ldns-1.9.0/0000775000175000017500000000000015114326277012037 5ustar willemwillemldns-1.9.0/dnssec_sign.c0000664000175000017500000012700215114326257014502 0ustar willemwillem#include #include #include #include #include #include #ifdef HAVE_SSL /* this entire file is rather useless when you don't have * crypto... */ #include #include #include #include #include #include #include #ifdef USE_DSA #include #endif #endif /* HAVE_SSL */ #define LDNS_SIGN_WITH_ZONEMD ( LDNS_SIGN_WITH_ZONEMD_SIMPLE_SHA384 \ | LDNS_SIGN_WITH_ZONEMD_SIMPLE_SHA512 ) ldns_rr * ldns_create_empty_rrsig(const ldns_rr_list *rrset, const ldns_key *current_key) { uint32_t orig_ttl; ldns_rr_class orig_class; time_t now; ldns_rr *current_sig; uint8_t label_count; ldns_rdf *signame; label_count = ldns_dname_label_count(ldns_rr_owner(ldns_rr_list_rr(rrset, 0))); /* RFC4035 2.2: not counting the leftmost label if it is a wildcard */ if(ldns_dname_is_wildcard(ldns_rr_owner(ldns_rr_list_rr(rrset, 0)))) label_count --; current_sig = ldns_rr_new_frm_type(LDNS_RR_TYPE_RRSIG); /* set the type on the new signature */ orig_ttl = ldns_rr_ttl(ldns_rr_list_rr(rrset, 0)); orig_class = ldns_rr_get_class(ldns_rr_list_rr(rrset, 0)); ldns_rr_set_ttl(current_sig, orig_ttl); ldns_rr_set_class(current_sig, orig_class); ldns_rr_set_owner(current_sig, ldns_rdf_clone( ldns_rr_owner( ldns_rr_list_rr(rrset, 0)))); /* fill in what we know of the signature */ /* set the orig_ttl */ (void)ldns_rr_rrsig_set_origttl( current_sig, ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, orig_ttl)); /* the signers name */ signame = ldns_rdf_clone(ldns_key_pubkey_owner(current_key)); ldns_dname2canonical(signame); (void)ldns_rr_rrsig_set_signame( current_sig, signame); /* label count - get it from the first rr in the rr_list */ (void)ldns_rr_rrsig_set_labels( current_sig, ldns_native2rdf_int8(LDNS_RDF_TYPE_INT8, label_count)); /* inception, expiration */ now = time(NULL); if (ldns_key_inception(current_key) != 0) { (void)ldns_rr_rrsig_set_inception( current_sig, ldns_native2rdf_int32( LDNS_RDF_TYPE_TIME, ldns_key_inception(current_key))); } else { (void)ldns_rr_rrsig_set_inception( current_sig, ldns_native2rdf_int32(LDNS_RDF_TYPE_TIME, now)); } if (ldns_key_expiration(current_key) != 0) { (void)ldns_rr_rrsig_set_expiration( current_sig, ldns_native2rdf_int32( LDNS_RDF_TYPE_TIME, ldns_key_expiration(current_key))); } else { (void)ldns_rr_rrsig_set_expiration( current_sig, ldns_native2rdf_int32( LDNS_RDF_TYPE_TIME, now + LDNS_DEFAULT_EXP_TIME)); } (void)ldns_rr_rrsig_set_keytag( current_sig, ldns_native2rdf_int16(LDNS_RDF_TYPE_INT16, ldns_key_keytag(current_key))); (void)ldns_rr_rrsig_set_algorithm( current_sig, ldns_native2rdf_int8( LDNS_RDF_TYPE_ALG, ldns_key_algorithm(current_key))); (void)ldns_rr_rrsig_set_typecovered( current_sig, ldns_native2rdf_int16( LDNS_RDF_TYPE_TYPE, ldns_rr_get_type(ldns_rr_list_rr(rrset, 0)))); return current_sig; } #ifdef HAVE_SSL ldns_rdf * ldns_sign_public_buffer(ldns_buffer *sign_buf, ldns_key *current_key) { ldns_rdf *b64rdf = NULL; switch(ldns_key_algorithm(current_key)) { #ifdef USE_DSA case LDNS_SIGN_DSA: case LDNS_SIGN_DSA_NSEC3: b64rdf = ldns_sign_public_evp( sign_buf, ldns_key_evp_key(current_key), # ifdef HAVE_EVP_DSS1 EVP_dss1() # else EVP_sha1() # endif ); break; #endif /* USE_DSA */ case LDNS_SIGN_RSASHA1: case LDNS_SIGN_RSASHA1_NSEC3: b64rdf = ldns_sign_public_evp( sign_buf, ldns_key_evp_key(current_key), EVP_sha1()); break; #ifdef USE_SHA2 case LDNS_SIGN_RSASHA256: b64rdf = ldns_sign_public_evp( sign_buf, ldns_key_evp_key(current_key), EVP_sha256()); break; case LDNS_SIGN_RSASHA512: b64rdf = ldns_sign_public_evp( sign_buf, ldns_key_evp_key(current_key), EVP_sha512()); break; #endif /* USE_SHA2 */ #ifdef USE_GOST case LDNS_SIGN_ECC_GOST: b64rdf = ldns_sign_public_evp( sign_buf, ldns_key_evp_key(current_key), EVP_get_digestbyname("md_gost94")); break; #endif /* USE_GOST */ #ifdef USE_ECDSA case LDNS_SIGN_ECDSAP256SHA256: b64rdf = ldns_sign_public_evp( sign_buf, ldns_key_evp_key(current_key), EVP_sha256()); break; case LDNS_SIGN_ECDSAP384SHA384: b64rdf = ldns_sign_public_evp( sign_buf, ldns_key_evp_key(current_key), EVP_sha384()); break; #endif #ifdef USE_ED25519 case LDNS_SIGN_ED25519: b64rdf = ldns_sign_public_evp( sign_buf, ldns_key_evp_key(current_key), NULL); break; #endif #ifdef USE_ED448 case LDNS_SIGN_ED448: b64rdf = ldns_sign_public_evp( sign_buf, ldns_key_evp_key(current_key), NULL); break; #endif case LDNS_SIGN_RSAMD5: b64rdf = ldns_sign_public_evp( sign_buf, ldns_key_evp_key(current_key), EVP_md5()); break; default: /* do _you_ know this alg? */ printf("unknown algorithm, "); printf("is the one used available on this system?\n"); break; } return b64rdf; } /** * use this function to sign with a public/private key alg * return the created signatures */ ldns_rr_list * ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys) { ldns_rr_list *signatures; ldns_rr_list *rrset_clone; ldns_rr *current_sig; ldns_rdf *b64rdf; ldns_key *current_key; size_t key_count; uint16_t i; ldns_buffer *sign_buf; ldns_rdf *new_owner; if (!rrset || ldns_rr_list_rr_count(rrset) < 1 || !keys) { return NULL; } new_owner = NULL; /* prepare a signature and add all the know data * prepare the rrset. Sign this together. */ rrset_clone = ldns_rr_list_clone(rrset); if (!rrset_clone) { return NULL; } /* make it canonical */ for(i = 0; i < ldns_rr_list_rr_count(rrset_clone); i++) { ldns_rr_set_ttl(ldns_rr_list_rr(rrset_clone, i), ldns_rr_ttl(ldns_rr_list_rr(rrset, 0))); ldns_rr2canonical(ldns_rr_list_rr(rrset_clone, i)); } /* sort */ ldns_rr_list_sort(rrset_clone); signatures = ldns_rr_list_new(); for (key_count = 0; key_count < ldns_key_list_key_count(keys); key_count++) { if (!ldns_key_use(ldns_key_list_key(keys, key_count))) { continue; } sign_buf = ldns_buffer_new(LDNS_MAX_PACKETLEN); if (!sign_buf) { ldns_rr_list_free(rrset_clone); ldns_rr_list_free(signatures); ldns_rdf_free(new_owner); return NULL; } b64rdf = NULL; current_key = ldns_key_list_key(keys, key_count); /* sign all RRs with keys that have ZSKbit, !SEPbit. sign DNSKEY RRs with keys that have ZSKbit&SEPbit */ if (ldns_key_flags(current_key) & LDNS_KEY_ZONE_KEY) { current_sig = ldns_create_empty_rrsig(rrset_clone, current_key); /* right now, we have: a key, a semi-sig and an rrset. For * which we can create the sig and base64 encode that and * add that to the signature */ if (ldns_rrsig2buffer_wire(sign_buf, current_sig) != LDNS_STATUS_OK) { ldns_buffer_free(sign_buf); /* ERROR */ ldns_rr_list_deep_free(rrset_clone); ldns_rr_free(current_sig); ldns_rr_list_deep_free(signatures); return NULL; } /* add the rrset in sign_buf */ if (ldns_rr_list2buffer_wire(sign_buf, rrset_clone) != LDNS_STATUS_OK) { ldns_buffer_free(sign_buf); ldns_rr_list_deep_free(rrset_clone); ldns_rr_free(current_sig); ldns_rr_list_deep_free(signatures); return NULL; } b64rdf = ldns_sign_public_buffer(sign_buf, current_key); if (!b64rdf) { /* signing went wrong */ ldns_rr_list_deep_free(rrset_clone); ldns_rr_free(current_sig); ldns_rr_list_deep_free(signatures); return NULL; } ldns_rr_rrsig_set_sig(current_sig, b64rdf); /* push the signature to the signatures list */ ldns_rr_list_push_rr(signatures, current_sig); } ldns_buffer_free(sign_buf); /* restart for the next key */ } ldns_rr_list_deep_free(rrset_clone); return signatures; } ldns_rdf * ldns_sign_public_dsa(ldns_buffer *to_sign, DSA *key) { #ifdef USE_DSA unsigned char md[EVP_MAX_MD_SIZE]; unsigned char *sha1_hash; ldns_rdf *sigdata_rdf; ldns_buffer *b64sig; DSA_SIG *sig; const BIGNUM *R, *S; uint8_t *data; size_t pad; b64sig = ldns_buffer_new(LDNS_MAX_PACKETLEN); if (!b64sig) { return NULL; } sha1_hash = SHA1((unsigned char*)ldns_buffer_begin(to_sign), ldns_buffer_position(to_sign), md); if (!sha1_hash) { ldns_buffer_free(b64sig); return NULL; } sig = DSA_do_sign(sha1_hash, SHA_DIGEST_LENGTH, key); if(!sig) { ldns_buffer_free(b64sig); return NULL; } data = LDNS_XMALLOC(uint8_t, 1 + 2 * SHA_DIGEST_LENGTH); if(!data) { ldns_buffer_free(b64sig); DSA_SIG_free(sig); return NULL; } data[0] = 1; # ifdef HAVE_DSA_SIG_GET0 DSA_SIG_get0(sig, &R, &S); # else R = sig->r; S = sig->s; # endif pad = 20 - (size_t) BN_num_bytes(R); if (pad > 0) { memset(data + 1, 0, pad); } BN_bn2bin(R, (unsigned char *) (data + 1) + pad); pad = 20 - (size_t) BN_num_bytes(S); if (pad > 0) { memset(data + 1 + SHA_DIGEST_LENGTH, 0, pad); } BN_bn2bin(S, (unsigned char *) (data + 1 + SHA_DIGEST_LENGTH + pad)); sigdata_rdf = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, 1 + 2 * SHA_DIGEST_LENGTH, data); ldns_buffer_free(b64sig); LDNS_FREE(data); DSA_SIG_free(sig); return sigdata_rdf; #else (void)to_sign; (void)key; return NULL; #endif } #ifdef USE_ECDSA #ifndef S_SPLINT_S /** returns the number of bytes per signature-component (i.e. bits/8), or 0. */ static int ldns_pkey_is_ecdsa(EVP_PKEY* pkey) { EC_KEY* ec; const EC_GROUP* g; #ifdef HAVE_EVP_PKEY_GET_BASE_ID if(EVP_PKEY_get_base_id(pkey) != EVP_PKEY_EC) return 0; #elif defined(HAVE_EVP_PKEY_BASE_ID) if(EVP_PKEY_base_id(pkey) != EVP_PKEY_EC) return 0; #else if(EVP_PKEY_type(pkey->type) != EVP_PKEY_EC) return 0; #endif ec = EVP_PKEY_get1_EC_KEY(pkey); g = EC_KEY_get0_group(ec); if(!g) { EC_KEY_free(ec); return 0; } if(EC_GROUP_get_curve_name(g) == NID_X9_62_prime256v1) { EC_KEY_free(ec); return 32; /* 256/8 */ } if(EC_GROUP_get_curve_name(g) == NID_secp384r1) { EC_KEY_free(ec); return 48; /* 384/8 */ } /* downref the eckey, the original is still inside the pkey */ EC_KEY_free(ec); return 0; } #endif /* splint */ #endif /* USE_ECDSA */ ldns_rdf * ldns_sign_public_evp(ldns_buffer *to_sign, EVP_PKEY *key, const EVP_MD *digest_type) { unsigned int siglen; ldns_rdf *sigdata_rdf = NULL; ldns_buffer *b64sig; EVP_MD_CTX *ctx; const EVP_MD *md_type; int r; siglen = 0; b64sig = ldns_buffer_new(LDNS_MAX_PACKETLEN); if (!b64sig) { return NULL; } /* initializes a signing context */ md_type = digest_type; #ifdef USE_ED25519 if(EVP_PKEY_id(key) == NID_ED25519) { /* digest must be NULL for ED25519 sign and verify */ md_type = NULL; } else #endif #ifdef USE_ED448 if(EVP_PKEY_id(key) == NID_ED448) { md_type = NULL; } else #endif if(!md_type) { /* unknown message digest */ ldns_buffer_free(b64sig); return NULL; } #ifdef HAVE_EVP_MD_CTX_NEW ctx = EVP_MD_CTX_new(); #else ctx = (EVP_MD_CTX*)malloc(sizeof(*ctx)); if(ctx) EVP_MD_CTX_init(ctx); #endif if(!ctx) { ldns_buffer_free(b64sig); return NULL; } #if defined(USE_ED25519) || defined(USE_ED448) if(md_type == NULL) { /* for these methods we must use the one-shot DigestSign */ r = EVP_DigestSignInit(ctx, NULL, md_type, NULL, key); if(r == 1) { size_t siglen_sizet = ldns_buffer_capacity(b64sig); r = EVP_DigestSign(ctx, (unsigned char*)ldns_buffer_begin(b64sig), &siglen_sizet, (unsigned char*)ldns_buffer_begin(to_sign), ldns_buffer_position(to_sign)); siglen = (unsigned int)siglen_sizet; } } else { #else r = 0; if(md_type != NULL) { #endif r = EVP_SignInit(ctx, md_type); if(r == 1) { r = EVP_SignUpdate(ctx, (unsigned char*) ldns_buffer_begin(to_sign), ldns_buffer_position(to_sign)); } if(r == 1) { r = EVP_SignFinal(ctx, (unsigned char*) ldns_buffer_begin(b64sig), &siglen, key); } } if(r != 1) { ldns_buffer_free(b64sig); EVP_MD_CTX_destroy(ctx); return NULL; } /* OpenSSL output is different, convert it */ r = 0; #ifdef USE_DSA #ifndef S_SPLINT_S /* unfortunately, OpenSSL output is different from DNS DSA format */ # ifdef HAVE_EVP_PKEY_GET_BASE_ID if (EVP_PKEY_get_base_id(key) == EVP_PKEY_DSA) { # elif defined(HAVE_EVP_PKEY_BASE_ID) if (EVP_PKEY_base_id(key) == EVP_PKEY_DSA) { # else if (EVP_PKEY_type(key->type) == EVP_PKEY_DSA) { # endif r = 1; sigdata_rdf = ldns_convert_dsa_rrsig_asn12rdf(b64sig, siglen); } #endif #endif #if defined(USE_ECDSA) if( # ifdef HAVE_EVP_PKEY_GET_BASE_ID EVP_PKEY_get_base_id(key) # elif defined(HAVE_EVP_PKEY_BASE_ID) EVP_PKEY_base_id(key) # else EVP_PKEY_type(key->type) # endif == EVP_PKEY_EC) { # ifdef USE_ECDSA if(ldns_pkey_is_ecdsa(key)) { r = 1; sigdata_rdf = ldns_convert_ecdsa_rrsig_asn1len2rdf( b64sig, (long)siglen, ldns_pkey_is_ecdsa(key)); } # endif /* USE_ECDSA */ } #endif /* PKEY_EC */ if(r == 0) { /* ok output for other types is the same */ sigdata_rdf = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, siglen, ldns_buffer_begin(b64sig)); } ldns_buffer_free(b64sig); EVP_MD_CTX_destroy(ctx); return sigdata_rdf; } ldns_rdf * ldns_sign_public_rsasha1(ldns_buffer *to_sign, RSA *key) { unsigned char md[EVP_MAX_MD_SIZE]; unsigned char *sha1_hash; unsigned int siglen; ldns_rdf *sigdata_rdf; ldns_buffer *b64sig; int result; siglen = 0; b64sig = ldns_buffer_new(LDNS_MAX_PACKETLEN); if (!b64sig) { return NULL; } sha1_hash = SHA1((unsigned char*)ldns_buffer_begin(to_sign), ldns_buffer_position(to_sign), md); if (!sha1_hash) { ldns_buffer_free(b64sig); return NULL; } result = RSA_sign(NID_sha1, sha1_hash, SHA_DIGEST_LENGTH, (unsigned char*)ldns_buffer_begin(b64sig), &siglen, key); if (result != 1) { ldns_buffer_free(b64sig); return NULL; } sigdata_rdf = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, siglen, ldns_buffer_begin(b64sig)); ldns_buffer_free(b64sig); /* can't free this buffer ?? */ return sigdata_rdf; } ldns_rdf * ldns_sign_public_rsamd5(ldns_buffer *to_sign, RSA *key) { unsigned char md[EVP_MAX_MD_SIZE]; unsigned char *md5_hash; unsigned int siglen; ldns_rdf *sigdata_rdf; ldns_buffer *b64sig; b64sig = ldns_buffer_new(LDNS_MAX_PACKETLEN); if (!b64sig) { return NULL; } md5_hash = MD5((unsigned char*)ldns_buffer_begin(to_sign), ldns_buffer_position(to_sign), md); if (!md5_hash) { ldns_buffer_free(b64sig); return NULL; } RSA_sign(NID_md5, md5_hash, MD5_DIGEST_LENGTH, (unsigned char*)ldns_buffer_begin(b64sig), &siglen, key); sigdata_rdf = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, siglen, ldns_buffer_begin(b64sig)); ldns_buffer_free(b64sig); return sigdata_rdf; } #endif /* HAVE_SSL */ /** * Pushes all rrs from the rrsets of type A and AAAA on gluelist. */ static ldns_status ldns_dnssec_addresses_on_glue_list( ldns_dnssec_rrsets *cur_rrset, ldns_rr_list *glue_list) { ldns_dnssec_rrs *cur_rrs; while (cur_rrset) { if (cur_rrset->type == LDNS_RR_TYPE_A || cur_rrset->type == LDNS_RR_TYPE_AAAA) { for (cur_rrs = cur_rrset->rrs; cur_rrs; cur_rrs = cur_rrs->next) { if (cur_rrs->rr) { if (!ldns_rr_list_push_rr(glue_list, cur_rrs->rr)) { return LDNS_STATUS_MEM_ERR; /* ldns_rr_list_push_rr() * returns false when unable * to increase the capacity * of the ldns_rr_list */ } } } } cur_rrset = cur_rrset->next; } return LDNS_STATUS_OK; } ldns_status ldns_dnssec_zone_mark_and_get_glue(ldns_dnssec_zone *zone, ldns_rr_list *glue_list) { ldns_rbnode_t *node; ldns_dnssec_name *name; ldns_rdf *owner; ldns_rdf *cut = NULL; /* keeps track of zone cuts */ /* When the cut is caused by a delegation, below_delegation will be 1. * When caused by a DNAME, below_delegation will be 0. */ int below_delegation = -1; /* init suppresses compiler warning */ ldns_status s; if (!zone || !zone->names) { return LDNS_STATUS_NULL; } for (node = ldns_rbtree_first(zone->names); node != LDNS_RBTREE_NULL; node = ldns_rbtree_next(node)) { name = (ldns_dnssec_name *) node->data; owner = ldns_dnssec_name_name(name); if (cut) { /* The previous node was a zone cut, or a subdomain * below a zone cut. Is this node (still) a subdomain * below the cut? Then the name is occluded. Unless * the name contains a SOA, after which we are * authoritative again. * * FIXME! If there are labels in between the SOA and * the cut, going from the authoritative space (below * the SOA) up into occluded space again, will not be * detected with the construct below! */ if (ldns_dname_is_subdomain(owner, cut) && !ldns_dnssec_rrsets_contains_type( name->rrsets, LDNS_RR_TYPE_SOA)) { if (below_delegation && glue_list) { s = ldns_dnssec_addresses_on_glue_list( name->rrsets, glue_list); if (s != LDNS_STATUS_OK) { return s; } } name->is_glue = true; /* Mark occluded name! */ continue; } else { cut = NULL; } } /* The node is not below a zone cut. Is it a zone cut itself? * Everything below a SOA is authoritative of course; Except * when the name also contains a DNAME :). */ if (ldns_dnssec_rrsets_contains_type( name->rrsets, LDNS_RR_TYPE_NS) && !ldns_dnssec_rrsets_contains_type( name->rrsets, LDNS_RR_TYPE_SOA)) { cut = owner; below_delegation = 1; if (glue_list) { /* record glue on the zone cut */ s = ldns_dnssec_addresses_on_glue_list( name->rrsets, glue_list); if (s != LDNS_STATUS_OK) { return s; } } } else if (ldns_dnssec_rrsets_contains_type( name->rrsets, LDNS_RR_TYPE_DNAME)) { cut = owner; below_delegation = 0; } } return LDNS_STATUS_OK; } ldns_status ldns_dnssec_zone_mark_glue(ldns_dnssec_zone *zone) { return ldns_dnssec_zone_mark_and_get_glue(zone, NULL); } ldns_rbnode_t * ldns_dnssec_name_node_next_nonglue(ldns_rbnode_t *node) { ldns_rbnode_t *next_node = NULL; ldns_dnssec_name *next_name = NULL; bool done = false; if (node == LDNS_RBTREE_NULL) { return NULL; } next_node = node; while (!done) { if (next_node == LDNS_RBTREE_NULL) { return NULL; } else { next_name = (ldns_dnssec_name *)next_node->data; if (!next_name->is_glue) { done = true; } else { next_node = ldns_rbtree_next(next_node); } } } return next_node; } ldns_status ldns_dnssec_zone_create_nsecs(ldns_dnssec_zone *zone, ldns_rr_list *new_rrs) { ldns_rbnode_t *first_node, *cur_node, *next_node; ldns_dnssec_name *cur_name, *next_name; ldns_rr *nsec_rr; uint32_t nsec_ttl; ldns_dnssec_rrsets *soa; /* The TTL value for any NSEC RR SHOULD be the same TTL value as the * lesser of the MINIMUM field of the SOA record and the TTL of the SOA * itself. This matches the definition of the TTL for negative * responses in [RFC2308]. (draft-ietf-dnsop-nsec-ttl-01 update of * RFC4035 Section 2.3) */ soa = ldns_dnssec_name_find_rrset(zone->soa, LDNS_RR_TYPE_SOA); /* did the caller actually set it? if not, * fall back to default ttl */ if (soa && soa->rrs && soa->rrs->rr) { ldns_rr *soa_rr = soa->rrs->rr; ldns_rdf *min_rdf = ldns_rr_rdf(soa_rr, 6); nsec_ttl = min_rdf == NULL || ldns_rr_ttl(soa_rr) < ldns_rdf2native_int32(min_rdf) ? ldns_rr_ttl(soa_rr) : ldns_rdf2native_int32(min_rdf); } else { nsec_ttl = LDNS_DEFAULT_TTL; } first_node = ldns_dnssec_name_node_next_nonglue( ldns_rbtree_first(zone->names)); cur_node = first_node; if (cur_node) { next_node = ldns_dnssec_name_node_next_nonglue( ldns_rbtree_next(cur_node)); } else { next_node = NULL; } while (cur_node && next_node) { cur_name = (ldns_dnssec_name *)cur_node->data; next_name = (ldns_dnssec_name *)next_node->data; nsec_rr = ldns_dnssec_create_nsec(cur_name, next_name, LDNS_RR_TYPE_NSEC); ldns_rr_set_ttl(nsec_rr, nsec_ttl); if(ldns_dnssec_name_add_rr(cur_name, nsec_rr)!=LDNS_STATUS_OK){ ldns_rr_free(nsec_rr); return LDNS_STATUS_ERR; } ldns_rr_list_push_rr(new_rrs, nsec_rr); cur_node = next_node; if (cur_node) { next_node = ldns_dnssec_name_node_next_nonglue( ldns_rbtree_next(cur_node)); } } if (cur_node && !next_node) { cur_name = (ldns_dnssec_name *)cur_node->data; next_name = (ldns_dnssec_name *)first_node->data; nsec_rr = ldns_dnssec_create_nsec(cur_name, next_name, LDNS_RR_TYPE_NSEC); ldns_rr_set_ttl(nsec_rr, nsec_ttl); if(ldns_dnssec_name_add_rr(cur_name, nsec_rr)!=LDNS_STATUS_OK){ ldns_rr_free(nsec_rr); return LDNS_STATUS_ERR; } ldns_rr_list_push_rr(new_rrs, nsec_rr); } else { printf("error\n"); } return LDNS_STATUS_OK; } #ifdef HAVE_SSL static void ldns_hashed_names_node_free(ldns_rbnode_t *node, void *arg) { (void) arg; LDNS_FREE(node); } static ldns_status ldns_dnssec_zone_create_nsec3s_mkmap(ldns_dnssec_zone *zone, ldns_rr_list *new_rrs, uint8_t algorithm, uint8_t flags, uint16_t iterations, uint8_t salt_length, uint8_t *salt, ldns_rbtree_t **map) { ldns_rbnode_t *first_name_node; ldns_rbnode_t *current_name_node; ldns_dnssec_name *current_name; ldns_status result = LDNS_STATUS_OK; ldns_rr *nsec_rr; ldns_rr_list *nsec3_list; uint32_t nsec_ttl; ldns_dnssec_rrsets *soa; ldns_rbnode_t *hashmap_node; if (!zone || !new_rrs || !zone->names) { return LDNS_STATUS_ERR; } /* The TTL value for any NSEC RR SHOULD be the same TTL value as the * lesser of the MINIMUM field of the SOA record and the TTL of the SOA * itself. This matches the definition of the TTL for negative * responses in [RFC2308]. (draft-ietf-dnsop-nsec-ttl-01 update of * RFC4035 Section 2.3) */ soa = ldns_dnssec_name_find_rrset(zone->soa, LDNS_RR_TYPE_SOA); /* did the caller actually set it? if not, * fall back to default ttl */ if (soa && soa->rrs && soa->rrs->rr) { ldns_rr *soa_rr = soa->rrs->rr; ldns_rdf *min_rdf = ldns_rr_rdf(soa_rr, 6); nsec_ttl = min_rdf == NULL || ldns_rr_ttl(soa_rr) < ldns_rdf2native_int32(min_rdf) ? ldns_rr_ttl(soa_rr) : ldns_rdf2native_int32(min_rdf); } else { nsec_ttl = LDNS_DEFAULT_TTL; } if (ldns_rdf_size(zone->soa->name) > 222) { return LDNS_STATUS_NSEC3_DOMAINNAME_OVERFLOW; } if (zone->hashed_names) { ldns_traverse_postorder(zone->hashed_names, ldns_hashed_names_node_free, NULL); LDNS_FREE(zone->hashed_names); } zone->hashed_names = ldns_rbtree_create(ldns_dname_compare_v); if (zone->hashed_names && map) { *map = zone->hashed_names; } first_name_node = ldns_dnssec_name_node_next_nonglue( ldns_rbtree_first(zone->names)); current_name_node = first_name_node; while (current_name_node && current_name_node != LDNS_RBTREE_NULL && result == LDNS_STATUS_OK) { current_name = (ldns_dnssec_name *) current_name_node->data; nsec_rr = ldns_dnssec_create_nsec3(current_name, NULL, zone->soa->name, algorithm, flags, iterations, salt_length, salt); /* by default, our nsec based generator adds rrsigs * remove the bitmap for empty nonterminals */ if (!current_name->rrsets) { ldns_rdf_deep_free(ldns_rr_pop_rdf(nsec_rr)); } ldns_rr_set_ttl(nsec_rr, nsec_ttl); result = ldns_dnssec_name_add_rr(current_name, nsec_rr); ldns_rr_list_push_rr(new_rrs, nsec_rr); if (ldns_rr_owner(nsec_rr)) { hashmap_node = LDNS_MALLOC(ldns_rbnode_t); if (hashmap_node == NULL) { return LDNS_STATUS_MEM_ERR; } current_name->hashed_name = ldns_dname_label(ldns_rr_owner(nsec_rr), 0); if (current_name->hashed_name == NULL) { LDNS_FREE(hashmap_node); return LDNS_STATUS_MEM_ERR; } hashmap_node->key = current_name->hashed_name; hashmap_node->data = current_name; if (! ldns_rbtree_insert(zone->hashed_names , hashmap_node)) { LDNS_FREE(hashmap_node); } } current_name_node = ldns_dnssec_name_node_next_nonglue( ldns_rbtree_next(current_name_node)); } if (result != LDNS_STATUS_OK) { return result; } /* Make sorted list of nsec3s (via zone->hashed_names) */ nsec3_list = ldns_rr_list_new(); if (nsec3_list == NULL) { return LDNS_STATUS_MEM_ERR; } for ( hashmap_node = ldns_rbtree_first(zone->hashed_names) ; hashmap_node != LDNS_RBTREE_NULL ; hashmap_node = ldns_rbtree_next(hashmap_node) ) { nsec_rr = ((ldns_dnssec_name *) hashmap_node->data)->nsec; if (nsec_rr) { ldns_rr_list_push_rr(nsec3_list, nsec_rr); } } result = ldns_dnssec_chain_nsec3_list(nsec3_list); ldns_rr_list_free(nsec3_list); return result; } ldns_status ldns_dnssec_zone_create_nsec3s(ldns_dnssec_zone *zone, ldns_rr_list *new_rrs, uint8_t algorithm, uint8_t flags, uint16_t iterations, uint8_t salt_length, uint8_t *salt) { return ldns_dnssec_zone_create_nsec3s_mkmap(zone, new_rrs, algorithm, flags, iterations, salt_length, salt, NULL); } #endif /* HAVE_SSL */ ldns_dnssec_rrs * ldns_dnssec_remove_signatures( ldns_dnssec_rrs *signatures , ATTR_UNUSED(ldns_key_list *key_list) , int (*func)(ldns_rr *, void *) , void *arg ) { ldns_dnssec_rrs *base_rrs = signatures; ldns_dnssec_rrs *cur_rr = base_rrs; ldns_dnssec_rrs *prev_rr = NULL; ldns_dnssec_rrs *next_rr; uint16_t keytag; size_t i; if (!cur_rr) { switch(func(NULL, arg)) { case LDNS_SIGNATURE_LEAVE_ADD_NEW: case LDNS_SIGNATURE_REMOVE_ADD_NEW: break; case LDNS_SIGNATURE_LEAVE_NO_ADD: case LDNS_SIGNATURE_REMOVE_NO_ADD: ldns_key_list_set_use(key_list, false); break; default: #ifdef STDERR_MSGS fprintf(stderr, "[XX] unknown return value from callback\n"); #endif break; } return NULL; } (void)func(cur_rr->rr, arg); while (cur_rr) { next_rr = cur_rr->next; switch (func(cur_rr->rr, arg)) { case LDNS_SIGNATURE_LEAVE_ADD_NEW: prev_rr = cur_rr; break; case LDNS_SIGNATURE_LEAVE_NO_ADD: keytag = ldns_rdf2native_int16( ldns_rr_rrsig_keytag(cur_rr->rr)); for (i = 0; i < ldns_key_list_key_count(key_list); i++) { if (ldns_key_keytag(ldns_key_list_key(key_list, i)) == keytag) { ldns_key_set_use(ldns_key_list_key(key_list, i), false); } } prev_rr = cur_rr; break; case LDNS_SIGNATURE_REMOVE_NO_ADD: keytag = ldns_rdf2native_int16( ldns_rr_rrsig_keytag(cur_rr->rr)); for (i = 0; i < ldns_key_list_key_count(key_list); i++) { if (ldns_key_keytag(ldns_key_list_key(key_list, i)) == keytag) { ldns_key_set_use(ldns_key_list_key(key_list, i), false); } } if (prev_rr) { prev_rr->next = next_rr; } else { base_rrs = next_rr; } LDNS_FREE(cur_rr); break; case LDNS_SIGNATURE_REMOVE_ADD_NEW: if (prev_rr) { prev_rr->next = next_rr; } else { base_rrs = next_rr; } LDNS_FREE(cur_rr); break; default: #ifdef STDERR_MSGS fprintf(stderr, "[XX] unknown return value from callback\n"); #endif break; } cur_rr = next_rr; } return base_rrs; } #ifdef HAVE_SSL ldns_status ldns_dnssec_zone_create_rrsigs(ldns_dnssec_zone *zone, ldns_rr_list *new_rrs, ldns_key_list *key_list, int (*func)(ldns_rr *, void*), void *arg) { return ldns_dnssec_zone_create_rrsigs_flg(zone, new_rrs, key_list, func, arg, 0); } /** If there are KSKs use only them and mark ZSKs unused */ static void ldns_key_list_filter_for_dnskey(ldns_key_list *key_list, int flags) { bool algos[256] #ifndef S_SPLINT_S = { false } #endif ; ldns_signing_algorithm saw_ksk = 0; ldns_key *key; size_t i; if (!ldns_key_list_key_count(key_list)) return; /* Mark all KSKs */ for (i = 0; i < ldns_key_list_key_count(key_list); i++) { key = ldns_key_list_key(key_list, i); if ((ldns_key_flags(key) & LDNS_KEY_SEP_KEY)) { if (!saw_ksk) saw_ksk = ldns_key_algorithm(key); algos[ldns_key_algorithm(key)] = true; } } if (!saw_ksk) return; /* No KSKs means sign using all ZSKs */ /* Deselect the ZSKs so they do not sign DNSKEY RRs. * Except with the LDNS_SIGN_WITH_ALL_ALGORITHMS flag, then use it, * but only if it has an algorithm for which there is no KSK */ for (i =0; i < ldns_key_list_key_count(key_list); i++) { key = ldns_key_list_key(key_list, i); if (!