Merge branch 'v0.3.2' into develop

This commit is contained in:
Willem Toorop 2015-09-04 10:52:02 +02:00
commit 22f48c3cda
25 changed files with 275 additions and 14252 deletions

3
.gitignore vendored
View File

@ -14,6 +14,9 @@ config.status
autom4te.cache autom4te.cache
missing missing
libtool libtool
config.guess
config.sub
install-sh
spec/example/example-all-functions spec/example/example-all-functions
spec/example/example-reverse spec/example/example-reverse
spec/example/example-simple-answers spec/example/example-simple-answers

View File

@ -6,6 +6,7 @@ before_script:
- sudo apt-get update - sudo apt-get update
- sudo apt-get install libunbound-dev libldns-dev libidn11-dev check libevent-dev - sudo apt-get install libunbound-dev libldns-dev libidn11-dev check libevent-dev
script: script:
- libtoolize -fic
- autoreconf -fi - autoreconf -fi
- ./configure --with-libevent - ./configure --with-libevent
- make - make

View File

@ -1,4 +1,16 @@
* 2015-07.18: Version 0.3.1 * 2015-09-04: Version 0.3.2
* Fix returned upstreams list by getdns_context_get_api_information()
* Fix some autoconf issues when srcdir != builddir
* Fix remove build date from manpage version for reproducable builds
* Fix transport fallback issues plus transport fallback unit test script
* Fix string bindata's need not contain trailing zero byte
* --enable-stub-only configure option for stub only operation.
Stub mode will be the default. Removes the dependency on libunbound
* --with-getdns_query compiles and installs the getdns_query tool too
* Fix assert on context destruction from a callback in stub mode too.
* Use a thread instead of a process for running the unbound event loop.
* 2015-07-18: Version 0.3.1
* Fix repeating rdata fields * Fix repeating rdata fields
* 2015-07-17: Version 0.3.0 * 2015-07-17: Version 0.3.0

View File

@ -254,13 +254,6 @@ not `/usr/local'. It is recommended to use the following options:
./configure --prefix=/boot/common ./configure --prefix=/boot/common
On Mac OSX getdns will not build against the version of OpenSSL shipped with
OSX. If you link against a self-complied version of OpenSSL then manual
configuration of certificates into the default OpenSSL directory
/usr/local/etc/openssl/certs is currently required for TLS authentication to work.
However if linking against the version of OpenSSL installed via Homebrew TLS
authentication will work out of the box.
Specifying the System Type Specifying the System Type
========================== ==========================

View File

@ -43,12 +43,12 @@ docdir = @docdir@
srcdir = @srcdir@ srcdir = @srcdir@
INSTALL = @INSTALL@ INSTALL = @INSTALL@
all : default @GETDNS_QUERY@
default: default:
cd src && $(MAKE) $@ cd src && $(MAKE) $@
all : default install: all @INSTALL_GETDNS_QUERY@
install: all
$(INSTALL) -m 755 -d $(DESTDIR)$(docdir) $(INSTALL) -m 755 -d $(DESTDIR)$(docdir)
$(INSTALL) -m 644 $(srcdir)/AUTHORS $(DESTDIR)$(docdir) $(INSTALL) -m 644 $(srcdir)/AUTHORS $(DESTDIR)$(docdir)
$(INSTALL) -m 644 $(srcdir)/ChangeLog $(DESTDIR)$(docdir) $(INSTALL) -m 644 $(srcdir)/ChangeLog $(DESTDIR)$(docdir)
@ -80,7 +80,7 @@ install: all
@echo "*** at package installation time from the post-install script." @echo "*** at package installation time from the post-install script."
@echo "***" @echo "***"
uninstall: uninstall: @UNINSTALL_GETDNS_QUERY@
rm -rf $(DESTDIR)$(docdir) rm -rf $(DESTDIR)$(docdir)
cd doc && $(MAKE) $@ cd doc && $(MAKE) $@
cd src && $(MAKE) $@ cd src && $(MAKE) $@
@ -97,6 +97,12 @@ test:
getdns_query: getdns_query:
cd src && $(MAKE) $@ cd src && $(MAKE) $@
install-getdns_query:
cd src/test && $(MAKE) install
uninstall-getdns_query:
cd src/test && $(MAKE) uninstall
clean: clean:
cd src && $(MAKE) $@ cd src && $(MAKE) $@
cd doc && $(MAKE) $@ cd doc && $(MAKE) $@
@ -121,9 +127,25 @@ distclean:
rm -f m4/ltoptions.m4 rm -f m4/ltoptions.m4
rm -f m4/ltsugar.m4 rm -f m4/ltsugar.m4
rm -f m4/ltversion.m4 rm -f m4/ltversion.m4
rm -f $(distdir).tar.gz $(distdir).tar.gz.sha1
rm -f $(distdir).tar.gz.md5 $(distdir).tar.gz.asc
megaclean:
cd $(srcdir) && rm -fr * .dir-locals.el .gitignore .indent.pro .travis.yml && git reset --hard
dist: $(distdir).tar.gz dist: $(distdir).tar.gz
pub: $(distdir).tar.gz.sha1 $(distdir).tar.gz.md5 $(distdir).tar.gz.asc
$(distdir).tar.gz.sha1: $(distdir).tar.gz
openssl sha1 $(distdir).tar.gz >$@
$(distdir).tar.gz.md5: $(distdir).tar.gz
openssl md5 $(distdir).tar.gz >$@
$(distdir).tar.gz.asc: $(distdir).tar.gz
gpg --armor --detach-sig $(distdir).tar.gz
bindist: $(bintar) bindist: $(bintar)
$(bintar): $(distdir) $(bintar): $(distdir)

View File

@ -1,7 +1,7 @@
getdns API getdns API
========== ==========
* Date: 2015-05-20 * Date: 2015-09-04
* GitHub: <https://github.com/getdnsapi/getdns> * GitHub: <https://github.com/getdnsapi/getdns>
getdns is an implementation of a modern asynchronous DNS API specification getdns is an implementation of a modern asynchronous DNS API specification
@ -89,12 +89,15 @@ External dependencies are linked outside the getdns API build tree (we rely on c
* [libunbound from NLnet Labs](http://www.nlnetlabs.nl/projects/unbound/) version 1.4.16 or later * [libunbound from NLnet Labs](http://www.nlnetlabs.nl/projects/unbound/) version 1.4.16 or later
* [libexpat](http://expat.sourceforge.net/) for libunbound. * [libexpat](http://expat.sourceforge.net/) for libunbound.
* [libidn from the FSF](http://www.gnu.org/software/libidn/) version 1. * [libidn from the FSF](http://www.gnu.org/software/libidn/) version 1.
* [libssl from the OpenSSL Project](https://www.openssl.org/) version 0.9.7 or later. (Note: version 1.0.2 or later is required for TLS support)
* Doxygen is used to generate documentation, while this is not technically necessary for the build it makes things a lot more pleasant. * Doxygen is used to generate documentation, while this is not technically necessary for the build it makes things a lot more pleasant.
You have to install the library and also the library-devel (or -dev) for your You have to install the library and also the library-devel (or -dev) for your
package management system to install the compile time files. If you checked package management system to install the compile time files. If you checked
out our git; the configure script is built with autoreconf --install. out our git you need to copy the libtool helper scripts and rebuild configure
with:
# libtoolize -fi
# autoreconf -ci
## Extensions / Event loop dependencies ## Extensions / Event loop dependencies
@ -150,6 +153,8 @@ There are a few known issues which we have summarized below - the most recent
and helpful list is being maintained in the git issues list in the repository. and helpful list is being maintained in the git issues list in the repository.
Other known issues are being managed in the git repository issue list. Other known issues are being managed in the git repository issue list.
* (#113) Changing the resolution type between stub and recursive after a query has been issued with a context will not work - the previous resolution type will continue to be used. If you want to change the resolution type you will need to create a new context and set the resolution type for that context.
* When doing a synchronous lookup with a context that has outstanding asynchronous lookups, the callbacks for the asynchronous lookups might get called as a side effect of the synchronous lookup. * When doing a synchronous lookup with a context that has outstanding asynchronous lookups, the callbacks for the asynchronous lookups might get called as a side effect of the synchronous lookup.
@ -213,9 +218,6 @@ build the packages, this is simplythe one we chose to use.
create dmg create dmg
A self-compiled version of OpenSSL or the version installed via Homebrew is required.
Note: If using a self-compiled version manual configuration of certificates into /usr/local/etc/openssl/certs is required for TLS authentication to work.
#### Homebrew #### Homebrew
If you're using [Homebrew](http://brew.sh/), you may run `brew install getdns`. By default, this will only build the core library without any 3rd party event loop support. If you're using [Homebrew](http://brew.sh/), you may run `brew install getdns`. By default, this will only build the core library without any 3rd party event loop support.
@ -224,10 +226,11 @@ To install the [event loop integration libraries](https://github.com/getdnsapi/g
Note that in order to compile the examples, the `--with-libevent` switch is required. Note that in order to compile the examples, the `--with-libevent` switch is required.
As of the 0.2.0 release, when installing via Homebrew, the trust anchor is expected to be located at `$(brew --prefix)/etc/getdns-root.key`. Additionally, the OpenSSL library installed by Homebrew is linked against. Note that the Homebrew OpenSSL installation clones the Keychain certificates to the default OpenSSL location so TLS authentication should work out of the box. As of the 0.2.0 release, when installing via Homebrew, the trust anchor is expected to be located at `$(brew --prefix)/etc/getdns-root.key`. Additionally, the openssl lib installed by Homebrew is linked against.
Contributors Contributors
============ ============
* Theogene Bucuti
* Craig Despeaux, Verisign, Inc. * Craig Despeaux, Verisign, Inc.
* John Dickinson, Sinodun * John Dickinson, Sinodun
* Sara Dickinson, Sinodun * Sara Dickinson, Sinodun
@ -237,10 +240,12 @@ Contributors
* Olaf Kolkman, NLnet Labs * Olaf Kolkman, NLnet Labs
* Sanjay Mahurpawar, Verisign, Inc. * Sanjay Mahurpawar, Verisign, Inc.
* Allison Mankin, Verisign, Inc. - Verisign Labs. * Allison Mankin, Verisign, Inc. - Verisign Labs.
* Sai Mogali, Verisign, Inc.
* Benno Overeinder, NLnet Labs * Benno Overeinder, NLnet Labs
* Prithvi Ranganath, Verisign, Inc. * Prithvi Ranganath, Verisign, Inc.
* Rushi Shah, Verisign, Inc. * Rushi Shah, Verisign, Inc.
* Melinda Shore, No Mountain Software LLC * Melinda Shore, No Mountain Software LLC
* Bob Steagall, Verisign, Inc.
* Willem Toorop, NLnet Labs * Willem Toorop, NLnet Labs
* Gowri Visweswaran, Verisign Labs * Gowri Visweswaran, Verisign Labs
* Wouter Wijngaards, NLnet Labs * Wouter Wijngaards, NLnet Labs

