From fed4818c2739dea98f9110b3998679cd12331704 Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Thu, 14 Jul 2016 11:03:33 +0200
Subject: [PATCH 01/25] Fix idle_timeout without keepalive for TLS

---
 src/stub.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/stub.c b/src/stub.c
index 94627d24..30e80125 100644
--- a/src/stub.c
+++ b/src/stub.c
@@ -330,7 +330,7 @@ process_keepalive(
 			/* For TCP if no keepalive sent back, then we must use 0 idle timeout
 			   as server does not support it. TLS allows idle connections without
 			   keepalive, according to RFC7858. */
-#if !defined(KEEP_CONNECTIONS_OPEN_DEBUG) && !KEEP_CONNECTIONS_OPEN_DEBUG
+#if !defined(KEEP_CONNECTIONS_OPEN_DEBUG) || !KEEP_CONNECTIONS_OPEN_DEBUG
 			if (upstream->transport != GETDNS_TRANSPORT_TLS)
 				upstream->keepalive_timeout = 0;
 			else

From 470fb7a5fbeb2f8a1eba68c11fddeb1494fceaaa Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Thu, 14 Jul 2016 11:42:21 +0200
Subject: [PATCH 02/25] !0 is not necessarily 1

---
 src/stub.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/stub.c b/src/stub.c
index 30e80125..2b6f9c36 100644
--- a/src/stub.c
+++ b/src/stub.c
@@ -1597,7 +1597,7 @@ upstream_valid_and_open(getdns_upstream *upstream,
 		return 1;
 	/* Connection is complete, we know the auth status so check*/
 	if (upstream->conn_state == GETDNS_CONN_OPEN && 
-	    !upstream_auth_status_ok(upstream, netreq) == 1) 
+	    !upstream_auth_status_ok(upstream, netreq)) 
 		return 0;
 	/* We must have a TLS connection still setting up so schedule and the
 	   write code will check again once the connection is complete*/

From 74b57d4679abe9d1d7deaad175229f3036c61b25 Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Thu, 14 Jul 2016 13:33:11 +0200
Subject: [PATCH 03/25] Resync utils with unbound source

---
 src/util/import.sh     |  4 ++
 src/util/val_secalgo.c | 96 +++++++++++++++++++++++++-----------------
 src/util/val_secalgo.h | 12 +++++-
 3 files changed, 72 insertions(+), 40 deletions(-)

diff --git a/src/util/import.sh b/src/util/import.sh
index ee903681..82f03921 100755
--- a/src/util/import.sh
+++ b/src/util/import.sh
@@ -44,6 +44,10 @@ do
 	    -e 's/secalgo_ds_digest/_getdns_secalgo_ds_digest/g' \
 	    -e 's/dnskey_algo_id_is_supported/_getdns_dnskey_algo_id_is_supported/g' \
 	    -e 's/verify_canonrrset/_getdns_verify_canonrrset/g' \
+	    -e 's/nsec3_hash_algo_size_supported/_getdns_nsec3_hash_algo_size_supported/g' \
+	    -e 's/secalgo_nsec3_hash/_getdns_secalgo_nsec3_hash/g' \
+	    -e 's/secalgo_hash_sha256/_getdns_secalgo_hash_sha256/g' \
+	    -e 's/ecdsa_evp_workaround_init/_getdns_ecdsa_evp_workaround_init/g' \
 	    -e 's/LDNS_/GLDNS_/g' \
 	    -e 's/enum sec_status/int/g' \
 	    -e 's/sec_status_bogus/0/g' \
diff --git a/src/util/val_secalgo.c b/src/util/val_secalgo.c
index b04400cc..edbf538b 100644
--- a/src/util/val_secalgo.c
+++ b/src/util/val_secalgo.c
@@ -72,7 +72,7 @@
 
 /* return size of digest if supported, or 0 otherwise */
 size_t
-nsec3_hash_algo_size_supported(int id)
+_getdns_nsec3_hash_algo_size_supported(int id)
 {
 	switch(id) {
 	case NSEC3_HASH_SHA1:
@@ -84,7 +84,7 @@ nsec3_hash_algo_size_supported(int id)
 
 /* perform nsec3 hash. return false on failure */
 int
-secalgo_nsec3_hash(int algo, unsigned char* buf, size_t len,
+_getdns_secalgo_nsec3_hash(int algo, unsigned char* buf, size_t len,
         unsigned char* res)
 {
 	switch(algo) {
@@ -96,6 +96,12 @@ secalgo_nsec3_hash(int algo, unsigned char* buf, size_t len,
 	}
 }
 
+void
+_getdns_secalgo_hash_sha256(unsigned char* buf, size_t len, unsigned char* res)
+{
+	(void)SHA256(buf, len, res);
+}
+
 /**
  * Return size of DS digest according to its hash algorithm.
  * @param algo: DS digest algo.
@@ -342,6 +348,23 @@ i	 * the '44' is the total remaining length.
 }
 #endif /* USE_ECDSA */
 
+#ifdef USE_ECDSA_EVP_WORKAROUND
+static EVP_MD ecdsa_evp_256_md;
+static EVP_MD ecdsa_evp_384_md;
+void _getdns_ecdsa_evp_workaround_init(void)
+{
+	/* openssl before 1.0.0 fixes RSA with the SHA256
+	 * hash in EVP.  We create one for ecdsa_sha256 */
+	ecdsa_evp_256_md = *EVP_sha256();
+	ecdsa_evp_256_md.required_pkey_type[0] = EVP_PKEY_EC;
+	ecdsa_evp_256_md.verify = (void*)ECDSA_verify;
+
+	ecdsa_evp_384_md = *EVP_sha384();
+	ecdsa_evp_384_md.required_pkey_type[0] = EVP_PKEY_EC;
+	ecdsa_evp_384_md.verify = (void*)ECDSA_verify;
+}
+#endif /* USE_ECDSA_EVP_WORKAROUND */
+
 /**
  * Setup key and digest for verification. Adjust sig if necessary.
  *
@@ -470,20 +493,7 @@ setup_key_digest(int algo, EVP_PKEY** evp_key, const EVP_MD** digest_type,
 				return 0;
 			}
 #ifdef USE_ECDSA_EVP_WORKAROUND
-			/* openssl before 1.0.0 fixes RSA with the SHA256
-			 * hash in EVP.  We create one for ecdsa_sha256 */
-			{
-				static int md_ecdsa_256_done = 0;
-				static EVP_MD md;
-				if(!md_ecdsa_256_done) {
-					EVP_MD m = *EVP_sha256();
-					md_ecdsa_256_done = 1;
-					m.required_pkey_type[0] = (*evp_key)->type;
-					m.verify = (void*)ECDSA_verify;
-					md = m;
-				}
-				*digest_type = &md;
-			}
+			*digest_type = &ecdsa_evp_256_md;
 #else
 			*digest_type = EVP_sha256();
 #endif
@@ -497,20 +507,7 @@ setup_key_digest(int algo, EVP_PKEY** evp_key, const EVP_MD** digest_type,
 				return 0;
 			}
 #ifdef USE_ECDSA_EVP_WORKAROUND
-			/* openssl before 1.0.0 fixes RSA with the SHA384
-			 * hash in EVP.  We create one for ecdsa_sha384 */
-			{
-				static int md_ecdsa_384_done = 0;
-				static EVP_MD md;
-				if(!md_ecdsa_384_done) {
-					EVP_MD m = *EVP_sha384();
-					md_ecdsa_384_done = 1;
-					m.required_pkey_type[0] = (*evp_key)->type;
-					m.verify = (void*)ECDSA_verify;
-					md = m;
-				}
-				*digest_type = &md;
-			}
+			*digest_type = &ecdsa_evp_384_md;
 #else
 			*digest_type = EVP_sha384();
 #endif
@@ -544,7 +541,7 @@ _getdns_verify_canonrrset(gldns_buffer* buf, int algo, unsigned char* sigblock,
 {
 	const EVP_MD *digest_type;
 	EVP_MD_CTX* ctx;
-	int res, dofree = 0;
+	int res, dofree = 0, docrypto_free = 0;
 	EVP_PKEY *evp_key = NULL;
 	
 	if(!setup_key_digest(algo, &evp_key, &digest_type, key, keylen)) {
@@ -563,7 +560,7 @@ _getdns_verify_canonrrset(gldns_buffer* buf, int algo, unsigned char* sigblock,
 			EVP_PKEY_free(evp_key);
 			return 0;
 		}
-		dofree = 1;
+		docrypto_free = 1;
 	}
 #endif
 #if defined(USE_ECDSA) && defined(USE_DSA)
@@ -593,6 +590,7 @@ _getdns_verify_canonrrset(gldns_buffer* buf, int algo, unsigned char* sigblock,
 		log_err("EVP_MD_CTX_new: malloc failure");
 		EVP_PKEY_free(evp_key);
 		if(dofree) free(sigblock);
+		else if(docrypto_free) CRYPTO_free(sigblock);
 		return 0;
 	}
 	if(EVP_VerifyInit(ctx, digest_type) == 0) {
@@ -600,6 +598,7 @@ _getdns_verify_canonrrset(gldns_buffer* buf, int algo, unsigned char* sigblock,
 		EVP_MD_CTX_destroy(ctx);
 		EVP_PKEY_free(evp_key);
 		if(dofree) free(sigblock);
+		else if(docrypto_free) CRYPTO_free(sigblock);
 		return 0;
 	}
 	if(EVP_VerifyUpdate(ctx, (unsigned char*)gldns_buffer_begin(buf), 
@@ -608,15 +607,21 @@ _getdns_verify_canonrrset(gldns_buffer* buf, int algo, unsigned char* sigblock,
 		EVP_MD_CTX_destroy(ctx);
 		EVP_PKEY_free(evp_key);
 		if(dofree) free(sigblock);
+		else if(docrypto_free) CRYPTO_free(sigblock);
 		return 0;
 	}
 
 	res = EVP_VerifyFinal(ctx, sigblock, sigblock_len, evp_key);
+#ifdef HAVE_EVP_MD_CTX_NEW
 	EVP_MD_CTX_destroy(ctx);
+#else
+	EVP_MD_CTX_cleanup(ctx);
+	free(ctx);
+#endif
 	EVP_PKEY_free(evp_key);
 
-	if(dofree)
-		free(sigblock);
+	if(dofree) free(sigblock);
+	else if(docrypto_free) CRYPTO_free(sigblock);
 
 	if(res == 1) {
 		return 1;
@@ -644,7 +649,7 @@ _getdns_verify_canonrrset(gldns_buffer* buf, int algo, unsigned char* sigblock,
 
 /* return size of digest if supported, or 0 otherwise */
 size_t
-nsec3_hash_algo_size_supported(int id)
+_getdns_nsec3_hash_algo_size_supported(int id)
 {
 	switch(id) {
 	case NSEC3_HASH_SHA1:
@@ -656,7 +661,7 @@ nsec3_hash_algo_size_supported(int id)
 
 /* perform nsec3 hash. return false on failure */
 int
-secalgo_nsec3_hash(int algo, unsigned char* buf, size_t len,
+_getdns_secalgo_nsec3_hash(int algo, unsigned char* buf, size_t len,
         unsigned char* res)
 {
 	switch(algo) {
@@ -668,6 +673,12 @@ secalgo_nsec3_hash(int algo, unsigned char* buf, size_t len,
 	}
 }
 
+void
+_getdns_secalgo_hash_sha256(unsigned char* buf, size_t len, unsigned char* res)
+{
+	(void)HASH_HashBuf(HASH_AlgSHA256, res, buf, (unsigned long)len);
+}
+
 size_t
 _getdns_ds_digest_size_supported(int algo)
 {
@@ -1185,6 +1196,9 @@ _getdns_verify_canonrrset(gldns_buffer* buf, int algo, unsigned char* sigblock,
 #include "macros.h"
 #include "rsa.h"
 #include "dsa.h"
+#ifdef HAVE_NETTLE_DSA_COMPAT_H
+#include "dsa-compat.h"
+#endif
 #include "asn1.h"
 #ifdef USE_ECDSA
 #include "ecdsa.h"
@@ -1236,7 +1250,7 @@ _digest_nettle(int algo, uint8_t* buf, size_t len,
 
 /* return size of digest if supported, or 0 otherwise */
 size_t
-nsec3_hash_algo_size_supported(int id)
+_getdns_nsec3_hash_algo_size_supported(int id)
 {
 	switch(id) {
 	case NSEC3_HASH_SHA1:
@@ -1248,7 +1262,7 @@ nsec3_hash_algo_size_supported(int id)
 
 /* perform nsec3 hash. return false on failure */
 int
-secalgo_nsec3_hash(int algo, unsigned char* buf, size_t len,
+_getdns_secalgo_nsec3_hash(int algo, unsigned char* buf, size_t len,
         unsigned char* res)
 {
 	switch(algo) {
@@ -1260,6 +1274,12 @@ secalgo_nsec3_hash(int algo, unsigned char* buf, size_t len,
 	}
 }
 
+void
+_getdns_secalgo_hash_sha256(unsigned char* buf, size_t len, unsigned char* res)
+{
+	_digest_nettle(SHA256_DIGEST_SIZE, (uint8_t*)buf, len, res);
+}
+
 /**
  * Return size of DS digest according to its hash algorithm.
  * @param algo: DS digest algo.
diff --git a/src/util/val_secalgo.h b/src/util/val_secalgo.h
index 917ebc00..704449ec 100644
--- a/src/util/val_secalgo.h
+++ b/src/util/val_secalgo.h
@@ -45,7 +45,7 @@
 struct gldns_buffer;
 
 /** Return size of nsec3 hash algorithm, 0 if not supported */
-size_t nsec3_hash_algo_size_supported(int id);
+size_t _getdns_nsec3_hash_algo_size_supported(int id);
 
 /**
  * Hash a single hash call of an NSEC3 hash algorithm.
@@ -56,9 +56,17 @@ size_t nsec3_hash_algo_size_supported(int id);
  * @param res: result stored here (must have sufficient space).
  * @return false on failure.
 */
-int secalgo_nsec3_hash(int algo, unsigned char* buf, size_t len,
+int _getdns_secalgo_nsec3_hash(int algo, unsigned char* buf, size_t len,
         unsigned char* res);
 
+/**
+ * Calculate the sha256 hash for the data buffer into the result.
+ * @param buf: buffer to digest.
+ * @param len: length of the buffer to digest.
+ * @param res: result is stored here (space 256/8 bytes).
+ */
+void _getdns_secalgo_hash_sha256(unsigned char* buf, size_t len, unsigned char* res);
+
 /**
  * Return size of DS digest according to its hash algorithm.
  * @param algo: DS digest algo.

From b4e7a82e11d644e7309d9de1fa9989feaf81635b Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Thu, 14 Jul 2016 13:40:49 +0200
Subject: [PATCH 04/25] EDNS0 padding is RFC

---
 src/gldns/rrdef.h    | 3 ++-
 src/gldns/wire2str.c | 6 +++++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/gldns/rrdef.h b/src/gldns/rrdef.h
index 703ee31e..b13580ea 100644
--- a/src/gldns/rrdef.h
+++ b/src/gldns/rrdef.h
@@ -421,7 +421,8 @@ enum gldns_enum_edns_option
 	GLDNS_EDNS_DHU = 6, /* RFC6975 */
 	GLDNS_EDNS_N3U = 7, /* RFC6975 */
 	GLDNS_EDNS_CLIENT_SUBNET = 8, /* draft-vandergaast-edns-client-subnet */
-	GLDNS_EDNS_KEEPALIVE = 11 /* draft-ietf-dnsop-edns-tcp-keepalive*/
+	GLDNS_EDNS_KEEPALIVE = 11, /* draft-ietf-dnsop-edns-tcp-keepalive*/
+	GLDNS_EDNS_PADDING = 12 /* RFC7830 */
 };
 typedef enum gldns_enum_edns_option gldns_edns_option;
 
diff --git a/src/gldns/wire2str.c b/src/gldns/wire2str.c
index b9a979eb..abc055d7 100644
--- a/src/gldns/wire2str.c
+++ b/src/gldns/wire2str.c
@@ -166,6 +166,7 @@ static gldns_lookup_table gldns_edns_options_data[] = {
 	{ 7, "N3U" },
 	{ 8, "edns-client-subnet" },
 	{ 11, "edns-tcp-keepalive"},
+	{ 12, "Padding" },
 	{ 0, NULL}
 };
 gldns_lookup_table* gldns_edns_options = gldns_edns_options_data;
@@ -1886,7 +1887,10 @@ int gldns_wire2str_edns_option_print(char** s, size_t* sl,
 		break;
 	 case GLDNS_EDNS_KEEPALIVE:
 		w += gldns_wire2str_edns_keepalive_print(s, sl, optdata, optlen);
-		break; 
+		break;
+	case GLDNS_EDNS_PADDING:
+		w += print_hex_buf(s, sl, optdata, optlen);
+		break;
 	default:
 		/* unknown option code */
 		w += print_hex_buf(s, sl, optdata, optlen);

From af706716412503707267b3fa8eacf2155fe15126 Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Thu, 14 Jul 2016 13:46:12 +0200
Subject: [PATCH 05/25] =?UTF-8?q?parentheses=20around=20comparison=20in=20?=
 =?UTF-8?q?operand=20of=20=E2=80=98&=E2=80=99?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/context.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/context.c b/src/context.c
index b0c9a198..edea6aef 100644
--- a/src/context.c
+++ b/src/context.c
@@ -1297,7 +1297,7 @@ getdns_context_create_with_extended_memory_functions(
 	/* Unbound needs SSL to be init'ed this early when TLS is used. However we
 	 * don't know that till later so we will have to do this every time. */
 
-	if (set_from_os & 2 == 0)
+	if ((set_from_os & 2) == 0)
 		SSL_library_init();
 
 #ifdef HAVE_LIBUNBOUND

From ea69d31dba214399ea386b3b5af31731bce72e3a Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Thu, 14 Jul 2016 13:54:58 +0200
Subject: [PATCH 06/25] move getdns_query to src/tools

---
 .gitignore                                    |    2 +-
 Makefile.in                                   |   11 +-
 configure.ac                                  |    8 +-
 src/Makefile.in                               |   31 +-
 src/test/Makefile.in                          |   16 +-
 src/test/getdns_query.c                       | 1614 -----------------
 src/test/tpkg/110-link.tpkg/110-link.test     |    2 +-
 .../210-stub-only-link.test                   |    2 +-
 8 files changed, 25 insertions(+), 1661 deletions(-)
 delete mode 100644 src/test/getdns_query.c

diff --git a/.gitignore b/.gitignore
index fce9d682..0f4482ef 100644
--- a/.gitignore
+++ b/.gitignore
@@ -36,9 +36,9 @@ src/test/check_getdns
 src/test/check_getdns_event
 src/test/check_getdns_uv
 src/test/check_getdns_ev
-src/test/getdns_query
 src/test/scratchpad
 src/test/scratchpad.c
+src/tools/getdns_query
 doc/*.3
 src/getdns/getdns.h
 *.log
diff --git a/Makefile.in b/Makefile.in
index 331c889e..8364c14e 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -111,10 +111,10 @@ pad: scratchpad
 	src/test/scratchpad || ./libtool exec gdb src/test/scratchpad
 
 install-getdns_query:
-	cd src/test && $(MAKE) install
+	cd src/tools && $(MAKE) install
 
 uninstall-getdns_query:
-	cd src/test && $(MAKE) uninstall
+	cd src/tools && $(MAKE) uninstall
 
 clean:
 	cd src && $(MAKE) $@
@@ -182,6 +182,8 @@ $(distdir):
 	mkdir -p $(distdir)/src/compat
 	mkdir -p $(distdir)/src/util
 	mkdir -p $(distdir)/src/gldns
+	mkdir -p $(distdir)/src/tools
+	mkdir -p $(distdir)/src/jsmn
 	mkdir -p $(distdir)/doc
 	mkdir -p $(distdir)/spec
 	mkdir -p $(distdir)/spec/example
@@ -224,6 +226,11 @@ $(distdir):
 	cp $(srcdir)/spec/*.tgz $(distdir)/spec || true
 	cp $(srcdir)/spec/example/Makefile.in $(distdir)/spec/example
 	cp $(srcdir)/spec/example/*.[ch] $(distdir)/spec/example
+	cp $(srcdir)/src/tools/Makefile.in $(distdir)/src/tools
+	cp $(srcdir)/src/tools/*.[ch] $(distdir)/src/tools
+	cp $(srcdir)/src/jsmn/*.[ch] $(distdir)/src/jsmn
+	cp $(srcdir)/src/jsmn/LICENSE $(distdir)/src/jsmn
+	cp $(srcdir)/src/jsmn/README.md $(distdir)/src/jsmn
 	rm -f $(distdir)/Makefile $(distdir)/src/Makefile $(distdir)/src/getdns/getdns.h $(distdir)/spec/example/Makefile $(distdir)/src/test/Makefile $(distdir)/doc/Makefile $(distdir)/src/config.h
 
 distcheck: $(distdir).tar.gz
diff --git a/configure.ac b/configure.ac
index 468178ce..2651ec1a 100644
--- a/configure.ac
+++ b/configure.ac
@@ -889,9 +889,9 @@ AC_DEFINE_UNQUOTED([TRUST_ANCHOR_FILE], ["$TRUST_ANCHOR_FILE"], [Default trust a
 AC_SUBST(TRUST_ANCHOR_FILE)
 AC_MSG_NOTICE([Default trust anchor: $TRUST_ANCHOR_FILE])
 
-AC_ARG_WITH(getdns_query, AS_HELP_STRING([--with-getdns_query],
-	[Also compile and install the getdns_query tool]),
-	[], [withval="no"])
+AC_ARG_WITH(getdns_query, AS_HELP_STRING([--without-getdns_query],
+	[Do not compile and install the getdns_query tool]),
+	[], [withval="yes"])
 if test x_$withval = x_no; then
 	GETDNS_QUERY=""
 	INSTALL_GETDNS_QUERY=""
@@ -917,7 +917,7 @@ AC_SUBST(GETDNS_QUERY)
 AC_SUBST(INSTALL_GETDNS_QUERY)
 AC_SUBST(UNINSTALL_GETDNS_QUERY)
 
-AC_CONFIG_FILES([Makefile src/Makefile src/version.c src/getdns/getdns.h src/getdns/getdns_extra.h spec/example/Makefile src/test/Makefile doc/Makefile getdns.pc getdns_ext_event.pc])
+AC_CONFIG_FILES([Makefile src/Makefile src/version.c src/getdns/getdns.h src/getdns/getdns_extra.h spec/example/Makefile src/test/Makefile src/tools/Makefile doc/Makefile getdns.pc getdns_ext_event.pc])
 if [ test -n "$DOXYGEN" ]
     then AC_CONFIG_FILES([src/Doxyfile])
 fi
diff --git a/src/Makefile.in b/src/Makefile.in
index c9ff78db..212b7180 100644
--- a/src/Makefile.in
+++ b/src/Makefile.in
@@ -157,7 +157,7 @@ test:	all
 	cd test && $(MAKE) $@
 
 getdns_query:	all
-	cd test && $(MAKE) $@
+	cd tools && $(MAKE) $@
 
 scratchpad:	all
 	cd test && $(MAKE) $@
@@ -165,11 +165,13 @@ scratchpad:	all
 pad: scratchpad
 
 clean:
+	cd tools && $(MAKE) $@
 	cd test && $(MAKE) $@
 	rm -f *.o *.lo extension/*.lo extension/*.o $(PROGRAMS) libgetdns.la libgetdns_ext_*.la
 	rm -rf .libs extension/.libs
 
 distclean : clean
+	cd tools && $(MAKE) $@
 	cd test && $(MAKE) $@
 	rmdir test 2>/dev/null || true
 	rm -f Makefile config.status config.log Doxyfile config.h version.c getdns/Makefile getdns/getdns.h getdns/getdns_extra.h
@@ -177,35 +179,9 @@ distclean : clean
 	rmdir extension 2>/dev/null || true
 	rm -Rf autom4te.cache
 
-$(distdir): FORCE
-	mkdir -p $(distdir)/src
-	cp configure.ac $(distdir)
-	cp configure $(distdir)
-	cp Makefile.in $(distdir)
-	cp src/Makefile.in $(distdir)/src
-
-distcheck: $(distdir).tar.gz
-	gzip -cd $(distdir).tar.gz | tar xvf -
-	cd $(distdir) && ./configure
-	cd $(distdir) && $(MAKE) all
-	cd $(distdir) && $(MAKE) check
-	cd $(distdir) && $(MAKE) DESTDIR=$${PWD}/_inst install
-	cd $(distdir) && $(MAKE) DESTDIR=$${PWD}/_inst uninstall
-	@remaining="`find $${PWD}/$(distdir)/_inst -type f | wc -l`"; \
-	if test "$${remaining}" -ne 0; then
-	  echo "@@@ $${remaining} file(s) remaining in stage directory!"; \
-	  exit 1; \
-	fi
-	cd $(distdir) && $(MAKE) clean
-	rm -rf $(distdir)
-	@echo "*** Package $(distdir).tar.gz is ready for distribution"
-
 Makefile: $(srcdir)/Makefile.in ../config.status
 	cd .. && ./config.status src/Makefile
 
-configure.status: configure
-	cd .. && ./config.status --recheck
-
 depend:
 	(cd $(srcdir) ; awk 'BEGIN{P=1}{if(P)print}/^# Dependencies/{P=0}' Makefile.in > Makefile.in.new )
 	(blddir=`pwd`; cd $(srcdir) ; gcc -MM -I. -I"$$blddir" *.c gldns/*.c compat/*.c util/*.c jsmn/*.c extension/*.c| \
@@ -225,6 +201,7 @@ depend:
 		    -e 's!\(.*\)\.o[ :]*!\1.lo \1.o: !g' >> Makefile.in.new )
 	(cd $(srcdir) ; diff Makefile.in.new Makefile.in && rm Makefile.in.new \
 	                                                 || mv Makefile.in.new Makefile.in )
+	cd tools && $(MAKE) $@
 	cd test && $(MAKE) $@
 
 .PHONY: clean test
diff --git a/src/test/Makefile.in b/src/test/Makefile.in
index a33ec15f..83e9e9c6 100644
--- a/src/test/Makefile.in
+++ b/src/test/Makefile.in
@@ -67,13 +67,13 @@ CHECK_OBJS=check_getdns_common.lo check_getdns_context_set_timeout.lo \
 	check_getdns.lo check_getdns_transport.lo
 
 ALL_OBJS=$(CHECK_OBJS) check_getdns_libevent.lo check_getdns_libev.lo \
-	check_getdns_selectloop.lo getdns_query.lo scratchpad.lo \
+	check_getdns_selectloop.lo scratchpad.lo \
 	testmessages.lo tests_dict.lo tests_list.lo tests_namespaces.lo \
 	tests_stub_async.lo tests_stub_sync.lo
 
 NON_C99_OBJS=check_getdns_libuv.lo
 
-PROGRAMS=tests_dict tests_list tests_namespaces tests_stub_async tests_stub_sync getdns_query $(CHECK_GETDNS) $(CHECK_EV_PROG) $(CHECK_EVENT_PROG) $(CHECK_UV_PROG)
+PROGRAMS=tests_dict tests_list tests_namespaces tests_stub_async tests_stub_sync $(CHECK_GETDNS) $(CHECK_EV_PROG) $(CHECK_EVENT_PROG) $(CHECK_UV_PROG)
 
 
 .SUFFIXES: .c .o .a .lo .h
@@ -124,9 +124,6 @@ check_getdns_uv: check_getdns.lo check_getdns_common.lo check_getdns_context_set
 check_getdns_ev: check_getdns.lo check_getdns_common.lo check_getdns_context_set_timeout.lo check_getdns_transport.lo check_getdns_libev.lo ../libgetdns_ext_ev.la
 	$(LIBTOOL) --tag=CC --mode=link $(CC) $(CFLAGS) -o $@ check_getdns.lo check_getdns_common.lo check_getdns_context_set_timeout.lo check_getdns_transport.lo check_getdns_libev.lo $(LDFLAGS) $(LDLIBS) $(CHECK_CFLAGS) $(CHECK_LIBS) ../libgetdns_ext_ev.la $(EXTENSION_LIBEV_LDFLAGS) $(EXTENSION_LIBEV_EXT_LIBS)
 
-getdns_query: getdns_query.lo
-	$(LIBTOOL) --tag=CC --mode=link $(CC) $(CFLAGS) -o $@ getdns_query.lo $(LDFLAGS) $(LDLIBS)
-
 scratchpad: scratchpad.lo
 	$(LIBTOOL) --tag=CC --mode=link $(CC) $(CFLAGS) -o $@ scratchpad.lo $(LDFLAGS) $(LDLIBS)
 
@@ -135,12 +132,11 @@ scratchpad.lo: scratchpad.c
 $(srcdir)/scratchpad.c: scratchpad.template.c
 	[ ! -f $(srcdir)/scratchpad.c ] && cp -p $(srcdir)/scratchpad.template.c $(srcdir)/scratchpad.c || true
 