(ldns_key_flags(key) & LDNS_KEY_SEP_KEY)) { /* We have a ZSK. * Still use it if it has a unique algorithm though! */ if ((flags & LDNS_SIGN_WITH_ALL_ALGORITHMS) && !algos[ldns_key_algorithm(key)]) algos[ldns_key_algorithm(key)] = true; else ldns_key_set_use(key, 0); } } } /** If there are no ZSKs use KSKs as ZSK too */ static void ldns_key_list_filter_for_non_dnskey(ldns_key_list *key_list, int flags) { bool algos[256] #ifndef S_SPLINT_S = { false } #endif ; ldns_signing_algorithm saw_zsk = 0; ldns_key *key; size_t i; if (!ldns_key_list_key_count(key_list)) return; /* Mark all ZSKs */ for (i = 0; i < ldns_key_list_key_count(key_list); i++) { key = ldns_key_list_key(key_list, i); if (!(ldns_key_flags(key) & LDNS_KEY_SEP_KEY)) { if (!saw_zsk) saw_zsk = ldns_key_algorithm(key); algos[ldns_key_algorithm(key)] = true; } } if (!saw_zsk) return; /* No ZSKs means sign using all KSKs */ /* Deselect the KSKs so they do not sign non DNSKEY RRs. * Except with the LDNS_SIGN_WITH_ALL_ALGORITHMS flag, then use it, * but only if it has an algorithm for which there is no ZSK */ for (i = 0; i < ldns_key_list_key_count(key_list); i++) { key = ldns_key_list_key(key_list, i); if((ldns_key_flags(key) & LDNS_KEY_SEP_KEY)) { /* We have a KSK. * Still use it if it has a unique algorithm though! */ if ((flags & LDNS_SIGN_WITH_ALL_ALGORITHMS) && !algos[ldns_key_algorithm(key)]) algos[ldns_key_algorithm(key)] = true; else ldns_key_set_use(key, 0); } } } ldns_status ldns_dnssec_zone_create_rrsigs_flg( ldns_dnssec_zone *zone , ldns_rr_list *new_rrs , ldns_key_list *key_list , int (*func)(ldns_rr *, void*) , void *arg , int flags ) { ldns_status result = LDNS_STATUS_OK; ldns_rbnode_t *cur_node; ldns_rr_list *rr_list; ldns_dnssec_name *cur_name; ldns_dnssec_rrsets *cur_rrset; ldns_dnssec_rrs *cur_rr; ldns_rr_list *siglist; size_t i; int on_delegation_point = 0; /* handle partially occluded names */ ldns_rr_list *pubkey_list = ldns_rr_list_new(); for (i = 0; inames); while (cur_node != LDNS_RBTREE_NULL) { cur_name = (ldns_dnssec_name *) cur_node->data; if (!cur_name->is_glue) { on_delegation_point = ldns_dnssec_rrsets_contains_type( cur_name->rrsets, LDNS_RR_TYPE_NS) && !ldns_dnssec_rrsets_contains_type( cur_name->rrsets, LDNS_RR_TYPE_SOA); cur_rrset = cur_name->rrsets; while (cur_rrset) { /* reset keys to use */ ldns_key_list_set_use(key_list, true); /* walk through old sigs, remove the old, and mark which keys (not) to use) */ cur_rrset->signatures = ldns_dnssec_remove_signatures(cur_rrset->signatures, key_list, func, arg); if(cur_rrset->type == LDNS_RR_TYPE_DNSKEY || cur_rrset->type == LDNS_RR_TYPE_CDNSKEY || cur_rrset->type == LDNS_RR_TYPE_CDS) { if(!(flags&LDNS_SIGN_DNSKEY_WITH_ZSK)) { ldns_key_list_filter_for_dnskey(key_list, flags); } } else { ldns_key_list_filter_for_non_dnskey(key_list, flags); } /* TODO: just set count to zero? */ rr_list = ldns_rr_list_new(); cur_rr = cur_rrset->rrs; while (cur_rr) { ldns_rr_list_push_rr(rr_list, cur_rr->rr); cur_rr = cur_rr->next; } /* only sign non-delegation RRsets */ /* (glue should have been marked earlier, * except on the delegation points itself) */ if (!on_delegation_point || ldns_rr_list_type(rr_list) == LDNS_RR_TYPE_DS || ldns_rr_list_type(rr_list) == LDNS_RR_TYPE_NSEC || ldns_rr_list_type(rr_list) == LDNS_RR_TYPE_NSEC3) { siglist = ldns_sign_public(rr_list, key_list); for (i = 0; i < ldns_rr_list_rr_count(siglist); i++) { if (cur_rrset->signatures) { result = ldns_dnssec_rrs_add_rr(cur_rrset->signatures, ldns_rr_list_rr(siglist, i)); } else { cur_rrset->signatures = ldns_dnssec_rrs_new(); cur_rrset->signatures->rr = ldns_rr_list_rr(siglist, i); } if (new_rrs) { ldns_rr_list_push_rr(new_rrs, ldns_rr_list_rr(siglist, i)); } } ldns_rr_list_free(siglist); } ldns_rr_list_free(rr_list); cur_rrset = cur_rrset->next; } /* sign the nsec */ ldns_key_list_set_use(key_list, true); cur_name->nsec_signatures = ldns_dnssec_remove_signatures(cur_name->nsec_signatures, key_list, func, arg); ldns_key_list_filter_for_non_dnskey(key_list, flags); rr_list = ldns_rr_list_new(); ldns_rr_list_push_rr(rr_list, cur_name->nsec); siglist = ldns_sign_public(rr_list, key_list); for (i = 0; i < ldns_rr_list_rr_count(siglist); i++) { if (cur_name->nsec_signatures) { result = ldns_dnssec_rrs_add_rr(cur_name->nsec_signatures, ldns_rr_list_rr(siglist, i)); } else { cur_name->nsec_signatures = ldns_dnssec_rrs_new(); cur_name->nsec_signatures->rr = ldns_rr_list_rr(siglist, i); } if (new_rrs) { ldns_rr_list_push_rr(new_rrs, ldns_rr_list_rr(siglist, i)); } } ldns_rr_list_free(siglist); ldns_rr_list_free(rr_list); } cur_node = ldns_rbtree_next(cur_node); } ldns_rr_list_deep_free(pubkey_list); return result; } ldns_status ldns_dnssec_zone_sign(ldns_dnssec_zone *zone, ldns_rr_list *new_rrs, ldns_key_list *key_list, int (*func)(ldns_rr *, void *), void *arg) { return ldns_dnssec_zone_sign_flg(zone, new_rrs, key_list, func, arg, 0); } ldns_status dnssec_zone_equip_zonemd(ldns_dnssec_zone *zone, ldns_rr_list *new_rrs, ldns_key_list *key_list, int flags); ldns_status ldns_dnssec_zone_sign_flg(ldns_dnssec_zone *zone, ldns_rr_list *new_rrs, ldns_key_list *key_list, int (*func)(ldns_rr *, void *), void *arg, int flags) { ldns_status result = LDNS_STATUS_OK; ldns_dnssec_rrsets zonemd_rrset; bool zonemd_added = false; if (!zone || !new_rrs || !key_list) { return LDNS_STATUS_ERR; } if (flags & LDNS_SIGN_WITH_ZONEMD) { ldns_dnssec_rrsets **rrsets_ref = &zone->soa->rrsets; while (*rrsets_ref && (*rrsets_ref)->type < LDNS_RR_TYPE_ZONEMD) rrsets_ref = &(*rrsets_ref)->next; if (!*rrsets_ref || (*rrsets_ref)->type > LDNS_RR_TYPE_ZONEMD) { zonemd_rrset.rrs = NULL; zonemd_rrset.type = LDNS_RR_TYPE_ZONEMD; zonemd_rrset.signatures = NULL; zonemd_rrset.next = *rrsets_ref; *rrsets_ref = &zonemd_rrset; zonemd_added = true; } } /* zone is already sorted */ result = ldns_dnssec_zone_mark_glue(zone); if (result != LDNS_STATUS_OK) { return result; } /* check whether we need to add nsecs */ if ((flags & LDNS_SIGN_NO_KEYS_NO_NSECS) && ldns_key_list_key_count(key_list) < 1) ; /* pass */ else if (zone->names && !((ldns_dnssec_name *)zone->names->root->data)->nsec) { result = ldns_dnssec_zone_create_nsecs(zone, new_rrs); if (result != LDNS_STATUS_OK) { return result; } } result = ldns_dnssec_zone_create_rrsigs_flg(zone, new_rrs, key_list, func, arg, flags); if (zonemd_added) { ldns_dnssec_rrsets **rrsets_ref = &zone->soa->rrsets; while (*rrsets_ref && (*rrsets_ref)->type < LDNS_RR_TYPE_ZONEMD) rrsets_ref = &(*rrsets_ref)->next; *rrsets_ref = zonemd_rrset.next; } return flags & LDNS_SIGN_WITH_ZONEMD ? dnssec_zone_equip_zonemd(zone, new_rrs, key_list, flags) : result; } ldns_status ldns_dnssec_zone_sign_nsec3(ldns_dnssec_zone *zone, ldns_rr_list *new_rrs, ldns_key_list *key_list, int (*func)(ldns_rr *, void *), void *arg, uint8_t algorithm, uint8_t flags, uint16_t iterations, uint8_t salt_length, uint8_t *salt) { return ldns_dnssec_zone_sign_nsec3_flg_mkmap(zone, new_rrs, key_list, func, arg, algorithm, flags, iterations, salt_length, salt, 0, NULL); } ldns_status ldns_dnssec_zone_sign_nsec3_flg_mkmap(ldns_dnssec_zone *zone, ldns_rr_list *new_rrs, ldns_key_list *key_list, int (*func)(ldns_rr *, void *), void *arg, uint8_t algorithm, uint8_t flags, uint16_t iterations, uint8_t salt_length, uint8_t *salt, int signflags, ldns_rbtree_t **map) { ldns_rr *nsec3, *nsec3param; ldns_status result = LDNS_STATUS_OK; bool zonemd_added = false; ldns_dnssec_rrsets zonemd_rrset; /* zone is already sorted */ result = ldns_dnssec_zone_mark_glue(zone); if (result != LDNS_STATUS_OK) { return result; } /* TODO if there are already nsec3s presents and their * parameters are the same as these, we don't have to recreate */ if (zone->names) { /* add empty nonterminals */ result = ldns_dnssec_zone_add_empty_nonterminals(zone); if (result != LDNS_STATUS_OK) { return result; } nsec3 = ((ldns_dnssec_name *)zone->names->root->data)->nsec; /* check whether we need to add nsecs */ if ((signflags & LDNS_SIGN_NO_KEYS_NO_NSECS) && ldns_key_list_key_count(key_list) < 1) ; /* pass */ else if (nsec3 && ldns_rr_get_type(nsec3) == LDNS_RR_TYPE_NSEC3) { /* no need to recreate */ } else { if (!ldns_dnssec_zone_find_rrset(zone, zone->soa->name, LDNS_RR_TYPE_NSEC3PARAM)) { /* create and add the nsec3param rr */ nsec3param = ldns_rr_new_frm_type(LDNS_RR_TYPE_NSEC3PARAM); ldns_rr_set_owner(nsec3param, ldns_rdf_clone(zone->soa->name)); ldns_nsec3_add_param_rdfs(nsec3param, algorithm, flags, iterations, salt_length, salt); /* always set bit 7 of the flags to zero, according to * rfc5155 section 11. The bits are counted from right to left, * so bit 7 in rfc5155 is bit 0 in ldns */ ldns_set_bit(ldns_rdf_data(ldns_rr_rdf(nsec3param, 1)), 0, 0); result = ldns_dnssec_zone_add_rr(zone, nsec3param); if (result != LDNS_STATUS_OK) { return result; } ldns_rr_list_push_rr(new_rrs, nsec3param); } if (signflags & LDNS_SIGN_WITH_ZONEMD) { ldns_dnssec_rrsets **rrsets_ref = &zone->soa->rrsets; while (*rrsets_ref && (*rrsets_ref)->type < LDNS_RR_TYPE_ZONEMD) rrsets_ref = &(*rrsets_ref)->next; if (!*rrsets_ref || (*rrsets_ref)->type > LDNS_RR_TYPE_ZONEMD) { zonemd_rrset.rrs = NULL; zonemd_rrset.type = LDNS_RR_TYPE_ZONEMD; zonemd_rrset.signatures = NULL; zonemd_rrset.next = *rrsets_ref; *rrsets_ref = &zonemd_rrset; zonemd_added = true; } } result = ldns_dnssec_zone_create_nsec3s_mkmap(zone, new_rrs, algorithm, flags, iterations, salt_length, salt, map); if (zonemd_added) { ldns_dnssec_rrsets **rrsets_ref = &zone->soa->rrsets; while (*rrsets_ref && (*rrsets_ref)->type < LDNS_RR_TYPE_ZONEMD) rrsets_ref = &(*rrsets_ref)->next; *rrsets_ref = zonemd_rrset.next; } if (result != LDNS_STATUS_OK) { return result; } } result = ldns_dnssec_zone_create_rrsigs_flg(zone, new_rrs, key_list, func, arg, signflags); } if (result || !zone->names) return result; return signflags & LDNS_SIGN_WITH_ZONEMD ? dnssec_zone_equip_zonemd(zone, new_rrs, key_list, signflags) : result; } ldns_status ldns_dnssec_zone_sign_nsec3_flg(ldns_dnssec_zone *zone, ldns_rr_list *new_rrs, ldns_key_list *key_list, int (*func)(ldns_rr *, void *), void *arg, uint8_t algorithm, uint8_t flags, uint16_t iterations, uint8_t salt_length, uint8_t *salt, int signflags) { return ldns_dnssec_zone_sign_nsec3_flg_mkmap(zone, new_rrs, key_list, func, arg, algorithm, flags, iterations, salt_length, salt, signflags, NULL); } ldns_zone * ldns_zone_sign(const ldns_zone *zone, ldns_key_list *key_list) { ldns_dnssec_zone *dnssec_zone; ldns_zone *signed_zone; ldns_rr_list *new_rrs; size_t i; signed_zone = ldns_zone_new(); dnssec_zone = ldns_dnssec_zone_new(); (void) ldns_dnssec_zone_add_rr(dnssec_zone, ldns_zone_soa(zone)); ldns_zone_set_soa(signed_zone, ldns_rr_clone(ldns_zone_soa(zone))); for (i = 0; i < ldns_rr_list_rr_count(ldns_zone_rrs(zone)); i++) { (void) ldns_dnssec_zone_add_rr(dnssec_zone, ldns_rr_list_rr(ldns_zone_rrs(zone), i)); ldns_zone_push_rr(signed_zone, ldns_rr_clone(ldns_rr_list_rr(ldns_zone_rrs(zone), i))); } new_rrs = ldns_rr_list_new(); (void) ldns_dnssec_zone_sign(dnssec_zone, new_rrs, key_list, ldns_dnssec_default_replace_signatures, NULL); for (i = 0; i < ldns_rr_list_rr_count(new_rrs); i++) { ldns_rr_list_push_rr(ldns_zone_rrs(signed_zone), ldns_rr_clone(ldns_rr_list_rr(new_rrs, i))); } ldns_rr_list_deep_free(new_rrs); ldns_dnssec_zone_free(dnssec_zone); return signed_zone; } ldns_zone * ldns_zone_sign_nsec3(ldns_zone *zone, ldns_key_list *key_list, uint8_t algorithm, uint8_t flags, uint16_t iterations, uint8_t salt_length, uint8_t *salt) { ldns_dnssec_zone *dnssec_zone; ldns_zone *signed_zone; ldns_rr_list *new_rrs; size_t i; signed_zone = ldns_zone_new(); dnssec_zone = ldns_dnssec_zone_new(); (void) ldns_dnssec_zone_add_rr(dnssec_zone, ldns_zone_soa(zone)); ldns_zone_set_soa(signed_zone, ldns_rr_clone(ldns_zone_soa(zone))); for (i = 0; i < ldns_rr_list_rr_count(ldns_zone_rrs(zone)); i++) { (void) ldns_dnssec_zone_add_rr(dnssec_zone, ldns_rr_list_rr(ldns_zone_rrs(zone), i)); ldns_zone_push_rr(signed_zone, ldns_rr_clone(ldns_rr_list_rr(ldns_zone_rrs(zone), i))); } new_rrs = ldns_rr_list_new(); (void) ldns_dnssec_zone_sign_nsec3(dnssec_zone, new_rrs, key_list, ldns_dnssec_default_replace_signatures, NULL, algorithm, flags, iterations, salt_length, salt); for (i = 0; i < ldns_rr_list_rr_count(new_rrs); i++) { ldns_rr_list_push_rr(ldns_zone_rrs(signed_zone), ldns_rr_clone(ldns_rr_list_rr(new_rrs, i))); } ldns_rr_list_deep_free(new_rrs); ldns_dnssec_zone_free(dnssec_zone); return signed_zone; } #endif /* HAVE_SSL */ ldns-1.9.0/edns.c0000664000175000017500000002267615114326257013147 0ustar willemwillem/* * edns.c * * edns implementation * * a Net::DNS like library for C * * (c) NLnet Labs, 2004-2022 * * See the file LICENSE for the license */ #include #include #define LDNS_OPTIONLIST_INIT 8 /* * Access functions * functions to get and set type checking */ /* read */ size_t ldns_edns_get_size(const ldns_edns_option *edns) { assert(edns != NULL); return edns->_size; } ldns_edns_option_code ldns_edns_get_code(const ldns_edns_option *edns) { assert(edns != NULL); return edns->_code; } uint8_t * ldns_edns_get_data(const ldns_edns_option *edns) { assert(edns != NULL); return edns->_data; } ldns_status ldns_edns_ede_get_code(const ldns_edns_option *edns, uint16_t *ede_code) { assert(edns != NULL); assert(ede_code != NULL); if (edns->_code != LDNS_EDNS_EDE) return LDNS_STATUS_NOT_EDE; if (edns->_size < 2) return LDNS_STATUS_EDE_OPTION_MALFORMED; *ede_code = (uint16_t) ntohs(*((uint16_t*) edns->_data)); return LDNS_STATUS_OK; } ldns_status ldns_edns_ede_get_text(const ldns_edns_option* edns, char **ede_text) { assert(edns != NULL); assert(ede_text != NULL); if (edns->_code != LDNS_EDNS_EDE) return LDNS_STATUS_NOT_EDE; if (edns->_size < 2) return LDNS_STATUS_EDE_OPTION_MALFORMED; *ede_text = NULL; if (edns->_size > 2) { *ede_text = (char*) malloc((edns->_size - 1) * sizeof(char)); memset(*ede_text, 0, edns->_size - 1); memcpy(*ede_text, &((char*)edns->_data)[2], edns->_size - 2); } return LDNS_STATUS_OK; } ldns_buffer * ldns_edns_get_wireformat_buffer(const ldns_edns_option *edns) { uint16_t option; size_t size; uint8_t* data; ldns_buffer* buffer; if (edns == NULL) { return NULL; } option = ldns_edns_get_code(edns); size = ldns_edns_get_size(edns); data = ldns_edns_get_data(edns); buffer = ldns_buffer_new(size + 4); if (buffer == NULL) { return NULL; } ldns_buffer_write_u16(buffer, option); ldns_buffer_write_u16(buffer, size); ldns_buffer_write(buffer, data, size); ldns_buffer_flip(buffer); return buffer; } /* write */ static void ldns_edns_set_size(ldns_edns_option *edns, size_t size) { assert(edns != NULL); edns->_size = size; } static void ldns_edns_set_code(ldns_edns_option *edns, ldns_edns_option_code code) { assert(edns != NULL); edns->_code = code; } static void ldns_edns_set_data(ldns_edns_option *edns, void *data) { /* only copy the pointer */ assert(edns != NULL); edns->_data = data; } /* note: data must be allocated memory */ ldns_edns_option * ldns_edns_new(ldns_edns_option_code code, size_t size, void *data) { ldns_edns_option *edns; edns = LDNS_MALLOC(ldns_edns_option); if (!edns) { return NULL; } ldns_edns_set_code(edns, code); ldns_edns_set_size(edns, size); ldns_edns_set_data(edns, data); return edns; } ldns_edns_option * ldns_edns_new_from_data(ldns_edns_option_code code, size_t size, const void *data) { ldns_edns_option *edns; edns = LDNS_MALLOC(ldns_edns_option); if (!edns) { return NULL; } edns->_data = LDNS_XMALLOC(uint8_t, size); if (!edns->_data) { LDNS_FREE(edns); return NULL; } /* set the values */ ldns_edns_set_code(edns, code); ldns_edns_set_size(edns, size); memcpy(edns->_data, data, size); return edns; } ldns_edns_option * ldns_edns_clone(ldns_edns_option *edns) { ldns_edns_option *new_option; assert(edns != NULL); new_option = ldns_edns_new_from_data(ldns_edns_get_code(edns), ldns_edns_get_size(edns), ldns_edns_get_data(edns)); return new_option; } void ldns_edns_deep_free(ldns_edns_option *edns) { if (edns) { if (edns->_data) { LDNS_FREE(edns->_data); } LDNS_FREE(edns); } } void ldns_edns_free(ldns_edns_option *edns) { if (edns) { LDNS_FREE(edns); } } ldns_edns_option_list* ldns_edns_option_list_new(void) { ldns_edns_option_list *option_list = LDNS_MALLOC(ldns_edns_option_list); if(!option_list) { return NULL; } option_list->_option_count = 0; option_list->_option_capacity = 0; option_list->_options_size = 0; option_list->_options = NULL; return option_list; } ldns_edns_option_list * ldns_edns_option_list_clone(ldns_edns_option_list *old_list) { size_t i; ldns_edns_option_list *new_list; if (!old_list) { return NULL; } new_list = ldns_edns_option_list_new(); if (!new_list) { return NULL; } if (old_list->_option_count == 0) { return new_list; } /* adding options also updates the total options size */ for (i = 0; i < old_list->_option_count; i++) { ldns_edns_option *option = ldns_edns_clone(ldns_edns_option_list_get_option(old_list, i)); if (!ldns_edns_option_list_push(new_list, option)) { ldns_edns_deep_free(option); ldns_edns_option_list_deep_free(new_list); return NULL; } } return new_list; } void ldns_edns_option_list_free(ldns_edns_option_list *option_list) { if (option_list) { LDNS_FREE(option_list->_options); LDNS_FREE(option_list); } } void ldns_edns_option_list_deep_free(ldns_edns_option_list *option_list) { size_t i; if (option_list) { for (i=0; i < ldns_edns_option_list_get_count(option_list); i++) { ldns_edns_deep_free(ldns_edns_option_list_get_option(option_list, i)); } ldns_edns_option_list_free(option_list); } } size_t ldns_edns_option_list_get_count(const ldns_edns_option_list *option_list) { if (option_list) { return option_list->_option_count; } else { return 0; } } ldns_edns_option * ldns_edns_option_list_get_option(const ldns_edns_option_list *option_list, size_t index) { if (option_list && index < ldns_edns_option_list_get_count(option_list)) { assert(option_list->_options[index]); return option_list->_options[index]; } else { return NULL; } } size_t ldns_edns_option_list_get_options_size(const ldns_edns_option_list *option_list) { if (option_list) { return option_list->_options_size; } else { return 0; } } ldns_edns_option * ldns_edns_option_list_set_option(ldns_edns_option_list *option_list, ldns_edns_option *option, size_t index) { ldns_edns_option* old; assert(option_list != NULL); if (index > ldns_edns_option_list_get_count(option_list)) { return NULL; } if (option == NULL) { return NULL; } old = ldns_edns_option_list_get_option(option_list, index); /* shrink the total EDNS size if the old EDNS option exists */ if (old != NULL) { option_list->_options_size -= (ldns_edns_get_size(old) + 4); } option_list->_options_size += (ldns_edns_get_size(option) + 4); option_list->_options[index] = option; return old; } bool ldns_edns_option_list_push(ldns_edns_option_list *option_list, ldns_edns_option *option) { size_t cap; size_t option_count; assert(option_list != NULL); if (option == NULL) { return false; } cap = option_list->_option_capacity; option_count = ldns_edns_option_list_get_count(option_list); /* verify we need to grow the array to fit the new option */ if (option_count+1 > cap) { ldns_edns_option **new_list; /* initialize the capacity if needed, otherwise grow by doubling */ if (cap == 0) { cap = LDNS_OPTIONLIST_INIT; /* initial list size */ } else { cap *= 2; } new_list = LDNS_XREALLOC(option_list->_options, ldns_edns_option *, cap); if (!new_list) { return false; } option_list->_options = new_list; option_list->_option_capacity = cap; } /* add the new option */ ldns_edns_option_list_set_option(option_list, option, option_list->_option_count); option_list->_option_count += 1; return true; } ldns_edns_option * ldns_edns_option_list_pop(ldns_edns_option_list *option_list) { ldns_edns_option* pop; size_t count; size_t cap; assert(option_list != NULL); cap = option_list->_option_capacity; count = ldns_edns_option_list_get_count(option_list); if (count == 0) { return NULL; } /* get the last option from the list */ pop = ldns_edns_option_list_get_option(option_list, count-1); /* shrink the array */ if (cap > LDNS_OPTIONLIST_INIT && count-1 <= cap/2) { ldns_edns_option **new_list; cap /= 2; new_list = LDNS_XREALLOC(option_list->_options, ldns_edns_option *, cap); if (new_list) { option_list->_options = new_list; } /* if the realloc fails, the capacity for the list remains unchanged */ } /* shrink the total EDNS size of the options if the popped EDNS option exists */ if (pop != NULL) { option_list->_options_size -= (ldns_edns_get_size(pop) + 4); } option_list->_option_count = count - 1; return pop; } ldns_buffer * ldns_edns_option_list2wireformat_buffer(const ldns_edns_option_list *option_list) { size_t i, list_size, options_size, option, size; ldns_buffer* buffer; ldns_edns_option *edns; uint8_t* data = NULL; if (!option_list) { return NULL; } /* get the number of EDNS options in the list*/ list_size = ldns_edns_option_list_get_count(option_list); /* create buffer the size of the total EDNS wireformat options */ options_size = ldns_edns_option_list_get_options_size(option_list); buffer = ldns_buffer_new(options_size); if (!buffer) { return NULL; } /* write individual serialized EDNS options to final buffer*/ for (i = 0; i < list_size; i++) { edns = ldns_edns_option_list_get_option(option_list, i); if (edns == NULL) { /* this shouldn't be possible */ return NULL; } option = ldns_edns_get_code(edns); size = ldns_edns_get_size(edns); data = ldns_edns_get_data(edns); /* make sure the option fits */ if (!(ldns_buffer_available(buffer, size + 4))) { ldns_buffer_free(buffer); return NULL; } ldns_buffer_write_u16(buffer, option); ldns_buffer_write_u16(buffer, size); ldns_buffer_write(buffer, data, size); } ldns_buffer_flip(buffer); return buffer; } ldns-1.9.0/dnssec.c0000664000175000017500000014253715114326257013474 0ustar willemwillem/* * dnssec.c * * contains the cryptographic function needed for DNSSEC in ldns * The crypto library used is openssl * * (c) NLnet Labs, 2004-2008 * * See the file LICENSE for the license */ #include #include #include #include #include #ifdef HAVE_SSL #include #include #include #include #include #include #include #ifdef USE_DSA #include #endif #endif ldns_rr * ldns_dnssec_get_rrsig_for_name_and_type(const ldns_rdf *name, const ldns_rr_type type, const ldns_rr_list *rrs) { size_t i; ldns_rr *candidate; if (!name || !rrs) { return NULL; } for (i = 0; i < ldns_rr_list_rr_count(rrs); i++) { candidate = ldns_rr_list_rr(rrs, i); if (ldns_rr_get_type(candidate) == LDNS_RR_TYPE_RRSIG) { if (ldns_dname_compare(ldns_rr_owner(candidate), name) == 0 && ldns_rdf2rr_type(ldns_rr_rrsig_typecovered(candidate)) == type ) { return candidate; } } } return NULL; } ldns_rr * ldns_dnssec_get_dnskey_for_rrsig(const ldns_rr *rrsig, const ldns_rr_list *rrs) { size_t i; ldns_rr *candidate; if (!rrsig || !rrs) { return NULL; } for (i = 0; i < ldns_rr_list_rr_count(rrs); i++) { candidate = ldns_rr_list_rr(rrs, i); if (ldns_rr_get_type(candidate) == LDNS_RR_TYPE_DNSKEY) { if (ldns_dname_compare(ldns_rr_owner(candidate), ldns_rr_rrsig_signame(rrsig)) == 0 && ldns_rdf2native_int16(ldns_rr_rrsig_keytag(rrsig)) == ldns_calc_keytag(candidate) ) { return candidate; } } } return NULL; } ldns_rdf * ldns_nsec_get_bitmap(const ldns_rr *nsec) { if (ldns_rr_get_type(nsec) == LDNS_RR_TYPE_NSEC) { return ldns_rr_rdf(nsec, 1); } else if (ldns_rr_get_type(nsec) == LDNS_RR_TYPE_NSEC3) { return ldns_rr_rdf(nsec, 5); } else { return NULL; } } /*return the owner name of the closest encloser for name from the list of rrs */ /* this is NOT the hash, but the original name! */ ldns_rdf * ldns_dnssec_nsec3_closest_encloser(const ldns_rdf *qname, ATTR_UNUSED(ldns_rr_type qtype), const ldns_rr_list *nsec3s) { /* remember parameters, they must match */ uint8_t algorithm; uint32_t iterations; uint8_t salt_length; uint8_t *salt; ldns_rdf *sname, *hashed_sname, *tmp; bool flag; bool exact_match_found; bool in_range_found; ldns_status status; ldns_rdf *zone_name; size_t nsec_i; ldns_rr *nsec; ldns_rdf *result = NULL; if (!qname || !nsec3s || ldns_rr_list_rr_count(nsec3s) < 1) { return NULL; } nsec = ldns_rr_list_rr(nsec3s, 0); algorithm = ldns_nsec3_algorithm(nsec); salt_length = ldns_nsec3_salt_length(nsec); salt = ldns_nsec3_salt_data(nsec); iterations = ldns_nsec3_iterations(nsec); sname = ldns_rdf_clone(qname); flag = false; zone_name = ldns_dname_left_chop(ldns_rr_owner(nsec)); /* algorithm from nsec3-07 8.3 */ while (ldns_dname_label_count(sname) > 0) { exact_match_found = false; in_range_found = false; hashed_sname = ldns_nsec3_hash_name(sname, algorithm, iterations, salt_length, salt); status = ldns_dname_cat(hashed_sname, zone_name); if(status != LDNS_STATUS_OK) { LDNS_FREE(salt); ldns_rdf_deep_free(zone_name); ldns_rdf_deep_free(sname); ldns_rdf_deep_free(hashed_sname); return NULL; } for (nsec_i = 0; nsec_i < ldns_rr_list_rr_count(nsec3s); nsec_i++) { nsec = ldns_rr_list_rr(nsec3s, nsec_i); /* check values of iterations etc! */ /* exact match? */ if (ldns_dname_compare(ldns_rr_owner(nsec), hashed_sname) == 0) { exact_match_found = true; } else if (ldns_nsec_covers_name(nsec, hashed_sname)) { in_range_found = true; } } if (!exact_match_found && in_range_found) { flag = true; } else if (exact_match_found && flag) { result = ldns_rdf_clone(sname); /* RFC 5155: 8.3. 