method %s.\n" % \ + (inspect.currentframe().f_back.f_lineno, method_name)) + + +#if not error_detected: +if True: + method_name = class_name + ".__init__()" + try: + # Should raise an Exception + rdf = ldns.ldns_rdf() + set_error() + except Exception as e: + pass + + +#if not error_detected: +if True: + method_name = class_name + ".[comparison operators]" + rdf1 = ldns.ldns_rdf.new_frm_str("0.0.0.0", ldns.LDNS_RDF_TYPE_A) + rdf2 = ldns.ldns_rdf.new_frm_str("1.1.1.1", ldns.LDNS_RDF_TYPE_A) + try: + ret = rdf1 < rdf2 + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = rdf2 < rdf1 + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + ret = rdf1 <= rdf2 + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = rdf2 <= rdf1 + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + ret = rdf1 == rdf2 + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + ret = rdf1 == rdf1 + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = rdf1 != rdf2 + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = rdf1 != rdf1 + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + ret = rdf1 > rdf2 + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + ret = rdf2 > rdf1 + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = rdf1 >= rdf2 + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + ret = rdf2 >= rdf1 + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_rdf_new()" + sys.stderr.write("%s not tested.\n" % (method_name)) + + +#if not error_detected: +if True: + method_name = "ldns_rdf_new_frm_data()" + sys.stderr.write("%s not tested.\n" % (method_name)) + + +#if not error_detected: +if True: + method_name = "ldns_rdf_new_frm_str()" + try: + rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz") + except: + set_error() + try: + rdf = ldns.ldns_rdf_new_frm_str("", "www.nic.cz") + et_error() + except TypeError: + pass + except: + set_error() + try: + rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, 1) + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_rdf_new_frm_fp()" + f = open(temp_fname, "w") + f.write("217.31.205.50") + f.close() + f = open(temp_fname, "r") + try: + status, rdf = ldns.ldns_rdf_new_frm_fp(ldns.LDNS_RDF_TYPE_A, f) + if status != ldns.LDNS_STATUS_OK: + set_error() + if rdf == None: + set_error() + except: + set_error() + try: + # Reading past file end. + status, rdf = ldns.ldns_rdf_new_frm_fp(ldns.LDNS_RDF_TYPE_AAAA, f) + if status == ldns.LDNS_STATUS_OK: + set_error() + if rdf != None: + set_error() + except: + set_error() + f.close() + f = open(temp_fname, "r") + try: + status, rdf = ldns.ldns_rdf_new_frm_fp(ldns.LDNS_RDF_TYPE_AAAA, f) + if status != ldns.LDNS_STATUS_OK: + set_error() + if rdf != None: + set_error() + except: + set_error() + f.close() + os.remove(temp_fname) + try: + status, rdf = ldns.ldns_rdf_new_frm_fp("", f) + except TypeError: + pass + except: + set_error() + try: + status, rdf = ldns.ldns_rdf_new_frm_fp(ldns.LDNS_RDF_TYPE_AAAA, "") + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_rdf_new_frm_fp_l()" + f = open(temp_fname, "w") + f.write("217.31.205.50\n194.0.12.1") + f.close() + f = open(temp_fname, "r") + try: + status, rdf, line = ldns.ldns_rdf_new_frm_fp_l(ldns.LDNS_RDF_TYPE_A, f) + if status != ldns.LDNS_STATUS_OK: + set_error() + if rdf == None: + set_error() + except: + set_error() + try: + status, rdf, line = ldns.ldns_rdf_new_frm_fp_l(ldns.LDNS_RDF_TYPE_A, f) + if status != ldns.LDNS_STATUS_OK: + set_error() + if rdf == None: + set_error() + except: + set_error() + try: + # Reading past file end. + status, rdf, line = ldns.ldns_rdf_new_frm_fp_l(ldns.LDNS_RDF_TYPE_A, f) + if status == ldns.LDNS_STATUS_OK: + set_error() + if rdf != None: + set_error() + except: + set_error() + f.close() + os.remove(temp_fname) + try: + status, rdf = ldns.ldns_rdf_new_frm_fp_l("", f) + except TypeError: + pass + except: + set_error() + try: + status, rdf = ldns.ldns_rdf_new_frm_fp_l(ldns.LDNS_RDF_TYPE_AAAA, "") + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_drf.absolute()" + rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.") + try: + ret = rdf.absolute() + if not isinstance(ret, bool): + set_error() + if not ret: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_rdf.address_reverse()" + rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "194.0.12.1") + try: + ret = rdf.address_reverse() + if ret == None: + set_error() + except: + set_error() + rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_AAAA, "::1") + try: + ret = rdf.address_reverse() + if ret == None: + set_error() + except: + set_error() + rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.") + try: + ret = rdf.address_reverse() + if ret != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_rdf.cat()" + rdf1 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic") + rdf2 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "cz.") + try: + ret = rdf1.cat(rdf2) + if ret != ldns.LDNS_STATUS_OK: + set_error() + except: + set_error() + rdf1 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.") + rdf2 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "127.0.0.1") + try: + ret = rdf1.cat(rdf2) + if ret == ldns.LDNS_STATUS_OK: + set_error() + except: + set_error() + try: + ret = rdf2.cat(rdf1) + if ret == ldns.LDNS_STATUS_OK: + set_error() + except: + set_error() + try: + ret = rdf2.cat("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_rdf.cat_clone()" + rdf1 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic") + rdf2 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "cz.") + try: + ret = rdf1.cat_clone(rdf2) + if ret == None: + set_error() + except: + set_error() + rdf1 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.") + rdf2 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "127.0.0.1") + try: + ret = rdf1.cat_clone(rdf2) + if ret != None: + set_error() + except: + set_error() + try: + ret = rdf2.cat_clone(rdf1) + if ret != None: + set_error() + except: + set_error() + try: + ret = rdf2.cat_clone("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_rdf.clone()" + rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.") + try: + ret = rdf.clone() + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_rdf.data()" + rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.") + try: + ret = rdf.data() + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_rdf.dname_compare()" + rdf1 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.") + rdf2 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "nic.cz.") + try: + ret = rdf1.dname_compare(rdf2) + if ret != 1: + set_error() + except: + set_error() + try: + ret = rdf2.dname_compare(rdf1) + if ret != -1: + set_error() + except: + set_error() + try: + ret = rdf1.dname_compare(rdf1) + if ret != 0: + set_error() + except: + set_error() + rdf1 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.") + rdf2 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "127.0.0.1") + try: + ret = rdf1.dname_compare(rdf2) + set_error() + except Exception: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_rdf.dname_new_frm_str()" + try: + rdf = ldns.ldns_rdf.dname_new_frm_str("www.nic.cz.") + if rdf == None: + set_error() + except: + set_error() + try: + rdf = ldns.ldns_rdf.dname_new_frm_str("") + if rdf != None: + set_error() + except: + set_error() + try: + rdf = ldns.ldns_rdf.dname_new_frm_str(1) + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_rdf.get_type()" + rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.") + try: + ret = rdf.get_type() + if not isinstance(ret, int): + set_error() + if ret != ldns.LDNS_RDF_TYPE_DNAME: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_rdf.get_type_str()" + rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.") + try: + ret = rdf.get_type_str() + if not isinstance(ret, str): + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_rdf.interval()" + rdf1 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "a.ns.nic.cz.") + rdf2 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "b.ns.nic.cz.") + rdf3 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "c.ns.nic.cz.") + try: + ret = rdf1.interval(rdf2, rdf3) + if ret != -1: + set_error() + except: + set_error() + try: + ret = rdf2.interval(rdf1, rdf3) + if ret != 1: + set_error() + except: + set_error() + rdf1 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "194.0.12.1") + rdf2 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "b.ns.nic.cz.") + rdf3 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "c.ns.nic.cz.") + try: + ret = rdf1.interval(rdf2, rdf3) + set_error() + except Exception: + pass + except: + set_error() + try: + ret = rdf2.interval("", rdf3) + set_error() + except TypeError: + pass + except: + set_error() + +#if not error_detected: +if True: + method_name = "ldns_rdf.is_subdomain()" + rdf1 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "nic.cz.") + rdf2 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.") + try: + ret = rdf1.is_subdomain(rdf2) + if not isinstance(ret, bool): + set_error() + if ret == True: + set_error() + ret = rdf2.is_subdomain(rdf1) + if ret != True: + set_error() + except: + set_error() + rdf1 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "194.0.12.1") + rdf2 = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.") + try: + ret = rdf1.is_subdomain(rdf2) + if ret != False: + set_error() + except: + set_error() + try: + ret = rdf2.is_subdomain(rdf1) + if ret != False: + set_error() + except: + set_error() + try: + ret = rdf2.is_subdomain("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_rdf.label()" + rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.") + try: + ret = rdf.label(0) + if not isinstance(ret, ldns.ldns_rdf): + set_error() + except: + set_error() + try: + ret = rdf.label(10) + if ret != None: + set_error() + except: + set_error() + try: + ret = rdf.label("") + except TypeError: + pass + except: + set_error() + rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "127.0.0.1") + try: + ret = rdf.label(0) + if ret != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_rdf.label_count()" + rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.") + try: + ret = rdf.label_count() + if not isinstance(ret, int): + set_error() + if ret != 3: + set_error() + except: + set_error() + rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "127.0.0.1") + try: + ret = rdf.label_count() + if not isinstance(ret, int): + set_error() + if ret != 0: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_rdf.left_chop()" + rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.") + try: + ret = rdf.left_chop() + if not isinstance(ret, ldns.ldns_rdf): + set_error() + except: + set_error() + rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "127.0.0.1") + try: + ret = rdf.left_chop() + if ret != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_rdf.make_canonical()" + rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "WWW.NIC.CZ.") + try: + rdf.make_canonical() + if rdf.__str__() != "www.nic.cz.": + set_error() + except: + set_error() + rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "127.0.0.1") + try: + rdf.make_canonical() + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_rdf.new_frm_str()" + try: + rdf = ldns.ldns_rdf.new_frm_str("www.nic.cz.", ldns.LDNS_RDF_TYPE_DNAME) + except: + set_error() + try: + rdf = ldns.ldns_rdf.new_frm_str("www.nic.cz.", ldns.LDNS_RDF_TYPE_AAAA) + set_error() + except Exception: + pass + except: + set_error() + try: + rdf = ldns.ldns_rdf.new_frm_str("www.nic.cz.", ldns.LDNS_RDF_TYPE_AAAA, raiseException = False) + if rdf != None: + set_error() + except: + set_error() + try: + rdf = ldns.ldns_rdf.new_frm_str("", "www.nic.cz") + et_error() + except TypeError: + pass + except: + set_error() + try: + rdf = ldns.ldns_rdf.new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, 1) + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "127.0.0.1") + f = open(temp_fname, "w") + try: + rdf.print_to_file(f) + except: + set_error() + f.close() + f = open(temp_fname, "r") + if f.read() != "127.0.0.1": + set_error() + f.close() + os.remove(temp_fname) + + +#if not error_detected: +if True: + rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.") + try: + ret = rdf.reverse() + if not isinstance(ret, ldns.ldns_rdf): + set_error() + if ret.__str__() != "cz.nic.www.": + set_error() + except: + set_error() + rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_A, "127.0.0.1") + try: + ret = rdf.reverse() + if not isinstance(ret, ldns.ldns_rdf): + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_rdf.set_data()" + sys.stderr.write("%s not tested.\n" % (method_name)) + + +#if not error_detected: +if True: + method_name = "ldns_rdf.set_size()" + sys.stderr.write("%s not tested.\n" % (method_name)) + + +#if not error_detected: +if True: + method_name = "ldns_rdf.set_type()" + sys.stderr.write("%s not tested.\n" % (method_name)) + + +#if not error_detected: +if True: + method_name = "ldns_rdf.size()" + rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.") + try: + ret = rdf.size() + if ret != 12: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_rdf.write_to_buffer()" + rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "www.nic.cz.") + buf = ldns.ldns_buffer(1024) + try: + ret = rdf.write_to_buffer(buf) + if ret != ldns.LDNS_STATUS_OK: + set_error() + if buf.position() != 12: + set_error() + except: + set_error() + try: + ret = rdf.write_to_buffer("") + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = "ldns_rdf.write_to_buffer_canonical()" + rdf = ldns.ldns_rdf_new_frm_str(ldns.LDNS_RDF_TYPE_DNAME, "WWW.NIC.CZ.") + buf = ldns.ldns_buffer(1024) + try: + ret = rdf.write_to_buffer_canonical(buf) + if ret != ldns.LDNS_STATUS_OK: + set_error() + if buf.position() != 12: + set_error() + except: + set_error() + try: + ret = rdf.write_to_buffer_canonical("") + except TypeError: + pass + except: + set_error() + + +if not error_detected: + sys.stdout.write("%s: passed.\n" % (os.path.basename(__file__))) +else: + sys.stdout.write("%s: errors detected.\n" % (os.path.basename(__file__))) + sys.exit(1) diff --git a/contrib/python/examples/test_rr.py b/contrib/python/examples/test_rr.py new file mode 100644 index 000000000000..b7bc1e0d9717 --- /dev/null +++ b/contrib/python/examples/test_rr.py @@ -0,0 +1,2383 @@ +#!/usr/bin/env python + +# +# ldns_rr and ldns_rr_list testing script. +# +# Do not use constructs that differ between Python 2 and 3. +# Use write on stdout or stderr. +# + + +import ldns +import sys +import os +import inspect + + +class_name = "ldns_rr" +method_name = None +error_detected = False +temp_fname = "tmp_rr.txt" + + +def set_error(): + """ + Writes an error message and sets error flag. + """ + global class_name + global method_name + global error_detected + error_detected = True + sys.stderr.write("(line %d): malfunctioning method %s.\n" % \ + (inspect.currentframe().f_back.f_lineno, method_name)) + + + +#if not error_detected: +if True: + method_name = class_name + ".[comparison operators]" + rr1 = ldns.ldns_rr.new_frm_str("test1 600 IN A 0.0.0.0") + rr2 = ldns.ldns_rr.new_frm_str("test2 600 IN A 1.1.1.1") + try: + ret = rr1 < rr2 + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = rr2 < rr1 + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + ret = rr1 <= rr2 + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = rr2 <= rr1 + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + ret = rr1 == rr2 + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + ret = rr1 == rr1 + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = rr1 != rr2 + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = rr1 != rr1 + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + ret = rr1 > rr2 + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + ret = rr2 > rr1 + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = rr1 >= rr2 + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + ret = rr2 >= rr1 + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + "__init__()" + try: + rr = ldns.ldns_rr() + set_error() + except Exception: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".a_address()" + rr = ldns.ldns_rr.new_frm_str("www.nic.cz 600 IN A 217.31.205.50") + try: + address = rr.a_address() + if not isinstance(address, ldns.ldns_rdf): + set_error() + if address == None: + set_error() + except: + set_error() + rr = ldns.ldns_rr.new_frm_str("www.nic.cz 600 IN AAAA 2002:d91f:cd32::1") + try: + address = rr.a_address() + if not isinstance(address, ldns.ldns_rdf): + set_error() + if address == None: + set_error() + except: + set_error() + rr = ldns.ldns_rr.new_frm_str("www.nic.cz 600 IN TXT text") + try: + address = rr.a_address() + if isinstance(address, ldns.ldns_rdf): + set_error() + if address != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".a_set_address()" + rdf = ldns.ldns_rdf.new_frm_str("127.0.0.1", ldns.LDNS_RDF_TYPE_A) + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + ret = rr.a_set_address(rdf) + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + rdf = ldns.ldns_rdf.new_frm_str("::1", ldns.LDNS_RDF_TYPE_AAAA) + rr = ldns.ldns_rr.new_frm_str("test 600 IN AAAA ::") + try: + ret = rr.a_set_address(rdf) + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = rr.a_set_address("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".class_by_name()" + try: + ret = ldns.ldns_rr.class_by_name("IN") + if not isinstance(ret, int): + set_error() + if ret != ldns.LDNS_RR_CLASS_IN: + set_error() + except: + set_error() + method_name = class_name + ".class_by_name()" + try: + ret = ldns.ldns_rr.class_by_name("AA") + if not isinstance(ret, int): + set_error() + if ret != 0: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".clone()" + rr = ldns.ldns_rr.new_frm_str("test 600 IN TXT text") + try: + ret = rr.clone() + if not isinstance(ret, ldns.ldns_rr): + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".compare_ds()" + pubkey1 = ldns.ldns_rr.new_frm_str("example1. 3600 IN DNSKEY 256 3 3 APw7tG8Nf7MYXjt2Y6DmyWUVxVy73bRKvKbKoGXhAXJx2vbcGGxfXsScT0i4FIC2wsJ/8zy/otB5vymm3JHBf2+7cQvRdp12UMLAnzlfrbgZUpvV36D+q6ch7kbmFzaBfwRjOKhnZkRLCcMYPAdX1SrgKVNXaOzAl9KytbzGQs5MKEHU+a0PAwKfIvEsS/+pW6gKgBnL0uy4Gr5cYJ5rk48iwFXOlZ/B30gUS5dD+rNRJuR0ZgEkxtVIPVxxhQPtEI53JhlJ2nEy0CqNW88nYLmX402b ;{id = 34898 (zsk), size = 512b}") + pubkey2 = ldns.ldns_rr.new_frm_str("example2. 3600 IN DNSKEY 256 3 3 ALBoD2+1xYpzrE7gjU5EwwBHG2HNiD1977LDZGh+8VNifMGjixMpgUN6xRhFjvRSsC/seMVXmUGq+msUDF2pHnUHbW/dbQbBxVMAqx2jT0LTvAx5wUPGltHHsa92K8VdzD8ynTFwPvjmk7g3hqRRzt4UTQIeK7DYgrOOgvDv+DYWVQctLwYP0ktm85b4cMtIUNRIf/N+K25pfK6BM/tHN8HOm4ECvm2U9zqHHfnxJFdiNK2PydkNeJZZGUOubSFVvaOMhZoEeAgkm3q5QcwXHsLAhacZ ;{id = 30944 (zsk), size = 512b}") + ds1 = ldns.ldns_key_rr2ds(pubkey1, ldns.LDNS_SHA1) + ds2 = ldns.ldns_key_rr2ds(pubkey2, ldns.LDNS_SHA1) + try: + ret = pubkey1.compare_ds(pubkey1) + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = pubkey1.compare_ds(pubkey2) + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + ret = pubkey1.compare_ds(ds1) + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = pubkey1.compare_ds(ds2) + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + pubkey1.compare_ds("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".compare_no_rdata()" + rr1 = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + rr2 = ldns.ldns_rr.new_frm_str("test 600 IN AAAA ::") + try: + ret = rr1.compare_no_rdata(rr2) + if not isinstance(ret, int): + set_error() + if ret != -27: + set_error() + except: + set_error() + try: + rr1.compare_no_rdata("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".dnskey_algorithm()" + pubkey = ldns.ldns_rr.new_frm_str("example1. 3600 IN DNSKEY 256 3 3 APw7tG8Nf7MYXjt2Y6DmyWUVxVy73bRKvKbKoGXhAXJx2vbcGGxfXsScT0i4FIC2wsJ/8zy/otB5vymm3JHBf2+7cQvRdp12UMLAnzlfrbgZUpvV36D+q6ch7kbmFzaBfwRjOKhnZkRLCcMYPAdX1SrgKVNXaOzAl9KytbzGQs5MKEHU+a0PAwKfIvEsS/+pW6gKgBnL0uy4Gr5cYJ5rk48iwFXOlZ/B30gUS5dD+rNRJuR0ZgEkxtVIPVxxhQPtEI53JhlJ2nEy0CqNW88nYLmX402b ;{id = 34898 (zsk), size = 512b}") + try: + ret = pubkey.dnskey_algorithm() + if not isinstance(ret, ldns.ldns_rdf): + set_error() + except: + set_error() + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + ret = rr.dnskey_algorithm() + if isinstance(ret, ldns.ldns_rdf): + set_error() + if ret != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".dnskey_flags()" + pubkey = ldns.ldns_rr.new_frm_str("example1. 3600 IN DNSKEY 256 3 3 APw7tG8Nf7MYXjt2Y6DmyWUVxVy73bRKvKbKoGXhAXJx2vbcGGxfXsScT0i4FIC2wsJ/8zy/otB5vymm3JHBf2+7cQvRdp12UMLAnzlfrbgZUpvV36D+q6ch7kbmFzaBfwRjOKhnZkRLCcMYPAdX1SrgKVNXaOzAl9KytbzGQs5MKEHU+a0PAwKfIvEsS/+pW6gKgBnL0uy4Gr5cYJ5rk48iwFXOlZ/B30gUS5dD+rNRJuR0ZgEkxtVIPVxxhQPtEI53JhlJ2nEy0CqNW88nYLmX402b ;{id = 34898 (zsk), size = 512b}") + try: + ret = pubkey.dnskey_flags() + if not isinstance(ret, ldns.ldns_rdf): + set_error() + except: + set_error() + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + ret = rr.dnskey_flags() + if isinstance(ret, ldns.ldns_rdf): + set_error() + if ret != None: + set_error() + except: + set_errror() + + +#if not error_detected: +if True: + method_name = class_name + ".dnskey_key()" + pubkey = ldns.ldns_rr.new_frm_str("example1. 3600 IN DNSKEY 256 3 3 APw7tG8Nf7MYXjt2Y6DmyWUVxVy73bRKvKbKoGXhAXJx2vbcGGxfXsScT0i4FIC2wsJ/8zy/otB5vymm3JHBf2+7cQvRdp12UMLAnzlfrbgZUpvV36D+q6ch7kbmFzaBfwRjOKhnZkRLCcMYPAdX1SrgKVNXaOzAl9KytbzGQs5MKEHU+a0PAwKfIvEsS/+pW6gKgBnL0uy4Gr5cYJ5rk48iwFXOlZ/B30gUS5dD+rNRJuR0ZgEkxtVIPVxxhQPtEI53JhlJ2nEy0CqNW88nYLmX402b ;{id = 34898 (zsk), size = 512b}") + try: + ret = pubkey.dnskey_key() + if not isinstance(ret, ldns.ldns_rdf): + set_error() + except: + set_error() + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + ret = rr.dnskey_key() + if isinstance(ret, ldns.ldns_rdf): + set_error() + if ret != None: + set_error() + except: + set_errror() + + +#if not error_detected: +if True: + method_name = class_name + ".dnskey_key_size()" + pubkey = ldns.ldns_rr.new_frm_str("example1. 3600 IN DNSKEY 256 3 3 APw7tG8Nf7MYXjt2Y6DmyWUVxVy73bRKvKbKoGXhAXJx2vbcGGxfXsScT0i4FIC2wsJ/8zy/otB5vymm3JHBf2+7cQvRdp12UMLAnzlfrbgZUpvV36D+q6ch7kbmFzaBfwRjOKhnZkRLCcMYPAdX1SrgKVNXaOzAl9KytbzGQs5MKEHU+a0PAwKfIvEsS/+pW6gKgBnL0uy4Gr5cYJ5rk48iwFXOlZ/B30gUS5dD+rNRJuR0ZgEkxtVIPVxxhQPtEI53JhlJ2nEy0CqNW88nYLmX402b ;{id = 34898 (zsk), size = 512b}") + try: + ret = pubkey.dnskey_key_size() + if not isinstance(ret, int): + set_error() + if ret != 512: + set_error() + except: + set_error() + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + ret = rr.dnskey_key_size() + if not isinstance(ret, int): + set_error() + if ret != 0: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".dnskey_key_size_raw()" + sys.stderr.write("%s not tested.\n" % (method_name)) + + +#if not error_detected: +if True: + method_name = class_name + ".dnskey_protocol()" + pubkey = ldns.ldns_rr.new_frm_str("example1. 3600 IN DNSKEY 256 3 3 APw7tG8Nf7MYXjt2Y6DmyWUVxVy73bRKvKbKoGXhAXJx2vbcGGxfXsScT0i4FIC2wsJ/8zy/otB5vymm3JHBf2+7cQvRdp12UMLAnzlfrbgZUpvV36D+q6ch7kbmFzaBfwRjOKhnZkRLCcMYPAdX1SrgKVNXaOzAl9KytbzGQs5MKEHU+a0PAwKfIvEsS/+pW6gKgBnL0uy4Gr5cYJ5rk48iwFXOlZ/B30gUS5dD+rNRJuR0ZgEkxtVIPVxxhQPtEI53JhlJ2nEy0CqNW88nYLmX402b ;{id = 34898 (zsk), size = 512b}") + try: + ret = pubkey.dnskey_protocol() + if not isinstance(ret, ldns.ldns_rdf): + set_error() + except: + set_error() + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + ret = rr.dnskey_protocol() + if isinstance(ret, ldns.ldns_rdf): + set_error() + if ret != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".dnskey_set_algorithm()" + pubkey = ldns.ldns_rr.new_frm_str("example1. 3600 IN DNSKEY 256 3 3 APw7tG8Nf7MYXjt2Y6DmyWUVxVy73bRKvKbKoGXhAXJx2vbcGGxfXsScT0i4FIC2wsJ/8zy/otB5vymm3JHBf2+7cQvRdp12UMLAnzlfrbgZUpvV36D+q6ch7kbmFzaBfwRjOKhnZkRLCcMYPAdX1SrgKVNXaOzAl9KytbzGQs5MKEHU+a0PAwKfIvEsS/+pW6gKgBnL0uy4Gr5cYJ5rk48iwFXOlZ/B30gUS5dD+rNRJuR0ZgEkxtVIPVxxhQPtEI53JhlJ2nEy0CqNW88nYLmX402b ;{id = 34898 (zsk), size = 512b}") + rdf = ldns.ldns_rdf.new_frm_str("3", ldns.LDNS_RDF_TYPE_ALG) + try: + ret = pubkey.dnskey_set_algorithm(rdf) + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() +# rdf = ldns.ldns_rdf.new_frm_str("0.0.0.0", ldns.LDNS_RDF_TYPE_A) +# try: +# ret = pubkey.dnskey_set_algorithm(rdf) +# if not isinstance(ret, bool): +# set_error() +# if ret != False: +# set_error() +# except: +# set_error() + try: + ret = pubkey.dnskey_set_algorithm("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".dnskey_set_flags()" + pubkey = ldns.ldns_rr.new_frm_str("example1. 3600 IN DNSKEY 256 3 3 APw7tG8Nf7MYXjt2Y6DmyWUVxVy73bRKvKbKoGXhAXJx2vbcGGxfXsScT0i4FIC2wsJ/8zy/otB5vymm3JHBf2+7cQvRdp12UMLAnzlfrbgZUpvV36D+q6ch7kbmFzaBfwRjOKhnZkRLCcMYPAdX1SrgKVNXaOzAl9KytbzGQs5MKEHU+a0PAwKfIvEsS/+pW6gKgBnL0uy4Gr5cYJ5rk48iwFXOlZ/B30gUS5dD+rNRJuR0ZgEkxtVIPVxxhQPtEI53JhlJ2nEy0CqNW88nYLmX402b ;{id = 34898 (zsk), size = 512b}") + rdf = ldns.ldns_rdf.new_frm_str("256", ldns.LDNS_RDF_TYPE_INT16) + try: + ret = pubkey.dnskey_set_flags(rdf) + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() +# rdf = ldns.ldns_rdf.new_frm_str("0.0.0.0", ldns.LDNS_RDF_TYPE_A) +# try: +# ret = pubkey.dnskey_set_flags(rdf) +# if not isinstance(ret, bool): +# set_error() +# if ret != False: +# set_error() +# except: +# set_error() + try: + ret = pubkey.dnskey_set_flags("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".dnskey_set_key()" + pubkey = ldns.ldns_rr.new_frm_str("example1. 3600 IN DNSKEY 256 3 3 APw7tG8Nf7MYXjt2Y6DmyWUVxVy73bRKvKbKoGXhAXJx2vbcGGxfXsScT0i4FIC2wsJ/8zy/otB5vymm3JHBf2+7cQvRdp12UMLAnzlfrbgZUpvV36D+q6ch7kbmFzaBfwRjOKhnZkRLCcMYPAdX1SrgKVNXaOzAl9KytbzGQs5MKEHU+a0PAwKfIvEsS/+pW6gKgBnL0uy4Gr5cYJ5rk48iwFXOlZ/B30gUS5dD+rNRJuR0ZgEkxtVIPVxxhQPtEI53JhlJ2nEy0CqNW88nYLmX402b ;{id = 34898 (zsk), size = 512b}") + rdf = ldns.ldns_rdf.new_frm_str("AMLdYflByPu1GEPCnu9qPTqbnC8n5mftFmFVTFQI10aefiDqp5DLpjBdTxdmz/GACMZh1+YG/iLj0QYX7qRVIl0rR00iREozqj44YwUILHo3cASSRSeAzyidvlGT8QSMKOlOsD33ygtETpzW0XDmzWhyU3bv0O7lnGpbtqdzP/nsZDbdtf5XI0YBdi91HftqtQpIlMtCg+zIzATO4+QWGt0oDX/+jdB7Y/vBahxnz13stNYeGYslGBSZNgpB7HBKlTwB70sprZ8XmNGhj/NixqB6Bzae", ldns.LDNS_RDF_TYPE_B64) + try: + ret = pubkey.dnskey_set_key(rdf) + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() +# rdf = ldns.ldns_rdf.new_frm_str("0.0.0.0", ldns.LDNS_RDF_TYPE_A) +# try: +# ret = pubkey.dnskey_set_key(rdf) +# if not isinstance(ret, bool): +# set_error() +# if ret != False: +# set_error() +# except: +# set_error() + try: + ret = pubkey.dnskey_set_key("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".dnskey_set_protocol()" + pubkey = ldns.ldns_rr.new_frm_str("example1. 3600 IN DNSKEY 256 3 3 APw7tG8Nf7MYXjt2Y6DmyWUVxVy73bRKvKbKoGXhAXJx2vbcGGxfXsScT0i4FIC2wsJ/8zy/otB5vymm3JHBf2+7cQvRdp12UMLAnzlfrbgZUpvV36D+q6ch7kbmFzaBfwRjOKhnZkRLCcMYPAdX1SrgKVNXaOzAl9KytbzGQs5MKEHU+a0PAwKfIvEsS/+pW6gKgBnL0uy4Gr5cYJ5rk48iwFXOlZ/B30gUS5dD+rNRJuR0ZgEkxtVIPVxxhQPtEI53JhlJ2nEy0CqNW88nYLmX402b ;{id = 34898 (zsk), size = 512b}") + rdf = ldns.ldns_rdf.new_frm_str("3", ldns.LDNS_RDF_TYPE_INT8) + try: + ret = pubkey.dnskey_set_protocol(rdf) + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() +# rdf = ldns.ldns_rdf.new_frm_str("0.0.0.0", ldns.LDNS_RDF_TYPE_A) +# try: +# ret = pubkey.dnskey_set_protocol(rdf) +# if not isinstance(ret, bool): +# set_error() +# if ret != False: +# set_error() +# except: +# set_error() + try: + ret = pubkey.dnskey_set_protocol("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".get_class()" + rr = ldns.ldns_rr.new_frm_str("test IN A 0.0.0.0", 600) + try: + ret = rr.get_class() + if not isinstance(ret, int): + set_error() + if ret != ldns.LDNS_RR_CLASS_IN: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".get_class_str()" + rr = ldns.ldns_rr.new_frm_str("test CH A 0.0.0.0", 600) + try: + ret = rr.get_class_str() + if not isinstance(ret, str): + set_error() + if ret != "CH": + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".get_type()" + rr = ldns.ldns_rr.new_frm_str("test IN A 0.0.0.0", 600) + try: + ret = rr.get_type() + if not isinstance(ret, int): + set_error() + if ret != 1: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".get_type_str()" + rr = ldns.ldns_rr.new_frm_str("test IN A 0.0.0.0", 600) + try: + ret = rr.get_type_str() + if not isinstance(ret, str): + set_error() + if ret != "A": + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".is_question()" + rr = ldns.ldns_rr.new_frm_str("test IN A 0.0.0.0", 600) + try: + ret = rr.is_question() + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + rr.set_question(True) + try: + ret = rr.is_question() + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".label_count()" + rr = ldns.ldns_rr.new_frm_str("test.dom. IN A 0.0.0.0", 600) + try: + ret = rr.label_count() + if not isinstance(ret, int): + set_error() + if ret != 2: + set_error() + except: + set_error() + rr = ldns.ldns_rr.new_frm_str(". IN A 0.0.0.0", 600) + try: + ret = rr.label_count() + if not isinstance(ret, int): + set_error(string) + if ret != 0: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".mx_exchange()" + rr = ldns.ldns_rr.new_frm_str("nic.cz. IN MX 15 mail4.nic.cz.", 600) + try: + ret = rr.mx_exchange() + if not isinstance(ret, ldns.ldns_rdf): + set_error() + except: + set_error() + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + ret = rr.mx_exchange() + if isinstance(ret, ldns.ldns_rdf): + set_error() + if ret != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".mx_preference()" + rr = ldns.ldns_rr.new_frm_str("nic.cz. IN MX 15 mail4.nic.cz.", 600) + try: + ret = rr.mx_preference() + if not isinstance(ret, ldns.ldns_rdf): + set_error() + except: + set_error() + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + ret = rr.mx_preference() + if isinstance(ret, ldns.ldns_rdf): + set_error() + if ret != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".new_frm_fp()" + f = open(temp_fname, "w") + f.write("test 600 IN A 0.0.0.0") + f.close() + f = open(temp_fname, "r") + rr, ttl, origin, prev = ldns.ldns_rr.new_frm_fp(f, + origin=ldns.ldns_dname("nic.cz")) + try: + # Reading past file end. + ret = ldns.ldns_rr.new_frm_fp(f, raiseException=False) + if ret != None: + set_error() + except: + set_error() + try: + # Reading past file end. + rr, ttl, origin, prev = ldns.ldns_rr.new_frm_fp(f) + set_error() + except Exception: + pass + except: + set_error() + f.close() + os.remove(temp_fname) + + +#if not error_detected: +if True: + method_name = class_name + ".new_frm_fp_l()" + f = open(temp_fname, "w") + f.write("test 600 IN A 0.0.0.0") + f.close() + f = open(temp_fname, "r") + rr, line, ttl, origin, prev = ldns.ldns_rr.new_frm_fp_l(f, + origin=ldns.ldns_dname("nic.cz")) + try: + # Reading past file end. + ret = ldns.ldns_rr.new_frm_fp_l(f, raiseException=False) + if ret != None: + set_error() + except: + set_error() + try: + # Reading past file end. + rr, ttl, origin, prev = ldns.ldns_rr.new_frm_fp_l(f) + set_error() + except Exception: + pass + except: + set_error() + f.close() + os.remove(temp_fname) + + +#if not error_detected: +if True: + method_name = class_name + ".new_frm_str()" + try: + rr = ldns.ldns_rr.new_frm_str("test IN A 0.0.0.0", 600, + origin=ldns.ldns_dname("nic.cz")) + if not isinstance(rr, ldns.ldns_rr): + set_error() + except: + set_error() + try: + rr = ldns.ldns_rr.new_frm_str(10) + set_error() + except TypeError: + pass + except: + set_error() + try: + rr = ldns.ldns_rr.new_frm_str("") + set_error() + except Exception: + pass + except: + set_error() + try: + rr = ldns.ldns_rr.new_frm_str("", raiseException=False) + if rr != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".new_frm_str_prev()" + try: + rr, prev = ldns.ldns_rr.new_frm_str_prev("test IN A 0.0.0.0", 600, + origin=ldns.ldns_dname("nic.cz")) + if not isinstance(rr, ldns.ldns_rr): + set_error() +# if prev != None: +# set_error() + except: + set_error() + try: + rr = ldns.ldns_rr.new_frm_str_prev(10) + set_error() + except TypeError: + pass + except: + set_error() + try: + rr = ldns.ldns_rr.new_frm_str_prev("") + set_error() + except Exception: + pass + except: + set_error() + try: + rr = ldns.ldns_rr.new_frm_str_prev("", raiseException=False) + if rr != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".new_question_frm_str()" + try: + rr = ldns.ldns_rr.new_question_frm_str("test IN A", 600, + origin=ldns.ldns_dname("nic.cz")) + if not isinstance(rr, ldns.ldns_rr): + set_error() + except: + set_error() + try: + rr = ldns.ldns_rr.new_question_frm_str(10) + set_error() + except TypeError: + pass + except: + set_error() + try: + rr = ldns.ldns_rr.new_question_frm_str("") + set_error() + except Exception: + pass + except: + set_error() + try: + rr = ldns.ldns_rr.new_question_frm_str("", raiseException=False) + if rr != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".ns_nsdname()" + rr = ldns.ldns_rr.new_frm_str("nic.cz. 1800 IN NS a.ns.nic.cz.") + try: + ret = rr.ns_nsdname() + if not isinstance(ret, ldns.ldns_rdf): + set_error() + except: + set_error() + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + ret = rr.ns_nsdname() + if isinstance(ret, ldns.ldns_rdf): + set_error() + if ret != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".owner()" + rr = ldns.ldns_rr.new_frm_str("nic.cz. 1800 IN NS a.ns.nic.cz.") + try: + ret = rr.owner() + if not isinstance(ret, ldns.ldns_dname): + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".pop_rdf()" + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + ret = rr.pop_rdf() + if not isinstance(ret, ldns.ldns_rdf): + set_error() + if ret.get_type() != ldns.LDNS_RDF_TYPE_A: + set_error() + except: + set_error() + try: + ret = rr.pop_rdf() + if isinstance(ret, ldns.ldns_rdf): + set_error() + if ret != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".print_to_file()" + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + f = open(temp_fname, "w") + try: + rr.print_to_file(f) + except: + set_error() + f.close() + f = open(temp_fname, "r") + if not f.readline(): + set_error() + f.close() + os.remove(temp_fname) + + +#if not error_detected: +if True: + method_name = class_name + ".push_rdf()" + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + rdf = ldns.ldns_rdf.new_frm_str("1.1.1.1", ldns.LDNS_RDF_TYPE_A) + try: + ret = rr.push_rdf(rdf) + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = rr.push_rdf("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".rd_count()" + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + ret = rr.rd_count() + if not isinstance(ret, int): + set_error() + if ret != 1: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".rdf()" + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + ret = rr.rdf(0) + if not isinstance(ret, ldns.ldns_rdf): + set_error() + except: + set_error() + try: + ret = rr.rdf(1) + if isinstance(ret, ldns.ldns_rdf): + set_error() + if ret != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".rdfs()" + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + ret = rr.rdfs() + if len(list(ret)) != 1: + set_error() + except: + set_error() + + + +#if not error_detected: +if True: + method_name = class_name + ".rrsig_algorithm()" + rr = ldns.ldns_rr.new_frm_str("example. 600 IN RRSIG SOA 3 1 600 20130828153754 20120828153754 19031 example. AIoCFhwZJxIgYOBEyo3cxxWFZEsUPqkxnt38xEl1cFAHHC9iQN9mlEg=") + try: + ret = rr.rrsig_algorithm() + if not isinstance(ret, ldns.ldns_rdf): + set_error() + except: + set_error() + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + ret = rr.rrsig_algorithm() + if isinstance(ret, ldns.ldns_rdf): + set_error() + if ret != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".rrsig_expiration()" + rr = ldns.ldns_rr.new_frm_str("example. 600 IN RRSIG SOA 3 1 600 20130828153754 20120828153754 19031 example. AIoCFhwZJxIgYOBEyo3cxxWFZEsUPqkxnt38xEl1cFAHHC9iQN9mlEg=") + try: + ret = rr.rrsig_expiration() + if not isinstance(ret, ldns.ldns_rdf): + set_error() + except: + set_error() + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + ret = rr.rrsig_expiration() + if isinstance(ret, ldns.ldns_rdf): + set_error() + if ret != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".rrsig_inception()" + rr = ldns.ldns_rr.new_frm_str("example. 600 IN RRSIG SOA 3 1 600 20130828153754 20120828153754 19031 example. AIoCFhwZJxIgYOBEyo3cxxWFZEsUPqkxnt38xEl1cFAHHC9iQN9mlEg=") + try: + ret = rr.rrsig_inception() + if not isinstance(ret, ldns.ldns_rdf): + set_error() + except: + set_error() + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + ret = rr.rrsig_inception() + if isinstance(ret, ldns.ldns_rdf): + set_error() + if ret != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".rrsig_keytag()" + rr = ldns.ldns_rr.new_frm_str("example. 600 IN RRSIG SOA 3 1 600 20130828153754 20120828153754 19031 example. AIoCFhwZJxIgYOBEyo3cxxWFZEsUPqkxnt38xEl1cFAHHC9iQN9mlEg=") + try: + ret = rr.rrsig_keytag() + if not isinstance(ret, ldns.ldns_rdf): + set_error() + except: + set_error() + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + ret = rr.rrsig_keytag() + if isinstance(ret, ldns.ldns_rdf): + set_error() + if ret != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".rrsig_labels()" + rr = ldns.ldns_rr.new_frm_str("example. 600 IN RRSIG SOA 3 1 600 20130828153754 20120828153754 19031 example. AIoCFhwZJxIgYOBEyo3cxxWFZEsUPqkxnt38xEl1cFAHHC9iQN9mlEg=") + try: + ret = rr.rrsig_labels() + if not isinstance(ret, ldns.ldns_rdf): + set_error() + except: + set_error() + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + ret = rr.rrsig_labels() + if isinstance(ret, ldns.ldns_rdf): + set_error() + if ret != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".rrsig_origttl()" + rr = ldns.ldns_rr.new_frm_str("example. 600 IN RRSIG SOA 3 1 600 20130828153754 20120828153754 19031 example. AIoCFhwZJxIgYOBEyo3cxxWFZEsUPqkxnt38xEl1cFAHHC9iQN9mlEg=") + try: + ret = rr.rrsig_origttl() + if not isinstance(ret, ldns.ldns_rdf): + set_error() + except: + set_error() + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + ret = rr.rrsig_origttl() + if isinstance(ret, ldns.ldns_rdf): + set_error() + if ret != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".rrsig_set_algorithm()" + rr = ldns.ldns_rr.new_frm_str("example. 600 IN RRSIG SOA 3 1 600 20130828153754 20120828153754 19031 example. AIoCFhwZJxIgYOBEyo3cxxWFZEsUPqkxnt38xEl1cFAHHC9iQN9mlEg=") + rdf = ldns.ldns_rdf.new_frm_str("3", ldns.LDNS_RDF_TYPE_ALG) + try: + ret = rr.rrsig_set_algorithm(rdf) + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() +# rdf = ldns.ldns_rdf.new_frm_str("0.0.0.0", ldns.LDNS_RDF_TYPE_A) +# try: +# ret = rr.rrsig_set_algorithm(rdf) +# if not isinstance(ret, bool): +# set_error() +# if ret != False: +# set_error() +# except: +# set_error() + try: + ret = rr.rrsig_set_algorithm("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".rrsig_set_expiration()" + rr = ldns.ldns_rr.new_frm_str("example. 600 IN RRSIG SOA 3 1 600 20130828153754 20120828153754 19031 example. AIoCFhwZJxIgYOBEyo3cxxWFZEsUPqkxnt38xEl1cFAHHC9iQN9mlEg=") + rdf = ldns.ldns_rdf.new_frm_str("20130928153754", ldns.LDNS_RDF_TYPE_TIME) + try: + ret = rr.rrsig_set_expiration(rdf) + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() +# rdf = ldns.ldns_rdf.new_frm_str("0.0.0.0", ldns.LDNS_RDF_TYPE_A) +# try: +# ret = rr.rrsig_set_expiration(rdf) +# if not isinstance(ret, bool): +# set_error() +# if ret != False: +# set_error() +# except: +# set_error() + try: + ret = rr.rrsig_set_expiration("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".rrsig_set_inception()" + rr = ldns.ldns_rr.new_frm_str("example. 600 IN RRSIG SOA 3 1 600 20130828153754 20120828153754 19031 example. AIoCFhwZJxIgYOBEyo3cxxWFZEsUPqkxnt38xEl1cFAHHC9iQN9mlEg=") + rdf = ldns.ldns_rdf.new_frm_str("20120728153754", ldns.LDNS_RDF_TYPE_TIME) + try: + ret = rr.rrsig_set_inception(rdf) + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() +# rdf = ldns.ldns_rdf.new_frm_str("0.0.0.0", ldns.LDNS_RDF_TYPE_A) +# try: +# ret = rr.rrsig_set_inception(rdf) +# if not isinstance(ret, bool): +# set_error() +# if ret != False: +# set_error() +# except: +# set_error() + try: + ret = rr.rrsig_set_inception("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".rrsig_set_keytag()" + rr = ldns.ldns_rr.new_frm_str("example. 600 IN RRSIG SOA 3 1 600 20130828153754 20120828153754 19031 example. AIoCFhwZJxIgYOBEyo3cxxWFZEsUPqkxnt38xEl1cFAHHC9iQN9mlEg=") + rdf = ldns.ldns_rdf.new_frm_str("19032", ldns.LDNS_RDF_TYPE_INT16) + try: + ret = rr.rrsig_set_keytag(rdf) + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() +# rdf = ldns.ldns_rdf.new_frm_str("0.0.0.0", ldns.LDNS_RDF_TYPE_A) +# try: +# ret = rr.rrsig_set_keytag(rdf) +# if not isinstance(ret, bool): +# set_error() +# if ret != False: +# set_error() +# except: +# set_error() + try: + ret = rr.rrsig_set_keytag("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".rrsig_set_labels()" + rr = ldns.ldns_rr.new_frm_str("example. 600 IN RRSIG SOA 3 1 600 20130828153754 20120828153754 19031 example. AIoCFhwZJxIgYOBEyo3cxxWFZEsUPqkxnt38xEl1cFAHHC9iQN9mlEg=") + rdf = ldns.ldns_rdf.new_frm_str("1", ldns.LDNS_RDF_TYPE_INT8) + try: + ret = rr.rrsig_set_labels(rdf) + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() +# rdf = ldns.ldns_rdf.new_frm_str("0.0.0.0", ldns.LDNS_RDF_TYPE_A) +# try: +# ret = rr.rrsig_set_labels(rdf) +# if not isinstance(ret, bool): +# set_error() +# if ret != False: +# set_error() +# except: +# set_error() + try: + ret = rr.rrsig_set_labels("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".rrsig_set_origttl()" + rr = ldns.ldns_rr.new_frm_str("example. 600 IN RRSIG SOA 3 1 600 20130828153754 20120828153754 19031 example. AIoCFhwZJxIgYOBEyo3cxxWFZEsUPqkxnt38xEl1cFAHHC9iQN9mlEg=") + rdf = ldns.ldns_rdf.new_frm_str("1", ldns.LDNS_RDF_TYPE_INT8) + try: + ret = rr.rrsig_set_origttl(rdf) + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() +# rdf = ldns.ldns_rdf.new_frm_str("0.0.0.0", ldns.LDNS_RDF_TYPE_A) +# try: +# ret = rr.rrsig_set_origttl(rdf) +# if not isinstance(ret, bool): +# set_error() +# if ret != False: +# set_error() +# except: +# set_error() + try: + ret = rr.rrsig_set_origttl("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".rrsig_set_sig()" + rr = ldns.ldns_rr.new_frm_str("example. 600 IN RRSIG SOA 3 1 600 20130828153754 20120828153754 19031 example. AIoCFhwZJxIgYOBEyo3cxxWFZEsUPqkxnt38xEl1cFAHHC9iQN9mlEg=") + rdf = ldns.ldns_rdf.new_frm_str("AIoCFhwZJxIgYOBEyo3cxxWFZEsUPqkxnt38xEl1cFAHHC9iQN9mlEg=", ldns.LDNS_RDF_TYPE_B64) + try: + ret = rr.rrsig_set_sig(rdf) + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() +# rdf = ldns.ldns_rdf.new_frm_str("0.0.0.0", ldns.LDNS_RDF_TYPE_A) +# try: +# ret = rr.rrsig_set_sig(rdf) +# if not isinstance(ret, bool): +# set_error() +# if ret != False: +# set_error() +# except: +# set_error() + try: + ret = rr.rrsig_set_sig("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".rrsig_set_signame()" + rr = ldns.ldns_rr.new_frm_str("example. 600 IN RRSIG SOA 3 1 600 20130828153754 20120828153754 19031 example. AIoCFhwZJxIgYOBEyo3cxxWFZEsUPqkxnt38xEl1cFAHHC9iQN9mlEg=") + rdf = ldns.ldns_rdf.new_frm_str("example.", ldns.LDNS_RDF_TYPE_DNAME) + try: + ret = rr.rrsig_set_signame(rdf) + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() +# rdf = ldns.ldns_rdf.new_frm_str("0.0.0.0", ldns.LDNS_RDF_TYPE_A) +# try: +# ret = rr.rrsig_set_signame(rdf) +# if not isinstance(ret, bool): +# set_error() +# if ret != False: +# set_error() +# except: +# set_error() + try: + ret = rr.rrsig_set_signame("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".rrsig_set_typecovered()" + rr = ldns.ldns_rr.new_frm_str("example. 600 IN RRSIG SOA 3 1 600 20130828153754 20120828153754 19031 example. AIoCFhwZJxIgYOBEyo3cxxWFZEsUPqkxnt38xEl1cFAHHC9iQN9mlEg=") + rdf = ldns.ldns_rdf.new_frm_str("SOA", ldns.LDNS_RDF_TYPE_TYPE) + try: + ret = rr.rrsig_set_typecovered(rdf) + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() +# rdf = ldns.ldns_rdf.new_frm_str("0.0.0.0", ldns.LDNS_RDF_TYPE_A) +# try: +# ret = rr.rrsig_set_typecovered(rdf) +# if not isinstance(ret, bool): +# set_error() +# if ret != False: +# set_error() +# except: +# set_error() + try: + ret = rr.rrsig_set_typecovered("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".rrsig_sig()" + rr = ldns.ldns_rr.new_frm_str("example. 600 IN RRSIG SOA 3 1 600 20130828153754 20120828153754 19031 example. AIoCFhwZJxIgYOBEyo3cxxWFZEsUPqkxnt38xEl1cFAHHC9iQN9mlEg=") + try: + ret = rr.rrsig_sig() + if not isinstance(ret, ldns.ldns_rdf): + set_error() + except: + set_error() + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + ret = rr.rrsig_sig() + if isinstance(ret, ldns.ldns_rdf): + set_error() + if ret != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".rrsig_signame()" + rr = ldns.ldns_rr.new_frm_str("example. 600 IN RRSIG SOA 3 1 600 20130828153754 20120828153754 19031 example. AIoCFhwZJxIgYOBEyo3cxxWFZEsUPqkxnt38xEl1cFAHHC9iQN9mlEg=") + try: + ret = rr.rrsig_signame() + if not isinstance(ret, ldns.ldns_rdf): + set_error() + except: + set_error() + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + ret = rr.rrsig_signame() + if isinstance(ret, ldns.ldns_rdf): + set_error() + if ret != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".rrsig_typecovered()" + rr = ldns.ldns_rr.new_frm_str("example. 600 IN RRSIG SOA 3 1 600 20130828153754 20120828153754 19031 example. AIoCFhwZJxIgYOBEyo3cxxWFZEsUPqkxnt38xEl1cFAHHC9iQN9mlEg=") + try: + ret = rr.rrsig_typecovered() + if not isinstance(ret, ldns.ldns_rdf): + set_error() + except: + set_error() + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + ret = rr.rrsig_typecovered() + if isinstance(ret, ldns.ldns_rdf): + set_error() + if ret != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".set_class()" + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + rr.set_class(ldns.LDNS_RR_CLASS_CH) + except: + set_error() + try: + rr.set_class("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".set_owner()" + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + rdf = ldns.ldns_dname("test2") + try: + rr.set_owner(rdf) + except: + set_error() + try: + rr.set_owner("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".set_question()" + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + rr.set_question(True) + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".set_rd_count()" + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + rr.set_rd_count(1) + except: + set_error() + try: + rr.set_rd_count("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".set_rdf()" + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + rdf = ldns.ldns_rdf.new_frm_str("1.1.1.1", ldns.LDNS_RDF_TYPE_A) + rr.push_rdf(rdf) + try: + ret = rr.set_rdf(rdf, 0) + if not isinstance(ret, ldns.ldns_rdf): + set_error() + except: + set_error() + try: + ret = rr.set_rdf(rdf, 2) + if isinstance(ret, ldns.ldns_rdf): + set_error() + if ret != None: + set_error() + except: + set_error() + try: + rr.set_rdf("", 1) + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".set_ttl()" + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + rr.set_ttl(1) + except: + set_error() + try: + rr.set_ttl("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".set_type()" + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + rr.set_type(ldns.LDNS_RR_TYPE_A) + except: + set_error() + try: + rr.set_type("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".to_canonical()" + rr = ldns.ldns_rr.new_frm_str("TEST 600 IN A 0.0.0.0") + try: + rr.to_canonical() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".ttl()" + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + ret = rr.ttl() + if not isinstance(ret, int): + set_error() + if ret != 600: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".type_by_name()" + try: + ret = ldns.ldns_rr.type_by_name("A") + if not isinstance(ret, int): + set_error() + if ret != ldns.LDNS_RR_TYPE_A: + set_error() + except: + set_error() + try: + ret = ldns.ldns_rr.type_by_name("AA") + if not isinstance(ret, int): + set_error() + if ret != 0: + set_error() + except: + set_error() + try: + ret = ldns.ldns_rr.type_by_name(1) + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".uncompressed_size()" + rr = ldns.ldns_rr.new_frm_str("test 600 IN A 0.0.0.0") + try: + ret = rr.uncompressed_size() + if not isinstance(ret, int): + set_error() + if ret != 20: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".write_data_to_buffer()" + sys.stderr.write("%s not tested.\n" % (method_name)) + + +#if not error_detected: +if True: + method_name = class_name + ".write_rrsig_to_buffer()" + sys.stderr.write("%s not tested.\n" % (method_name)) + + +#if not error_detected: +if True: + method_name = class_name + ".write_to_buffer()" + sys.stderr.write("%s not tested.\n" % (method_name)) + + +#if not error_detected: +if True: + method_name = class_name + ".write_to_buffer_canonical()" + sys.stderr.write("%s not tested.\n" % (method_name)) + + +############################################################################### +############################################################################### + + +class_name = "ldns_rr_descriptor" +method_name = None +error_detected = False +temp_fname = "tmp_rr_descriptor.txt" + + +#if not error_detected: +if True: + method_name = class_name + ".field_type()" + desc_a = ldns.ldns_rr_descriptor.ldns_rr_descriptor(ldns.LDNS_RR_TYPE_A) + try: + ret = desc_a.field_type(0) + if not isinstance(ret, int): + set_error() + if ret != ldns.LDNS_RDF_TYPE_A: + set_error() + except: + set_error() + try: + ret = desc_a.field_type("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".ldns_rr_descriptor()" + try: + ret = ldns.ldns_rr_descriptor.ldns_rr_descriptor(ldns.LDNS_RR_TYPE_A) + if not isinstance(ret, ldns.ldns_rr_descriptor): + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".maximum()" + desc_a = ldns.ldns_rr_descriptor.ldns_rr_descriptor(ldns.LDNS_RR_TYPE_A) + try: + ret = desc_a.maximum() + if not isinstance(ret, int): + set_error() + if ret != 1: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".minimum()" + desc_a = ldns.ldns_rr_descriptor.ldns_rr_descriptor(ldns.LDNS_RR_TYPE_A) + try: + ret = desc_a.minimum() + if not isinstance(ret, int): + set_error() + if ret != 1: + set_error() + except: + set_error() + + +############################################################################### +############################################################################### + + +class_name = "ldns_rr_list" +method_name = None +error_detected = False +temp_fname = "tmp_rr_list.txt" + + +#if not error_detected: +if True: + method_name = class_name + ".[comparison operators]" + rrl1 = ldns.ldns_rr_list.new() + rrl1.push_rr(ldns.ldns_rr.new_frm_str("test1 600 IN A 0.0.0.0")) + rrl2 = ldns.ldns_rr_list.new() + rrl2.push_rr(ldns.ldns_rr.new_frm_str("test2 600 IN A 1.1.1.1")) + try: + ret = rrl1 < rrl2 + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = rrl2 < rrl1 + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + ret = rrl1 <= rrl2 + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = rrl2 <= rrl1 + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + ret = rrl1 == rrl2 + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + ret = rrl1 == rrl1 + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = rrl1 != rrl2 + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = rrl1 != rrl1 + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + ret = rrl1 > rrl2 + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + ret = rrl2 > rrl1 + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = rrl1 >= rrl2 + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + ret = rrl2 >= rrl1 + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".cat()" + rrl1 = ldns.ldns_rr_list.new() + rrl2 = ldns.ldns_rr_list.new() + rrl1.push_rr(ldns.ldns_rr.new_frm_str("test1 600 IN A 0.0.0.0")) + rrl2.push_rr(ldns.ldns_rr.new_frm_str("test2 600 IN A 1.1.1.1")) + try: + ret = rrl1.cat(rrl2) + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = rrl2.cat("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".cat_clone()" + rrl1 = ldns.ldns_rr_list.new() + rrl2 = ldns.ldns_rr_list.new() + rrl1.push_rr(ldns.ldns_rr.new_frm_str("test1 600 IN A 0.0.0.0")) + rrl2.push_rr(ldns.ldns_rr.new_frm_str("test2 600 IN A 1.1.1.1")) + try: + ret = rrl1.cat_clone(rrl2) + if not isinstance(ret, ldns.ldns_rr_list): + set_error() + except: + set_error() + try: + ret = rrl2.cat_clone("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".clone()" + rrl = ldns.ldns_rr_list.new() + rrl.push_rr(ldns.ldns_rr.new_frm_str("test1 600 IN A 0.0.0.0")) + try: + ret = rrl.clone() + if not isinstance(ret, ldns.ldns_rr_list): + set_error() + except: + set_error() + +#if not error_detected: +if True: + method_name = class_name + ".contains_rr()" + rrl = ldns.ldns_rr_list.new() + rr1 = ldns.ldns_rr.new_frm_str("test1 600 IN A 0.0.0.0") + rr2 = ldns.ldns_rr.new_frm_str("test2 600 IN A 1.1.1.1") + rrl.push_rr(rr1) + try: + ret = rrl.contains_rr(rr1) + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = rrl.contains_rr(rr2) + if not isinstance(ret, bool): + set_error() + if ret != False: + set_error() + except: + set_error() + try: + ret = rrl.contains_rr("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".is_rrset()" + rrl = ldns.ldns_rr_list.new() + rr = ldns.ldns_rr.new_frm_str("test1 600 IN A 0.0.0.0") + rrl.push_rr(rr) + try: + ret = rrl.is_rrset() + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".new()" + try: + ret = ldns.ldns_rr_list.new() + if not isinstance(ret, ldns.ldns_rr_list): + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".new_frm_file()" + try: + ret = ldns.ldns_rr_list.new_frm_file() + if not isinstance(ret, ldns.ldns_rr_list): + set_error() + except: + set_error() + try: + ret = ldns.ldns_rr_list.new_frm_file("test") + set_error() + except Exception: + pass + except: + set_error() + try: + ret = ldns.ldns_rr_list.new_frm_file("test", raiseException=False) + if isinstance(ret, ldns.ldns_rr_list): + set_error() + if ret != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".owner()" + rrl = ldns.ldns_rr_list.new() + try: + ret = rrl.owner() + if isinstance(ret, ldns.ldns_rdf): + set_error() + if ret != None: + set_error() + except: + set_error() + rr = ldns.ldns_rr.new_frm_str("test1 600 IN A 0.0.0.0") + rrl.push_rr(rr) + try: + ret = rrl.owner() + if not isinstance(ret, ldns.ldns_dname): + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".pop_rr()" + rrl = ldns.ldns_rr_list.new() + rr = ldns.ldns_rr.new_frm_str("test1 600 IN A 0.0.0.0") + rrl.push_rr(rr) + try: + ret = rrl.pop_rr() + if not isinstance(ret, ldns.ldns_rr): + set_error() + except: + set_error() + try: + ret = rrl.pop_rr() + if isinstance(ret, ldns.ldns_rr): + set_error() + if ret != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".pop_rr_list()" + rrl = ldns.ldns_rr_list.new() + rr = ldns.ldns_rr.new_frm_str("test1 600 IN A 0.0.0.0") + rrl.push_rr(rr) + rrl.push_rr(rr) + rrl.push_rr(rr) + try: + ret = rrl.pop_rr_list(2) + if not isinstance(ret, ldns.ldns_rr_list): + set_error() + except: + set_error() + try: + ret = rrl.pop_rr_list(2) + if not isinstance(ret, ldns.ldns_rr_list): + set_error() + except: + set_error() + try: + ret = rrl.pop_rr_list(2) + if isinstance(ret, ldns.ldns_rr_list): + set_error() + if ret != None: + set_error() + except: + set_error() + try: + ret = rrl.pop_rr_list("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".pop_rrset()" + rrl = ldns.ldns_rr_list.new() + rr = ldns.ldns_rr.new_frm_str("test1 600 IN A 0.0.0.0") + rrl.push_rr(rr) + rrl.push_rr(rr) + rrl.push_rr(rr) + try: + ret = rrl.pop_rrset() + if not isinstance(ret, ldns.ldns_rr_list): + set_error() + except: + set_error() + try: + ret = rrl.pop_rrset() + if isinstance(ret, ldns.ldns_rr_list): + set_error() + if ret != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".print_to_file()" + rrl = ldns.ldns_rr_list.new() + rr = ldns.ldns_rr.new_frm_str("test1 600 IN A 0.0.0.0") + rrl.push_rr(rr) + rrl.push_rr(rr) + rrl.push_rr(rr) + f = open(temp_fname, "w") + try: + rrl.print_to_file(f) + except: + set_error() + f.close() + f = open(temp_fname, "r") + if len(f.readlines()) != 3: + set_error() + f.close() + os.remove(temp_fname) + + +#if not error_detected: +if True: + method_name = class_name + ".push_rr()" + rrl = ldns.ldns_rr_list.new() + rr = ldns.ldns_rr.new_frm_str("test1 600 IN A 0.0.0.0") + try: + ret = rrl.push_rr(rr) + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = rrl.push_rr("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".push_rr_list()" + rrl1 = ldns.ldns_rr_list.new() + rr = ldns.ldns_rr.new_frm_str("test1 600 IN A 0.0.0.0") + rrl1.push_rr(rr) + rrl2 = rrl1.new() + try: + ret = rrl1.push_rr_list(rrl2) + if not isinstance(ret, bool): + set_error() + if ret != True: + set_error() + except: + set_error() + try: + ret = rrl.push_rr_list("") + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".rr()" + rrl = ldns.ldns_rr_list.new() + rr = ldns.ldns_rr.new_frm_str("test1 600 IN A 0.0.0.0") + rrl.push_rr(rr) + try: + ret = rrl.rr(0) + if not isinstance(ret, ldns.ldns_rr): + set_error() + except: + set_error() + try: + ret = rrl.rr(1) + if isinstance(ret, ldns.ldns_rr): + set_error() + if ret != None: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".rr_count()" + rrl = ldns.ldns_rr_list.new() + try: + ret = rrl.rr_count() + if not isinstance(ret, int): + set_error() + if ret != 0: + set_error() + except: + set_error() + rr = ldns.ldns_rr.new_frm_str("test1 600 IN A 0.0.0.0") + rrl.push_rr(rr) + try: + ret = rrl.rr_count() + if not isinstance(ret, int): + set_error() + if ret != 1: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".rrs()" + rrl = ldns.ldns_rr_list.new() + rr = ldns.ldns_rr.new_frm_str("test1 600 IN A 0.0.0.0") + rrl.push_rr(rr) + rrl.push_rr(rr) + try: + ret = list(rrl.rrs()) + if not isinstance(ret, list): + set_error() + if len(ret) != 2: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".set_rr()" + rrl = ldns.ldns_rr_list.new() + rr = ldns.ldns_rr.new_frm_str("test1 600 IN A 0.0.0.0") + rrl.push_rr(rr) + rr = ldns.ldns_rr.new_frm_str("test2 600 IN A 1.1.1.1") + ret = rrl.set_rr(rr, 0) + try: + ret = rrl.set_rr(rr, 0) + if not isinstance(ret, ldns.ldns_rr): + set_error() + except: + set_error() + try: + ret = rrl.set_rr(rr, 1) + if isinstance(ret, ldns.ldns_rr): + set_error() + if ret != None: + set_error() + except: + set_error() + try: + ret = rrl.set_rr("", 1) + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".set_rr_count()" + rrl = ldns.ldns_rr_list.new() + try: + rrl.set_rr_count(0) + except: + set_error() + rr = ldns.ldns_rr.new_frm_str("test1 600 IN A 0.0.0.0") + rrl.push_rr(rr) + try: + rrl.set_rr_count("") + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".sort()" + rrl = ldns.ldns_rr_list.new() + try: + rrl.sort() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".subtype_by_rdf()" + rrl = ldns.ldns_rr_list.new() + rr = ldns.ldns_rr.new_frm_str("test1 600 IN A 0.0.0.0") + rrl.push_rr(rr) + rr = ldns.ldns_rr.new_frm_str("test2 600 IN A 1.1.1.1") + rrl.push_rr(rr) + rr = ldns.ldns_rr.new_frm_str("test3 600 IN A 0.0.0.0") + rrl.push_rr(rr) + rdf = ldns.ldns_rdf.new_frm_str("0.0.0.0", ldns.LDNS_RDF_TYPE_A) + try: + ret = rrl.subtype_by_rdf(rdf, 0) + if not isinstance(ret, ldns.ldns_rr_list): + set_error() + if ret.rr_count() != 2: + set_error() + except: + set_error() + rdf = ldns.ldns_rdf.new_frm_str("::", ldns.LDNS_RDF_TYPE_AAAA) + try: + ret = rrl.subtype_by_rdf(rdf, 0) + if isinstance(ret, ldns.ldns_rr_list): + set_error() + if ret != None: + set_error() + except: + set_error() + try: + ret = rrl.subtype_by_rdf("", 0) + set_error() + except TypeError: + pass + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".to_canonical()" + rrl = ldns.ldns_rr_list.new() + rr = ldns.ldns_rr.new_frm_str("TEST1 600 IN A 0.0.0.0") + rrl.push_rr(rr) + try: + rrl.to_canonical() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".type()" + rrl = ldns.ldns_rr_list.new() + try: + ret = rrl.type() + if not isinstance(ret, int): + set_error() + if ret != 0: + set_error() + except: + set_error() + rr = ldns.ldns_rr.new_frm_str("TEST1 600 IN A 0.0.0.0") + rrl.push_rr(rr) + try: + ret = rrl.type() + if not isinstance(ret, int): + set_error() + if ret != ldns.LDNS_RR_TYPE_A: + set_error() + except: + set_error() + + +#if not error_detected: +if True: + method_name = class_name + ".write_to_buffer()" + sys.stderr.write("%s not tested.\n" % (method_name)) + + +if not error_detected: + sys.stdout.write("%s: passed.\n" % (os.path.basename(__file__))) +else: + sys.stdout.write("%s: errors detected.