summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorWillem Toorop <willem@nlnetlabs.nl>2013-12-18 15:51:18 +0100
committerWillem Toorop <willem@nlnetlabs.nl>2013-12-18 15:51:18 +0100
commitf3e9b8f3cfa70f47af447cd9d7bebd51a0c4f8c3 (patch)
tree9671625476e2a165cc3a55649c206d297a0d04e1
parent18a9662306bb4a95cef471d9fc79d36245bc945b (diff)
parent021ee9cf6bab8d74aa7a85db0e8675fe4a8e80f8 (diff)
downloadldns-cga-tsig.tar.gz
Merge branch 'master' into cga-tsigcga-tsig
-rw-r--r--.gitmodules3
-rw-r--r--Changelog16
-rw-r--r--Makefile.in38
-rw-r--r--README2
-rw-r--r--configure.ac76
m---------contrib/DNS-LDNS0
m---------contrib/Net-LDNS0
-rw-r--r--dnssec.c6
-rw-r--r--dnssec_sign.c4
-rw-r--r--dnssec_zone.c7
-rw-r--r--examples/ldns-compare-zones.c2
-rw-r--r--examples/ldns-key2ds.14
-rw-r--r--examples/ldns-keygen.c2
-rw-r--r--examples/ldns-read-zone.14
-rw-r--r--examples/ldns-read-zone.c2
-rw-r--r--examples/ldns-signzone.c2
-rw-r--r--examples/ldns-walk.112
-rw-r--r--examples/ldns-zcat.14
-rw-r--r--examples/ldns-zcat.c2
-rw-r--r--examples/ldns-zsplit.14
-rw-r--r--host2str.c2
-rw-r--r--keys.c18
-rw-r--r--ldns/dnssec_zone.h3
-rw-r--r--ldns/ldns.h4
-rw-r--r--ldns/rr.h5
-rwxr-xr-xmakedist.sh4
-rw-r--r--packet.c4
-rw-r--r--resolver.c4
-rw-r--r--rr.c21
29 files changed, 183 insertions, 72 deletions
diff --git a/.gitmodules b/.gitmodules
index 836a4377..df684f29 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,3 +1,6 @@
[submodule "contrib/Net-LDNS"]
path = contrib/Net-LDNS
url = https://github.com/erikoest/Net-LDNS
+[submodule "contrib/DNS-LDNS"]
+ path = contrib/DNS-LDNS
+ url = https://github.com/erikoest/DNS-LDNS
diff --git a/Changelog b/Changelog
index 4016336e..34060c46 100644
--- a/Changelog
+++ b/Changelog
@@ -36,10 +36,6 @@
* ldns-verify-zone NSEC3 checking from quadratic to linear performance.
Thanks NIC MX (nicmexico.mx)
* ldns-dane setup new ssl session for each new connect to prevent hangs
- * Parsing from and to wire and presentation format for draft rr types
- must be explicitely enabled with the --enable-draft-rrtypes option
- to conifigure. This applies to: NINFO, RKEY, CDS, EUI48, EUI64, URI
- and TA
* Bump version to 1.7.0
* The version of shared library now has similar scheme as libunbound.
ldns 1.7.0 will have shared library version (SONAME) 2.0.0
@@ -47,10 +43,20 @@
* bugfix #525: Fix documentation of ldns_resolver_set_retry
* Remove unused LDNS_RDF_TYPE_TSIG and associated functions.
* Fix ldns_nsec_covers_name for zones with an apex only. Thanks Miek.
- * Configure option to build perl bindings: --with-p5-net-ldns
+ * Configure option to build perl bindings: --with-p5-dns-ldns
(Net::LDNS is a contribution from Erik Ostlyngen)
* bugfix #527: Move -lssl before -lcrypto when linking
* Optimize TSIG digest function name comparison (Thanks Marc Buijsman)
+ * Compare names case insensitive with ldns_pkt_rr_list_by_name and
+ ldns_pkt_rr_list_by_name_and_type (thanks Johannes Naab)
+ * A separate --enable for each draft RR type: --enable-rrtype-ninfo,
+ --enable-rrtype-rkey, --enable-rrtype-cds, --enable-rrtype-uri and
+ --enable-rrtype-ta
+ * bugfix #530: Don't sign and verify duplicate RRs (Thanks Jelte Jansen)
+ * bugfix #505: Manpage and usage output fixes (Thanks Tomas Hozza)
+ * Adjust ldns_sha1() so that the input data is not modified (Thanks
+ Marc Buijsman)
+ * Disable printing to stderr with --disable-stderr-msgs configure option
1.6.16 2012-11-13
* Fix Makefile to build pyldns with BSD make