2.** "The proof is complete" */ ldns_rdf_deep_free(hashed_sname); goto done; } else if (exact_match_found && !flag) { /* error! */ ldns_rdf_deep_free(hashed_sname); goto done; } else { flag = false; } ldns_rdf_deep_free(hashed_sname); tmp = sname; sname = ldns_dname_left_chop(sname); ldns_rdf_deep_free(tmp); } done: LDNS_FREE(salt); ldns_rdf_deep_free(zone_name); ldns_rdf_deep_free(sname); return result; } bool ldns_dnssec_pkt_has_rrsigs(const ldns_pkt *pkt) { size_t i; for (i = 0; i < ldns_pkt_ancount(pkt); i++) { if (ldns_rr_get_type(ldns_rr_list_rr(ldns_pkt_answer(pkt), i)) == LDNS_RR_TYPE_RRSIG) { return true; } } for (i = 0; i < ldns_pkt_nscount(pkt); i++) { if (ldns_rr_get_type(ldns_rr_list_rr(ldns_pkt_authority(pkt), i)) == LDNS_RR_TYPE_RRSIG) { return true; } } return false; } ldns_rr_list * ldns_dnssec_pkt_get_rrsigs_for_name_and_type(const ldns_pkt *pkt, const ldns_rdf *name, ldns_rr_type type) { uint16_t t_netorder; ldns_rr_list *sigs; ldns_rr_list *sigs_covered; ldns_rdf *rdf_t; sigs = ldns_pkt_rr_list_by_name_and_type(pkt, name, LDNS_RR_TYPE_RRSIG, LDNS_SECTION_ANY_NOQUESTION ); t_netorder = htons(type); /* rdf are in network order! */ rdf_t = ldns_rdf_new(LDNS_RDF_TYPE_TYPE, LDNS_RDF_SIZE_WORD, &t_netorder); sigs_covered = ldns_rr_list_subtype_by_rdf(sigs, rdf_t, 0); ldns_rdf_free(rdf_t); ldns_rr_list_deep_free(sigs); return sigs_covered; } ldns_rr_list * ldns_dnssec_pkt_get_rrsigs_for_type(const ldns_pkt *pkt, ldns_rr_type type) { uint16_t t_netorder; ldns_rr_list *sigs; ldns_rr_list *sigs_covered; ldns_rdf *rdf_t; sigs = ldns_pkt_rr_list_by_type(pkt, LDNS_RR_TYPE_RRSIG, LDNS_SECTION_ANY_NOQUESTION ); t_netorder = htons(type); /* rdf are in network order! */ rdf_t = ldns_rdf_new(LDNS_RDF_TYPE_TYPE, 2, &t_netorder); sigs_covered = ldns_rr_list_subtype_by_rdf(sigs, rdf_t, 0); ldns_rdf_free(rdf_t); ldns_rr_list_deep_free(sigs); return sigs_covered; } /* used only on the public key RR */ uint16_t ldns_calc_keytag(const ldns_rr *key) { uint16_t ac16; ldns_buffer *keybuf; size_t keysize; if (!key) { return 0; } if (ldns_rr_get_type(key) != LDNS_RR_TYPE_DNSKEY && ldns_rr_get_type(key) != LDNS_RR_TYPE_CDNSKEY && ldns_rr_get_type(key) != LDNS_RR_TYPE_KEY ) { return 0; } /* rdata to buf - only put the rdata in a buffer */ keybuf = ldns_buffer_new(LDNS_MIN_BUFLEN); /* grows */ if (!keybuf) { return 0; } (void)ldns_rr_rdata2buffer_wire(keybuf, key); /* the current pos in the buffer is the keysize */ keysize= ldns_buffer_position(keybuf); ac16 = ldns_calc_keytag_raw(ldns_buffer_begin(keybuf), keysize); ldns_buffer_free(keybuf); return ac16; } uint16_t ldns_calc_keytag_raw(const uint8_t* key, size_t keysize) { unsigned int i; uint32_t ac32; uint16_t ac16; if(keysize < 4) { return 0; } /* look at the algorithm field, copied from 2535bis */ if (key[3] == LDNS_RSAMD5) { ac16 = 0; if (keysize > 4) { memmove(&ac16, key + keysize - 3, 2); } ac16 = ntohs(ac16); return (uint16_t) ac16; } else { ac32 = 0; for (i = 0; (size_t)i < keysize; ++i) { ac32 += (i & 1) ? key[i] : key[i] << 8; } ac32 += (ac32 >> 16) & 0xFFFF; return (uint16_t) (ac32 & 0xFFFF); } } #ifdef HAVE_SSL #ifdef USE_DSA DSA * ldns_key_buf2dsa(const ldns_buffer *key) { return ldns_key_buf2dsa_raw((const unsigned char*)ldns_buffer_begin(key), ldns_buffer_position(key)); } DSA * ldns_key_buf2dsa_raw(const unsigned char* key, size_t len) { uint8_t T; uint16_t length; uint16_t offset; DSA *dsa; BIGNUM *Q; BIGNUM *P; BIGNUM *G; BIGNUM *Y; if(len == 0) return NULL; T = (uint8_t)key[0]; length = (64 + T * 8); offset = 1; if (T > 8) { return NULL; } if(len < (size_t)1 + SHA_DIGEST_LENGTH + 3*length) return NULL; Q = BN_bin2bn(key+offset, SHA_DIGEST_LENGTH, NULL); offset += SHA_DIGEST_LENGTH; P = BN_bin2bn(key+offset, (int)length, NULL); offset += length; G = BN_bin2bn(key+offset, (int)length, NULL); offset += length; Y = BN_bin2bn(key+offset, (int)length, NULL); /* create the key and set its properties */ if(!Q || !P || !G || !Y || !(dsa = DSA_new())) { BN_free(Q); BN_free(P); BN_free(G); BN_free(Y); return NULL; } #if OPENSSL_VERSION_NUMBER < 0x10100000 || (defined(HAVE_LIBRESSL) && LIBRESSL_VERSION_NUMBER < 0x20700000) #ifndef S_SPLINT_S dsa->p = P; dsa->q = Q; dsa->g = G; dsa->pub_key = Y; #endif /* splint */ #else /* OPENSSL_VERSION_NUMBER */ if (!DSA_set0_pqg(dsa, P, Q, G)) { /* QPG not yet attached, need to free */ BN_free(Q); BN_free(P); BN_free(G); DSA_free(dsa); BN_free(Y); return NULL; } if (!DSA_set0_key(dsa, Y, NULL)) { /* QPG attached, cleaned up by DSA_fre() */ DSA_free(dsa); BN_free(Y); return NULL; } #endif /* OPENSSL_VERSION_NUMBER */ return dsa; } #endif /* USE_DSA */ RSA * ldns_key_buf2rsa(const ldns_buffer *key) { return ldns_key_buf2rsa_raw((const unsigned char*)ldns_buffer_begin(key), ldns_buffer_position(key)); } RSA * ldns_key_buf2rsa_raw(const unsigned char* key, size_t len) { uint16_t offset; uint16_t exp; uint16_t int16; RSA *rsa; BIGNUM *modulus; BIGNUM *exponent; if (len == 0) return NULL; if (key[0] == 0) { if(len < 3) return NULL; /* need some smart comment here XXX*/ /* the exponent is too large so it's places * further...???? */ memmove(&int16, key+1, 2); exp = ntohs(int16); offset = 3; } else { exp = key[0]; offset = 1; } /* key length at least one */ if(len < (size_t)offset + exp + 1) return NULL; /* Exponent */ exponent = BN_new(); if(!exponent) return NULL; (void) BN_bin2bn(key+offset, (int)exp, exponent); offset += exp; /* Modulus */ modulus = BN_new(); if(!modulus) { BN_free(exponent); return NULL; } /* length of the buffer must match the key length! */ (void) BN_bin2bn(key+offset, (int)(len - offset), modulus); rsa = RSA_new(); if(!rsa) { BN_free(exponent); BN_free(modulus); return NULL; } #if OPENSSL_VERSION_NUMBER < 0x10100000 || (defined(HAVE_LIBRESSL) && LIBRESSL_VERSION_NUMBER < 0x20700000) #ifndef S_SPLINT_S rsa->n = modulus; rsa->e = exponent; #endif /* splint */ #else /* OPENSSL_VERSION_NUMBER */ if (!RSA_set0_key(rsa, modulus, exponent, NULL)) { BN_free(exponent); BN_free(modulus); RSA_free(rsa); return NULL; } #endif /* OPENSSL_VERSION_NUMBER */ return rsa; } int ldns_digest_evp(const unsigned char* data, unsigned int len, unsigned char* dest, const EVP_MD* md) { EVP_MD_CTX* ctx; ctx = EVP_MD_CTX_create(); if(!ctx) return false; if(!EVP_DigestInit_ex(ctx, md, NULL) || !EVP_DigestUpdate(ctx, data, len) || !EVP_DigestFinal_ex(ctx, dest, NULL)) { EVP_MD_CTX_destroy(ctx); return false; } EVP_MD_CTX_destroy(ctx); return true; } #endif /* HAVE_SSL */ ldns_rr * ldns_key_rr2ds(const ldns_rr *key, ldns_hash h) { ldns_rdf *tmp; ldns_rr *ds; uint16_t keytag; uint8_t sha1hash; uint8_t *digest; ldns_buffer *data_buf; #ifdef USE_GOST const EVP_MD* md = NULL; #endif if (ldns_rr_get_type(key) != LDNS_RR_TYPE_DNSKEY && ldns_rr_get_type(key) != LDNS_RR_TYPE_CDNSKEY) { return NULL; } ds = ldns_rr_new(); if (!ds) { return NULL; } ldns_rr_set_type(ds, LDNS_RR_TYPE_DS); ldns_rr_set_owner(ds, ldns_rdf_clone( ldns_rr_owner(key))); ldns_rr_set_ttl(ds, ldns_rr_ttl(key)); ldns_rr_set_class(ds, ldns_rr_get_class(key)); switch(h) { default: case LDNS_SHA1: digest = LDNS_XMALLOC(uint8_t, LDNS_SHA1_DIGEST_LENGTH); if (!digest) { ldns_rr_free(ds); return NULL; } break; case LDNS_SHA256: digest = LDNS_XMALLOC(uint8_t, LDNS_SHA256_DIGEST_LENGTH); if (!digest) { ldns_rr_free(ds); return NULL; } break; case LDNS_HASH_GOST: #ifdef USE_GOST (void)ldns_key_EVP_load_gost_id(); md = EVP_get_digestbyname("md_gost94"); if(!md) { ldns_rr_free(ds); return NULL; } digest = LDNS_XMALLOC(uint8_t, EVP_MD_size(md)); if (!digest) { ldns_rr_free(ds); return NULL; } break; #else /* not implemented */ ldns_rr_free(ds); return NULL; #endif case LDNS_SHA384: #ifdef USE_ECDSA digest = LDNS_XMALLOC(uint8_t, SHA384_DIGEST_LENGTH); if (!digest) { ldns_rr_free(ds); return NULL; } break; #else /* not implemented */ ldns_rr_free(ds); return NULL; #endif } data_buf = ldns_buffer_new(LDNS_MAX_PACKETLEN); if (!data_buf) { LDNS_FREE(digest); ldns_rr_free(ds); return NULL; } /* keytag */ keytag = htons(ldns_calc_keytag((ldns_rr*)key)); tmp = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_INT16, sizeof(uint16_t), &keytag); ldns_rr_push_rdf(ds, tmp); /* copy the algorithm field */ if ((tmp = ldns_rr_rdf(key, 2)) == NULL) { LDNS_FREE(digest); ldns_buffer_free(data_buf); ldns_rr_free(ds); return NULL; } else { ldns_rr_push_rdf(ds, ldns_rdf_clone( tmp )); } /* digest hash type */ sha1hash = (uint8_t)h; tmp = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_INT8, sizeof(uint8_t), &sha1hash); ldns_rr_push_rdf(ds, tmp); /* digest */ /* owner name */ tmp = ldns_rdf_clone(ldns_rr_owner(key)); ldns_dname2canonical(tmp); if (ldns_rdf2buffer_wire(data_buf, tmp) != LDNS_STATUS_OK) { LDNS_FREE(digest); ldns_buffer_free(data_buf); ldns_rr_free(ds); ldns_rdf_deep_free(tmp); return NULL; } ldns_rdf_deep_free(tmp); /* all the rdata's */ if (ldns_rr_rdata2buffer_wire(data_buf, (ldns_rr*)key) != LDNS_STATUS_OK) { LDNS_FREE(digest); ldns_buffer_free(data_buf); ldns_rr_free(ds); return NULL; } switch(h) { case LDNS_SHA1: (void) ldns_sha1((unsigned char *) ldns_buffer_begin(data_buf), (unsigned int) ldns_buffer_position(data_buf), (unsigned char *) digest); tmp = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_HEX, LDNS_SHA1_DIGEST_LENGTH, digest); ldns_rr_push_rdf(ds, tmp); break; case LDNS_SHA256: (void) ldns_sha256((unsigned char *) ldns_buffer_begin(data_buf), (unsigned int) ldns_buffer_position(data_buf), (unsigned char *) digest); tmp = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_HEX, LDNS_SHA256_DIGEST_LENGTH, digest); ldns_rr_push_rdf(ds, tmp); break; case LDNS_HASH_GOST: #ifdef USE_GOST if(!ldns_digest_evp((unsigned char *) ldns_buffer_begin(data_buf), (unsigned int) ldns_buffer_position(data_buf), (unsigned char *) digest, md)) { LDNS_FREE(digest); ldns_buffer_free(data_buf); ldns_rr_free(ds); return NULL; } tmp = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_HEX, (size_t)EVP_MD_size(md), digest); ldns_rr_push_rdf(ds, tmp); #endif break; case LDNS_SHA384: #ifdef USE_ECDSA (void) SHA384((unsigned char *) ldns_buffer_begin(data_buf), (unsigned int) ldns_buffer_position(data_buf), (unsigned char *) digest); tmp = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_HEX, SHA384_DIGEST_LENGTH, digest); ldns_rr_push_rdf(ds, tmp); #endif break; } LDNS_FREE(digest); ldns_buffer_free(data_buf); return ds; } /* From RFC3845: * * 2.1.2. The List of Type Bit Map(s) Field * * The RR type space is split into 256 window blocks, each representing * the low-order 8 bits of the 16-bit RR type space. Each block that * has at least one active RR type is encoded using a single octet * window number (from 0 to 255), a single octet bitmap length (from 1 * to 32) indicating the number of octets used for the window block's * bitmap, and up to 32 octets (256 bits) of bitmap. * * Window blocks are present in the NSEC RR RDATA in increasing * numerical order. * * "|" denotes concatenation * * Type Bit Map(s) Field = ( Window Block # | Bitmap Length | Bitmap ) + * * * * Blocks with no types present MUST NOT be included. Trailing zero * octets in the bitmap MUST be omitted. The length of each block's * bitmap is determined by the type code with the largest numerical * value within that block, among the set of RR types present at the * NSEC RR's owner name. Trailing zero octets not specified MUST be * interpreted as zero octets. */ ldns_rdf * ldns_dnssec_create_nsec_bitmap(ldns_rr_type rr_type_list[], size_t size, ldns_rr_type nsec_type) { uint8_t window; /* most significant octet of type */ uint8_t subtype; /* least significant octet of type */ int windows[256]; /* Max subtype per window */ uint8_t windowpresent[256]; /* bool if window appears in bitmap */ ldns_rr_type* d; /* used to traverse rr_type_list*/ size_t i; /* used to traverse windows array */ size_t sz; /* size needed for type bitmap rdf */ uint8_t* data = NULL; /* rdf data */ uint8_t* dptr; /* used to itraverse rdf data */ ldns_rdf* rdf; /* bitmap rdf to return */ if (nsec_type != LDNS_RR_TYPE_NSEC && nsec_type != LDNS_RR_TYPE_NSEC3) { return NULL; } memset(windows, 0, sizeof(int)*256); memset(windowpresent, 0, 256); /* Which other windows need to be in the bitmap rdf? */ for (d = rr_type_list; d < rr_type_list + size; d++) { window = *d >> 8; subtype = *d & 0xff; windowpresent[window] = 1; if (windows[window] < (int)subtype) { windows[window] = (int)subtype; } } /* How much space do we need in the rdf for those windows? */ sz = 0; for (i = 0; i < 256; i++) { if (windowpresent[i]) { sz += windows[i] / 8 + 3; } } if (sz > 0) { /* Format rdf data according RFC3845 Section 2.1.2 (see above) */ dptr = data = LDNS_CALLOC(uint8_t, sz); if (!data) { return NULL; } for (i = 0; i < 256; i++) { if (windowpresent[i]) { *dptr++ = (uint8_t)i; *dptr++ = (uint8_t)(windows[i] / 8 + 1); /* Now let windows[i] index the bitmap * within data */ windows[i] = (int)(dptr - data); dptr += dptr[-1]; } } } /* Set the bits? */ for (d = rr_type_list; d < rr_type_list + size; d++) { subtype = *d & 0xff; data[windows[*d >> 8] + subtype/8] |= (0x80 >> (subtype % 8)); } /* Allocate and return rdf structure for the data */ rdf = ldns_rdf_new(LDNS_RDF_TYPE_BITMAP, sz, data); if (!rdf) { LDNS_FREE(data); return NULL; } return rdf; } int ldns_dnssec_rrsets_contains_type(const ldns_dnssec_rrsets *rrsets, ldns_rr_type type) { const ldns_dnssec_rrsets *cur_rrset = rrsets; while (cur_rrset) { if (cur_rrset->type == type) { return 1; } cur_rrset = cur_rrset->next; } return 0; } ldns_rr * ldns_dnssec_create_nsec(const ldns_dnssec_name *from, const ldns_dnssec_name *to, ldns_rr_type nsec_type) { ldns_rr *nsec_rr; ldns_rr_type types[65536]; size_t type_count = 0; ldns_dnssec_rrsets *cur_rrsets; int on_delegation_point; if (!from || !to || (nsec_type != LDNS_RR_TYPE_NSEC)) { return NULL; } nsec_rr = ldns_rr_new(); ldns_rr_set_type(nsec_rr, nsec_type); ldns_rr_set_owner(nsec_rr, ldns_rdf_clone(ldns_dnssec_name_name(from))); ldns_rr_push_rdf(nsec_rr, ldns_rdf_clone(ldns_dnssec_name_name(to))); on_delegation_point = ldns_dnssec_rrsets_contains_type( from->rrsets, LDNS_RR_TYPE_NS) && !ldns_dnssec_rrsets_contains_type( from->rrsets, LDNS_RR_TYPE_SOA); cur_rrsets = from->rrsets; while (cur_rrsets) { /* Do not include non-authoritative rrsets on the delegation point * in the type bitmap */ if ((on_delegation_point && ( cur_rrsets->type == LDNS_RR_TYPE_NS || cur_rrsets->type == LDNS_RR_TYPE_DS)) || (!on_delegation_point && cur_rrsets->type != LDNS_RR_TYPE_RRSIG && cur_rrsets->type != LDNS_RR_TYPE_NSEC)) { types[type_count] = cur_rrsets->type; type_count++; } cur_rrsets = cur_rrsets->next; } types[type_count] = LDNS_RR_TYPE_RRSIG; type_count++; types[type_count] = LDNS_RR_TYPE_NSEC; type_count++; ldns_rr_push_rdf(nsec_rr, ldns_dnssec_create_nsec_bitmap(types, type_count, nsec_type)); return nsec_rr; } ldns_rr * ldns_dnssec_create_nsec3(const ldns_dnssec_name *from, const ldns_dnssec_name *to, const ldns_rdf *zone_name, uint8_t algorithm, uint8_t flags, uint16_t iterations, uint8_t salt_length, const uint8_t *salt) { ldns_rr *nsec_rr; ldns_rr_type types[65536]; size_t type_count = 0; ldns_dnssec_rrsets *cur_rrsets; ldns_status status; int on_delegation_point; if (!from) { return NULL; } nsec_rr = ldns_rr_new_frm_type(LDNS_RR_TYPE_NSEC3); ldns_rr_set_owner(nsec_rr, ldns_nsec3_hash_name(ldns_dnssec_name_name(from), algorithm, iterations, salt_length, salt)); status = ldns_dname_cat(ldns_rr_owner(nsec_rr), zone_name); if(status != LDNS_STATUS_OK) { ldns_rr_free(nsec_rr); return NULL; } ldns_nsec3_add_param_rdfs(nsec_rr, algorithm, flags, iterations, salt_length, salt); on_delegation_point = ldns_dnssec_rrsets_contains_type( from->rrsets, LDNS_RR_TYPE_NS) && !ldns_dnssec_rrsets_contains_type( from->rrsets, LDNS_RR_TYPE_SOA); cur_rrsets = from->rrsets; while (cur_rrsets) { /* Do not include non-authoritative rrsets on the delegation point * in the type bitmap. Potentially not skipping insecure * delegation should have been done earlier, in function * ldns_dnssec_zone_create_nsec3s, or even earlier in: * ldns_dnssec_zone_sign_nsec3_flg . */ if ((on_delegation_point && ( cur_rrsets->type == LDNS_RR_TYPE_NS || cur_rrsets->type == LDNS_RR_TYPE_DS)) || (!on_delegation_point && cur_rrsets->type != LDNS_RR_TYPE_RRSIG)) { types[type_count] = cur_rrsets->type; type_count++; } cur_rrsets = cur_rrsets->next; } /* always add rrsig type if this is not an unsigned * delegation */ if (type_count > 0 && !(type_count == 1 && types[0] == LDNS_RR_TYPE_NS)) { types[type_count] = LDNS_RR_TYPE_RRSIG; type_count++; } /* leave next rdata empty if they weren't precomputed yet */ if (to && to->hashed_name) { (void) ldns_rr_set_rdf(nsec_rr, ldns_rdf_clone(to->hashed_name), 4); } else { (void) ldns_rr_set_rdf(nsec_rr, NULL, 4); } ldns_rr_push_rdf(nsec_rr, ldns_dnssec_create_nsec_bitmap(types, type_count, LDNS_RR_TYPE_NSEC3)); return nsec_rr; } ldns_rr * ldns_create_nsec(ldns_rdf *cur_owner, ldns_rdf *next_owner, ldns_rr_list *rrs) { /* we do not do any check here - garbage in, garbage out */ /* the start and end names - get the type from the * before rrlist */ /* inefficient, just give it a name, a next name, and a list of rrs */ /* we make 1 big uberbitmap first, then windows */ /* todo: make something more efficient :) */ uint16_t i; ldns_rr *i_rr; uint16_t i_type; ldns_rr *nsec = NULL; ldns_rr_type i_type_list[65536]; size_t type_count = 0; nsec = ldns_rr_new(); ldns_rr_set_type(nsec, LDNS_RR_TYPE_NSEC); ldns_rr_set_owner(nsec, ldns_rdf_clone(cur_owner)); ldns_rr_push_rdf(nsec, ldns_rdf_clone(next_owner)); for (i = 0; i < ldns_rr_list_rr_count(rrs); i++) { i_rr = ldns_rr_list_rr(rrs, i); if (ldns_rdf_compare(cur_owner, ldns_rr_owner(i_rr)) == 0) { i_type = ldns_rr_get_type(i_rr); if (i_type != LDNS_RR_TYPE_RRSIG && i_type != LDNS_RR_TYPE_NSEC) { if (type_count == 0 || i_type_list[type_count-1] != i_type) { i_type_list[type_count] = i_type; type_count++; } } } } i_type_list[type_count] = LDNS_RR_TYPE_RRSIG; type_count++; i_type_list[type_count] = LDNS_RR_TYPE_NSEC; type_count++; ldns_rr_push_rdf(nsec, ldns_dnssec_create_nsec_bitmap(i_type_list, type_count, LDNS_RR_TYPE_NSEC)); return nsec; } ldns_rdf * ldns_nsec3_hash_name(const ldns_rdf *name, uint8_t algorithm, uint16_t iterations, uint8_t salt_length, const uint8_t *salt) { size_t hashed_owner_str_len; ldns_rdf *cann; ldns_rdf *hashed_owner; unsigned char *hashed_owner_str; char *hashed_owner_b32; size_t hashed_owner_b32_len; uint32_t cur_it; /* define to contain the largest possible hash, which is * sha1 at the moment */ unsigned char hash[LDNS_SHA1_DIGEST_LENGTH]; ldns_status status; /* TODO: mnemonic list for hash algs SHA-1, default to 1 now (sha1) */ if (algorithm != LDNS_SHA1) { return NULL; } /* prepare the owner name according to the draft section bla */ cann = ldns_rdf_clone(name); if(!cann) { #ifdef STDERR_MSGS fprintf(stderr, "Memory error\n"); #endif return NULL; } ldns_dname2canonical(cann); hashed_owner_str_len = salt_length + ldns_rdf_size(cann); hashed_owner_str = LDNS_XMALLOC(unsigned char, hashed_owner_str_len); if(!hashed_owner_str) { ldns_rdf_deep_free(cann); return NULL; } memcpy(hashed_owner_str, ldns_rdf_data(cann), ldns_rdf_size(cann)); memcpy(hashed_owner_str + ldns_rdf_size(cann), salt, salt_length); ldns_rdf_deep_free(cann); for (cur_it = iterations + 1; cur_it > 0; cur_it--) { (void) ldns_sha1((unsigned char *) hashed_owner_str, (unsigned int) hashed_owner_str_len, hash); LDNS_FREE(hashed_owner_str); hashed_owner_str_len = salt_length + LDNS_SHA1_DIGEST_LENGTH; hashed_owner_str = LDNS_XMALLOC(unsigned char, hashed_owner_str_len); if (!hashed_owner_str) { return NULL; } memcpy(hashed_owner_str, hash, LDNS_SHA1_DIGEST_LENGTH); memcpy(hashed_owner_str + LDNS_SHA1_DIGEST_LENGTH, salt, salt_length); hashed_owner_str_len = LDNS_SHA1_DIGEST_LENGTH + salt_length; } LDNS_FREE(hashed_owner_str); hashed_owner_str = hash; hashed_owner_str_len = LDNS_SHA1_DIGEST_LENGTH; hashed_owner_b32 = LDNS_XMALLOC(char, ldns_b32_ntop_calculate_size(hashed_owner_str_len) + 1); if(!hashed_owner_b32) { return NULL; } hashed_owner_b32_len = (size_t) ldns_b32_ntop_extended_hex( (uint8_t *) hashed_owner_str, hashed_owner_str_len, hashed_owner_b32, ldns_b32_ntop_calculate_size(hashed_owner_str_len)+1); if (hashed_owner_b32_len < 1) { #ifdef STDERR_MSGS fprintf(stderr, "Error in base32 extended hex encoding "); fprintf(stderr, "of hashed owner name (name: "); ldns_rdf_print(stderr, name); fprintf(stderr, ", return code: %u)\n", (unsigned int) hashed_owner_b32_len); #endif LDNS_FREE(hashed_owner_b32); return NULL; } hashed_owner_b32[hashed_owner_b32_len] = '\0'; status = ldns_str2rdf_dname(&hashed_owner, hashed_owner_b32); if (status != LDNS_STATUS_OK) { #ifdef STDERR_MSGS fprintf(stderr, "Error creating rdf from %s\n", hashed_owner_b32); #endif LDNS_FREE(hashed_owner_b32); return NULL; } LDNS_FREE(hashed_owner_b32); return hashed_owner; } void ldns_nsec3_add_param_rdfs(ldns_rr *rr, uint8_t algorithm, uint8_t flags, uint16_t iterations, uint8_t salt_length, const uint8_t *salt) { ldns_rdf *salt_rdf = NULL; uint8_t *salt_data = NULL; ldns_rdf *old; old = ldns_rr_set_rdf(rr, ldns_rdf_new_frm_data(LDNS_RDF_TYPE_INT8, 1, (void*)&algorithm), 0); if (old) ldns_rdf_deep_free(old); old = ldns_rr_set_rdf(rr, ldns_rdf_new_frm_data(LDNS_RDF_TYPE_INT8, 1, (void*)&flags), 1); if (old) ldns_rdf_deep_free(old); old = ldns_rr_set_rdf(rr, ldns_native2rdf_int16(LDNS_RDF_TYPE_INT16, iterations), 2); if (old) ldns_rdf_deep_free(old); salt_data = LDNS_XMALLOC(uint8_t, salt_length + 1); if(!salt_data) { /* no way to return error */ return; } salt_data[0] = salt_length; memcpy(salt_data + 1, salt, salt_length); salt_rdf = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_NSEC3_SALT, salt_length + 1, salt_data); if(!salt_rdf) { LDNS_FREE(salt_data); /* no way to return error */ return; } old = ldns_rr_set_rdf(rr, salt_rdf, 3); if (old) ldns_rdf_deep_free(old); LDNS_FREE(salt_data); } static int rr_list_delegation_only(const ldns_rdf *origin, const ldns_rr_list *rr_list) { size_t i; ldns_rr *cur_rr; if (!origin || !rr_list) return 0; for (i = 0; i < ldns_rr_list_rr_count(rr_list); i++) { cur_rr = ldns_rr_list_rr(rr_list, i); if (ldns_dname_compare(ldns_rr_owner(cur_rr), origin) == 0) { return 0; } if (ldns_rr_get_type(cur_rr) != LDNS_RR_TYPE_NS) { return 0; } } return 1; } /* this will NOT return the NSEC3 completed, you will have to run the finalize function on the rrlist later! */ ldns_rr * ldns_create_nsec3(const ldns_rdf *cur_owner, const ldns_rdf *cur_zone, const ldns_rr_list *rrs, uint8_t algorithm, uint8_t flags, uint16_t iterations, uint8_t salt_length, const uint8_t *salt, bool emptynonterminal) { size_t i; ldns_rr *i_rr; uint16_t i_type; ldns_rr *nsec = NULL; ldns_rdf *hashed_owner = NULL; ldns_status status; ldns_rr_type i_type_list[1024]; size_t type_count = 0; hashed_owner = ldns_nsec3_hash_name(cur_owner, algorithm, iterations, salt_length, salt); status = ldns_dname_cat(hashed_owner, cur_zone); if(status != LDNS_STATUS_OK) { ldns_rdf_deep_free(hashed_owner); return NULL; } nsec = ldns_rr_new_frm_type(LDNS_RR_TYPE_NSEC3); if(!nsec) { ldns_rdf_deep_free(hashed_owner); return NULL; } ldns_rr_set_type(nsec, LDNS_RR_TYPE_NSEC3); ldns_rr_set_owner(nsec, hashed_owner); ldns_nsec3_add_param_rdfs(nsec, algorithm, flags, iterations, salt_length, salt); (void) ldns_rr_set_rdf(nsec, NULL, 4); for (i = 0; i < ldns_rr_list_rr_count(rrs); i++) { i_rr = ldns_rr_list_rr(rrs, i); if (ldns_rdf_compare(cur_owner, ldns_rr_owner(i_rr)) == 0) { i_type = ldns_rr_get_type(i_rr); if (type_count == 0 || i_type_list[type_count-1] != i_type) { i_type_list[type_count] = i_type; type_count++; } } } /* add RRSIG anyway, but only if this is not an ENT or * an unsigned delegation */ if (!emptynonterminal && !rr_list_delegation_only(cur_zone, rrs)) { i_type_list[type_count] = LDNS_RR_TYPE_RRSIG; type_count++; } /* and SOA if owner == zone */ if (ldns_dname_compare(cur_zone, cur_owner) == 0) { i_type_list[type_count] = LDNS_RR_TYPE_SOA; type_count++; } ldns_rr_push_rdf(nsec, ldns_dnssec_create_nsec_bitmap(i_type_list, type_count, LDNS_RR_TYPE_NSEC3)); return nsec; } uint8_t ldns_nsec3_algorithm(const ldns_rr *nsec3_rr) { if (nsec3_rr && (ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3 || ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3PARAM) && (ldns_rr_rdf(nsec3_rr, 0) != NULL) && ldns_rdf_size(ldns_rr_rdf(nsec3_rr, 0)) > 0) { return ldns_rdf2native_int8(ldns_rr_rdf(nsec3_rr, 0)); } return 0; } uint8_t ldns_nsec3_flags(const ldns_rr *nsec3_rr) { if (nsec3_rr && (ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3 || ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3PARAM) && (ldns_rr_rdf(nsec3_rr, 1) != NULL) && ldns_rdf_size(ldns_rr_rdf(nsec3_rr, 1)) > 0) { return ldns_rdf2native_int8(ldns_rr_rdf(nsec3_rr, 1)); } return 0; } bool ldns_nsec3_optout(const ldns_rr *nsec3_rr) { return (ldns_nsec3_flags(nsec3_rr) & LDNS_NSEC3_VARS_OPTOUT_MASK); } uint16_t ldns_nsec3_iterations(const ldns_rr *nsec3_rr) { if (nsec3_rr && (ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3 || ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3PARAM) && (ldns_rr_rdf(nsec3_rr, 2) != NULL) && ldns_rdf_size(ldns_rr_rdf(nsec3_rr, 2)) > 0) { return ldns_rdf2native_int16(ldns_rr_rdf(nsec3_rr, 2)); } return 0; } ldns_rdf * ldns_nsec3_salt(const ldns_rr *nsec3_rr) { if (nsec3_rr && (ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3 || ldns_rr_get_type(nsec3_rr) == LDNS_RR_TYPE_NSEC3PARAM) ) { return ldns_rr_rdf(nsec3_rr, 3); } return NULL; } uint8_t ldns_nsec3_salt_length(const ldns_rr *nsec3_rr) { ldns_rdf *salt_rdf = ldns_nsec3_salt(nsec3_rr); if (salt_rdf && ldns_rdf_size(salt_rdf) > 0) { return (uint8_t) ldns_rdf_data(salt_rdf)[0]; } return 0; } /* allocs data, free with LDNS_FREE() */ uint8_t * ldns_nsec3_salt_data(const ldns_rr *nsec3_rr) { uint8_t salt_length; uint8_t *salt; ldns_rdf *salt_rdf = ldns_nsec3_salt(nsec3_rr); if (salt_rdf && ldns_rdf_size(salt_rdf) > 0) { salt_length = ldns_rdf_data(salt_rdf)[0]; if((size_t)salt_length+1 > ldns_rdf_size(salt_rdf)) return NULL; salt = LDNS_XMALLOC(uint8_t, salt_length); if(!salt) return NULL; memcpy(salt, &ldns_rdf_data(salt_rdf)[1], salt_length); return salt; } return NULL; } ldns_rdf * ldns_nsec3_next_owner(const ldns_rr *nsec3_rr) { if (!nsec3_rr || ldns_rr_get_type(nsec3_rr) != LDNS_RR_TYPE_NSEC3) { return NULL; } else { return ldns_rr_rdf(nsec3_rr, 4); } } ldns_rdf * ldns_nsec3_bitmap(const ldns_rr *nsec3_rr) { if (!nsec3_rr || ldns_rr_get_type(nsec3_rr) != LDNS_RR_TYPE_NSEC3) { return NULL; } else { return ldns_rr_rdf(nsec3_rr, 5); } } ldns_rdf * ldns_nsec3_hash_name_frm_nsec3(const ldns_rr *nsec, const ldns_rdf *name) { uint8_t algorithm; uint16_t iterations; uint8_t salt_length; uint8_t *salt = 0; ldns_rdf *hashed_owner; algorithm = ldns_nsec3_algorithm(nsec); salt_length = ldns_nsec3_salt_length(nsec); salt = ldns_nsec3_salt_data(nsec); iterations = ldns_nsec3_iterations(nsec); hashed_owner = ldns_nsec3_hash_name(name, algorithm, iterations, salt_length, salt); LDNS_FREE(salt); return hashed_owner; } bool ldns_nsec_bitmap_covers_type(const ldns_rdf* bitmap, ldns_rr_type type) { uint8_t* dptr; uint8_t* dend; /* From RFC3845 Section 2.1.2: * * "The RR type space is split into 256 window blocks, each re- * presenting the low-order 8 bits of the 16-bit RR type space." */ uint8_t window = type >> 8; uint8_t subtype = type & 0xff; if (! bitmap) { return false; } assert(ldns_rdf_get_type(bitmap) == LDNS_RDF_TYPE_BITMAP); dptr = ldns_rdf_data(bitmap); dend = ldns_rdf_data(bitmap) + ldns_rdf_size(bitmap); /* Type Bitmap = ( Window Block # | Bitmap Length | Bitmap ) + * dptr[0] dptr[1] dptr[2:] */ while (dptr < dend && dptr[0] <= window) { if (dptr[0] == window && subtype / 8 < dptr[1] && dptr + dptr[1] + 2 <= dend) { return dptr[2 + subtype / 8] & (0x80 >> (subtype % 8)); } dptr += dptr[1] + 2; /* next window */ } return false; } ldns_status ldns_nsec_bitmap_set_type(ldns_rdf* bitmap, ldns_rr_type type) { uint8_t* dptr; uint8_t* dend; /* From RFC3845 Section 2.1.2: * * "The RR type space is split into 256 window blocks, each re- * presenting the low-order 8 bits of the 16-bit RR type space." */ uint8_t window = type >> 8; uint8_t subtype = type & 0xff; if (! bitmap) { return false; } assert(ldns_rdf_get_type(bitmap) == LDNS_RDF_TYPE_BITMAP); dptr = ldns_rdf_data(bitmap); dend = ldns_rdf_data(bitmap) + ldns_rdf_size(bitmap); /* Type Bitmap = ( Window Block # | Bitmap Length | Bitmap ) + * dptr[0] dptr[1] dptr[2:] */ while (dptr < dend && dptr[0] <= window) { if (dptr[0] == window && subtype / 8 < dptr[1] && dptr + dptr[1] + 2 <= dend) { dptr[2 + subtype / 8] |= (0x80 >> (subtype % 8)); return LDNS_STATUS_OK; } dptr += dptr[1] + 2; /* next window */ } return LDNS_STATUS_TYPE_NOT_IN_BITMAP; } ldns_status ldns_nsec_bitmap_clear_type(ldns_rdf* bitmap, ldns_rr_type type) { uint8_t* dptr; uint8_t* dend; /* From RFC3845 Section 2.1.2: * * "The RR type space is split into 256 window blocks, each re- * presenting the low-order 8 bits of the 16-bit RR type space." */ uint8_t window = type >> 8; uint8_t subtype = type & 0xff; if (! bitmap) { return false; } assert(ldns_rdf_get_type(bitmap) == LDNS_RDF_TYPE_BITMAP); dptr = ldns_rdf_data(bitmap); dend = ldns_rdf_data(bitmap) + ldns_rdf_size(bitmap); /* Type Bitmap = ( Window Block # | Bitmap Length | Bitmap ) + * dptr[0] dptr[1] dptr[2:] */ while (dptr < dend && dptr[0] <= window) { if (dptr[0] == window && subtype / 8 < dptr[1] && dptr + dptr[1] + 2 <= dend) { dptr[2 + subtype / 8] &= ~(0x80 >> (subtype % 8)); return LDNS_STATUS_OK; } dptr += dptr[1] + 2; /* next window */ } return LDNS_STATUS_TYPE_NOT_IN_BITMAP; } bool ldns_nsec_covers_name(const ldns_rr *nsec, const ldns_rdf *name) { ldns_rdf *nsec_owner = ldns_rr_owner(nsec); ldns_rdf *hash_next; char *next_hash_str; ldns_rdf *nsec_next = NULL; ldns_status status; ldns_rdf *chopped_dname; bool result; if (ldns_rr_get_type(nsec) == LDNS_RR_TYPE_NSEC) { if (ldns_rr_rdf(nsec, 0) != NULL) { nsec_next = ldns_rdf_clone(ldns_rr_rdf(nsec, 0)); } else { return false; } } else if (ldns_rr_get_type(nsec) == LDNS_RR_TYPE_NSEC3) { hash_next = ldns_nsec3_next_owner(nsec); next_hash_str = ldns_rdf2str(hash_next); nsec_next = ldns_dname_new_frm_str(next_hash_str); LDNS_FREE(next_hash_str); chopped_dname = ldns_dname_left_chop(nsec_owner); status = ldns_dname_cat(nsec_next, chopped_dname); ldns_rdf_deep_free(chopped_dname); if (status != LDNS_STATUS_OK) { printf("error catting: %s\n", ldns_get_errorstr_by_id(status)); } } else { ldns_rdf_deep_free(nsec_next); return false; } /* in the case of the last nsec */ if(ldns_dname_compare(nsec_owner, nsec_next) > 0) { result = (ldns_dname_compare(nsec_owner, name) <= 0 || ldns_dname_compare(name, nsec_next) < 0); } else if(ldns_dname_compare(nsec_owner, nsec_next) < 0) { result = (ldns_dname_compare(nsec_owner, name) <= 0 && ldns_dname_compare(name, nsec_next) < 0); } else { result = true; } ldns_rdf_deep_free(nsec_next); return result; } #ifdef HAVE_SSL /* sig may be null - if so look in the packet */ ldns_status ldns_pkt_verify_time(const ldns_pkt *p, ldns_rr_type t, const ldns_rdf *o, const ldns_rr_list *k, const ldns_rr_list *s, time_t check_time, ldns_rr_list *good_keys) { ldns_rr_list *rrset; ldns_rr_list *sigs; ldns_rr_list *sigs_covered; ldns_rdf *rdf_t; ldns_rr_type t_netorder; ldns_status status; if (!k) { return LDNS_STATUS_ERR; /* return LDNS_STATUS_CRYPTO_NO_DNSKEY; */ } if (t == LDNS_RR_TYPE_RRSIG) { /* we don't have RRSIG(RRSIG) (yet? ;-) ) */ return LDNS_STATUS_ERR; } if (s) { /* if s is not NULL, the sigs are given to use */ sigs = (ldns_rr_list *)s; } else { /* otherwise get them from the packet */ sigs = ldns_pkt_rr_list_by_name_and_type(p, o, LDNS_RR_TYPE_RRSIG, LDNS_SECTION_ANY_NOQUESTION); if (!sigs) { /* no sigs */ return LDNS_STATUS_ERR; /* return LDNS_STATUS_CRYPTO_NO_RRSIG; */ } } /* rrsig are subtyped, so now we need to find the correct * sigs for the type t */ t_netorder = htons(t); /* rdf are in network order! */ /* a type identifier is a 16-bit number, so the size is 2 bytes */ rdf_t = ldns_rdf_new(LDNS_RDF_TYPE_TYPE, 2, &t_netorder); sigs_covered = ldns_rr_list_subtype_by_rdf(sigs, rdf_t, 0); ldns_rdf_free(rdf_t); if (! sigs_covered) { if (! s) { ldns_rr_list_deep_free(sigs); } return LDNS_STATUS_ERR; } ldns_rr_list_deep_free(sigs_covered); rrset = ldns_pkt_rr_list_by_name_and_type(p, o, t, LDNS_SECTION_ANY_NOQUESTION); if (!rrset) { if (! s) { ldns_rr_list_deep_free(sigs); } return LDNS_STATUS_ERR; } status = ldns_verify_time(rrset, sigs, k, check_time, good_keys); ldns_rr_list_deep_free(rrset); return status; } ldns_status ldns_pkt_verify(const ldns_pkt *p, ldns_rr_type t, const ldns_rdf *o, const ldns_rr_list *k, const ldns_rr_list *s, ldns_rr_list *good_keys) { return ldns_pkt_verify_time(p, t, o, k, s, ldns_time(NULL), good_keys); } #endif /* HAVE_SSL */ ldns_status ldns_dnssec_chain_nsec3_list(ldns_rr_list *nsec3_rrs) { size_t i; char *next_nsec_owner_str; ldns_rdf *next_nsec_owner_label; ldns_rdf *next_nsec_rdf; ldns_status status = LDNS_STATUS_OK; for (i = 0; i < ldns_rr_list_rr_count(nsec3_rrs); i++) { if (i == ldns_rr_list_rr_count(nsec3_rrs) - 1) { next_nsec_owner_label = ldns_dname_label(ldns_rr_owner(ldns_rr_list_rr(nsec3_rrs, 0)), 0); next_nsec_owner_str = ldns_rdf2str(next_nsec_owner_label); if (next_nsec_owner_str[strlen(next_nsec_owner_str) - 1] == '.') { next_nsec_owner_str[strlen(next_nsec_owner_str) - 1] = '\0'; } status = ldns_str2rdf_b32_ext(&next_nsec_rdf, next_nsec_owner_str); if (!ldns_rr_set_rdf(ldns_rr_list_rr(nsec3_rrs, i), next_nsec_rdf, 4)) { /* todo: error */ } ldns_rdf_deep_free(next_nsec_owner_label); LDNS_FREE(next_nsec_owner_str); } else { next_nsec_owner_label = ldns_dname_label(ldns_rr_owner(ldns_rr_list_rr(nsec3_rrs, i + 1)), 0); next_nsec_owner_str = ldns_rdf2str(next_nsec_owner_label); if (next_nsec_owner_str[strlen(next_nsec_owner_str) - 1] == '.') { next_nsec_owner_str[strlen(next_nsec_owner_str) - 1] = '\0'; } status = ldns_str2rdf_b32_ext(&next_nsec_rdf, next_nsec_owner_str); ldns_rdf_deep_free(next_nsec_owner_label); LDNS_FREE(next_nsec_owner_str); if (!ldns_rr_set_rdf(ldns_rr_list_rr(nsec3_rrs, i), next_nsec_rdf, 4)) { /* todo: error */ } } } return status; } int qsort_rr_compare_nsec3(const void *a, const void *b) { const ldns_rr *rr1 = * (const ldns_rr **) a; const ldns_rr *rr2 = * (const ldns_rr **) b; if (rr1 == NULL && rr2 == NULL) { return 0; } if (rr1 == NULL) { return -1; } if (rr2 == NULL) { return 1; } return ldns_rdf_compare(ldns_rr_owner(rr1), ldns_rr_owner(rr2)); } void ldns_rr_list_sort_nsec3(ldns_rr_list *unsorted) { qsort(unsorted->_rrs, ldns_rr_list_rr_count(unsorted), sizeof(ldns_rr *), qsort_rr_compare_nsec3); } int ldns_dnssec_default_add_to_signatures( ATTR_UNUSED(ldns_rr *sig) , ATTR_UNUSED(void *n) ) { return LDNS_SIGNATURE_LEAVE_ADD_NEW; } int ldns_dnssec_default_leave_signatures( ATTR_UNUSED(ldns_rr *sig) , ATTR_UNUSED(void *n) ) { return LDNS_SIGNATURE_LEAVE_NO_ADD; } int ldns_dnssec_default_delete_signatures( ATTR_UNUSED(ldns_rr *sig) , ATTR_UNUSED(void *n) ) { return LDNS_SIGNATURE_REMOVE_NO_ADD; } int ldns_dnssec_default_replace_signatures( ATTR_UNUSED(ldns_rr *sig) , ATTR_UNUSED(void *n) ) { return LDNS_SIGNATURE_REMOVE_ADD_NEW; } #ifdef HAVE_SSL ldns_rdf * ldns_convert_dsa_rrsig_asn12rdf(const ldns_buffer *sig, const long sig_len) { #ifdef USE_DSA ldns_rdf *sigdata_rdf; DSA_SIG *dsasig; const BIGNUM *R, *S; unsigned char *dsasig_data = (unsigned char*)ldns_buffer_begin(sig); size_t byte_offset; dsasig = d2i_DSA_SIG(NULL, (const unsigned char **)&dsasig_data, sig_len); if (!dsasig) { DSA_SIG_free(dsasig); return NULL; } dsasig_data = LDNS_XMALLOC(unsigned char, 41); if(!dsasig_data) { DSA_SIG_free(dsasig); return NULL; } dsasig_data[0] = 0; # ifdef HAVE_DSA_SIG_GET0 DSA_SIG_get0(dsasig, &R, &S); # else R = dsasig->r; S = dsasig->s; # endif byte_offset = (size_t) (20 - BN_num_bytes(R)); if (byte_offset > 20) { DSA_SIG_free(dsasig); LDNS_FREE(dsasig_data); return NULL; } memset(&dsasig_data[1], 0, byte_offset); BN_bn2bin(R, &dsasig_data[1 + byte_offset]); byte_offset = (size_t) (20 - BN_num_bytes(S)); if (byte_offset > 20) { DSA_SIG_free(dsasig); LDNS_FREE(dsasig_data); return NULL; } memset(&dsasig_data[21], 0, byte_offset); BN_bn2bin(S, &dsasig_data[21 + byte_offset]); sigdata_rdf = ldns_rdf_new(LDNS_RDF_TYPE_B64, 41, dsasig_data); if(!sigdata_rdf) { LDNS_FREE(dsasig_data); } DSA_SIG_free(dsasig); return sigdata_rdf; #else (void)sig; (void)sig_len; return NULL; #endif } ldns_status ldns_convert_dsa_rrsig_rdf2asn1(ldns_buffer *target_buffer, const ldns_rdf *sig_rdf) { #ifdef USE_DSA /* the EVP api wants the DER encoding of the signature... */ BIGNUM *R, *S; DSA_SIG *dsasig; unsigned char *raw_sig = NULL; int raw_sig_len; if(ldns_rdf_size(sig_rdf) < 1 + 2*SHA_DIGEST_LENGTH) return LDNS_STATUS_SYNTAX_RDATA_ERR; /* extract the R and S field from the sig buffer */ R = BN_new(); if(!R) return LDNS_STATUS_MEM_ERR; (void) BN_bin2bn((unsigned char *) ldns_rdf_data(sig_rdf) + 1, SHA_DIGEST_LENGTH, R); S = BN_new(); if(!S) { BN_free(R); return LDNS_STATUS_MEM_ERR; } (void) BN_bin2bn((unsigned char *) ldns_rdf_data(sig_rdf) + 21, SHA_DIGEST_LENGTH, S); dsasig = DSA_SIG_new(); if (!dsasig) { BN_free(R); BN_free(S); return LDNS_STATUS_MEM_ERR; } # ifdef HAVE_DSA_SIG_SET0 if (! DSA_SIG_set0(dsasig, R, S)) { DSA_SIG_free(dsasig); return LDNS_STATUS_SSL_ERR; } # else dsasig->r = R; dsasig->s = S; # endif raw_sig_len = i2d_DSA_SIG(dsasig, &raw_sig); if (raw_sig_len < 0) { DSA_SIG_free(dsasig); free(raw_sig); return LDNS_STATUS_SSL_ERR; } if (ldns_buffer_reserve(target_buffer, (size_t) raw_sig_len)) { ldns_buffer_write(target_buffer, raw_sig, (size_t)raw_sig_len); } DSA_SIG_free(dsasig); free(raw_sig); return ldns_buffer_status(target_buffer); #else (void)target_buffer; (void)sig_rdf; return LDNS_STATUS_CRYPTO_ALGO_NOT_IMPL; #endif } #ifdef USE_ECDSA #ifndef S_SPLINT_S ldns_rdf * ldns_convert_ecdsa_rrsig_asn1len2rdf(const ldns_buffer *sig, const long sig_len, int num_bytes) { ECDSA_SIG* ecdsa_sig; const BIGNUM *r, *s; unsigned char *data = (unsigned char*)ldns_buffer_begin(sig); ldns_rdf* rdf; ecdsa_sig = d2i_ECDSA_SIG(NULL, (const unsigned char **)&data, sig_len); if(!ecdsa_sig) return NULL; #ifdef HAVE_ECDSA_SIG_GET0 ECDSA_SIG_get0(ecdsa_sig, &r, &s); #else r = ecdsa_sig->r; s = ecdsa_sig->s; #endif /* "r | s". */ if(BN_num_bytes(r) > num_bytes || BN_num_bytes(s) > num_bytes) { ECDSA_SIG_free(ecdsa_sig); return NULL; /* numbers too big for passed curve size */ } data = LDNS_XMALLOC(unsigned char, num_bytes*2); if(!data) { ECDSA_SIG_free(ecdsa_sig); return NULL; } /* write the bignums (in big-endian) a little offset if the BN code * wants to write a shorter number of bytes, with zeroes prefixed */ memset(data, 0, num_bytes*2); BN_bn2bin(r, data+num_bytes-BN_num_bytes(r)); BN_bn2bin(s, data+num_bytes*2-BN_num_bytes(s)); rdf = ldns_rdf_new(LDNS_RDF_TYPE_B64, (size_t)(num_bytes*2), data); ECDSA_SIG_free(ecdsa_sig); return rdf; } ldns_status ldns_convert_ecdsa_rrsig_rdf2asn1(ldns_buffer *target_buffer, const ldns_rdf *sig_rdf) { /* convert from two BIGNUMs in the rdata buffer, to ASN notation. * ASN preamble: 30440220 0220 * the '20' is the length of that field (=bnsize). * the '44' is the total remaining length. * if negative, start with leading zero. * if starts with 00s, remove them from the number. */ uint8_t pre[] = {0x30, 0x44, 0x02, 0x20}; int pre_len = 4; uint8_t mid[] = {0x02, 0x20}; int mid_len = 2; int raw_sig_len, r_high, s_high, r_rem=0, s_rem=0; long bnsize = (long)ldns_rdf_size(sig_rdf) / 2; uint8_t* d = ldns_rdf_data(sig_rdf); /* if too short, or not even length, do not bother */ if(bnsize < 16 || (size_t)bnsize*2 != ldns_rdf_size(sig_rdf)) return LDNS_STATUS_ERR; /* strip leading zeroes from r (but not last one) */ while(r_rem < bnsize-1 && d[r_rem] == 0) r_rem++; /* strip leading zeroes from s (but not last one) */ while(s_rem < bnsize-1 && d[bnsize+s_rem] == 0) s_rem++; r_high = ((d[0+r_rem]&0x80)?1:0); s_high = ((d[bnsize+s_rem]&0x80)?1:0); raw_sig_len = pre_len + r_high + bnsize - r_rem + mid_len + s_high + bnsize - s_rem; if(ldns_buffer_reserve(target_buffer, (size_t) raw_sig_len)) { ldns_buffer_write_u8(target_buffer, pre[0]); ldns_buffer_write_u8(target_buffer, raw_sig_len-2); ldns_buffer_write_u8(target_buffer, pre[2]); ldns_buffer_write_u8(target_buffer, bnsize + r_high - r_rem); if(r_high) ldns_buffer_write_u8(target_buffer, 0); ldns_buffer_write(target_buffer, d+r_rem, bnsize-r_rem); ldns_buffer_write(target_buffer, mid, mid_len-1); ldns_buffer_write_u8(target_buffer, bnsize + s_high - s_rem); if(s_high) ldns_buffer_write_u8(target_buffer, 0); ldns_buffer_write(target_buffer, d+bnsize+s_rem, bnsize-s_rem); } return ldns_buffer_status(target_buffer); } #endif /* S_SPLINT_S */ #endif /* USE_ECDSA */ #endif /* HAVE_SSL */ ldns-1.9.0/m4/0000775000175000017500000000000015114326264012353 5ustar willemwillemldns-1.9.0/m4/ltsugar.m40000644000175000017500000001045315114326264014277 0ustar willemwillem# ltsugar.m4 -- libtool m4 base layer. -*-Autoconf-*- # # Copyright (C) 2004-2005, 2007-2008, 2011-2019, 2021-2022 Free Software # Foundation, Inc. # Written by Gary V. Vaughan, 2004 # # This file is free software; the Free Software Foundation gives # unlimited permission to copy and/or distribute it, with or without # modifications, as long as this notice is preserved. # serial 6 ltsugar.m4 # This is to help aclocal find these macros, as it can't see m4_define. AC_DEFUN([LTSUGAR_VERSION], [m4_if([0.1])]) # lt_join(SEP, ARG1, [ARG2...]) # ----------------------------- # Produce ARG1SEPARG2...SEPARGn, omitting [] arguments and their # associated separator. # Needed until we can rely on m4_join from Autoconf 2.62, since all earlier # versions in m4sugar had bugs. m4_define([lt_join], [m4_if([$#], [1], [], [$#], [2], [[$2]], [m4_if([$2], [], [], [[$2]_])$0([$1], m4_shift(m4_shift($@)))])]) m4_define([_lt_join], [m4_if([$#$2], [2], [], [m4_if([$2], [], [], [[$1$2]])$0([$1], m4_shift(m4_shift($@)))])]) # lt_car(LIST) # lt_cdr(LIST) # ------------ # Manipulate m4 lists. # These macros are necessary as long as will still need to support # Autoconf-2.59, which quotes differently. m4_define([lt_car], [[$1]]) m4_define([lt_cdr], [m4_if([$#], 0, [m4_fatal([$0: cannot be called without arguments])], [$#], 1, [], [m4_dquote(m4_shift($@))])]) m4_define([lt_unquote], $1) # lt_append(MACRO-NAME, STRING, [SEPARATOR]) # ------------------------------------------ # Redefine MACRO-NAME to hold its former content plus 'SEPARATOR''STRING'. # Note that neither SEPARATOR nor STRING are expanded; they are appended # to MACRO-NAME as is (leaving the expansion for when MACRO-NAME is invoked). # No SEPARATOR is output if MACRO-NAME was previously undefined (different # than defined and empty). # # This macro is needed until we can rely on Autoconf 2.62, since earlier # versions of m4sugar mistakenly expanded SEPARATOR but not STRING. m4_define([lt_append], [m4_define([$1], m4_ifdef([$1], [m4_defn([$1])[$3]])[$2])]) # lt_combine(SEP, PREFIX-LIST, INFIX, SUFFIX1, [SUFFIX2...]) # ---------------------------------------------------------- # Produce a SEP delimited list of all paired combinations of elements of # PREFIX-LIST with SUFFIX1 through SUFFIXn. Each element of the list # has the form PREFIXmINFIXSUFFIXn. # Needed until we can rely on m4_combine added in Autoconf 2.62. m4_define([lt_combine], [m4_if(m4_eval([$# > 3]), [1], [m4_pushdef([_Lt_sep], [m4_define([_Lt_sep], m4_defn([lt_car]))])]]dnl [[m4_foreach([_Lt_prefix], [$2], [m4_foreach([_Lt_suffix], ]m4_dquote(m4_dquote(m4_shift(m4_shift(m4_shift($@)))))[, [_Lt_sep([$1])[]m4_defn([_Lt_prefix])[$3]m4_defn([_Lt_suffix])])])])]) # lt_if_append_uniq(MACRO-NAME, VARNAME, [SEPARATOR], [UNIQ], [NOT-UNIQ]) # ----------------------------------------------------------------------- # Iff MACRO-NAME does not yet contain VARNAME, then append it (delimited # by SEPARATOR if supplied) and expand UNIQ, else NOT-UNIQ. m4_define([lt_if_append_uniq], [m4_ifdef([$1], [m4_if(m4_index([$3]m4_defn([$1])[$3], [$3$2$3]), [-1], [lt_append([$1], [$2], [$3])$4], [$5])], [lt_append([$1], [$2], [$3])$4])]) # lt_dict_add(DICT, KEY, VALUE) # ----------------------------- m4_define([lt_dict_add], [m4_define([$1($2)], [$3])]) # lt_dict_add_subkey(DICT, KEY, SUBKEY, VALUE) # -------------------------------------------- m4_define([lt_dict_add_subkey], [m4_define([$1($2:$3)], [$4])]) # lt_dict_fetch(DICT, KEY, [SUBKEY]) # ---------------------------------- m4_define([lt_dict_fetch], [m4_ifval([$3], m4_ifdef([$1($2:$3)], [m4_defn([$1($2:$3)])]), m4_ifdef([$1($2)], [m4_defn([$1($2)])]))]) # lt_if_dict_fetch(DICT, KEY, [SUBKEY], VALUE, IF-TRUE, [IF-FALSE]) # ----------------------------------------------------------------- m4_define([lt_if_dict_fetch], [m4_if(lt_dict_fetch([$1], [$2], [$3]), [$4], [$5], [$6])]) # lt_dict_filter(DICT, [SUBKEY], VALUE, [SEPARATOR], KEY, [...]) # -------------------------------------------------------------- m4_define([lt_dict_filter], [m4_if([$5], [], [], [lt_join(m4_quote(m4_default([$4], [[, ]])), lt_unquote(m4_split(m4_normalize(m4_foreach(_Lt_key, lt_car([m4_shiftn(4, $@)]), [lt_if_dict_fetch([$1], _Lt_key, [$2], [$3], [_Lt_key ])])))))])[]dnl ]) ldns-1.9.0/m4/ltversion.m40000644000175000017500000000131215114326264014635 0ustar willemwillem# ltversion.m4 -- version numbers -*- Autoconf -*- # # Copyright (C) 2004, 2011-2019, 2021-2022 Free Software Foundation, # Inc. # Written by Scott James Remnant, 2004 # # This file is free software; the Free Software Foundation gives # unlimited permission to copy and/or distribute it, with or without # modifications, as long as this notice is preserved. # @configure_input@ # serial 4245 ltversion.m4 # This file is part of GNU Libtool m4_define([LT_PACKAGE_VERSION], [2.4.7]) m4_define([LT_PACKAGE_REVISION], [2.4.7]) AC_DEFUN([LTVERSION_VERSION], [macro_version='2.4.7' macro_revision='2.4.7' _LT_DECL(, macro_version, 0, [Which release of libtool.m4 was used?]) _LT_DECL(, macro_revision, 0) ]) ldns-1.9.0/m4/ltoptions.m40000644000175000017500000003427515114326264014661 0ustar willemwillem# Helper functions for option handling. -*- Autoconf -*- # # Copyright (C) 2004-2005, 2007-2009, 2011-2019, 2021-2022 Free # Software Foundation, Inc. # Written by Gary V. Vaughan, 2004 # # This file is free software; the Free Software Foundation gives # unlimited permission to copy and/or distribute it, with or without # modifications, as long as this notice is preserved. # serial 8 ltoptions.m4 # This is to help aclocal find these macros, as it can't see m4_define. AC_DEFUN([LTOPTIONS_VERSION], [m4_if([1])]) # _LT_MANGLE_OPTION(MACRO-NAME, OPTION-NAME) # ------------------------------------------ m4_define([_LT_MANGLE_OPTION], [[_LT_OPTION_]m4_bpatsubst($1__$2, [[^a-zA-Z0-9_]], [_])]) # _LT_SET_OPTION(MACRO-NAME, OPTION-NAME) # --------------------------------------- # Set option OPTION-NAME for macro MACRO-NAME, and if there is a # matching handler defined, dispatch to it. Other OPTION-NAMEs are # saved as a flag. m4_define([_LT_SET_OPTION], [m4_define(_LT_MANGLE_OPTION([$1], [$2]))dnl m4_ifdef(_LT_MANGLE_DEFUN([$1], [$2]), _LT_MANGLE_DEFUN([$1], [$2]), [m4_warning([Unknown $1 option '$2'])])[]dnl ]) # _LT_IF_OPTION(MACRO-NAME, OPTION-NAME, IF-SET, [IF-NOT-SET]) # ------------------------------------------------------------ # Execute IF-SET if OPTION is set, IF-NOT-SET otherwise. m4_define([_LT_IF_OPTION], [m4_ifdef(_LT_MANGLE_OPTION([$1], [$2]), [$3], [$4])]) # _LT_UNLESS_OPTIONS(MACRO-NAME, OPTION-LIST, IF-NOT-SET) # ------------------------------------------------------- # Execute IF-NOT-SET unless all options in OPTION-LIST for MACRO-NAME # are set. m4_define([_LT_UNLESS_OPTIONS], [m4_foreach([_LT_Option], m4_split(m4_normalize([$2])), [m4_ifdef(_LT_MANGLE_OPTION([$1], _LT_Option), [m4_define([$0_found])])])[]dnl m4_ifdef([$0_found], [m4_undefine([$0_found])], [$3 ])[]dnl ]) # _LT_SET_OPTIONS(MACRO-NAME, OPTION-LIST) # ---------------------------------------- # OPTION-LIST is a space-separated list of Libtool options associated # with MACRO-NAME. If any OPTION has a matching handler declared with # LT_OPTION_DEFINE, dispatch to that macro; otherwise complain about # the unknown option and exit. m4_defun([_LT_SET_OPTIONS], [# Set options m4_foreach([_LT_Option], m4_split(m4_normalize([$2])), [_LT_SET_OPTION([$1], _LT_Option)]) m4_if([$1],[LT_INIT],[ dnl dnl Simply set some default values (i.e off) if boolean options were not dnl specified: _LT_UNLESS_OPTIONS([LT_INIT], [dlopen], [enable_dlopen=no ]) _LT_UNLESS_OPTIONS([LT_INIT], [win32-dll], [enable_win32_dll=no ]) dnl dnl If no reference was made to various pairs of opposing options, then dnl we run the default mode handler for the pair. For example, if neither dnl 'shared' nor 'disable-shared' was passed, we enable building of shared dnl archives by default: _LT_UNLESS_OPTIONS([LT_INIT], [shared