From owner-svn-src-all@FreeBSD.ORG Wed Jul 4 14:22:30 2012 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 2118A106566C; Wed, 4 Jul 2012 14:22:30 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 09C6B8FC08; Wed, 4 Jul 2012 14:22:30 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id q64EMT0e015267; Wed, 4 Jul 2012 14:22:29 GMT (envelope-from des@svn.freebsd.org) Received: (from des@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id q64EMThr015262; Wed, 4 Jul 2012 14:22:29 GMT (envelope-from des@svn.freebsd.org) Message-Id: <201207041422.q64EMThr015262@svn.freebsd.org> From: Dag-Erling Smorgrav Date: Wed, 4 Jul 2012 14:22:29 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org X-SVN-Group: vendor MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r238104 - in vendor/ldns/dist: . compat contrib contrib/ldnsx contrib/ldnsx/examples contrib/ldnsx/source contrib/ldnsx/source/api contrib/ldnsx/source/examples contrib/python contrib/p... X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Jul 2012 14:22:30 -0000 Author: des Date: Wed Jul 4 14:22:28 2012 New Revision: 238104 URL: http://svn.freebsd.org/changeset/base/238104 Log: import ldns 1.6.13 Added: vendor/ldns/dist/Changelog vendor/ldns/dist/LICENSE vendor/ldns/dist/Makefile.in vendor/ldns/dist/README vendor/ldns/dist/README.snapshots vendor/ldns/dist/README.svn vendor/ldns/dist/aclocal.m4 vendor/ldns/dist/acx_nlnetlabs.m4 vendor/ldns/dist/ax_pkg_swig.m4 vendor/ldns/dist/ax_python_devel.m4 vendor/ldns/dist/buffer.c vendor/ldns/dist/compat/ vendor/ldns/dist/compat/b32_ntop.c vendor/ldns/dist/compat/b32_pton.c vendor/ldns/dist/compat/b64_ntop.c vendor/ldns/dist/compat/b64_pton.c vendor/ldns/dist/compat/calloc.c vendor/ldns/dist/compat/ctime_r.c vendor/ldns/dist/compat/fake-rfc2553.c vendor/ldns/dist/compat/fake-rfc2553.h vendor/ldns/dist/compat/gmtime_r.c vendor/ldns/dist/compat/inet_aton.c vendor/ldns/dist/compat/inet_ntop.c vendor/ldns/dist/compat/inet_pton.c vendor/ldns/dist/compat/isascii.c vendor/ldns/dist/compat/isblank.c vendor/ldns/dist/compat/localtime_r.c vendor/ldns/dist/compat/malloc.c vendor/ldns/dist/compat/memmove.c vendor/ldns/dist/compat/realloc.c vendor/ldns/dist/compat/snprintf.c vendor/ldns/dist/compat/strlcpy.c vendor/ldns/dist/compat/timegm.c vendor/ldns/dist/config.guess (contents, props changed) vendor/ldns/dist/config.sub (contents, props changed) vendor/ldns/dist/configure (contents, props changed) vendor/ldns/dist/configure.ac vendor/ldns/dist/contrib/ vendor/ldns/dist/contrib/NETLDNS.readme.txt vendor/ldns/dist/contrib/NETLDNS.tar.gz (contents, props changed) vendor/ldns/dist/contrib/build-solaris.sh (contents, props changed) vendor/ldns/dist/contrib/ldnsx/ vendor/ldns/dist/contrib/ldnsx/LICENSE vendor/ldns/dist/contrib/ldnsx/Makefile vendor/ldns/dist/contrib/ldnsx/README vendor/ldns/dist/contrib/ldnsx/examples/ vendor/ldns/dist/contrib/ldnsx/examples/ldnsx-axfr.py vendor/ldns/dist/contrib/ldnsx/examples/ldnsx-dnssec.py vendor/ldns/dist/contrib/ldnsx/examples/ldnsx-mx1.py vendor/ldns/dist/contrib/ldnsx/examples/ldnsx-mx2.py vendor/ldns/dist/contrib/ldnsx/examples/ldnsx-walk.py (contents, props changed) vendor/ldns/dist/contrib/ldnsx/ldnsx.py vendor/ldns/dist/contrib/ldnsx/source/ vendor/ldns/dist/contrib/ldnsx/source/api/ vendor/ldns/dist/contrib/ldnsx/source/api/ldnsx.rst vendor/ldns/dist/contrib/ldnsx/source/api/packet.rst vendor/ldns/dist/contrib/ldnsx/source/api/resolver.rst vendor/ldns/dist/contrib/ldnsx/source/api/resource_record.rst vendor/ldns/dist/contrib/ldnsx/source/conf.py vendor/ldns/dist/contrib/ldnsx/source/examples/ vendor/ldns/dist/contrib/ldnsx/source/examples/ldnsx-axfr.rst vendor/ldns/dist/contrib/ldnsx/source/examples/ldnsx-dnssec.rst vendor/ldns/dist/contrib/ldnsx/source/examples/ldnsx-mx1.rst vendor/ldns/dist/contrib/ldnsx/source/examples/ldnsx-mx2.rst vendor/ldns/dist/contrib/ldnsx/source/examples/ldnsx-walk.rst vendor/ldns/dist/contrib/ldnsx/source/index.rst vendor/ldns/dist/contrib/python/ vendor/ldns/dist/contrib/python/LICENSE vendor/ldns/dist/contrib/python/Makefile vendor/ldns/dist/contrib/python/docs/ vendor/ldns/dist/contrib/python/docs/Makefile vendor/ldns/dist/contrib/python/docs/source/ vendor/ldns/dist/contrib/python/docs/source/_static/ vendor/ldns/dist/contrib/python/docs/source/conf.py vendor/ldns/dist/contrib/python/docs/source/examples/ vendor/ldns/dist/contrib/python/docs/source/examples/example1.rst vendor/ldns/dist/contrib/python/docs/source/examples/example2.py (contents, props changed) vendor/ldns/dist/contrib/python/docs/source/examples/example2.rst vendor/ldns/dist/contrib/python/docs/source/examples/example3.rst vendor/ldns/dist/contrib/python/docs/source/examples/example4.rst vendor/ldns/dist/contrib/python/docs/source/examples/example5.rst vendor/ldns/dist/contrib/python/docs/source/examples/example6.rst vendor/ldns/dist/contrib/python/docs/source/examples/example7.rst vendor/ldns/dist/contrib/python/docs/source/examples/example8.rst vendor/ldns/dist/contrib/python/docs/source/examples/index.rst vendor/ldns/dist/contrib/python/docs/source/index.rst vendor/ldns/dist/contrib/python/docs/source/install.rst vendor/ldns/dist/contrib/python/docs/source/modules/ vendor/ldns/dist/contrib/python/docs/source/modules/ldns.rst vendor/ldns/dist/contrib/python/docs/source/modules/ldns_buffer.rst vendor/ldns/dist/contrib/python/docs/source/modules/ldns_dname.rst vendor/ldns/dist/contrib/python/docs/source/modules/ldns_dnssec.rst vendor/ldns/dist/contrib/python/docs/source/modules/ldns_func.rst vendor/ldns/dist/contrib/python/docs/source/modules/ldns_key.rst vendor/ldns/dist/contrib/python/docs/source/modules/ldns_key_list.rst vendor/ldns/dist/contrib/python/docs/source/modules/ldns_pkt.rst vendor/ldns/dist/contrib/python/docs/source/modules/ldns_rdf.rst vendor/ldns/dist/contrib/python/docs/source/modules/ldns_resolver.rst vendor/ldns/dist/contrib/python/docs/source/modules/ldns_rr.rst vendor/ldns/dist/contrib/python/docs/source/modules/ldns_rr_list.rst vendor/ldns/dist/contrib/python/docs/source/modules/ldns_zone.rst vendor/ldns/dist/contrib/python/examples/ vendor/ldns/dist/contrib/python/examples/ldns-axfr.py (contents, props changed) vendor/ldns/dist/contrib/python/examples/ldns-buf.py (contents, props changed) vendor/ldns/dist/contrib/python/examples/ldns-dnssec.py (contents, props changed) vendor/ldns/dist/contrib/python/examples/ldns-higher.py (contents, props changed) vendor/ldns/dist/contrib/python/examples/ldns-keygen.py (contents, props changed) vendor/ldns/dist/contrib/python/examples/ldns-mx.py (contents, props changed) vendor/ldns/dist/contrib/python/examples/ldns-mx1.py (contents, props changed) vendor/ldns/dist/contrib/python/examples/ldns-mx2.py (contents, props changed) vendor/ldns/dist/contrib/python/examples/ldns-newpkt.py (contents, props changed) vendor/ldns/dist/contrib/python/examples/ldns-signzone.py (contents, props changed) vendor/ldns/dist/contrib/python/examples/ldns-zone.py (contents, props changed) vendor/ldns/dist/contrib/python/examples/ldns_rr_iter_frm_fp_l.demo.py vendor/ldns/dist/contrib/python/examples/ldns_rr_new_frm_fp_l.demo.py vendor/ldns/dist/contrib/python/examples/python3/ vendor/ldns/dist/contrib/python/examples/python3/ldns-axfr.py (contents, props changed) vendor/ldns/dist/contrib/python/examples/python3/ldns-buf.py (contents, props changed) vendor/ldns/dist/contrib/python/examples/python3/ldns-dnssec.py (contents, props changed) vendor/ldns/dist/contrib/python/examples/python3/ldns-higher.py (contents, props changed) vendor/ldns/dist/contrib/python/examples/python3/ldns-keygen.py (contents, props