Author: dougb
Date: Fri Jun 1 03:46:28 2012
New Revision: 236374
URL: http://svn.freebsd.org/changeset/base/236374
Log:
MFV r236171, MFC r236196:
Upgrade to BIND version 9.8.3, the latest from ISC.
Feature Change
* BIND now recognizes the TLSA resource record type, created to
support IETF DANE (DNS-based Authentication of Named Entities)
Bug Fix
* The locking strategy around the handling of iterative queries
has been tuned to reduce unnecessary contention in a multi-
threaded environment.
Other critical bug fixes are included.
All BIND users are encouraged to upgrade.
Added:
stable/9/contrib/bind9/lib/dns/rdata/generic/tlsa_52.c
- copied unchanged from r236373,
vendor/bind9/dist/lib/dns/rdata/generic/tlsa_52.c
stable/9/contrib/bind9/lib/dns/rdata/generic/tlsa_52.h
- copied unchanged from r236373,
vendor/bind9/dist/lib/dns/rdata/generic/tlsa_52.h
Modified:
stable/9/contrib/bind9/CHANGES
stable/9/contrib/bind9/README
stable/9/contrib/bind9/bin/named/builtin.c
stable/9/contrib/bind9/bin/named/query.c
stable/9/contrib/bind9/bin/named/server.c
stable/9/contrib/bind9/bin/named/unix/dlz_dlopen_driver.c
stable/9/contrib/bind9/lib/bind9/api
stable/9/contrib/bind9/lib/bind9/check.c
stable/9/contrib/bind9/lib/dns/api
stable/9/contrib/bind9/lib/dns/dnssec.c
stable/9/contrib/bind9/lib/dns/include/dns/ecdb.h
stable/9/contrib/bind9/lib/dns/include/dns/rpz.h
stable/9/contrib/bind9/lib/dns/include/dns/sdb.h
stable/9/contrib/bind9/lib/dns/include/dns/stats.h
stable/9/contrib/bind9/lib/dns/include/dns/tsec.h
stable/9/contrib/bind9/lib/dns/include/dns/view.h
stable/9/contrib/bind9/lib/dns/rbtdb.c
stable/9/contrib/bind9/lib/dns/resolver.c
stable/9/contrib/bind9/lib/dns/sdb.c
stable/9/contrib/bind9/lib/dns/tkey.c
stable/9/contrib/bind9/lib/dns/zone.c
stable/9/contrib/bind9/lib/isc/pthreads/mutex.c
stable/9/contrib/bind9/lib/isccfg/api
stable/9/contrib/bind9/lib/isccfg/parser.c
stable/9/contrib/bind9/version
stable/9/lib/bind/dns/code.h
stable/9/lib/bind/dns/dns/enumtype.h
stable/9/lib/bind/dns/dns/rdatastruct.h
Directory Properties:
stable/9/contrib/bind9/ (props changed)
stable/9/lib/bind/ (props changed)
Modified: stable/9/contrib/bind9/CHANGES
==============================================================================
--- stable/9/contrib/bind9/CHANGES Fri Jun 1 03:00:36 2012
(r236373)
+++ stable/9/contrib/bind9/CHANGES Fri Jun 1 03:46:28 2012
(r236374)
@@ -1,3 +1,56 @@
+ --- 9.8.3 released ---
+
+3318. [tuning] Reduce the amount of work performed while holding a
+ bucket lock when finshed with a fetch context.
+ [RT #29239]
+
+3314. [bug] The masters list could be updated while refesh_callback
+ and stub_callback were using it. [RT #26732]
+
+3313. [protocol] Add TLSA record type. [RT #28989]
+
+3312. [bug] named-checkconf didn't detect a bad dns64 clients acl.
+ [RT #27631]
+
+3311. [bug] Abort the zone dump if zone->db is NULL in
+ zone.c:zone_gotwritehandle. [RT #29028]
+
+3310. [test] Increase table size for mutex profiling. [RT #28809]
+
+3309. [bug] resolver.c:fctx_finddone() was not threadsafe.
+ [RT #27995]
+
+3307. [bug] Add missing ISC_LANG_BEGINDECLS and ISC_LANG_ENDDECLS.
+ [RT #28956]
+
+3306. [bug] Improve DNS64 reverse zone performance. [RT #28563]
+
+3305. [func] Add wire format lookup method to sdb. [RT #28563]
+
+3304. [bug] Use hmctx, not mctx when freeing rbtdb->heaps.
+ [RT #28571]
+
+3302. [bug] dns_dnssec_findmatchingkeys could fail to find
+ keys if the zone name contained character that
+ required special mappings. [RT #28600]
+
+3301. [contrib] Update queryperf to build on darwin. Add -R flag
+ for non-recursive queries. [RT #28565]
+
+3300. [bug] Named could die if gssapi was enabled in named.conf
+ but was not compiled in. [RT #28338]
+
+3299. [bug] Make SDB handle errors from database drivers better.
+ [RT #28534]
+
+3232. [bug] Zero zone->curmaster before return in
+ dns_zone_setmasterswithkeys(). [RT #26732]
+
+3183. [bug] Added RTLD_GLOBAL flag to dlopen call. [RT #26301]
+
+3197. [bug] Don't try to log the filename and line number when
+ the config parser can't open a file. [RT #22263]
+
--- 9.8.2 released ---
3298. [bug] Named could dereference a NULL pointer in
@@ -58,9 +111,9 @@
3274. [bug] Log when a zone is not reusable. Only set loadtime
on successful loads. [RT #27650]
-3273. [bug] AAAA responses could be returned in the additional
- section even when filter-aaaa-on-v4 was in use.