-install: getdns_query
-	$(INSTALL) -m 755 -d $(DESTDIR)$(bindir)
-	$(LIBTOOL) --mode=install cp getdns_query $(DESTDIR)$(bindir)
+install:
+	echo nothing to install
 
 uninstall:
-	$(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(bindir)/getdns_query
+	echo nothing to uninstall
 
 nolibcheck:
 	@echo "***"
@@ -263,8 +259,6 @@ check_getdns_selectloop.lo check_getdns_selectloop.o: $(srcdir)/check_getdns_sel
 check_getdns_transport.lo check_getdns_transport.o: $(srcdir)/check_getdns_transport.c \
  $(srcdir)/check_getdns_transport.h $(srcdir)/check_getdns_common.h ../getdns/getdns.h \
  ../getdns/getdns_extra.h
-getdns_query.lo getdns_query.o: $(srcdir)/getdns_query.c ../config.h $(srcdir)/../debug.h ../config.h \
- ../getdns/getdns.h ../getdns/getdns_extra.h
 scratchpad.template.lo scratchpad.template.o: scratchpad.template.c ../getdns/getdns.h \
  ../getdns/getdns_extra.h
 testmessages.lo testmessages.o: $(srcdir)/testmessages.c $(srcdir)/testmessages.h
diff --git a/src/test/getdns_query.c b/src/test/getdns_query.c
deleted file mode 100644
index 81ebd79d..00000000
--- a/src/test/getdns_query.c
+++ /dev/null
@@ -1,1614 +0,0 @@
-/*
- * Copyright (c) 2013, NLNet Labs, Verisign, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- * * Redistributions of source code must retain the above copyright
- *   notice, this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- *   notice, this list of conditions and the following disclaimer in the
- *   documentation and/or other materials provided with the distribution.
- * * Neither the names of the copyright holders nor the
- *   names of its contributors may be used to endorse or promote products
- *   derived from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL Verisign, Inc. BE LIABLE FOR ANY
- * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
- * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "config.h"
-#include "debug.h"
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <inttypes.h>
-#include <ctype.h>
-#include <getdns/getdns.h>
-#include <getdns/getdns_extra.h>
-#ifndef USE_WINSOCK
-#include <arpa/inet.h>
-#include <sys/time.h>
-#include <netdb.h>
-#else
-#include <winsock2.h>
-#include <iphlpapi.h>
-typedef unsigned short in_port_t;
-#include <windows.h>
-#include <wincrypt.h>
-#endif
-
-#define EXAMPLE_PIN "pin-sha256=\"E9CZ9INDbd+2eRQozYqqbQ2yXLVKB9+xcprMF+44U1g=\""
-
-static int quiet = 0;
-static int batch_mode = 0;
-static char *query_file = NULL;
-static int json = 0;
-static char *the_root = ".";
-static char *name;
-static getdns_context *context;
-static getdns_dict *extensions;
-static getdns_dict *query_extensions_spc = NULL;
-static getdns_list *pubkey_pinset = NULL;
-static getdns_list *listen_list = NULL;
-int touched_listen_list;
-static getdns_dict *listen_dict = NULL;
-static size_t pincount = 0;
-static size_t listen_count = 0;
-static uint16_t request_type = GETDNS_RRTYPE_NS;
-static int timeout, edns0_size, padding_blocksize;
-static int async = 0, interactive = 0;
-static enum { GENERAL, ADDRESS, HOSTNAME, SERVICE } calltype = GENERAL;
-
-static int get_rrtype(const char *t)
-{
-	char buf[1024] = "GETDNS_RRTYPE_";
-	uint32_t rrtype;
-	long int l;
-	size_t i;
-	char *endptr;
-
-	if (strlen(t) > sizeof(buf) - 15)
-		return -1;
-	for (i = 14; *t && i < sizeof(buf) - 1; i++, t++)
-		buf[i] = toupper(*t);
-	buf[i] = '\0';
-
-	if (!getdns_str2int(buf, &rrtype))
-		return (int)rrtype;
-
-	if (strncasecmp(buf + 14, "TYPE", 4) == 0) {
-		l = strtol(buf + 18, &endptr, 10);
-		if (!*endptr && l >= 0 && l < 65536)
-			return l;
-	}
-	return -1;
-}
-
-static int get_rrclass(const char *t)
-{
-	char buf[1024] = "GETDNS_RRCLASS_";
-	uint32_t rrclass;
-	long int l;
-	size_t i;
-	char *endptr;
-
-	if (strlen(t) > sizeof(buf) - 16)
-		return -1;
-	for (i = 15; *t && i < sizeof(buf) - 1; i++, t++)
-		buf[i] = toupper(*t);
-	buf[i] = '\0';
-
-	if (!getdns_str2int(buf, &rrclass))
-		return (int)rrclass;
-
-	if (strncasecmp(buf + 15, "CLASS", 5) == 0) {
-		l = strtol(buf + 20, &endptr, 10);
-		if (!*endptr && l >= 0 && l < 65536)
-			return l;
-	}
-	return -1;
-}
-
-static getdns_return_t
-fill_transport_list(getdns_context *context, char *transport_list_str, 
-                    getdns_transport_list_t *transports, size_t *transport_count)
-{
-	size_t max_transports = *transport_count;
-	*transport_count = 0;
-	for ( size_t i = 0
-	    ; i < max_transports && i < strlen(transport_list_str)
-	    ; i++, (*transport_count)++) {
-		switch(*(transport_list_str + i)) {
-			case 'U': 
-				transports[i] = GETDNS_TRANSPORT_UDP;
-				break;
-			case 'T': 
-				transports[i] = GETDNS_TRANSPORT_TCP;
-				break;
-			case 'L': 
-				transports[i] = GETDNS_TRANSPORT_TLS;
-				break;
-			default:
-				fprintf(stderr, "Unrecognised transport '%c' in string %s\n", 
-				       *(transport_list_str + i), transport_list_str);
-				return GETDNS_RETURN_GENERIC_ERROR;
-		}
-	}
-	return GETDNS_RETURN_GOOD;
-}
-
-void
-print_usage(FILE *out, const char *progname)
-{
-	fprintf(out, "usage: %s [<option> ...] \\\n"
-	    "\t[@<upstream> ...] [+<extension> ...] [\'{ <settings> }\'] [<name>] [<type>]\n", progname);
-	fprintf(out, "\ndefault mode: "
-#ifdef HAVE_LIBUNBOUND
-	    "recursive"
-#else
-	    "stub"
-#endif
-	    ", synchronous resolution of NS record\n\t\tusing UDP with TCP fallback\n");
-	fprintf(out, "\nupstreams: @<ip>[%%<scope_id>][@<port>][#<tls port>][~<tls name>][^<tsig spec>]");
-	fprintf(out, "\n            <ip>@<port> may be given as <IPv4>:<port>");
-	fprintf(out, "\n                  or \'[\'<IPv6>[%%<scope_id>]\']\':<port> too\n");
-	fprintf(out, "\ntsig spec: [<algorithm>:]<name>:<secret in Base64>\n");
-	fprintf(out, "\nextensions:\n");
-	fprintf(out, "\t+add_warning_for_bad_dns\n");
-	fprintf(out, "\t+dnssec_return_status\n");
-	fprintf(out, "\t+dnssec_return_only_secure\n");
-	fprintf(out, "\t+dnssec_return_all_statuses\n");
-	fprintf(out, "\t+dnssec_return_validation_chain\n");
-	fprintf(out, "\t+dnssec_return_full_validation_chain\n");
-#ifdef DNSSEC_ROADBLOCK_AVOIDANCE
-	fprintf(out, "\t+dnssec_roadblock_avoidance\n");
-#endif
-#ifdef EDNS_COOKIES
-	fprintf(out, "\t+edns_cookies\n");
-#endif
-	fprintf(out, "\t+return_both_v4_and_v6\n");
-	fprintf(out, "\t+return_call_reporting\n");
-	fprintf(out, "\t+sit=<cookie>\t\tSend along cookie OPT with value <cookie>\n");
-	fprintf(out, "\t+specify_class=<class>\n");
-	fprintf(out, "\t+0\t\t\tClear all extensions\n");
-	fprintf(out, "\nsettings in json dict format (like outputted by -i option).\n");
-	fprintf(out, "\noptions:\n");
-	fprintf(out, "\t-a\tPerform asynchronous resolution "
-	    "(default = synchronous)\n");
-	fprintf(out, "\t-A\taddress lookup (<type> is ignored)\n");
-	fprintf(out, "\t-B\tBatch mode. Schedule all messages before processing responses.\n");
-	fprintf(out, "\t-b <bufsize>\tSet edns0 max_udp_payload size\n");
-	fprintf(out, "\t-c\tSend Client Subnet privacy request\n");
-	fprintf(out, "\t-C\t<filename>\n");
-	fprintf(out, "\t\tRead settings from config file <filename>\n");
-	fprintf(out, "\t\tThe getdns context will be configured with these settings\n");
-	fprintf(out, "\t\tThe file must be in json dict format.\n");
-	fprintf(out, "\t-D\tSet edns0 do bit\n");
-	fprintf(out, "\t-d\tclear edns0 do bit\n");
-	fprintf(out, "\t-e <idle_timeout>\tSet idle timeout in miliseconds\n");
-	fprintf(out, "\t-F <filename>\tread the queries from the specified file\n");
-	fprintf(out, "\t-f <filename>\tRead DNSSEC trust anchors from <filename>\n");
-	fprintf(out, "\t-G\tgeneral lookup\n");
-	fprintf(out, "\t-H\thostname lookup. (<name> must be an IP address; <type> is ignored)\n");
-	fprintf(out, "\t-h\tPrint this help\n");
-	fprintf(out, "\t-i\tPrint api information\n");
-	fprintf(out, "\t-I\tInteractive mode (> 1 queries on same context)\n");
-	fprintf(out, "\t-j\tOutput json response dict\n");
-	fprintf(out, "\t-J\tPretty print json response dict\n");
-	fprintf(out, "\t-k\tPrint root trust anchors\n");
-	fprintf(out, "\t-K <pin>\tPin a public key for TLS connections (can repeat)\n");
-	fprintf(out, "\t\t(should look like '" EXAMPLE_PIN "')\n");
-	fprintf(out, "\t-n\tSet TLS authentication mode to NONE (default)\n");
-	fprintf(out, "\t-m\tSet TLS authentication mode to REQUIRED\n");
-	fprintf(out, "\t-p\tPretty print response dict\n");
-	fprintf(out, "\t-P <blocksize>\tPad TLS queries to a multiple of blocksize\n");
-	fprintf(out, "\t-q\tQuiet mode - don't print response\n");
-	fprintf(out, "\t-r\tSet recursing resolution type\n");
-	fprintf(out, "\t-R <filename>\tRead root hints from <filename>\n");
-	fprintf(out, "\t-s\tSet stub resolution type (default = recursing)\n");
-	fprintf(out, "\t-S\tservice lookup (<type> is ignored)\n");
-	fprintf(out, "\t-t <timeout>\tSet timeout in miliseconds\n");
-	fprintf(out, "\t-x\tDo not follow redirects\n");
-	fprintf(out, "\t-X\tFollow redirects (default)\n");
-
-	fprintf(out, "\t-0\tAppend suffix to single label first (default)\n");
-	fprintf(out, "\t-W\tAppend suffix always\n");
-	fprintf(out, "\t-1\tAppend suffix only to single label after failure\n");
-	fprintf(out, "\t-M\tAppend suffix only to multi label name after failure\n");
-	fprintf(out, "\t-N\tNever append a suffix\n");
-	fprintf(out, "\t-Z <suffixes>\tSet suffixes with the given comma separed list\n");
-
-	fprintf(out, "\t-T\tSet transport to TCP only\n");
-	fprintf(out, "\t-O\tSet transport to TCP only keep connections open\n");
-	fprintf(out, "\t-L\tSet transport to TLS only keep connections open\n");
-	fprintf(out, "\t-E\tSet transport to TLS with TCP fallback only keep connections open\n");
-	fprintf(out, "\t-u\tSet transport to UDP with TCP fallback (default)\n");
-	fprintf(out, "\t-U\tSet transport to UDP only\n");
-	fprintf(out, "\t-l <transports>\tSet transport list. List can contain 1 of each of the characters\n");
-	fprintf(out, "\t\t\t U T L S for UDP, TCP or TLS e.g 'UT' or 'LTU' \n");
-	fprintf(out, "\t-z <listen address>\n");
-	fprintf(out, "\t\tListen for DNS requests on the given IP address\n");
-	fprintf(out, "\t\t<listen address> is in the same format as upstreams.\n");
-	fprintf(out, "\t\tThis option can be given more than once.\n");
-}
-
-static getdns_return_t validate_chain(getdns_dict *response)
-{
-	getdns_return_t r;
-	getdns_list *validation_chain;
-	getdns_list *replies_tree;
-	getdns_dict *reply;
-	getdns_list *to_validate;
-	getdns_list *trust_anchor;
-	size_t i;
-	int s;
-	
-	if (!(to_validate = getdns_list_create()))
-		return GETDNS_RETURN_MEMORY_ERROR;
-
-	if (getdns_context_get_dnssec_trust_anchors(context, &trust_anchor))
-		trust_anchor = getdns_root_trust_anchor(NULL);
-
-	if ((r = getdns_dict_get_list(
-	    response, "validation_chain", &validation_chain)))
-		goto error;
-
-	if ((r = getdns_dict_get_list(
-	    response, "replies_tree", &replies_tree)))
-		goto error;
-
-	fprintf(stdout, "replies_tree dnssec_status: ");
-	switch ((s = getdns_validate_dnssec(
-	    replies_tree, validation_chain, trust_anchor))) {
-
-	case GETDNS_DNSSEC_SECURE:
-		fprintf(stdout, "GETDNS_DNSSEC_SECURE\n");
-		break;
-	case GETDNS_DNSSEC_BOGUS:
-		fprintf(stdout, "GETDNS_DNSSEC_BOGUS\n");
-		break;
-	case GETDNS_DNSSEC_INDETERMINATE:
-		fprintf(stdout, "GETDNS_DNSSEC_INDETERMINATE\n");
-		break;
-	case GETDNS_DNSSEC_INSECURE:
-		fprintf(stdout, "GETDNS_DNSSEC_INSECURE\n");
-		break;
-	case GETDNS_DNSSEC_NOT_PERFORMED:
-		fprintf(stdout, "GETDNS_DNSSEC_NOT_PERFORMED\n");
-		break;
-	default:
-		fprintf(stdout, "%d\n", (int)s);
-	}
-
-	i = 0;
-	while (!(r = getdns_list_get_dict(replies_tree, i++, &reply))) {
-
-		if ((r = getdns_list_set_dict(to_validate, 0, reply)))
-			goto error;
-
-		printf("reply "PRIsz", dnssec_status: ", i);
-		switch ((s = getdns_validate_dnssec(
-		    to_validate, validation_chain, trust_anchor))) {
-
-		case GETDNS_DNSSEC_SECURE:
-			fprintf(stdout, "GETDNS_DNSSEC_SECURE\n");
-			break;
-		case GETDNS_DNSSEC_BOGUS:
-			fprintf(stdout, "GETDNS_DNSSEC_BOGUS\n");
-			break;
-		case GETDNS_DNSSEC_INDETERMINATE:
-			fprintf(stdout, "GETDNS_DNSSEC_INDETERMINATE\n");
-			break;
-		case GETDNS_DNSSEC_INSECURE:
-			fprintf(stdout, "GETDNS_DNSSEC_INSECURE\n");
-			break;
-		case GETDNS_DNSSEC_NOT_PERFORMED:
-			fprintf(stdout, "GETDNS_DNSSEC_NOT_PERFORMED\n");
-			break;
-		default:
-			fprintf(stdout, "%d\n", (int)s);
-		}
-	}
-	if (r == GETDNS_RETURN_NO_SUCH_LIST_ITEM)
-		r = GETDNS_RETURN_GOOD;
-error:
-	getdns_list_destroy(trust_anchor);
-	getdns_list_destroy(to_validate);
-
-	return r;
-}
-
-void callback(getdns_context *context, getdns_callback_type_t callback_type,
-    getdns_dict *response, void *userarg, getdns_transaction_t trans_id)
-{
-	char *response_str;
-
-	/* This is a callback with data */;
-	if (response && !quiet && (response_str = json ?
-	    getdns_print_json_dict(response, json == 1)
-	  : getdns_pretty_print_dict(response))) {
-
-		fprintf(stdout, "ASYNC response:\n%s\n", response_str);
-		validate_chain(response);
-		free(response_str);
-	}
-
-	if (callback_type == GETDNS_CALLBACK_COMPLETE) {
-		printf("Response code was: GOOD. Status was: Callback with ID %"PRIu64"  was successfull.\n",
-			trans_id);
-
-	} else if (callback_type == GETDNS_CALLBACK_CANCEL)
-		fprintf(stderr,
-			"An error occurred: The callback with ID %"PRIu64" was cancelled. Exiting.\n",
-			trans_id);
-	else {
-		fprintf(stderr,
-			"An error occurred: The callback got a callback_type of %d. Exiting.\n",
-			(int)callback_type);
-		fprintf(stderr,
-			"Error :      '%s'\n",
-			getdns_get_errorstr_by_id(callback_type));
-	}
-	getdns_dict_destroy(response);
-	response = NULL;
-}
-
-#define CONTINUE ((getdns_return_t)-2)
-#define CONTINUE_ERROR ((getdns_return_t)-3)
-
-static getdns_return_t set_cookie(getdns_dict *exts, char *cookie)
-{
-	uint8_t data[40];
-	size_t i;
-	getdns_return_t r = GETDNS_RETURN_GENERIC_ERROR;
-	getdns_bindata bindata;
-
-	getdns_dict *opt_parameters = getdns_dict_create();
-	getdns_list *options = getdns_list_create();
-	getdns_dict *option = getdns_dict_create();
-
-	if (*cookie == '=')
-		cookie++;
-
-	for (i = 0; i < 40 && *cookie; i++) {
-		if (*cookie >= '0' && *cookie <= '9')
-			data[i] = (uint8_t)(*cookie - '0') << 4;
-		else if (*cookie >= 'a' && *cookie <= 'f')
-			data[i] = (uint8_t)(*cookie - 'a' + 10) << 4;
-		else if (*cookie >= 'A' && *cookie <= 'F')
-			data[i] = (uint8_t)(*cookie - 'A' + 10) << 4;
-		else
-			goto done;
-		cookie++;
-		if (*cookie >= '0' && *cookie <= '9')
-			data[i] |= (uint8_t)(*cookie - '0');
-		else if (*cookie >= 'a' && *cookie <= 'f')
-			data[i] |= (uint8_t)(*cookie - 'a' + 10);
-		else if (*cookie >= 'A' && *cookie <= 'F')
-			data[i] |= (uint8_t)(*cookie - 'A' + 10);
-		else
-			goto done;
-		cookie++;;
-	}
-	bindata.data = data;
-	bindata.size = i;
-	if ((r = getdns_dict_set_int(option, "option_code", 10)))
-		goto done;
-	if ((r = getdns_dict_set_bindata(option, "option_data", &bindata)))
-		goto done;
-	if ((r = getdns_list_set_dict(options, 0, option)))
-		goto done;
-	if ((r = getdns_dict_set_list(opt_parameters, "options", options)))
-		goto done;
-	r = getdns_dict_set_dict(exts, "add_opt_parameters", opt_parameters);
-done:
-	getdns_dict_destroy(option);
-	getdns_list_destroy(options);
-	getdns_dict_destroy(opt_parameters);
-	return r;
-}
-
-static void parse_config(const char *config_str)
-{
-	getdns_dict *config_dict;
-	getdns_list *list;
-	getdns_return_t r;
-
-	if ((r = getdns_str2dict(config_str, &config_dict)))
-		fprintf(stderr, "Could not parse config file: %s\n",
-		    getdns_get_errorstr_by_id(r));
-
-	else {
-		if (!(r = getdns_dict_get_list(
-		    config_dict, "listen_addresses", &list))) {
-			if (listen_list && !listen_dict) {
-				getdns_list_destroy(listen_list);
-				listen_list = NULL;
-			}
-			/* Strange construction to copy the list.
-			 * Needs to be done, because config dict
-			 * will get destroyed.
-			 */
-			if (!listen_dict &&
-			    !(listen_dict = getdns_dict_create())) {
-				fprintf(stderr, "Could not create "
-						"listen_dict");
-				r = GETDNS_RETURN_MEMORY_ERROR;
-
-			} else if ((r = getdns_dict_set_list(
-			    listen_dict, "listen_list", list)))
-				fprintf(stderr, "Could not set listen_list");
-
-			else if ((r = getdns_dict_get_list(
-			    listen_dict, "listen_list", &listen_list)))
-				fprintf(stderr, "Could not get listen_list");
-
-			else if ((r = getdns_list_get_length(
-			    listen_list, &listen_count)))
-				fprintf(stderr, "Could not get listen_count");
-
-			(void) getdns_dict_remove_name(
-			    config_dict, "listen_addresses");
-
-			touched_listen_list = 1;
-		}
-		if ((r = getdns_context_config(context, config_dict))) {
-			fprintf(stderr, "Could not configure context with "
-			    "config dict: %s\n", getdns_get_errorstr_by_id(r));
-		}
-		getdns_dict_destroy(config_dict);
-	}
-}
-
-getdns_return_t parse_args(int argc, char **argv)
-{
-	getdns_return_t r = GETDNS_RETURN_GOOD;
-	size_t i, j;
-	char *arg, *c, *endptr;
-	int t, print_api_info = 0, print_trust_anchors = 0;
-	getdns_list *upstream_list = NULL;
-	getdns_list *tas = NULL, *hints = NULL;
-	getdns_dict *pubkey_pin = NULL;
-	getdns_list *suffixes;
-	char *suffix;
-	getdns_bindata bindata;
-	size_t upstream_count = 0;
-	FILE *fh;
-	uint32_t klass;
-	char *config_file = NULL;
-	long config_file_sz;
-
-	for (i = 1; i < argc; i++) {
-		arg = argv[i];
-		if ((t = get_rrtype(arg)) >= 0) {
-			request_type = t;
-			continue;
-
-		} else if (arg[0] == '+') {
-			if (arg[1] == 's' && arg[2] == 'i' && arg[3] == 't' &&
-			   (arg[4] == '=' || arg[4] == '\0')) {
-				if ((r = set_cookie(extensions, arg+4))) {
-					fprintf(stderr, "Could not set cookie:"
-					    " %d", (int)r);
-					break;
-				}
-			} else if (strncmp(arg+1, "specify_class=", 14) == 0) {
-				if ((klass = get_rrclass(arg+15)) >= 0)
-					r = getdns_dict_set_int(extensions,
-						    "specify_class", klass);
-				else
-					fprintf(stderr,
-					    "Unknown class: %s\n", arg+15);
-
-			} else if (arg[1] == '0') {
-			    /* Unset all existing extensions*/
-				getdns_dict_destroy(extensions);
-				extensions = getdns_dict_create();
-				break;
-			} else if ((r = getdns_dict_set_int(extensions, arg+1,
-			    GETDNS_EXTENSION_TRUE))) {
-				fprintf(stderr, "Could not set extension "
-				    "\"%s\": %d\n", argv[i], (int)r);
-				break;
-			}
-			continue;
-
-		} else if (arg[0] == '@') {
-			getdns_dict *upstream;
-			getdns_bindata *address;
-
-			if ((r = getdns_str2dict(arg + 1, &upstream)))
-				fprintf(stderr, "Could not convert \"%s\" to "
-				    "an IP dict: %s\n", arg + 1,
-				    getdns_get_errorstr_by_id(r));
-
-			else if ((r = getdns_dict_get_bindata(
-			    upstream, "address_data", &address))) {
-
-				fprintf(stderr, "\"%s\" did not translate to "
-				    "an IP dict: %s\n", arg + 1,
-				    getdns_get_errorstr_by_id(r));
-
-				getdns_dict_destroy(upstream);
-			} else {
-				if (!upstream_list &&
-				    !(upstream_list =
-				    getdns_list_create_with_context(context))){
-					fprintf(stderr, "Could not create upstream list\n");
-					return GETDNS_RETURN_MEMORY_ERROR;
-				}
-				(void) getdns_list_set_dict(upstream_list,
-				    upstream_count++, upstream);
-				getdns_dict_destroy(upstream);
-			}
-			continue;
-		} else if (arg[0] == '{') {
-			parse_config(arg);
-			continue;
-
-		} else if (arg[0] != '-') {
-			name = arg;
-			continue;
-		}
-		for (c = arg+1; *c; c++) {
-			getdns_dict *downstream;
-			getdns_bindata *address;
-
-			switch (*c) {
-			case 'a':
-				async = 1;
-				break;
-			case 'A':
-				calltype = ADDRESS;
-				break;
-			case 'b':
-				if (c[1] != 0 || ++i >= argc || !*argv[i]) {
-					fprintf(stderr, "max_udp_payload_size "
-					    "expected after -b\n");
-					return GETDNS_RETURN_GENERIC_ERROR;
-				}
-				edns0_size = strtol(argv[i], &endptr, 10);
-				if (*endptr || edns0_size < 0) {
-					fprintf(stderr, "positive "
-					    "numeric max_udp_payload_size "
-					    "expected after -b\n");
-					return GETDNS_RETURN_GENERIC_ERROR;
-				}
-				getdns_context_set_edns_maximum_udp_payload_size(
-				    context, (uint16_t) edns0_size);
-				goto next;
-			case 'c':
-				if (getdns_context_set_edns_client_subnet_private(context, 1))
-					return GETDNS_RETURN_GENERIC_ERROR;
-				break;
-			case 'C':
-				if (c[1] != 0 || ++i >= argc || !*argv[i]) {
-					fprintf(stderr, "file name expected "
-					    "after -C\n");
-					return GETDNS_RETURN_GENERIC_ERROR;
-				}
-				if (!(fh = fopen(argv[i], "r"))) {
-					fprintf(stderr, "Could not open \"%s\""
-					    ": %s\n",argv[i], strerror(errno));
-					return GETDNS_RETURN_GENERIC_ERROR;
-				}
-				if (fseek(fh, 0,SEEK_END) == -1) {
-					perror("fseek");
-					fclose(fh);
-					return GETDNS_RETURN_GENERIC_ERROR;
-				}
-				config_file_sz = ftell(fh);
-				if (config_file_sz <= 0) {
-					/* Empty config is no config */
-					fclose(fh);
-					break;
-				}
-				if (!(config_file=malloc(config_file_sz + 1))){
-					fclose(fh);
-					fprintf(stderr, "Could not allocate me"
-					    "mory for \"%s\"\n", argv[i]);
-					return GETDNS_RETURN_MEMORY_ERROR;
-				}
-				rewind(fh);
-				if (fread(config_file, 1, config_file_sz, fh)
-				    != config_file_sz) {
-					fprintf(stderr, "An error occurred whil"
-					    "e reading \"%s\": %s\n",argv[i],
-					    strerror(errno));
-					fclose(fh);
-					return GETDNS_RETURN_MEMORY_ERROR;
-				}
-				config_file[config_file_sz] = 0;
-				fclose(fh);
-				parse_config(config_file);
-				free(config_file);
-				config_file = NULL;
-				break;
-			case 'D':
-				(void) getdns_context_set_edns_do_bit(context, 1);
-				break;
-			case 'd':
-				(void) getdns_context_set_edns_do_bit(context, 0);
-				break;
-			case 'f':
-				if (c[1] != 0 || ++i >= argc || !*argv[i]) {
-					fprintf(stderr, "file name expected "
-					    "after -f\n");
-					return GETDNS_RETURN_GENERIC_ERROR;
-				}
-				if (!(fh = fopen(argv[i], "r"))) {
-					fprintf(stderr, "Could not open \"%s\""
-					    ": %s\n",argv[i], strerror(errno));
-					return GETDNS_RETURN_GENERIC_ERROR;
-				}
-				if (getdns_fp2rr_list(fh, &tas, NULL, 3600)) {
-					fprintf(stderr,"Could not parse "
-					    "\"%s\"\n", argv[i]);
-					return GETDNS_RETURN_GENERIC_ERROR;
-				}
-				fclose(fh);
-				if (getdns_context_set_dnssec_trust_anchors(
-				    context, tas)) {
-					fprintf(stderr,"Could not set "
-					    "trust anchors from \"%s\"\n",
-					    argv[i]);
-					return GETDNS_RETURN_GENERIC_ERROR;
-				}
-				getdns_list_destroy(tas);
-				tas = NULL;
-				break;
-			case 'F':
-				if (c[1] != 0 || ++i >= argc || !*argv[i]) {
-					fprintf(stderr, "file name expected "
-					    "after -F\n");
-					return GETDNS_RETURN_GENERIC_ERROR;
-				}
-				query_file = argv[i];
-				interactive = 1;
-				break;
-			case 'G':
-				calltype = GENERAL;
-				break;
-			case 'H':
-				calltype = HOSTNAME;
-				break;
-			case 'h':
-				print_usage(stdout, argv[0]);
-				return CONTINUE;
-			case 'i':
-				print_api_info = 1;
-				break;
-			case 'I':
-				interactive = 1;
-				break;
-			case 'j':
-				json = 2;
-				break;
-			case 'J':
-				json = 1;
-				break;
-			case 'K':
-				if (c[1] != 0 || ++i >= argc || !*argv[i]) {
-					fprintf(stderr, "pin string of the form "
-						EXAMPLE_PIN
-						"expected after -K\n");
-					return GETDNS_RETURN_GENERIC_ERROR;
-				}
-				pubkey_pin = getdns_pubkey_pin_create_from_string(context,
-										 argv[i]);
-				if (pubkey_pin == NULL) {
-					fprintf(stderr, "could not convert '%s' into a "
-						"public key pin.\n"
-						"Good pins look like: " EXAMPLE_PIN "\n"
-						"Please see RFC 7469 for details about "
-						"the format\n", argv[i]);
-					return GETDNS_RETURN_GENERIC_ERROR;
-				}
-				if (pubkey_pinset == NULL)
-					pubkey_pinset = getdns_list_create_with_context(context);
-				if (r = getdns_list_set_dict(pubkey_pinset, pincount++,
-							     pubkey_pin), r) {
-					fprintf(stderr, "Failed to add pin to pinset (error %d: %s)\n",
-						(int)r, getdns_get_errorstr_by_id(r));
-					getdns_dict_destroy(pubkey_pin);
-					pubkey_pin = NULL;
-					return GETDNS_RETURN_GENERIC_ERROR;
-				}
-				getdns_dict_destroy(pubkey_pin);
-				pubkey_pin = NULL;
-				break;
-			case 'k':
-				print_trust_anchors = 1;
-				break;
-			case 'n':
-				getdns_context_set_tls_authentication(context,
-				                 GETDNS_AUTHENTICATION_NONE);
-				break;
-			case 'm':
-				getdns_context_set_tls_authentication(context,
-				                 GETDNS_AUTHENTICATION_REQUIRED);
-				break;
-			case 'P':
-				if (c[1] != 0 || ++i >= argc || !*argv[i]) {
-					fprintf(stderr, "tls_query_padding_blocksize "
-					    "expected after -P\n");
-					return GETDNS_RETURN_GENERIC_ERROR;
-				}
-				padding_blocksize = strtol(argv[i], &endptr, 10);
-				if (*endptr || padding_blocksize < 0) {
-					fprintf(stderr, "non-negative "
-					    "numeric padding blocksize expected "
-					    "after -P\n");
-					return GETDNS_RETURN_GENERIC_ERROR;
-				}
-				if (getdns_context_set_tls_query_padding_blocksize(
-					    context, padding_blocksize))
-					return GETDNS_RETURN_GENERIC_ERROR;
-				goto next;
-			case 'p':
-				json = 0;
-			case 'q':
-				quiet = 1;
-				break;
-			case 'r':
-				getdns_context_set_resolution_type(
-				    context,
-				    GETDNS_RESOLUTION_RECURSING);
-				break;
-			case 'R':
-				if (c[1] != 0 || ++i >= argc || !*argv[i]) {
-					fprintf(stderr, "file name expected "
-					    "after -f\n");
-					return GETDNS_RETURN_GENERIC_ERROR;
-				}
-				if (!(fh = fopen(argv[i], "r"))) {
-					fprintf(stderr, "Could not open \"%s\""
-					    ": %s\n",argv[i], strerror(errno));
-					return GETDNS_RETURN_GENERIC_ERROR;
-				}
-				if (getdns_fp2rr_list(fh, &hints, NULL, 3600)) {
-					fprintf(stderr,"Could not parse "
-					    "\"%s\"\n", argv[i]);
-					return GETDNS_RETURN_GENERIC_ERROR;
-				}
-				fclose(fh);
-				if (getdns_context_set_dns_root_servers(
-				    context, hints)) {
-					fprintf(stderr,"Could not set "
-					    "root servers from \"%s\"\n",
-					    argv[i]);
-					return GETDNS_RETURN_GENERIC_ERROR;
-				}
-				getdns_list_destroy(hints);
-				hints = NULL;
-				break;
-			case 's':
-				getdns_context_set_resolution_type(
-				    context, GETDNS_RESOLUTION_STUB);
-				break;
-			case 'S':
-				calltype = SERVICE;
-				break;
-			case 't':
-				if (c[1] != 0 || ++i >= argc || !*argv[i]) {
-					fprintf(stderr, "timeout expected "
-					    "after -t\n");
-					return GETDNS_RETURN_GENERIC_ERROR;
-				}
-				timeout = strtol(argv[i], &endptr, 10);
-				if (*endptr || timeout < 0) {
-					fprintf(stderr, "positive "
-					    "numeric timeout expected "
-					    "after -t\n");
-					return GETDNS_RETURN_GENERIC_ERROR;
-				}
-				getdns_context_set_timeout(
-					context, timeout);
-				goto next;
-			case 'x': 
-				getdns_context_set_follow_redirects(
-				    context, GETDNS_REDIRECTS_DO_NOT_FOLLOW);
-				break;
-			case 'X': 
-				getdns_context_set_follow_redirects(
-				    context, GETDNS_REDIRECTS_FOLLOW);
-				break;
-			case 'e':
-				if (c[1] != 0 || ++i >= argc || !*argv[i]) {
-					fprintf(stderr, "idle timeout expected "
-					    "after -t\n");
-					return GETDNS_RETURN_GENERIC_ERROR;
-				}
-				timeout = strtol(argv[i], &endptr, 10);
-				if (*endptr || timeout < 0) {
-					fprintf(stderr, "positive "
-					    "numeric idle timeout expected "
-					    "after -t\n");
-					return GETDNS_RETURN_GENERIC_ERROR;
-				}
-				getdns_context_set_idle_timeout(
-					context, timeout);
-				goto next;
-			case 'W':
-				(void) getdns_context_set_append_name(context,
-				    GETDNS_APPEND_NAME_ALWAYS);
-				break;
-			case '1':
-				(void) getdns_context_set_append_name(context,
-			GETDNS_APPEND_NAME_ONLY_TO_SINGLE_LABEL_AFTER_FAILURE);
-				break;
-			case '0':
-				(void) getdns_context_set_append_name(context,
-				    GETDNS_APPEND_NAME_TO_SINGLE_LABEL_FIRST);
-				break;
-			case 'M':
-				(void) getdns_context_set_append_name(context,
-		GETDNS_APPEND_NAME_ONLY_TO_MULTIPLE_LABEL_NAME_AFTER_FAILURE);
-				break;
-			case 'N':
-				(void) getdns_context_set_append_name(context,
-				    GETDNS_APPEND_NAME_NEVER);
-				break;
-			case 'Z':
-				if (c[1] != 0 || ++i >= argc || !*argv[i]) {
-					fprintf(stderr, "suffixes expected"
-					    "after -Z\n");
-					return GETDNS_RETURN_GENERIC_ERROR;
-				}
-				if (!(suffixes = getdns_list_create()))
-					return GETDNS_RETURN_MEMORY_ERROR;
-				suffix = strtok(argv[i], ",");
-				j = 0;
-				while (suffix) {
-					bindata.size = strlen(suffix);
-					bindata.data = (void *)suffix;
-					(void) getdns_list_set_bindata(
-					    suffixes, j++, &bindata);
-					suffix = strtok(NULL, ",");
-				}
-				(void) getdns_context_set_suffix(context,
-				    suffixes);
-				getdns_list_destroy(suffixes);
-				goto next;
-			case 'T':
-				getdns_context_set_dns_transport(context,
-				    GETDNS_TRANSPORT_TCP_ONLY);
-				break;
-			case 'O':
-				getdns_context_set_dns_transport(context,
-				    GETDNS_TRANSPORT_TCP_ONLY_KEEP_CONNECTIONS_OPEN);
-				break;
-			case 'L':
-				getdns_context_set_dns_transport(context,
-				    GETDNS_TRANSPORT_TLS_ONLY_KEEP_CONNECTIONS_OPEN);
-				break;
-			case 'E':
-				getdns_context_set_dns_transport(context,
-				    GETDNS_TRANSPORT_TLS_FIRST_AND_FALL_BACK_TO_TCP_KEEP_CONNECTIONS_OPEN);
-				break;
-			case 'u':
-				getdns_context_set_dns_transport(context,
-				    GETDNS_TRANSPORT_UDP_FIRST_AND_FALL_BACK_TO_TCP);
-				break;
-			case 'U':
-				getdns_context_set_dns_transport(context,
-				    GETDNS_TRANSPORT_UDP_ONLY);
-				break;
-			case 'l':
-				if (c[1] != 0 || ++i >= argc || !*argv[i]) {
-					fprintf(stderr, "transport list expected "
-					    "after -l\n");
-					return GETDNS_RETURN_GENERIC_ERROR;
-				}
-				getdns_transport_list_t transports[10];
-				size_t transport_count = sizeof(transports);
-				if ((r = fill_transport_list(context, argv[i], transports, &transport_count)) ||
-				    (r = getdns_context_set_dns_transport_list(context, 
-				                                               transport_count, transports))){
-						fprintf(stderr, "Could not set transports\n");
-						return r;
-				}
-				break;
-			case 'B':
-				batch_mode = 1;
-				break;
-
-			case 'z':
-				if (c[1] != 0 || ++i >= argc || !*argv[i]) {
-					fprintf(stderr, "listed address "
-					                "expected after -z\n");
-					return GETDNS_RETURN_GENERIC_ERROR;
-				}
-				if (argv[i][0] == '-' && argv[i][1] == '\0') {
-					if (listen_list && !listen_dict)
-						getdns_list_destroy(
-						    listen_list);
-					listen_list = NULL;
-					listen_count = 0;
-					touched_listen_list = 1;
-					DEBUG_SERVER("Clear listen list\n");
-					break;
-				}
-
-				if ((r = getdns_str2dict(argv[i], &downstream)))
-					fprintf(stderr, "Could not convert \"%s\" to "
-					    "an IP dict: %s\n", argv[i],
-					    getdns_get_errorstr_by_id(r));
-
-				else if ((r = getdns_dict_get_bindata(
-				    downstream, "address_data", &address))) {
-
-					fprintf(stderr, "\"%s\" did not translate to "
-					    "an IP dict: %s\n", argv[i],
-					    getdns_get_errorstr_by_id(r));
-
-					getdns_dict_destroy(downstream);
-				} else {
-					if (!listen_list &&
-					    !(listen_list =
-					    getdns_list_create_with_context(context))){
-						fprintf(stderr, "Could not create "
-								"downstream list\n");
-						return GETDNS_RETURN_MEMORY_ERROR;
-					}
-					getdns_list_set_dict(listen_list,
-					    listen_count++, downstream);
-					getdns_dict_destroy(downstream);
-					touched_listen_list = 1;
-				}
-				break;
-			default:
-				fprintf(stderr, "Unknown option "
-				    "\"%c\"\n", *c);
-				for (i = 0; i < argc; i++)
-					fprintf(stderr, "%d: \"%s\"\n", (int)i, argv[i]);
-				return GETDNS_RETURN_GENERIC_ERROR;
-			}
-		}
-next:		;
-	}
-	if (r)
-		return r;
-	if (pubkey_pinset && upstream_count) {
-		getdns_dict *upstream;
-		/* apply the accumulated pubkey pinset to all upstreams: */
-		for (i = 0; i < upstream_count; i++) {
-			if (r = getdns_list_get_dict(upstream_list, i, &upstream), r) {
-				fprintf(stderr, "Failed to get upstream "PRIsz" when adding pinset\n", i);
-				return r;
-			}
-			if (r = getdns_dict_set_list(upstream, "tls_pubkey_pinset", pubkey_pinset), r) {
-				fprintf(stderr, "Failed to set pubkey pinset on upstream "PRIsz"\n", i);
-				return r;
-			}
-		}
-	}
-	if (upstream_count &&
-	    (r = getdns_context_set_upstream_recursive_servers(
-	    context, upstream_list))) {
-		fprintf(stderr, "Error setting upstream recursive servers\n");
-	}
-	if (upstream_list)
-		getdns_list_destroy(upstream_list);
-
-	if (print_api_info) {
-		getdns_dict *api_information = 
-		    getdns_context_get_api_information(context);
-		char *api_information_str =
-		    getdns_pretty_print_dict(api_information);
-		fprintf(stdout, "%s\n", api_information_str);
-		free(api_information_str);
-		getdns_dict_destroy(api_information);
-		return CONTINUE;
-	}
-	if (print_trust_anchors) {
-		if (!getdns_context_get_dnssec_trust_anchors(context, &tas)) {
-		/* if ((tas = getdns_root_trust_anchor(NULL))) { */
-			char *tas_str = getdns_pretty_print_list(tas);
-			fprintf(stdout, "%s\n", tas_str);
-			free(tas_str);
-			getdns_list_destroy(tas);
-			return CONTINUE;
-		} else
-			return CONTINUE_ERROR;
-	}
-	return r;
-}
-
-getdns_return_t do_the_call(void)
-{
-	getdns_return_t r;
-	getdns_dict *address = NULL;
-	getdns_bindata *address_bindata;
-	getdns_dict *response = NULL;
-	char *response_str;
-	uint32_t status;
-
-	if (calltype != HOSTNAME)
-		; /* pass */
-
-	else if ((r = getdns_str2dict(name, &address))) {
-
-		fprintf(stderr, "Could not convert \"%s\" to an IP dict: %s\n"
-		              , name, getdns_get_errorstr_by_id(r));
-		return GETDNS_RETURN_GOOD;
-
-	} else if ((r = getdns_dict_get_bindata(
-	    address, "address_data", &address_bindata))) {
-
-		fprintf(stderr, "Could not convert \"%s\" to an IP dict: %s\n"
-		              , name, getdns_get_errorstr_by_id(r));
-		getdns_dict_destroy(address);
-		return GETDNS_RETURN_GOOD;
-	}
-	if (async) {
-		switch (calltype) {
-		case GENERAL:
-			r = getdns_general(context, name, request_type,
-			    extensions, &response, NULL, callback);
-			break;
-		case ADDRESS:
-			r = getdns_address(context, name,
-			    extensions, &response, NULL, callback);
-			break;
-		case HOSTNAME:
-			r = getdns_hostname(context, address,
-			    extensions, &response, NULL, callback);
-			break;
-		case SERVICE:
-			r = getdns_service(context, name,
-			    extensions, &response, NULL, callback);
-			break;
-		default:
-			r = GETDNS_RETURN_GENERIC_ERROR;
-			break;
-		}
-		if (r == GETDNS_RETURN_GOOD && !batch_mode) 
-			getdns_context_run(context);
-		if (r != GETDNS_RETURN_GOOD)
-			fprintf(stderr, "An error occurred: %d '%s'\n", (int)r,
-				 getdns_get_errorstr_by_id(r));
-	} else {
-		switch (calltype) {
-		case GENERAL:
-			r = getdns_general_sync(context, name,
-			    request_type, extensions, &response);
-			break;
-		case ADDRESS:
-			r = getdns_address_sync(context, name,
-			    extensions, &response);
-			break;
-		case HOSTNAME:
-			r = getdns_hostname_sync(context, address,
-			    extensions, &response);
-			break;
-		case SERVICE:
-			r = getdns_service_sync(context, name,
-			    extensions, &response);
-			break;
-		default:
-			r = GETDNS_RETURN_GENERIC_ERROR;
-			break;
-		}
-		if (r != GETDNS_RETURN_GOOD) {
-			fprintf(stderr, "An error occurred: %d '%s'\n", (int)r,
-				 getdns_get_errorstr_by_id(r));
-			getdns_dict_destroy(address);
-			return r;
-		}
-		if (response && !quiet) {
-			if ((response_str = json ?
-			    getdns_print_json_dict(response, json == 1)
-			  : getdns_pretty_print_dict(response))) {
-
-				fprintf( stdout, "SYNC response:\n%s\n"
-				       , response_str);
-				validate_chain(response);
-				free(response_str);
-			} else {
-				r = GETDNS_RETURN_MEMORY_ERROR;
-				fprintf( stderr
-				       , "Could not print response\n");
-			}
-		}
-		getdns_dict_get_int(response, "status", &status);
-		fprintf(stdout, "Response code was: GOOD. Status was: %s\n", 
-			 getdns_get_errorstr_by_id(status));
-		if (response)
-			getdns_dict_destroy(response);
-	}
-	getdns_dict_destroy(address);
-	return r;
-}
-
-getdns_eventloop *loop = NULL;
-FILE *fp;
-static void incoming_request_handler(getdns_context *context,
-    getdns_dict *request, getdns_transaction_t request_id);
-
-
-void read_line_cb(void *userarg)
-{
-	getdns_eventloop_event *read_line_ev = userarg;
-	getdns_return_t r;
-
-	char line[1024], *token, *linev[256];
-	int linec;
-
-	if (!fgets(line, 1024, fp) || !*line) {
-		if (query_file)
-			fprintf(stdout,"End of file.");
-		loop->vmt->clear(loop, read_line_ev);
-		if (listen_count)
-			(void) getdns_context_set_listen_addresses(
-			    context, NULL, NULL);
-		return;
-	}
-	if (query_file)
-		fprintf(stdout,"Found query: %s", line);
-
-	linev[0] = __FILE__;
-	linec = 1;
-	if (!(token = strtok(line, " \t\f\n\r"))) {
-		if (! query_file) {
-			printf("> ");
-			fflush(stdout);
-		}
-		return;
-	}
-	if (*token == '#') {
-		fprintf(stdout,"Result:      Skipping comment\n");
-		if (! query_file) {
-			printf("> ");
-			fflush(stdout);
-		}
-		return;
-	}
-	do linev[linec++] = token;
-	while (linec < 256 && (token = strtok(NULL, " \t\f\n\r")));
-
-	touched_listen_list = 0;
-	r = parse_args(linec, linev);
-	if (!r && touched_listen_list) {
-		r = getdns_context_set_listen_addresses(
-		    context, incoming_request_handler, listen_list);
-	}
-	if ((r || (r = do_the_call())) &&
-	    (r != CONTINUE && r != CONTINUE_ERROR))
-		loop->vmt->clear(loop, read_line_ev);
-
-	else if (! query_file) {
-		printf("> ");
-		fflush(stdout);
-	}
-}
-
-typedef struct dns_msg {
-	getdns_transaction_t  request_id;
-	getdns_dict          *request;
-	uint32_t              rt;
-	uint32_t              ad_bit;
-	uint32_t              do_bit;
-	uint32_t              cd_bit;
-	int                   has_edns0;
-} dns_msg;
-
-#if defined(SERVER_DEBUG) && SERVER_DEBUG
-#define SERVFAIL(error,r,msg,resp_p) do { \
-	if (r)	DEBUG_SERVER("%s: %s\n", error, getdns_get_errorstr_by_id(r)); \
-	else	DEBUG_SERVER("%s\n", error); \
-	servfail(msg, resp_p); \
-	} while (0)
-#else
-#define SERVFAIL(error,r,msg,resp_p) servfail(msg, resp_p)
-#endif
-
-void servfail(dns_msg *msg, getdns_dict **resp_p)
-{
-	getdns_dict *dict;
-
-	if (*resp_p)
-		getdns_dict_destroy(*resp_p);
-	if (!(*resp_p = getdns_dict_create()))
-		return;
-	if (msg) {
-		if (!getdns_dict_get_dict(msg->request, "header", &dict))
-			getdns_dict_set_dict(*resp_p, "header", dict);
-		if (!getdns_dict_get_dict(msg->request, "question", &dict))
-			getdns_dict_set_dict(*resp_p, "question", dict);
-		(void) getdns_dict_set_int(*resp_p, "/header/ra",
-		    msg->rt == GETDNS_RESOLUTION_RECURSING ? 1 : 0);
-	}
-	(void) getdns_dict_set_int(
-	    *resp_p, "/header/rcode", GETDNS_RCODE_SERVFAIL);
-	(void) getdns_dict_set_int(*resp_p, "/header/qr", 1);
-	(void) getdns_dict_set_int(*resp_p, "/header/ad", 0);
-}
-
-static getdns_return_t _handle_edns0(
-    getdns_dict *response, int has_edns0)
-{
-	getdns_return_t r;
-	getdns_list *additional;
-	size_t len, i;
-	getdns_dict *rr;
-	uint32_t rr_type;
-	char remove_str[100] = "/replies_tree/0/additional/";
-
-	if ((r = getdns_dict_set_int(
-	    response, "/replies_tree/0/header/do", 0)))
-		return r;
-	if ((r = getdns_dict_get_list(response, "/replies_tree/0/additional",
-	    &additional)))
-		return r;
-	if ((r = getdns_list_get_length(additional, &len)))
-		return r;
-	for (i = 0; i < len; i++) {
-		if ((r = getdns_list_get_dict(additional, i, &rr)))
-			return r;
-		if ((r = getdns_dict_get_int(rr, "type", &rr_type)))
-			return r;
-		if (rr_type != GETDNS_RRTYPE_OPT)
-			continue;
-		if (has_edns0) {
-			(void) getdns_dict_set_int(rr, "do", 0);
-			break;
-		}
-		(void) snprintf(remove_str + 27, 60, "%d", (int)i);
-		if ((r = getdns_dict_remove_name(response, remove_str)))
-			return r;
-		break;
-	}
-	return GETDNS_RETURN_GOOD;
-}
-
-static void request_cb(
-    getdns_context *context, getdns_callback_type_t callback_type,
-    getdns_dict *response, void *userarg, getdns_transaction_t transaction_id)
-{
-	dns_msg *msg = (dns_msg *)userarg;
-	uint32_t qid;
-	getdns_return_t r = GETDNS_RETURN_GOOD;
-	uint32_t n, rcode, dnssec_status;
-
-	DEBUG_SERVER("reply for: %p %"PRIu64" %d (edns0: %d, do: %d, ad: %d,"
-	    " cd: %d)\n", msg, transaction_id, (int)callback_type,
-	    msg->has_edns0, msg->do_bit, msg->ad_bit, msg->cd_bit);
-	assert(msg);
-
-#if 0
-	fprintf(stderr, "reply: %s\n", getdns_pretty_print_dict(response));
-#endif
-
-	if (callback_type != GETDNS_CALLBACK_COMPLETE)
-		SERVFAIL("Callback type not complete",
-		    callback_type, msg, &response);
-
-	else if (!response)
-		SERVFAIL("Missing response", 0, msg, &response);
-
-	else if ((r = getdns_dict_get_int(msg->request, "/header/id", &qid)) ||
-	    (r=getdns_dict_set_int(response,"/replies_tree/0/header/id",qid)))
-		SERVFAIL("Could not copy QID", r, msg, &response);
-
-	else if (getdns_dict_get_int(
-	    response, "/replies_tree/0/header/rcode", &rcode))
-		SERVFAIL("No reply in replies tree", 0, msg, &response);
-
-	/* ansers when CD or not BOGUS */
-	else if (!msg->cd_bit && !getdns_dict_get_int(
-	    response, "/replies_tree/0/dnssec_status", &dnssec_status)
-	    && dnssec_status == GETDNS_DNSSEC_BOGUS)
-		SERVFAIL("DNSSEC status was bogus", 0, msg, &response);
-
-	else if (rcode == GETDNS_RCODE_SERVFAIL)
-		servfail(msg, &response);
-
-	/* RRsigs when DO and (CD or not BOGUS) 
-	 * Implemented in conversion to wireformat function by checking for DO
-	 * bit.  In recursing resolution mode we have to copy the do bit from
-	 * the request, because libunbound has it in the answer always.
-	 */
-	else if (msg->rt == GETDNS_RESOLUTION_RECURSING && !msg->do_bit &&
-	    (r = _handle_edns0(response, msg->has_edns0)))
-		SERVFAIL("Could not handle EDNS0", r, msg, &response);
-
-	/* AD when (DO or AD) and SECURE */
-	else if ((r = getdns_dict_set_int(response,"/replies_tree/0/header/ad",
-	    ((msg->do_bit || msg->ad_bit)
-	    && (  (!msg->cd_bit && dnssec_status == GETDNS_DNSSEC_SECURE)
-	       || ( msg->cd_bit && !getdns_dict_get_int(response,
-	            "/replies_tree/0/dnssec_status", &dnssec_status)
-	          && dnssec_status == GETDNS_DNSSEC_SECURE ))) ? 1 : 0)))
-		SERVFAIL("Could not set AD bit", r, msg, &response);
-
-	else if (msg->rt == GETDNS_RESOLUTION_STUB)
-		; /* following checks are for RESOLUTION_RECURSING only */
-	
-	else if ((r =  getdns_dict_set_int(
-	    response, "/replies_tree/0/header/cd", msg->cd_bit)))
-		SERVFAIL("Could not copy CD bit", r, msg, &response);
-
-	else if ((r = getdns_dict_get_int(
-	    response, "/replies_tree/0/header/ra", &n)))
-		SERVFAIL("Could not get RA bit from reply", r, msg, &response);
-
-	else if (n == 0)
-		SERVFAIL("Recursion not available", 0, msg, &response);
-
-	if ((r = getdns_reply(context, msg->request_id, response))) {
-		fprintf(stderr, "Could not reply: %s\n",
-		    getdns_get_errorstr_by_id(r));
-		/* Cancel reply */
-		(void) getdns_reply(context, msg->request_id, NULL);
-	}
-	if (msg) {
-		getdns_dict_destroy(msg->request);
-		free(msg);
-	}
-	if (response)
-		getdns_dict_destroy(response);
-}	
-
-static void incoming_request_handler(getdns_context *context,
-    getdns_dict *request, getdns_transaction_t request_id)
-{
-	getdns_bindata *qname;
-	char *qname_str = NULL;
-	uint32_t qtype;
-	uint32_t qclass;
-	getdns_return_t r;
-	getdns_dict *header;
-	uint32_t n;
-	getdns_list *list;
-	getdns_transaction_t transaction_id = 0;
-	getdns_dict *qext = NULL;
-	dns_msg *msg = NULL;
-	getdns_dict *response = NULL;
-	size_t i, len;
-	getdns_list *additional;
-	getdns_dict *rr;
-	uint32_t rr_type;
-
-	if (!query_extensions_spc &&
-	    !(query_extensions_spc = getdns_dict_create()))
-		fprintf(stderr, "Could not create query extensions space\n");
-
-	else if ((r = getdns_dict_set_dict(
-	    query_extensions_spc, "qext", extensions)))
-		fprintf(stderr, "Could not copy extensions in query extensions"
-		                " space: %s\n", getdns_get_errorstr_by_id(r));
-
-	else if ((r = getdns_dict_get_dict(query_extensions_spc,"qext",&qext)))
-		fprintf(stderr, "Could not get query extensions from space: %s"
-		              , getdns_get_errorstr_by_id(r));
-
-	if (!(msg = malloc(sizeof(dns_msg))))
-		goto error;
-
-	/* pass through the header and the OPT record */
-	n = 0;
-	msg->request_id = request_id;
-	msg->request = request;
-	msg->ad_bit = msg->do_bit = msg->cd_bit = 0;
-	msg->has_edns0 = 0;
-	msg->rt = GETDNS_RESOLUTION_RECURSING;
-	(void) getdns_dict_get_int(request, "/header/ad", &msg->ad_bit);
-	(void) getdns_dict_get_int(request, "/header/cd", &msg->cd_bit);
-	if (!getdns_dict_get_list(request, "additional", &additional)) {
-		if (getdns_list_get_length(additional, &len))
-			len = 0;
-		for (i = 0; i < len; i++) {
-			if (getdns_list_get_dict(additional, i, &rr))
-				break;
-			if (getdns_dict_get_int(rr, "type", &rr_type))
-				break;
-			if (rr_type != GETDNS_RRTYPE_OPT)
-				continue;
-			msg->has_edns0 = 1;
-			(void) getdns_dict_get_int(rr, "do", &msg->do_bit);
-			break;
-		}
-	}
-	if ((r = getdns_context_get_resolution_type(context, &msg->rt)))
-		fprintf(stderr, "Could get resolution type from context: %s\n",
-		    getdns_get_errorstr_by_id(r));
-
-	if (msg->rt == GETDNS_RESOLUTION_STUB) {
-		(void)getdns_dict_set_int(
-		    qext , "/add_opt_parameters/do_bit", msg->do_bit);
-		if (!getdns_dict_get_dict(request, "header", &header))
-			(void)getdns_dict_set_dict(qext, "header", header);
-
-	}
-	if (msg->cd_bit)
-		getdns_dict_set_int(qext, "dnssec_return_all_statuses",
-		    GETDNS_EXTENSION_TRUE);
-
-	if (!getdns_dict_get_int(request, "/additional/0/extended_rcode",&n))
-		(void)getdns_dict_set_int(
-		    qext, "/add_opt_parameters/extended_rcode", n);
-
-	if (!getdns_dict_get_int(request, "/additional/0/version", &n))
-		(void)getdns_dict_set_int(
-		    qext, "/add_opt_parameters/version", n);
-
-	if (!getdns_dict_get_int(
-	    request, "/additional/0/udp_payload_size", &n))
-		(void)getdns_dict_set_int(qext,
-		    "/add_opt_parameters/maximum_udp_payload_size", n);
-
-	if (!getdns_dict_get_list(
-	    request, "/additional/0/rdata/options", &list))
-		(void)getdns_dict_set_list(qext,
-		    "/add_opt_parameters/options", list);
-
-#if 0
-	do {
-		char *str = getdns_pretty_print_dict(request);
-		fprintf(stderr, "query: %s\n", str);
-		free(str);
-		str = getdns_pretty_print_dict(qext);
-		fprintf(stderr, "query with extensions: %s\n", str);
-		free(str);
-	} while (0);
-#endif
-	if ((r = getdns_dict_get_bindata(request,"/question/qname",&qname)))
-		fprintf(stderr, "Could not get qname from query: %s\n",
-		    getdns_get_errorstr_by_id(r));
-
-	else if ((r = getdns_convert_dns_name_to_fqdn(qname, &qname_str)))
-		fprintf(stderr, "Could not convert qname: %s\n",
-		    getdns_get_errorstr_by_id(r));
-
-	else if ((r=getdns_dict_get_int(request,"/question/qtype",&qtype)))
-		fprintf(stderr, "Could get qtype from query: %s\n",
-		    getdns_get_errorstr_by_id(r));
-
-	else if ((r=getdns_dict_get_int(request,"/question/qclass",&qclass)))
-		fprintf(stderr, "Could get qclass from query: %s\n",
-		    getdns_get_errorstr_by_id(r));
-
-	else if ((r = getdns_dict_set_int(qext, "specify_class", qclass)))
-		fprintf(stderr, "Could set class from query: %s\n",
-		    getdns_get_errorstr_by_id(r));
-
-	else if ((r = getdns_general(context, qname_str, qtype,
-	    qext, msg, &transaction_id, request_cb)))
-		fprintf(stderr, "Could not schedule query: %s\n",
-		    getdns_get_errorstr_by_id(r));
-	else {
-		DEBUG_SERVER("scheduled: %p %"PRIu64" for %s %d\n",
-		    msg, transaction_id, qname_str, (int)qtype);
-		free(qname_str);
-		return;
-	}
-error:
-	if (qname_str)
-		free(qname_str);
-	servfail(msg, &response);
-#if defined(SERVER_DEBUG) && SERVER_DEBUG
-	do {
-		char *request_str = getdns_pretty_print_dict(request);
-		char *response_str = getdns_pretty_print_dict(response);
-		DEBUG_SERVER("request error, request: %s\n, response: %s\n"
-		            , request_str, response_str);
-		free(response_str);
-		free(request_str);
-	} while(0);
-#endif
-	if ((r = getdns_reply(context, request_id, response))) {
-		fprintf(stderr, "Could not reply: %s\n",
-		    getdns_get_errorstr_by_id(r));
-		/* Cancel reply */
-		getdns_reply(context, request_id, NULL);
-	}
-	if (msg) {
-		if (msg->request)
-			getdns_dict_destroy(msg->request);
-		free(msg);
-	}
-	if (response)
-		getdns_dict_destroy(response);
-}
-
-/**
- * \brief A wrapper script for command line testing of getdns
- *  getdns_query -h provides details of the available options (the syntax is 
- *  similar to that of drill)
- *  Note that for getdns the -z options enables getdns as a daemon which
- *  allows getdns to be used as the local stub (or recursive) resolver
- */
-
-int
-main(int argc, char **argv)
-{
-	getdns_return_t r;
-
-	name = the_root;
-	if ((r = getdns_context_create(&context, 1))) {
-		fprintf(stderr, "Create context failed: %d\n", (int)r);
-		return r;
-	}
-	if ((r = getdns_context_set_use_threads(context, 1)))
-		goto done_destroy_context;
-	extensions = getdns_dict_create();
-	if (! extensions) {
-		fprintf(stderr, "Could not create extensions dict\n");
-		r = GETDNS_RETURN_MEMORY_ERROR;
-		goto done_destroy_context;
-	}
-	if ((r = parse_args(argc, argv)))
-		goto done_destroy_context;
-
-	if (query_file) {
-		fp = fopen(query_file, "rt");
-		if (fp == NULL) {
-			fprintf(stderr, "Could not open query file: %s\n", query_file);
-			goto done_destroy_context;
-		}
-	} else
-		fp = stdin;
-
-	if (listen_count || interactive) {
-		if ((r = getdns_context_get_eventloop(context, &loop)))
-			goto done_destroy_context;
-		assert(loop);
-	}
-	if (listen_count && (r = getdns_context_set_listen_addresses(
-	    context, incoming_request_handler, listen_list)))
-		goto done_destroy_context;
-
-	/* Make the call */
-	if (interactive) {
-		getdns_eventloop_event read_line_ev = {
-		    &read_line_ev, read_line_cb, NULL, NULL, NULL };
-
-		assert(loop);
-		(void) loop->vmt->schedule(
-		    loop, fileno(fp), -1, &read_line_ev);
-
-		if (!query_file) {
-			printf("> ");
-			fflush(stdout);
-		}
-		loop->vmt->run(loop);
-	}
-	else if (listen_count) {
-		assert(loop);
-		loop->vmt->run(loop);
-	} else
-		r = do_the_call();
-
-	if ((r == GETDNS_RETURN_GOOD && batch_mode))
-		getdns_context_run(context);
-
-	/* Clean up */
-	getdns_dict_destroy(extensions);
-done_destroy_context:
-	getdns_context_destroy(context);
-
-	if (listen_list)
-		getdns_list_destroy(listen_list);
-
-	if (fp)
-		fclose(fp);
-
-	if (r == CONTINUE)
-		return 0;
-	else if (r == CONTINUE_ERROR)
-		return 1;
-	fprintf(stdout, "\nAll done.\n");
-	return r;
-}
-
-
diff --git a/src/test/tpkg/110-link.tpkg/110-link.test b/src/test/tpkg/110-link.tpkg/110-link.test
index c0d77db0..424c9074 100644
--- a/src/test/tpkg/110-link.tpkg/110-link.test
+++ b/src/test/tpkg/110-link.tpkg/110-link.test
@@ -6,5 +6,5 @@
 
 cd "${BUILDDIR}/build"
 make getdns_query \
-    &&  echo "export GETDNS_QUERY=\"${BUILDDIR}/build/src/test/getdns_query\"" \
+    &&  echo "export GETDNS_QUERY=\"${BUILDDIR}/build/src/tools/getdns_query\"" \
         >> ../.tpkg.var.master
diff --git a/src/test/tpkg/210-stub-only-link.tpkg/210-stub-only-link.test b/src/test/tpkg/210-stub-only-link.tpkg/210-stub-only-link.test
index 33379762..94aaf626 100644
--- a/src/test/tpkg/210-stub-only-link.tpkg/210-stub-only-link.test
+++ b/src/test/tpkg/210-stub-only-link.tpkg/210-stub-only-link.test
@@ -6,5 +6,5 @@
 
 cd "${BUILDDIR}/build-stub-only"
 make getdns_query \
-    &&  echo "export GETDNS_STUB_QUERY=\"${BUILDDIR}/build-stub-only/src/test/getdns_query\"" \
+    &&  echo "export GETDNS_STUB_QUERY=\"${BUILDDIR}/build-stub-only/src/tools/getdns_query\"" \
         >> ../.tpkg.var.master