disable-shared], [_LT_ENABLE_SHARED]) _LT_UNLESS_OPTIONS([LT_INIT], [static disable-static], [_LT_ENABLE_STATIC]) _LT_UNLESS_OPTIONS([LT_INIT], [pic-only no-pic], [_LT_WITH_PIC]) _LT_UNLESS_OPTIONS([LT_INIT], [fast-install disable-fast-install], [_LT_ENABLE_FAST_INSTALL]) _LT_UNLESS_OPTIONS([LT_INIT], [aix-soname=aix aix-soname=both aix-soname=svr4], [_LT_WITH_AIX_SONAME([aix])]) ]) ])# _LT_SET_OPTIONS ## --------------------------------- ## ## Macros to handle LT_INIT options. ## ## --------------------------------- ## # _LT_MANGLE_DEFUN(MACRO-NAME, OPTION-NAME) # ----------------------------------------- m4_define([_LT_MANGLE_DEFUN], [[_LT_OPTION_DEFUN_]m4_bpatsubst(m4_toupper([$1__$2]), [[^A-Z0-9_]], [_])]) # LT_OPTION_DEFINE(MACRO-NAME, OPTION-NAME, CODE) # ----------------------------------------------- m4_define([LT_OPTION_DEFINE], [m4_define(_LT_MANGLE_DEFUN([$1], [$2]), [$3])[]dnl ])# LT_OPTION_DEFINE # dlopen # ------ LT_OPTION_DEFINE([LT_INIT], [dlopen], [enable_dlopen=yes ]) AU_DEFUN([AC_LIBTOOL_DLOPEN], [_LT_SET_OPTION([LT_INIT], [dlopen]) AC_DIAGNOSE([obsolete], [$0: Remove this warning and the call to _LT_SET_OPTION when you put the 'dlopen' option into LT_INIT's first parameter.]) ]) dnl aclocal-1.4 backwards compatibility: dnl AC_DEFUN([AC_LIBTOOL_DLOPEN], []) # win32-dll # --------- # Declare package support for building win32 dll's. LT_OPTION_DEFINE([LT_INIT], [win32-dll], [enable_win32_dll=yes case $host in *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-cegcc*) AC_CHECK_TOOL(AS, as, false) AC_CHECK_TOOL(DLLTOOL, dlltool, false) AC_CHECK_TOOL(OBJDUMP, objdump, false) ;; esac test -z "$AS" && AS=as _LT_DECL([], [AS], [1], [Assembler program])dnl test -z "$DLLTOOL" && DLLTOOL=dlltool _LT_DECL([], [DLLTOOL], [1], [DLL creation program])dnl test -z "$OBJDUMP" && OBJDUMP=objdump _LT_DECL([], [OBJDUMP], [1], [Object dumper program])dnl ])# win32-dll AU_DEFUN([AC_LIBTOOL_WIN32_DLL], [AC_REQUIRE([AC_CANONICAL_HOST])dnl _LT_SET_OPTION([LT_INIT], [win32-dll]) AC_DIAGNOSE([obsolete], [$0: Remove this warning and the call to _LT_SET_OPTION when you put the 'win32-dll' option into LT_INIT's first parameter.]) ]) dnl aclocal-1.4 backwards compatibility: dnl AC_DEFUN([AC_LIBTOOL_WIN32_DLL], []) # _LT_ENABLE_SHARED([DEFAULT]) # ---------------------------- # implement the --enable-shared flag, and supports the 'shared' and # 'disable-shared' LT_INIT options. # DEFAULT is either 'yes' or 'no'. If omitted, it defaults to 'yes'. m4_define([_LT_ENABLE_SHARED], [m4_define([_LT_ENABLE_SHARED_DEFAULT], [m4_if($1, no, no, yes)])dnl AC_ARG_ENABLE([shared], [AS_HELP_STRING([--enable-shared@<:@=PKGS@:>@], [build shared libraries @<:@default=]_LT_ENABLE_SHARED_DEFAULT[@:>@])], [p=${PACKAGE-default} case $enableval in yes) enable_shared=yes ;; no) enable_shared=no ;; *) enable_shared=no # Look at the argument we got. We use all the common list separators. lt_save_ifs=$IFS; IFS=$IFS$PATH_SEPARATOR, for pkg in $enableval; do IFS=$lt_save_ifs if test "X$pkg" = "X$p"; then enable_shared=yes fi done IFS=$lt_save_ifs ;; esac], [enable_shared=]_LT_ENABLE_SHARED_DEFAULT) _LT_DECL([build_libtool_libs], [enable_shared], [0], [Whether or not to build shared libraries]) ])# _LT_ENABLE_SHARED LT_OPTION_DEFINE([LT_INIT], [shared], [_LT_ENABLE_SHARED([yes])]) LT_OPTION_DEFINE([LT_INIT], [disable-shared], [_LT_ENABLE_SHARED([no])]) # Old names: AC_DEFUN([AC_ENABLE_SHARED], [_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[shared]) ]) AC_DEFUN([AC_DISABLE_SHARED], [_LT_SET_OPTION([LT_INIT], [disable-shared]) ]) AU_DEFUN([AM_ENABLE_SHARED], [AC_ENABLE_SHARED($@)]) AU_DEFUN([AM_DISABLE_SHARED], [AC_DISABLE_SHARED($@)]) dnl aclocal-1.4 backwards compatibility: dnl AC_DEFUN([AM_ENABLE_SHARED], []) dnl AC_DEFUN([AM_DISABLE_SHARED], []) # _LT_ENABLE_STATIC([DEFAULT]) # ---------------------------- # implement the --enable-static flag, and support the 'static' and # 'disable-static' LT_INIT options. # DEFAULT is either 'yes' or 'no'. If omitted, it defaults to 'yes'. m4_define([_LT_ENABLE_STATIC], [m4_define([_LT_ENABLE_STATIC_DEFAULT], [m4_if($1, no, no, yes)])dnl AC_ARG_ENABLE([static], [AS_HELP_STRING([--enable-static@<:@=PKGS@:>@], [build static libraries @<:@default=]_LT_ENABLE_STATIC_DEFAULT[@:>@])], [p=${PACKAGE-default} case $enableval in yes) enable_static=yes ;; no) enable_static=no ;; *) enable_static=no # Look at the argument we got. We use all the common list separators. lt_save_ifs=$IFS; IFS=$IFS$PATH_SEPARATOR, for pkg in $enableval; do IFS=$lt_save_ifs if test "X$pkg" = "X$p"; then enable_static=yes fi done IFS=$lt_save_ifs ;; esac], [enable_static=]_LT_ENABLE_STATIC_DEFAULT) _LT_DECL([build_old_libs], [enable_static], [0], [Whether or not to build static libraries]) ])# _LT_ENABLE_STATIC LT_OPTION_DEFINE([LT_INIT], [static], [_LT_ENABLE_STATIC([yes])]) LT_OPTION_DEFINE([LT_INIT], [disable-static], [_LT_ENABLE_STATIC([no])]) # Old names: AC_DEFUN([AC_ENABLE_STATIC], [_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[static]) ]) AC_DEFUN([AC_DISABLE_STATIC], [_LT_SET_OPTION([LT_INIT], [disable-static]) ]) AU_DEFUN([AM_ENABLE_STATIC], [AC_ENABLE_STATIC($@)]) AU_DEFUN([AM_DISABLE_STATIC], [AC_DISABLE_STATIC($@)]) dnl aclocal-1.4 backwards compatibility: dnl AC_DEFUN([AM_ENABLE_STATIC], []) dnl AC_DEFUN([AM_DISABLE_STATIC], []) # _LT_ENABLE_FAST_INSTALL([DEFAULT]) # ---------------------------------- # implement the --enable-fast-install flag, and support the 'fast-install' # and 'disable-fast-install' LT_INIT options. # DEFAULT is either 'yes' or 'no'. If omitted, it defaults to 'yes'. m4_define([_LT_ENABLE_FAST_INSTALL], [m4_define([_LT_ENABLE_FAST_INSTALL_DEFAULT], [m4_if($1, no, no, yes)])dnl AC_ARG_ENABLE([fast-install], [AS_HELP_STRING([--enable-fast-install@<:@=PKGS@:>@], [optimize for fast installation @<:@default=]_LT_ENABLE_FAST_INSTALL_DEFAULT[@:>@])], [p=${PACKAGE-default} case $enableval in yes) enable_fast_install=yes ;; no) enable_fast_install=no ;; *) enable_fast_install=no # Look at the argument we got. We use all the common list separators. lt_save_ifs=$IFS; IFS=$IFS$PATH_SEPARATOR, for pkg in $enableval; do IFS=$lt_save_ifs if test "X$pkg" = "X$p"; then enable_fast_install=yes fi done IFS=$lt_save_ifs ;; esac], [enable_fast_install=]_LT_ENABLE_FAST_INSTALL_DEFAULT) _LT_DECL([fast_install], [enable_fast_install], [0], [Whether or not to optimize for fast installation])dnl ])# _LT_ENABLE_FAST_INSTALL LT_OPTION_DEFINE([LT_INIT], [fast-install], [_LT_ENABLE_FAST_INSTALL([yes])]) LT_OPTION_DEFINE([LT_INIT], [disable-fast-install], [_LT_ENABLE_FAST_INSTALL([no])]) # Old names: AU_DEFUN([AC_ENABLE_FAST_INSTALL], [_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[fast-install]) AC_DIAGNOSE([obsolete], [$0: Remove this warning and the call to _LT_SET_OPTION when you put the 'fast-install' option into LT_INIT's first parameter.]) ]) AU_DEFUN([AC_DISABLE_FAST_INSTALL], [_LT_SET_OPTION([LT_INIT], [disable-fast-install]) AC_DIAGNOSE([obsolete], [$0: Remove this warning and the call to _LT_SET_OPTION when you put the 'disable-fast-install' option into LT_INIT's first parameter.]) ]) dnl aclocal-1.4 backwards compatibility: dnl AC_DEFUN([AC_ENABLE_FAST_INSTALL], []) dnl AC_DEFUN([AM_DISABLE_FAST_INSTALL], []) # _LT_WITH_AIX_SONAME([DEFAULT]) # ---------------------------------- # implement the --with-aix-soname flag, and support the `aix-soname=aix' # and `aix-soname=both' and `aix-soname=svr4' LT_INIT options. DEFAULT # is either `aix', `both' or `svr4'. If omitted, it defaults to `aix'. m4_define([_LT_WITH_AIX_SONAME], [m4_define([_LT_WITH_AIX_SONAME_DEFAULT], [m4_if($1, svr4, svr4, m4_if($1, both, both, aix))])dnl shared_archive_member_spec= case $host,$enable_shared in power*-*-aix[[5-9]]*,yes) AC_MSG_CHECKING([which variant of shared library versioning to provide]) AC_ARG_WITH([aix-soname], [AS_HELP_STRING([--with-aix-soname=aix|svr4|both], [shared library versioning (aka "SONAME") variant to provide on AIX, @<:@default=]_LT_WITH_AIX_SONAME_DEFAULT[@:>@.])], [case $withval in aix|svr4|both) ;; *) AC_MSG_ERROR([Unknown argument to --with-aix-soname]) ;; esac lt_cv_with_aix_soname=$with_aix_soname], [AC_CACHE_VAL([lt_cv_with_aix_soname], [lt_cv_with_aix_soname=]_LT_WITH_AIX_SONAME_DEFAULT) with_aix_soname=$lt_cv_with_aix_soname]) AC_MSG_RESULT([$with_aix_soname]) if test aix != "$with_aix_soname"; then # For the AIX way of multilib, we name the shared archive member # based on the bitwidth used, traditionally 'shr.o' or 'shr_64.o', # and 'shr.imp' or 'shr_64.imp', respectively, for the Import File. # Even when GNU compilers ignore OBJECT_MODE but need '-maix64' flag, # the AIX toolchain works better with OBJECT_MODE set (default 32). if test 64 = "${OBJECT_MODE-32}"; then shared_archive_member_spec=shr_64 else shared_archive_member_spec=shr fi fi ;; *) with_aix_soname=aix ;; esac _LT_DECL([], [shared_archive_member_spec], [0], [Shared archive member basename, for filename based shared library versioning on AIX])dnl ])# _LT_WITH_AIX_SONAME LT_OPTION_DEFINE([LT_INIT], [aix-soname=aix], [_LT_WITH_AIX_SONAME([aix])]) LT_OPTION_DEFINE([LT_INIT], [aix-soname=both], [_LT_WITH_AIX_SONAME([both])]) LT_OPTION_DEFINE([LT_INIT], [aix-soname=svr4], [_LT_WITH_AIX_SONAME([svr4])]) # _LT_WITH_PIC([MODE]) # -------------------- # implement the --with-pic flag, and support the 'pic-only' and 'no-pic' # LT_INIT options. # MODE is either 'yes' or 'no'. If omitted, it defaults to 'both'. m4_define([_LT_WITH_PIC], [AC_ARG_WITH([pic], [AS_HELP_STRING([--with-pic@<:@=PKGS@:>@], [try to use only PIC/non-PIC objects @<:@default=use both@:>@])], [lt_p=${PACKAGE-default} case $withval in yes|no) pic_mode=$withval ;; *) pic_mode=default # Look at the argument we got. We use all the common list separators. lt_save_ifs=$IFS; IFS=$IFS$PATH_SEPARATOR, for lt_pkg in $withval; do IFS=$lt_save_ifs if test "X$lt_pkg" = "X$lt_p"; then pic_mode=yes fi done IFS=$lt_save_ifs ;; esac], [pic_mode=m4_default([$1], [default])]) _LT_DECL([], [pic_mode], [0], [What type of objects to build])dnl ])# _LT_WITH_PIC LT_OPTION_DEFINE([LT_INIT], [pic-only], [_LT_WITH_PIC([yes])]) LT_OPTION_DEFINE([LT_INIT], [no-pic], [_LT_WITH_PIC([no])]) # Old name: AU_DEFUN([AC_LIBTOOL_PICMODE], [_LT_SET_OPTION([LT_INIT], [pic-only]) AC_DIAGNOSE([obsolete], [$0: Remove this warning and the call to _LT_SET_OPTION when you put the 'pic-only' option into LT_INIT's first parameter.]) ]) dnl aclocal-1.4 backwards compatibility: dnl AC_DEFUN([AC_LIBTOOL_PICMODE], []) ## ----------------- ## ## LTDL_INIT Options ## ## ----------------- ## m4_define([_LTDL_MODE], []) LT_OPTION_DEFINE([LTDL_INIT], [nonrecursive], [m4_define([_LTDL_MODE], [nonrecursive])]) LT_OPTION_DEFINE([LTDL_INIT], [recursive], [m4_define([_LTDL_MODE], [recursive])]) LT_OPTION_DEFINE([LTDL_INIT], [subproject], [m4_define([_LTDL_MODE], [subproject])]) m4_define([_LTDL_TYPE], []) LT_OPTION_DEFINE([LTDL_INIT], [installable], [m4_define([_LTDL_TYPE], [installable])]) LT_OPTION_DEFINE([LTDL_INIT], [convenience], [m4_define([_LTDL_TYPE], [convenience])]) ldns-1.9.0/m4/ax_have_poll.m40000664000175000017500000000437215114326257015266 0ustar willemwillem# =========================================================================== # https://www.gnu.org/software/autoconf-archive/ax_have_poll.html # =========================================================================== # # SYNOPSIS # # AX_HAVE_POLL([ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND]) # AX_HAVE_PPOLL([ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND]) # # DESCRIPTION # # This macro determines whether the system supports the poll I/O event # interface. A neat usage example would be: # # AX_HAVE_POLL( # [AX_CONFIG_FEATURE_ENABLE(poll)], # [AX_CONFIG_FEATURE_DISABLE(poll)]) # AX_CONFIG_FEATURE( # [poll], [This platform supports poll(7)], # [HAVE_POLL], [This platform supports poll(7).]) # # Some systems -- most notably Linux kernel 2.6.16 and later -- also have # the variant ppoll(). The availability of that function can be tested # with the second macro. Generally speaking, it is safe to assume that # AX_HAVE_POLL would succeed if AX_HAVE_PPOLL has, but not the other way # round. # # LICENSE # # Copyright (c) 2009 Peter Simons # # Copying and distribution of this file, with or without modification, are # permitted in any medium without royalty provided the copyright notice # and this notice are preserved. This file is offered as-is, without any # warranty. #serial 8 AC_DEFUN([AX_HAVE_POLL], [dnl AC_MSG_CHECKING([for poll(2)]) AC_CACHE_VAL([ax_cv_have_poll], [dnl AC_LINK_IFELSE([dnl AC_LANG_PROGRAM( [#include ], [int rc; rc = poll((struct pollfd *)(0), 0, 0);])], [ax_cv_have_poll=yes], [ax_cv_have_poll=no])]) AS_IF([test "${ax_cv_have_poll}" = "yes"], [AC_MSG_RESULT([yes]) $1],[AC_MSG_RESULT([no]) $2]) ])dnl AC_DEFUN([AX_HAVE_PPOLL], [dnl AC_MSG_CHECKING([for ppoll(2)]) AC_CACHE_VAL([ax_cv_have_ppoll], [dnl AC_LINK_IFELSE([dnl AC_LANG_PROGRAM( [dnl #include #include ], [dnl int rc; rc = poll((struct pollfd *)(0), 0, 0); rc = ppoll((struct pollfd *)(0), 0, (struct timespec const *)(0), (sigset_t const *)(0));])], [ax_cv_have_ppoll=yes], [ax_cv_have_ppoll=no])]) AS_IF([test "${ax_cv_have_ppoll}" = "yes"], [AC_MSG_RESULT([yes]) $1],[AC_MSG_RESULT([no]) $2]) ]) ldns-1.9.0/m4/ax_config_feature.m40000664000175000017500000001237315114326257016275 0ustar willemwillem# =========================================================================== # https://www.gnu.org/software/autoconf-archive/ax_config_feature.html # =========================================================================== # # SYNOPSIS # # AX_CONFIG_FEATURE(FEATURE-NAME, FEATURE-DESCRIPTION, DEFINE, DEFINE-DESCRIPTION, [ACTION-IF-ENABLED [, ACTION-IF-NOT-ENABLED]]) # # DESCRIPTION # # AX_CONFIG_FEATURE is a simple wrapper for AC_ARG_ENABLE, it enables the # feature FEATURE-NAME and AC_DEFINEs the passed DEFINE, depending on the # user choice. DESCRIPTION will be used for AC_DEFINEs. ACTION-IF-ENABLED # and ACTION-IF-NOT-ENABLED are the actions that will be run. A feature is # enabled by default, in order to change this behaviour use the # AX_CONFIG_FEATURE_DEFAULT_ENABLED and AX_CONFIG_FEATURE_DEFAULT_DISABLED # macros. # # A simple example: # # AX_CONFIG_FEATURE_DEFAULT_ENABLED # AX_CONFIG_FEATURE(feature_xxxxx, [turns on/off XXXXX support], # HAVE_XXXXX, [Define if you want XXXXX support]) # # ... # # AX_CONFIG_FEATURE_DEFAULT_DISABLED # AX_CONFIG_FEATURE(feature_yyyyy, [turns on/off YYYYY support], # HAVE_YYYYY, [Define if you want YYYYY support], # [enable_yyyyy="yes"], [enable_yyyyy="no"]) # AM_CONDITIONAL(YYYYY, [test "$enable_yyyyy" = "yes"]) # # AX_CONFIG_FEATURE_DEFAULT_ENABLED # AX_CONFIG_FEATURE(...) # # ... # # If you have lot of features and you want a verbose dumping of each user # selection use AX_CONFIG_FEATURE_VERBOSE. Use AX_CONFIG_FEATURE_SILENT in # order to remove a previously AX_CONFIG_FEATURE_VERBOSE. By default # features are silent. # # Use AX_CONFIG_FEATURE_ENABLE or AX_CONFIG_FEATURE_DISABLE in order to # enable or disable a specific feature. # # Another simple example: # # AS_IF([some_test_here],[AX_CONFIG_FEATURE_ENABLE(feature_xxxxx)],[]) # # AX_CONFIG_FEATURE(feature_xxxxx, [turns on/off XXXXX support], # HAVE_XXXXX, [Define if you want XXXXX support]) # AX_CONFIG_FEATURE(feature_yyyyy, [turns on/off YYYYY support], # HAVE_YYYYY, [Define if you want YYYYY support], # [enable_yyyyy="yes"], [enable_yyyyy="no"]) # # ... # # NOTE: AX_CONFIG_FEATURE_ENABLE() must be placed first of the relative # AX_CONFIG_FEATURE() macro ... # # LICENSE # # Copyright (c) 2008 Francesco Salvestrini # # This program is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by the # Free Software Foundation; either version 2 of the License, or (at your # option) any later version. # # This program is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General # Public License for more details. # # You should have received a copy of the GNU General Public License along # with this program. If not, see . # # As a special exception, the respective Autoconf Macro's copyright owner # gives unlimited permission to copy, distribute and modify the configure # scripts that are the output of Autoconf when processing the Macro. You # need not follow the terms of the GNU General Public License when using # or distributing such scripts, even though portions of the text of the # Macro appear in them. The GNU General Public License (GPL) does govern # all other use of the material that constitutes the Autoconf Macro. # # This special exception to the GPL applies to versions of the Autoconf # Macro released by the Autoconf Archive. When you make and distribute a # modified version of the Autoconf Macro, you may extend this special # exception to the GPL to apply to your modified version as well. #serial 11 AC_DEFUN([AX_CONFIG_FEATURE],[ dnl m4_pushdef([FEATURE], patsubst([$1], -, _))dnl AC_ARG_ENABLE([$1],AS_HELP_STRING([--enable-$1],[$2]),[ case "${enableval}" in yes) ax_config_feature_[]FEATURE[]="yes" ;; no) ax_config_feature_[]FEATURE[]="no" ;; *) AC_MSG_ERROR([bad value ${enableval} for feature --$1]) ;; esac ]) AS_IF([test "$ax_config_feature_[]FEATURE[]" = yes],[ dnl AC_DEFINE([$3]) $5 AS_IF([test "$ax_config_feature_verbose" = yes],[ dnl AC_MSG_NOTICE([Feature $1 is enabled]) ]) ],[ dnl $6 AS_IF([test "$ax_config_feature_verbose" = yes],[ dnl AC_MSG_NOTICE([Feature $1 is disabled]) ]) ]) AH_TEMPLATE([$3],[$4]) m4_popdef([FEATURE])dnl ]) dnl Feature global AC_DEFUN([AX_CONFIG_FEATURE_VERBOSE],[ dnl ax_config_feature_verbose=yes ]) dnl Feature global AC_DEFUN([AX_CONFIG_FEATURE_SILENT],[ dnl ax_config_feature_verbose=no ]) dnl Feature specific AC_DEFUN([AX_CONFIG_FEATURE_DEFAULT_ENABLED], [ ax_config_feature_[]FEATURE[]_default=yes ]) dnl Feature specific AC_DEFUN([AX_CONFIG_FEATURE_DEFAULT_DISABLED], [ ax_config_feature_[]FEATURE[]_default=no ]) dnl Feature specific AC_DEFUN([AX_CONFIG_FEATURE_ENABLE],[ dnl ax_config_feature_[]patsubst([$1], -, _)[]=yes ]) dnl Feature specific AC_DEFUN([AX_CONFIG_FEATURE_DISABLE],[ dnl ax_config_feature_[]patsubst([$1], -, _)[]=no ]) ldns-1.9.0/m4/lt~obsolete.m40000644000175000017500000001400715114326264015167 0ustar willemwillem# lt~obsolete.m4 -- aclocal satisfying obsolete definitions. -*-Autoconf-*- # # Copyright (C) 2004-2005, 2007, 2009, 2011-2019, 2021-2022 Free # Software Foundation, Inc. # Written by Scott James Remnant, 2004. # # This file is free software; the Free Software Foundation gives # unlimited permission to copy and/or distribute it, with or without # modifications, as long as this notice is preserved. # serial 5 lt~obsolete.m4 # These exist entirely to fool aclocal when bootstrapping libtool. # # In the past libtool.m4 has provided macros via AC_DEFUN (or AU_DEFUN), # which have later been changed to m4_define as they aren't part of the # exported API, or moved to Autoconf or Automake where they belong. # # The trouble is, aclocal is a bit thick. It'll see the old AC_DEFUN # in /usr/share/aclocal/libtool.m4 and remember it, then when it sees us # using a macro with the same name in our local m4/libtool.m4 it'll # pull the old libtool.m4 in (it doesn't see our shiny new m4_define # and doesn't know about Autoconf macros at all.) # # So we provide this file, which has a silly filename so it's always # included after everything else. This provides aclocal with the # AC_DEFUNs it wants, but when m4 processes it, it doesn't do anything # because those macros already exist, or will be overwritten later. # We use AC_DEFUN over AU_DEFUN for compatibility with aclocal-1.6. # # Anytime we withdraw an AC_DEFUN or AU_DEFUN, remember to add it here. # Yes, that means every name once taken will need to remain here until # we give up compatibility with versions before 1.7, at which point # we need to keep only those names which we still refer to. # This is to help aclocal find these macros, as it can't see m4_define. AC_DEFUN([LTOBSOLETE_VERSION], [m4_if([1])]) m4_ifndef([AC_LIBTOOL_LINKER_OPTION], [AC_DEFUN([AC_LIBTOOL_LINKER_OPTION])]) m4_ifndef([AC_PROG_EGREP], [AC_DEFUN([AC_PROG_EGREP])]) m4_ifndef([_LT_AC_PROG_ECHO_BACKSLASH], [AC_DEFUN([_LT_AC_PROG_ECHO_BACKSLASH])]) m4_ifndef([_LT_AC_SHELL_INIT], [AC_DEFUN([_LT_AC_SHELL_INIT])]) m4_ifndef([_LT_AC_SYS_LIBPATH_AIX], [AC_DEFUN([_LT_AC_SYS_LIBPATH_AIX])]) m4_ifndef([_LT_PROG_LTMAIN], [AC_DEFUN([_LT_PROG_LTMAIN])]) m4_ifndef([_LT_AC_TAGVAR], [AC_DEFUN([_LT_AC_TAGVAR])]) m4_ifndef([AC_LTDL_ENABLE_INSTALL], [AC_DEFUN([AC_LTDL_ENABLE_INSTALL])]) m4_ifndef([AC_LTDL_PREOPEN], [AC_DEFUN([AC_LTDL_PREOPEN])]) m4_ifndef([_LT_AC_SYS_COMPILER], [AC_DEFUN([_LT_AC_SYS_COMPILER])]) m4_ifndef([_LT_AC_LOCK], [AC_DEFUN([_LT_AC_LOCK])]) m4_ifndef([AC_LIBTOOL_SYS_OLD_ARCHIVE], [AC_DEFUN([AC_LIBTOOL_SYS_OLD_ARCHIVE])]) m4_ifndef([_LT_AC_TRY_DLOPEN_SELF], [AC_DEFUN([_LT_AC_TRY_DLOPEN_SELF])]) m4_ifndef([AC_LIBTOOL_PROG_CC_C_O], [AC_DEFUN([AC_LIBTOOL_PROG_CC_C_O])]) m4_ifndef([AC_LIBTOOL_SYS_HARD_LINK_LOCKS], [AC_DEFUN([AC_LIBTOOL_SYS_HARD_LINK_LOCKS])]) m4_ifndef([AC_LIBTOOL_OBJDIR], [AC_DEFUN([AC_LIBTOOL_OBJDIR])]) m4_ifndef([AC_LTDL_OBJDIR], [AC_DEFUN([AC_LTDL_OBJDIR])]) m4_ifndef([AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH], [AC_DEFUN([AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH])]) m4_ifndef([AC_LIBTOOL_SYS_LIB_STRIP], [AC_DEFUN([AC_LIBTOOL_SYS_LIB_STRIP])]) m4_ifndef([AC_PATH_MAGIC], [AC_DEFUN([AC_PATH_MAGIC])]) m4_ifndef([AC_PROG_LD_GNU], [AC_DEFUN([AC_PROG_LD_GNU])]) m4_ifndef([AC_PROG_LD_RELOAD_FLAG], [AC_DEFUN([AC_PROG_LD_RELOAD_FLAG])]) m4_ifndef([AC_DEPLIBS_CHECK_METHOD], [AC_DEFUN([AC_DEPLIBS_CHECK_METHOD])]) m4_ifndef([AC_LIBTOOL_PROG_COMPILER_NO_RTTI], [AC_DEFUN([AC_LIBTOOL_PROG_COMPILER_NO_RTTI])]) m4_ifndef([AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE], [AC_DEFUN([AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE])]) m4_ifndef([AC_LIBTOOL_PROG_COMPILER_PIC], [AC_DEFUN([AC_LIBTOOL_PROG_COMPILER_PIC])]) m4_ifndef([AC_LIBTOOL_PROG_LD_SHLIBS], [AC_DEFUN([AC_LIBTOOL_PROG_LD_SHLIBS])]) m4_ifndef([AC_LIBTOOL_POSTDEP_PREDEP], [AC_DEFUN([AC_LIBTOOL_POSTDEP_PREDEP])]) m4_ifndef([LT_AC_PROG_EGREP], [AC_DEFUN([LT_AC_PROG_EGREP])]) m4_ifndef([LT_AC_PROG_SED], [AC_DEFUN([LT_AC_PROG_SED])]) m4_ifndef([_LT_CC_BASENAME], [AC_DEFUN([_LT_CC_BASENAME])]) m4_ifndef([_LT_COMPILER_BOILERPLATE], [AC_DEFUN([_LT_COMPILER_BOILERPLATE])]) m4_ifndef([_LT_LINKER_BOILERPLATE], [AC_DEFUN([_LT_LINKER_BOILERPLATE])]) m4_ifndef([_AC_PROG_LIBTOOL], [AC_DEFUN([_AC_PROG_LIBTOOL])]) m4_ifndef([AC_LIBTOOL_SETUP], [AC_DEFUN([AC_LIBTOOL_SETUP])]) m4_ifndef([_LT_AC_CHECK_DLFCN], [AC_DEFUN([_LT_AC_CHECK_DLFCN])]) m4_ifndef([AC_LIBTOOL_SYS_DYNAMIC_LINKER], [AC_DEFUN([AC_LIBTOOL_SYS_DYNAMIC_LINKER])]) m4_ifndef([_LT_AC_TAGCONFIG], [AC_DEFUN([_LT_AC_TAGCONFIG])]) m4_ifndef([AC_DISABLE_FAST_INSTALL], [AC_DEFUN([AC_DISABLE_FAST_INSTALL])]) m4_ifndef([_LT_AC_LANG_CXX], [AC_DEFUN([_LT_AC_LANG_CXX])]) m4_ifndef([_LT_AC_LANG_F77], [AC_DEFUN([_LT_AC_LANG_F77])]) m4_ifndef([_LT_AC_LANG_GCJ], [AC_DEFUN([_LT_AC_LANG_GCJ])]) m4_ifndef([AC_LIBTOOL_LANG_C_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_C_CONFIG])]) m4_ifndef([_LT_AC_LANG_C_CONFIG], [AC_DEFUN([_LT_AC_LANG_C_CONFIG])]) m4_ifndef([AC_LIBTOOL_LANG_CXX_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_CXX_CONFIG])]) m4_ifndef([_LT_AC_LANG_CXX_CONFIG], [AC_DEFUN([_LT_AC_LANG_CXX_CONFIG])]) m4_ifndef([AC_LIBTOOL_LANG_F77_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_F77_CONFIG])]) m4_ifndef([_LT_AC_LANG_F77_CONFIG], [AC_DEFUN([_LT_AC_LANG_F77_CONFIG])]) m4_ifndef([AC_LIBTOOL_LANG_GCJ_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_GCJ_CONFIG])]) m4_ifndef([_LT_AC_LANG_GCJ_CONFIG], [AC_DEFUN([_LT_AC_LANG_GCJ_CONFIG])]) m4_ifndef([AC_LIBTOOL_LANG_RC_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_RC_CONFIG])]) m4_ifndef([_LT_AC_LANG_RC_CONFIG], [AC_DEFUN([_LT_AC_LANG_RC_CONFIG])]) m4_ifndef([AC_LIBTOOL_CONFIG], [AC_DEFUN([AC_LIBTOOL_CONFIG])]) m4_ifndef([_LT_AC_FILE_LTDLL_C], [AC_DEFUN([_LT_AC_FILE_LTDLL_C])]) m4_ifndef([_LT_REQUIRED_DARWIN_CHECKS], [AC_DEFUN([_LT_REQUIRED_DARWIN_CHECKS])]) m4_ifndef([_LT_AC_PROG_CXXCPP], [AC_DEFUN([_LT_AC_PROG_CXXCPP])]) m4_ifndef([_LT_PREPARE_SED_QUOTE_VARS], [AC_DEFUN([_LT_PREPARE_SED_QUOTE_VARS])]) m4_ifndef([_LT_PROG_ECHO_BACKSLASH], [AC_DEFUN([_LT_PROG_ECHO_BACKSLASH])]) m4_ifndef([_LT_PROG_F77], [AC_DEFUN([_LT_PROG_F77])]) m4_ifndef([_LT_PROG_FC], [AC_DEFUN([_LT_PROG_FC])]) m4_ifndef([_LT_PROG_CXX], [AC_DEFUN([_LT_PROG_CXX])]) ldns-1.9.0/m4/libtool.m40000644000175000017500000113165215114326264014270 0ustar willemwillem# libtool.m4 - Configure libtool for the host system. -*-Autoconf-*- # # Copyright (C) 1996-2001, 2003-2019, 2021-2022 Free Software # Foundation, Inc. # Written by Gordon Matzigkeit, 1996 # # This file is free software; the Free Software Foundation gives # unlimited permission to copy and/or distribute it, with or without # modifications, as long as this notice is preserved. m4_define([_LT_COPYING], [dnl # Copyright (C) 2014 Free Software Foundation, Inc. # This is free software; see the source for copying conditions. There is NO # warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. # GNU Libtool is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of of the License, or # (at your option) any later version. # # As a special exception to the GNU General Public License, if you # distribute this file as part of a program or library that is built # using GNU Libtool, you may include this file under the same # distribution terms that you use for the rest of that program. # # GNU Libtool is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . ]) # serial 59 LT_INIT # LT_PREREQ(VERSION) # ------------------ # Complain and exit if this libtool version is less that VERSION. m4_defun([LT_PREREQ], [m4_if(m4_version_compare(m4_defn([LT_PACKAGE_VERSION]), [$1]), -1, [m4_default([$3], [m4_fatal([Libtool version $1 or higher is required], 63)])], [$2])]) # _LT_CHECK_BUILDDIR # ------------------ # Complain if the absolute build directory name contains unusual characters m4_defun([_LT_CHECK_BUILDDIR], [case `pwd` in *\ * | *\ *) AC_MSG_WARN([Libtool does not cope well with whitespace in `pwd`]) ;; esac ]) # LT_INIT([OPTIONS]) # ------------------ AC_DEFUN([LT_INIT], [AC_PREREQ([2.62])dnl We use AC_PATH_PROGS_FEATURE_CHECK AC_REQUIRE([AC_CONFIG_AUX_DIR_DEFAULT])dnl AC_BEFORE([$0], [LT_LANG])dnl AC_BEFORE([$0], [LT_OUTPUT])dnl AC_BEFORE([$0], [LTDL_INIT])dnl m4_require([_LT_CHECK_BUILDDIR])dnl dnl Autoconf doesn't catch unexpanded LT_ macros by default: m4_pattern_forbid([^_?LT_[A-Z_]+$])dnl m4_pattern_allow([^(_LT_EOF|LT_DLGLOBAL|LT_DLLAZY_OR_NOW|LT_MULTI_MODULE)$])dnl dnl aclocal doesn't pull ltoptions.m4, ltsugar.m4, or ltversion.m4 dnl unless we require an AC_DEFUNed macro: AC_REQUIRE([LTOPTIONS_VERSION])dnl AC_REQUIRE([LTSUGAR_VERSION])dnl AC_REQUIRE([LTVERSION_VERSION])dnl AC_REQUIRE([LTOBSOLETE_VERSION])dnl m4_require([_LT_PROG_LTMAIN])dnl _LT_SHELL_INIT([SHELL=${CONFIG_SHELL-/bin/sh}]) dnl Parse OPTIONS _LT_SET_OPTIONS([$0], [$1]) # This can be used to rebuild libtool when needed LIBTOOL_DEPS=$ltmain # Always use our own libtool. LIBTOOL='$(SHELL) $(top_builddir)/libtool' AC_SUBST(LIBTOOL)dnl _LT_SETUP # Only expand once: m4_define([LT_INIT]) ])# LT_INIT # Old names: AU_ALIAS([AC_PROG_LIBTOOL], [LT_INIT]) AU_ALIAS([AM_PROG_LIBTOOL], [LT_INIT]) dnl aclocal-1.4 backwards compatibility: dnl AC_DEFUN([AC_PROG_LIBTOOL], []) dnl AC_DEFUN([AM_PROG_LIBTOOL], []) # _LT_PREPARE_CC_BASENAME # ----------------------- m4_defun([_LT_PREPARE_CC_BASENAME], [ # Calculate cc_basename. Skip known compiler wrappers and cross-prefix. func_cc_basename () { for cc_temp in @S|@*""; do case $cc_temp in compile | *[[\\/]]compile | ccache | *[[\\/]]ccache ) ;; distcc | *[[\\/]]distcc | purify | *[[\\/]]purify ) ;; \-*) ;; *) break;; esac done func_cc_basename_result=`$ECHO "$cc_temp" | $SED "s%.