- [RT #27292]
+3273. [bug] AAAA responses could be returned in the additional
+ section even when filter-aaaa-on-v4 was in use.
+ [RT #27292]
3271. [port] darwin: mksymtbl is not always stable, loop several
times before giving up. mksymtbl was using non
Modified: stable/9/contrib/bind9/README
==============================================================================
--- stable/9/contrib/bind9/README Fri Jun 1 03:00:36 2012
(r236373)
+++ stable/9/contrib/bind9/README Fri Jun 1 03:46:28 2012
(r236374)
@@ -51,6 +51,10 @@ BIND 9
For up-to-date release notes and errata, see
http://www.isc.org/software/bind9/releasenotes
+BIND 9.8.3
+
+ BIND 9.8.3 is a maintenance release.
+
BIND 9.8.2
BIND 9.8.2 includes a number of bug fixes and prevents a security
Modified: stable/9/contrib/bind9/bin/named/builtin.c
==============================================================================
--- stable/9/contrib/bind9/bin/named/builtin.c Fri Jun 1 03:00:36 2012
(r236373)
+++ stable/9/contrib/bind9/bin/named/builtin.c Fri Jun 1 03:46:28 2012
(r236374)
@@ -69,35 +69,79 @@ static builtin_t empty_builtin = { do_em
static builtin_t dns64_builtin = { do_dns64_lookup, NULL, NULL };
static dns_sdbimplementation_t *builtin_impl;
+static dns_sdbimplementation_t *dns64_impl;
-static const char hex[] = "0123456789abcdef";
-static const char HEX[] = "0123456789ABCDEF";
+/*
+ * Pre computed HEX * 16 or 1 table.
+ */
+static const unsigned char hex16[256] = {
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /*00*/
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /*10*/
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /*20*/
+ 0, 16, 32, 48, 64, 80, 96,112,128,144, 1, 1, 1, 1, 1, 1, /*30*/
+ 1,160,176,192,208,224,240, 1, 1, 1, 1, 1, 1, 1, 1, 1, /*40*/
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /*50*/
+ 1,160,176,192,208,224,240, 1, 1, 1, 1, 1, 1, 1, 1, 1, /*60*/
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /*70*/
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /*80*/
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /*90*/
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /*A0*/
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /*B0*/
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /*C0*/
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /*D0*/
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /*E0*/
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 /*F0*/
+};
+
+const unsigned char decimal[] = "0123456789";
+
+static size_t
+dns64_rdata(unsigned char *v, size_t start, unsigned char *rdata) {
+ size_t i, j = 0;
+
+ for (i = 0; i < 4; i++) {
+ unsigned char c = v[start++];
+ if (start == 7)
+ start++;
+ if (c > 99) {
+ rdata[j++] = 3;
+ rdata[j++] = decimal[c/100]; c = c % 100;
+ rdata[j++] = decimal[c/10]; c = c % 10;
+ rdata[j++] = decimal[c];
+ } else if (c > 9) {
+ rdata[j++] = 2;
+ rdata[j++] = decimal[c/10]; c = c % 10;
+ rdata[j++] = decimal[c];
+ } else {
+ rdata[j++] = 1;
+ rdata[j++] = decimal[c];
+ }
+ }
+ memcpy(&rdata[j], "\07in-addr\04arpa", 14);
+ return (j + 14);
+}
static isc_result_t
-dns64_cname(const char *zone, const char *name, dns_sdblookup_t *lookup) {
- size_t zlen, nlen, j;
- const char *s;
- unsigned char v[16];
+dns64_cname(const dns_name_t *zone, const dns_name_t *name,
+ dns_sdblookup_t *lookup)
+{
+ size_t zlen, nlen, j, len;
+ unsigned char v[16], n;
unsigned int i;
- char reverse[sizeof("123.123.123.123.in-addr.arpa.")];
+ unsigned char rdata[sizeof("123.123.123.123.in-addr.arpa.")];
+ unsigned char *ndata;
/*
- * The sum the length of the relative name and the length of the zone
- * name for a IPv6 reverse lookup comes to 71.
- *
- * The reverse of 2001::10.0.0.1 (dns64 2001::/96) has a zone of
- * "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.2.ip6.arpa"
- * and a name of "1.0.0.0.0.0.a.0". The sum of the lengths of these
- * two strings is 71.
+ * The combined length of the zone and name is 74.
*
- * The minimum length for a ip6.arpa zone name is 8.
+ * The minimum zone length is 10 ((3)ip6(4)arpa(0)).
*
- * The length of name should always be odd as we are expecting
+ * The length of name should always be even as we are expecting
* a series of nibbles.
*/
- zlen = strlen(zone);
- nlen = strlen(name);
- if ((zlen + nlen) > 71U || zlen < 8U || (nlen % 2) != 1U)
+ zlen = zone->length;
+ nlen = name->length;
+ if ((zlen + nlen) > 74U || zlen < 10U || (nlen % 2) != 0U)
return (ISC_R_NOTFOUND);
/*
@@ -116,25 +160,20 @@ dns64_cname(const char *zone, const char
* are byte aligned and we correctly return ISC_R_NOTFOUND or
* ISC_R_SUCCESS. We will not generate a CNAME in this case.
*/
- i = (nlen % 4) == 1U ? 1 : 0;
+ ndata = name->ndata;
+ i = (nlen % 4) == 2U ? 1 : 0;
j = nlen;
memset(v, 0, sizeof(v));
- while (j >= 1U) {
+ while (j != 0) {
INSIST((i/2) < sizeof(v));
- if (j > 1U && name[1] != '.')