From 2485c11e32d7b617b9dc8bb7eadf9ac38b62f309 Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Thu, 14 Jul 2016 14:02:29 +0200
Subject: [PATCH 07/25] Include jsmn in dist tarball

---
 Makefile.in | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Makefile.in b/Makefile.in
index 331c889e..3f727468 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -178,6 +178,7 @@ $(distdir):
 	mkdir -p $(distdir)/src
 	mkdir -p $(distdir)/src/getdns
 	mkdir -p $(distdir)/src/test
+	mkdir -p $(distdir)/src/test/jsmn
 	mkdir -p $(distdir)/src/extension
 	mkdir -p $(distdir)/src/compat
 	mkdir -p $(distdir)/src/util
@@ -224,6 +225,9 @@ $(distdir):
 	cp $(srcdir)/spec/*.tgz $(distdir)/spec || true
 	cp $(srcdir)/spec/example/Makefile.in $(distdir)/spec/example
 	cp $(srcdir)/spec/example/*.[ch] $(distdir)/spec/example
+	cp $(srcdir)/src/test/jsmn/*.[ch] $(distdir)/src/test/jsmn
+	cp $(srcdir)/src/test/jsmn/LICENSE $(distdir)/src/test/jsmn
+	cp $(srcdir)/src/test/jsmn/README.md $(distdir)/src/test/jsmn
 	rm -f $(distdir)/Makefile $(distdir)/src/Makefile $(distdir)/src/getdns/getdns.h $(distdir)/spec/example/Makefile $(distdir)/src/test/Makefile $(distdir)/doc/Makefile $(distdir)/src/config.h
 
 distcheck: $(distdir).tar.gz

From 906a8d68c241c15b9d4812e4340a8af53603cc52 Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Thu, 14 Jul 2016 14:06:00 +0200
Subject: [PATCH 08/25] fix for converting empty lists and dicts

---
 src/test/getdns_str2dict.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/test/getdns_str2dict.c b/src/test/getdns_str2dict.c
index ae5fb1d9..28323d9d 100644
--- a/src/test/getdns_str2dict.c
+++ b/src/test/getdns_str2dict.c
@@ -410,7 +410,10 @@ static int _jsmn_get_dict(struct mem_funcs *mf, const char *js, jsmntok_t *t,
 	char key_spc[1024], *key = NULL;
 	getdns_item child_item;
 
-	for (i = 0; i < t->size; i++) {
+	if (t->size <= 0)
+		*r = GETDNS_RETURN_GOOD;
+
+	else for (i = 0; i < t->size; i++) {
 		if (t[j].type != JSMN_STRING &&
 		    t[j].type != JSMN_PRIMITIVE) {
 
@@ -484,7 +487,10 @@ static int _jsmn_get_list(struct mem_funcs *mf, const char *js, jsmntok_t *t,
 	size_t i, j = 1, index = 0;
 	getdns_item child_item;
 
-	for (i = 0; i < t->size; i++) {
+	if (t->size <= 0)
+		*r = GETDNS_RETURN_GOOD;
+
+	else for (i = 0; i < t->size; i++) {
 		j += _jsmn_get_item(mf, js, t + j, count - j, &child_item, r);
 		if (*r) break;
 

From bae426a0e224c3ac54ac672431493261bb054e58 Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Thu, 14 Jul 2016 14:09:08 +0200
Subject: [PATCH 09/25] Unread assignment

---
 src/test/getdns_query.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/test/getdns_query.c b/src/test/getdns_query.c
index 6ff6097c..05645a5f 100644
--- a/src/test/getdns_query.c
+++ b/src/test/getdns_query.c
@@ -442,12 +442,11 @@ static void parse_config(const char *config_str)
 			 * will get destroyed.
 			 */
 			if (!listen_dict &&
-			    !(listen_dict = getdns_dict_create())) {
+			    !(listen_dict = getdns_dict_create()))
 				fprintf(stderr, "Could not create "
 						"listen_dict");
-				r = GETDNS_RETURN_MEMORY_ERROR;
 
-			} else if ((r = getdns_dict_set_list(
+			else if ((r = getdns_dict_set_list(
 			    listen_dict, "listen_list", list)))
 				fprintf(stderr, "Could not set listen_list");
 

From 689fc02fd2fe37a29301ad9d4ee2b664f0a76f02 Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Thu, 14 Jul 2016 14:14:15 +0200
Subject: [PATCH 10/25] Allow errors while setting up listeners

---
 src/test/getdns_context_set_listen_addresses.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/test/getdns_context_set_listen_addresses.c b/src/test/getdns_context_set_listen_addresses.c
index 3b05e803..9246b640 100644
--- a/src/test/getdns_context_set_listen_addresses.c
+++ b/src/test/getdns_context_set_listen_addresses.c
@@ -804,6 +804,8 @@ getdns_return_t getdns_context_set_listen_addresses(getdns_context *context,
 	new_set->count = new_set_count * n_transports;
 	(void) memset(new_set->items, 0,
 	    sizeof(listener) * new_set_count * n_transports);
+	for (i = 0; i < new_set->count; i++)
+		new_set->items[i].fd = -1;
 
 	(void) memset(&hints, 0, sizeof(struct addrinfo));
 	hints.ai_family    = AF_UNSPEC;
@@ -906,7 +908,7 @@ getdns_return_t getdns_context_set_listen_addresses(getdns_context *context,
 			/* So the event can be rescheduled */
 		}
 	}
-	if ((r = add_listeners(new_set))) {
+	if (r || (r = add_listeners(new_set))) {
 		for (i = 0; i < new_set->count; i++)
 			new_set->items[i].action = to_remove;
 

From 99d8672bee82ad5358be501dd3c66e98f8b200ed Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Thu, 14 Jul 2016 14:24:32 +0200
Subject: [PATCH 11/25] Fix few possible NULL dereference issues

---
 src/dnssec.c  | 6 ++++--
 src/rr-iter.c | 2 +-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/dnssec.c b/src/dnssec.c
index b46be44b..f567b96b 100644
--- a/src/dnssec.c
+++ b/src/dnssec.c
@@ -2049,7 +2049,8 @@ static int find_nsec_covering_name(
 	                                        , SECTION_NO_ADDITIONAL)
 	    ; i ; i = _getdns_rrset_iter_next(i)) {
 
-		if ((n = _getdns_rrset_iter_value(i))->rr_type == GETDNS_RRTYPE_NSEC3
+		if ((n = _getdns_rrset_iter_value(i))
+		    && n->rr_type == GETDNS_RRTYPE_NSEC3
 
 		    /* Get the bitmap rdata field */
 		    && (nsec_rr = _getdns_rrtype_iter_init(&nsec_spc, n))
@@ -2085,7 +2086,8 @@ static int find_nsec_covering_name(
 
 			return keytag;
 		}
-		if ((n = _getdns_rrset_iter_value(i))->rr_type == GETDNS_RRTYPE_NSEC
+		if ((n = _getdns_rrset_iter_value(i))
+		    && n->rr_type == GETDNS_RRTYPE_NSEC
 		    && nsec_covers_name(n, name, NULL)
 
 		    /* Get the bitmap rdata field */
diff --git a/src/rr-iter.c b/src/rr-iter.c
index e6a711de..9b332603 100644
--- a/src/rr-iter.c
+++ b/src/rr-iter.c
@@ -306,7 +306,7 @@ static int rr_owner_equal(_getdns_rr_iter *rr, const uint8_t *name)
 
 	return (owner = _getdns_owner_if_or_as_decompressed(rr, owner_spc
 	                                                      ,&owner_len))
-	    && _getdns_dname_equal(owner, name);
+	    && name && _getdns_dname_equal(owner, name);
 }
 
 /* First a few filter functions that filter a RR iterator to point only

From 80ea8637d18d3bc975cc7c25237575b96fddef2d Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Thu, 14 Jul 2016 14:50:26 +0200
Subject: [PATCH 12/25] Recover src/tools

---
 src/tools/Makefile.in    |  106 +++
 src/tools/getdns_query.c | 1614 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 1720 insertions(+)
 create mode 100644 src/tools/Makefile.in
 create mode 100644 src/tools/getdns_query.c