diff --git a/Makefile.in b/Makefile.in
index 363aaff6..365fcfb0 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -15,7 +15,7 @@ includedir = @includedir@
doxygen = @doxygen@
pywrapdir = $(srcdir)/contrib/python
pyldnsxwrapdir = $(srcdir)/contrib/ldnsx
-p5_net_ldns_dir = $(srcdir)/contrib/Net-LDNS
+p5_dns_ldns_dir = $(srcdir)/contrib/DNS-LDNS
PERL = @PERL@
swig = @swig@
swigpy_flags = -python @SWIGPY3@
@@ -103,7 +103,7 @@ LINK_EXE = $(LIBTOOL) --mode=link $(CC) $(CFLAGS) $(LDFLAGS) $(LIBSSL_LDFLAGS)
.PHONY: install uninstall install-doc uninstall-doc uninstall-pyldns
.PHONY: install-h uninstall-h install-lib uninstall-lib install-pyldns
-all: setup-builddir lib linktest manpages @P5_NET_LDNS@ @PYLDNS@ @DRILL@ @EXAMPLES@
+all: setup-builddir lib linktest manpages @P5_DNS_LDNS@ @PYLDNS@ @DRILL@ @EXAMPLES@
.SUFFIXES: .c .o .a .lo .h .i
@@ -250,29 +250,29 @@ ldns_wrapper.lo: $(pywrapdir)/ldns_wrapper.c ldns/config.h
_ldns.la: ldns_wrapper.lo libldns.la
$(LIBTOOL) --tag=CC --mode=link $(CC) $(CFLAGS) $(PYTHON_CFLAGS) $(LDFLAGS) $(PYTHON_LDFLAGS) -module -version-number $(version_info) -no-undefined -o $@ ldns_wrapper.lo -rpath $(python_site) -L. -L.libs -lldns $(LIBS)
-$(p5_net_ldns_dir)/Makefile: $(p5_net_ldns_dir)/Makefile.PL
- BUILDDIR=`pwd`; cd $(p5_net_ldns_dir); $(PERL) Makefile.PL PREFIX="$(prefix)" LIBS="-L$$BUILDDIR/.libs -lldns" INC="-I$$BUILDDIR"
+$(p5_dns_ldns_dir)/Makefile: $(p5_dns_ldns_dir)/Makefile.PL
+ BUILDDIR=`pwd`; cd $(p5_dns_ldns_dir); $(PERL) Makefile.PL PREFIX="$(prefix)" LIBS="-L$$BUILDDIR/.libs -lldns" INC="-I$$BUILDDIR"
-$(p5_net_ldns_dir)/blib/arch/auto/Net/LDNS/LDNS.so: $(p5_net_ldns_dir)/Makefile
- cd $(p5_net_ldns_dir); $(MAKE)
+$(p5_dns_ldns_dir)/blib/arch/auto/DNS/LDNS/LDNS.so: $(p5_dns_ldns_dir)/Makefile
+ cd $(p5_dns_ldns_dir); $(MAKE)
-p5-net-ldns: $(p5_net_ldns_dir)/blib/arch/auto/Net/LDNS/LDNS.so
+p5-dns-ldns: $(p5_dns_ldns_dir)/blib/arch/auto/DNS/LDNS/LDNS.so
-install-p5-net-ldns: $(p5_net_ldns_dir)/Makefile
- cd $(p5_net_ldns_dir); $(MAKE) install
+install-p5-dns-ldns: $(p5_dns_ldns_dir)/Makefile
+ cd $(p5_dns_ldns_dir); $(MAKE) install
-uninstall-p5-net-ldns: $(p5_net_ldns_dir)/Makefile
- cd $(p5_net_ldns_dir); $(MAKE) uninstall
+uninstall-p5-dns-ldns: $(p5_dns_ldns_dir)/Makefile
+ cd $(p5_dns_ldns_dir); $(MAKE) uninstall
-clean-p5-net-ldns: $(p5_net_ldns_dir)/Makefile
- cd $(p5_net_ldns_dir); $(MAKE) clean
+clean-p5-dns-ldns: $(p5_dns_ldns_dir)/Makefile
+ cd $(p5_dns_ldns_dir); $(MAKE) clean
-test-p5-net-ldns: $(p5_net_ldns_dir)/Makefile
- cd $(p5_net_ldns_dir); $(MAKE) test
+test-p5-dns-ldns: $(p5_dns_ldns_dir)/Makefile
+ cd $(p5_dns_ldns_dir); $(MAKE) test
-install: install-h install-lib @INSTALL_CONFIG@ install-manpages $(pyldns_inst) $(pyldnsx_inst) @INSTALL_P5_NET_LDNS@ @INSTALL_DRILL@ @INSTALL_EXAMPLES@
+install: install-h install-lib @INSTALL_CONFIG@ install-manpages $(pyldns_inst) $(pyldnsx_inst) @INSTALL_P5_DNS_LDNS@ @INSTALL_DRILL@ @INSTALL_EXAMPLES@
-uninstall: uninstall-manpages @UNINSTALL_CONFIG@ uninstall-h uninstall-lib $(pyldns_uninst) $(pyldnsx_uninst) @UNINSTALL_P5_NET_LDNS@ @UNINSTALL_DRILL@ @UNINSTALL_EXAMPLES@
+uninstall: uninstall-manpages @UNINSTALL_CONFIG@ uninstall-h uninstall-lib $(pyldns_uninst) $(pyldnsx_uninst) @UNINSTALL_P5_DNS_LDNS@ @UNINSTALL_DRILL@ @UNINSTALL_EXAMPLES@
destclean: uninstall
@@ -354,7 +354,7 @@ clean-lib:
$(LIBTOOL) --mode clean rm -f $(pywrapdir)/ldns_wrapper.c
$(LIBTOOL) --mode clean rm -f $(pywrapdir)/ldns.py