1530
config.guess vendored

File diff suppressed because it is too large Load Diff

1782
config.sub vendored

File diff suppressed because it is too large Load Diff

View File

@ -35,7 +35,7 @@ sinclude(./m4/acx_openssl.m4)
sinclude(./m4/ax_check_compile_flag.m4) sinclude(./m4/ax_check_compile_flag.m4)
sinclude(./m4/pkg.m4) sinclude(./m4/pkg.m4)
AC_INIT([getdns], [0.3.1], [stub-resolver@verisignlabs.com], [], [http://getdnsapi.net]) AC_INIT([getdns], [0.3.2], [stub-resolver@verisignlabs.com], [], [https://getdnsapi.net])
AC_SUBST(RELEASE_CANDIDATE, []) AC_SUBST(RELEASE_CANDIDATE, [])
# Set current date from system if not set # Set current date from system if not set
@ -46,7 +46,7 @@ AC_ARG_WITH([current-date],
[CURRENT_DATE="`date -u +%Y-%m-%dT%H:%M:%SZ`"]) [CURRENT_DATE="`date -u +%Y-%m-%dT%H:%M:%SZ`"])
AC_SUBST(GETDNS_VERSION, ["AC_PACKAGE_VERSION$RELEASE_CANDIDATE"]) AC_SUBST(GETDNS_VERSION, ["AC_PACKAGE_VERSION$RELEASE_CANDIDATE"])
AC_SUBST(GETDNS_NUMERIC_VERSION, [0x00030000]) AC_SUBST(GETDNS_NUMERIC_VERSION, [0x00030200])
AC_SUBST(API_VERSION, ["July 2015"]) AC_SUBST(API_VERSION, ["July 2015"])
AC_SUBST(API_NUMERIC_VERSION, [0x07df0700]) AC_SUBST(API_NUMERIC_VERSION, [0x07df0700])
GETDNS_COMPILATION_COMMENT="AC_PACKAGE_NAME $GETDNS_VERSION configured on $CURRENT_DATE for the $API_VERSION version of the API" GETDNS_COMPILATION_COMMENT="AC_PACKAGE_NAME $GETDNS_VERSION configured on $CURRENT_DATE for the $API_VERSION version of the API"
@ -70,9 +70,10 @@ GETDNS_COMPILATION_COMMENT="AC_PACKAGE_NAME $GETDNS_VERSION configured on $CURRE
# getdns-0.1.8 had libversion 1:3:0 (but should have had 2:1:1) # getdns-0.1.8 had libversion 1:3:0 (but should have had 2:1:1)
# getdns-0.2.0 had libversion 2:2:1 # getdns-0.2.0 had libversion 2:2:1
# getdns-0.3.0 had libversion 3:3:2 # getdns-0.3.0 had libversion 3:3:2
# getdns-0.3.1 has libversion 3:4:2 # getdns-0.3.1 had libversion 3:4:2
# getdns-0.3.2 has libversion 3:5:2
# #
GETDNS_LIBVERSION=3:3:2 GETDNS_LIBVERSION=3:5:2
AC_SUBST(GETDNS_COMPILATION_COMMENT) AC_SUBST(GETDNS_COMPILATION_COMMENT)
AC_SUBST(GETDNS_LIBVERSION) AC_SUBST(GETDNS_LIBVERSION)
@ -207,8 +208,36 @@ esac
AC_DEFINE_UNQUOTED([EDNS_COOKIE_OPCODE], [10], [The edns cookie option code.]) AC_DEFINE_UNQUOTED([EDNS_COOKIE_OPCODE], [10], [The edns cookie option code.])
AC_DEFINE_UNQUOTED([EDNS_COOKIE_ROLLOVER_TIME], [(24 * 60 * 60)], [How often the edns client cookie is refreshed.]) AC_DEFINE_UNQUOTED([EDNS_COOKIE_ROLLOVER_TIME], [(24 * 60 * 60)], [How often the edns client cookie is refreshed.])
my_with_libunbound=1
AC_ARG_ENABLE(stub-only, AC_HELP_STRING([--enable-stub-only], [Restricts resolution modes to STUB (which will be the default mode). Removes the libunbound dependency.]))
case "$enable_stub_only" in
yes)
my_with_libunbound=0
;;
no|*)
;;
esac
AC_ARG_WITH(getdns_query, AS_HELP_STRING([--with-getdns_query],
[Also compile and install the getdns_query tool]),
[], [withval="no"])
if test x_$withval = x_no; then
GETDNS_QUERY=""
INSTALL_GETDNS_QUERY=""
UNINSTALL_GETDNS_QUERY=""
else
GETDNS_QUERY="getdns_query"
INSTALL_GETDNS_QUERY="install-getdns_query"
UNINSTALL_GETDNS_QUERY="uninstall-getdns_query"
fi
AC_SUBST(GETDNS_QUERY)
AC_SUBST(INSTALL_GETDNS_QUERY)
AC_SUBST(UNINSTALL_GETDNS_QUERY)
# search to set include and library paths right # search to set include and library paths right
# find libidn # find libidn
my_with_libidn=1
AC_ARG_WITH(libidn, AS_HELP_STRING([--with-libidn=pathname], AC_ARG_WITH(libidn, AS_HELP_STRING([--with-libidn=pathname],
[path to libidn (default: search /usr/local ..)]), [path to libidn (default: search /usr/local ..)]),
[], [withval="yes"]) [], [withval="yes"])
@ -236,6 +265,8 @@ else
if test x_$withval != x_no; then if test x_$withval != x_no; then
CFLAGS="$CFLAGS -I$withval/include" CFLAGS="$CFLAGS -I$withval/include"
LDFLAGS="$LDFLAGS -L$withval/lib" LDFLAGS="$LDFLAGS -L$withval/lib"
else
my_with_libidn=0
fi fi
fi fi
@ -259,7 +290,8 @@ else
fi fi
fi fi
my_with_libunbound=1 if test $my_with_libunbound = 1
then
# find libunbound # find libunbound
AC_ARG_WITH(libunbound, AS_HELP_STRING([--with-libunbound=pathname], AC_ARG_WITH(libunbound, AS_HELP_STRING([--with-libunbound=pathname],
[path to libunbound (default: search /usr/local ..)]), [path to libunbound (default: search /usr/local ..)]),
@ -282,24 +314,29 @@ else
my_with_libunbound=0 my_with_libunbound=0
fi fi
fi fi
fi
# Checks for libraries. # Checks for libraries.
found_all_libs=1 found_all_libs=1
AC_MSG_NOTICE([Checking for dependency ldns]) AC_MSG_NOTICE([Checking for dependency ldns])
AC_CHECK_LIB([ldns], [ldns_dname_new_frm_str], [], [found_all_libs=0]) AC_CHECK_LIB([ldns], [ldns_dname_new_frm_str], [], [found_all_libs=0])
if test $my_with_libidn = 1
then
AC_MSG_NOTICE([Checking for dependency libidn]) AC_MSG_NOTICE([Checking for dependency libidn])
AC_CHECK_LIB([idn], [idna_to_ascii_8z], [], [found_all_libs=0]) AC_CHECK_LIB([idn], [idna_to_ascii_8z], [], [found_all_libs=0])
fi
AC_CHECK_MEMBER([struct ldns_struct_dnssec_zone.hashed_names], AC_CHECK_MEMBER([struct ldns_struct_dnssec_zone.hashed_names],
[AC_DEFINE_UNQUOTED([LDNS_DNSSEC_ZONE_HASHED_NAMES], [1], [When defined ldns_dnssec_zone contained the hashed_names member.])], [], [[#include <ldns/ldns.h>]]) [AC_DEFINE_UNQUOTED([LDNS_DNSSEC_ZONE_HASHED_NAMES], [1], [When defined ldns_dnssec_zone contained the hashed_names member.])], [], [[#include <ldns/ldns.h>]])
if test $my_with_libunbound == 1 if test $my_with_libunbound = 1
then then
AC_MSG_NOTICE([Checking for dependency libunbound]) AC_MSG_NOTICE([Checking for dependency libunbound])
AC_CHECK_LIB([unbound], [ub_fd], [], [found_all_libs=0]) AC_CHECK_LIB([unbound], [ub_fd], [], [found_all_libs=0])
fi fi
if test $found_all_libs == 0 if test $found_all_libs = 0
then then
AC_MSG_ERROR([One more dependencies is missing]) AC_MSG_ERROR([One more dependencies is missing])
fi fi