diff --git a/src/tools/Makefile.in b/src/tools/Makefile.in
new file mode 100644
index 00000000..fa13ea40
--- /dev/null
+++ b/src/tools/Makefile.in
@@ -0,0 +1,106 @@
+#
+# @configure_input@
+#
+# Copyright (c) 2013, Verisign, Inc., NLNet Labs
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above copyright
+#   notice, this list of conditions and the following disclaimer in the
+#   documentation and/or other materials provided with the distribution.
+# * Neither the names of the copyright holders nor the
+#   names of its contributors may be used to endorse or promote products
+#   derived from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL Verisign, Inc. BE LIABLE FOR ANY
+# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+package = @PACKAGE_NAME@
+version = @PACKAGE_VERSION@
+tarname = @PACKAGE_TARNAME@
+distdir = $(tarname)-$(version)
+
+prefix = @prefix@
+exec_prefix = @exec_prefix@
+bindir = @bindir@
+INSTALL = @INSTALL@
+LIBTOOL = ../../libtool
+
+srcdir = @srcdir@
+
+CC=@CC@
+CFLAGS=-I$(srcdir)/.. -I$(srcdir) -I.. $(cflags) @CFLAGS@ @CPPFLAGS@
+LDFLAGS=-L.. @LDFLAGS@
+LDLIBS=../libgetdns.la @LIBS@
+
+ALL_OBJS=getdns_query.lo
+
+PROGRAMS=getdns_query
+
+
+.SUFFIXES: .c .o .a .lo .h
+
+.c.o:
+	$(CC) $(CFLAGS) -c $< -o $@
+
+.c.lo:
+	$(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) -c $< -o $@
+
+default: all
+
+all: $(PROGRAMS)
+
+$(ALL_OBJS):
+	$(LIBTOOL) --quiet --tag=CC --mode=compile $(CC) $(CFLAGS) -c $(srcdir)/$(@:.lo=.c) -o $@
+
+getdns_query: getdns_query.lo
+	$(LIBTOOL) --tag=CC --mode=link $(CC) $(CFLAGS) -o $@ getdns_query.lo $(LDFLAGS) $(LDLIBS)
+
+install: getdns_query
+	$(INSTALL) -m 755 -d $(DESTDIR)$(bindir)
+	$(LIBTOOL) --mode=install cp getdns_query $(DESTDIR)$(bindir)
+
+uninstall:
+	$(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(bindir)/getdns_query
+
+clean:
+	rm -f *.o *.lo $(PROGRAMS)
+	rm -rf .libs
+
+distclean : clean
+	rm -f Makefile
+
+Makefile: $(srcdir)/Makefile.in ../../config.status
+	cd ../.. && ./config.status src/test/Makefile
+
+depend:
+	(cd $(srcdir) ; awk 'BEGIN{P=1}{if(P)print}/^# Dependencies/{P=0}' Makefile.in > Makefile.in.new )
+	(blddir=`pwd`; cd $(srcdir) ; gcc -MM -I. -I.. -I"$$blddir"/.. *.c | \
+		sed -e "s? $$blddir/? ?g" \
+		    -e 's? \([a-z0-9_-]*\)\.\([ch]\)? $$(srcdir)/\1.\2?g' \
+		    -e 's? \.\./\([a-z0-9_-]*\)\.h? $$(srcdir)/../\1.h?g' \
+		    -e 's? \.\./\([a-z0-9_-]*\)/\([a-z0-9_-]*\)\.h? $$(srcdir)/../\1/\2.h?g' \
+		    -e 's? \$$(srcdir)/config\.h? ../config.h?g' \
+		    -e 's? \$$(srcdir)/\.\./config\.h? ../config.h?g' \
+		    -e 's? \$$(srcdir)/\.\./getdns/getdns\.h? ../getdns/getdns.h?g' \
+		    -e 's? \$$(srcdir)/\.\./getdns/getdns_extra\.h? ../getdns/getdns_extra.h?g' \
+		    -e 's!\(.*\)\.o[ :]*!\1.lo \1.o: !g' >> Makefile.in.new )
+	(cd $(srcdir) ; diff Makefile.in.new Makefile.in && rm Makefile.in.new \
+	                                                 || mv Makefile.in.new Makefile.in )
+
+.PHONY: clean test
+
+# Dependencies for getdns_query
+getdns_query.lo getdns_query.o: $(srcdir)/getdns_query.c ../config.h $(srcdir)/../debug.h ../config.h \
+ ../getdns/getdns.h ../getdns/getdns_extra.h
diff --git a/src/tools/getdns_query.c b/src/tools/getdns_query.c
new file mode 100644
index 00000000..81ebd79d
--- /dev/null
+++ b/src/tools/getdns_query.c
@@ -0,0 +1,1614 @@
+/*
+ * Copyright (c) 2013, NLNet Labs, Verisign, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * * Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ *   notice, this list of conditions and the following disclaimer in the
+ *   documentation and/or other materials provided with the distribution.
+ * * Neither the names of the copyright holders nor the
+ *   names of its contributors may be used to endorse or promote products
+ *   derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL Verisign, Inc. BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+#include "debug.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <inttypes.h>
+#include <ctype.h>
+#include <getdns/getdns.h>
+#include <getdns/getdns_extra.h>
+#ifndef USE_WINSOCK
+#include <arpa/inet.h>
+#include <sys/time.h>
+#include <netdb.h>
+#else
+#include <winsock2.h>
+#include <iphlpapi.h>
+typedef unsigned short in_port_t;
+#include <windows.h>
+#include <wincrypt.h>
+#endif
+
+#define EXAMPLE_PIN "pin-sha256=\"E9CZ9INDbd+2eRQozYqqbQ2yXLVKB9+xcprMF+44U1g=\""
+
+static int quiet = 0;
+static int batch_mode = 0;
+static char *query_file = NULL;
+static int json = 0;
+static char *the_root = ".";
+static char *name;
+static getdns_context *context;
+static getdns_dict *extensions;
+static getdns_dict *query_extensions_spc = NULL;
+static getdns_list *pubkey_pinset = NULL;
+static getdns_list *listen_list = NULL;
+int touched_listen_list;
+static getdns_dict *listen_dict = NULL;
+static size_t pincount = 0;
+static size_t listen_count = 0;
+static uint16_t request_type = GETDNS_RRTYPE_NS;
+static int timeout, edns0_size, padding_blocksize;
+static int async = 0, interactive = 0;
+static enum { GENERAL, ADDRESS, HOSTNAME, SERVICE } calltype = GENERAL;
+
+static int get_rrtype(const char *t)
+{
+	char buf[1024] = "GETDNS_RRTYPE_";
+	uint32_t rrtype;
+	long int l;
+	size_t i;
+	char *endptr;
+
+	if (strlen(t) > sizeof(buf) - 15)
+		return -1;
+	for (i = 14; *t && i < sizeof(buf) - 1; i++, t++)
+		buf[i] = toupper(*t);
+	buf[i] = '\0';
+
+	if (!getdns_str2int(buf, &rrtype))
+		return (int)rrtype;
+
+	if (strncasecmp(buf + 14, "TYPE", 4) == 0) {
+		l = strtol(buf + 18, &endptr, 10);
+		if (!*endptr && l >= 0 && l < 65536)
+			return l;
+	}
+	return -1;
+}
+
+static int get_rrclass(const char *t)
+{
+	char buf[1024] = "GETDNS_RRCLASS_";
+	uint32_t rrclass;
+	long int l;
+	size_t i;
+	char *endptr;
+
+	if (strlen(t) > sizeof(buf) - 16)
+		return -1;
+	for (i = 15; *t && i < sizeof(buf) - 1; i++, t++)
+		buf[i] = toupper(*t);
+	buf[i] = '\0';
+
+	if (!getdns_str2int(buf, &rrclass))
+		return (int)rrclass;
+
+	if (strncasecmp(buf + 15, "CLASS", 5) == 0) {
+		l = strtol(buf + 20, &endptr, 10);
+		if (!*endptr && l >= 0 && l < 65536)
+			return l;
+	}
+	return -1;
+}
+
+static getdns_return_t
+fill_transport_list(getdns_context *context, char *transport_list_str, 
+                    getdns_transport_list_t *transports, size_t *transport_count)
+{
+	size_t max_transports = *transport_count;
+	*transport_count = 0;
+	for ( size_t i = 0
+	    ; i < max_transports && i < strlen(transport_list_str)
+	    ; i++, (*transport_count)++) {
+		switch(*(transport_list_str + i)) {
+			case 'U': 
+				transports[i] = GETDNS_TRANSPORT_UDP;
+				break;
+			case 'T': 
+				transports[i] = GETDNS_TRANSPORT_TCP;
+				break;
+			case 'L': 
+				transports[i] = GETDNS_TRANSPORT_TLS;
+				break;
+			default:
+				fprintf(stderr, "Unrecognised transport '%c' in string %s\n", 
+				       *(transport_list_str + i), transport_list_str);
+				return GETDNS_RETURN_GENERIC_ERROR;
+		}
+	}
+	return GETDNS_RETURN_GOOD;
+}
+
+void
+print_usage(FILE *out, const char *progname)
+{
+	fprintf(out, "usage: %s [<option> ...] \\\n"
+	    "\t[@<upstream> ...] [+<extension> ...] [\'{ <settings> }\'] [<name>] [<type>]\n", progname);
+	fprintf(out, "\ndefault mode: "
+#ifdef HAVE_LIBUNBOUND
+	    "recursive"
+#else
+	    "stub"
+#endif
+	    ", synchronous resolution of NS record\n\t\tusing UDP with TCP fallback\n");
+	fprintf(out, "\nupstreams: @<ip>[%%<scope_id>][@<port>][#<tls port>][~<tls name>][^<tsig spec>]");
+	fprintf(out, "\n            <ip>@<port> may be given as <IPv4>:<port>");
+	fprintf(out, "\n                  or \'[\'<IPv6>[%%<scope_id>]\']\':<port> too\n");
+	fprintf(out, "\ntsig spec: [<algorithm>:]<name>:<secret in Base64>\n");
+	fprintf(out, "\nextensions:\n");
+	fprintf(out, "\t+add_warning_for_bad_dns\n");
+	fprintf(out, "\t+dnssec_return_status\n");
+	fprintf(out, "\t+dnssec_return_only_secure\n");
+	fprintf(out, "\t+dnssec_return_all_statuses\n");
+	fprintf(out, "\t+dnssec_return_validation_chain\n");
+	fprintf(out, "\t+dnssec_return_full_validation_chain\n");
+#ifdef DNSSEC_ROADBLOCK_AVOIDANCE
+	fprintf(out, "\t+dnssec_roadblock_avoidance\n");
+#endif
+#ifdef EDNS_COOKIES
+	fprintf(out, "\t+edns_cookies\n");
+#endif
+	fprintf(out, "\t+return_both_v4_and_v6\n");
+	fprintf(out, "\t+return_call_reporting\n");
+	fprintf(out, "\t+sit=<cookie>\t\tSend along cookie OPT with value <cookie>\n");
+	fprintf(out, "\t+specify_class=<class>\n");
+	fprintf(out, "\t+0\t\t\tClear all extensions\n");
+	fprintf(out, "\nsettings in json dict format (like outputted by -i option).\n");
+	fprintf(out, "\noptions:\n");
+	fprintf(out, "\t-a\tPerform asynchronous resolution "
+	    "(default = synchronous)\n");
+	fprintf(out, "\t-A\taddress lookup (<type> is ignored)\n");
+	fprintf(out, "\t-B\tBatch mode. Schedule all messages before processing responses.\n");
+	fprintf(out, "\t-b <bufsize>\tSet edns0 max_udp_payload size\n");
+	fprintf(out, "\t-c\tSend Client Subnet privacy request\n");
+	fprintf(out, "\t-C\t<filename>\n");
+	fprintf(out, "\t\tRead settings from config file <filename>\n");
+	fprintf(out, "\t\tThe getdns context will be configured with these settings\n");
+	fprintf(out, "\t\tThe file must be in json dict format.\n");
+	fprintf(out, "\t-D\tSet edns0 do bit\n");
+	fprintf(out, "\t-d\tclear edns0 do bit\n");
+	fprintf(out, "\t-e <idle_timeout>\tSet idle timeout in miliseconds\n");
+	fprintf(out, "\t-F <filename>\tread the queries from the specified file\n");
+	fprintf(out, "\t-f <filename>\tRead DNSSEC trust anchors from <filename>\n");
+	fprintf(out, "\t-G\tgeneral lookup\n");
+	fprintf(out, "\t-H\thostname lookup. (<name> must be an IP address; <type> is ignored)\n");
+	fprintf(out, "\t-h\tPrint this help\n");
+	fprintf(out, "\t-i\tPrint api information\n");
+	fprintf(out, "\t-I\tInteractive mode (> 1 queries on same context)\n");
+	fprintf(out, "\t-j\tOutput json response dict\n");
+	fprintf(out, "\t-J\tPretty print json response dict\n");
+	fprintf(out, "\t-k\tPrint root trust anchors\n");
+	fprintf(out, "\t-K <pin>\tPin a public key for TLS connections (can repeat)\n");
+	fprintf(out, "\t\t(should look like '" EXAMPLE_PIN "')\n");
+	fprintf(out, "\t-n\tSet TLS authentication mode to NONE (default)\n");
+	fprintf(out, "\t-m\tSet TLS authentication mode to REQUIRED\n");
+	fprintf(out, "\t-p\tPretty print response dict\n");
+	fprintf(out, "\t-P <blocksize>\tPad TLS queries to a multiple of blocksize\n");
+	fprintf(out, "\t-q\tQuiet mode - don't print response\n");
+	fprintf(out, "\t-r\tSet recursing resolution type\n");
+	fprintf(out, "\t-R <filename>\tRead root hints from <filename>\n");
+	fprintf(out, "\t-s\tSet stub resolution type (default = recursing)\n");
+	fprintf(out, "\t-S\tservice lookup (<type> is ignored)\n");
+	fprintf(out, "\t-t <timeout>\tSet timeout in miliseconds\n");
+	fprintf(out, "\t-x\tDo not follow redirects\n");
+	fprintf(out, "\t-X\tFollow redirects (default)\n");
+
+	fprintf(out, "\t-0\tAppend suffix to single label first (default)\n");
+	fprintf(out, "\t-W\tAppend suffix always\n");
+	fprintf(out, "\t-1\tAppend suffix only to single label after failure\n");
+	fprintf(out, "\t-M\tAppend suffix only to multi label name after failure\n");
+	fprintf(out, "\t-N\tNever append a suffix\n");
+	fprintf(out, "\t-Z <suffixes>\tSet suffixes with the given comma separed list\n");
+
+	fprintf(out, "\t-T\tSet transport to TCP only\n");
+	fprintf(out, "\t-O\tSet transport to TCP only keep connections open\n");
+	fprintf(out, "\t-L\tSet transport to TLS only keep connections open\n");
+	fprintf(out, "\t-E\tSet transport to TLS with TCP fallback only keep connections open\n");
+	fprintf(out, "\t-u\tSet transport to UDP with TCP fallback (default)\n");
+	fprintf(out, "\t-U\tSet transport to UDP only\n");
+	fprintf(out, "\t-l <transports>\tSet transport list. List can contain 1 of each of the characters\n");
+	fprintf(out, "\t\t\t U T L S for UDP, TCP or TLS e.g 'UT' or 'LTU' \n");
+	fprintf(out, "\t-z <listen address>\n");
+	fprintf(out, "\t\tListen for DNS requests on the given IP address\n");
+	fprintf(out, "\t\t<listen address> is in the same format as upstreams.\n");
+	fprintf(out, "\t\tThis option can be given more than once.\n");
+}
+
+static getdns_return_t validate_chain(getdns_dict *response)
+{
+	getdns_return_t r;
+	getdns_list *validation_chain;
+	getdns_list *replies_tree;
+	getdns_dict *reply;
+	getdns_list *to_validate;
+	getdns_list *trust_anchor;
+	size_t i;
+	int s;
+	
+	if (!(to_validate = getdns_list_create()))
+		return GETDNS_RETURN_MEMORY_ERROR;
+
+	if (getdns_context_get_dnssec_trust_anchors(context, &trust_anchor))
+		trust_anchor = getdns_root_trust_anchor(NULL);
+
+	if ((r = getdns_dict_get_list(
+	    response, "validation_chain", &validation_chain)))
+		goto error;
+
+	if ((r = getdns_dict_get_list(
+	    response, "replies_tree", &replies_tree)))
+		goto error;
+
+	fprintf(stdout, "replies_tree dnssec_status: ");
+	switch ((s = getdns_validate_dnssec(
+	    replies_tree, validation_chain, trust_anchor))) {
+
+	case GETDNS_DNSSEC_SECURE:
+		fprintf(stdout, "GETDNS_DNSSEC_SECURE\n");
+		break;
+	case GETDNS_DNSSEC_BOGUS:
+		fprintf(stdout, "GETDNS_DNSSEC_BOGUS\n");
+		break;
+	case GETDNS_DNSSEC_INDETERMINATE:
+		fprintf(stdout, "GETDNS_DNSSEC_INDETERMINATE\n");
+		break;
+	case GETDNS_DNSSEC_INSECURE:
+		fprintf(stdout, "GETDNS_DNSSEC_INSECURE\n");
+		break;
+	case GETDNS_DNSSEC_NOT_PERFORMED:
+		fprintf(stdout, "GETDNS_DNSSEC_NOT_PERFORMED\n");
+		break;
+	default:
+		fprintf(stdout, "%d\n", (int)s);
+	}
+
+	i = 0;
+	while (!(r = getdns_list_get_dict(replies_tree, i++, &reply))) {
+
+		if ((r = getdns_list_set_dict(to_validate, 0, reply)))
+			goto error;
+
+		printf("reply "PRIsz", dnssec_status: ", i);
+		switch ((s = getdns_validate_dnssec(
+		    to_validate, validation_chain, trust_anchor))) {
+
+		case GETDNS_DNSSEC_SECURE:
+			fprintf(stdout, "GETDNS_DNSSEC_SECURE\n");
+			break;
+		case GETDNS_DNSSEC_BOGUS:
+			fprintf(stdout, "GETDNS_DNSSEC_BOGUS\n");
+			break;
+		case GETDNS_DNSSEC_INDETERMINATE:
+			fprintf(stdout, "GETDNS_DNSSEC_INDETERMINATE\n");
+			break;
+		case GETDNS_DNSSEC_INSECURE:
+			fprintf(stdout, "GETDNS_DNSSEC_INSECURE\n");
+			break;
+		case GETDNS_DNSSEC_NOT_PERFORMED:
+			fprintf(stdout, "GETDNS_DNSSEC_NOT_PERFORMED\n");
+			break;
+		default:
+			fprintf(stdout, "%d\n", (int)s);
+		}
+	}
+	if (r == GETDNS_RETURN_NO_SUCH_LIST_ITEM)
+		r = GETDNS_RETURN_GOOD;
+error:
+	getdns_list_destroy(trust_anchor);
+	getdns_list_destroy(to_validate);
+
+	return r;
+}
+
+void callback(getdns_context *context, getdns_callback_type_t callback_type,
+    getdns_dict *response, void *userarg, getdns_transaction_t trans_id)
+{
+	char *response_str;
+
+	/* This is a callback with data */;
+	if (response && !quiet && (response_str = json ?
+	    getdns_print_json_dict(response, json == 1)
+	  : getdns_pretty_print_dict(response))) {
+
+		fprintf(stdout, "ASYNC response:\n%s\n", response_str);
+		validate_chain(response);
+		free(response_str);
+	}
+
+	if (callback_type == GETDNS_CALLBACK_COMPLETE) {
+		printf("Response code was: GOOD. Status was: Callback with ID %"PRIu64"  was successfull.\n",
+			trans_id);
+
+	} else if (callback_type == GETDNS_CALLBACK_CANCEL)
+		fprintf(stderr,
+			"An error occurred: The callback with ID %"PRIu64" was cancelled. Exiting.\n",
+			trans_id);
+	else {
+		fprintf(stderr,
+			"An error occurred: The callback got a callback_type of %d. Exiting.\n",
+			(int)callback_type);
+		fprintf(stderr,
+			"Error :      '%s'\n",
+			getdns_get_errorstr_by_id(callback_type));
+	}
+	getdns_dict_destroy(response);
+	response = NULL;
+}
+
+#define CONTINUE ((getdns_return_t)-2)
+#define CONTINUE_ERROR ((getdns_return_t)-3)
+
+static getdns_return_t set_cookie(getdns_dict *exts, char *cookie)
+{
+	uint8_t data[40];
+	size_t i;
+	getdns_return_t r = GETDNS_RETURN_GENERIC_ERROR;
+	getdns_bindata bindata;
+
+	getdns_dict *opt_parameters = getdns_dict_create();
+	getdns_list *options = getdns_list_create();
+	getdns_dict *option = getdns_dict_create();
+
+	if (*cookie == '=')
+		cookie++;
+
+	for (i = 0; i < 40 && *cookie; i++) {
+		if (*cookie >= '0' && *cookie <= '9')
+			data[i] = (uint8_t)(*cookie - '0') << 4;
+		else if (*cookie >= 'a' && *cookie <= 'f')
+			data[i] = (uint8_t)(*cookie - 'a' + 10) << 4;
+		else if (*cookie >= 'A' && *cookie <= 'F')
+			data[i] = (uint8_t)(*cookie - 'A' + 10) << 4;
+		else
+			goto done;
+		cookie++;
+		if (*cookie >= '0' && *cookie <= '9')
+			data[i] |= (uint8_t)(*cookie - '0');
+		else if (*cookie >= 'a' && *cookie <= 'f')
+			data[i] |= (uint8_t)(*cookie - 'a' + 10);
+		else if (*cookie >= 'A' && *cookie <= 'F')
+			data[i] |= (uint8_t)(*cookie - 'A' + 10);
+		else
+			goto done;
+		cookie++;;
+	}
+	bindata.data = data;
+	bindata.size = i;
+	if ((r = getdns_dict_set_int(option, "option_code", 10)))
+		goto done;
+	if ((r = getdns_dict_set_bindata(option, "option_data", &bindata)))
+		goto done;
+	if ((r = getdns_list_set_dict(options, 0, option)))
+		goto done;
+	if ((r = getdns_dict_set_list(opt_parameters, "options", options)))
+		goto done;
+	r = getdns_dict_set_dict(exts, "add_opt_parameters", opt_parameters);
+done:
+	getdns_dict_destroy(option);
+	getdns_list_destroy(options);
+	getdns_dict_destroy(opt_parameters);
+	return r;
+}
+
+static void parse_config(const char *config_str)
+{
+	getdns_dict *config_dict;
+	getdns_list *list;
+	getdns_return_t r;
+
+	if ((r = getdns_str2dict(config_str, &config_dict)))
+		fprintf(stderr, "Could not parse config file: %s\n",
+		    getdns_get_errorstr_by_id(r));
+
+	else {
+		if (!(r = getdns_dict_get_list(
+		    config_dict, "listen_addresses", &list))) {
+			if (listen_list && !listen_dict) {
+				getdns_list_destroy(listen_list);
+				listen_list = NULL;
+			}
+			/* Strange construction to copy the list.
+			 * Needs to be done, because config dict
+			 * will get destroyed.
+			 */
+			if (!listen_dict &&
+			    !(listen_dict = getdns_dict_create())) {
+				fprintf(stderr, "Could not create "
+						"listen_dict");
+				r = GETDNS_RETURN_MEMORY_ERROR;
+
+			} else if ((r = getdns_dict_set_list(
+			    listen_dict, "listen_list", list)))
+				fprintf(stderr, "Could not set listen_list");
+
+			else if ((r = getdns_dict_get_list(
+			    listen_dict, "listen_list", &listen_list)))
+				fprintf(stderr, "Could not get listen_list");
+
+			else if ((r = getdns_list_get_length(
+			    listen_list, &listen_count)))
+				fprintf(stderr, "Could not get listen_count");
+
+			(void) getdns_dict_remove_name(
+			    config_dict, "listen_addresses");
+
+			touched_listen_list = 1;
+		}
+		if ((r = getdns_context_config(context, config_dict))) {
+			fprintf(stderr, "Could not configure context with "
+			    "config dict: %s\n", getdns_get_errorstr_by_id(r));
+		}
+		getdns_dict_destroy(config_dict);
+	}
+}
+
+getdns_return_t parse_args(int argc, char **argv)
+{
+	getdns_return_t r = GETDNS_RETURN_GOOD;
+	size_t i, j;
+	char *arg, *c, *endptr;
+	int t, print_api_info = 0, print_trust_anchors = 0;
+	getdns_list *upstream_list = NULL;
+	getdns_list *tas = NULL, *hints = NULL;
+	getdns_dict *pubkey_pin = NULL;
+	getdns_list *suffixes;
+	char *suffix;
+	getdns_bindata bindata;
+	size_t upstream_count = 0;
+	FILE *fh;
+	uint32_t klass;
+	char *config_file = NULL;
+	long config_file_sz;
+
+	for (i = 1; i < argc; i++) {
+		arg = argv[i];
+		if ((t = get_rrtype(arg)) >= 0) {
+			request_type = t;
+			continue;
+
+		} else if (arg[0] == '+') {
+			if (arg[1] == 's' && arg[2] == 'i' && arg[3] == 't' &&
+			   (arg[4] == '=' || arg[4] == '\0')) {
+				if ((r = set_cookie(extensions, arg+4))) {
+					fprintf(stderr, "Could not set cookie:"
+					    " %d", (int)r);
+					break;
+				}
+			} else if (strncmp(arg+1, "specify_class=", 14) == 0) {
+				if ((klass = get_rrclass(arg+15)) >= 0)
+					r = getdns_dict_set_int(extensions,
+						    "specify_class", klass);
+				else
+					fprintf(stderr,
+					    "Unknown class: %s\n", arg+15);
+
+			} else if (arg[1] == '0') {
+			    /* Unset all existing extensions*/
+				getdns_dict_destroy(extensions);
+				extensions = getdns_dict_create();
+				break;
+			} else if ((r = getdns_dict_set_int(extensions, arg+1,
+			    GETDNS_EXTENSION_TRUE))) {
+				fprintf(stderr, "Could not set extension "
+				    "\"%s\": %d\n", argv[i], (int)r);
+				break;
+			}
+			continue;
+
+		} else if (arg[0] == '@') {
+			getdns_dict *upstream;
+			getdns_bindata *address;
+
+			if ((r = getdns_str2dict(arg + 1, &upstream)))
+				fprintf(stderr, "Could not convert \"%s\" to "
+				    "an IP dict: %s\n", arg + 1,
+				    getdns_get_errorstr_by_id(r));
+
+			else if ((r = getdns_dict_get_bindata(
+			    upstream, "address_data", &address))) {
+
+				fprintf(stderr, "\"%s\" did not translate to "
+				    "an IP dict: %s\n", arg + 1,
+				    getdns_get_errorstr_by_id(r));
+
+				getdns_dict_destroy(upstream);
+			} else {
+				if (!upstream_list &&
+				    !(upstream_list =
+				    getdns_list_create_with_context(context))){
+					fprintf(stderr, "Could not create upstream list\n");
+					return GETDNS_RETURN_MEMORY_ERROR;
+				}
+				(void) getdns_list_set_dict(upstream_list,
+				    upstream_count++, upstream);
+				getdns_dict_destroy(upstream);
+			}
+			continue;
+		} else if (arg[0] == '{') {
+			parse_config(arg);
+			continue;
+
+		} else if (arg[0] != '-') {
+			name = arg;
+			continue;
+		}
+		for (c = arg+1; *c; c++) {
+			getdns_dict *downstream;
+			getdns_bindata *address;
+
+			switch (*c) {
+			case 'a':
+				async = 1;
+				break;
+			case 'A':
+				calltype = ADDRESS;
+				break;
+			case 'b':
+				if (c[1] != 0 || ++i >= argc || !*argv[i]) {
+					fprintf(stderr, "max_udp_payload_size "
+					    "expected after -b\n");
+					return GETDNS_RETURN_GENERIC_ERROR;
+				}
+				edns0_size = strtol(argv[i], &endptr, 10);
+				if (*endptr || edns0_size < 0) {
+					fprintf(stderr, "positive "
+					    "numeric max_udp_payload_size "
+					    "expected after -b\n");
+					return GETDNS_RETURN_GENERIC_ERROR;
+				}
+				getdns_context_set_edns_maximum_udp_payload_size(
+				    context, (uint16_t) edns0_size);
+				goto next;
+			case 'c':
+				if (getdns_context_set_edns_client_subnet_private(context, 1))
+					return GETDNS_RETURN_GENERIC_ERROR;
+				break;
+			case 'C':
+				if (c[1] != 0 || ++i >= argc || !*argv[i]) {
+					fprintf(stderr, "file name expected "
+					    "after -C\n");
+					return GETDNS_RETURN_GENERIC_ERROR;
+				}
+				if (!(fh = fopen(argv[i], "r"))) {
+					fprintf(stderr, "Could not open \"%s\""
+					    ": %s\n",argv[i], strerror(errno));
+					return GETDNS_RETURN_GENERIC_ERROR;
+				}
+				if (fseek(fh, 0,SEEK_END) == -1) {
+					perror("fseek");
+					fclose(fh);
+					return GETDNS_RETURN_GENERIC_ERROR;
+				}
+				config_file_sz = ftell(fh);
+				if (config_file_sz <= 0) {
+					/* Empty config is no config */
+					fclose(fh);
+					break;
+				}
+				if (!(config_file=malloc(config_file_sz + 1))){
+					fclose(fh);
+					fprintf(stderr, "Could not allocate me"
+					    "mory for \"%s\"\n", argv[i]);
+					return GETDNS_RETURN_MEMORY_ERROR;
+				}
+				rewind(fh);
+				if (fread(config_file, 1, config_file_sz, fh)
+				    != config_file_sz) {
+					fprintf(stderr, "An error occurred whil"
+					    "e reading \"%s\": %s\n",argv[i],
+					    strerror(errno));
+					fclose(fh);
+					return GETDNS_RETURN_MEMORY_ERROR;
+				}
+				config_file[config_file_sz] = 0;
+				fclose(fh);
+				parse_config(config_file);
+				free(config_file);
+				config_file = NULL;
+				break;
+			case 'D':
+				(void) getdns_context_set_edns_do_bit(context, 1);
+				break;
+			case 'd':
+				(void) getdns_context_set_edns_do_bit(context, 0);
+				break;
+			case 'f':
+				if (c[1] != 0 || ++i >= argc || !*argv[i]) {
+					fprintf(stderr, "file name expected "
+					    "after -f\n");
+					return GETDNS_RETURN_GENERIC_ERROR;
+				}
+				if (!(fh = fopen(argv[i], "r"))) {
+					fprintf(stderr, "Could not open \"%s\""
+					    ": %s\n",argv[i], strerror(errno));
+					return GETDNS_RETURN_GENERIC_ERROR;
+				}
+				if (getdns_fp2rr_list(fh, &tas, NULL, 3600)) {
+					fprintf(stderr,"Could not parse "
+					    "\"%s\"\n", argv[i]);
+					return GETDNS_RETURN_GENERIC_ERROR;
+				}
+				fclose(fh);
+				if (getdns_context_set_dnssec_trust_anchors(
+				    context, tas)) {
+					fprintf(stderr,"Could not set "
+					    "trust anchors from \"%s\"\n",
+					    argv[i]);
+					return GETDNS_RETURN_GENERIC_ERROR;
+				}
+				getdns_list_destroy(tas);
+				tas = NULL;
+				break;
+			case 'F':
+				if (c[1] != 0 || ++i >= argc || !*argv[i]) {
+					fprintf(stderr, "file name expected "
+					    "after -F\n");
+					return GETDNS_RETURN_GENERIC_ERROR;
+				}
+				query_file = argv[i];
+				interactive = 1;
+				break;
+			case 'G':
+				calltype = GENERAL;
+				break;
+			case 'H':
+				calltype = HOSTNAME;
+				break;
+			case 'h':
+				print_usage(stdout, argv[0]);
+				return CONTINUE;
+			case 'i':
+				print_api_info = 1;
+				break;
+			case 'I':
+				interactive = 1;
+				break;
+			case 'j':
+				json = 2;
+				break;
+			case 'J':
+				json = 1;
+				break;
+			case 'K':
+				if (c[1] != 0 || ++i >= argc || !*argv[i]) {
+					fprintf(stderr, "pin string of the form "
+						EXAMPLE_PIN
+						"expected after -K\n");
+					return GETDNS_RETURN_GENERIC_ERROR;
+				}
+				pubkey_pin = getdns_pubkey_pin_create_from_string(context,
+										 argv[i]);
+				if (pubkey_pin == NULL) {
+					fprintf(stderr, "could not convert '%s' into a "
+						"public key pin.\n"
+						"Good pins look like: " EXAMPLE_PIN "\n"
+						"Please see RFC 7469 for details about "
+						"the format\n", argv[i]);
+					return GETDNS_RETURN_GENERIC_ERROR;
+				}
+				if (pubkey_pinset == NULL)
+					pubkey_pinset = getdns_list_create_with_context(context);
+				if (r = getdns_list_set_dict(pubkey_pinset, pincount++,
+							     pubkey_pin), r) {
+					fprintf(stderr, "Failed to add pin to pinset (error %d: %s)\n",
+						(int)r, getdns_get_errorstr_by_id(r));
+					getdns_dict_destroy(pubkey_pin);
+					pubkey_pin = NULL;
+					return GETDNS_RETURN_GENERIC_ERROR;
+				}
+				getdns_dict_destroy(pubkey_pin);
+				pubkey_pin = NULL;
+				break;
+			case 'k':
+				print_trust_anchors = 1;
+				break;
+			case 'n':
+				getdns_context_set_tls_authentication(context,
+				                 GETDNS_AUTHENTICATION_NONE);
+				break;
+			case 'm':