-clean: @CLEAN_DRILL@ @CLEAN_EXAMPLES@ @CLEAN_P5_NET_LDNS@ clean-manpages clean-lib putdown-builddir
+clean: @CLEAN_DRILL@ @CLEAN_EXAMPLES@ @CLEAN_P5_DNS_LDNS@ clean-manpages clean-lib putdown-builddir
realclean: clean docclean
rm -f config.status
@@ -419,7 +419,7 @@ allclean: test-clean clean
test-clean:
tpkg -b test clean
-test: @TEST_P5_NET_LDNS@
+test: @TEST_P5_DNS_LDNS@
if test -x "`which bash`"; then bash test/test_all.sh; else sh test/test_all.sh; fi
diff --git a/README b/README
index e8abfab3..6319c6f5 100644
--- a/README
+++ b/README
@@ -37,7 +37,7 @@ INSTALLATION
5. make install
-* Building from subversion repository
+* Building from repository
If you are building from the repository you will need to have (gnu)
autotools like libtool and autoreconf installed. A list of all the commands
diff --git a/configure.ac b/configure.ac
index a157186f..d4a1df68 100644
--- a/configure.ac
+++ b/configure.ac
@@ -183,7 +183,7 @@ else
fi
# add option to disable installation of ldns-config script
-AC_ARG_ENABLE(ldns-config, [ --disable-ldns-config disable installation of ldns-config (default=enabled)],
+AC_ARG_ENABLE(ldns-config, AC_HELP_STRING([--disable-ldns-config], [disable installation of ldns-config (default=enabled)]),
enable_ldns_config=$enableval, enable_ldns_config=yes)
if test "x$enable_ldns_config" = xyes; then
AC_SUBST(INSTALL_CONFIG, [install-config])
@@ -197,6 +197,16 @@ else
AC_SUBST(UNINSTALL_CONFIG_MANPAGE, [""])
fi
+# add option to disable library printing to stderr
+AC_ARG_ENABLE(stderr-msgs, AC_HELP_STRING([--disable-stderr-msgs], [Disable printing to stderr]), enable_stderr_msgs=$enableval, enable_stderr_msgs=yes)
+case "$enable_stderr_msgs" in
+ no)
+ ;;
+ *) dnl default
+ AC_DEFINE_UNQUOTED([STDERR_MSGS], [1], [Define this to enable messages to stderr.])
+ ;;
+esac
+
# check for python
PYTHON_X_CFLAGS=""
ldns_with_pyldns=no
@@ -287,9 +297,9 @@ else
fi
# check for perl
-ldns_with_p5_net_ldns=no
-AC_ARG_WITH(p5-net-ldns, AC_HELP_STRING([--with-p5-net-ldns],
- [generate Net::LDNS perl bindings]),
+ldns_with_p5_dns_ldns=no
+AC_ARG_WITH(p5-dns-ldns, AC_HELP_STRING([--with-p5-dns-ldns],
+ [generate DNS::LDNS perl bindings]),
[],[ withval="no" ])
ldns_have_perl=no
if test x_$withval != x_no; then
@@ -297,17 +307,17 @@ if test x_$withval != x_no; then
if test -z "$PERL"; then
AC_MSG_ERROR([Cannot find perl in your system path])
fi
- AC_SUBST(P5_NET_LDNS, "p5-net-ldns")dnl
- AC_SUBST(TEST_P5_NET_LDNS, "test-p5-net-ldns")dnl
- AC_SUBST(INSTALL_P5_NET_LDNS, "install-p5-net-ldns")dnl
- AC_SUBST(UNINSTALL_P5_NET_LDNS, "uninstall-p5-net-ldns")dnl
- AC_SUBST(CLEAN_P5_NET_LDNS, "clean-p5-net-ldns")
+ AC_SUBST(P5_DNS_LDNS, "p5-dns-ldns")dnl
+ AC_SUBST(TEST_P5_DNS_LDNS, "test-p5-dns-ldns")dnl
+ AC_SUBST(INSTALL_P5_DNS_LDNS, "install-p5-dns-ldns")dnl
+ AC_SUBST(UNINSTALL_P5_DNS_LDNS, "uninstall-p5-dns-ldns")dnl
+ AC_SUBST(CLEAN_P5_DNS_LDNS, "clean-p5-dns-ldns")
else
- AC_SUBST(P5_NET_LDNS, "")dnl
- AC_SUBST(TEST_P5_NET_LDNS, "")dnl
- AC_SUBST(INSTALL_P5_NET_LDNS, "")dnl
- AC_SUBST(UNINSTALL_P5_NET_LDNS, "")dnl
- AC_SUBST(CLEAN_P5_NET_LDNS, "")
+ AC_SUBST(P5_DNS_LDNS, "")dnl
+ AC_SUBST(TEST_P5_DNS_LDNS, "")dnl
+ AC_SUBST(INSTALL_P5_DNS_LDNS, "")dnl
+ AC_SUBST(UNINSTALL_P5_DNS_LDNS, "")dnl
+ AC_SUBST(CLEAN_P5_DNS_LDNS, "")
fi
# Use libtool
@@ -390,10 +400,42 @@ case "$enable_dane" in
;;
esac
-AC_ARG_ENABLE(draft-rrtypes, AC_HELP_STRING([--enable-draft-rrtypes], [Enable draft RRtypes.]))