\n" % (os.path.basename(__file__))) + sys.exit(1) diff --git a/contrib/python/file_py3.i b/contrib/python/file_py3.i index b3f55e82ab5b..4d9502c54909 100644 --- a/contrib/python/file_py3.i +++ b/contrib/python/file_py3.i @@ -103,7 +103,8 @@ dispose_file(FILE **fp) { %typemap(check, noblock = 1) FILE* { if ($1 == NULL) { - SWIG_exception_fail(SWIG_ValueError, "in method '" "$symname" "', argument " + /* The generated wrapper function raises TypeError on mismatching types. */ + SWIG_exception_fail(SWIG_TypeError, "in method '" "$symname" "', argument " "$argnum"" of type '" "$type""'"); } } diff --git a/contrib/python/ldns.i b/contrib/python/ldns.i index 122ebe18e0a2..35e076f8b7cc 100644 --- a/contrib/python/ldns.i +++ b/contrib/python/ldns.i @@ -78,6 +78,36 @@ #endif %include "typemaps.i" + +/* ========================================================================= */ +/* Preliminary Python code. */ +/* ========================================================================= */ + +%pythoncode +%{ + # + # Use and don't ignore DeprecationWarning and + # PendingDeprecationWarning. + # + import warnings + warnings.filterwarnings("module", category=DeprecationWarning) + warnings.filterwarnings("module", category=PendingDeprecationWarning) +%} + + +/* Tell SWIG how to handle ssize_t as input parameter. */ +%typemap(in, noblock=1) (ssize_t) +{ + int $1_res = 0; + $1_res = SWIG_AsVal_long($input, &$1); + if (!SWIG_IsOK($1_res)) { + SWIG_exception_fail(SWIG_ArgError($1_res), "in method '" + "$symname" "', argument " "$argnum" " of type '" + "$type""'"); + } +} + + %inline %{ struct timeval* ldns_make_timeval(uint32_t sec, uint32_t usec) { @@ -97,8 +127,9 @@ uint32_t ldns_read_timeval_usec(struct timeval* t) { %immutable ldns_error_str; %immutable ldns_signing_algorithms; -//new_frm_fp_l -%apply int *OUTPUT { int *line_nr}; +//*_new_frm_fp_l +%apply int *OUTPUT { (int *line_nr) }; + %apply uint32_t *OUTPUT { uint32_t *default_ttl}; // wire2pkt @@ -192,8 +223,53 @@ typedef struct ldns_dnssec_zone { }; return tuple; } + PyObject* ldns_rr_new_frm_fp_(FILE *fp, uint32_t default_ttl, ldns_rdf* origin, ldns_rdf* prev) + //returns tuple (status, ldns_rr, ttl, origin, prev) + { + uint32_t defttl = default_ttl; + uint32_t *p_defttl = &defttl; + if (defttl == 0) p_defttl = 0; + + /* origin and prev have to be cloned in order to decouple the data + * from the python wrapper + */ + if (origin != NULL) + origin = ldns_rdf_clone(origin); + if (prev != NULL) + prev = ldns_rdf_clone(prev); + + ldns_rdf *p_origin = origin; + ldns_rdf **pp_origin = &p_origin; + //if (p_origin == 0) pp_origin = 0; + + ldns_rdf *p_prev = prev; + ldns_rdf **pp_prev = &p_prev; + //if (p_prev == 0) pp_prev = 0; + + ldns_rr *p_rr = 0; + ldns_rr **pp_rr = &p_rr; + + ldns_status st = ldns_rr_new_frm_fp(pp_rr, fp, p_defttl, pp_origin, pp_prev); + + PyObject* tuple; + tuple = PyTuple_New(5); + int idx = 0; + PyTuple_SetItem(tuple, idx, SWIG_From_int(st)); + idx++; + PyTuple_SetItem(tuple, idx, (st == LDNS_STATUS_OK) ? + SWIG_NewPointerObj(SWIG_as_voidptr(p_rr), SWIGTYPE_p_ldns_struct_rr, SWIG_POINTER_OWN | 0 ) : + (Py_INCREF(Py_None), Py_None)); + idx++; + PyTuple_SetItem(tuple, idx, SWIG_From_int(defttl)); + idx++; + PyTuple_SetItem(tuple, idx, SWIG_NewPointerObj(SWIG_as_voidptr(p_origin), SWIGTYPE_p_ldns_struct_rdf, SWIG_POINTER_OWN | 0 )); + idx++; + PyTuple_SetItem(tuple, idx, SWIG_NewPointerObj(SWIG_as_voidptr(p_prev), SWIGTYPE_p_ldns_struct_rdf, SWIG_POINTER_OWN | 0 )); + return tuple; + } + PyObject* ldns_rr_new_frm_fp_l_(FILE *fp, uint32_t default_ttl, ldns_rdf* origin, ldns_rdf* prev) - //returns tuple (status, ldns_rr, [line if ret_linenr], ttl, origin, prev) + //returns tuple (status, ldns_rr, line, ttl, origin, prev) { int linenr = 0; int *p_linenr = &linenr; diff --git a/contrib/python/ldns_buffer.i b/contrib/python/ldns_buffer.i index 1e743c007803..f9825c2907b3 100644 --- a/contrib/python/ldns_buffer.i +++ b/contrib/python/ldns_buffer.i @@ -14,8 +14,8 @@ * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * Neither the name of the organization nor the names of its - * contributors may be used to endorse or promote products derived from this - * software without specific prior written permission. + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -28,47 +28,44 @@ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. - ******************************************************************************/ + *****************************************************************************/ -%typemap(in,numinputs=0,noblock=1) (ldns_buffer **) + +/* ========================================================================= */ +/* SWIG setting and definitions. */ +/* ========================================================================= */ + +/* Creates a temporary instance of (ldns_buffer *). */ +%typemap(in, numinputs=0, noblock=1) (ldns_buffer **) { - ldns_buffer *$1_buf; - $1 = &$1_buf; + ldns_buffer *$1_buf; + $1 = &$1_buf; } -/* result generation */ -%typemap(argout,noblock=1) (ldns_buffer **) +/* Result generation, appends (ldns_buffer *) after the result. */ +%typemap(argout, noblock=1) (ldns_buffer **) { - $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(SWIG_as_voidptr($1_buf), SWIGTYPE_p_ldns_struct_buffer, SWIG_POINTER_OWN | 0 )); + $result = SWIG_Python_AppendOutput($result, + SWIG_NewPointerObj(SWIG_as_voidptr($1_buf), + SWIGTYPE_p_ldns_struct_buffer, SWIG_POINTER_OWN | 0)); } -%nodefaultctor ldns_struct_buffer; //no default constructor & destructor -%nodefaultdtor ldns_struct_buffer; +/* + * Limit the number of arguments to 2 and deal with variable + * number of arguments in the Python way. + */ +%varargs(2, char *arg = NULL) ldns_buffer_printf; + +%nodefaultctor ldns_struct_buffer; /* No default constructor. */ +%nodefaultdtor ldns_struct_buffer; /* No default destructor. */ -%delobject ldns_buffer_free; %newobject ldns_buffer_new; -%newobject ldns_dname_new; %newobject ldns_dname_new_frm_data; -%newobject ldns_dname_label; -# limit the number of arguments to 2 and -# deal with variable number of arguments the Python way -%varargs(2, char *arg = NULL) ldns_buffer_printf; +%delobject ldns_buffer_free; %rename(ldns_buffer) ldns_struct_buffer; -#ifdef LDNS_DEBUG -%rename(__ldns_buffer_free) ldns_buffer_free; -%inline %{ -void _ldns_buffer_free (ldns_buffer* b) { - printf("******** LDNS_BUFFER free 0x%lX ************\n", (long unsigned int)b); - ldns_buffer_free(b); -} -%} -#else -%rename(_ldns_buffer_free) ldns_buffer_free; -#endif - %ignore ldns_struct_buffer::_position; %ignore ldns_struct_buffer::_limit; %ignore ldns_struct_buffer::_capacity; @@ -76,301 +73,425 @@ void _ldns_buffer_free (ldns_buffer* b) { %ignore ldns_struct_buffer::_fixed; %ignore ldns_struct_buffer::_status; +%ignore ldns_buffer_new_frm_data; + + +/* ========================================================================= */ +/* Debugging related code. */ +/* ========================================================================= */ + +#ifdef LDNS_DEBUG +%rename(__ldns_buffer_free) ldns_buffer_free; +%inline +%{ + /*! + * @brief Frees the buffer and print a message. + */ + void _ldns_buffer_free (ldns_buffer* b) + { + printf("******** LDNS_BUFFER free 0x%lX ************\n", + (long unsigned int) b); + ldns_buffer_free(b); + } +%} +#else /* !LDNS_DEBUG */ +%rename(_ldns_buffer_free) ldns_buffer_free; +#endif /* LDNS_DEBUG */ + + +/* ========================================================================= */ +/* Added C code. */ +/* ========================================================================= */ + +/* None. */ + + +/* ========================================================================= */ +/* Encapsulating Python code. */ +/* ========================================================================= */ + +%feature("docstring") "LDNS buffer." + %extend ldns_struct_buffer { - %pythoncode %{ + %pythoncode + %{ def __init__(self, capacity): - """Creates a new buffer with the specified capacity. + """ + Creates a new buffer with the specified capacity. - :param capacity: the size (in bytes) to allocate for the buffer + :param capacity: Number of bytes to allocate for the buffer. + :type capacity: integer + :throws TypeError: When `capacity` of non-integer type. + :return: (:class:`ldns_buffer`) """ self.this = _ldns.ldns_buffer_new(capacity) __swig_destroy__ = _ldns._ldns_buffer_free def __str__(self): - """Returns the data in the buffer as a string. Buffer data must be char * type.""" + """ + Returns the data in the buffer as a string. + Buffer data must be char * type. + + :return: string + """ return _ldns.ldns_buffer2str(self) def getc(self): - """returns the next character from a buffer. + """ + Returns the next character from a buffer. - Advances the position pointer with 1. When end of buffer is reached returns EOF. This is the buffer's equivalent for getc(). + Advances the position pointer with 1. When end of buffer + is reached returns EOF. This is the buffer's equivalent + for getc(). - :returns: (int) EOF on failure otherwise return the character + :return: (integer) EOF on failure otherwise return + the character. """ return _ldns.ldns_bgetc(self) - #LDNS_BUFFER_METHODS_# - def at(self,at): - """returns a pointer to the data at the indicated position. + # + # LDNS_BUFFER_METHODS_ + # + + def at(self, at): + """ + Returns a pointer to the data at the indicated position. - :param at: - position - :returns: (uint8_t \*) the pointer to the data + :param at: position + :type at: positive integer + :throws TypeError: When `at` of non-integer type. + :return: (uint8_t \*) The pointer to the data. """ - return _ldns.ldns_buffer_at(self,at) - #parameters: const ldns_buffer *,size_t, + return _ldns.ldns_buffer_at(self, at) + #parameters: const ldns_buffer *, size_t, #retvals: uint8_t * - def available(self,count): - """checks if the buffer has count bytes available at the current position + def available(self, count): + """ + Checks whether the buffer has count bytes available at + the current position. - :param count: - how much is available - :returns: (int) true or false + :param count: How much is available. + :type count: integer + :throws TypeError: When `count` of non-integer type. + :return: (bool) True or False. """ - return _ldns.ldns_buffer_available(self,count) - #parameters: ldns_buffer *,size_t, + return _ldns.ldns_buffer_available(self, count) != 0 + #parameters: ldns_buffer *, size_t, #retvals: int - def available_at(self,at,count): - """checks if the buffer has at least COUNT more bytes available. + def available_at(self, at, count): + """ + Checks if the buffer has at least `count` more bytes available. - Before reading or writing the caller needs to ensure enough space is available! + Before reading or writing the caller needs to ensure that + enough space is available! - :param at: - indicated position - :param count: - how much is available - :returns: (int) true or false + :param at: Indicated position. + :type at: positive integer + :param count: How much is available. + :type count: positive integer + :throws TypeError: When `at` or `count` of non-integer type. + :return: (bool) True or False. """ - return _ldns.ldns_buffer_available_at(self,at,count) + return _ldns.ldns_buffer_available_at(self, at, count) != 0 #parameters: ldns_buffer *,size_t,size_t, #retvals: int def begin(self): - """returns a pointer to the beginning of the buffer (the data at position 0). + """ + Returns a pointer to the beginning of the buffer + (the data at position 0). - :returns: (uint8_t \*) the pointer + :return: (uint8_t \*) Pointer. """ return _ldns.ldns_buffer_begin(self) #parameters: const ldns_buffer *, #retvals: uint8_t * def capacity(self): - """returns the number of bytes the buffer can hold. + """ + Returns the number of bytes the buffer can hold. - :returns: (size_t) the number of bytes + :return: (size_t) The number of bytes. """ return _ldns.ldns_buffer_capacity(self) #parameters: ldns_buffer *, #retvals: size_t def clear(self): - """clears the buffer and make it ready for writing. + """ + Clears the buffer and make it ready for writing. - The buffer's limit is set to the capacity and the position is set to 0. + The buffer's limit is set to the capacity and the position + is set to 0. """ _ldns.ldns_buffer_clear(self) #parameters: ldns_buffer *, #retvals: - def copy(self,bfrom): - """Copy contents of the other buffer to this buffer. + def copy(self, bfrom): + """ + Copy contents of the other buffer to this buffer. Silently truncated if this buffer is too small. - :param bfrom: other buffer + :param bfrom: Source buffer. + :type bfrom: :class:`ldns_buffer` + :throws TypeError: When `bfrom` of non-:class:`ldns_buffer` + type. """ - _ldns.ldns_buffer_copy(self,bfrom) - #parameters: ldns_buffer *,ldns_buffer *, + _ldns.ldns_buffer_copy(self, bfrom) + #parameters: ldns_buffer *, ldns_buffer *, #retvals: def current(self): - """returns a pointer to the data at the buffer's current position. + """ + Returns a pointer to the data at the buffer's current position. - :returns: (uint8_t \*) the pointer + :return: (uint8_t \*) A pointer. """ return _ldns.ldns_buffer_current(self) #parameters: ldns_buffer *, #retvals: uint8_t * def end(self): - """returns a pointer to the end of the buffer (the data at the buffer's limit). + """ + Returns a pointer to the end of the buffer (the data + at the buffer's limit). - :returns: (uint8_t \*) the pointer + :return: (uint8_t \*) Pointer. """ return _ldns.ldns_buffer_end(self) #parameters: ldns_buffer *, #retvals: uint8_t * def export(self): - """Makes the buffer fixed and returns a pointer to the data. + """ + Makes the buffer fixed and returns a pointer to the data. - The caller is responsible for free'ing the result. + The caller is responsible for freeing the result. - :returns: (void \*) void + :return: (void \*) Void pointer. """ return _ldns.ldns_buffer_export(self) #parameters: ldns_buffer *, #retvals: void * def flip(self): - """makes the buffer ready for reading the data that has been written to the buffer. + """ + Makes the buffer ready for reading the data that has been + written to the buffer. - The buffer's limit is set to the current position and the position is set to 0. + The buffer's limit is set to the current position and + the position is set to 0. """ _ldns.ldns_buffer_flip(self) #parameters: ldns_buffer *, def invariant(self): + """ + Performs no action. + + In debugging mode this method performs a buffer settings + check. It asserts if something is wrong. + """ _ldns.ldns_buffer_invariant(self) #parameters: ldns_buffer *, def limit(self): - """returns the maximum size of the buffer + """ + Returns the maximum size of the buffer. - :returns: (size_t) the size + :return: (size_t) The size. """ return _ldns.ldns_buffer_limit(self) #parameters: ldns_buffer *, #retvals: size_t def position(self): - """returns the current position in the buffer (as a number of bytes) + """ + Returns the current position in the buffer + (as a number of bytes). - :returns: (size_t) the current position + :return: (size_t) The current position. """ return _ldns.ldns_buffer_position(self) #parameters: ldns_buffer *, #retvals: size_t - def printf(self, str, *args): - """Prints to the buffer, increasing the capacity if required using buffer_reserve(). + def printf(self, string, *args): + """ + Prints to the buffer, increasing the capacity + if required using buffer_reserve(). - The buffer's position is set to the terminating '\0'. Returns the number of characters written (not including the terminating '\0') or -1 on failure. - :param str: a string - :returns: (int) + The buffer's position is set to the terminating '\0'. + Returns the number of characters written (not including + the terminating '\0') or -1 on failure. + + :param string: A string to be written. + :type string: string + :throws: TypeError when `string` not a string. + :return: (int) Number of written characters or -1 on failure. """ - data = str % args - return _ldns.ldns_buffer_printf(self,data) - #parameters: ldns_buffer *,const char *,... + data = string % args + return _ldns.ldns_buffer_printf(self, data) + #parameters: ldns_buffer *, const char *, ... #retvals: int - def read(self,data,count): - """copies count bytes of data at the current position to the given data-array + def read(self, data, count): + """ + Copies count bytes of data at the current position to the given + `data`-array - :param data: - buffer to copy to - :param count: - the length of the data to copy + :param data: Target buffer to copy to. + :type data: void \* + :param count: The length of the data to copy. + :type count: size_t """ _ldns.ldns_buffer_read(self,data,count) - #parameters: ldns_buffer *,void *,size_t, + #parameters: ldns_buffer *, void *, size_t, #retvals: - def read_at(self,at,data,count): - """copies count bytes of data at the given position to the given data-array + def read_at(self, at, data, count): + """ + Copies count bytes of data at the given position to the + given `data`-array. - :param at: - the position in the buffer to start - :param data: - buffer to copy to - :param count: - the length of the data to copy + :param at: The position in the buffer to start reading. + :type at: size_t + :param data: Target buffer to copy to. + :type data: void \* + :param count: The length of the data to copy. + :type count: size_t """ _ldns.ldns_buffer_read_at(self,at,data,count) - #parameters: ldns_buffer *,size_t,void *,size_t, + #parameters: ldns_buffer *, size_t, void *, size_t, #retvals: def read_u16(self): - """returns the 2-byte integer value at the current position in the buffer + """ + Returns the 2-byte integer value at the current position + from the buffer. - :returns: (uint16_t) 2 byte integer + :return: (uint16_t) Word. """ return _ldns.ldns_buffer_read_u16(self) #parameters: ldns_buffer *, #retvals: uint16_t - def read_u16_at(self,at): - """returns the 2-byte integer value at the given position in the buffer + def read_u16_at(self, at): + """ + Returns the 2-byte integer value at the given position + from the buffer. - :param at: - position in the buffer - :returns: (uint16_t) 2 byte integer + :param at: Position in the buffer. + :type at: positive integer + :throws TypeError: When `at` of non-integer type. + :return: (uint16_t) Word. """ - return _ldns.ldns_buffer_read_u16_at(self,at) - #parameters: ldns_buffer *,size_t, + return _ldns.ldns_buffer_read_u16_at(self, at) + #parameters: ldns_buffer *, size_t, #retvals: uint16_t def read_u32(self): - """returns the 4-byte integer value at the current position in the buffer + """ + Returns the 4-byte integer value at the current position + from the buffer. - :returns: (uint32_t) 4 byte integer + :return: (uint32_t) Double-word. """ return _ldns.ldns_buffer_read_u32(self) #parameters: ldns_buffer *, #retvals: uint32_t - def read_u32_at(self,at): - """returns the 4-byte integer value at the given position in the buffer + def read_u32_at(self, at): + """ + Returns the 4-byte integer value at the given position + from the buffer. - :param at: - position in the buffer - :returns: (uint32_t) 4 byte integer + :param at: Position in the buffer. + :type at: positive integer + :throws TypeError: When `at` of non-integer type. + :return: (uint32_t) Double-word. """ - return _ldns.ldns_buffer_read_u32_at(self,at) - #parameters: ldns_buffer *,size_t, + return _ldns.ldns_buffer_read_u32_at(self, at) + #parameters: ldns_buffer *, size_t, #retvals: uint32_t def read_u8(self): - """returns the byte value at the current position in the buffer + """ + Returns the byte value at the current position from the buffer. - :returns: (uint8_t) 1 byte integer + :return: (uint8_t) A byte (not a character). """ return _ldns.ldns_buffer_read_u8(self) #parameters: ldns_buffer *, #retvals: uint8_t - def read_u8_at(self,at): - """returns the byte value at the given position in the buffer + def read_u8_at(self, at): + """ + Returns the byte value at the given position from the buffer. - :param at: - the position in the buffer - :returns: (uint8_t) 1 byte integer + :param at: The position in the buffer. + :type at: positive integer + :throws TypeError: When `at` of non-integer type. + :return: (uint8_t) Byte value. """ - return _ldns.ldns_buffer_read_u8_at(self,at) - #parameters: ldns_buffer *,size_t, + return _ldns.ldns_buffer_read_u8_at(self, at) + #parameters: ldns_buffer *, size_t, #retvals: uint8_t def remaining(self): - """returns the number of bytes remaining between the buffer's position and limit. + """ + Returns the number of bytes remaining between the buffer's + position and limit. - :returns: (size_t) the number of bytes + :return: (size_t) The number of bytes. """ return _ldns.ldns_buffer_remaining(self) #parameters: ldns_buffer *, #retvals: size_t - def remaining_at(self,at): - """returns the number of bytes remaining between the indicated position and the limit. + def remaining_at(self, at): + """ + Returns the number of bytes remaining between the indicated + position and the limit. - :param at: - indicated position - :returns: (size_t) number of bytes + :param at: Indicated position. + :type at: positive integer + :throws TypeError: When `at` of non-integer type. + :return: (size_t) number of bytes """ - return _ldns.ldns_buffer_remaining_at(self,at) + return _ldns.ldns_buffer_remaining_at(self, at) #parameters: ldns_buffer *,size_t, #retvals: size_t - def reserve(self,amount): - """ensures BUFFER can contain at least AMOUNT more bytes. + def reserve(self, amount): + """ + Ensures that the buffer can contain at least `amount` more + bytes. - The buffer's capacity is increased if necessary using buffer_set_capacity(). + The buffer's capacity is increased if necessary using + buffer_set_capacity(). - The buffer's limit is always set to the (possibly increased) capacity. + The buffer's limit is always set to the (possibly increased) + capacity. - :param amount: - amount to use - :returns: (bool) whether this failed or succeeded + :param amount: Amount to use. + :type amount: positive integer + :throws TypeError: When `amount` of non-integer type. + :return: (bool) hether this failed or succeeded. """ - return _ldns.ldns_buffer_reserve(self,amount) - #parameters: ldns_buffer *,size_t, + return _ldns.ldns_buffer_reserve(self, amount) + #parameters: ldns_buffer *, size_t, #retvals: bool def rewind(self): - """make the buffer ready for re-reading the data. + """ + Make the buffer ready for re-reading the data. The buffer's position is reset to 0. """ @@ -378,188 +499,228 @@ void _ldns_buffer_free (ldns_buffer* b) { #parameters: ldns_buffer *, #retvals: - def set_capacity(self,capacity): - """changes the buffer's capacity. + def set_capacity(self, capacity): + """ + Changes the buffer's capacity. - The data is reallocated so any pointers to the data may become invalid. The buffer's limit is set to the buffer's new capacity. + The data is reallocated so any pointers to the data may become + invalid. The buffer's limit is set to the buffer's new capacity. - :param capacity: - the capacity to use - :returns: (bool) whether this failed or succeeded + :param capacity: The capacity to use. + :type capacity: positive integer + :throws TypeError: When `capacity` of non-integer type. + :return: (bool) whether this failed or succeeded """ - return _ldns.ldns_buffer_set_capacity(self,capacity) - #parameters: ldns_buffer *,size_t, + return _ldns.ldns_buffer_set_capacity(self, capacity) + #parameters: ldns_buffer *, size_t, #retvals: bool - def set_limit(self,limit): - """changes the buffer's limit. + def set_limit(self, limit): + """ + Changes the buffer's limit. - If the buffer's position is greater than the new limit the position is set to the limit. + If the buffer's position is greater than the new limit + then the position is set to the limit. - :param limit: - the new limit + :param limit: The new limit. + :type limit: positive integer + :throws TypeError: When `limit` of non-integer type. """ - _ldns.ldns_buffer_set_limit(self,limit) - #parameters: ldns_buffer *,size_t, + _ldns.ldns_buffer_set_limit(self, limit) + #parameters: ldns_buffer *, size_t, #retvals: def set_position(self,mark): - """sets the buffer's position to MARK. + """ + Sets the buffer's position to `mark`. The position must be less than or equal to the buffer's limit. - :param mark: - the mark to use + :param mark: The mark to use. + :type mark: positive integer + :throws TypeError: When `mark` of non-integer type. """ _ldns.ldns_buffer_set_position(self,mark) #parameters: ldns_buffer *,size_t, #retvals: - def skip(self,count): - """changes the buffer's position by COUNT bytes. + def skip(self, count): + """ + Changes the buffer's position by `count` bytes. - The position must not be moved behind the buffer's limit or before the beginning of the buffer. + The position must not be moved behind the buffer's limit or + before the beginning of the buffer. - :param count: - the count to use + :param count: The count to use. + :type count: integer + :throws TypeError: When `count` of non-integer type. """ - _ldns.ldns_buffer_skip(self,count) - #parameters: ldns_buffer *,ssize_t, + _ldns.ldns_buffer_skip(self, count) + #parameters: ldns_buffer *, ssize_t, #retvals: def status(self): - """returns the status of the buffer + """ + Returns the status of the buffer. - :returns: (ldns_status) the status + :return: (ldns_status) The status. """ return _ldns.ldns_buffer_status(self) #parameters: ldns_buffer *, #retvals: ldns_status def status_ok(self): - """returns true if the status of the buffer is LDNS_STATUS_OK, false otherwise + """ + Returns True if the status of the buffer is LDNS_STATUS_OK, + False otherwise. - :returns: (bool) true or false + :return: (bool) True or False. """ return _ldns.ldns_buffer_status_ok(self) #parameters: ldns_buffer *, #retvals: bool - def write(self,data,count): - """writes count bytes of data to the current position of the buffer + def write(self, data, count): + """ + Writes count bytes of data to the current position of + the buffer. - :param data: - the data to write - :param count: - the lenght of the data to write + :param data: The data to write. + :type data: void \* + :param count: The length of the data to write. + :type count: size_t """ - _ldns.ldns_buffer_write(self,data,count) - #parameters: ldns_buffer *,const void *,size_t, + _ldns.ldns_buffer_write(self, data, count) + #parameters: ldns_buffer *, const void *, size_t, #retvals: - def write_at(self,at,data,count): - """writes the given data to the buffer at the specified position + def write_at(self, at, data, count): + """ + Writes the given data to the buffer at the specified position + by `at`. - :param at: - the position (in number of bytes) to write the data at - :param data: - pointer to the data to write to the buffer - :param count: - the number of bytes of data to write + :param at: The position (in number of bytes) to write the + data at. + :param data: Pointer to the data to write to the buffer. + :param count: The number of bytes of data to write. """ - _ldns.ldns_buffer_write_at(self,at,data,count) - #parameters: ldns_buffer *,size_t,const void *,size_t, + _ldns.ldns_buffer_write_at(self, at, data, count) + #parameters: ldns_buffer *, size_t, const void *, size_t, #retvals: - def write_string(self,str): - """copies the given (null-delimited) string to the current position at the buffer + def write_string(self, string): + """ + Copies the given (null-delimited) string to the current + position into the buffer. - :param str: - the string to write + :param string: The string to write. + :type string: string + :throws TypeError: When `string` not a string. """ - _ldns.ldns_buffer_write_string(self,str) + _ldns.ldns_buffer_write_string(self,string) #parameters: ldns_buffer *,const char *, #retvals: - def write_string_at(self,at,str): - """copies the given (null-delimited) string to the specified position at the buffer + def write_string_at(self, at, string): + """ + Copies the given (null-delimited) string to the specified + position `at` into the buffer. - :param at: - the position in the buffer - :param str: - the string to write + :param at: The position in the buffer. + :type at: positive integer + :param string: The string to write. + :type string: string + :throws TypeError: When types mismatch. """ - _ldns.ldns_buffer_write_string_at(self,at,str) - #parameters: ldns_buffer *,size_t,const char *, + _ldns.ldns_buffer_write_string_at(self, at, string) + #parameters: ldns_buffer *, size_t, const char *, #retvals: - def write_u16(self,data): - """writes the given 2 byte integer at the current position in the buffer + def write_u16(self, data): + """Writes the given 2 byte integer at the current + position in the buffer. - :param data: - the 16 bits to write + :param data: The word to write. + :type data: uint16_t + :throws TypeError: When `data` of non-integer type. """ - _ldns.ldns_buffer_write_u16(self,data) - #parameters: ldns_buffer *,uint16_t, + _ldns.ldns_buffer_write_u16(self, data) + #parameters: ldns_buffer *, uint16_t, #retvals: - def write_u16_at(self,at,data): - """writes the given 2 byte integer at the given position in the buffer + def write_u16_at(self, at, data): + """ + Writes the given 2 byte integer at the given position + in the buffer. - :param at: - the position in the buffer - :param data: - the 16 bits to write + :param at: The position in the buffer. + :type at: positive integer + :param data: The word to write. + :type data: uint16_t + :throws TypeError: When `at` or `data` of non-integer type. """ _ldns.ldns_buffer_write_u16_at(self,at,data) #parameters: ldns_buffer *,size_t,uint16_t, #retvals: - def write_u32(self,data): - """writes the given 4 byte integer at the current position in the buffer + def write_u32(self, data): + """ + Writes the given 4 byte integer at the current position + in the buffer. - :param data: - the 32 bits to write + :param data: The double-word to write. + :type data: uint32_t + :throws TypeError: When `data` of non-integer type. """ - _ldns.ldns_buffer_write_u32(self,data) - #parameters: ldns_buffer *,uint32_t, + _ldns.ldns_buffer_write_u32(self, data) + #parameters: ldns_buffer *, uint32_t, #retvals: - def write_u32_at(self,at,data): - """writes the given 4 byte integer at the given position in the buffer + def write_u32_at(self, at, data): + """ + Writes the given 4 byte integer at the given position + in the buffer. - :param at: - the position in the buffer - :param data: - the 32 bits to write + :param at: The position in the buffer. + :type at: positive integer + :param data: The double-word to write. + :type data: uint32_t + :throws TypeError: When `at` or `data` of non-integer type. """ - _ldns.ldns_buffer_write_u32_at(self,at,data) + _ldns.ldns_buffer_write_u32_at(self, at, data) #parameters: ldns_buffer *,size_t,uint32_t, #retvals: - def write_u8(self,data): - """writes the given byte of data at the current position in the buffer + def write_u8(self, data): + """ + Writes the given byte of data at the current position + in the buffer. - :param data: - the 8 bits to write + :param data: The byte to write. + :type data: uint8_t + :throws TypeError: When `data` of non-integer type. """ - _ldns.ldns_buffer_write_u8(self,data) - #parameters: ldns_buffer *,uint8_t, + _ldns.ldns_buffer_write_u8(self, data) + #parameters: ldns_buffer *, uint8_t, #retvals: def write_u8_at(self,at,data): - """writes the given byte of data at the given position in the buffer + """ + Writes the given byte of data at the given position + in the buffer. - :param at: - the position in the buffer - :param data: - the 8 bits to write + :param at: The position in the buffer. + :type at: positive integer + :param data: The byte to write. + :type data: uint8_t + :throws TypeError: When `at` or `data` of non-integer type. """ _ldns.ldns_buffer_write_u8_at(self,at,data) #parameters: ldns_buffer *,size_t,uint8_t, #retvals: - #_LDNS_BUFFER_METHODS# - %} + # + # _LDNS_BUFFER_METHODS + # + %} } - diff --git a/contrib/python/ldns_dname.i b/contrib/python/ldns_dname.i index 0aac54c1060b..cd3f53ea3351 100644 --- a/contrib/python/ldns_dname.i +++ b/contrib/python/ldns_dname.i @@ -14,8 +14,8 @@ * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * Neither the name of the organization nor the names of its - * contributors may be used to endorse or promote products derived from this - * software without specific prior written permission. + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -28,169 +28,598 @@ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. - ******************************************************************************/ -%pythoncode %{ + *****************************************************************************/ + + +/* ========================================================================= */ +/* SWIG setting and definitions. */ +/* ========================================================================= */ + +/* + * Not here (with the exception of functions defined in this C code sction), + * must be set in ldns_rdf.i. + */ + + +/* ========================================================================= */ +/* Debugging related code. */ +/* ========================================================================= */ + +/* + * Not here (with the exception of functions defined in this C code sction), + * must be set in ldns_rdf.i. + */ + + +/* ========================================================================= */ +/* Added C code. */ +/* ========================================================================= */ + +/* None */ + + +/* ========================================================================= */ +/* Encapsulating Python code. */ +/* ========================================================================= */ + +%pythoncode +%{ class ldns_dname(ldns_rdf): - """Domain name + """ + Domain name. - This class contains methods to read and manipulate domain names. - Domain names are stored in ldns_rdf structures, with the type LDNS_RDF_TYPE_DNAME + This class contains methods to read and manipulate domain name drfs. + Domain names are stored in :class:`ldns_rdf` structures, + with the type LDNS_RDF_TYPE_DNAME. This class encapsulates such + rdfs. **Usage** - >>> import ldns - >>> resolver = ldns.ldns_resolver.new_frm_file("/etc/resolv.conf") - >>> dn1 = ldns.ldns_dname("test.nic.cz") - >>> print dn1 - test.nic.cz. - >>> dn2 = ldns.ldns_dname("nic.cz") - >>> if dn2.is_subdomain(dn1): print dn2,"is subdomain of",dn1 - >>> if dn1.is_subdomain(dn2): print dn1,"is subdomain of",dn2 - test.nic.cz. is subdomain of nic.cz. + >>> import ldns + >>> dn1 = ldns.ldns_dname("test.nic.cz") + >>> print dn1 + test.nic.cz. + >>> dn2 = ldns.ldns_dname("nic.cz") + >>> if dn2.is_subdomain(dn1): print dn2, "is sub-domain of", dn1 + >>> if dn1.is_subdomain(dn2): print dn1, "is sub-domain of", dn2 + test.nic.cz. is sub-domain of nic.cz. + + The following two examples show the creation of :class:`ldns_dname` + from :class:`ldns_rdf`. The first shows the creation of + :class:`ldns_dname` instance which is independent of the original + `rdf`. + + + >>> import ldns + >>> rdf = ldns.ldns_rdf.new_frm_str("a.ns.nic.cz", ldns.LDNS_RDF_TYPE_DNAME) + >>> dn = ldns.ldns_dname(rdf) + >>> print dn + a.ns.nic.cz. + + The latter shows the wrapping of a :class:`ldns_rdf` onto + a :class:`ldns_dname` without the creation of a copy. + + >>> import ldns + >>> dn = ldns.ldns_dname(ldns.ldns_rdf.new_frm_str("a.ns.nic.cz", ldns.LDNS_RDF_TYPE_DNAME), clone=False) + >>> print dn + a.ns.nic.cz. """ - def __init__(self, str): - """Creates a new dname rdf from a string. + def __init__(self, initialiser, clone=True): + """ + Creates a new dname rdf from a string or :class:`ldns_rdf`. - :parameter str: str string to use + :param initialiser: string or :class:`ldns_rdf` + :type initialiser: string or :class:`ldns_rdf` containing + a dname + :param clone: Whether to clone or directly grab the parameter. + :type clone: bool + :throws TypeError: When `initialiser` of invalid type. """ - self.this = _ldns.ldns_dname_new_frm_str(str) + if isinstance(initialiser, ldns_rdf) and \ + (initialiser.get_type() == _ldns.LDNS_RDF_TYPE_DNAME): + if clone == True: + self.this = _ldns.ldns_rdf_clone(initialiser) + else: + self.this = initialiser + else: + self.this = _ldns.ldns_dname_new_frm_str(initialiser) + + # + # LDNS_DNAME_CONSTRUCTORS_ + # @staticmethod - def new_frm_str(str): - """Creates a new dname rdf instance from a string. + def new_frm_str(string): + """ + Creates a new dname rdf instance from a string. - This static method is equivalent to using of default class constructor. + This static method is equivalent to using default + :class:`ldns_dname` constructor. - :parameter str: str string to use + :param string: String to use. + :type string: string + :throws TypeError: When `string` not a string. + :return: (:class:`ldns_dname`) dname rdf. """ - return ldns_dname(str) + return ldns_dname(string) - def absolute(self): - """Checks whether the given dname string is absolute (i.e. ends with a '.') + @staticmethod + def new_frm_rdf(rdf, clone=True): + """ + Creates a new dname rdf instance from a dname :class:`ldns_rdf`. + + This static method is equivalent to using the default + :class:`ldns_dname` constructor. + + :param rdf: A dname :class:`ldns_rdf`. + :type rdf: :class:`ldns_rdf` + :throws TypeError: When `rdf` of inappropriate type. + :param clone: Whether to create a clone or to wrap present + instance. + :type clone: bool + :return: (:class:`ldns_dname`) dname rdf. + """ + return ldns_dname(rdf, clone=clone) + + # + # _LDNS_DNAME_CONSTRUCTORS + # + + def write_to_buffer(self, buffer): + """ + Copies the dname data to the buffer in wire format. + + :param buffer: Buffer to append the result to. + :type param: :class:`ldns_buffer` + :throws TypeError: When `buffer` of non-:class:`ldns_buffer` + type. + :return: (ldns_status) ldns_status + """ + return _ldns.ldns_dname2buffer_wire(buffer, self) + #parameters: ldns_buffer *, const ldns_rdf *, + #retvals: ldns_status + + + # + # LDNS_DNAME_METHODS_ + # - :returns: (bool) True or False + def absolute(self): """ - return self.endswith(".") + Checks whether the given dname string is absolute (i.e., + ends with a '.'). + :return: (bool) True or False + """ + string = self.__str__() + return _ldns.ldns_dname_str_absolute(string) != 0 def make_canonical(self): - """Put a dname into canonical fmt - ie. lowercase it + """ + Put a dname into canonical format (i.e., convert to lower case). """ _ldns.ldns_dname2canonical(self) - def __cmp__(self,other): - """Compares the two dname rdf's according to the algorithm for ordering in RFC4034 Section 6. + def __cmp__(self, other): + """ + Compares two dname rdf according to the algorithm for + ordering in RFC4034 Section 6. - :param other: - the second dname rdf to compare - :returns: (int) -1 if dname comes before other, 1 if dname comes after other, and 0 if they are equal. + :param other: The second dname rdf to compare. + :type other: :class:`ldns_dname` + :throws TypeError: When `other` of invalid type. + :return: (int) -1, 0 or 1 if self comes before other, + self is equal or self comes after other respectively. + + .. note:: + The type checking of parameter `other` is benevolent. + It allows also to pass a dname :class:`ldns_rdf` object. + This will probably change in future. """ - return _ldns.ldns_dname_compare(self,other) + # + # The wrapped function generates asserts instead of setting + # error status. They cannot be caught from Python so a check + # is necessary. + # + if (not isinstance(other, ldns_dname)) and \ + isinstance(other, ldns_rdf) and \ + other.get_type() == _ldns.LDNS_RDF_TYPE_DNAME: + warnings.warn("The ldns_dname.__cmp__() method will" + + " drop the possibility to compare ldns_rdf." + + " Convert arguments to ldns_dname.", + PendingDeprecationWarning, stacklevel=2) + if not isinstance(other, ldns_rdf): + raise TypeError("Parameter must be derived from ldns_rdf.") + if (other.get_type() != _ldns.LDNS_RDF_TYPE_DNAME): + raise Exception("Operands must be ldns_dname.") + return _ldns.ldns_dname_compare(self, other) - def write_to_buffer(self,buffer): - """Copies the dname data to the buffer in wire format. + def __lt__(self, other): + """ + Compares two dname rdf according to the algorithm for + ordering in RFC4034 Section 6. - :param buffer: buffer to append the result to - :returns: (ldns_status) ldns_status + :param other: The second dname rdf to compare. + :type other: :class:`ldns_dname` + :throws TypeError: When `other` of invalid type. + :return: (bool) True when `self` is less than 'other'. + + .. note:: + The type checking of parameter `other` is benevolent. + It allows also to pass a dname :class:`ldns_rdf` object. + This will probably change in future. """ - return _ldns.ldns_dname2buffer_wire(buffer,self) - #parameters: ldns_buffer *,const ldns_rdf *, - #retvals: ldns_status + # + # The wrapped function generates asserts instead of setting + # error status. They cannot be caught from Python so a check + # is necessary. + # + if (not isinstance(other, ldns_dname)) and \ + isinstance(other, ldns_rdf) and \ + other.get_type() == _ldns.LDNS_RDF_TYPE_DNAME: + warnings.warn("The ldns_dname.__lt__() method will" + + " drop the possibility to compare ldns_rdf." + + " Convert arguments to ldns_dname.", + PendingDeprecationWarning, stacklevel=2) + if not isinstance(other, ldns_rdf): + raise TypeError("Parameter must be derived from ldns_rdf.") + if (other.get_type() != _ldns.LDNS_RDF_TYPE_DNAME): + raise Exception("Operands must be ldns_dname.") + return _ldns.ldns_dname_compare(self, other) == -1 + + def __le__(self, other): + """ + Compares two dname rdf according to the algorithm for + ordering in RFC4034 Section 6. + + :param other: The second dname rdf to compare. + :type other: :class:`ldns_dname` + :throws TypeError: When `other` of invalid type. + :return: (bool) True when `self` is less than or equal to + 'other'. + + .. note:: + The type checking of parameter `other` is benevolent. + It allows also to pass a dname :class:`ldns_rdf` object. + This will probably change in future. + """ + # + # The wrapped function generates asserts instead of setting + # error status. They cannot be caught from Python so a check + # is necessary. + # + if (not isinstance(other, ldns_dname)) and \ + isinstance(other, ldns_rdf) and \ + other.get_type() == _ldns.LDNS_RDF_TYPE_DNAME: + warnings.warn("The ldns_dname.__le__() method will" + + " drop the possibility to compare ldns_rdf." + + " Convert arguments to ldns_dname.", + PendingDeprecationWarning, stacklevel=2) + if not isinstance(other, ldns_rdf): + raise TypeError("Parameter must be derived from ldns_rdf.") + if (other.get_type() != _ldns.LDNS_RDF_TYPE_DNAME): + raise Exception("Operands must be ldns_dname.") + return _ldns.ldns_dname_compare(self, other) != 1 + + def __eq__(self, other): + """ + Compares two dname rdf according to the algorithm for + ordering in RFC4034 Section 6. + + :param other: The second dname rdf to compare. + :type other: :class:`ldns_dname` + :throws TypeError: When `other` of invalid type. + :return: (bool) True when `self` is equal to 'other'. + + .. note:: + The type checking of parameter `other` is benevolent. + It allows also to pass a dname :class:`ldns_rdf` object. + This will probably change in future. + """ + # + # The wrapped function generates asserts instead of setting + # error status. They cannot be caught from Python so a check + # is necessary. + # + if (not isinstance(other, ldns_dname)) and \ + isinstance(other, ldns_rdf) and \ + other.get_type() == _ldns.LDNS_RDF_TYPE_DNAME: + warnings.warn("The ldns_dname.__eq__() method will" + + " drop the possibility to compare ldns_rdf." + + " Convert arguments to ldns_dname.", + PendingDeprecationWarning, stacklevel=2) + if not isinstance(other, ldns_rdf): + raise TypeError("Parameter must be derived from ldns_rdf.") + if (other.get_type() != _ldns.LDNS_RDF_TYPE_DNAME): + raise Exception("Operands must be ldns_dname.") + return _ldns.ldns_dname_compare(self, other) == 0 + + def __ne__(self, other): + """ + Compares two dname rdf according to the algorithm for + ordering in RFC4034 Section 6. + + :param other: The second dname rdf to compare. + :type other: :class:`ldns_dname` + :throws TypeError: When `other` of invalid type. + :return: (bool) True when `self` is not equal to 'other'. + + .. note:: + The type checking of parameter `other` is benevolent. + It allows also to pass a dname :class:`ldns_rdf` object. + This will probably change in future. + """ + # + # The wrapped function generates asserts instead of setting + # error status. They cannot be caught from Python so a check + # is necessary. + # + if (not isinstance(other, ldns_dname)) and \ + isinstance(other, ldns_rdf) and \ + other.get_type() == _ldns.LDNS_RDF_TYPE_DNAME: + warnings.warn("The ldns_dname.__ne__() method will" + + " drop the possibility to compare ldns_rdf." + + " Convert arguments to ldns_dname.", + PendingDeprecationWarning, stacklevel=2) + if not isinstance(other, ldns_rdf): + raise TypeError("Parameter must be derived from ldns_rdf.") + if (other.get_type() != _ldns.LDNS_RDF_TYPE_DNAME): + raise Exception("Operands must be ldns_dname.") + return _ldns.ldns_dname_compare(self, other) != 0 + + def __gt__(self, other): + """ + Compares two dname rdf according to the algorithm for + ordering in RFC4034 Section 6. + + :param other: The second dname rdf to compare. + :type other: :class:`ldns_dname` + :throws TypeError: When `other` of invalid type. + :return: (bool) True when `self` is greater than 'other'. + + .. note:: + The type checking of parameter `other` is benevolent. + It allows also to pass a dname :class:`ldns_rdf` object. + This will probably change in future. + """ + # + # The wrapped function generates asserts instead of setting + # error status. They cannot be caught from Python so a check + # is necessary. + # + if (not isinstance(other, ldns_dname)) and \ + isinstance(other, ldns_rdf) and \ + other.get_type() == _ldns.LDNS_RDF_TYPE_DNAME: + warnings.warn("The ldns_dname.__gt__() method will" + + " drop the possibility to compare ldns_rdf." + + " Convert arguments to ldns_dname.", + PendingDeprecationWarning, stacklevel=2) + if not isinstance(other, ldns_rdf): + raise TypeError("Parameter must be derived from ldns_rdf.") + if (other.get_type() != _ldns.LDNS_RDF_TYPE_DNAME): + raise Exception("Operands must be ldns_dname.") + return _ldns.ldns_dname_compare(self, other) == 1 - #LDNS_DNAME_METHODS_# + def __ge__(self, other): + """ + Compares two dname rdf according to the algorithm for + ordering in RFC4034 Section 6. + + :param other: The second dname rdf to compare. + :type other: :class:`ldns_dname` + :throws TypeError: When `other` of invalid type. + :return: (bool) True when `self` is greater than or equal to + 'other'. + + .. note:: + The type checking of parameter `other` is benevolent. + It allows also to pass a dname :class:`ldns_rdf` object. + This will probably change in future. + """ + # + # The wrapped function generates asserts instead of setting + # error status. They cannot be caught from Python so a check + # is necessary. + # + if (not isinstance(other, ldns_dname)) and \ + isinstance(other, ldns_rdf) and \ + other.get_type() == _ldns.LDNS_RDF_TYPE_DNAME: + warnings.warn("The ldns_dname.__ge__() method will" + + " drop the possibility to compare ldns_rdf." + + " Convert arguments to ldns_dname.", + PendingDeprecationWarning, stacklevel=2) + if not isinstance(other, ldns_rdf): + raise TypeError("Parameter must be derived from ldns_rdf.") + if (other.get_type() != _ldns.LDNS_RDF_TYPE_DNAME): + raise Exception("Operands must be ldns_dname.") + return _ldns.ldns_dname_compare(self, other) != -1 - def cat(self,rd2): - """concatenates rd2 after this dname (rd2 is copied, this dname is modified) + def cat(self, rd2): + """ + Concatenates rd2 after this dname (`rd2` is copied, + `this` dname is modified). - :param rd2: - the rightside - :returns: (ldns_status) LDNS_STATUS_OK on success + :param rd2: The right-hand side. + :type rd2: :class:`ldns_dname` + :throws TypeError: When `rd2` of invalid type. + :return: (ldns_status) LDNS_STATUS_OK on success + + .. note:: + The type checking of parameter `rd2` is benevolent. + It allows also to pass a dname :class:`ldns_rdf` object. + This will probably change in future. """ - return _ldns.ldns_dname_cat(self,rd2) - #parameters: ldns_rdf *,ldns_rdf *, + if (not isinstance(rd2, ldns_dname)) and \ + isinstance(rd2, ldns_rdf) and \ + rd2.get_type() == _ldns.LDNS_RDF_TYPE_DNAME: + warnings.warn("The ldns_dname.cat() method will" + + " drop the support of ldns_rdf." + + " Convert arguments to ldns_dname.", + PendingDeprecationWarning, stacklevel=2) + return _ldns.ldns_dname_cat(self, rd2) + #parameters: ldns_rdf *, ldns_rdf *, #retvals: ldns_status - def cat_clone(self,rd2): - """concatenates two dnames together + def cat_clone(self, rd2): + """ + Concatenates two dnames together. - :param rd2: - the rightside - :returns: (ldns_rdf \*) a new rdf with leftside/rightside + :param rd2: The right-hand side. + :type rd2: :class:`ldns_dname` + :throws TypeError: When `rd2` of invalid type. + :return: (:class:`ldns_dname`) A new rdf with + left-hand side + right-hand side content None when + error. + + .. note:: + The type checking of parameter `rd2` is benevolent. + It allows also to pass a dname :class:`ldns_rdf` object. + This will probably change in future. """ - return _ldns.ldns_dname_cat_clone(self,rd2) - #parameters: const ldns_rdf *,const ldns_rdf *, + if (not isinstance(rd2, ldns_dname)) and \ + isinstance(rd2, ldns_rdf) and \ + rd2.get_type() == _ldns.LDNS_RDF_TYPE_DNAME: + warnings.warn("The ldns_dname.cat_clone() method will" + + " drop the support of ldns_rdf." + + " Convert arguments to ldns_dname.", + PendingDeprecationWarning, stacklevel=2) + ret = _ldns.ldns_dname_cat_clone(self, rd2) + if ret != None: + ret = ldns_dname(ret, clone=False) + return ret + #parameters: const ldns_rdf *, const ldns_rdf *, #retvals: ldns_rdf * - def interval(self,middle,next): - """check if middle lays in the interval defined by prev and next prev <= middle < next. + def interval(self, middle, next): + """ + Check whether `middle` lays in the interval defined by + `this` and `next` (`this` <= `middle` < `next`). - This is usefull for nsec checking + This method is useful for nsec checking. - :param middle: - the dname to check - :param next: - the next dname return 0 on error or unknown, -1 when middle is in the interval, +1 when not - :returns: (int) + :param middle: The dname to check. + :type middle: :class:`ldns_dname` + :param next: The boundary. + :type next: :class:`ldns_dname` + :throws TypeError: When `middle` or `next` of + non-:class:`ldns_rdf` type. + :throws Exception: When non-dname rdfs compared. + :return: (int) 0 on error or unknown, + -1 when middle is in the interval, 1 when not. + + .. note:: + The type checking of parameters is benevolent. + It allows also to pass a dname :class:`ldns_rdf` object. + This will probably change in future. """ - return _ldns.ldns_dname_interval(self,middle,next) - #parameters: const ldns_rdf *,const ldns_rdf *,const ldns_rdf *, + # + # The wrapped function generates asserts instead of setting + # error status. They cannot be caught from Python so a check + # is necessary. + # + if (not isinstance(middle, ldns_rdf)) or \ + (not isinstance(next, ldns_rdf)): + raise TypeError("Parameters must be derived from ldns_dname.") + if (self.get_type() != _ldns.LDNS_RDF_TYPE_DNAME) or \ + (middle.get_type() != _ldns.LDNS_RDF_TYPE_DNAME) or \ + (next.get_type() != _ldns.LDNS_RDF_TYPE_DNAME): + raise Exception("All operands must be dname rdfs.") + if (not isinstance(middle, ldns_dname)) or \ + (not isinstance(next, ldns_dname)): + warnings.warn("The ldns_dname.interval() method will" + + " drop the possibility to compare ldns_rdf." + + " Convert arguments to ldns_dname.", + PendingDeprecationWarning, stacklevel=2) + return _ldns.ldns_dname_interval(self, middle, next) + #parameters: const ldns_rdf *, const ldns_rdf *, const ldns_rdf *, #retvals: int - def is_subdomain(self,parent): - """Tests wether the name sub falls under parent (i.e. is a subdomain of parent). + def is_subdomain(self, parent): + """ + Tests whether the name of the instance falls under + `parent` (i.e., is a sub-domain of `parent`). This function will return false if the given dnames are equal. - :param parent: - (ldns_rdf) the parent's name - :returns: (bool) true if sub falls under parent, otherwise false + :param parent: The parent's name. + :type parent: :class:`ldns_dname` + :throws TypeError: When `parent` of non-:class:`ldns_rdf` + or derived type. + :return: (bool) True if `this` falls under `parent`, otherwise + False. + + .. note:: + The type checking of parameters is benevolent. + It allows also to pass a dname :class:`ldns_rdf` object. + This will probably change in future. """ - return _ldns.ldns_dname_is_subdomain(self,parent) - #parameters: const ldns_rdf *,const ldns_rdf *, + if (not isinstance(parent, ldns_dname)) and \ + isinstance(parent, ldns_rdf) and \ + parent.get_type() == _ldns.LDNS_RDF_TYPE_DNAME: + warnings.warn("The ldns_dname.is_subdomain() method will" + + " drop the support of ldns_rdf." + + " Convert arguments to ldns_dname.", + PendingDeprecationWarning, stacklevel=2) + return _ldns.ldns_dname_is_subdomain(self, parent) + #parameters: const ldns_rdf *, const ldns_rdf *, #retvals: bool - def label(self,labelpos): - """look inside the rdf and if it is an LDNS_RDF_TYPE_DNAME try and retrieve a specific label. + def label(self, labelpos): + """ + Look inside the rdf and retrieve a specific label. The labels are numbered starting from 0 (left most). - - :param labelpos: - return the label with this number - :returns: (ldns_rdf \*) a ldns_rdf* with the label as name or NULL on error + + :param labelpos: Index of the label. (Labels are numbered + 0, which is the left most.) + :type labelpos: integer + :throws TypeError: When `labelpos` of non-integer type. + :return: (:class:`ldns_dname`) A new rdf with the label + as name or None on error. """ - return _ldns.ldns_dname_label(self,labelpos) - #parameters: const ldns_rdf *,uint8_t, + ret = _ldns.ldns_dname_label(self, labelpos) + if ret != None: + ret = ldns_dname(ret, clone=False) + return ret + #parameters: const ldns_rdf *, uint8_t, #retvals: ldns_rdf * def label_count(self): - """count the number of labels inside a LDNS_RDF_DNAME type rdf. + """ + Counts the number of labels. - :returns: (uint8_t) the number of labels + :return: (uint8_t) the number of labels. Will return 0 + if not a dname. """ return _ldns.ldns_dname_label_count(self) #parameters: const ldns_rdf *, #retvals: uint8_t def left_chop(self): - """chop one label off the left side of a dname. + """ + Chop one label off the left side of a dname. - so wwww.nlnetlabs.nl, becomes nlnetlabs.nl + (e.g., wwww.nlnetlabs.nl, becomes nlnetlabs.nl) - :returns: (ldns_rdf \*) the remaining dname + :return: (:class:`ldns_dname`) The remaining dname or None + when error. """ - return _ldns.ldns_dname_left_chop(self) + return ldns_dname(_ldns.ldns_dname_left_chop(self), clone=False) #parameters: const ldns_rdf *, #retvals: ldns_rdf * def reverse(self): - """Returns a clone of the given dname with the labels reversed. + """ + Returns a clone of the given dname with the labels reversed. - :returns: (ldns_rdf \*) clone of the dname with the labels reversed. + :return: (:class:`ldns_dname`) A clone of the dname with + the labels reversed. """ - return _ldns.ldns_dname_reverse(self) + return ldns_dname(_ldns.ldns_dname_reverse(self), clone=False) #parameters: const ldns_rdf *, #retvals: ldns_rdf * - #_LDNS_DNAME_METHODS# + # + # _LDNS_DNAME_METHODS + # %} - diff --git a/contrib/python/ldns_dnssec.i b/contrib/python/ldns_dnssec.i index 6c0656484666..3c29bb4406c9 100644 --- a/contrib/python/ldns_dnssec.i +++ b/contrib/python/ldns_dnssec.i @@ -247,6 +247,29 @@ ldns_status ldns_dnssec_zone_sign_defcb(ldns_dnssec_zone *zone, ldns_rr_list *ne return ldns_dnssec_zone_sign(zone, new_rrs, key_list, ldns_dnssec_default_replace_signatures, NULL); } + +ldns_status ldns_dnssec_zone_add_rr_(ldns_dnssec_zone *zone, ldns_rr *rr) +{ + ldns_rr *new_rr; + ldns_status status; + + new_rr = ldns_rr_clone(rr); + + /* + * A clone of the RR is created to be stored in the DNSSEC zone. + * The Python engine frees a RR object as soon it's reference count + * reaches zero. The code must avoid double freeing or accessing of freed + * memory. + */ + + status = ldns_dnssec_zone_add_rr(zone, new_rr); + + if (status != LDNS_STATUS_OK) { + ldns_rr_free(new_rr); + } + + return status; +} %} %extend ldns_dnssec_zone { @@ -413,7 +436,7 @@ ldns_status ldns_dnssec_zone_sign_defcb(ldns_dnssec_zone *zone, ldns_rr_list *ne The RR to add :returns: (ldns_status) LDNS_STATUS_OK on success, an error code otherwise """ - return _ldns.ldns_dnssec_zone_add_rr(self,rr) + return _ldns.ldns_dnssec_zone_add_rr_(self,rr) #parameters: ldns_dnssec_zone *,ldns_rr *, #retvals: ldns_status diff --git a/contrib/python/ldns_packet.i b/contrib/python/ldns_packet.i index a1ad6b7c8214..9316479f13b3 100644 --- a/contrib/python/ldns_packet.i +++ b/contrib/python/ldns_packet.i @@ -217,7 +217,7 @@ This simple example instances a resolver in order to resolve NS for nic.cz. def opcode2str(self): """Converts a packet opcode to its mnemonic and returns that as an allocated null-terminated string.""" - return _ldns.ldns_pkt_opcode2str(sefl.get_opcode()) + return _ldns.ldns_pkt_opcode2str(self.get_opcode()) def rcode2str(self): """Converts a packet rcode to its mnemonic and returns that as an allocated null-terminated string.""" diff --git a/contrib/python/ldns_rdf.i b/contrib/python/ldns_rdf.i index 5a7e30079646..edff4d624992 100644 --- a/contrib/python/ldns_rdf.i +++ b/contrib/python/ldns_rdf.i @@ -1,5 +1,5 @@ /****************************************************************************** - * ldns_rdata.i: LDNS record data + * ldns_rdf.i: LDNS record data * * Copyright (c) 2009, Zdenek Vasicek (vasicek AT fit.vutbr.cz) * Karel Slany (slany AT fit.vutbr.cz) @@ -14,8 +14,8 @@ * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * Neither the name of the organization nor the names of its - * contributors may be used to endorse or promote products derived from this - * software without specific prior written permission. + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -28,399 +28,815 @@ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. - ******************************************************************************/ - -//automatic conversion of const ldns_rdf* parameter from string -%typemap(in,noblock=1) const ldns_rdf * (void* argp, $1_ltype tmp = 0, int res) { - if (Python_str_Check($input)) { -#ifdef SWIG_Python_str_AsChar - tmp = ldns_dname_new_frm_str(SWIG_Python_str_AsChar($input)); -#else - tmp = ldns_dname_new_frm_str(PyString_AsString($input)); -#endif - if (tmp == NULL) { - %argument_fail(SWIG_TypeError, "char *", $symname, $argnum); - } - $1 = ($1_ltype) tmp; - } else { - res = SWIG_ConvertPtr($input, &argp, SWIGTYPE_p_ldns_struct_rdf, 0 | 0 ); - if (!SWIG_IsOK(res)) { - %argument_fail(res, "ldns_rdf const *", $symname, $argnum); - } - $1 = ($1_ltype) argp; - } -} + *****************************************************************************/ + + +/* ========================================================================= */ +/* SWIG setting and definitions. */ +/* ========================================================================= */ -%typemap(in,numinputs=0,noblock=1) (ldns_rdf **) +/* Creates a temporary instance of (ldns_rdf *). */ +%typemap(in, numinputs=0, noblock=1) (ldns_rdf **) { - ldns_rdf *$1_rdf; - $1 = &$1_rdf; + ldns_rdf *$1_rdf = NULL; + $1 = &$1_rdf; } -// result generation -%typemap(argout,noblock=1) (ldns_rdf **) +/* Result generation, appends (ldns_rdf *) after the result. */ +%typemap(argout, noblock=1) (ldns_rdf **) { - $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(SWIG_as_voidptr($1_rdf), SWIGTYPE_p_ldns_struct_rdf, SWIG_POINTER_OWN | 0 )); + $result = SWIG_Python_AppendOutput($result, + SWIG_NewPointerObj(SWIG_as_voidptr($1_rdf), + SWIGTYPE_p_ldns_struct_rdf, SWIG_POINTER_OWN | 0)); } -%nodefaultctor ldns_struct_rdf; //no default constructor & destructor -%nodefaultdtor ldns_struct_rdf; +/* + * Automatic conversion of const (ldns_rdf *) parameter from string. + * Argument default value. + */ +%typemap(arginit, noblock=1) const ldns_rdf * +{ + char *$1_str = NULL; +} + +/* + * Automatic conversion of const (ldns_rdf *) parameter from