+				getdns_context_set_tls_authentication(context,
+				                 GETDNS_AUTHENTICATION_REQUIRED);
+				break;
+			case 'P':
+				if (c[1] != 0 || ++i >= argc || !*argv[i]) {
+					fprintf(stderr, "tls_query_padding_blocksize "
+					    "expected after -P\n");
+					return GETDNS_RETURN_GENERIC_ERROR;
+				}
+				padding_blocksize = strtol(argv[i], &endptr, 10);
+				if (*endptr || padding_blocksize < 0) {
+					fprintf(stderr, "non-negative "
+					    "numeric padding blocksize expected "
+					    "after -P\n");
+					return GETDNS_RETURN_GENERIC_ERROR;
+				}
+				if (getdns_context_set_tls_query_padding_blocksize(
+					    context, padding_blocksize))
+					return GETDNS_RETURN_GENERIC_ERROR;
+				goto next;
+			case 'p':
+				json = 0;
+			case 'q':
+				quiet = 1;
+				break;
+			case 'r':
+				getdns_context_set_resolution_type(
+				    context,
+				    GETDNS_RESOLUTION_RECURSING);
+				break;
+			case 'R':
+				if (c[1] != 0 || ++i >= argc || !*argv[i]) {
+					fprintf(stderr, "file name expected "
+					    "after -f\n");
+					return GETDNS_RETURN_GENERIC_ERROR;
+				}
+				if (!(fh = fopen(argv[i], "r"))) {
+					fprintf(stderr, "Could not open \"%s\""
+					    ": %s\n",argv[i], strerror(errno));
+					return GETDNS_RETURN_GENERIC_ERROR;
+				}
+				if (getdns_fp2rr_list(fh, &hints, NULL, 3600)) {
+					fprintf(stderr,"Could not parse "
+					    "\"%s\"\n", argv[i]);
+					return GETDNS_RETURN_GENERIC_ERROR;
+				}
+				fclose(fh);
+				if (getdns_context_set_dns_root_servers(
+				    context, hints)) {
+					fprintf(stderr,"Could not set "
+					    "root servers from \"%s\"\n",
+					    argv[i]);
+					return GETDNS_RETURN_GENERIC_ERROR;
+				}
+				getdns_list_destroy(hints);
+				hints = NULL;
+				break;
+			case 's':
+				getdns_context_set_resolution_type(
+				    context, GETDNS_RESOLUTION_STUB);
+				break;
+			case 'S':
+				calltype = SERVICE;
+				break;
+			case 't':
+				if (c[1] != 0 || ++i >= argc || !*argv[i]) {
+					fprintf(stderr, "timeout expected "
+					    "after -t\n");
+					return GETDNS_RETURN_GENERIC_ERROR;
+				}
+				timeout = strtol(argv[i], &endptr, 10);
+				if (*endptr || timeout < 0) {
+					fprintf(stderr, "positive "
+					    "numeric timeout expected "
+					    "after -t\n");
+					return GETDNS_RETURN_GENERIC_ERROR;
+				}
+				getdns_context_set_timeout(
+					context, timeout);
+				goto next;
+			case 'x': 
+				getdns_context_set_follow_redirects(
+				    context, GETDNS_REDIRECTS_DO_NOT_FOLLOW);
+				break;
+			case 'X': 
+				getdns_context_set_follow_redirects(
+				    context, GETDNS_REDIRECTS_FOLLOW);
+				break;
+			case 'e':
+				if (c[1] != 0 || ++i >= argc || !*argv[i]) {
+					fprintf(stderr, "idle timeout expected "
+					    "after -t\n");
+					return GETDNS_RETURN_GENERIC_ERROR;
+				}
+				timeout = strtol(argv[i], &endptr, 10);
+				if (*endptr || timeout < 0) {
+					fprintf(stderr, "positive "
+					    "numeric idle timeout expected "
+					    "after -t\n");
+					return GETDNS_RETURN_GENERIC_ERROR;
+				}
+				getdns_context_set_idle_timeout(
+					context, timeout);
+				goto next;
+			case 'W':
+				(void) getdns_context_set_append_name(context,
+				    GETDNS_APPEND_NAME_ALWAYS);
+				break;
+			case '1':
+				(void) getdns_context_set_append_name(context,
+			GETDNS_APPEND_NAME_ONLY_TO_SINGLE_LABEL_AFTER_FAILURE);
+				break;
+			case '0':
+				(void) getdns_context_set_append_name(context,
+				    GETDNS_APPEND_NAME_TO_SINGLE_LABEL_FIRST);
+				break;
+			case 'M':
+				(void) getdns_context_set_append_name(context,
+		GETDNS_APPEND_NAME_ONLY_TO_MULTIPLE_LABEL_NAME_AFTER_FAILURE);
+				break;
+			case 'N':
+				(void) getdns_context_set_append_name(context,
+				    GETDNS_APPEND_NAME_NEVER);
+				break;
+			case 'Z':
+				if (c[1] != 0 || ++i >= argc || !*argv[i]) {
+					fprintf(stderr, "suffixes expected"
+					    "after -Z\n");
+					return GETDNS_RETURN_GENERIC_ERROR;
+				}
+				if (!(suffixes = getdns_list_create()))
+					return GETDNS_RETURN_MEMORY_ERROR;
+				suffix = strtok(argv[i], ",");
+				j = 0;
+				while (suffix) {
+					bindata.size = strlen(suffix);
+					bindata.data = (void *)suffix;
+					(void) getdns_list_set_bindata(
+					    suffixes, j++, &bindata);
+					suffix = strtok(NULL, ",");
+				}
+				(void) getdns_context_set_suffix(context,
+				    suffixes);
+				getdns_list_destroy(suffixes);
+				goto next;
+			case 'T':
+				getdns_context_set_dns_transport(context,
+				    GETDNS_TRANSPORT_TCP_ONLY);
+				break;
+			case 'O':
+				getdns_context_set_dns_transport(context,
+				    GETDNS_TRANSPORT_TCP_ONLY_KEEP_CONNECTIONS_OPEN);
+				break;
+			case 'L':
+				getdns_context_set_dns_transport(context,
+				    GETDNS_TRANSPORT_TLS_ONLY_KEEP_CONNECTIONS_OPEN);
+				break;
+			case 'E':
+				getdns_context_set_dns_transport(context,
+				    GETDNS_TRANSPORT_TLS_FIRST_AND_FALL_BACK_TO_TCP_KEEP_CONNECTIONS_OPEN);
+				break;
+			case 'u':
+				getdns_context_set_dns_transport(context,
+				    GETDNS_TRANSPORT_UDP_FIRST_AND_FALL_BACK_TO_TCP);
+				break;
+			case 'U':
+				getdns_context_set_dns_transport(context,
+				    GETDNS_TRANSPORT_UDP_ONLY);
+				break;
+			case 'l':
+				if (c[1] != 0 || ++i >= argc || !*argv[i]) {
+					fprintf(stderr, "transport list expected "
+					    "after -l\n");
+					return GETDNS_RETURN_GENERIC_ERROR;
+				}
+				getdns_transport_list_t transports[10];
+				size_t transport_count = sizeof(transports);
+				if ((r = fill_transport_list(context, argv[i], transports, &transport_count)) ||
+				    (r = getdns_context_set_dns_transport_list(context, 
+				                                               transport_count, transports))){
+						fprintf(stderr, "Could not set transports\n");
+						return r;
+				}
+				break;
+			case 'B':
+				batch_mode = 1;
+				break;
+
+			case 'z':
+				if (c[1] != 0 || ++i >= argc || !*argv[i]) {
+					fprintf(stderr, "listed address "
+					                "expected after -z\n");
+					return GETDNS_RETURN_GENERIC_ERROR;
+				}
+				if (argv[i][0] == '-' && argv[i][1] == '\0') {
+					if (listen_list && !listen_dict)
+						getdns_list_destroy(
+						    listen_list);
+					listen_list = NULL;
+					listen_count = 0;
+					touched_listen_list = 1;
+					DEBUG_SERVER("Clear listen list\n");
+					break;
+				}
+
+				if ((r = getdns_str2dict(argv[i], &downstream)))
+					fprintf(stderr, "Could not convert \"%s\" to "
+					    "an IP dict: %s\n", argv[i],
+					    getdns_get_errorstr_by_id(r));
+
+				else if ((r = getdns_dict_get_bindata(
+				    downstream, "address_data", &address))) {
+
+					fprintf(stderr, "\"%s\" did not translate to "
+					    "an IP dict: %s\n", argv[i],
+					    getdns_get_errorstr_by_id(r));
+
+					getdns_dict_destroy(downstream);
+				} else {
+					if (!listen_list &&
+					    !(listen_list =
+					    getdns_list_create_with_context(context))){
+						fprintf(stderr, "Could not create "
+								"downstream list\n");
+						return GETDNS_RETURN_MEMORY_ERROR;
+					}
+					getdns_list_set_dict(listen_list,
+					    listen_count++, downstream);
+					getdns_dict_destroy(downstream);
+					touched_listen_list = 1;
+				}
+				break;
+			default:
+				fprintf(stderr, "Unknown option "
+				    "\"%c\"\n", *c);
+				for (i = 0; i < argc; i++)
+					fprintf(stderr, "%d: \"%s\"\n", (int)i, argv[i]);
+				return GETDNS_RETURN_GENERIC_ERROR;
+			}
+		}
+next:		;
+	}
+	if (r)
+		return r;
+	if (pubkey_pinset && upstream_count) {
+		getdns_dict *upstream;
+		/* apply the accumulated pubkey pinset to all upstreams: */
+		for (i = 0; i < upstream_count; i++) {
+			if (r = getdns_list_get_dict(upstream_list, i, &upstream), r) {
+				fprintf(stderr, "Failed to get upstream "PRIsz" when adding pinset\n", i);
+				return r;
+			}
+			if (r = getdns_dict_set_list(upstream, "tls_pubkey_pinset", pubkey_pinset), r) {
+				fprintf(stderr, "Failed to set pubkey pinset on upstream "PRIsz"\n", i);
+				return r;
+			}
+		}
+	}
+	if (upstream_count &&
+	    (r = getdns_context_set_upstream_recursive_servers(
+	    context, upstream_list))) {
+		fprintf(stderr, "Error setting upstream recursive servers\n");
+	}
+	if (upstream_list)
+		getdns_list_destroy(upstream_list);
+
+	if (print_api_info) {
+		getdns_dict *api_information = 
+		    getdns_context_get_api_information(context);
+		char *api_information_str =
+		    getdns_pretty_print_dict(api_information);
+		fprintf(stdout, "%s\n", api_information_str);
+		free(api_information_str);
+		getdns_dict_destroy(api_information);
+		return CONTINUE;
+	}
+	if (print_trust_anchors) {
+		if (!getdns_context_get_dnssec_trust_anchors(context, &tas)) {
+		/* if ((tas = getdns_root_trust_anchor(NULL))) { */
+			char *tas_str = getdns_pretty_print_list(tas);
+			fprintf(stdout, "%s\n", tas_str);
+			free(tas_str);
+			getdns_list_destroy(tas);
+			return CONTINUE;
+		} else
+			return CONTINUE_ERROR;
+	}
+	return r;
+}
+
+getdns_return_t do_the_call(void)
+{
+	getdns_return_t r;
+	getdns_dict *address = NULL;
+	getdns_bindata *address_bindata;
+	getdns_dict *response = NULL;
+	char *response_str;
+	uint32_t status;
+
+	if (calltype != HOSTNAME)
+		; /* pass */
+
+	else if ((r = getdns_str2dict(name, &address))) {
+
+		fprintf(stderr, "Could not convert \"%s\" to an IP dict: %s\n"
+		              , name, getdns_get_errorstr_by_id(r));
+		return GETDNS_RETURN_GOOD;
+
+	} else if ((r = getdns_dict_get_bindata(
+	    address, "address_data", &address_bindata))) {
+
+		fprintf(stderr, "Could not convert \"%s\" to an IP dict: %s\n"
+		              , name, getdns_get_errorstr_by_id(r));
+		getdns_dict_destroy(address);
+		return GETDNS_RETURN_GOOD;
+	}
+	if (async) {
+		switch (calltype) {
+		case GENERAL:
+			r = getdns_general(context, name, request_type,
+			    extensions, &response, NULL, callback);
+			break;
+		case ADDRESS:
+			r = getdns_address(context, name,
+			    extensions, &response, NULL, callback);
+			break;
+		case HOSTNAME:
+			r = getdns_hostname(context, address,
+			    extensions, &response, NULL, callback);
+			break;
+		case SERVICE:
+			r = getdns_service(context, name,
+			    extensions, &response, NULL, callback);
+			break;
+		default:
+			r = GETDNS_RETURN_GENERIC_ERROR;
+			break;
+		}
+		if (r == GETDNS_RETURN_GOOD && !batch_mode) 
+			getdns_context_run(context);
+		if (r != GETDNS_RETURN_GOOD)
+			fprintf(stderr, "An error occurred: %d '%s'\n", (int)r,
+				 getdns_get_errorstr_by_id(r));
+	} else {
+		switch (calltype) {
+		case GENERAL:
+			r = getdns_general_sync(context, name,
+			    request_type, extensions, &response);
+			break;
+		case ADDRESS:
+			r = getdns_address_sync(context, name,
+			    extensions, &response);
+			break;
+		case HOSTNAME:
+			r = getdns_hostname_sync(context, address,
+			    extensions, &response);
+			break;
+		case SERVICE:
+			r = getdns_service_sync(context, name,
+			    extensions, &response);
+			break;
+		default:
+			r = GETDNS_RETURN_GENERIC_ERROR;
+			break;
+		}
+		if (r != GETDNS_RETURN_GOOD) {
+			fprintf(stderr, "An error occurred: %d '%s'\n", (int)r,
+				 getdns_get_errorstr_by_id(r));
+			getdns_dict_destroy(address);
+			return r;
+		}
+		if (response && !quiet) {
+			if ((response_str = json ?
+			    getdns_print_json_dict(response, json == 1)
+			  : getdns_pretty_print_dict(response))) {
+
+				fprintf( stdout, "SYNC response:\n%s\n"
+				       , response_str);
+				validate_chain(response);
+				free(response_str);
+			} else {
+				r = GETDNS_RETURN_MEMORY_ERROR;
+				fprintf( stderr
+				       , "Could not print response\n");
+			}
+		}
+		getdns_dict_get_int(response, "status", &status);
+		fprintf(stdout, "Response code was: GOOD. Status was: %s\n", 
+			 getdns_get_errorstr_by_id(status));
+		if (response)
+			getdns_dict_destroy(response);
+	}
+	getdns_dict_destroy(address);
+	return r;
+}
+
+getdns_eventloop *loop = NULL;
+FILE *fp;
+static void incoming_request_handler(getdns_context *context,
+    getdns_dict *request, getdns_transaction_t request_id);
+
+
+void read_line_cb(void *userarg)
+{
+	getdns_eventloop_event *read_line_ev = userarg;
+	getdns_return_t r;
+
+	char line[1024], *token, *linev[256];
+	int linec;
+
+	if (!fgets(line, 1024, fp) || !*line) {
+		if (query_file)
+			fprintf(stdout,"End of file.");
+		loop->vmt->clear(loop, read_line_ev);
+		if (listen_count)
+			(void) getdns_context_set_listen_addresses(
+			    context, NULL, NULL);
+		return;
+	}
+	if (query_file)
+		fprintf(stdout,"Found query: %s", line);
+
+	linev[0] = __FILE__;
+	linec = 1;
+	if (!(token = strtok(line, " \t\f\n\r"))) {
+		if (! query_file) {
+			printf("> ");
+			fflush(stdout);
+		}
+		return;
+	}
+	if (*token == '#') {
+		fprintf(stdout,"Result:      Skipping comment\n");
+		if (! query_file) {
+			printf("> ");
+			fflush(stdout);
+		}
+		return;
+	}
+	do linev[linec++] = token;
+	while (linec < 256 && (token = strtok(NULL, " \t\f\n\r")));
+
+	touched_listen_list = 0;
+	r = parse_args(linec, linev);
+	if (!r && touched_listen_list) {
+		r = getdns_context_set_listen_addresses(
+		    context, incoming_request_handler, listen_list);
+	}
+	if ((r || (r = do_the_call())) &&
+	    (r != CONTINUE && r != CONTINUE_ERROR))
+		loop->vmt->clear(loop, read_line_ev);
+
+	else if (! query_file) {
+		printf("> ");
+		fflush(stdout);
+	}
+}
+
+typedef struct dns_msg {
+	getdns_transaction_t  request_id;
+	getdns_dict          *request;
+	uint32_t              rt;
+	uint32_t              ad_bit;
+	uint32_t              do_bit;
+	uint32_t              cd_bit;
+	int                   has_edns0;
+} dns_msg;
+
+#if defined(SERVER_DEBUG) && SERVER_DEBUG
+#define SERVFAIL(error,r,msg,resp_p) do { \
+	if (r)	DEBUG_SERVER("%s: %s\n", error, getdns_get_errorstr_by_id(r)); \
+	else	DEBUG_SERVER("%s\n", error); \
+	servfail(msg, resp_p); \
+	} while (0)
+#else
+#define SERVFAIL(error,r,msg,resp_p) servfail(msg, resp_p)
+#endif
+
+void servfail(dns_msg *msg, getdns_dict **resp_p)
+{
+	getdns_dict *dict;
+
+	if (*resp_p)
+		getdns_dict_destroy(*resp_p);
+	if (!(*resp_p = getdns_dict_create()))
+		return;
+	if (msg) {
+		if (!getdns_dict_get_dict(msg->request, "header", &dict))
+			getdns_dict_set_dict(*resp_p, "header", dict);
+		if (!getdns_dict_get_dict(msg->request, "question", &dict))
+			getdns_dict_set_dict(*resp_p, "question", dict);
+		(void) getdns_dict_set_int(*resp_p, "/header/ra",
+		    msg->rt == GETDNS_RESOLUTION_RECURSING ? 1 : 0);
+	}
+	(void) getdns_dict_set_int(
+	    *resp_p, "/header/rcode", GETDNS_RCODE_SERVFAIL);
+	(void) getdns_dict_set_int(*resp_p, "/header/qr", 1);
+	(void) getdns_dict_set_int(*resp_p, "/header/ad", 0);
+}
+
+static getdns_return_t _handle_edns0(
+    getdns_dict *response, int has_edns0)
+{
+	getdns_return_t r;
+	getdns_list *additional;
+	size_t len, i;
+	getdns_dict *rr;
+	uint32_t rr_type;
+	char remove_str[100] = "/replies_tree/0/additional/";
+
+	if ((r = getdns_dict_set_int(
+	    response, "/replies_tree/0/header/do", 0)))
+		return r;
+	if ((r = getdns_dict_get_list(response, "/replies_tree/0/additional",
+	    &additional)))
+		return r;
+	if ((r = getdns_list_get_length(additional, &len)))
+		return r;
+	for (i = 0; i < len; i++) {
+		if ((r = getdns_list_get_dict(additional, i, &rr)))
+			return r;
+		if ((r = getdns_dict_get_int(rr, "type", &rr_type)))
+			return r;
+		if (rr_type != GETDNS_RRTYPE_OPT)
+			continue;
+		if (has_edns0) {
+			(void) getdns_dict_set_int(rr, "do", 0);
+			break;
+		}
+		(void) snprintf(remove_str + 27, 60, "%d", (int)i);
+		if ((r = getdns_dict_remove_name(response, remove_str)))
+			return r;
+		break;
+	}
+	return GETDNS_RETURN_GOOD;
+}
+
+static void request_cb(
+    getdns_context *context, getdns_callback_type_t callback_type,
+    getdns_dict *response, void *userarg, getdns_transaction_t transaction_id)
+{
+	dns_msg *msg = (dns_msg *)userarg;
+	uint32_t qid;
+	getdns_return_t r = GETDNS_RETURN_GOOD;
+	uint32_t n, rcode, dnssec_status;
+
+	DEBUG_SERVER("reply for: %p %"PRIu64" %d (edns0: %d, do: %d, ad: %d,"
+	    " cd: %d)\n", msg, transaction_id, (int)callback_type,
+	    msg->has_edns0, msg->do_bit, msg->ad_bit, msg->cd_bit);
+	assert(msg);
+
+#if 0
+	fprintf(stderr, "reply: %s\n", getdns_pretty_print_dict(response));
+#endif
+
+	if (callback_type != GETDNS_CALLBACK_COMPLETE)
+		SERVFAIL("Callback type not complete",
+		    callback_type, msg, &response);
+
+	else if (!response)
+		SERVFAIL("Missing response", 0, msg, &response);
+
+	else if ((r = getdns_dict_get_int(msg->request, "/header/id", &qid)) ||
+	    (r=getdns_dict_set_int(response,"/replies_tree/0/header/id",qid)))
+		SERVFAIL("Could not copy QID", r, msg, &response);
+
+	else if (getdns_dict_get_int(
+	    response, "/replies_tree/0/header/rcode", &rcode))
+		SERVFAIL("No reply in replies tree", 0, msg, &response);
+
+	/* ansers when CD or not BOGUS */
+	else if (!msg->cd_bit && !getdns_dict_get_int(
+	    response, "/replies_tree/0/dnssec_status", &dnssec_status)
+	    && dnssec_status == GETDNS_DNSSEC_BOGUS)
+		SERVFAIL("DNSSEC status was bogus", 0, msg, &response);
+
+	else if (rcode == GETDNS_RCODE_SERVFAIL)
+		servfail(msg, &response);
+
+	/* RRsigs when DO and (CD or not BOGUS) 
+	 * Implemented in conversion to wireformat function by checking for DO
+	 * bit.  In recursing resolution mode we have to copy the do bit from
+	 * the request, because libunbound has it in the answer always.
+	 */
+	else if (msg->rt == GETDNS_RESOLUTION_RECURSING && !msg->do_bit &&
+	    (r = _handle_edns0(response, msg->has_edns0)))
+		SERVFAIL("Could not handle EDNS0", r, msg, &response);
+
+	/* AD when (DO or AD) and SECURE */
+	else if ((r = getdns_dict_set_int(response,"/replies_tree/0/header/ad",
+	    ((msg->do_bit || msg->ad_bit)
+	    && (  (!msg->cd_bit && dnssec_status == GETDNS_DNSSEC_SECURE)
+	       || ( msg->cd_bit && !getdns_dict_get_int(response,
+	            "/replies_tree/0/dnssec_status", &dnssec_status)
+	          && dnssec_status == GETDNS_DNSSEC_SECURE ))) ? 1 : 0)))
+		SERVFAIL("Could not set AD bit", r, msg, &response);
+
+	else if (msg->rt == GETDNS_RESOLUTION_STUB)
+		; /* following checks are for RESOLUTION_RECURSING only */
+	
+	else if ((r =  getdns_dict_set_int(
+	    response, "/replies_tree/0/header/cd", msg->cd_bit)))
+		SERVFAIL("Could not copy CD bit", r, msg, &response);
+
+	else if ((r = getdns_dict_get_int(
+	    response, "/replies_tree/0/header/ra", &n)))
+		SERVFAIL("Could not get RA bit from reply", r, msg, &response);
+
+	else if (n == 0)
+		SERVFAIL("Recursion not available", 0, msg, &response);
+
+	if ((r = getdns_reply(context, msg->request_id, response))) {
+		fprintf(stderr, "Could not reply: %s\n",
+		    getdns_get_errorstr_by_id(r));
+		/* Cancel reply */
+		(void) getdns_reply(context, msg->request_id, NULL);
+	}
+	if (msg) {
+		getdns_dict_destroy(msg->request);
+		free(msg);
+	}
+	if (response)
+		getdns_dict_destroy(response);
+}	
+
+static void incoming_request_handler(getdns_context *context,
+    getdns_dict *request, getdns_transaction_t request_id)
+{
+	getdns_bindata *qname;
+	char *qname_str = NULL;
+	uint32_t qtype;
+	uint32_t qclass;
+	getdns_return_t r;
+	getdns_dict *header;
+	uint32_t n;
+	getdns_list *list;
+	getdns_transaction_t transaction_id = 0;
+	getdns_dict *qext = NULL;
+	dns_msg *msg = NULL;
+	getdns_dict *response = NULL;
+	size_t i, len;
+	getdns_list *additional;
+	getdns_dict *rr;
+	uint32_t rr_type;
+
+	if (!query_extensions_spc &&
+	    !(query_extensions_spc = getdns_dict_create()))
+		fprintf(stderr, "Could not create query extensions space\n");
+
+	else if ((r = getdns_dict_set_dict(
+	    query_extensions_spc, "qext", extensions)))
+		fprintf(stderr, "Could not copy extensions in query extensions"
+		                " space: %s\n", getdns_get_errorstr_by_id(r));
+
+	else if ((r = getdns_dict_get_dict(query_extensions_spc,"qext",&qext)))
+		fprintf(stderr, "Could not get query extensions from space: %s"
+		              , getdns_get_errorstr_by_id(r));
+
+	if (!(msg = malloc(sizeof(dns_msg))))
+		goto error;
+
+	/* pass through the header and the OPT record */
+	n = 0;
+	msg->request_id = request_id;
+	msg->request = request;
+	msg->ad_bit = msg->do_bit = msg->cd_bit = 0;
+	msg->has_edns0 = 0;
+	msg->rt = GETDNS_RESOLUTION_RECURSING;
+	(void) getdns_dict_get_int(request, "/header/ad", &msg->ad_bit);
+	(void) getdns_dict_get_int(request, "/header/cd", &msg->cd_bit);
+	if (!getdns_dict_get_list(request, "additional", &additional)) {
+		if (getdns_list_get_length(additional, &len))
+			len = 0;
+		for (i = 0; i < len; i++) {
+			if (getdns_list_get_dict(additional, i, &rr))
+				break;
+			if (getdns_dict_get_int(rr, "type", &rr_type))
+				break;
+			if (rr_type != GETDNS_RRTYPE_OPT)
+				continue;
+			msg->has_edns0 = 1;
+			(void) getdns_dict_get_int(rr, "do", &msg->do_bit);
+			break;
+		}
+	}
+	if ((r = getdns_context_get_resolution_type(context, &msg->rt)))
+		fprintf(stderr, "Could get resolution type from context: %s\n",
+		    getdns_get_errorstr_by_id(r));
+
+	if (msg->rt == GETDNS_RESOLUTION_STUB) {
+		(void)getdns_dict_set_int(
+		    qext , "/add_opt_parameters/do_bit", msg->do_bit);
+		if (!getdns_dict_get_dict(request, "header", &header))
+			(void)getdns_dict_set_dict(qext, "header", header);
+
+	}
+	if (msg->cd_bit)
+		getdns_dict_set_int(qext, "dnssec_return_all_statuses",
+		    GETDNS_EXTENSION_TRUE);
+
+	if (!getdns_dict_get_int(request, "/additional/0/extended_rcode",&n))
+		(void)getdns_dict_set_int(
+		    qext, "/add_opt_parameters/extended_rcode", n);
+
+	if (!getdns_dict_get_int(request, "/additional/0/version", &n))
+		(void)getdns_dict_set_int(
+		    qext, "/add_opt_parameters/version", n);
+
+	if (!getdns_dict_get_int(
+	    request, "/additional/0/udp_payload_size", &n))
+		(void)getdns_dict_set_int(qext,
+		    "/add_opt_parameters/maximum_udp_payload_size", n);
+
+	if (!getdns_dict_get_list(
+	    request, "/additional/0/rdata/options", &list))
+		(void)getdns_dict_set_list(qext,
+		    "/add_opt_parameters/options", list);
+
+#if 0
+	do {
+		char *str = getdns_pretty_print_dict(request);
+		fprintf(stderr, "query: %s\n", str);
+		free(str);
+		str = getdns_pretty_print_dict(qext);
+		fprintf(stderr, "query with extensions: %s\n", str);
+		free(str);
+	} while (0);
+#endif
+	if ((r = getdns_dict_get_bindata(request,"/question/qname",&qname)))
+		fprintf(stderr, "Could not get qname from query: %s\n",
+		    getdns_get_errorstr_by_id(r));
+
+	else if ((r = getdns_convert_dns_name_to_fqdn(qname, &qname_str)))
+		fprintf(stderr, "Could not convert qname: %s\n",
+		    getdns_get_errorstr_by_id(r));
+
+	else if ((r=getdns_dict_get_int(request,"/question/qtype",&qtype)))
+		fprintf(stderr, "Could get qtype from query: %s\n",
+		    getdns_get_errorstr_by_id(r));
+
+	else if ((r=getdns_dict_get_int(request,"/question/qclass",&qclass)))
+		fprintf(stderr, "Could get qclass from query: %s\n",
+		    getdns_get_errorstr_by_id(r));
+
+	else if ((r = getdns_dict_set_int(qext, "specify_class", qclass)))
+		fprintf(stderr, "Could set class from query: %s\n",
+		    getdns_get_errorstr_by_id(r));
+
+	else if ((r = getdns_general(context, qname_str, qtype,
+	    qext, msg, &transaction_id, request_cb)))
+		fprintf(stderr, "Could not schedule query: %s\n",
+		    getdns_get_errorstr_by_id(r));
+	else {
+		DEBUG_SERVER("scheduled: %p %"PRIu64" for %s %d\n",
+		    msg, transaction_id, qname_str, (int)qtype);
+		free(qname_str);
+		return;
+	}
+error:
+	if (qname_str)
+		free(qname_str);
+	servfail(msg, &response);
+#if defined(SERVER_DEBUG) && SERVER_DEBUG
+	do {
+		char *request_str = getdns_pretty_print_dict(request);
+		char *response_str = getdns_pretty_print_dict(response);
+		DEBUG_SERVER("request error, request: %s\n, response: %s\n"
+		            , request_str, response_str);
+		free(response_str);
+		free(request_str);
+	} while(0);
+#endif
+	if ((r = getdns_reply(context, request_id, response))) {
+		fprintf(stderr, "Could not reply: %s\n",
+		    getdns_get_errorstr_by_id(r));
+		/* Cancel reply */
+		getdns_reply(context, request_id, NULL);
+	}
+	if (msg) {
+		if (msg->request)
+			getdns_dict_destroy(msg->request);
+		free(msg);
+	}
+	if (response)
+		getdns_dict_destroy(response);
+}
+
+/**
+ * \brief A wrapper script for command line testing of getdns
+ *  getdns_query -h provides details of the available options (the syntax is 
+ *  similar to that of drill)
+ *  Note that for getdns the -z options enables getdns as a daemon which
+ *  allows getdns to be used as the local stub (or recursive) resolver
+ */
+
+int
+main(int argc, char **argv)
+{
+	getdns_return_t r;
+
+	name = the_root;
+	if ((r = getdns_context_create(&context, 1))) {
+		fprintf(stderr, "Create context failed: %d\n", (int)r);
+		return r;
+	}
+	if ((r = getdns_context_set_use_threads(context, 1)))
+		goto done_destroy_context;
+	extensions = getdns_dict_create();
+	if (! extensions) {
+		fprintf(stderr, "Could not create extensions dict\n");
+		r = GETDNS_RETURN_MEMORY_ERROR;
+		goto done_destroy_context;
+	}
+	if ((r = parse_args(argc, argv)))
+		goto done_destroy_context;
+
+	if (query_file) {
+		fp = fopen(query_file, "rt");
+		if (fp == NULL) {
+			fprintf(stderr, "Could not open query file: %s\n", query_file);
+			goto done_destroy_context;
+		}
+	} else
+		fp = stdin;
+
+	if (listen_count || interactive) {
+		if ((r = getdns_context_get_eventloop(context, &loop)))
+			goto done_destroy_context;
+		assert(loop);
+	}
+	if (listen_count && (r = getdns_context_set_listen_addresses(
+	    context, incoming_request_handler, listen_list)))
+		goto done_destroy_context;
+
+	/* Make the call */
+	if (interactive) {
+		getdns_eventloop_event read_line_ev = {
+		    &read_line_ev, read_line_cb, NULL, NULL, NULL };
+
+		assert(loop);
+		(void) loop->vmt->schedule(
+		    loop, fileno(fp), -1, &read_line_ev);
+
+		if (!query_file) {
+			printf("> ");
+			fflush(stdout);
+		}
+		loop->vmt->run(loop);
+	}
+	else if (listen_count) {
+		assert(loop);
+		loop->vmt->run(loop);
+	} else
+		r = do_the_call();
+
+	if ((r == GETDNS_RETURN_GOOD && batch_mode))
+		getdns_context_run(context);
+
+	/* Clean up */
+	getdns_dict_destroy(extensions);
+done_destroy_context:
+	getdns_context_destroy(context);
+
+	if (listen_list)
+		getdns_list_destroy(listen_list);
+
+	if (fp)
+		fclose(fp);
+
+	if (r == CONTINUE)
+		return 0;
+	else if (r == CONTINUE_ERROR)
+		return 1;
+	fprintf(stdout, "\nAll done.\n");
+	return r;
+}
+
+