View File

@ -1,527 +0,0 @@
#!/bin/sh
# install - install a program, script, or datafile
scriptversion=2011-11-20.07; # UTC
# This originates from X11R5 (mit/util/scripts/install.sh), which was
# later released in X11R6 (xc/config/util/install.sh) with the
# following copyright and license.
#
# Copyright (C) 1994 X Consortium
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
# AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNEC-
# TION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#
# Except as contained in this notice, the name of the X Consortium shall not
# be used in advertising or otherwise to promote the sale, use or other deal-
# ings in this Software without prior written authorization from the X Consor-
# tium.
#
#
# FSF changes to this file are in the public domain.
#
# Calling this script install-sh is preferred over install.sh, to prevent
# 'make' implicit rules from creating a file called install from it
# when there is no Makefile.
#
# This script is compatible with the BSD install script, but was written
# from scratch.
nl='
'
IFS=" "" $nl"
# set DOITPROG to echo to test this script
# Don't use :- since 4.3BSD and earlier shells don't like it.
doit=${DOITPROG-}
if test -z "$doit"; then
doit_exec=exec
else
doit_exec=$doit
fi
# Put in absolute file names if you don't have them in your path;
# or use environment vars.
chgrpprog=${CHGRPPROG-chgrp}
chmodprog=${CHMODPROG-chmod}
chownprog=${CHOWNPROG-chown}
cmpprog=${CMPPROG-cmp}
cpprog=${CPPROG-cp}
mkdirprog=${MKDIRPROG-mkdir}
mvprog=${MVPROG-mv}
rmprog=${RMPROG-rm}
stripprog=${STRIPPROG-strip}
posix_glob='?'
initialize_posix_glob='
test "$posix_glob" != "?" || {
if (set -f) 2>/dev/null; then
posix_glob=
else
posix_glob=:
fi
}
'
posix_mkdir=
# Desired mode of installed file.
mode=0755
chgrpcmd=
chmodcmd=$chmodprog
chowncmd=
mvcmd=$mvprog
rmcmd="$rmprog -f"
stripcmd=
src=
dst=
dir_arg=
dst_arg=
copy_on_change=false
no_target_directory=
usage="\
Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE
or: $0 [OPTION]... SRCFILES... DIRECTORY
or: $0 [OPTION]... -t DIRECTORY SRCFILES...
or: $0 [OPTION]... -d DIRECTORIES...
In the 1st form, copy SRCFILE to DSTFILE.
In the 2nd and 3rd, copy all SRCFILES to DIRECTORY.
In the 4th, create DIRECTORIES.
Options:
--help display this help and exit.
--version display version info and exit.
-c (ignored)
-C install only if different (preserve the last data modification time)
-d create directories instead of installing files.
-g GROUP $chgrpprog installed files to GROUP.
-m MODE $chmodprog installed files to MODE.
-o USER $chownprog installed files to USER.
-s $stripprog installed files.
-t DIRECTORY install into DIRECTORY.
-T report an error if DSTFILE is a directory.
Environment variables override the default commands:
CHGRPPROG CHMODPROG CHOWNPROG CMPPROG CPPROG MKDIRPROG MVPROG
RMPROG STRIPPROG
"
while test $# -ne 0; do
case $1 in
-c) ;;
-C) copy_on_change=true;;
-d) dir_arg=true;;
-g) chgrpcmd="$chgrpprog $2"
shift;;
--help) echo "$usage"; exit $?;;
-m) mode=$2
case $mode in
*' '* | *' '* | *'
'* | *'*'* | *'?'* | *'['*)
echo "$0: invalid mode: $mode" >&2
exit 1;;
esac
shift;;
-o) chowncmd="$chownprog $2"
shift;;
-s) stripcmd=$stripprog;;
-t) dst_arg=$2
# Protect names problematic for 'test' and other utilities.
case $dst_arg in
-* | [=\(\)!]) dst_arg=./$dst_arg;;
esac
shift;;
-T) no_target_directory=true;;
--version) echo "$0 $scriptversion"; exit $?;;
--) shift
break;;
-*) echo "$0: invalid option: $1" >&2
exit 1;;
*) break;;
esac
shift
done
if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then
# When -d is used, all remaining arguments are directories to create.
# When -t is used, the destination is already specified.
# Otherwise, the last argument is the destination. Remove it from $@.
for arg
do
if test -n "$dst_arg"; then
# $@ is not empty: it contains at least $arg.
set fnord "$@" "$dst_arg"
shift # fnord
fi
shift # arg
dst_arg=$arg
# Protect names problematic for 'test' and other utilities.
case $dst_arg in
-* | [=\(\)!]) dst_arg=./$dst_arg;;
esac
done
fi
if test $# -eq 0; then
if test -z "$dir_arg"; then
echo "$0: no input file specified." >&2
exit 1
fi
# It's OK to call 'install-sh -d' without argument.
# This can happen when creating conditional directories.
exit 0
fi
if test -z "$dir_arg"; then
do_exit='(exit $ret); exit $ret'
trap "ret=129; $do_exit" 1
trap "ret=130; $do_exit" 2
trap "ret=141; $do_exit" 13
trap "ret=143; $do_exit" 15
# Set umask so as not to create temps with too-generous modes.
# However, 'strip' requires both read and write access to temps.
case $mode in
# Optimize common cases.
*644) cp_umask=133;;
*755) cp_umask=22;;
*[0-7])
if test -z "$stripcmd"; then
u_plus_rw=
else
u_plus_rw='% 200'
fi
cp_umask=`expr '(' 777 - $mode % 1000 ')' $u_plus_rw`;;
*)
if test -z "$stripcmd"; then
u_plus_rw=
else
u_plus_rw=,u+rw
fi
cp_umask=$mode$u_plus_rw;;
esac
fi
for src
do
# Protect names problematic for 'test' and other utilities.
case $src in
-* | [=\(\)!]) src=./$src;;
esac
if test -n "$dir_arg"; then
dst=$src
dstdir=$dst
test -d "$dstdir"
dstdir_status=$?
else
# Waiting for this to be detected by the "$cpprog $src $dsttmp" command
# might cause directories to be created, which would be especially bad
# if $src (and thus $dsttmp) contains '*'.
if test ! -f "$src" && test ! -d "$src"; then
echo "$0: $src does not exist." >&2
exit 1
fi
if test -z "$dst_arg"; then
echo "$0: no destination specified." >&2
exit 1
fi
dst=$dst_arg
# If destination is a directory, append the input filename; won't work
# if double slashes aren't ignored.
if test -d "$dst"; then
if test -n "$no_target_directory"; then
echo "$0: $dst_arg: Is a directory" >&2
exit 1
fi
dstdir=$dst
dst=$dstdir/`basename "$src"`
dstdir_status=0
else
# Prefer dirname, but fall back on a substitute if dirname fails.
dstdir=`
(dirname "$dst") 2>/dev/null ||
expr X"$dst" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
X"$dst" : 'X\(//\)[^/]' \| \
X"$dst" : 'X\(//\)$' \| \
X"$dst" : 'X\(/\)' \| . 2>/dev/null ||
echo X"$dst" |
sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
s//\1/
q
}
/^X\(\/\/\)[^/].*/{
s//\1/
q
}
/^X\(\/\/\)$/{
s//\1/
q
}
/^X\(\/\).*/{
s//\1/
q
}
s/.*/./; q'
`
test -d "$dstdir"
dstdir_status=$?
fi
fi
obsolete_mkdir_used=false
if test $dstdir_status != 0; then
case $posix_mkdir in
'')
# Create intermediate dirs using mode 755 as modified by the umask.
# This is like FreeBSD 'install' as of 1997-10-28.
umask=`umask`
case $stripcmd.$umask in
# Optimize common cases.
*[2367][2367]) mkdir_umask=$umask;;
.*0[02][02] | .[02][02] | .[02]) mkdir_umask=22;;
*[0-7])
mkdir_umask=`expr $umask + 22 \
- $umask % 100 % 40 + $umask % 20 \
- $umask % 10 % 4 + $umask % 2
`;;
*) mkdir_umask=$umask,go-w;;
esac
# With -d, create the new directory with the user-specified mode.
# Otherwise, rely on $mkdir_umask.
if test -n "$dir_arg"; then
mkdir_mode=-m$mode
else
mkdir_mode=
fi
posix_mkdir=false
case $umask in
*[123567][0-7][0-7])
# POSIX mkdir -p sets u+wx bits regardless of umask, which
# is incompatible with FreeBSD 'install' when (umask & 300) != 0.
;;
*)
tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$
trap 'ret=$?; rmdir "$tmpdir/d" "$tmpdir" 2>/dev/null; exit $ret' 0
if (umask $mkdir_umask &&
exec $mkdirprog $mkdir_mode -p -- "$tmpdir/d") >/dev/null 2>&1
then
if test -z "$dir_arg" || {
# Check for POSIX incompatibilities with -m.
# HP-UX 11.23 and IRIX 6.5 mkdir -m -p sets group- or
# other-writable bit of parent directory when it shouldn't.
# FreeBSD 6.1 mkdir -m -p sets mode of existing directory.
ls_ld_tmpdir=`ls -ld "$tmpdir"`
case $ls_ld_tmpdir in
d????-?r-*) different_mode=700;;
d????-?--*) different_mode=755;;
*) false;;
esac &&
$mkdirprog -m$different_mode -p -- "$tmpdir" && {
ls_ld_tmpdir_1=`ls -ld "$tmpdir"`
test "$ls_ld_tmpdir" = "$ls_ld_tmpdir_1"
}
}
then posix_mkdir=:
fi
rmdir "$tmpdir/d" "$tmpdir"
else
# Remove any dirs left behind by ancient mkdir implementations.
rmdir ./$mkdir_mode ./-p ./-- 2>/dev/null
fi
trap '' 0;;
esac;;
esac
if
$posix_mkdir && (
umask $mkdir_umask &&
$doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir"
)
then :
else
# The umask is ridiculous, or mkdir does not conform to POSIX,
# or it failed possibly due to a race condition. Create the
# directory the slow way, step by step, checking for races as we go.
case $dstdir in
/*) prefix='/';;
[-=\(\)!]*) prefix='./';;
*) prefix='';;
esac
eval "$initialize_posix_glob"
oIFS=$IFS
IFS=/
$posix_glob set -f
set fnord $dstdir
shift
$posix_glob set +f
IFS=$oIFS
prefixes=
for d
do
test X"$d" = X && continue
prefix=$prefix$d
if test -d "$prefix"; then
prefixes=
else
if $posix_mkdir; then
(umask=$mkdir_umask &&
$doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir") && break
# Don't fail if two instances are running concurrently.
test -d "$prefix" || exit 1
else
case $prefix in
*\'*) qprefix=`echo "$prefix" | sed "s/'/'\\\\\\\\''/g"`;;
*) qprefix=$prefix;;
esac
prefixes="$prefixes '$qprefix'"
fi
fi
prefix=$prefix/
done
if test -n "$prefixes"; then
# Don't fail if two instances are running concurrently.
(umask $mkdir_umask &&
eval "\$doit_exec \$mkdirprog $prefixes") ||
test -d "$dstdir" || exit 1
obsolete_mkdir_used=true
fi
fi
fi
if test -n "$dir_arg"; then
{ test -z "$chowncmd" || $doit $chowncmd "$dst"; } &&
{ test -z "$chgrpcmd" || $doit $chgrpcmd "$dst"; } &&
{ test "$obsolete_mkdir_used$chowncmd$chgrpcmd" = false ||
test -z "$chmodcmd" || $doit $chmodcmd $mode "$dst"; } || exit 1
else
# Make a couple of temp file names in the proper directory.
dsttmp=$dstdir/_inst.$$_
rmtmp=$dstdir/_rm.$$_
# Trap to clean up those temp files at exit.
trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0
# Copy the file name to the temp name.
(umask $cp_umask && $doit_exec $cpprog "$src" "$dsttmp") &&
# and set any options; do chmod last to preserve setuid bits.
#
# If any of these fail, we abort the whole thing. If we want to
# ignore errors from any of these, just make sure not to ignore
# errors from the above "$doit $cpprog $src $dsttmp" command.
#
{ test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } &&
{ test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } &&
{ test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } &&
{ test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } &&
# If -C, don't bother to copy if it wouldn't change the file.
if $copy_on_change &&
old=`LC_ALL=C ls -dlL "$dst" 2>/dev/null` &&
new=`LC_ALL=C ls -dlL "$dsttmp" 2>/dev/null` &&
eval "$initialize_posix_glob" &&
$posix_glob set -f &&
set X $old && old=:$2:$4:$5:$6 &&
set X $new && new=:$2:$4:$5:$6 &&
$posix_glob set +f &&
test "$old" = "$new" &&
$cmpprog "$dst" "$dsttmp" >/dev/null 2>&1
then
rm -f "$dsttmp"
else
# Rename the file to the real destination.
$doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null ||
# The rename failed, perhaps because mv can't rename something else
# to itself, or perhaps because mv is so ancient that it does not
# support -f.
{
# Now remove or move aside any old file at destination location.
# We try this two ways since rm can't unlink itself on some
# systems and the destination file might be busy for other
# reasons. In this case, the final cleanup might fail but the new
# file should still install successfully.
{
test ! -f "$dst" ||
$doit $rmcmd -f "$dst" 2>/dev/null ||
{ $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null &&
{ $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; }
} ||
{ echo "$0: cannot unlink or rename $dst" >&2
(exit 1); exit 1
}
} &&
# Now rename the file to the real destination.
$doit $mvcmd "$dsttmp" "$dst"
}
fi || exit 1
trap '' 0
fi
done
# Local variables:
# eval: (add-hook 'write-file-hooks 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
# time-stamp-time-zone: "UTC"
# time-stamp-end: "; # UTC"
# End:

View File

@ -105,9 +105,8 @@ AC_DEFUN([ACX_SSL_CHECKS], [
AC_CHECK_HEADERS([openssl/ssl.h],,, [AC_INCLUDES_DEFAULT]) AC_CHECK_HEADERS([openssl/ssl.h],,, [AC_INCLUDES_DEFAULT])
AC_CHECK_HEADERS([openssl/err.h],,, [AC_INCLUDES_DEFAULT]) AC_CHECK_HEADERS([openssl/err.h],,, [AC_INCLUDES_DEFAULT])
AC_CHECK_HEADERS([openssl/rand.h],,, [AC_INCLUDES_DEFAULT]) AC_CHECK_HEADERS([openssl/rand.h],,, [AC_INCLUDES_DEFAULT])
dnl Authentication now requires 1.0.2, which supports TLSv1.2 AC_CHECK_LIB(ssl, TLSv1_2_client_method,AC_DEFINE([HAVE_LIBTLS1_2], [1],
AC_CHECK_LIB(ssl, SSL_CTX_get0_param,AC_DEFINE([HAVE_LIBSSL_102], [1], [Define if you have libssl with tls 1.2]),[AC_MSG_WARN([Cannot find TLSv1_2_client_method in libssl library. TLS will not be available.])])
[Define if you have libssl 1.0.2 or later]),[AC_MSG_WARN([libssl 1.0.2 or higher is required for TLS authentication. TLS will not be available.])])
])dnl End of ACX_SSL_CHECKS ])dnl End of ACX_SSL_CHECKS
dnl Check for SSL, where SSL is mandatory dnl Check for SSL, where SSL is mandatory

10074
ranlib

File diff suppressed because it is too large Load Diff

View File

@ -2209,9 +2209,7 @@ getdns_context_set_dns_transport_list(
<p class=cont>The <code>transports</code> array contains an ordered list of transports that will be used for DNS lookups. <p class=cont>The <code>transports</code> array contains an ordered list of transports that will be used for DNS lookups.
If only one transport value is specified it will be the only transport used. If only one transport value is specified it will be the only transport used.
Should it not be available basic resolution will fail. Should it not be available basic resolution will fail.
Fallback transport options are specified by including multiple values in the list. Currently the TLS and STARTTLS options Fallback transport options are specified by including multiple values in the list.
perform Strict TLS which requires a hostname to be
specified so that authentication can be performed. This hostname can be specified in the tls_auth_name parameter for an upstream.
The values are <span class=default> The values are <span class=default>
<code>GETDNS_TRANSPORT_UDP</code></span>, <code>GETDNS_TRANSPORT_UDP</code></span>,
<code>GETDNS_TRANSPORT_TCP</code>, <code>GETDNS_TRANSPORT_TCP</code>,

View File

@ -226,11 +226,11 @@ context.lo context.o: $(srcdir)/context.c config.h $(srcdir)/gldns/str2wire.h $(
config.h $(srcdir)/util/mini_event.h $(srcdir)/util/rbtree.h $(srcdir)/types-internal.h \ config.h $(srcdir)/util/mini_event.h $(srcdir)/util/rbtree.h $(srcdir)/types-internal.h \
$(srcdir)/util-internal.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h \ $(srcdir)/util-internal.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h \
$(srcdir)/dnssec.h $(srcdir)/stub.h $(srcdir)/list.h $(srcdir)/dnssec.h $(srcdir)/stub.h $(srcdir)/list.h
convert.lo convert.o: $(srcdir)/convert.c getdns/getdns.h getdns/getdns_extra.h \ convert.lo convert.o: $(srcdir)/convert.c config.h getdns/getdns.h getdns/getdns_extra.h \
getdns/getdns.h $(srcdir)/util-internal.h config.h $(srcdir)/context.h $(srcdir)/types-internal.h \ getdns/getdns.h $(srcdir)/util-internal.h $(srcdir)/context.h $(srcdir)/types-internal.h $(srcdir)/util/rbtree.h \
$(srcdir)/util/rbtree.h $(srcdir)/extension/libmini_event.h config.h $(srcdir)/util/mini_event.h \ $(srcdir)/extension/libmini_event.h config.h $(srcdir)/util/mini_event.h $(srcdir)/util/rbtree.h \
$(srcdir)/util/rbtree.h $(srcdir)/types-internal.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h \ $(srcdir)/types-internal.h $(srcdir)/rr-iter.h $(srcdir)/rr-dict.h $(srcdir)/gldns/gbuffer.h $(srcdir)/gldns/pkthdr.h \
$(srcdir)/gldns/pkthdr.h $(srcdir)/gldns/wire2str.h $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h $(srcdir)/gldns/wire2str.h $(srcdir)/gldns/str2wire.h $(srcdir)/gldns/rrdef.h
dict.lo dict.o: $(srcdir)/dict.c $(srcdir)/types-internal.h getdns/getdns.h getdns/getdns_extra.h \ dict.lo dict.o: $(srcdir)/dict.c $(srcdir)/types-internal.h getdns/getdns.h getdns/getdns_extra.h \
getdns/getdns.h $(srcdir)/util/rbtree.h $(srcdir)/util-internal.h config.h $(srcdir)/context.h \ getdns/getdns.h $(srcdir)/util/rbtree.h $(srcdir)/util-internal.h config.h $(srcdir)/context.h \
$(srcdir)/extension/libmini_event.h config.h $(srcdir)/util/mini_event.h $(srcdir)/util/rbtree.h \ $(srcdir)/extension/libmini_event.h config.h $(srcdir)/util/mini_event.h $(srcdir)/util/rbtree.h \