-case "$enable_draft_rrtypes" in
+AC_ARG_ENABLE(rrtype-ninfo, AC_HELP_STRING([--enable-rrtype-ninfo], [Enable draft RR type ninfo.]))
+case "$enable_rrtype_ninfo" in
+ yes)
+ AC_DEFINE_UNQUOTED([RRTYPE_NINFO], [], [Define this to enable RR type NINFO.])
+ ;;
+ no|*)
+ ;;
+esac
+AC_ARG_ENABLE(rrtype-rkey, AC_HELP_STRING([--enable-rrtype-rkey], [Enable draft RR type rkey.]))
+case "$enable_rrtype_rkey" in
+ yes)
+ AC_DEFINE_UNQUOTED([RRTYPE_RKEY], [], [Define this to enable RR type RKEY.])
+ ;;
+ no|*)
+ ;;
+esac
+AC_ARG_ENABLE(rrtype-cds, AC_HELP_STRING([--enable-rrtype-cds], [Enable draft RR type cds.]))
+case "$enable_rrtype_cds" in
+ yes)
+ AC_DEFINE_UNQUOTED([RRTYPE_CDS], [], [Define this to enable RR type CDS.])
+ ;;
+ no|*)
+ ;;
+esac
+AC_ARG_ENABLE(rrtype-uri, AC_HELP_STRING([--enable-rrtype-uri], [Enable draft RR type uri.]))
+case "$enable_rrtype_uri" in
+ yes)
+ AC_DEFINE_UNQUOTED([RRTYPE_URI], [], [Define this to enable RR type URI.])
+ ;;
+ no|*)
+ ;;
+esac
+AC_ARG_ENABLE(rrtype-ta, AC_HELP_STRING([--enable-rrtype-ta], [Enable draft RR type ta.]))
+case "$enable_rrtype_ta" in
yes)
- AC_DEFINE_UNQUOTED([DRAFT_RRTYPES], [], [Define this to enable draft RRtypes.])
+ AC_DEFINE_UNQUOTED([RRTYPE_TA], [], [Define this to enable RR type TA.])
;;
no|*)
;;
diff --git a/contrib/DNS-LDNS b/contrib/DNS-LDNS
new file mode 160000
+Subproject c9cd177f878c680557c0f3583b75686f3396132
diff --git a/contrib/Net-LDNS b/contrib/Net-LDNS
deleted file mode 160000
-Subproject a2c5826fb90ca7431cbbf4a9eb7f00be6f3a5c8
diff --git a/dnssec.c b/dnssec.c
index f2142987..a41a9f63 100644
--- a/dnssec.c
+++ b/dnssec.c
@@ -997,7 +997,9 @@ ldns_nsec3_hash_name(ldns_rdf *name,
/* prepare the owner name according to the draft section bla */
cann = ldns_rdf_clone(name);
if(!cann) {
+#ifdef STDERR_MSGS
fprintf(stderr, "Memory error\n");
+#endif
return NULL;
}
ldns_dname2canonical(cann);
@@ -1042,11 +1044,13 @@ ldns_nsec3_hash_name(ldns_rdf *name,
hashed_owner_b32,
ldns_b32_ntop_calculate_size(hashed_owner_str_len)+1);
if (hashed_owner_b32_len < 1) {
+#ifdef STDERR_MSGS
fprintf(stderr, "Error in base32 extended hex encoding ");
fprintf(stderr, "of hashed owner name (name: ");
ldns_rdf_print(stderr, name);
fprintf(stderr, ", return code: %u)\n",
(unsigned int) hashed_owner_b32_len);
+#endif
LDNS_FREE(hashed_owner_b32);
return NULL;
}
@@ -1054,7 +1058,9 @@ ldns_nsec3_hash_name(ldns_rdf *name,
status = ldns_str2rdf_dname(&hashed_owner, hashed_owner_b32);
if (status != LDNS_STATUS_OK) {
+#ifdef STDERR_MSGS
fprintf(stderr, "Error creating rdf from %s\n", hashed_owner_b32);
+#endif
LDNS_FREE(hashed_owner_b32);
return NULL;
}
diff --git a/dnssec_sign.c b/dnssec_sign.c
index d61354a3..4af882a2 100644
--- a/dnssec_sign.c
+++ b/dnssec_sign.c
@@ -940,7 +940,9 @@ ldns_dnssec_remove_signatures( ldns_dnssec_rrs *signatures
ldns_key_list_set_use(key_list, false);
break;
default:
+#ifdef STDERR_MSGS
fprintf(stderr, "[XX] unknown return value from callback\n");
+#endif
break;
}
return NULL;
@@ -992,7 +994,9 @@ ldns_dnssec_remove_signatures( ldns_dnssec_rrs *signatures
LDNS_FREE(cur_rr);
break;
default:
+#ifdef STDERR_MSGS
fprintf(stderr, "[XX] unknown return value from callback\n");
+#endif
break;
}
cur_rr = next_rr;
diff --git a/dnssec_zone.c b/dnssec_zone.c
index 3d9558bf..60d62eae 100644
--- a/dnssec_zone.c
+++ b/dnssec_zone.c
@@ -54,10 +54,8 @@ ldns_dnssec_rrs_add_rr(ldns_dnssec_rrs *rrs, ldns_rr *rr)
/* this could be done more efficiently; name and type should already
be equal */
- cmp = ldns_rr_compare(rrs->rr,
- rr);
- /* should we error on equal? */
- if (cmp <= 0) {
+ cmp = ldns_rr_compare(rrs->rr, rr);
+ if (cmp < 0) {
if (rrs->next) {