+ if (ndata[0] != 1)
return (ISC_R_NOTFOUND);
- v[i/2] >>= 4;
- if ((s = strchr(hex, name[0])) != NULL)
- v[i/2] |= (s - hex) << 4;
- else if ((s = strchr(HEX, name[0])) != NULL)
- v[i/2] |= (s - HEX) << 4;
- else
+ n = hex16[ndata[1]&0xff];
+ if (n == 1)
return (ISC_R_NOTFOUND);
- if (j > 1U)
- j -= 2;
- else
- j -= 1;
- name += 2;
+ v[i/2] = n | (v[i/2]>>4);
+ j -= 2;
+ ndata += 2;
i++;
}
@@ -144,90 +183,91 @@ dns64_cname(const char *zone, const char
* it corresponds to a empty node in the zone or there should be
* a CNAME.
*/
+#define ZLEN(x) (10 + (x)/2)
switch (zlen) {
- case 24: /* prefix len 32 */
+ case ZLEN(32): /* prefix len 32 */
+ /*
+ * The nibbles that map to this byte must be zero for 'name'
+ * to exist in the zone.
+ */
+ if (nlen > 16U && v[(nlen-1)/4 - 4] != 0)
+ return (ISC_R_NOTFOUND);
/*
- * If the total length is not 71 then this is a empty node
+ * If the total length is not 74 then this is a empty node
* so return success.
*/
- if (nlen + zlen != 71U)
+ if (nlen + zlen != 74U)
return (ISC_R_SUCCESS);
- snprintf(reverse, sizeof(reverse), "%u.%u.%u.%u.in-addr.arpa.",
- v[8], v[9], v[10], v[11]);
+ len = dns64_rdata(v, 8, rdata);
break;
- case 28: /* prefix len 40 */
+ case ZLEN(40): /* prefix len 40 */
/*
* The nibbles that map to this byte must be zero for 'name'
* to exist in the zone.
*/
- if (nlen > 11U && v[nlen/4 - 3] != 0)
+ if (nlen > 12U && v[(nlen-1)/4 - 3] != 0)
return (ISC_R_NOTFOUND);
/*
- * If the total length is not 71 then this is a empty node
+ * If the total length is not 74 then this is a empty node
* so return success.
*/
- if (nlen + zlen != 71U)
+ if (nlen + zlen != 74U)
return (ISC_R_SUCCESS);
- snprintf(reverse, sizeof(reverse), "%u.%u.%u.%u.in-addr.arpa.",
- v[6], v[8], v[9], v[10]);
+ len = dns64_rdata(v, 6, rdata);
break;
- case 32: /* prefix len 48 */
+ case ZLEN(48): /* prefix len 48 */
/*
* The nibbles that map to this byte must be zero for 'name'
* to exist in the zone.
*/
- if (nlen > 7U && v[nlen/4 - 2] != 0)
+ if (nlen > 8U && v[(nlen-1)/4 - 2] != 0)
return (ISC_R_NOTFOUND);
/*
- * If the total length is not 71 then this is a empty node
+ * If the total length is not 74 then this is a empty node
* so return success.
*/
- if (nlen + zlen != 71U)
+ if (nlen + zlen != 74U)
return (ISC_R_SUCCESS);
- snprintf(reverse, sizeof(reverse), "%u.%u.%u.%u.in-addr.arpa.",
- v[5], v[6], v[8], v[9]);
+ len = dns64_rdata(v, 5, rdata);
break;
- case 36: /* prefix len 56 */
+ case ZLEN(56): /* prefix len 56 */
/*
* The nibbles that map to this byte must be zero for 'name'
* to exist in the zone.
*/
- if (nlen > 3U && v[nlen/4 - 1] != 0)
+ if (nlen > 4U && v[(nlen-1)/4 - 1] != 0)
return (ISC_R_NOTFOUND);
/*
- * If the total length is not 71 then this is a empty node
+ * If the total length is not 74 then this is a empty node
* so return success.
*/
- if (nlen + zlen != 71U)
+ if (nlen + zlen != 74U)
return (ISC_R_SUCCESS);
- snprintf(reverse, sizeof(reverse), "%u.%u.%u.%u.in-addr.arpa.",
- v[4], v[5], v[6], v[8]);
+ len = dns64_rdata(v, 4, rdata);
break;
- case 40: /* prefix len 64 */
+ case ZLEN(64): /* prefix len 64 */
/*
* The nibbles that map to this byte must be zero for 'name'
* to exist in the zone.
*/
- if (v[nlen/4] != 0)
+ if (v[(nlen-1)/4] != 0)
return (ISC_R_NOTFOUND);
/*
- * If the total length is not 71 then this is a empty node
+ * If the total length is not 74 then this is a empty node
* so return success.
*/
- if (nlen + zlen != 71U)
+ if (nlen + zlen != 74U)
return (ISC_R_SUCCESS);
- snprintf(reverse, sizeof(reverse), "%u.%u.%u.%u.in-addr.arpa.",
- v[3], v[4], v[5], v[6]);
+ len = dns64_rdata(v, 3, rdata);
break;
- case 56: /* prefix len 96 */
+ case ZLEN(96): /* prefix len 96 */
/*
- * If the total length is not 71 then this is a empty node
+ * If the total length is not 74 then this is a empty node
* so return success.