View File

@ -579,27 +579,6 @@ _getdns_upstream_shutdown(getdns_upstream *upstream)
close(fd); close(fd);
} }
static int
tls_is_in_transports_list(getdns_context *context) {
for (int i=0; i< context->dns_transport_count;i++) {
if (context->dns_transports[i] == GETDNS_TRANSPORT_TLS ||
context->dns_transports[i] == GETDNS_TRANSPORT_STARTTLS)
return 1;
}
return 0;
}
static int
tls_only_is_in_transports_list(getdns_context *context) {
if (context->dns_transport_count != 1)
return 0;
if (context->dns_transports[0] == GETDNS_TRANSPORT_TLS ||
context->dns_transports[0] == GETDNS_TRANSPORT_STARTTLS)
return 1;
return 0;
}
static int static int
net_req_query_id_cmp(const void *id1, const void *id2) net_req_query_id_cmp(const void *id1, const void *id2)
{ {
@ -627,7 +606,6 @@ upstream_init(getdns_upstream *upstream,
upstream->starttls_req = NULL; upstream->starttls_req = NULL;
upstream->transport = GETDNS_TRANSPORT_TCP; upstream->transport = GETDNS_TRANSPORT_TCP;
upstream->tls_hs_state = GETDNS_HS_NONE; upstream->tls_hs_state = GETDNS_HS_NONE;
upstream->tls_auth_name[0] = '\0';
upstream->tcp.write_error = 0; upstream->tcp.write_error = 0;
upstream->loop = NULL; upstream->loop = NULL;
(void) getdns_eventloop_event_init( (void) getdns_eventloop_event_init(
@ -653,7 +631,6 @@ set_os_defaults(struct getdns_context *context)
char line[1024], domain[1024]; char line[1024], domain[1024];
char *parse, *token, prev_ch; char *parse, *token, prev_ch;
size_t upstreams_limit = 10, length; size_t upstreams_limit = 10, length;
struct getdns_bindata bindata;
struct addrinfo hints; struct addrinfo hints;
struct addrinfo *result; struct addrinfo *result;
getdns_upstream *upstream; getdns_upstream *upstream;
@ -711,12 +688,7 @@ set_os_defaults(struct getdns_context *context)
prev_ch = *token; prev_ch = *token;
*token = 0; *token = 0;
bindata.data = (uint8_t *)parse; _getdns_list_append_string(context->suffix, parse);
bindata.size = strlen(parse) + 1;
(void) getdns_list_get_length(
context->suffix, &length);
(void) getdns_list_set_bindata(
context->suffix, length, &bindata);
*token = prev_ch; *token = prev_ch;
parse = token; parse = token;
@ -753,11 +725,8 @@ set_os_defaults(struct getdns_context *context)
fclose(in); fclose(in);
(void) getdns_list_get_length(context->suffix, &length); (void) getdns_list_get_length(context->suffix, &length);
if (length == 0 && *domain != 0) { if (length == 0 && *domain != 0)
bindata.data = (uint8_t *)domain; _getdns_list_append_string(context->suffix, domain);
bindata.size = strlen(domain) + 1;
(void) getdns_list_set_bindata(context->suffix, 0, &bindata);
}
return GETDNS_RETURN_GOOD; return GETDNS_RETURN_GOOD;
} /* set_os_defaults */ } /* set_os_defaults */
@ -846,7 +815,11 @@ getdns_context_create_with_extended_memory_functions(
_getdns_rbtree_init(&result->outbound_requests, transaction_id_cmp); _getdns_rbtree_init(&result->outbound_requests, transaction_id_cmp);
_getdns_rbtree_init(&result->local_hosts, local_host_cmp); _getdns_rbtree_init(&result->local_hosts, local_host_cmp);
#ifdef HAVE_LIBUNBOUND
result->resolution_type = GETDNS_RESOLUTION_RECURSING; result->resolution_type = GETDNS_RESOLUTION_RECURSING;
#else
result->resolution_type = GETDNS_RESOLUTION_STUB;
#endif
if ((r = create_default_namespaces(result))) if ((r = create_default_namespaces(result)))
goto error; goto error;
@ -978,7 +951,6 @@ getdns_context_destroy(struct getdns_context *context)
return; return;
context->destroying = 1; context->destroying = 1;
context->processing = 1;
/* cancel all outstanding requests */ /* cancel all outstanding requests */
cancel_outstanding_requests(context, 1); cancel_outstanding_requests(context, 1);
@ -993,7 +965,6 @@ getdns_context_destroy(struct getdns_context *context)
ub_ctx_delete(context->unbound_ctx); ub_ctx_delete(context->unbound_ctx);
#endif #endif
context->processing = 0;
context->extension->vmt->cleanup(context->extension); context->extension->vmt->cleanup(context->extension);
if (context->namespaces) if (context->namespaces)
@ -1117,10 +1088,8 @@ _getdns_context_ub_read_cb(void *userarg)
* (with context->extension->vmt->run*), because we are already * (with context->extension->vmt->run*), because we are already
* called from a running eventloop. * called from a running eventloop.
*/ */
context->processing = 1;
if (ub_poll(context->unbound_ctx)) if (ub_poll(context->unbound_ctx))
(void) ub_process(context->unbound_ctx); (void) ub_process(context->unbound_ctx);
context->processing = 0;
/* No need to handle timeouts. They are handled by the extension. */ /* No need to handle timeouts. They are handled by the extension. */
@ -1137,6 +1106,7 @@ rebuild_ub_ctx(struct getdns_context* context) {
} }
/* setup */ /* setup */
context->unbound_ctx = ub_ctx_create(); context->unbound_ctx = ub_ctx_create();
(void) ub_ctx_async(context->unbound_ctx, 1)
context->unbound_ta_set = 0; context->unbound_ta_set = 0;
if (!context->unbound_ctx) { if (!context->unbound_ctx) {
return GETDNS_RETURN_MEMORY_ERROR; return GETDNS_RETURN_MEMORY_ERROR;
@ -1249,20 +1219,14 @@ getdns_set_base_dns_transports(
if (!context || transport_count == 0 || transports == NULL) if (!context || transport_count == 0 || transports == NULL)
return GETDNS_RETURN_INVALID_PARAMETER; return GETDNS_RETURN_INVALID_PARAMETER;
/* Check for valid transports and that they are used only once*/
int u=0,t=0,l=0,s=0;
for(i=0; i<transport_count; i++) for(i=0; i<transport_count; i++)
{ {
switch (transports[i]) { if( transports[i] != GETDNS_TRANSPORT_UDP
case GETDNS_TRANSPORT_UDP: u++; break; && transports[i] != GETDNS_TRANSPORT_TCP
case GETDNS_TRANSPORT_TCP: t++; break; && transports[i] != GETDNS_TRANSPORT_TLS
case GETDNS_TRANSPORT_TLS: l++; break; && transports[i] != GETDNS_TRANSPORT_STARTTLS)
case GETDNS_TRANSPORT_STARTTLS: s++; break;
default: return GETDNS_RETURN_INVALID_PARAMETER;
}
}
if ( u>1 || t>1 || l>1 || s>1)
return GETDNS_RETURN_INVALID_PARAMETER; return GETDNS_RETURN_INVALID_PARAMETER;
}
if (!(new_transports = GETDNS_XMALLOC(context->my_mf, if (!(new_transports = GETDNS_XMALLOC(context->my_mf,
getdns_transport_list_t, transport_count))) getdns_transport_list_t, transport_count)))
@ -1701,7 +1665,6 @@ getdns_context_set_upstream_recursive_servers(struct getdns_context *context,
getdns_dict *dict; getdns_dict *dict;
getdns_bindata *address_type; getdns_bindata *address_type;
getdns_bindata *address_data; getdns_bindata *address_data;
getdns_bindata *tls_auth_name;
struct sockaddr_storage addr; struct sockaddr_storage addr;
getdns_bindata *scope_id; getdns_bindata *scope_id;
@ -1775,17 +1738,6 @@ getdns_context_set_upstream_recursive_servers(struct getdns_context *context,
upstream->addr.ss_family = addr.ss_family; upstream->addr.ss_family = addr.ss_family;
upstream_init(upstream, upstreams, ai); upstream_init(upstream, upstreams, ai);
upstream->transport = getdns_upstream_transports[j]; upstream->transport = getdns_upstream_transports[j];
if (getdns_upstream_transports[j] == GETDNS_TRANSPORT_TLS ||
getdns_upstream_transports[j] == GETDNS_TRANSPORT_STARTTLS) {
if ((r = getdns_dict_get_bindata(
dict, "tls_auth_name", &tls_auth_name)) == GETDNS_RETURN_GOOD) {
/*TODO: VALIDATE THIS STRING!*/
memcpy(upstream->tls_auth_name,
(char *)tls_auth_name->data,
tls_auth_name->size);
upstream->tls_auth_name[tls_auth_name->size] = '\0';
}
}
upstreams->count++; upstreams->count++;
freeaddrinfo(ai); freeaddrinfo(ai);
} }
@ -1970,9 +1922,12 @@ _getdns_context_cancel_request(getdns_context *context,
/* do the cancel */ /* do the cancel */
cancel_dns_req(dnsreq); cancel_dns_req(dnsreq);
if (fire_callback) if (fire_callback) {
context->processing = 1;
dnsreq->user_callback(context, GETDNS_CALLBACK_CANCEL, dnsreq->user_callback(context, GETDNS_CALLBACK_CANCEL,
NULL, dnsreq->user_pointer, transaction_id); NULL, dnsreq->user_pointer, transaction_id);
context->processing = 0;
}
/* clean up */ /* clean up */
_getdns_dns_req_free(dnsreq); _getdns_dns_req_free(dnsreq);
@ -1990,9 +1945,7 @@ getdns_cancel_callback(getdns_context *context,
if (!context) if (!context)
return GETDNS_RETURN_INVALID_PARAMETER; return GETDNS_RETURN_INVALID_PARAMETER;
context->processing = 1;
getdns_return_t r = _getdns_context_cancel_request(context, transaction_id, 1); getdns_return_t r = _getdns_context_cancel_request(context, transaction_id, 1);
context->processing = 0;
getdns_context_request_count_changed(context); getdns_context_request_count_changed(context);
return r; return r;
} /* getdns_cancel_callback */ } /* getdns_cancel_callback */
@ -2181,24 +2134,23 @@ _getdns_context_prepare_for_resolution(struct getdns_context *context,
/* Transport can in theory be set per query in stub mode */ /* Transport can in theory be set per query in stub mode */
if (context->resolution_type == GETDNS_RESOLUTION_STUB) { if (context->resolution_type == GETDNS_RESOLUTION_STUB) {
if (tls_is_in_transports_list(context) == 1 && /*TODO[TLS]: Check if TLS is in the list of transports.*/
context->tls_ctx == NULL) { if (context->tls_ctx == NULL) {
#ifdef HAVE_LIBSSL_102 #ifdef HAVE_LIBTLS1_2
/* Create client context, use TLS v1.2 only for now */ /* Create client context, use TLS v1.2 only for now */
context->tls_ctx = SSL_CTX_new(TLSv1_2_client_method()); context->tls_ctx = SSL_CTX_new(TLSv1_2_client_method());
#endif #endif
if(context->tls_ctx == NULL) if(context->tls_ctx == NULL)
return GETDNS_RETURN_BAD_CONTEXT; return GETDNS_RETURN_BAD_CONTEXT;
SSL_CTX_set_verify(context->tls_ctx, SSL_VERIFY_PEER, NULL);
if (!SSL_CTX_set_default_verify_paths(context->tls_ctx))
return GETDNS_RETURN_BAD_CONTEXT;
} }
} }
/* Block use of STARTTLS/TLS ONLY in recursive mode as it won't work */ /* Block use of STARTTLS/TLS ONLY in recursive mode as it won't work */
/* Note: If TLS is used in recursive mode this will try TLS on port /* Note: If TLS is used in recursive mode this will try TLS on port
* 53 so it is blocked here. So is 'STARTTLS only' at the moment. */ * 53 so it is blocked here. So is STARTTLS only at the moment. */
if (context->resolution_type == GETDNS_RESOLUTION_RECURSING && if (context->resolution_type == GETDNS_RESOLUTION_RECURSING &&
tls_only_is_in_transports_list(context) == 1) context->dns_transport_count == 1 &&
(context->dns_transports[0] == GETDNS_TRANSPORT_TLS ||
context->dns_transports[0] == GETDNS_TRANSPORT_STARTTLS))
return GETDNS_RETURN_BAD_CONTEXT; return GETDNS_RETURN_BAD_CONTEXT;
if (context->resolution_type_set == context->resolution_type) if (context->resolution_type_set == context->resolution_type)
@ -2268,7 +2220,7 @@ _getdns_context_clear_outbound_request(getdns_dns_req *dnsreq)
} }
getdns_return_t getdns_return_t
_getdns_context_request_timed_out(struct getdns_dns_req *req) _getdns_context_request_timed_out(getdns_dns_req *req)
{ {
/* Don't use req after callback */ /* Don't use req after callback */
getdns_context* context = req->context; getdns_context* context = req->context;
@ -2367,13 +2319,10 @@ getdns_context_process_async(struct getdns_context* context)
RETURN_IF_NULL(context, GETDNS_RETURN_INVALID_PARAMETER); RETURN_IF_NULL(context, GETDNS_RETURN_INVALID_PARAMETER);
#ifdef HAVE_LIBUNBOUND #ifdef HAVE_LIBUNBOUND
context->processing = 1;
if (ub_poll(context->unbound_ctx) && ub_process(context->unbound_ctx)){ if (ub_poll(context->unbound_ctx) && ub_process(context->unbound_ctx)){
/* need an async return code? */ /* need an async return code? */
context->processing = 0;
return GETDNS_RETURN_GENERIC_ERROR; return GETDNS_RETURN_GENERIC_ERROR;
} }
context->processing = 0;
#endif #endif
context->extension->vmt->run_once(context->extension, 0); context->extension->vmt->run_once(context->extension, 0);
@ -2427,10 +2376,8 @@ getdns_context_detach_eventloop(struct getdns_context* context)
* ( because callbacks occur in cancel_outstanding_requests, * ( because callbacks occur in cancel_outstanding_requests,
* and they may destroy the context ) * and they may destroy the context )
*/ */
context->processing = 1;
/* cancel all outstanding requests */ /* cancel all outstanding requests */
cancel_outstanding_requests(context, 1); cancel_outstanding_requests(context, 1);
context->processing = 0;
context->extension->vmt->cleanup(context->extension); context->extension->vmt->cleanup(context->extension);
context->extension = &context->mini_event.loop; context->extension = &context->mini_event.loop;
return _getdns_mini_event_init(context, &context->mini_event); return _getdns_mini_event_init(context, &context->mini_event);
@ -2459,7 +2406,7 @@ upstream_port(getdns_upstream *upstream)
} }
static getdns_dict* static getdns_dict*
priv_get_context_settings(getdns_context* context) { _get_context_settings(getdns_context* context) {
getdns_return_t r = GETDNS_RETURN_GOOD; getdns_return_t r = GETDNS_RETURN_GOOD;
getdns_dict* result = getdns_dict_create_with_context(context); getdns_dict* result = getdns_dict_create_with_context(context);
if (!result) { if (!result) {
@ -2551,7 +2498,7 @@ getdns_context_get_api_information(getdns_context* context) {
r = getdns_dict_util_set_string(result, "version_string", PACKAGE_VERSION); r = getdns_dict_util_set_string(result, "version_string", PACKAGE_VERSION);
r |= getdns_dict_util_set_string(result, "implementation_string", PACKAGE_URL); r |= getdns_dict_util_set_string(result, "implementation_string", PACKAGE_URL);
r |= getdns_dict_set_int(result, "resolution_type", context->resolution_type); r |= getdns_dict_set_int(result, "resolution_type", context->resolution_type);
settings = priv_get_context_settings(context); settings = _get_context_settings(context);
r |= getdns_dict_set_dict(result, "all_context", settings); r |= getdns_dict_set_dict(result, "all_context", settings);
getdns_dict_destroy(settings); getdns_dict_destroy(settings);
if (r != GETDNS_RETURN_GOOD) { if (r != GETDNS_RETURN_GOOD) {