changed) vendor/ldns/dist/contrib/python/examples/python3/ldns-mx.py (contents, props changed) vendor/ldns/dist/contrib/python/examples/python3/ldns-mx1.py (contents, props changed) vendor/ldns/dist/contrib/python/examples/python3/ldns-mx2.py (contents, props changed) vendor/ldns/dist/contrib/python/examples/python3/ldns-newpkt.py (contents, props changed) vendor/ldns/dist/contrib/python/examples/python3/ldns-zone.py (contents, props changed) vendor/ldns/dist/contrib/python/examples/python3/ldns_rr_iter_frm_fp_l.demo.py vendor/ldns/dist/contrib/python/examples/python3/ldns_rr_new_frm_fp_l.demo.py vendor/ldns/dist/contrib/python/examples/zone.txt vendor/ldns/dist/contrib/python/file_py3.i vendor/ldns/dist/contrib/python/ldns.i vendor/ldns/dist/contrib/python/ldns_buffer.i vendor/ldns/dist/contrib/python/ldns_dname.i vendor/ldns/dist/contrib/python/ldns_dnssec.i vendor/ldns/dist/contrib/python/ldns_key.i vendor/ldns/dist/contrib/python/ldns_packet.i vendor/ldns/dist/contrib/python/ldns_rdf.i vendor/ldns/dist/contrib/python/ldns_resolver.i vendor/ldns/dist/contrib/python/ldns_rr.i vendor/ldns/dist/contrib/python/ldns_zone.i vendor/ldns/dist/dname.c vendor/ldns/dist/dnssec.c vendor/ldns/dist/dnssec_sign.c vendor/ldns/dist/dnssec_verify.c vendor/ldns/dist/dnssec_zone.c vendor/ldns/dist/doc/ vendor/ldns/dist/doc/API-header.xml (contents, props changed) vendor/ldns/dist/doc/API.xml (contents, props changed) vendor/ldns/dist/doc/CodingStyle vendor/ldns/dist/doc/TODO vendor/ldns/dist/doc/design.dox vendor/ldns/dist/doc/dns-lib-implementations vendor/ldns/dist/doc/doxyparse.pl (contents, props changed) vendor/ldns/dist/doc/function_manpages vendor/ldns/dist/doc/header.html vendor/ldns/dist/doc/images/ vendor/ldns/dist/doc/images/LogoInGradientBar2-y100.png (contents, props changed) vendor/ldns/dist/doc/images/libdnsoverview.png (contents, props changed) vendor/ldns/dist/doc/images/libdnsoverview.svg (contents, props changed) vendor/ldns/dist/doc/libdns.css vendor/ldns/dist/doc/tutorial1_mx.dox vendor/ldns/dist/doc/tutorial2_zone.dox vendor/ldns/dist/doc/tutorial3_signzone.dox vendor/ldns/dist/drill/ vendor/ldns/dist/drill/ChangeLog.22-nov-2005 vendor/ldns/dist/drill/Makefile.in vendor/ldns/dist/drill/README vendor/ldns/dist/drill/REGRESSIONS vendor/ldns/dist/drill/chasetrace.c vendor/ldns/dist/drill/config.h.in vendor/ldns/dist/drill/configure (contents, props changed) vendor/ldns/dist/drill/configure.ac vendor/ldns/dist/drill/dnssec.c vendor/ldns/dist/drill/drill.1 vendor/ldns/dist/drill/drill.c vendor/ldns/dist/drill/drill.h vendor/ldns/dist/drill/drill_util.c vendor/ldns/dist/drill/drill_util.h vendor/ldns/dist/drill/error.c vendor/ldns/dist/drill/install-sh (contents, props changed) vendor/ldns/dist/drill/root.c vendor/ldns/dist/drill/securetrace.c vendor/ldns/dist/drill/work.c vendor/ldns/dist/duration.c vendor/ldns/dist/error.c vendor/ldns/dist/examples/ vendor/ldns/dist/examples/Makefile.in vendor/ldns/dist/examples/README vendor/ldns/dist/examples/config.h.in vendor/ldns/dist/examples/configure (contents, props changed) vendor/ldns/dist/examples/configure.ac vendor/ldns/dist/examples/fake-rfc2553.h vendor/ldns/dist/examples/ldns-chaos.1 vendor/ldns/dist/examples/ldns-chaos.c vendor/ldns/dist/examples/ldns-compare-zones.1 vendor/ldns/dist/examples/ldns-compare-zones.c vendor/ldns/dist/examples/ldns-dpa.1 vendor/ldns/dist/examples/ldns-dpa.c vendor/ldns/dist/examples/ldns-dpa.h vendor/ldns/dist/examples/ldns-gen-zone.1 vendor/ldns/dist/examples/ldns-gen-zone.c vendor/ldns/dist/examples/ldns-key2ds.1 vendor/ldns/dist/examples/ldns-key2ds.c vendor/ldns/dist/examples/ldns-keyfetcher.1 vendor/ldns/dist/examples/ldns-keyfetcher.c vendor/ldns/dist/examples/ldns-keygen.1 vendor/ldns/dist/examples/ldns-keygen.c vendor/ldns/dist/examples/ldns-mx.1 vendor/ldns/dist/examples/ldns-mx.c vendor/ldns/dist/examples/ldns-notify.1 vendor/ldns/dist/examples/ldns-notify.c vendor/ldns/dist/examples/ldns-nsec3-hash.1 vendor/ldns/dist/examples/ldns-nsec3-hash.c vendor/ldns/dist/examples/ldns-read-zone.1 vendor/ldns/dist/examples/ldns-read-zone.c vendor/ldns/dist/examples/ldns-resolver.1 vendor/ldns/dist/examples/ldns-resolver.c vendor/ldns/dist/examples/ldns-revoke.1 vendor/ldns/dist/examples/ldns-revoke.c vendor/ldns/dist/examples/ldns-rrsig.1 vendor/ldns/dist/examples/ldns-rrsig.c vendor/ldns/dist/examples/ldns-signzone.1 vendor/ldns/dist/examples/ldns-signzone.c vendor/ldns/dist/examples/ldns-test-edns.1 vendor/ldns/dist/examples/ldns-test-edns.c vendor/ldns/dist/examples/ldns-testns.1 vendor/ldns/dist/examples/ldns-testns.c vendor/ldns/dist/examples/ldns-testpkts.c vendor/ldns/dist/examples/ldns-testpkts.h vendor/ldns/dist/examples/ldns-update.1 vendor/ldns/dist/examples/ldns-update.c vendor/ldns/dist/examples/ldns-verify-zone.1 vendor/ldns/dist/examples/ldns-verify-zone.c vendor/ldns/dist/examples/ldns-version.1 vendor/ldns/dist/examples/ldns-version.c vendor/ldns/dist/examples/ldns-walk.1 vendor/ldns/dist/examples/ldns-walk.c vendor/ldns/dist/examples/ldns-zcat.1 vendor/ldns/dist/examples/ldns-zcat.c vendor/ldns/dist/examples/ldns-zsplit.1 vendor/ldns/dist/examples/ldns-zsplit.c vendor/ldns/dist/examples/ldnsd.1 vendor/ldns/dist/examples/ldnsd.c vendor/ldns/dist/higher.c vendor/ldns/dist/host2str.c vendor/ldns/dist/host2wire.c vendor/ldns/dist/install-sh (contents, props changed) vendor/ldns/dist/keys.c vendor/ldns/dist/ldns/ vendor/ldns/dist/ldns/buffer.h vendor/ldns/dist/ldns/common.h.in vendor/ldns/dist/ldns/config.h.in vendor/ldns/dist/ldns/dname.h vendor/ldns/dist/ldns/dnssec.h vendor/ldns/dist/ldns/dnssec_sign.h vendor/ldns/dist/ldns/dnssec_verify.h vendor/ldns/dist/ldns/dnssec_zone.h vendor/ldns/dist/ldns/duration.h vendor/ldns/dist/ldns/error.h vendor/ldns/dist/ldns/higher.h vendor/ldns/dist/ldns/host2str.h vendor/ldns/dist/ldns/host2wire.h vendor/ldns/dist/ldns/keys.h vendor/ldns/dist/ldns/ldns.h vendor/ldns/dist/ldns/net.h.in vendor/ldns/dist/ldns/packet.h vendor/ldns/dist/ldns/parse.h vendor/ldns/dist/ldns/rbtree.h vendor/ldns/dist/ldns/rdata.h vendor/ldns/dist/ldns/resolver.h vendor/ldns/dist/ldns/rr.h vendor/ldns/dist/ldns/rr_functions.h vendor/ldns/dist/ldns/sha1.h vendor/ldns/dist/ldns/sha2.h vendor/ldns/dist/ldns/str2host.h vendor/ldns/dist/ldns/tsig.h vendor/ldns/dist/ldns/update.h vendor/ldns/dist/ldns/util.h.in vendor/ldns/dist/ldns/wire2host.h vendor/ldns/dist/ldns/zone.h vendor/ldns/dist/ldns_symbols.def vendor/ldns/dist/libdns.doxygen vendor/ldns/dist/libdns.vim vendor/ldns/dist/linktest.c vendor/ldns/dist/ltmain.sh (contents, props changed) vendor/ldns/dist/net.c vendor/ldns/dist/packaging/ vendor/ldns/dist/packaging/fedora/ vendor/ldns/dist/packaging/fedora/ldns.spec vendor/ldns/dist/packaging/ldns-config.1 vendor/ldns/dist/packaging/ldns-config.in (contents, props changed) vendor/ldns/dist/packaging/libldns.pc.in vendor/ldns/dist/packet.c vendor/ldns/dist/parse.c vendor/ldns/dist/rbtree.c vendor/ldns/dist/rdata.c vendor/ldns/dist/resolver.c vendor/ldns/dist/rr.c vendor/ldns/dist/rr_functions.c vendor/ldns/dist/sha1.c vendor/ldns/dist/sha2.c vendor/ldns/dist/str2host.c vendor/ldns/dist/tsig.c vendor/ldns/dist/update.c vendor/ldns/dist/util.c vendor/ldns/dist/wire2host.c vendor/ldns/dist/zone.c Added: vendor/ldns/dist/Changelog ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ vendor/ldns/dist/Changelog Wed Jul 4 14:22:28 2012 (r238104) @@ -0,0 +1,704 @@ +1.6.13 2012-05-21 + * New -S option for ldns-verify-zone to chase signatures online. + * New -k option for ldns-verify-zone to validate using a trusted key. + * New inception and expiration margin options (-i and -e) to + ldns-verify-zone. + * New ldns_dnssec_zone_new_frm_fp and ldns_dnssec_zone_new_frm_fp_l + functions. + * New ldns_duration* functions (copied from OpenDNSSEC source) + * fix ldns-verify-zone to allow NSEC3 signatures to come before + the NSEC3 RR in all cases. Thanks Wolfgang Nagele. + * Zero the correct flag (opt-out) when creating NSEC3PARAMS. + Thanks Peter van Dijk. + * Canonicalize RRSIG's Signer's name too when validating, because + bind and unbound do that too. Thanks Peter van Dijk. + * bugfix #433: Allocate rdf using ldns_rdf_new in ldns_dname_label + * bugfix #432: Use LDNS_MALLOC & LDNS_FREE i.s.o. malloc & free + * bugfix #431: Added error message for LDNS_STATUS_INVALID_B32_EXT + * bugfix #427: Explicitely link ssl with the programs that use it. + * Fix reading \DDD: Error on values that are outside range (>255). + * bugfix #429: fix doxyparse.pl fails on NetBSD because specified + path to perl. + * New ECDSA support (RFC 6605), use --disable-ecdsa for older openssl. + * fix verifying denial of existence for DS's in NSEC3 Opt-Out zones. + Thanks John Barnitz + +1.6.12 2012-01-11 + * bugfix #413: Fix manpage source for srcdir != builddir + * Canonicalize the signers name rdata field in RRSIGs when signing + * Ignore minor version of Private-key-format (so v1.3 may be used) + * Allow a check_time to be given in stead of always checking against + the current time. With ldns-verify-zone the check_time can be set + with the -t option. + * Added functions for updating and manipulating SOA serial numbers. + ldns-read-zone has an option -S for updating and manipulating the + serial numbers. + * The library Makefile is now GNU and BSD make compatible. + * bugfix #419: NSEC3 validation of a name covered by a wildcard with + no data. + * Two new options (--with-drill and --with-examples) to the main + configure script (in the root of the source tree) to build drill + and examples too. + * Fix days_since_epoch to year_yday calculation on 32bits systems. + +1.6.11 2011-09-29 + * bugfix #394: Fix socket leak on errors + * bugfix #392: Apex only and percentage checks for ldns-verify-zone + (thanks Miek Gieben) + * bugfix #398: Allow NSEC RRSIGs before the NSEC3 in ldns-verify-zone + * Fix python site package path from sitelib to sitearch for pyldns. + * Fix python api to support python2 and python3 (thanks Karel Slany). + * bugfix #401: Correction of date/time functions algorithm and + prevention of an infinite loop therein + * bugfix #402: Correct the minimum and maximum number of rdata fields + in TSIG. (thanks David Keeler) + * bugfix #403: Fix heap overflow (thanks David Keeler) + * bugfix #404: Make parsing APL strings more robust + (thanks David Keeler) + * bugfix #391: Complete library assessment to prevent assertion errors + through ldns_rdf_size usage. + * Slightly more specific error messaging on wrong number of rdata + fields with the LDNS_STATUS_MISSING_RDATA_FIELDS_RRSIG and + LDNS_STATUS_MISSING_RDATA_FIELDS_KEY result codes. + * bugfix #406: More rigorous openssl result code handling to prevent + future crashes within openssl. + * Fix ldns_fetch_valid_domain_keys to search deeper than just one level + for a DNSKEY that signed a DS RR. (this function was used in the + check_dnssec_trace nagios module) + * bugfix #407: Canonicalize TSIG dnames and algorithm fields + * A new output specifier to accommodate configuration of what to show + in comment texts when converting host and/or wire-format data to + string. All conversion to string and printing functions have a new + version that have such a format specifier as an extra argument. + The default is changed so that only DNSKEY RR's are annotated with + an comment show the Key Tag of the DNSKEY. + * Fixed the ldns resolver to not mark a nameserver unreachable when + edns0 is tried unsuccessfully with size 4096 (no return packet came), + but to still try TCP. A big UDP packet might have been corrupted by + fragments dropping firewalls. + * Update of libdns.vim (thanks Miek Gieben) + * Added the ldnsx Python module to our contrib section, which adds even + more pythonisticism to the usage of ldns with Python. (Many thanks + to Christpher Olah and Paul Wouters) + The ldnsx module is automatically installed when --with-pyldns is + used with configuring, but may explicitly be excluded with the + --without-pyldnsx option to configure. + * bugfix #410: Fix clearing out temporary data on stack in sha2.c + * bugfix #411: Don't let empty non-terminal NSEC3s cause assertion failure. + +1.6.10 2011-05-31 + * New example tool added: ldns-gen-zone. + * bugfix #359: Serial-arithmetic for the inception and expiration + fields of a RRSIG and correctly converting them to broken-out time + information. + * bugfix #364: Slight performance increase of ldns-verifyzone. + * bugfix #367: Fix to allow glue records with the same name as the + delegation. + * Fix ldns-verifyzone to allow NSEC3-less records for NS rrsets *and* + glue when the zone is opt-out. + * bugfix #376: Adapt ldns_nsec3_salt, ldns_nsec3_iterations, + ldns_nsec3_flags and ldns_nsec3_algorithm to work for NSEC3PARAMS too. + * pyldns memory leaks fixed by Bedrich Kosata (at the cost of a bit + performance) + * Better handling of reference variables in ldns_rr_new_frm_fp_l from + pyldns, with a very nice generator function by Bedrich Kosata. + * Decoupling of the rdfs in rrs in the python wrappers to enable + the python garbage collector by Bedrich Kosata. + * bugfix #380: Minimizing effect of discrepancies in sizeof(bool) at + build time and when used. + * bugfix #383: Fix detection of empty nonterminals of multiple labels. + * Fixed the ommission of rrsets in nsec(3)s and rrsigs to all occluded + names (in stead of just the ones that contain glue only) and all + occluded records on the delegation points (in stead of just the glue). + * Clarify the operation of ldns_dnssec_mark_glue and the usage of + ldns_dnssec_node_next_nonglue functions in the documentation. + * Added function ldns_dnssec_mark_and_get_glue as an real fast + alternative for ldns_zone_glue_rr_list. + * Fix parse buffer overflow for max length domain names. + * Fix Makefile for U in environment, since wrong U is more common than + deansification necessity. + +1.6.9 2011-03-16 + * Fix creating NSEC(3) bitmaps: make array size 65536, + don't add doubles. + * Fix printout of escaped binary in TXT records. + * Parsing TXT records: don't skip starting whitespace that is quoted. + * bugfix #358: Check if memory was successfully allocated in + ldns_rdf2str(). + * Added more memory allocation checks in host2str.c + * python wrapper for ldns_fetch_valid_domain_keys by Bedrich Kosata. + * fix to compile python wrapper with swig 2.0.2. + * Don't fallback to SHA-1 when creating NSEC3 hash with another + algorithm identifier, fail instead (no other algorithm identifiers + are assigned yet). + +1.6.8 2011-01-24 + * Fix ldns zone, so that $TTL definition match RFC 2308. + * Fix lots of missing checks on allocation failures and parse of + NSEC with many types and max parse length in hosts_frm_fp routine + and off by one in read_anchor_file routine (thanks Dan Kaminsky and + Justin Ferguson). + * bugfix #335: Drill: Print both SHA-1 and SHA-256 corresponding DS + records. + * Print correct WHEN in query packet (is not always 1-1-1970) + * ldns-test-edns: new example tool that detects EDNS support. + * fix ldns_resolver_send without openssl. + * bugfix #342: patch for support for more CERT key types (RFC4398). + * bugfix #351: fix udp_send hang if UDP checksum error. + * fix set_bit (from NSEC3 sign) patch from Jan