return ldns_dnssec_rrs_add_rr(rrs->next, rr);
} else {
@@ -74,6 +72,7 @@ ldns_dnssec_rrs_add_rr(ldns_dnssec_rrs *rrs, ldns_rr *rr)
rrs->rr = rr;
rrs->next = new_rrs;
}
+ /* Silently ignore equal rr's */
return LDNS_STATUS_OK;
}
diff --git a/examples/ldns-compare-zones.c b/examples/ldns-compare-zones.c
index 663b744a..a39c4b80 100644
--- a/examples/ldns-compare-zones.c
+++ b/examples/ldns-compare-zones.c
@@ -33,6 +33,8 @@ usage(char *prog)
printf(" -a - print all differences (-i -d -c)\n");
printf(" -s - do not exclude SOA record from comparison\n");
printf(" -z - do not sort zones\n");
+ printf(" -h - show usage and exit\n");
+ printf(" -v - show the version and exit\n");
}
int
diff --git a/examples/ldns-key2ds.1 b/examples/ldns-key2ds.1
index 6fdbee5f..a20ab96f 100644
--- a/examples/ldns-key2ds.1
+++ b/examples/ldns-key2ds.1
@@ -17,6 +17,10 @@ SHA1 for RSASHA1, and so on.
.SH OPTIONS
.TP
+\fB-f\fR
+Ignore SEP flag (i.e. make DS records for any key)
+
+.TP
\fB-n\fR
Write the result DS Resource Record to stdout instead of a file
diff --git a/examples/ldns-keygen.c b/examples/ldns-keygen.c
index 767d7792..316d60d7 100644
--- a/examples/ldns-keygen.c
+++ b/examples/ldns-keygen.c
@@ -71,7 +71,7 @@ main(int argc, char *argv[])
random = NULL;
ksk = false; /* don't create a ksk per default */
- while ((c = getopt(argc, argv, "a:kb:r:v25")) != -1) {
+ while ((c = getopt(argc, argv, "a:kb:r:v")) != -1) {
switch (c) {
case 'a':
if (algorithm != 0) {
diff --git a/examples/ldns-read-zone.1 b/examples/ldns-read-zone.1
index 68d71708..8652fe9a 100644
--- a/examples/ldns-read-zone.1
+++ b/examples/ldns-read-zone.1
@@ -22,6 +22,10 @@ that is not of type NSEC, NSEC3, RRSIG or DNSKEY. DS records are not
printed.
.TP
+\fB-b\fR
+Include Bubble Babble encoding of DS's.
+
+.TP
\fB-0\fR
Print a (null) for the RRSIG inception, expiry and key data. This option
can be used when comparing different signing systems that use the same
diff --git a/examples/ldns-read-zone.c b/examples/ldns-read-zone.c
index 2793a79a..512621d3 100644
--- a/examples/ldns-read-zone.c
+++ b/examples/ldns-read-zone.c
@@ -20,7 +20,7 @@ void print_usage(const char* progname)
printf("Usage: %s [OPTIONS] <zonefile>\n", progname);
printf("\tReads the zonefile and prints it.\n");
printf("\tThe RR count of the zone is printed to stderr.\n");
- printf("\t-b include bubblebabble of DS's.\n");
+ printf("\t-b include Bubble Babble encoding of DS's.\n");
printf("\t-0 zeroize timestamps and signature in RRSIG records.\n");
printf("\t-c canonicalize all rrs in the zone.\n");
printf("\t-d only show DNSSEC data from the zone\n");
diff --git a/examples/ldns-signzone.c b/examples/ldns-signzone.c
index 349cdb9b..ffdd3c03 100644
--- a/examples/ldns-signzone.c
+++ b/examples/ldns-signzone.c
@@ -378,7 +378,7 @@ main(int argc, char *argv[])
OPENSSL_config(NULL);
- while ((c = getopt(argc, argv, "a:bde:f:i:k:lno:ps:t:vAE:K:")) != -1) {
+ while ((c = getopt(argc, argv, "a:bde:f:i:k:no:ps:t:vAE:K:")) != -1) {
switch (c) {
case 'a':
nsec3_algorithm = (uint8_t) atoi(optarg);
diff --git a/examples/ldns-walk.1 b/examples/ldns-walk.1
index c8ace40e..d4d1b6e7 100644
--- a/examples/ldns-walk.1
+++ b/examples/ldns-walk.1
@@ -22,6 +22,14 @@ Of course the nameserver that is used must be DNSSEC-aware.
.SH OPTIONS
.TP
+\fB-4\fR
+Use only IPv4.
+
+.TP
+\fB-6\fR
+Use only IPv6.
+
+.TP
\fB-f\fR
Do a 'full' zone walk; by default, ldns-walk will only show the names, and types present at those names. If this option is given, all resource records will be printed.
@@ -31,6 +39,10 @@ Start the walk with this owner name. Useful when continuing the walk for a
large zone.
.TP
+\fB-v\fR \fIverbosity\fR
+Verbosity level [1-5].
