Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
ISC Open Source Projects
BIND
Commits
11463c0a
Commit
11463c0a
authored
Jan 20, 2015
by
Evan Hunt
Browse files
[master] clean up gcc -Wshadow warnings
4039. [cleanup] Cleaned up warnings from gcc -Wshadow. [RT #37381]
parent
cc0a48a3
Changes
53
Expand all
Hide whitespace changes
Inline
Side-by-side
CHANGES
View file @
11463c0a
4039. [cleanup] Cleaned up warnings from gcc -Wshadow. [RT #37381]
4038. [bug] Add 'rpz' flag to node and use it to determine whether
to call dns_rpz_delete. This should prevent unbalanced
add / delete calls. [RT #36888]
...
...
bin/delv/delv.c
View file @
11463c0a
...
...
@@ -447,8 +447,6 @@ printdata(dns_rdataset_t *rdataset, dns_name_t *owner,
result
==
ISC_R_SUCCESS
;
result
=
dns_rdataset_next
(
rdataset
))
{
isc_region_t
r
;
if
((
rdataset
->
attributes
&
DNS_RDATASETATTR_NEGATIVE
)
!=
0
)
continue
;
...
...
@@ -462,14 +460,12 @@ printdata(dns_rdataset_t *rdataset, dns_name_t *owner,
if
(
result
!=
ISC_R_SUCCESS
)
break
;
isc_buffer_availableregion
(
&
target
,
&
r
);
if
(
r
.
length
<
1
)
{
if
(
isc_buffer_availablelength
(
&
target
)
<
1
)
{
result
=
ISC_R_NOSPACE
;
break
;
}
r
.
base
[
0
]
=
'\n'
;
isc_buffer_add
(
&
target
,
1
);
isc_buffer_putstr
(
&
target
,
"
\n
"
);
dns_rdata_reset
(
&
rdata
);
}
...
...
bin/dig/dighost.c
View file @
11463c0a
...
...
@@ -1180,10 +1180,9 @@ parse_hmac(const char *hmac) {
*/
static
isc_result_t
read_confkey
(
void
)
{
isc_log_t
*
lctx
=
NULL
;
cfg_parser_t
*
pctx
=
NULL
;
cfg_obj_t
*
file
=
NULL
;
const
cfg_obj_t
*
key
=
NULL
;
const
cfg_obj_t
*
key
obj
=
NULL
;
const
cfg_obj_t
*
secretobj
=
NULL
;
const
cfg_obj_t
*
algorithmobj
=
NULL
;
const
char
*
keyname
;
...
...
@@ -1194,7 +1193,7 @@ read_confkey(void) {
if
(
!
isc_file_exists
(
keyfile
))
return
(
ISC_R_FILENOTFOUND
);
result
=
cfg_parser_create
(
mctx
,
lctx
,
&
pctx
);
result
=
cfg_parser_create
(
mctx
,
NULL
,
&
pctx
);
if
(
result
!=
ISC_R_SUCCESS
)
goto
cleanup
;
...
...
@@ -1203,16 +1202,16 @@ read_confkey(void) {
if
(
result
!=
ISC_R_SUCCESS
)
goto
cleanup
;
result
=
cfg_map_get
(
file
,
"key"
,
&
key
);
result
=
cfg_map_get
(
file
,
"key"
,
&
key
obj
);
if
(
result
!=
ISC_R_SUCCESS
)
goto
cleanup
;
(
void
)
cfg_map_get
(
key
,
"secret"
,
&
secretobj
);
(
void
)
cfg_map_get
(
key
,
"algorithm"
,
&
algorithmobj
);
(
void
)
cfg_map_get
(
key
obj
,
"secret"
,
&
secretobj
);
(
void
)
cfg_map_get
(
key
obj
,
"algorithm"
,
&
algorithmobj
);
if
(
secretobj
==
NULL
||
algorithmobj
==
NULL
)
fatal
(
"key must have algorithm and secret"
);
keyname
=
cfg_obj_asstring
(
cfg_map_getname
(
key
));
keyname
=
cfg_obj_asstring
(
cfg_map_getname
(
key
obj
));
secretstr
=
cfg_obj_asstring
(
secretobj
);
algorithm
=
cfg_obj_asstring
(
algorithmobj
);
...
...