Komissar. + +1.6.7 2010-11-08 + * EXPERIMENTAL ecdsa implementation, please do not enable on real + servers. + * GOST code enabled by default (RFC 5933). + * bugfix #326: ignore whitespace between directives and their values. + * Header comment to advertise ldns_axfr_complete to check for + successfully completed zone transfers. + * read resolv.conf skips interface labels, e.g. %eth0. + * Fix drill verify NSEC3 denials. + * Use closesocket() on windows. + * Add ldns_get_signing_algorithm_by_name that understand aliases, + names changed to RFC names and aliases for compatibility added. + * bugfix: don't print final dot if the domain is relative. + * bugfix: resolver search continue when packet rcode != NOERROR. + * bugfix: resolver push all domains in search directive to list. + * bugfix: resolver search by default includes the root domain. + * bugfix: tcp read could fail on single octet recv. + * bugfix: read of RR in unknown syntax with missing fields. + * added ldns_pkt_tsig_sign_next() and ldns_pkt_tsig_verify_next() + to sign and verify TSIG RRs on subsequent messages + (section 4.4, RFC 2845, thanks to Michael Sheldon). + * bugfix: signer sigs nsecs with zsks only. + * bugfix #333: fix ldns_dname_absolute for name ending with backslash. + +1.6.6 2010-08-09 + * Fix ldns_rr_clone to copy question rrs properly. + * Fix ldns_sign_zone(_nsec3) to clone the soa for the new zone. + * Fix ldns_wire2dname size check from reading 1 byte beyond buffer end. + * Fix ldns_wire2dname from reading 1 byte beyond end for pointer. + * Fix crash using GOST for particular platform configurations. + * extern C declarations used in the header file. + * Removed debug fprintf from resolver.c. + * ldns-signzone checks if public key file is for the right zone. + * NETLDNS, .NET port of ldns functionality, by Alex Nicoll, in contrib. + * Fix handling of comments in resolv.conf parse. + * GOST code enabled if SSL recent, RFC 5933. + * bugfix #317: segfault util.c ldns_init_random() fixed. + * Fix ldns_tsig_mac_new: allocate enough memory for the hash, fix use of + b64_pton_calculate_size. + * Fix ldns_dname_cat: size calculation and handling of realloc(). + * Fix ldns_rr_pop_rdf: fix handling of realloc(). + * Fix ldns-signzone for single type key scheme: sign whole zone if there + are only KSKs. + * Fix ldns_resolver: also close socket if AXFR failed (if you don't, + it would block subsequent transfers (thanks Roland van Rijswijk). + * Fix drill: allow for a secure trace if you use DS records as trust + anchors (thanks Jan Komissar). + +1.6.5 2010-06-15 + * Catch \X where X is a digit as an error. + * Fix segfault when ip6 ldns resolver only has ip4 servers. + * Fix NSEC record after DNSKEY at zone apex not properly signed. + * Fix syntax error if last label too long and no dot at end of domain. + * Fix parse of \# syntax with space for type LOC. + * Fix ldns_dname_absolute for escape sequences, fixes some parse errs. + * bugfix #297: linking ssl, bug due to patch submitted as #296. + * bugfix #299: added missing declarations to host2str.h + * ldns-compare-zones -s to not exclude SOA record from comparison. + * --disable-rpath fix + * fix ldns_pkt_empty(), reported by Alex Nicoll. + * fix ldns_resolver_new_frm_fp not ignore lines after a comment. + * python code for ldns_rr.new_question_frm_str() + * Fix ldns_dnssec_verify_denial: the signature selection routine. + * Type TALINK parsed (draft-ietf-dnsop-trust-history). + * bugfix #304: fixed dead loop in ldns_tcp_read_wire() and + ldns_tcp_read_wire_timeout(). + * GOST support with correct algorithm numbers. The plan is to make it + enabled if openssl support is detected, but it is disabled by + default in this release because the RFC is not ready. + * Fixed comment in rbtree.h about being first member and data ptr. + * Fixed possibly leak in case of out of memory in ldns_native2rdf... + * ldns_dname_is_wildcard added. + * Fixed: signatures over wildcards had the wrong labelcount. + * Fixed ldns_verify() inconsistent return values. + * Fixed ldns_resolver to copy and free tsig name, data and algorithm. + * Fixed ldns_resolver to push search onto searchlist. + * A ldns resolver now defaults to a non-recursive resolver that handles + the TC bit. + * ldns_resolver_print() prints more details. + * Fixed ldns_rdf2buffer_str_time(), which did not print timestamps + on 64bit systems. + * Make ldns_resolver_nameservers_randomize() more random. + * bugfix #310: POSIX specifies NULL second argument of gettimeofday. + * fix compiler warnings from llvm clang compiler. + * bugfix #309: ldns_pkt_clone did not clone the tsig_rr. + * Fix gentoo ebuild for drill, 'no m4 directory'. + * bugfix #313: drill trace on an empty nonterminal continuation. + +1.6.4 2010-01-20 + * Imported pyldns contribution by Zdenek Vasicek and Karel Slany. + Changed its configure and Makefile to fit into ldns. + Added its dname_* methods to the rdf_* class (as is the ldns API). + Changed swig destroy of ldns_buffer class to ldns_buffer_free. + Declared ldns_pkt_all and ldns_pkt_all_noquestion so swig sees them. + * Bugfix: parse PTR target of .tomhendrikx.nl with error not crash. + * Bugfix: handle escaped characters in TXT rdata. + * bug292: no longer crash on malformed domain names where a label is + on position 255, which was a buffer overflow by one. + * Fix ldns_get_rr_list_hosts_frm_fp_l (strncpy to strlcpy change), + which fixes resolv.conf reading badly terminated string buffers. + * Fix ldns_pkt_set_random_id to be more random, and a little faster, + it did not do value 0 statistically correctly. + * Fix ldns_rdf2native_sockaddr_storage to set sockaddr type to zeroes, + for portability. + * bug295: nsec3-hash routine no longer case sensitive. + * bug298: drill failed nsec3 denial of existence proof. + +1.6.3 2009-12-04 + * Bugfix: allow for unknown resource records in zonefile with rdlen=0. + * Bugfix: also mark an RR as question if it comes from the wire + * Bugfix: NSEC3 bitmap contained NSEC + * Bugfix: Inherit class when creating signatures + +1.6.2 2009-11-12 + * Fix Makefile patch from Havard Eidnes, better install.sh usage. + * Fix parse error on SOA serial of 2910532839. + Fix print of ';' and readback of '\;' in names, also for '\\'. + Fix parse of '\(' and '\)' in names. Also for file read. Also '\.' + * Fix signature creation when TTLs are different for RRs in RRset. + * bug273: fix so EDNS rdata is included in pkt to wire conversion. + * bug274: fix use of c++ keyword 'class' for RR class in the code. + * bug275: fix memory leak of packet edns rdata. + * Fix timeout procedure for TCP and AXFR on Solaris. + * Fix occasional NSEC bitmap bogus + * Fix rr comparing (was in reversed order since 1.6.0) + * bug278: fix parsing HINFO rdata (and other cases). + * Fix previous owner name: also pick up if owner name is @. + * RFC5702: enabled sha2 functions by default. This requires OpenSSL 0.9.8 or higher. + Reason for this default is the root to be signed with RSASHA256. + * Fix various LDNS RR parsing issues: IPSECKEY, WKS, NSAP, very long lines + * Fix: Make ldns_dname_is_subdomain case insensitive. + * Fix ldns-verify-zone so that address records at zone NS set are not considered glue + (Or glue records fall below delegation) + * Fix LOC RR altitude printing. + * Feature: Added period (e.g. '3m6d') support at explicit TTLs. + * Feature: DNSKEY rrset by default signed with minimal signatures + but -A option for ldns-signzone to sign it with all keys. + This makes the DNSKEY responses smaller for signed domains. + +1.6.1 2009-09-14 + * --enable-gost : use the GOST algorithm (experimental). + * Added some missing options to drill manpage + * Some fixes to --without-ssl option + * Fixed quote parsing withing strings + * Bitmask fix in EDNS handling + * Fixed non-fqdn domain name completion for rdata field domain + names of length 1 + * Fixed chain validation with SHA256 DS records + +1.6.0 + Additions: + * Addition of an ldns-config script which gives cflags and libs + values, for use in configure scripts for applications that use + use ldns. Can be disabled with ./configure --disable-ldns-config + * Added direct sha1, sha256, and sha512 support in ldns. + With these functions, all NSEC3 functionality can still be + used, even if ldns is built without OpenSSL. Thanks to OpenBSD, + Steve Reid, and Aaron D. Gifford for the code. + * Added reading/writing support for the SPF Resource Record + * Base32 functions are now exported + Bugfixes: + * ldns_is_rrset did not go through the complete rrset, but + only compared the first two records. Thanks to Olafur + Gudmundsson for report and patch + * Fixed a small memory bug in ldns_rr_list_subtype_by_rdf(), + thanks to Marius Rieder for finding an patching this. + * --without-ssl should now work. Make sure that examples/ and + drill also get the --without-ssl flag on their configure, if + this is used. + * Some malloc() return value checks have been added + * NSEC3 creation has been improved wrt to empty nonterminals, + and opt-out. + * Fixed a bug in the parser when reading large NSEC3 salt + values. + * Made the allowed length for domain names on wire + and presentation format the same. + Example tools: + * ldns-key2ds can now also generate DS records for keys without + the SEP flag + * ldns-signzone now equalizes the TTL of the DNSKEY RRset (to + the first non-default DNSKEY TTL value it sees) + +1.5.1 + Example tools: + * ldns-signzone was broken in 1.5.0 for multiple keys, this + has been repaired + + Build system: + * Removed a small erroneous output warning in + examples/configure and drill/configure + +1.5.0 + Bug fixes: + * fixed a possible memory overflow in the RR parser + * build flag fix for Sun Studio + * fixed a building race condition in the copying of header + files + * EDNS0 extended rcode; the correct assembled code number + is now printed (still in the EDNS0 field, though) + * ldns_pkt_rr no longer leaks memory (in fact, it no longer + copies anything all) + + API addition: + * ldns_key now has support for 'external' data, in which + case the OpenSSL EVP structures are not used; + ldns_key_set_external_key() and ldns_key_external_key() + * added ldns_key_get_file_base_name() which creates a + 'default' filename base string for key storage, of the + form "K++" + * the ldns_dnssec_* family of structures now have deep_free() + functions, which also free the ldns_rr's contained in them + * there is now an ldns_match_wildcard() function, which checks + whether a domain name matches a wildcard name + * ldns_sign_public has been split up; this resulted in the + addition of ldns_create_empty_rrsig() and + ldns_sign_public_buffer() + + Examples: + * ldns-signzone can now automatically add DNSKEY records when + using an OpenSSL engine, as it already did when using key + files + * added new example tool: ldns-nsec3-hash + * ldns-dpa can now filter on specific query name and types + * ldnsd has fixes for the zone name, a fix for the return + value of recvfrom(), and an memory initialization fix + (Thanks to Colm MacCárthaigh for the patch) + * Fixed memory leaks in ldnsd + + + +1.4.1 + Bug fixes: + * fixed a build issue where ldns lib existence was done too early + * removed unnecessary check for pcap.h + * NSEC3 optout flag now correctly printed in string output + * inttypes.h moved to configured inclusion + * fixed NSEC3 type bitmaps for empty nonterminals and unsigned + delegations + + API addition: + * for that last fix, we added a new function + ldns_dname_add_from() that can clone parts of a dname + +1.4.0 + Bug fixes: + * sig chase return code fix (patch from Rafael Justo, bug id 189) + * rdata.c memory leaks on error and allocation checks fixed (patch + from Shane Kerr, bug id 188) + * zone.c memory leaks on error and allocation checks fixed (patch + from Shane Kerr, bug id 189) + * ldns-zplit output and error messages fixed (patch from Shane Kerr, + bug id 190) + * Fixed potential buffer overflow in ldns_str2rdf_dname + * Signing code no longer signs delegation NS rrsets + * Some minor configure/makefile updates + * Fixed a bug in the randomness initialization + * Fixed a bug in the reading of resolv.conf + * Fixed a bug concerning whitespace in zone data (with patch from Ondrej + Sury, bug 213) + * Fixed a small fallback problem in axfr client code + + API CHANGES: + * added 2str convenience functions: + - ldns_rr_type2str + - ldns_rr_class2str + - ldns_rr_type2buffer_str + - ldns_rr_class2buffer_str + * buffer2str() is now called ldns_buffer2str + * base32 and base64 function names are now also prepended with ldns_ + * ldns_rr_new_frm_str() now returns an error on missing RDATA fields. + Since you cannot read QUESTION section RRs with this anymore, + there is now a function called ldns_rr_new_question_frm_str() + + LIBRARY FEATURES: + * DS RRs string representation now add bubblebabble in a comment + (patch from Jakob Schlyter) + * DLV RR type added + * TCP fallback system has been improved + * HMAC-SHA256 TSIG support has been added. + * TTLS are now correcly set in NSEC(3) records when signing zones + + EXAMPLE TOOLS: + * New example: ldns-revoke to revoke DNSKEYs according to RFC5011 + * ldns-testpkts has been fixed and updated + * ldns-signzone now has the option to not add the DNSKEY + * ldns-signzone now has an (full zone only) opt-out option for + NSEC3 + * ldns-keygen can create HMAC-SHA1 and HMAC-SHA256 symmetric keys + * ldns-walk output has been fixed + * ldns-compare-zones has been fixed, and now has an option + to show all differences (-a) + * ldns-read-zone now has an option to print DNSSEC records only + +1.3 + Base library: + + * Added a new family of functions based around ldns_dnssec_zone, + which is a new structure that keeps a zone sorted through an + rbtree and links signatures and NSEC(3) records directly to their + RRset. These functions all start with ldns_dnssec_ + + * ldns_zone_sign and ldns_zone_sign_nsec3 are now deprecated, but + have been changed to internally use the new + ldns_dnssec_zone_sign(_nsec3) + + * Moved some ldns_buffer functions inline, so a clean rebuild of + applications relying on those is needed (otherwise you'll get + linker errors) + * ldns_dname_label now returns one extra (zero) + byte, so it can be seen as an fqdn. + * NSEC3 type code update for signing algorithms. + * DSA key generation of DNSKEY RRs fixed (one byte too small). + + * Added support for RSA/SHA256 and RSA/SHA512, as specified in + draft-ietf-dnsext-dnssec-rsasha256-04. The typecodes are not + final, and this feature is not enabled by default. It can be + enabled at compilation time with the flag --with-sha2 + + * Added 2wire_canonical family of functions that lowercase dnames + in rdata fields in resource records of the types in the list in + rfc3597 + + * Added base32 conversion functions. + + * Fixed DSA RRSIG conversion when calling OpenSSL + + Drill: + + * Chase output is completely different, it shows, in ascii, the + relations in the trust hierarchy. + + Examples: + * Added ldns-verify-zone, that can verify the internal DNSSEC records + of a signed BIND-style zone file + + * ldns-keygen now takes an -a argument specifying the algorithm, + instead of -R or -D. -a