+
+.TP
\fB@\fR \fInameserver\fR
Send the queries to this nameserver.
diff --git a/examples/ldns-zcat.1 b/examples/ldns-zcat.1
index 9c4054df..4fd7ba6d 100644
--- a/examples/ldns-zcat.1
+++ b/examples/ldns-zcat.1
@@ -18,6 +18,10 @@ The resulted zone file is printed to standard output.
.B -o ORIGIN
use ORIGIN when reading in the zone
+.TP
+.B -v
+show the version number and exit
+
.SH AUTHOR
Written by the ldns team as an example for ldns usage.
diff --git a/examples/ldns-zcat.c b/examples/ldns-zcat.c
index 0f1b210a..017e632c 100644
--- a/examples/ldns-zcat.c
+++ b/examples/ldns-zcat.c
@@ -54,7 +54,7 @@ main(int argc, char **argv)
progname = strdup(argv[0]);
origin = NULL;
- while ((c = getopt(argc, argv, "n:o:v")) != -1) {
+ while ((c = getopt(argc, argv, "o:v")) != -1) {
switch(c) {
case 'o':
origin = ldns_dname_new_frm_str(strdup(optarg));
diff --git a/examples/ldns-zsplit.1 b/examples/ldns-zsplit.1
index 8e64668f..02dce404 100644
--- a/examples/ldns-zsplit.1
+++ b/examples/ldns-zsplit.1
@@ -27,6 +27,10 @@ use ORIGIN as origin when reading the zonefile.
.B -z
Sort the zone before splitting.
+.TP
+.B -v
+Show version number and exit.
+
.SH AUTHOR
Written by the ldns team as an example for ldns usage.
diff --git a/host2str.c b/host2str.c
index 28b257e6..e2c936ba 100644
--- a/host2str.c
+++ b/host2str.c
@@ -1995,10 +1995,12 @@ ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k)
break;
#endif
default:
+#ifdef STDERR_MSGS
fprintf(stderr, "Warning: unknown signature ");
fprintf(stderr,
"algorithm type %u\n",
ldns_key_algorithm(k));
+#endif
ldns_buffer_printf(output,
"Algorithm: %u (Unknown)\n",
ldns_key_algorithm(k));
diff --git a/keys.c b/keys.c
index e16ac915..46f6a3d0 100644
--- a/keys.c
+++ b/keys.c
@@ -368,40 +368,50 @@ ldns_key_new_frm_fp_l(ldns_key **key, FILE *fp, int *line_nr)
#ifdef USE_SHA2
alg = LDNS_SIGN_RSASHA256;
#else
+# ifdef STDERR_MSGS
fprintf(stderr, "Warning: SHA256 not compiled into this ");
fprintf(stderr, "version of ldns\n");
+# endif
#endif
}
if (strncmp(d, "10 RSASHA512", 3) == 0) {
#ifdef USE_SHA2
alg = LDNS_SIGN_RSASHA512;
#else
+# ifdef STDERR_MSGS
fprintf(stderr, "Warning: SHA512 not compiled into this ");
fprintf(stderr, "version of ldns\n");
+# endif
#endif
}
if (strncmp(d, "12 ECC-GOST", 3) == 0) {
#ifdef USE_GOST
alg = LDNS_SIGN_ECC_GOST;
#else
+# ifdef STDERR_MSGS
fprintf(stderr, "Warning: ECC-GOST not compiled into this ");
fprintf(stderr, "version of ldns, use --enable-gost\n");
+# endif
#endif
}
if (strncmp(d, "13 ECDSAP256SHA256", 3) == 0) {
#ifdef USE_ECDSA
alg = LDNS_SIGN_ECDSAP256SHA256;
#else
+# ifdef STDERR_MSGS
fprintf(stderr, "Warning: ECDSA not compiled into this ");
fprintf(stderr, "version of ldns, use --enable-ecdsa\n");
+# endif
#endif
}
if (strncmp(d, "14 ECDSAP384SHA384", 3) == 0) {
#ifdef USE_ECDSA
alg = LDNS_SIGN_ECDSAP384SHA384;
#else
+# ifdef STDERR_MSGS
fprintf(stderr, "Warning: ECDSA not compiled into this ");
fprintf(stderr, "version of ldns, use --enable-ecdsa\n");
+# endif
#endif
}
if (strncmp(d, "157 HMAC-MD5", 4) == 0) {
@@ -1317,8 +1327,10 @@ ldns_key_dsa2bin(unsigned char *data, DSA *k, uint16_t *size)
memcpy(data, &T, 1);
if (T > 8) {
+#ifdef STDERR_MSGS
fprintf(stderr, "DSA key with T > 8 (ie. > 1024 bits)");
fprintf(stderr, " not implemented\n");
+#endif
return false;
}
@@ -1605,7 +1617,9 @@ ldns_read_anchor_file(const char *filename)
fp = fopen(filename, "r");
if (!fp) {
+#ifdef STDERR_MSGS
fprintf(stderr, "Unable to open %s: %s\n", filename, strerror(errno));
+#endif
LDNS_FREE(line);
return NULL;
}
@@ -1619,7 +1633,9 @@ ldns_read_anchor_file(const char *filename)
fclose(fp);
if (i <= 0) {
+#ifdef STDERR_MSGS
fprintf(stderr, "nothing read from %s", filename);
+#endif
LDNS_FREE(line);
return NULL;
} else {
@@ -1628,7 +1644,9 @@ ldns_read_anchor_file(const char *filename)
LDNS_FREE(line);
return r;
} else {
+#ifdef STDERR_MSGS
fprintf(stderr, "Error creating DNSKEY or DS rr from %s: %s\n", filename, ldns_get_errorstr_by_id(status));
+#endif
LDNS_FREE(line);
return NULL;
}
diff --git a/ldns/dnssec_zone.h b/ldns/dnssec_zone.h
index 42947355..b794f942 100644
--- a/ldns/dnssec_zone.h
+++ b/ldns/dnssec_zone.h
@@ -126,7 +126,8 @@ void ldns_dnssec_rrs_free(ldns_dnssec_rrs *rrs);
void ldns_dnssec_rrs_deep_free(ldns_dnssec_rrs *rrs);
/**
- * Adds an RR to the list of RRs. The list will remain ordered
+ * Adds an RR to the list of RRs. The list will remain ordered.