string. + * Preparation of arguments. + */ +%typemap(in, noblock=1) const ldns_rdf * (void* argp, $1_ltype tmp = 0, int res) +{ + if (Python_str_Check($input)) { + $1_str = SWIG_Python_str_AsChar($input); + if ($1_str == NULL) { + %argument_fail(SWIG_TypeError, "char *", $symname, $argnum); + } + tmp = ldns_dname_new_frm_str($1_str); + if (tmp == NULL) { + %argument_fail(SWIG_TypeError, "char *", $symname, $argnum); + } + $1 = ($1_ltype) tmp; + } else { + res = SWIG_ConvertPtr($input, &argp, SWIGTYPE_p_ldns_struct_rdf, 0 | 0); + if (!SWIG_IsOK(res)) { + %argument_fail(res, "ldns_rdf const *", $symname, $argnum); + } + $1 = ($1_ltype) argp; + } +} + +/* + * Automatic conversion of const (ldns_rdf *) parameter from string. + * Freeing of allocated memory (in Python 3 when daling with strings). + */ +%typemap(freearg, noblock=1) const ldns_rdf * +{ + if ($1_str != NULL) { + /* Is not NULL only when a conversion form string occurred. */ + SWIG_Python_str_DelForPy3($1_str); /* Is a empty macro for Python < 3. */ + } +} + +%nodefaultctor ldns_struct_rdf; /* No default constructor. */ +%nodefaultdtor ldns_struct_rdf; /* No default destructor. */ + + +/* + * This file must contain all %newobject and %delobject tags also for + * ldns_dname. This is because the ldns_dname is a derived class from ldns_rdf. + */ -%newobject ldns_dname_new; -%newobject ldns_dname_new_frm_str; -%newobject ldns_dname_new_frm_data; %newobject ldns_rdf_new; %newobject ldns_rdf_new_frm_str; %newobject ldns_rdf_new_frm_data; +%newobject ldns_rdf_address_reverse; +%newobject ldns_rdf_clone; +%newobject ldns_rdf2str; + +%newobject ldns_dname_new; +%newobject ldns_dname_new_frm_str; +%newobject ldns_dname_new_frm_data; + +%newobject ldns_dname_cat_clone; +%newobject ldns_dname_label; +%newobject ldns_dname_left_chop; +%newobject ldns_dname_reverse; + %delobject ldns_rdf_deep_free; %delobject ldns_rdf_free; + +/* + * Should the ldns_rdf_new() also be marked as deleting its data parameter? + */ +%delobject ldns_rdf_set_data; /* Because data are directly coupled into rdf. */ + %rename(ldns_rdf) ldns_struct_rdf; -%inline %{ -const char *ldns_rdf_type2str(const ldns_rdf *rdf) -{ - if (rdf) { - switch(ldns_rdf_get_type(rdf)) { - case LDNS_RDF_TYPE_NONE: return 0; - case LDNS_RDF_TYPE_DNAME: return "DNAME"; - case LDNS_RDF_TYPE_INT8: return "INT8"; - case LDNS_RDF_TYPE_INT16: return "INT16"; - case LDNS_RDF_TYPE_INT32: return "INT32"; - case LDNS_RDF_TYPE_PERIOD: return "PERIOD"; - case LDNS_RDF_TYPE_TSIGTIME: return "TSIGTIME"; - case LDNS_RDF_TYPE_A: return "A"; - case LDNS_RDF_TYPE_AAAA: return "AAAA"; - case LDNS_RDF_TYPE_STR: return "STR"; - case LDNS_RDF_TYPE_APL: return "APL"; - case LDNS_RDF_TYPE_B32_EXT: return "B32_EXT"; - case LDNS_RDF_TYPE_B64: return "B64"; - case LDNS_RDF_TYPE_HEX: return "HEX"; - case LDNS_RDF_TYPE_NSEC: return "NSEC"; - case LDNS_RDF_TYPE_NSEC3_SALT: return "NSEC3_SALT"; - case LDNS_RDF_TYPE_TYPE: return "TYPE"; - case LDNS_RDF_TYPE_CLASS: return "CLASS"; - case LDNS_RDF_TYPE_CERT_ALG: return "CER_ALG"; - case LDNS_RDF_TYPE_ALG: return "ALG"; - case LDNS_RDF_TYPE_UNKNOWN: return "UNKNOWN"; - case LDNS_RDF_TYPE_TIME: return "TIME"; - case LDNS_RDF_TYPE_LOC: return "LOC"; - case LDNS_RDF_TYPE_WKS: return "WKS"; - case LDNS_RDF_TYPE_SERVICE: return "SERVICE"; - case LDNS_RDF_TYPE_NSAP: return "NSAP"; - case LDNS_RDF_TYPE_ATMA: return "ATMA"; - case LDNS_RDF_TYPE_IPSECKEY: return "IPSECKEY"; - case LDNS_RDF_TYPE_TSIG: return "TSIG"; - case LDNS_RDF_TYPE_INT16_DATA: return "INT16_DATA"; - case LDNS_RDF_TYPE_NSEC3_NEXT_OWNER: return "NSEC3_NEXT_OWNER"; - } - } - return 0; -} -%} +/* ========================================================================= */ +/* Debugging related code. */ +/* ========================================================================= */ #ifdef LDNS_DEBUG %rename(__ldns_rdf_deep_free) ldns_rdf_deep_free; %rename(__ldns_rdf_free) ldns_rdf_free; -%inline %{ -void _ldns_rdf_free (ldns_rdf* r) { - printf("******** LDNS_RDF free 0x%lX ************\n", (long unsigned int)r); - ldns_rdf_free(r); -} +%inline +%{ + /*! + * @brief Prints information about deallocated rdf and deallocates. + */ + void _ldns_rdf_deep_free (ldns_rdf *r) + { + printf("******** LDNS_RDF deep free 0x%lX ************\n", + (long unsigned int) r); + ldns_rdf_deep_free(r); + } + + /*! + * @brief Prints information about deallocated rdf and deallocates. + */ + void _ldns_rdf_free (ldns_rdf* r) + { + printf("******** LDNS_RDF free 0x%lX ************\n", + (long unsigned int) r); + ldns_rdf_free(r); + } %} -#else +#else /* !LDNS_DEBUG */ %rename(_ldns_rdf_deep_free) ldns_rdf_deep_free; %rename(_ldns_rdf_free) ldns_rdf_free; -#endif +#endif /* LDNS_DEBUG */ + + +/* ========================================================================= */ +/* Added C code. */ +/* ========================================================================= */ + + +%inline +%{ + /*! + * @brief returns a human readable string containing rdf type. + */ + const char *ldns_rdf_type2str(const ldns_rdf *rdf) + { + if (rdf) { + switch(ldns_rdf_get_type(rdf)) { + case LDNS_RDF_TYPE_NONE: return 0; + case LDNS_RDF_TYPE_DNAME: return "DNAME"; + case LDNS_RDF_TYPE_INT8: return "INT8"; + case LDNS_RDF_TYPE_INT16: return "INT16"; + case LDNS_RDF_TYPE_INT32: return "INT32"; + case LDNS_RDF_TYPE_A: return "A"; + case LDNS_RDF_TYPE_AAAA: return "AAAA"; + case LDNS_RDF_TYPE_STR: return "STR"; + case LDNS_RDF_TYPE_APL: return "APL"; + case LDNS_RDF_TYPE_B32_EXT: return "B32_EXT"; + case LDNS_RDF_TYPE_B64: return "B64"; + case LDNS_RDF_TYPE_HEX: return "HEX"; + case LDNS_RDF_TYPE_NSEC: return "NSEC"; + case LDNS_RDF_TYPE_TYPE: return "TYPE"; + case LDNS_RDF_TYPE_CLASS: return "CLASS"; + case LDNS_RDF_TYPE_CERT_ALG: return "CER_ALG"; + case LDNS_RDF_TYPE_ALG: return "ALG"; + case LDNS_RDF_TYPE_UNKNOWN: return "UNKNOWN"; + case LDNS_RDF_TYPE_TIME: return "TIME"; + case LDNS_RDF_TYPE_PERIOD: return "PERIOD"; + case LDNS_RDF_TYPE_TSIGTIME: return "TSIGTIME"; + case LDNS_RDF_TYPE_TSIG: return "TSIG"; + case LDNS_RDF_TYPE_INT16_DATA: return "INT16_DATA"; + case LDNS_RDF_TYPE_SERVICE: return "SERVICE"; + case LDNS_RDF_TYPE_LOC: return "LOC"; + case LDNS_RDF_TYPE_WKS: return "WKS"; + case LDNS_RDF_TYPE_NSAP: return "NSAP"; + case LDNS_RDF_TYPE_ATMA: return "ATMA"; + case LDNS_RDF_TYPE_IPSECKEY: return "IPSECKEY"; + case LDNS_RDF_TYPE_NSEC3_SALT: return "NSEC3_SALT"; + case LDNS_RDF_TYPE_NSEC3_NEXT_OWNER: + return "NSEC3_NEXT_OWNER"; + } + } + return 0; + } +%} -%newobject ldns_rdf2str; +/* ========================================================================= */ +/* Encapsulating Python code. */ +/* ========================================================================= */ %feature("docstring") ldns_struct_rdf "Resource record data field. -The data is a network ordered array of bytes, which size is specified by the (16-bit) size field. To correctly parse it, use the type specified in the (16-bit) type field with a value from ldns_rdf_type." +The data is a network ordered array of bytes, which size is specified +by the (16-bit) size field. To correctly parse it, use the type +specified in the (16-bit) type field with a value from ldns_rdf_type." %extend ldns_struct_rdf { - %pythoncode %{ + %pythoncode + %{ def __init__(self): - raise Exception("This class can't be created directly. Please use: ldns_rdf_new, ldns_rdf_new_frm_data, ldns_rdf_new_frm_str, ldns_rdf_new_frm_fp, ldns_rdf_new_frm_fp_l") + """ + Cannot be created directly from Python. + """ + raise Exception("This class can't be created directly. " + + "Please use: ldns_rdf_new, ldns_rdf_new_frm_data, " + + "ldns_rdf_new_frm_str, ldns_rdf_new_frm_fp, " + + "ldns_rdf_new_frm_fp_l") __swig_destroy__ = _ldns._ldns_rdf_deep_free - #LDNS_RDF_CONSTRUCTORS_# + # + # LDNS_RDF_CONSTRUCTORS_ + # + @staticmethod - def new_frm_str(str, rr_type, raiseException = True): - """Creates a new rdf from a string of a given type. + def new_frm_str(string, rr_type, raiseException = True): + """ + Creates a new rdf from a string of a given type. - :param str: string to use - :param rr_type: the type of RDF. See predefined `RDF_TYPE_` constants - :param raiseException: if True, an exception occurs in case a RDF object can't be created - :returns: RDF object or None. If the object can't be created and raiseException is True, an exception occurs. + :param string: string to use + :type string: string + :param rr_type: The type of the rdf. See predefined `RDF_TYPE_` + constants. + :type rr_type: integer + :param raiseException: If True, an exception occurs in case + a RDF object can't be created. + :type raiseException: bool + :throws TypeError: When parameters of mismatching types. + :throws Exception: When raiseException set and rdf couldn't + be created. + :return: :class:`ldns_rdf` object or None. If the object + can't be created and `raiseException` is True, + an exception occurs. **Usage** - >>> rdf = ldns.ldns_rdf.new_frm_str("74.125.43.99",ldns.LDNS_RDF_TYPE_A) - >>> print rdf, rdf.get_type_str() - A 74.125.43.99 - >>> name = ldns.ldns_resolver.new_frm_file().get_name_by_addr(rdf) - >>> if (name): print name - 99.43.125.74.in-addr.arpa. 85277 IN PTR bw-in-f99.google.com. - """ - rr = _ldns.ldns_rdf_new_frm_str(rr_type, str) - if not rr: - if (raiseException): raise Exception("Can't create query packet, error: %d" % status) + + >>> rdf = ldns.ldns_rdf.new_frm_str("74.125.43.99", ldns.LDNS_RDF_TYPE_A) + >>> print rdf, rdf.get_type_str() + A 74.125.43.99 + >>> name = ldns.ldns_resolver.new_frm_file().get_name_by_addr(rdf) + >>> if (name): print name + 99.43.125.74.in-addr.arpa. 85277 IN PTR bw-in-f99.google.com. + """ + rr = _ldns.ldns_rdf_new_frm_str(rr_type, string) + if (not rr) and raiseException: + raise Exception("Can't create query packet, " + + "error: %d" % status) return rr - #_LDNS_RDF_CONSTRUCTORS# + + # + # _LDNS_RDF_CONSTRUCTORS + # def __str__(self): - """Converts the rdata field to presentation format""" + """ + Converts the rdata field to presentation format. + """ return _ldns.ldns_rdf2str(self) - def __cmp__(self,other): - """compares two rdf's on their wire formats. + def __cmp__(self, other): + """ + Compares two rdfs on their wire formats. - (To order dnames according to rfc4034, use ldns_dname_compare) + (To order dnames according to rfc4034, use ldns_dname_compare.) - :param other: - the second one RDF - :returns: (int) 0 if equal -1 if self comes before other +1 if other comes before self + :param other: The second one RDF. + :type other: :class:`ldns_rdf` + :throws TypeError: When `other` of non-:class:`ldns_rdf` type. + :return: (int) -1, 0 or 1 if self comes before other, + is equal or self comes after other respectively. """ - return _ldns.ldns_rdf_compare(self,other) - - def print_to_file(self,output): - """Prints the data in the rdata field to the given file stream (in presentation format).""" - _ldns.ldns_rdf_print(output,self) + return _ldns.ldns_rdf_compare(self, other) + + def __lt__(self, other): + """ + Compares two rdfs on their formats. + + :param other: The socond one RDF. + :type other: :class:`ldns_rdf` + :throws TypeError: When `other` of non-:class:`ldns_rdf` type. + :return: (bool) True when `self` is less than 'other'. + """ + return _ldns.ldns_rdf_compare(self, other) == -1 + + def __le__(self, other): + """ + Compares two rdfs on their formats. + + :param other: The socond one RDF. + :type other: :class:`ldns_rdf` + :throws TypeError: When `other` of non-:class:`ldns_rdf` type. + :return: (bool) True when `self` is less than or equal to + 'other'. + """ + return _ldns.ldns_rdf_compare(self, other) != 1 + + def __eq__(self, other): + """ + Compares two rdfs on their formats. + + :param other: The socond one RDF. + :type other: :class:`ldns_rdf` + :throws TypeError: When `other` of non-:class:`ldns_rdf` type. + :return: (bool) True when `self` is equal to 'other'. + """ + return _ldns.ldns_rdf_compare(self, other) == 0 + + def __ne__(self, other): + """ + Compares two rdfs on their formats. + + :param other: The socond one RDF. + :type other: :class:`ldns_rdf` + :throws TypeError: When `other` of non-:class:`ldns_rdf` type. + :return: (bool) True when `self` is not equal to 'other'. + """ + return _ldns.ldns_rdf_compare(self, other) != 0 + + def __gt__(self, other): + """ + Compares two rdfs on their formats. + + :param other: The socond one RDF. + :type other: :class:`ldns_rdf` + :throws TypeError: When `other` of non-:class:`ldns_rdf` type. + :return: (bool) True when `self` is greater than 'other'. + """ + return _ldns.ldns_rdf_compare(self, other) == 1 + + def __ge__(self, other): + """ + Compares two rdfs on their formats. + + :param other: The socond one RDF. + :type other: :class:`ldns_rdf` + :throws TypeError: When `other` of non-:class:`ldns_rdf` type. + :return: (bool) True when `self` is greater than or equal to + 'other'. + """ + return _ldns.ldns_rdf_compare(self, other) != -1 + + def print_to_file(self, output): + """ + Prints the data in the rdata field to the given `output` file + stream (in presentation format). + """ + _ldns.ldns_rdf_print(output, self) def get_type_str(self): - """Converts type to string""" + """ + Returns the type of the rdf as a human readable string. + + :return: String containing rdf type. + """ return ldns_rdf_type2str(self) def write_to_buffer(self, buffer): - """Copies the rdata data to the buffer in wire format. + """ + Copies the rdata data to the buffer in wire format. - :param buffer: buffer to append the result to - :returns: (ldns_status) ldns_status + :param buffer: Buffer to append the rdf to. + :type param: :class:`ldns_buffer` + :throws TypeError: When `buffer` of non-:class:`ldns_buffer` + type. + :return: (ldns_status) ldns_status """ return _ldns.ldns_rdf2buffer_wire(buffer, self) - #parameters: ldns_buffer *,const ldns_rdf *, + #parameters: ldns_buffer *, const ldns_rdf *, #retvals: ldns_status def write_to_buffer_canonical(self, buffer): - """Copies the rdata data to the buffer in wire format If the rdata is a dname, the letters will be lowercased during the conversion. + """ + Copies the rdata data to the buffer in wire format. + If the rdata is a dname, the letters will be converted + to lower case during the conversion. - :param buffer: LDNS buffer - :returns: (ldns_status) ldns_status + :param buffer: LDNS buffer. + :type buffer: :class:`ldns_buffer` + :throws TypeError: When `buffer` of non-:class:`ldns_buffer` + type. + :return: (ldns_status) ldns_status """ return _ldns.ldns_rdf2buffer_wire_canonical(buffer, self) - #parameters: ldns_buffer *,const ldns_rdf *, + #parameters: ldns_buffer *, const ldns_rdf *, #retvals: ldns_status - #LDNS_RDF_METHODS_# + # + # LDNS_RDF_METHODS_ + # + def address_reverse(self): - """reverses an rdf, only actually useful for AAAA and A records. + """ + Reverses an rdf, only actually useful for AAAA and A records. The returned rdf has the type LDNS_RDF_TYPE_DNAME! - :returns: (ldns_rdf \*) the reversed rdf (a newly created rdf) + :return: (:class:`ldns_rdf`) The reversed rdf + (a newly created rdf). """ return _ldns.ldns_rdf_address_reverse(self) #parameters: ldns_rdf *, #retvals: ldns_rdf * def clone(self): - """clones a rdf structure. + """ + Clones a rdf structure. - The data is copied. + The data are copied. - :returns: (ldns_rdf \*) a new rdf structure + :return: (:class:`ldns_rdf`) A new rdf structure. """ return _ldns.ldns_rdf_clone(self) #parameters: const ldns_rdf *, #retvals: ldns_rdf * def data(self): - """returns the data of the rdf. + """ + Returns the data of the rdf. - :returns: (uint8_t \*) uint8_t* pointer to the rdf's data + :return: (uint8_t \*) uint8_t* pointer to the rdf's data. """ return _ldns.ldns_rdf_data(self) #parameters: const ldns_rdf *, #retvals: uint8_t * def get_type(self): - """returns the type of the rdf. + """ + Returns the type of the rdf. - We need to insert _get_ here to prevent conflict the the rdf_type TYPE. + We need to prepend the prefix get_ here to prevent conflict + with the rdf_type TYPE. - :returns: (ldns_rdf_type) ldns_rdf_type with the type + :return: (ldns_rdf_type) Identifier of the type. """ return _ldns.ldns_rdf_get_type(self) #parameters: const ldns_rdf *, #retvals: ldns_rdf_type - def set_data(self,data): - """sets the size of the rdf. + def set_data(self, data): + """ + Sets the data portion of the rdf. + + The data are not copied, but are assigned to the rdf, + `data` are decoupled from the Python engine. - :param data: + :param data: Data to be set. + :type data: void \* """ - _ldns.ldns_rdf_set_data(self,data) - #parameters: ldns_rdf *,void *, + _ldns.ldns_rdf_set_data(self, data) + #parameters: ldns_rdf *, void *, #retvals: - def set_size(self,size): - """sets the size of the rdf. + def set_size(self, size): + """ + Sets the size of the rdf. - :param size: - the new size + :param size: The new size. + :type size: integer + :throws TypeError: When size of non-integer type. """ _ldns.ldns_rdf_set_size(self,size) #parameters: ldns_rdf *,size_t, #retvals: - def set_type(self,atype): - """sets the size of the rdf. + def set_type(self, atype): + """ + Sets the type of the rdf. - :param atype: + :param atype: rdf type + :type atype: integer + :throws TypeError: When atype of non-integer type. """ - _ldns.ldns_rdf_set_type(self,atype) - #parameters: ldns_rdf *,ldns_rdf_type, + _ldns.ldns_rdf_set_type(self, atype) + #parameters: ldns_rdf *, ldns_rdf_type, #retvals: def size(self): - """returns the size of the rdf. + """ + Returns the size of the rdf. - :returns: (size_t) uint16_t with the size + :return: (size_t) uint16_t with the size. """ return _ldns.ldns_rdf_size(self) #parameters: const ldns_rdf *, #retvals: size_t @staticmethod - def dname_new_frm_str(str): - """Creates a new dname rdf instance from a string. + def dname_new_frm_str(string): + """ + Creates a new dname rdf instance from a given string. - This static method is equivalent to using of default class constructor. + This static method is equivalent to using of default + :class:`ldns_rdf` constructor. - :parameter str: str string to use + :parameter string: String to use. + :type string: string + :throws TypeError: When not a string used. + :return: :class:`ldns_rdf` or None if error. + + .. warning:: + + It is scheduled to be deprecated and removed. Use + :class:`ldns_dname` constructor instead. """ - return _ldns.ldns_dname_new_frm_str(str) + warnings.warn("The ldns_rdf.dname_new_frm_str() method is" + + " scheduled to be deprecated in future releases." + + " Use ldsn_dname constructor instead.", + PendingDeprecationWarning, stacklevel=2) + return _ldns.ldns_dname_new_frm_str(string) def absolute(self): - """Checks whether the given dname string is absolute (i.e. ends with a '.') + """ + Checks whether the given dname string is absolute + (i.e., ends with a '.'). + + :return: (bool) True or False + + .. note:: - :returns: (bool) True or False + This method was malfunctioning in ldns-1.3.16 and also + possibly earlier. + + .. warning:: + + It is scheduled to be deprecated and removed. Convert + :class:`ldns_rdf` to :class:`ldns_dname` to use the method. """ - return self.endswith(".") + warnings.warn("The ldns_rdf.absolute() method is scheduled" + + " to be deprecated in future releases." + + " Convert the ldns_rdf to ldsn_dname and the use its" + + " methods.", PendingDeprecationWarning, stacklevel=2) + if self.get_type() == _ldns.LDNS_RDF_TYPE_DNAME: + string = self.__str__() + return _ldns.ldns_dname_str_absolute(string) != 0 + else: + return False def make_canonical(self): - """Put a dname into canonical fmt - ie. lowercase it """ + Put a dname into canonical format (i.e., convert to lower case). + + Performs no action if not a dname. + + .. warning:: + + This method is scheduled to be deprecated and removed. + Convert :class:`ldns_rdf` to :class:`ldns_dname` to use + the method. + """ + warnings.warn("The ldns_rdf.make_canonical() method is scheduled" + + " to be deprecated in future releases." + + " Convert the ldns_rdf to ldsn_dname and the use its" + + " methods.", PendingDeprecationWarning, stacklevel=2) _ldns.ldns_dname2canonical(self) - def dname_compare(self,other): - """Compares the two dname rdf's according to the algorithm for ordering in RFC4034 Section 6. - - :param other: - the second dname rdf to compare - :returns: (int) -1 if dname comes before other, 1 if dname comes after other, and 0 if they are equal. + def dname_compare(self, other): """ - return _ldns.ldns_dname_compare(self,other) + Compares two dname rdf according to the algorithm + for ordering in RFC4034 Section 6. + + :param other: The second dname rdf to compare. + :type other: :class:`ldns_rdf` + :throws TypeError: When not a :class:`ldns_rdf` used. + :throws Exception: When not dnames compared. + :return: (int) -1, 0 or 1 if `self` comes before `other`, + `self` is equal or `self` comes after `other` respectively. - def cat(self,rd2): - """concatenates rd2 after this dname (rd2 is copied, this dname is modified) + .. warning:: + + It is scheduled to be deprecated and removed. Convert + :class:`ldns_rdf` to :class:`ldns_dname`. + """ + warnings.warn("The ldns_rdf.dname_compare() method is" + + " scheduled to be deprecated in future releases." + + " Convert the ldns_rdf to ldsn_dname and the use its" + + " methods.", PendingDeprecationWarning, stacklevel=2) + # + # The wrapped function generates asserts instead of setting + # error status. They cannot be caught from Python so a check + # is necessary. + # + if not isinstance(other, ldns_rdf): + raise TypeError("Parameter must be derived from ldns_rdf.") + if (self.get_type() != _ldns.LDNS_RDF_TYPE_DNAME) or \ + (other.get_type() != _ldns.LDNS_RDF_TYPE_DNAME): + raise Exception("Both operands must be dname rdfs.") + return _ldns.ldns_dname_compare(self, other) + + def cat(self, rd2): + """ + Concatenates `rd2` after `this` dname (`rd2` is copied, + `this` dname is modified). - :param rd2: - the rightside - :returns: (ldns_status) LDNS_STATUS_OK on success + :param rd2: The right-hand side. + :type rd2: :class:`ldns_rdf` + :throws TypeError: When `rd2` of non-:class:`ldns_rdf` or + non-:class:`ldns_dname` type. + :return: (ldns_status) LDNS_STATUS_OK on success. + + .. warning:: + + It is scheduled to be deprecated and removed. Convert + :class:`ldns_rdf` to :class:`ldns_dname`. """ - return _ldns.ldns_dname_cat(self,rd2) - #parameters: ldns_rdf *,ldns_rdf *, + warnings.warn("The ldns_rdf.cat() method is scheduled" + + " to be deprecated in future releases." + + " Convert the ldns_rdf to ldsn_dname and the use its" + + " methods.", PendingDeprecationWarning, stacklevel=2) + return _ldns.ldns_dname_cat(self, rd2) + #parameters: ldns_rdf *, ldns_rdf *, #retvals: ldns_status - def cat_clone(self,rd2): - """concatenates two dnames together - - :param rd2: - the rightside - :returns: (ldns_rdf \*) a new rdf with leftside/rightside + def cat_clone(self, rd2): """ - return _ldns.ldns_dname_cat_clone(self,rd2) - #parameters: const ldns_rdf *,const ldns_rdf *, + Concatenates two dnames together. + + :param rd2: The right-hand side. + :type rd2: :class:`ldns_rdf` + :throws TypeError: When `rd2` of non-:class:`ldns_rdf` or + non-:class:`ldns_dname` type. + :return: (:class:`ldns_rdf`) A new rdf with + left-hand side + right-hand side content None when + error. + + .. warning:: + + It is scheduled to be deprecated and removed. Convert + :class:`ldns_rdf` to :class:`ldns_dname`. + """ + warnings.warn("The ldns_rdf.cat_clone() method is scheduled" + + " to be deprecated in future releases." + + " Convert the ldns_rdf to ldsn_dname and the use its" + + " methods.", PendingDeprecationWarning, stacklevel=2) + return _ldns.ldns_dname_cat_clone(self, rd2) + #parameters: const ldns_rdf *, const ldns_rdf *, #retvals: ldns_rdf * - def interval(self,middle,next): - """check if middle lays in the interval defined by prev and next prev <= middle < next. - - This is usefull for nsec checking - - :param middle: - the dname to check - :param next: - the next dname return 0 on error or unknown, -1 when middle is in the interval, +1 when not - :returns: (int) - """ - return _ldns.ldns_dname_interval(self,middle,next) - #parameters: const ldns_rdf *,const ldns_rdf *,const ldns_rdf *, + def interval(self, middle, next): + """ + Check whether the `middle` lays in the interval defined by + `this` and `next` (`this` <= `middle` < `next`). + + This method is useful for nsec checking + + :param middle: The dname to check. + :type middle: :class:`ldns_rdf` + :param next: The boundary. + :type next: :class:`ldns_rdf` + :throws TypeError: When `middle` or `next` of + non-:class:`ldns_rdf` type. + :throws Exception: When non-dname rdfs compared. + :return: (int) 0 on error or unknown, + -1 when middle is in the interval, 1 when not. + + .. warning:: + + It is scheduled to be deprecated and removed. Convert + :class:`ldns_rdf` to :class:`ldns_dname`. + """ + warnings.warn("The ldns_rdf.interval() method is scheduled" + + " to be deprecated in future releases." + + " Convert the ldns_rdf to ldsn_dname and the use its" + + " methods.", PendingDeprecationWarning, stacklevel=2) + # + # The wrapped function generates asserts instead of setting + # error status. They cannot be caught from Python so a check + # is necessary. + # + if (not isinstance(middle, ldns_rdf)) or \ + (not isinstance(next, ldns_rdf)): + raise TypeError("Parameters must be derived from ldns_rdf.") + if (self.get_type() != _ldns.LDNS_RDF_TYPE_DNAME) or \ + (middle.get_type() != _ldns.LDNS_RDF_TYPE_DNAME) or \ + (next.get_type() != _ldns.LDNS_RDF_TYPE_DNAME): + raise Exception("All operands must be dname rdfs.") + return _ldns.ldns_dname_interval(self, middle, next) + #parameters: const ldns_rdf *, const ldns_rdf *, const ldns_rdf *, #retvals: int - def is_subdomain(self,parent): - """Tests wether the name sub falls under parent (i.e. is a subdomain of parent). + def is_subdomain(self, parent): + """ + Tests whether the name of the given instance falls under + `parent` (i.e., is a sub-domain of `parent`). - This function will return false if the given dnames are equal. + This function will return False if the given dnames + are equal. - :param parent: - (ldns_rdf) the parent's name - :returns: (bool) true if sub falls under parent, otherwise false + :param parent: The parent's name. + :type parent: :class:`ldns_rdf` + :throws TypeError: When `parent` of non-:class:`ldns_rdf` type. + :return: (bool) True if `this` falls under `parent`, otherwise + False. + + .. warning:: + + It is scheduled to be deprecated and removed. Convert + :class:`ldns_rdf` to :class:`ldns_dname`. """ - return _ldns.ldns_dname_is_subdomain(self,parent) - #parameters: const ldns_rdf *,const ldns_rdf *, + warnings.warn("The ldns_rdf.is_subdomain() method is scheduled" + + " to be deprecated in future releases." + + " Convert the ldns_rdf to ldsn_dname and the use its" + + " methods.", PendingDeprecationWarning, stacklevel=2) + return _ldns.ldns_dname_is_subdomain(self, parent) + #parameters: const ldns_rdf *, const ldns_rdf *, #retvals: bool - def label(self,labelpos): - """look inside the rdf and if it is an LDNS_RDF_TYPE_DNAME try and retrieve a specific label. + def label(self, labelpos): + """ + Look inside the rdf and if it is an LDNS_RDF_TYPE_DNAME try + and retrieve a specific label. The labels are numbered starting from 0 (left most). - :param labelpos: - return the label with this number - :returns: (ldns_rdf \*) a ldns_rdf* with the label as name or NULL on error + :param labelpos: Index of the label. (Labels are numbered + 0, which is the left most.) + :type labelpos: integer + :throws TypeError: When `labelpos` of non-integer type. + :return: (:class:`ldns_rdf`) A new rdf with the label + as name or None on error. + + .. warning:: + + It is scheduled to be deprecated and removed. Convert + :class:`ldns_rdf` to :class:`ldns_dname`. """ - return _ldns.ldns_dname_label(self,labelpos) - #parameters: const ldns_rdf *,uint8_t, + warnings.warn("The ldns_rdf.label() method is scheduled" + + " to be deprecated in future releases." + + " Convert the ldns_rdf to ldsn_dname and the use its" + + " methods.", PendingDeprecationWarning, stacklevel=2) + return _ldns.ldns_dname_label(self, labelpos) + #parameters: const ldns_rdf *, uint8_t, #retvals: ldns_rdf * def label_count(self): - """count the number of labels inside a LDNS_RDF_DNAME type rdf. + """ + Count the number of labels inside a LDNS_RDF_DNAME type rdf. - :returns: (uint8_t) the number of labels + :return: (uint8_t) The number of labels. Will return 0 if + not a dname. + + .. warning:: + + It is scheduled to be deprecated and removed. Convert + :class:`ldns_rdf` to :class:`ldns_dname`. """ + warnings.warn("The ldns_rdf.label_count() method is scheduled" + + " to be deprecated in future releases." + + " Convert the ldns_rdf to ldsn_dname and the use its" + + " methods.", PendingDeprecationWarning, stacklevel=2) return _ldns.ldns_dname_label_count(self) #parameters: const ldns_rdf *, #retvals: uint8_t def left_chop(self): - """chop one label off the left side of a dname. + """ + Chop one label off the left side of a dname. - so wwww.nlnetlabs.nl, becomes nlnetlabs.nl + (e.g., wwww.nlnetlabs.nl, becomes nlnetlabs.nl) - :returns: (ldns_rdf \*) the remaining dname + :return: (:class:`ldns_rdf`) The remaining dname or None when + error. + + .. warning:: + + It is scheduled to be deprecated and removed. Convert + :class:`ldns_rdf` to :class:`ldns_dname`. """ + warnings.warn("The ldns_rdf.left_chop() method is scheduled" + + " to be deprecated in future releases." + + " Convert the ldns_rdf to ldsn_dname and the use its" + + " methods.", PendingDeprecationWarning, stacklevel=2) return _ldns.ldns_dname_left_chop(self) #parameters: const ldns_rdf *, #retvals: ldns_rdf * def reverse(self): - """Returns a clone of the given dname with the labels reversed. + """ + Returns a clone of the given dname with the labels reversed. + + When reversing non-dnames a "." (root name) dname is returned. - :returns: (ldns_rdf \*) clone of the dname with the labels reversed. + :return: (:class:`ldns_rdf`) Clone of the dname with the labels + reversed or ".". + + .. warning:: + + It is scheduled to be deprecated and removed. Convert + :class:`ldns_rdf` to :class:`ldns_dname`. """ + warnings.warn("The ldns_rdf.reverse() method is scheduled" + + " to be deprecated in future releases." + + " Convert the ldns_rdf to ldsn_dname and the use its" + + " methods.", PendingDeprecationWarning, stacklevel=2) return _ldns.ldns_dname_reverse(self) #parameters: const ldns_rdf *, #retvals: ldns_rdf * - #_LDNS_RDF_METHODS# - %} + # + # _LDNS_RDF_METHODS + # + %} } diff --git a/contrib/python/ldns_rr.i b/contrib/python/ldns_rr.i index 1a9f3f1c21bb..726c6cd902af 100644 --- a/contrib/python/ldns_rr.i +++ b/contrib/python/ldns_rr.i @@ -14,8 +14,8 @@ * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * Neither the name of the organization nor the names of its - * contributors may be used to endorse or promote products derived from this - * software without specific prior written permission. + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -28,1153 +28,1849 @@ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. - ******************************************************************************/ + *****************************************************************************/ -%typemap(in,numinputs=0,noblock=1) (ldns_rr **) + +/* ========================================================================= */ +/* SWIG setting and definitions. */ +/* ========================================================================= */ + +/* Creates a temporary instance of (ldns_rr *). */ +%typemap(in, numinputs=0, noblock=1) (ldns_rr **) { - ldns_rr *$1_rr; - $1 = &$1_rr; + ldns_rr *$1_rr; + $1 = &$1_rr; } -/* result generation */ -%typemap(argout,noblock=1) (ldns_rr **) +/* Result generation, appends (ldns_rr *) after the result. */ +%typemap(argout, noblock=1) (ldns_rr **) { - $result = SWIG_Python_AppendOutput($result, SWIG_NewPointerObj(SWIG_as_voidptr($1_rr), SWIGTYPE_p_ldns_struct_rr, SWIG_POINTER_OWN | 0 )); + $result = SWIG_Python_AppendOutput($result, + SWIG_NewPointerObj(SWIG_as_voidptr($1_rr), + SWIGTYPE_p_ldns_struct_rr, SWIG_POINTER_OWN | 0 )); } -%nodefaultctor ldns_struct_rr; //no default constructor & destructor -%nodefaultdtor ldns_struct_rr; +%nodefaultctor ldns_struct_rr; /* No default constructor. */ +%nodefaultdtor ldns_struct_rr; /* No default destructor. */ %ignore ldns_struct_rr::_rdata_fields; %newobject ldns_rr_clone; %newobject ldns_rr_new; +%newobject ldns_rr_new_frm_type; %newobject ldns_rr_pop_rdf; %delobject ldns_rr_free; %rename(ldns_rr) ldns_struct_rr; -#ifdef LDNS_DEBUG -%rename(__ldns_rr_free) ldns_rr_free; -%inline %{ -void _ldns_rr_free (ldns_rr* r) { - printf("******** LDNS_RR free 0x%lX ************\n", (long unsigned int)r); - ldns_rr_free(r); -} -%} -#else -%rename(_ldns_rr_free) ldns_rr_free; -#endif - %newobject ldns_rr2str; %newobject ldns_rr_type2str; %newobject ldns_rr_class2str; %newobject ldns_read_anchor_file; -// clone rdf data on pull +/* Clone rdf data on pull. */ + +/* Clone will fail with NULL argument. */ %newobject _ldns_rr_rdf; %rename(__ldns_rr_rdf) ldns_rr_rdf; -%inline %{ -ldns_rdf* _ldns_rr_rdf(ldns_rr* rr, size_t i) { - return ldns_rdf_clone(ldns_rr_rdf(rr, i)); -} +%inline +%{ + ldns_rdf * _ldns_rr_rdf(ldns_rr *rr, size_t i) + { + ldns_rdf *rdf; + rdf = ldns_rr_rdf(rr, i); + return (rdf != NULL) ? ldns_rdf_clone(rdf) : NULL; + } %} %newobject _ldns_rr_rrsig_algorithm; %rename(__ldns_rr_rrsig_algorithm) ldns_rr_rrsig_algorithm; -%inline %{ -ldns_rdf* _ldns_rr_rrsig_algorithm(ldns_rr* rr) { - return ldns_rdf_clone(ldns_rr_rrsig_algorithm(rr)); -} +%inline +%{ + ldns_rdf * _ldns_rr_rrsig_algorithm(ldns_rr *rr) { + ldns_rdf *rdf; + rdf = ldns_rr_rrsig_algorithm(rr); + return (rdf != NULL) ? ldns_rdf_clone(rdf) : NULL; + } %} %newobject _ldns_rr_dnskey_algorithm; %rename(__ldns_rr_dnskey_algorithm) ldns_rr_dnskey_algorithm; -%inline %{ -ldns_rdf* _ldns_rr_dnskey_algorithm(ldns_rr* rr) { - return ldns_rdf_clone(ldns_rr_dnskey_algorithm(rr)); -} +%inline +%{ + ldns_rdf * _ldns_rr_dnskey_algorithm(ldns_rr *rr) + { + ldns_rdf *rdf; + rdf = ldns_rr_dnskey_algorithm(rr); + return (rdf != NULL) ? ldns_rdf_clone(rdf) : NULL; + } %} %newobject _ldns_rr_dnskey_flags; %rename(__ldns_rr_dnskey_flags) ldns_rr_dnskey_flags; -%inline %{ -ldns_rdf* _ldns_rr_dnskey_flags(ldns_rr* rr) { - return ldns_rdf_clone(ldns_rr_dnskey_flags(rr)); -} +%inline + %{ + ldns_rdf * _ldns_rr_dnskey_flags(ldns_rr *rr) + { + ldns_rdf *rdf; + rdf = ldns_rr_dnskey_flags(rr); + return (rdf != NULL) ? ldns_rdf_clone(rdf) : NULL; + } %} %newobject _ldns_rr_dnskey_key; %rename(__ldns_rr_dnskey_key) ldns_rr_dnskey_key; -%inline %{ -ldns_rdf* _ldns_rr_dnskey_key(ldns_rr* rr) { - return ldns_rdf_clone(ldns_rr_dnskey_key(rr)); -} +%inline +%{ + ldns_rdf * _ldns_rr_dnskey_key(ldns_rr *rr) + { + ldns_rdf *rdf; + rdf = ldns_rr_dnskey_key(rr); + return (rdf != NULL) ? ldns_rdf_clone(rdf) : NULL; + } %} %newobject _ldns_rr_dnskey_protocol; %rename(__ldns_rr_dnskey_protocol) ldns_rr_dnskey_protocol; -%inline %{ -ldns_rdf* _ldns_rr_dnskey_protocol(ldns_rr* rr) { - return ldns_rdf_clone(ldns_rr_dnskey_protocol(rr)); -} +%inline +%{ + ldns_rdf * _ldns_rr_dnskey_protocol(ldns_rr *rr) + { + ldns_rdf *rdf; + rdf = ldns_rr_dnskey_protocol(rr); + return (rdf != NULL) ? ldns_rdf_clone(rdf) : NULL; + } %} %newobject _ldns_rr_owner; %rename(__ldns_rr_owner) ldns_rr_owner; -%inline %{ -ldns_rdf* _ldns_rr_owner(ldns_rr* rr) { - return ldns_rdf_clone(ldns_rr_owner(rr)); -} +%inline +%{ + ldns_rdf * _ldns_rr_owner(ldns_rr *rr) + { + ldns_rdf *rdf; + rdf = ldns_rr_owner(rr); + return (rdf != NULL) ? ldns_rdf_clone(rdf) : NULL; + } %} %newobject _ldns_rr_a_address; %rename(__ldns_rr_a_address) ldns_rr_a_address; -%inline %{ -ldns_rdf* _ldns_rr_a_address(ldns_rr* rr) { - return ldns_rdf_clone(ldns_rr_a_address(rr)); -} +%inline +%{ + ldns_rdf * _ldns_rr_a_address(ldns_rr *rr) + { + ldns_rdf *rdf; + rdf = ldns_rr_a_address(rr); + return (rdf != NULL) ? ldns_rdf_clone(rdf) : NULL; + } %} %newobject _ldns_rr_mx_exchange; %rename(__ldns_rr_mx_exchange) ldns_rr_mx_exchange; -%inline %{ -ldns_rdf* _ldns_rr_mx_exchange(ldns_rr* rr) { - return ldns_rdf_clone(ldns_rr_mx_exchange(rr)); -} +%inline +%{ + ldns_rdf * _ldns_rr_mx_exchange(ldns_rr *rr) + { + ldns_rdf *rdf; + rdf = ldns_rr_mx_exchange(rr); + return (rdf != NULL) ? ldns_rdf_clone(rdf) : NULL; + } %} %newobject _ldns_rr_mx_preference; %rename(__ldns_rr_mx_preference) ldns_rr_mx_preference; -%inline %{ -ldns_rdf* _ldns_rr_mx_preference(ldns_rr* rr) { - return ldns_rdf_clone(ldns_rr_mx_preference(rr)); -} +%inline +%{ + ldns_rdf * _ldns_rr_mx_preference(ldns_rr *rr) + { + ldns_rdf *rdf; + rdf = ldns_rr_mx_preference(rr); + return (rdf != NULL) ? ldns_rdf_clone(rdf) : NULL; + } %} %newobject _ldns_rr_ns_nsdname; %rename(__ldns_rr_ns_nsdname) ldns_rr_ns_nsdname; -%inline %{ -ldns_rdf* _ldns_rr_ns_nsdname(ldns_rr* rr) { - return ldns_rdf_clone(ldns_rr_ns_nsdname(rr)); -} +%inline +%{ + ldns_rdf * _ldns_rr_ns_nsdname(ldns_rr *rr) + { + ldns_rdf *rdf; + rdf = ldns_rr_ns_nsdname(rr); + return (rdf != NULL) ? ldns_rdf_clone(rdf) : NULL; + } %} %newobject _ldns_rr_rrsig_expiration; %rename(__ldns_rr_rrsig_expiration) ldns_rr_rrsig_expiration; -%inline %{ -ldns_rdf* _ldns_rr_rrsig_expiration(ldns_rr* rr) { - return ldns_rdf_clone(ldns_rr_rrsig_expiration(rr)); -} +%inline +%{ + ldns_rdf * _ldns_rr_rrsig_expiration(ldns_rr *rr) + { + ldns_rdf *rdf; + rdf = ldns_rr_rrsig_expiration(rr); + return (rdf != NULL) ? ldns_rdf_clone(rdf) : NULL; + } %} %newobject _ldns_rr_rrsig_inception; %rename(__ldns_rr_rrsig_inception) ldns_rr_rrsig_inception; -%inline %{ -ldns_rdf* _ldns_rr_rrsig_inception(ldns_rr* rr) { - return ldns_rdf_clone(ldns_rr_rrsig_inception(rr)); -} +%inline +%{ + ldns_rdf * _ldns_rr_rrsig_inception(ldns_rr *rr) + { + ldns_rdf *rdf; + rdf = ldns_rr_rrsig_inception(rr); + return (rdf != NULL) ? ldns_rdf_clone(rdf) : NULL; + } %} %newobject _ldns_rr_rrsig_keytag; %rename(__ldns_rr_rrsig_keytag) ldns_rr_rrsig_keytag; -%inline %{ -ldns_rdf* _ldns_rr_rrsig_keytag(ldns_rr* rr) { - return ldns_rdf_clone(ldns_rr_rrsig_keytag(rr)); -} +%inline +%{ + ldns_rdf * _ldns_rr_rrsig_keytag(ldns_rr *rr) + { + ldns_rdf *rdf; + rdf = ldns_rr_rrsig_keytag(rr); + return (rdf != NULL) ? ldns_rdf_clone(rdf) : NULL; + } %} %newobject _ldns_rr_rrsig_labels; %rename(__ldns_rr_rrsig_labels) ldns_rr_rrsig_labels; -%inline %{ -ldns_rdf* _ldns_rr_rrsig_labels(ldns_rr* rr) { - return ldns_rdf_clone(ldns_rr_rrsig_labels(rr)); -} +%inline +%{ + ldns_rdf * _ldns_rr_rrsig_labels(ldns_rr *rr) + { + ldns_rdf *rdf; + rdf = ldns_rr_rrsig_labels(rr); + return (rdf != NULL) ? ldns_rdf_clone(rdf) : NULL; + } %} %newobject _ldns_rr_rrsig_origttl; %rename(__ldns_rr_rrsig_origttl) ldns_rr_rrsig_origttl; -%inline %{ -ldns_rdf* _ldns_rr_rrsig_origttl(ldns_rr* rr) { - return ldns_rdf_clone(ldns_rr_rrsig_origttl(rr)); -} +%inline +%{ + ldns_rdf * _ldns_rr_rrsig_origttl(ldns_rr *rr) + { + ldns_rdf *rdf; + rdf = ldns_rr_rrsig_origttl(rr); + return (rdf != NULL) ? ldns_rdf_clone(rdf) : NULL; + } %} %newobject _ldns_rr_rrsig_sig; %rename(__ldns_rr_rrsig_sig) ldns_rr_rrsig_sig; -%inline %{ -ldns_rdf* _ldns_rr_rrsig_sig(ldns_rr* rr) { - return ldns_rdf_clone(ldns_rr_rrsig_sig(rr)); -} +%inline +%{ + ldns_rdf * _ldns_rr_rrsig_sig(ldns_rr *rr) + { + ldns_rdf *rdf; + rdf = ldns_rr_rrsig_sig(rr); + return (rdf != NULL) ? ldns_rdf_clone(rdf) : NULL; + } %} %newobject _ldns_rr_rrsig_signame; %rename(__ldns_rr_rrsig_signame) ldns_rr_rrsig_signame; -%inline %{ -ldns_rdf* _ldns_rr_rrsig_signame(ldns_rr* rr) { - return ldns_rdf_clone(ldns_rr_rrsig_signame(rr)); -} +%inline +%{ + ldns_rdf * _ldns_rr_rrsig_signame(ldns_rr *rr) + { + ldns_rdf *rdf; + rdf = ldns_rr_rrsig_signame(rr); + return (rdf != NULL) ? ldns_rdf_clone(rdf) : NULL; + } %} %newobject _ldns_rr_rrsig_typecovered; %rename(__ldns_rr_rrsig_typecovered) ldns_rr_rrsig_typecovered; -%inline %{ -ldns_rdf* _ldns_rr_rrsig_typecovered(ldns_rr* rr) { - return ldns_rdf_clone(ldns_rr_rrsig_typecovered(rr)); -} +%inline +%{ + ldns_rdf * _ldns_rr_rrsig_typecovered(ldns_rr *rr) + { + ldns_rdf *rdf; + rdf = ldns_rr_rrsig_typecovered(rr); + return (rdf != NULL) ? ldns_rdf_clone(rdf) : NULL; + } %} -// end of pull cloning +/* End of pull cloning. */ -// clone rdf data on push +/* Clone rdf data on push. */ %rename(__ldns_rr_a_set_address) ldns_rr_a_set_address; -%inline %{ -bool _ldns_rr_a_set_address(ldns_rr* rr, ldns_rdf* rdf) { - return ldns_rr_a_set_address(rr, ldns_rdf_clone(rdf)); -} +%inline +%{ + bool _ldns_rr_a_set_address(ldns_rr *rr, ldns_rdf *rdf) + { + return ldns_rr_a_set_address(rr, ldns_rdf_clone(rdf)); + } %} %rename(__ldns_rr_dnskey_set_algorithm) ldns_rr_dnskey_set_algorithm; -%inline %{ -bool _ldns_rr_dnskey_set_algorithm(ldns_rr* rr, ldns_rdf* rdf) { - return ldns_rr_dnskey_set_algorithm(rr, ldns_rdf_clone(rdf)); -} +%inline +%{ + bool _ldns_rr_dnskey_set_algorithm(ldns_rr *rr, ldns_rdf *rdf) + { + return ldns_rr_dnskey_set_algorithm(rr, ldns_rdf_clone(rdf)); + } %} %rename(__ldns_rr_dnskey_set_flags) ldns_rr_dnskey_set_flags; -%inline %{ -bool _ldns_rr_dnskey_set_flags(ldns_rr* rr, ldns_rdf* rdf) { - return ldns_rr_dnskey_set_flags(rr, ldns_rdf_clone(rdf)); -} +%inline +%{ + bool _ldns_rr_dnskey_set_flags(ldns_rr *rr, ldns_rdf *rdf) + { + return ldns_rr_dnskey_set_flags(rr, ldns_rdf_clone(rdf)); + } %} %rename(__ldns_rr_dnskey_set_key) ldns_rr_dnskey_set_key; -%inline %{ -bool _ldns_rr_dnskey_set_key(ldns_rr* rr, ldns_rdf* rdf) { - return ldns_rr_dnskey_set_key(rr, ldns_rdf_clone(rdf)); -} +%inline +%{ + bool _ldns_rr_dnskey_set_key(ldns_rr *rr, ldns_rdf *rdf) + { + return ldns_rr_dnskey_set_key(rr, ldns_rdf_clone(rdf)); + } %} %rename(__ldns_rr_dnskey_set_protocol) ldns_rr_dnskey_set_protocol; -%inline %{ -bool _ldns_rr_dnskey_set_protocol(ldns_rr* rr, ldns_rdf* rdf) { - return ldns_rr_dnskey_set_protocol(rr, ldns_rdf_clone(rdf)); -} +%inline +%{ + bool _ldns_rr_dnskey_set_protocol(ldns_rr *rr, ldns_rdf *rdf) + { + return ldns_rr_dnskey_set_protocol(rr, ldns_rdf_clone(rdf)); + } %} %rename(__ldns_rr_push_rdf) ldns_rr_push_rdf; -%inline %{ -bool _ldns_rr_push_rdf(ldns_rr* rr, ldns_rdf* rdf) { - return ldns_rr_push_rdf(rr, ldns_rdf_clone(rdf)); -} +%inline +%{ + bool _ldns_rr_push_rdf(ldns_rr *rr, ldns_rdf *rdf) + { + return ldns_rr_push_rdf(rr, ldns_rdf_clone(rdf)); + } %} %rename(__ldns_rr_rrsig_set_algorithm) ldns_rr_rrsig_set_algorithm; -%inline %{ -bool _ldns_rr_rrsig_set_algorithm(ldns_rr* rr, ldns_rdf* rdf) { - return ldns_rr_rrsig_set_algorithm(rr, ldns_rdf_clone(rdf)); -} +%inline +%{ + bool _ldns_rr_rrsig_set_algorithm(ldns_rr *rr, ldns_rdf *rdf) + { + return ldns_rr_rrsig_set_algorithm(rr, ldns_rdf_clone(rdf)); + } %} %rename(__ldns_rr_rrsig_set_expiration) ldns_rr_rrsig_set_expiration; -%inline %{ -bool _ldns_rr_rrsig_set_expiration(ldns_rr* rr, ldns_rdf* rdf) { - return ldns_rr_rrsig_set_expiration(rr, ldns_rdf_clone(rdf)); -} +%inline +%{ + bool _ldns_rr_rrsig_set_expiration(ldns_rr *rr, ldns_rdf *rdf) + { + return ldns_rr_rrsig_set_expiration(rr, ldns_rdf_clone(rdf)); + } %} %rename(__ldns_rr_rrsig_set_inception) ldns_rr_rrsig_set_inception; -%inline %{ -bool _ldns_rr_rrsig_set_inception(ldns_rr* rr, ldns_rdf* rdf) { - return ldns_rr_rrsig_set_inception(rr, ldns_rdf_clone(rdf)); -} +%inline +%{ + bool _ldns_rr_rrsig_set_inception(ldns_rr *rr, ldns_rdf *rdf) + { + return ldns_rr_rrsig_set_inception(rr, ldns_rdf_clone(rdf)); + } %} %rename(__ldns_rr_rrsig_set_keytag) ldns_rr_rrsig_set_keytag; -%inline %{ -bool _ldns_rr_rrsig_set_keytag(ldns_rr* rr, ldns_rdf* rdf) { - return ldns_rr_rrsig_set_keytag(rr, ldns_rdf_clone(rdf)); -} +%inline +%{ + bool _ldns_rr_rrsig_set_keytag(ldns_rr *rr, ldns_rdf *rdf) + { + return ldns_rr_rrsig_set_keytag(rr, ldns_rdf_clone(rdf)); + } %} %rename(__ldns_rr_rrsig_set_labels) ldns_rr_rrsig_set_labels; -%inline %{ -bool _ldns_rr_rrsig_set_labels(ldns_rr* rr, ldns_rdf* rdf) { - return ldns_rr_rrsig_set_labels(rr, ldns_rdf_clone(rdf)); -} +%inline +%{ + bool _ldns_rr_rrsig_set_labels(ldns_rr *rr, ldns_rdf *rdf) + { + return ldns_rr_rrsig_set_labels(rr, ldns_rdf_clone(rdf)); + } %} %rename(__ldns_rr_rrsig_set_origttl) ldns_rr_rrsig_set_origttl; -%inline %{ -bool _ldns_rr_rrsig_set_origttl(ldns_rr* rr, ldns_rdf* rdf) { - return ldns_rr_rrsig_set_origttl(rr, ldns_rdf_clone(rdf)); -} +%inline +%{ + bool _ldns_rr_rrsig_set_origttl(ldns_rr *rr, ldns_rdf *rdf) + { + return ldns_rr_rrsig_set_origttl(rr, ldns_rdf_clone(rdf)); + } %} %rename(__ldns_rr_rrsig_set_sig) ldns_rr_rrsig_set_sig; -%inline %{ -bool _ldns_rr_rrsig_set_sig(ldns_rr* rr, ldns_rdf* rdf) { - return ldns_rr_rrsig_set_sig(rr, ldns_rdf_clone(rdf)); -} +%inline +%{ + bool _ldns_rr_rrsig_set_sig(ldns_rr *rr, ldns_rdf *rdf) { + return ldns_rr_rrsig_set_sig(rr, ldns_rdf_clone(rdf)); + } %} %rename(__ldns_rr_rrsig_set_signame) ldns_rr_rrsig_set_signame; -%inline %{ -bool _ldns_rr_rrsig_set_signame(ldns_rr* rr, ldns_rdf* rdf) { - return ldns_rr_rrsig_set_signame(rr, ldns_rdf_clone(rdf)); -} +%inline +%{ + bool _ldns_rr_rrsig_set_signame(ldns_rr *rr, ldns_rdf *rdf) + { + return ldns_rr_rrsig_set_signame(rr, ldns_rdf_clone(rdf)); + } %} %rename(__ldns_rr_rrsig_set_typecovered) ldns_rr_rrsig_set_typecovered; -%inline %{ -bool _ldns_rr_rrsig_set_typecovered(ldns_rr* rr, ldns_rdf* rdf) { - return ldns_rr_rrsig_set_typecovered(rr, ldns_rdf_clone(rdf)); -} +%inline +%{ + bool _ldns_rr_rrsig_set_typecovered(ldns_rr *rr, ldns_rdf *rdf) + { + return ldns_rr_rrsig_set_typecovered(rr, ldns_rdf_clone(rdf)); + } %} %rename(__ldns_rr_set_owner) ldns_rr_set_owner; -%inline %{ -void _ldns_rr_set_owner(ldns_rr* rr, ldns_rdf* rdf) { - return ldns_rr_set_owner(rr, ldns_rdf_clone(rdf)); -} +%inline +%{ + void _ldns_rr_set_owner(ldns_rr *rr, ldns_rdf *rdf) + { + return ldns_rr_set_owner(rr, ldns_rdf_clone(rdf)); + } %} +%newobject _ldns_rr_set_rdf; %rename(__ldns_rr_set_rdf) ldns_rr_set_rdf; -%inline %{ - ldns_rdf* _ldns_rr_set_rdf(ldns_rr* rr, ldns_rdf* rdf, size_t pos) { - return ldns_rr_set_rdf(rr, ldns_rdf_clone(rdf), pos); -} +%inline +%{ + ldns_rdf * _ldns_rr_set_rdf(ldns_rr *rr, ldns_rdf *rdf, size_t pos) + { + /* May leak memory on unsuccessful calls. */ + ldns_rdf *new, *ret; + + new = ldns_rdf_clone(rdf); + + if ((ret = ldns_rr_set_rdf(rr, new, pos)) == NULL) { + ldns_rdf_deep_free(new); + } + + return ret; + } %} -// end of push cloning +/* End of push cloning. */ %rename(_ldns_rr_new_frm_str) ldns_rr_new_frm_str; %rename(_ldns_rr_new_frm_fp_l) ldns_rr_new_frm_fp_l; %rename(_ldns_rr_new_frm_fp) ldns_rr_new_frm_fp; -%feature("docstring") ldns_struct_rr "Resource Record (RR) -The RR is the basic DNS element that contains actual data. This class allows to create RR and manipulate with the content." +/* ========================================================================= */ +/* Debugging related code. */ +/* ========================================================================= */ + + +#ifdef LDNS_DEBUG +%rename(__ldns_rr_free) ldns_rr_free; +%inline %{ + void _ldns_rr_free (ldns_rr *r) + { + printf("******** LDNS_RR free 0x%lX ************\n", (long unsigned int)r); + ldns_rr_free(r); + } +%} +#else /* !LDNS_DEBUG */ +%rename(_ldns_rr_free) ldns_rr_free; +#endif /* LDNS_DEBUG */ + + +/* ========================================================================= */ +/* Added C code. */ +/* ========================================================================= */ + +/* None. */ + + +/* ========================================================================= */ +/* Encapsulating Python code. */ +/* ========================================================================= */ + + +%feature("docstring") ldns_struct_rr "Resource Record (RR). + +The RR is the basic DNS element that contains actual data. This class allows +to create RR and manipulate with the content. + +Use :meth:`ldns_rr_new`, :meth:`ldns_rr_new_frm_type`, :meth:`new_frm_fp`, +:meth:`new_frm_fp_l`, :meth:`new_frm_str` or :meth:`new_question_frm_str` +to create :class:`ldns_rr` instances. +" %extend ldns_struct_rr { - %pythoncode %{ + %pythoncode + %{ def __init__(self): - raise Exception("This class can't be created directly. Please use: ldns_rr_new, ldns_rr_new_frm_type, new_frm_fp(), new_frm_fp_l(), new_frm_str() or new_question_frm_str") + raise Exception("This class can't be created directly. " + + "Please use: ldns_rr_new(), ldns_rr_new_frm_type(), " + + "new_frm_fp(), new_frm_fp_l(), new_frm_str() or " + + "new_question_frm_str()") __swig_destroy__ = _ldns._ldns_rr_free - #LDNS_RR_CONSTRUCTORS_# + # + # LDNS_RR_CONSTRUCTORS_ + # + @staticmethod - def new_frm_str(str, default_ttl=0, origin=None, prev=None, raiseException=True): - """Creates an rr object from a string. - - The string should be a fully filled-in rr, like ownername [space] TTL [space] CLASS [space] TYPE [space] RDATA. - - :param str: the string to convert - :param default_ttl: default ttl value for the rr. If 0 DEF_TTL will be used - :param origin: when the owner is relative add this - :param prev: the previous ownername - :param raiseException: if True, an exception occurs in case a rr instance can't be created - :returns: - * rr - (ldnsrr) RR instance or None. If the object can't be created and raiseException is True, an exception occurs. + def new_frm_str(string, default_ttl=0, origin=None, prev=None, raiseException=True): + """ + Creates an rr object from a string. + + The string should be a fully filled-in rr, like "owner_name + [space] TTL [space] CLASS [space] TYPE [space] RDATA." + + :param string: The string to convert. + :type string: str + :param default_ttl: Default ttl value for the rr. + If 0 DEF_TTL will be used. + :type default_ttl: int + :param origin: When the owner is relative add this. + :type origin: :class:`ldns_dname` + :param prev: The previous owner name. + :type prev: :class:`ldns_rdf` + :param raiseException: If True, an exception occurs in case a rr + instance can't be created. + :throws Exception: If `raiseExceprion` is set and fails. + :throws TypeError: When parameters of incorrect types. + :return: (:class:`ldns_rr`) RR instance or None. + + .. note:: + The type checking of `origin` is benevolent. + It allows also to pass a dname :class:`ldns_rdf` object. + This will probably change in future. **Usage** >>> import ldns - >>> rr = ldns.ldns_rr.new_frm_str("www.nic.cz. IN A 192.168.1.1",300) + >>> rr = ldns.ldns_rr.new_frm_str("www.nic.cz. IN A 192.168.1.1", 300) >>> print rr www.nic.cz. 300 IN A 192.168.1.1 - """ - status, rr, prev = _ldns.ldns_rr_new_frm_str_(str, default_ttl, origin, prev) + >>> rr = ldns.ldns_rr.new_frm_str("test.nic.cz. 600 IN A 192.168.1.2") + >>> print rr + test.nic.cz. 600 IN A 192.168.1.2 + + """ + if (not isinstance(origin, ldns_dname)) and \ + isinstance(origin, ldns_rdf) and \ + origin.get_type() == _ldns.LDNS_RDF_TYPE_DNAME: + warnings.warn("The ldns_rr.new_frm_str() method will" + + " drop the possibility to accept ldns_rdf as origin." + + " Convert argument to ldns_dname.", + PendingDeprecationWarning, stacklevel=2) + status, rr, prev = _ldns.ldns_rr_new_frm_str_(string, default_ttl, + origin, prev) if status != LDNS_STATUS_OK: - if (raiseException): raise Exception("Can't create RR, error: %d" % status) + if (raiseException): + raise Exception("Can't create RR, error: %d" % status) return None return rr @staticmethod - def new_question_frm_str(str, default_ttl=0, origin=None, prev=None, raiseException=True): - """Creates an rr object from a string. - - The string is like new_frm_str but without rdata. - - :param str: the string to convert - :param origin: when the owner is relative add this - :param prev: the previous ownername - :param raiseException: if True, an exception occurs in case a rr instance can't be created - :returns: - * rr - (ldnsrr) RR instance or None. If the object can't be created and raiseException is True, an exception occurs. - """ - status, rr, prev = _ldns.ldns_rr_new_question_frm_str_(str, origin, prev) + def new_question_frm_str(string, default_ttl=0, origin=None, prev=None, raiseException=True): + """ + Creates an rr object from a string. + + The string is like :meth:`new_frm_str` but without rdata. + + :param string: The string to convert. + :type string: str + :param origin: When the owner is relative add this. + :type origin: :class:`ldns_dname` + :param prev: The previous owner name. + :type prev: :class:`ldns_rdf` + :param raiseException: If True, an exception occurs in case + a rr instance can't be created. + :throws Exception: If `raiseExceprion` is set and fails. + :throws TypeError: When parameters of incorrect types. + :return: (:class:`ldns_rr`) RR instance or None. If the object + can't be created and `raiseException` is True, + an exception occurs. + + .. note:: + The type checking of `origin` is benevolent. + It allows also to pass a dname :class:`ldns_rdf` object. + This will probably change in future. + """ + if (not isinstance(origin, ldns_dname)) and \ + isinstance(origin, ldns_rdf) and \ + origin.get_type() == _ldns.LDNS_RDF_TYPE_DNAME: + warnings.warn("The ldns_rr.new_question_frm_str() method will" + + " drop the possibility to accept ldns_rdf as origin." + + " Convert argument to ldns_dname.", + PendingDeprecationWarning, stacklevel=2) + status, rr, prev = _ldns.ldns_rr_new_question_frm_str_(string, + origin, prev) if status != LDNS_STATUS_OK: - if (raiseException): raise Exception("Can't create RR, error: %d" % status) + if (raiseException): + raise Exception("Can't create RR, error: %d" % status) return None return rr @staticmethod - def new_frm_str_prev(str, default_ttl=0, origin=None, prev=None, raiseException=True): - """Creates an rr object from a string. - - The string should be a fully filled-in rr, like ownername [space] TTL [space] CLASS [space] TYPE [space] RDATA. - - :param str: the string to convert - :param default_ttl: default ttl value for the rr. If 0 DEF_TTL will be used - :param origin: when the owner is relative add this - :param prev: the previous ownername - :param raiseException: if True, an exception occurs in case a rr instance can't be created - :returns: - * rr - (ldnsrr) RR instance or None. If the object can't be created and raiseException is True, an exception occurs. + def new_frm_str_prev(string, default_ttl=0, origin=None, prev=None, raiseException=True): + """ + Creates an rr object from a string. + + The string should be a fully filled-in rr, like "owner_name + [space] TTL [space] CLASS [space] TYPE [space] RDATA". + + :param string: The string to convert. + :type string: str + :param default_ttl: Default ttl value for the rr. + If 0 DEF_TTL will be used. + :type default_ttl: int + :param origin: When the owner is relative add this. + :type origin: :class:`ldns_dname` + :param prev: The previous owner name. + :type prev: :class:`ldns_rdf` + :param raiseException: If True, an exception occurs in case when + a rr instance can't be created. + :throws Exception: If `raiseExceprion` is set and fails. + :throws TypeError: When parameters of incorrect types. + :return: None when fails, otherwise a tuple containing: + + * rr - (:class:`ldns_rr`) RR instance or None. + If the object can't be created and `raiseException` + is True, an exception occurs. - * prev - (ldns_rdf) ownername found in this string or None - """ - status, rr, prev = _ldns.ldns_rr_new_frm_str_(str, default_ttl, origin, prev) + * prev - (:class:`ldns_rdf`) Owner name found in this string + or None. + + .. note:: + The type checking of `origin` is benevolent. + It allows also to pass a dname :class:`ldns_rdf` object. + This will probably change in future. + """ + if (not isinstance(origin, ldns_dname)) and \ + isinstance(origin, ldns_rdf) and \ + origin.get_type() == _ldns.LDNS_RDF_TYPE_DNAME: + warnings.warn("The ldns_rr.new_frm_str_prev() method will" + + " drop the possibility to accept ldns_rdf as origin." + + " Convert argument to ldns_dname.", + PendingDeprecationWarning, stacklevel=2) + status, rr, prev = _ldns.ldns_rr_new_frm_str_(string, default_ttl, + origin, prev) if status != LDNS_STATUS_OK: - if (raiseException): raise Exception("Can't create RR, error: %d" % status) + if (raiseException): + raise Exception("Can't create RR, error: %d" % status) return None return rr, prev @staticmethod def new_frm_fp(file, default_ttl=0, origin=None, prev=None, raiseException=True): - """Creates a new rr from a file containing a string. - - :param file: file pointer - :param default_ttl: If 0 DEF_TTL will be used - :param origin: when the owner is relative add this. - :param prev: when the owner is whitespaces use this. - :param raiseException: if True, an exception occurs in case a resolver object can't be created - :returns: - * rr - (ldns_rr) RR object or None. If the object can't be created and raiseException is True, an exception occurs. - - * ttl - (int) None or TTL if the file contains a $TTL directive - - * origin - (ldns_rdf) None or dname if the file contains a $ORIGIN directive - - * prev - (ldns_rdf) None or updated value of prev parameter """ - res = _ldns.ldns_rr_new_frm_fp_l_(file, default_ttl, origin, prev, 0) + Creates a new rr from a file containing a string. + + :param file: Opened file. + :param default_ttl: If 0 DEF_TTL will be used. + :type default_ttl: int + :param origin: When the owner is relative add this. + :type origin: :class:`ldns_dname` + :param prev: When the owner is white spaces use this. + :type prev: :class:`ldns_rdf` + :param raiseException: If True, an exception occurs in case + a resolver object can't be created. + :throws Exception: If `raiseException` is set and the input + cannot be read. + :throws TypeError: When parameters of incorrect types. + :return: None when fails, otherwise a tuple containing: + + * rr - (:class:`ldns_rr`) RR object or None. If the object + can't be created and `raiseException` is True, + an exception occurs. + + * ttl - (int) None or TTL if the file contains a TTL + directive. + + * origin - (:class:`ldns_rdf`) None or dname rdf if the file + contains a ORIGIN directive. + + * prev - (:class:`ldns_rdf`) None or updated value + of prev parameter. + + .. note:: + The type checking of `origin` is benevolent. + It allows also to pass a dname :class:`ldns_rdf` object. + This will probably change in future. + """ + if (not isinstance(origin, ldns_dname)) and \ + isinstance(origin, ldns_rdf) and \ + origin.get_type() == _ldns.LDNS_RDF_TYPE_DNAME: + warnings.warn("The ldns_rr.new_frm_fp() method will" + + " drop the possibility to accept ldns_rdf as origin." + + " Convert argument to ldns_dname.", + PendingDeprecationWarning, stacklevel=2) + res = _ldns.ldns_rr_new_frm_fp_(file, default_ttl, origin, prev) if res[0] != LDNS_STATUS_OK: - if (raiseException): raise Exception("Can't create RR, error: %d" % res[0]) + if (raiseException): + raise Exception("Can't create RR, error: %d" % res[0]) return None return res[1:] @staticmethod def new_frm_fp_l(file, default_ttl=0, origin=None, prev=None, raiseException=True): - """Creates a new rr from a file containing a string. - - :param file: file pointer - :param default_ttl: If 0 DEF_TTL will be used - :param origin: when the owner is relative add this. - :param prev: when the owner is whitespaces use this. - :param raiseException: if True, an exception occurs in case a resolver object can't be created - :returns: - * rr - (ldns_rr) RR object or None. If the object can't be created and raiseException is True, an exception occurs. - - * line - (int) line number (for debugging) - - * ttl - (int) None or TTL if the file contains a $TTL directive - - * origin - (ldns_rdf) None or dname if the file contains a $ORIGIN directive - - * prev - (ldns_rdf) None or updated value of prev parameter """ - res = _ldns.ldns_rr_new_frm_fp_l_(file, default_ttl, origin, prev, 1) + Creates a new rr from a file containing a string. + + :param file: Opened file. + :param default_ttl: If 0 DEF_TTL will be used. + :type default_ttl: int + :param origin: When the owner is relative add this. + :type origin: :class:`ldns_dname` + :param prev: When the owner is white spaces use this. + :type prev: :class:`ldns_rdf` + :param raiseException: Iif True, an exception occurs in case + a resolver object can't be created. + :throws Exception: If `raiseException` is set and the input + cannot be read. + :throws TypeError: When parameters of incorrect types. + :return: None when fails, otherwise a tuple containing: + + * rr - (:class:`ldns_rr`) RR object or None. If the object + can't be created and `raiseException` is True, + an exception occurs. + + * line - (int) line number (for debugging). + + * ttl - (int) None or TTL if the file contains a TTL + directive . + + * origin - (:class:`ldns_rdf`) None or dname rdf if the file + contains a ORIGIN directive. + + * prev - (:class:`ldns_rdf`) None or updated value of prev + parameter. + + .. note:: + The type checking of `origin` is benevolent. + It allows also to pass a dname :class:`ldns_rdf` object. + This will probably change in future. + """ + if (not isinstance(origin, ldns_dname)) and \ + isinstance(origin, ldns_rdf) and \ + origin.get_type() == _ldns.LDNS_RDF_TYPE_DNAME: + warnings.warn("The ldns_rr.new_frm_fp_l() method will" + + " drop the possibility to accept ldns_rdf as origin." + + " Convert argument to ldns_dname.", + PendingDeprecationWarning, stacklevel=2) + res = _ldns.ldns_rr_new_frm_fp_l_(file, default_ttl, origin, prev) if res[0] != LDNS_STATUS_OK: - if (raiseException): raise Exception("Can't create RR, error: %d" % res[0]) + if (raiseException): + raise Exception("Can't create RR, error: %d" % res[0]) return None return res[1:] - #_LDNS_RR_CONSTRUCTORS# + # + # _LDNS_RR_CONSTRUCTORS + # def __str__(self): - """converts the data in the resource record to presentation format""" + """ + Converts the data in the resource record to presentation format. + + :return: (str) + """ return _ldns.ldns_rr2str(self) def __cmp__(self, other): - """compares two rrs. + """ + Compares two rrs. The TTL is not looked at. - :param other: - the second RR one - :returns: (int) 0 if equal -1 if self comes before other RR +1 if other RR comes before self + :param other: The second RR one. + :type other: :class:`ldns_rr` + :throws TypeError: When `other` of non-:class:`ldns_rr` type. + :return: (int) 0 if equal, -1 if `self` comes before `other`, + 1 if `other` RR comes before `self`. """ - return _ldns.ldns_rr_compare(self,other) + return _ldns.ldns_rr_compare(self, other) + + def __lt__(self, other): + """ + Compares two rrs. + + The TTL is not looked at. + + :param other: The second RR one. + :type other: :class:`ldns_rr` + :throws TypeError: When `other` of non-:class:`ldns_rr` type. + :return: (bool) True when `self` is less than 'other'. + """ + return _ldns.ldns_rr_compare(self, other) == -1 + + def __le__(self, other): + """ + Compares two rrs. + + The TTL is not looked at. + + :param other: The second RR one. + :type other: :class:`ldns_rr` + :throws TypeError: When `other` of non-:class:`ldns_rr` type. + :return: (bool) True when `self` is less than or equal to + 'other'. + """ + return _ldns.ldns_rr_compare(self, other) != 1 + + def __eq__(self, other): + """ + Compares two rrs. + + The TTL is not looked at. + + :param other: The second RR one. + :type other: :class:`ldns_rr` + :throws TypeError: When `other` of non-:class:`ldns_rr` type. + :return: (bool) True when `self` is equal to 'other'. + """ + return _ldns.ldns_rr_compare(self, other) == 0 + + def __ne__(self, other): + """ + Compares two rrs. + + The TTL is not looked at. + + :param other: The second RR one. + :type other: :class:`ldns_rr` + :throws TypeError: When `other` of non-:class:`ldns_rr` type. + :return: (bool) True when `self` is not equal to 'other'. + """ + return _ldns.ldns_rr_compare(self, other) != 0 + + def __gt__(self, other): + """ + Compares two rrs. + + The TTL is not looked at. + + :param other: The second RR one. + :type other: :class:`ldns_rr` + :throws TypeError: When `other` of non-:class:`ldns_rr` type. + :return: (bool) True when `self` is greater than 'other'. + """ + return _ldns.ldns_rr_compare(self, other) == 1 + + def __ge__(self, other): + """ + Compares two rrs. + + The TTL is not looked at. + + :param other: The second RR one. + :type other: :class:`ldns_rr` + :throws TypeError: When `other` of non-:class:`ldns_rr` type. + :return: (bool) True when `self` is greater than or equal to + 'other'. + """ + return _ldns.ldns_rr_compare(self, other) != -1 + + @staticmethod + def class_by_name(string): + """ + Retrieves a class identifier value by looking up its name. + + :param string: Class name. + :type string: str + :throws TypeError: when `string` of inappropriate type. + :return: (int) Class identifier value, or 0 if not valid + class name given. + """ + return _ldns.ldns_get_rr_class_by_name(string) def rdfs(self): - """returns the list of rdata records.""" - for i in range(0,self.rd_count()): + """ + Returns a generator object of rdata records. + + :return: Generator of :class:`ldns_rdf`. + """ + for i in range(0, self.rd_count()): yield self.rdf(i) - def print_to_file(self,output): - """Prints the data in the resource record to the given file stream (in presentation format).""" - _ldns.ldns_rr_print(output,self) - #parameters: FILE *,const ldns_rr *, + def print_to_file(self, output): + """ + Prints the data in the resource record to the given file stream + (in presentation format). + + :param output: Opened file stream. + :throws TypeError: When `output` not a file. + """ + _ldns.ldns_rr_print(output, self) + #parameters: FILE *, const ldns_rr *, def get_type_str(self): - """Converts an RR type value to its string representation, and returns that string.""" + """ + Converts an RR type value to its string representation, + and returns that string. + + :return: (str) containing type identification. + """ return _ldns.ldns_rr_type2str(self.get_type()) #parameters: const ldns_rr_type, def get_class_str(self): - """Converts an RR class value to its string representation, and returns that string.""" + """ + Converts an RR class value to its string representation, + and returns that string. + + :return: (str) containing class identification. + """ return _ldns.ldns_rr_class2str(self.get_class()) #parameters: const ldns_rr_class, @staticmethod - def dnskey_key_size_raw(keydata,len,alg): - """get the length of the keydata in bits""" - return _ldns.ldns_rr_dnskey_key_size_raw(keydata,len,alg) + def dnskey_key_size_raw(keydata, len, alg): + """ + Get the length of the keydata in bits. + + :param keydata: Key raw data. + :type keydata: unsigned char \* + :param len: Number of bytes of `keydata`. + :type len: size_t + :param alg: Algorithm identifier. + :type alg: ldns_algorithm + + :return: (size_t) The length of key data in bits. + """ + return _ldns.ldns_rr_dnskey_key_size_raw(keydata, len, alg) #parameters: const unsigned char *,const size_t,const ldns_algorithm, #retvals: size_t def write_to_buffer(self,buffer,section): - """Copies the rr data to the buffer in wire format. + """ + Copies the rr data to the buffer in wire format. - :param buffer: buffer to append the result to buffer - :param section: the section in the packet this rr is supposed to be in (to determine whether to add rdata or not) - :returns: (ldns_status) ldns_status + :param buffer: Buffer to append the result to. + :type buffer: :class:`ldns_buffer` + :param section: The section in the packet this rr is supposed + to be in (to determine whether to add rdata or not). + :type section: int + :throws TypeError: when arguments of mismatching types passed. + :return: (ldns_status) ldns_status """ - return _ldns.ldns_rr2buffer_wire(buffer,self,section) + return _ldns.ldns_rr2buffer_wire(buffer, self, section) #parameters: ldns_buffer *,const ldns_rr *,int, #retvals: ldns_status def write_to_buffer_canonical(self,buffer,section): - """Copies the rr data to the buffer in wire format, in canonical format according to RFC3597 (every dname in rdata fields of RR's mentioned in that RFC will be lowercased). + """ + Copies the rr data to the buffer in wire format, in canonical + format according to RFC3597 (every dname in rdata fields + of RR's mentioned in that RFC will be converted to lower-case). - :param buffer: buffer to append the result to buffer - :param section: the section in the packet this rr is supposed to be in (to determine whether to add rdata or not) - :returns: (ldns_status) ldns_status + :param buffer: Buffer to append the result to. + :type buffer: :class:`ldns_buffer` + :param section: The section in the packet this rr is supposed + to be in (to determine whether to add rdata or not). + :type section: int + :throws TypeError: when arguments of mismatching types passed. + :return: (ldns_status) ldns_status """ return _ldns.ldns_rr2buffer_wire_canonical(buffer,self,section) #parameters: ldns_buffer *,const ldns_rr *,int, #retvals: ldns_status - def write_data_to_buffer(self,buffer): - """Converts an rr's rdata to wireformat, while excluding the ownername and all the stuff before the rdata. + def write_data_to_buffer(self, buffer): + """ + Converts an rr's rdata to wire format, while excluding the + owner name and all the stuff before the rdata. - This is needed in DNSSEC keytag calculation, the ds calcalution from the key and maybe elsewhere. + This is needed in DNSSEC key-tag calculation, the ds + calculation from the key and maybe elsewhere. - :param buffer: buffer to append the result to - :returns: (ldns_status) ldns_status + :param buffer: Buffer to append the result to. + :type buffer: :class:`ldns_buffer` + :throws TypeError: when `buffer` of non-:class:`ldns_buffer` + type. + :return: (ldns_status) ldns_status """ return _ldns.ldns_rr_rdata2buffer_wire(buffer,self) - #parameters: ldns_buffer *,const ldns_rr *, + #parameters: ldns_buffer *, const ldns_rr *, #retvals: ldns_status - def write_rrsig_to_buffer(self,buffer): - """Converts a rrsig to wireformat BUT EXCLUDE the rrsig rdata + def write_rrsig_to_buffer(self, buffer): + """ + Converts a rrsig to wire format BUT EXCLUDE the rrsig rdata. This is needed in DNSSEC verification. - :param buffer: buffer to append the result to - :returns: (ldns_status) ldns_status + :param buffer: Buffer to append the result to. + :type buffer: :class:`ldns_buffer` + :throws TypeError: when `buffer` of non-:class:`ldns_buffer` + type. + :return: (ldns_status) ldns_status """ return _ldns.ldns_rrsig2buffer_wire(buffer,self) #parameters: ldns_buffer *,const ldns_rr *, #retvals: ldns_status - #LDNS_RR_METHODS_# + # + # LDNS_RR_METHODS_ + # + def a_address(self): - """returns the address of a LDNS_RR_TYPE_A rr + """ + Returns the address rdf of a LDNS_RR_TYPE_A or LDNS_RR_TYPE_AAAA + rr. - :returns: (ldns_rdf \*) a ldns_rdf* with the address or NULL on failure + :return: (:class:`ldns_rdf`) with the address or None on + failure. """ return _ldns._ldns_rr_a_address(self) #parameters: const ldns_rr *, #retvals: ldns_rdf * - def a_set_address(self,f): - """sets the address of a LDNS_RR_TYPE_A rr + def a_set_address(self, f): + """ + Sets the address of a LDNS_RR_TYPE_A or LDNS_RR_TYPE_AAAA rr. - :param f: - the address to set - :returns: (bool) true on success, false otherwise + :param f: The address to be set. + :type f: :class:`ldns_rdf` + :throws TypeError: When `f` of non-:class:`ldns_rdf` type. + :return: (bool) True on success, False otherwise. """ - return _ldns._ldns_rr_a_set_address(self,f) - #parameters: ldns_rr *,ldns_rdf *, + return _ldns._ldns_rr_a_set_address(self, f) + #parameters: ldns_rr *, ldns_rdf *, #retvals: bool def clone(self): - """clones a rr and all its data + """ + Clones a rr and all its data. - :returns: (ldns_rr \*) the new rr or NULL on failure + :return: (:class:`ldns_rr`) The new rr or None on failure. """ return _ldns.ldns_rr_clone(self) #parameters: const ldns_rr *, #retvals: ldns_rr * - - def compare_ds(self,rr2): - """returns true of the given rr's are equal. + + def compare_ds(self, rr2): + """ + Returns True if the given rr's are equal. - Also returns true if one record is a DS that represents the same DNSKEY record as the other record + Also returns True if one record is a DS that represents the + same DNSKEY record as the other record. - :param rr2: - the second rr - :returns: (bool) true if equal otherwise false + :param rr2: The second rr. + :type rr2: :class:`ldns_rr` + :throws TypeError: When `rr2` of non-:class:`ldns_rr` type. + :return: (bool) True if equal otherwise False. """ - return _ldns.ldns_rr_compare_ds(self,rr2) - #parameters: const ldns_rr *,const ldns_rr *, + return _ldns.ldns_rr_compare_ds(self, rr2) + #parameters: const ldns_rr *, const ldns_rr *, #retvals: bool - def compare_no_rdata(self,rr2): - """compares two rrs, up to the rdata. + def compare_no_rdata(self, rr2): + """ + Compares two rrs, up to the rdata. - :param rr2: - the second one - :returns: (int) 0 if equal -1 if rr1 comes before rr2 +1 if rr2 comes before rr1 + :param rr2: Rhe second rr. + :type rr2: :class:`ldns_rr` + :throws TypeError: When `rr2` of non-:class:`ldns_rr` type. + :return: (int) 0 if equal, negative integer if `self` comes + before `rr2`, positive integer if `rr2` comes before `self`. """ - return _ldns.ldns_rr_compare_no_rdata(self,rr2) - #parameters: const ldns_rr *,const ldns_rr *, + return _ldns.ldns_rr_compare_no_rdata(self, rr2) + #parameters: const ldns_rr *, const ldns_rr *, #retvals: int def dnskey_algorithm(self): - """returns the algorithm of a LDNS_RR_TYPE_DNSKEY rr + """ + Returns the algorithm of a LDNS_RR_TYPE_DNSKEY rr. - :returns: (ldns_rdf \*) a ldns_rdf* with the algorithm or NULL on failure + :return: (:class:`ldns_rdf`) with the algorithm or None + on failure. """ return _ldns._ldns_rr_dnskey_algorithm(self) #parameters: const ldns_rr *, #retvals: ldns_rdf * def dnskey_flags(self): - """returns the flags of a LDNS_RR_TYPE_DNSKEY rr + """ + Returns the flags of a LDNS_RR_TYPE_DNSKEY rr. - :returns: (ldns_rdf \*) a ldns_rdf* with the flags or NULL on failure + :return: (:class:`ldns_rdf`) with the flags or None on failure. """ return _ldns._ldns_rr_dnskey_flags(self) #parameters: const ldns_rr *, #retvals: ldns_rdf * def dnskey_key(self): - """returns the key data of a LDNS_RR_TYPE_DNSKEY rr + """ + Returns the key data of a LDNS_RR_TYPE_DNSKEY rr. - :returns: (ldns_rdf \*) a ldns_rdf* with the key data or NULL on failure + :return: (:class:`ldns_rdf`) with the key data or None on + failure. """ return _ldns._ldns_rr_dnskey_key(self) #parameters: const ldns_rr *, #retvals: ldns_rdf * def dnskey_key_size(self): - """get the length of the keydata in bits + """ + Get the length of the keydata in bits. - :returns: (size_t) the keysize in bits + :return: (size_t) the keysize in bits. """ return _ldns.ldns_rr_dnskey_key_size(self) #parameters: const ldns_rr *, #retvals: size_t def dnskey_protocol(self): - """returns the protocol of a LDNS_RR_TYPE_DNSKEY rr + """ + Returns the protocol of a LDNS_RR_TYPE_DNSKEY rr. - :returns: (ldns_rdf \*) a ldns_rdf* with the protocol or NULL on failure + :return: (:class:`ldns_rdf`) with the protocol or None on + failure. """ return _ldns._ldns_rr_dnskey_protocol(self) #parameters: const ldns_rr *, #retvals: ldns_rdf * - def dnskey_set_algorithm(self,f): - """sets the algorithm of a LDNS_RR_TYPE_DNSKEY rr + def dnskey_set_algorithm(self, f): + """ + Sets the algorithm of a LDNS_RR_TYPE_DNSKEY rr - :param f: - the algorithm to set - :returns: (bool) true on success, false otherwise + :param f: The algorithm to set. + :type f: :class:`ldns_rdf` + :throws TypeError: When `f` of non-:class:`ldns_rdf` type. + :return: (bool) True on success, False otherwise. """ - return _ldns._ldns_rr_dnskey_set_algorithm(self,f) - #parameters: ldns_rr *,ldns_rdf *, + return _ldns._ldns_rr_dnskey_set_algorithm(self, f) + #parameters: ldns_rr *, ldns_rdf *, #retvals: bool - def dnskey_set_flags(self,f): - """sets the flags of a LDNS_RR_TYPE_DNSKEY rr + def dnskey_set_flags(self, f): + """ + Sets the flags of a LDNS_RR_TYPE_DNSKEY rr. - :param f: - the flags to set - :returns: (bool) true on success, false otherwise + :param f: The flags to be set. + :type f: :class:`ldns_rdf` + :throws TypeError: When `f` of non-:class:`ldns_rdf` type. + :return: (bool) True on success, False otherwise. """ - return _ldns._ldns_rr_dnskey_set_flags(self,f) - #parameters: ldns_rr *,ldns_rdf *, + return _ldns._ldns_rr_dnskey_set_flags(self, f) + #parameters: ldns_rr *, ldns_rdf *, #retvals: bool - def dnskey_set_key(self,f): - """sets the key data of a LDNS_RR_TYPE_DNSKEY rr + def dnskey_set_key(self, f): + """ + Sets the key data of a LDNS_RR_TYPE_DNSKEY rr. - :param f: - the key data to set - :returns: (bool) true on success, false otherwise + :param f: The key data to set. + :type f: :class:`ldns_rdf` + :throws TypeError: When `f` of non-:class:`ldns_rdf` type. + :return: (bool) True on success, False otherwise. """ - return _ldns._ldns_rr_dnskey_set_key(self,f) - #parameters: ldns_rr *,ldns_rdf *, + return _ldns._ldns_rr_dnskey_set_key(self, f) + #parameters: ldns_rr *, ldns_rdf *, #retvals: bool def dnskey_set_protocol(self,f): - """sets the protocol of a LDNS_RR_TYPE_DNSKEY rr + """ + Sets the protocol of a LDNS_RR_TYPE_DNSKEY rr. - :param f: - the protocol to set - :returns: (bool) true on success, false otherwise + :param f: The protocol to set. + :type f: :class:`ldns_rdf` + :throws TypeError: When `f` of non-:class:`ldns_rdf` type. + :return: (bool) True on success, False otherwise. """ return _ldns._ldns_rr_dnskey_set_protocol(self,f) #parameters: ldns_rr *,ldns_rdf *, #retvals: bool def get_class(self): - """returns the class of the rr. + """ + Returns the class of the rr. - :returns: (ldns_rr_class) the class of the rr + :return: (int) The class identifier of the rr. """ return _ldns.ldns_rr_get_class(self) #parameters: const ldns_rr *, #retvals: ldns_rr_class def get_type(self): - """returns the type of the rr. + """ + Returns the type of the rr. - :returns: (ldns_rr_type) the type of the rr + :return: (int) The type identifier of the rr. """ return _ldns.ldns_rr_get_type(self) #parameters: const ldns_rr *, #retvals: ldns_rr_type + def is_question(self): + """ + Returns the question flag of a rr structure. + + :return: (bool) True if question flag is set. + """ + return _ldns.ldns_rr_is_question(self) + def label_count(self): - """counts the number of labels of the ownername. + """ + Counts the number of labels of the owner name. - :returns: (uint8_t) the number of labels + :return: (int) The number of labels. """ return _ldns.ldns_rr_label_count(self) #parameters: ldns_rr *, #retvals: uint8_t def mx_exchange(self): - """returns the mx host of a LDNS_RR_TYPE_MX rr + """ + Returns the mx host of a LDNS_RR_TYPE_MX rr. - :returns: (ldns_rdf \*) a ldns_rdf* with the name of the MX host or NULL on failure + :return: (:class:`ldns_rdf`) with the name of the MX host + or None on failure. """ return _ldns._ldns_rr_mx_exchange(self) #parameters: const ldns_rr *, #retvals: ldns_rdf * def mx_preference(self): - """returns the mx pref. - - of a LDNS_RR_TYPE_MX rr + """ + Returns the mx preference of a LDNS_RR_TYPE_MX rr. - :returns: (ldns_rdf \*) a ldns_rdf* with the preference or NULL on failure + :return: (:class:`ldns_rdf`) with the preference or None + on failure. """ return _ldns._ldns_rr_mx_preference(self) #parameters: const ldns_rr *, #retvals: ldns_rdf * def ns_nsdname(self): - """returns the name of a LDNS_RR_TYPE_NS rr + """ + Returns the name of a LDNS_RR_TYPE_NS rr. - :returns: (ldns_rdf \*) a ldns_rdf* with the name or NULL on failure + :return: (:class:`ldns_rdf`) A dname rdf with the name or + None on failure. """ return _ldns._ldns_rr_ns_nsdname(self) #parameters: const ldns_rr *, #retvals: ldns_rdf * def owner(self): - """returns the owner name of an rr structure. + """ + Returns the owner name of an rr structure. - :returns: (ldns_rdf \*) ldns_rdf * + :return: (:class:`ldns_dname`) Owner name or None on failure. """ - return _ldns._ldns_rr_owner(self) + rdf = _ldns._ldns_rr_owner(self) + if rdf: + rdf = ldns_dname(rdf, clone=False) + return rdf #parameters: const ldns_rr *, #retvals: ldns_rdf * def pop_rdf(self): - """removes a rd_field member, it will be popped from the last position. + """ + Removes a rd_field member, it will be popped from the last + position. - :returns: (ldns_rdf \*) rdf which was popped (null if nothing) + :return: (:class:`ldns_rdf`) rdf which was popped, None if + nothing. """ return _ldns.ldns_rr_pop_rdf(self) #parameters: ldns_rr *, #retvals: ldns_rdf * def push_rdf(self,f): - """sets rd_field member, it will be placed in the next available spot. + """ + Sets rd_field member, it will be placed in the next available + spot. - :param f: - :returns: (bool) bool + :param f: The rdf to be appended. + :type f: :class:`ldns_rdf` + :throws TypeError: When `f` of non-:class:`ldns_rdf` type. + :return: (bool) Returns True if success, False otherwise. """ - return _ldns._ldns_rr_push_rdf(self,f) - #parameters: ldns_rr *,const ldns_rdf *, + return _ldns._ldns_rr_push_rdf(self, f) + #parameters: ldns_rr *, const ldns_rdf *, #retvals: bool def rd_count(self): - """returns the rd_count of an rr structure. + """ + Returns the rd_count of an rr structure. - :returns: (size_t) the rd count of the rr + :return: (size_t) the rd count of the rr. """ return _ldns.ldns_rr_rd_count(self) #parameters: const ldns_rr *, #retvals: size_t - def rdf(self,nr): - """returns the rdata field member counter. + def rdf(self, nr): + """ + Returns the rdata field with the given index. - :param nr: - the number of the rdf to return - :returns: (ldns_rdf \*) ldns_rdf * + :param nr: The index of the rdf to return. + :type nr: positive int + :throws TypeError: When `nr` not a positive integer. + :return: (:class:`ldns_rdf`) The given rdf or None if fails. """ - return _ldns._ldns_rr_rdf(self,nr) - #parameters: const ldns_rr *,size_t, + return _ldns._ldns_rr_rdf(self, nr) + #parameters: const ldns_rr *, size_t, #retvals: ldns_rdf * def rrsig_algorithm(self): - """returns the algorithm of a LDNS_RR_TYPE_RRSIG RR + """ + Returns the algorithm identifier of a LDNS_RR_TYPE_RRSIG RR. - :returns: (ldns_rdf \*) a ldns_rdf* with the algorithm or NULL on failure + :return: (:class:`ldns_rdf`) with the algorithm or None + on failure. """ return _ldns._ldns_rr_rrsig_algorithm(self) #parameters: const ldns_rr *, #retvals: ldns_rdf * def rrsig_expiration(self): - """returns the expiration time of a LDNS_RR_TYPE_RRSIG RR + """ + Returns the expiration time of a LDNS_RR_TYPE_RRSIG RR. - :returns: (ldns_rdf \*) a ldns_rdf* with the expiration time or NULL on failure + :return: (:class:`ldns_rdf`) with the expiration time or None + on failure. """ return _ldns._ldns_rr_rrsig_expiration(self) #parameters: const ldns_rr *, #retvals: ldns_rdf * def rrsig_inception(self): - """returns the inception time of a LDNS_RR_TYPE_RRSIG RR + """ + Returns the inception time of a LDNS_RR_TYPE_RRSIG RR. - :returns: (ldns_rdf \*) a ldns_rdf* with the inception time or NULL on failure + :return: (:class:`ldns_rdf`) with the inception time or None + on failure. """ return _ldns._ldns_rr_rrsig_inception(self) #parameters: const ldns_rr *, #retvals: ldns_rdf * def rrsig_keytag(self): - """returns the keytag of a LDNS_RR_TYPE_RRSIG RR + """ + Returns the keytag of a LDNS_RR_TYPE_RRSIG RR. - :returns: (ldns_rdf \*) a ldns_rdf* with the keytag or NULL on failure + :return: (:class:`ldns_rdf`) with the keytag or None on failure. """ return _ldns._ldns_rr_rrsig_keytag(self) #parameters: const ldns_rr *, #retvals: ldns_rdf * def rrsig_labels(self): - """returns the number of labels of a LDNS_RR_TYPE_RRSIG RR + """ + Returns the number of labels of a LDNS_RR_TYPE_RRSIG RR. - :returns: (ldns_rdf \*) a ldns_rdf* with the number of labels or NULL on failure + :return: (:class:`ldns_rdf`) with the number of labels or None + on failure. """ return _ldns._ldns_rr_rrsig_labels(self) #parameters: const ldns_rr *, #retvals: ldns_rdf * def rrsig_origttl(self): - """returns the original TTL of a LDNS_RR_TYPE_RRSIG RR + """ + Returns the original TTL of a LDNS_RR_TYPE_RRSIG RR. - :returns: (ldns_rdf \*) a ldns_rdf* with the original TTL or NULL on failure + :return: (:class:`ldns_rdf`) with the original TTL or None + on failure. """ return _ldns._ldns_rr_rrsig_origttl(self) #parameters: const ldns_rr *, #retvals: ldns_rdf * - def rrsig_set_algorithm(self,f): - """sets the algorithm of a LDNS_RR_TYPE_RRSIG rr + def rrsig_set_algorithm(self, f): + """ + Sets the algorithm of a LDNS_RR_TYPE_RRSIG rr. - :param f: - the algorithm to set - :returns: (bool) true on success, false otherwise + :param f: The algorithm to set. + :type f: :class:`ldns_rdf` + :throws TypeError: when `f` of non-:class:`ldns_rdf` type. + :return: (bool) True on success, False otherwise. """ - return _ldns._ldns_rr_rrsig_set_algorithm(self,f) - #parameters: ldns_rr *,ldns_rdf *, + return _ldns._ldns_rr_rrsig_set_algorithm(self, f) + #parameters: ldns_rr *, ldns_rdf *, #retvals: bool - def rrsig_set_expiration(self,f): - """sets the expireation date of a LDNS_RR_TYPE_RRSIG rr + def rrsig_set_expiration(self, f): + """ + Sets the expireation date of a LDNS_RR_TYPE_RRSIG rr. - :param f: - the expireation date to set - :returns: (bool) true on success, false otherwise + :param f: The expireation date to set. + :type f: :class:`ldns_rdf` + :throws TypeError: when `f` of non-:class:`ldns_rdf` type. + :return: (bool) True on success, False otherwise. """ - return _ldns._ldns_rr_rrsig_set_expiration(self,f) - #parameters: ldns_rr *,ldns_rdf *, + return _ldns._ldns_rr_rrsig_set_expiration(self, f) + #parameters: ldns_rr *, ldns_rdf *, #retvals: bool - def rrsig_set_inception(self,f): - """sets the inception date of a LDNS_RR_TYPE_RRSIG rr + def rrsig_set_inception(self, f): + """ + Sets the inception date of a LDNS_RR_TYPE_RRSIG rr. - :param f: - the inception date to set - :returns: (bool) true on success, false otherwise + :param f: The inception date to set. + :type f: :class:`ldns_rdf` + :throws TypeError: when `f` of non-:class:`ldns_rdf` type. + :return: (bool) True on success, False otherwise. """ - return _ldns._ldns_rr_rrsig_set_inception(self,f) - #parameters: ldns_rr *,ldns_rdf *, + return _ldns._ldns_rr_rrsig_set_inception(self, f) + #parameters: ldns_rr *, ldns_rdf *, #retvals: bool - def rrsig_set_keytag(self,f): - """sets the keytag of a LDNS_RR_TYPE_RRSIG rr + def rrsig_set_keytag(self, f): + """ + Sets the keytag of a LDNS_RR_TYPE_RRSIG rr. - :param f: - the keytag to set - :returns: (bool) true on success, false otherwise + :param f: The keytag to set. + :type f: :class:`ldns_rdf` + :throws TypeError: when `f` of non-:class:`ldns_rdf` type. + :return: (bool) True on success, False otherwise. """ - return _ldns._ldns_rr_rrsig_set_keytag(self,f) - #parameters: ldns_rr *,ldns_rdf *, + return _ldns._ldns_rr_rrsig_set_keytag(self, f) + #parameters: ldns_rr *, ldns_rdf *, #retvals: bool - def rrsig_set_labels(self,f): - """sets the number of labels of a LDNS_RR_TYPE_RRSIG rr + def rrsig_set_labels(self, f): + """ + Sets the number of labels of a LDNS_RR_TYPE_RRSIG rr. - :param f: - the number of labels to set - :returns: (bool) true on success, false otherwise + :param f: The number of labels to set. + :type f: :class:`ldns_rdf` + :throws TypeError: when `f` of non-:class:`ldns_rdf` type. + :return: (bool) True on success, False otherwise. """ - return _ldns._ldns_rr_rrsig_set_labels(self,f) - #parameters: ldns_rr *,ldns_rdf *, + return _ldns._ldns_rr_rrsig_set_labels(self, f) + #parameters: ldns_rr *, ldns_rdf *, #retvals: bool - def rrsig_set_origttl(self,f): - """sets the original TTL of a LDNS_RR_TYPE_RRSIG rr + def rrsig_set_origttl(self, f): + """ + Sets the original TTL of a LDNS_RR_TYPE_RRSIG rr. - :param f: - the original TTL to set - :returns: (bool) true on success, false otherwise + :param f: The original TTL to set. + :type f: :class:`ldns_rdf` + :throws TypeError: when `f` of non-:class:`ldns_rdf` type. + :return: (bool) True on success, False otherwise. """ - return _ldns._ldns_rr_rrsig_set_origttl(self,f) - #parameters: ldns_rr *,ldns_rdf *, + return _ldns._ldns_rr_rrsig_set_origttl(self, f) + #parameters: ldns_rr *, ldns_rdf *, #retvals: bool - def rrsig_set_sig(self,f): - """sets the signature data of a LDNS_RR_TYPE_RRSIG rr + def rrsig_set_sig(self, f): + """ + Sets the signature data of a LDNS_RR_TYPE_RRSIG rr. - :param f: - the signature data to set - :returns: (bool) true on success, false otherwise + :param f: The signature data to set. + :type f: :class:`ldns_rdf` + :throws TypeError: when `f` of non-:class:`ldns_rdf` type. + :return: (bool) True on success, False otherwise. """ - return _ldns._ldns_rr_rrsig_set_sig(self,f) - #parameters: ldns_rr *,ldns_rdf *, + return _ldns._ldns_rr_rrsig_set_sig(self, f) + #parameters: ldns_rr *, ldns_rdf *, #retvals: bool - def rrsig_set_signame(self,f): - """sets the signers name of a LDNS_RR_TYPE_RRSIG rr + def rrsig_set_signame(self, f): + """ + Sets the signers name of a LDNS_RR_TYPE_RRSIG rr. - :param f: - the signers name to set - :returns: (bool) true on success, false otherwise + :param f: The signers name to set. + :type f: :class:`ldns_rdf` + :throws TypeError: when `f` of non-:class:`ldns_rdf` type. + :return: (bool) True on success, False otherwise. """ - return _ldns._ldns_rr_rrsig_set_signame(self,f) - #parameters: ldns_rr *,ldns_rdf *, + return _ldns._ldns_rr_rrsig_set_signame(self, f) + #parameters: ldns_rr *, ldns_rdf *, #retvals: bool - def rrsig_set_typecovered(self,f): - """sets the typecovered of a LDNS_RR_TYPE_RRSIG rr + def rrsig_set_typecovered(self, f): + """ + Sets the typecovered of a LDNS_RR_TYPE_RRSIG rr. - :param f: - the typecovered to set - :returns: (bool) true on success, false otherwise + :param f: The type covered to set. + :type f: :class:`ldns_rdf` + :throws TypeError: when `f` of non-:class:`ldns_rdf` type. + :return: (bool) True on success, False otherwise. """ - return _ldns._ldns_rr_rrsig_set_typecovered(self,f) - #parameters: ldns_rr *,ldns_rdf *, + return _ldns._ldns_rr_rrsig_set_typecovered(self, f) + #parameters: ldns_rr *, ldns_rdf *, #retvals: bool def rrsig_sig(self): - """returns the signature data of a LDNS_RR_TYPE_RRSIG RR + """ + Returns the signature data of a LDNS_RR_TYPE_RRSIG RR. - :returns: (ldns_rdf \*) a ldns_rdf* with the signature data or NULL on failure + :return: (:class:`ldns_rdf`) with the signature data or None + on failure. """ return _ldns._ldns_rr_rrsig_sig(self) #parameters: const ldns_rr *, #retvals: ldns_rdf * def rrsig_signame(self): - """returns the signers name of a LDNS_RR_TYPE_RRSIG RR + """ + Returns the signers name of a LDNS_RR_TYPE_RRSIG RR. - :returns: (ldns_rdf \*) a ldns_rdf* with the signers name or NULL on failure + :return: (:class:`ldns_rdf`) with the signers name or None + on failure. """ return _ldns._ldns_rr_rrsig_signame(self) #parameters: const ldns_rr *, #retvals: ldns_rdf * def rrsig_typecovered(self): - """returns the type covered of a LDNS_RR_TYPE_RRSIG rr + """ + Returns the type covered of a LDNS_RR_TYPE_RRSIG rr. - :returns: (ldns_rdf \*) a ldns_rdf* with the type covered or NULL on failure + :return: (:class:`ldns_rdf`) with the type covered or None + on failure. """ return _ldns._ldns_rr_rrsig_typecovered(self) #parameters: const ldns_rr *, #retvals: ldns_rdf * - def set_class(self,rr_class): - """sets the class in the rr. + def set_class(self, rr_class): + """ + Sets the class in the rr. - :param rr_class: - set to this class + :param rr_class: Set to this class. + :type rr_class: int + :throws TypeError: when `rr_class` of non-integer type. """ - _ldns.ldns_rr_set_class(self,rr_class) - #parameters: ldns_rr *,ldns_rr_class, + _ldns.ldns_rr_set_class(self, rr_class) + #parameters: ldns_rr *, ldns_rr_class, #retvals: - def set_owner(self,owner): - """sets the owner in the rr structure. + def set_owner(self, owner): + """ + Sets the owner in the rr structure. - :param owner: + :param owner: Owner name. + :type owner: :class:`ldns_dname` + :throws TypeError: when `owner` of non-:class:`ldns_dname` type. + + .. note:: + The type checking of `owner` is benevolent. + It allows also to pass a dname :class:`ldns_rdf` object. + This will probably change in future. """ - _ldns._ldns_rr_set_owner(self,owner) - #parameters: ldns_rr *,ldns_rdf *, - #retvals: + if (not isinstance(owner, ldns_dname)) and \ + isinstance(owner, ldns_rdf) and \ + owner.get_type() == _ldns.LDNS_RDF_TYPE_DNAME: + warnings.warn("The ldns_rr.new_frm_str() method will" + + " drop the possibility to accept ldns_rdf as owner." + + " Convert argument to ldns_dname.", + PendingDeprecationWarning, stacklevel=2) + _ldns._ldns_rr_set_owner(self, owner) + #parameters: ldns_rr *, ldns_rdf *, + #retvals: - def set_rd_count(self,count): - """sets the rd_count in the rr. + def set_question(self, question): + """ + Sets the question flag in the rr structure. + + :param question: Question flag. + :type question: bool + """ + _ldns.ldns_rr_set_question(self, question) + #parameters: ldns_rr *, bool, + #retvals: + + def set_rd_count(self, count): + """ + Sets the rd_count in the rr. - :param count: - set to this count + :param count: Set to this count. + :type count: positive int + :throws TypeError: when `count` of non-integer type. """ - _ldns.ldns_rr_set_rd_count(self,count) - #parameters: ldns_rr *,size_t, + _ldns.ldns_rr_set_rd_count(self, count) + #parameters: ldns_rr *, size_t, #retvals: - def set_rdf(self,f,position): - """sets a rdf member, it will be set on the position given. + def set_rdf(self, f, position): + """ + Sets a rdf member, it will be set on the position given. The old value is returned, like pop. - :param f: - :param position: - the position the set the rdf - :returns: (ldns_rdf \*) the old value in the rr, NULL on failyre + :param f: The rdf to be set. + :type f: :class:`ldns_rdf` + :param position: The position the set the rdf. + :type position: positive int + :throws TypeError: when mismatching types passed. + :return: (:class:`ldns_rdf`) the old value in the rr, None + on failure. """ - return _ldns._ldns_rr_set_rdf(self,f,position) - #parameters: ldns_rr *,const ldns_rdf *,size_t, + return _ldns._ldns_rr_set_rdf(self, f, position) + #parameters: ldns_rr *, const ldns_rdf *, size_t, #retvals: ldns_rdf * - def set_ttl(self,ttl): - """sets the ttl in the rr structure. + def set_ttl(self, ttl): + """ + Sets the ttl in the rr structure. - :param ttl: - set to this ttl + :param ttl: Set to this ttl. + :type ttl: positive int + :throws TypeError: when `ttl` of non-integer type. """ - _ldns.ldns_rr_set_ttl(self,ttl) - #parameters: ldns_rr *,uint32_t, + _ldns.ldns_rr_set_ttl(self, ttl) + #parameters: ldns_rr *, uint32_t, #retvals: - def set_type(self,rr_type): - """sets the type in the rr. + def set_type(self, rr_type): + """ + Sets the type in the rr. - :param rr_type: - set to this type + :param rr_type: Set to this type. + :type rr_type: ineteger + :throws TypeError: when `rr_type` of non-integer type. """ - _ldns.ldns_rr_set_type(self,rr_type) - #parameters: ldns_rr *,ldns_rr_type, - #retvals: + _ldns.ldns_rr_set_type(self, rr_type) + #parameters: ldns_rr *, ldns_rr_type, + #retvals: + + def to_canonical(self): + """ + Converts each dname in a rr to its canonical form. + """ + _ldns.ldns_rr2canonical(self) def ttl(self): - """returns the ttl of an rr structure. + """ + Returns the ttl of an rr structure. - :returns: (uint32_t) the ttl of the rr + :return: (int) the ttl of the rr. """ return _ldns.ldns_rr_ttl(self) #parameters: const ldns_rr *, #retvals: uint32_t + @staticmethod + def type_by_name(string): + """ + Retrieves a rr type identifier value by looking up its name. + + Returns 0 if invalid name passed. + + :param string: RR type name. + :type string: str + :throws TypeError: when `string` of inappropriate type. + :return: (int) RR type identifier, or 0 if no matching value + to identifier found. + """ + return _ldns.ldns_get_rr_type_by_name(string) + def uncompressed_size(self): - """calculates the uncompressed size of an RR. + """ + Calculates the uncompressed size of an RR. - :returns: (size_t) size of the rr + :return: (inetger) size of the rr. """ return _ldns.ldns_rr_uncompressed_size(self) #parameters: const ldns_rr *, #retvals: size_t - #_LDNS_RR_METHODS# - %} + # + # _LDNS_RR_METHODS + # + %} } -%nodefaultctor ldns_struct_rr_list; //no default constructor & destructor -%nodefaultdtor ldns_struct_rr_list; + +/* ========================================================================= */ +/* SWIG setting and definitions. */ +/* ========================================================================= */ + + +%nodefaultctor ldns_struct_rr_list; /* No default constructor. */ +%nodefaultdtor ldns_struct_rr_list; /* No default destructor. */ %ignore ldns_struct_rr_list::_rrs; +%newobject ldns_rr_list_cat_clone; %newobject ldns_rr_list_clone; %newobject ldns_rr_list_pop_rr; %newobject ldns_rr_list_pop_rr_list; %newobject ldns_rr_list_pop_rrset; %newobject ldns_rr_list_rr; %newobject ldns_rr_list_new; +%newobject ldns_get_rr_list_hosts_frm_file; +%newobject ldns_rr_list_subtype_by_rdf; +%newobject ldns_rr_list2str; %delobject ldns_rr_list_deep_free; %delobject ldns_rr_list_free; -%rename(ldns_rr_list) ldns_struct_rr_list; -#ifdef LDNS_DEBUG -%rename(__ldns_rr_list_deep_free) ldns_rr_list_deep_free; -%rename(__ldns_rr_list_free) ldns_rr_list_free; -%inline %{ -void _ldns_rr_list_free(ldns_rr_list* r) { - printf("******** LDNS_RR_LIST deep free 0x%lX ************\n", (long unsigned int)r); - ldns_rr_list_deep_free(r); -} -%} -#else -%rename(_ldns_rr_list_deep_free) ldns_rr_list_deep_free; -%rename(_ldns_rr_list_free) ldns_rr_list_free; -#endif - -/* clone data on push */ +/* Clone data on push. */ %rename(__ldns_rr_list_push_rr) ldns_rr_list_push_rr; -%inline %{ -void _ldns_rr_list_push_rr(ldns_rr_list* r, ldns_rr *rr) { - ldns_rr_list_push_rr(r, ldns_rr_clone(rr)); -} +%inline +%{ + bool _ldns_rr_list_push_rr(ldns_rr_list* r, ldns_rr *rr) + { + bool ret; + ldns_rr *new; + + new = ldns_rr_clone(rr); + if (!(ret = ldns_rr_list_push_rr(r, new))) { + ldns_rr_free(new); + } + return ret; + } %} %rename(__ldns_rr_list_push_rr_list) ldns_rr_list_push_rr_list; -%inline %{ -void _ldns_rr_list_push_rr_list(ldns_rr_list* r, ldns_rr_list *r2) { - ldns_rr_list_push_rr_list(r, ldns_rr_list_clone(r2)); -} +%inline +%{ + bool _ldns_rr_list_push_rr_list(ldns_rr_list* r, ldns_rr_list *r2) + { + bool ret; + ldns_rr_list *new; + + new = ldns_rr_list_clone(r2); + if (!(ret = ldns_rr_list_push_rr_list(r, new))) { + ldns_rr_list_deep_free(new); + } + return ret; + } +%} + + +%newobject _ldns_rr_list_set_rr; +%rename(__ldns_rr_list_set_rr) ldns_rr_list_set_rr; +%inline +%{ + ldns_rr * _ldns_rr_list_set_rr(ldns_rr_list * rrl, ldns_rr *rr, + size_t idx) + { + ldns_rr *ret; + ldns_rr *new; + + new = ldns_rr_clone(rr); + if ((ret = ldns_rr_list_set_rr(rrl, new, idx)) == NULL) { + ldns_rr_free(new); + } + return ret; + } %} + %rename(__ldns_rr_list_cat) ldns_rr_list_cat; -%inline %{ -void _ldns_rr_list_cat(ldns_rr_list* r, ldns_rr_list *r2) { - ldns_rr_list_cat(r, ldns_rr_list_clone(r2)); -} +%inline +%{ + bool _ldns_rr_list_cat(ldns_rr_list *r, ldns_rr_list *r2) + { + return ldns_rr_list_cat(r, ldns_rr_list_clone(r2)); + } %} -/* clone data on pull */ +/* End clone data on push. */ -%newobject _ldns_rr_list_rr; +/* Clone data on pull. */ + +%newobject _ldns_rr_list_rr; %rename(__ldns_rr_list_rr) ldns_rr_list_rr; -%inline %{ -ldns_rr* _ldns_rr_list_rr(ldns_rr_list* r, int i) { - return ldns_rr_clone(ldns_rr_list_rr(r, i)); -} +%inline +%{ + ldns_rr * _ldns_rr_list_rr(ldns_rr_list *r, int i) + { + ldns_rr *rr; + rr = ldns_rr_list_rr(r, i); + return (rr != NULL) ? ldns_rr_clone(rr) : NULL; + } %} -%newobject ldns_rr_list2str; - +%newobject _ldns_rr_list_owner; %rename(__ldns_rr_list_owner) ldns_rr_list_owner; -%inline %{ -ldns_rdf* _ldns_rr_list_owner(ldns_rr_list* r) { - return ldns_rdf_clone(ldns_rr_list_owner(r)); -} +%inline +%{ + ldns_rdf * _ldns_rr_list_owner(ldns_rr_list *r) + { + ldns_rdf *rdf; + rdf = ldns_rr_list_owner(r); + return (rdf != NULL) ? ldns_rdf_clone(rdf) : NULL; + } %} +/* End clone data on pull. */ + + +/* ========================================================================= */ +/* Debugging related code. */ +/* ========================================================================= */ + + +%rename(ldns_rr_list) ldns_struct_rr_list; +#ifdef LDNS_DEBUG +%rename(__ldns_rr_list_deep_free) ldns_rr_list_deep_free; +%rename(__ldns_rr_list_free) ldns_rr_list_free; +%inline +%{ + void _ldns_rr_list_deep_free(ldns_rr_list *r) + { + printf("******** LDNS_RR_LIST deep free 0x%lX ************\n", + (long unsigned int) r); + ldns_rr_list_deep_free(r); + } + + void _ldns_rr_list_free(ldns_rr_list *r) + { + printf("******** LDNS_RR_LIST deep free 0x%lX ************\n", + (long unsigned int) r); + ldns_rr_list_free(r); + } +%} +#else +%rename(_ldns_rr_list_deep_free) ldns_rr_list_deep_free; +%rename(_ldns_rr_list_free) ldns_rr_list_free; +#endif + + +/* ========================================================================= */ +/* Added C code. */ +/* ========================================================================= */ + + +/* None. */ + + +/* ========================================================================= */ +/* Encapsulating Python code. */ +/* ========================================================================= */ + %feature("docstring") ldns_struct_rr_list "List of Resource Records. @@ -1183,7 +1879,8 @@ This class contains a list of RR's (see :class:`ldns.ldns_rr`). %extend ldns_struct_rr_list { - %pythoncode %{ + %pythoncode + %{ def __init__(self): self.this = _ldns.ldns_rr_list_new() if not self.this: @@ -1191,394 +1888,694 @@ This class contains a list of RR's (see :class:`ldns.ldns_rr`). __swig_destroy__ = _ldns._ldns_rr_list_deep_free - #LDNS_RR_LIST_CONSTRUCTORS_# + # + # LDNS_RR_LIST_CONSTRUCTORS_ + # + + @staticmethod + def new(raiseException=True): + """ + Creates an empty RR List object. + + :param raiseException: Set to True if an exception should + signal an error. + :type raiseException: bool + :throws Exception: when `raiseException` is True and error + occurs. + :return: :class:`ldns_rr_list` Empty RR list. + """ + rrl = _ldns.ldns_rr_list_new() + if (not rrl) and raiseException: + raise Exception("Can't create RR List.") + return rrl + @staticmethod def new_frm_file(filename="/etc/hosts", raiseException=True): - """Creates an RR List object from a file content + """ + Creates an RR List object from file content. - Goes through a file and returns a rr_list containing all the defined hosts in there. + Goes through a file and returns a rr list containing + all the defined hosts in there. - :param filename: the filename to use - :returns: RR List object or None. If the object can't be created and raiseException is True, an exception occurs. + :param filename: The filename to use. + :type filename: str + :param raiseException: Set to True if an exception should + signal an error. + :type raiseException: bool + :throws TypeError: when `filename` of inappropriate type. + :throws Exception: when `raiseException` is True and error + occurs. + :return: RR List object or None. If the object can't be + created and `raiseException` is True, an exception occurs. **Usage** - >>> alist = ldns.ldns_rr_list.new_frm_file() - >>> print alist - localhost. 3600 IN A 127.0.0.1 - ... + + >>> alist = ldns.ldns_rr_list.new_frm_file() + >>> print alist + localhost. 3600 IN A 127.0.0.1 + ... """ rr = _ldns.ldns_get_rr_list_hosts_frm_file(filename) - if (not rr) and (raiseException): raise Exception("Can't create RR List, error: %d" % status) + if (not rr) and (raiseException): + raise Exception("Can't create RR List.") return rr - #_LDNS_RR_LIST_CONSTRUCTORS# + + # + # _LDNS_RR_LIST_CONSTRUCTORS + # def __str__(self): - """converts a list of resource records to presentation format""" + """ + Converts a list of resource records to presentation format. + + :return: (str) Presentation format. + """ return _ldns.ldns_rr_list2str(self) - def print_to_file(self,output): - """print a rr_list to output param[in] output the fd to print to param[in] list the rr_list to print""" - _ldns.ldns_rr_list_print(output,self) + def print_to_file(self, output): + """ + Print a rr_list to output. + + :param output: Opened file to print to. + :throws TypeError: when `output` of inappropriate type. + """ + _ldns.ldns_rr_list_print(output, self) def to_canonical(self): - """converts each dname in each rr in a rr_list to its canonical form.""" + """ + Converts each dname in each rr in a rr_list to its canonical + form. + """ _ldns.ldns_rr_list2canonical(self) #parameters: ldns_rr_list *, #retvals: def rrs(self): - """returns the list of rr records.""" - for i in range(0,self.rr_count()): + """ + Returns a generator object of a list of rr records. + + :return: (generator) generator object. + """ + for i in range(0, self.rr_count()): yield self.rr(i) def is_rrset(self): - """checks if an rr_list is a rrset.""" + """ + Checks if the rr list is a rr set. + + :return: (bool) True if rr list is a rr set. + """ return _ldns.ldns_is_rrset(self) - def __cmp__(self,rrl2): - """compares two rr listss. + def __cmp__(self, rrl2): + """ + Compares two rr lists. - :param rrl2: - the second one - :returns: (int) 0 if equal -1 if this list comes before rrl2 +1 if rrl2 comes before this list + :param rrl2: The second one. + :type rrl2: :class:`ldns_rr_list` + :throws TypeError: when `rrl2` of non-:class:`ldns_rr_list` + type. + :return: (int) 0 if equal, -1 if this list comes before + `rrl2`, 1 if `rrl2` comes before this list. """ - return _ldns.ldns_rr_list_compare(self,rrl2) + return _ldns.ldns_rr_list_compare(self, rrl2) + + def __lt__(self, other): + """ + Compares two rr lists. + + :param other: The second one. + :type other: :class:`ldns_rr_list` + :throws TypeError: when `other` of non-:class:`ldns_rr_list` + type. + :return: (bool) True when `self` is less than 'other'. + """ + return _ldns.ldns_rr_list_compare(self, other) == -1 + + def __le__(self, other): + """ + Compares two rr lists. + + :param other: The second one. + :type other: :class:`ldns_rr_list` + :throws TypeError: when `other` of non-:class:`ldns_rr_list` + type. + :return: (bool) True when `self` is less than or equal to + 'other'. + """ + return _ldns.ldns_rr_list_compare(self, other) != 1 + + def __eq__(self, other): + """ + Compares two rr lists. + + :param other: The second one. + :type other: :class:`ldns_rr_list` + :throws TypeError: when `other` of non-:class:`ldns_rr_list` + type. + :return: (bool) True when `self` is equal to 'other'. + """ + return _ldns.ldns_rr_list_compare(self, other) == 0 + + def __ne__(self, other): + """ + Compares two rr lists. + + :param other: The second one. + :type other: :class:`ldns_rr_list` + :throws TypeError: when `other` of non-:class:`ldns_rr_list` + type. + :return: (bool) True when `self` is not equal to 'other'. + """ + return _ldns.ldns_rr_list_compare(self, other) != 0 + + def __gt__(self, other): + """ + Compares two rr lists. + + :param other: The second one. + :type other: :class:`ldns_rr_list` + :throws TypeError: when `other` of non-:class:`ldns_rr_list` + type. + :return: (bool) True when `self` is greater than 'other'. + """ + return _ldns.ldns_rr_list_compare(self, other) == 1 + + def __ge__(self, other): + """ + Compares two rr lists. + + :param other: The second one. + :type other: :class:`ldns_rr_list` + :throws TypeError: when `other` of non-:class:`ldns_rr_list` + type. + :return: (bool) True when `self` is greater than or equal to + 'other'. + """ + return _ldns.ldns_rr_list_compare(self, other) != -1 def write_to_buffer(self, buffer): - """Copies the rr_list data to the buffer in wire format. + """ + Copies the rr_list data to the buffer in wire format. - :param buffer: output buffer to append the result to - :returns: (ldns_status) ldns_status + :param buffer: Output buffer to append the result to. + :type buffer: :class:`ldns_buffer` + :throws TypeError: when `buffer` of non-:class:`ldns_buffer` + type. + :return: (ldns_status) ldns_status """ - return _ldns.ldns_rr_list2buffer_wire(buffer,self) + return _ldns.ldns_rr_list2buffer_wire(buffer, self) + + # + # LDNS_RR_LIST_METHODS_ + # - #LDNS_RR_LIST_METHODS_# - def cat(self,right): - """concatenates two ldns_rr_lists together. + def cat(self, right): + """ + Concatenates two ldns_rr_lists together. - This modifies rr list (to extend it and add the pointers from right). + This modifies rr list (to extend it and adds RRs from right). - :param right: - the rightside - :returns: (bool) a left with right concatenated to it + :param right: The right-hand side. + :type right: :class:`ldns_rr_list` + :throws TypeError: when `right` of non-:class:`ldns_rr_list` + type. + :return: (bool) True if success. """ - return _ldns._ldns_rr_list_cat(self,right) - #parameters: ldns_rr_list *,ldns_rr_list *, + return _ldns._ldns_rr_list_cat(self, right) + #parameters: ldns_rr_list *, ldns_rr_list *, #retvals: bool - def cat_clone(self,right): - """concatenates two ldns_rr_lists together, but makes clones of the rr's (instead of pointer copying). + def cat_clone(self, right): + """ + Concatenates two ldns_rr_lists together, creates a new list + of the rr's (instead of appending the content to an existing + list). - :param right: - the rightside - :returns: (ldns_rr_list \*) a new rr_list with leftside/rightside concatenated + :param right: The right-hand side. + :type right: :class:`ldns_rr_list` + :throws TypeError: when `right` of non-:class:`ldns_rr_list` + type. + :return: (:class:`ldns_rr_list`) rr list with left-hand side + + right-hand side concatenated, on None on error. """ - return _ldns.ldns_rr_list_cat_clone(self,right) - #parameters: ldns_rr_list *,ldns_rr_list *, + return _ldns.ldns_rr_list_cat_clone(self, right) + #parameters: ldns_rr_list *, ldns_rr_list *, #retvals: ldns_rr_list * def clone(self): - """clones an rrlist. + """ + Clones an rrlist. - :returns: (ldns_rr_list \*) the cloned rr list + :return: (:class:`ldns_rr_list`) the cloned rr list, + or None on error. """ return _ldns.ldns_rr_list_clone(self) #parameters: const ldns_rr_list *, #retvals: ldns_rr_list * - def contains_rr(self,rr): - """returns true if the given rr is one of the rrs in the list, or if it is equal to one + def contains_rr(self, rr): + """ + Returns True if the given rr is one of the rrs in the list, + or if it is equal to one. - :param rr: - the rr to check - :returns: (bool) true if rr_list contains rr, false otherwise + :param rr: The rr to check. + :type rr: :class:`ldns_rr` + :throws TypeError: when `rr` of non-:class:`ldns_rr` type. + :return: (bool) True if rr_list contains `rr`, False otherwise. """ - return _ldns.ldns_rr_list_contains_rr(self,rr) - #parameters: const ldns_rr_list *,ldns_rr *, + return _ldns.ldns_rr_list_contains_rr(self, rr) + #parameters: const ldns_rr_list *, ldns_rr *, #retvals: bool def owner(self): - """Returns the owner domain name rdf of the first element of the RR If there are no elements present, NULL is returned. + """ + Returns the owner domain name rdf of the first element of + the RR. If there are no elements present, None is returned. - :returns: (ldns_rdf \*) dname of the first element, or NULL if the list is empty + :return: (:class:`ldns_dname`) dname of the first element, + or None if the list is empty. """ - return _ldns._ldns_rr_list_owner(self) + rdf = _ldns._ldns_rr_list_owner(self) + if rdf: + rdf = ldns_dname(rdf, clone=False) + return rdf #parameters: const ldns_rr_list *, #retvals: ldns_rdf * def pop_rr(self): - """pops the last rr from an rrlist. + """ + Pops the last rr from an rrlist. - :returns: (ldns_rr \*) NULL if nothing to pop. Otherwise the popped RR + :return: (:class:`ldns_rr`) None if nothing to pop. + Otherwise the popped RR. """ rr = _ldns.ldns_rr_list_pop_rr(self) - #if hasattr(self, "_python_rr_refs") and rr in self._python_rr_refs: - # self._python_rr_refs.remove(rr) return rr #parameters: ldns_rr_list *, #retvals: ldns_rr * - def pop_rr_list(self,size): - """pops an rr_list of size s from an rrlist. + def pop_rr_list(self, size): + """ + Pops an rr_list of size s from an rrlist. - :param size: - the number of rr's to pop - :returns: (ldns_rr_list \*) NULL if nothing to pop. Otherwise the popped rr_list + :param size: The number of rr's to pop. + :type size: positive int + :throws TypeError: when `size` of inappropriate type. + :return: (:class:`ldns_rr_list`) None if nothing to pop. + Otherwise the popped rr list. """ - return _ldns.ldns_rr_list_pop_rr_list(self,size) - #parameters: ldns_rr_list *,size_t, + return _ldns.ldns_rr_list_pop_rr_list(self, size) + #parameters: ldns_rr_list *, size_t, #retvals: ldns_rr_list * def pop_rrset(self): - """pops the first rrset from the list, the list must be sorted, so that all rr's from each rrset are next to each other + """ + Pops the first rrset from the list, the list must be sorted, + so that all rr's from each rrset are next to each other. - :returns: (ldns_rr_list \*) + :return: (:class:`ldns_rr_list`) the first rrset, or None when + empty. """ return _ldns.ldns_rr_list_pop_rrset(self) #parameters: ldns_rr_list *, #retvals: ldns_rr_list * - def push_rr(self,rr): - """pushes an rr to an rrlist. + def push_rr(self, rr): + """ + Pushes an rr to an rrlist. - :param rr: - the rr to push - :returns: (bool) false on error, otherwise true + :param rr: The rr to push. + :type rr: :class:`ldns_rr` + :throws TypeError: when `rr` of non-:class:`ldns_rr` type. + :return: (bool) False on error, otherwise True. """ - #if hasattr(self, "_python_rr_refs"): - # self._python_rr_refs.add(rr) - #else: - # self._python_rr_refs = set([rr]) - return _ldns._ldns_rr_list_push_rr(self,rr) - #parameters: ldns_rr_list *,const ldns_rr *, + return _ldns._ldns_rr_list_push_rr(self, rr) + #parameters: ldns_rr_list *, const ldns_rr *, #retvals: bool - def push_rr_list(self,push_list): - """pushes an rr_list to an rrlist. + def push_rr_list(self, push_list): + """ + Pushes an rr list to an rr list. - :param push_list: - the rr_list to push - :returns: (bool) false on error, otherwise true + :param push_list: The rr_list to push. + :type push_list: :class:`ldns_rr_list` + :throws TypeError: when `push_list` of non-:class:`ldns_rr_list` + type. + :returns: (bool) False on error, otherwise True. """ - return _ldns._ldns_rr_list_push_rr_list(self,push_list) - #parameters: ldns_rr_list *,const ldns_rr_list *, + return _ldns._ldns_rr_list_push_rr_list(self, push_list) + #parameters: ldns_rr_list *, const ldns_rr_list *, #retvals: bool - def rr(self,nr): - """returns a specific rr of an rrlist. + def rr(self, nr): + """ + Returns a specific rr of an rrlist. - :param nr: - return this rr - :returns: (ldns_rr \*) the rr at position nr + :param nr: Index of the desired rr. + :type nr: positive int + :throws TypeError: when `nr` of inappropriate type. + :return: (:class:`ldns_rr`) The rr at position `nr`, or None + if failed. """ - return _ldns._ldns_rr_list_rr(self,nr) - #parameters: const ldns_rr_list *,size_t, + return _ldns._ldns_rr_list_rr(self, nr) + #parameters: const ldns_rr_list *, size_t, #retvals: ldns_rr * def rr_count(self): - """returns the number of rr's in an rr_list. + """ + Returns the number of rr's in an rr_list. - :returns: (size_t) the number of rr's + :return: (int) The number of rr's. """ return _ldns.ldns_rr_list_rr_count(self) #parameters: const ldns_rr_list *, #retvals: size_t - def set_rr(self,r,count): - """set a rr on a specific index in a ldns_rr_list + def set_rr(self, r, idx): + """ + Set a rr on a specific index in a ldns_rr_list. - :param r: - the rr to set - :param count: - index into the rr_list - :returns: (ldns_rr \*) the old rr which was stored in the rr_list, or NULL is the index was too large set a specific rr + :param r: The rr to set. + :type r: :class:`ldns_rr` + :param idx: Index into the rr_list. + :type idx: positive int + :throws TypeError: when parameters of inappropriate types. + :return: (:class:`ldns_rr`) the old rr which was stored in + the rr_list, or None if the index was too large + to set a specific rr. """ - return _ldns.ldns_rr_list_set_rr(self,r,count) - #parameters: ldns_rr_list *,const ldns_rr *,size_t, + return _ldns._ldns_rr_list_set_rr(self, r, idx) + #parameters: ldns_rr_list *, const ldns_rr *, size_t, #retvals: ldns_rr * - def set_rr_count(self,count): - """sets the number of rr's in an rr_list. + def set_rr_count(self, count): + """ + Sets the number of rr's in an rr_list. - :param count: - the number of rr in this list + :param count: The number of rr in this list. + :type count: positive int + :throws TypeError: when `count` of non-integer type. + :throws Exception: when `count` out of acceptable range. + + .. warning:: + Don't use this method unless you really know what you + are doing. """ - _ldns.ldns_rr_list_set_rr_count(self,count) - #parameters: ldns_rr_list *,size_t, + # The function C has a tendency to generate an assertion fail when + # the count exceeds the list's capacity -- therefore the checking + # code. + if isinstance(count, int) and \ + ((count < 0) or (count > self._rr_capacity)): + raise Exception("Given count %d is out of range " % (count) + + "of the rr list's capacity %d." % (self._rr_capacity)) + _ldns.ldns_rr_list_set_rr_count(self, count) + #parameters: ldns_rr_list *, size_t, #retvals: def sort(self): - """sorts an rr_list (canonical wire format). - - the sorting is done inband. + """ + Sorts an rr_list (canonical wire format). """ _ldns.ldns_rr_list_sort(self) #parameters: ldns_rr_list *, #retvals: - def subtype_by_rdf(self,r,pos): - """Return the rr_list which matches the rdf at position field. + def subtype_by_rdf(self, r, pos): + """ + Return the rr_list which matches the rdf at position field. - Think type-covered stuff for RRSIG + Think type-covered stuff for RRSIG. - :param r: - the rdf to use for the comparison - :param pos: - at which position can we find the rdf - :returns: (ldns_rr_list \*) a new rr list with only the RRs that match + :param r: The rdf to use for the comparison. + :type r: :class:`ldns_rdf` + :param pos: At which position we can find the rdf. + :type pos: positive int + :throws TypeError: when parameters of inappropriate types. + :return: (:class:`ldns_rr_list`) a new rr list with only + the RRs that match, or None when nothing matches. """ - return _ldns.ldns_rr_list_subtype_by_rdf(self,r,pos) - #parameters: ldns_rr_list *,ldns_rdf *,size_t, + return _ldns.ldns_rr_list_subtype_by_rdf(self, r, pos) + #parameters: ldns_rr_list *, ldns_rdf *, size_t, #retvals: ldns_rr_list * def type(self): - """Returns the type of the first element of the RR If there are no elements present, 0 is returned (LDNS_RR_TYPE_A). + """ + Returns the type of the first element of the RR. + + If there are no elements present, 0 is returned. - :returns: (ldns_rr_type) rr_type of the first element, or 0 if the list is empty + :return: (int) rr_type of the first element, + or 0 if the list is empty. """ return _ldns.ldns_rr_list_type(self) #parameters: const ldns_rr_list *, #retvals: ldns_rr_type - #_LDNS_RR_LIST_METHODS# - %} + + # + # _LDNS_RR_LIST_METHODS + # + %} } + +/* ========================================================================= */ +/* SWIG setting and definitions. */ +/* ========================================================================= */ + + %newobject ldns_rr_descript; -%nodefaultctor ldns_struct_rr_descriptor; //no default constructor & destructor -%nodefaultdtor ldns_struct_rr_descriptor; +%nodefaultctor ldns_struct_rr_descriptor; /* No default constructor. */ +%nodefaultdtor ldns_struct_rr_descriptor; /* No default destructor.