@@ -1570,14 +1569,14 @@ save_opt(dig_lookup_t *lookup, char *code, char *value) {
*/
static
void
add_opt
(
dns_message_t
*
msg
,
isc_uint16_t
udpsize
,
isc_uint16_t
edns
,
unsigned
int
flags
,
dns_ednsopt_t
*
edns
opts
,
size_t
count
)
unsigned
int
flags
,
dns_ednsopt_t
*
opts
,
size_t
count
)
{
dns_rdataset_t
*
rdataset
=
NULL
;
isc_result_t
result
;
debug
(
"add_opt()"
);
result
=
dns_message_buildopt
(
msg
,
&
rdataset
,
edns
,
udpsize
,
flags
,
edns
opts
,
count
);
opts
,
count
);
check_result
(
result
,
"dns_message_buildopt"
);
result
=
dns_message_setopt
(
msg
,
rdataset
);
check_result
(
result
,
"dns_message_setopt"
);
...
...
@@ -2172,10 +2171,10 @@ insert_soa(dig_lookup_t *lookup) {
#ifdef ISC_PLATFORM_USESIT
static
void
compute_cookie
(
unsigned
char
*
cookie
,
size_t
len
)
{
compute_cookie
(
unsigned
char
*
client
cookie
,
size_t
len
)
{
/* XXXMPA need to fix, should be per server. */
INSIST
(
len
>=
8U
);
memmove
(
cookie
,
cookie_secret
,
8
);
memmove
(
client
cookie
,
cookie_secret
,
8
);
}
#endif
...
...
@@ -2372,7 +2371,6 @@ setup_lookup(dig_lookup_t *lookup) {
if
(
result
!=
ISC_R_SUCCESS
)
{
dns_message_puttempname
(
lookup
->
sendmsg
,
&
lookup
->
name
);
isc_buffer_init
(
&
b
,
store
,
MXNAME
);
fatal
(
"'%s' is not a legal name "
"(%s)"
,
lookup
->
textname
,
isc_result_totext
(
result
));
...
...
@@ -2497,7 +2495,6 @@ setup_lookup(dig_lookup_t *lookup) {
struct
sockaddr_in
*
sin
;
struct
sockaddr_in6
*
sin6
;
size_t
addrl
;
isc_buffer_t
b
;
sa
=
&
lookup
->
ecs_addr
->
type
.
sa
;
prefixlen
=
lookup
->
ecs_addr
->
length
;
...
...
@@ -2537,8 +2534,6 @@ setup_lookup(dig_lookup_t *lookup) {
INSIST
(
i
<
DNS_EDNSOPTIONS
);
opts
[
i
].
code
=
DNS_OPT_SIT
;
if
(
lookup
->
sitvalue
!=
NULL
)
{
isc_buffer_t
b
;
isc_buffer_init
(
&
b
,
sitbuf
,
sizeof
(
sitbuf
));
result
=
isc_hex_decodestring
(
lookup
->
sitvalue
,
&
b
);
...
...
@@ -3888,7 +3883,7 @@ recv_done(isc_task_t *task, isc_event_t *event) {
#endif
printmessage
(
query
,
msg
,
ISC_TRUE
);
}
else
if
(
l
->
trace
)
{
int
n
=
0
;
int
n
l
=
0
;
int
count
=
msg
->
counts
[
DNS_SECTION_ANSWER
];
debug
(
"in TRACE code"
);
...
...
@@ -3899,13 +3894,13 @@ recv_done(isc_task_t *task, isc_event_t *event) {
if
(
l
->
trace_root
||
(
l
->
ns_search_only
&&
count
>
0
))
{
if
(
!
l
->
trace_root
)
l
->
rdtype
=
dns_rdatatype_soa
;
n
=
followup_lookup
(
msg
,
query
,
DNS_SECTION_ANSWER
);
n
l
=
followup_lookup
(
msg
,
query
,
DNS_SECTION_ANSWER
);
l
->
trace_root
=
ISC_FALSE
;
}
else
if
(
count
==
0
)
n
=
followup_lookup
(
msg
,
query
,
DNS_SECTION_AUTHORITY
);
if
(
n
==
0
)
n
l
=
followup_lookup
(
msg
,
query
,
DNS_SECTION_AUTHORITY
);
if
(
n
l
==
0
)
docancel
=
ISC_TRUE
;
}
else
{
debug
(
"in NSSEARCH code"
);
...
...