+ * If an equal RR already exists, this RR will not be added.
*
* \param[in] rrs the list to add to
* \param[in] rr the RR to add
diff --git a/ldns/ldns.h b/ldns/ldns.h
index e530116d..60663ef9 100644
--- a/ldns/ldns.h
+++ b/ldns/ldns.h
@@ -37,9 +37,9 @@ Feature list
- TSIG support,
- DNSSEC support; signing and verification,
- small size,
- - online documentation as well as manual pages.
+ - online documentation as well as manual pages.
-If you want to send us patches please use the code from subversion (trunk).
+If you want to send us patches please use the code from git.
\section using_ldns Using ldns
diff --git a/ldns/rr.h b/ldns/rr.h
index 1485cadf..ff499395 100644
--- a/ldns/rr.h
+++ b/ldns/rr.h
@@ -204,9 +204,8 @@ enum ldns_enum_rr_type
LDNS_RR_TYPE_L64 = 106, /* RFC 6742 */
LDNS_RR_TYPE_LP = 107, /* RFC 6742 */
- /** draft-jabley-dnsext-eui48-eui64-rrtypes */
- LDNS_RR_TYPE_EUI48 = 108,
- LDNS_RR_TYPE_EUI64 = 109,
+ LDNS_RR_TYPE_EUI48 = 108, /* RFC 7043 */
+ LDNS_RR_TYPE_EUI64 = 109, /* RFC 7043 */
LDNS_RR_TYPE_TKEY = 249, /* RFC 2930 */
LDNS_RR_TYPE_TSIG = 250,
diff --git a/makedist.sh b/makedist.sh
index 18b24095..10883cdf 100755
--- a/makedist.sh
+++ b/makedist.sh
@@ -121,7 +121,7 @@ git clone git://git.nlnetlabs.nl/ldns/ || error_cleanup "git command failed"
cd ldns || error_cleanup "LDNS not exported correctly from git"
git checkout "$CHECKOUT" || error_cleanup "Could not checkout $CHECKOUT"
git submodule update --init || error_cleanup "Could not update submodules"
-(cd contrib/Net-LDNS; git checkout master) || error_cleanup "Could not checkout Net-LDNS contribution"
+(cd contrib/DNS-LDNS; git checkout master) || error_cleanup "Could not checkout DNS-LDNS contribution"
info "Running Libtoolize script (libtoolize)."
libtoolize -c --install || libtoolize -c || error_cleanup "Libtoolize failed."
@@ -140,7 +140,7 @@ rm -r autom4te* drill/autom4te* examples/autom4te* || error_cleanup "Failed to r
# custom removes
find . -name .c-mode-rc.el -exec rm {} \;
find . -name .cvsignore -exec rm {} \;
-rm -f .gitignore .gitmodules contrib/Net-LDNS/.git
+rm -f .gitignore .gitmodules contrib/DNS-LDNS/.git
rm -rf .git
rm -rf lua
rm -rf masterdont
diff --git a/packet.c b/packet.c
index 607c05e1..0ac64c52 100644
--- a/packet.c
+++ b/packet.c
@@ -266,7 +266,7 @@ ldns_pkt_rr_list_by_name(ldns_pkt *packet,
ret = NULL;
for(i = 0; i < ldns_rr_list_rr_count(rrs); i++) {
- if (ldns_rdf_compare(ldns_rr_owner(
+ if (ldns_dname_compare(ldns_rr_owner(
ldns_rr_list_rr(rrs, i)),
ownername) == 0) {
/* owner names match */
@@ -337,7 +337,7 @@ ldns_pkt_rr_list_by_name_and_type(const ldns_pkt *packet,
for(i = 0; i < ldns_rr_list_rr_count(rrs); i++) {
if (type == ldns_rr_get_type(ldns_rr_list_rr(rrs, i)) &&
- ldns_rdf_compare(ldns_rr_owner(ldns_rr_list_rr(rrs, i)),
+ ldns_dname_compare(ldns_rr_owner(ldns_rr_list_rr(rrs, i)),
ownername
) == 0
) {
diff --git a/resolver.c b/resolver.c
index fbb0c352..bf12ad33 100644
--- a/resolver.c
+++ b/resolver.c
@@ -1350,7 +1350,9 @@ ldns_axfr_next(ldns_resolver *resolver)
resolver->_axfr_i = 0;
if (status != LDNS_STATUS_OK) {
/* TODO: make status return type of this function (...api change) */
+#ifdef STDERR_MSGS
fprintf(stderr, "Error parsing rr during AXFR: %s\n", ldns_get_errorstr_by_id(status));
+#endif
/* we must now also close the socket, otherwise subsequent uses of the
same resolver structure will fail because the link is still open or
@@ -1365,6 +1367,7 @@ ldns_axfr_next(ldns_resolver *resolver)
return NULL;