*/ %rename(ldns_rr_descriptor) ldns_struct_rr_descriptor; +/* ========================================================================= */ +/* Debugging related code. */ +/* ========================================================================= */ + +/* None. */ + + +/* ========================================================================= */ +/* Added C code. */ +/* ========================================================================= */ + + +%inline +%{ + /* + * Does nothing, but keeps the SWIG wrapper quiet about absent destructor. + */ + void ldns_rr_descriptor_dummy_free(const ldns_rr_descriptor *rd) + { + (void) rd; + } +%} + +/* ========================================================================= */ +/* Encapsulating Python code. */ +/* ========================================================================= */ -%feature("docstring") ldns_struct_rr_descriptor "Resource Record descriptor -This structure contains, for all rr types, the rdata fields that are defined." + +%feature("docstring") ldns_struct_rr_descriptor "Resource Record descriptor. + +This structure contains, for all rr types, the rdata fields that are defined. + +In order to create a class instance use :meth:`ldns_rr_descriptor`. +" %extend ldns_struct_rr_descriptor { - %pythoncode %{ - def __init__(self): - raise Exception("This class can't be created directly. Please use: ldns_rr_descript") - #LDNS_RR_DESCRIPTOR_METHODS_# - def field_type(self,field): - """returns the rdf type for the given rdata field number of the rr type for the given descriptor. + %pythoncode + %{ + def __init__(self, rr_type): + """ + Returns the resource record descriptor for the given type. + + :param rr_type: RR type. + :type rr_type: int + :throws TypeError: when `rr_type` of inappropriate type. + :return: (:class:`ldns_rr_descriptor`) RR descriptor class. + """ + self.this = self.ldns_rr_descriptor(rr_type) + + def __str__(self): + raise Exception("The content of this class cannot be printed.") + + __swig_destroy__ = _ldns.ldns_rr_descriptor_dummy_free + + # + # LDNS_RR_DESCRIPTOR_CONSTRUCTORS_ + # + + @staticmethod + def ldns_rr_descriptor(rr_type): + """ + Returns the resource record descriptor for the given type. + + :param rr_type: RR type. + :type rr_type: int + :throws TypeError: when `rr_type` of inappropriate type. + :return: (:class:`ldns_rr_descriptor`) RR descriptor class. + """ + return _ldns.ldns_rr_descript(rr_type) + #parameters: uint16_t + #retvals: const ldns_rr_descriptor * + + # + # _LDNS_RR_DESCRIPTOR_CONSTRUCTORS + # + + # + # LDNS_RR_DESCRIPTOR_METHODS_ + # + + def field_type(self, field): + """ + Returns the rdf type for the given rdata field number of the + rr type for the given descriptor. - :param field: - the field number - :returns: (ldns_rdf_type) the rdf type for the field + :param field: The field number. + :type field: positive int + :throws TypeError: when `field` of non-inetger type. + :return: (int) the rdf type for the field. """ - return _ldns.ldns_rr_descriptor_field_type(self,field) - #parameters: const ldns_rr_descriptor *,size_t, + return _ldns.ldns_rr_descriptor_field_type(self, field) + #parameters: const ldns_rr_descriptor *, size_t, #retvals: ldns_rdf_type def maximum(self): - """returns the maximum number of rdata fields of the rr type this descriptor describes. + """ + Returns the maximum number of rdata fields of the rr type this + descriptor describes. - :returns: (size_t) the maximum number of rdata fields + :return: (int) the maximum number of rdata fields. """ return _ldns.ldns_rr_descriptor_maximum(self) #parameters: const ldns_rr_descriptor *, #retvals: size_t def minimum(self): - """returns the minimum number of rdata fields of the rr type this descriptor describes. + """ + Returns the minimum number of rdata fields of the rr type this + descriptor describes. - :returns: (size_t) the minimum number of rdata fields + :return: (int) the minimum number of rdata fields. """ return _ldns.ldns_rr_descriptor_minimum(self) #parameters: const ldns_rr_descriptor *, #retvals: size_t - #_LDNS_RR_DESCRIPTOR_METHODS# - %} + # + # _LDNS_RR_DESCRIPTOR_METHODS + # + %} } -/* -rrsig checking wrappers +/* ========================================================================= */ +/* Added C code. */ +/* ========================================================================= */ - copying of rr pointers into the good_keys list leads to double free - problems, therefore we provide two options - either ignore the keys - or get list of indexes of the keys. The latter allows fetching of the - keys later on from the original key set -*/ + +/* + * rrsig checking wrappers + * + * Copying of rr pointers into the good_keys list leads to double free + * problems, therefore we provide two options - either ignore the keys + * or get list of indexes of the keys. The latter allows fetching of the + * keys later on from the original key set. + */ %rename(__ldns_verify_rrsig_keylist) ldns_verify_rrsig_keylist; -%inline %{ -ldns_status ldns_verify_rrsig_keylist_status_only(ldns_rr_list *rrset, - ldns_rr *rrsig, - const ldns_rr_list *keys) { +%inline +%{ + ldns_status ldns_verify_rrsig_keylist_status_only(ldns_rr_list *rrset, + ldns_rr *rrsig, const ldns_rr_list *keys) + { ldns_rr_list *good_keys = ldns_rr_list_new(); - ldns_status status = ldns_verify_rrsig_keylist(rrset, rrsig, keys, good_keys); + ldns_status status = ldns_verify_rrsig_keylist(rrset, rrsig, keys, + good_keys); ldns_rr_list_free(good_keys); return status; -} + } %} %rename(__ldns_verify_rrsig_keylist) ldns_verify_rrsig_keylist; -%inline %{ -PyObject* ldns_verify_rrsig_keylist_(ldns_rr_list *rrset, - ldns_rr *rrsig, - const ldns_rr_list *keys) { - PyObject* tuple; - PyObject* keylist; - ldns_rr_list *good_keys = ldns_rr_list_new(); - ldns_status status = ldns_verify_rrsig_keylist(rrset, rrsig, keys, good_keys); - - tuple = PyTuple_New(2); - PyTuple_SetItem(tuple, 0, SWIG_From_int(status)); - keylist = PyList_New(0); - if (status == LDNS_STATUS_OK) { - unsigned int i; - for (i = 0; i < ldns_rr_list_rr_count(keys); i++) - if (ldns_rr_list_contains_rr(good_keys, ldns_rr_list_rr(keys, i))) - PyList_Append(keylist, SWIG_From_int(i)); - } - PyTuple_SetItem(tuple, 1, keylist); - ldns_rr_list_free(good_keys); - return tuple; - } +%inline +%{ + PyObject* ldns_verify_rrsig_keylist_(ldns_rr_list *rrset, + ldns_rr *rrsig, const ldns_rr_list *keys) + { + PyObject* tuple; + PyObject* keylist; + ldns_rr_list *good_keys = ldns_rr_list_new(); + ldns_status status = ldns_verify_rrsig_keylist(rrset, rrsig, keys, + good_keys); + + tuple = PyTuple_New(2); + PyTuple_SetItem(tuple, 0, SWIG_From_int(status)); + keylist = PyList_New(0); + if (status == LDNS_STATUS_OK) { + unsigned int i; + for (i = 0; i < ldns_rr_list_rr_count(keys); i++) { + if (ldns_rr_list_contains_rr(good_keys, ldns_rr_list_rr(keys, i))) { + PyList_Append(keylist, SWIG_From_int(i)); + } + } + } + PyTuple_SetItem(tuple, 1, keylist); + ldns_rr_list_free(good_keys); + return tuple; + } %} %rename(__ldns_verify_rrsig_keylist_notime) ldns_verify_rrsig_keylist_notime; -%inline %{ -ldns_status ldns_verify_rrsig_keylist_notime_status_only(ldns_rr_list *rrset, - ldns_rr *rrsig, - const ldns_rr_list *keys) { +%inline +%{ + ldns_status ldns_verify_rrsig_keylist_notime_status_only(ldns_rr_list *rrset, + ldns_rr *rrsig, const ldns_rr_list *keys) + { ldns_rr_list *good_keys = ldns_rr_list_new(); - ldns_status status = ldns_verify_rrsig_keylist_notime(rrset, rrsig, keys, good_keys); + ldns_status status = ldns_verify_rrsig_keylist_notime(rrset, rrsig, keys, + good_keys); ldns_rr_list_free(good_keys); return status; -} + } %} %rename(__ldns_verify_rrsig_keylist_notime) ldns_verify_rrsig_keylist_notime; -%inline %{ -PyObject* ldns_verify_rrsig_keylist_notime_(ldns_rr_list *rrset, - ldns_rr *rrsig, - const ldns_rr_list *keys) { - PyObject* tuple; - PyObject* keylist; - ldns_rr_list *good_keys = ldns_rr_list_new(); - ldns_status status = ldns_verify_rrsig_keylist_notime(rrset, rrsig, keys, good_keys); - - tuple = PyTuple_New(2); - PyTuple_SetItem(tuple, 0, SWIG_From_int(status)); - keylist = PyList_New(0); - if (status == LDNS_STATUS_OK) { - unsigned int i; - for (i = 0; i < ldns_rr_list_rr_count(keys); i++) - if (ldns_rr_list_contains_rr(good_keys, ldns_rr_list_rr(keys, i))) - PyList_Append(keylist, SWIG_From_int(i)); - } - PyTuple_SetItem(tuple, 1, keylist); - ldns_rr_list_free(good_keys); - return tuple; - } +%inline +%{ + PyObject* ldns_verify_rrsig_keylist_notime_(ldns_rr_list *rrset, + ldns_rr *rrsig, const ldns_rr_list *keys) + { + PyObject* tuple; + PyObject* keylist; + ldns_rr_list *good_keys = ldns_rr_list_new(); + ldns_status status = ldns_verify_rrsig_keylist_notime(rrset, rrsig, keys, + good_keys); + + tuple = PyTuple_New(2); + PyTuple_SetItem(tuple, 0, SWIG_From_int(status)); + keylist = PyList_New(0); + if (status == LDNS_STATUS_OK) { + unsigned int i; + for (i = 0; i < ldns_rr_list_rr_count(keys); i++) { + if (ldns_rr_list_contains_rr(good_keys, ldns_rr_list_rr(keys, i))) { + PyList_Append(keylist, SWIG_From_int(i)); + } + } + } + PyTuple_SetItem(tuple, 1, keylist); + ldns_rr_list_free(good_keys); + return tuple; + } %} -/* -- end of rrsig checking wrappers */ - +/* End of rrsig checking wrappers. */ diff --git a/dane.c b/dane.c new file mode 100644 index 000000000000..793005ddcb30 --- /dev/null +++ b/dane.c @@ -0,0 +1,742 @@ +/* + * Verify or create TLS authentication with DANE (RFC6698) + * + * (c) NLnetLabs 2012 + * + * See the file LICENSE for the license. + * + */ + +#include <ldns/config.h> + +#include <ldns/ldns.h> +#include <ldns/dane.h> + +#include <unistd.h> +#include <stdlib.h> +#include <sys/types.h> +#include <sys/socket.h> +#include <netdb.h> + +#ifdef HAVE_SSL +#include <openssl/ssl.h> +#include <openssl/err.h> +#include <openssl/x509v3.h> +#endif + +ldns_status +ldns_dane_create_tlsa_owner(ldns_rdf** tlsa_owner, const ldns_rdf* name, + uint16_t port, ldns_dane_transport transport) +{ + char buf[LDNS_MAX_DOMAINLEN]; + size_t s; + + assert(tlsa_owner != NULL); + assert(name != NULL); + assert(ldns_rdf_get_type(name) == LDNS_RDF_TYPE_DNAME); + + s = (size_t)snprintf(buf, LDNS_MAX_DOMAINLEN, "X_%d", (int)port); + buf[0] = (char)(s - 1); + + switch(transport) { + case LDNS_DANE_TRANSPORT_TCP: + s += snprintf(buf + s, LDNS_MAX_DOMAINLEN - s, "\004_tcp"); + break; + + case LDNS_DANE_TRANSPORT_UDP: + s += snprintf(buf + s, LDNS_MAX_DOMAINLEN - s, "\004_udp"); + break; + + case LDNS_DANE_TRANSPORT_SCTP: + s += snprintf(buf + s, LDNS_MAX_DOMAINLEN - s, "\005_sctp"); + break; + + default: + return LDNS_STATUS_DANE_UNKNOWN_TRANSPORT; + } + if (s + ldns_rdf_size(name) > LDNS_MAX_DOMAINLEN) { + return LDNS_STATUS_DOMAINNAME_OVERFLOW; + } + memcpy(buf + s, ldns_rdf_data(name), ldns_rdf_size(name)); + *tlsa_owner = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_DNAME, + s + ldns_rdf_size(name), buf); + if (*tlsa_owner == NULL) { + return LDNS_STATUS_MEM_ERR; + } + return LDNS_STATUS_OK; +} + + +#ifdef HAVE_SSL +ldns_status +ldns_dane_cert2rdf(ldns_rdf** rdf, X509* cert, + ldns_tlsa_selector selector, + ldns_tlsa_matching_type matching_type) +{ + unsigned char* buf = NULL; + size_t len; + + X509_PUBKEY* xpubkey; + EVP_PKEY* epubkey; + + unsigned char* digest; + + assert(rdf != NULL); + assert(cert != NULL); + + switch(selector) { + case LDNS_TLSA_SELECTOR_FULL_CERTIFICATE: + + len = (size_t)i2d_X509(cert, &buf); + break; + + case LDNS_TLSA_SELECTOR_SUBJECTPUBLICKEYINFO: + +#ifndef S_SPLINT_S + xpubkey = X509_get_X509_PUBKEY(cert); +#endif + if (! xpubkey) { + return LDNS_STATUS_SSL_ERR; + } + epubkey = X509_PUBKEY_get(xpubkey); + if (! epubkey) { + return LDNS_STATUS_SSL_ERR; + } + len = (size_t)i2d_PUBKEY(epubkey, &buf); + break; + + default: + return LDNS_STATUS_DANE_UNKNOWN_SELECTOR; + } + + switch(matching_type) { + case LDNS_TLSA_MATCHING_TYPE_NO_HASH_USED: + + *rdf = ldns_rdf_new(LDNS_RDF_TYPE_HEX, len, buf); + + return *rdf ? LDNS_STATUS_OK : LDNS_STATUS_MEM_ERR; + break; + + case LDNS_TLSA_MATCHING_TYPE_SHA256: + + digest = LDNS_XMALLOC(unsigned char, SHA256_DIGEST_LENGTH); + if (digest == NULL) { + LDNS_FREE(buf); + return LDNS_STATUS_MEM_ERR; + } + (void) ldns_sha256(buf, (unsigned int)len, digest); + *rdf = ldns_rdf_new(LDNS_RDF_TYPE_HEX, SHA256_DIGEST_LENGTH, + digest); + LDNS_FREE(buf); + + return *rdf ? LDNS_STATUS_OK : LDNS_STATUS_MEM_ERR; + break; + + case LDNS_TLSA_MATCHING_TYPE_SHA512: + + digest = LDNS_XMALLOC(unsigned char, SHA512_DIGEST_LENGTH); + if (digest == NULL) { + LDNS_FREE(buf); + return LDNS_STATUS_MEM_ERR; + } + (void) ldns_sha512(buf, (unsigned int)len, digest); + *rdf = ldns_rdf_new(LDNS_RDF_TYPE_HEX, SHA512_DIGEST_LENGTH, + digest); + LDNS_FREE(buf); + + return *rdf ? LDNS_STATUS_OK : LDNS_STATUS_MEM_ERR; + break; + + default: + LDNS_FREE(buf); + return LDNS_STATUS_DANE_UNKNOWN_MATCHING_TYPE; + } +} + + +/* Ordinary PKIX validation of cert (with extra_certs to help) + * against the CA's in store + */ +static ldns_status +ldns_dane_pkix_validate(X509* cert, STACK_OF(X509)* extra_certs, + X509_STORE* store) +{ + X509_STORE_CTX* vrfy_ctx; + ldns_status s; + + if (! store) { + return LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE; + } + vrfy_ctx = X509_STORE_CTX_new(); + if (! vrfy_ctx) { + + return LDNS_STATUS_SSL_ERR; + + } else if (X509_STORE_CTX_init(vrfy_ctx, store, + cert, extra_certs) != 1) { + s = LDNS_STATUS_SSL_ERR; + + } else if (X509_verify_cert(vrfy_ctx) == 1) { + + s = LDNS_STATUS_OK; + + } else { + s = LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE; + } + X509_STORE_CTX_free(vrfy_ctx); + return s; +} + + +/* Orinary PKIX validation of cert (with extra_certs to help) + * against the CA's in store, but also return the validation chain. + */ +static ldns_status +ldns_dane_pkix_validate_and_get_chain(STACK_OF(X509)** chain, X509* cert, + STACK_OF(X509)* extra_certs, X509_STORE* store) +{ + ldns_status s; + X509_STORE* empty_store = NULL; + X509_STORE_CTX* vrfy_ctx; + + assert(chain != NULL); + + if (! store) { + store = empty_store = X509_STORE_new(); + } + s = LDNS_STATUS_SSL_ERR; + vrfy_ctx = X509_STORE_CTX_new(); + if (! vrfy_ctx) { + + goto exit_free_empty_store; + + } else if (X509_STORE_CTX_init(vrfy_ctx, store, + cert, extra_certs) != 1) { + goto exit_free_vrfy_ctx; + + } else if (X509_verify_cert(vrfy_ctx) == 1) { + + s = LDNS_STATUS_OK; + + } else { + s = LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE; + } + *chain = X509_STORE_CTX_get1_chain(vrfy_ctx); + if (! *chain) { + s = LDNS_STATUS_SSL_ERR; + } + +exit_free_vrfy_ctx: + X509_STORE_CTX_free(vrfy_ctx); + +exit_free_empty_store: + if (empty_store) { + X509_STORE_free(empty_store); + } + return s; +} + + +/* Return the validation chain that can be build out of cert, with extra_certs. + */ +static ldns_status +ldns_dane_pkix_get_chain(STACK_OF(X509)** chain, + X509* cert, STACK_OF(X509)* extra_certs) +{ + ldns_status s; + X509_STORE* empty_store = NULL; + X509_STORE_CTX* vrfy_ctx; + + assert(chain != NULL); + + empty_store = X509_STORE_new(); + s = LDNS_STATUS_SSL_ERR; + vrfy_ctx = X509_STORE_CTX_new(); + if (! vrfy_ctx) { + + goto exit_free_empty_store; + + } else if (X509_STORE_CTX_init(vrfy_ctx, empty_store, + cert, extra_certs) != 1) { + goto exit_free_vrfy_ctx; + } + (void) X509_verify_cert(vrfy_ctx); + *chain = X509_STORE_CTX_get1_chain(vrfy_ctx); + if (! *chain) { + s = LDNS_STATUS_SSL_ERR; + } else { + s = LDNS_STATUS_OK; + } +exit_free_vrfy_ctx: + X509_STORE_CTX_free(vrfy_ctx); + +exit_free_empty_store: + X509_STORE_free(empty_store); + return s; +} + + +/* Pop n+1 certs and return the last popped. + */ +static ldns_status +ldns_dane_get_nth_cert_from_validation_chain( + X509** cert, STACK_OF(X509)* chain, int n, bool ca) +{ + if (n >= sk_X509_num(chain) || n < 0) { + return LDNS_STATUS_DANE_OFFSET_OUT_OF_RANGE; + } + *cert = sk_X509_pop(chain); + while (n-- > 0) { + X509_free(*cert); + *cert = sk_X509_pop(chain); + } + if (ca && ! X509_check_ca(*cert)) { + return LDNS_STATUS_DANE_NON_CA_CERTIFICATE; + } + return LDNS_STATUS_OK; +} + + +/* Create validation chain with cert and extra_certs and returns the last + * self-signed (if present). + */ +static ldns_status +ldns_dane_pkix_get_last_self_signed(X509** out_cert, + X509* cert, STACK_OF(X509)* extra_certs) +{ + ldns_status s; + X509_STORE* empty_store = NULL; + X509_STORE_CTX* vrfy_ctx; + + assert(out_cert != NULL); + + empty_store = X509_STORE_new(); + s = LDNS_STATUS_SSL_ERR; + vrfy_ctx = X509_STORE_CTX_new(); + if (! vrfy_ctx) { + goto exit_free_empty_store; + + } else if (X509_STORE_CTX_init(vrfy_ctx, empty_store, + cert, extra_certs) != 1) { + goto exit_free_vrfy_ctx; + + } + (void) X509_verify_cert(vrfy_ctx); + if (vrfy_ctx->error == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN || + vrfy_ctx->error == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT){ + + *out_cert = X509_STORE_CTX_get_current_cert( vrfy_ctx); + s = LDNS_STATUS_OK; + } else { + s = LDNS_STATUS_DANE_PKIX_NO_SELF_SIGNED_TRUST_ANCHOR; + } +exit_free_vrfy_ctx: + X509_STORE_CTX_free(vrfy_ctx); + +exit_free_empty_store: + X509_STORE_free(empty_store); + return s; +} + + +ldns_status +ldns_dane_select_certificate(X509** selected_cert, + X509* cert, STACK_OF(X509)* extra_certs, + X509_STORE* pkix_validation_store, + ldns_tlsa_certificate_usage cert_usage, int offset) +{ + ldns_status s; + STACK_OF(X509)* pkix_validation_chain = NULL; + + assert(selected_cert != NULL); + assert(cert != NULL); + + /* With PKIX validation explicitely turned off (pkix_validation_store + * == NULL), treat the "CA constraint" and "Service certificate + * constraint" the same as "Trust anchor assertion" and "Domain issued + * certificate" respectively. + */ + if (pkix_validation_store == NULL) { + switch (cert_usage) { + + case LDNS_TLSA_USAGE_CA_CONSTRAINT: + + cert_usage = LDNS_TLSA_USAGE_TRUST_ANCHOR_ASSERTION; + break; + + case LDNS_TLSA_USAGE_SERVICE_CERTIFICATE_CONSTRAINT: + + cert_usage = LDNS_TLSA_USAGE_DOMAIN_ISSUED_CERTIFICATE; + break; + + default: + break; + } + } + + /* Now what to do with each Certificate usage... + */ + switch (cert_usage) { + + case LDNS_TLSA_USAGE_CA_CONSTRAINT: + + s = ldns_dane_pkix_validate_and_get_chain( + &pkix_validation_chain, + cert, extra_certs, + pkix_validation_store); + if (! pkix_validation_chain) { + return s; + } + if (s == LDNS_STATUS_OK) { + if (offset == -1) { + offset = 0; + } + s = ldns_dane_get_nth_cert_from_validation_chain( + selected_cert, pkix_validation_chain, + offset, true); + } + sk_X509_pop_free(pkix_validation_chain, X509_free); + return s; + break; + + + case LDNS_TLSA_USAGE_SERVICE_CERTIFICATE_CONSTRAINT: + + *selected_cert = cert; + return ldns_dane_pkix_validate(cert, extra_certs, + pkix_validation_store); + break; + + + case LDNS_TLSA_USAGE_TRUST_ANCHOR_ASSERTION: + + if (offset == -1) { + s = ldns_dane_pkix_get_last_self_signed( + selected_cert, cert, extra_certs); + return s; + } else { + s = ldns_dane_pkix_get_chain( + &pkix_validation_chain, + cert, extra_certs); + if (s == LDNS_STATUS_OK) { + s = + ldns_dane_get_nth_cert_from_validation_chain( + selected_cert, pkix_validation_chain, + offset, false); + } else if (! pkix_validation_chain) { + return s; + } + sk_X509_pop_free(pkix_validation_chain, X509_free); + return s; + } + break; + + + case LDNS_TLSA_USAGE_DOMAIN_ISSUED_CERTIFICATE: + + *selected_cert = cert; + return LDNS_STATUS_OK; + break; + + default: + return LDNS_STATUS_DANE_UNKNOWN_CERTIFICATE_USAGE; + break; + } +} + + +ldns_status +ldns_dane_create_tlsa_rr(ldns_rr** tlsa, + ldns_tlsa_certificate_usage certificate_usage, + ldns_tlsa_selector selector, + ldns_tlsa_matching_type matching_type, + X509* cert) +{ + ldns_rdf* rdf; + ldns_status s; + + assert(tlsa != NULL); + assert(cert != NULL); + + /* create rr */ + *tlsa = ldns_rr_new_frm_type(LDNS_RR_TYPE_TLSA); + if (*tlsa == NULL) { + return LDNS_STATUS_MEM_ERR; + } + + rdf = ldns_native2rdf_int8(LDNS_RDF_TYPE_INT8, + (uint8_t)certificate_usage); + if (rdf == NULL) { + goto memerror; + } + (void) ldns_rr_set_rdf(*tlsa, rdf, 0); + + rdf = ldns_native2rdf_int8(LDNS_RDF_TYPE_INT8, (uint8_t)selector); + if (rdf == NULL) { + goto memerror; + } + (void) ldns_rr_set_rdf(*tlsa, rdf, 1); + + rdf = ldns_native2rdf_int8(LDNS_RDF_TYPE_INT8, (uint8_t)matching_type); + if (rdf == NULL) { + goto memerror; + } + (void) ldns_rr_set_rdf(*tlsa, rdf, 2); + + s = ldns_dane_cert2rdf(&rdf, cert, selector, matching_type); + if (s == LDNS_STATUS_OK) { + (void) ldns_rr_set_rdf(*tlsa, rdf, 3); + return LDNS_STATUS_OK; + } + ldns_rr_free(*tlsa); + *tlsa = NULL; + return s; + +memerror: + ldns_rr_free(*tlsa); + *tlsa = NULL; + return LDNS_STATUS_MEM_ERR; +} + + +/* Return tlsas that actually are TLSA resource records with known values + * for the Certificate usage, Selector and Matching type rdata fields. + */ +static ldns_rr_list* +ldns_dane_filter_unusable_records(const ldns_rr_list* tlsas) +{ + size_t i; + ldns_rr_list* r = ldns_rr_list_new(); + ldns_rr* tlsa_rr; + + if (! r) { + return NULL; + } + for (i = 0; i < ldns_rr_list_rr_count(tlsas); i++) { + tlsa_rr = ldns_rr_list_rr(tlsas, i); + if (ldns_rr_get_type(tlsa_rr) == LDNS_RR_TYPE_TLSA && + ldns_rr_rd_count(tlsa_rr) == 4 && + ldns_rdf2native_int8(ldns_rr_rdf(tlsa_rr, 0)) <= 3 && + ldns_rdf2native_int8(ldns_rr_rdf(tlsa_rr, 1)) <= 1 && + ldns_rdf2native_int8(ldns_rr_rdf(tlsa_rr, 2)) <= 2) { + + if (! ldns_rr_list_push_rr(r, tlsa_rr)) { + ldns_rr_list_free(r); + return NULL; + } + } + } + return r; +} + + +/* Return whether cert/selector/matching_type matches data. + */ +static ldns_status +ldns_dane_match_cert_with_data(X509* cert, ldns_tlsa_selector selector, + ldns_tlsa_matching_type matching_type, ldns_rdf* data) +{ + ldns_status s; + ldns_rdf* match_data; + + s = ldns_dane_cert2rdf(&match_data, cert, selector, matching_type); + if (s == LDNS_STATUS_OK) { + if (ldns_rdf_compare(data, match_data) != 0) { + s = LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH; + } + ldns_rdf_free(match_data); + } + return s; +} + + +/* Return whether any certificate from the chain with selector/matching_type + * matches data. + * ca should be true if the certificate has to be a CA certificate too. + */ +static ldns_status +ldns_dane_match_any_cert_with_data(STACK_OF(X509)* chain, + ldns_tlsa_selector selector, + ldns_tlsa_matching_type matching_type, + ldns_rdf* data, bool ca) +{ + ldns_status s = LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH; + size_t n, i; + X509* cert; + + n = (size_t)sk_X509_num(chain); + for (i = 0; i < n; i++) { + cert = sk_X509_pop(chain); + if (! cert) { + s = LDNS_STATUS_SSL_ERR; + break; + } + s = ldns_dane_match_cert_with_data(cert, + selector, matching_type, data); + if (ca && s == LDNS_STATUS_OK && ! X509_check_ca(cert)) { + s = LDNS_STATUS_DANE_NON_CA_CERTIFICATE; + } + X509_free(cert); + if (s != LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH) { + break; + } + /* when s == LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH, + * try to match the next certificate + */ + } + return s; +} + + +ldns_status +ldns_dane_verify_rr(const ldns_rr* tlsa_rr, + X509* cert, STACK_OF(X509)* extra_certs, + X509_STORE* pkix_validation_store) +{ + ldns_status s; + + STACK_OF(X509)* pkix_validation_chain = NULL; + + ldns_tlsa_certificate_usage cert_usage; + ldns_tlsa_selector selector; + ldns_tlsa_matching_type matching_type; + ldns_rdf* data; + + if (! tlsa_rr) { + /* No TLSA, so regular PKIX validation + */ + return ldns_dane_pkix_validate(cert, extra_certs, + pkix_validation_store); + } + cert_usage = ldns_rdf2native_int8(ldns_rr_rdf(tlsa_rr, 0)); + selector = ldns_rdf2native_int8(ldns_rr_rdf(tlsa_rr, 1)); + matching_type = ldns_rdf2native_int8(ldns_rr_rdf(tlsa_rr, 2)); + data = ldns_rr_rdf(tlsa_rr, 3) ; + + switch (cert_usage) { + case LDNS_TLSA_USAGE_CA_CONSTRAINT: + s = ldns_dane_pkix_validate_and_get_chain( + &pkix_validation_chain, + cert, extra_certs, + pkix_validation_store); + if (! pkix_validation_chain) { + return s; + } + if (s == LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE) { + /* + * NO PKIX validation. We still try to match *any* + * certificate from the chain, so we return + * TLSA errors over PKIX errors. + * + * i.e. When the TLSA matches no certificate, we return + * TLSA_DID_NOT_MATCH and not PKIX_DID_NOT_VALIDATE + */ + s = ldns_dane_match_any_cert_with_data( + pkix_validation_chain, + selector, matching_type, data, true); + + if (s == LDNS_STATUS_OK) { + /* A TLSA record did match a cert from the + * chain, thus the error is failed PKIX + * validation. + */ + s = LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE; + } + + } else if (s == LDNS_STATUS_OK) { + /* PKIX validated, does the TLSA match too? */ + + s = ldns_dane_match_any_cert_with_data( + pkix_validation_chain, + selector, matching_type, data, true); + } + sk_X509_pop_free(pkix_validation_chain, X509_free); + return s; + break; + + case LDNS_TLSA_USAGE_SERVICE_CERTIFICATE_CONSTRAINT: + s = ldns_dane_match_cert_with_data(cert, + selector, matching_type, data); + + if (s == LDNS_STATUS_OK) { + return ldns_dane_pkix_validate(cert, extra_certs, + pkix_validation_store); + } + return s; + break; + + case LDNS_TLSA_USAGE_TRUST_ANCHOR_ASSERTION: + s = ldns_dane_pkix_get_chain(&pkix_validation_chain, + cert, extra_certs); + + if (s == LDNS_STATUS_OK) { + s = ldns_dane_match_any_cert_with_data( + pkix_validation_chain, + selector, matching_type, data, false); + + } else if (! pkix_validation_chain) { + return s; + } + sk_X509_pop_free(pkix_validation_chain, X509_free); + return s; + break; + + case LDNS_TLSA_USAGE_DOMAIN_ISSUED_CERTIFICATE: + return ldns_dane_match_cert_with_data(cert, + selector, matching_type, data); + break; + + default: + break; + } + return LDNS_STATUS_DANE_UNKNOWN_CERTIFICATE_USAGE; +} + + +ldns_status +ldns_dane_verify(ldns_rr_list* tlsas, + X509* cert, STACK_OF(X509)* extra_certs, + X509_STORE* pkix_validation_store) +{ + size_t i; + ldns_rr* tlsa_rr; + ldns_status s = LDNS_STATUS_OK, ps; + + assert(cert != NULL); + + if (tlsas && ldns_rr_list_rr_count(tlsas) > 0) { + tlsas = ldns_dane_filter_unusable_records(tlsas); + if (! tlsas) { + return LDNS_STATUS_MEM_ERR; + } + } + if (! tlsas || ldns_rr_list_rr_count(tlsas) == 0) { + /* No TLSA's, so regular PKIX validation + */ + return ldns_dane_pkix_validate(cert, extra_certs, + pkix_validation_store); + } else { + for (i = 0; i < ldns_rr_list_rr_count(tlsas); i++) { + tlsa_rr = ldns_rr_list_rr(tlsas, i); + ps = s; + s = ldns_dane_verify_rr(tlsa_rr, cert, extra_certs, + pkix_validation_store); + + if (s != LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH && + s != LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE) { + + /* which would be LDNS_STATUS_OK (match) + * or some fatal error preventing use from + * trying the next TLSA record. + */ + break; + } + s = (s > ps ? s : ps); /* prefer PKIX_DID_NOT_VALIDATE + * over TLSA_DID_NOT_MATCH + */ + } + ldns_rr_list_free(tlsas); + } + return s; +} +#endif /* HAVE_SSL */ @@ -30,6 +30,24 @@ #include <arpa/inet.h> #endif +/* Returns whether the last label in the name is a root label (a empty label). + * Note that it is not enough to just test the last character to be 0, + * because it may be part of the last label itself. + */ +static bool +ldns_dname_last_label_is_root_label(const ldns_rdf* dname) +{ + size_t src_pos; + size_t len = 0; + + for (src_pos = 0; src_pos < ldns_rdf_size(dname); src_pos += len + 1) { + len = ldns_rdf_data(dname)[src_pos]; + } + assert(src_pos == ldns_rdf_size(dname)); + + return src_pos > 0 && len == 0; +} + ldns_rdf * ldns_dname_cat_clone(const ldns_rdf *rd1, const ldns_rdf *rd2) { @@ -47,7 +65,7 @@ ldns_dname_cat_clone(const ldns_rdf *rd1, const ldns_rdf *rd2) * rd, by reducing the size with 1 */ left_size = ldns_rdf_size(rd1); - if (left_size > 0 &&ldns_rdf_data(rd1)[left_size - 1] == 0) { + if (ldns_dname_last_label_is_root_label(rd1)) { left_size--; } @@ -84,7 +102,7 @@ ldns_dname_cat(ldns_rdf *rd1, ldns_rdf *rd2) * rd, by reducing the size with 1 */ left_size = ldns_rdf_size(rd1); - if (left_size > 0 &&ldns_rdf_data(rd1)[left_size - 1] == 0) { + if (ldns_dname_last_label_is_root_label(rd1)) { left_size--; } @@ -102,36 +120,39 @@ ldns_dname_cat(ldns_rdf *rd1, ldns_rdf *rd2) return LDNS_STATUS_OK; } -ldns_rdf * -ldns_dname_reverse(const ldns_rdf *d) +ldns_rdf* +ldns_dname_reverse(const ldns_rdf *dname) { - ldns_rdf *new; - ldns_rdf *tmp; - ldns_rdf *d_tmp; - ldns_status status; - - d_tmp = ldns_rdf_clone(d); - - new = ldns_dname_new_frm_str("."); - if(!new) - return NULL; - - while(ldns_dname_label_count(d_tmp) > 0) { - tmp = ldns_dname_label(d_tmp, 0); - status = ldns_dname_cat(tmp, new); - if(status != LDNS_STATUS_OK) { - ldns_rdf_deep_free(new); - ldns_rdf_deep_free(d_tmp); - return NULL; - } - ldns_rdf_deep_free(new); - new = tmp; - tmp = ldns_dname_left_chop(d_tmp); - ldns_rdf_deep_free(d_tmp); - d_tmp = tmp; + size_t rd_size; + uint8_t* buf; + ldns_rdf* new; + size_t src_pos; + size_t len ; + + assert(ldns_rdf_get_type(dname) == LDNS_RDF_TYPE_DNAME); + + rd_size = ldns_rdf_size(dname); + buf = LDNS_XMALLOC(uint8_t, rd_size); + if (! buf) { + return NULL; + } + new = ldns_rdf_new(LDNS_RDF_TYPE_DNAME, rd_size, buf); + if (! new) { + LDNS_FREE(buf); + return NULL; + } + + /* If dname ends in a root label, the reverse should too. + */ + if (ldns_dname_last_label_is_root_label(dname)) { + buf[rd_size - 1] = 0; + rd_size -= 1; + } + for (src_pos = 0; src_pos < rd_size; src_pos += len + 1) { + len = ldns_rdf_data(dname)[src_pos]; + memcpy(&buf[rd_size - src_pos - len - 1], + &ldns_rdf_data(dname)[src_pos], len + 1); } - ldns_rdf_deep_free(d_tmp); - return new; } @@ -519,6 +540,18 @@ ldns_dname_str_absolute(const char *dname_str) return 0; } +bool +ldns_dname_absolute(const ldns_rdf *rdf) +{ + char *str = ldns_rdf2str(rdf); + if (str) { + bool r = ldns_dname_str_absolute(str); + LDNS_FREE(str); + return r; + } + return false; +} + ldns_rdf * ldns_dname_label(const ldns_rdf *rdf, uint8_t labelpos) { @@ -743,7 +743,6 @@ ldns_dnssec_create_nsec_bitmap(ldns_rr_type rr_type_list[], memcpy(data + cur_data_size + 2, cur_data, cur_window_max+1); cur_data_size += cur_window_max + 3; } - bitmap_rdf = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_NSEC, cur_data_size, data); @@ -1154,12 +1153,15 @@ ldns_create_nsec3(ldns_rdf *cur_owner, salt_length, salt); status = ldns_dname_cat(hashed_owner, cur_zone); - if(status != LDNS_STATUS_OK) + if(status != LDNS_STATUS_OK) { + ldns_rdf_deep_free(hashed_owner); return NULL; - + } nsec = ldns_rr_new_frm_type(LDNS_RR_TYPE_NSEC3); - if(!nsec) + if(!nsec) { + ldns_rdf_deep_free(hashed_owner); return NULL; + } ldns_rr_set_type(nsec, LDNS_RR_TYPE_NSEC3); ldns_rr_set_owner(nsec, hashed_owner); @@ -1443,8 +1445,9 @@ ldns_pkt_verify_time(ldns_pkt *p, ldns_rr_type t, ldns_rdf *o, sigs = s; } else { /* otherwise get them from the packet */ - sigs = ldns_pkt_rr_list_by_name_and_type(p, o, LDNS_RR_TYPE_RRSIG, - LDNS_SECTION_ANY_NOQUESTION); + sigs = ldns_pkt_rr_list_by_name_and_type(p, o, + LDNS_RR_TYPE_RRSIG, + LDNS_SECTION_ANY_NOQUESTION); if (!sigs) { /* no sigs */ return LDNS_STATUS_ERR; @@ -1457,24 +1460,26 @@ ldns_pkt_verify_time(ldns_pkt *p, ldns_rr_type t, ldns_rdf *o, */ t_netorder = htons(t); /* rdf are in network order! */ /* a type identifier is a 16-bit number, so the size is 2 bytes */ - rdf_t = ldns_rdf_new(LDNS_RDF_TYPE_TYPE, - 2, - &t_netorder); - sigs_covered = ldns_rr_list_subtype_by_rdf(sigs, rdf_t, 0); + rdf_t = ldns_rdf_new(LDNS_RDF_TYPE_TYPE, 2, &t_netorder); - rrset = ldns_pkt_rr_list_by_name_and_type(p, - o, - t, - LDNS_SECTION_ANY_NOQUESTION); - - if (!rrset) { + sigs_covered = ldns_rr_list_subtype_by_rdf(sigs, rdf_t, 0); + ldns_rdf_free(rdf_t); + if (! sigs_covered) { + if (! s) { + ldns_rr_list_deep_free(sigs); + } return LDNS_STATUS_ERR; } + ldns_rr_list_deep_free(sigs_covered); - if (!sigs_covered) { + rrset = ldns_pkt_rr_list_by_name_and_type(p, o, t, + LDNS_SECTION_ANY_NOQUESTION); + if (!rrset) { + if (! s) { + ldns_rr_list_deep_free(sigs); + } return LDNS_STATUS_ERR; } - return ldns_verify_time(rrset, sigs, k, check_time, good_keys); } diff --git a/dnssec_sign.c b/dnssec_sign.c index 88878bad0449..f2f9d9dda87d 100644 --- a/dnssec_sign.c +++ b/dnssec_sign.c @@ -260,6 +260,8 @@ ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys) ldns_buffer_free(sign_buf); /* ERROR */ ldns_rr_list_deep_free(rrset_clone); + ldns_rr_free(current_sig); + ldns_rr_list_deep_free(signatures); return NULL; } @@ -268,6 +270,8 @@ ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys) != LDNS_STATUS_OK) { ldns_buffer_free(sign_buf); ldns_rr_list_deep_free(rrset_clone); + ldns_rr_free(current_sig); + ldns_rr_list_deep_free(signatures); return NULL; } @@ -276,6 +280,8 @@ ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys) if (!b64rdf) { /* signing went wrong */ ldns_rr_list_deep_free(rrset_clone); + ldns_rr_free(current_sig); + ldns_rr_list_deep_free(signatures); return NULL; } @@ -481,10 +487,7 @@ ldns_sign_public_rsasha1(ldns_buffer *to_sign, RSA *key) (unsigned char*)ldns_buffer_begin(b64sig), &siglen, key); if (result != 1) { - return NULL; - } - - if (result != 1) { + ldns_buffer_free(b64sig); return NULL; } @@ -859,16 +862,14 @@ ldns_dnssec_zone_create_nsec3s_mkmap(ldns_dnssec_zone *zone, ldns_rbtree_next(current_name_node)); } if (result != LDNS_STATUS_OK) { + ldns_rr_list_free(nsec3_list); return result; } ldns_rr_list_sort_nsec3(nsec3_list); result = ldns_dnssec_chain_nsec3_list(nsec3_list); - if (result != LDNS_STATUS_OK) { - return result; - } - ldns_rr_list_free(nsec3_list); + return result; } @@ -1023,9 +1024,9 @@ ldns_key_list_filter_for_non_dnskey(ldns_key_list *key_list) } ldns_status -ldns_dnssec_zone_create_rrsigs_flg( ATTR_UNUSED(ldns_dnssec_zone *zone) - , ATTR_UNUSED(ldns_rr_list *new_rrs) - , ATTR_UNUSED(ldns_key_list *key_list) +ldns_dnssec_zone_create_rrsigs_flg( ldns_dnssec_zone *zone + , ldns_rr_list *new_rrs + , ldns_key_list *key_list , int (*func)(ldns_rr *, void*) , void *arg , int flags @@ -1112,9 +1113,11 @@ ldns_dnssec_zone_create_rrsigs_flg( ATTR_UNUSED(ldns_dnssec_zone *zone) cur_rrset->signatures = ldns_dnssec_rrs_new(); cur_rrset->signatures->rr = ldns_rr_list_rr(siglist, i); + } + if (new_rrs) { ldns_rr_list_push_rr(new_rrs, - ldns_rr_list_rr(siglist, - i)); + ldns_rr_list_rr(siglist, + i)); } } ldns_rr_list_free(siglist); @@ -1146,8 +1149,10 @@ ldns_dnssec_zone_create_rrsigs_flg( ATTR_UNUSED(ldns_dnssec_zone *zone) cur_name->nsec_signatures = ldns_dnssec_rrs_new(); cur_name->nsec_signatures->rr = ldns_rr_list_rr(siglist, i); + } + if (new_rrs) { ldns_rr_list_push_rr(new_rrs, - ldns_rr_list_rr(siglist, i)); + ldns_rr_list_rr(siglist, i)); } } diff --git a/dnssec_verify.c b/dnssec_verify.c index 68c70c5e8480..d435eedf6afd 100644 --- a/dnssec_verify.c +++ b/dnssec_verify.c @@ -285,9 +285,11 @@ ldns_dnssec_build_data_chain(ldns_resolver *res, ldns_rr_class c = 0; bool other_rrset = false; - + ldns_dnssec_data_chain *new_chain = ldns_dnssec_data_chain_new(); + assert(pkt != NULL); + if (!ldns_dnssec_pkt_has_rrsigs(pkt)) { /* hmm. no dnssec data in the packet. go up to try and deny * DS? */ @@ -402,15 +404,16 @@ ldns_dnssec_build_data_chain(ldns_resolver *res, if (signatures && ldns_rr_list_rr_count(signatures) > 0) { key_name = ldns_rr_rdf(ldns_rr_list_rr(signatures, 0), 7); } - if (!key_name) { + if (signatures) { + ldns_rr_list_deep_free(signatures); + } return ldns_dnssec_build_data_chain_nokeyname(res, qflags, orig_rr, rrset, new_chain); } - if (type != LDNS_RR_TYPE_DNSKEY) { ldns_dnssec_build_data_chain_dnskey(res, qflags, @@ -419,7 +422,7 @@ ldns_dnssec_build_data_chain(ldns_resolver *res, new_chain, key_name, c - ); + ); } else { ldns_dnssec_build_data_chain_other(res, qflags, @@ -427,13 +430,11 @@ ldns_dnssec_build_data_chain(ldns_resolver *res, key_name, c, dss - - ); + ); } if (signatures) { ldns_rr_list_deep_free(signatures); } - return new_chain; } @@ -826,10 +827,7 @@ ldns_dnssec_derive_trust_tree_normal_rrset_time( /* might contain different names! sort and split */ ldns_rr_list_sort(cur_rrset); - if (tmp_rrset && tmp_rrset != cur_rrset) { - ldns_rr_list_deep_free(tmp_rrset); - tmp_rrset = NULL; - } + assert(tmp_rrset == cur_rrset); tmp_rrset = ldns_rr_list_pop_rrset(cur_rrset); /* with nsecs, this might be the wrong one */ @@ -849,6 +847,12 @@ ldns_dnssec_derive_trust_tree_normal_rrset_time( cur_sig_rr, cur_parent_rr, check_time); + if (tmp_rrset && tmp_rrset != cur_rrset + ) { + ldns_rr_list_deep_free( + tmp_rrset); + tmp_rrset = NULL; + } /* avoid dupes */ for (i = 0; i < new_tree->parent_count; i++) { if (cur_parent_rr == new_tree->parents[i]->rr) { @@ -870,9 +874,6 @@ ldns_dnssec_derive_trust_tree_normal_rrset_time( } } done: - if (tmp_rrset && tmp_rrset != cur_rrset) { - ldns_rr_list_deep_free(tmp_rrset); - } ldns_rr_list_deep_free(cur_rrset); } @@ -1077,7 +1078,8 @@ ldns_dnssec_trust_tree_contains_keys(ldns_dnssec_trust_tree *tree, if (tree->parent_status[i] != LDNS_STATUS_OK) { result = tree->parent_status[i]; } else { - if (ldns_rr_get_type(tree->rr) + if (tree->rr && + ldns_rr_get_type(tree->rr) == LDNS_RR_TYPE_NSEC && parent_result == LDNS_STATUS_OK ) { @@ -1210,8 +1212,8 @@ ldns_fetch_valid_domain_keys_time(const ldns_resolver *res, *status = LDNS_STATUS_CRYPTO_NO_TRUSTED_DNSKEY; parent_domain = ldns_dname_left_chop(domain); - while (ldns_rdf_size(parent_domain) > 0) { - /* Fail if we are at the root */ + while (parent_domain && /* Fail if we are at the root*/ + ldns_rdf_size(parent_domain) > 0) { if ((parent_keys = ldns_fetch_valid_domain_keys_time(res, @@ -1247,7 +1249,9 @@ ldns_fetch_valid_domain_keys_time(const ldns_resolver *res, ldns_rdf_deep_free(prev_parent_domain); } } - ldns_rdf_deep_free(parent_domain); + if (parent_domain) { + ldns_rdf_deep_free(parent_domain); + } } } return trusted_keys; @@ -1519,12 +1523,11 @@ ldns_dnssec_verify_denial(ldns_rr *rr, rr_name = ldns_rr_owner(rr); chopped_dname = ldns_dname_left_chop(rr_name); result = ldns_dname_cat(wildcard_name, chopped_dname); + ldns_rdf_deep_free(chopped_dname); if (result != LDNS_STATUS_OK) { return result; } - ldns_rdf_deep_free(chopped_dname); - for (i = 0; i < ldns_rr_list_rr_count(nsecs); i++) { cur_nsec = ldns_rr_list_rr(nsecs, i); if (ldns_dname_compare(rr_name, ldns_rr_owner(cur_nsec)) == 0) { @@ -1576,7 +1579,6 @@ ldns_dnssec_verify_denial(ldns_rr *rr, return LDNS_STATUS_OK; } -#ifdef HAVE_SSL ldns_status ldns_dnssec_verify_denial_nsec3_match( ldns_rr *rr , ldns_rr_list *nsecs @@ -1612,7 +1614,7 @@ ldns_dnssec_verify_denial_nsec3_match( ldns_rr *rr ldns_rr_get_type(rr), nsecs); if(!closest_encloser) { - result = LDNS_STATUS_NSEC3_ERR; + result = LDNS_STATUS_DNSSEC_NSEC_RR_NOT_COVERED; goto done; } @@ -1636,16 +1638,14 @@ ldns_dnssec_verify_denial_nsec3_match( ldns_rr *rr ldns_rdf_deep_free(hashed_wildcard_name); } - ldns_rdf_deep_free(closest_encloser); - ldns_rdf_deep_free(wildcard); - - if (!wildcard_covered) { + if (! wildcard_covered) { result = LDNS_STATUS_DNSSEC_NSEC_WILDCARD_NOT_COVERED; - } else if (closest_encloser && wildcard_covered) { - result = LDNS_STATUS_OK; } else { - result = LDNS_STATUS_DNSSEC_NSEC_RR_NOT_COVERED; + result = LDNS_STATUS_OK; } + ldns_rdf_deep_free(closest_encloser); + ldns_rdf_deep_free(wildcard); + } else if (packet_nodata && packet_qtype != LDNS_RR_TYPE_DS) { /* section 8.5 */ hashed_name = ldns_nsec3_hash_name_frm_nsec3( @@ -1819,9 +1819,6 @@ ldns_dnssec_verify_denial_nsec3(ldns_rr *rr, ); } - -#endif /* HAVE_SSL */ - #ifdef USE_GOST EVP_PKEY* ldns_gost2pkey_raw(unsigned char* key, size_t keylen) diff --git a/dnssec_zone.c b/dnssec_zone.c index 1f7274bbc969..df71a23c7ede 100644 --- a/dnssec_zone.c +++ b/dnssec_zone.c @@ -708,6 +708,7 @@ ldns_dnssec_zone_new_frm_fp_l(ldns_dnssec_zone** z, FILE* fp, ldns_rdf* origin, case LDNS_STATUS_SYNTAX_EMPTY: /* empty line was seen */ case LDNS_STATUS_SYNTAX_TTL: /* the ttl was set*/ case LDNS_STATUS_SYNTAX_ORIGIN: /* the origin was set*/ + status = LDNS_STATUS_OK; break; case LDNS_STATUS_SYNTAX_INCLUDE:/* $include not implemented */ @@ -721,38 +722,42 @@ ldns_dnssec_zone_new_frm_fp_l(ldns_dnssec_zone** z, FILE* fp, ldns_rdf* origin, if (ldns_rr_list_rr_count(todo_nsec3s) > 0) { (void) ldns_dnssec_zone_add_empty_nonterminals(newzone); - for (i = 0; i < ldns_rr_list_rr_count(todo_nsec3s); i++) { + for (i = 0; status == LDNS_STATUS_OK && + i < ldns_rr_list_rr_count(todo_nsec3s); i++) { cur_rr = ldns_rr_list_rr(todo_nsec3s, i); status = ldns_dnssec_zone_add_rr(newzone, cur_rr); } - for (i = 0; i < ldns_rr_list_rr_count(todo_nsec3_rrsigs); i++){ + for (i = 0; status == LDNS_STATUS_OK && + i < ldns_rr_list_rr_count(todo_nsec3_rrsigs); + i++){ cur_rr = ldns_rr_list_rr(todo_nsec3_rrsigs, i); status = ldns_dnssec_zone_add_rr(newzone, cur_rr); } } else if (ldns_rr_list_rr_count(todo_nsec3_rrsigs) > 0) { - for (i = 0; i < ldns_rr_list_rr_count(todo_nsec3_rrsigs); i++){ + for (i = 0; status == LDNS_STATUS_OK && + i < ldns_rr_list_rr_count(todo_nsec3_rrsigs); + i++){ cur_rr = ldns_rr_list_rr(todo_nsec3_rrsigs, i); status = ldns_dnssec_zone_add_rr(newzone, cur_rr); } } - ldns_rr_list_free(todo_nsec3_rrsigs); - ldns_rr_list_free(todo_nsec3s); - if (z) { *z = newzone; + newzone = NULL; } else { ldns_dnssec_zone_free(newzone); } - return LDNS_STATUS_OK; - error: #ifdef FASTER_DNSSEC_ZONE_NEW_FRM_FP if (zone) { ldns_zone_free(zone); } #endif + ldns_rr_list_free(todo_nsec3_rrsigs); + ldns_rr_list_free(todo_nsec3s); + if (my_origin) { ldns_rdf_deep_free(my_origin); } @@ -822,7 +827,6 @@ ldns_dname_compare_v(const void *a, const void *b) { return ldns_dname_compare((ldns_rdf *)a, (ldns_rdf *)b); } -#ifdef HAVE_SSL ldns_rbnode_t * ldns_dnssec_zone_find_nsec3_original(ldns_dnssec_zone *zone, ldns_rr *rr) { @@ -912,7 +916,6 @@ ldns_dnssec_zone_add_rr(ldns_dnssec_zone *zone, ldns_rr *rr) return result; } -#endif /* HAVE_SSL */ void ldns_dnssec_zone_names_print_fmt(FILE *out, const ldns_output_format *fmt, @@ -1009,7 +1012,9 @@ ldns_dnssec_zone_add_empty_nonterminals(ldns_dnssec_zone *zone) if (next_node == LDNS_RBTREE_NULL) { next_node = ldns_rbtree_first(zone->names); } - + if (! cur_node->data || ! next_node->data) { + return LDNS_STATUS_ERR; + } cur_name = ((ldns_dnssec_name *)cur_node->data)->name; next_name = ((ldns_dnssec_name *)next_node->data)->name; cur_label_count = ldns_dname_label_count(cur_name); diff --git a/doc/doxyparse.pl b/doc/doxyparse.pl index 526c617101bd..96a1732f9ed8 100755 --- a/doc/doxyparse.pl +++ b/doc/doxyparse.pl @@ -87,7 +87,7 @@ if (defined $options{'m'}) { # 0 - somewhere in the file # 1 - in a doxygen par -# 2 - after doxygen, except funcion +# 2 - after doxygen, expect function # create our pwd mkdir "doc"; @@ -126,7 +126,14 @@ while($i < $max) { } if ($cur_line =~ /\*\// and $state == 1) { #print "END Comment seen!\n"; - $state = 2; + if ($description =~ /^\\\\file/mg) { + # Doxygen text for the file, do not expect + # a function coming. + # + $state = 0; + } else { + $state = 2; + } $i++; next; } @@ -184,6 +191,14 @@ while($i < $max) { $description =~ s/\\param\[out\][ \t]*([\*\w]+)[ \t]+/.br\n\\fB$1\\fR: /g; $description =~ s/\\return[ \t]*/.br\nReturns /g; + # Delete leading spaces to prevent manpages to be ascii format- + # ted and enable justification of text. + # + $description =~ s/^[ \t]*//mg; + + # Prevent hyphening of all caps and underscore words + $description =~ s/\b([A-Z_]+)\b/\\%$1/g; + $description{$key} = $description; $api{$key} = $api; $return{$key} = $return; diff --git a/doc/function_manpages b/doc/function_manpages index 15706fada579..ce05899b7cf1 100644 --- a/doc/function_manpages +++ b/doc/function_manpages @@ -39,6 +39,11 @@ ldns_dname_compare, ldns_dname_interval | ldns_dname_is_subdomain | ldns_dname ldns_dname | ldns_dname_left_chop, ldns_dname_label_count, ldns_dname2canonical, ldns_dname_cat, ldns_dname_cat_clone, ldns_dname_new, ldns_dname_new_frm_str, ldns_dname_new_frm_data, ldns_dname_is_subdomain, ldns_dname_str_absolute, ldns_dname_label, ldns_dname_compare, ldns_dname_interval ### /dname.h +### dane.h +ldns_dane_create_tlsa_owner, ldns_dane_cert2rdf, ldns_dane_select_certificate, ldns_dane_create_tlsa_rr | ldns_dane_verify, ldns_dane_verify_rr +ldns_dane_verify, ldns_dane_verify_rr | ldns_dane_create_tlsa_owner, ldns_dane_cert2rdf, ldns_dane_select_certificate, ldns_dane_create_tlsa_rr +### /dane.h + ### rdata.h ldns_rdf, ldns_rdf_type | ldns_rdf_set_size, ldns_rdf_set_type, ldns_rdf_set_data, ldns_rdf_size, ldns_rdf_get_type, ldns_rdf_data, ldns_rdf_compare, ldns_rdf_new, ldns_rdf_clone, ldns_rdf_new_frm_data, ldns_rdf_new_frm_str, ldns_rdf_new_frm_fp, ldns_rdf_free, ldns_rdf_deep_free, ldns_rdf_print, ldns_native2rdf_int8, ldns_native2rdf_int16, ldns_native2rdf_int32, ldns_native2rdf_int16_data, ldns_rdf2native_int8, ldns_rdf2native_int16, ldns_rdf2native_int32, ldns_rdf2native_sockaddr_storage, ldns_rdf2native_time_t, ldns_native2rdf_int8, ldns_native2rdf_int16, ldns_native2rdf_int32, ldns_native2rdf_int16_data, ldns_rdf2native_int8, ldns_rdf2native_int16, ldns_rdf2native_int32, ldns_rdf2native_sockaddr_storage, ldns_rdf2native_time_t, ldns_native2rdf_int8, ldns_native2rdf_int16, ldns_native2rdf_int32, ldns_native2rdf_int16_data, ldns_rdf2native_int8, ldns_rdf2native_int16, ldns_rdf2native_int32, ldns_rdf2native_sockaddr_storage, ldns_rdf2native_time_t ldns_rdf_set_size, ldns_rdf_set_type, ldns_rdf_set_data | ldns_rdf diff --git a/drill/Makefile.in b/drill/Makefile.in index 5730f0809c76..ac555fa1e575 100644 --- a/drill/Makefile.in +++ b/drill/Makefile.in @@ -9,6 +9,7 @@ exec_prefix = @exec_prefix@ bindir = @bindir@ mandir = @mandir@ includedir = @includedir@ +datarootdir = @datarootdir@ CC = @CC@ CFLAGS = -I. @CFLAGS@ @@ -77,7 +78,6 @@ docclean: distclean: clean docclean rm -f config.h - rm -f drill.h realclean: clean docclean rm -f tags @@ -88,9 +88,9 @@ realclean: clean docclean rm -rf autom4te.cache rm -f config.h rm -f config.h.in - rm -f drill.h rm -f configure rm -f Makefile + rm -f drill.1 rm -f aclocal.m4 doc: @@ -99,7 +99,7 @@ doc: install: all $(INSTALL) -d $(DESTDIR)$(bindir) $(INSTALL) drill $(DESTDIR)$(bindir)/drill - $(INSTALL) -m 644 $(srcdir)/drill.1 $(DESTDIR)$(mandir)/man1/drill.1 + $(INSTALL) -m 644 drill.1 $(DESTDIR)$(mandir)/man1/drill.1 uninstall: @echo @@ -116,4 +116,4 @@ lint: done confclean: clean - rm -rf config.log config.status config.h Makefile + rm -rf config.log config.status config.h Makefile drill.1 diff --git a/drill/chasetrace.c b/drill/chasetrace.c index c2bbfd009019..0a37ff3017e6 100644 --- a/drill/chasetrace.c +++ b/drill/chasetrace.c @@ -45,7 +45,15 @@ do_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, p = ldns_pkt_new(); res = ldns_resolver_new(); - if (!p || !res) { + if (!p) { + if (res) { + ldns_resolver_free(res); + } + error("Memory allocation failed"); + return NULL; + } + if (!res) { + ldns_pkt_free(p); error("Memory allocation failed"); return NULL; } @@ -73,6 +81,8 @@ do_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, if (status != LDNS_STATUS_OK) { fprintf(stderr, "Error adding root servers to resolver: %s\n", ldns_get_errorstr_by_id(status)); ldns_rr_list_print(stdout, global_dns_root); + ldns_resolver_free(res); + ldns_pkt_free(p); return NULL; } @@ -118,7 +128,7 @@ do_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, drill_pkt_print_footer(stdout, local_res, p); /* remove the old nameserver from the resolver */ - while((pop = ldns_resolver_pop_nameserver(res))) { /* do it */ } + while(ldns_resolver_pop_nameserver(res)) { /* do it */ } /* also check for new_nss emptyness */ diff --git a/drill/config.h.in b/drill/config.h.in index 9b2a282a8e92..75448a07ecc6 100644 --- a/drill/config.h.in +++ b/drill/config.h.in @@ -111,6 +111,9 @@ /* Define to 1 if you have the <ws2tcpip.h> header file. */ #undef HAVE_WS2TCPIP_H +/* Default trust anchor file */ +#undef LDNS_TRUST_ANCHOR_FILE + /* Define to the address where bug reports for this package should be sent. */ #undef PACKAGE_BUGREPORT diff --git a/drill/configure b/drill/configure index 95bc43560728..6a4487d9a979 100755 --- a/drill/configure +++ b/drill/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for ldns 1.6.13. +# Generated by GNU Autoconf 2.68 for ldns 1.6.16. # # Report bugs to <libdns@nlnetlabs.nl>. # @@ -560,8 +560,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='ldns' PACKAGE_TARNAME='libdns' -PACKAGE_VERSION='1.6.13' -PACKAGE_STRING='ldns 1.6.13' +PACKAGE_VERSION='1.6.16' +PACKAGE_STRING='ldns 1.6.16' PACKAGE_BUGREPORT='libdns@nlnetlabs.nl' PACKAGE_URL='' @@ -604,6 +604,7 @@ ac_includes_default="\ ac_subst_vars='LTLIBOBJS LIBOBJS +LDNS_TRUST_ANCHOR_FILE LDNSDIR LIBS_STC RUNTIME_PATH @@ -664,6 +665,7 @@ enable_option_checking enable_rpath with_ssl with_ldns +with_trust_anchor ' ac_precious_vars='build_alias host_alias @@ -1216,7 +1218,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures ldns 1.6.13 to adapt to many kinds of systems. +\`configure' configures ldns 1.6.16 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1277,7 +1279,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of ldns 1.6.13:";; + short | recursive ) echo "Configuration of ldns 1.6.16:";; esac cat <<\_ACEOF @@ -1296,6 +1298,9 @@ Optional Packages: --with-ldns=PATH specify prefix of path of ldns library to use + --with-trust-anchor=KEYFILE + Default location of the trust anchor file. + [default=SYSCONFDIR/unbound/root.key] Some influential environment variables: CC C compiler command @@ -1373,7 +1378,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -ldns configure 1.6.13 +ldns configure 1.6.16 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -1796,7 +1801,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by ldns $as_me 1.6.13, which was +It was created by ldns $as_me 1.6.16, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -5379,16 +5384,46 @@ else as_fn_error $? "Can't find ldns library" "$LINENO" 5 +fi fi + + + +# Check whether --with-trust-anchor was given. +if test "${with_trust_anchor+set}" = set; then : + withval=$with_trust_anchor; + LDNS_TRUST_ANCHOR_FILE="$withval" + +else + + if test "x$LDNS_TRUST_ANCHOR_FILE" = "x"; then + if test "x$sysconfdir" = 'x${prefix}/etc' ; then + if test "x$prefix" = 'xNONE' ; then + LDNS_TRUST_ANCHOR_FILE="/etc/unbound/root.key" + else + LDNS_TRUST_ANCHOR_FILE="${prefix}/etc/unbound/root.key" + fi + else + LDNS_TRUST_ANCHOR_FILE="${sysconfdir}/unbound/root.key" + fi + fi + fi +cat >>confdefs.h <<_ACEOF +#define LDNS_TRUST_ANCHOR_FILE "$LDNS_TRUST_ANCHOR_FILE" +_ACEOF + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: Default trust anchor: $LDNS_TRUST_ANCHOR_FILE" >&5 +$as_echo "$as_me: Default trust anchor: $LDNS_TRUST_ANCHOR_FILE" >&6;} -ac_config_files="$ac_config_files Makefile" +ac_config_files="$ac_config_files Makefile drill.1" ac_config_headers="$ac_config_headers config.h" @@ -5910,7 +5945,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by ldns $as_me 1.6.13, which was +This file was extended by ldns $as_me 1.6.16, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -5972,7 +6007,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -ldns config.status 1.6.13 +ldns config.status 1.6.16 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" @@ -6094,6 +6129,7 @@ for ac_config_target in $ac_config_targets do case $ac_config_target in "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;; + "drill.1") CONFIG_FILES="$CONFIG_FILES drill.1" ;; "config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;; *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; diff --git a/drill/configure.ac b/drill/configure.ac index afd5c63803b3..17d7541c027b 100644 --- a/drill/configure.ac +++ b/drill/configure.ac @@ -2,7 +2,7 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ(2.56) -AC_INIT(ldns, 1.6.13, libdns@nlnetlabs.nl,libdns) +AC_INIT(ldns, 1.6.16, libdns@nlnetlabs.nl,libdns) AC_CONFIG_SRCDIR([drill.c]) sinclude(../acx_nlnetlabs.m4) @@ -170,13 +170,33 @@ if test -f $ldns_dev_dir/ldns/util.h && \ else AC_MSG_RESULT([no]) AC_CHECK_LIB(ldns, ldns_rr_new, , [ - AC_MSG_ERROR([Can't find ldns library]) + AC_MSG_ERROR([Can't find ldns library])dnl ' ] ) fi AC_SUBST(LDNSDIR) +AC_ARG_WITH(trust-anchor, AC_HELP_STRING([--with-trust-anchor=KEYFILE], +[Default location of the trust anchor file. [default=SYSCONFDIR/unbound/root.key]]), [ + LDNS_TRUST_ANCHOR_FILE="$withval" +],[ + if test "x$LDNS_TRUST_ANCHOR_FILE" = "x"; then + if test "x$sysconfdir" = 'x${prefix}/etc' ; then + if test "x$prefix" = 'xNONE' ; then + LDNS_TRUST_ANCHOR_FILE="/etc/unbound/root.key" + else + LDNS_TRUST_ANCHOR_FILE="${prefix}/etc/unbound/root.key" + fi + else + LDNS_TRUST_ANCHOR_FILE="${sysconfdir}/unbound/root.key" + fi + fi +]) +AC_DEFINE_UNQUOTED([LDNS_TRUST_ANCHOR_FILE], ["$LDNS_TRUST_ANCHOR_FILE"], [Default trust anchor file]) +AC_SUBST(LDNS_TRUST_ANCHOR_FILE) +AC_MSG_NOTICE([Default trust anchor: $LDNS_TRUST_ANCHOR_FILE]) + AH_BOTTOM([ #include <stdio.h> @@ -254,6 +274,6 @@ extern int optind, opterr; #endif ]) -AC_CONFIG_FILES([Makefile]) +AC_CONFIG_FILES([Makefile drill.1]) AC_CONFIG_HEADER([config.h]) AC_OUTPUT diff --git a/drill/dnssec.c b/drill/dnssec.c index b72ffb95dadc..b8074be03cc5 100644 --- a/drill/dnssec.c +++ b/drill/dnssec.c @@ -22,12 +22,10 @@ get_rr(ldns_resolver *res, ldns_rdf *zname, ldns_rr_type t, ldns_rr_class c) p = ldns_pkt_new(); found = NULL; - if (ldns_resolver_send(&p, res, zname, t, c, 0) != LDNS_STATUS_OK) { - /* oops */ - return NULL; - } else { + if (ldns_resolver_send(&p, res, zname, t, c, 0) == LDNS_STATUS_OK) { found = ldns_pkt_rr_list_by_type(p, t, LDNS_SECTION_ANY_NOQUESTION); } + ldns_pkt_free(p); return found; } @@ -36,6 +34,7 @@ drill_pkt_print(FILE *fd, ldns_resolver *r, ldns_pkt *p) { ldns_rr_list *new_nss; ldns_rr_list *hostnames; + char *answerfrom_str; if (verbosity < 5) { return; @@ -46,8 +45,7 @@ drill_pkt_print(FILE *fd, ldns_resolver *r, ldns_pkt *p) new_nss = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_NS, LDNS_SECTION_ANSWER); ldns_rr_list_print(fd, new_nss); - - /* new_nss can be empty.... */ + ldns_rr_list_deep_free(new_nss); fprintf(fd, ";; Received %d bytes from %s#%d(", (int) ldns_pkt_size(p), @@ -59,7 +57,11 @@ drill_pkt_print(FILE *fd, ldns_resolver *r, ldns_pkt *p) ldns_rr_rdf(ldns_rr_list_rr(hostnames, 0), 0)); ldns_rr_list_deep_free(hostnames); } else { - fprintf(fd, "%s", ldns_rdf2str(ldns_pkt_answerfrom(p))); + answerfrom_str = ldns_rdf2str(ldns_pkt_answerfrom(p)); + if (answerfrom_str) { + fprintf(fd, "%s", answerfrom_str); + LDNS_FREE(answerfrom_str); + } } fprintf(fd, ") in %u ms\n\n", (unsigned int)ldns_pkt_querytime(p)); } @@ -68,6 +70,7 @@ void drill_pkt_print_footer(FILE *fd, ldns_resolver *r, ldns_pkt *p) { ldns_rr_list *hostnames; + char *answerfrom_str; if (verbosity < 5) { return; @@ -85,7 +88,11 @@ drill_pkt_print_footer(FILE *fd, ldns_resolver *r, ldns_pkt *p) ldns_rr_rdf(ldns_rr_list_rr(hostnames, 0), 0)); ldns_rr_list_deep_free(hostnames); } else { - fprintf(fd, "%s", ldns_rdf2str(ldns_pkt_answerfrom(p))); + answerfrom_str = ldns_rdf2str(ldns_pkt_answerfrom(p)); + if (answerfrom_str) { + fprintf(fd, "%s", answerfrom_str); + LDNS_FREE(answerfrom_str); + } } fprintf(fd, ") in %u ms\n\n", (unsigned int)ldns_pkt_querytime(p)); } @@ -98,7 +105,6 @@ get_dnssec_rr(ldns_pkt *p, ldns_rdf *name, ldns_rr_type t, ldns_rr_list **rrlist, ldns_rr_list **sig) { ldns_pkt_type pt = LDNS_PACKET_UNKNOWN; - ldns_rr_list *rr = NULL; ldns_rr_list *sigs = NULL; size_t i; @@ -111,36 +117,52 @@ get_dnssec_rr(ldns_pkt *p, ldns_rdf *name, ldns_rr_type t, pt = ldns_pkt_reply_type(p); if (name) { - rr = ldns_pkt_rr_list_by_name_and_type(p, name, t, LDNS_SECTION_ANSWER); - if (!rr) { - rr = ldns_pkt_rr_list_by_name_and_type(p, name, t, LDNS_SECTION_AUTHORITY); + if (rrlist) { + *rrlist = ldns_pkt_rr_list_by_name_and_type(p, name, t, + LDNS_SECTION_ANSWER); + if (!*rrlist) { + *rrlist = ldns_pkt_rr_list_by_name_and_type( + p, name, t, + LDNS_SECTION_AUTHORITY); + } } - sigs = ldns_pkt_rr_list_by_name_and_type(p, name, LDNS_RR_TYPE_RRSIG, - LDNS_SECTION_ANSWER); - if (!sigs) { - sigs = ldns_pkt_rr_list_by_name_and_type(p, name, LDNS_RR_TYPE_RRSIG, - LDNS_SECTION_AUTHORITY); + if (sig) { + sigs = ldns_pkt_rr_list_by_name_and_type(p, name, + LDNS_RR_TYPE_RRSIG, + LDNS_SECTION_ANSWER); + if (!sigs) { + sigs = ldns_pkt_rr_list_by_name_and_type( + p, name, LDNS_RR_TYPE_RRSIG, + LDNS_SECTION_AUTHORITY); + } } } else { - /* A DS-referral - get the DS records if they are there */ - rr = ldns_pkt_rr_list_by_type(p, t, LDNS_SECTION_AUTHORITY); - sigs = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_RRSIG, - LDNS_SECTION_AUTHORITY); + /* A DS-referral - get the DS records if they are there */ + if (rrlist) { + *rrlist = ldns_pkt_rr_list_by_type( + p, t, LDNS_SECTION_AUTHORITY); + } + if (sig) { + sigs = ldns_pkt_rr_list_by_type(p, + LDNS_RR_TYPE_RRSIG, + LDNS_SECTION_AUTHORITY); + } } if (sig) { *sig = ldns_rr_list_new(); for (i = 0; i < ldns_rr_list_rr_count(sigs); i++) { /* only add the sigs that cover this type */ - if (ldns_rdf2rr_type(ldns_rr_rrsig_typecovered(ldns_rr_list_rr(sigs, i))) == - t) { - ldns_rr_list_push_rr(*sig, ldns_rr_clone(ldns_rr_list_rr(sigs, i))); + if (t == ldns_rdf2rr_type(ldns_rr_rrsig_typecovered( + ldns_rr_list_rr(sigs, i)))) { + + ldns_rr_list_push_rr(*sig, + ldns_rr_clone( + ldns_rr_list_rr( + sigs, i))); } } } ldns_rr_list_deep_free(sigs); - if (rrlist) { - *rrlist = rr; - } if (pt == LDNS_PACKET_NXDOMAIN || pt == LDNS_PACKET_NODATA) { return pt; @@ -153,6 +175,7 @@ get_dnssec_rr(ldns_pkt *p, ldns_rdf *name, ldns_rr_type t, ldns_status ldns_verify_denial(ldns_pkt *pkt, ldns_rdf *name, ldns_rr_type type, ldns_rr_list **nsec_rrs, ldns_rr_list **nsec_rr_sigs) { +#ifdef HAVE_SSL uint16_t nsec_i; ldns_rr_list *nsecs; @@ -216,12 +239,28 @@ ldns_verify_denial(ldns_pkt *pkt, ldns_rdf *name, ldns_rr_type type, ldns_rr_lis ldns_rr_list* sigs = ldns_pkt_rr_list_by_type(pkt, LDNS_RR_TYPE_RRSIG, LDNS_SECTION_ANY_NOQUESTION); ldns_rr* q = ldns_rr_new(); ldns_rr* match = NULL; - if(!sigs) return LDNS_STATUS_MEM_ERR; - if(!q) return LDNS_STATUS_MEM_ERR; + + if(!sigs) { + if (q) { + ldns_rr_free(q); + } + ldns_rr_list_deep_free(nsecs); + return LDNS_STATUS_MEM_ERR; + } + if(!q) { + ldns_rr_list_deep_free(nsecs); + ldns_rr_list_deep_free(sigs); + return LDNS_STATUS_MEM_ERR; + } ldns_rr_set_question(q, 1); ldns_rr_set_ttl(q, 0); ldns_rr_set_owner(q, ldns_rdf_clone(name)); - if(!ldns_rr_owner(q)) return LDNS_STATUS_MEM_ERR; + if(!ldns_rr_owner(q)) { + ldns_rr_free(q); + ldns_rr_list_deep_free(sigs); + ldns_rr_list_deep_free(nsecs); + return LDNS_STATUS_MEM_ERR; + } ldns_rr_set_type(q, type); /* result = ldns_dnssec_verify_denial_nsec3(q, nsecs, sigs, ldns_pkt_get_rcode(pkt), type, ldns_pkt_ancount(pkt) == 0); */ @@ -234,6 +273,14 @@ ldns_verify_denial(ldns_pkt *pkt, ldns_rdf *name, ldns_rr_type type, ldns_rr_lis ldns_rr_list_deep_free(sigs); } return result; +#else + (void)pkt; + (void)name; + (void)type; + (void)nsec_rrs; + (void)nsec_rr_sigs; + return LDNS_STATUS_ERR; +#endif /* HAVE_SSL */ } /* NSEC3 draft -07 */ diff --git a/drill/drill.1 b/drill/drill.1.in index 24cfd6dabe98..15b15a425333 100644 --- a/drill/drill.1 +++ b/drill/drill.1.in @@ -161,6 +161,11 @@ given \fBdrill\fR tries to validate the current answer with this key. No chasing is done. When \fBdrill\fR is doing a secure trace, this key will be used as trust anchor. Can contain a DNSKEY or a DS record. +Alternatively, when DNSSEC enabled tracing (\fB-TD\fR) or signature +chasing (\fB-S\fR), if \fB-k\fR is not specified, and a default trust anchor +(@LDNS_TRUST_ANCHOR_FILE@) exists and contains a valid DNSKEY or DS record, +it will be used as the trust anchor. + .TP \fB\-o \fImnemonic\fR Use this option to set or unset specific header bits. A bit is @@ -212,6 +217,13 @@ specify named base64 tsig key, and optional an algorithm (defaults to hmac-md5.s \fB\-z \fR don't randomize the nameserver list before sending queries. +.SH "FILES" +.TP +@LDNS_TRUST_ANCHOR_FILE@ +The file from which trusted keys are loaded when no \fB-k\fR option is given. +.SH "SEE ALSO" +.LP +unbound-anchor(8) .SH AUTHOR Jelte Jansen and Miek Gieben. Both of NLnet Labs. diff --git a/drill/drill.c b/drill/drill.c index 2f779634d8e0..574c8b98c856 100644 --- a/drill/drill.c +++ b/drill/drill.c @@ -47,19 +47,25 @@ usage(FILE *stream, const char *progname) fprintf(stream, "\t-6\t\tstay on ip6\n"); fprintf(stream, "\t-a\t\tfallback to EDNS0 and TCP if the answer is truncated\n"); fprintf(stream, "\t-b <bufsize>\tuse <bufsize> as the buffer size (defaults to 512 b)\n"); - fprintf(stream, "\t-c <file>\t\tuse file for rescursive nameserver configuration (/etc/resolv.conf)\n"); - fprintf(stream, "\t-k <file>\tspecify a file that contains a trusted DNSSEC key (DNSKEY|DS) [**]\n"); - fprintf(stream, "\t\t\tused to verify any signatures in the current answer\n"); - fprintf(stream, "\t-o <mnemonic>\tset flags to: [QR|qr][AA|aa][TC|tc][RD|rd][CD|cd][RA|ra][AD|ad]\n"); + fprintf(stream, "\t-c <file>\tuse file for rescursive nameserver configuration" + "\n\t\t\t(/etc/resolv.conf)\n"); + fprintf(stream, "\t-k <file>\tspecify a file that contains a trusted DNSSEC key [**]\n"); + fprintf(stream, "\t\t\tUsed to verify any signatures in the current answer.