From 8b31ad5df13f12160ba11ffb6a40cd748eb0403f Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Thu, 14 Jul 2016 15:03:47 +0200
Subject: [PATCH 13/25] Logic error

---
 src/server.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/server.c b/src/server.c
index 77cffc2f..9e4caa76 100644
--- a/src/server.c
+++ b/src/server.c
@@ -207,11 +207,11 @@ _getdns_cancel_reply(getdns_context *context, connection *conn)
 		return;
 
 	if (conn->l->transport == GETDNS_TRANSPORT_TCP) {
-		tcp_connection *conn = (tcp_connection *)conn;
+		tcp_connection *tcp_conn = (tcp_connection *)conn;
 
-		if (conn->to_answer > 0 && --conn->to_answer == 0 &&
-		    conn->fd == -1)
-			tcp_connection_destroy(conn);
+		if (tcp_conn->to_answer > 0 && --tcp_conn->to_answer == 0 &&
+		    tcp_conn->fd == -1)
+			tcp_connection_destroy(tcp_conn);
 
 	} else if (conn->l->transport == GETDNS_TRANSPORT_UDP &&
 	    (mf = &conn->l->set->context->mf)) {

From 0340b74604e50f7886b5d80b9ee0f5b2f69e1820 Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Thu, 14 Jul 2016 15:04:19 +0200
Subject: [PATCH 14/25] Dependencies

---
 spec/example/Makefile.in |  24 ++--
 src/Makefile.in          | 272 ++++++++++++++++++++++++---------------
 src/test/Makefile.in     |  71 ++++++----
 src/tools/Makefile.in    |   7 +-
 4 files changed, 240 insertions(+), 134 deletions(-)

diff --git a/spec/example/Makefile.in b/spec/example/Makefile.in
index 7bf5e016..8ff7f2d1 100644
--- a/spec/example/Makefile.in
+++ b/spec/example/Makefile.in
@@ -149,16 +149,24 @@ depend:
 
 # Dependencies for the examples
 example-all-functions.lo example-all-functions.o: $(srcdir)/example-all-functions.c $(srcdir)/getdns_libevent.h \
- ../../src/config.h ../../src/getdns/getdns.h \
- $(srcdir)/../../src/getdns/getdns_ext_libevent.h ../../src/getdns/getdns_extra.h
-example-reverse.lo example-reverse.o: $(srcdir)/example-reverse.c $(srcdir)/getdns_libevent.h ../../src/config.h \
- ../../src/getdns/getdns.h $(srcdir)/../../src/getdns/getdns_ext_libevent.h \
+ ../../src/config.h \
+ ../../src/getdns/getdns.h \
+ $(srcdir)/../../src/getdns/getdns_ext_libevent.h \
+ ../../src/getdns/getdns_extra.h
+example-reverse.lo example-reverse.o: $(srcdir)/example-reverse.c $(srcdir)/getdns_libevent.h \
+ ../../src/config.h \
+ ../../src/getdns/getdns.h \
+ $(srcdir)/../../src/getdns/getdns_ext_libevent.h \
  ../../src/getdns/getdns_extra.h
 example-simple-answers.lo example-simple-answers.o: $(srcdir)/example-simple-answers.c $(srcdir)/getdns_libevent.h \
- ../../src/config.h ../../src/getdns/getdns.h \
- $(srcdir)/../../src/getdns/getdns_ext_libevent.h ../../src/getdns/getdns_extra.h
+ ../../src/config.h \
+ ../../src/getdns/getdns.h \
+ $(srcdir)/../../src/getdns/getdns_ext_libevent.h \
+ ../../src/getdns/getdns_extra.h
 example-synchronous.lo example-synchronous.o: $(srcdir)/example-synchronous.c $(srcdir)/getdns_core_only.h \
  ../../src/getdns/getdns.h
-example-tree.lo example-tree.o: $(srcdir)/example-tree.c $(srcdir)/getdns_libevent.h ../../src/config.h \
- ../../src/getdns/getdns.h $(srcdir)/../../src/getdns/getdns_ext_libevent.h \
+example-tree.lo example-tree.o: $(srcdir)/example-tree.c $(srcdir)/getdns_libevent.h \
+ ../../src/config.h \
+ ../../src/getdns/getdns.h \
+ $(srcdir)/../../src/getdns/getdns_ext_libevent.h \
  ../../src/getdns/getdns_extra.h
diff --git a/src/Makefile.in b/src/Makefile.in
index 212b7180..abb6835d 100644
--- a/src/Makefile.in
+++ b/src/Makefile.in
@@ -208,124 +208,192 @@ depend:
 FORCE:
 