View File

@ -101,7 +101,6 @@ typedef struct getdns_upstream {
getdns_eventloop_event event; getdns_eventloop_event event;
getdns_eventloop *loop; getdns_eventloop *loop;
getdns_tcp_state tcp; getdns_tcp_state tcp;
char tls_auth_name[256];
/* Pipelining of TCP network requests */ /* Pipelining of TCP network requests */
getdns_network_req *write_queue; getdns_network_req *write_queue;

View File

@ -37,7 +37,10 @@
#include <arpa/inet.h> #include <arpa/inet.h>
#include <locale.h> #include <locale.h>
#include <stringprep.h> #include <stringprep.h>
#include "config.h"
#ifdef HAVE_LIBIDN
#include <idna.h> #include <idna.h>
#endif
#include "getdns/getdns.h" #include "getdns/getdns.h"
#include "getdns/getdns_extra.h" #include "getdns/getdns_extra.h"
#include "util-internal.h" #include "util-internal.h"
@ -102,6 +105,7 @@ getdns_convert_fqdn_to_dns_name(
char * char *
getdns_convert_ulabel_to_alabel(const char *ulabel) getdns_convert_ulabel_to_alabel(const char *ulabel)
{ {
#ifdef HAVE_LIBIDN
int ret; int ret;
char *buf; char *buf;
char *prepped; char *prepped;
@ -139,6 +143,9 @@ getdns_convert_ulabel_to_alabel(const char *ulabel)
} }
free(prepped2); free(prepped2);
return buf; return buf;
#else
return NULL;
#endif
} }
/*---------------------------------------- getdns_convert_alabel_to_ulabel */ /*---------------------------------------- getdns_convert_alabel_to_ulabel */
@ -155,6 +162,7 @@ getdns_convert_ulabel_to_alabel(const char *ulabel)
char * char *
getdns_convert_alabel_to_ulabel(const char *alabel) getdns_convert_alabel_to_ulabel(const char *alabel)
{ {
#ifdef HAVE_LIBIDN
int ret; /* just in case we might want to use it someday */ int ret; /* just in case we might want to use it someday */
char *buf; char *buf;
@ -164,6 +172,9 @@ getdns_convert_alabel_to_ulabel(const char *alabel)
return NULL; return NULL;
} }
return buf; return buf;
#else
return NULL;
#endif
} }

View File

@ -65,9 +65,11 @@ void _getdns_call_user_callback(getdns_dns_req *dns_req,
_getdns_context_clear_outbound_request(dns_req); _getdns_context_clear_outbound_request(dns_req);
_getdns_dns_req_free(dns_req); _getdns_dns_req_free(dns_req);
context->processing = 1;
cb(context, cb(context,
(response ? GETDNS_CALLBACK_COMPLETE : GETDNS_CALLBACK_ERROR), (response ? GETDNS_CALLBACK_COMPLETE : GETDNS_CALLBACK_ERROR),
response, user_arg, trans_id); response, user_arg, trans_id);
context->processing = 0;
} }
void void