@@ -3914,12 +3909,12 @@ recv_done(isc_task_t *task, isc_event_t *event) {
/*
* This is the initial NS query.
*/
int
n
;
int
n
l
;
l
->
rdtype
=
dns_rdatatype_soa
;
n
=
followup_lookup
(
msg
,
query
,
DNS_SECTION_ANSWER
);
if
(
n
==
0
)
n
l
=
followup_lookup
(
msg
,
query
,
DNS_SECTION_ANSWER
);
if
(
n
l
==
0
)
docancel
=
ISC_TRUE
;
l
->
trace_root
=
ISC_FALSE
;
usesearch
=
ISC_FALSE
;
...
...
@@ -4049,12 +4044,12 @@ recv_done(isc_task_t *task, isc_event_t *event) {
* routines, since they may be using a non-DNS system for these lookups.
*/
isc_result_t
get_address
(
char
*
host
,
in_port_t
port
,
isc_sockaddr_t
*
sockaddr
)
{
get_address
(
char
*
host
,
in_port_t
my
port
,
isc_sockaddr_t
*
sockaddr
)
{
int
count
;
isc_result_t
result
;
isc_app_block
();
result
=
bind9_getaddresses
(
host
,
port
,
sockaddr
,
1
,
&
count
);
result
=
bind9_getaddresses
(
host
,
my
port
,
sockaddr
,
1
,
&
count
);
isc_app_unblock
();
if
(
result
!=
ISC_R_SUCCESS
)
return
(
result
);
...
...
bin/dig/host.c
View file @
11463c0a
...
...
@@ -255,7 +255,7 @@ printsection(dns_message_t *msg, dns_section_t sectionid,
isc_result_t
result
,
loopresult
;
isc_region_t
r
;
dns_name_t
empty_name
;
char
t
[
4096
];
char
t
buf
[
4096
];
isc_boolean_t
first
;
isc_boolean_t
no_rdata
;
...
...
@@ -279,7 +279,7 @@ printsection(dns_message_t *msg, dns_section_t sectionid,
name
=
NULL
;
dns_message_currentname
(
msg
,
sectionid
,
&
name
);
isc_buffer_init
(
&
target
,
t
,
sizeof
(
t
));
isc_buffer_init
(
&
target
,
t
buf
,
sizeof
(
t
buf
));
first
=
ISC_TRUE
;
print_name
=
name
;
...
...
@@ -370,13 +370,13 @@ printrdata(dns_message_t *msg, dns_rdataset_t *rdataset, dns_name_t *owner,
isc_buffer_t
target
;
isc_result_t
result
;
isc_region_t
r
;
char
t
[
4096
];
char
t
buf
[
4096
];
UNUSED
(
msg
);
if
(
headers
)
printf
(
";; %s SECTION:
\n
"
,
set_name
);
isc_buffer_init
(
&
target
,
t
,
sizeof
(
t
));
isc_buffer_init
(
&
target
,
t
buf
,
sizeof
(
t
buf
));
result
=
dns_rdataset_totext
(
rdataset
,
owner
,
ISC_FALSE
,
ISC_FALSE
,
&
target
);
...
...
bin/dig/include/dig/dig.h
View file @
11463c0a
...
...
@@ -15,8 +15,6 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dig.h,v 1.114 2011/12/07 17:23:28 each Exp $ */
#ifndef DIG_H
#define DIG_H
...
...
@@ -274,7 +272,6 @@ extern isc_boolean_t check_ra, have_ipv4, have_ipv6, specified_source,
extern
in_port_t
port
;
extern
unsigned
int
timeout
;
extern
isc_mem_t
*
mctx
;
extern
dns_messageid_t
id
;
extern
int
sendcount
;
extern
int
ndots
;
extern
int
lookup_counter
;
...
...
bin/dig/nslookup.c
View file @
11463c0a
...
...