*/
- if (nlen + zlen != 71U)
+ if (nlen + zlen != 74U)
return (ISC_R_SUCCESS);
- snprintf(reverse, sizeof(reverse), "%u.%u.%u.%u.in-addr.arpa.",
- v[0], v[1], v[2], v[3]);
+ len = dns64_rdata(v, 0, rdata);
break;
default:
/*
@@ -236,7 +276,7 @@ dns64_cname(const char *zone, const char
*/
return (ISC_R_NOTFOUND);
}
- return (dns_sdb_putrr(lookup, "CNAME", 600, reverse));
+ return (dns_sdb_putrdata(lookup, dns_rdatatype_cname, 600, rdata, len));
}
static isc_result_t
@@ -249,13 +289,23 @@ builtin_lookup(const char *zone, const c
if (strcmp(name, "@") == 0)
return (b->do_lookup(lookup));
- else if (b->do_lookup == do_dns64_lookup)
- return (dns64_cname(zone, name, lookup));
else
return (ISC_R_NOTFOUND);
}
static isc_result_t
+dns64_lookup(const dns_name_t *zone, const dns_name_t *name, void *dbdata,
+ dns_sdblookup_t *lookup)
+{
+ builtin_t *b = (builtin_t *) dbdata;
+
+ if (name->labels == 0 && name->length == 0)
+ return (b->do_lookup(lookup));
+ else
+ return (dns64_cname(zone, name, lookup));
+}
+
+static isc_result_t
put_txt(dns_sdblookup_t *lookup, const char *text) {
unsigned char buf[256];
unsigned int len = strlen(text);
@@ -481,7 +531,17 @@ static dns_sdbmethods_t builtin_methods
builtin_authority,
NULL, /* allnodes */
builtin_create,
- builtin_destroy
+ builtin_destroy,
+ NULL
+};
+
+static dns_sdbmethods_t dns64_methods = {
+ NULL,
+ builtin_authority,
+ NULL, /* allnodes */
+ builtin_create,
+ builtin_destroy,
+ dns64_lookup,
};
isc_result_t
@@ -491,11 +551,17 @@ ns_builtin_init(void) {
DNS_SDBFLAG_RELATIVERDATA,
ns_g_mctx, &builtin_impl)
== ISC_R_SUCCESS);
+ RUNTIME_CHECK(dns_sdb_register("_dns64", &dns64_methods, NULL,
+ DNS_SDBFLAG_RELATIVEOWNER |
+ DNS_SDBFLAG_RELATIVERDATA |
+ DNS_SDBFLAG_DNS64,
+ ns_g_mctx, &dns64_impl)
+ == ISC_R_SUCCESS);
return (ISC_R_SUCCESS);
}
void
ns_builtin_deinit(void) {
dns_sdb_unregister(&builtin_impl);
+ dns_sdb_unregister(&dns64_impl);
}
-
Modified: stable/9/contrib/bind9/bin/named/query.c
==============================================================================
--- stable/9/contrib/bind9/bin/named/query.c Fri Jun 1 03:00:36 2012
(r236373)
+++ stable/9/contrib/bind9/bin/named/query.c Fri Jun 1 03:46:28 2012
(r236374)
@@ -3354,6 +3354,11 @@ query_addwildcardproof(ns_client_t *clie
dns_name_copy(name, cname, NULL);
while (result == DNS_R_NXDOMAIN) {
labels = dns_name_countlabels(cname) - 1;
+ /*
+ * Sanity check.
+ */
+ if (labels == 0U)
+ goto cleanup;
dns_name_split(cname, labels, NULL, cname);
result = dns_db_find(db, cname, version,
dns_rdatatype_nsec,
Modified: stable/9/contrib/bind9/bin/named/server.c
==============================================================================
--- stable/9/contrib/bind9/bin/named/server.c Fri Jun 1 03:00:36 2012
(r236373)
+++ stable/9/contrib/bind9/bin/named/server.c Fri Jun 1 03:46:28 2012
(r236374)
@@ -1358,7 +1358,7 @@ dns64_reverse(dns_view_t *view, isc_mem_
{
char *cp;
char reverse[48+sizeof("ip6.arpa.")];
- const char *dns64_dbtype[4] = { "_builtin", "dns64", ".", "." };
+ const char *dns64_dbtype[4] = { "_dns64", "dns64", ".", "." };
const char *sep = ": view ";
const char *viewname = view->name;
const unsigned char *s6;
Modified: stable/9/contrib/bind9/bin/named/unix/dlz_dlopen_driver.c
==============================================================================
--- stable/9/contrib/bind9/bin/named/unix/dlz_dlopen_driver.c Fri Jun 1
03:00:36 2012 (r236373)
+++ stable/9/contrib/bind9/bin/named/unix/dlz_dlopen_driver.c Fri Jun 1
03:46:28 2012 (r236374)
@@ -250,7 +250,7 @@ dlopen_dlz_create(const char *dlzname, u
isc_mutex_init(&cd->lock);
/* Open the library */
- dlopen_flags = RTLD_NOW;
+ dlopen_flags = RTLD_NOW|RTLD_GLOBAL;
#ifdef RTLD_DEEPBIND
/*
Modified: stable/9/contrib/bind9/lib/bind9/api
==============================================================================
--- stable/9/contrib/bind9/lib/bind9/api Fri Jun 1 03:00:36 2012
(r236373)
+++ stable/9/contrib/bind9/lib/bind9/api Fri Jun 1 03:46:28 2012
(r236374)
@@ -4,5 +4,5 @@
# 9.8: 80-89
# 9.9: 90-109
LIBINTERFACE = 80
-LIBREVISION = 4
+LIBREVISION = 5
LIBAGE = 0
Modified: stable/9/contrib/bind9/lib/bind9/check.c
==============================================================================
--- stable/9/contrib/bind9/lib/bind9/check.c Fri Jun 1 03:00:36 2012
(r236373)
+++ stable/9/contrib/bind9/lib/bind9/check.c Fri Jun 1 03:46:28 2012
(r236374)
@@ -434,7 +434,7 @@ check_dns64(cfg_aclconfctx_t *actx, cons
int nbytes;
int i;
- static const char *acls[] = { "client", "exclude", "mapped", NULL};