View File

@ -138,40 +138,12 @@ getdns_list_get_int(const struct getdns_list * list, size_t index,
return GETDNS_RETURN_GOOD; return GETDNS_RETURN_GOOD;
} /* getdns_list_get_int */ } /* getdns_list_get_int */
/*---------------------------------------- getdns_list_realloc */
/**
* private function (API users should not be calling this)
* allocates a block of items, should be called when a list needs to grow
* preserves the existing items
* in case of an error the list should be considered unusable
* @return GETDNS_RETURN_GOOD on success, GETDNS_RETURN_GENERIC_ERROR if out of memory
*/
static getdns_return_t
getdns_list_realloc(struct getdns_list *list)
{
struct getdns_list_item *newlist;
if (!list)
return GETDNS_RETURN_INVALID_PARAMETER;
newlist = GETDNS_XREALLOC(list->mf, list->items,
struct getdns_list_item,
list->numalloc + GETDNS_LIST_BLOCKSZ);
if (!newlist)
return GETDNS_RETURN_GENERIC_ERROR;
list->items = newlist;
list->numalloc += GETDNS_LIST_BLOCKSZ;
return GETDNS_RETURN_GOOD;
} /* getdns_list_realloc */
/*---------------------------------------- _getdns_list_copy */ /*---------------------------------------- _getdns_list_copy */
getdns_return_t getdns_return_t
_getdns_list_copy(const struct getdns_list * srclist, _getdns_list_copy(const struct getdns_list * srclist,
struct getdns_list ** dstlist) struct getdns_list ** dstlist)
{ {
int i; int i;
size_t index;
getdns_return_t retval; getdns_return_t retval;
if (!dstlist) if (!dstlist)
@ -191,30 +163,24 @@ _getdns_list_copy(const struct getdns_list * srclist,
return GETDNS_RETURN_GENERIC_ERROR; return GETDNS_RETURN_GENERIC_ERROR;
for (i = 0; i < srclist->numinuse; i++) { for (i = 0; i < srclist->numinuse; i++) {
retval = _getdns_list_add_item(*dstlist, &index);
if (retval != GETDNS_RETURN_GOOD) {
getdns_list_destroy(*dstlist);
*dstlist = NULL;
return retval;
}
switch (srclist->items[i].dtype) { switch (srclist->items[i].dtype) {
case t_int: case t_int:
retval = getdns_list_set_int(*dstlist, index, retval = _getdns_list_append_int(*dstlist,
srclist->items[i].data.n); srclist->items[i].data.n);
break; break;
case t_list: case t_list:
retval =getdns_list_set_list(*dstlist, index, retval = _getdns_list_append_list(*dstlist,
srclist->items[i].data.list); srclist->items[i].data.list);
break; break;
case t_bindata: case t_bindata:
retval = getdns_list_set_bindata(*dstlist, index, retval = _getdns_list_append_bindata(*dstlist,
srclist->items[i].data.bindata); srclist->items[i].data.bindata);
break; break;
case t_dict: case t_dict:
retval = getdns_list_set_dict(*dstlist, index, retval = _getdns_list_append_dict(*dstlist,
srclist->items[i].data.dict); srclist->items[i].data.dict);
break; break;
} }
@ -254,13 +220,13 @@ getdns_list_create_with_extended_memory_functions(
list->mf.mf.ext.realloc = realloc; list->mf.mf.ext.realloc = realloc;
list->mf.mf.ext.free = free; list->mf.mf.ext.free = free;
list->numalloc = 0;
list->numinuse = 0; list->numinuse = 0;
list->items = NULL; if (!(list->items = GETDNS_XMALLOC(
if (getdns_list_realloc(list) != GETDNS_RETURN_GOOD) { list->mf, struct getdns_list_item, GETDNS_LIST_BLOCKSZ))) {
getdns_list_destroy(list); GETDNS_FREE(list->mf, list);
return NULL; return NULL;
} }
list->numalloc = GETDNS_LIST_BLOCKSZ;
return list; return list;
} }
@ -301,7 +267,7 @@ getdns_list_create()
} /* getdns_list_create */ } /* getdns_list_create */
static void static void
getdns_list_destroy_item(struct getdns_list *list, size_t index) _getdns_list_destroy_item(struct getdns_list *list, size_t index)
{ {
switch (list->items[index].dtype) { switch (list->items[index].dtype) {
case t_dict: case t_dict:
@ -316,7 +282,6 @@ getdns_list_destroy_item(struct getdns_list *list, size_t index)
_getdns_bindata_destroy(&list->mf, _getdns_bindata_destroy(&list->mf,
list->items[index].data.bindata); list->items[index].data.bindata);
break; break;
default: default:
break; break;
} }
@ -332,61 +297,63 @@ getdns_list_destroy(struct getdns_list *list)
return; return;
for (i = 0; i < list->numinuse; i++) for (i = 0; i < list->numinuse; i++)
getdns_list_destroy_item(list, i); _getdns_list_destroy_item(list, i);
if (list->items) if (list->items)
GETDNS_FREE(list->mf, list->items); GETDNS_FREE(list->mf, list->items);
GETDNS_FREE(list->mf, list); GETDNS_FREE(list->mf, list);
} /* getdns_list_destroy */ } /* getdns_list_destroy */
/*---------------------------------------- _getdns_list_add_item */
getdns_return_t static getdns_return_t
_getdns_list_add_item(struct getdns_list *list, size_t * index) _getdns_list_request_index(getdns_list *list, size_t index)
{ {
getdns_return_t retval; struct getdns_list_item *newlist;
if (!list || !index) assert(list);
return GETDNS_RETURN_INVALID_PARAMETER;
if (list->numalloc == list->numinuse) {
retval = getdns_list_realloc(list);
if (retval != GETDNS_RETURN_GOOD)
return retval;
}
*index = list->numinuse;
list->items[*index].dtype = t_int;
list->items[*index].data.n = 0;
list->numinuse++;
return GETDNS_RETURN_GOOD;
} /* _getdns_list_add_item */
/*---------------------------------------- getdns_list_set_dict */
getdns_return_t
getdns_list_set_dict(struct getdns_list * list, size_t index,
const struct getdns_dict * child_dict)
{
struct getdns_dict *newdict;
getdns_return_t retval;
if (!list || !child_dict)
return GETDNS_RETURN_INVALID_PARAMETER;
if (index > list->numinuse) if (index > list->numinuse)
return GETDNS_RETURN_NO_SUCH_LIST_ITEM; return GETDNS_RETURN_NO_SUCH_LIST_ITEM;
retval = _getdns_dict_copy(child_dict, &newdict); if (index < list->numinuse) {
if (retval != GETDNS_RETURN_GOOD) _getdns_list_destroy_item(list, index);
return retval; return GETDNS_RETURN_GOOD;
if (index == list->numinuse) {
retval = _getdns_list_add_item(list, &index);
if (retval != GETDNS_RETURN_GOOD) {
getdns_dict_destroy(newdict);
return retval;
} }
} else if (list->numalloc > list->numinuse) {
getdns_list_destroy_item(list, index); list->numinuse++;
return GETDNS_RETURN_GOOD;
}
if (!(newlist = GETDNS_XREALLOC(list->mf, list->items,
struct getdns_list_item, list->numalloc + GETDNS_LIST_BLOCKSZ)))
return GETDNS_RETURN_MEMORY_ERROR;
list->numinuse++;
list->items = newlist;
list->numalloc += GETDNS_LIST_BLOCKSZ;
return GETDNS_RETURN_GOOD;
}
/*---------------------------------------- getdns_list_set_dict */
getdns_return_t
getdns_list_set_dict(
getdns_list *list, size_t index, const getdns_dict *child_dict)
{
getdns_dict *newdict;
getdns_return_t r;
if (!list || !child_dict)
return GETDNS_RETURN_INVALID_PARAMETER;
if ((r = _getdns_dict_copy(child_dict, &newdict)))
return r;
if ((r = _getdns_list_request_index(list, index))) {
getdns_dict_destroy(newdict);
return r;
}
list->items[index].dtype = t_dict; list->items[index].dtype = t_dict;
list->items[index].data.dict = newdict; list->items[index].data.dict = newdict;
return GETDNS_RETURN_GOOD; return GETDNS_RETURN_GOOD;
@ -394,31 +361,22 @@ getdns_list_set_dict(struct getdns_list * list, size_t index,
/*---------------------------------------- getdns_list_set_list */ /*---------------------------------------- getdns_list_set_list */
getdns_return_t getdns_return_t
getdns_list_set_list(struct getdns_list * list, size_t index, getdns_list_set_list(
const struct getdns_list * child_list) getdns_list *list, size_t index, const getdns_list *child_list)
{ {
struct getdns_list *newlist; getdns_list *newlist;
getdns_return_t retval; getdns_return_t r;
if (!list || !child_list) if (!list || !child_list)
return GETDNS_RETURN_INVALID_PARAMETER; return GETDNS_RETURN_INVALID_PARAMETER;
if (index > list->numinuse) if ((r = _getdns_list_copy(child_list, &newlist)))
return GETDNS_RETURN_NO_SUCH_LIST_ITEM; return r;
retval = _getdns_list_copy(child_list, &newlist); if ((r = _getdns_list_request_index(list, index))) {
if (retval != GETDNS_RETURN_GOOD)
return retval;
if (index == list->numinuse) {
retval = _getdns_list_add_item(list, &index);
if (retval != GETDNS_RETURN_GOOD) {
getdns_list_destroy(newlist); getdns_list_destroy(newlist);
return retval; return r;
} }
} else
getdns_list_destroy_item(list, index);
list->items[index].dtype = t_list; list->items[index].dtype = t_list;
list->items[index].data.list = newlist; list->items[index].data.list = newlist;
return GETDNS_RETURN_GOOD; return GETDNS_RETURN_GOOD;
@ -426,31 +384,22 @@ getdns_list_set_list(struct getdns_list * list, size_t index,
/*---------------------------------------- getdns_list_set_bindata */ /*---------------------------------------- getdns_list_set_bindata */
getdns_return_t getdns_return_t
getdns_list_set_bindata(struct getdns_list * list, size_t index, getdns_list_set_bindata(
const struct getdns_bindata * child_bindata) getdns_list *list, size_t index, const getdns_bindata *child_bindata)
{ {
struct getdns_bindata *newbindata; getdns_bindata *newbindata;
getdns_return_t retval; getdns_return_t r;
if (!list || !child_bindata) if (!list || !child_bindata)
return GETDNS_RETURN_INVALID_PARAMETER; return GETDNS_RETURN_INVALID_PARAMETER;
if (index > list->numinuse) if (!(newbindata = _getdns_bindata_copy(&list->mf, child_bindata)))
return GETDNS_RETURN_NO_SUCH_LIST_ITEM; return GETDNS_RETURN_MEMORY_ERROR;
newbindata = _getdns_bindata_copy(&list->mf, child_bindata); if ((r = _getdns_list_request_index(list, index))) {
if (!newbindata)
return GETDNS_RETURN_NO_SUCH_LIST_ITEM;
if (index == list->numinuse) {
retval = _getdns_list_add_item(list, &index);
if (retval != GETDNS_RETURN_GOOD) {
_getdns_bindata_destroy(&list->mf, newbindata); _getdns_bindata_destroy(&list->mf, newbindata);
return retval; return r;
} }
} else
getdns_list_destroy_item(list, index);
list->items[index].dtype = t_bindata; list->items[index].dtype = t_bindata;
list->items[index].data.bindata = newbindata; list->items[index].data.bindata = newbindata;
return GETDNS_RETURN_GOOD; return GETDNS_RETURN_GOOD;
@ -461,14 +410,11 @@ static getdns_return_t
getdns_list_set_string(getdns_list *list, size_t index, const char *value) getdns_list_set_string(getdns_list *list, size_t index, const char *value)
{ {
getdns_bindata *newbindata; getdns_bindata *newbindata;
getdns_return_t retval; getdns_return_t r;
if (!list || !value) if (!list || !value)
return GETDNS_RETURN_INVALID_PARAMETER; return GETDNS_RETURN_INVALID_PARAMETER;
if (index > list->numinuse)
return GETDNS_RETURN_NO_SUCH_LIST_ITEM;
if (!(newbindata = GETDNS_MALLOC(list->mf, getdns_bindata))) if (!(newbindata = GETDNS_MALLOC(list->mf, getdns_bindata)))
return GETDNS_RETURN_MEMORY_ERROR; return GETDNS_RETURN_MEMORY_ERROR;
@ -477,17 +423,11 @@ getdns_list_set_string(getdns_list *list, size_t index, const char *value)
GETDNS_FREE(list->mf, newbindata); GETDNS_FREE(list->mf, newbindata);
return GETDNS_RETURN_MEMORY_ERROR; return GETDNS_RETURN_MEMORY_ERROR;
} }
if ((r = _getdns_list_request_index(list, index))) {
if (index == list->numinuse) {
retval = _getdns_list_add_item(list, &index);
if (retval != GETDNS_RETURN_GOOD) {
GETDNS_FREE(list->mf, newbindata->data); GETDNS_FREE(list->mf, newbindata->data);
GETDNS_FREE(list->mf, newbindata); GETDNS_FREE(list->mf, newbindata);
return retval; return r;
} }
} else
getdns_list_destroy_item(list, index);
list->items[index].dtype = t_bindata; list->items[index].dtype = t_bindata;
list->items[index].data.bindata = newbindata; list->items[index].data.bindata = newbindata;
return GETDNS_RETURN_GOOD; return GETDNS_RETURN_GOOD;
@ -495,23 +435,15 @@ getdns_list_set_string(getdns_list *list, size_t index, const char *value)
/*---------------------------------------- getdns_list_set_int */ /*---------------------------------------- getdns_list_set_int */
getdns_return_t getdns_return_t
getdns_list_set_int(struct getdns_list * list, size_t index, getdns_list_set_int(getdns_list * list, size_t index, uint32_t child_int)
uint32_t child_int)
{ {
getdns_return_t retval; getdns_return_t r;
if (!list) if (!list)
return GETDNS_RETURN_INVALID_PARAMETER; return GETDNS_RETURN_INVALID_PARAMETER;
if (index > list->numinuse) if ((r = _getdns_list_request_index(list, index)))
return GETDNS_RETURN_NO_SUCH_LIST_ITEM; return r;
if (index == list->numinuse) {
retval = _getdns_list_add_item(list, &index);
if (retval != GETDNS_RETURN_GOOD)
return retval;
} else
getdns_list_destroy_item(list, index);
list->items[index].dtype = t_int; list->items[index].dtype = t_int;
list->items[index].data.n = child_int; list->items[index].data.n = child_int;