list show a list of supported algorithms + + * ldns-keygen now defaults to the exponent RSA_F4 instead of RSA_3 + for RSA key generation + + * ldns-signzone now has support for HSMs + * ldns-signzone uses the new ldns_dnssec_ structures and functions + which improves its speed, and output; RRSIGS are now placed + directly after their RRset, NSEC(3) records directly after the + name they handle + + Contrib: + * new contrib/ dir with user contributions + * added compilation script for solaris (thanks to Jakob Schlyter) + +28 Nov 2007 1.2.2: + * Added support for HMAC-MD5 keys in generator + * Added a new example tool (written by Ondrej Sury): ldns-compare-zones + * ldns-keygen now checks key sizes for rfc conformancy + * ldns-signzone outputs SSL error if present + * Fixed manpages (thanks to Ondrej Sury) + * Fixed Makefile for -j + * Fixed a $ORIGIN error when reading zones + * Fixed another off-by-one error + +03 Oct 2007 1.2.1: + * Fixed an offset error in rr comparison + * Fixed ldns-read-zone exit code + * Added check for availability of SHA256 hashing algorithm + * Fixed ldns-key2ds -2 argument + * Fixed $ORIGIN bug in .key files + * Output algorithms as an integer instead of their mnemonic + * Fixed a memory leak in dnssec code when SHA256 is not available + * Updated fedora .spec file + +11 Apr 2007 1.2.0: + * canonicalization of rdata in DNSSEC functions now adheres to the + rr type list in rfc3597, not rfc4035, which will be updated + (see http://www.ops.ietf.org/lists/namedroppers/namedroppers.2007/msg00183.html) + * ldns-walk now support dnames with maximum label length + * ldnsd now takes an extra argument containing the address to listen on + * signing no longer signs every rrset with KSK's, but only the DNSKEY rrset + * ported to Solaris 10 + * added ldns_send_buffer() function + * added ldns-testpkts fake packet server + * added ldns-notify to send NOTIFY packets + * ldns-dpa can now accurately calculate the number of matches per + second + * libtool is now used for compilation too (still gcc, but not directly) + * Bugfixes: + - TSIG signing buffer size + - resolv.conf reading (comments) + - dname comparison off by one error + - typo in keyfetchers output file name fixed (a . too much) + - fixed zone file parser when comments contain ( or ) + - fixed LOC RR type + - fixed CERT RR type + + Drill: + * drill prints error on failed axfr. + * drill now accepts mangled packets with -f + * old -c option (use tcp) changed to -t + * -c option to specify alternative resolv.conf file added + * feedback of signature chase improved + * chaser now stops at root when no trusted keys are found + instead of looping forever trying to find the DS for . + * Fixed bugs: + - wildcard on multiple labels signature verification + - error in -f packet writing for malformed packets + - made KSK check more resilient + +7 Jul 2006: 1.1.0: ldns-team + * Added tutorials and an introduction to the documentation + * Added include/ and lib/ dirs so that you can compile against ldns + without installing ldns on your system + * Makefile updates + * Starting usage of assert throughout the library to catch illegal calls + * Solaris 9 testing was carried out. Ldns now compiles on that + platform; some gnuism were identified and fixed. + * The ldns_zone structure was stress tested. The current setup + (ie. just a list of rrs) can scale to zone file in order of + megabytes. Sorting such zone is still difficult. + * Reading multiline b64 encoded rdata works. + * OpenSSL was made optional, configure --without-ssl. + Ofcourse all dnssec/tsig related functions are disabled + * Building of examples and drill now happens with the same + defines as the building of ldns itself. + * Preliminary sha-256 support was added. Currently is your + OpenSSL supports it, it is supported in the DS creation. + * ldns_resolver_search was implemented + * Fixed a lot of bugs + + Drill: + * -r was killed in favor of -o
which + allows for a header bits setting (and maybe more in the + future) + * DNSSEC is never automaticaly set, even when you query + for DNSKEY/RRSIG or DS. + * Implement a crude RTT check, it now distinguishes between + reachable and unreachable. + * A form of secure tracing was added + * Secure Chasing has been improved + * -x does a reverse lookup for the given IP address + + Examples: + * ldns-dpa was added to the examples - this is the Dns Packet + Analyzer tool. + * ldnsd - as very, very simple nameserver impl. + * ldns-zsplit - split zones for parrallel signing + * ldns-zcat - cat split zones back together + * ldns-keyfetcher - Fetches DNSKEY records with a few (non-strong, + non-DNSSEC) anti-spoofing techniques. + * ldns-walk - 'Walks' a DNSSEC signed zone + * Added an all-static target to the makefile so you can use examples + without installing the library + * When building in the source tree or in a direct subdirectory of + the build dir, configure does not need --with-ldns=../ anymore + + Code: + * All networking code was moved to net.c + * rdata.c: added asserts to the rdf set/get functions + * const keyword was added to pointer arguments that + aren't changed + + API: + Changed: + * renamed ldns/dns.h to ldns/ldns.h + * ldns_rr_new_frm_str() is extented with an extra variable which + in common use may be NULL. This trickles through to: + o ldns_rr_new_frm_fp + o ldns_rr_new_frm_fp_l + Which also get an extra variable + Also the function has been changed to return a status message. + The compiled RR is returned in the first argument. + * ldns_zone_new_frm_fp_l() and ldns_zone_new_frm_fp() are + changed to return a status msg. + * ldns_key_new_frm_fp is changed to return ldns_status and + the actual key list in the first argument + * ldns_rdata_new_frm_fp[_l]() are changed to return a status. + the rdf is return in the first argument + * ldns_resolver_new_frm_fp: same treatment: return status and + the new resolver in the first argument + * ldns_pkt_query_new_frm_str(): same: return status and the + packet in the first arg + * tsig.h: internal used functions are now static: + ldns_digest_name and ldns_tsig_mac_new + * ldns_key_rr2ds has an extra argument to specify the hash to + use. + * ldns_pkt_rcode() is renamed to ldns_pkt_get_rcode, ldns_pkt_rcode + is now the rcode type, like ldns_pkt_opcode + New: + * ldns_resolver_searchlist_count: return the searchlist counter + * ldns_zone_sort: Sort a zone + * ldns_bgsend(): background send, returns a socket. + * ldns_pkt_empty(): check is a packet is empty + * ldns_rr_list_pop_rr_list(): pop multiple rr's from another rr_list + * ldns_rr_list_push_rr_list(): push multiple rr's to an rr_list + * ldns_rr_list_compare(): compare 2 ldns_rr_lists + * ldns_pkt_push_rr_list: rr_list equiv for rr + * ldns_pkt_safe_push_rr_list: rr_list equiv for rr + Removed: + * ldns_resolver_bgsend(): was not used in 1.0.0 and is not used now + * ldns_udp_server_connect(): was faulty and isn't really part of + the core ldns idea any how. + * ldns_rr_list_insert_rr(): obsoleted, because not used. + * char *_when was removed from the ldns_pkt structure + +18 Oct 2005: 1.0.0: ldns-team + * Commited a patch from Håkan Olsson + * Added UPDATE support (Jakob Schlyter and Håkan Olsson) + * License change: ldns is now BSD licensed + * ldns now depends on SSL + * Networking code cleanup, added (some) server udp/tcp support + * A zone type is introduced. Currently this is a list + of RRs, so it will not scale well. + * [beta] Zonefile parsing was added + * [tools] Drill was added to ldns - see drill/ + * [tools] experimental signer was added + * [building] better check for ssl + * [building] major revision of build system + * [building] added rpm .spec in packaging/ (thanks to Paul Wouters) + * [building] A lot of cleanup in the build scripts (thanks to Jakob Schlyter + and Paul Wouters) + +28 Jul 2005: 0.70: ldns-team + * [func] ldns_pkt_get_section now returns copies from the rrlists + in the packet. This can be freed by the user program + * [code] added ldns_ prefixes to function from util.h + * [inst] removed documentation from default make install + * Usual fixes in documentation and code + +20 Jun 2005: 0.66: ldns-team + Rel. Focus: drill-pre2 uses some functions which are + not in 0.65 + * dnssec_cd bit function was added + * Zone infrastructure was added + * Usual fixes in documentation and code + +13 Jun 2005: 0.65: ldns-team + * Repository is online at: + http://www.nlnetlabs.nl/ldns/svn/ + * Apply reference copying throuhgout ldns, except in 2 + places in the ldns_resolver structure (._domain and + ._nameservers) + * Usual array of bugfixes + * Documentation added + * keygen.c added as an example for DNSSEC programming + +23 May 2005: 0.60: ldns-team + * Removed config.h from the header installed files + (you're not supposed to include that in a libary) + * Further tweaking + - DNSSEC signing/verification works + - Assorted bug fixes and tweaks (memory management) + +May 2005: 0.50: ldns-team + * First usable release + * Basic DNS functionality works + * DNSSEC validation works Added: vendor/ldns/dist/LICENSE ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ vendor/ldns/dist/LICENSE Wed Jul 4 14:22:28 2012 (r238104) @@ -0,0 +1,26 @@ +Copyright (c) 2005,2006, NLnetLabs +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + + * Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + * Neither the name of NLnetLabs nor the names of its + contributors may be used to endorse or promote products derived from this + software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. Added: vendor/ldns/dist/Makefile.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ vendor/ldns/dist/Makefile.in Wed Jul 4 14:22:28 2012 (r238104) @@ -0,0 +1,1098 @@ +# Standard installation pathnames +# See the file LICENSE for the license +SHELL = @SHELL@ +VERSION = @PACKAGE_VERSION@ +version_info = @LIBTOOL_VERSION_INFO@ +srcdir = @srcdir@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ +bindir = @bindir@ +mandir = @mandir@ +datarootdir = @datarootdir@ +datadir = @datadir@ +libdir = @libdir@ +includedir = @includedir@ +doxygen = @doxygen@ +pywrapdir = ${srcdir}/contrib/python +pyldnsxwrapdir = ${srcdir}/contrib/ldnsx +swig = @swig@ +swigpy_flags = -python @SWIGPY3@ +python_site = @PYTHON_SITE_PKG@ +pyldns_inst = @PYLDNSINST@ +pyldns_uninst = @PYLDNSUNINST@ +pyldnsx_inst = @PYLDNSXINST@ +pyldnsx_uninst = @PYLDNSXUNINST@ +libtool = @libtool@ + +# override $U variable which is used by autotools for deansification (for +# K&R C compilers), but causes problems if $U is defined in the env). +U= + +CC = @CC@ +CFLAGS = @CFLAGS@ +CPPFLAGS = -I. -I$(srcdir) @CPPFLAGS@ @DEFS@ +LDFLAGS = @LDFLAGS@ +LIBS = @LIBS@ +LIBOBJDIR = compat/ +LIBOBJS = @LIBOBJS@ +PYTHON_CPPFLAGS = @PYTHON_CPPFLAGS@ +PYTHON_LDFLAGS = @PYTHON_LDFLAGS@ +PYTHON_X_CFLAGS = @PYTHON_X_CFLAGS@ +LIBSSL_CPPFLAGS = @LIBSSL_CPPFLAGS@ +LIBSSL_LDFLAGS = @LIBSSL_LDFLAGS@ +LIBSSL_LIBS = @LIBSSL_LIBS@ +LIBPCAP_LIBS = @LIBPCAP_LIBS@ +RUNTIME_PATH = @RUNTIME_PATH@ +LIBTOOL = $(libtool) --tag=CC --quiet +LINT = splint +LINTFLAGS = +quiet -weak -warnposix -unrecog -Din_addr_t=uint32_t -Du_int=unsigned -Du_char=uint8_t -preproc -Drlimit=rlimit64 -D__gnuc_va_list=va_list +# Extra flags from configure +LINTFLAGS += @LINTFLAGS@ +LINTFLAGS += "-DBN_ULONG=unsigned long" -Dkrb5_int32=int "-Dkrb5_ui_4=unsigned int" -DPQ_64BIT=uint64_t -DRC4_INT=unsigned -fixedformalarray -D"ENGINE=unsigned" -D"RSA=unsigned" -D"DSA=unsigned" -D"EVP_PKEY=unsigned" -D"EVP_MD=unsigned" -D"SSL=unsigned" -D"SSL_CTX=unsigned" -D"X509=unsigned" -D"RC4_KEY=unsigned" -D"EVP_MD_CTX=unsigned" -D"EC_KEY=unsigned" -D"EC_POINT=unsigned" -D"EC_GROUP=unsigned" -D"EVP_PKEY_ASN1_METHOD=struct evp_pkey_asn1_method_st" -D"EVP_PKEY_CTX=struct evp_pkey_ctx_st" +# compat with OpenBSD +LINTFLAGS += "-Dsigset_t=long" +# FreeBSD8 +LINTFLAGS += "-D__uint16_t=uint16_t" -D"__pure2=" -D"__wchar_t=wchar_t" -D"__packed=" -D"__aligned(x)=" +# Ubuntu oneiric" +LINTFLAGS += -D"__BEGIN_DECLS=" -D"__ssize_t=ssize_t" -D"__intptr_t=intptr_t" -D"__nonnull(x)=" -D"__THROW=" -D"__wur=" -D"__off_t=unsigned" -D"__off64_t=unsigned" -D"__useconds_t=unsigned" -D"__uid_t=unsigned" -D"__gid_t=unsigned" -D"__attribute_deprecated__=" -D"__pid_t=unsigned" -D"__restrict=" -D"__END_DECLS=" -D"__BEGIN_NAMESPACE_STD=" -D"__END_NAMESPACE_STD=" -D"__BEGIN_NAMESPACE_C99=" -D"__END_NAMESPACE_C99=" -D"__socklen_t=unsigned" -D"sa_family_t=unsigned " -D"__mode_t=unsigned" -D"u_int16_t=uint16_t" -D"u_int32_t=uint32_t" -D"u_int8_t=uint8_t" -D"u_short=unsigned short" -D"__u16=uint16_t" -D"__u32=uint32_t" -D"__u64=uint64_t" +DEPFLAG = @DEPFLAG@ + +INSTALL = $(srcdir)/install-sh + +LIBLOBJS = $(LIBOBJS:.o=.lo) +LDNS_LOBJS = buffer.lo dname.lo dnssec.lo dnssec_sign.lo dnssec_verify.lo dnssec_zone.lo duration.lo error.lo higher.lo host2str.lo host2wire.lo keys.lo net.lo packet.lo parse.lo rbtree.lo rdata.lo resolver.lo rr.lo rr_functions.lo sha1.lo sha2.lo str2host.lo tsig.lo update.lo util.lo wire2host.lo zone.lo +LDNS_LOBJS_EX = ^linktest\.c$$ +LDNS_ALL_LOBJS = $(LDNS_LOBJS) $(LIBLOBJS) +LIB = libldns.la + +LDNS_HEADERS = buffer.h dname.h dnssec.h dnssec_sign.h dnssec_verify.h dnssec_zone.h duration.h error.h higher.h host2str.h host2wire.h keys.h ldns.h packet.h parse.h rbtree.h rdata.h resolver.h rr_functions.h rr.h sha1.h sha2.h str2host.h tsig.h update.h wire2host.h zone.h +LDNS_HEADERS_EX = ^config\.h|common\.h|util\.h|net\.h$$ +LDNS_HEADERS_GEN= common.h util.h net.h + +PYLDNS_I_FILES = $(pywrapdir)/file_py3.i $(pywrapdir)/ldns_buffer.i $(pywrapdir)/ldns_dname.i $(pywrapdir)/ldns_dnssec.i $(pywrapdir)/ldns.i $(pywrapdir)/ldns_key.i $(pywrapdir)/ldns_packet.i $(pywrapdir)/ldns_rdf.i $(pywrapdir)/ldns_resolver.i $(pywrapdir)/ldns_rr.i $(pywrapdir)/ldns_zone.i + +DRILL_LOBJS = drill/chasetrace.lo drill/dnssec.lo drill/drill.lo drill/drill_util.lo drill/error.lo drill/root.lo drill/securetrace.lo drill/work.lo + +EXAMPLE_LOBJS = examples/ldns-chaos.lo examples/ldns-compare-zones.lo examples/ldnsd.lo examples/ldns-dpa.lo examples/ldns-gen-zone.lo examples/ldns-key2ds.lo examples/ldns-keyfetcher.lo examples/ldns-keygen.lo examples/ldns-mx.lo examples/ldns-notify.lo examples/ldns-nsec3-hash.lo examples/ldns-read-zone.lo examples/ldns-resolver.lo examples/ldns-revoke.lo examples/ldns-rrsig.lo examples/ldns-signzone.lo examples/ldns-test-edns.lo examples/ldns-testns.lo examples/ldns-testpkts.lo examples/ldns-update.lo examples/ldns-verify-zone.lo examples/ldns-version.lo examples/ldns-walk.lo examples/ldns-zcat.lo examples/ldns-zsplit.lo +EXAMPLE_PROGS = examples/ldns-chaos examples/ldns-compare-zones examples/ldnsd examples/ldns-gen-zone examples/ldns-key2ds examples/ldns-keyfetcher examples/ldns-keygen examples/ldns-mx examples/ldns-notify examples/ldns-read-zone examples/ldns-resolver examples/ldns-rrsig examples/ldns-test-edns examples/ldns-update examples/ldns-version examples/ldns-walk examples/ldns-zcat examples/ldns-zsplit +EX_PROGS_BASENM = ldns-chaos ldns-compare-zones ldnsd ldns-dpa ldns-gen-zone ldns-key2ds ldns-keyfetcher ldns-keygen ldns-mx ldns-notify ldns-nsec3-hash ldns-read-zone ldns-resolver ldns-revoke ldns-rrsig ldns-signzone ldns-test-edns ldns-testns ldns-testpkts ldns-update ldns-verify-zone