\n"); + fprintf(stream, "\t\t\tWhen DNSSEC enabled tracing (-TD) or signature\n" + "\t\t\tchasing (-S) and no key files are given, keys are read\n" + "\t\t\tfrom: %s\n", + LDNS_TRUST_ANCHOR_FILE); + fprintf(stream, "\t-o <mnemonic>\tset flags to:" + "\n\t\t\t[QR|qr][AA|aa][TC|tc][RD|rd][CD|cd][RA|ra][AD|ad]\n"); fprintf(stream, "\t\t\tlowercase: unset bit, uppercase: set bit\n"); fprintf(stream, "\t-p <port>\tuse <port> as remote port number\n"); fprintf(stream, "\t-s\t\tshow the DS RR for each key in a packet\n"); fprintf(stream, "\t-u\t\tsend the query with udp (the default)\n"); fprintf(stream, "\t-x\t\tdo a reverse lookup\n"); fprintf(stream, "\twhen doing a secure trace:\n"); - fprintf(stream, "\t-r <file>\t\tuse file as root servers hint file\n"); + fprintf(stream, "\t-r <file>\tuse file as root servers hint file\n"); fprintf(stream, "\t-t\t\tsend the query with tcp (connected)\n"); - fprintf(stream, "\t-d <domain>\t\tuse domain as the start point for the trace\n"); + fprintf(stream, "\t-d <domain>\tuse domain as the start point for the trace\n"); fprintf(stream, "\t-y <name:key[:algo]>\tspecify named base64 tsig key, and optional an\n\t\t\talgorithm (defaults to hmac-md5.sig-alg.reg.int)\n"); fprintf(stream, "\t-z\t\tdon't randomize the nameservers before use\n"); fprintf(stream, "\n [*] = enables/implies DNSSEC\n"); @@ -272,7 +278,8 @@ main(int argc, char *argv[]) qusevc = true; break; case 'k': - status = read_key_file(optarg, key_list); + status = read_key_file(optarg, + key_list, false); if (status != LDNS_STATUS_OK) { error("Could not parse the key file %s: %s", optarg, ldns_get_errorstr_by_id(status)); } @@ -397,6 +404,15 @@ main(int argc, char *argv[]) argc -= optind; argv += optind; + if ((PURPOSE == DRILL_CHASE || (PURPOSE == DRILL_TRACE && qdnssec)) && + ldns_rr_list_rr_count(key_list) == 0) { + + (void) read_key_file(LDNS_TRUST_ANCHOR_FILE, key_list, true); + } + if (ldns_rr_list_rr_count(key_list) > 0) { + printf(";; Number of trusted keys: %d\n", + (int) ldns_rr_list_rr_count(key_list)); + } /* do a secure trace when requested */ if (PURPOSE == DRILL_TRACE && qdnssec) { #ifdef HAVE_SSL diff --git a/drill/drill.h b/drill/drill.h index 69b0396b2171..0746fe7bff23 100644 --- a/drill/drill.h +++ b/drill/drill.h @@ -85,7 +85,6 @@ ldns_status ldns_verify_denial(ldns_pkt *pkt, ldns_rr_list **nsec_rrs, ldns_rr_list **nsec_rr_sigs); -ldns_status read_key_file(const char *filename, ldns_rr_list *key_list); ldns_pkt *read_hex_pkt(char *filename); ldns_buffer *read_hex_buffer(char *filename); void init_root(void); diff --git a/drill/drill_util.c b/drill/drill_util.c index 98d88e7942da..db0433e77e1d 100644 --- a/drill/drill_util.c +++ b/drill/drill_util.c @@ -13,14 +13,14 @@ #include <errno.h> -static size_t +static int read_line(FILE *input, char *line, size_t len) { - size_t i; + int i; char c; - for (i = 0; i < len-1; i++) { - c = getc(input); + for (i = 0; i < (int)len-1; i++) { + c = (char)getc(input); if (c == EOF) { return -1; } else if (c != '\n') { @@ -35,20 +35,22 @@ read_line(FILE *input, char *line, size_t len) /* key_list must be initialized with ldns_rr_list_new() */ ldns_status -read_key_file(const char *filename, ldns_rr_list *key_list) +read_key_file(const char *filename, ldns_rr_list *key_list, bool silently) { int line_len = 0; int line_nr = 0; int key_count = 0; - char line[LDNS_MAX_PACKETLEN]; + char line[LDNS_MAX_LINELEN]; ldns_status status; FILE *input_file; ldns_rr *rr; input_file = fopen(filename, "r"); if (!input_file) { - fprintf(stderr, "Error opening %s: %s\n", - filename, strerror(errno)); + if (! silently) { + fprintf(stderr, "Error opening %s: %s\n", + filename, strerror(errno)); + } return LDNS_STATUS_ERR; } while (line_len >= 0) { @@ -57,10 +59,13 @@ read_key_file(const char *filename, ldns_rr_list *key_list) if (line_len > 0 && line[0] != ';') { status = ldns_rr_new_frm_str(&rr, line, 0, NULL, NULL); if (status != LDNS_STATUS_OK) { - fprintf(stderr, - "Error parsing DNSKEY RR in line %d: %s\n", - line_nr, - ldns_get_errorstr_by_id(status)); + if (! silently) { + fprintf(stderr, + "Error parsing DNSKEY RR " + "in line %d: %s\n", line_nr, + ldns_get_errorstr_by_id(status) + ); + } } else if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_DNSKEY || ldns_rr_get_type(rr) == LDNS_RR_TYPE_DS) { ldns_rr_list_push_rr(key_list, rr); @@ -70,7 +75,7 @@ read_key_file(const char *filename, ldns_rr_list *key_list) } } } - printf(";; Number of trusted keys: %d\n", key_count); + fclose(input_file); if (key_count > 0) { return LDNS_STATUS_OK; } else { @@ -132,6 +137,7 @@ print_ds_of_keys(ldns_pkt *p) ds = ldns_key_rr2ds(ldns_rr_list_rr(keys, i), LDNS_SHA256); local_print_ds(stdout, "; sha256: ", ds); } + ldns_rr_list_deep_free(keys); } } diff --git a/drill/drill_util.h b/drill/drill_util.h index de7844118dbc..42b3f32b25df 100644 --- a/drill/drill_util.h +++ b/drill/drill_util.h @@ -12,6 +12,13 @@ #define _DRILL_UTIL_H_ #include <ldns/ldns.h> + +/** + * Read keys from filename and append to key_list. + */ +ldns_status read_key_file(const char *filename, ldns_rr_list *key_list, + bool silently); + /** * return a address rdf, either A or AAAA * NULL if anything goes wrong diff --git a/drill/securetrace.c b/drill/securetrace.c index 029ebf51d6fe..c6e7e588409a 100644 --- a/drill/securetrace.c +++ b/drill/securetrace.c @@ -231,7 +231,8 @@ do_secure_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, if (status != LDNS_STATUS_OK) { printf("ERRRRR: %s\n", ldns_get_errorstr_by_id(status)); ldns_rr_list_print(stdout, global_dns_root); - return status; + result = status; + goto done; } labels_count = ldns_dname_label_count(name); if (start_name) { @@ -392,7 +393,6 @@ do_secure_trace(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, printf(";; There is an empty non-terminal here, continue\n"); continue; } - goto done; } if (ldns_resolver_nameserver_count(res) == 0) { diff --git a/drill/work.c b/drill/work.c index 3a9cb5855d70..653145fe522b 100644 --- a/drill/work.c +++ b/drill/work.c @@ -122,11 +122,6 @@ packetbuffromfile(char *filename, uint8_t *wire) hexbuf[hexbufpos] = (uint8_t) c; hexbufpos++; break; - default: - warning("unknown state while reading %s", filename); - xfree(hexbuf); - return 0; - break; } c = fgetc(fp); } @@ -178,20 +173,7 @@ read_hex_buffer(char *filename) size_t wiresize; ldns_buffer *result_buffer = NULL; - FILE *fp = NULL; - - if (strncmp(filename, "-", 2) != 0) { - fp = fopen(filename, "r"); - } else { - fp = stdin; - } - - if (fp == NULL) { - perror(""); - warning("Unable to open %s", filename); - return NULL; - } - + wire = xmalloc(LDNS_MAX_PACKETLEN); wiresize = packetbuffromfile(filename, wire); @@ -199,8 +181,8 @@ read_hex_buffer(char *filename) result_buffer = LDNS_MALLOC(ldns_buffer); ldns_buffer_new_frm_data(result_buffer, wire, wiresize); ldns_buffer_set_position(result_buffer, ldns_buffer_capacity(result_buffer)); - xfree(wire); + return result_buffer; } @@ -236,7 +218,7 @@ read_hex_pkt(char *filename) void dump_hex(const ldns_pkt *pkt, const char *filename) { - uint8_t *wire; + uint8_t *wire = NULL; size_t size, i; FILE *fp; ldns_status status; @@ -252,6 +234,7 @@ dump_hex(const ldns_pkt *pkt, const char *filename) if (status != LDNS_STATUS_OK) { error("Unable to convert packet: error code %u", status); + LDNS_FREE(wire); return; } @@ -273,4 +256,5 @@ dump_hex(const ldns_pkt *pkt, const char *filename) } fprintf(fp, "\n"); fclose(fp); + LDNS_FREE(wire); } @@ -95,6 +95,35 @@ ldns_lookup_table ldns_error_str[] = { "DNSSEC signature will expire too soon" }, { LDNS_STATUS_CRYPTO_SIG_NOT_INCEPTED_WITHIN_MARGIN, "DNSSEC signature not incepted long enough" }, + { LDNS_STATUS_DANE_UNKNOWN_CERTIFICATE_USAGE, + "Unknown TLSA Certificate Usage" }, + { LDNS_STATUS_DANE_UNKNOWN_SELECTOR, "Unknown TLSA Selector" }, + { LDNS_STATUS_DANE_UNKNOWN_MATCHING_TYPE, + "Unknown TLSA Matching Type" }, + { LDNS_STATUS_DANE_UNKNOWN_PROTOCOL, + "Unknown protocol. Only IPv4 and IPv6 are understood" }, + { LDNS_STATUS_DANE_UNKNOWN_TRANSPORT, + "Unknown transport. Should be one of {tcp, udp, sctp}" }, + { LDNS_STATUS_DANE_MISSING_EXTRA_CERTS, /* Trust anchor assertion */ + "More than one certificate should be provided" }, + { LDNS_STATUS_DANE_EXTRA_CERTS_NOT_USED, /* Trust anchor assertion */ + "Non of the extra certificates is used to sign the first" }, + { LDNS_STATUS_DANE_OFFSET_OUT_OF_RANGE, /* Trust anchor assertion */ + "The offset was out of range" }, + { LDNS_STATUS_DANE_INSECURE, /* Unused by library */ + "The queried resource records were insecure" }, + { LDNS_STATUS_DANE_BOGUS, /* Unused by library */ + "The queried resource records were bogus" }, + { LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH, + "The TLSA record(s) " + "did not match with the server certificate (chain)" }, + { LDNS_STATUS_DANE_NON_CA_CERTIFICATE, + "The certificate was not a CA certificate" }, + { LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE, + "Could not PKIX validate" }, + { LDNS_STATUS_DANE_PKIX_NO_SELF_SIGNED_TRUST_ANCHOR, + "The validation path " + "did not end in a self-signed certificate" }, { 0, NULL } }; diff --git a/examples/Makefile.in b/examples/Makefile.in index 5344ee6739c0..876a4e5ecf75 100644 --- a/examples/Makefile.in +++ b/examples/Makefile.in @@ -9,6 +9,7 @@ exec_prefix = @exec_prefix@ bindir = @bindir@ mandir = @mandir@ libtool = @libtool@ +datarootdir = @datarootdir@ CC = @CC@ CFLAGS = -I. -I${srcdir} @CFLAGS@ @@ -18,6 +19,7 @@ LIBNSL_LIBS = @LIBNSL_LIBS@ LIBSSL_CPPFLAGS = @LIBSSL_CPPFLAGS@ LIBSSL_LDFLAGS = @LIBSSL_LDFLAGS@ LIBSSL_LIBS = @LIBSSL_LIBS@ +LIBSSL_SSL_LIBS = @LIBSSL_SSL_LIBS@ LIBS = @LIBS@ RUNTIME_PATH = @RUNTIME_PATH@ LDNSDIR = @LDNSDIR@ @@ -70,7 +72,8 @@ MAIN_SOURCES = ldns-read-zone.c \ MAIN_SSL_SOURCES = ldns-signzone.c \ ldns-verify-zone.c \ ldns-revoke.c \ - ldns-nsec3-hash.c + ldns-nsec3-hash.c \ + ldns-dane.c OTHER_SOURCES = ldns-testpkts.c @@ -104,6 +107,18 @@ ldnsd.stc: ldnsd.o $(LINK_STATIC) $(LIBNSL_LDFLAGS) -o $@ $^ ; \ fi +ldns-dane.prg-ssl: ldns-dane.o + @if test ! -f $(@:.prg-ssl=) -o $< -nt $(@:.prg-ssl=); then \ + echo $(LINK) $(LIBNSL_LIBS) $(LIBSSL_LDFLAGS) $(LIBSSL_SSL_LIBS) -o $(@:.prg-ssl=) $^ ; \ + $(LINK) $(LIBNSL_LIBS) $(LIBSSL_LDFLAGS) $(LIBSSL_SSL_LIBS) -o $(@:.prg-ssl=) $^ ; \ + fi + +ldns-dane.stc-ssl: ldns-dane.o + @if test ! -f $@ -o $< -nt $@; then \ + echo $(LINK_STATIC) $(LIBNSL_LIBS) $(LIBSSL_LDFLAGS) $(LIBSSL_SSL_LIBS) -o $@ $^ ; \ + $(LINK_STATIC) $(LIBNSL_LIBS) $(LIBSSL_LDFLAGS) $(LIBSSL_SSL_LIBS) -o $@ $^ ; \ + fi + %.prg-ssl: %.o @if test ! -f $(@:.prg-ssl=) -o $< -nt $(@:.prg-ssl=); then \ echo $(LINK) $(LIBNSL_LIBS) $(LIBSSL_LDFLAGS) $(LIBSSL_LIBS) -o $(@:.prg-ssl=) $^ ; \ @@ -142,11 +157,12 @@ clean: realclean: clean rm -rf autom4te.cache/ - rm -f config.log config.status aclocal.m4 config.h.in configure Makefile - rm -f config.h + rm -f config.log config.status aclocal.m4 config.h.in configure + rm -f config.h ldns-dane.1 ldns-verify-zone.1 Makefile confclean: clean - rm -rf config.log config.status config.h Makefile + rm -rf config.log config.status + rm -f config.h ldns-dane.1 ldns-verify-zone.1 Makefile install: $(PROGRAMS) $(SSL_PROGRAMS) $(INSTALL) -d -m 755 $(DESTDIR)$(bindir) @@ -154,7 +170,10 @@ install: $(PROGRAMS) $(SSL_PROGRAMS) $(INSTALL) -d -m 755 $(DESTDIR)$(mandir)/man1 for i in $(PROGRAMS) $(SSL_PROGRAMS); do \ $(libtool) --tag=CC --mode=install ${INSTALL} -c $$i $(DESTDIR)$(bindir) ; \ - $(INSTALL) -c -m 644 $(srcdir)/$$i.1 $(DESTDIR)$(mandir)/man1/$$i.1 ; \ + if test -f $$i.1 ; \ + then $(INSTALL) -c -m 644 $$i.1 $(DESTDIR)$(mandir)/man1/$$i.1 ; \ + else $(INSTALL) -c -m 644 $(srcdir)/$$i.1 $(DESTDIR)$(mandir)/man1/$$i.1 ; \ + fi ; \ done exit 0 @@ -164,11 +183,17 @@ install-static: all-static $(INSTALL) -d -m 755 $(DESTDIR)$(mandir)/man1 for i in $(PROGRAMS); do \ $(libtool) --tag=CC --mode=install ${INSTALL} -c $$i.stc $(DESTDIR)$(bindir) ; \ - $(INSTALL) -c -m 644 $(srcdir)/$$i.1 $(DESTDIR)$(mandir)/man1/$$i.1 ; \ + if test -f $$i.1 ; \ + then $(INSTALL) -c -m 644 $$i.1 $(DESTDIR)$(mandir)/man1/$$i.1 ; \ + else $(INSTALL) -c -m 644 $(srcdir)/$$i.1 $(DESTDIR)$(mandir)/man1/$$i.1 ; \ + fi ; \ done for i in $(SSL_PROGRAMS); do \ $(libtool) --tag=CC --mode=install ${INSTALL} -c $$i.stc-ssl $(DESTDIR)$(bindir) ; \ - $(INSTALL) -c -m 644 $(srcdir)/$$i.1 $(DESTDIR)$(mandir)/man1/$$i.1 ; \ + if test -f $$i.1 ; \ + then $(INSTALL) -c -m 644 $$i.1 $(DESTDIR)$(mandir)/man1/$$i.1 ; \ + else $(INSTALL) -c -m 644 $(srcdir)/$$i.1 $(DESTDIR)$(mandir)/man1/$$i.1 ; \ + fi ; \ done exit 0 diff --git a/examples/config.h.in b/examples/config.h.in index dad78b17a225..1f548a17c8d5 100644 --- a/examples/config.h.in +++ b/examples/config.h.in @@ -9,6 +9,12 @@ /* Define to 1 if you have the <ctype.h> header file. */ #undef HAVE_CTYPE_H +/* Is a CAFILE given at configure time */ +#undef HAVE_DANE_CA_FILE + +/* Is a CAPATH given at configure time */ +#undef HAVE_DANE_CA_PATH + /* Define to 1 if you have the declaration of `in6addr_any', and to 0 if you don't. */ #undef HAVE_DECL_IN6ADDR_ANY @@ -151,6 +157,15 @@ /* Define to 1 if you have the <ws2tcpip.h> header file. */ #undef HAVE_WS2TCPIP_H +/* Is a CAFILE given at configure time */ +#undef LDNS_DANE_CA_FILE + +/* Is a CAPATH given at configure time */ +#undef LDNS_DANE_CA_PATH + +/* Default trust anchor file */ +#undef LDNS_TRUST_ANCHOR_FILE + /* Define to the address where bug reports for this package should be sent. */ #undef PACKAGE_BUGREPORT diff --git a/examples/configure b/examples/configure index 46dc9988c1fb..66c1e718f9ed 100755 --- a/examples/configure +++ b/examples/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for ldns 1.6.13. +# Generated by GNU Autoconf 2.68 for ldns 1.6.16. # # Report bugs to <libdns@nlnetlabs.nl>. # @@ -560,8 +560,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='ldns' PACKAGE_TARNAME='libdns' -PACKAGE_VERSION='1.6.13' -PACKAGE_STRING='ldns 1.6.13' +PACKAGE_VERSION='1.6.16' +PACKAGE_STRING='ldns 1.6.16' PACKAGE_BUGREPORT='libdns@nlnetlabs.nl' PACKAGE_URL='' @@ -604,7 +604,11 @@ ac_includes_default="\ ac_subst_vars='LTLIBOBJS LIBOBJS +DEFAULT_CAPATH +DEFAULT_CAFILE +LDNS_TRUST_ANCHOR_FILE LDNSDIR +LIBSSL_SSL_LIBS LIBSSL_LIBS LIBSSL_LDFLAGS LIBSSL_CPPFLAGS @@ -670,6 +674,9 @@ enable_sha2 enable_gost enable_ecdsa with_ldns +with_trust_anchor +with_ca_file +with_ca_path ' ac_precious_vars='build_alias host_alias @@ -1222,7 +1229,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures ldns 1.6.13 to adapt to many kinds of systems. +\`configure' configures ldns 1.6.16 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1283,7 +1290,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of ldns 1.6.13:";; + short | recursive ) echo "Configuration of ldns 1.6.16:";; esac cat <<\_ACEOF @@ -1305,6 +1312,12 @@ Optional Packages: --with-ldns=PATH specify prefix of path of ldns library to use + --with-trust-anchor=KEYFILE + Default location of the trust anchor file for drill + and ldns-dane. [default=SYSCONFDIR/unbound/root.key] + --with-ca-file=CAFILE File containing CA certificates for ldns-dane + --with-ca-path=CAPATH Directory containing CA certificate files for + ldns-dane Some influential environment variables: CC C compiler command @@ -1382,7 +1395,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -ldns configure 1.6.13 +ldns configure 1.6.16 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -1851,7 +1864,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by ldns $as_me 1.6.13, which was +It was created by ldns $as_me 1.6.16, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -5258,7 +5271,10 @@ done +if test "x$HAVE_SSL" = "xyes"; then +LIBSSL_SSL_LIBS="$LIBSSL_LIBS -lssl" +fi CPPFLAGS="$tmp_CPPFLAGS" LDFLAGS="$tmp_LDFLAGS" LIBS="$tmp_LIBS" @@ -5858,17 +5874,100 @@ else as_fn_error $? "Can't find ldns library" "$LINENO" 5 +fi + +fi + + + + +# Check whether --with-trust-anchor was given. +if test "${with_trust_anchor+set}" = set; then : + withval=$with_trust_anchor; + LDNS_TRUST_ANCHOR_FILE="$withval" + +else + + if test "x$LDNS_TRUST_ANCHOR_FILE" = "x"; then + if test "x$sysconfdir" = 'x${prefix}/etc' ; then + if test "x$prefix" = 'xNONE' ; then + LDNS_TRUST_ANCHOR_FILE="/etc/unbound/root.key" + else + LDNS_TRUST_ANCHOR_FILE="${prefix}/etc/unbound/root.key" + fi + else + LDNS_TRUST_ANCHOR_FILE="${sysconfdir}/unbound/root.key" + fi + fi fi + +cat >>confdefs.h <<_ACEOF +#define LDNS_TRUST_ANCHOR_FILE "$LDNS_TRUST_ANCHOR_FILE" +_ACEOF + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: Default trust anchor: $LDNS_TRUST_ANCHOR_FILE" >&5 +$as_echo "$as_me: Default trust anchor: $LDNS_TRUST_ANCHOR_FILE" >&6;} + + +# Check whether --with-ca-file was given. +if test "${with_ca_file+set}" = set; then : + withval=$with_ca_file; + +$as_echo "#define HAVE_DANE_CA_FILE 1" >>confdefs.h + + +cat >>confdefs.h <<_ACEOF +#define LDNS_DANE_CA_FILE "$withval" +_ACEOF + + { $as_echo "$as_me:${as_lineno-$LINENO}: Using CAfile: $withval" >&5 +$as_echo "$as_me: Using CAfile: $withval" >&6;} + DEFAULT_CAFILE="Default is $withval" + + +else + + +$as_echo "#define HAVE_DANE_CA_FILE 0" >>confdefs.h + + + fi +# Check whether --with-ca-path was given. +if test "${with_ca_path+set}" = set; then : + withval=$with_ca_path; + +$as_echo "#define HAVE_DANE_CA_PATH 1" >>confdefs.h + + +cat >>confdefs.h <<_ACEOF +#define LDNS_DANE_CA_PATH "$withval" +_ACEOF + + { $as_echo "$as_me:${as_lineno-$LINENO}: Using CApath: $withval" >&5 +$as_echo "$as_me: Using CApath: $withval" >&6;} + DEFAULT_CAPATH="Default is $withval" + + +else + + +$as_echo "#define HAVE_DANE_CA_PATH 0" >>confdefs.h + + + +fi + -ac_config_files="$ac_config_files Makefile" +ac_config_files="$ac_config_files Makefile ldns-dane.1 ldns-verify-zone.1" ac_config_headers="$ac_config_headers config.h" @@ -6390,7 +6489,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by ldns $as_me 1.6.13, which was +This file was extended by ldns $as_me 1.6.16, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -6452,7 +6551,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -ldns config.status 1.6.13 +ldns config.status 1.6.16 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" @@ -6574,6 +6673,8 @@ for ac_config_target in $ac_config_targets do case $ac_config_target in "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;; + "ldns-dane.1") CONFIG_FILES="$CONFIG_FILES ldns-dane.1" ;; + "ldns-verify-zone.1") CONFIG_FILES="$CONFIG_FILES ldns-verify-zone.1" ;; "config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;; *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; diff --git a/examples/configure.ac b/examples/configure.ac index 67345dac7cd2..9bd74ff41aa6 100644 --- a/examples/configure.ac +++ b/examples/configure.ac @@ -2,7 +2,7 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ(2.56) -AC_INIT(ldns, 1.6.13, libdns@nlnetlabs.nl,libdns) +AC_INIT(ldns, 1.6.16, libdns@nlnetlabs.nl,libdns) AC_CONFIG_SRCDIR([ldns-read-zone.c]) sinclude(../acx_nlnetlabs.m4) @@ -136,7 +136,9 @@ ACX_WITH_SSL_OPTIONAL AC_SUBST(LIBSSL_CPPFLAGS) AC_SUBST(LIBSSL_LDFLAGS) AC_SUBST(LIBSSL_LIBS) - +if test "x$HAVE_SSL" = "xyes"; then +AC_SUBST(LIBSSL_SSL_LIBS, ["$LIBSSL_LIBS -lssl"]) +fi CPPFLAGS="$tmp_CPPFLAGS" LDFLAGS="$tmp_LDFLAGS" LIBS="$tmp_LIBS" @@ -313,13 +315,51 @@ if test -f $ldns_dev_dir/ldns/util.h && \ else AC_MSG_RESULT([no]) AC_CHECK_LIB(ldns, ldns_rr_new,, [ - AC_MSG_ERROR([Can't find ldns library]) + AC_MSG_ERROR([Can't find ldns library])dnl' ] ) fi AC_SUBST(LDNSDIR) +AC_ARG_WITH(trust-anchor, AC_HELP_STRING([--with-trust-anchor=KEYFILE], [Default location of the trust anchor file for drill and ldns-dane. [default=SYSCONFDIR/unbound/root.key]]), [ + LDNS_TRUST_ANCHOR_FILE="$withval" +],[ + if test "x$LDNS_TRUST_ANCHOR_FILE" = "x"; then + if test "x$sysconfdir" = 'x${prefix}/etc' ; then + if test "x$prefix" = 'xNONE' ; then + LDNS_TRUST_ANCHOR_FILE="/etc/unbound/root.key" + else + LDNS_TRUST_ANCHOR_FILE="${prefix}/etc/unbound/root.key" + fi + else + LDNS_TRUST_ANCHOR_FILE="${sysconfdir}/unbound/root.key" + fi + fi +]) +AC_DEFINE_UNQUOTED([LDNS_TRUST_ANCHOR_FILE], ["$LDNS_TRUST_ANCHOR_FILE"], [Default trust anchor file]) +AC_SUBST(LDNS_TRUST_ANCHOR_FILE) +AC_MSG_NOTICE([Default trust anchor: $LDNS_TRUST_ANCHOR_FILE]) + +AC_ARG_WITH(ca-file, AC_HELP_STRING([--with-ca-file=CAFILE], [File containing CA certificates for ldns-dane]), [ + AC_DEFINE([HAVE_DANE_CA_FILE], [1], [Is a CAFILE given at configure time]) + AC_DEFINE_UNQUOTED([LDNS_DANE_CA_FILE], ["$withval"], [Is a CAFILE given at configure time]) + AC_MSG_NOTICE([Using CAfile: $withval]) + AC_SUBST(DEFAULT_CAFILE, ["Default is $withval"]) +],[ + AC_DEFINE([HAVE_DANE_CA_FILE], [0], [Is a CAFILE given at configure time]) + AC_SUBST(DEFAULT_CAFILE, []) +]) + +AC_ARG_WITH(ca-path, AC_HELP_STRING([--with-ca-path=CAPATH], [Directory containing CA certificate files for ldns-dane]), [ + AC_DEFINE([HAVE_DANE_CA_PATH], [1], [Is a CAPATH given at configure time]) + AC_DEFINE_UNQUOTED([LDNS_DANE_CA_PATH], ["$withval"], [Is a CAPATH given at configure time]) + AC_MSG_NOTICE([Using CApath: $withval]) + AC_SUBST(DEFAULT_CAPATH, ["Default is $withval"]) +],[ + AC_DEFINE([HAVE_DANE_CA_PATH], [0], [Is a CAPATH given at configure time]) + AC_SUBST(DEFAULT_CAPATH, []) +]) AH_BOTTOM([ @@ -416,6 +456,6 @@ extern int optind, opterr; #endif ]) -AC_CONFIG_FILES([Makefile]) +AC_CONFIG_FILES([Makefile ldns-dane.1 ldns-verify-zone.1]) AC_CONFIG_HEADER([config.h]) AC_OUTPUT diff --git a/examples/ldns-dane.1.in b/examples/ldns-dane.1.in new file mode 100644 index 000000000000..8f05d7f681a1 --- /dev/null +++ b/examples/ldns-dane.1.in @@ -0,0 +1,179 @@ +.TH ldns-dane 1 "17 September 2012" +.SH NAME +ldns-dane \- verify or create TLS authentication with DANE (RFC6698) +.SH SYNOPSIS +.PD 0 +.B ldns-dane +.IR [OPTIONS] +.IR verify +.IR name +.IR port +.PP +.B ldns-dane +.IR [OPTIONS] +.IR -t +.IR tlsafile +.IR verify + +.B ldns-dane +.IR [OPTIONS] +.IR name +.IR port +.IR create +.PP + [ +.IR Certificate-usage +[ +.IR Selector +[ +.IR Matching-type +] ] ] + +.B ldns-dane +.IR -h +.PP +.B ldns-dane +.IR -v +.PD 1 + +.SH DESCRIPTION + +In the first form: +A TLS connection to \fIname\fR:\fIport\fR is established. +The TLSA resource record(s) for \fIname\fR are used to authenticate +the connection. + +In the second form: +The TLSA record(s) are read from \fItlsafile\fR and used to authenticate +the TLS service they reference. + +In the third form: +A TLS connection to \fIname\fR:\fIport\fR is established and used to +create the TLSA resource record(s) that would authenticate the connection. +The parameters for TLSA rr creation are: + +.PD 0 +.I Certificate-usage\fR: +.RS +.IP 0 +CA constraint +.IP 1 +Service certificate constraint +.IP 2 +Trust anchor assertion +.IP 3 +Domain-issued certificate (default) +.RE + +.I Selector\fR: +.RS +.IP 0 +Full certificate (default) +.IP 1 +SubjectPublicKeyInfo +.RE + +.I Matching-type\fR: +.RS +.IP 0 +No hash used +.IP 1 +SHA-256 (default) +.IP 2 +SHA-512 +.RE +.PD 1 + +In stead of numbers the first few letters of the value may be used. +Except for the hash algorithm name, where the full name must be specified. + +.SH OPTIONS +.IP -4 +TLS connect IPv4 only +.IP -6 +TLS connect IPv6 only +.IP "-a \fIaddress\fR" +Don't try to resolve \fIname\fR, but connect to \fIaddress\fR instead. + +This option may be given more than once. +.IP -b +print "\fIname\fR\. TYPE52 \\# \fIsize\fR \fIhexdata\fR" form instead +of TLSA presentation format. +.IP "-c \fIcertfile\fR" +Do not TLS connect to \fIname\fR:\fIport\fR, but authenticate (or make +TLSA records) for the certificate (chain) in \fIcertfile\fR instead. +.IP -d +Assume DNSSEC validity even when the TLSA records were acquired insecure +or were bogus. +.IP "-f \fICAfile\fR" +Use CAfile to validate. @DEFAULT_CAFILE@ +.IP -h +Print short usage help +.IP -i +Interact after connecting. +.IP "-k \fIkeyfile\fR" +Specify a file that contains a trusted DNSKEY or DS rr. +Key(s) are used when chasing signatures (i.e. \fI-S\fR is given). + +This option may be given more than once. + +Alternatively, if \fB-k\fR is not specified, and a default trust anchor +(@LDNS_TRUST_ANCHOR_FILE@) exists and contains a valid DNSKEY or DS record, +it will be used as the trust anchor. +.IP -n +Do \fBnot\fR verify server name in certificate. +.IP "-o \fIoffset\fR" +When creating a "Trust anchor assertion" TLSA resource record, +select the \fIoffset\fRth certificate offset from the end +of the validation chain. 0 means the last certificate, 1 the one but last, +2 the second but last, etc. + +When \fIoffset\fR is -1 (the default), the last certificate +is used (like with 0) that MUST be self-signed. This can help to make +sure that the intended (self signed) trust anchor is actually present +in the server certificate chain (which is a DANE requirement). +.IP "-p \fICApath\fR" +Use certificates in the \fICApath\fR directory to validate. @DEFAULT_CAPATH@ +.IP -s +When creating TLSA resource records with the "CA Constraint" and the +"Service Certificate Constraint" certificate usage, do not validate and +assume PKIX is valid. + +For "CA Constraint" this means that verification should end with a +self-signed certificate. +.IP -S +Chase signature(s) to a known key. + +Without this option, the local network is trusted to provide +a DNSSEC resolver (i.e. AD bit is checked). +.IP "-t \fItlsafile\fR" +Read TLSA record(s) from \fItlsafile\fR. When \fIname\fR and \fIport\fR +are also given, only TLSA records that match the \fIname\fR, \fIport\fR and +\fItransport\fR are used. Otherwise the owner name of the TLSA record(s) +will be used to determine \fIname\fR, \fIport\fR and \fItransport\fR. +.IP -u +Use UDP transport instead of TCP. +.IP -v +Show version and exit. + +.SH "FILES" +.TP +@LDNS_TRUST_ANCHOR_FILE@ +The file from which trusted keys are loaded for signature chasing, +when no \fB-k\fR option is given. + +.SH "SEE ALSO" +.LP +unbound-anchor(8) + +.SH AUTHOR +Written by the ldns team as an example for ldns usage. + +.SH REPORTING BUGS +Report bugs to \fIldns-team@nlnetlabs.nl\fR. + +.SH COPYRIGHT +Copyright (C) 2012 NLnet Labs. This is free software. There is NO +warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR +PURPOSE. + diff --git a/examples/ldns-dane.c b/examples/ldns-dane.c new file mode 100644 index 000000000000..3ae358813296 --- /dev/null +++ b/examples/ldns-dane.c @@ -0,0 +1,1722 @@ +/* + * Verify or create TLS authentication with DANE (RFC6698) + * + * (c) NLnetLabs 2012 + * + * See the file LICENSE for the license. + * + * wish list: + * - nicer reporting (tracing of evaluation process) + * - verbosity levels + * - STARTTLS support + */ + +#include "config.h" +#include <unistd.h> +#include <stdlib.h> +#include <sys/types.h> +#include <sys/socket.h> +#include <netdb.h> + +#include <ldns/ldns.h> + +#include <errno.h> + +#ifdef HAVE_SSL +#include <openssl/ssl.h> +#include <openssl/err.h> +#include <openssl/x509v3.h> + +#ifndef IPPROTO_SCTP +#define IPPROTO_SCTP 132 +#endif + +#define LDNS_ERR(code, msg) do { if (code != LDNS_STATUS_OK) \ + ldns_err(msg, code); } while (false) +#define MEMERR(msg) do { fprintf(stderr, "memory error in %s\n", msg); \ + exit(EXIT_FAILURE); } while (false) +#define BUFSIZE 16384 + +/* int verbosity = 3; */ + +void +print_usage(const char* progname) +{ + printf("Usage: %s [OPTIONS] verify <name> <port>\n", progname); + printf(" or: %s [OPTIONS] -t <tlsafile> verify\n", progname); + printf("\n\tVerify the TLS connection at <name>:<port> or" + "\n\tuse TLSA record(s) from <tlsafile> to verify the\n" + "\tTLS service they reference.\n"); + printf("\n or: %s [OPTIONS] create <name> <port> [<usage> " + "[<selector> [<type>]]]\n", progname); + printf("\n\tUse the TLS connection(s) to <name> <port> " + "to create the TLSA\n\t" + "resource record(s) that would " + "authenticate the connection.\n"); + printf("\n\t<usage>" + "\t\t0: CA constraint\n" + "\t\t\t1: Service certificate constraint\n" + "\t\t\t2: Trust anchor assertion\n" + "\t\t\t3: Domain-issued certificate (default)\n"); + printf("\n\t<selector>" + "\t0: Full certificate (default)\n" + "\t\t\t1: SubjectPublicKeyInfo\n"); + printf("\n\t<type>" + "\t\t0: No hash used\n" + "\t\t\t1: SHA-256 (default)\n" + "\t\t\t2: SHA-512\n"); + + printf("OPTIONS:\n"); + printf("\t-h\t\tshow this text\n"); + printf("\t-4\t\tTLS connect IPv4 only\n"); + printf("\t-6\t\tTLS connect IPv6 only\n"); + printf("\t-a <address>\t" + "don't resolve <name>, but connect to <address>(es)\n"); + printf("\t-b\t\t" + "print \"<name>. TYPE52 \\#<size> <hex data>\" form\n" + ); + printf("\t-c <certfile>\t" + "verify or create TLSA records for the\n" + "\t\t\tcertificate (chain) in <certfile>\n" + ); + printf("\t-d\t\tassume DNSSEC validity even when insecure or bogus\n"); + printf("\t-f <CAfile>\tuse CAfile to validate\n"); +#if HAVE_DANE_CA_FILE + printf("\t\t\tDefault is %s\n", LDNS_DANE_CA_FILE); +#endif + printf("\t-i\t\tinteract after connecting\n"); + printf("\t-k <keyfile>\t" + "use DNSKEY/DS rr(s) in <keyfile> to validate TLSAs\n" + "\t\t\twhen signature chasing (i.e. -S)\n" + ); + printf("\t\t\tDefault is %s\n", LDNS_TRUST_ANCHOR_FILE); + printf("\t-n\t\tdo *not* verify server name in certificate\n"); + printf("\t-o <offset>\t" + "select <offset>th certificate from the end of\n" + "\t\t\tthe validation chain. -1 means self-signed at end\n" + ); + printf("\t-p <CApath>\t" + "use certificates in the <CApath> directory to validate\n" + ); +#if HAVE_DANE_CA_PATH + printf("\t\t\tDefaults is %s\n", LDNS_DANE_CA_PATH); +#endif + printf("\t-s\t\tassume PKIX validity\n"); + printf("\t-S\t\tChase signature(s) to a known key\n"); + printf("\t-t <tlsafile>\tdo not use DNS, " + "but read TLSA record(s) from <tlsafile>\n" + ); + printf("\t-u\t\tuse UDP transport instead of TCP\n"); + printf("\t-v\t\tshow version and exit\n"); + /* printf("\t-V [0-5]\tset verbosity level (defaul 3)\n"); */ + exit(EXIT_SUCCESS); +} + +int +dane_int_within_range(const char* arg, int max, const char* name) +{ + char* endptr; /* utility var for strtol usage */ + int val = strtol(arg, &endptr, 10); + + if ((val < 0 || val > max) + || (errno != 0 && val == 0) /* out of range */ + || endptr == arg /* no digits */ + || *endptr != '\0' /* more chars */ + ) { + fprintf(stderr, "<%s> should be in range [0-%d]\n", name, max); + exit(EXIT_FAILURE); + } + return val; +} + +struct dane_param_choice_struct { + const char* name; + int number; +}; +typedef struct dane_param_choice_struct dane_param_choice; + +dane_param_choice dane_certificate_usage_table[] = { + { "CA constraint" , 0 }, + { "CA-constraint" , 0 }, + { "Service certificate constraint" , 1 }, + { "Service-certificate-constraint" , 1 }, + { "Trust anchor assertion" , 2 }, + { "Trust-anchor-assertion" , 2 }, + { "anchor" , 2 }, + { "Domain-issued certificate" , 3 }, + { "Domain-issued-certificate" , 3 }, + { NULL, -1 } +}; + +dane_param_choice dane_selector_table[] = { + { "Full certificate" , 0 }, + { "Full-certificate" , 0 }, + { "certificate" , 0 }, + { "SubjectPublicKeyInfo", 1 }, + { "PublicKey" , 1 }, + { "pubkey" , 1 }, + { "key" , 1 }, + { NULL, -1 } +}; + +int +dane_int_within_range_table(const char* arg, int max, const char* name, + dane_param_choice table[]) +{ + dane_param_choice* t; + + if (*arg) { + for (t = table; t->name; t++) { + if (strncasecmp(arg, t->name, strlen(arg)) == 0) { + return t->number; + } + } + } + return dane_int_within_range(arg, max, name); +} + +void +ssl_err(const char* s) +{ + fprintf(stderr, "error: %s\n", s); + ERR_print_errors_fp(stderr); + exit(EXIT_FAILURE); +} + +void +ldns_err(const char* s, ldns_status err) +{ + if (err == LDNS_STATUS_SSL_ERR) { + ssl_err(s); + } else { + fprintf(stderr, "%s: %s\n", s, ldns_get_errorstr_by_id(err)); + exit(EXIT_FAILURE); + } +} + +ldns_status +ssl_connect_and_get_cert_chain( + X509** cert, STACK_OF(X509)** extra_certs, + SSL* ssl, ldns_rdf* address, uint16_t port, + ldns_dane_transport transport) +{ + struct sockaddr_storage *a = NULL; + size_t a_len = 0; + int sock; + int r; + + assert(cert != NULL); + assert(extra_certs != NULL); + + a = ldns_rdf2native_sockaddr_storage(address, port, &a_len); + switch (transport) { + case LDNS_DANE_TRANSPORT_TCP: + + sock = socket((int)((struct sockaddr*)a)->sa_family, + SOCK_STREAM, IPPROTO_TCP); + break; + + case LDNS_DANE_TRANSPORT_UDP: + + sock = socket((int)((struct sockaddr*)a)->sa_family, + SOCK_DGRAM, IPPROTO_UDP); + break; + + case LDNS_DANE_TRANSPORT_SCTP: + + sock = socket((int)((struct sockaddr*)a)->sa_family, + SOCK_STREAM, IPPROTO_SCTP); + break; + + default: + LDNS_FREE(a); + return LDNS_STATUS_DANE_UNKNOWN_TRANSPORT; + } + if (sock == -1) { + LDNS_FREE(a); + return LDNS_STATUS_NETWORK_ERR; + } + if (connect(sock, (struct sockaddr*)a, (socklen_t)a_len) == -1) { + LDNS_FREE(a); + return LDNS_STATUS_NETWORK_ERR; + } + LDNS_FREE(a); + if (! SSL_clear(ssl)) { + close(sock); + fprintf(stderr, "SSL_clear\n"); + return LDNS_STATUS_SSL_ERR; + } + SSL_set_connect_state(ssl); + (void) SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY); + if (! SSL_set_fd(ssl, sock)) { + close(sock); + fprintf(stderr, "SSL_set_fd\n"); + return LDNS_STATUS_SSL_ERR; + } + for (;;) { + ERR_clear_error(); + if ((r = SSL_do_handshake(ssl)) == 1) { + break; + } + r = SSL_get_error(ssl, r); + if (r != SSL_ERROR_WANT_READ && r != SSL_ERROR_WANT_WRITE) { + fprintf(stderr, "handshaking SSL_get_error: %d\n", r); + return LDNS_STATUS_SSL_ERR; + } + } + *cert = SSL_get_peer_certificate(ssl); + *extra_certs = SSL_get_peer_cert_chain(ssl); + + return LDNS_STATUS_OK; +} + + +void +ssl_interact(SSL* ssl) +{ + fd_set rfds; + int maxfd; + int sock; + int r; + + char buf[BUFSIZE]; + char* bufptr; + int to_write; + int written; + + sock = SSL_get_fd(ssl); + if (sock == -1) { + return; + } + maxfd = (STDIN_FILENO > sock ? STDIN_FILENO : sock) + 1; + for (;;) { +#ifndef S_SPLINT_S + FD_ZERO(&rfds); +#endif /* splint */ + FD_SET(sock, &rfds); + FD_SET(STDIN_FILENO, &rfds); + + r = select(maxfd, &rfds, NULL, NULL, NULL); + if (r == -1) { + perror("select"); + break; + } + if (FD_ISSET(sock, &rfds)) { + to_write = SSL_read(ssl, buf, BUFSIZE); + if (to_write <= 0) { + r = SSL_get_error(ssl, to_write); + if (r != SSL_ERROR_ZERO_RETURN) { + fprintf(stderr, + "reading SSL_get_error:" + " %d\n", r); + } + break; + } + bufptr = buf; + while (to_write > 0) { + written = (int) fwrite(bufptr, 1, + (size_t) to_write, stdout); + if (written == 0) { + perror("fwrite"); + break; + } + to_write -= written; + bufptr += written; + } + } /* if (FD_ISSET(sock, &rfds)) */ + + if (FD_ISSET(STDIN_FILENO, &rfds)) { + to_write = (int) read(STDIN_FILENO, buf, BUFSIZE - 1); + if (to_write <= 0) { + if (to_write == -1) { + perror("read"); + } + break; + } + if (buf[to_write - 1] == '\n') { + buf[to_write - 1] = '\r'; + buf[to_write ] = '\n'; + to_write += 1; + } + bufptr = buf; + while (to_write > 0) { + written = SSL_write(ssl, bufptr, to_write); + if (written <= 0) { + r = SSL_get_error(ssl, to_write); + if (r != SSL_ERROR_ZERO_RETURN) { + fprintf(stderr, + "writing SSL_get_error" + ": %d\n", r); + } + break; + } + to_write -= written; + bufptr += written; + } + } /* if (FD_ISSET(STDIN_FILENO, &rfds)) */ + + } /* for (;;) */ +} + + +void +ssl_shutdown(SSL* ssl) +{ + while (SSL_shutdown(ssl) == 0); +} + +ldns_rr_list* +rr_list_filter_rr_type(ldns_rr_list* l, ldns_rr_type t) +{ + size_t i; + ldns_rr* rr; + ldns_rr_list* r = ldns_rr_list_new(); + + if (r == NULL) { + return r; + } + for (i = 0; i < ldns_rr_list_rr_count(l); i++) { + rr = ldns_rr_list_rr(l, i); + if (ldns_rr_get_type(rr) == t) { + if (! ldns_rr_list_push_rr(r, rr)) { + ldns_rr_list_free(r); + return NULL; + } + } + } + return r; +} + + +/* Return a copy of the list of tlsa records where the usage types + * "CA constraint" are replaced with "Trust anchor assertion" and the usage + * types "Service certificate constraint" are replaced with + * "Domain-issued certificate". + * + * This to check what would happen if PKIX validation was successfull always. + */ +ldns_rr_list* +dane_no_pkix_transform(const ldns_rr_list* tlas) +{ + size_t i; + ldns_rr* rr; + ldns_rr* new_rr; + ldns_rdf* rdf; + ldns_rr_list* r = ldns_rr_list_new(); + + if (r == NULL) { + return r; + } + for (i = 0; i < ldns_rr_list_rr_count(tlas); i++) { + rr = ldns_rr_list_rr(tlas, i); + if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_TLSA) { + + new_rr = ldns_rr_clone(rr); + if (!new_rr) { + ldns_rr_list_deep_free(r); + return NULL; + } + switch(ldns_rdf2native_int8(ldns_rr_rdf(new_rr, 0))) { + + case LDNS_TLSA_USAGE_CA_CONSTRAINT: + + rdf = ldns_native2rdf_int8(LDNS_RDF_TYPE_INT8, + (uint8_t) LDNS_TLSA_USAGE_TRUST_ANCHOR_ASSERTION); + if (! rdf) { + ldns_rr_free(new_rr); + ldns_rr_list_deep_free(r); + return NULL; + } + (void) ldns_rr_set_rdf(new_rr, rdf, 0); + break; + + + case LDNS_TLSA_USAGE_SERVICE_CERTIFICATE_CONSTRAINT: + + rdf = ldns_native2rdf_int8(LDNS_RDF_TYPE_INT8, + (uint8_t) LDNS_TLSA_USAGE_DOMAIN_ISSUED_CERTIFICATE); + if (! rdf) { + ldns_rr_free(new_rr); + ldns_rr_list_deep_free(r); + return NULL; + } + (void) ldns_rr_set_rdf(new_rr, rdf, 0); + break; + + + default: + break; + } + if (! ldns_rr_list_push_rr(r, new_rr)) { + ldns_rr_free(new_rr); + ldns_rr_list_deep_free(r); + return NULL; + } + } + } + return r; +} + +void +print_rr_as_TYPEXXX(FILE* out, ldns_rr* rr) +{ + size_t i, sz; + ldns_status s; + ldns_buffer* buf = ldns_buffer_new(LDNS_MAX_PACKETLEN); + char* str; + + ldns_buffer_clear(buf); + s = ldns_rdf2buffer_str_dname(buf, ldns_rr_owner(rr)); + LDNS_ERR(s, "could not ldns_rdf2buffer_str_dname"); + ldns_buffer_printf(buf, "\t%d", ldns_rr_ttl(rr)); + ldns_buffer_printf(buf, "\t"); + s = ldns_rr_class2buffer_str(buf, ldns_rr_get_class(rr)); + LDNS_ERR(s, "could not ldns_rr_class2buffer_str"); + ldns_buffer_printf(buf, "\tTYPE%d", ldns_rr_get_type(rr)); + sz = 0; + for (i = 0; i < ldns_rr_rd_count(rr); i++) { + sz += ldns_rdf_size(ldns_rr_rdf(rr, i)); + } + ldns_buffer_printf(buf, "\t\\# %d ", sz); + for (i = 0; i < ldns_rr_rd_count(rr); i++) { + s = ldns_rdf2buffer_str_hex(buf, ldns_rr_rdf(rr, i)); + LDNS_ERR(s, "could not ldns_rdf2buffer_str_hex"); + } + str = ldns_buffer_export2str(buf); + ldns_buffer_free(buf); + fprintf(out, "%s\n", str); + LDNS_FREE(str); +} + +void +print_rr_list_as_TYPEXXX(FILE* out, ldns_rr_list* l) +{ + size_t i; + + for (i = 0; i < ldns_rr_list_rr_count(l); i++) { + print_rr_as_TYPEXXX(out, ldns_rr_list_rr(l, i)); + } +} + +ldns_status +read_key_file(const char *filename, ldns_rr_list *keys) +{ + ldns_status status = LDNS_STATUS_ERR; + ldns_rr *rr; + FILE *fp; + uint32_t my_ttl = 0; + ldns_rdf *my_origin = NULL; + ldns_rdf *my_prev = NULL; + int line_nr; + + if (!(fp = fopen(filename, "r"))) { + return LDNS_STATUS_FILE_ERR; + } + while (!feof(fp)) { + status = ldns_rr_new_frm_fp_l(&rr, fp, &my_ttl, &my_origin, + &my_prev, &line_nr); + + if (status == LDNS_STATUS_OK) { + + if ( ldns_rr_get_type(rr) == LDNS_RR_TYPE_DS + || ldns_rr_get_type(rr) == LDNS_RR_TYPE_DNSKEY) + + ldns_rr_list_push_rr(keys, rr); + + } else if ( status == LDNS_STATUS_SYNTAX_EMPTY + || status == LDNS_STATUS_SYNTAX_TTL + || status == LDNS_STATUS_SYNTAX_ORIGIN + || status == LDNS_STATUS_SYNTAX_INCLUDE) + + status = LDNS_STATUS_OK; + else + break; + } + fclose(fp); + return status; +} + + +ldns_status +dane_setup_resolver(ldns_resolver** res, + ldns_rr_list* keys, bool dnssec_off) +{ + ldns_status s; + + assert(res != NULL); + + s = ldns_resolver_new_frm_file(res, NULL); + if (s == LDNS_STATUS_OK) { + ldns_resolver_set_dnssec(*res, ! dnssec_off); + + if (keys && ldns_rr_list_rr_count(keys) > 0) { + /* anchors must trigger signature chasing */ + ldns_resolver_set_dnssec_anchors(*res, keys); + ldns_resolver_set_dnssec_cd(*res, true); + } + } + return s; +} + + +ldns_status +dane_query(ldns_rr_list** rrs, ldns_resolver* r, + ldns_rdf *name, ldns_rr_type t, ldns_rr_class c, + bool insecure_is_ok) +{ + ldns_pkt* p = NULL; + ldns_rr_list* keys = NULL; + ldns_rr_list* rrsigs = NULL; + ldns_rdf* signame = NULL; + ldns_status s; + + assert(rrs != NULL); + + p = ldns_resolver_query(r, name, t, c, LDNS_RD); + if (! p) { + return LDNS_STATUS_MEM_ERR; + } + *rrs = ldns_pkt_rr_list_by_type(p, t, LDNS_SECTION_ANSWER); + + if (! ldns_resolver_dnssec(r)) { /* DNSSEC explicitely disabled, + anything goes */ + ldns_pkt_free(p); + return LDNS_STATUS_OK; + } + if (ldns_rr_list_rr_count(*rrs) == 0) { /* assert(*rrs == NULL) */ + + if (ldns_pkt_get_rcode(p) == LDNS_RCODE_SERVFAIL) { + + ldns_pkt_free(p); + return LDNS_STATUS_DANE_BOGUS; + } else { + ldns_pkt_free(p); + return LDNS_STATUS_OK; + } + } + /* We have answers and we have dnssec. */ + + if (! ldns_pkt_cd(p)) { /* we act as stub resolver (no sigchase) */ + + if (! ldns_pkt_ad(p)) { /* Not secure */ + + goto insecure; + } + ldns_pkt_free(p); + return LDNS_STATUS_OK; + } + + /* sigchase */ + + /* TODO: handle cname reference check */ + + rrsigs = ldns_pkt_rr_list_by_type(p, + LDNS_RR_TYPE_RRSIG, + LDNS_SECTION_ANSWER); + + if (! rrsigs || ldns_rr_list_rr_count(rrsigs) == 0) { + goto insecure; + } + + signame = ldns_rr_rrsig_signame(ldns_rr_list_rr(rrsigs, 0)); + if (! signame) { + s = LDNS_STATUS_ERR; + goto error; + } + /* First try with the keys we already have */ + s = ldns_verify(*rrs, rrsigs, ldns_resolver_dnssec_anchors(r), NULL); + if (s == LDNS_STATUS_OK) { + goto cleanup; + } + /* Fetch the necessary keys and recheck */ + keys = ldns_fetch_valid_domain_keys(r, signame, + ldns_resolver_dnssec_anchors(r), &s); + + if (s != LDNS_STATUS_OK) { + goto error; + } + if (ldns_rr_list_rr_count(keys) == 0) { /* An insecure island */ + goto insecure; + } + s = ldns_verify(*rrs, rrsigs, keys, NULL); + switch (s) { + case LDNS_STATUS_CRYPTO_BOGUS: goto bogus; + case LDNS_STATUS_OK : goto cleanup; + default : break; + } +insecure: + s = LDNS_STATUS_DANE_INSECURE; +bogus: + if (! insecure_is_ok) { +error: + ldns_rr_list_deep_free(*rrs); + *rrs = ldns_rr_list_new(); + } +cleanup: + if (keys) { + ldns_rr_list_deep_free(keys); + } + if (rrsigs) { + ldns_rr_list_deep_free(rrsigs); + } + ldns_pkt_free(p); + return s; +} + + +ldns_rr_list* +dane_lookup_addresses(ldns_resolver* res, ldns_rdf* dname, + int ai_family) +{ + ldns_status s; + ldns_rr_list *as = NULL; + ldns_rr_list *aaas = NULL; + ldns_rr_list *r = ldns_rr_list_new(); + + if (r == NULL) { + MEMERR("ldns_rr_list_new"); + } + if (ai_family == AF_UNSPEC || ai_family == AF_INET) { + + s = dane_query(&as, res, + dname, LDNS_RR_TYPE_A, LDNS_RR_CLASS_IN, + true); + + if (s == LDNS_STATUS_DANE_INSECURE && + ldns_rr_list_rr_count(as) > 0) { + fprintf(stderr, "Warning! Insecure IPv4 addresses. " + "Continuing with them...\n"); + + } else if (s == LDNS_STATUS_DANE_BOGUS || + LDNS_STATUS_CRYPTO_BOGUS == s) { + fprintf(stderr, "Warning! Bogus IPv4 addresses. " + "Discarding...\n"); + ldns_rr_list_deep_free(as); + as = ldns_rr_list_new(); + + } else if (s != LDNS_STATUS_OK) { + LDNS_ERR(s, "dane_query"); + + } + if (! ldns_rr_list_push_rr_list(r, as)) { + MEMERR("ldns_rr_list_push_rr_list"); + } + } + if (ai_family == AF_UNSPEC || ai_family == AF_INET6) { + + s = dane_query(&aaas, res, + dname, LDNS_RR_TYPE_AAAA, LDNS_RR_CLASS_IN, + true); + + if (s == LDNS_STATUS_DANE_INSECURE && + ldns_rr_list_rr_count(aaas) > 0) { + fprintf(stderr, "Warning! Insecure IPv6 addresses. " + "Continuing with them...\n"); + + } else if (s == LDNS_STATUS_DANE_BOGUS || + LDNS_STATUS_CRYPTO_BOGUS == s) { + fprintf(stderr, "Warning! Bogus IPv4 addresses. " + "Discarding...\n"); + ldns_rr_list_deep_free(aaas); + aaas = ldns_rr_list_new(); + + } else if (s != LDNS_STATUS_OK) { + LDNS_ERR(s, "dane_query"); + + } + if (! ldns_rr_list_push_rr_list(r, aaas)) { + MEMERR("ldns_rr_list_push_rr_list"); + } + } + return r; +} + +ldns_status +dane_read_tlsas_from_file(ldns_rr_list** tlsas, + char* filename, ldns_rdf* origin) +{ + FILE* fp = NULL; + ldns_rr* rr = NULL; + ldns_rdf *my_origin = NULL; + ldns_rdf *my_prev = NULL; + ldns_rdf *origin_lc = NULL; + int line_nr; + ldns_status s = LDNS_STATUS_MEM_ERR; + + assert(tlsas != NULL); + assert(filename != NULL); + + if (strcmp(filename, "-") == 0) { + fp = stdin; + } else { + fp = fopen(filename, "r"); + if (!fp) { + fprintf(stderr, "Unable to open %s: %s\n", + filename, strerror(errno)); + exit(EXIT_FAILURE); + } + } + if (origin) { + my_origin = ldns_rdf_clone(origin); + if (! my_origin) { + goto error; + } + my_prev = ldns_rdf_clone(origin); + if (! my_prev) { + goto error; + } + origin_lc = ldns_rdf_clone(origin); + if (! origin_lc) { + goto error; + } + ldns_dname2canonical(origin_lc); + } + *tlsas = ldns_rr_list_new(); + if (! *tlsas) { + goto error; + } + while (! feof(fp)) { + s = ldns_rr_new_frm_fp_l(&rr, fp, NULL, + &my_origin, &my_prev, &line_nr); + if (s != LDNS_STATUS_OK) { + goto error; + } + if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_TLSA) { + ldns_dname2canonical(ldns_rr_owner(rr)); + if (! origin || ldns_dname_compare(ldns_rr_owner(rr), + origin_lc) == 0) { + if (ldns_rr_list_push_rr(*tlsas, rr)) { + continue; + } else { + s = LDNS_STATUS_MEM_ERR; + goto error; + } + } + } + ldns_rr_free(rr); + } + + ldns_rdf_deep_free(origin_lc); + ldns_rdf_deep_free(my_prev); + ldns_rdf_deep_free(my_origin); + fclose(fp); + + return LDNS_STATUS_OK; + +error: + if (*tlsas) { + ldns_rr_list_deep_free(*tlsas); + *tlsas = NULL; + } + if (origin_lc) { + ldns_rdf_deep_free(origin_lc); + } + if (my_prev) { + ldns_rdf_deep_free(my_prev); + } + if (my_origin) { + ldns_rdf_deep_free(my_origin); + } + if (fp && fp != stdin) { + fclose(fp); + } + return s; +} + +bool +dane_wildcard_label_cmp(uint8_t iw, const char* w, uint8_t il, const char* l) +{ + if (iw == 0) { /* End of match label */ + if (il == 0) { /* And end in the to be matched label */ + return true; + } + return false; + } + do { + if (*w == '*') { + if (iw == 1) { /* '*' is the last match char, + remainder matches wildcard */ + return true; + } + while (il > 0) { /* more to match? */ + + if (w[1] == *l) { /* Char after '*' matches. + * Recursion for backtracking + */ + if (dane_wildcard_label_cmp( + iw - 1, w + 1, + il , l)) { + return true; + } + } + l += 1; + il -= 1; + } + } + /* Skip up till next wildcard (if possible) */ + while (il > 0 && iw > 0 && *w != '*' && *w == *l) { + w += 1; + l += 1; + il -= 1; + iw -= 1; + } + } while (iw > 0 && *w == '*' && /* More to match a next wildcard? */ + (il > 0 || iw == 1)); + + return iw == 0 && il == 0; +} + +bool +dane_label_matches_label(ldns_rdf* w, ldns_rdf* l) +{ + uint8_t iw; + uint8_t il; + + iw = ldns_rdf_data(w)[0]; + il = ldns_rdf_data(l)[0]; + return dane_wildcard_label_cmp( + iw, (const char*)ldns_rdf_data(w) + 1, + il, (const char*)ldns_rdf_data(l) + 1); +} + +bool +dane_name_matches_server_name(const char* name_str, ldns_rdf* server_name) +{ + ldns_rdf* name; + uint8_t nn, ns, i; + ldns_rdf* ln; + ldns_rdf* ls; + + name = ldns_dname_new_frm_str((const char*)name_str); + if (! name) { + LDNS_ERR(LDNS_STATUS_ERR, "ldns_dname_new_frm_str"); + } + nn = ldns_dname_label_count(name); + ns = ldns_dname_label_count(server_name); + if (nn != ns) { + ldns_rdf_free(name); + return false; + } + ldns_dname2canonical(name); + for (i = 0; i < nn; i++) { + ln = ldns_dname_label(name, i); + if (! ln) { + return false; + } + ls = ldns_dname_label(server_name, i); + if (! ls) { + ldns_rdf_free(ln); + return false; + } + if (! dane_label_matches_label(ln, ls)) { + ldns_rdf_free(ln); + ldns_rdf_free(ls); + return false; + } + ldns_rdf_free(ln); + ldns_rdf_free(ls); + } + return true; +} + +bool +dane_X509_any_subject_alt_name_matches_server_name( + X509 *cert, ldns_rdf* server_name) +{ + GENERAL_NAMES* names; + GENERAL_NAME* name; + unsigned char* subject_alt_name_str = NULL; + int i, n; + + names = X509_get_ext_d2i(cert, NID_subject_alt_name, 0, 0 ); + if (! names) { /* No subjectAltName extension */ + return false; + } + n = sk_GENERAL_NAME_num(names); + for (i = 0; i < n; i++) { + name = sk_GENERAL_NAME_value(names, i); + if (name->type == GEN_DNS) { + (void) ASN1_STRING_to_UTF8(&subject_alt_name_str, + name->d.dNSName); + if (subject_alt_name_str) { + if (dane_name_matches_server_name((char*) + subject_alt_name_str, + server_name)) { + OPENSSL_free(subject_alt_name_str); + return true; + } + OPENSSL_free(subject_alt_name_str); + } + } + } + /* sk_GENERAL_NAMES_pop_free(names, sk_GENERAL_NAME_free); */ + return false; +} + +bool +dane_X509_subject_name_matches_server_name(X509 *cert, ldns_rdf* server_name) +{ + X509_NAME* subject_name; + int i; + X509_NAME_ENTRY* entry; + ASN1_STRING* entry_data; + unsigned char* subject_name_str = NULL; + bool r; + + subject_name = X509_get_subject_name(cert); + if (! subject_name ) { + ssl_err("could not X509_get_subject_name"); + } + i = X509_NAME_get_index_by_NID(subject_name, NID_commonName, -1); + entry = X509_NAME_get_entry(subject_name, i); + entry_data = X509_NAME_ENTRY_get_data(entry); + (void) ASN1_STRING_to_UTF8(&subject_name_str, entry_data); + if (subject_name_str) { + r = dane_name_matches_server_name( + (char*)subject_name_str, server_name); + OPENSSL_free(subject_name_str); + return r; + } else { + return false; + } +} + +bool +dane_verify_server_name(X509* cert, ldns_rdf* server_name) +{ + ldns_rdf* server_name_lc; + bool r; + server_name_lc = ldns_rdf_clone(server_name); + if (! server_name_lc) { + LDNS_ERR(LDNS_STATUS_MEM_ERR, "ldns_rdf_clone"); + } + ldns_dname2canonical(server_name_lc); + r = dane_X509_any_subject_alt_name_matches_server_name( + cert, server_name_lc) || + dane_X509_subject_name_matches_server_name( + cert, server_name_lc); + ldns_rdf_free(server_name_lc); + return r; +} + +void +dane_create(ldns_rr_list* tlsas, ldns_rdf* tlsa_owner, + ldns_tlsa_certificate_usage certificate_usage, int offset, + ldns_tlsa_selector selector, + ldns_tlsa_matching_type matching_type, + X509* cert, STACK_OF(X509)* extra_certs, + X509_STORE* validate_store, + bool verify_server_name, ldns_rdf* name) +{ + ldns_status s; + X509* selected_cert; + ldns_rr* tlsa_rr; + + if (verify_server_name && ! dane_verify_server_name(cert, name)) { + fprintf(stderr, "The certificate does not match the " + "server name\n"); + exit(EXIT_FAILURE); + } + + s = ldns_dane_select_certificate(&selected_cert, + cert, extra_certs, validate_store, + certificate_usage, offset); + LDNS_ERR(s, "could not select certificate"); + + s = ldns_dane_create_tlsa_rr(&tlsa_rr, + certificate_usage, selector, matching_type, + selected_cert); + LDNS_ERR(s, "could not create tlsa rr"); + + ldns_rr_set_owner(tlsa_rr, tlsa_owner); + + if (! ldns_rr_list_contains_rr(tlsas, tlsa_rr)) { + if (! ldns_rr_list_push_rr(tlsas, tlsa_rr)) { + MEMERR("ldns_rr_list_push_rr"); + } + } +} + +bool +dane_verify(ldns_rr_list* tlsas, ldns_rdf* address, + X509* cert, STACK_OF(X509)* extra_certs, + X509_STORE* validate_store, + bool verify_server_name, ldns_rdf* name) +{ + ldns_status s; + char* address_str = NULL; + + s = ldns_dane_verify(tlsas, cert, extra_certs, validate_store); + if (address) { + address_str = ldns_rdf2str(address); + fprintf(stdout, "%s", address_str ? address_str : "<address>"); + free(address_str); + } else { + X509_NAME_print_ex_fp(stdout, + X509_get_subject_name(cert), 0, 0); + } + if (s == LDNS_STATUS_OK) { + if (verify_server_name && + ! dane_verify_server_name(cert, name)) { + + fprintf(stdout, " did not dane-validate, because:" + " the certificate name did not match" + " the server name\n"); + return false; + } + fprintf(stdout, " dane-validated successfully\n"); + return true; + } + fprintf(stdout, " did not dane-validate, because: %s\n", + ldns_get_errorstr_by_id(s)); + return false; +} + + +int +main(int argc, char* const* argv) +{ + int c; + enum { UNDETERMINED, VERIFY, CREATE } mode = UNDETERMINED; + + ldns_status s; + size_t i; + + bool print_tlsa_as_type52 = false; + bool assume_dnssec_validity = false; + bool assume_pkix_validity = false; + bool verify_server_name = true; + bool interact = false; + +#if HAVE_DANE_CA_FILE + const char* CAfile = LDNS_DANE_CA_FILE; +#else + const char* CAfile = NULL; +#endif +#if HAVE_DANE_CA_PATH + const char* CApath = LDNS_DANE_CA_PATH; +#else + const char* CApath = NULL; +#endif + char* cert_file = NULL; + X509* cert = NULL; + STACK_OF(X509)* extra_certs = NULL; + + ldns_rr_list* keys = ldns_rr_list_new(); + size_t nkeys = 0; + bool do_sigchase = false; + + ldns_rr_list* addresses = ldns_rr_list_new(); + ldns_rr* address_rr; + ldns_rdf* address; + + int ai_family = AF_UNSPEC; + int transport = LDNS_DANE_TRANSPORT_TCP; + + char* name_str = NULL; /* supress uninitialized warning */ + ldns_rdf* name; + uint16_t port = 0; /* supress uninitialized warning */ + + ldns_resolver* res = NULL; + ldns_rdf* tlsa_owner = NULL; + char* tlsa_owner_str = NULL; + ldns_rr_list* tlsas = NULL; + char* tlsas_file = NULL; + + /* For extracting service port and transport from tla_owner. */ + ldns_rdf* port_rdf = NULL; + char* port_str = NULL; + ldns_rdf* transport_rdf = NULL; + char* transport_str = NULL; + + ldns_rr_list* originals = NULL; /* original tlsas (before + * transform), but also used + * as temporary. + */ + + ldns_tlsa_certificate_usage certificate_usage = 666; + int offset = -1; + ldns_tlsa_selector selector = 666; + ldns_tlsa_matching_type matching_type = 666; + + + X509_STORE *store = NULL; + + SSL_CTX* ctx = NULL; + SSL* ssl = NULL; + + bool success = true; + + if (! keys || ! addresses) { + MEMERR("ldns_rr_list_new"); + } + while((c = getopt(argc, argv, "46a:bc:df:hik:no:p:sSt:uvV:")) != -1) { + switch(c) { + case 'h': + print_usage("ldns-dane"); + break; + case '4': + ai_family = AF_INET; + break; + case '6': + ai_family = AF_INET6; + break; + case 'a': + s = ldns_str2rdf_a(&address, optarg); + if (s == LDNS_STATUS_OK) { + address_rr = ldns_rr_new_frm_type( + LDNS_RR_TYPE_A); + } else { + s = ldns_str2rdf_aaaa(&address, optarg); + if (s == LDNS_STATUS_OK) { + address_rr = ldns_rr_new_frm_type( + LDNS_RR_TYPE_AAAA); + } else { + fprintf(stderr, + "Could not interpret address " + "%s\n", + optarg); + exit(EXIT_FAILURE); + } + } + (void) ldns_rr_a_set_address(address_rr, address); + for (i = 0; i < ldns_rr_list_rr_count(addresses); i++){ + if (ldns_rdf_compare(address, + ldns_rr_a_address( + ldns_rr_list_rr(addresses, i))) == 0) { + break; + } + } + if (i >= ldns_rr_list_rr_count(addresses)) { + if (! ldns_rr_list_push_rr(addresses, + address_rr)) { + MEMERR("ldns_rr_list_push_rr"); + } + } + break; + case 'b': + print_tlsa_as_type52 = true; + /* TODO: do it with output formats... maybe... */ + break; + case 'c': + cert_file = optarg; /* checking in SSL stuff below */ + break; + case 'd': + assume_dnssec_validity = true; + break; + case 'f': + CAfile = optarg; + break; + case 'i': + interact = true; + break; + case 'k': + s = read_key_file(optarg, keys); + if (s == LDNS_STATUS_FILE_ERR) { + fprintf(stderr, "Error opening %s: %s\n", + optarg, strerror(errno)); + } + LDNS_ERR(s, "Could not parse key file"); + if (ldns_rr_list_rr_count(keys) == nkeys) { + fprintf(stderr, "No keys found in file" + " %s\n", optarg); + exit(EXIT_FAILURE); + } + nkeys = ldns_rr_list_rr_count(keys); + break; + case 'n': + verify_server_name = false; + break; + case 'o': + offset = atoi(optarg); /* todo check if all numeric */ + break; + case 'p': + CApath = optarg; + break; + case 's': + assume_pkix_validity = true; + break; + case 'S': + do_sigchase = true; + break; + case 't': + tlsas_file = optarg; + break; + case 'u': + transport = LDNS_DANE_TRANSPORT_UDP; + break; + case 'v': + printf("ldns-dane version %s (ldns version %s)\n", + LDNS_VERSION, ldns_version()); + exit(EXIT_SUCCESS); + break; +/* case 'V': + verbosity = atoi(optarg); + break; + */ + } + } + + /* Filter out given IPv4 addresses when -6 was given, + * and IPv6 addresses when -4 was given. + */ + if (ldns_rr_list_rr_count(addresses) > 0 && + ai_family != AF_UNSPEC) { + originals = addresses; + addresses = rr_list_filter_rr_type(originals, + (ai_family == AF_INET + ? LDNS_RR_TYPE_A : LDNS_RR_TYPE_AAAA)); + ldns_rr_list_free(originals); + if (addresses == NULL) { + MEMERR("rr_list_filter_rr_type"); + } + if (ldns_rr_list_rr_count(addresses) == 0) { + fprintf(stderr, + "No addresses of the specified type remain\n"); + exit(EXIT_FAILURE); + } + } + + if (do_sigchase) { + if (nkeys == 0) { + (void) read_key_file(LDNS_TRUST_ANCHOR_FILE, keys); + nkeys = ldns_rr_list_rr_count(keys); + + if (nkeys == 0) { + fprintf(stderr, "Unable to chase " + "signature without keys.\n"); + exit(EXIT_FAILURE); + } + } + } else { + keys = NULL; + } + + argc -= optind; + argv += optind; + + if (argc == 0) { + + print_usage("ldns-dane"); + } + if (strncasecmp(*argv, "create", strlen(*argv)) == 0) { + + mode = CREATE; + argc--; + argv++; + + } else if (strncasecmp(*argv, "verify", strlen(*argv)) == 0) { + + mode = VERIFY; + argc--; + argv++; + + } else { + fprintf(stderr, "Specify create or verify mode\n"); + exit(EXIT_FAILURE); + } + + if (mode == VERIFY && argc == 0) { + + if (! tlsas_file) { + fprintf(stderr, "ERROR! Nothing given to verify\n"); + exit(EXIT_FAILURE); + } + s = dane_read_tlsas_from_file(&tlsas, tlsas_file, NULL); + LDNS_ERR(s, "could not read tlas from file"); + + /* extract port, transport and hostname from TLSA owner name */ + + if (ldns_rr_list_rr_count(tlsas) == 0) { + + fprintf(stderr, "ERROR! No TLSA records to extract " + "service port, transport and hostname" + "\n"); + exit(EXIT_FAILURE); + } + tlsa_owner = ldns_rr_list_owner(tlsas); + if (ldns_dname_label_count(tlsa_owner) < 2) { + fprintf(stderr, "ERROR! To few labels in TLSA owner\n"); + exit(EXIT_FAILURE); + } + do { + s = LDNS_STATUS_MEM_ERR; + port_rdf = ldns_dname_label(tlsa_owner, 0); + if (! port_rdf) { + break; + } + port_str = ldns_rdf2str(port_rdf); + if (! port_str) { + break; + } + if (*port_str != '_') { + fprintf(stderr, "ERROR! Badly formatted " + "service port label in the " + "TLSA owner name\n"); + exit(EXIT_FAILURE); + } + if (port_str[strlen(port_str) - 1] == '.') { + port_str[strlen(port_str) - 1] = '\000'; + } + port = (uint16_t) dane_int_within_range( + port_str + 1, 65535, "port"); + s = LDNS_STATUS_OK; + } while (false); + LDNS_ERR(s, "could not extract service port from TLSA owner"); + + do { + s = LDNS_STATUS_MEM_ERR; + transport_rdf = ldns_dname_label(tlsa_owner, 1); + if (! transport_rdf) { + break; + } + transport_str = ldns_rdf2str(transport_rdf); + if (! transport_str) { + break; + } + if (transport_str[strlen(transport_str) - 1] == '.') { + transport_str[strlen(transport_str) - 1] = + '\000'; + } + if (strcmp(transport_str, "_tcp") == 0) { + + transport = LDNS_DANE_TRANSPORT_TCP; + + } else if (strcmp(transport_str, "_udp") == 0) { + + transport = LDNS_DANE_TRANSPORT_UDP; + + } else if (strcmp(transport_str, "_sctp") == 0) { + + transport = LDNS_DANE_TRANSPORT_SCTP; + + } else { + fprintf(stderr, "ERROR! Badly formatted " + "transport label in the " + "TLSA owner name\n"); + exit(EXIT_FAILURE); + } + s = LDNS_STATUS_OK; + break; + } while(false); + LDNS_ERR(s, "could not extract transport from TLSA owner"); + + tlsa_owner_str = ldns_rdf2str(tlsa_owner); + if (! tlsa_owner_str) { + MEMERR("ldns_rdf2str"); + } + name = ldns_dname_clone_from(tlsa_owner, 2); + if (! name) { + MEMERR("ldns_dname_clone_from"); + } + name_str = ldns_rdf2str(name); + if (! name_str) { + MEMERR("ldns_rdf2str"); + } + + + } else if (argc < 2) { + + print_usage("ldns-dane"); + + } else { + name_str = *argv++; argc--; + s = ldns_str2rdf_dname(&name, name_str); + LDNS_ERR(s, "could not ldns_str2rdf_dname"); + + port = (uint16_t)dane_int_within_range(*argv++, 65535, "port"); + --argc; + + s = ldns_dane_create_tlsa_owner(&tlsa_owner, + name, port, transport); + LDNS_ERR(s, "could not create TLSA owner name"); + tlsa_owner_str = ldns_rdf2str(tlsa_owner); + if (! tlsa_owner_str) { + MEMERR("ldns_rdf2str"); + } + } + + switch (mode) { + case VERIFY: + if (argc > 0) { + + print_usage("ldns-dane"); + } + if (tlsas_file) { + + s = dane_read_tlsas_from_file(&tlsas, tlsas_file, + tlsa_owner); + LDNS_ERR(s, "could not read tlas from file"); + } else { + /* lookup tlsas */ + s = dane_setup_resolver(&res, keys, + assume_dnssec_validity); + LDNS_ERR(s, "could not dane_setup_resolver"); + s = dane_query(&tlsas, res, tlsa_owner, + LDNS_RR_TYPE_TLSA, LDNS_RR_CLASS_IN, + false); + ldns_resolver_free(res); + } + + if (s == LDNS_STATUS_DANE_INSECURE) { + + fprintf(stderr, "Warning! TLSA records for %s " + "were found, but were insecure.\n" + "PKIX validation without DANE will be " + "performed. If you wish to perform DANE\n" + "even though the RR's are insecure, " + "se the -d option.\n", tlsa_owner_str); + + } else if (s != LDNS_STATUS_OK) { + + ldns_err("dane_query", s); + + } else if (ldns_rr_list_rr_count(tlsas) == 0) { + + fprintf(stderr, "Warning! No TLSA records for %s " + "were found.\n" + "PKIX validation without DANE will be " + "performed.