+ static const char *acls[] = { "clients", "exclude", "mapped", NULL};
if (voptions != NULL)
cfg_map_get(voptions, "dns64", &dns64);
Modified: stable/9/contrib/bind9/lib/dns/api
==============================================================================
--- stable/9/contrib/bind9/lib/dns/api Fri Jun 1 03:00:36 2012
(r236373)
+++ stable/9/contrib/bind9/lib/dns/api Fri Jun 1 03:46:28 2012
(r236374)
@@ -4,5 +4,5 @@
# 9.8: 80-89
# 9.9: 90-109
LIBINTERFACE = 87
-LIBREVISION = 0
+LIBREVISION = 1
LIBAGE = 6
Modified: stable/9/contrib/bind9/lib/dns/dnssec.c
==============================================================================
--- stable/9/contrib/bind9/lib/dns/dnssec.c Fri Jun 1 03:00:36 2012
(r236373)
+++ stable/9/contrib/bind9/lib/dns/dnssec.c Fri Jun 1 03:46:28 2012
(r236374)
@@ -1246,7 +1246,7 @@ dns_dnssec_findmatchingkeys(dns_name_t *
isc_dir_init(&dir);
isc_buffer_init(&b, namebuf, sizeof(namebuf) - 1);
- RETERR(dns_name_totext(origin, ISC_FALSE, &b));
+ RETERR(dns_name_tofilenametext(origin, ISC_FALSE, &b));
len = isc_buffer_usedlength(&b);
namebuf[len] = '\0';
Modified: stable/9/contrib/bind9/lib/dns/include/dns/ecdb.h
==============================================================================
--- stable/9/contrib/bind9/lib/dns/include/dns/ecdb.h Fri Jun 1 03:00:36
2012 (r236373)
+++ stable/9/contrib/bind9/lib/dns/include/dns/ecdb.h Fri Jun 1 03:46:28
2012 (r236374)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2009 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2009, 2012 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -39,6 +39,8 @@
*** Functions
***/
+ISC_LANG_BEGINDECLS
+
/* TBD: describe those */
isc_result_t
Modified: stable/9/contrib/bind9/lib/dns/include/dns/rpz.h
==============================================================================
--- stable/9/contrib/bind9/lib/dns/include/dns/rpz.h Fri Jun 1 03:00:36
2012 (r236373)
+++ stable/9/contrib/bind9/lib/dns/include/dns/rpz.h Fri Jun 1 03:46:28
2012 (r236374)
@@ -194,5 +194,7 @@ dns_rpz_cidr_find(dns_rpz_cidr_t *cidr,
dns_rpz_policy_t
dns_rpz_decode_cname(dns_rdataset_t *, dns_name_t *selfname);
+ISC_LANG_ENDDECLS
+
#endif /* DNS_RPZ_H */
Modified: stable/9/contrib/bind9/lib/dns/include/dns/sdb.h
==============================================================================
--- stable/9/contrib/bind9/lib/dns/include/dns/sdb.h Fri Jun 1 03:00:36
2012 (r236373)
+++ stable/9/contrib/bind9/lib/dns/include/dns/sdb.h Fri Jun 1 03:46:28
2012 (r236374)
@@ -59,6 +59,9 @@ typedef struct dns_sdballnodes dns_sdbal
typedef isc_result_t
(*dns_sdblookupfunc_t)(const char *zone, const char *name, void *dbdata,
dns_sdblookup_t *);
+typedef isc_result_t
+(*dns_sdblookup2func_t)(const dns_name_t *zone, const dns_name_t *name,
+ void *dbdata, dns_sdblookup_t *lookup);
typedef isc_result_t
(*dns_sdbauthorityfunc_t)(const char *zone, void *dbdata, dns_sdblookup_t *);
@@ -81,6 +84,7 @@ typedef struct dns_sdbmethods {
dns_sdballnodesfunc_t allnodes;
dns_sdbcreatefunc_t create;
dns_sdbdestroyfunc_t destroy;
+ dns_sdblookup2func_t lookup2;
} dns_sdbmethods_t;
/***
@@ -92,6 +96,7 @@ ISC_LANG_BEGINDECLS
#define DNS_SDBFLAG_RELATIVEOWNER 0x00000001U
#define DNS_SDBFLAG_RELATIVERDATA 0x00000002U
#define DNS_SDBFLAG_THREADSAFE 0x00000004U
+#define DNS_SDBFLAG_DNS64 0x00000008U
isc_result_t
dns_sdb_register(const char *drivername, const dns_sdbmethods_t *methods,
Modified: stable/9/contrib/bind9/lib/dns/include/dns/stats.h
==============================================================================
--- stable/9/contrib/bind9/lib/dns/include/dns/stats.h Fri Jun 1 03:00:36
2012 (r236373)
+++ stable/9/contrib/bind9/lib/dns/include/dns/stats.h Fri Jun 1 03:46:28
2012 (r236374)
@@ -147,6 +147,8 @@ typedef void (*dns_rdatatypestats_dumper
void *);
typedef void (*dns_opcodestats_dumper_t)(dns_opcode_t, isc_uint64_t, void *);
+ISC_LANG_BEGINDECLS
+
isc_result_t
dns_generalstats_create(isc_mem_t *mctx, dns_stats_t **statsp, int ncounters);
/*%<
Modified: stable/9/contrib/bind9/lib/dns/include/dns/tsec.h
==============================================================================
--- stable/9/contrib/bind9/lib/dns/include/dns/tsec.h Fri Jun 1 03:00:36
2012 (r236373)
+++ stable/9/contrib/bind9/lib/dns/include/dns/tsec.h Fri Jun 1 03:46:28
2012 (r236374)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2009, 2010 Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2009, 2010, 2012 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -132,4 +132,6 @@ dns_tsec_getkey(dns_tsec_t *tsec, void *
*\li *tsecp points to a valid key structure depending on the TSEC type.