 # Dependencies for gldns, utils, the extensions and compat functions
-const-info.lo const-info.o: $(srcdir)/const-info.c getdns/getdns.h getdns/getdns_extra.h \
- getdns/getdns.h $(srcdir)/const-info.h
-context.lo context.o: $(srcdir)/context.c config.h $(srcdir)/debug.h $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h \
- $(srcdir)/gldns/wire2str.h $(srcdir)/context.h getdns/getdns.h getdns/getdns_extra.h \
- getdns/getdns.h $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h \
- $(srcdir)/extension/default_eventloop.h config.h getdns/getdns_extra.h $(srcdir)/ub_loop.h \
+const-info.lo const-info.o: $(srcdir)/const-info.c \
+ getdns/getdns.h \
+ getdns/getdns_extra.h \
+ $(srcdir)/const-info.h
+context.lo context.o: $(srcdir)/context.c \
+ config.h $(srcdir)/debug.h \
+ $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/wire2str.h $(srcdir)/context.h \
+ getdns/getdns.h \
+ getdns/getdns_extra.h \
+ $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h \
  $(srcdir)/server.h $(srcdir)/util-internal.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h \
  $(srcdir)/gldns/pkthdr.h $(srcdir)/dnssec.h $(srcdir)/gldns/rrdef.h $(srcdir)/stub.h $(srcdir)/list.h $(srcdir)/dict.h \
  $(srcdir)/pubkey-pinning.h
-convert.lo convert.o: $(srcdir)/convert.c config.h getdns/getdns.h getdns/getdns_extra.h \
- getdns/getdns.h $(srcdir)/util-internal.h $(srcdir)/context.h $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h \
- $(srcdir)/extension/default_eventloop.h config.h getdns/getdns_extra.h $(srcdir)/ub_loop.h \
- $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h \
- $(srcdir)/gldns/wire2str.h $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/parseutil.h \
- $(srcdir)/const-info.h $(srcdir)/dict.h $(srcdir)/list.h $(srcdir)/jsmn/jsmn.h $(srcdir)/convert.h
-dict.lo dict.o: $(srcdir)/dict.c config.h $(srcdir)/types-internal.h getdns/getdns.h \
- getdns/getdns_extra.h getdns/getdns.h $(srcdir)/util/rbtree.h $(srcdir)/util-internal.h \
- $(srcdir)/context.h $(srcdir)/extension/default_eventloop.h config.h getdns/getdns_extra.h \
+convert.lo convert.o: $(srcdir)/convert.c \
+ config.h \
+ getdns/getdns.h \
+ getdns/getdns_extra.h \
+ $(srcdir)/util-internal.h $(srcdir)/context.h $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h \
+ $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/rr-iter.h \
+ $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h $(srcdir)/gldns/wire2str.h \
+ $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/parseutil.h $(srcdir)/const-info.h $(srcdir)/dict.h \
+ $(srcdir)/list.h $(srcdir)/jsmn/jsmn.h $(srcdir)/convert.h
+dict.lo dict.o: $(srcdir)/dict.c config.h \
+ $(srcdir)/types-internal.h \
+ getdns/getdns.h \
+ getdns/getdns_extra.h \
+ $(srcdir)/util/rbtree.h $(srcdir)/util-internal.h $(srcdir)/context.h $(srcdir)/extension/default_eventloop.h \
  $(srcdir)/ub_loop.h $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h \
  $(srcdir)/gldns/pkthdr.h $(srcdir)/dict.h $(srcdir)/list.h $(srcdir)/const-info.h $(srcdir)/gldns/wire2str.h
-dnssec.lo dnssec.o: $(srcdir)/dnssec.c config.h $(srcdir)/debug.h getdns/getdns.h $(srcdir)/context.h \
- getdns/getdns_extra.h getdns/getdns.h $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h \
- $(srcdir)/extension/default_eventloop.h config.h getdns/getdns_extra.h $(srcdir)/ub_loop.h \
+dnssec.lo dnssec.o: $(srcdir)/dnssec.c config.h \
+ $(srcdir)/debug.h getdns/getdns.h \
+ $(srcdir)/context.h \
+ getdns/getdns_extra.h \
+ $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h \
  $(srcdir)/server.h $(srcdir)/util-internal.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h \
  $(srcdir)/gldns/pkthdr.h $(srcdir)/dnssec.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h \
  $(srcdir)/gldns/wire2str.h $(srcdir)/gldns/keyraw.h $(srcdir)/gldns/parseutil.h $(srcdir)/general.h $(srcdir)/dict.h \
  $(srcdir)/list.h $(srcdir)/util/val_secalgo.h
-general.lo general.o: $(srcdir)/general.c config.h $(srcdir)/general.h getdns/getdns.h $(srcdir)/types-internal.h \
- getdns/getdns_extra.h getdns/getdns.h $(srcdir)/util/rbtree.h $(srcdir)/ub_loop.h $(srcdir)/debug.h \
- $(srcdir)/gldns/wire2str.h $(srcdir)/context.h $(srcdir)/extension/default_eventloop.h config.h \
- getdns/getdns_extra.h $(srcdir)/server.h $(srcdir)/util-internal.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h \
- $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h $(srcdir)/dnssec.h $(srcdir)/gldns/rrdef.h $(srcdir)/stub.h $(srcdir)/dict.h
-list.lo list.o: $(srcdir)/list.c $(srcdir)/types-internal.h getdns/getdns.h getdns/getdns_extra.h \
- getdns/getdns.h $(srcdir)/util/rbtree.h $(srcdir)/util-internal.h config.h $(srcdir)/context.h \
- $(srcdir)/extension/default_eventloop.h config.h getdns/getdns_extra.h $(srcdir)/ub_loop.h \
- $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h \
- $(srcdir)/list.h $(srcdir)/dict.h
-pubkey-pinning.lo pubkey-pinning.o: $(srcdir)/pubkey-pinning.c config.h $(srcdir)/debug.h getdns/getdns.h \
- $(srcdir)/context.h getdns/getdns.h getdns/getdns_extra.h $(srcdir)/types-internal.h \
- $(srcdir)/util/rbtree.h $(srcdir)/extension/default_eventloop.h config.h \
- getdns/getdns_extra.h $(srcdir)/ub_loop.h $(srcdir)/server.h $(srcdir)/util-internal.h $(srcdir)/rr-iter.h \
- $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h
-request-internal.lo request-internal.o: $(srcdir)/request-internal.c config.h $(srcdir)/types-internal.h \
- getdns/getdns.h getdns/getdns_extra.h getdns/getdns.h $(srcdir)/util/rbtree.h \
- $(srcdir)/util-internal.h $(srcdir)/context.h $(srcdir)/extension/default_eventloop.h config.h \
- getdns/getdns_extra.h $(srcdir)/ub_loop.h $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h \
- $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/str2wire.h \
- $(srcdir)/gldns/rrdef.h $(srcdir)/dict.h $(srcdir)/convert.h
-rr-dict.lo rr-dict.o: $(srcdir)/rr-dict.c $(srcdir)/rr-dict.h config.h getdns/getdns.h $(srcdir)/gldns/gbuffer.h \
- $(srcdir)/util-internal.h $(srcdir)/context.h getdns/getdns_extra.h getdns/getdns.h \
- $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/extension/default_eventloop.h config.h \
- getdns/getdns_extra.h $(srcdir)/ub_loop.h $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/rr-iter.h \
- $(srcdir)/gldns/pkthdr.h $(srcdir)/dict.h
-rr-iter.lo rr-iter.o: $(srcdir)/rr-iter.c $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h config.h getdns/getdns.h \
+general.lo general.o: $(srcdir)/general.c \
+ config.h $(srcdir)/general.h \
+ getdns/getdns.h \
+ $(srcdir)/types-internal.h \
+ getdns/getdns_extra.h \
+ $(srcdir)/util/rbtree.h $(srcdir)/ub_loop.h $(srcdir)/debug.h $(srcdir)/gldns/wire2str.h $(srcdir)/context.h \
+ $(srcdir)/extension/default_eventloop.h $(srcdir)/server.h $(srcdir)/util-internal.h $(srcdir)/rr-iter.h \
+ $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h $(srcdir)/dnssec.h $(srcdir)/gldns/rrdef.h $(srcdir)/stub.h \
+ $(srcdir)/dict.h
+list.lo list.o: $(srcdir)/list.c $(srcdir)/types-internal.h \
+ getdns/getdns.h \
+ getdns/getdns_extra.h \
+ $(srcdir)/util/rbtree.h $(srcdir)/util-internal.h \
+ config.h $(srcdir)/context.h \
+ $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/rr-iter.h \
+ $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h $(srcdir)/list.h $(srcdir)/dict.h
+pubkey-pinning.lo pubkey-pinning.o: $(srcdir)/pubkey-pinning.c \
+ config.h $(srcdir)/debug.h \
+ getdns/getdns.h $(srcdir)/context.h \
+ getdns/getdns_extra.h \
+ $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h \
+ $(srcdir)/server.h $(srcdir)/util-internal.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h \
+ $(srcdir)/gldns/pkthdr.h
+request-internal.lo request-internal.o: $(srcdir)/request-internal.c \
+ config.h $(srcdir)/types-internal.h \
+ getdns/getdns.h \
+ getdns/getdns_extra.h \
+ $(srcdir)/util/rbtree.h $(srcdir)/util-internal.h $(srcdir)/context.h $(srcdir)/extension/default_eventloop.h \
+ $(srcdir)/ub_loop.h $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h \
+ $(srcdir)/gldns/pkthdr.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h $(srcdir)/dict.h \
+ $(srcdir)/convert.h
+rr-dict.lo rr-dict.o: $(srcdir)/rr-dict.c $(srcdir)/rr-dict.h \
+ config.h \
+ getdns/getdns.h \
+ $(srcdir)/gldns/gbuffer.h $(srcdir)/util-internal.h $(srcdir)/context.h \
+ getdns/getdns_extra.h \
+ $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h \
+ $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/rr-iter.h $(srcdir)/gldns/pkthdr.h $(srcdir)/dict.h
+rr-iter.lo rr-iter.o: $(srcdir)/rr-iter.c $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h \
+ config.h \
+ getdns/getdns.h \
  $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h $(srcdir)/gldns/rrdef.h
-server.lo server.o: $(srcdir)/server.c config.h getdns/getdns_extra.h getdns/getdns.h \
- $(srcdir)/context.h getdns/getdns.h $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h \
- $(srcdir)/extension/default_eventloop.h config.h getdns/getdns_extra.h $(srcdir)/ub_loop.h \
+server.lo server.o: $(srcdir)/server.c config.h \
+ getdns/getdns_extra.h \
+ getdns/getdns.h $(srcdir)/context.h \
+ $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h \
  $(srcdir)/debug.h $(srcdir)/server.h
-stub.lo stub.o: $(srcdir)/stub.c config.h $(srcdir)/debug.h $(srcdir)/stub.h getdns/getdns.h $(srcdir)/types-internal.h \
- getdns/getdns_extra.h getdns/getdns.h $(srcdir)/util/rbtree.h $(srcdir)/gldns/gbuffer.h \
- $(srcdir)/gldns/pkthdr.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h \
- $(srcdir)/gldns/wire2str.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/context.h \
- $(srcdir)/extension/default_eventloop.h config.h getdns/getdns_extra.h $(srcdir)/ub_loop.h \
- $(srcdir)/server.h $(srcdir)/util-internal.h $(srcdir)/general.h $(srcdir)/pubkey-pinning.h
-sync.lo sync.o: $(srcdir)/sync.c getdns/getdns.h config.h $(srcdir)/context.h getdns/getdns_extra.h \
- getdns/getdns.h $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h \
- $(srcdir)/extension/default_eventloop.h config.h getdns/getdns_extra.h $(srcdir)/ub_loop.h \
+stub.lo stub.o: $(srcdir)/stub.c config.h \
+ $(srcdir)/debug.h $(srcdir)/stub.h \
+ getdns/getdns.h \
+ $(srcdir)/types-internal.h \
+ getdns/getdns_extra.h \
+ $(srcdir)/util/rbtree.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h $(srcdir)/gldns/rrdef.h \
+ $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/wire2str.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h \
+ $(srcdir)/context.h $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h $(srcdir)/server.h \
+ $(srcdir)/util-internal.h $(srcdir)/general.h $(srcdir)/pubkey-pinning.h
+sync.lo sync.o: $(srcdir)/sync.c \
+ getdns/getdns.h \
+ config.h $(srcdir)/context.h \
+ getdns/getdns_extra.h \
+ $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h \
  $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/general.h $(srcdir)/util-internal.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h \
  $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h $(srcdir)/dnssec.h $(srcdir)/gldns/rrdef.h $(srcdir)/stub.h \
  $(srcdir)/gldns/wire2str.h
-ub_loop.lo ub_loop.o: $(srcdir)/ub_loop.c $(srcdir)/ub_loop.h config.h getdns/getdns.h \
- getdns/getdns_extra.h getdns/getdns.h $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h \
- $(srcdir)/debug.h
-util-internal.lo util-internal.o: $(srcdir)/util-internal.c config.h getdns/getdns.h $(srcdir)/dict.h \
- $(srcdir)/util/rbtree.h $(srcdir)/types-internal.h getdns/getdns_extra.h getdns/getdns.h \
- $(srcdir)/list.h $(srcdir)/util-internal.h $(srcdir)/context.h $(srcdir)/extension/default_eventloop.h config.h \
- getdns/getdns_extra.h $(srcdir)/ub_loop.h $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h \
- $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h $(srcdir)/dnssec.h \
+ub_loop.lo ub_loop.o: $(srcdir)/ub_loop.c $(srcdir)/ub_loop.h \
+ config.h \
+ getdns/getdns.h \
+ getdns/getdns_extra.h \
+ $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/debug.h
+util-internal.lo util-internal.o: $(srcdir)/util-internal.c \
+ config.h \
+ getdns/getdns.h $(srcdir)/dict.h \
+ $(srcdir)/util/rbtree.h $(srcdir)/types-internal.h \
+ getdns/getdns_extra.h \
+ $(srcdir)/list.h $(srcdir)/util-internal.h $(srcdir)/context.h $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h \
+ $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h \
+ $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h $(srcdir)/dnssec.h $(srcdir)/gldns/rrdef.h
+gbuffer.lo gbuffer.o: $(srcdir)/gldns/gbuffer.c \
+ config.h $(srcdir)/gldns/gbuffer.h
+keyraw.lo keyraw.o: $(srcdir)/gldns/keyraw.c \
+ config.h $(srcdir)/gldns/keyraw.h \
  $(srcdir)/gldns/rrdef.h
-version.lo version.o: version.c
-gbuffer.lo gbuffer.o: $(srcdir)/gldns/gbuffer.c config.h $(srcdir)/gldns/gbuffer.h
-keyraw.lo keyraw.o: $(srcdir)/gldns/keyraw.c config.h $(srcdir)/gldns/keyraw.h $(srcdir)/gldns/rrdef.h
-parse.lo parse.o: $(srcdir)/gldns/parse.c config.h $(srcdir)/gldns/parse.h $(srcdir)/gldns/parseutil.h \
- $(srcdir)/gldns/gbuffer.h
-parseutil.lo parseutil.o: $(srcdir)/gldns/parseutil.c config.h $(srcdir)/gldns/parseutil.h
-rrdef.lo rrdef.o: $(srcdir)/gldns/rrdef.c config.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/parseutil.h
-str2wire.lo str2wire.o: $(srcdir)/gldns/str2wire.c config.h $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h \
- $(srcdir)/gldns/wire2str.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/parse.h $(srcdir)/gldns/parseutil.h
-wire2str.lo wire2str.o: $(srcdir)/gldns/wire2str.c config.h $(srcdir)/gldns/wire2str.h $(srcdir)/gldns/str2wire.h \
- $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/pkthdr.h $(srcdir)/gldns/parseutil.h $(srcdir)/gldns/gbuffer.h \
- $(srcdir)/gldns/keyraw.h
-arc4_lock.lo arc4_lock.o: $(srcdir)/compat/arc4_lock.c config.h
-arc4random.lo arc4random.o: $(srcdir)/compat/arc4random.c config.h $(srcdir)/compat/chacha_private.h
-arc4random_uniform.lo arc4random_uniform.o: $(srcdir)/compat/arc4random_uniform.c config.h
-explicit_bzero.lo explicit_bzero.o: $(srcdir)/compat/explicit_bzero.c config.h
-getentropy_linux.lo getentropy_linux.o: $(srcdir)/compat/getentropy_linux.c config.h
-getentropy_osx.lo getentropy_osx.o: $(srcdir)/compat/getentropy_osx.c config.h
-getentropy_solaris.lo getentropy_solaris.o: $(srcdir)/compat/getentropy_solaris.c config.h
+parse.lo parse.o: $(srcdir)/gldns/parse.c \
+ config.h $(srcdir)/gldns/parse.h \
+ $(srcdir)/gldns/parseutil.h $(srcdir)/gldns/gbuffer.h
+parseutil.lo parseutil.o: $(srcdir)/gldns/parseutil.c \
+ config.h $(srcdir)/gldns/parseutil.h
+rrdef.lo rrdef.o: $(srcdir)/gldns/rrdef.c \
+ config.h $(srcdir)/gldns/rrdef.h \
+ $(srcdir)/gldns/parseutil.h
+str2wire.lo str2wire.o: $(srcdir)/gldns/str2wire.c \
+ config.h $(srcdir)/gldns/str2wire.h \
+ $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/wire2str.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/parse.h \
+ $(srcdir)/gldns/parseutil.h
+wire2str.lo wire2str.o: $(srcdir)/gldns/wire2str.c \
+ config.h $(srcdir)/gldns/wire2str.h \
+ $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/pkthdr.h $(srcdir)/gldns/parseutil.h \
+ $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/keyraw.h
+arc4_lock.lo arc4_lock.o: $(srcdir)/compat/arc4_lock.c \
+ config.h
+arc4random.lo arc4random.o: $(srcdir)/compat/arc4random.c \
+ config.h \
+ $(srcdir)/compat/chacha_private.h
+arc4random_uniform.lo arc4random_uniform.o: $(srcdir)/compat/arc4random_uniform.c \
+ config.h
+explicit_bzero.lo explicit_bzero.o: $(srcdir)/compat/explicit_bzero.c \
+ config.h
+getentropy_linux.lo getentropy_linux.o: $(srcdir)/compat/getentropy_linux.c \
+ config.h
+getentropy_osx.lo getentropy_osx.o: $(srcdir)/compat/getentropy_osx.c \
+ config.h
+getentropy_solaris.lo getentropy_solaris.o: $(srcdir)/compat/getentropy_solaris.c \
+ config.h
 getentropy_win.lo getentropy_win.o: $(srcdir)/compat/getentropy_win.c
-inet_ntop.lo inet_ntop.o: $(srcdir)/compat/inet_ntop.c config.h
-inet_pton.lo inet_pton.o: $(srcdir)/compat/inet_pton.c config.h
-sha512.lo sha512.o: $(srcdir)/compat/sha512.c config.h
-strlcpy.lo strlcpy.o: $(srcdir)/compat/strlcpy.c config.h
-rbtree.lo rbtree.o: $(srcdir)/util/rbtree.c config.h $(srcdir)/util/log.h $(srcdir)/debug.h config.h \
+inet_ntop.lo inet_ntop.o: $(srcdir)/compat/inet_ntop.c \
+ config.h
+inet_pton.lo inet_pton.o: $(srcdir)/compat/inet_pton.c \
+ config.h
+sha512.lo sha512.o: $(srcdir)/compat/sha512.c \
+ config.h
+strlcpy.lo strlcpy.o: $(srcdir)/compat/strlcpy.c \
+ config.h
+rbtree.lo rbtree.o: $(srcdir)/util/rbtree.c \
+ config.h $(srcdir)/util/log.h $(srcdir)/debug.h \
  $(srcdir)/util/fptr_wlist.h $(srcdir)/util/rbtree.h
-val_secalgo.lo val_secalgo.o: $(srcdir)/util/val_secalgo.c config.h $(srcdir)/util/val_secalgo.h $(srcdir)/util/log.h \
- $(srcdir)/debug.h config.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/keyraw.h $(srcdir)/gldns/gbuffer.h
+val_secalgo.lo val_secalgo.o: $(srcdir)/util/val_secalgo.c \
+ config.h $(srcdir)/util/val_secalgo.h \
+ $(srcdir)/util/log.h $(srcdir)/debug.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/keyraw.h $(srcdir)/gldns/gbuffer.h
 jsmn.lo jsmn.o: $(srcdir)/jsmn/jsmn.c $(srcdir)/jsmn/jsmn.h
 default_eventloop.lo default_eventloop.o: $(srcdir)/extension/default_eventloop.c \
- $(srcdir)/extension/default_eventloop.h config.h getdns/getdns.h \
- getdns/getdns_extra.h $(srcdir)/debug.h config.h
-libev.lo libev.o: $(srcdir)/extension/libev.c config.h $(srcdir)/types-internal.h getdns/getdns.h \
- getdns/getdns_extra.h getdns/getdns.h $(srcdir)/util/rbtree.h \
- $(srcdir)/getdns/getdns_ext_libev.h getdns/getdns_extra.h
-libevent.lo libevent.o: $(srcdir)/extension/libevent.c config.h $(srcdir)/types-internal.h \
- getdns/getdns.h getdns/getdns_extra.h getdns/getdns.h $(srcdir)/util/rbtree.h \
- $(srcdir)/getdns/getdns_ext_libevent.h getdns/getdns_extra.h
-libuv.lo libuv.o: $(srcdir)/extension/libuv.c config.h $(srcdir)/debug.h config.h $(srcdir)/types-internal.h \
- getdns/getdns.h getdns/getdns_extra.h getdns/getdns.h $(srcdir)/util/rbtree.h \
- $(srcdir)/getdns/getdns_ext_libuv.h getdns/getdns_extra.h
+ $(srcdir)/extension/default_eventloop.h \
+ config.h \
+ getdns/getdns.h \
+ getdns/getdns_extra.h \
+ $(srcdir)/debug.h
+libev.lo libev.o: $(srcdir)/extension/libev.c \
+ config.h $(srcdir)/types-internal.h \
+ getdns/getdns.h \
+ getdns/getdns_extra.h \
+ $(srcdir)/util/rbtree.h $(srcdir)/getdns/getdns_ext_libev.h
+libevent.lo libevent.o: $(srcdir)/extension/libevent.c \
+ config.h $(srcdir)/types-internal.h \
+ getdns/getdns.h \
+ getdns/getdns_extra.h \
+ $(srcdir)/util/rbtree.h $(srcdir)/getdns/getdns_ext_libevent.h
+libuv.lo libuv.o: $(srcdir)/extension/libuv.c \
+ config.h $(srcdir)/debug.h \
+ $(srcdir)/types-internal.h \
+ getdns/getdns.h \
+ getdns/getdns_extra.h \
+ $(srcdir)/util/rbtree.h $(srcdir)/getdns/getdns_ext_libuv.h
diff --git a/src/test/Makefile.in b/src/test/Makefile.in
index 83e9e9c6..d0cf2450 100644
--- a/src/test/Makefile.in
+++ b/src/test/Makefile.in
@@ -215,10 +215,13 @@ depend:
 .PHONY: clean test
 
 # Dependencies for the unit tests
-check_getdns.lo check_getdns.o: $(srcdir)/check_getdns.c ../getdns/getdns.h $(srcdir)/check_getdns_common.h \
- ../getdns/getdns_extra.h $(srcdir)/check_getdns_address.h \
- $(srcdir)/check_getdns_address_sync.h $(srcdir)/check_getdns_cancel_callback.h \
- $(srcdir)/check_getdns_context_create.h $(srcdir)/check_getdns_context_destroy.h \
+check_getdns.lo check_getdns.o: $(srcdir)/check_getdns.c \
+ ../getdns/getdns.h \
+ $(srcdir)/check_getdns_common.h \
+ ../getdns/getdns_extra.h \
+ $(srcdir)/check_getdns_address.h $(srcdir)/check_getdns_address_sync.h \
+ $(srcdir)/check_getdns_cancel_callback.h $(srcdir)/check_getdns_context_create.h \
+ $(srcdir)/check_getdns_context_destroy.h \
  $(srcdir)/check_getdns_context_set_context_update_callback.h \
  $(srcdir)/check_getdns_context_set_dns_transport.h \
  $(srcdir)/check_getdns_context_set_timeout.h \
@@ -238,34 +241,58 @@ check_getdns.lo check_getdns.o: $(srcdir)/check_getdns.c ../getdns/getdns.h $(sr
  $(srcdir)/check_getdns_list_get_list.h $(srcdir)/check_getdns_pretty_print_dict.h \
  $(srcdir)/check_getdns_service.h $(srcdir)/check_getdns_service_sync.h \
  $(srcdir)/check_getdns_transport.h
-check_getdns_common.lo check_getdns_common.o: $(srcdir)/check_getdns_common.c ../getdns/getdns.h \
- ../config.h $(srcdir)/check_getdns_common.h ../getdns/getdns_extra.h \
+check_getdns_common.lo check_getdns_common.o: $(srcdir)/check_getdns_common.c \
+ ../getdns/getdns.h \
+ ../config.h \
+ $(srcdir)/check_getdns_common.h \
+ ../getdns/getdns_extra.h \
  $(srcdir)/check_getdns_eventloop.h
 check_getdns_context_set_timeout.lo check_getdns_context_set_timeout.o: $(srcdir)/check_getdns_context_set_timeout.c \
  $(srcdir)/check_getdns_context_set_timeout.h $(srcdir)/check_getdns_common.h \
- ../getdns/getdns.h ../getdns/getdns_extra.h
+ ../getdns/getdns.h \
+ ../getdns/getdns_extra.h
 check_getdns_libev.lo check_getdns_libev.o: $(srcdir)/check_getdns_libev.c $(srcdir)/check_getdns_eventloop.h \
- ../config.h ../getdns/getdns.h $(srcdir)/../getdns/getdns_ext_libev.h \
- ../getdns/getdns_extra.h $(srcdir)/check_getdns_common.h
+ ../config.h \
+ ../getdns/getdns.h \
+ $(srcdir)/../getdns/getdns_ext_libev.h \
+ ../getdns/getdns_extra.h \
+ $(srcdir)/check_getdns_common.h
 check_getdns_libevent.lo check_getdns_libevent.o: $(srcdir)/check_getdns_libevent.c $(srcdir)/check_getdns_eventloop.h \
- ../config.h ../getdns/getdns.h $(srcdir)/../getdns/getdns_ext_libevent.h \
- ../getdns/getdns_extra.h $(srcdir)/check_getdns_libevent.h $(srcdir)/check_getdns_common.h
+ ../config.h \
+ ../getdns/getdns.h \
+ $(srcdir)/../getdns/getdns_ext_libevent.h \
+ ../getdns/getdns_extra.h \
+ $(srcdir)/check_getdns_libevent.h $(srcdir)/check_getdns_common.h
 check_getdns_libuv.lo check_getdns_libuv.o: $(srcdir)/check_getdns_libuv.c $(srcdir)/check_getdns_eventloop.h \
- ../config.h ../getdns/getdns.h $(srcdir)/../getdns/getdns_ext_libuv.h \
- ../getdns/getdns_extra.h $(srcdir)/check_getdns_common.h
+ ../config.h \
+ ../getdns/getdns.h \
+ $(srcdir)/../getdns/getdns_ext_libuv.h \
+ ../getdns/getdns_extra.h \
+ $(srcdir)/check_getdns_common.h
 check_getdns_selectloop.lo check_getdns_selectloop.o: $(srcdir)/check_getdns_selectloop.c \
- $(srcdir)/check_getdns_eventloop.h ../config.h ../getdns/getdns.h \
+ $(srcdir)/check_getdns_eventloop.h \
+ ../config.h \
+ ../getdns/getdns.h \
  ../getdns/getdns_extra.h
 check_getdns_transport.lo check_getdns_transport.o: $(srcdir)/check_getdns_transport.c \
- $(srcdir)/check_getdns_transport.h $(srcdir)/check_getdns_common.h ../getdns/getdns.h \
+ $(srcdir)/check_getdns_transport.h $(srcdir)/check_getdns_common.h \
+ ../getdns/getdns.h \
  ../getdns/getdns_extra.h
-scratchpad.template.lo scratchpad.template.o: scratchpad.template.c ../getdns/getdns.h \
+scratchpad.template.lo scratchpad.template.o: scratchpad.template.c \
+ ../getdns/getdns.h \
  ../getdns/getdns_extra.h
 testmessages.lo testmessages.o: $(srcdir)/testmessages.c $(srcdir)/testmessages.h
-tests_dict.lo tests_dict.o: $(srcdir)/tests_dict.c $(srcdir)/testmessages.h ../getdns/getdns.h
-tests_list.lo tests_list.o: $(srcdir)/tests_list.c $(srcdir)/testmessages.h ../getdns/getdns.h
-tests_namespaces.lo tests_namespaces.o: $(srcdir)/tests_namespaces.c $(srcdir)/testmessages.h ../getdns/getdns.h
-tests_stub_async.lo tests_stub_async.o: $(srcdir)/tests_stub_async.c ../config.h $(srcdir)/testmessages.h \
- ../getdns/getdns.h ../getdns/getdns_extra.h
-tests_stub_sync.lo tests_stub_sync.o: $(srcdir)/tests_stub_sync.c $(srcdir)/testmessages.h ../getdns/getdns.h \
+tests_dict.lo tests_dict.o: $(srcdir)/tests_dict.c $(srcdir)/testmessages.h \
+ ../getdns/getdns.h
+tests_list.lo tests_list.o: $(srcdir)/tests_list.c $(srcdir)/testmessages.h \
+ ../getdns/getdns.h
+tests_namespaces.lo tests_namespaces.o: $(srcdir)/tests_namespaces.c $(srcdir)/testmessages.h \
+ ../getdns/getdns.h
+tests_stub_async.lo tests_stub_async.o: $(srcdir)/tests_stub_async.c \
+ ../config.h \
+ $(srcdir)/testmessages.h \
+ ../getdns/getdns.h \
+ ../getdns/getdns_extra.h
+tests_stub_sync.lo tests_stub_sync.o: $(srcdir)/tests_stub_sync.c $(srcdir)/testmessages.h \
+ ../getdns/getdns.h \
  ../getdns/getdns_extra.h
diff --git a/src/tools/Makefile.in b/src/tools/Makefile.in
index fa13ea40..ae2c6080 100644
--- a/src/tools/Makefile.in
+++ b/src/tools/Makefile.in
@@ -102,5 +102,8 @@ depend:
 .PHONY: clean test
 
 # Dependencies for getdns_query
-getdns_query.lo getdns_query.o: $(srcdir)/getdns_query.c ../config.h $(srcdir)/../debug.h ../config.h \
- ../getdns/getdns.h ../getdns/getdns_extra.h
+getdns_query.lo getdns_query.o: $(srcdir)/getdns_query.c \
+ ../config.h \
+ $(srcdir)/../debug.h \
+ ../getdns/getdns.h \
+ ../getdns/getdns_extra.h

From e857f680ce506ca86d8f891bfdb3ac06b746f1db Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Thu, 14 Jul 2016 15:05:46 +0200
Subject: [PATCH 15/25] Dependencies (but this time good)

---
 src/Makefile.in | 99 ++++++++++++++++++++++++++++---------------------
 1 file changed, 57 insertions(+), 42 deletions(-)

diff --git a/src/Makefile.in b/src/Makefile.in
index abb6835d..ecfcf082 100644
--- a/src/Makefile.in
+++ b/src/Makefile.in
@@ -213,8 +213,8 @@ const-info.lo const-info.o: $(srcdir)/const-info.c \
  getdns/getdns_extra.h \
  $(srcdir)/const-info.h
 context.lo context.o: $(srcdir)/context.c \
- config.h $(srcdir)/debug.h \
- $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/wire2str.h $(srcdir)/context.h \
+ config.h \
+ $(srcdir)/debug.h $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/wire2str.h $(srcdir)/context.h \
  getdns/getdns.h \
  getdns/getdns_extra.h \
  $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h \
@@ -230,15 +230,18 @@ convert.lo convert.o: $(srcdir)/convert.c \
  $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h $(srcdir)/gldns/wire2str.h \
  $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/parseutil.h $(srcdir)/const-info.h $(srcdir)/dict.h \
  $(srcdir)/list.h $(srcdir)/jsmn/jsmn.h $(srcdir)/convert.h
-dict.lo dict.o: $(srcdir)/dict.c config.h \
+dict.lo dict.o: $(srcdir)/dict.c \
+ config.h \
  $(srcdir)/types-internal.h \
  getdns/getdns.h \
  getdns/getdns_extra.h \
  $(srcdir)/util/rbtree.h $(srcdir)/util-internal.h $(srcdir)/context.h $(srcdir)/extension/default_eventloop.h \
  $(srcdir)/ub_loop.h $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h \
  $(srcdir)/gldns/pkthdr.h $(srcdir)/dict.h $(srcdir)/list.h $(srcdir)/const-info.h $(srcdir)/gldns/wire2str.h
-dnssec.lo dnssec.o: $(srcdir)/dnssec.c config.h \
- $(srcdir)/debug.h getdns/getdns.h \
+dnssec.lo dnssec.o: $(srcdir)/dnssec.c \
+ config.h \
+ $(srcdir)/debug.h \
+ getdns/getdns.h \
  $(srcdir)/context.h \
  getdns/getdns_extra.h \
  $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h \
@@ -247,7 +250,8 @@ dnssec.lo dnssec.o: $(srcdir)/dnssec.c config.h \
  $(srcdir)/gldns/wire2str.h $(srcdir)/gldns/keyraw.h $(srcdir)/gldns/parseutil.h $(srcdir)/general.h $(srcdir)/dict.h \
  $(srcdir)/list.h $(srcdir)/util/val_secalgo.h
 general.lo general.o: $(srcdir)/general.c \
- config.h $(srcdir)/general.h \
+ config.h \
+ $(srcdir)/general.h \
  getdns/getdns.h \
  $(srcdir)/types-internal.h \
  getdns/getdns_extra.h \
@@ -259,18 +263,21 @@ list.lo list.o: $(srcdir)/list.c $(srcdir)/types-internal.h \
  getdns/getdns.h \
  getdns/getdns_extra.h \
  $(srcdir)/util/rbtree.h $(srcdir)/util-internal.h \
- config.h $(srcdir)/context.h \
- $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/rr-iter.h \
- $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h $(srcdir)/list.h $(srcdir)/dict.h
+ config.h \
+ $(srcdir)/context.h $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h $(srcdir)/debug.h $(srcdir)/server.h \
+ $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h $(srcdir)/list.h $(srcdir)/dict.h
 pubkey-pinning.lo pubkey-pinning.o: $(srcdir)/pubkey-pinning.c \
- config.h $(srcdir)/debug.h \
- getdns/getdns.h $(srcdir)/context.h \
+ config.h \
+ $(srcdir)/debug.h \
+ getdns/getdns.h \
+ $(srcdir)/context.h \
  getdns/getdns_extra.h \
  $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h \
  $(srcdir)/server.h $(srcdir)/util-internal.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h \
  $(srcdir)/gldns/pkthdr.h
 request-internal.lo request-internal.o: $(srcdir)/request-internal.c \
- config.h $(srcdir)/types-internal.h \
+ config.h \
+ $(srcdir)/types-internal.h \
  getdns/getdns.h \
  getdns/getdns_extra.h \
  $(srcdir)/util/rbtree.h $(srcdir)/util-internal.h $(srcdir)/context.h $(srcdir)/extension/default_eventloop.h \
@@ -288,12 +295,14 @@ rr-iter.lo rr-iter.o: $(srcdir)/rr-iter.c $(srcdir)/rr-iter.h $(srcdir)/rr-dict.
  config.h \
  getdns/getdns.h \
  $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h $(srcdir)/gldns/rrdef.h
-server.lo server.o: $(srcdir)/server.c config.h \
+server.lo server.o: $(srcdir)/server.c \
+ config.h \
  getdns/getdns_extra.h \
- getdns/getdns.h $(srcdir)/context.h \
- $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h \
- $(srcdir)/debug.h $(srcdir)/server.h
-stub.lo stub.o: $(srcdir)/stub.c config.h \
+ getdns/getdns.h \
+ $(srcdir)/context.h $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/extension/default_eventloop.h \
+ $(srcdir)/ub_loop.h $(srcdir)/debug.h $(srcdir)/server.h
+stub.lo stub.o: $(srcdir)/stub.c \
+ config.h \
  $(srcdir)/debug.h $(srcdir)/stub.h \
  getdns/getdns.h \
  $(srcdir)/types-internal.h \
@@ -304,7 +313,8 @@ stub.lo stub.o: $(srcdir)/stub.c config.h \
  $(srcdir)/util-internal.h $(srcdir)/general.h $(srcdir)/pubkey-pinning.h
 sync.lo sync.o: $(srcdir)/sync.c \
  getdns/getdns.h \
- config.h $(srcdir)/context.h \
+ config.h \
+ $(srcdir)/context.h \
  getdns/getdns_extra.h \
  $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h \
  $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/general.h $(srcdir)/util-internal.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h \
@@ -317,33 +327,35 @@ ub_loop.lo ub_loop.o: $(srcdir)/ub_loop.c $(srcdir)/ub_loop.h \
  $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h $(srcdir)/debug.h
 util-internal.lo util-internal.o: $(srcdir)/util-internal.c \
  config.h \
- getdns/getdns.h $(srcdir)/dict.h \
- $(srcdir)/util/rbtree.h $(srcdir)/types-internal.h \
+ getdns/getdns.h \
+ $(srcdir)/dict.h $(srcdir)/util/rbtree.h $(srcdir)/types-internal.h \
  getdns/getdns_extra.h \
  $(srcdir)/list.h $(srcdir)/util-internal.h $(srcdir)/context.h $(srcdir)/extension/default_eventloop.h $(srcdir)/ub_loop.h \
  $(srcdir)/debug.h $(srcdir)/server.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h \
  $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h $(srcdir)/dnssec.h $(srcdir)/gldns/rrdef.h
 gbuffer.lo gbuffer.o: $(srcdir)/gldns/gbuffer.c \
- config.h $(srcdir)/gldns/gbuffer.h
+ config.h \
+ $(srcdir)/gldns/gbuffer.h
 keyraw.lo keyraw.o: $(srcdir)/gldns/keyraw.c \
- config.h $(srcdir)/gldns/keyraw.h \
- $(srcdir)/gldns/rrdef.h
+ config.h \
+ $(srcdir)/gldns/keyraw.h $(srcdir)/gldns/rrdef.h
 parse.lo parse.o: $(srcdir)/gldns/parse.c \
- config.h $(srcdir)/gldns/parse.h \
- $(srcdir)/gldns/parseutil.h $(srcdir)/gldns/gbuffer.h
+ config.h \
+ $(srcdir)/gldns/parse.h $(srcdir)/gldns/parseutil.h $(srcdir)/gldns/gbuffer.h
 parseutil.lo parseutil.o: $(srcdir)/gldns/parseutil.c \
- config.h $(srcdir)/gldns/parseutil.h
+ config.h \
+ $(srcdir)/gldns/parseutil.h
 rrdef.lo rrdef.o: $(srcdir)/gldns/rrdef.c \
- config.h $(srcdir)/gldns/rrdef.h \
- $(srcdir)/gldns/parseutil.h
+ config.h \
+ $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/parseutil.h
 str2wire.lo str2wire.o: $(srcdir)/gldns/str2wire.c \
- config.h $(srcdir)/gldns/str2wire.h \
- $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/wire2str.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/parse.h \
- $(srcdir)/gldns/parseutil.h
+ config.h \
+ $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/wire2str.h $(srcdir)/gldns/gbuffer.h \
+ $(srcdir)/gldns/parse.h $(srcdir)/gldns/parseutil.h
 wire2str.lo wire2str.o: $(srcdir)/gldns/wire2str.c \
- config.h $(srcdir)/gldns/wire2str.h \
- $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/pkthdr.h $(srcdir)/gldns/parseutil.h \
- $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/keyraw.h
+ config.h \
+ $(srcdir)/gldns/wire2str.h $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/pkthdr.h \
+ $(srcdir)/gldns/parseutil.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/keyraw.h
 arc4_lock.lo arc4_lock.o: $(srcdir)/compat/arc4_lock.c \
  config.h
 arc4random.lo arc4random.o: $(srcdir)/compat/arc4random.c \
@@ -369,11 +381,12 @@ sha512.lo sha512.o: $(srcdir)/compat/sha512.c \
 strlcpy.lo strlcpy.o: $(srcdir)/compat/strlcpy.c \
  config.h
 rbtree.lo rbtree.o: $(srcdir)/util/rbtree.c \
- config.h $(srcdir)/util/log.h $(srcdir)/debug.h \
- $(srcdir)/util/fptr_wlist.h $(srcdir)/util/rbtree.h
+ config.h \
+ $(srcdir)/util/log.h $(srcdir)/debug.h $(srcdir)/util/fptr_wlist.h $(srcdir)/util/rbtree.h
 val_secalgo.lo val_secalgo.o: $(srcdir)/util/val_secalgo.c \
- config.h $(srcdir)/util/val_secalgo.h \
- $(srcdir)/util/log.h $(srcdir)/debug.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/keyraw.h $(srcdir)/gldns/gbuffer.h
+ config.h \
+ $(srcdir)/util/val_secalgo.h $(srcdir)/util/log.h $(srcdir)/debug.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/keyraw.h \
+ $(srcdir)/gldns/gbuffer.h
 jsmn.lo jsmn.o: $(srcdir)/jsmn/jsmn.c $(srcdir)/jsmn/jsmn.h
 default_eventloop.lo default_eventloop.o: $(srcdir)/extension/default_eventloop.c \
  $(srcdir)/extension/default_eventloop.h \
@@ -382,18 +395,20 @@ default_eventloop.lo default_eventloop.o: $(srcdir)/extension/default_eventloop.
  getdns/getdns_extra.h \
  $(srcdir)/debug.h
 libev.lo libev.o: $(srcdir)/extension/libev.c \
- config.h $(srcdir)/types-internal.h \
+ config.h \
+ $(srcdir)/types-internal.h \
  getdns/getdns.h \
  getdns/getdns_extra.h \
  $(srcdir)/util/rbtree.h $(srcdir)/getdns/getdns_ext_libev.h
 libevent.lo libevent.o: $(srcdir)/extension/libevent.c \
- config.h $(srcdir)/types-internal.h \
+ config.h \
+ $(srcdir)/types-internal.h \
  getdns/getdns.h \
  getdns/getdns_extra.h \
  $(srcdir)/util/rbtree.h $(srcdir)/getdns/getdns_ext_libevent.h
 libuv.lo libuv.o: $(srcdir)/extension/libuv.c \
- config.h $(srcdir)/debug.h \
- $(srcdir)/types-internal.h \
+ config.h \
+ $(srcdir)/debug.h $(srcdir)/types-internal.h \
  getdns/getdns.h \
  getdns/getdns_extra.h \
  $(srcdir)/util/rbtree.h $(srcdir)/getdns/getdns_ext_libuv.h