\n", ldns_rdf2str(tlsa_owner)); + + } else if (assume_pkix_validity) { /* number of tlsa's > 0 */ + + /* transform type "CA constraint" to "Trust anchor + * assertion" and "Service Certificate Constraint" + * to "Domain Issues Certificate" + */ + originals = tlsas; + tlsas = dane_no_pkix_transform(originals); + } + + break; + + case CREATE: + if (argc > 0) { + certificate_usage = dane_int_within_range_table( + *argv++, 3, "certificate usage", + dane_certificate_usage_table); + argc--; + } else { + certificate_usage = + LDNS_TLSA_USAGE_DOMAIN_ISSUED_CERTIFICATE; + } + if (argc > 0) { + selector = dane_int_within_range_table( + *argv++, 1, "selector", + dane_selector_table); + argc--; + } else { + selector = LDNS_TLSA_SELECTOR_FULL_CERTIFICATE; + } + if (argc > 0) { + if (*argv && /* strlen(argv) > 0 */ + (strncasecmp(*argv, "no-hash-used", + strlen(*argv)) == 0 || + strncasecmp(*argv, "no hash used", + strlen(*argv)) == 0 )) { + matching_type = + LDNS_TLSA_MATCHING_TYPE_NO_HASH_USED; + + } else if (strcasecmp(*argv, "sha256") == 0 || + strcasecmp(*argv, "sha-256") == 0) { + + matching_type = LDNS_TLSA_MATCHING_TYPE_SHA256; + + } else if (strcasecmp(*argv, "sha512") == 0 || + strcasecmp(*argv, "sha-512") == 0) { + + matching_type = LDNS_TLSA_MATCHING_TYPE_SHA512; + + } else { + matching_type = dane_int_within_range( + *argv, 2, "matching type"); + } + argv++; + argc--; + } else { + matching_type = LDNS_TLSA_MATCHING_TYPE_SHA256; + } + if (argc > 0) { + + print_usage("ldns-dane"); + } + if ((certificate_usage == LDNS_TLSA_USAGE_CA_CONSTRAINT || + certificate_usage == + LDNS_TLSA_USAGE_SERVICE_CERTIFICATE_CONSTRAINT) && + ! CAfile && ! CApath && ! assume_pkix_validity) { + + fprintf(stderr, + "When using the \"CA constraint\" or " + "\"Service certificate constraint\",\n" + "-f <CAfile> and/or -p <CApath> options " + "must be given to perform PKIX validation.\n\n" + "PKIX validation may be turned off " + "with the -s option. Note that with\n" + "\"CA constraint\" the verification process " + "should then end with a self-signed\n" + "certificate which must be present " + "in the server certificate chain.\n\n"); + + exit(EXIT_FAILURE); + } + tlsas = ldns_rr_list_new(); + break; + default: + fprintf(stderr, "Unreachable code\n"); + assert(0); + } + + /* ssl inititalize */ + SSL_load_error_strings(); + SSL_library_init(); + + /* ssl load validation store */ + if (! assume_pkix_validity || CAfile || CApath) { + store = X509_STORE_new(); + if (! store) { + ssl_err("could not X509_STORE_new"); + } + if ((CAfile || CApath) && X509_STORE_load_locations( + store, CAfile, CApath) != 1) { + ssl_err("error loading CA certificates"); + } + } + + ctx = SSL_CTX_new(SSLv23_client_method()); + if (! ctx) { + ssl_err("could not SSL_CTX_new"); + } + if (cert_file && + SSL_CTX_use_certificate_chain_file(ctx, cert_file) != 1) { + ssl_err("error loading certificate"); + } + ssl = SSL_new(ctx); + if (! ssl) { + ssl_err("could not SSL_new"); + } + + if (cert_file) { /* ssl load certificate */ + + cert = SSL_get_certificate(ssl); + if (! cert) { + ssl_err("could not SSL_get_certificate"); + } +#ifndef S_SPLINT_S + extra_certs = ctx->extra_certs; +#endif + + switch (mode) { + case CREATE: dane_create(tlsas, tlsa_owner, certificate_usage, + offset, selector, matching_type, + cert, extra_certs, store, + verify_server_name, name); + break; + case VERIFY: if (! dane_verify(tlsas, NULL, + cert, extra_certs, store, + verify_server_name, name)) { + success = false; + } + break; + default: break; /* suppress warning */ + } + + } else {/* No certificate file given, creation/validation via TLS. */ + + /* We need addresses to connect to */ + if (ldns_rr_list_rr_count(addresses) == 0) { + s = dane_setup_resolver(&res, keys, + assume_dnssec_validity); + LDNS_ERR(s, "could not dane_setup_resolver"); + ldns_rr_list_free(addresses); + addresses =dane_lookup_addresses(res, name, ai_family); + ldns_resolver_free(res); + } + if (ldns_rr_list_rr_count(addresses) == 0) { + fprintf(stderr, "No addresses for %s\n", name_str); + exit(EXIT_FAILURE); + } + + /* for all addresses, setup SSL and retrieve certificates */ + for (i = 0; i < ldns_rr_list_rr_count(addresses); i++) { + + address = ldns_rr_a_address( + ldns_rr_list_rr(addresses, i)); + assert(address != NULL); + + s = ssl_connect_and_get_cert_chain(&cert, &extra_certs, + ssl, address, port, transport); + if (s == LDNS_STATUS_NETWORK_ERR) { + fprintf(stderr, "Could not connect to "); + ldns_rdf_print(stderr, address); + fprintf(stderr, " %d\n", (int) port); + + /* All addresses should succeed */ + success = false; + continue; + } + LDNS_ERR(s, "could not get cert chain from ssl"); + switch (mode) { + + case CREATE: dane_create(tlsas, tlsa_owner, + certificate_usage, offset, + selector, matching_type, + cert, extra_certs, store, + verify_server_name, name); + break; + + case VERIFY: if (! dane_verify(tlsas, address, + cert, extra_certs, store, + verify_server_name, name)) { + success = false; + + } else if (interact) { + ssl_interact(ssl); + } + break; + default: break; /* suppress warning */ + } + ssl_shutdown(ssl); + } /* end for all addresses */ + } /* end No certification file */ + + if (mode == CREATE) { + if (print_tlsa_as_type52) { + print_rr_list_as_TYPEXXX(stdout, tlsas); + } else { + ldns_rr_list_print(stdout, tlsas); + } + } + ldns_rr_list_deep_free(tlsas); + + /* cleanup */ + SSL_free(ssl); + SSL_CTX_free(ctx); + + if (store) { + X509_STORE_free(store); + } + if (tlsa_owner_str) { + LDNS_FREE(tlsa_owner_str); + } + if (tlsa_owner) { + ldns_rdf_free(tlsa_owner); + } + if (addresses) { + ldns_rr_list_deep_free(addresses); + } + if (success) { + exit(EXIT_SUCCESS); + } else { + exit(EXIT_FAILURE); + } +} +#else + +int +main(int argc, char **argv) +{ + fprintf(stderr, "ldns-dane needs OpenSSL support, " + "which has not been compiled in\n"); + return 1; +} +#endif /* HAVE_SSL */ diff --git a/examples/ldns-gen-zone.c b/examples/ldns-gen-zone.c index cf5e5fd8d7a5..c19d0f6dc05f 100644 --- a/examples/ldns-gen-zone.c +++ b/examples/ldns-gen-zone.c @@ -133,7 +133,7 @@ main(int argc, char **argv) { break; case 'p': dsperc = atoi(optarg); - if (dsperc <= 0 || dsperc > 100) { + if (dsperc < 0 || dsperc > 100) { fprintf(stderr, "error: percentage of signed delegations must be between [0-100].\n"); exit(EXIT_FAILURE); } diff --git a/examples/ldns-keyfetcher.c b/examples/ldns-keyfetcher.c index 267822f8868f..fa78b432b39f 100644 --- a/examples/ldns-keyfetcher.c +++ b/examples/ldns-keyfetcher.c @@ -649,13 +649,26 @@ main(int argc, char *argv[]) fprintf(stderr, "Warning: Unable to create stub resolver from /etc/resolv.conf:\n"); fprintf(stderr, "%s\n", ldns_get_errorstr_by_id(status)); fprintf(stderr, "defaulting to nameserver at 127.0.0.1 for separate nameserver name lookups\n"); - res = ldns_resolver_new(); - ns = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_A, "127.0.0.1"); - status = ldns_resolver_push_nameserver(res, ns); - if (status != LDNS_STATUS_OK) { - fprintf(stderr, "Unable to create stub resolver: %s\n", ldns_get_errorstr_by_id(status)); + do { + res = ldns_resolver_new(); + if (res) { + ns = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_A, + "127.0.0.1"); + if (ns) { + status = ldns_resolver_push_nameserver( + res, ns); + if (status == LDNS_STATUS_OK) { + break; + } + ldns_rdf_deep_free(ns); + } + ldns_resolver_free(res); + } + fprintf(stderr, "Unable to create stub resolver: %s\n", + ldns_get_errorstr_by_id(status)); exit(EXIT_FAILURE); - } + + } while (false); ldns_rdf_deep_free(ns); } diff --git a/examples/ldns-keygen.1 b/examples/ldns-keygen.1 index 36124d52a47b..734ad6d16360 100644 --- a/examples/ldns-keygen.1 +++ b/examples/ldns-keygen.1 @@ -14,7 +14,13 @@ will create 3 files; a .key file with the public DNSKEY, a .private file with the private keydata and a .ds with the DS record of the DNSKEY record. -It prints out the basename for these files: K<name>+<alg>+<id> +\fBldns-keygen\fR can also be used to create symmetric keys (for TSIG) by +selecting the appropriate algorithm: \%\fIhmac-md5.sig-alg.reg.int\fR, +\%\fIhmac-sha1\fR or \%\fIhmac-sha256\fR. +In that case no DS record will be created and no .ds file. + +\fBldns-keygen\fR prints the basename for the key files: +K<name>+<alg>+<id> .SH OPTIONS .TP diff --git a/examples/ldns-notify.c b/examples/ldns-notify.c index 018a716faad4..50da6e606af8 100644 --- a/examples/ldns-notify.c +++ b/examples/ldns-notify.c @@ -204,6 +204,11 @@ main(int argc, char **argv) tsig_cred.algorithm = (char*)"hmac-md5.sig-alg.reg.int."; tsig_cred.keyname = optarg; tsig_cred.keydata = strchr(optarg, ':'); + if (tsig_cred.keydata == NULL) { + printf("TSIG argument is not in form " + "key:data: %s\n", optarg); + exit(1); + } *tsig_cred.keydata = '\0'; tsig_cred.keydata++; printf("Sign with %s : %s\n", tsig_cred.keyname, @@ -250,7 +255,7 @@ main(int argc, char **argv) ldns_pkt_set_opcode(notify, LDNS_PACKET_NOTIFY); ldns_pkt_push_rr(notify, LDNS_SECTION_QUESTION, question); ldns_pkt_set_aa(notify, true); - ldns_pkt_set_id(notify, random()&0xffff); + ldns_pkt_set_random_id(notify); if(include_soa) { char buf[10240]; ldns_rr *soa_rr=NULL; diff --git a/examples/ldns-read-zone.1 b/examples/ldns-read-zone.1 index 81f238d601c5..7d4fd7d94941 100644 --- a/examples/ldns-read-zone.1 +++ b/examples/ldns-read-zone.1 @@ -22,6 +22,12 @@ that is not of type NSEC, NSEC3, RRSIG or DNSKEY. DS records are not printed. .TP +\fB-0\fR +Print a (null) for the RRSIG inception, expiry and key data. This option +can be used when comparing different signing systems that use the same +DNSKEYs for signing but would have a slightly different timings/jitter. + +.TP \fB-h\fR Show usage and exit @@ -30,6 +36,11 @@ Show usage and exit Do not print the SOA record .TP +\fB-p\fR +Pad the SOA serial number with spaces so the number and the spaces together +take ten characters. This is useful for in file serial number increments. + +.TP \fB-s\fR Strip DNSSEC data from the zone. This option skips every record that is of type NSEC, NSEC3, RRSIG or DNSKEY. DS records are still diff --git a/examples/ldns-read-zone.c b/examples/ldns-read-zone.c index ac32bac7f73d..efe187e6a223 100644 --- a/examples/ldns-read-zone.c +++ b/examples/ldns-read-zone.c @@ -33,14 +33,23 @@ main(int argc, char **argv) ldns_rr_list *stripped_list; ldns_rr *cur_rr; ldns_rr_type cur_rr_type; - const ldns_output_format *fmt = NULL; + ldns_output_format fmt = { + ldns_output_format_default->flags, + ldns_output_format_default->data + }; ldns_soa_serial_increment_func_t soa_serial_increment_func = NULL; int soa_serial_increment_func_data = 0; - while ((c = getopt(argc, argv, "bcdhnsvzS:")) != -1) { + while ((c = getopt(argc, argv, "0bcdhnpsvzS:")) != -1) { switch(c) { case 'b': - fmt = ldns_output_format_bubblebabble; + fmt.flags |= + ( LDNS_COMMENT_BUBBLEBABBLE | + LDNS_COMMENT_FLAGS ); + break; + case '0': + fmt.flags |= LDNS_FMT_ZEROIZE_RRSIGS; + break; case 'c': canonicalize = true; break; @@ -51,14 +60,17 @@ main(int argc, char **argv) } break; case 'h': - printf("Usage: %s [-c] [-v] [-z] <zonefile>\n", argv[0]); + printf("Usage: %s [OPTIONS] <zonefile>\n", argv[0]); printf("\tReads the zonefile and prints it.\n"); printf("\tThe RR count of the zone is printed to stderr.\n"); printf("\t-b include bubblebabble of DS's.\n"); + printf("\t-0 zeroize timestamps and signature in RRSIG records.\n"); printf("\t-c canonicalize all rrs in the zone.\n"); printf("\t-d only show DNSSEC data from the zone\n"); printf("\t-h show this text\n"); printf("\t-n do not print the SOA record\n"); + printf("\t-p prepend SOA serial with spaces so" + " it takes exactly ten characters.\n"); printf("\t-s strip DNSSEC data from the zone\n"); printf("\t-S [[+|-]<number> | YYYYMMDDxx | " " unixtime ]\n" @@ -80,6 +92,9 @@ main(int argc, char **argv) case 'n': print_soa = false; break; + case 'p': + fmt.flags |= LDNS_FMT_PAD_SOA_SERIAL; + break; case 's': strip = true; if (only_dnssec) { @@ -141,6 +156,15 @@ main(int argc, char **argv) s = ldns_zone_new_frm_fp_l(&z, fp, NULL, 0, LDNS_RR_CLASS_IN, &line_nr); + fclose(fp); + if (s != LDNS_STATUS_OK) { + fprintf(stderr, "%s at %d\n", + ldns_get_errorstr_by_id(s), + line_nr); + exit(EXIT_FAILURE); + } + + if (strip) { stripped_list = ldns_rr_list_new(); while ((cur_rr = ldns_rr_list_pop_rr(ldns_zone_rrs(z)))) { @@ -176,37 +200,29 @@ main(int argc, char **argv) ldns_zone_set_rrs(z, stripped_list); } - if (s == LDNS_STATUS_OK) { - if (canonicalize) { - ldns_rr2canonical(ldns_zone_soa(z)); - for (i = 0; i < ldns_rr_list_rr_count(ldns_zone_rrs(z)); i++) { - ldns_rr2canonical(ldns_rr_list_rr(ldns_zone_rrs(z), i)); - } - } - if (sort) { - ldns_zone_sort(z); + if (canonicalize) { + ldns_rr2canonical(ldns_zone_soa(z)); + for (i = 0; i < ldns_rr_list_rr_count(ldns_zone_rrs(z)); i++) { + ldns_rr2canonical(ldns_rr_list_rr(ldns_zone_rrs(z), i)); } + } + if (sort) { + ldns_zone_sort(z); + } - if (print_soa && ldns_zone_soa(z)) { - if (soa_serial_increment_func) { - ldns_rr_soa_increment_func_int( - ldns_zone_soa(z) - , soa_serial_increment_func - , soa_serial_increment_func_data - ); - } - ldns_rr_print_fmt(stdout, fmt, ldns_zone_soa(z)); + if (print_soa && ldns_zone_soa(z)) { + if (soa_serial_increment_func) { + ldns_rr_soa_increment_func_int( + ldns_zone_soa(z) + , soa_serial_increment_func + , soa_serial_increment_func_data + ); } - ldns_rr_list_print_fmt(stdout, fmt, ldns_zone_rrs(z)); - - ldns_zone_deep_free(z); - } else { - fprintf(stderr, "%s at %d\n", - ldns_get_errorstr_by_id(s), - line_nr); - exit(EXIT_FAILURE); + ldns_rr_print_fmt(stdout, &fmt, ldns_zone_soa(z)); } - fclose(fp); + ldns_rr_list_print_fmt(stdout, &fmt, ldns_zone_rrs(z)); + + ldns_zone_deep_free(z); exit(EXIT_SUCCESS); } diff --git a/examples/ldns-signzone.c b/examples/ldns-signzone.c index 34839b053dcf..25ece3a651e9 100644 --- a/examples/ldns-signzone.c +++ b/examples/ldns-signzone.c @@ -411,14 +411,16 @@ main(int argc, char *argv[]) tm.tm_year -= 1900; tm.tm_mon--; check_tm(tm); - expiration = (uint32_t) mktime_from_utc(&tm); + expiration = + (uint32_t) ldns_mktime_from_utc(&tm); } else if (strlen(optarg) == 14 && sscanf(optarg, "%4d%2d%2d%2d%2d%2d", &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec) ) { tm.tm_year -= 1900; tm.tm_mon--; check_tm(tm); - expiration = (uint32_t) mktime_from_utc(&tm); + expiration = + (uint32_t) ldns_mktime_from_utc(&tm); } else { expiration = (uint32_t) atol(optarg); } @@ -436,14 +438,16 @@ main(int argc, char *argv[]) tm.tm_year -= 1900; tm.tm_mon--; check_tm(tm); - inception = (uint32_t) mktime_from_utc(&tm); + inception = + (uint32_t) ldns_mktime_from_utc(&tm); } else if (strlen(optarg) == 14 && sscanf(optarg, "%4d%2d%2d%2d%2d%2d", &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec) ) { tm.tm_year -= 1900; tm.tm_mon--; check_tm(tm); - inception = (uint32_t) mktime_from_utc(&tm); + inception = + (uint32_t) ldns_mktime_from_utc(&tm); } else { inception = (uint32_t) atol(optarg); } @@ -509,13 +513,6 @@ main(int argc, char *argv[]) printf("Engine key id: %s, algo %d\n", eng_key_id, eng_key_algo); - if (expiration != 0) { - ldns_key_set_expiration(key, expiration); - } - if (inception != 0) { - ldns_key_set_inception(key, inception); - } - s = ldns_key_new_frm_engine(&key, engine, eng_key_id, eng_key_algo); if (s == LDNS_STATUS_OK) { /* must be dnssec key */ @@ -540,6 +537,14 @@ main(int argc, char *argv[]) fprintf(stderr, "Warning, key not suitable for signing, ignoring key with algorithm %u\n", ldns_key_algorithm(key)); break; } + if (expiration != 0) { + ldns_key_set_expiration(key, + expiration); + } + if (inception != 0) { + ldns_key_set_inception(key, + inception); + } } else { printf("Error reading key '%s' from engine: %s\n", eng_key_id, ldns_get_errorstr_by_id(s)); #ifdef HAVE_SSL @@ -674,10 +679,6 @@ main(int argc, char *argv[]) } } - if (!origin) { - origin = ldns_rr_owner(orig_soa); - } - /* read the ZSKs */ argi = 1; while (argi < argc) { diff --git a/examples/ldns-test-edns.c b/examples/ldns-test-edns.c index d9d708c7f31c..b4292a0fa5d3 100644 --- a/examples/ldns-test-edns.c +++ b/examples/ldns-test-edns.c @@ -15,6 +15,18 @@ /** print error details */ static int verb = 1; +struct sockaddr_in6* cast_sockaddr_storage2sockaddr_in6( + struct sockaddr_storage* s) +{ + return (struct sockaddr_in6*)s; +} + +struct sockaddr_in* cast_sockaddr_storage2sockaddr_in( + struct sockaddr_storage* s) +{ + return (struct sockaddr_in*)s; +} + /** parse IP address */ static int convert_addr(char* str, int p, struct sockaddr_storage* addr, socklen_t* len) @@ -22,8 +34,10 @@ convert_addr(char* str, int p, struct sockaddr_storage* addr, socklen_t* len) #ifdef AF_INET6 if(strchr(str, ':')) { *len = (socklen_t)sizeof(struct sockaddr_in6); - ((struct sockaddr_in6*)addr)->sin6_family = AF_INET6; - ((struct sockaddr_in6*)addr)->sin6_port = htons((uint16_t)p); + cast_sockaddr_storage2sockaddr_in6(addr)->sin6_family = + AF_INET6; + cast_sockaddr_storage2sockaddr_in6(addr)->sin6_port = + htons((uint16_t)p); if(inet_pton(AF_INET6, str, &((struct sockaddr_in6*)addr)->sin6_addr) == 1) return 1; @@ -31,9 +45,11 @@ convert_addr(char* str, int p, struct sockaddr_storage* addr, socklen_t* len) #endif *len = (socklen_t)sizeof(struct sockaddr_in); #ifndef S_SPLINT_S - ((struct sockaddr_in*)addr)->sin_family = AF_INET; + cast_sockaddr_storage2sockaddr_in(addr)->sin_family = + AF_INET; #endif - ((struct sockaddr_in*)addr)->sin_port = htons((uint16_t)p); + cast_sockaddr_storage2sockaddr_in(addr)->sin_port = + htons((uint16_t)p); if(inet_pton(AF_INET, str, &((struct sockaddr_in*)addr)->sin_addr) == 1) return 1; diff --git a/examples/ldns-testns.c b/examples/ldns-testns.c index eb007107eb21..86219d605c55 100644 --- a/examples/ldns-testns.c +++ b/examples/ldns-testns.c @@ -492,7 +492,7 @@ main(int argc, char **argv) datafile = argv[0]; log_msg("Reading datafile %s\n", datafile); - entries = read_datafile(datafile); + entries = read_datafile(datafile, 0); #ifdef USE_WINSOCK if(WSAStartup(MAKEWORD(2,2), &wsa_data) != 0) diff --git a/examples/ldns-testpkts.c b/examples/ldns-testpkts.c index d8139511ab5c..be94eb2fe438 100644 --- a/examples/ldns-testpkts.c +++ b/examples/ldns-testpkts.c @@ -323,7 +323,7 @@ data_buffer2wire(ldns_buffer *data_buffer) uint8_t *hexbuf; int hexbufpos = 0; size_t wirelen; - uint8_t *data_wire = (uint8_t *) ldns_buffer_export(data_buffer); + uint8_t *data_wire = (uint8_t *) ldns_buffer_begin(data_buffer); uint8_t *wire = LDNS_XMALLOC(uint8_t, LDNS_MAX_PACKETLEN); hexbuf = LDNS_XMALLOC(uint8_t, LDNS_MAX_PACKETLEN); @@ -340,6 +340,12 @@ data_buffer2wire(ldns_buffer *data_buffer) (c >= 'a' && c <= 'f') || (c >= 'A' && c <= 'F') ) { + if (hexbufpos >= LDNS_MAX_PACKETLEN) { + error("buffer overflow"); + LDNS_FREE(hexbuf); + return 0; + + } hexbuf[hexbufpos] = (uint8_t) c; hexbufpos++; } else if (c == ';') { @@ -354,14 +360,14 @@ data_buffer2wire(ldns_buffer *data_buffer) } break; case 2: + if (hexbufpos >= LDNS_MAX_PACKETLEN) { + error("buffer overflow"); + LDNS_FREE(hexbuf); + return 0; + } hexbuf[hexbufpos] = (uint8_t) c; hexbufpos++; break; - default: - error("unknown state while reading"); - LDNS_FREE(hexbuf); - return 0; - break; } } @@ -371,6 +377,11 @@ data_buffer2wire(ldns_buffer *data_buffer) /* lenient mode: length must be multiple of 2 */ if (hexbufpos % 2 != 0) { + if (hexbufpos >= LDNS_MAX_PACKETLEN) { + error("buffer overflow"); + LDNS_FREE(hexbuf); + return 0; + } hexbuf[hexbufpos] = (uint8_t) '0'; hexbufpos++; } @@ -415,7 +426,7 @@ get_origin(const char* name, int lineno, ldns_rdf** origin, char* parse) /* Reads one entry from file. Returns entry or NULL on error. */ struct entry* read_entry(FILE* in, const char* name, int *lineno, uint32_t* default_ttl, - ldns_rdf** origin, ldns_rdf** prev_rr) + ldns_rdf** origin, ldns_rdf** prev_rr, int skip_whitespace) { struct entry* current = NULL; char line[MAX_LINE]; @@ -485,7 +496,10 @@ read_entry(FILE* in, const char* name, int *lineno, uint32_t* default_ttl, reading_hex = false; cur_reply->reply_from_hex = data_buffer2wire(hex_data_buffer); ldns_buffer_free(hex_data_buffer); + hex_data_buffer = NULL; } else if(str_keyword(&parse, "ENTRY_END")) { + if (hex_data_buffer) + ldns_buffer_free(hex_data_buffer); return current; } else if(reading_hex) { ldns_buffer_printf(hex_data_buffer, line); @@ -493,14 +507,17 @@ read_entry(FILE* in, const char* name, int *lineno, uint32_t* default_ttl, /* it must be a RR, parse and add to packet. */ ldns_rr* n = NULL; ldns_status status; + char* rrstr = line; + if (skip_whitespace) + rrstr = parse; if(add_section == LDNS_SECTION_QUESTION) status = ldns_rr_new_question_frm_str( - &n, parse, *origin, prev_rr); - else status = ldns_rr_new_frm_str(&n, parse, + &n, rrstr, *origin, prev_rr); + else status = ldns_rr_new_frm_str(&n, rrstr, *default_ttl, *origin, prev_rr); if(status != LDNS_STATUS_OK) error("%s line %d:\n\t%s: %s", name, *lineno, - ldns_get_errorstr_by_id(status), parse); + ldns_get_errorstr_by_id(status), rrstr); ldns_pkt_push_rr(cur_reply->reply, add_section, n); } @@ -518,7 +535,7 @@ read_entry(FILE* in, const char* name, int *lineno, uint32_t* default_ttl, /* reads the canned reply file and returns a list of structs */ struct entry* -read_datafile(const char* name) +read_datafile(const char* name, int skip_whitespace) { struct entry* list = NULL; struct entry* last = NULL; @@ -535,7 +552,7 @@ read_datafile(const char* name) } while((current = read_entry(in, name, &lineno, &default_ttl, - &origin, &prev_rr))) + &origin, &prev_rr, skip_whitespace))) { if(last) last->next = current; @@ -815,7 +832,7 @@ handle_query(uint8_t* inbuf, ssize_t inlen, struct entry* entries, int* count, /* still try to adjust ID */ answer_size = ldns_buffer_capacity(p->reply_from_hex); outbuf = LDNS_XMALLOC(uint8_t, answer_size); - memcpy(outbuf, ldns_buffer_export(p->reply_from_hex), answer_size); + memcpy(outbuf, ldns_buffer_begin(p->reply_from_hex), answer_size); if(entry->copy_id) { ldns_write_uint16(outbuf, ldns_pkt_id(query_pkt)); diff --git a/examples/ldns-testpkts.h b/examples/ldns-testpkts.h index 59e428952759..4941525250f2 100644 --- a/examples/ldns-testpkts.h +++ b/examples/ldns-testpkts.h @@ -197,8 +197,9 @@ struct entry { /** * reads the canned reply file and returns a list of structs * does an exit on error. + * @param skip_withespace: skip leftside whitespace. */ -struct entry* read_datafile(const char* name); +struct entry* read_datafile(const char* name, int skip_whitespace); /** * Delete linked list of entries. @@ -217,10 +218,12 @@ void delete_entry(struct entry* list); * later it stores the $ORIGIN value last seen. Often &NULL or the zone * name on first call. * @param prev_rr: previous rr name for correcter parsing. &NULL on first call. + * @param skip_whitespace: skip leftside whitespace. * @return: The entry read (malloced) or NULL if no entry could be read. */ struct entry* read_entry(FILE* in, const char* name, int *lineno, - uint32_t* default_ttl, ldns_rdf** origin, ldns_rdf** prev_rr); + uint32_t* default_ttl, ldns_rdf** origin, ldns_rdf** prev_rr, + int skip_whitespace); /** * finds entry in list, or returns NULL. diff --git a/examples/ldns-update.c b/examples/ldns-update.c index e3047dceb128..dca4cbe7a5ca 100644 --- a/examples/ldns-update.c +++ b/examples/ldns-update.c @@ -19,7 +19,7 @@ ldns_update_resolver_new(const char *fqdn, const char *zone, ldns_resolver *r1, *r2; ldns_pkt *query = NULL, *resp; ldns_rr_list *nslist, *iplist; - ldns_rdf *soa_zone, *soa_mname, *ns_name; + ldns_rdf *soa_zone, *soa_mname = NULL, *ns_name; size_t i; ldns_status s; @@ -96,6 +96,7 @@ ldns_update_resolver_new(const char *fqdn, const char *zone, /* Match */ iplist = ldns_get_rr_list_addr_by_name(r1, ns_name, class, 0); (void) ldns_resolver_push_nameserver_rr_list(r2, iplist); + ldns_rr_list_deep_free(iplist); break; } } @@ -109,12 +110,15 @@ ldns_update_resolver_new(const char *fqdn, const char *zone, /* No match, add it now. */ iplist = ldns_get_rr_list_addr_by_name(r1, ns_name, class, 0); (void) ldns_resolver_push_nameserver_rr_list(r2, iplist); + ldns_rr_list_deep_free(iplist); } } ldns_resolver_set_random(r2, false); ldns_pkt_free(resp); ldns_resolver_deep_free(r1); + if (soa_mname) + ldns_rdf_deep_free(soa_mname); return r2; bad: @@ -126,6 +130,8 @@ ldns_update_resolver_new(const char *fqdn, const char *zone, ldns_pkt_free(query); if (resp) ldns_pkt_free(resp); + if (soa_mname) + ldns_rdf_deep_free(soa_mname); return NULL; } @@ -138,7 +144,7 @@ ldns_update_send_simple_addr(const char *fqdn, const char *zone, ldns_pkt *u_pkt = NULL, *r_pkt; ldns_rr_list *up_rrlist; ldns_rr *up_rr; - ldns_rdf *zone_rdf; + ldns_rdf *zone_rdf = NULL; char *rrstr; uint32_t rrstrlen, status = LDNS_STATUS_OK; @@ -231,6 +237,8 @@ ldns_update_send_simple_addr(const char *fqdn, const char *zone, ldns_resolver_deep_free(res); if (u_pkt) ldns_pkt_free(u_pkt); + if (zone_rdf) + ldns_rdf_deep_free(zone_rdf); return LDNS_STATUS_ERR; } @@ -302,8 +310,10 @@ main(int argc, char **argv) printf(";; trying UPDATE with FQDN \"%s\" and IP \"%s\"\n", fqdn, ipaddr ? ipaddr : "<none>"); - printf(";; tsig: \"%s\" \"%s\" \"%s\"\n", tsig_cr.keyname, - tsig_cr.algorithm, tsig_cr.keydata); + if (argc == 6 || argc == 7) { + printf(";; tsig: \"%s\" \"%s\" \"%s\"\n", tsig_cr.keyname, + tsig_cr.algorithm, tsig_cr.keydata); + } ret = ldns_update_send_simple_addr(fqdn, zone, ipaddr, port, defttl, tsig_cred); exit(ret); diff --git a/examples/ldns-verify-zone.1 b/examples/ldns-verify-zone.1.in index a4cb767d2799..e03b7003eb79 100644 --- a/examples/ldns-verify-zone.1 +++ b/examples/ldns-verify-zone.1.in @@ -37,6 +37,9 @@ Default signatures should just be valid now. A file that contains a trusted DNSKEY or DS rr. This option may be given more than once. +Alternatively, if \fB-k\fR is not specified, and a default trust anchor +(@LDNS_TRUST_ANCHOR_FILE@) exists and contains a valid DNSKEY or DS record, +it will be used as the trust anchor. .TP \fB-p\fR \fI[0-100]\fR Only check this percentage of the zone. @@ -77,6 +80,16 @@ P[n]Y[n]M[n]DT[n]H[n]M[n]S .LP If no file is given standard input is read. +.SH "FILES" +.TP +@LDNS_TRUST_ANCHOR_FILE@ +The file from which trusted keys are loaded for signature chasing, +when no \fB-k\fR option is given. + +.SH "SEE ALSO" +.LP +unbound-anchor(8) + .SH AUTHOR Written by the ldns team as an example for ldns usage. diff --git a/examples/ldns-verify-zone.c b/examples/ldns-verify-zone.c index 1dd9aaea8b64..0bbb97f412ba 100644 --- a/examples/ldns-verify-zone.c +++ b/examples/ldns-verify-zone.c @@ -66,10 +66,6 @@ read_key_file(const char *filename, ldns_rr_list *keys) int line_nr; if (!(fp = fopen(filename, "r"))) { - if (verbosity > 0) { - fprintf(myerr, "Error opening %s: %s\n", filename, - strerror(errno)); - } return LDNS_STATUS_FILE_ERR; } while (!feof(fp)) { @@ -92,6 +88,7 @@ read_key_file(const char *filename, ldns_rr_list *keys) else break; } + fclose(fp); return status; } @@ -308,6 +305,10 @@ verify_next_hashed_name(ldns_dnssec_zone* zone, ldns_dnssec_name *name) if (!cur_next_name) { cur_next_name = cur_first_name; } + assert(cur_next_name != NULL); + /* Because this function is called on nsec occurrence, + * there must be a cur_next_name! + */ next_owner_str = ldns_rdf2str(ldns_nsec3_next_owner(name->nsec)); next_owner_dname = ldns_dname_new_frm_str(next_owner_str); @@ -749,7 +750,8 @@ main(int argc, char **argv) "now)\n"); printf("\t-k <file>\tspecify a file that contains a " "trusted DNSKEY or DS rr.\n\t\t\t" - "This option may be given more than once.\n"); + "This option may be given more than once.\n" + "\t\t\tDefault is %s", LDNS_TRUST_ANCHOR_FILE); printf("\t-p [0-100]\tonly checks this percentage of " "the zone.\n\t\t\tDefaults to 100\n"); printf("\t-S\t\tchase signature(s) to a known key. " @@ -794,6 +796,13 @@ main(int argc, char **argv) break; case 'k': s = read_key_file(optarg, keys); + if (s == LDNS_STATUS_FILE_ERR) { + if (verbosity > 0) { + fprintf(myerr, + "Error opening %s: %s\n", + optarg, strerror(errno)); + } + } if (s != LDNS_STATUS_OK) { if (verbosity > 0) { fprintf(myerr, @@ -838,7 +847,7 @@ main(int argc, char **argv) tm.tm_year -= 1900; tm.tm_mon--; - check_time = mktime_from_utc(&tm); + check_time = ldns_mktime_from_utc(&tm); } else { check_time += atoi(optarg); @@ -855,11 +864,16 @@ main(int argc, char **argv) } } if (do_sigchase && nkeys == 0) { - if (verbosity > 0) { - fprintf(myerr, - "Unable to chase signature without keys.\n"); + (void) read_key_file(LDNS_TRUST_ANCHOR_FILE, keys); + nkeys = ldns_rr_list_rr_count(keys); + + if (nkeys == 0) { + if (verbosity > 0) { + fprintf(myerr, "Unable to chase " + "signature without keys.\n"); + } + exit(EXIT_FAILURE); } - exit(EXIT_FAILURE); } argc -= optind; diff --git a/examples/ldns-zsplit.c b/examples/ldns-zsplit.c index 84f2ddb9675a..0843c589e9cf 100644 --- a/examples/ldns-zsplit.c +++ b/examples/ldns-zsplit.c @@ -63,6 +63,7 @@ open_keyfiles(char **files, uint16_t filec) } if (ldns_rr_new_frm_fp(&k, kfp, NULL, NULL, NULL) != LDNS_STATUS_OK) { fprintf(stderr, "Error parsing the key file %s: %s\n", files[i], strerror(errno)); + ldns_rr_list_deep_free(pubkeys); return NULL; } fclose(kfp); @@ -126,6 +126,7 @@ ldns_get_rr_list_name_by_addr(ldns_resolver *res, ldns_rdf *addr, ldns_rr_class /* add the RD flags, because we want an answer */ pkt = ldns_resolver_query(res, name, LDNS_RR_TYPE_PTR, c, flags | LDNS_RD); + ldns_rdf_deep_free(name); if (pkt) { /* extract the data we need */ names = ldns_pkt_rr_list_by_type(pkt, diff --git a/host2str.c b/host2str.c index c185e0f04db0..521e2468ecdd 100644 --- a/host2str.c +++ b/host2str.c @@ -123,6 +123,7 @@ const ldns_output_format *ldns_output_format_onlykeyids = &ldns_output_format_onlykeyids_record; const ldns_output_format *ldns_output_format_default = &ldns_output_format_onlykeyids_record; + const ldns_output_format ldns_output_format_bubblebabble_record = { LDNS_COMMENT_KEY | LDNS_COMMENT_BUBBLEBABBLE | LDNS_COMMENT_FLAGS, NULL }; @@ -195,7 +196,7 @@ ldns_pkt_opcode2str(ldns_pkt_opcode opcode) str = NULL; if (ldns_pkt_opcode2buffer_str(buf, opcode) == LDNS_STATUS_OK) { - str = ldns_buffer2str(buf); + str = ldns_buffer_export2str(buf); } ldns_buffer_free(buf); @@ -215,7 +216,7 @@ ldns_pkt_rcode2str(ldns_pkt_rcode rcode) str = NULL; if (ldns_pkt_rcode2buffer_str(buf, rcode) == LDNS_STATUS_OK) { - str = ldns_buffer2str(buf); + str = ldns_buffer_export2str(buf); } ldns_buffer_free(buf); @@ -236,7 +237,7 @@ ldns_pkt_algorithm2str(ldns_algorithm algorithm) str = NULL; if (ldns_algorithm2buffer_str(buf, algorithm) == LDNS_STATUS_OK) { - str = ldns_buffer2str(buf); + str = ldns_buffer_export2str(buf); } ldns_buffer_free(buf); @@ -257,7 +258,7 @@ ldns_pkt_cert_algorithm2str(ldns_cert_algorithm cert_algorithm) str = NULL; if (ldns_cert_algorithm2buffer_str(buf, cert_algorithm) == LDNS_STATUS_OK) { - str = ldns_buffer2str(buf); + str = ldns_buffer_export2str(buf); } ldns_buffer_free(buf); @@ -567,7 +568,7 @@ ldns_rr_type2str(const ldns_rr_type type) str = NULL; if (ldns_rr_type2buffer_str(buf, type) == LDNS_STATUS_OK) { - str = ldns_buffer2str(buf); + str = ldns_buffer_export2str(buf); } ldns_buffer_free(buf); @@ -603,7 +604,7 @@ ldns_rr_class2str(const ldns_rr_class klass) str = NULL; if (ldns_rr_class2buffer_str(buf, klass) == LDNS_STATUS_OK) { - str = ldns_buffer2str(buf); + str = ldns_buffer_export2str(buf); } ldns_buffer_free(buf); return str; @@ -1149,8 +1150,9 @@ ldns_rdf2buffer_str(ldns_buffer *buffer, const ldns_rdf *rdf) break; } } else { + /** This will write mangled RRs */ ldns_buffer_printf(buffer, "(null) "); - res = ldns_buffer_status(buffer); + res = LDNS_STATUS_ERR; } return res; } @@ -1230,7 +1232,33 @@ ldns_rr2buffer_str_fmt(ldns_buffer *output, for (i = 0; i < ldns_rr_rd_count(rr); i++) { /* ldns_rdf2buffer_str handles NULL input fine! */ - status = ldns_rdf2buffer_str(output, ldns_rr_rdf(rr, i)); + if ((fmt->flags & LDNS_FMT_ZEROIZE_RRSIGS) && + (ldns_rr_get_type(rr) == LDNS_RR_TYPE_RRSIG) && + ((/* inception */ i == 4 && + ldns_rdf_get_type(ldns_rr_rdf(rr, 4)) == + LDNS_RDF_TYPE_TIME) || + (/* expiration */ i == 5 && + ldns_rdf_get_type(ldns_rr_rdf(rr, 5)) == + LDNS_RDF_TYPE_TIME) || + (/* signature */ i == 8 && + ldns_rdf_get_type(ldns_rr_rdf(rr, 8)) == + LDNS_RDF_TYPE_B64))) { + + ldns_buffer_printf(output, "(null)"); + status = ldns_buffer_status(output); + } else if ((fmt->flags & LDNS_FMT_PAD_SOA_SERIAL) && + (ldns_rr_get_type(rr) == LDNS_RR_TYPE_SOA) && + /* serial */ i == 2 && + ldns_rdf_get_type(ldns_rr_rdf(rr, 2)) == + LDNS_RDF_TYPE_INT32) { + ldns_buffer_printf(output, "%10lu", + (unsigned long) ldns_read_uint32( + ldns_rdf_data(ldns_rr_rdf(rr, 2)))); + status = ldns_buffer_status(output); + } else { + status = ldns_rdf2buffer_str(output, + ldns_rr_rdf(rr, i)); + } if(status != LDNS_STATUS_OK) return status; if (i < ldns_rr_rd_count(rr) - 1) { @@ -1633,12 +1661,12 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) { ldns_status status = LDNS_STATUS_OK; unsigned char *bignum; -#ifndef S_SPLINT_S - uint16_t i; -#endif - #ifdef HAVE_SSL +# ifndef S_SPLINT_S + uint16_t i; +# endif /* not used when ssl is not defined */ + /*@unused@*/ ldns_rdf *b64_bignum = NULL; RSA *rsa; @@ -1716,6 +1744,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { + ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -1727,6 +1756,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { + ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -1740,6 +1770,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { + ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -1756,6 +1787,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { + ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -1772,6 +1804,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { + ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -1788,6 +1821,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { + ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -1804,6 +1838,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { + ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -1820,6 +1855,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { + ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -1853,6 +1889,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { + ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -1869,6 +1906,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { + ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -1885,6 +1923,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { + ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -1901,6 +1940,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { + ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -1917,6 +1957,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { + ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -1960,6 +2001,7 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, bignum); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { + ldns_rdf_deep_free(b64_bignum); goto error; } ldns_rdf_deep_free(b64_bignum); @@ -1993,9 +2035,6 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) } #endif /* HAVE_SSL */ } else { -#ifdef HAVE_SSL - LDNS_FREE(b64_bignum); -#endif LDNS_FREE(bignum); return ldns_buffer_status(output); } @@ -2012,12 +2051,11 @@ error: } /* - * Zero terminate the buffer and fix it to the size of the string. + * Zero terminate the buffer and copy data. */ char * ldns_buffer2str(ldns_buffer *buffer) { - char *tmp_str; char *str; /* check if buffer ends with \0, if not, and @@ -2032,16 +2070,30 @@ ldns_buffer2str(ldns_buffer *buffer) } } - tmp_str = ldns_buffer_export(buffer); - str = LDNS_XMALLOC(char, strlen(tmp_str) + 1); + str = strdup((const char *)ldns_buffer_begin(buffer)); if(!str) { return NULL; } - memcpy(str, tmp_str, strlen(tmp_str) + 1); - return str; } +/* + * Zero terminate the buffer and export data. + */ +char * +ldns_buffer_export2str(ldns_buffer *buffer) +{ + /* Append '\0' as string terminator */ + if (! ldns_buffer_reserve(buffer, 1)) { + return NULL; + } + ldns_buffer_write_u8(buffer, 0); + + /* reallocate memory to the size of the string and export */ + ldns_buffer_set_capacity(buffer, ldns_buffer_position(buffer)); + return ldns_buffer_export(buffer); +} + char * ldns_rdf2str(const ldns_rdf *rdf) { @@ -2053,7 +2105,7 @@ ldns_rdf2str(const ldns_rdf *rdf) } if (ldns_rdf2buffer_str(tmp_buffer, rdf) == LDNS_STATUS_OK) { /* export and return string, destroy rest */ - result = ldns_buffer2str(tmp_buffer); + result = ldns_buffer_export2str(tmp_buffer); } ldns_buffer_free(tmp_buffer); return result; @@ -2071,7 +2123,7 @@ ldns_rr2str_fmt(const ldns_output_format *fmt, const ldns_rr *rr) if (ldns_rr2buffer_str_fmt(tmp_buffer, fmt, rr) == LDNS_STATUS_OK) { /* export and return string, destroy rest */ - result = ldns_buffer2str(tmp_buffer); + result = ldns_buffer_export2str(tmp_buffer); } ldns_buffer_free(tmp_buffer); return result; @@ -2095,7 +2147,7 @@ ldns_pkt2str_fmt(const ldns_output_format *fmt, const ldns_pkt *pkt) if (ldns_pkt2buffer_str_fmt(tmp_buffer, fmt, pkt) == LDNS_STATUS_OK) { /* export and return string, destroy rest */ - result = ldns_buffer2str(tmp_buffer); + result = ldns_buffer_export2str(tmp_buffer); } ldns_buffer_free(tmp_buffer); @@ -2119,7 +2171,7 @@ ldns_key2str(const ldns_key *k) } if (ldns_key2buffer_str(tmp_buffer, k) == LDNS_STATUS_OK) { /* export and return string, destroy rest */ - result = ldns_buffer2str(tmp_buffer); + result = ldns_buffer_export2str(tmp_buffer); } ldns_buffer_free(tmp_buffer); return result; @@ -2149,7 +2201,7 @@ ldns_rr_list2str_fmt(const ldns_output_format *fmt, const ldns_rr_list *list) } /* export and return string, destroy rest */ - result = ldns_buffer2str(tmp_buffer); + result = ldns_buffer_export2str(tmp_buffer); ldns_buffer_free(tmp_buffer); return result; } @@ -2167,20 +2219,20 @@ ldns_rdf_print(FILE *output, const ldns_rdf *rdf) if (str) { fprintf(output, "%s", str); } else { - fprintf(output, "Unable to convert rdf to string\n"); + fprintf(output, ";Unable to convert rdf to string\n"); } LDNS_FREE(str); } void -ldns_rr_print_fmt(FILE *output, +ldns_rr_print_fmt(FILE *output, const ldns_output_format *fmt, const ldns_rr *rr) { char *str = ldns_rr2str_fmt(fmt, rr); if (str) { fprintf(output, "%s", str); } else { - fprintf(output, "Unable to convert rr to string\n"); + fprintf(output, ";Unable to convert rr to string\n"); } LDNS_FREE(str); } @@ -2199,7 +2251,7 @@ ldns_pkt_print_fmt(FILE *output, if (str) { fprintf(output, "%s", str); } else { - fprintf(output, "Unable to convert packet to string\n"); + fprintf(output, ";Unable to convert packet to string\n"); } LDNS_FREE(str); } diff --git a/host2wire.c b/host2wire.c index b5b0ba8ff20a..de1e01e9ba3f 100644 --- a/host2wire.c +++ b/host2wire.c @@ -341,7 +341,6 @@ ldns_status ldns_rdf2wire(uint8_t **dest, const ldns_rdf *rdf, size_t *result_size) { ldns_buffer *buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN); - uint8_t *result = NULL; ldns_status status; *result_size = 0; *dest = NULL; @@ -350,21 +349,8 @@ ldns_rdf2wire(uint8_t **dest, const ldns_rdf *rdf, size_t *result_size) status = ldns_rdf2buffer_wire(buffer, rdf); if (status == LDNS_STATUS_OK) { *result_size = ldns_buffer_position(buffer); - result = (uint8_t *) ldns_buffer_export(buffer); - } else { - ldns_buffer_free(buffer); - return status; - } - - if (result) { - *dest = LDNS_XMALLOC(uint8_t, ldns_buffer_position(buffer)); - if(!*dest) { - ldns_buffer_free(buffer); - return LDNS_STATUS_MEM_ERR; - } - memcpy(*dest, result, ldns_buffer_position(buffer)); + *dest = (uint8_t *) ldns_buffer_export(buffer); } - ldns_buffer_free(buffer); return status; } @@ -373,7 +359,6 @@ ldns_status ldns_rr2wire(uint8_t **dest, const ldns_rr *rr, int section, size_t *result_size) { ldns_buffer *buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN); - uint8_t *result = NULL; ldns_status status; *result_size = 0; *dest = NULL; @@ -382,21 +367,8 @@ ldns_rr2wire(uint8_t **dest, const ldns_rr *rr, int section, size_t *result_size status = ldns_rr2buffer_wire(buffer, rr, section); if (status == LDNS_STATUS_OK) { *result_size = ldns_buffer_position(buffer); - result = (uint8_t *) ldns_buffer_export(buffer); - } else { - ldns_buffer_free(buffer); - return status; + *dest = (uint8_t *) ldns_buffer_export(buffer); } - - if (result) { - *dest = LDNS_XMALLOC(uint8_t, ldns_buffer_position(buffer)); - if(!*dest) { - ldns_buffer_free(buffer); - return LDNS_STATUS_MEM_ERR; - } - memcpy(*dest, result, ldns_buffer_position(buffer)); - } - ldns_buffer_free(buffer); return status; } @@ -405,7 +377,6 @@ ldns_status ldns_pkt2wire(uint8_t **dest, const ldns_pkt *packet, size_t *result_size) { ldns_buffer *buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN); - uint8_t *result = NULL; ldns_status status; *result_size = 0; *dest = NULL; @@ -414,21 +385,8 @@ ldns_pkt2wire(uint8_t **dest, const ldns_pkt *packet, size_t *result_size) status = ldns_pkt2buffer_wire(buffer, packet); if (status == LDNS_STATUS_OK) { *result_size = ldns_buffer_position(buffer); - result = (uint8_t *) ldns_buffer_export(buffer); - } else { - ldns_buffer_free(buffer); - return status; + *dest = (uint8_t *) ldns_buffer_export(buffer); } - - if (result) { - *dest = LDNS_XMALLOC(uint8_t, ldns_buffer_position(buffer)); - if(!*dest) { - ldns_buffer_free(buffer); - return LDNS_STATUS_MEM_ERR; - } - memcpy(*dest, result, ldns_buffer_position(buffer)); - } - ldns_buffer_free(buffer); return status; } @@ -431,8 +431,7 @@ ldns_key_new_frm_fp_l(ldns_key **key, FILE *fp, int *line_nr) ldns_key_free(k); return LDNS_STATUS_ERR; } - ldns_key_set_rsa_key(k, rsa); - RSA_free(rsa); + ldns_key_assign_rsa_key(k, rsa); #endif /* HAVE_SSL */ break; case LDNS_SIGN_DSA: @@ -444,8 +443,7 @@ ldns_key_new_frm_fp_l(ldns_key **key, FILE *fp, int *line_nr) ldns_key_free(k); return LDNS_STATUS_ERR; } - ldns_key_set_dsa_key(k, dsa); - DSA_free(dsa); + ldns_key_assign_dsa_key(k, dsa); #endif /* HAVE_SSL */ break; case LDNS_SIGN_HMACMD5: @@ -505,6 +503,7 @@ ldns_key_new_frm_fp_l(ldns_key **key, FILE *fp, int *line_nr) *key = k; return LDNS_STATUS_OK; } + ldns_key_free(k); return LDNS_STATUS_ERR; } @@ -751,28 +750,21 @@ ldns_key_new_frm_fp_hmac_l( FILE *f , size_t *hmac_size ) { - size_t i; - char *d; - unsigned char *buf; - - d = LDNS_XMALLOC(char, LDNS_MAX_LINELEN); - buf = LDNS_XMALLOC(unsigned char, LDNS_MAX_LINELEN); - if(!d || !buf) { - goto error; - } + size_t i, bufsz; + char d[LDNS_MAX_LINELEN]; + unsigned char *buf = NULL; if (ldns_fget_keyword_data_l(f, "Key", ": ", d, "\n", LDNS_MAX_LINELEN, line_nr) == -1) { goto error; } - i = (size_t) ldns_b64_pton((const char*)d, - buf, - ldns_b64_ntop_calculate_size(strlen(d))); + bufsz = ldns_b64_ntop_calculate_size(strlen(d)); + buf = LDNS_XMALLOC(unsigned char, bufsz); + i = (size_t) ldns_b64_pton((const char*)d, buf, bufsz); *hmac_size = i; return buf; error: - LDNS_FREE(d); LDNS_FREE(buf); *hmac_size = 0; return NULL; @@ -850,6 +842,7 @@ ldns_key_new_frm_algorithm(ldns_signing_algorithm alg, uint16_t size) return NULL; } ldns_key_set_rsa_key(k, r); + RSA_free(r); #endif /* HAVE_SSL */ break; case LDNS_SIGN_DSA: @@ -865,6 +858,7 @@ ldns_key_new_frm_algorithm(ldns_signing_algorithm alg, uint16_t size) return NULL; } ldns_key_set_dsa_key(k, d); + DSA_free(d); #endif /* HAVE_SSL */ break; case LDNS_SIGN_HMACMD5: @@ -1005,6 +999,22 @@ ldns_key_set_dsa_key(ldns_key *k, DSA *d) EVP_PKEY_set1_DSA(key, d); k->_key.key = key; } + +void +ldns_key_assign_rsa_key(ldns_key *k, RSA *r) +{ + EVP_PKEY *key = EVP_PKEY_new(); + EVP_PKEY_assign_RSA(key, r); + k->_key.key = key; +} + +void +ldns_key_assign_dsa_key(ldns_key *k, DSA *d) +{ + EVP_PKEY *key = EVP_PKEY_new(); + EVP_PKEY_assign_DSA(key, d); + k->_key.key = key; +} #endif /* splint */ #endif /* HAVE_SSL */ @@ -1302,7 +1312,7 @@ ldns_key_dsa2bin(unsigned char *data, DSA *k, uint16_t *size) } /* See RFC2536 */ - *size = (uint16_t)BN_num_bytes(k->g); + *size = (uint16_t)BN_num_bytes(k->p); T = (*size - 64) / 8; memcpy(data, &T, 1); @@ -1365,10 +1375,10 @@ ldns_key2rr(const ldns_key *k) #endif int internal_data = 0; - pubkey = ldns_rr_new(); if (!k) { return NULL; } + pubkey = ldns_rr_new(); switch (ldns_key_algorithm(k)) { case LDNS_SIGN_HMACMD5: @@ -1638,7 +1648,7 @@ ldns_key_get_file_base_name(ldns_key *key) "+%03u+%05u", ldns_key_algorithm(key), ldns_key_keytag(key)); - file_base_name = strdup(ldns_buffer_export(buffer)); + file_base_name = ldns_buffer_export(buffer); ldns_buffer_free(buffer); return file_base_name; } diff --git a/ldns/buffer.h b/ldns/buffer.h index 03df14c99158..3b64198d8d57 100644 --- a/ldns/buffer.h +++ b/ldns/buffer.h @@ -630,8 +630,9 @@ void ldns_buffer_free(ldns_buffer *buffer); void *ldns_buffer_export(ldns_buffer *buffer); /** - * Copy contents of the other buffer to this buffer. Silently truncated - * if this buffer is too small. + * Copy contents of the from buffer to the result buffer and then flips + * the result buffer. Data will be silently truncated if the result buffer is + * too small. * \param[out] *result resulting buffer which is copied to. * \param[in] *from what to copy to result. */ diff --git a/ldns/common.h.in b/ldns/common.h.in index 5d6254752a5b..aedfc96da7f2 100644 --- a/ldns/common.h.in +++ b/ldns/common.h.in @@ -23,6 +23,7 @@ #define LDNS_BUILD_CONFIG_HAVE_INTTYPES_H @ldns_build_config_have_inttypes_h@ #define LDNS_BUILD_CONFIG_HAVE_ATTR_FORMAT @ldns_build_config_have_attr_format@ #define LDNS_BUILD_CONFIG_HAVE_ATTR_UNUSED @ldns_build_config_have_attr_unused@ +#define LDNS_BUILD_CONFIG_HAVE_SOCKLEN_T @ldns_build_config_have_socklen_t@ /* * HAVE_STDBOOL_H is not available when distributed as a library, but no build @@ -65,4 +66,8 @@ typedef bool _Bool; #define ATTR_UNUSED(x) x #endif /* !LDNS_BUILD_CONFIG_HAVE_ATTR_UNUSED */ +#if !LDNS_BUILD_CONFIG_HAVE_SOCKLEN_T +typedef int socklen_t; +#endif + #endif /* LDNS_COMMON_H */ diff --git a/ldns/config.h.in b/ldns/config.h.in index 3393e99767ef..98cf357074ba 100644 --- a/ldns/config.h.in +++ b/ldns/config.h.in @@ -33,6 +33,12 @@ /* Define to 1 if you have the `ctime_r' function. */ #undef HAVE_CTIME_R +/* Is a CAFILE given at configure time */ +#undef HAVE_DANE_CA_FILE + +/* Is a CAPATH given at configure time */ +#undef HAVE_DANE_CA_PATH + /* Define to 1 if you have the declaration of `NID_secp384r1', and to 0 if you don't. */ #undef HAVE_DECL_NID_SECP384R1 @@ -250,6 +256,15 @@ /* Define to 1 if the system has the type `_Bool'. */ #undef HAVE__BOOL +/* Is a CAFILE given at configure time */ +#undef LDNS_DANE_CA_FILE + +/* Is a CAPATH given at configure time */ +#undef LDNS_DANE_CA_PATH + +/* Default trust anchor file */ +#undef LDNS_TRUST_ANCHOR_FILE + /* Define to the sub-directory in which libtool stores uninstalled libraries. */ #undef LT_OBJDIR diff --git a/ldns/dane.h b/ldns/dane.h new file mode 100644 index 000000000000..c1c4e2d75caf --- /dev/null +++ b/ldns/dane.h @@ -0,0 +1,244 @@ +/* + * dane.h -- defines for the DNS-Based Authentication of Named Entities (DANE) + * Transport Layer Security (TLS) Protocol: TLSA + * + * Copyright (c) 2012, NLnet Labs. All rights reserved. + * + * See LICENSE for the license. + * + */ + +/** + * \file + * + * This module contains base functions for creating and verifying TLSA RR's + * with PKIX certificates, certificate chains and validation stores. + * (See RFC6394 and RFC6698). + * + * Since those functions heavily rely op cryptographic operations, + * this module is dependent on openssl. + */ + + +#ifndef LDNS_DANE_H +#define LDNS_DANE_H + +#include <ldns/common.h> +#include <ldns/rdata.h> +#include <ldns/rr.h> +#if LDNS_BUILD_CONFIG_HAVE_SSL +#include <openssl/ssl.h> +#include <openssl/err.h> +#endif /* LDNS_BUILD_CONFIG_HAVE_SSL */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * The different "Certificate usage" rdata field values for a TLSA RR. + */ +enum ldns_enum_tlsa_certificate_usage +{ + /** CA constraint */ + LDNS_TLSA_USAGE_CA_CONSTRAINT = 0, + /** Sevice certificate constraint */ + LDNS_TLSA_USAGE_SERVICE_CERTIFICATE_CONSTRAINT = 1, + /** Trust anchor assertion */ + LDNS_TLSA_USAGE_TRUST_ANCHOR_ASSERTION = 2, + /** Domain issued certificate */ + LDNS_TLSA_USAGE_DOMAIN_ISSUED_CERTIFICATE = 3 +}; +typedef enum ldns_enum_tlsa_certificate_usage ldns_tlsa_certificate_usage; + +/** + * The different "Selector" rdata field values for a TLSA RR. + */ +enum ldns_enum_tlsa_selector +{ + /** + * Full certificate: the Certificate binary structure + * as defined in [RFC5280] + */ + LDNS_TLSA_SELECTOR_FULL_CERTIFICATE = 0, + + /** + * SubjectPublicKeyInfo: DER-encoded binary structure + * as defined in [RFC5280] + */ + LDNS_TLSA_SELECTOR_SUBJECTPUBLICKEYINFO = 1 +}; +typedef enum ldns_enum_tlsa_selector ldns_tlsa_selector; + +/** + * The different "Matching type" rdata field values for a TLSA RR. + */ +enum ldns_enum_tlsa_matching_type +{ + /** Exact match on selected content */ + LDNS_TLSA_MATCHING_TYPE_NO_HASH_USED = 0, + /** SHA-256 hash of selected content [RFC6234] */ + LDNS_TLSA_MATCHING_TYPE_SHA256 = 1, + /** SHA-512 hash of selected content [RFC6234] */ + LDNS_TLSA_MATCHING_TYPE_SHA512 = 2 +}; +typedef enum ldns_enum_tlsa_matching_type ldns_tlsa_matching_type; + +/** + * Known transports to use with TLSA owner names. + */ +enum ldns_enum_dane_transport +{ + /** TCP */ + LDNS_DANE_TRANSPORT_TCP = 0, + /** UDP */ + LDNS_DANE_TRANSPORT_UDP = 1, + /** SCTP */ + LDNS_DANE_TRANSPORT_SCTP = 2 +}; +typedef enum ldns_enum_dane_transport ldns_dane_transport; + + +/** + * Creates a dname consisting of the given name, prefixed by the service port + * and type of transport: _<EM>port</EM>._<EM>transport</EM>.<EM>name</EM>. + * + * \param[out] tlsa_owner The created dname. + * \param[in] name The dname that should be prefixed. + * \param[in] port The service port number for wich the name should be created. + * \param[in] transport The transport for wich the name should be created. + * \return LDNS_STATUS_OK on success or an error code otherwise. + */ +ldns_status ldns_dane_create_tlsa_owner(ldns_rdf** tlsa_owner, + const ldns_rdf* name, uint16_t port, + ldns_dane_transport transport); + + +#if LDNS_BUILD_CONFIG_HAVE_SSL +/** + * Creates a LDNS_RDF_TYPE_HEX type rdf based on the binary data choosen by + * the selector and encoded using matching_type. + * + * \param[out] rdf The created created rdf of type LDNS_RDF_TYPE_HEX. + * \param[in] cert The certificate from which the data is selected + * \param[in] selector The full certificate or the public key + * \param[in] matching_type The full data or the SHA256 or SHA512 hash + * of the selected data + * \return LDNS_STATUS_OK on success or an error code otherwise. + */ +ldns_status ldns_dane_cert2rdf(ldns_rdf** rdf, X509* cert, + ldns_tlsa_selector selector, + ldns_tlsa_matching_type matching_type); + + +/** + * Selects the certificate from cert, extra_certs or the pkix_validation_store + * based on the value of cert_usage and index. + * + * \param[out] selected_cert The selected cert. + * \param[in] cert The certificate to validate (or not) + * \param[in] extra_certs Intermediate certificates that might be necessary + * during validation. May be NULL, except when the certificate + * usage is "Trust Anchor Assertion" because the trust anchor has + * to be provided.(otherwise choose a "Domain issued certificate!" + * \param[in] pkix_validation_store Used when the certificate usage is + * "CA constraint" or "Service Certificate Constraint" to + * validate the certificate and, in case of "CA constraint", + * select the CA. + * When pkix_validation_store is NULL, validation is explicitely + * turned off and the behaviour is then the same as for "Trust + * anchor assertion" and "Domain issued certificate" respectively. + * \param[in] cert_usage Which certificate to use and how to validate. + * \param[in] index Used to select the trust anchor when certificate usage + * is "Trust Anchor Assertion". 0 is the last certificate in the + * validation chain. 