*/
+ISC_LANG_ENDDECLS
+
#endif /* DNS_TSEC_H */
Modified: stable/9/contrib/bind9/lib/dns/include/dns/view.h
==============================================================================
--- stable/9/contrib/bind9/lib/dns/include/dns/view.h Fri Jun 1 03:00:36
2012 (r236373)
+++ stable/9/contrib/bind9/lib/dns/include/dns/view.h Fri Jun 1 03:46:28
2012 (r236374)
@@ -1075,4 +1075,6 @@ dns_view_setnewzones(dns_view_t *view, i
void
dns_view_restorekeyring(dns_view_t *view);
+ISC_LANG_ENDDECLS
+
#endif /* DNS_VIEW_H */
Modified: stable/9/contrib/bind9/lib/dns/rbtdb.c
==============================================================================
--- stable/9/contrib/bind9/lib/dns/rbtdb.c Fri Jun 1 03:00:36 2012
(r236373)
+++ stable/9/contrib/bind9/lib/dns/rbtdb.c Fri Jun 1 03:46:28 2012
(r236374)
@@ -7814,7 +7814,7 @@ dns_rbtdb_create
for (i = 0 ; i < (int)rbtdb->node_lock_count ; i++)
if (rbtdb->heaps[i] != NULL)
isc_heap_destroy(&rbtdb->heaps[i]);
- isc_mem_put(mctx, rbtdb->heaps,
+ isc_mem_put(hmctx, rbtdb->heaps,
rbtdb->node_lock_count * sizeof(isc_heap_t *));
}
Copied: stable/9/contrib/bind9/lib/dns/rdata/generic/tlsa_52.c (from r236373,
vendor/bind9/dist/lib/dns/rdata/generic/tlsa_52.c)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ stable/9/contrib/bind9/lib/dns/rdata/generic/tlsa_52.c Fri Jun 1
03:46:28 2012 (r236374, copy of r236373,
vendor/bind9/dist/lib/dns/rdata/generic/tlsa_52.c)
@@ -0,0 +1,290 @@
+/*
+ * Copyright (C) 2012 Internet Systems Consortium, Inc. ("ISC")
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ * PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/* $Id$ */
+
+/* draft-ietf-dane-protocol-19.txt */
+
+#ifndef RDATA_GENERIC_TLSA_52_C
+#define RDATA_GENERIC_TLSA_52_C
+
+#define RRTYPE_TLSA_ATTRIBUTES 0
+
+static inline isc_result_t
+fromtext_tlsa(ARGS_FROMTEXT) {
+ isc_token_t token;
+
+ REQUIRE(type == 52);
+
+ UNUSED(type);
+ UNUSED(rdclass);
+ UNUSED(origin);
+ UNUSED(options);
+ UNUSED(callbacks);
+
+ /*
+ * Certificate Usage.
+ */
+ RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_number,
+ ISC_FALSE));
+ if (token.value.as_ulong > 0xffU)
+ RETTOK(ISC_R_RANGE);
+ RETERR(uint8_tobuffer(token.value.as_ulong, target));
+
+ /*
+ * Selector.
+ */
+ RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_number,
+ ISC_FALSE));
+ if (token.value.as_ulong > 0xffU)
+ RETTOK(ISC_R_RANGE);
+ RETERR(uint8_tobuffer(token.value.as_ulong, target));
+
+ /*
+ * Matching type.
+ */
+ RETERR(isc_lex_getmastertoken(lexer, &token, isc_tokentype_number,
+ ISC_FALSE));
+ if (token.value.as_ulong > 0xffU)
+ RETTOK(ISC_R_RANGE);
+ RETERR(uint8_tobuffer(token.value.as_ulong, target));
+
+ /*
+ * Certificate Association Data.
+ */
+ return (isc_hex_tobuffer(lexer, target, -1));
+}
+
+static inline isc_result_t
+totext_tlsa(ARGS_TOTEXT) {
+ isc_region_t sr;
+ char buf[sizeof("64000 ")];
+ unsigned int n;
+
+ REQUIRE(rdata->type == 52);
+ REQUIRE(rdata->length != 0);
+
+ UNUSED(tctx);
+
+ dns_rdata_toregion(rdata, &sr);
+
+ /*
+ * Certificate Usage.
+ */
+ n = uint8_fromregion(&sr);
+ isc_region_consume(&sr, 1);
+ sprintf(buf, "%u ", n);
+ RETERR(str_totext(buf, target));
+
+ /*
+ * Selector.