@@ -425,13 +425,12 @@ printmessage(dig_query_t *query, dns_message_t *msg, isc_boolean_t headers) {
puts
(
""
);
if
(
!
short_form
)
{
isc_boolean_t
headers
=
ISC_TRUE
;
puts
(
"------------"
);
/* detailheader(query, msg);*/
detailsection
(
query
,
msg
,
headers
,
DNS_SECTION_QUESTION
);
detailsection
(
query
,
msg
,
headers
,
DNS_SECTION_ANSWER
);
detailsection
(
query
,
msg
,
headers
,
DNS_SECTION_AUTHORITY
);
detailsection
(
query
,
msg
,
headers
,
DNS_SECTION_ADDITIONAL
);
detailsection
(
query
,
msg
,
ISC_TRUE
,
DNS_SECTION_QUESTION
);
detailsection
(
query
,
msg
,
ISC_TRUE
,
DNS_SECTION_ANSWER
);
detailsection
(
query
,
msg
,
ISC_TRUE
,
DNS_SECTION_AUTHORITY
);
detailsection
(
query
,
msg
,
ISC_TRUE
,
DNS_SECTION_ADDITIONAL
);
puts
(
"------------"
);
}
...
...
bin/dnssec/dnssec-dsfromkey.c
View file @
11463c0a
...
...
@@ -496,7 +496,7 @@ main(int argc, char **argv) {
isc_result_totext
(
result
));
isc_entropy_stopcallbacksources
(
ectx
);
setup_logging
(
verbose
,
mctx
,
&
log
);
setup_logging
(
mctx
,
&
log
);
dns_rdataset_init
(
&
rdataset
);
...
...
bin/dnssec/dnssec-importkey.c
View file @
11463c0a
...
...
@@ -387,7 +387,7 @@ main(int argc, char **argv) {
isc_result_totext
(
result
));
isc_entropy_stopcallbacksources
(
ectx
);
setup_logging
(
verbose
,
mctx
,
&
log
);
setup_logging
(
mctx
,
&
log
);
dns_rdataset_init
(
&
rdataset
);
...
...
bin/dnssec/dnssec-keyfromlabel.c
View file @
11463c0a
...
...
@@ -331,7 +331,7 @@ main(int argc, char **argv) {
fatal
(
"could not initialize dst: %s"
,
isc_result_totext
(
ret
));
setup_logging
(
verbose
,
mctx
,
&
log
);
setup_logging
(
mctx
,
&
log
);
if
(
predecessor
==
NULL
)
{
if
(
label
==
NULL
)
...
...
bin/dnssec/dnssec-keygen.c
View file @
11463c0a
...
...
@@ -487,7 +487,7 @@ main(int argc, char **argv) {
fatal
(
"could not initialize dst: %s"
,
isc_result_totext
(
ret
));
setup_logging
(
verbose
,
mctx
,
&
log
);
setup_logging
(
mctx
,
&
log
);
if
(
predecessor
==
NULL
)
{
if
(
prepub
==
-
1
)
...
...
bin/dnssec/dnssec-settime.c
View file @
11463c0a
...
...
@@ -169,7 +169,7 @@ main(int argc, char **argv) {
if
(
result
!=
ISC_R_SUCCESS
)
fatal
(
"Out of memory"
);
setup_logging
(
verbose
,
mctx
,
&
log
);
setup_logging
(
mctx
,
&
log
);
#ifdef PKCS11CRYPTO
pk11_result_register
();
...
...
@@ -343,7 +343,6 @@ main(int argc, char **argv) {
isc_entropy_stopcallbacksources
(
ectx
);
if
(
predecessor
!=
NULL
)
{
char
keystr
[
DST_KEY_FORMATSIZE
];
int
major
,
minor
;
if
(
prepub
==
-
1
)
...
...
bin/dnssec/dnssec-signzone.c
View file @
11463c0a
...
...
@@ -138,7 +138,7 @@ static isc_mem_t *mctx = NULL;
static
isc_entropy_t
*
ectx
=
NULL
;
static
dns_ttl_t
zone_soa_min_ttl
;
static
dns_ttl_t
soa_ttl
;
static
FILE
*
fp
=
NULL
;
static
FILE
*
out
fp
=
NULL
;
static
char
*
tempfile
=
NULL
;
static
const
dns_master_style_t
*
masterstyle
;
static
dns_masterformat_t
inputformat
=
dns_masterformat_text
;
...
...
@@ -158,7 +158,7 @@ static dns_name_t *gorigin; /* The database origin */
static
int
nsec3flags
=
0
;
static
dns_iterations_t
nsec3iter
=
10U
;
static
unsigned
char
saltbuf
[
255
];
static
unsigned
char
*
salt
=
saltbuf
;
static
unsigned
char
*
g
salt
=
saltbuf
;
static
size_t
salt_length
=
0
;
static
isc_task_t
*
master
=
NULL
;
static
unsigned
int
ntasks
=
0
;
...