*/%%; s%^$host_alias-%%"` } ])# _LT_PREPARE_CC_BASENAME # _LT_CC_BASENAME(CC) # ------------------- # It would be clearer to call AC_REQUIREs from _LT_PREPARE_CC_BASENAME, # but that macro is also expanded into generated libtool script, which # arranges for $SED and $ECHO to be set by different means. m4_defun([_LT_CC_BASENAME], [m4_require([_LT_PREPARE_CC_BASENAME])dnl AC_REQUIRE([_LT_DECL_SED])dnl AC_REQUIRE([_LT_PROG_ECHO_BACKSLASH])dnl func_cc_basename $1 cc_basename=$func_cc_basename_result ]) # _LT_FILEUTILS_DEFAULTS # ---------------------- # It is okay to use these file commands and assume they have been set # sensibly after 'm4_require([_LT_FILEUTILS_DEFAULTS])'. m4_defun([_LT_FILEUTILS_DEFAULTS], [: ${CP="cp -f"} : ${MV="mv -f"} : ${RM="rm -f"} ])# _LT_FILEUTILS_DEFAULTS # _LT_SETUP # --------- m4_defun([_LT_SETUP], [AC_REQUIRE([AC_CANONICAL_HOST])dnl AC_REQUIRE([AC_CANONICAL_BUILD])dnl AC_REQUIRE([_LT_PREPARE_SED_QUOTE_VARS])dnl AC_REQUIRE([_LT_PROG_ECHO_BACKSLASH])dnl _LT_DECL([], [PATH_SEPARATOR], [1], [The PATH separator for the build system])dnl dnl _LT_DECL([], [host_alias], [0], [The host system])dnl _LT_DECL([], [host], [0])dnl _LT_DECL([], [host_os], [0])dnl dnl _LT_DECL([], [build_alias], [0], [The build system])dnl _LT_DECL([], [build], [0])dnl _LT_DECL([], [build_os], [0])dnl dnl AC_REQUIRE([AC_PROG_CC])dnl AC_REQUIRE([LT_PATH_LD])dnl AC_REQUIRE([LT_PATH_NM])dnl dnl AC_REQUIRE([AC_PROG_LN_S])dnl test -z "$LN_S" && LN_S="ln -s" _LT_DECL([], [LN_S], [1], [Whether we need soft or hard links])dnl dnl AC_REQUIRE([LT_CMD_MAX_LEN])dnl _LT_DECL([objext], [ac_objext], [0], [Object file suffix (normally "o")])dnl _LT_DECL([], [exeext], [0], [Executable file suffix (normally "")])dnl dnl m4_require([_LT_FILEUTILS_DEFAULTS])dnl m4_require([_LT_CHECK_SHELL_FEATURES])dnl m4_require([_LT_PATH_CONVERSION_FUNCTIONS])dnl m4_require([_LT_CMD_RELOAD])dnl m4_require([_LT_DECL_FILECMD])dnl m4_require([_LT_CHECK_MAGIC_METHOD])dnl m4_require([_LT_CHECK_SHAREDLIB_FROM_LINKLIB])dnl m4_require([_LT_CMD_OLD_ARCHIVE])dnl m4_require([_LT_CMD_GLOBAL_SYMBOLS])dnl m4_require([_LT_WITH_SYSROOT])dnl m4_require([_LT_CMD_TRUNCATE])dnl _LT_CONFIG_LIBTOOL_INIT([ # See if we are running on zsh, and set the options that allow our # commands through without removal of \ escapes INIT. if test -n "\${ZSH_VERSION+set}"; then setopt NO_GLOB_SUBST fi ]) if test -n "${ZSH_VERSION+set}"; then setopt NO_GLOB_SUBST fi _LT_CHECK_OBJDIR m4_require([_LT_TAG_COMPILER])dnl case $host_os in aix3*) # AIX sometimes has problems with the GCC collect2 program. For some # reason, if we set the COLLECT_NAMES environment variable, the problems # vanish in a puff of smoke. if test set != "${COLLECT_NAMES+set}"; then COLLECT_NAMES= export COLLECT_NAMES fi ;; esac # Global variables: ofile=libtool can_build_shared=yes # All known linkers require a '.a' archive for static linking (except MSVC and # ICC, which need '.lib'). libext=a with_gnu_ld=$lt_cv_prog_gnu_ld old_CC=$CC old_CFLAGS=$CFLAGS # Set sane defaults for various variables test -z "$CC" && CC=cc test -z "$LTCC" && LTCC=$CC test -z "$LTCFLAGS" && LTCFLAGS=$CFLAGS test -z "$LD" && LD=ld test -z "$ac_objext" && ac_objext=o _LT_CC_BASENAME([$compiler]) # Only perform the check for file, if the check method requires it test -z "$MAGIC_CMD" && MAGIC_CMD=file case $deplibs_check_method in file_magic*) if test "$file_magic_cmd" = '$MAGIC_CMD'; then _LT_PATH_MAGIC fi ;; esac # Use C for the default configuration in the libtool script LT_SUPPORTED_TAG([CC]) _LT_LANG_C_CONFIG _LT_LANG_DEFAULT_CONFIG _LT_CONFIG_COMMANDS ])# _LT_SETUP # _LT_PREPARE_SED_QUOTE_VARS # -------------------------- # Define a few sed substitution that help us do robust quoting. m4_defun([_LT_PREPARE_SED_QUOTE_VARS], [# Backslashify metacharacters that are still active within # double-quoted strings. sed_quote_subst='s/\([["`$\\]]\)/\\\1/g' # Same as above, but do not quote variable references. double_quote_subst='s/\([["`\\]]\)/\\\1/g' # Sed substitution to delay expansion of an escaped shell variable in a # double_quote_subst'ed string. delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g' # Sed substitution to delay expansion of an escaped single quote. delay_single_quote_subst='s/'\''/'\'\\\\\\\'\''/g' # Sed substitution to avoid accidental globbing in evaled expressions no_glob_subst='s/\*/\\\*/g' ]) # _LT_PROG_LTMAIN # --------------- # Note that this code is called both from 'configure', and 'config.status' # now that we use AC_CONFIG_COMMANDS to generate libtool. Notably, # 'config.status' has no value for ac_aux_dir unless we are using Automake, # so we pass a copy along to make sure it has a sensible value anyway. m4_defun([_LT_PROG_LTMAIN], [m4_ifdef([AC_REQUIRE_AUX_FILE], [AC_REQUIRE_AUX_FILE([ltmain.sh])])dnl _LT_CONFIG_LIBTOOL_INIT([ac_aux_dir='$ac_aux_dir']) ltmain=$ac_aux_dir/ltmain.sh ])# _LT_PROG_LTMAIN ## ------------------------------------- ## ## Accumulate code for creating libtool. ## ## ------------------------------------- ## # So that we can recreate a full libtool script including additional # tags, we accumulate the chunks of code to send to AC_CONFIG_COMMANDS # in macros and then make a single call at the end using the 'libtool' # label. # _LT_CONFIG_LIBTOOL_INIT([INIT-COMMANDS]) # ---------------------------------------- # Register INIT-COMMANDS to be passed to AC_CONFIG_COMMANDS later. m4_define([_LT_CONFIG_LIBTOOL_INIT], [m4_ifval([$1], [m4_append([_LT_OUTPUT_LIBTOOL_INIT], [$1 ])])]) # Initialize. m4_define([_LT_OUTPUT_LIBTOOL_INIT]) # _LT_CONFIG_LIBTOOL([COMMANDS]) # ------------------------------ # Register COMMANDS to be passed to AC_CONFIG_COMMANDS later. m4_define([_LT_CONFIG_LIBTOOL], [m4_ifval([$1], [m4_append([_LT_OUTPUT_LIBTOOL_COMMANDS], [$1 ])])]) # Initialize. m4_define([_LT_OUTPUT_LIBTOOL_COMMANDS]) # _LT_CONFIG_SAVE_COMMANDS([COMMANDS], [INIT_COMMANDS]) # ----------------------------------------------------- m4_defun([_LT_CONFIG_SAVE_COMMANDS], [_LT_CONFIG_LIBTOOL([$1]) _LT_CONFIG_LIBTOOL_INIT([$2]) ]) # _LT_FORMAT_COMMENT([COMMENT]) # ----------------------------- # Add leading comment marks to the start of each line, and a trailing # full-stop to the whole comment if one is not present already. m4_define([_LT_FORMAT_COMMENT], [m4_ifval([$1], [ m4_bpatsubst([m4_bpatsubst([$1], [^ *], [# ])], [['`$\]], [\\\&])]m4_bmatch([$1], [[!?.]$], [], [.]) )]) ## ------------------------ ## ## FIXME: Eliminate VARNAME ## ## ------------------------ ## # _LT_DECL([CONFIGNAME], VARNAME, VALUE, [DESCRIPTION], [IS-TAGGED?]) # ------------------------------------------------------------------- # CONFIGNAME is the name given to the value in the libtool script. # VARNAME is the (base) name used in the configure script. # VALUE may be 0, 1 or 2 for a computed quote escaped value based on # VARNAME. Any other value will be used directly. m4_define([_LT_DECL], [lt_if_append_uniq([lt_decl_varnames], [$2], [, ], [lt_dict_add_subkey([lt_decl_dict], [$2], [libtool_name], [m4_ifval([$1], [$1], [$2])]) lt_dict_add_subkey([lt_decl_dict], [$2], [value], [$3]) m4_ifval([$4], [lt_dict_add_subkey([lt_decl_dict], [$2], [description], [$4])]) lt_dict_add_subkey([lt_decl_dict], [$2], [tagged?], [m4_ifval([$5], [yes], [no])])]) ]) # _LT_TAGDECL([CONFIGNAME], VARNAME, VALUE, [DESCRIPTION]) # -------------------------------------------------------- m4_define([_LT_TAGDECL], [_LT_DECL([$1], [$2], [$3], [$4], [yes])]) # lt_decl_tag_varnames([SEPARATOR], [VARNAME1...]) # ------------------------------------------------ m4_define([lt_decl_tag_varnames], [_lt_decl_filter([tagged?], [yes], $@)]) # _lt_decl_filter(SUBKEY, VALUE, [SEPARATOR], [VARNAME1..]) # --------------------------------------------------------- m4_define([_lt_decl_filter], [m4_case([$#], [0], [m4_fatal([$0: too few arguments: $#])], [1], [m4_fatal([$0: too few arguments: $#: $1])], [2], [lt_dict_filter([lt_decl_dict], [$1], [$2], [], lt_decl_varnames)], [3], [lt_dict_filter([lt_decl_dict], [$1], [$2], [$3], lt_decl_varnames)], [lt_dict_filter([lt_decl_dict], $@)])[]dnl ]) # lt_decl_quote_varnames([SEPARATOR], [VARNAME1...]) # -------------------------------------------------- m4_define([lt_decl_quote_varnames], [_lt_decl_filter([value], [1], $@)]) # lt_decl_dquote_varnames([SEPARATOR], [VARNAME1...]) # --------------------------------------------------- m4_define([lt_decl_dquote_varnames], [_lt_decl_filter([value], [2], $@)]) # lt_decl_varnames_tagged([SEPARATOR], [VARNAME1...]) # --------------------------------------------------- m4_define([lt_decl_varnames_tagged], [m4_assert([$# <= 2])dnl _$0(m4_quote(m4_default([$1], [[, ]])), m4_ifval([$2], [[$2]], [m4_dquote(lt_decl_tag_varnames)]), m4_split(m4_normalize(m4_quote(_LT_TAGS)), [ ]))]) m4_define([_lt_decl_varnames_tagged], [m4_ifval([$3], [lt_combine([$1], [$2], [_], $3)])]) # lt_decl_all_varnames([SEPARATOR], [VARNAME1...]) # ------------------------------------------------ m4_define([lt_decl_all_varnames], [_$0(m4_quote(m4_default([$1], [[, ]])), m4_if([$2], [], m4_quote(lt_decl_varnames), m4_quote(m4_shift($@))))[]dnl ]) m4_define([_lt_decl_all_varnames], [lt_join($@, lt_decl_varnames_tagged([$1], lt_decl_tag_varnames([[, ]], m4_shift($@))))dnl ]) # _LT_CONFIG_STATUS_DECLARE([VARNAME]) # ------------------------------------ # Quote a variable value, and forward it to 'config.status' so that its # declaration there will have the same value as in 'configure'. VARNAME # must have a single quote delimited value for this to work. m4_define([_LT_CONFIG_STATUS_DECLARE], [$1='`$ECHO "$][$1" | $SED "$delay_single_quote_subst"`']) # _LT_CONFIG_STATUS_DECLARATIONS # ------------------------------ # We delimit libtool config variables with single quotes, so when # we write them to config.status, we have to be sure to quote all # embedded single quotes properly. In configure, this macro expands # each variable declared with _LT_DECL (and _LT_TAGDECL) into: # # ='`$ECHO "$" | $SED "$delay_single_quote_subst"`' m4_defun([_LT_CONFIG_STATUS_DECLARATIONS], [m4_foreach([_lt_var], m4_quote(lt_decl_all_varnames), [m4_n([_LT_CONFIG_STATUS_DECLARE(_lt_var)])])]) # _LT_LIBTOOL_TAGS # ---------------- # Output comment and list of tags supported by the script m4_defun([_LT_LIBTOOL_TAGS], [_LT_FORMAT_COMMENT([The names of the tagged configurations supported by this script])dnl available_tags='_LT_TAGS'dnl ]) # _LT_LIBTOOL_DECLARE(VARNAME, [TAG]) # ----------------------------------- # Extract the dictionary values for VARNAME (optionally with TAG) and # expand to a commented shell variable setting: # # # Some comment about what VAR is for. # visible_name=$lt_internal_name m4_define([_LT_LIBTOOL_DECLARE], [_LT_FORMAT_COMMENT(m4_quote(lt_dict_fetch([lt_decl_dict], [$1], [description])))[]dnl m4_pushdef([_libtool_name], m4_quote(lt_dict_fetch([lt_decl_dict], [$1], [libtool_name])))[]dnl m4_case(m4_quote(lt_dict_fetch([lt_decl_dict], [$1], [value])), [0], [_libtool_name=[$]$1], [1], [_libtool_name=$lt_[]$1], [2], [_libtool_name=$lt_[]$1], [_libtool_name=lt_dict_fetch([lt_decl_dict], [$1], [value])])[]dnl m4_ifval([$2], [_$2])[]m4_popdef([_libtool_name])[]dnl ]) # _LT_LIBTOOL_CONFIG_VARS # ----------------------- # Produce commented declarations of non-tagged libtool config variables # suitable for insertion in the LIBTOOL CONFIG section of the 'libtool' # script. Tagged libtool config variables (even for the LIBTOOL CONFIG # section) are produced by _LT_LIBTOOL_TAG_VARS. m4_defun([_LT_LIBTOOL_CONFIG_VARS], [m4_foreach([_lt_var], m4_quote(_lt_decl_filter([tagged?], [no], [], lt_decl_varnames)), [m4_n([_LT_LIBTOOL_DECLARE(_lt_var)])])]) # _LT_LIBTOOL_TAG_VARS(TAG) # ------------------------- m4_define([_LT_LIBTOOL_TAG_VARS], [m4_foreach([_lt_var], m4_quote(lt_decl_tag_varnames), [m4_n([_LT_LIBTOOL_DECLARE(_lt_var, [$1])])])]) # _LT_TAGVAR(VARNAME, [TAGNAME]) # ------------------------------ m4_define([_LT_TAGVAR], [m4_ifval([$2], [$1_$2], [$1])]) # _LT_CONFIG_COMMANDS # ------------------- # Send accumulated output to $CONFIG_STATUS. Thanks to the lists of # variables for single and double quote escaping we saved from calls # to _LT_DECL, we can put quote escaped variables declarations # into 'config.status', and then the shell code to quote escape them in # for loops in 'config.status'. Finally, any additional code accumulated # from calls to _LT_CONFIG_LIBTOOL_INIT is expanded. m4_defun([_LT_CONFIG_COMMANDS], [AC_PROVIDE_IFELSE([LT_OUTPUT], dnl If the libtool generation code has been placed in $CONFIG_LT, dnl instead of duplicating it all over again into config.status, dnl then we will have config.status run $CONFIG_LT later, so it dnl needs to know what name is stored there: [AC_CONFIG_COMMANDS([libtool], [$SHELL $CONFIG_LT || AS_EXIT(1)], [CONFIG_LT='$CONFIG_LT'])], dnl If the libtool generation code is destined for config.status, dnl expand the accumulated commands and init code now: [AC_CONFIG_COMMANDS([libtool], [_LT_OUTPUT_LIBTOOL_COMMANDS], [_LT_OUTPUT_LIBTOOL_COMMANDS_INIT])]) ])#_LT_CONFIG_COMMANDS # Initialize. m4_define([_LT_OUTPUT_LIBTOOL_COMMANDS_INIT], [ # The HP-UX ksh and POSIX shell print the target directory to stdout # if CDPATH is set. (unset CDPATH) >/dev/null 2>&1 && unset CDPATH sed_quote_subst='$sed_quote_subst' double_quote_subst='$double_quote_subst' delay_variable_subst='$delay_variable_subst' _LT_CONFIG_STATUS_DECLARATIONS LTCC='$LTCC' LTCFLAGS='$LTCFLAGS' compiler='$compiler_DEFAULT' # A function that is used when there is no print builtin or printf. func_fallback_echo () { eval 'cat <<_LTECHO_EOF \$[]1 _LTECHO_EOF' } # Quote evaled strings. for var in lt_decl_all_varnames([[ \ ]], lt_decl_quote_varnames); do case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in *[[\\\\\\\`\\"\\\$]]*) eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED \\"\\\$sed_quote_subst\\"\\\`\\\\\\"" ## exclude from sc_prohibit_nested_quotes ;; *) eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\"" ;; esac done # Double-quote double-evaled strings. for var in lt_decl_all_varnames([[ \ ]], lt_decl_dquote_varnames); do case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in *[[\\\\\\\`\\"\\\$]]*) eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED -e \\"\\\$double_quote_subst\\" -e \\"\\\$sed_quote_subst\\" -e \\"\\\$delay_variable_subst\\"\\\`\\\\\\"" ## exclude from sc_prohibit_nested_quotes ;; *) eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\"" ;; esac done _LT_OUTPUT_LIBTOOL_INIT ]) # _LT_GENERATED_FILE_INIT(FILE, [COMMENT]) # ------------------------------------ # Generate a child script FILE with all initialization necessary to # reuse the environment learned by the parent script, and make the # file executable. If COMMENT is supplied, it is inserted after the # '#!' sequence but before initialization text begins. After this # macro, additional text can be appended to FILE to form the body of # the child script. The macro ends with non-zero status if the # file could not be fully written (such as if the disk is full). m4_ifdef([AS_INIT_GENERATED], [m4_defun([_LT_GENERATED_FILE_INIT],[AS_INIT_GENERATED($@)])], [m4_defun([_LT_GENERATED_FILE_INIT], [m4_require([AS_PREPARE])]dnl [m4_pushdef([AS_MESSAGE_LOG_FD])]dnl [lt_write_fail=0 cat >$1 <<_ASEOF || lt_write_fail=1 #! $SHELL # Generated by $as_me. $2 SHELL=\${CONFIG_SHELL-$SHELL} export SHELL _ASEOF cat >>$1 <<\_ASEOF || lt_write_fail=1 AS_SHELL_SANITIZE _AS_PREPARE exec AS_MESSAGE_FD>&1 _ASEOF test 0 = "$lt_write_fail" && chmod +x $1[]dnl m4_popdef([AS_MESSAGE_LOG_FD])])])# _LT_GENERATED_FILE_INIT # LT_OUTPUT # --------- # This macro allows early generation of the libtool script (before # AC_OUTPUT is called), incase it is used in configure for compilation # tests. AC_DEFUN([LT_OUTPUT], [: ${CONFIG_LT=./config.lt} AC_MSG_NOTICE([creating $CONFIG_LT]) _LT_GENERATED_FILE_INIT(["$CONFIG_LT"], [# Run this file to recreate a libtool stub with the current configuration.]) cat >>"$CONFIG_LT" <<\_LTEOF lt_cl_silent=false exec AS_MESSAGE_LOG_FD>>config.log { echo AS_BOX([Running $as_me.]) } >&AS_MESSAGE_LOG_FD lt_cl_help="\ '$as_me' creates a local libtool stub from the current configuration, for use in further configure time tests before the real libtool is generated. Usage: $[0] [[OPTIONS]] -h, --help print this help, then exit -V, --version print version number, then exit -q, --quiet do not print progress messages -d, --debug don't remove temporary files Report bugs to ." lt_cl_version="\ m4_ifset([AC_PACKAGE_NAME], [AC_PACKAGE_NAME ])config.lt[]dnl m4_ifset([AC_PACKAGE_VERSION], [ AC_PACKAGE_VERSION]) configured by $[0], generated by m4_PACKAGE_STRING. Copyright (C) 2011 Free Software Foundation, Inc. This config.lt script is free software; the Free Software Foundation gives unlimited permision to copy, distribute and modify it." while test 0 != $[#] do case $[1] in --version | --v* | -V ) echo "$lt_cl_version"; exit 0 ;; --help | --h* | -h ) echo "$lt_cl_help"; exit 0 ;; --debug | --d* | -d ) debug=: ;; --quiet | --q* | --silent | --s* | -q ) lt_cl_silent=: ;; -*) AC_MSG_ERROR([unrecognized option: $[1] Try '$[0] --help' for more information.]) ;; *) AC_MSG_ERROR([unrecognized argument: $[1] Try '$[0] --help' for more information.]) ;; esac shift done if $lt_cl_silent; then exec AS_MESSAGE_FD>/dev/null fi _LTEOF cat >>"$CONFIG_LT" <<_LTEOF _LT_OUTPUT_LIBTOOL_COMMANDS_INIT _LTEOF cat >>"$CONFIG_LT" <<\_LTEOF AC_MSG_NOTICE([creating $ofile]) _LT_OUTPUT_LIBTOOL_COMMANDS AS_EXIT(0) _LTEOF chmod +x "$CONFIG_LT" # configure is writing to config.log, but config.lt does its own redirection, # appending to config.log, which fails on DOS, as config.log is still kept # open by configure. Here we exec the FD to /dev/null, effectively closing # config.log, so it can be properly (re)opened and appended to by config.lt. lt_cl_success=: test yes = "$silent" && lt_config_lt_args="$lt_config_lt_args --quiet" exec AS_MESSAGE_LOG_FD>/dev/null $SHELL "$CONFIG_LT" $lt_config_lt_args || lt_cl_success=false exec AS_MESSAGE_LOG_FD>>config.log $lt_cl_success || AS_EXIT(1) ])# LT_OUTPUT # _LT_CONFIG(TAG) # --------------- # If TAG is the built-in tag, create an initial libtool script with a # default configuration from the untagged config vars. Otherwise add code # to config.status for appending the configuration named by TAG from the # matching tagged config vars. m4_defun([_LT_CONFIG], [m4_require([_LT_FILEUTILS_DEFAULTS])dnl _LT_CONFIG_SAVE_COMMANDS([ m4_define([_LT_TAG], m4_if([$1], [], [C], [$1]))dnl m4_if(_LT_TAG, [C], [ # See if we are running on zsh, and set the options that allow our # commands through without removal of \ escapes. if test -n "${ZSH_VERSION+set}"; then setopt NO_GLOB_SUBST fi cfgfile=${ofile}T trap "$RM \"$cfgfile\"; exit 1" 1 2 15 $RM "$cfgfile" cat <<_LT_EOF >> "$cfgfile" #! $SHELL # Generated automatically by $as_me ($PACKAGE) $VERSION # NOTE: Changes made to this file will be lost: look at ltmain.sh. # Provide generalized library-building support services. # Written by Gordon Matzigkeit, 1996 _LT_COPYING _LT_LIBTOOL_TAGS # Configured defaults for sys_lib_dlsearch_path munging. : \${LT_SYS_LIBRARY_PATH="$configure_time_lt_sys_library_path"} # ### BEGIN LIBTOOL CONFIG _LT_LIBTOOL_CONFIG_VARS _LT_LIBTOOL_TAG_VARS # ### END LIBTOOL CONFIG _LT_EOF cat <<'_LT_EOF' >> "$cfgfile" # ### BEGIN FUNCTIONS SHARED WITH CONFIGURE _LT_PREPARE_MUNGE_PATH_LIST _LT_PREPARE_CC_BASENAME # ### END FUNCTIONS SHARED WITH CONFIGURE _LT_EOF case $host_os in aix3*) cat <<\_LT_EOF >> "$cfgfile" # AIX sometimes has problems with the GCC collect2 program. For some # reason, if we set the COLLECT_NAMES environment variable, the problems # vanish in a puff of smoke. if test set != "${COLLECT_NAMES+set}"; then COLLECT_NAMES= export COLLECT_NAMES fi _LT_EOF ;; esac _LT_PROG_LTMAIN # We use sed instead of cat because bash on DJGPP gets confused if # if finds mixed CR/LF and LF-only lines. Since sed operates in # text mode, it properly converts lines to CR/LF. This bash problem # is reportedly fixed, but why not run on old versions too? $SED '$q' "$ltmain" >> "$cfgfile" \ || (rm -f "$cfgfile"; exit 1) mv -f "$cfgfile" "$ofile" || (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile") chmod +x "$ofile" ], [cat <<_LT_EOF >> "$ofile" dnl Unfortunately we have to use $1 here, since _LT_TAG is not expanded dnl in a comment (ie after a #). # ### BEGIN LIBTOOL TAG CONFIG: $1 _LT_LIBTOOL_TAG_VARS(_LT_TAG) # ### END LIBTOOL TAG CONFIG: $1 _LT_EOF ])dnl /m4_if ], [m4_if([$1], [], [ PACKAGE='$PACKAGE' VERSION='$VERSION' RM='$RM' ofile='$ofile'], []) ])dnl /_LT_CONFIG_SAVE_COMMANDS ])# _LT_CONFIG # LT_SUPPORTED_TAG(TAG) # --------------------- # Trace this macro to discover what tags are supported by the libtool # --tag option, using: # autoconf --trace 'LT_SUPPORTED_TAG:$1' AC_DEFUN([LT_SUPPORTED_TAG], []) # C support is built-in for now m4_define([_LT_LANG_C_enabled], []) m4_define([_LT_TAGS], []) # LT_LANG(LANG) # ------------- # Enable libtool support for the given language if not already enabled. AC_DEFUN([LT_LANG], [AC_BEFORE([$0], [LT_OUTPUT])dnl m4_case([$1], [C], [_LT_LANG(C)], [C++], [_LT_LANG(CXX)], [Go], [_LT_LANG(GO)], [Java], [_LT_LANG(GCJ)], [Fortran 77], [_LT_LANG(F77)], [Fortran], [_LT_LANG(FC)], [Windows Resource], [_LT_LANG(RC)], [m4_ifdef([_LT_LANG_]$1[_CONFIG], [_LT_LANG($1)], [m4_fatal([$0: unsupported language: "$1"])])])dnl ])# LT_LANG # _LT_LANG(LANGNAME) # ------------------ m4_defun([_LT_LANG], [m4_ifdef([_LT_LANG_]$1[_enabled], [], [LT_SUPPORTED_TAG([$1])dnl m4_append([_LT_TAGS], [$1 ])dnl m4_define([_LT_LANG_]$1[_enabled], [])dnl _LT_LANG_$1_CONFIG($1)])dnl ])# _LT_LANG m4_ifndef([AC_PROG_GO], [ ############################################################ # NOTE: This macro has been submitted for inclusion into # # GNU Autoconf as AC_PROG_GO. When it is available in # # a released version of Autoconf we should remove this # # macro and use it instead. # ############################################################ m4_defun([AC_PROG_GO], [AC_LANG_PUSH(Go)dnl AC_ARG_VAR([GOC], [Go compiler command])dnl AC_ARG_VAR([GOFLAGS], [Go compiler flags])dnl _AC_ARG_VAR_LDFLAGS()dnl AC_CHECK_TOOL(GOC, gccgo) if test -z "$GOC"; then if test -n "$ac_tool_prefix"; then AC_CHECK_PROG(GOC, [${ac_tool_prefix}gccgo], [${ac_tool_prefix}gccgo]) fi fi if test -z "$GOC"; then AC_CHECK_PROG(GOC, gccgo, gccgo, false) fi ])#m4_defun ])#m4_ifndef # _LT_LANG_DEFAULT_CONFIG # ----------------------- m4_defun([_LT_LANG_DEFAULT_CONFIG], [AC_PROVIDE_IFELSE([AC_PROG_CXX], [LT_LANG(CXX)], [m4_define([AC_PROG_CXX], defn([AC_PROG_CXX])[LT_LANG(CXX)])]) AC_PROVIDE_IFELSE([AC_PROG_F77], [LT_LANG(F77)], [m4_define([AC_PROG_F77], defn([AC_PROG_F77])[LT_LANG(F77)])]) AC_PROVIDE_IFELSE([AC_PROG_FC], [LT_LANG(FC)], [m4_define([AC_PROG_FC], defn([AC_PROG_FC])[LT_LANG(FC)])]) dnl The call to [A][M_PROG_GCJ] is quoted like that to stop aclocal dnl pulling things in needlessly. AC_PROVIDE_IFELSE([AC_PROG_GCJ], [LT_LANG(GCJ)], [AC_PROVIDE_IFELSE([A][M_PROG_GCJ], [LT_LANG(GCJ)], [AC_PROVIDE_IFELSE([LT_PROG_GCJ], [LT_LANG(GCJ)], [m4_ifdef([AC_PROG_GCJ], [m4_define([AC_PROG_GCJ], defn([AC_PROG_GCJ])[LT_LANG(GCJ)])]) m4_ifdef([A][M_PROG_GCJ], [m4_define([A][M_PROG_GCJ], defn([A][M_PROG_GCJ])[LT_LANG(GCJ)])]) m4_ifdef([LT_PROG_GCJ], [m4_define([LT_PROG_GCJ], defn([LT_PROG_GCJ])[LT_LANG(GCJ)])])])])]) AC_PROVIDE_IFELSE([AC_PROG_GO], [LT_LANG(GO)], [m4_define([AC_PROG_GO], defn([AC_PROG_GO])[LT_LANG(GO)])]) AC_PROVIDE_IFELSE([LT_PROG_RC], [LT_LANG(RC)], [m4_define([LT_PROG_RC], defn([LT_PROG_RC])[LT_LANG(RC)])]) ])# _LT_LANG_DEFAULT_CONFIG # Obsolete macros: AU_DEFUN([AC_LIBTOOL_CXX], [LT_LANG(C++)]) AU_DEFUN([AC_LIBTOOL_F77], [LT_LANG(Fortran 77)]) AU_DEFUN([AC_LIBTOOL_FC], [LT_LANG(Fortran)]) AU_DEFUN([AC_LIBTOOL_GCJ], [LT_LANG(Java)]) AU_DEFUN([AC_LIBTOOL_RC], [LT_LANG(Windows Resource)]) dnl aclocal-1.4 backwards compatibility: dnl AC_DEFUN([AC_LIBTOOL_CXX], []) dnl AC_DEFUN([AC_LIBTOOL_F77], []) dnl AC_DEFUN([AC_LIBTOOL_FC], []) dnl AC_DEFUN([AC_LIBTOOL_GCJ], []) dnl AC_DEFUN([AC_LIBTOOL_RC], []) # _LT_TAG_COMPILER # ---------------- m4_defun([_LT_TAG_COMPILER], [AC_REQUIRE([AC_PROG_CC])dnl _LT_DECL([LTCC], [CC], [1], [A C compiler])dnl _LT_DECL([LTCFLAGS], [CFLAGS], [1], [LTCC compiler flags])dnl _LT_TAGDECL([CC], [compiler], [1], [A language specific compiler])dnl _LT_TAGDECL([with_gcc], [GCC], [0], [Is the compiler the GNU compiler?])dnl # If no C compiler was specified, use CC. LTCC=${LTCC-"$CC"} # If no C compiler flags were specified, use CFLAGS. LTCFLAGS=${LTCFLAGS-"$CFLAGS"} # Allow CC to be a program name with arguments. compiler=$CC ])# _LT_TAG_COMPILER # _LT_COMPILER_BOILERPLATE # ------------------------ # Check for compiler boilerplate output or warnings with # the simple compiler test code. m4_defun([_LT_COMPILER_BOILERPLATE], [m4_require([_LT_DECL_SED])dnl ac_outfile=conftest.