+ */
+ n = uint8_fromregion(&sr);
+ isc_region_consume(&sr, 1);
+ sprintf(buf, "%u ", n);
+ RETERR(str_totext(buf, target));
+
+ /*
+ * Matching type.
+ */
+ n = uint8_fromregion(&sr);
+ isc_region_consume(&sr, 1);
+ sprintf(buf, "%u", n);
+ RETERR(str_totext(buf, target));
+
+ /*
+ * Certificate Association Data.
+ */
+ if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0)
+ RETERR(str_totext(" (", target));
+ RETERR(str_totext(tctx->linebreak, target));
+ if (tctx->width == 0) /* No splitting */
+ RETERR(isc_hex_totext(&sr, 0, "", target));
+ else
+ RETERR(isc_hex_totext(&sr, tctx->width - 2,
+ tctx->linebreak, target));
+ if ((tctx->flags & DNS_STYLEFLAG_MULTILINE) != 0)
+ RETERR(str_totext(" )", target));
+ return (ISC_R_SUCCESS);
+}
+
+static inline isc_result_t
+fromwire_tlsa(ARGS_FROMWIRE) {
+ isc_region_t sr;
+
+ REQUIRE(type == 52);
+
+ UNUSED(type);
+ UNUSED(rdclass);
+ UNUSED(dctx);
+ UNUSED(options);
+
+ isc_buffer_activeregion(source, &sr);
+
+ if (sr.length < 3)
+ return (ISC_R_UNEXPECTEDEND);
+
+ isc_buffer_forward(source, sr.length);
+ return (mem_tobuffer(target, sr.base, sr.length));
+}
+
+static inline isc_result_t
+towire_tlsa(ARGS_TOWIRE) {
+ isc_region_t sr;
+
+ REQUIRE(rdata->type == 52);
+ REQUIRE(rdata->length != 0);
+
+ UNUSED(cctx);
+
+ dns_rdata_toregion(rdata, &sr);
+ return (mem_tobuffer(target, sr.base, sr.length));
+}
+
+static inline int
+compare_tlsa(ARGS_COMPARE) {
+ isc_region_t r1;
+ isc_region_t r2;
+
+ REQUIRE(rdata1->type == rdata2->type);
+ REQUIRE(rdata1->rdclass == rdata2->rdclass);
+ REQUIRE(rdata1->type == 52);
+ REQUIRE(rdata1->length != 0);
+ REQUIRE(rdata2->length != 0);
+
+ dns_rdata_toregion(rdata1, &r1);
+ dns_rdata_toregion(rdata2, &r2);
+ return (isc_region_compare(&r1, &r2));
+}
+
+static inline isc_result_t
+fromstruct_tlsa(ARGS_FROMSTRUCT) {
+ dns_rdata_tlsa_t *tlsa = source;
+
+ REQUIRE(type == 52);
+ REQUIRE(source != NULL);
+ REQUIRE(tlsa->common.rdtype == type);
+ REQUIRE(tlsa->common.rdclass == rdclass);
+
+ UNUSED(type);
+ UNUSED(rdclass);
+
+ RETERR(uint8_tobuffer(tlsa->usage, target));
+ RETERR(uint8_tobuffer(tlsa->selector, target));
+ RETERR(uint8_tobuffer(tlsa->match, target));
+
+ return (mem_tobuffer(target, tlsa->data, tlsa->length));
+}
+
+static inline isc_result_t
+tostruct_tlsa(ARGS_TOSTRUCT) {
+ dns_rdata_tlsa_t *tlsa = target;
+ isc_region_t region;
+
+ REQUIRE(rdata->type == 52);
+ REQUIRE(target != NULL);
+ REQUIRE(rdata->length != 0);
+
+ tlsa->common.rdclass = rdata->rdclass;
+ tlsa->common.rdtype = rdata->type;
+ ISC_LINK_INIT(&tlsa->common, link);
+
+ dns_rdata_toregion(rdata, ®ion);
+
+ tlsa->usage = uint8_fromregion(®ion);
+ isc_region_consume(®ion, 1);
+ tlsa->selector = uint8_fromregion(®ion);
+ isc_region_consume(®ion, 1);
+ tlsa->match = uint8_fromregion(®ion);
+ isc_region_consume(®ion, 1);
+ tlsa->length = region.length;
+
+ tlsa->data = mem_maybedup(mctx, region.base, region.length);
+ if (tlsa->data == NULL)
+ return (ISC_R_NOMEMORY);
+
+ tlsa->mctx = mctx;
+ return (ISC_R_SUCCESS);
+}
+
+static inline void
+freestruct_tlsa(ARGS_FREESTRUCT) {
+ dns_rdata_tlsa_t *tlsa = source;
+
+ REQUIRE(tlsa != NULL);
+ REQUIRE(tlsa->common.rdtype == 52);
+
+ if (tlsa->mctx == NULL)
+ return;
+
+ if (tlsa->data != NULL)
+ isc_mem_free(tlsa->mctx, tlsa->data);
+ tlsa->mctx = NULL;
+}
+
+static inline isc_result_t
+additionaldata_tlsa(ARGS_ADDLDATA) {
+ REQUIRE(rdata->type == 52);
+
+ UNUSED(rdata);
+ UNUSED(add);
+ UNUSED(arg);
+
+ return (ISC_R_SUCCESS);
+}
+
+static inline isc_result_t
+digest_tlsa(ARGS_DIGEST) {
+ isc_region_t r;
+
+ REQUIRE(rdata->type == 52);
+
+ dns_rdata_toregion(rdata, &r);
+
+ return ((digest)(arg, &r));
+}
+
+static inline isc_boolean_t
+checkowner_tlsa(ARGS_CHECKOWNER) {
+
+ REQUIRE(type == 52);
+