...
@@ -210,7 +210,7 @@ dumpnode(dns_name_t *name, dns_dbnode_t *node) {
if
(
!
output_dnssec_only
)
{
result
=
dns_master_dumpnodetostream
(
mctx
,
gdb
,
gversion
,
node
,
name
,
masterstyle
,
fp
);
name
,
masterstyle
,
out
fp
);
check_result
(
result
,
"dns_master_dumpnodetostream"
);
return
;
}
...
...
@@ -252,7 +252,7 @@ dumpnode(dns_name_t *name, dns_dbnode_t *node) {
check_result
(
result
,
"dns_master_rdatasettotext"
);
isc_buffer_usedregion
(
buffer
,
&
r
);
result
=
isc_stdio_write
(
r
.
base
,
1
,
r
.
length
,
fp
,
NULL
);
result
=
isc_stdio_write
(
r
.
base
,
1
,
r
.
length
,
out
fp
,
NULL
);
check_result
(
result
,
"isc_stdio_write"
);
isc_buffer_clear
(
buffer
);
...
...
@@ -293,8 +293,6 @@ signwithkey(dns_name_t *name, dns_rdataset_t *rdataset, dst_key_t *key,
mctx
,
&
b
,
&
trdata
);
isc_entropy_stopcallbacksources
(
ectx
);
if
(
result
!=
ISC_R_SUCCESS
)
{
char
keystr
[
DST_KEY_FORMATSIZE
];
dst_key_format
(
key
,
keystr
,
sizeof
(
keystr
));
fatal
(
"dnskey '%s' failed to sign data: %s"
,
keystr
,
isc_result_totext
(
result
));
}
...
...
@@ -744,7 +742,7 @@ hashlist_add(hashlist_t *l, const unsigned char *hash, size_t len)
static
void
hashlist_add_dns_name
(
hashlist_t
*
l
,
/*const*/
dns_name_t
*
name
,
unsigned
int
hashalg
,
unsigned
int
iterations
,
const
unsigned
char
*
salt
,
size_t
salt_len
gth
,
const
unsigned
char
*
salt
,
size_t
salt_len
,
isc_boolean_t
speculative
)
{
char
nametext
[
DNS_NAME_FORMATSIZE
];
...
...
@@ -753,7 +751,7 @@ hashlist_add_dns_name(hashlist_t *l, /*const*/ dns_name_t *name,
size_t
i
;
len
=
isc_iterated_hash
(
hash
,
hashalg
,
iterations
,
salt
,
(
int
)
salt_len
gth
,
salt
,
(
int
)
salt_len
,
name
->
ndata
,
name
->
length
);
if
(
verbose
)
{
dns_name_format
(
name
,
nametext
,
sizeof
nametext
);
...
...
@@ -835,7 +833,7 @@ hashlist_exists(const hashlist_t *l,
static
void
addnowildcardhash
(
hashlist_t
*
l
,
/*const*/
dns_name_t
*
name
,
unsigned
int
hashalg
,
unsigned
int
iterations
,
const
unsigned
char
*
salt
,
size_t
salt_len
gth
)
const
unsigned
char
*
salt
,
size_t
salt_len
)
{
dns_fixedname_t
fixed
;
dns_name_t
*
wild
;
...
...
@@ -862,7 +860,7 @@ addnowildcardhash(hashlist_t *l, /*const*/ dns_name_t *name,
fprintf
(
stderr
,
"adding no-wildcardhash for %s
\n
"
,
namestr
);
}
hashlist_add_dns_name
(
l
,
wild
,
hashalg
,
iterations
,
salt
,
salt_len
gth
,
hashlist_add_dns_name
(
l
,
wild
,
hashalg
,
iterations
,
salt
,
salt_len
,
ISC_TRUE
);
}
...
...
@@ -1840,7 +1838,7 @@ nsecify(void) {
}
static
void
addnsec3param
(
const
unsigned
char
*
salt
,
size_t
salt_len
gth
,
addnsec3param
(
const
unsigned
char
*
salt
,
size_t
salt_len
,
dns_iterations_t
iterations
)
{
dns_dbnode_t
*
node
=
NULL
;
...
...
@@ -1861,7 +1859,7 @@ addnsec3param(const unsigned char *salt, size_t salt_length,
nsec3param
.
flags
=
0
;
nsec3param
.
hash
=
unknownalg
?