$ac_objext echo "$lt_simple_compile_test_code" >conftest.$ac_ext eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err _lt_compiler_boilerplate=`cat conftest.err` $RM conftest* ])# _LT_COMPILER_BOILERPLATE # _LT_LINKER_BOILERPLATE # ---------------------- # Check for linker boilerplate output or warnings with # the simple link test code. m4_defun([_LT_LINKER_BOILERPLATE], [m4_require([_LT_DECL_SED])dnl ac_outfile=conftest.$ac_objext echo "$lt_simple_link_test_code" >conftest.$ac_ext eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err _lt_linker_boilerplate=`cat conftest.err` $RM -r conftest* ])# _LT_LINKER_BOILERPLATE # _LT_REQUIRED_DARWIN_CHECKS # ------------------------- m4_defun_once([_LT_REQUIRED_DARWIN_CHECKS],[ case $host_os in rhapsody* | darwin*) AC_CHECK_TOOL([DSYMUTIL], [dsymutil], [:]) AC_CHECK_TOOL([NMEDIT], [nmedit], [:]) AC_CHECK_TOOL([LIPO], [lipo], [:]) AC_CHECK_TOOL([OTOOL], [otool], [:]) AC_CHECK_TOOL([OTOOL64], [otool64], [:]) _LT_DECL([], [DSYMUTIL], [1], [Tool to manipulate archived DWARF debug symbol files on Mac OS X]) _LT_DECL([], [NMEDIT], [1], [Tool to change global to local symbols on Mac OS X]) _LT_DECL([], [LIPO], [1], [Tool to manipulate fat objects and archives on Mac OS X]) _LT_DECL([], [OTOOL], [1], [ldd/readelf like tool for Mach-O binaries on Mac OS X]) _LT_DECL([], [OTOOL64], [1], [ldd/readelf like tool for 64 bit Mach-O binaries on Mac OS X 10.4]) AC_CACHE_CHECK([for -single_module linker flag],[lt_cv_apple_cc_single_mod], [lt_cv_apple_cc_single_mod=no if test -z "$LT_MULTI_MODULE"; then # By default we will add the -single_module flag. You can override # by either setting the environment variable LT_MULTI_MODULE # non-empty at configure time, or by adding -multi_module to the # link flags. rm -rf libconftest.dylib* echo "int foo(void){return 1;}" > conftest.c echo "$LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \ -dynamiclib -Wl,-single_module conftest.c" >&AS_MESSAGE_LOG_FD $LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \ -dynamiclib -Wl,-single_module conftest.c 2>conftest.err _lt_result=$? # If there is a non-empty error log, and "single_module" # appears in it, assume the flag caused a linker warning if test -s conftest.err && $GREP single_module conftest.err; then cat conftest.err >&AS_MESSAGE_LOG_FD # Otherwise, if the output was created with a 0 exit code from # the compiler, it worked. elif test -f libconftest.dylib && test 0 = "$_lt_result"; then lt_cv_apple_cc_single_mod=yes else cat conftest.err >&AS_MESSAGE_LOG_FD fi rm -rf libconftest.dylib* rm -f conftest.* fi]) AC_CACHE_CHECK([for -exported_symbols_list linker flag], [lt_cv_ld_exported_symbols_list], [lt_cv_ld_exported_symbols_list=no save_LDFLAGS=$LDFLAGS echo "_main" > conftest.sym LDFLAGS="$LDFLAGS -Wl,-exported_symbols_list,conftest.sym" AC_LINK_IFELSE([AC_LANG_PROGRAM([],[])], [lt_cv_ld_exported_symbols_list=yes], [lt_cv_ld_exported_symbols_list=no]) LDFLAGS=$save_LDFLAGS ]) AC_CACHE_CHECK([for -force_load linker flag],[lt_cv_ld_force_load], [lt_cv_ld_force_load=no cat > conftest.c << _LT_EOF int forced_loaded() { return 2;} _LT_EOF echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&AS_MESSAGE_LOG_FD $LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&AS_MESSAGE_LOG_FD echo "$AR $AR_FLAGS libconftest.a conftest.o" >&AS_MESSAGE_LOG_FD $AR $AR_FLAGS libconftest.a conftest.o 2>&AS_MESSAGE_LOG_FD echo "$RANLIB libconftest.a" >&AS_MESSAGE_LOG_FD $RANLIB libconftest.a 2>&AS_MESSAGE_LOG_FD cat > conftest.c << _LT_EOF int main() { return 0;} _LT_EOF echo "$LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a" >&AS_MESSAGE_LOG_FD $LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a 2>conftest.err _lt_result=$? if test -s conftest.err && $GREP force_load conftest.err; then cat conftest.err >&AS_MESSAGE_LOG_FD elif test -f conftest && test 0 = "$_lt_result" && $GREP forced_load conftest >/dev/null 2>&1; then lt_cv_ld_force_load=yes else cat conftest.err >&AS_MESSAGE_LOG_FD fi rm -f conftest.err libconftest.a conftest conftest.c rm -rf conftest.dSYM ]) case $host_os in rhapsody* | darwin1.[[012]]) _lt_dar_allow_undefined='$wl-undefined ${wl}suppress' ;; darwin1.*) _lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;; darwin*) case $MACOSX_DEPLOYMENT_TARGET,$host in 10.[[012]],*|,*powerpc*-darwin[[5-8]]*) _lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;; *) _lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;; esac ;; esac if test yes = "$lt_cv_apple_cc_single_mod"; then _lt_dar_single_mod='$single_module' fi if test yes = "$lt_cv_ld_exported_symbols_list"; then _lt_dar_export_syms=' $wl-exported_symbols_list,$output_objdir/$libname-symbols.expsym' else _lt_dar_export_syms='~$NMEDIT -s $output_objdir/$libname-symbols.expsym $lib' fi if test : != "$DSYMUTIL" && test no = "$lt_cv_ld_force_load"; then _lt_dsymutil='~$DSYMUTIL $lib || :' else _lt_dsymutil= fi ;; esac ]) # _LT_DARWIN_LINKER_FEATURES([TAG]) # --------------------------------- # Checks for linker and compiler features on darwin m4_defun([_LT_DARWIN_LINKER_FEATURES], [ m4_require([_LT_REQUIRED_DARWIN_CHECKS]) _LT_TAGVAR(archive_cmds_need_lc, $1)=no _LT_TAGVAR(hardcode_direct, $1)=no _LT_TAGVAR(hardcode_automatic, $1)=yes _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported if test yes = "$lt_cv_ld_force_load"; then _LT_TAGVAR(whole_archive_flag_spec, $1)='`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience $wl-force_load,$conv\"; done; func_echo_all \"$new_convenience\"`' m4_case([$1], [F77], [_LT_TAGVAR(compiler_needs_object, $1)=yes], [FC], [_LT_TAGVAR(compiler_needs_object, $1)=yes]) else _LT_TAGVAR(whole_archive_flag_spec, $1)='' fi _LT_TAGVAR(link_all_deplibs, $1)=yes _LT_TAGVAR(allow_undefined_flag, $1)=$_lt_dar_allow_undefined case $cc_basename in ifort*|nagfor*) _lt_dar_can_shared=yes ;; *) _lt_dar_can_shared=$GCC ;; esac if test yes = "$_lt_dar_can_shared"; then output_verbose_link_cmd=func_echo_all _LT_TAGVAR(archive_cmds, $1)="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod$_lt_dsymutil" _LT_TAGVAR(module_cmds, $1)="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags$_lt_dsymutil" _LT_TAGVAR(archive_expsym_cmds, $1)="$SED 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod$_lt_dar_export_syms$_lt_dsymutil" _LT_TAGVAR(module_expsym_cmds, $1)="$SED -e 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags$_lt_dar_export_syms$_lt_dsymutil" m4_if([$1], [CXX], [ if test yes != "$lt_cv_apple_cc_single_mod"; then _LT_TAGVAR(archive_cmds, $1)="\$CC -r -keep_private_externs -nostdlib -o \$lib-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$lib-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring$_lt_dsymutil" _LT_TAGVAR(archive_expsym_cmds, $1)="$SED 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC -r -keep_private_externs -nostdlib -o \$lib-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$lib-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring$_lt_dar_export_syms$_lt_dsymutil" fi ],[]) else _LT_TAGVAR(ld_shlibs, $1)=no fi ]) # _LT_SYS_MODULE_PATH_AIX([TAGNAME]) # ---------------------------------- # Links a minimal program and checks the executable # for the system default hardcoded library path. In most cases, # this is /usr/lib:/lib, but when the MPI compilers are used # the location of the communication and MPI libs are included too. # If we don't find anything, use the default library path according # to the aix ld manual. # Store the results from the different compilers for each TAGNAME. # Allow to override them for all tags through lt_cv_aix_libpath. m4_defun([_LT_SYS_MODULE_PATH_AIX], [m4_require([_LT_DECL_SED])dnl if test set = "${lt_cv_aix_libpath+set}"; then aix_libpath=$lt_cv_aix_libpath else AC_CACHE_VAL([_LT_TAGVAR([lt_cv_aix_libpath_], [$1])], [AC_LINK_IFELSE([AC_LANG_PROGRAM],[ lt_aix_libpath_sed='[ /Import File Strings/,/^$/ { /^0/ { s/^0 *\([^ ]*\) *$/\1/ p } }]' _LT_TAGVAR([lt_cv_aix_libpath_], [$1])=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` # Check for a 64-bit object if we didn't find anything. if test -z "$_LT_TAGVAR([lt_cv_aix_libpath_], [$1])"; then _LT_TAGVAR([lt_cv_aix_libpath_], [$1])=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` fi],[]) if test -z "$_LT_TAGVAR([lt_cv_aix_libpath_], [$1])"; then _LT_TAGVAR([lt_cv_aix_libpath_], [$1])=/usr/lib:/lib fi ]) aix_libpath=$_LT_TAGVAR([lt_cv_aix_libpath_], [$1]) fi ])# _LT_SYS_MODULE_PATH_AIX # _LT_SHELL_INIT(ARG) # ------------------- m4_define([_LT_SHELL_INIT], [m4_divert_text([M4SH-INIT], [$1 ])])# _LT_SHELL_INIT # _LT_PROG_ECHO_BACKSLASH # ----------------------- # Find how we can fake an echo command that does not interpret backslash. # In particular, with Autoconf 2.60 or later we add some code to the start # of the generated configure script that will find a shell with a builtin # printf (that we can use as an echo command). m4_defun([_LT_PROG_ECHO_BACKSLASH], [ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO AC_MSG_CHECKING([how to print strings]) # Test print first, because it will be a builtin if present. if test "X`( print -r -- -n ) 2>/dev/null`" = X-n && \ test "X`print -r -- $ECHO 2>/dev/null`" = "X$ECHO"; then ECHO='print -r --' elif test "X`printf %s $ECHO 2>/dev/null`" = "X$ECHO"; then ECHO='printf %s\n' else # Use this function as a fallback that always works. func_fallback_echo () { eval 'cat <<_LTECHO_EOF $[]1 _LTECHO_EOF' } ECHO='func_fallback_echo' fi # func_echo_all arg... # Invoke $ECHO with all args, space-separated. func_echo_all () { $ECHO "$*" } case $ECHO in printf*) AC_MSG_RESULT([printf]) ;; print*) AC_MSG_RESULT([print -r]) ;; *) AC_MSG_RESULT([cat]) ;; esac m4_ifdef([_AS_DETECT_SUGGESTED], [_AS_DETECT_SUGGESTED([ test -n "${ZSH_VERSION+set}${BASH_VERSION+set}" || ( ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO PATH=/empty FPATH=/empty; export PATH FPATH test "X`printf %s $ECHO`" = "X$ECHO" \ || test "X`print -r -- $ECHO`" = "X$ECHO" )])]) _LT_DECL([], [SHELL], [1], [Shell to use when invoking shell scripts]) _LT_DECL([], [ECHO], [1], [An echo program that protects backslashes]) ])# _LT_PROG_ECHO_BACKSLASH # _LT_WITH_SYSROOT # ---------------- AC_DEFUN([_LT_WITH_SYSROOT], [m4_require([_LT_DECL_SED])dnl AC_MSG_CHECKING([for sysroot]) AC_ARG_WITH([sysroot], [AS_HELP_STRING([--with-sysroot@<:@=DIR@:>@], [Search for dependent libraries within DIR (or the compiler's sysroot if not specified).])], [], [with_sysroot=no]) dnl lt_sysroot will always be passed unquoted. We quote it here dnl in case the user passed a directory name. lt_sysroot= case $with_sysroot in #( yes) if test yes = "$GCC"; then lt_sysroot=`$CC --print-sysroot 2>/dev/null` fi ;; #( /*) lt_sysroot=`echo "$with_sysroot" | $SED -e "$sed_quote_subst"` ;; #( no|'') ;; #( *) AC_MSG_RESULT([$with_sysroot]) AC_MSG_ERROR([The sysroot must be an absolute path.]) ;; esac AC_MSG_RESULT([${lt_sysroot:-no}]) _LT_DECL([], [lt_sysroot], [0], [The root where to search for ]dnl [dependent libraries, and where our libraries should be installed.])]) # _LT_ENABLE_LOCK # --------------- m4_defun([_LT_ENABLE_LOCK], [AC_ARG_ENABLE([libtool-lock], [AS_HELP_STRING([--disable-libtool-lock], [avoid locking (might break parallel builds)])]) test no = "$enable_libtool_lock" || enable_libtool_lock=yes # Some flags need to be propagated to the compiler or linker for good # libtool support. case $host in ia64-*-hpux*) # Find out what ABI is being produced by ac_compile, and set mode # options accordingly. echo 'int i;' > conftest.$ac_ext if AC_TRY_EVAL(ac_compile); then case `$FILECMD conftest.$ac_objext` in *ELF-32*) HPUX_IA64_MODE=32 ;; *ELF-64*) HPUX_IA64_MODE=64 ;; esac fi rm -rf conftest* ;; *-*-irix6*) # Find out what ABI is being produced by ac_compile, and set linker # options accordingly. echo '[#]line '$LINENO' "configure"' > conftest.$ac_ext if AC_TRY_EVAL(ac_compile); then if test yes = "$lt_cv_prog_gnu_ld"; then case `$FILECMD conftest.$ac_objext` in *32-bit*) LD="${LD-ld} -melf32bsmip" ;; *N32*) LD="${LD-ld} -melf32bmipn32" ;; *64-bit*) LD="${LD-ld} -melf64bmip" ;; esac else case `$FILECMD conftest.$ac_objext` in *32-bit*) LD="${LD-ld} -32" ;; *N32*) LD="${LD-ld} -n32" ;; *64-bit*) LD="${LD-ld} -64" ;; esac fi fi rm -rf conftest* ;; mips64*-*linux*) # Find out what ABI is being produced by ac_compile, and set linker # options accordingly. echo '[#]line '$LINENO' "configure"' > conftest.$ac_ext if AC_TRY_EVAL(ac_compile); then emul=elf case `$FILECMD conftest.$ac_objext` in *32-bit*) emul="${emul}32" ;; *64-bit*) emul="${emul}64" ;; esac case `$FILECMD conftest.$ac_objext` in *MSB*) emul="${emul}btsmip" ;; *LSB*) emul="${emul}ltsmip" ;; esac case `$FILECMD conftest.$ac_objext` in *N32*) emul="${emul}n32" ;; esac LD="${LD-ld} -m $emul" fi rm -rf conftest* ;; x86_64-*kfreebsd*-gnu|x86_64-*linux*|powerpc*-*linux*| \ s390*-*linux*|s390*-*tpf*|sparc*-*linux*) # Find out what ABI is being produced by ac_compile, and set linker # options accordingly. Note that the listed cases only cover the # situations where additional linker options are needed (such as when # doing 32-bit compilation for a host where ld defaults to 64-bit, or # vice versa); the common cases where no linker options are needed do # not appear in the list. echo 'int i;' > conftest.$ac_ext if AC_TRY_EVAL(ac_compile); then case `$FILECMD conftest.o` in *32-bit*) case $host in x86_64-*kfreebsd*-gnu) LD="${LD-ld} -m elf_i386_fbsd" ;; x86_64-*linux*) case `$FILECMD conftest.o` in *x86-64*) LD="${LD-ld} -m elf32_x86_64" ;; *) LD="${LD-ld} -m elf_i386" ;; esac ;; powerpc64le-*linux*) LD="${LD-ld} -m elf32lppclinux" ;; powerpc64-*linux*) LD="${LD-ld} -m elf32ppclinux" ;; s390x-*linux*) LD="${LD-ld} -m elf_s390" ;; sparc64-*linux*) LD="${LD-ld} -m elf32_sparc" ;; esac ;; *64-bit*) case $host in x86_64-*kfreebsd*-gnu) LD="${LD-ld} -m elf_x86_64_fbsd" ;; x86_64-*linux*) LD="${LD-ld} -m elf_x86_64" ;; powerpcle-*linux*) LD="${LD-ld} -m elf64lppc" ;; powerpc-*linux*) LD="${LD-ld} -m elf64ppc" ;; s390*-*linux*|s390*-*tpf*) LD="${LD-ld} -m elf64_s390" ;; sparc*-*linux*) LD="${LD-ld} -m elf64_sparc" ;; esac ;; esac fi rm -rf conftest* ;; *-*-sco3.2v5*) # On SCO OpenServer 5, we need -belf to get full-featured binaries. SAVE_CFLAGS=$CFLAGS CFLAGS="$CFLAGS -belf" AC_CACHE_CHECK([whether the C compiler needs -belf], lt_cv_cc_needs_belf, [AC_LANG_PUSH(C) AC_LINK_IFELSE([AC_LANG_PROGRAM([[]],[[]])],[lt_cv_cc_needs_belf=yes],[lt_cv_cc_needs_belf=no]) AC_LANG_POP]) if test yes != "$lt_cv_cc_needs_belf"; then # this is probably gcc 2.8.0, egcs 1.0 or newer; no need for -belf CFLAGS=$SAVE_CFLAGS fi ;; *-*solaris*) # Find out what ABI is being produced by ac_compile, and set linker # options accordingly. echo 'int i;' > conftest.$ac_ext if AC_TRY_EVAL(ac_compile); then case `$FILECMD conftest.o` in *64-bit*) case $lt_cv_prog_gnu_ld in yes*) case $host in i?86-*-solaris*|x86_64-*-solaris*) LD="${LD-ld} -m elf_x86_64" ;; sparc*-*-solaris*) LD="${LD-ld} -m elf64_sparc" ;; esac # GNU ld 2.21 introduced _sol2 emulations. Use them if available. if ${LD-ld} -V | grep _sol2 >/dev/null 2>&1; then LD=${LD-ld}_sol2 fi ;; *) if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then LD="${LD-ld} -64" fi ;; esac ;; esac fi rm -rf conftest* ;; esac need_locks=$enable_libtool_lock ])# _LT_ENABLE_LOCK # _LT_PROG_AR # ----------- m4_defun([_LT_PROG_AR], [AC_CHECK_TOOLS(AR, [ar], false) : ${AR=ar} _LT_DECL([], [AR], [1], [The archiver]) # Use ARFLAGS variable as AR's operation code to sync the variable naming with # Automake. If both AR_FLAGS and ARFLAGS are specified, AR_FLAGS should have # higher priority because thats what people were doing historically (setting # ARFLAGS for automake and AR_FLAGS for libtool). FIXME: Make the AR_FLAGS # variable obsoleted/removed. test ${AR_FLAGS+y} || AR_FLAGS=${ARFLAGS-cr} lt_ar_flags=$AR_FLAGS _LT_DECL([], [lt_ar_flags], [0], [Flags to create an archive (by configure)]) # Make AR_FLAGS overridable by 'make ARFLAGS='. Don't try to run-time override # by AR_FLAGS because that was never working and AR_FLAGS is about to die. _LT_DECL([], [AR_FLAGS], [\@S|@{ARFLAGS-"\@S|@lt_ar_flags"}], [Flags to create an archive]) AC_CACHE_CHECK([for archiver @FILE support], [lt_cv_ar_at_file], [lt_cv_ar_at_file=no AC_COMPILE_IFELSE([AC_LANG_PROGRAM], [echo conftest.$ac_objext > conftest.lst lt_ar_try='$AR $AR_FLAGS libconftest.a @conftest.lst >&AS_MESSAGE_LOG_FD' AC_TRY_EVAL([lt_ar_try]) if test 0 -eq "$ac_status"; then # Ensure the archiver fails upon bogus file names. rm -f conftest.$ac_objext libconftest.a AC_TRY_EVAL([lt_ar_try]) if test 0 -ne "$ac_status"; then lt_cv_ar_at_file=@ fi fi rm -f conftest.* libconftest.a ]) ]) if test no = "$lt_cv_ar_at_file"; then archiver_list_spec= else archiver_list_spec=$lt_cv_ar_at_file fi _LT_DECL([], [archiver_list_spec], [1], [How to feed a file listing to the archiver]) ])# _LT_PROG_AR # _LT_CMD_OLD_ARCHIVE # ------------------- m4_defun([_LT_CMD_OLD_ARCHIVE], [_LT_PROG_AR AC_CHECK_TOOL(STRIP, strip, :) test -z "$STRIP" && STRIP=: _LT_DECL([], [STRIP], [1], [A symbol stripping program]) AC_CHECK_TOOL(RANLIB, ranlib, :) test -z "$RANLIB" && RANLIB=: _LT_DECL([], [RANLIB], [1], [Commands used to install an old-style archive]) # Determine commands to create old-style static archives. old_archive_cmds='$AR $AR_FLAGS $oldlib$oldobjs' old_postinstall_cmds='chmod 644 $oldlib' old_postuninstall_cmds= if test -n "$RANLIB"; then case $host_os in bitrig* | openbsd*) old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$tool_oldlib" ;; *) old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$tool_oldlib" ;; esac old_archive_cmds="$old_archive_cmds~\$RANLIB \$tool_oldlib" fi case $host_os in darwin*) lock_old_archive_extraction=yes ;; *) lock_old_archive_extraction=no ;; esac _LT_DECL([], [old_postinstall_cmds], [2]) _LT_DECL([], [old_postuninstall_cmds], [2]) _LT_TAGDECL([], [old_archive_cmds], [2], [Commands used to build an old-style archive]) _LT_DECL([], [lock_old_archive_extraction], [0], [Whether to use a lock for old archive extraction]) ])# _LT_CMD_OLD_ARCHIVE # _LT_COMPILER_OPTION(MESSAGE, VARIABLE-NAME, FLAGS, # [OUTPUT-FILE], [ACTION-SUCCESS], [ACTION-FAILURE]) # ---------------------------------------------------------------- # Check whether the given compiler option works AC_DEFUN([_LT_COMPILER_OPTION], [m4_require([_LT_FILEUTILS_DEFAULTS])dnl m4_require([_LT_DECL_SED])dnl AC_CACHE_CHECK([$1], [$2], [$2=no m4_if([$4], , [ac_outfile=conftest.$ac_objext], [ac_outfile=$4]) echo "$lt_simple_compile_test_code" > conftest.$ac_ext lt_compiler_flag="$3" ## exclude from sc_useless_quotes_in_assignment # Insert the option either (1) after the last *FLAGS variable, or # (2) before a word containing "conftest.", or (3) at the end. # Note that $ac_compile itself does not contain backslashes and begins # with a dollar sign (not a hyphen), so the echo should work correctly. # The option is referenced via a variable to avoid confusing sed. lt_compile=`echo "$ac_compile" | $SED \ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&AS_MESSAGE_LOG_FD) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&AS_MESSAGE_LOG_FD echo "$as_me:$LINENO: \$? = $ac_status" >&AS_MESSAGE_LOG_FD if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' >conftest.exp $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then $2=yes fi fi $RM conftest* ]) if test yes = "[$]$2"; then m4_if([$5], , :, [$5]) else m4_if([$6], , :, [$6]) fi ])# _LT_COMPILER_OPTION # Old name: AU_ALIAS([AC_LIBTOOL_COMPILER_OPTION], [_LT_COMPILER_OPTION]) dnl aclocal-1.4 backwards compatibility: dnl AC_DEFUN([AC_LIBTOOL_COMPILER_OPTION], []) # _LT_LINKER_OPTION(MESSAGE, VARIABLE-NAME, FLAGS, # [ACTION-SUCCESS], [ACTION-FAILURE]) # ---------------------------------------------------- # Check whether the given linker option works AC_DEFUN([_LT_LINKER_OPTION], [m4_require([_LT_FILEUTILS_DEFAULTS])dnl m4_require([_LT_DECL_SED])dnl AC_CACHE_CHECK([$1], [$2], [$2=no save_LDFLAGS=$LDFLAGS LDFLAGS="$LDFLAGS $3" echo "$lt_simple_link_test_code" > conftest.$ac_ext if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then # The linker can only warn and ignore the option if not recognized # So say no if there are warnings if test -s conftest.err; then # Append any errors to the config.log. cat conftest.err 1>&AS_MESSAGE_LOG_FD $ECHO "$_lt_linker_boilerplate" | $SED '/^$/d' > conftest.exp $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 if diff conftest.exp conftest.er2 >/dev/null; then $2=yes fi else $2=yes fi fi $RM -r conftest* LDFLAGS=$save_LDFLAGS ]) if test yes = "[$]$2"; then m4_if([$4], , :, [$4]) else m4_if([$5], , :, [$5]) fi ])# _LT_LINKER_OPTION # Old name: AU_ALIAS([AC_LIBTOOL_LINKER_OPTION], [_LT_LINKER_OPTION]) dnl aclocal-1.4 backwards compatibility: dnl AC_DEFUN([AC_LIBTOOL_LINKER_OPTION], []) # LT_CMD_MAX_LEN #--------------- AC_DEFUN([LT_CMD_MAX_LEN], [AC_REQUIRE([AC_CANONICAL_HOST])dnl # find the maximum length of command line arguments AC_MSG_CHECKING([the maximum length of command line arguments]) AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl i=0 teststring=ABCD case $build_os in msdosdjgpp*) # On DJGPP, this test can blow up pretty badly due to problems in libc # (any single argument exceeding 2000 bytes causes a buffer overrun # during glob expansion). Even if it were fixed, the result of this # check would be larger than it should be. lt_cv_sys_max_cmd_len=12288; # 12K is about right ;; gnu*) # Under GNU Hurd, this test is not required because there is # no limit to the length of command line arguments. # Libtool will interpret -1 as no limit whatsoever lt_cv_sys_max_cmd_len=-1; ;; cygwin* | mingw* | cegcc*) # On Win9x/ME, this test blows up -- it succeeds, but takes # about 5 minutes as the teststring grows exponentially. # Worse, since 9x/ME are not pre-emptively multitasking, # you end up with a "frozen" computer, even though with patience # the test eventually succeeds (with a max line length of 256k). # Instead, let's just punt: use the minimum linelength reported by # all of the supported platforms: 8192 (on NT/2K/XP). lt_cv_sys_max_cmd_len=8192; ;; mint*) # On MiNT this can take a long time and run out of memory. lt_cv_sys_max_cmd_len=8192; ;; amigaos*) # On AmigaOS with pdksh, this test takes hours, literally. # So we just punt and use a minimum line length of 8192. lt_cv_sys_max_cmd_len=8192; ;; bitrig* | darwin* | dragonfly* | freebsd* | midnightbsd* | netbsd* | openbsd*) # This has been around since 386BSD, at least. Likely further. if test -x /sbin/sysctl; then lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax` elif test -x /usr/sbin/sysctl; then lt_cv_sys_max_cmd_len=`/usr/sbin/sysctl -n kern.argmax` else lt_cv_sys_max_cmd_len=65536 # usable default for all BSDs fi # And add a safety zone lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3` ;; interix*) # We know the value 262144 and hardcode it with a safety zone (like BSD) lt_cv_sys_max_cmd_len=196608 ;; os2*) # The test takes a long time on OS/2. lt_cv_sys_max_cmd_len=8192 ;; osf*) # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not # nice to cause kernel panics so lets avoid the loop below. # First set a reasonable default. lt_cv_sys_max_cmd_len=16384 # if test -x /sbin/sysconfig; then case `/sbin/sysconfig -q proc exec_disable_arg_limit` in *1*) lt_cv_sys_max_cmd_len=-1 ;; esac fi ;; sco3.2v5*) lt_cv_sys_max_cmd_len=102400 ;; sysv5* | sco5v6* | sysv4.2uw2*) kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null` if test -n "$kargmax"; then lt_cv_sys_max_cmd_len=`echo $kargmax | $SED 's/.