1 the one but last, etc. When index is -1, + * the last certificate is used that MUST be self-signed. + * This can help to make sure that the intended (self signed) + * trust anchor is actually present in extra_certs (which is a + * DANE requirement). + * + * \return LDNS_STATUS_OK on success or an error code otherwise. + */ +ldns_status ldns_dane_select_certificate(X509** selected_cert, + X509* cert, STACK_OF(X509)* extra_certs, + X509_STORE* pkix_validation_store, + ldns_tlsa_certificate_usage cert_usage, int index); + +/** + * Creates a TLSA resource record from the certificate. + * No PKIX validation is performed! The given certificate is used as data + * regardless the value of certificate_usage. + * + * \param[out] tlsa The created TLSA resource record. + * \param[in] certificate_usage The value for the Certificate Usage field + * \param[in] selector The value for the Selector field + * \param[in] matching_type The value for the Matching Type field + * \param[in] cert The certificate which data will be represented + * + * \return LDNS_STATUS_OK on success or an error code otherwise. + */ +ldns_status ldns_dane_create_tlsa_rr(ldns_rr** tlsa, + ldns_tlsa_certificate_usage certificate_usage, + ldns_tlsa_selector selector, + ldns_tlsa_matching_type matching_type, + X509* cert); + +/** + * Verify if the given TLSA resource record matches the given certificate. + * Reporting on a TLSA rr mismatch (LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH) + * is preferred over PKIX failure (LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE). + * So when PKIX validation is required by the TLSA Certificate usage, + * but the TLSA data does not match, LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH + * is returned whether the PKIX validated or not. + * + * \param[in] tlsa_rr The resource record that specifies what and how to + * match the certificate. With tlsa_rr == NULL, regular PKIX + * validation is performed. + * \param[in] cert The certificate to match (and validate) + * \param[in] extra_certs Intermediate certificates that might be necessary + * creating the validation chain. + * \param[in] pkix_validation_store Used when the certificate usage is + * "CA constraint" or "Service Certificate Constraint" to + * validate the certificate. + * + * \return LDNS_STATUS_OK on success, + * LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH on TLSA data mismatch, + * LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE when TLSA matched, + * but the PKIX validation failed, or other ldns_status errors. + */ +ldns_status ldns_dane_verify_rr(const ldns_rr* tlsa_rr, + X509* cert, STACK_OF(X509)* extra_certs, + X509_STORE* pkix_validation_store); + +/** + * Verify if any of the given TLSA resource records matches the given + * certificate. + * + * \param[in] tlsas The resource records that specify what and how to + * match the certificate. One must match for this function + * to succeed. With tlsas == NULL or the number of TLSA records + * in tlsas == 0, regular PKIX validation is performed. + * \param[in] cert The certificate to match (and validate) + * \param[in] extra_certs Intermediate certificates that might be necessary + * creating the validation chain. + * \param[in] pkix_validation_store Used when the certificate usage is + * "CA constraint" or "Service Certificate Constraint" to + * validate the certificate. + * + * \return LDNS_STATUS_OK on success, + * LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE when one of the TLSA's + * matched but the PKIX validation failed, + * LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH when none of the TLSA's matched, + * or other ldns_status errors. + */ +ldns_status ldns_dane_verify(ldns_rr_list* tlsas, + X509* cert, STACK_OF(X509)* extra_certs, + X509_STORE* pkix_validation_store); +#endif /* LDNS_BUILD_CONFIG_HAVE_SSL */ + +#ifdef __cplusplus +} +#endif + +#endif /* LDNS_DANE_H */ + diff --git a/ldns/dname.h b/ldns/dname.h index a91f075257c7..16b45429fb21 100644 --- a/ldns/dname.h +++ b/ldns/dname.h @@ -111,6 +111,7 @@ ldns_rdf *ldns_dname_new_frm_str(const char *str); * Create a new dname rdf from a string * \param[in] s the size of the new dname * \param[in] *data pointer to the actual data + * * \return ldns_rdf* */ ldns_rdf *ldns_dname_new(uint16_t s, void *data); @@ -119,6 +120,7 @@ ldns_rdf *ldns_dname_new(uint16_t s, void *data); * Create a new dname rdf from data (the data is copied) * \param[in] size the size of the data * \param[in] *data pointer to the actual data + * * \return ldns_rdf* */ ldns_rdf *ldns_dname_new_frm_data(uint16_t size, const void *data); @@ -178,6 +180,13 @@ int ldns_dname_interval(const ldns_rdf *prev, const ldns_rdf *middle, const ldns bool ldns_dname_str_absolute(const char *dname_str); /** + * Checks whether the given dname is absolute (i.e. ends with a '.') + * \param[in] *dname a rdf representing the dname + * \return true or false + */ +bool ldns_dname_absolute(const ldns_rdf *dname); + +/** * look inside the rdf and if it is an LDNS_RDF_TYPE_DNAME * try and retrieve a specific label. The labels are numbered * starting from 0 (left most). diff --git a/ldns/dnssec.h b/ldns/dnssec.h index 9e602b5bc1d7..34f63714c34d 100644 --- a/ldns/dnssec.h +++ b/ldns/dnssec.h @@ -198,6 +198,7 @@ RSA *ldns_key_buf2rsa_raw(unsigned char* key, size_t len); * * \param[in] *key the key to convert * \param[in] h the hash to use LDNS_SHA1/LDNS_SHA256 + * * \return ldns_rr* a new rr pointer to a DS */ ldns_rr *ldns_key_rr2ds(const ldns_rr *key, ldns_hash h); diff --git a/ldns/dnssec_verify.h b/ldns/dnssec_verify.h index 32036a8c0b0f..b6bdeca539bc 100644 --- a/ldns/dnssec_verify.h +++ b/ldns/dnssec_verify.h @@ -367,6 +367,7 @@ void ldns_dnssec_derive_trust_tree_no_sig_time( * * \param *tree The trust tree so search * \param *keys A ldns_rr_list of DNSKEY and DS rrs to look for + * * \return LDNS_STATUS_OK if there is a trusted path to one of * the keys, or the *first* error encountered * if there were no paths diff --git a/ldns/dnssec_zone.h b/ldns/dnssec_zone.h index 4d2642fd1b45..70c81b047931 100644 --- a/ldns/dnssec_zone.h +++ b/ldns/dnssec_zone.h @@ -8,7 +8,6 @@ #ifndef LDNS_DNSSEC_ZONE_H #define LDNS_DNSSEC_ZONE_H -#include <ldns/ldns.h> #include <ldns/rbtree.h> #include <ldns/host2str.h> diff --git a/ldns/error.h b/ldns/error.h index 6396a9346640..bac38ff87141 100644 --- a/ldns/error.h +++ b/ldns/error.h @@ -102,7 +102,22 @@ enum ldns_enum_status { LDNS_STATUS_MISSING_RDATA_FIELDS_RRSIG, LDNS_STATUS_MISSING_RDATA_FIELDS_KEY, LDNS_STATUS_CRYPTO_SIG_EXPIRED_WITHIN_MARGIN, - LDNS_STATUS_CRYPTO_SIG_NOT_INCEPTED_WITHIN_MARGIN + LDNS_STATUS_CRYPTO_SIG_NOT_INCEPTED_WITHIN_MARGIN, + LDNS_STATUS_DANE_STATUS_MESSAGES, + LDNS_STATUS_DANE_UNKNOWN_CERTIFICATE_USAGE, + LDNS_STATUS_DANE_UNKNOWN_SELECTOR, + LDNS_STATUS_DANE_UNKNOWN_MATCHING_TYPE, + LDNS_STATUS_DANE_UNKNOWN_PROTOCOL, + LDNS_STATUS_DANE_UNKNOWN_TRANSPORT, + LDNS_STATUS_DANE_MISSING_EXTRA_CERTS, + LDNS_STATUS_DANE_EXTRA_CERTS_NOT_USED, + LDNS_STATUS_DANE_OFFSET_OUT_OF_RANGE, + LDNS_STATUS_DANE_INSECURE, + LDNS_STATUS_DANE_BOGUS, + LDNS_STATUS_DANE_TLSA_DID_NOT_MATCH, + LDNS_STATUS_DANE_NON_CA_CERTIFICATE, + LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE, + LDNS_STATUS_DANE_PKIX_NO_SELF_SIGNED_TRUST_ANCHOR }; typedef enum ldns_enum_status ldns_status; diff --git a/ldns/host2str.h b/ldns/host2str.h index f0a14a4304a0..bbf932767b3b 100644 --- a/ldns/host2str.h +++ b/ldns/host2str.h @@ -64,6 +64,8 @@ extern "C" { #define LDNS_COMMENT_LAYOUT 0x0080 /** Also comment KEY_ID with RRSIGS **/ #define LDNS_COMMENT_RRSIGS 0x0100 +#define LDNS_FMT_ZEROIZE_RRSIGS 0x0200 +#define LDNS_FMT_PAD_SOA_SERIAL 0x0400 /** * Output format specifier @@ -601,8 +603,9 @@ char *ldns_rr_list2str_fmt( const ldns_output_format *fmt, const ldns_rr_list *rr_list); /** - * Returns the data in the buffer as a null terminated char * string - * Buffer data must be char * type, and must be freed by the caller + * Returns a copy of the data in the buffer as a null terminated + * char * string. The returned string must be freed by the caller. + * The buffer must be in write modus and may thus not have been flipped. * * \param[in] buffer buffer containing char * data * \return null terminated char * data, or NULL on error @@ -610,6 +613,17 @@ char *ldns_rr_list2str_fmt( char *ldns_buffer2str(ldns_buffer *buffer); /** + * Exports and returns the data in the buffer as a null terminated + * char * string. The returned string must be freed by the caller. + * The buffer must be in write modus and may thus not have been flipped. + * The buffer is fixed after this function returns. + * + * \param[in] buffer buffer containing char * data + * \return null terminated char * data, or NULL on error + */ +char *ldns_buffer_export2str(ldns_buffer *buffer); + +/** * Prints the data in the rdata field to the given file stream * (in presentation format) * diff --git a/ldns/keys.h b/ldns/keys.h index c4bf536911f1..3e156233ba24 100644 --- a/ldns/keys.h +++ b/ldns/keys.h @@ -25,7 +25,6 @@ #if LDNS_BUILD_CONFIG_HAVE_SSL #include <openssl/ssl.h> #endif /* LDNS_BUILD_CONFIG_HAVE_SSL */ -#include <ldns/dnssec.h> #include <ldns/util.h> #include <errno.h> @@ -299,18 +298,37 @@ void ldns_key_set_algorithm(ldns_key *k, ldns_signing_algorithm l); void ldns_key_set_evp_key(ldns_key *k, EVP_PKEY *e); /** - * Set the key's rsa data + * Set the key's rsa data. + * The rsa data should be freed by the user. * \param[in] k the key * \param[in] r the rsa data */ void ldns_key_set_rsa_key(ldns_key *k, RSA *r); + /** * Set the key's dsa data + * The dsa data should be freed by the user. * \param[in] k the key * \param[in] d the dsa data */ void ldns_key_set_dsa_key(ldns_key *k, DSA *d); +/** + * Assign the key's rsa data + * The rsa data will be freed automatically when the key is freed. + * \param[in] k the key + * \param[in] r the rsa data + */ +void ldns_key_assign_rsa_key(ldns_key *k, RSA *r); + +/** + * Assign the key's dsa data + * The dsa data will be freed automatically when the key is freed. + * \param[in] k the key + * \param[in] d the dsa data + */ +void ldns_key_assign_dsa_key(ldns_key *k, DSA *d); + /** * Get the PKEY id for GOST, loads GOST into openssl as a side effect. * Only available if GOST is compiled into the library and openssl. diff --git a/ldns/ldns.h b/ldns/ldns.h index 791525433489..a41e0325d673 100644 --- a/ldns/ldns.h +++ b/ldns/ldns.h @@ -95,6 +95,7 @@ Or you can just use the menu above to browse through the API docs. #include <ldns/util.h> #include <ldns/buffer.h> #include <ldns/common.h> +#include <ldns/dane.h> #include <ldns/dname.h> #include <ldns/dnssec.h> #include <ldns/dnssec_verify.h> diff --git a/ldns/rdata.h b/ldns/rdata.h index 90dcbf13818f..229a4d4c5b50 100644 --- a/ldns/rdata.h +++ b/ldns/rdata.h @@ -194,6 +194,7 @@ ldns_rdf_type ldns_rdf_get_type(const ldns_rdf *rd); /** * returns the data of the rdf. * \param[in] *rd the rdf to read from + * * \return uint8_t* pointer to the rdf's data */ uint8_t *ldns_rdf_data(const ldns_rdf *rd); @@ -303,6 +304,7 @@ ldns_rdf *ldns_native2rdf_int32(ldns_rdf_type type, uint32_t value); * The memory is copied, and an LDNS_RDF_TYPE_INT16DATA is returned * \param[in] size the size of the data * \param[in] *data pointer to the actual data + * * \return ldns_rd* the rdf with the data */ ldns_rdf *ldns_native2rdf_int16_data(size_t size, uint8_t *data); diff --git a/ldns/resolver.h b/ldns/resolver.h index f887aaf676e9..7af5d401e65c 100644 --- a/ldns/resolver.h +++ b/ldns/resolver.h @@ -578,6 +578,7 @@ ldns_status ldns_resolver_push_nameserver_rr_list(ldns_resolver *r, ldns_rr_list * \param[in] t query for this type (may be 0, defaults to A) * \param[in] c query for this class (may be 0, default to IN) * \param[in] flags the query flags + * * \return ldns_pkt* a packet with the reply from the nameserver */ ldns_pkt* ldns_resolver_search(const ldns_resolver *r, const ldns_rdf *rdf, ldns_rr_type t, ldns_rr_class c, uint16_t flags); @@ -590,6 +591,7 @@ ldns_pkt* ldns_resolver_search(const ldns_resolver *r, const ldns_rdf *rdf, ldns * \param[in] t query for this type (may be 0, defaults to A) * \param[in] c query for this class (may be 0, default to IN) * \param[in] f the query flags + * * \return ldns_pkt* a packet with the reply from the nameserver */ ldns_status ldns_resolver_prepare_query_pkt(ldns_pkt **q, ldns_resolver *r, const ldns_rdf *name, ldns_rr_type t, ldns_rr_class c, uint16_t f); @@ -602,6 +604,7 @@ ldns_status ldns_resolver_prepare_query_pkt(ldns_pkt **q, ldns_resolver *r, cons * \param[in] t query for this type (may be 0, defaults to A) * \param[in] c query for this class (may be 0, default to IN) * \param[in] flags the query flags + * * \return ldns_pkt* a packet with the reply from the nameserver */ ldns_status ldns_resolver_send(ldns_pkt **answer, ldns_resolver *r, const ldns_rdf *name, ldns_rr_type t, ldns_rr_class c, uint16_t flags); @@ -621,6 +624,7 @@ ldns_status ldns_resolver_send_pkt(ldns_pkt **answer, ldns_resolver *r, ldns_pkt * \param[in] *t query for this type (may be 0, defaults to A) * \param[in] *c query for this class (may be 0, default to IN) * \param[in] flags the query flags + * * \return ldns_pkt* a packet with the reply from the nameserver * if _defnames is true the default domain will be added */ diff --git a/ldns/rr.h b/ldns/rr.h index 9882931b4882..0520dcfe102d 100644 --- a/ldns/rr.h +++ b/ldns/rr.h @@ -37,7 +37,7 @@ extern "C" { #define LDNS_RR_OVERHEAD 10 /* The first fields are 'common' and can be referenced instantly */ -#define LDNS_RDATA_FIELD_DESCRIPTORS_COMMON 52 +#define LDNS_RDATA_FIELD_DESCRIPTORS_COMMON 53 @@ -179,6 +179,8 @@ enum ldns_enum_rr_type LDNS_RR_TYPE_NSEC3 = 50, /* RFC 5155 */ LDNS_RR_TYPE_NSEC3PARAM = 51, /* RFC 5155 */ LDNS_RR_TYPE_NSEC3PARAMS = 51, + /** draft-ietf-dane-protocol */ + LDNS_RR_TYPE_TLSA = 52, /** draft-ietf-dnsop-trust-history */ LDNS_RR_TYPE_TALINK = 58, diff --git a/ldns/util.h.in b/ldns/util.h.in index f9fb10420cc5..fe4ff3720b07 100644 --- a/ldns/util.h.in +++ b/ldns/util.h.in @@ -268,6 +268,8 @@ const char * ldns_version(void); * \param[in] tm a struct tm* with the date * \return the seconds since epoch */ +time_t ldns_mktime_from_utc(const struct tm *tm); + time_t mktime_from_utc(const struct tm *tm); /** diff --git a/ldns_symbols.def b/ldns_symbols.def deleted file mode 100644 index 1ed0f9e21374..000000000000 --- a/ldns_symbols.def +++ /dev/null @@ -1,783 +0,0 @@ -ldns_algorithm2buffer_str -ldns_algorithms -ldns_axfr_complete -ldns_axfr_last_pkt -ldns_axfr_next -ldns_axfr_start -ldns_b32_ntop -ldns_b32_ntop_ar -ldns_b32_ntop_extended_hex -ldns_b32_pton -ldns_b32_pton_ar -ldns_b32_pton_extended_hex -ldns_b64_ntop -ldns_b64_pton -ldns_bgetc -ldns_bget_keyword_data -ldns_bget_token -ldns_bskipc -ldns_bskipcs -ldns_bubblebabble -ldns_buffer2pkt_wire -ldns_buffer2str -ldns_buffer_copy -ldns_buffer_export -ldns_buffer_free -ldns_buffer_new -ldns_buffer_new_frm_data -ldns_buffer_printf -ldns_buffer_reserve -ldns_buffer_set_capacity -ldns_calc_keytag -ldns_calc_keytag_raw -ldns_cert_algorithm2buffer_str -ldns_cert_algorithms -ldns_convert_dsa_rrsig_asn12rdf -ldns_convert_dsa_rrsig_rdf2asn1 -ldns_convert_ecdsa_rrsig_asn12rdf -ldns_convert_ecdsa_rrsig_rdf2asn1 -ldns_create_empty_rrsig -ldns_create_nsec -ldns_create_nsec3 -ldns_digest_evp -ldns_directive_types -ldns_dname2buffer_wire -ldns_dname2canonical -ldns_dname_cat -ldns_dname_cat_clone -ldns_dname_clone_from -ldns_dname_compare -ldns_dname_compare_v -ldns_dname_interval -ldns_dname_is_subdomain -ldns_dname_is_wildcard -ldns_dname_label -ldns_dname_label_count -ldns_dname_left_chop -ldns_dname_match_wildcard -ldns_dname_new -ldns_dname_new_frm_data -ldns_dname_new_frm_str -ldns_dname_reverse -ldns_dname_str_absolute -ldns_dnssec_build_data_chain -ldns_dnssec_build_data_chain_nokeyname -ldns_dnssec_chain_nsec3_list -ldns_dnssec_create_nsec -ldns_dnssec_create_nsec3 -ldns_dnssec_create_nsec_bitmap -ldns_dnssec_data_chain_deep_free -ldns_dnssec_data_chain_free -ldns_dnssec_data_chain_new -ldns_dnssec_data_chain_print -ldns_dnssec_data_chain_print_fmt -ldns_dnssec_default_add_to_signatures -ldns_dnssec_default_delete_signatures -ldns_dnssec_default_leave_signatures -ldns_dnssec_default_replace_signatures -ldns_dnssec_derive_trust_tree -ldns_dnssec_derive_trust_tree_dnskey_rrset -ldns_dnssec_derive_trust_tree_dnskey_rrset_time -ldns_dnssec_derive_trust_tree_ds_rrset -ldns_dnssec_derive_trust_tree_ds_rrset_time -ldns_dnssec_derive_trust_tree_normal_rrset -ldns_dnssec_derive_trust_tree_normal_rrset_time -ldns_dnssec_derive_trust_tree_no_sig -ldns_dnssec_derive_trust_tree_no_sig_time -ldns_dnssec_derive_trust_tree_time -ldns_dnssec_get_dnskey_for_rrsig -ldns_dnssec_get_rrsig_for_name_and_type -ldns_dnssec_name_add_rr -ldns_dnssec_name_cmp -ldns_dnssec_name_deep_free -ldns_dnssec_name_find_rrset -ldns_dnssec_name_free -ldns_dnssec_name_is_glue -ldns_dnssec_name_name -ldns_dnssec_name_new -ldns_dnssec_name_new_frm_rr -ldns_dnssec_name_node_deep_free -ldns_dnssec_name_node_free -ldns_dnssec_name_node_next_nonglue -ldns_dnssec_name_nsec -ldns_dnssec_name_print -ldns_dnssec_name_print_fmt -ldns_dnssec_name_print_soa -ldns_dnssec_name_print_soa_fmt -ldns_dnssec_name_set_name -ldns_dnssec_name_set_nsec -ldns_dnssec_nsec3_closest_encloser -ldns_dnssec_pkt_get_rrsigs_for_name_and_type -ldns_dnssec_pkt_get_rrsigs_for_type -ldns_dnssec_pkt_has_rrsigs -ldns_dnssec_remove_signatures -ldns_dnssec_rrs_add_rr -ldns_dnssec_rrs_deep_free -ldns_dnssec_rrsets_add_rr -ldns_dnssec_rrsets_contains_type -ldns_dnssec_rrsets_deep_free -ldns_dnssec_rrsets_free -ldns_dnssec_rrsets_new -ldns_dnssec_rrsets_new_frm_rr -ldns_dnssec_rrsets_print -ldns_dnssec_rrsets_print_fmt -ldns_dnssec_rrsets_print_soa -ldns_dnssec_rrsets_print_soa_fmt -ldns_dnssec_rrsets_set_type -ldns_dnssec_rrsets_type -ldns_dnssec_rrs_free -ldns_dnssec_rrs_new -ldns_dnssec_rrs_print -ldns_dnssec_rrs_print_fmt -ldns_dnssec_trust_tree_add_parent -ldns_dnssec_trust_tree_contains_keys -ldns_dnssec_trust_tree_depth -ldns_dnssec_trust_tree_free -ldns_dnssec_trust_tree_new -ldns_dnssec_trust_tree_print -ldns_dnssec_trust_tree_print_fmt -ldns_dnssec_trust_tree_print_sm -ldns_dnssec_trust_tree_print_sm_fmt -ldns_dnssec_verify_denial -ldns_dnssec_verify_denial_nsec3 -ldns_dnssec_zone_add_empty_nonterminals -ldns_dnssec_zone_add_rr -ldns_dnssec_zone_create_nsec3s -ldns_dnssec_zone_create_nsecs -ldns_dnssec_zone_create_rrsigs -ldns_dnssec_zone_create_rrsigs_flg -ldns_dnssec_zone_deep_free -ldns_dnssec_zone_find_nsec3_original -ldns_dnssec_zone_find_rrset -ldns_dnssec_zone_free -ldns_dnssec_zone_is_nsec3_optout -ldns_dnssec_zone_mark_and_get_glue -ldns_dnssec_zone_mark_glue -ldns_dnssec_zone_names_print -ldns_dnssec_zone_names_print_fmt -ldns_dnssec_zone_new -ldns_dnssec_zone_new_frm_fp -ldns_dnssec_zone_new_frm_fp_l -ldns_dnssec_zone_print -ldns_dnssec_zone_print_fmt -ldns_dnssec_zone_sign -ldns_dnssec_zone_sign_flg -ldns_dnssec_zone_sign_nsec3 -ldns_dnssec_zone_sign_nsec3_flg -ldns_dnssec_zone_sign_nsec3_flg_mkmap -ldns_ecdsa2pkey_raw -ldns_edns_flags -ldns_error_str -ldns_fetch_valid_domain_keys -ldns_fetch_valid_domain_keys_time -ldns_fget_keyword_data -ldns_fget_keyword_data_l -ldns_fget_token -ldns_fget_token_l -ldns_fskipc -ldns_fskipcs -ldns_fskipcs_l -ldns_getaddrinfo -ldns_get_bit -ldns_get_bit_r -ldns_get_errorstr_by_id -ldns_get_random -ldns_get_rr_class_by_name -ldns_get_rr_list_addr_by_name -ldns_get_rr_list_hosts_frm_file -ldns_get_rr_list_hosts_frm_fp -ldns_get_rr_list_hosts_frm_fp_l -ldns_get_rr_list_name_by_addr -ldns_get_rr_type_by_name -ldns_get_signing_algorithm_by_name -ldns_gost2pkey_raw -ldns_hexdigit_to_int -ldns_hexstring_to_data -ldns_init_random -ldns_int_to_hexdigit -ldns_is_rrset -ldns_key2buffer_str -ldns_key2rr -ldns_key2str -ldns_key_algorithm -ldns_key_algo_supported -ldns_key_buf2dsa -ldns_key_buf2dsa_raw -ldns_key_buf2rsa -ldns_key_buf2rsa_raw -ldns_key_deep_free -ldns_key_dsa_key -ldns_key_evp_key -ldns_key_EVP_load_gost_id -ldns_key_EVP_unload_gost -ldns_key_expiration -ldns_key_external_key -ldns_key_flags -ldns_key_free -ldns_key_get_file_base_name -ldns_key_hmac_key -ldns_key_hmac_size -ldns_key_inception -ldns_key_keytag -ldns_key_list_free -ldns_key_list_key -ldns_key_list_key_count -ldns_key_list_new -ldns_key_list_pop_key -ldns_key_list_push_key -ldns_key_list_set_key_count -ldns_key_list_set_use -ldns_key_new -ldns_key_new_frm_algorithm -ldns_key_new_frm_engine -ldns_key_new_frm_fp -ldns_key_new_frm_fp_dsa -ldns_key_new_frm_fp_dsa_l -ldns_key_new_frm_fp_hmac -ldns_key_new_frm_fp_hmac_l -ldns_key_new_frm_fp_l -ldns_key_new_frm_fp_rsa -ldns_key_new_frm_fp_rsa_l -ldns_key_origttl -ldns_key_print -ldns_key_pubkey_owner -ldns_key_rr2ds -ldns_key_rsa_key -ldns_key_set_algorithm -ldns_key_set_dsa_key -ldns_key_set_evp_key -ldns_key_set_expiration -ldns_key_set_external_key -ldns_key_set_flags -ldns_key_set_hmac_key -ldns_key_set_hmac_size -ldns_key_set_inception -ldns_key_set_keytag -ldns_key_set_origttl -ldns_key_set_pubkey_owner -ldns_key_set_rsa_key -ldns_key_set_use -ldns_key_use -ldns_lookup_by_id -ldns_lookup_by_name -ldns_native2rdf_int16 -ldns_native2rdf_int16_data -ldns_native2rdf_int32 -ldns_native2rdf_int8 -ldns_nsec3_add_param_rdfs -ldns_nsec3_algorithm -ldns_nsec3_bitmap -ldns_nsec3_flags -ldns_nsec3_hash_name -ldns_nsec3_hash_name_frm_nsec3 -ldns_nsec3_iterations -ldns_nsec3_next_owner -ldns_nsec3_optout -ldns_nsec3_salt -ldns_nsec3_salt_data -ldns_nsec3_salt_length -ldns_nsec_bitmap_covers_type -ldns_nsec_covers_name -ldns_nsec_get_bitmap -ldns_nsec_type_check -ldns_octet -ldns_opcodes -ldns_pkt2buffer_str -ldns_pkt2buffer_str_fmt -ldns_pkt2buffer_wire -ldns_pkt2str -ldns_pkt2str_fmt -ldns_pkt2wire -ldns_pkt_aa -ldns_pkt_ad -ldns_pkt_additional -ldns_pkt_algorithm2str -ldns_pkt_all -ldns_pkt_all_noquestion -ldns_pkt_ancount -ldns_pkt_answer -ldns_pkt_answerfrom -ldns_pkt_arcount -ldns_pkt_authority -ldns_pkt_cd -ldns_pkt_cert_algorithm2str -ldns_pkt_clone -ldns_pkt_edns -ldns_pkt_edns_data -ldns_pkt_edns_do -ldns_pkt_edns_extended_rcode -ldns_pkt_edns_udp_size -ldns_pkt_edns_version -ldns_pkt_edns_z -ldns_pkt_empty -ldns_pkt_free -ldns_pkt_get_opcode -ldns_pkt_get_rcode -ldns_pkt_get_section_clone -ldns_pktheader2buffer_str -ldns_pkt_id -ldns_pkt_new -ldns_pkt_nscount -ldns_pkt_opcode2buffer_str -ldns_pkt_opcode2str -ldns_pkt_print -ldns_pkt_print_fmt -ldns_pkt_push_rr -ldns_pkt_push_rr_list -ldns_pkt_qdcount -ldns_pkt_qr -ldns_pkt_query_new -ldns_pkt_query_new_frm_str -ldns_pkt_querytime -ldns_pkt_question -ldns_pkt_ra -ldns_pkt_rcode2buffer_str -ldns_pkt_rcode2str -ldns_pkt_rd -ldns_pkt_reply_type -ldns_pkt_rr -ldns_pkt_rr_list_by_name -ldns_pkt_rr_list_by_name_and_type -ldns_pkt_rr_list_by_type -ldns_pkt_safe_push_rr -ldns_pkt_safe_push_rr_list -ldns_pkt_section_count -ldns_pkt_set_aa -ldns_pkt_set_ad -ldns_pkt_set_additional -ldns_pkt_set_ancount -ldns_pkt_set_answer -ldns_pkt_set_answerfrom -ldns_pkt_set_arcount -ldns_pkt_set_authority -ldns_pkt_set_cd -ldns_pkt_set_edns_data -ldns_pkt_set_edns_do -ldns_pkt_set_edns_extended_rcode -ldns_pkt_set_edns_udp_size -ldns_pkt_set_edns_version -ldns_pkt_set_edns_z -ldns_pkt_set_flags -ldns_pkt_set_id -ldns_pkt_set_nscount -ldns_pkt_set_opcode -ldns_pkt_set_qdcount -ldns_pkt_set_qr -ldns_pkt_set_querytime -ldns_pkt_set_question -ldns_pkt_set_ra -ldns_pkt_set_random_id -ldns_pkt_set_rcode -ldns_pkt_set_rd -ldns_pkt_set_section_count -ldns_pkt_set_size -ldns_pkt_set_tc -ldns_pkt_set_timestamp -ldns_pkt_set_tsig -ldns_pkt_size -ldns_pkt_tc -ldns_pkt_timestamp -ldns_pkt_tsig -ldns_pkt_tsig_sign -ldns_pkt_tsig_sign_next -ldns_pkt_tsig_verify -ldns_pkt_tsig_verify_next -ldns_pkt_verify -ldns_pkt_verify_time -ldns_print_rr_rdf -ldns_rbtree_create -ldns_rbtree_delete -ldns_rbtree_find_less_equal -ldns_rbtree_first -ldns_rbtree_free -ldns_rbtree_init -ldns_rbtree_insert -ldns_rbtree_insert_vref -ldns_rbtree_join -ldns_rbtree_last -ldns_rbtree_next -ldns_rbtree_null_node -ldns_rbtree_previous -ldns_rbtree_search -ldns_rbtree_split -ldns_rcodes -ldns_rdf2buffer_str -ldns_rdf2buffer_str_a -ldns_rdf2buffer_str_aaaa -ldns_rdf2buffer_str_alg -ldns_rdf2buffer_str_apl -ldns_rdf2buffer_str_b32_ext -ldns_rdf2buffer_str_b64 -ldns_rdf2buffer_str_cert_alg -ldns_rdf2buffer_str_class -ldns_rdf2buffer_str_dname -ldns_rdf2buffer_str_hex -ldns_rdf2buffer_str_int16 -ldns_rdf2buffer_str_int16_data -ldns_rdf2buffer_str_int32 -ldns_rdf2buffer_str_int8 -ldns_rdf2buffer_str_ipseckey -ldns_rdf2buffer_str_loc -ldns_rdf2buffer_str_nsap -ldns_rdf2buffer_str_nsec -ldns_rdf2buffer_str_nsec3_salt -ldns_rdf2buffer_str_period -ldns_rdf2buffer_str_str -ldns_rdf2buffer_str_time -ldns_rdf2buffer_str_tsig -ldns_rdf2buffer_str_tsigtime -ldns_rdf2buffer_str_type -ldns_rdf2buffer_str_unknown -ldns_rdf2buffer_str_wks -ldns_rdf2buffer_wire -ldns_rdf2buffer_wire_canonical -ldns_rdf2native_int16 -ldns_rdf2native_int32 -ldns_rdf2native_int8 -ldns_rdf2native_sockaddr_storage -ldns_rdf2native_time_t -ldns_rdf2rr_type -ldns_rdf2str -ldns_rdf2wire -ldns_rdf_address_reverse -ldns_rdf_clone -ldns_rdf_compare -ldns_rdf_data -ldns_rdf_deep_free -ldns_rdf_free -ldns_rdf_get_type -ldns_rdf_new -ldns_rdf_new_frm_data -ldns_rdf_new_frm_fp -ldns_rdf_new_frm_fp_l -ldns_rdf_new_frm_str -ldns_rdf_print -ldns_rdf_set_data -ldns_rdf_set_size -ldns_rdf_set_type -ldns_rdf_size -ldns_read_anchor_file -ldns_resolver_debug -ldns_resolver_dec_nameserver_count -ldns_resolver_deep_free -ldns_resolver_defnames -ldns_resolver_dnsrch -ldns_resolver_dnssec -ldns_resolver_dnssec_anchors -ldns_resolver_dnssec_cd -ldns_resolver_domain -ldns_resolver_edns_udp_size -ldns_resolver_fail -ldns_resolver_fallback -ldns_resolver_free -ldns_resolver_igntc -ldns_resolver_incr_nameserver_count -ldns_resolver_ip6 -ldns_resolver_nameserver_count -ldns_resolver_nameserver_rtt -ldns_resolver_nameservers -ldns_resolver_nameservers_randomize -ldns_resolver_new -ldns_resolver_new_frm_file -ldns_resolver_new_frm_fp -ldns_resolver_new_frm_fp_l -ldns_resolver_pop_nameserver -ldns_resolver_port -ldns_resolver_prepare_query_pkt -ldns_resolver_print -ldns_resolver_print_fmt -ldns_resolver_push_dnssec_anchor -ldns_resolver_push_nameserver -ldns_resolver_push_nameserver_rr -ldns_resolver_push_nameserver_rr_list -ldns_resolver_push_searchlist -ldns_resolver_query -ldns_resolver_random -ldns_resolver_recursive -ldns_resolver_retrans -ldns_resolver_retry -ldns_resolver_rtt -ldns_resolver_search -ldns_resolver_searchlist -ldns_resolver_searchlist_count -ldns_resolver_send -ldns_resolver_send_pkt -ldns_resolver_set_debug -ldns_resolver_set_defnames -ldns_resolver_set_dnsrch -ldns_resolver_set_dnssec -ldns_resolver_set_dnssec_anchors -ldns_resolver_set_dnssec_cd -ldns_resolver_set_domain -ldns_resolver_set_edns_udp_size -ldns_resolver_set_fail -ldns_resolver_set_fallback -ldns_resolver_set_igntc -ldns_resolver_set_ip6 -ldns_resolver_set_nameserver_count -ldns_resolver_set_nameserver_rtt -ldns_resolver_set_nameservers -ldns_resolver_set_port -ldns_resolver_set_random -ldns_resolver_set_recursive -ldns_resolver_set_retrans -ldns_resolver_set_retry -ldns_resolver_set_rtt -ldns_resolver_set_searchlist_count -ldns_resolver_set_timeout -ldns_resolver_set_tsig_algorithm -ldns_resolver_set_tsig_keydata -ldns_resolver_set_tsig_keyname -ldns_resolver_set_usevc -ldns_resolver_timeout -ldns_resolver_trusted_key -ldns_resolver_tsig_algorithm -ldns_resolver_tsig_keydata -ldns_resolver_tsig_keyname -ldns_resolver_usevc -ldns_rr2buffer_str -ldns_rr2buffer_str_fmt -ldns_rr2buffer_wire -ldns_rr2buffer_wire_canonical -ldns_rr2canonical -ldns_rr2str -ldns_rr2str_fmt -ldns_rr2wire -ldns_rr_a_address -ldns_rr_a_set_address -ldns_rr_class2buffer_str -ldns_rr_class2str -ldns_rr_classes -ldns_rr_clone -ldns_rr_compare -ldns_rr_compare_ds -ldns_rr_compare_no_rdata -ldns_rr_compare_wire -ldns_rr_descript -ldns_rr_descriptor_field_type -ldns_rr_descriptor_maximum -ldns_rr_descriptor_minimum -ldns_rr_dnskey_algorithm -ldns_rr_dnskey_flags -ldns_rr_dnskey_key -ldns_rr_dnskey_key_size -ldns_rr_dnskey_key_size_raw -ldns_rr_dnskey_protocol -ldns_rr_dnskey_set_algorithm -ldns_rr_dnskey_set_flags -ldns_rr_dnskey_set_key -ldns_rr_dnskey_set_protocol -ldns_rr_free -ldns_rr_get_class -ldns_rr_get_type -ldns_rr_label_count -ldns_rr_list2buffer_str -ldns_rr_list2buffer_str_fmt -ldns_rr_list2buffer_wire -ldns_rr_list2canonical -ldns_rr_list2str -ldns_rr_list2str_fmt -ldns_rr_list_cat -ldns_rr_list_cat_clone -ldns_rr_list_clone -ldns_rr_list_compare -ldns_rr_list_contains_rr -ldns_rr_list_deep_free -ldns_rr_list_free -ldns_rr_list_new -ldns_rr_list_owner -ldns_rr_list_pop_rr -ldns_rr_list_pop_rr_list -ldns_rr_list_pop_rrset -ldns_rr_list_print -ldns_rr_list_print_fmt -ldns_rr_list_push_rr -ldns_rr_list_push_rr_list -ldns_rr_list_rr -ldns_rr_list_rr_count -ldns_rr_list_set_rr -ldns_rr_list_set_rr_count -ldns_rr_list_sort -ldns_rr_list_sort_nsec3 -ldns_rr_list_subtype_by_rdf -ldns_rr_list_type -ldns_rr_mx_exchange -ldns_rr_mx_preference -ldns_rr_new -ldns_rr_new_frm_fp -ldns_rr_new_frm_fp_l -ldns_rr_new_frm_str -ldns_rr_new_frm_type -ldns_rr_new_question_frm_str -ldns_rr_ns_nsdname -ldns_rr_owner -ldns_rr_pop_rdf -ldns_rr_print -ldns_rr_print_fmt -ldns_rr_push_rdf -ldns_rr_rdata2buffer_wire -ldns_rr_rd_count -ldns_rr_rdf -ldns_rr_rrsig_algorithm -ldns_rr_rrsig_expiration -ldns_rr_rrsig_inception -ldns_rr_rrsig_keytag -ldns_rr_rrsig_labels -ldns_rr_rrsig_origttl -ldns_rr_rrsig_set_algorithm -ldns_rr_rrsig_set_expiration -ldns_rr_rrsig_set_inception -ldns_rr_rrsig_set_keytag -ldns_rr_rrsig_set_labels -ldns_rr_rrsig_set_origttl -ldns_rr_rrsig_set_sig -ldns_rr_rrsig_set_signame -ldns_rr_rrsig_set_typecovered -ldns_rr_rrsig_sig -ldns_rr_rrsig_signame -ldns_rr_rrsig_typecovered -ldns_rr_set_class -ldns_rr_set_owner -ldns_rr_set_pop_rr -ldns_rr_set_push_rr -ldns_rr_set_rd_count -ldns_rr_set_rdf -ldns_rr_set_ttl -ldns_rr_set_type -ldns_rr_soa_increment -ldns_rr_soa_increment_func -ldns_rr_soa_increment_func_data -ldns_rr_soa_increment_func_int -ldns_rrsig2buffer_wire -ldns_rr_ttl -ldns_rr_type2buffer_str -ldns_rr_type2str -ldns_rr_uncompressed_size -ldns_send -ldns_send_buffer -ldns_serial_arithmitics_gmtime_r -ldns_set_bit -ldns_sha1 -ldns_sha1_final -ldns_sha1_init -ldns_sha1_transform -ldns_sha1_update -ldns_signing_algorithms -ldns_sign_public -ldns_sign_public_buffer -ldns_sign_public_dsa -ldns_sign_public_evp -ldns_sign_public_rsamd5 -ldns_sign_public_rsasha1 -ldns_soa_serial_datecounter -ldns_soa_serial_identity -ldns_soa_serial_increment -ldns_soa_serial_increment_by -ldns_soa_serial_unixtime -ldns_sockaddr_storage2rdf -ldns_str2period -ldns_str2rdf_a -ldns_str2rdf_aaaa -ldns_str2rdf_alg -ldns_str2rdf_apl -ldns_str2rdf_b32_ext -ldns_str2rdf_b64 -ldns_str2rdf_cert_alg -ldns_str2rdf_class -ldns_str2rdf_dname -ldns_str2rdf_hex -ldns_str2rdf_int16 -ldns_str2rdf_int32 -ldns_str2rdf_int8 -ldns_str2rdf_loc -ldns_str2rdf_nsap -ldns_str2rdf_nsec -ldns_str2rdf_nsec3_salt -ldns_str2rdf_period -ldns_str2rdf_service -ldns_str2rdf_str -ldns_str2rdf_time -ldns_str2rdf_tsig -ldns_str2rdf_type -ldns_str2rdf_unknown -ldns_str2rdf_wks -ldns_tcp_bgsend -ldns_tcp_connect -ldns_tcp_read_wire -ldns_tcp_read_wire_timeout -ldns_tcp_send -ldns_tcp_send_query -ldns_traverse_postorder -ldns_tsig_algorithm -ldns_tsig_keydata -ldns_tsig_keydata_clone -ldns_tsig_keyname -ldns_tsig_keyname_clone -ldns_tsig_prepare_pkt_wire -ldns_udp_bgsend -ldns_udp_connect -ldns_udp_read_wire -ldns_udp_send -ldns_udp_send_query -ldns_update_ad -ldns_update_pkt_new -ldns_update_pkt_tsig_add -ldns_update_prcount -ldns_update_set_adcount -ldns_update_set_prcount -ldns_update_set_upcount -ldns_update_set_zo -ldns_update_soa_mname -ldns_update_soa_zone_mname -ldns_update_upcount -ldns_update_zocount -ldns_validate_domain_dnskey -ldns_validate_domain_dnskey_time -ldns_validate_domain_ds -ldns_validate_domain_ds_time -ldns_verify -ldns_verify_notime -ldns_verify_rrsig -ldns_verify_rrsig_buffers -ldns_verify_rrsig_buffers_raw -ldns_verify_rrsig_dsa -ldns_verify_rrsig_dsa_raw -ldns_verify_rrsig_evp -ldns_verify_rrsig_evp_raw -ldns_verify_rrsig_keylist -ldns_verify_rrsig_keylist_notime -ldns_verify_rrsig_keylist_time -ldns_verify_rrsig_rsamd5 -ldns_verify_rrsig_rsamd5_raw -ldns_verify_rrsig_rsasha1 -ldns_verify_rrsig_rsasha1_raw -ldns_verify_rrsig_rsasha256_raw -ldns_verify_rrsig_rsasha512_raw -ldns_verify_rrsig_time -ldns_verify_time -ldns_verify_trusted -ldns_verify_trusted_time -ldns_version -ldns_wire2dname -ldns_wire2pkt -ldns_wire2rdf -ldns_wire2rr -ldns_zone_deep_free -ldns_zone_free -ldns_zone_glue_rr_list -ldns_zone_new -ldns_zone_new_frm_fp -ldns_zone_new_frm_fp_l -ldns_zone_print -ldns_zone_print_fmt -ldns_zone_push_rr -ldns_zone_push_rr_list -ldns_zone_rr_count -ldns_zone_rrs -ldns_zone_set_rrs -ldns_zone_set_soa -ldns_zone_sign -ldns_zone_sign_nsec3 -ldns_zone_soa -ldns_zone_sort -ldns_zone_strip_glue_rrs diff --git a/libdns.doxygen b/libdns.doxygen index 3325db94af46..0f84b73435ed 100644 --- a/libdns.doxygen +++ b/libdns.doxygen @@ -1,4 +1,4 @@ -# Doxyfile 1.7.3 +# Doxyfile 1.7.6.1 # This file describes the settings to be used by the documentation system # doxygen (www.doxygen.org) for a project. @@ -22,8 +22,9 @@ DOXYFILE_ENCODING = UTF-8 -# The PROJECT_NAME tag is a single word (or a sequence of words surrounded -# by quotes) that should identify the project. +# The PROJECT_NAME tag is a single word (or sequence of words) that should +# identify the project. Note that if you do not use Doxywizard you need +# to put quotes around the project name if it contains spaces. PROJECT_NAME = ldns @@ -33,7 +34,9 @@ PROJECT_NAME = ldns PROJECT_NUMBER = 1.6.7 -# Using the PROJECT_BRIEF tag one can provide an optional one line description for a project that appears at the top of each page and should give viewer a quick idea about the purpose of the project. Keep the description short. +# Using the PROJECT_BRIEF tag one can provide an optional one line description +# for a project that appears at the top of each page and should give viewer +# a quick idea about the purpose of the project. Keep the description short. PROJECT_BRIEF = @@ -192,6 +195,13 @@ TAB_SIZE = 8 ALIASES = +# This tag can be used to specify a number of word-keyword mappings (TCL only). +# A mapping has the form "name=value". For example adding +# "class=itcl::class" will allow you to use the command class in the +# itcl::class meaning. + +TCL_SUBST = + # Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C # sources only. Doxygen will then generate output that is more tailored for C. # For instance, some of the names that are used will be different. The list @@ -274,6 +284,22 @@ DISTRIBUTE_GROUP_DOC = NO SUBGROUPING = YES +# When the INLINE_GROUPED_CLASSES tag is set to YES, classes, structs and +# unions are shown inside the group in which they are included (e.g. using +# @ingroup) instead of on a separate page (for HTML and Man pages) or +# section (for LaTeX and RTF). + +INLINE_GROUPED_CLASSES = NO + +# When the INLINE_SIMPLE_STRUCTS tag is set to YES, structs, classes, and +# unions with only public data fields will be shown inline in the documentation +# of the scope in which they are defined (i.e. file, namespace, or group +# documentation), provided this scope is documented. If set to NO (the default), +# structs, classes, and unions are shown on a separate page (for HTML and Man +# pages) or section (for LaTeX and RTF). + +INLINE_SIMPLE_STRUCTS = NO + # When TYPEDEF_HIDES_STRUCT is enabled, a typedef of a struct, union, or enum # is documented as struct, union, or enum with the name of the typedef. So # typedef struct TypeS {} TypeT, will appear in the documentation as a struct @@ -296,10 +322,21 @@ TYPEDEF_HIDES_STRUCT = NO # a logarithmic scale so increasing the size by one will roughly double the # memory usage. The cache size is given by this formula: # 2^(16+SYMBOL_CACHE_SIZE). The valid range is 0..9, the default is 0, -# corresponding to a cache size of 2^16 = 65536 symbols +# corresponding to a cache size of 2^16 = 65536 symbols. SYMBOL_CACHE_SIZE = 0 +# Similar to the SYMBOL_CACHE_SIZE the size of the symbol lookup cache can be +# set using LOOKUP_CACHE_SIZE. This cache is used to resolve symbols given +# their name and scope. Since this can be an expensive process and often the +# same symbol appear multiple times in the code, doxygen keeps a cache of +# pre-resolved symbols. If the cache is too small doxygen will become slower. +# If the cache is too large, memory is wasted. The cache size is given by this +# formula: 2^(16+LOOKUP_CACHE_SIZE). The valid range is 0..9, the default is 0, +# corresponding to a cache size of 2^16 = 65536 symbols. + +LOOKUP_CACHE_SIZE = 0 + #--------------------------------------------------------------------------- # Build related configuration options #--------------------------------------------------------------------------- @@ -449,8 +486,11 @@ SORT_GROUP_NAMES = NO SORT_BY_SCOPE_NAME = NO -# If the STRICT_PROTO_MATCHING option is enabled and doxygen fails to do proper type resolution of all parameters of a function it will reject a -# match between the prototype and the implementation of a member function even if there is only one candidate or it is obvious which candidate to choose by doing a simple string match. By disabling STRICT_PROTO_MATCHING doxygen +# If the STRICT_PROTO_MATCHING option is enabled and doxygen fails to +# do proper type resolution of all parameters of a function it will reject a +# match between the prototype and the implementation of a member function even +# if there is only one candidate or it is obvious which candidate to choose +# by doing a simple string match. By disabling STRICT_PROTO_MATCHING doxygen # will still accept a match between prototype and implementation in such cases. STRICT_PROTO_MATCHING = NO @@ -538,6 +578,16 @@ FILE_VERSION_FILTER = LAYOUT_FILE = +# The CITE_BIB_FILES tag can be used to specify one or more bib files +# containing the references data. This must be a list of .bib files. The +# .bib extension is automatically appended if omitted. Using this command +# requires the bibtex tool to be installed. See also +# http://en.wikipedia.org/wiki/BibTeX for more info. For LaTeX the style +# of the bibliography can be controlled using LATEX_BIB_STYLE. To use this +# feature you need bibtex and perl available in the search path. + +CITE_BIB_FILES = + #--------------------------------------------------------------------------- # configuration options related to warning and progress messages #--------------------------------------------------------------------------- @@ -629,13 +679,15 @@ FILE_PATTERNS = RECURSIVE = NO -# The EXCLUDE tag can be used to specify files and/or directories that should +# The EXCLUDE tag can be used to specify files and/or directories that should be # excluded from the INPUT source files. This way you can easily exclude a # subdirectory from a directory tree whose root is specified with the INPUT tag. +# Note that relative paths are relative to the directory from which doxygen is +# run. EXCLUDE = -# The EXCLUDE_SYMLINKS tag can be used select whether or not files or +# The EXCLUDE_SYMLINKS tag can be used to select whether or not files or # directories that are symbolic links (a Unix file system feature) are excluded # from the input. @@ -821,7 +873,14 @@ HTML_FILE_EXTENSION = .html # The HTML_HEADER tag can be used to specify a personal HTML header for # each generated HTML page. If it is left blank doxygen will generate a -# standard header. +# standard header. Note that when using a custom header you are responsible +# for the proper inclusion of any scripts and style sheets that doxygen +# needs, which is dependent on the configuration options used. +# It is advised to generate a default header using "doxygen -w html +# header.html footer.html stylesheet.css YourConfigFile" and then modify +# that header. Note that the header is subject to change so you typically +# have to redo this when upgrading to a newer version of doxygen or when +# changing the value of configuration settings such as GENERATE_TREEVIEW! HTML_HEADER = doc/header.html @@ -836,12 +895,21 @@ HTML_FOOTER = # fine-tune the look of the HTML output. If the tag is left blank doxygen # will generate a default style sheet. Note that doxygen will try to copy # the style sheet file to the HTML output directory, so don't put your own -# stylesheet in the HTML output directory as well, or it will be erased! +# style sheet in the HTML output directory as well, or it will be erased! HTML_STYLESHEET = +# The HTML_EXTRA_FILES tag can be used to specify one or more extra images or +# other source files which should be copied to the HTML output directory. Note +# that these files will be copied to the base HTML output directory. Use the +# $relpath$ marker in the HTML_HEADER and/or HTML_FOOTER files to load these +# files. In the HTML_STYLESHEET file, use the file name only. Also note that +# the files will be copied as-is; there are no commands or markers available. + +HTML_EXTRA_FILES = + # The HTML_COLORSTYLE_HUE tag controls the color of the HTML output. -# Doxygen will adjust the colors in the stylesheet and background images +# Doxygen will adjust the colors in the style sheet and background images # according to this color. Hue is specified as an angle on a colorwheel, # see http://en.wikipedia.org/wiki/Hue for more information. # For instance the value 0 represents red, 60 is yellow, 120 is green, @@ -871,12 +939,6 @@ HTML_COLORSTYLE_GAMMA = 80 HTML_TIMESTAMP = YES -# If the HTML_ALIGN_MEMBERS tag is set to YES, the members of classes, -# files or namespaces will be aligned in HTML using tables. If set to -# NO a bullet list will be used. - -HTML_ALIGN_MEMBERS = YES - # If the HTML_DYNAMIC_SECTIONS tag is set to YES then the generated HTML # documentation will contain sections that can be hidden and shown after the # page has loaded. For this to work a browser that supports @@ -1036,18 +1098,14 @@ GENERATE_ECLIPSEHELP = NO ECLIPSE_DOC_ID = org.doxygen.Project -# The DISABLE_INDEX tag can be used to turn on/off the condensed index at -# top of each HTML page. The value NO (the default) enables the index and -# the value YES disables it. +# The DISABLE_INDEX tag can be used to turn on/off the condensed index (tabs) +# at top of each HTML page. The value NO (the default) enables the index and +# the value YES disables it. Since the tabs have the same information as the +# navigation tree you can set this option to NO if you already set +# GENERATE_TREEVIEW to YES. DISABLE_INDEX = NO -# This tag can be used to set the number of enum values (range [0,1..20]) -# that doxygen will group on one line in the generated HTML documentation. -# Note that a value of 0 will completely suppress the enum values from appearing in the overview section. - -ENUM_VALUES_PER_LINE = 4 - # The GENERATE_TREEVIEW tag is used to specify whether a tree-like index # structure should be generated to display hierarchical information. # If the tag value is set to YES, a side panel will be generated @@ -1055,13 +1113,17 @@ ENUM_VALUES_PER_LINE = 4 # is generated for HTML Help). For this to work a browser that supports # JavaScript, DHTML, CSS and frames is required (i.e. any modern browser). # Windows users are probably better off using the HTML help feature. +# Since the tree basically has the same information as the tab index you +# could consider to set DISABLE_INDEX to NO when enabling this option. GENERATE_TREEVIEW = NO -# By enabling USE_INLINE_TREES, doxygen will generate the Groups, Directories, -# and Class Hierarchy pages using a tree view instead of an ordered list. +# The ENUM_VALUES_PER_LINE tag can be used to set the number of enum values +# (range [0,1..20]) that doxygen will group on one line in the generated HTML +# documentation. Note that a value of 0 will completely suppress the enum +# values from appearing in the overview section. -USE_INLINE_TREES = NO +ENUM_VALUES_PER_LINE = 4 # If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be # used to set the initial width (in pixels) of the frame in which the tree @@ -1103,12 +1165,18 @@ USE_MATHJAX = NO # HTML output directory using the MATHJAX_RELPATH option. The destination # directory should contain the MathJax.js script. For instance, if the mathjax # directory is located at the same level as the HTML output directory, then -# MATHJAX_RELPATH should be ../mathjax. The default value points to the mathjax.org site, so you can quickly see the result without installing +# MATHJAX_RELPATH should be ../mathjax. The default value points to the +# mathjax.org site, so you can quickly see the result without installing # MathJax, but it is strongly recommended to install a local copy of MathJax # before deployment. MATHJAX_RELPATH = http://www.mathjax.org/mathjax +# The MATHJAX_EXTENSIONS tag can be used to specify one or MathJax extension +# names that should be enabled during MathJax rendering. + +MATHJAX_EXTENSIONS = + # When the SEARCHENGINE tag is enabled doxygen will generate a search box # for the HTML output. The underlying search engine uses javascript # and DHTML and should work on any modern browser. Note that when using @@ -1182,6 +1250,13 @@ EXTRA_PACKAGES = LATEX_HEADER = +# The LATEX_FOOTER tag can be used to specify a personal LaTeX footer for +# the generated latex document. The footer should contain everything after +# the last chapter. If it is left blank doxygen will generate a +# standard footer. Notice: only use this tag if you know what you are doing! + +LATEX_FOOTER = + # If the PDF_HYPERLINKS tag is set to YES, the LaTeX that is generated # is prepared for conversion to pdf (using ps2pdf). The pdf file will # contain links (just like the HTML output) instead of page references @@ -1215,6 +1290,12 @@ LATEX_HIDE_INDICES = NO LATEX_SOURCE_CODE = NO +# The LATEX_BIB_STYLE tag can be used to specify the style to use for the +# bibliography, e.g. plainnat, or ieeetr. The default style is "plain". See +# http://en.wikipedia.org/wiki/BibTeX for more info. + +LATEX_BIB_STYLE = plain + #--------------------------------------------------------------------------- # configuration options related to the RTF output #--------------------------------------------------------------------------- @@ -1246,7 +1327,7 @@ COMPACT_RTF = NO RTF_HYPERLINKS = NO -# Load stylesheet definitions from file. Syntax is similar to doxygen's +# Load style sheet definitions from file. Syntax is similar to doxygen's # config file, i.e. a series of assignments. You only have to provide # replacements, missing definitions are set to their default value. @@ -1391,7 +1472,7 @@ MACRO_EXPANSION = YES EXPAND_ONLY_PREDEF = NO # If the SEARCH_INCLUDES tag is set to YES (the default) the includes files -# in the INCLUDE_PATH (see below) will be search if a #include is found. +# pointed to by INCLUDE_PATH will be searched when a #include is found. SEARCH_INCLUDES = YES @@ -1399,7 +1480,7 @@ SEARCH_INCLUDES = YES # contain include files that are not input files but should be processed by # the preprocessor. -INCLUDE_PATH = +INCLUDE_PATH = . # You can use the INCLUDE_FILE_PATTERNS tag to specify one or more wildcard # patterns (like *.h and *.hpp) to filter out the header-files in the @@ -1421,7 +1502,8 @@ PREDEFINED = HAVE_SSL # If the MACRO_EXPANSION and EXPAND_ONLY_PREDEF tags are set to YES then # this tag can be used to specify a list of macro names that should be expanded. # The macro definition that is found in the sources will be used. -# Use the PREDEFINED tag if you want to use a different macro definition that overrules the definition found in the source code. +# Use the PREDEFINED tag if you want to use a different macro definition that +# overrules the definition found in the source code. EXPAND_AS_DEFINED = @@ -1519,13 +1601,12 @@ HAVE_DOT = NO DOT_NUM_THREADS = 0 -# By default doxygen will write a font called Helvetica to the output -# directory and reference it in all dot files that doxygen generates. -# When you want a differently looking font you can specify the font name -# using DOT_FONTNAME. You need to make sure dot is able to find the font, -# which can be done by putting it in a standard location or by setting the -# DOTFONTPATH environment variable or by setting DOT_FONTPATH to the directory -# containing the font. +# By default doxygen will use the Helvetica font for all dot files that +# doxygen generates. When you want a differently looking font you can specify +# the font name using DOT_FONTNAME. You need to make sure dot is able to find +# the font, which can be done by putting it in a standard location or by setting +# the DOTFONTPATH environment variable or by setting DOT_FONTPATH to the +# directory containing the font. DOT_FONTNAME = Helvetica @@ -1534,17 +1615,16 @@ DOT_FONTNAME = Helvetica DOT_FONTSIZE = 10 -# By default doxygen will tell dot to use the output directory to look for the -# FreeSans.ttf font (which doxygen will put there itself). If you specify a -# different font using DOT_FONTNAME you can set the path where dot -# can find it using this tag. +# By default doxygen will tell dot to use the Helvetica font. +# If you specify a different font using DOT_FONTNAME you can use DOT_FONTPATH to +# set the path where dot can find it. DOT_FONTPATH = # If the CLASS_GRAPH and HAVE_DOT tags are set to YES then doxygen # will generate a graph for each documented class showing the direct and # indirect inheritance relations. Setting this tag to YES will force the -# the CLASS_DIAGRAMS tag to NO. +# CLASS_DIAGRAMS tag to NO. CLASS_GRAPH = YES @@ -1614,11 +1694,22 @@ GRAPHICAL_HIERARCHY = YES DIRECTORY_GRAPH = YES # The DOT_IMAGE_FORMAT tag can be used to set the image format of the images -# generated by dot. Possible values are png, svg, gif or svg. -# If left blank png will be used. +# generated by dot. Possible values are svg, png, jpg, or gif. +# If left blank png will be used. If you choose svg you need to set +# HTML_FILE_EXTENSION to xhtml in order to make the SVG files +# visible in IE 9+ (other browsers do not have this requirement). DOT_IMAGE_FORMAT = png +# If DOT_IMAGE_FORMAT is set to svg, then this option can be set to YES to +# enable generation of interactive SVG images that allow zooming and panning. +# Note that this requires a modern browser other than Internet Explorer. +# Tested and working are Firefox, Chrome, Safari, and Opera. For IE 9+ you +# need to set HTML_FILE_EXTENSION to xhtml in order to make the SVG files +# visible. Older versions of IE do not have SVG support. + +INTERACTIVE_SVG = NO + # The tag DOT_PATH can be used to specify the path where the dot tool can be # found. If left blank, it is assumed the dot tool can be found in the path. @@ -110,12 +110,14 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf if ((ns->ss_family == AF_INET) && (ldns_resolver_ip6(r) == LDNS_RESOLV_INET6)) { /* not reachable */ + LDNS_FREE(ns); continue; } if ((ns->ss_family == AF_INET6) && (ldns_resolver_ip6(r) == LDNS_RESOLV_INET)) { /* not reachable */ + LDNS_FREE(ns); continue; } #endif @@ -182,7 +184,8 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf ldns_pkt_set_querytime(reply, (uint32_t) ((tv_e.tv_sec - tv_s.tv_sec) * 1000) + (tv_e.tv_usec - tv_s.tv_usec) / 1000); - ldns_pkt_set_answerfrom(reply, ns_array[i]); + ldns_pkt_set_answerfrom(reply, + ldns_rdf_clone(ns_array[i])); ldns_pkt_set_timestamp(reply, tv_s); ldns_pkt_set_size(reply, reply_size); break; @@ -203,7 +206,7 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf return LDNS_STATUS_RES_NO_NS; } #ifdef HAVE_SSL - if (tsig_mac && reply_bytes) { + if (tsig_mac && reply && reply_bytes) { if (!ldns_pkt_tsig_verify(reply, reply_bytes, reply_size, @@ -470,7 +473,7 @@ ldns_tcp_send_query(ldns_buffer *qbin, int sockfd, sendbuf = LDNS_XMALLOC(uint8_t, ldns_buffer_position(qbin) + 2); if(!sendbuf) return 0; ldns_write_uint16(sendbuf, ldns_buffer_position(qbin)); - memcpy(sendbuf + 2, ldns_buffer_export(qbin), ldns_buffer_position(qbin)); + memcpy(sendbuf + 2, ldns_buffer_begin(qbin), ldns_buffer_position(qbin)); bytes = sendto(sockfd, (void*)sendbuf, ldns_buffer_position(qbin) + 2, 0, (struct sockaddr *)to, tolen); @@ -669,7 +672,7 @@ ldns_tcp_send(uint8_t **result, ldns_buffer *qbin, const struct sockaddr_storag } /* resize accordingly */ - *result = (uint8_t*)LDNS_XREALLOC(answer, uint8_t *, (size_t)*answer_size); + *result = LDNS_XREALLOC(answer, uint8_t, (size_t)*answer_size); if(!*result) { LDNS_FREE(answer); return LDNS_STATUS_MEM_ERR; @@ -807,6 +810,9 @@ ldns_axfr_start(ldns_resolver *resolver, ldns_rdf *domain, ldns_rr_class class) ns_i < ldns_resolver_nameserver_count(resolver) && resolver->_socket == 0; ns_i++) { + if (ns != NULL) { + LDNS_FREE(ns); + } ns = ldns_rdf2native_sockaddr_storage( resolver->_nameservers[ns_i], ldns_resolver_port(resolver), &ns_len); @@ -837,6 +843,9 @@ ldns_axfr_start(ldns_resolver *resolver, ldns_rdf *domain, ldns_rr_class class) #endif resolver->_socket = 0; + ldns_pkt_free(query); + LDNS_FREE(ns); + return LDNS_STATUS_CRYPTO_TSIG_ERR; } } @@ -255,7 +255,6 @@ ldns_pkt_rr_list_by_name(ldns_pkt *packet, ldns_pkt_section sec) { ldns_rr_list *rrs; - ldns_rr_list *new; ldns_rr_list *ret; uint16_t i; @@ -264,7 +263,6 @@ ldns_pkt_rr_list_by_name(ldns_pkt *packet, } rrs = ldns_pkt_get_section_clone(packet, sec); - new = ldns_rr_list_new(); ret = NULL; for(i = 0; i < ldns_rr_list_rr_count(rrs); i++) { @@ -272,8 +270,10 @@ ldns_pkt_rr_list_by_name(ldns_pkt *packet, ldns_rr_list_rr(rrs, i)), ownername) == 0) { /* owner names match */ - ldns_rr_list_push_rr(new, ldns_rr_list_rr(rrs, i)); - ret = new; + if (ret == NULL) { + ret = ldns_rr_list_new(); + } + ldns_rr_list_push_rr(ret, ldns_rr_list_rr(rrs, i)); } } return ret; @@ -649,19 +649,27 @@ ldns_pkt_push_rr(ldns_pkt *packet, ldns_pkt_section section, ldns_rr *rr) { switch(section) { case LDNS_SECTION_QUESTION: - ldns_rr_list_push_rr(ldns_pkt_question(packet), rr); + if (!ldns_rr_list_push_rr(ldns_pkt_question(packet), rr)) { + return false; + } ldns_pkt_set_qdcount(packet, ldns_pkt_qdcount(packet) + 1); break; case LDNS_SECTION_ANSWER: - ldns_rr_list_push_rr(ldns_pkt_answer(packet), rr); + if (!ldns_rr_list_push_rr(ldns_pkt_answer(packet), rr)) { + return false; + } ldns_pkt_set_ancount(packet, ldns_pkt_ancount(packet) + 1); break; case LDNS_SECTION_AUTHORITY: - ldns_rr_list_push_rr(ldns_pkt_authority(packet), rr); + if (!ldns_rr_list_push_rr(ldns_pkt_authority(packet), rr)) { + return false; + } ldns_pkt_set_nscount(packet, ldns_pkt_nscount(packet) + 1); break; case LDNS_SECTION_ADDITIONAL: - ldns_rr_list_push_rr(ldns_pkt_additional(packet), rr); + if (!ldns_rr_list_push_rr(ldns_pkt_additional(packet), rr)) { + return false; + } ldns_pkt_set_arcount(packet, ldns_pkt_arcount(packet) + 1); break; case LDNS_SECTION_ANY: @@ -783,6 +791,7 @@ ldns_pkt_free(ldns_pkt *packet) ldns_rr_list_deep_free(packet->_additional); ldns_rr_free(packet->_tsig_rr); ldns_rdf_deep_free(packet->_edns_data); + ldns_rdf_deep_free(packet->_answerfrom); LDNS_FREE(packet); } } @@ -817,6 +826,86 @@ ldns_pkt_set_flags(ldns_pkt *packet, uint16_t flags) return true; } + +static ldns_status +ldns_pkt_add_authsoa(ldns_pkt* packet, ldns_rdf* rr_name, ldns_rr_class rr_class) +{ + ldns_rr* soa_rr = ldns_rr_new(); + ldns_rdf *owner_rdf; + ldns_rdf *mname_rdf; + ldns_rdf *rname_rdf; + ldns_rdf *serial_rdf; + ldns_rdf *refresh_rdf; + ldns_rdf *retry_rdf; + ldns_rdf *expire_rdf; + ldns_rdf *minimum_rdf; + + if (!soa_rr) { + return LDNS_STATUS_MEM_ERR; + } + owner_rdf = ldns_rdf_clone(rr_name); + if (!owner_rdf) { + ldns_rr_free(soa_rr); + return LDNS_STATUS_MEM_ERR; + } + + ldns_rr_set_owner(soa_rr, owner_rdf); + ldns_rr_set_type(soa_rr, LDNS_RR_TYPE_SOA); + ldns_rr_set_class(soa_rr, rr_class); + ldns_rr_set_question(soa_rr, false); + + if (ldns_str2rdf_dname(&mname_rdf, ".") != LDNS_STATUS_OK) { + ldns_rr_free(soa_rr); + return LDNS_STATUS_MEM_ERR; + } else { + ldns_rr_push_rdf(soa_rr, mname_rdf); + } + if (ldns_str2rdf_dname(&rname_rdf, ".") != LDNS_STATUS_OK) { + ldns_rr_free(soa_rr); + return LDNS_STATUS_MEM_ERR; + } else { + ldns_rr_push_rdf(soa_rr, rname_rdf); + } + serial_rdf = ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, 0); + if (!serial_rdf) { + ldns_rr_free(soa_rr); + return LDNS_STATUS_MEM_ERR; + } else { + ldns_rr_push_rdf(soa_rr, serial_rdf); + } + refresh_rdf = ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, 0); + if (!refresh_rdf) { + ldns_rr_free(soa_rr); + return LDNS_STATUS_MEM_ERR; + } else { + ldns_rr_push_rdf(soa_rr, refresh_rdf); + } + retry_rdf = ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, 0); + if (!retry_rdf) { + ldns_rr_free(soa_rr); + return LDNS_STATUS_MEM_ERR; + } else { + ldns_rr_push_rdf(soa_rr, retry_rdf); + } + expire_rdf = ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, 0); + if (!expire_rdf) { + ldns_rr_free(soa_rr); + return LDNS_STATUS_MEM_ERR; + } else { + ldns_rr_push_rdf(soa_rr, expire_rdf); + } + minimum_rdf = ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, 0); + if (!minimum_rdf) { + ldns_rr_free(soa_rr); + return LDNS_STATUS_MEM_ERR; + } else { + ldns_rr_push_rdf(soa_rr, minimum_rdf); + } + ldns_pkt_push_rr(packet, LDNS_SECTION_AUTHORITY, soa_rr); + return LDNS_STATUS_OK; +} + + ldns_status ldns_pkt_query_new_frm_str(ldns_pkt **p, const char *name, ldns_rr_type rr_type, ldns_rr_class rr_class, uint16_t flags) @@ -851,21 +940,29 @@ ldns_pkt_query_new_frm_str(ldns_pkt **p, const char *name, ldns_rr_type rr_type, ldns_rr_set_type(question_rr, rr_type); ldns_rr_set_class(question_rr, rr_class); ldns_rr_set_question(question_rr, true); - + ldns_pkt_push_rr(packet, LDNS_SECTION_QUESTION, question_rr); } else { ldns_rr_free(question_rr); ldns_pkt_free(packet); return LDNS_STATUS_ERR; } - + + /** IXFR? */ + if (rr_type == LDNS_RR_TYPE_IXFR) { + if (ldns_pkt_add_authsoa(packet, name_rdf, rr_class) != LDNS_STATUS_OK) { + ldns_pkt_free(packet); + return LDNS_STATUS_ERR; + } + } + packet->_tsig_rr = NULL; - ldns_pkt_set_answerfrom(packet, NULL); if (p) { *p = packet; return LDNS_STATUS_OK; } else { + ldns_pkt_free(packet); return LDNS_STATUS_NULL; } } @@ -888,6 +985,7 @@ ldns_pkt_query_new(ldns_rdf *rr_name, ldns_rr_type rr_type, ldns_rr_class rr_cla question_rr = ldns_rr_new(); if (!question_rr) { + ldns_pkt_free(packet); return NULL; } @@ -902,11 +1000,17 @@ ldns_pkt_query_new(ldns_rdf *rr_name, ldns_rr_type rr_type, ldns_rr_class rr_cla ldns_rr_set_type(question_rr, rr_type); ldns_rr_set_class(question_rr, rr_class); ldns_rr_set_question(question_rr, true); - - packet->_tsig_rr = NULL; - ldns_pkt_push_rr(packet, LDNS_SECTION_QUESTION, question_rr); + /** IXFR? */ + if (rr_type == LDNS_RR_TYPE_IXFR) { + if (ldns_pkt_add_authsoa(packet, rr_name, rr_class) != LDNS_STATUS_OK) { + ldns_pkt_free(packet); + return NULL; + } + } + + packet->_tsig_rr = NULL; return packet; } @@ -980,7 +1084,9 @@ ldns_pkt_clone(ldns_pkt *pkt) ldns_pkt_set_ancount(new_pkt, ldns_pkt_ancount(pkt)); ldns_pkt_set_nscount(new_pkt, ldns_pkt_nscount(pkt)); ldns_pkt_set_arcount(new_pkt, ldns_pkt_arcount(pkt)); - ldns_pkt_set_answerfrom(new_pkt, ldns_pkt_answerfrom(pkt)); + if (ldns_pkt_answerfrom(pkt)) + ldns_pkt_set_answerfrom(new_pkt, + ldns_rdf_clone(ldns_pkt_answerfrom(pkt))); ldns_pkt_set_querytime(new_pkt, ldns_pkt_querytime(pkt)); ldns_pkt_set_size(new_pkt, ldns_pkt_size(pkt)); ldns_pkt_set_tsig(new_pkt, ldns_rr_clone(ldns_pkt_tsig(pkt))); @@ -161,7 +161,7 @@ ldns_fget_token_l(FILE *f, char *token, const char *delim, size_t limit, int *li return (ssize_t)i; tokenread: - ldns_fskipcs_l(f, delim, line_nr); + ldns_fskipcs_l(f, del, line_nr); *t = '\0'; if (p != 0) { return -1; @@ -331,7 +331,7 @@ ldns_bget_token(ldns_buffer *b, char *token, const char *delim, size_t limit) return (ssize_t)i; tokenread: - ldns_bskipcs(b, delim); + ldns_bskipcs(b, del); *t = '\0'; if (p != 0) { diff --git a/resolver.c b/resolver.c index 1a788a363fe9..2cee9fff194a 100644 --- a/resolver.c +++ b/resolver.c @@ -253,13 +253,20 @@ ldns_resolver_pop_nameserver(ldns_resolver *r) pop = nameservers[ns_count - 1]; - nameservers = LDNS_XREALLOC(nameservers, ldns_rdf *, (ns_count - 1)); - rtt = LDNS_XREALLOC(rtt, size_t, (ns_count - 1)); + if (ns_count == 1) { + LDNS_FREE(nameservers); + LDNS_FREE(rtt); + + ldns_resolver_set_nameservers(r, NULL); + ldns_resolver_set_rtt(r, NULL); + } else { + nameservers = LDNS_XREALLOC(nameservers, ldns_rdf *, + (ns_count - 1)); + rtt = LDNS_XREALLOC(rtt, size_t, (ns_count - 1)); - if(nameservers) ldns_resolver_set_nameservers(r, nameservers); - if(rtt) ldns_resolver_set_rtt(r, rtt); + } /* decr the count */ ldns_resolver_dec_nameserver_count(r); return pop; @@ -385,7 +392,9 @@ ldns_resolver_push_dnssec_anchor(ldns_resolver *r, ldns_rr *rr) { ldns_rr_list * trust_anchors; - if ((!rr) || (ldns_rr_get_type(rr) != LDNS_RR_TYPE_DNSKEY)) { + if ((!rr) || (ldns_rr_get_type(rr) != LDNS_RR_TYPE_DNSKEY && + ldns_rr_get_type(rr) != LDNS_RR_TYPE_DS)) { + return LDNS_STATUS_ERR; } @@ -800,8 +809,7 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr) gtr -= bgtr; if(word[0] == '#') { expect = LDNS_RESOLV_KEYWORD; - ldns_buffer_free(b); - continue; + break; } tmp = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, word); if (!tmp) { @@ -817,8 +825,10 @@ ldns_resolver_new_frm_fp_l(ldns_resolver **res, FILE *fp, int *line_nr) (size_t) gtr + 1); } ldns_buffer_free(b); - gtr = 1; - expect = LDNS_RESOLV_KEYWORD; + if (expect != LDNS_RESOLV_KEYWORD) { + gtr = 1; + expect = LDNS_RESOLV_KEYWORD; + } break; case LDNS_RESOLV_SORTLIST: gtr = ldns_fget_token_l(fp, word, LDNS_PARSE_SKIP_SPACE, 0, line_nr); @@ -885,6 +895,7 @@ ldns_resolver_new_frm_file(ldns_resolver **res, const char *filename) *res = r; return LDNS_STATUS_OK; } else { + ldns_resolver_free(r); return LDNS_STATUS_NULL; } } @@ -947,15 +958,12 @@ ldns_resolver_search(const ldns_resolver *r,const ldns_rdf *name, ldns_rr_type t, ldns_rr_class c, uint16_t flags) { - char *str_dname; ldns_rdf *new_name; ldns_rdf **search_list; size_t i; ldns_pkt *p; - str_dname = ldns_rdf2str(name); - - if (ldns_dname_str_absolute(str_dname)) { + if (ldns_dname_absolute(name)) { /* query as-is */ return ldns_resolver_query(r, name, t, c, flags); } else if (ldns_resolver_dnsrch(r)) { @@ -1017,9 +1025,6 @@ ldns_resolver_query(const ldns_resolver *r, const ldns_rdf *name, newname = ldns_dname_cat_clone((const ldns_rdf*)name, ldns_resolver_domain(r)); if (!newname) { - if (pkt) { - ldns_pkt_free(pkt); - } return NULL; } @@ -1212,9 +1217,11 @@ ldns_resolver_send(ldns_pkt **answer, ldns_resolver *r, const ldns_rdf *name, ldns_resolver_tsig_keydata(r), 300, ldns_resolver_tsig_algorithm(r), NULL); if (status != LDNS_STATUS_OK) { + ldns_pkt_free(query_pkt); return LDNS_STATUS_CRYPTO_TSIG_ERR; } #else + ldns_pkt_free(query_pkt); return LDNS_STATUS_CRYPTO_TSIG_ERR; #endif /* HAVE_SSL */ } @@ -1294,7 +1301,14 @@ ldns_axfr_next(ldns_resolver *resolver) return NULL; } else if (ldns_pkt_get_rcode(resolver->_cur_axfr_pkt) != 0) { rcode = ldns_lookup_by_id(ldns_rcodes, (int) ldns_pkt_get_rcode(resolver->_cur_axfr_pkt)); - fprintf(stderr, "Error in AXFR: %s\n", rcode->name); + if (rcode) { + fprintf(stderr, "Error in AXFR: %s\n", + rcode->name); + } else { + fprintf(stderr, "Error in AXFR: %d\n", + (int) ldns_pkt_get_rcode( + resolver->_cur_axfr_pkt)); + } /* RoRi: we must now also close the socket, otherwise subsequent uses of the same resolver structure will fail because the link is still open or @@ -1333,17 +1347,22 @@ void ldns_resolver_nameservers_randomize(ldns_resolver *r) { uint16_t i, j; - ldns_rdf **ns, *tmp; + ldns_rdf **ns, *tmpns; + size_t *rtt, tmprtt; /* should I check for ldns_resolver_random?? */ assert(r != NULL); ns = ldns_resolver_nameservers(r); + rtt = ldns_resolver_rtt(r); for (i = 0; i < ldns_resolver_nameserver_count(r); i++) { j = ldns_get_random() % ldns_resolver_nameserver_count(r); - tmp = ns[i]; + tmpns = ns[i]; ns[i] = ns[j]; - ns[j] = tmp; + ns[j] = tmpns; + tmprtt = rtt[i]; + rtt[i] = rtt[j]; + rtt[j] = tmprtt; } ldns_resolver_set_nameservers(r, ns); } @@ -119,7 +119,7 @@ ldns_rr_new_frm_str_internal(ldns_rr **newrr, const char *str, char *type = NULL; char *rdata = NULL; char *rd = NULL; - char *b64 = NULL; + char * b64 = NULL; size_t rd_strlen; const char *delimiters; ssize_t c; @@ -477,6 +477,7 @@ ldns_rr_new_frm_str_internal(ldns_rr **newrr, const char *str, ldns_buffer_free(rr_buf); LDNS_FREE(rdata); ldns_rr_free(new); + LDNS_FREE(hex_data); return s; } LDNS_FREE(hex_data); @@ -600,6 +601,9 @@ ldns_rr_new_frm_str_internal(ldns_rr **newrr, const char *str, if (newrr) { *newrr = new; + } else { + /* Maybe the caller just wanted to see if it would parse? */ + ldns_rr_free(new); } return LDNS_STATUS_OK; @@ -724,8 +728,13 @@ ldns_rr_new_frm_fp_l(ldns_rr **newrr, FILE *fp, uint32_t *default_ttl, ldns_rdf } } LDNS_FREE(line); - if (newrr && s == LDNS_STATUS_OK) { - *newrr = rr; + if (s == LDNS_STATUS_OK) { + if (newrr) { + *newrr = rr; + } else { + /* Just testing if it would parse? */ + ldns_rr_free(rr); + } } return s; } @@ -1156,7 +1165,8 @@ ldns_rr_list_pop_rr_list(ldns_rr_list *rr_list, size_t howmany) i--; } - if (i == howmany) { + if (i == howmany) { /* so i <= 0 */ + ldns_rr_list_free(popped); return NULL; } else { return popped; @@ -1480,6 +1490,7 @@ ldns_rr_list_sort(ldns_rr_list *unsorted) LDNS_FREE(sortables[i]); } /* no way to return error */ + LDNS_FREE(sortables); return; } sortables[i]->original_object = ldns_rr_list_rr(unsorted, i); @@ -1941,6 +1952,12 @@ static const ldns_rdf_type type_tsig_wireformat[] = { LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_INT16_DATA }; +static const ldns_rdf_type type_tlsa_wireformat[] = { + LDNS_RDF_TYPE_INT8, + LDNS_RDF_TYPE_INT8, + LDNS_RDF_TYPE_INT8, + LDNS_RDF_TYPE_HEX +}; /** \endcond */ /** \cond */ @@ -2048,13 +2065,14 @@ static ldns_rr_descriptor rdata_field_descriptors[] = { /* 48 */ {LDNS_RR_TYPE_DNSKEY, "DNSKEY", 4, 4, type_dnskey_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, /* 49 */ -{LDNS_RR_TYPE_DHCID, "DHCID", 1, 1, type_dhcid_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, + {LDNS_RR_TYPE_DHCID, "DHCID", 1, 1, type_dhcid_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, /* 50 */ {LDNS_RR_TYPE_NSEC3, "NSEC3", 5, 6, type_nsec3_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, /* 51 */ -{LDNS_RR_TYPE_NSEC3PARAM, "NSEC3PARAM", 4, 4, type_nsec3param_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, + {LDNS_RR_TYPE_NSEC3PARAM, "NSEC3PARAM", 4, 4, type_nsec3param_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, /* 52 */ -{LDNS_RR_TYPE_NULL, "TYPE52", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, + {LDNS_RR_TYPE_TLSA, "TLSA", 4, 4, type_tlsa_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, + {LDNS_RR_TYPE_NULL, "TYPE53", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, {LDNS_RR_TYPE_NULL, "TYPE54", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, {LDNS_RR_TYPE_NULL, "TYPE55", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 }, diff --git a/str2host.c b/str2host.c index 2783f0805a41..51357cc3176c 100644 --- a/str2host.c +++ b/str2host.c @@ -96,7 +96,7 @@ ldns_str2rdf_time(ldns_rdf **rd, const char *time) goto bad_format; } - l = htonl(mktime_from_utc(&tm)); + l = htonl(ldns_mktime_from_utc(&tm)); memcpy(r, &l, sizeof(uint32_t)); *rd = ldns_rdf_new_frm_data( LDNS_RDF_TYPE_TIME, sizeof(uint32_t), r); @@ -534,6 +534,7 @@ ldns_str2rdf_apl(ldns_rdf **rd, const char *str) data = LDNS_XMALLOC(uint8_t, 4 + afdlength); if(!data) { + LDNS_FREE(afdpart); LDNS_FREE(my_ip_str); return LDNS_STATUS_INVALID_STR; } @@ -1104,8 +1105,6 @@ ldns_str2rdf_wks(ldns_rdf **rd, const char *str) data[0] = (uint8_t) proto->p_proto; } else if (proto_str) { data[0] = (uint8_t) atoi(proto_str); - } else { - data[0] = 0; } memcpy(data + 1, bitmap, (size_t) bm_len); @@ -179,10 +179,12 @@ ldns_tsig_mac_new(ldns_rdf **tsig_mac, uint8_t *pkt_wire, size_t pkt_wire_size, return LDNS_STATUS_NULL; } canonical_key_name_rdf = ldns_rdf_clone(key_name_rdf); + if (canonical_key_name_rdf == NULL) { + return LDNS_STATUS_MEM_ERR; + } canonical_algorithm_rdf = ldns_rdf_clone(algorithm_rdf); - - if (canonical_key_name_rdf == NULL - || canonical_algorithm_rdf == NULL) { + if (canonical_algorithm_rdf == NULL) { + ldns_rdf_deep_free(canonical_key_name_rdf); return LDNS_STATUS_MEM_ERR; } /* @@ -266,8 +268,8 @@ ldns_tsig_mac_new(ldns_rdf **tsig_mac, uint8_t *pkt_wire, size_t pkt_wire_size, LDNS_FREE(key_bytes); LDNS_FREE(algorithm_name); ldns_buffer_free(data_buffer); - ldns_rdf_free(canonical_algorithm_rdf); - ldns_rdf_free(canonical_key_name_rdf); + ldns_rdf_deep_free(canonical_algorithm_rdf); + ldns_rdf_deep_free(canonical_key_name_rdf); return status; } #endif /* HAVE_SSL */ @@ -227,7 +227,7 @@ leap_days(int y1, int y2) * Code adapted from Python 2.4.1 sources (Lib/calendar.py). */ time_t -mktime_from_utc(const struct tm *tm) +ldns_mktime_from_utc(const struct tm *tm) { int year = 1900 + tm->tm_year; time_t days = 365 * ((time_t) year - 1970) + leap_days(1970, year); @@ -251,6 +251,12 @@ mktime_from_utc(const struct tm *tm) return seconds; } +time_t +mktime_from_utc(const struct tm *tm) +{ + return ldns_mktime_from_utc(tm); +} + #if SIZEOF_TIME_T <= 4 static void @@ -398,6 +404,7 @@ ldns_init_random(FILE *fd, unsigned int size) if (read < size) { LDNS_FREE(seed); + if (!fd) fclose(rand_f); return 1; } else { #ifdef HAVE_SSL |