} else if (ldns_pkt_get_rcode(resolver->_cur_axfr_pkt) != 0) {
rcode = ldns_lookup_by_id(ldns_rcodes, (int) ldns_pkt_get_rcode(resolver->_cur_axfr_pkt));
+#ifdef STDERR_MSGS
if (rcode) {
fprintf(stderr, "Error in AXFR: %s\n",
rcode->name);
@@ -1373,6 +1376,7 @@ ldns_axfr_next(ldns_resolver *resolver)
(int) ldns_pkt_get_rcode(
resolver->_cur_axfr_pkt));
}
+#endif
/* we must now also close the socket, otherwise subsequent uses of the
same resolver structure will fail because the link is still open or
diff --git a/rr.c b/rr.c
index 4b28f4de..cfee170e 100644
--- a/rr.c
+++ b/rr.c
@@ -1991,13 +1991,13 @@ static const ldns_rdf_type type_lp_wireformat[] = {
LDNS_RDF_TYPE_INT16,
LDNS_RDF_TYPE_DNAME
};
-#ifdef DRAFT_RRTYPES
static const ldns_rdf_type type_eui48_wireformat[] = {
LDNS_RDF_TYPE_EUI48
};
static const ldns_rdf_type type_eui64_wireformat[] = {
LDNS_RDF_TYPE_EUI64
};
+#ifdef RRTYPE_URI
static const ldns_rdf_type type_uri_wireformat[] = {
LDNS_RDF_TYPE_INT16,
LDNS_RDF_TYPE_INT16,
@@ -2134,19 +2134,22 @@ static ldns_rr_descriptor rdata_field_descriptors[] = {
*/
{LDNS_RR_TYPE_HIP, "HIP", 1, 1, type_hip_wireformat, LDNS_RDF_TYPE_DNAME, LDNS_RR_NO_COMPRESS, 0 },
-#ifdef DRAFT_RRTYPES
+#ifdef RRTYPE_NINFO
/* 56 */
{LDNS_RR_TYPE_NINFO, "NINFO", 1, 0, NULL, LDNS_RDF_TYPE_STR, LDNS_RR_NO_COMPRESS, 0 },
+#else
+{LDNS_RR_TYPE_NULL, "TYPE56", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
+#endif
+#ifdef RRTYPE_RKEY
/* 57 */
{LDNS_RR_TYPE_RKEY, "RKEY", 4, 4, type_key_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
#else
-{LDNS_RR_TYPE_NULL, "TYPE56", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
{LDNS_RR_TYPE_NULL, "TYPE57", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
#endif
/* 58 */
{LDNS_RR_TYPE_TALINK, "TALINK", 2, 2, type_talink_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 2 },
-#ifdef DRAFT_RRTYPES
+#ifdef RRTYPE_CDS
/* 59 */
{LDNS_RR_TYPE_CDS, "CDS", 4, 4, type_ds_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
#else
@@ -2213,16 +2216,10 @@ static ldns_rr_descriptor rdata_field_descriptors[] = {
{LDNS_RR_TYPE_L64, "L64", 2, 2, type_l64_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
/* 107 */
{LDNS_RR_TYPE_LP, "LP", 2, 2, type_lp_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 1 },
-
-#ifdef DRAFT_RRTYPES
/* 108 */
{LDNS_RR_TYPE_EUI48, "EUI48", 1, 1, type_eui48_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
/* 109 */
{LDNS_RR_TYPE_EUI64, "EUI64", 1, 1, type_eui64_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-#else
-{LDNS_RR_TYPE_NULL, "TYPE108", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-{LDNS_RR_TYPE_NULL, "TYPE109", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-#endif
{LDNS_RR_TYPE_NULL, "TYPE110", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
{LDNS_RR_TYPE_NULL, "TYPE111", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
@@ -2386,7 +2383,7 @@ static ldns_rr_descriptor rdata_field_descriptors[] = {
/* ANY: A request for all (available) records */
{LDNS_RR_TYPE_NULL, "TYPE255", 1, 1, type_0_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
-#ifdef DRAFT_RRTYPES
+#ifdef RRTYPE_URI
/* 256 */
{LDNS_RR_TYPE_URI, "URI", 3, 3, type_uri_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
#else
@@ -2397,7 +2394,7 @@ static ldns_rr_descriptor rdata_field_descriptors[] = {
/* split in array, no longer contiguous */
-#ifdef DRAFT_RRTYPES
+#ifdef RRTYPE_TA
/* 32768 */
{LDNS_RR_TYPE_TA, "TA", 4, 4, type_ds_wireformat, LDNS_RDF_TYPE_NONE, LDNS_RR_NO_COMPRESS, 0 },
#else