Add getdns_context_set_return_dnssec_status

2014-02-20 15:42:10 -05:00 · 2014-02-20 15:42:10 -05:00 · 48fea8d9e0
parent 097e6936cb
commit 48fea8d9e0
7 changed files with 62 additions and 3 deletions
--- a/src/context.c
+++ b/src/context.c
@ -1734,5 +1734,15 @@ getdns_context_get_api_information(getdns_context* context) {
    return result;
 }
 getdns_return_t
 getdns_context_set_return_dnssec_status(getdns_context* context, int enabled) {
    RETURN_IF_NULL(context, GETDNS_RETURN_INVALID_PARAMETER);
    if (enabled != GETDNS_EXTENSION_TRUE ||
        enabled != GETDNS_EXTENSION_FALSE) {
        return GETDNS_RETURN_INVALID_PARAMETER;
    }
    context->return_dnssec_status = enabled;
    return GETDNS_RETURN_GOOD;
 }
 /* context.c */
--- a/src/context.h
+++ b/src/context.h
@ -38,6 +38,7 @@
 #define _GETDNS_CONTEXT_H_
 #include <getdns/getdns.h>
 #include <getdns/getdns_extra.h>
 #include "types-internal.h"
 struct getdns_dns_req;
@ -96,6 +97,7 @@ struct getdns_context {
 	 * the real work */
 	struct ub_ctx *unbound_ctx;
 	int has_ta; /* No DNSSEC without trust anchor */
    int return_dnssec_status;
 	/* which resolution type the contexts are configured for
 	 * 0 means nothing set
--- a/src/getdns/getdns_extra.h
+++ b/src/getdns/getdns_extra.h
@ -0,0 +1,39 @@
 /*
 * Copyright (c) 2013, NLNet Labs, Versign, Inc.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 * * Redistributions of source code must retain the above copyright
 *   notice, this list of conditions and the following disclaimer.
 * * Redistributions in binary form must reproduce the above copyright
 *   notice, this list of conditions and the following disclaimer in the
 *   documentation and/or other materials provided with the distribution.
 * * Neither the name of the <organization> nor the
 *   names of its contributors may be used to endorse or promote products
 *   derived from this software without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 * DISCLAIMED. IN NO EVENT SHALL Verisign, Inc. BE LIABLE FOR ANY
 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 #ifndef _GETDNS_CONTEXT_H_
 #define _GETDNS_CONTEXT_H_
 #include <getdns/getdns.h>
 /* Enable the return_dnssec_status extension on every request.
   value is either GETDNS_EXTENSION_TRUE or GETDNS_EXTENSION_FALSE
   returns GETDNS_RETURN_GOOD on success or GETDNS_RETURN_INVALID_PARAMETER
   if context or value is invalid */
 getdns_return_t getdns_context_set_return_dnssec_status(getdns_context* context, int enabled);
 #endif
--- a/src/request-internal.c
+++ b/src/request-internal.c
@ -130,6 +130,7 @@ dns_req_new(struct getdns_context *context,
 	result->trans_id = ldns_get_random();
 	getdns_dict_copy(extensions, &result->extensions);
    result->return_dnssec_status = context->return_dnssec_status;
 	/* will be set by caller */
 	result->user_pointer = NULL;
--- a/src/rr-dict.c
+++ b/src/rr-dict.c
@ -660,7 +660,7 @@ priv_getdns_equip_dict_with_hip_rdfs(struct getdns_dict* rdata, ldns_rr* rr,
    r |= getdns_dict_set_bindata(rdata, def->rdata[1].name, &hit_data);
    r |= getdns_dict_set_bindata(rdata, def->rdata[2].name, &key_data);
    if (r != GETDNS_RETURN_GOOD) {
-        return r;
+        return GETDNS_RETURN_GENERIC_ERROR;
    }
    if (ldns_rr_rd_count(rr) > 1) {
@ -682,6 +682,9 @@ priv_getdns_equip_dict_with_hip_rdfs(struct getdns_dict* rdata, ldns_rr* rr,
        }
        /* always clean up */
        getdns_list_destroy(servers);
        if (r != GETDNS_RETURN_GOOD) {
        	return GETDNS_RETURN_GENERIC_ERROR;
        }
    }
    return r;
--- a/src/types-internal.h
+++ b/src/types-internal.h
@ -180,6 +180,9 @@ typedef struct getdns_dns_req
    /* local timeout id */
    getdns_transaction_t local_timeout_id;
    /* dnssec status */
    int return_dnssec_status;
 } getdns_dns_req;
 #define MF_PLAIN ((void *)&plain_mem_funcs_user_arg)
--- a/src/util-internal.c
+++ b/src/util-internal.c
@ -551,7 +551,8 @@ create_getdns_response(struct getdns_dns_req * completed_request)
 	dnssec_return_only_secure = is_extension_set(
 	    completed_request->extensions, "dnssec_return_only_secure");
 	dnssec_return_status = dnssec_return_only_secure || is_extension_set(
-	    completed_request->extensions, "dnssec_return_status");
+	    completed_request->extensions, "dnssec_return_status") ||
        completed_request->return_dnssec_status == GETDNS_EXTENSION_TRUE;
 	if (completed_request->first_req->request_class == GETDNS_RRTYPE_A ||
 	    completed_request->first_req->request_class ==
@ -617,7 +618,7 @@ create_getdns_response(struct getdns_dns_req * completed_request)
 		}
 		if (dnssec_return_status || dnssec_return_validation_chain) {
 			r = getdns_dict_set_int(reply, "dnssec_status",
-			    ( netreq->secure   ? GETDNS_DNSSEC_SECURE 
+			    ( netreq->secure   ? GETDNS_DNSSEC_SECURE
 			    : netreq->bogus    ? GETDNS_DNSSEC_BOGUS
 			    : rrsigs_in_answer(netreq->result) &&
 			      completed_request->context->has_ta