DNS_NSEC3_UNKNOWNALG
:
dns_hash_sha1
;
nsec3param
.
iterations
=
iterations
;
nsec3param
.
salt_length
=
(
unsigned
char
)
salt_len
gth
;
nsec3param
.
salt_length
=
(
unsigned
char
)
salt_len
;
DE_CONST
(
salt
,
nsec3param
.
salt
);
isc_buffer_init
(
&
b
,
nsec3parambuf
,
sizeof
(
nsec3parambuf
));
...
...
@@ -1900,7 +1898,7 @@ addnsec3param(const unsigned char *salt, size_t salt_length,
static
void
addnsec3
(
dns_name_t
*
name
,
dns_dbnode_t
*
node
,
const
unsigned
char
*
salt
,
size_t
salt_len
gth
,
const
unsigned
char
*
salt
,
size_t
salt_len
,
unsigned
int
iterations
,
hashlist_t
*
hashlist
,
dns_ttl_t
ttl
)
{
...
...
@@ -1914,7 +1912,7 @@ addnsec3(dns_name_t *name, dns_dbnode_t *node,
isc_result_t
result
;
dns_dbnode_t
*
nsec3node
=
NULL
;
char
namebuf
[
DNS_NAME_FORMATSIZE
];
size_t
hash_len
gth
;
size_t
hash_len
;
dns_name_format
(
name
,
namebuf
,
sizeof
(
namebuf
));
...
...
@@ -1922,16 +1920,16 @@ addnsec3(dns_name_t *name, dns_dbnode_t *node,
dns_rdataset_init
(
&
rdataset
);
dns_name_downcase
(
name
,
name
,
NULL
);
result
=
dns_nsec3_hashname
(
&
hashname
,
hash
,
&
hash_len
gth
,
result
=
dns_nsec3_hashname
(
&
hashname
,
hash
,
&
hash_len
,
name
,
gorigin
,
dns_hash_sha1
,
iterations
,
salt
,
salt_len
gth
);
salt
,
salt_len
);
check_result
(
result
,
"addnsec3: dns_nsec3_hashname()"
);
nexthash
=
hashlist_findnext
(
hashlist
,
hash
);
result
=
dns_nsec3_buildrdata
(
gdb
,
gversion
,
node
,
unknownalg
?
DNS_NSEC3_UNKNOWNALG
:
dns_hash_sha1
,
nsec3flags
,
iterations
,
salt
,
salt_len
gth
,
salt
,
salt_len
,
nexthash
,
ISC_SHA1_DIGESTLENGTH
,
nsec3buffer
,
&
rdata
);
check_result
(
result
,
"addnsec3: dns_nsec3_buildrdata()"
);
...
...
@@ -1967,7 +1965,7 @@ addnsec3(dns_name_t *name, dns_dbnode_t *node,
static
void
nsec3clean
(
dns_name_t
*
name
,
dns_dbnode_t
*
node
,
unsigned
int
hashalg
,
unsigned
int
iterations
,
const
unsigned
char
*
salt
,
size_t
salt_len
gth
,
hashlist_t
*
hashlist
)
const
unsigned
char
*
salt
,
size_t
salt_len
,
hashlist_t
*
hashlist
)
{
dns_label_t
label
;
dns_rdata_nsec3_t
nsec3
;
...
...
@@ -2027,8 +2025,8 @@ nsec3clean(dns_name_t *name, dns_dbnode_t *node,
check_result
(
result
,
"dns_rdata_tostruct"
);
if
(
exists
&&
nsec3
.
hash
==
hashalg
&&
nsec3
.
iterations
==
iterations
&&
nsec3
.
salt_length
==
salt_len
gth
&&
!
memcmp
(
nsec3
.
salt
,
salt
,
salt_len
gth
))
nsec3
.
salt_length
==
salt_len
&&
!
memcmp
(
nsec3
.
salt
,
salt
,
salt_len
))
continue
;
rdatalist
.
rdclass
=
rdata
.
rdclass
;
rdatalist
.
type
=
rdata
.
type
;
...
...