ldns-version ldns-walk ldns-zcat ldns-zsplit +EXAMPLE_PROGS_EX= ^examples/ldns-testpkts\.c|examples/ldns-testns\.c|examples/ldns-dpa\.c|examples/ldns-nsec3-hash\.c|examples/ldns-revoke\.c|examples/ldns-signzone\.c|examples/ldns-verify-zone\.c$$ +TESTNS = examples/ldns-testns +TESTNS_LOBJS = examples/ldns-testns.lo examples/ldns-testpkts.lo +LDNS_DPA = examples/ldns-dpa +LDNS_DPA_LOBJS = examples/ldns-dpa.lo +EX_SSL_PROGS = examples/ldns-nsec3-hash examples/ldns-revoke examples/ldns-signzone examples/ldns-verify-zone +EX_SSL_LOBJS = examples/ldns-nsec3-hash.lo examples/ldns-revoke.lo examples/ldns-signzone.lo examples/ldns-verify-zone.lo + + +COMPILE = $(CC) $(CPPFLAGS) $(CFLAGS) +COMP_LIB = $(LIBTOOL) --mode=compile $(CC) $(CPPFLAGS) $(CFLAGS) +LINK = $(CC) $(CFLAGS) $(LDFLAGS) $(LIBS) +LINK_LIB = $(LIBTOOL) --mode=link $(CC) $(CFLAGS) $(LDFLAGS) \ + $(LIBS) -version-number $(version_info) -no-undefined +LINK_EXE = $(LIBTOOL) --mode=link $(CC) $(CPPFLAGS) \ + $(LIBSSL_CPPFLAGS) $(CFLAGS) $(LDFLAGS) + +.PHONY: clean realclean docclean manpages doc lint all lib pyldns test +.PHONY: install uninstall install-doc uninstall-doc uninstall-pyldns +.PHONY: install-h uninstall-h install-lib uninstall-lib install-pyldns + +all: setup-builddir lib linktest manpages @PYLDNS@ @DRILL@ @EXAMPLES@ + +.SUFFIXES: .c .o .a .lo .h .i + +.c.lo: + $(COMP_LIB) $(LIBSSL_CPPFLAGS) -c $< -o $@ + +$(LDNS_LOBJS) $(LIBLOBJS) $(DRILL_LOBJS) $(EXAMPLE_LOBJS): + $(COMP_LIB) $(LIBSSL_CPPFLAGS) -c $(srcdir)/$(@:.lo=.c) -o $@ + +setup-builddir: + @if test ! -d compat ; then mkdir compat ; fi + @if test ! -d drill ; then mkdir drill ; fi + @if test ! -d examples ; then mkdir examples ; fi + @if test ! -h config.h ; then ln -s ldns/config.h . ; fi + @if test ! -h lib ; then ln -s .libs lib ; fi ; + @if test ! -d include ; then $(INSTALL) -d include; fi + @if test ! -h include/ldns ; then ln -s ../ldns include/ldns || echo "include/ldns exists"; fi + +putdown-builddir: + rm -f include/ldns lib config.h + test ! -d include || rmdir include || : + if test -d examples -a ! -f examples/README; then rmdir examples || : ; fi + if test -d drill -a ! -f drill/README ; then rmdir drill || : ; fi + if test -d compat -a ! -f compat/malloc.c; then rmdir compat || : ; fi + +drill: no-drill-config-h drill/drill +no-drill-config-h: + @if test -e $(srcdir)/drill/config.h -o -e drill/config.h ; \ + then echo "A config.h was detected in the drill subdirectory." ; \ + echo "This does not work when building drill from here." ; \ + echo "Either remove the config.h from the subdirectory" ; \ + echo "or build drill there." ; \ + exit -1 ; \ + fi +drill/drill: $(DRILL_LOBJS) $(LIB) + $(LINK_EXE) $(DRILL_LOBJS) $(LIBS) $(LIBSSL_LIBS) -lldns -o drill/drill + +install-drill: drill/drill + $(INSTALL) -m 755 -d $(DESTDIR)$(bindir) + $(INSTALL) -m 755 -d $(DESTDIR)$(mandir) + $(INSTALL) -m 755 -d $(DESTDIR)$(mandir)/man1 + $(LIBTOOL) --mode=install cp drill/drill $(DESTDIR)$(bindir) + $(INSTALL) -m 644 $(srcdir)/drill/drill.1 $(DESTDIR)$(mandir)/man1/drill.1 + +uninstall-drill: + rm -f $(DESTDIR)$(bindir)/drill $(DESTDIR)$(mandir)/man1/drill.1 + test ! -d $(DESTDIR)$(mandir) || rmdir -p $(DESTDIR)$(mandir)/man1 || :; + test ! -d $(DESTDIR)$(bindir) || rmdir -p $(DESTDIR)$(bindir) || : ; + +clean-drill: + $(LIBTOOL) --mode clean rm -f $(DRILL_LOBJS) drill/drill + +examples: no-examples-config-h $(EXAMPLE_PROGS) $(TESTNS) $(LDNS_DPA) $(EX_SSL_PROGS) +no-examples-config-h: + @if test -e $(srcdir)/examples/config.h -o -e examples/config.h ; \ + then echo "A config.h was detected in the examples subdirectory." ; \ + echo "This does not work when building examples from here." ; \ + echo "Either remove the config.h from the subdirectory" ; \ + echo "or build examples there." ; \ + exit -1 ; \ + fi +$(EXAMPLE_PROGS): + $(LINK_EXE) $@.lo $(LIBS) -lldns -o $@ + +$(TESTNS): + $(LINK_EXE) $(TESTNS_LOBJS) $(LIBS) -lldns -o $(TESTNS) + +$(LDNS_DPA): + $(LINK_EXE) $(LDNS_DPA_LOBJS) $(LIBS) $(LIBPCAP_LIBS) -lldns \ + -o $(LDNS_DPA) + +$(EX_SSL_PROGS): + $(LINK_EXE) $@.lo $(LIBS) $(LIBSSL_LIBS) -lldns -o $@ + +install-examples: $(EXAMPLE_PROGS) $(TESTNS) $(LDNS_DPA) $(EX_SSL_PROGS) + $(INSTALL) -m 755 -d $(DESTDIR)$(bindir) + $(INSTALL) -m 755 -d $(DESTDIR)$(mandir) + $(INSTALL) -m 755 -d $(DESTDIR)$(mandir)/man1 + for p in $(EXAMPLE_PROGS) $(TESTNS) $(LDNS_DPA) $(EX_SSL_PROGS) ; do \ + $(LIBTOOL) --mode=install cp $$p $(DESTDIR)$(bindir) ; \ + $(INSTALL) -m 644 $(srcdir)/$$p.1 $(DESTDIR)$(mandir)/man1 ; \ + done + +uninstall-examples: + for p in $(EX_PROGS_BASENM) ; do \ + rm -f $(DESTDIR)$(bindir)/$$p $(DESTDIR)$(mandir)/man1/$$p.1 ;\ + done + test ! -d $(DESTDIR)$(mandir) || rmdir -p $(DESTDIR)$(mandir)/man1 || :; + test ! -d $(DESTDIR)$(bindir) || rmdir -p $(DESTDIR)$(bindir) || : ; + +clean-examples: + $(LIBTOOL) --mode clean rm -f $(EXAMPLE_PROGS) + $(LIBTOOL) --mode clean rm -f $(TESTNS) $(LDNS_DPA) $(EX_SSL_PROGS) + $(LIBTOOL) --mode clean rm -f $(EXAMPLE_LOBJS) + +linktest: $(srcdir)/linktest.c libldns.la + $(LIBTOOL) --mode=link $(CC) $(srcdir)/linktest.c $(CPPFLAGS) $(LIBSSL_CPPFLAGS) $(CFLAGS) -lldns $(LIBS) -o linktest + +lib: libldns.la + +lib-export-all: libldns.la-export-all + +libldns.la: $(LDNS_ALL_LOBJS) + $(LINK_LIB) $(LIBSSL_LDFLAGS) $(LIBSSL_LIBS) --export-symbols $(srcdir)/ldns_symbols.def -o libldns.la $(LDNS_ALL_LOBJS) -rpath $(libdir) $(RUNTIME_PATH) + +libldns.la-export-all: $(LDNS_ALL_LOBJS) + $(LINK_LIB) -o libldns.la $(LDNS_ALL_LOBJS) -rpath $(libdir) $(RUNTIME_PATH) + +mancheck: + sh -c 'find . -name \*.\[13\] -exec troff -z {} \;' 2>&1 | sed "s/^\.\///" | sed "s/\(:[0\-9]\+:\)/\1 warning:/g" + +doxygen: manpages + if test ! -e doc/header.html ; then \ + $(INSTALL) -c -m 644 $(srcdir)/doc/header.html doc/ ; \ + fi ; + $(doxygen) $(srcdir)/libdns.doxygen + +doc: manpages $(doxygen) + @$(INSTALL) -d doc + +manpages: $(srcdir)/doc/function_manpages + @$(INSTALL) -d doc + @cat $(srcdir)/ldns/*.h \ + | $(srcdir)/doc/doxyparse.pl \ + -m $(srcdir)/doc/function_manpages 2>&1 \ + | grep -v ^doxygen | grep -v ^cat > doc/ldns_manpages + +pyldns: _ldns.la + +$(pywrapdir)/ldns_wrapper.c: $(PYLDNS_I_FILES) ldns/config.h + $(swig) $(swigpy_flags) -o $@ $(CPPFLAGS) $(PYTHON_CPPFLAGS) $(pywrapdir)/ldns.i + +ldns_wrapper.lo: $(pywrapdir)/ldns_wrapper.c ldns/config.h + $(COMP_LIB) -I./include/ldns $(PYTHON_CPPFLAGS) $(PYTHON_X_CFLAGS) -c $< -o $@ + +_ldns.la: ldns_wrapper.lo libldns.la + $(LIBTOOL) --tag=CC --mode=link $(CC) $(CFLAGS) $(PYTHON_CFLAGS) $(LDFLAGS) $(PYTHON_LDFLAGS) -module -version-number $(version_info) -no-undefined -o $@ $< -rpath $(python_site) -L. -L.libs -lldns $(LIBS) + +install: install-h install-lib @INSTALL_CONFIG@ install-manpages $(pyldns_inst) $(pyldnsx_inst) @INSTALL_DRILL@ @INSTALL_EXAMPLES@ + +uninstall: uninstall-manpages @UNINSTALL_CONFIG@ uninstall-h uninstall-lib $(pyldns_uninst) $(pyldnsx_uninst) @UNINSTALL_DRILL@ @UNINSTALL_EXAMPLES@ + +destclean: uninstall + +install-config: + $(INSTALL) -d $(DESTDIR)$(bindir) + $(INSTALL) -c -m 755 packaging/ldns-config $(DESTDIR)$(bindir) + +uninstall-config: + rm -f $(DESTDIR)$(bindir)/ldns-config + test ! -d $(DESTDIR)$(bindir) || rmdir -p $(DESTDIR)$(bindir) || echo "ok, dir already gone" + +install-config-manpage: + ${INSTALL} -d $(DESTDIR)$(mandir)/man1 + ${INSTALL} -c -m 444 $(srcdir)/packaging/ldns-config.1 $(DESTDIR)$(mandir)/man1/ + + +uninstall-config-manpage: + rm -f $(DESTDIR)$(mandir)/man1/ldns-config.1 + test ! -d $(DESTDIR)$(mandir)/man1 || rmdir -p $(DESTDIR)$(mandir)/man1 || echo "ok, dir already gone" + *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***