+ UNUSED(name);
+ UNUSED(type);
+ UNUSED(rdclass);
+ UNUSED(wildcard);
+
+ return (ISC_TRUE);
+}
+
+static inline isc_boolean_t
+checknames_tlsa(ARGS_CHECKNAMES) {
+
+ REQUIRE(rdata->type == 52);
+
+ UNUSED(rdata);
+ UNUSED(owner);
+ UNUSED(bad);
+
+ return (ISC_TRUE);
+}
+
+static inline int
+casecompare_tlsa(ARGS_COMPARE) {
+ return (compare_tlsa(rdata1, rdata2));
+}
+
+#endif /* RDATA_GENERIC_TLSA_52_C */
Copied: stable/9/contrib/bind9/lib/dns/rdata/generic/tlsa_52.h (from r236373,
vendor/bind9/dist/lib/dns/rdata/generic/tlsa_52.h)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ stable/9/contrib/bind9/lib/dns/rdata/generic/tlsa_52.h Fri Jun 1
03:46:28 2012 (r236374, copy of r236373,
vendor/bind9/dist/lib/dns/rdata/generic/tlsa_52.h)
@@ -0,0 +1,35 @@
+/*
+ * Copyright (C) 2012 Internet Systems Consortium, Inc. ("ISC")
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ * PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/* $Id$ */
+
+#ifndef GENERIC_TLSA_52_H
+#define GENERIC_TLSA_52_H 1
+
+/*!
+ * \brief per draft-ietf-dane-protocol-19.txt
+ */
+typedef struct dns_rdata_tlsa {
+ dns_rdatacommon_t common;
+ isc_mem_t *mctx;
+ isc_uint8_t usage;
+ isc_uint8_t selector;
+ isc_uint8_t match;
+ isc_uint16_t length;
+ unsigned char *data;
+} dns_rdata_tlsa_t;
+
+#endif /* GENERIC_TLSA_52_H */
Modified: stable/9/contrib/bind9/lib/dns/resolver.c
==============================================================================
--- stable/9/contrib/bind9/lib/dns/resolver.c Fri Jun 1 03:00:36 2012
(r236373)
+++ stable/9/contrib/bind9/lib/dns/resolver.c Fri Jun 1 03:46:28 2012
(r236374)
@@ -180,7 +180,9 @@ struct fetchctx {
dns_rdatatype_t type;
unsigned int options;
unsigned int bucketnum;
- char * info;
+ char * info;
+ isc_mem_t * mctx;
+
/*% Locked by appropriate bucket lock. */
fetchstate state;
isc_boolean_t want_shutdown;
@@ -446,7 +448,8 @@ static void resquery_response(isc_task_t
static void resquery_connected(isc_task_t *task, isc_event_t *event);
static void fctx_try(fetchctx_t *fctx, isc_boolean_t retrying,
isc_boolean_t badcache);
-static isc_boolean_t fctx_destroy(fetchctx_t *fctx);
+static void fctx_destroy(fetchctx_t *fctx);
+static isc_boolean_t fctx_unlink(fetchctx_t *fctx);
static isc_result_t ncache_adderesult(dns_message_t *message,
dns_db_t *cache, dns_dbnode_t *node,
dns_rdatatype_t covers,
@@ -478,8 +481,7 @@ valcreate(fetchctx_t *fctx, dns_adbaddri
dns_valarg_t *valarg;
isc_result_t result;
- valarg = isc_mem_get(fctx->res->buckets[fctx->bucketnum].mctx,
- sizeof(*valarg));
+ valarg = isc_mem_get(fctx->mctx, sizeof(*valarg));
if (valarg == NULL)
return (ISC_R_NOMEMORY);
@@ -501,8 +503,7 @@ valcreate(fetchctx_t *fctx, dns_adbaddri
}
ISC_LIST_APPEND(fctx->validators, validator, link);
} else
- isc_mem_put(fctx->res->buckets[fctx->bucketnum].mctx,
- valarg, sizeof(*valarg));
+ isc_mem_put(fctx->mctx, valarg, sizeof(*valarg));
return (result);
}
@@ -1386,13 +1387,12 @@ fctx_query(fetchctx_t *fctx, dns_adbaddr
dns_message_reset(fctx->rmessage, DNS_MESSAGE_INTENTPARSE);
- query = isc_mem_get(res->buckets[fctx->bucketnum].mctx,
- sizeof(*query));
+ query = isc_mem_get(fctx->mctx, sizeof(*query));
if (query == NULL) {
result = ISC_R_NOMEMORY;
goto stop_idle_timer;
}
- query->mctx = res->buckets[fctx->bucketnum].mctx;
+ query->mctx = fctx->mctx;
query->options = options;
query->attributes = 0;
query->sends = 0;
@@ -1569,8 +1569,7 @@ fctx_query(fetchctx_t *fctx, dns_adbaddr
cleanup_query:
if (query->connects == 0) {
query->magic = 0;
- isc_mem_put(res->buckets[fctx->bucketnum].mctx,
- query, sizeof(*query));
+ isc_mem_put(fctx->mctx, query, sizeof(*query));
}
stop_idle_timer:
@@ -1600,8 +1599,7 @@ add_bad_edns(fetchctx_t *fctx, isc_socka
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