@@ -2188,7 +2186,7 @@ cleanup_zone(void) {
*/
static
void
nsec3ify
(
unsigned
int
hashalg
,
dns_iterations_t
iterations
,
const
unsigned
char
*
salt
,
size_t
salt_len
gth
,
hashlist_t
*
hashlist
)
const
unsigned
char
*
salt
,
size_t
salt_len
,
hashlist_t
*
hashlist
)
{
dns_dbiterator_t
*
dbiter
=
NULL
;
dns_dbnode_t
*
node
=
NULL
,
*
nextnode
=
NULL
;
...
...
@@ -2284,7 +2282,7 @@ nsec3ify(unsigned int hashalg, dns_iterations_t iterations,
isc_result_totext
(
result
));
dns_name_downcase
(
name
,
name
,
NULL
);
hashlist_add_dns_name
(
hashlist
,
name
,
hashalg
,
iterations
,
salt
,
salt_len
gth
,
ISC_FALSE
);
salt
,
salt_len
,
ISC_FALSE
);
dns_db_detachnode
(
gdb
,
&
node
);
/*
* Add hashs for empty nodes. Use closest encloser logic.
...
...
@@ -2295,16 +2293,16 @@ nsec3ify(unsigned int hashalg, dns_iterations_t iterations,
dns_name_downcase
(
nextname
,
nextname
,
NULL
);
dns_name_fullcompare
(
name
,
nextname
,
&
order
,
&
nlabels
);
addnowildcardhash
(
hashlist
,
name
,
hashalg
,
iterations
,
salt
,
salt_len
gth
);
salt
,
salt_len
);
count
=
dns_name_countlabels
(
nextname
);
while
(
count
>
nlabels
+
1
)
{
count
--
;
dns_name_split
(
nextname
,
count
,
NULL
,
nextname
);
hashlist_add_dns_name
(
hashlist
,
nextname
,
hashalg
,
iterations
,
salt
,
salt_len
gth
,
iterations
,
salt
,
salt_len
,
ISC_FALSE
);
addnowildcardhash
(
hashlist
,
nextname
,
hashalg
,
iterations
,
salt
,
salt_len
gth
);
iterations
,
salt
,
salt_len
);
}
}
dns_dbiterator_destroy
(
&
dbiter
);
...
...
@@ -2327,7 +2325,7 @@ nsec3ify(unsigned int hashalg, dns_iterations_t iterations,
zonecut
=
NULL
;
done
=
ISC_FALSE
;
addnsec3param
(
salt
,
salt_len
gth
,
iterations
);
addnsec3param
(
salt
,
salt_len
,
iterations
);
/*
* Clean out NSEC3 records which don't match this chain.
...
...
@@ -2340,7 +2338,7 @@ nsec3ify(unsigned int hashalg, dns_iterations_t iterations,
result
=
dns_dbiterator_next
(
dbiter
))
{
result
=
dns_dbiterator_current
(
dbiter
,
&
node
,
name
);
check_dns_dbiterator_current
(
result
);
nsec3clean
(
name
,
node
,
hashalg
,
iterations
,
salt
,
salt_len
gth
,
nsec3clean
(
name
,
node
,
hashalg
,
iterations
,
salt
,
salt_len
,
hashlist
);
dns_db_detachnode
(
gdb
,
&
node
);
}
...
...
@@ -2414,7 +2412,7 @@ nsec3ify(unsigned int hashalg, dns_iterations_t iterations,
* We need to pause here to release the lock on the database.
*/
dns_dbiterator_pause
(
dbiter
);
addnsec3
(
name
,
node
,
salt
,
salt_len
gth
,
iterations
,
addnsec3
(
name
,
node
,
salt
,
salt_len
,
iterations
,
hashlist
,
zone_soa_min_ttl
);
dns_db_detachnode
(
gdb
,
&
node
);
/*
...
...
@@ -2425,7 +2423,7 @@ nsec3ify(unsigned int hashalg, dns_iterations_t iterations,
while
(
count
>
nlabels
+
1
)
{
count
--
;
dns_name_split
(
nextname
,
count
,
NULL
,
nextname
);
addnsec3
(
nextname
,
NULL
,
salt
,
salt_len
gth
,
addnsec3
(
nextname
,
NULL
,
salt
,
salt_len
,
iterations
,
hashlist
,
zone_soa_min_ttl
);
}
}
...
...
@@ -2687,7 +2685,7 @@ warnifallksk(dns_db_t *db) {
}
static
void
set_nsec3params
(
isc_boolean_t
update
_chain
,
isc_boolean_t
set_salt
,
set_nsec3params
(
isc_boolean_t
update
,
isc_boolean_t
set_salt
,
isc_boolean_t
set_optout
,
isc_boolean_t
set_iter
)
{
isc_result_t
result
;
...