View File

@ -32,7 +32,6 @@
*/ */
#include <openssl/err.h> #include <openssl/err.h>
#include <openssl/x509v3.h>
#include "config.h" #include "config.h"
#include <fcntl.h> #include <fcntl.h>
#include "stub.h" #include "stub.h"
@ -823,15 +822,12 @@ tls_failed(getdns_upstream *upstream)
} }
static SSL* static SSL*
tls_create_object(getdns_context *context, int fd, const char* auth_name) tls_create_object(getdns_context *context, int fd)
{ {
#ifdef HAVE_LIBSSL_102
/* Create SSL instance */ /* Create SSL instance */
if (context->tls_ctx == NULL || auth_name == NULL) if (context->tls_ctx == NULL)
return NULL; return NULL;
SSL* ssl = SSL_new(context->tls_ctx); SSL* ssl = SSL_new(context->tls_ctx);
X509_VERIFY_PARAM *param;
if(!ssl) if(!ssl)
return NULL; return NULL;
/* Connect the SSL object with a file descriptor */ /* Connect the SSL object with a file descriptor */
@ -839,16 +835,9 @@ tls_create_object(getdns_context *context, int fd, const char* auth_name)
SSL_free(ssl); SSL_free(ssl);
return NULL; return NULL;
} }
SSL_set_tlsext_host_name(ssl, auth_name);
param = SSL_get0_param(ssl);
X509_VERIFY_PARAM_set_hostflags(param, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
X509_VERIFY_PARAM_set1_host(param, auth_name, 0);
SSL_set_connect_state(ssl); SSL_set_connect_state(ssl);
(void) SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY); (void) SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
return ssl; return ssl;
#else
return NULL;
#endif
} }
static int static int
@ -900,7 +889,6 @@ tls_do_handshake(getdns_upstream *upstream)
upstream->tls_hs_state = GETDNS_HS_WRITE; upstream->tls_hs_state = GETDNS_HS_WRITE;
return STUB_TCP_AGAIN; return STUB_TCP_AGAIN;
default: default:
DEBUG_STUB("--- %s %s %d\n", __FUNCTION__, "Handshake failed: ", want);
return tls_cleanup(upstream); return tls_cleanup(upstream);
} }
} }
@ -1314,8 +1302,7 @@ upstream_read_cb(void *userarg)
dnsreq = netreq->owner; dnsreq = netreq->owner;
if (is_starttls_response(netreq)) { if (is_starttls_response(netreq)) {
upstream->tls_obj = tls_create_object(dnsreq->context, upstream->tls_obj = tls_create_object(dnsreq->context,
upstream->fd, upstream->fd);
upstream->tls_auth_name);
if (upstream->tls_obj == NULL) if (upstream->tls_obj == NULL)
upstream->tls_hs_state = GETDNS_HS_FAILED; upstream->tls_hs_state = GETDNS_HS_FAILED;
upstream->tls_hs_state = GETDNS_HS_WRITE; upstream->tls_hs_state = GETDNS_HS_WRITE;
@ -1555,7 +1542,7 @@ upstream_connect(getdns_upstream *upstream, getdns_transport_list_t transport,
return upstream->fd; return upstream->fd;
fd = tcp_connect(upstream, transport); fd = tcp_connect(upstream, transport);
if (fd == -1) return -1; if (fd == -1) return -1;
upstream->tls_obj = tls_create_object(dnsreq->context, fd, upstream->tls_auth_name); upstream->tls_obj = tls_create_object(dnsreq->context, fd);
if (upstream->tls_obj == NULL) { if (upstream->tls_obj == NULL) {
close(fd); close(fd);
return -1; return -1;

View File

@ -131,6 +131,9 @@ install: getdns_query
$(INSTALL) -m 755 -d $(DESTDIR)$(bindir) $(INSTALL) -m 755 -d $(DESTDIR)$(bindir)
$(LIBTOOL) --mode=install cp getdns_query $(DESTDIR)$(bindir) $(LIBTOOL) --mode=install cp getdns_query $(DESTDIR)$(bindir)
uninstall:
$(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(bindir)/getdns_query
nolibcheck: nolibcheck:
@echo "***" @echo "***"
@echo "*** Cannot run unit tests, because they could not be compiled," @echo "*** Cannot run unit tests, because they could not be compiled,"

View File

@ -294,8 +294,8 @@
struct getdns_list *upstream_list = NULL; struct getdns_list *upstream_list = NULL;
struct getdns_dict *dict = NULL; struct getdns_dict *dict = NULL;
struct getdns_dict *response = NULL; struct getdns_dict *response = NULL;
struct getdns_bindata address_type = { 5, (void *)"IPv4" }; struct getdns_bindata address_type = { 4, (void *)"IPv4" };
struct getdns_bindata address_data = { 4, (void *)"\x0A\xAA\x0C\x38" }; struct getdns_bindata address_data = { 4, (void *)"\x08\x08\x08\x08" };
size_t index = 0; size_t index = 0;
CONTEXT_CREATE(TRUE); CONTEXT_CREATE(TRUE);
@ -393,8 +393,8 @@
struct getdns_list *upstream_list = NULL; struct getdns_list *upstream_list = NULL;
struct getdns_dict *dict = NULL; struct getdns_dict *dict = NULL;
struct getdns_dict *response = NULL; struct getdns_dict *response = NULL;
struct getdns_bindata address_type = { 5, (void *)"IPv4" }; struct getdns_bindata address_type = { 4, (void *)"IPv4" };
struct getdns_bindata address_data = { 4, (void *)"\x0A\xAA\x0C\x38" }; struct getdns_bindata address_data = { 4, (void *)"\x08\x08\x08\x08" };
struct getdns_bindata port = { 3, (void *)"53" }; struct getdns_bindata port = { 3, (void *)"53" };
size_t index = 0; size_t index = 0;

View File

@ -279,7 +279,6 @@ ipaddr_dict(getdns_context *context, char *ipstr)
char *s = strchr(ipstr, '%'), *scope_id_str = ""; char *s = strchr(ipstr, '%'), *scope_id_str = "";
char *p = strchr(ipstr, '@'), *portstr = ""; char *p = strchr(ipstr, '@'), *portstr = "";
char *t = strchr(ipstr, '#'), *tls_portstr = ""; char *t = strchr(ipstr, '#'), *tls_portstr = "";
char *n = strchr(ipstr, '~'), *tls_namestr = "";
uint8_t buf[sizeof(struct in6_addr)]; uint8_t buf[sizeof(struct in6_addr)];
getdns_bindata addr; getdns_bindata addr;
@ -298,10 +297,6 @@ ipaddr_dict(getdns_context *context, char *ipstr)
*t = 0; *t = 0;
tls_portstr = t + 1; tls_portstr = t + 1;
} }
if (n) {
*n = 0;
tls_namestr = n + 1;
}
if (strchr(ipstr, ':')) { if (strchr(ipstr, ':')) {
getdns_dict_util_set_string(r, "address_type", "IPv6"); getdns_dict_util_set_string(r, "address_type", "IPv6");
addr.size = 16; addr.size = 16;
@ -322,9 +317,6 @@ ipaddr_dict(getdns_context *context, char *ipstr)
getdns_dict_set_int(r, "port", (int32_t)atoi(portstr)); getdns_dict_set_int(r, "port", (int32_t)atoi(portstr));
if (*tls_portstr) if (*tls_portstr)
getdns_dict_set_int(r, "tls_port", (int32_t)atoi(tls_portstr)); getdns_dict_set_int(r, "tls_port", (int32_t)atoi(tls_portstr));
if (*tls_namestr) {
getdns_dict_util_set_string(r, "tls_auth_name", tls_namestr);
}
if (*scope_id_str) if (*scope_id_str)
getdns_dict_util_set_string(r, "scope_id", scope_id_str); getdns_dict_util_set_string(r, "scope_id", scope_id_str);

View File

@ -2,7 +2,7 @@
DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd ) DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
SERVER_IP="8.8.8.8" SERVER_IP="8.8.8.8"
TLS_SERVER_IP="185.49.141.38~www.dnssec-name-and-shame.com" TLS_SERVER_IP="185.49.141.38"
GOOD_RESULT_SYNC="Status was: At least one response was returned" GOOD_RESULT_SYNC="Status was: At least one response was returned"
GOOD_RESULT_ASYNC="successfull" GOOD_RESULT_ASYNC="successfull"
BAD_RESULT_SYNC="1 'Generic error'" BAD_RESULT_SYNC="1 'Generic error'"
@ -58,7 +58,6 @@ usage () {
ehco " -p path to getdns_query binary" ehco " -p path to getdns_query binary"
echo " -s server configured for only TCP and UDP" echo " -s server configured for only TCP and UDP"
echo " -t server configured for TLS, STARTTLS, TCP and UDP" echo " -t server configured for TLS, STARTTLS, TCP and UDP"
echo " (This must include the hostname e.g. 185.49.141.38~www.dnssec-name-and-shame.com)"
} }
while getopts ":p:s:t:dh" opt; do while getopts ":p:s:t:dh" opt; do
@ -71,9 +70,6 @@ while getopts ":p:s:t:dh" opt; do
esac esac
done done
TLS_SERVER_IP_NO_NAME=`echo ${TLS_SERVER_IP%~*}`
echo $TLS_SERVER_IP_NO_NAME
GOOD_QUERIES=( GOOD_QUERIES=(
"-s -A -q getdnsapi.net -l U @${SERVER_IP} " "-s -A -q getdnsapi.net -l U @${SERVER_IP} "
"-s -A -q getdnsapi.net -l T @${SERVER_IP} " "-s -A -q getdnsapi.net -l T @${SERVER_IP} "
@ -82,15 +78,13 @@ GOOD_QUERIES=(
GOOD_FALLBACK_QUERIES=( GOOD_FALLBACK_QUERIES=(
"-s -A -q getdnsapi.net -l LT @${SERVER_IP}" "-s -A -q getdnsapi.net -l LT @${SERVER_IP}"
"-s -A -q getdnsapi.net -l LT @${SERVER_IP}" "-s -A -q getdnsapi.net -l LU @${SERVER_IP}"
"-s -A -q getdnsapi.net -l LT @${TLS_SERVER_IP_NO_NAME}"
"-s -A -q getdnsapi.net -l L @${SERVER_IP} @${TLS_SERVER_IP}" "-s -A -q getdnsapi.net -l L @${SERVER_IP} @${TLS_SERVER_IP}"
"-s -G -q DNSKEY getdnsapi.net -l UT @${SERVER_IP} -b 512 -D") "-s -G -q DNSKEY getdnsapi.net -l UT @${SERVER_IP} -b 512 -D")
NOT_AVAILABLE_QUERIES=( NOT_AVAILABLE_QUERIES=(
"-s -A -q getdnsapi.net -l L @${SERVER_IP} " "-s -A -q getdnsapi.net -l L @${SERVER_IP} "
"-s -A -q getdnsapi.net -l S @${SERVER_IP} " "-s -A -q getdnsapi.net -l S @${SERVER_IP} "
"-s -A -q getdnsapi.net -l L @${TLS_SERVER_IP_NO_NAME} "
"-s -G -q DNSKEY getdnsapi.net -l U @${SERVER_IP} -b 512 -D") "-s -G -q DNSKEY getdnsapi.net -l U @${SERVER_IP} -b 512 -D")
echo "Starting transport test" echo "Starting transport test"

View File

@ -69,7 +69,6 @@ getdns_return_t getdns_apply_network_result(getdns_network_req* netreq, struct u
* @return GETDNS_RETURN_GOOD on success * @return GETDNS_RETURN_GOOD on success
* @return GETDNS_RETURN_GENERAL_ERROR if out of memory * @return GETDNS_RETURN_GENERAL_ERROR if out of memory
*/ */
getdns_return_t _getdns_list_add_item(struct getdns_list *list, size_t * index);
getdns_return_t _getdns_list_append_dict(getdns_list *list, getdns_return_t _getdns_list_append_dict(getdns_list *list,
const getdns_dict *child_dict); const getdns_dict *child_dict);
getdns_return_t _getdns_list_append_list(getdns_list *list, getdns_return_t _getdns_list_append_list(getdns_list *list,