From 9cb38bc82236721e125802c5a3b2b69b2712ac8c Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Thu, 14 Jul 2016 15:18:27 +0200
Subject: [PATCH 16/25] Release today

---
 ChangeLog | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index 4dae9ffb..e154f85e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,4 @@
-* 2016-??-??: Version 1.0.0b2
+* 2016-07-14: Version 1.0.0b2
   * Collect coverage information from the unit tests
     Thanks Shane Kerr
   * pkg-config for the getdns_ext_event library

From 65a46e1026ff5ba236abe06de09089152c846a69 Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Thu, 14 Jul 2016 15:20:13 +0200
Subject: [PATCH 17/25] Update ChangeLog

---
 ChangeLog | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index e154f85e..bd4c298c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,12 @@
+* 2016-07-14: Version 1.1.0a1
+  * Conversion functions from text strings to getdns native types:
+    getdns_str2dict(), getdns_str2list(), getdns_str2bindata() and
+    getdns_str2int()
+  * A getdns_context_config() function that configures a context
+    with settings given in a getdns_dict
+  * A a getdns_context_set_listen_addresses() function and companion
+    getdns_reply() function to construct simple name servers.
+
 * 2016-07-14: Version 1.0.0b2
   * Collect coverage information from the unit tests
     Thanks Shane Kerr

From 7c7c58604fc8589e3069702bb1f7e58ef6b4ad47 Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Thu, 14 Jul 2016 15:24:59 +0200
Subject: [PATCH 18/25] Update ChangeLog

---
 ChangeLog | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index bd4c298c..1adfe0b6 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,10 @@
     with settings given in a getdns_dict
   * A a getdns_context_set_listen_addresses() function and companion
     getdns_reply() function to construct simple name servers.
+  * Relocate getdns_query to src/tools and build by default
+  * Enhancements to the logic used to select connection based upstream
+    transports (TCP, TLS) to improve robustness and re-use of
+    connections/upstreams.
 
 * 2016-07-14: Version 1.0.0b2
   * Collect coverage information from the unit tests

From 255cc9ab36f791c25ad04166d3268e83934de623 Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Thu, 14 Jul 2016 15:42:49 +0200
Subject: [PATCH 19/25] First bit of set_from_os loads OS defaults

---
 src/context.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/context.c b/src/context.c
index edea6aef..a93e6f14 100644
--- a/src/context.c
+++ b/src/context.c
@@ -1277,10 +1277,10 @@ getdns_context_create_with_extended_memory_functions(
 
 	// resolv.conf does not exist on Windows, handle differently
 #ifndef USE_WINSOCK 
-	if (set_from_os && (r = set_os_defaults(result)))
+	if ((set_from_os & 1) && (r = set_os_defaults(result)))
 		goto error;
 #else
-	if (set_from_os && (r = set_os_defaults_windows(result)))
+	if ((set_from_os & 1) && (r = set_os_defaults_windows(result)))
 		goto error;
 #endif
 

From 0736453bed0654a8f54270086391bd9666a51b46 Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Thu, 14 Jul 2016 15:53:53 +0200
Subject: [PATCH 20/25] Doxygen fixes

---
 src/getdns/getdns.h.in       | 14 +++++++++-----
 src/getdns/getdns_extra.h.in | 36 ++++++++++++++++++------------------
 2 files changed, 27 insertions(+), 23 deletions(-)

diff --git a/src/getdns/getdns.h.in b/src/getdns/getdns.h.in
index fedf9f2f..2a8f7f2a 100644
--- a/src/getdns/getdns.h.in
+++ b/src/getdns/getdns.h.in
@@ -965,7 +965,8 @@ getdns_service(getdns_context *context,
  * If used multi-threaded, user must define appropriate OpenSSL callback locking functions
  * (e.g. CRYPTO_THREADID_set_call) depending on the library version used.
  * @param context context that can be used immediately with other API calls
- * @param set_from_os select to use os defaults or to specify user defined values
+ * @param set_from_os set to 1 to initialize the context with os defaults
+ *                    the second bit set (2) prevents OpenSSL library initialization.
  * @return GETDNS_RETURN_GOOD on success
 */
 getdns_return_t
@@ -977,10 +978,11 @@ getdns_context_create(getdns_context ** context, int set_from_os);
  * If used multi-threaded, user must define appropriate OpenSSL callback locking functions
  * (e.g. CRYPTO_THREADID_set_call) depending on the library version used.
  * @param context context that can be used immediately with other API calls
- * @param set_from_os select to use os defaults or to specify user defined values
+ * @param set_from_os set to 1 to initialize the context with os defaults
+ *                    the second bit set (2) prevents OpenSSL library initialization.
  * @param malloc custom malloc function
  * @param realloc custom realloc function
- * @param malloc custom free function
+ * @param free custom free function
  * @return GETDNS_RETURN_GOOD on success
 */
 getdns_return_t
@@ -998,10 +1000,12 @@ getdns_context_create_with_memory_functions(
  * If used multi-threaded, user must define appropriate OpenSSL callback locking functions
  * (e.g. CRYPTO_THREADID_set_call) depending on the library version used.
  * @param context context that can be used immediately with other API calls
- * @param set_from_os select to use os defaults or to specify user defined values
+ * @param set_from_os set to 1 to initialize the context with os defaults
+ *                    the second bit set (2) prevents OpenSSL library initialization.
+ * @param userarg parameter passed to the custom malloc, realloc and free functions
  * @param malloc custom malloc function
  * @param realloc custom realloc function
- * @param malloc custom free function
+ * @param free custom free function
  * @return GETDNS_RETURN_GOOD on success
 */
 getdns_return_t
diff --git a/src/getdns/getdns_extra.h.in b/src/getdns/getdns_extra.h.in
index 3f7647d4..752076a9 100644
--- a/src/getdns/getdns_extra.h.in
+++ b/src/getdns/getdns_extra.h.in
@@ -361,9 +361,9 @@ getdns_context_get_tls_authentication(getdns_context *context,
  * "chain" context update callbacks and in this way create a subscription
  * service catering multiple interested parties.
  * @param context The context to monitor for changes
- * @return userarg A user defined argument to be passed to the callback
+ * @param userarg A user defined argument to be passed to the callback
  *                 function.
- * @return value   The callback function to be called on context value
+ * @param value   The callback function to be called on context value
  *                 changes.
  * @return GETDNS_RETURN_GOOD on success or an error code on failure.
  */
@@ -484,7 +484,7 @@ getdns_dict* getdns_pubkey_pin_create_from_string(
  *
  * @param pinset the set of public key pins to check for sanity.  This
  *               should be a list of dicts.
- * @return errorlist if not NULL, a list of human-readable strings is 
+ * @param errorlist if not NULL, a list of human-readable strings is 
  *                   appended to errorlist.
  * @return GETDNS_RETURN_GOOD if the pinset passes the sanity check.
  */ 
@@ -592,8 +592,8 @@ getdns_snprint_json_list(
  * Convert rr_dict to wireformat representation of the resource record.
  *
  * @param  rr_dict The getdns dict representation of the resource record
- * @return wire    A newly allocated buffer which will contain the wireformat.
- * @return wire_sz The size of the allocated buffer and the wireformat.
+ * @param wire    A newly allocated buffer which will contain the wireformat.
+ * @param wire_sz The size of the allocated buffer and the wireformat.
  * @return GETDNS_RETURN_GOOD on success or an error code on failure.
  */
 getdns_return_t
@@ -644,7 +644,7 @@ getdns_rr_dict2wire_scan(
  *
  * @param  wire    Buffer containing the wireformat rr
  * @param  wire_sz Size of the wire buffer
- * @return rr_dict The returned rr_dict
+ * @param rr_dict The returned rr_dict
  * @return GETDNS_RETURN_GOOD on success or an error code on failure.
  */
 getdns_return_t
@@ -657,7 +657,7 @@ getdns_wire2rr_dict(
  * @param  wire    Buffer containing the wireformat rr
  * @param  wire_sz On input the size of the wire buffer
  *                 On output the length of the wireformat rr.
- * @return rr_dict The returned rr_dict
+ * @param rr_dict The returned rr_dict
  * @return GETDNS_RETURN_GOOD on success or an error code on failure.
  */
 getdns_return_t
@@ -673,7 +673,7 @@ getdns_wire2rr_dict_buf(
  * @param  wire_sz On input the size of the wire buffer
  *                 On output the size is decreased with the length
  *                 of the wireformat resource record.
- * @return rr_dict The returned rr_dict
+ * @param rr_dict The returned rr_dict
  * @return GETDNS_RETURN_GOOD on success or an error code on failure.
  */
 getdns_return_t
@@ -685,7 +685,7 @@ getdns_wire2rr_dict_scan(
  * Convert rr_dict to the string representation of the resource record.
  *
  * @param  rr_dict The getdns dict representation of the resource record
- * @return str     A newly allocated string representation of the rr
+ * @param str     A newly allocated string representation of the rr
  * @return GETDNS_RETURN_GOOD on success or an error code on failure.
  */
 getdns_return_t
@@ -735,7 +735,7 @@ getdns_rr_dict2str_scan(
  * Convert the string representation of the resource record to rr_dict format.
  *
  * @param  str         String representation of the resource record.
- * @return rr_dict     The result getdns dict representation of the resource record
+ * @param  rr_dict     The result getdns dict representation of the resource record
  * @param  origin      Default suffix for not fully qualified domain names
  * @param  default_ttl Default ttl
  * @return GETDNS_RETURN_GOOD on success or an error code on failure.
@@ -748,8 +748,8 @@ getdns_str2rr_dict(
 /**
  * Read the zonefile and convert to a list of rr_dict's.
  *
- * @param  FILE        An opened FILE pointer on the zone file.
- * @return rr_list     The result list of rr_dicts representing the zone file.
+ * @param  in          An opened FILE pointer on the zone file.
+ * @param  rr_list     The result list of rr_dicts representing the zone file.
  * @param  origin      Default suffix for not fully qualified domain names
  * @param  default_ttl Default ttl
  * @return GETDNS_RETURN_GOOD on success or an error code on failure.
@@ -763,8 +763,8 @@ getdns_fp2rr_list(
  * Convert DNS message dict to wireformat representation.
  *
  * @param  msg_dict The getdns dict representation of a DNS message
- * @return wire     A newly allocated buffer which will contain the wireformat.
- * @return wire_sz  The size of the allocated buffer and the wireformat.
+ * @param  wire     A newly allocated buffer which will contain the wireformat.
+ * @param  wire_sz  The size of the allocated buffer and the wireformat.
  * @return GETDNS_RETURN_GOOD on success or an error code on failure.
  */
 getdns_return_t
@@ -815,7 +815,7 @@ getdns_msg_dict2wire_scan(
  *
  * @param  wire     Buffer containing the wireformat rr
  * @param  wire_sz  Size of the wire buffer
- * @return msg_dict The returned DNS message
+ * @param  msg_dict The returned DNS message
  * @return GETDNS_RETURN_GOOD on success or an error code on failure.
  */
 getdns_return_t
@@ -828,7 +828,7 @@ getdns_wire2msg_dict(
  * @param  wire     Buffer containing the wireformat rr
  * @param  wire_sz  On input the size of the wire buffer
  *                  On output the length of the wireformat rr.
- * @return msg_dict The returned DNS message
+ * @param  msg_dict The returned DNS message
  * @return GETDNS_RETURN_GOOD on success or an error code on failure.
  */
 getdns_return_t
@@ -844,7 +844,7 @@ getdns_wire2msg_dict_buf(
  * @param  wire_sz  On input the size of the wire buffer
  *                  On output the size is decreased with the length
  *                  of the wireformat DNS message.
- * @return msg_dict The returned DNS message
+ * @param  msg_dict The returned DNS message
  * @return GETDNS_RETURN_GOOD on success or an error code on failure.
  */
 getdns_return_t
@@ -856,7 +856,7 @@ getdns_wire2msg_dict_scan(
  * Convert msg_dict to the string representation of the DNS message.
  *
  * @param  msg_dict The getdns dict representation of the DNS message
- * @return str      A newly allocated string representation of the rr
+ * @param  str      A newly allocated string representation of the rr
  * @return GETDNS_RETURN_GOOD on success or an error code on failure.
  */
 getdns_return_t

From d9a089a6a0b6cb189d5a178eefa0305711a844d7 Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Thu, 14 Jul 2016 16:00:55 +0200
Subject: [PATCH 21/25] Update .so versioning

---
 configure.ac | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/configure.ac b/configure.ac
index da1dccd3..483c2964 100644
--- a/configure.ac
+++ b/configure.ac
@@ -76,7 +76,8 @@ GETDNS_COMPILATION_COMMENT="AC_PACKAGE_NAME $GETDNS_VERSION configured on $CURRE
 # getdns-0.3.3 had libversion 3:6:2
 # getdns-0.5.0 had libversion 4:0:3
 # getdns-0.5.1 had libversion 4:1:3 (but should have been getdns-0.6.0)
-# getdns-0.9.0 will have libversion 5:0:4
+# getdns-0.9.0 had libversion 5:0:4
+# getdns-1.0.0 will have libversion 5:1:4
 #
 GETDNS_LIBVERSION=5:0:4
 

From f685a0c8b85b89f56c3d179439e8763f58708031 Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Thu, 14 Jul 2016 16:18:50 +0200
Subject: [PATCH 22/25] Unsigned expression >= 0 is always true

---
 src/test/getdns_query.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/test/getdns_query.c b/src/test/getdns_query.c
index 05645a5f..5c98d8f9 100644
--- a/src/test/getdns_query.c
+++ b/src/test/getdns_query.c
@@ -475,7 +475,7 @@ static void parse_config(const char *config_str)
 getdns_return_t parse_args(int argc, char **argv)
 {
 	getdns_return_t r = GETDNS_RETURN_GOOD;
-	size_t i, j;
+	size_t i, j, klass;
 	char *arg, *c, *endptr;
 	int t, print_api_info = 0, print_trust_anchors = 0;
 	getdns_list *upstream_list = NULL;
@@ -486,7 +486,6 @@ getdns_return_t parse_args(int argc, char **argv)
 	getdns_bindata bindata;
 	size_t upstream_count = 0;
 	FILE *fh;
-	uint32_t klass;
 	char *config_file = NULL;
 	long config_file_sz;
 
@@ -507,7 +506,7 @@ getdns_return_t parse_args(int argc, char **argv)
 			} else if (strncmp(arg+1, "specify_class=", 14) == 0) {
 				if ((klass = get_rrclass(arg+15)) >= 0)
 					r = getdns_dict_set_int(extensions,
-						    "specify_class", klass);
+					    "specify_class", (uint32_t )klass);
 				else
 					fprintf(stderr,
 					    "Unknown class: %s\n", arg+15);

From d67507fff82cddbac6fb8b714ded9dad8f95035d Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Thu, 14 Jul 2016 16:24:02 +0200
Subject: [PATCH 23/25] Actually do lib versioning too!

---
 configure.ac | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/configure.ac b/configure.ac
index 483c2964..b2c066a2 100644
--- a/configure.ac
+++ b/configure.ac
@@ -79,7 +79,7 @@ GETDNS_COMPILATION_COMMENT="AC_PACKAGE_NAME $GETDNS_VERSION configured on $CURRE
 # getdns-0.9.0 had libversion 5:0:4
 # getdns-1.0.0 will have libversion 5:1:4
 #
-GETDNS_LIBVERSION=5:0:4
+GETDNS_LIBVERSION=5:1:4
 
 AC_SUBST(GETDNS_COMPILATION_COMMENT)
 AC_SUBST(GETDNS_LIBVERSION)

From c57f8874ec99f7fc374c0f28cbc082a7473f6fa0 Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Thu, 14 Jul 2016 16:25:32 +0200
Subject: [PATCH 24/25] Lib versioning for 1.1.0

---
 configure.ac | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/configure.ac b/configure.ac
index 9604fcbc..73150114 100644
--- a/configure.ac
+++ b/configure.ac
@@ -78,8 +78,9 @@ GETDNS_COMPILATION_COMMENT="AC_PACKAGE_NAME $GETDNS_VERSION configured on $CURRE
 # getdns-0.5.1 had libversion 4:1:3 (but should have been getdns-0.6.0)
 # getdns-0.9.0 had libversion 5:0:4
 # getdns-1.0.0 will have libversion 5:1:4
+# getdns-1.1.0 will have libversion 6:0:5
 #
-GETDNS_LIBVERSION=5:1:4
+GETDNS_LIBVERSION=6:0:5
 
 AC_SUBST(GETDNS_COMPILATION_COMMENT)
 AC_SUBST(GETDNS_LIBVERSION)

From 903605570ba1d7c50f7fd8153b5caaedd90b4397 Mon Sep 17 00:00:00 2001
From: Willem Toorop <willem@nlnetlabs.nl>
Date: Thu, 14 Jul 2016 17:57:17 +0200
Subject: [PATCH 25/25] Doxygen documentation of the new prototypes

---
 src/getdns/getdns_extra.h.in | 206 +++++++++++++++++++++++++++++++----
 1 file changed, 185 insertions(+), 21 deletions(-)

diff --git a/src/getdns/getdns_extra.h.in b/src/getdns/getdns_extra.h.in
index 240d18b0..d48d13b6 100644
--- a/src/getdns/getdns_extra.h.in
+++ b/src/getdns/getdns_extra.h.in
@@ -900,6 +900,191 @@ getdns_msg_dict2str_buf(
 getdns_return_t
 getdns_msg_dict2str_scan(
     const getdns_dict *msg_dict, char **str, int *str_len);
+
+/**
+ * Convert string text to a getdns_dict.
+ *
+ * @param  str   A textual representation of a getdns_dict.
+ *               The format is similar, but not precisely JSON.
+ *               - dict keys may be given without quotes.
+ *                 For example: `{ timeout: 2000 }` is the same as { "timeout": 2000 }
+ *               - When str contains an IP or IPv6 address, it is converted
+ *                 to an getdns dict representation of that address.  This may contain
+ *                 a port, tls_port, tsig spec or tls authentication name in the same
+ *                 way as may be given with the `getdns_query` tool.  For example:
+ *                 `185.49.140.67:80#443` will result in the following getdns_dict:
+ *
+ *                      { address_type: "IPv4"
+ *                      , address_data: "185.49.140.67"
+ *                      , port: 80
+ *                      , tls_port: 443
+ *                      }
+ *
+ * @param  dict The returned getdns_dict.
+ * @return GETDNS_RETURN_GOOD on success or an error code on failure.
+ */
+getdns_return_t
+getdns_str2dict(const char *str, getdns_dict **dict);
+
+/**
+ * Convert string text to a getdns_list.
+ *
+ * @param  str   A textual representation of a getdns_list.
+ *               The format is similar, but not precisely JSON.
+ * @param  list The returned getdns_list.
+ * @return GETDNS_RETURN_GOOD on success or an error code on failure.
+ */
+getdns_return_t
+getdns_str2list(const char *str, getdns_list **list);
+
+/**
+ * Convert string text to a getdns_bindata.
+ *
+ * @param  str   A textual representation of a getdns_bindata
+ *               The format is similar, but not precisely JSON.
+ *               - Strings between double-quotes will be converted to bindata
+ *                 containers, but *without the trailing null byte*.
+ *                 For example: `{ suffix: [ "nlnetlabs.nl.", "nlnet.nl." ] }`
+ *               - bindata representation of IP or IPv6 addresses may be
+ *                 given in their presentation format.  For example:
+ *                 `{ dns_root_servers: [ 2001:7fd::1, 193.0.14.129 ] }`
+ *               - Arbitrary binary data may be given with a `0x` prefix.
+ *                 For example:
+ *
+ *                      { add_opt_parameters:
+ *                        { options: [ { option_code: 10
+ *                                     , option_data: 0xA9E4EC50C03F5D65
+ *                                     } ]
+ *                        }
+ *                      }
+ *
+ *               - Wireformat domain name bindatas can be given with a trailing dot.
+ *                 For example:
+ *
+ *                      { upstream_recursive_servers:
+ *                        [ { address_data  : 2a04:b900:0:100::37
+ *                          , tsig_name     : hmac-md5.tsigs.getdnsapi.net.
+ *                          , tsig_algorithm: hmac-md5.sig-alg.reg.int.
+ *                          , tsig_secret : 0xD7A1BAF4E4DE5D6EB149
+ *                          } ]
+ *                      }
+ *
+ * @param  bindata The returned getdns_bindata.
+ * @return GETDNS_RETURN_GOOD on success or an error code on failure.
+ */
+getdns_return_t
+getdns_str2bindata(const char *str, getdns_bindata **bindata);
+
+/**
+ * Convert string text to a getdns 32 bits unsigned integer.
+ *
+ * @param  str   A textual representation of the integer.
+ *               The format is similar, but not precisely JSON.
+ *               - integer values may be given by the constant name.
+ *                 For example: `{ resolution_type: GETDNS_RESOLUTION_STUB }`
+ *                 or `{ specify_class: GETDNS_RRCLASS_CH }`
+ * @param  value The returned integer.
+ * @return GETDNS_RETURN_GOOD on success or an error code on failure.
+ */
+getdns_return_t
+getdns_str2int(const char *str, uint32_t *value);
+
+/**
+ * Configure a context with settings given in a getdns_dict.
+ *
+ * @param  context The context to be configured.
+ * @param  config_dict The getdns_dict containing the settings.
+ *                     The settings have the same name as returned by the
+ *                     getdns_context_get_api_information() function, or as
+ *                     used in the names of the getdns_context_get_*() and
+ *                     getdns_context_set_*() functions.
+ *                     - The dict returned by
+ *                       getdns_context_get_api_information() can be used
+ *                       as the config_dict directly, but context settings
+ *                       do *not* have to be below a `"all_context"` key.
+ *                     - It is possible to set default values for extensions
+ *                       that could otherwise only be given on a per query
+ *                       basis.  For example:
+ *                       `{ dnssec_return_status: GETDNS_EXTENSION_TRUE }` is
+ *                       equivalent to using the
+ *                       getdns_context_set_return_dnssec_status() function
+ *                       with that value, but default values for the other 
+ *                       extensions can be set by this method now too.
+ *                       For example
+ *                       `{ return_call_reporting: GETDNS_EXTENSION_TRUE}`
+ *                     - Trust anchor files and root hints content can also be
+ *                       given by file, for example:
+ *
+ *                            { dns_root_servers : "named.root"
+ *                            , dnssec_trust_anchors: "/etc/unbound/getdns-root.key"
+ *                            }
+ * @return GETDNS_RETURN_GOOD on success or an error code on failure.
+ * **Beware** that context might be partially configured on error.  For retry
+ * strategies it is advised to recreate a new config.
+ */
+getdns_return_t
+getdns_context_config(getdns_context *context, const getdns_dict *config_dict);
+
+
+/**
+ * The user defined request handler that will be called on incoming requests.
+ */
+typedef void (*getdns_request_handler_t)(
+	getdns_context      *context,
+	getdns_dict         *request,
+	getdns_transaction_t request_id
+);
+
+/**
+ * Create a name server by registering a list of addresses to listen on and
+ * a user defined function that will handle the requests.
+ *
+ * @param context The context managing the eventloop that needs to be run to
+ *                start serving.
+ * @param handler The user defined request handler that will be called with the
+ *                request received in reply dict format.  To reply to this request
+ *                the function has to construct a response (or modify the request)
+ *                and call getdns_reply() with the response and the with the request
+ *                associated request_id.  The user is responsible of destroying
+ *                both the replies and the response.  **Beware** that if requests are
+ *                not answered by the function, by not calling getdns_reply() this
+ *                will cause a memory leak.  The user most use getdns_reply()
+ *                with NULL as the response to not answer/cancel a request.
+ * @param listen_addresses  A list of address dicts or bindatas that will be
+ *                          listened on for DNS requests.  Both UDP and TCP
+ *                          transports will be used.
+ * @return GETDNS_RETURN_GOOD on success or an error code on failure.
+ * On failure, the current set of listening addresses is left in place.
+ * Also, if there is overlap in listening_addresses between the active set
+ * and the newly given set, the ones in the active set will remain in their
+ * current condition and will not be closed and reopened, also all assoicated
+ * DNS transactions will remain.
+ */
+getdns_return_t
+getdns_context_set_listen_addresses(getdns_context *context,
+    getdns_request_handler_t handler, const getdns_list *listen_addresses);
+
+/**
+ * Answer the request associated with a request_id that is received by a
+ * request handler
+ *
+ * @param context The context managing the eventloop that needs to be run to
+ *                listen for and answer requests.
+ * @param request_id The identifier that links this response with the
+ *                   received request.
+ * @param reply The answer in getdns reply dict or response dict format.
+ *              When NULL is given as reply, the request is not answered
+ *              but all associated state is deleted.
+ * @return GETDNS_RETURN_GOOD on success or an error code on failure.
+ * On fatal failure (no retry strategy possible) the user still needs to
+ * cancel the request by recalling getdns_reply() but with NULL as response,
+ * to clean up state.
+ */
+getdns_return_t
+getdns_reply(getdns_context *context,
+    getdns_transaction_t request_id, getdns_dict *reply);
+
+
 /** @}
  */
 
@@ -921,27 +1106,6 @@ getdns_return_t getdns_strerror(getdns_return_t err, char *buf, size_t buflen);
 /** @}
  */
 
-getdns_return_t getdns_str2dict(const char *str, getdns_dict **dict);
-getdns_return_t getdns_str2list(const char *str, getdns_list **list);
-getdns_return_t getdns_str2bindata(const char *str, getdns_bindata **bindata);
-getdns_return_t getdns_str2int(const char *str, uint32_t *value);
-
-getdns_return_t
-getdns_context_config(getdns_context *context, const getdns_dict *config_dict);
-
-typedef void (*getdns_request_handler_t)(
-	getdns_context      *context,
-	getdns_dict         *request,
-	getdns_transaction_t request_id
-);
-
-getdns_return_t
-getdns_context_set_listen_addresses(getdns_context *context,
-    getdns_request_handler_t handler, const getdns_list *listen_addresses);
-
-getdns_return_t getdns_reply(getdns_context *context,
-    getdns_transaction_t request_id, getdns_dict *reply);
-
 #ifdef __cplusplus
 }
 #endif