...
@@ -2715,7 +2713,7 @@ set_nsec3params(isc_boolean_t update_chain, isc_boolean_t set_salt,
nsec_datatype
=
dns_rdatatype_nsec3
;
if
(
!
update
_chain
&&
set_salt
)
{
if
(
!
update
&&
set_salt
)
{
if
(
salt_length
!=
orig_saltlen
||
memcmp
(
saltbuf
,
orig_salt
,
salt_length
)
!=
0
)
fatal
(
"An NSEC3 chain exists with a different salt. "
...
...
@@ -2723,10 +2721,10 @@ set_nsec3params(isc_boolean_t update_chain, isc_boolean_t set_salt,
}
else
if
(
!
set_salt
)
{
salt_length
=
orig_saltlen
;
memmove
(
saltbuf
,
orig_salt
,
orig_saltlen
);
salt
=
saltbuf
;
g
salt
=
saltbuf
;
}
if
(
!
update
_chain
&&
set_iter
)
{
if
(
!
update
&&
set_iter
)
{
if
(
nsec3iter
!=
orig_iter
)
fatal
(
"An NSEC3 chain exists with different "
"iterations. Use -u to update it."
);
...
...
@@ -2760,7 +2758,7 @@ set_nsec3params(isc_boolean_t update_chain, isc_boolean_t set_salt,
result
=
dns_rdata_tostruct
(
&
rdata
,
&
nsec3
,
NULL
);
check_result
(
result
,
"dns_rdata_tostruct"
);
if
(
!
update
_chain
&&
set_optout
)
{
if
(
!
update
&&
set_optout
)
{
if
(
nsec3flags
!=
nsec3
.
flags
)
fatal
(
"An NSEC3 chain exists with%s OPTOUT. "
"Use -u -%s to %s it."
,
...
...
@@ -3470,7 +3468,7 @@ main(int argc, char *argv[]) {
if
(
directory
==
NULL
)
directory
=
"."
;
setup_logging
(
verbose
,
mctx
,
&
log
);
setup_logging
(
mctx
,
&
log
);
argc
-=
isc_commandline_index
;
argv
+=
isc_commandline_index
;
...
...
@@ -3691,7 +3689,7 @@ main(int argc, char *argv[]) {
if
(
!
nonsecify
)
{
if
(
IS_NSEC3
)
nsec3ify
(
dns_hash_sha1
,
nsec3iter
,
salt
,
salt_length
,
nsec3ify
(
dns_hash_sha1
,
nsec3iter
,
g
salt
,
salt_length
,
&
hashlist
);
else
nsecify
();
...
...
@@ -3707,7 +3705,7 @@ main(int argc, char *argv[]) {
}
if
(
output_stdout
)
{
fp
=
stdout
;
out
fp
=
stdout
;
if
(
outputformatstr
==
NULL
)
masterstyle
=
&
dns_master_style_full
;
}
else
{
...
...
@@ -3720,9 +3718,9 @@ main(int argc, char *argv[]) {
check_result
(
result
,
"isc_file_mktemplate"
);
if
(
outputformat
==
dns_masterformat_text
)
result
=
isc_file_openunique
(
tempfile
,
&
fp
);
result
=
isc_file_openunique
(
tempfile
,
&
out
fp
);
else
result
=
isc_file_bopenunique
(
tempfile
,
&
fp
);
result
=
isc_file_bopenunique
(
tempfile
,
&
out
fp
);
if
(
result
!=
ISC_R_SUCCESS
)
fatal
(
"failed to open temporary output file: %s"
,
isc_result_totext
(
result
));
...
...
@@ -3730,8 +3728,8 @@ main(int argc, char *argv[]) {
setfatalcallback
(
&
removetempfile
);
}
print_time
(
fp
);
print_version
(
fp
);
print_time
(
out
fp
);
print_version
(
out
fp
);
result
=
isc_taskmgr_create
(
mctx
,
ntasks
,
0
,
&
taskmgr
);
if
(
result
!=
ISC_R_SUCCESS
)
...
...
@@ -3801,7 +3799,7 @@ main(int argc, char *argv[]) {
}
result
=
dns_master_dumptostream3
(
mctx
,
gdb
,
gversion
,