*[[ ]]//'` else lt_cv_sys_max_cmd_len=32768 fi ;; *) lt_cv_sys_max_cmd_len=`(getconf ARG_MAX) 2> /dev/null` if test -n "$lt_cv_sys_max_cmd_len" && \ test undefined != "$lt_cv_sys_max_cmd_len"; then lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3` else # Make teststring a little bigger before we do anything with it. # a 1K string should be a reasonable start. for i in 1 2 3 4 5 6 7 8; do teststring=$teststring$teststring done SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}} # If test is not a shell built-in, we'll probably end up computing a # maximum length that is only half of the actual maximum length, but # we can't tell. while { test X`env echo "$teststring$teststring" 2>/dev/null` \ = "X$teststring$teststring"; } >/dev/null 2>&1 && test 17 != "$i" # 1/2 MB should be enough do i=`expr $i + 1` teststring=$teststring$teststring done # Only check the string length outside the loop. lt_cv_sys_max_cmd_len=`expr "X$teststring" : ".*" 2>&1` teststring= # Add a significant safety factor because C++ compilers can tack on # massive amounts of additional arguments before passing them to the # linker. It appears as though 1/2 is a usable value. lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 2` fi ;; esac ]) if test -n "$lt_cv_sys_max_cmd_len"; then AC_MSG_RESULT($lt_cv_sys_max_cmd_len) else AC_MSG_RESULT(none) fi max_cmd_len=$lt_cv_sys_max_cmd_len _LT_DECL([], [max_cmd_len], [0], [What is the maximum length of a command?]) ])# LT_CMD_MAX_LEN # Old name: AU_ALIAS([AC_LIBTOOL_SYS_MAX_CMD_LEN], [LT_CMD_MAX_LEN]) dnl aclocal-1.4 backwards compatibility: dnl AC_DEFUN([AC_LIBTOOL_SYS_MAX_CMD_LEN], []) # _LT_HEADER_DLFCN # ---------------- m4_defun([_LT_HEADER_DLFCN], [AC_CHECK_HEADERS([dlfcn.h], [], [], [AC_INCLUDES_DEFAULT])dnl ])# _LT_HEADER_DLFCN # _LT_TRY_DLOPEN_SELF (ACTION-IF-TRUE, ACTION-IF-TRUE-W-USCORE, # ACTION-IF-FALSE, ACTION-IF-CROSS-COMPILING) # ---------------------------------------------------------------- m4_defun([_LT_TRY_DLOPEN_SELF], [m4_require([_LT_HEADER_DLFCN])dnl if test yes = "$cross_compiling"; then : [$4] else lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown cat > conftest.$ac_ext <<_LT_EOF [#line $LINENO "configure" #include "confdefs.h" #if HAVE_DLFCN_H #include #endif #include #ifdef RTLD_GLOBAL # define LT_DLGLOBAL RTLD_GLOBAL #else # ifdef DL_GLOBAL # define LT_DLGLOBAL DL_GLOBAL # else # define LT_DLGLOBAL 0 # endif #endif /* We may have to define LT_DLLAZY_OR_NOW in the command line if we find out it does not work in some platform. */ #ifndef LT_DLLAZY_OR_NOW # ifdef RTLD_LAZY # define LT_DLLAZY_OR_NOW RTLD_LAZY # else # ifdef DL_LAZY # define LT_DLLAZY_OR_NOW DL_LAZY # else # ifdef RTLD_NOW # define LT_DLLAZY_OR_NOW RTLD_NOW # else # ifdef DL_NOW # define LT_DLLAZY_OR_NOW DL_NOW # else # define LT_DLLAZY_OR_NOW 0 # endif # endif # endif # endif #endif /* When -fvisibility=hidden is used, assume the code has been annotated correspondingly for the symbols needed. */ #if defined __GNUC__ && (((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 3)) int fnord () __attribute__((visibility("default"))); #endif int fnord () { return 42; } int main () { void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW); int status = $lt_dlunknown; if (self) { if (dlsym (self,"fnord")) status = $lt_dlno_uscore; else { if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore; else puts (dlerror ()); } /* dlclose (self); */ } else puts (dlerror ()); return status; }] _LT_EOF if AC_TRY_EVAL(ac_link) && test -s "conftest$ac_exeext" 2>/dev/null; then (./conftest; exit; ) >&AS_MESSAGE_LOG_FD 2>/dev/null lt_status=$? case x$lt_status in x$lt_dlno_uscore) $1 ;; x$lt_dlneed_uscore) $2 ;; x$lt_dlunknown|x*) $3 ;; esac else : # compilation failed $3 fi fi rm -fr conftest* ])# _LT_TRY_DLOPEN_SELF # LT_SYS_DLOPEN_SELF # ------------------ AC_DEFUN([LT_SYS_DLOPEN_SELF], [m4_require([_LT_HEADER_DLFCN])dnl if test yes != "$enable_dlopen"; then enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown else lt_cv_dlopen=no lt_cv_dlopen_libs= case $host_os in beos*) lt_cv_dlopen=load_add_on lt_cv_dlopen_libs= lt_cv_dlopen_self=yes ;; mingw* | pw32* | cegcc*) lt_cv_dlopen=LoadLibrary lt_cv_dlopen_libs= ;; cygwin*) lt_cv_dlopen=dlopen lt_cv_dlopen_libs= ;; darwin*) # if libdl is installed we need to link against it AC_CHECK_LIB([dl], [dlopen], [lt_cv_dlopen=dlopen lt_cv_dlopen_libs=-ldl],[ lt_cv_dlopen=dyld lt_cv_dlopen_libs= lt_cv_dlopen_self=yes ]) ;; tpf*) # Don't try to run any link tests for TPF. We know it's impossible # because TPF is a cross-compiler, and we know how we open DSOs. lt_cv_dlopen=dlopen lt_cv_dlopen_libs= lt_cv_dlopen_self=no ;; *) AC_CHECK_FUNC([shl_load], [lt_cv_dlopen=shl_load], [AC_CHECK_LIB([dld], [shl_load], [lt_cv_dlopen=shl_load lt_cv_dlopen_libs=-ldld], [AC_CHECK_FUNC([dlopen], [lt_cv_dlopen=dlopen], [AC_CHECK_LIB([dl], [dlopen], [lt_cv_dlopen=dlopen lt_cv_dlopen_libs=-ldl], [AC_CHECK_LIB([svld], [dlopen], [lt_cv_dlopen=dlopen lt_cv_dlopen_libs=-lsvld], [AC_CHECK_LIB([dld], [dld_link], [lt_cv_dlopen=dld_link lt_cv_dlopen_libs=-ldld]) ]) ]) ]) ]) ]) ;; esac if test no = "$lt_cv_dlopen"; then enable_dlopen=no else enable_dlopen=yes fi case $lt_cv_dlopen in dlopen) save_CPPFLAGS=$CPPFLAGS test yes = "$ac_cv_header_dlfcn_h" && CPPFLAGS="$CPPFLAGS -DHAVE_DLFCN_H" save_LDFLAGS=$LDFLAGS wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $export_dynamic_flag_spec\" save_LIBS=$LIBS LIBS="$lt_cv_dlopen_libs $LIBS" AC_CACHE_CHECK([whether a program can dlopen itself], lt_cv_dlopen_self, [dnl _LT_TRY_DLOPEN_SELF( lt_cv_dlopen_self=yes, lt_cv_dlopen_self=yes, lt_cv_dlopen_self=no, lt_cv_dlopen_self=cross) ]) if test yes = "$lt_cv_dlopen_self"; then wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $lt_prog_compiler_static\" AC_CACHE_CHECK([whether a statically linked program can dlopen itself], lt_cv_dlopen_self_static, [dnl _LT_TRY_DLOPEN_SELF( lt_cv_dlopen_self_static=yes, lt_cv_dlopen_self_static=yes, lt_cv_dlopen_self_static=no, lt_cv_dlopen_self_static=cross) ]) fi CPPFLAGS=$save_CPPFLAGS LDFLAGS=$save_LDFLAGS LIBS=$save_LIBS ;; esac case $lt_cv_dlopen_self in yes|no) enable_dlopen_self=$lt_cv_dlopen_self ;; *) enable_dlopen_self=unknown ;; esac case $lt_cv_dlopen_self_static in yes|no) enable_dlopen_self_static=$lt_cv_dlopen_self_static ;; *) enable_dlopen_self_static=unknown ;; esac fi _LT_DECL([dlopen_support], [enable_dlopen], [0], [Whether dlopen is supported]) _LT_DECL([dlopen_self], [enable_dlopen_self], [0], [Whether dlopen of programs is supported]) _LT_DECL([dlopen_self_static], [enable_dlopen_self_static], [0], [Whether dlopen of statically linked programs is supported]) ])# LT_SYS_DLOPEN_SELF # Old name: AU_ALIAS([AC_LIBTOOL_DLOPEN_SELF], [LT_SYS_DLOPEN_SELF]) dnl aclocal-1.4 backwards compatibility: dnl AC_DEFUN([AC_LIBTOOL_DLOPEN_SELF], []) # _LT_COMPILER_C_O([TAGNAME]) # --------------------------- # Check to see if options -c and -o are simultaneously supported by compiler. # This macro does not hard code the compiler like AC_PROG_CC_C_O. m4_defun([_LT_COMPILER_C_O], [m4_require([_LT_DECL_SED])dnl m4_require([_LT_FILEUTILS_DEFAULTS])dnl m4_require([_LT_TAG_COMPILER])dnl AC_CACHE_CHECK([if $compiler supports -c -o file.$ac_objext], [_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)], [_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)=no $RM -r conftest 2>/dev/null mkdir conftest cd conftest mkdir out echo "$lt_simple_compile_test_code" > conftest.$ac_ext lt_compiler_flag="-o out/conftest2.$ac_objext" # Insert the option either (1) after the last *FLAGS variable, or # (2) before a word containing "conftest.", or (3) at the end. # Note that $ac_compile itself does not contain backslashes and begins # with a dollar sign (not a hyphen), so the echo should work correctly. lt_compile=`echo "$ac_compile" | $SED \ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&AS_MESSAGE_LOG_FD) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&AS_MESSAGE_LOG_FD echo "$as_me:$LINENO: \$? = $ac_status" >&AS_MESSAGE_LOG_FD if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' > out/conftest.exp $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2 if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then _LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)=yes fi fi chmod u+w . 2>&AS_MESSAGE_LOG_FD $RM conftest* # SGI C++ compiler will create directory out/ii_files/ for # template instantiation test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files $RM out/* && rmdir out cd .. $RM -r conftest $RM conftest* ]) _LT_TAGDECL([compiler_c_o], [lt_cv_prog_compiler_c_o], [1], [Does compiler simultaneously support -c and -o options?]) ])# _LT_COMPILER_C_O # _LT_COMPILER_FILE_LOCKS([TAGNAME]) # ---------------------------------- # Check to see if we can do hard links to lock some files if needed m4_defun([_LT_COMPILER_FILE_LOCKS], [m4_require([_LT_ENABLE_LOCK])dnl m4_require([_LT_FILEUTILS_DEFAULTS])dnl _LT_COMPILER_C_O([$1]) hard_links=nottested if test no = "$_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)" && test no != "$need_locks"; then # do not overwrite the value of need_locks provided by the user AC_MSG_CHECKING([if we can lock with hard links]) hard_links=yes $RM conftest* ln conftest.a conftest.b 2>/dev/null && hard_links=no touch conftest.a ln conftest.a conftest.b 2>&5 || hard_links=no ln conftest.a conftest.b 2>/dev/null && hard_links=no AC_MSG_RESULT([$hard_links]) if test no = "$hard_links"; then AC_MSG_WARN(['$CC' does not support '-c -o', so 'make -j' may be unsafe]) need_locks=warn fi else need_locks=no fi _LT_DECL([], [need_locks], [1], [Must we lock files when doing compilation?]) ])# _LT_COMPILER_FILE_LOCKS # _LT_CHECK_OBJDIR # ---------------- m4_defun([_LT_CHECK_OBJDIR], [AC_CACHE_CHECK([for objdir], [lt_cv_objdir], [rm -f .libs 2>/dev/null mkdir .libs 2>/dev/null if test -d .libs; then lt_cv_objdir=.libs else # MS-DOS does not allow filenames that begin with a dot. lt_cv_objdir=_libs fi rmdir .libs 2>/dev/null]) objdir=$lt_cv_objdir _LT_DECL([], [objdir], [0], [The name of the directory that contains temporary libtool files])dnl m4_pattern_allow([LT_OBJDIR])dnl AC_DEFINE_UNQUOTED([LT_OBJDIR], "$lt_cv_objdir/", [Define to the sub-directory where libtool stores uninstalled libraries.]) ])# _LT_CHECK_OBJDIR # _LT_LINKER_HARDCODE_LIBPATH([TAGNAME]) # -------------------------------------- # Check hardcoding attributes. m4_defun([_LT_LINKER_HARDCODE_LIBPATH], [AC_MSG_CHECKING([how to hardcode library paths into programs]) _LT_TAGVAR(hardcode_action, $1)= if test -n "$_LT_TAGVAR(hardcode_libdir_flag_spec, $1)" || test -n "$_LT_TAGVAR(runpath_var, $1)" || test yes = "$_LT_TAGVAR(hardcode_automatic, $1)"; then # We can hardcode non-existent directories. if test no != "$_LT_TAGVAR(hardcode_direct, $1)" && # If the only mechanism to avoid hardcoding is shlibpath_var, we # have to relink, otherwise we might link with an installed library # when we should be linking with a yet-to-be-installed one ## test no != "$_LT_TAGVAR(hardcode_shlibpath_var, $1)" && test no != "$_LT_TAGVAR(hardcode_minus_L, $1)"; then # Linking always hardcodes the temporary library directory. _LT_TAGVAR(hardcode_action, $1)=relink else # We can link without hardcoding, and we can hardcode nonexisting dirs. _LT_TAGVAR(hardcode_action, $1)=immediate fi else # We cannot hardcode anything, or else we can only hardcode existing # directories. _LT_TAGVAR(hardcode_action, $1)=unsupported fi AC_MSG_RESULT([$_LT_TAGVAR(hardcode_action, $1)]) if test relink = "$_LT_TAGVAR(hardcode_action, $1)" || test yes = "$_LT_TAGVAR(inherit_rpath, $1)"; then # Fast installation is not supported enable_fast_install=no elif test yes = "$shlibpath_overrides_runpath" || test no = "$enable_shared"; then # Fast installation is not necessary enable_fast_install=needless fi _LT_TAGDECL([], [hardcode_action], [0], [How to hardcode a shared library path into an executable]) ])# _LT_LINKER_HARDCODE_LIBPATH # _LT_CMD_STRIPLIB # ---------------- m4_defun([_LT_CMD_STRIPLIB], [m4_require([_LT_DECL_EGREP]) striplib= old_striplib= AC_MSG_CHECKING([whether stripping libraries is possible]) if test -z "$STRIP"; then AC_MSG_RESULT([no]) else if $STRIP -V 2>&1 | $GREP "GNU strip" >/dev/null; then old_striplib="$STRIP --strip-debug" striplib="$STRIP --strip-unneeded" AC_MSG_RESULT([yes]) else case $host_os in darwin*) # FIXME - insert some real tests, host_os isn't really good enough striplib="$STRIP -x" old_striplib="$STRIP -S" AC_MSG_RESULT([yes]) ;; freebsd*) if $STRIP -V 2>&1 | $GREP "elftoolchain" >/dev/null; then old_striplib="$STRIP --strip-debug" striplib="$STRIP --strip-unneeded" AC_MSG_RESULT([yes]) else AC_MSG_RESULT([no]) fi ;; *) AC_MSG_RESULT([no]) ;; esac fi fi _LT_DECL([], [old_striplib], [1], [Commands to strip libraries]) _LT_DECL([], [striplib], [1]) ])# _LT_CMD_STRIPLIB # _LT_PREPARE_MUNGE_PATH_LIST # --------------------------- # Make sure func_munge_path_list() is defined correctly. m4_defun([_LT_PREPARE_MUNGE_PATH_LIST], [[# func_munge_path_list VARIABLE PATH # ----------------------------------- # VARIABLE is name of variable containing _space_ separated list of # directories to be munged by the contents of PATH, which is string # having a format: # "DIR[:DIR]:" # string "DIR[ DIR]" will be prepended to VARIABLE # ":DIR[:DIR]" # string "DIR[ DIR]" will be appended to VARIABLE # "DIRP[:DIRP]::[DIRA:]DIRA" # string "DIRP[ DIRP]" will be prepended to VARIABLE and string # "DIRA[ DIRA]" will be appended to VARIABLE # "DIR[:DIR]" # VARIABLE will be replaced by "DIR[ DIR]" func_munge_path_list () { case x@S|@2 in x) ;; *:) eval @S|@1=\"`$ECHO @S|@2 | $SED 's/:/ /g'` \@S|@@S|@1\" ;; x:*) eval @S|@1=\"\@S|@@S|@1 `$ECHO @S|@2 | $SED 's/:/ /g'`\" ;; *::*) eval @S|@1=\"\@S|@@S|@1\ `$ECHO @S|@2 | $SED -e 's/.*:://' -e 's/:/ /g'`\" eval @S|@1=\"`$ECHO @S|@2 | $SED -e 's/::.*//' -e 's/:/ /g'`\ \@S|@@S|@1\" ;; *) eval @S|@1=\"`$ECHO @S|@2 | $SED 's/:/ /g'`\" ;; esac } ]])# _LT_PREPARE_PATH_LIST # _LT_SYS_DYNAMIC_LINKER([TAG]) # ----------------------------- # PORTME Fill in your ld.so characteristics m4_defun([_LT_SYS_DYNAMIC_LINKER], [AC_REQUIRE([AC_CANONICAL_HOST])dnl m4_require([_LT_DECL_EGREP])dnl m4_require([_LT_FILEUTILS_DEFAULTS])dnl m4_require([_LT_DECL_OBJDUMP])dnl m4_require([_LT_DECL_SED])dnl m4_require([_LT_CHECK_SHELL_FEATURES])dnl m4_require([_LT_PREPARE_MUNGE_PATH_LIST])dnl AC_MSG_CHECKING([dynamic linker characteristics]) m4_if([$1], [], [ if test yes = "$GCC"; then case $host_os in darwin*) lt_awk_arg='/^libraries:/,/LR/' ;; *) lt_awk_arg='/^libraries:/' ;; esac case $host_os in mingw* | cegcc*) lt_sed_strip_eq='s|=\([[A-Za-z]]:\)|\1|g' ;; *) lt_sed_strip_eq='s|=/|/|g' ;; esac lt_search_path_spec=`$CC -print-search-dirs | awk $lt_awk_arg | $SED -e "s/^libraries://" -e $lt_sed_strip_eq` case $lt_search_path_spec in *\;*) # if the path contains ";" then we assume it to be the separator # otherwise default to the standard path separator (i.e. ":") - it is # assumed that no part of a normal pathname contains ";" but that should # okay in the real world where ";" in dirpaths is itself problematic. lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED 's/;/ /g'` ;; *) lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED "s/$PATH_SEPARATOR/ /g"` ;; esac # Ok, now we have the path, separated by spaces, we can step through it # and add multilib dir if necessary... lt_tmp_lt_search_path_spec= lt_multi_os_dir=/`$CC $CPPFLAGS $CFLAGS $LDFLAGS -print-multi-os-directory 2>/dev/null` # ...but if some path component already ends with the multilib dir we assume # that all is fine and trust -print-search-dirs as is (GCC 4.2? or newer). case "$lt_multi_os_dir; $lt_search_path_spec " in "/; "* | "/.; "* | "/./; "* | *"$lt_multi_os_dir "* | *"$lt_multi_os_dir/ "*) lt_multi_os_dir= ;; esac for lt_sys_path in $lt_search_path_spec; do if test -d "$lt_sys_path$lt_multi_os_dir"; then lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path$lt_multi_os_dir" elif test -n "$lt_multi_os_dir"; then test -d "$lt_sys_path" && \ lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path" fi done lt_search_path_spec=`$ECHO "$lt_tmp_lt_search_path_spec" | awk ' BEGIN {RS = " "; FS = "/|\n";} { lt_foo = ""; lt_count = 0; for (lt_i = NF; lt_i > 0; lt_i--) { if ($lt_i != "" && $lt_i != ".") { if ($lt_i == "..") { lt_count++; } else { if (lt_count == 0) { lt_foo = "/" $lt_i lt_foo; } else { lt_count--; } } } } if (lt_foo != "") { lt_freq[[lt_foo]]++; } if (lt_freq[[lt_foo]] == 1) { print lt_foo; } }'` # AWK program above erroneously prepends '/' to C:/dos/paths # for these hosts. case $host_os in mingw* | cegcc*) lt_search_path_spec=`$ECHO "$lt_search_path_spec" |\ $SED 's|/\([[A-Za-z]]:\)|\1|g'` ;; esac sys_lib_search_path_spec=`$ECHO "$lt_search_path_spec" | $lt_NL2SP` else sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib" fi]) library_names_spec= libname_spec='lib$name' soname_spec= shrext_cmds=.so postinstall_cmds= postuninstall_cmds= finish_cmds= finish_eval= shlibpath_var= shlibpath_overrides_runpath=unknown version_type=none dynamic_linker="$host_os ld.so" sys_lib_dlsearch_path_spec="/lib /usr/lib" need_lib_prefix=unknown hardcode_into_libs=no # when you set need_version to no, make sure it does not cause -set_version # flags to be left without arguments need_version=unknown AC_ARG_VAR([LT_SYS_LIBRARY_PATH], [User-defined run-time library search path.]) case $host_os in aix3*) version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='$libname$release$shared_ext$versuffix $libname.a' shlibpath_var=LIBPATH # AIX 3 has no versioning support, so we append a major version to the name. soname_spec='$libname$release$shared_ext$major' ;; aix[[4-9]]*) version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no hardcode_into_libs=yes if test ia64 = "$host_cpu"; then # AIX 5 supports IA64 library_names_spec='$libname$release$shared_ext$major $libname$release$shared_ext$versuffix $libname$shared_ext' shlibpath_var=LD_LIBRARY_PATH else # With GCC up to 2.95.x, collect2 would create an import file # for dependence libraries. The import file would start with # the line '#! .'. This would cause the generated library to # depend on '.', always an invalid library. This was fixed in # development snapshots of GCC prior to 3.0. case $host_os in aix4 | aix4.[[01]] | aix4.[[01]].*) if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)' echo ' yes ' echo '#endif'; } | $CC -E - | $GREP yes > /dev/null; then : else can_build_shared=no fi ;; esac # Using Import Files as archive members, it is possible to support # filename-based versioning of shared library archives on AIX. While # this would work for both with and without runtime linking, it will # prevent static linking of such archives. So we do filename-based # shared library versioning with .so extension only, which is used # when both runtime linking and shared linking is enabled. # Unfortunately, runtime linking may impact performance, so we do # not want this to be the default eventually. Also, we use the # versioned .so libs for executables only if there is the -brtl # linker flag in LDFLAGS as well, or --with-aix-soname=svr4 only. # To allow for filename-based versioning support, we need to create # libNAME.so.V as an archive file, containing: # *) an Import File, referring to the versioned filename of the # archive as well as the shared archive member, telling the # bitwidth (32 or 64) of that shared object, and providing the # list of exported symbols of that shared object, eventually # decorated with the 'weak' keyword # *) the shared object with the F_LOADONLY flag set, to really avoid # it being seen by the linker. # At run time we better use the real file rather than another symlink, # but for link time we create the symlink libNAME.so -> libNAME.so.V case $with_aix_soname,$aix_use_runtimelinking in # AIX (on Power*) has no versioning support, so currently we cannot hardcode correct # soname into executable. Probably we can add versioning support to # collect2, so additional links can be useful in future. aix,yes) # traditional libtool dynamic_linker='AIX unversionable lib.so' # If using run time linking (on AIX 4.2 or later) use lib.so # instead of lib.a to let people know that these are not # typical AIX shared libraries. library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext' ;; aix,no) # traditional AIX only dynamic_linker='AIX lib.a[(]lib.so.V[)]' # We preserve .a as extension for shared libraries through AIX4.2 # and later when we are not doing run time linking. library_names_spec='$libname$release.a $libname.a' soname_spec='$libname$release$shared_ext$major' ;; svr4,*) # full svr4 only dynamic_linker="AIX lib.so.V[(]$shared_archive_member_spec.o[)]" library_names_spec='$libname$release$shared_ext$major $libname$shared_ext' # We do not specify a path in Import Files, so LIBPATH fires. shlibpath_overrides_runpath=yes ;; *,yes) # both, prefer svr4 dynamic_linker="AIX lib.so.V[(]$shared_archive_member_spec.o[)], lib.a[(]lib.so.V[)]" library_names_spec='$libname$release$shared_ext$major $libname$shared_ext' # unpreferred sharedlib libNAME.a needs extra handling postinstall_cmds='test -n "$linkname" || linkname="$realname"~func_stripname "" ".so" "$linkname"~$install_shared_prog "$dir/$func_stripname_result.$libext" "$destdir/$func_stripname_result.$libext"~test -z "$tstripme" || test -z "$striplib" || $striplib "$destdir/$func_stripname_result.$libext"' postuninstall_cmds='for n in $library_names $old_library; do :; done~func_stripname "" ".so" "$n"~test "$func_stripname_result" = "$n" || func_append rmfiles " $odir/$func_stripname_result.$libext"' # We do not specify a path in Import Files, so LIBPATH fires. shlibpath_overrides_runpath=yes ;; *,no) # both, prefer aix dynamic_linker="AIX lib.a[(]lib.so.V[)], lib.so.V[(]$shared_archive_member_spec.o[)]" library_names_spec='$libname$release.a $libname.a' soname_spec='$libname$release$shared_ext$major' # unpreferred sharedlib libNAME.so.V and symlink libNAME.so need extra handling postinstall_cmds='test -z "$dlname" || $install_shared_prog $dir/$dlname $destdir/$dlname~test -z "$tstripme" || test -z "$striplib" || $striplib $destdir/$dlname~test -n "$linkname" || linkname=$realname~func_stripname "" ".a" "$linkname"~(cd "$destdir" && $LN_S -f $dlname $func_stripname_result.so)' postuninstall_cmds='test -z "$dlname" || func_append rmfiles " $odir/$dlname"~for n in $old_library $library_names; do :; done~func_stripname "" ".a" "$n"~func_append rmfiles " $odir/$func_stripname_result.so"' ;; esac shlibpath_var=LIBPATH fi ;; amigaos*) case $host_cpu in powerpc) # Since July 2007 AmigaOS4 officially supports .so libraries. # When compiling the executable, add -use-dynld -Lsobjs: to the compileline. library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext' ;; m68k) library_names_spec='$libname.ixlibrary $libname.a' # Create ${libname}_ixlibrary.a entries in /sys/libs. finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`func_echo_all "$lib" | $SED '\''s%^.*/\([[^/]]*\)\.ixlibrary$%\1%'\''`; $RM /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done' ;; esac ;; beos*) library_names_spec='$libname$shared_ext' dynamic_linker="$host_os ld.so" shlibpath_var=LIBRARY_PATH ;; bsdi[[45]]*) version_type=linux # correct to gnu/linux during the next big refactor need_version=no library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext' soname_spec='$libname$release$shared_ext$major' finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir' shlibpath_var=LD_LIBRARY_PATH sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib" sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib" # the default ld.so.conf also contains /usr/contrib/lib and # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow # libtool to hard-code these into programs ;; cygwin* | mingw* | pw32* | cegcc*) version_type=windows shrext_cmds=.dll need_version=no need_lib_prefix=no case $GCC,$cc_basename in yes,*) # gcc library_names_spec='$libname.dll.a' # DLL is installed to $(libdir)/../bin by postinstall_cmds postinstall_cmds='base_file=`basename \$file`~ dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\$base_file'\''i; echo \$dlname'\''`~ dldir=$destdir/`dirname \$dlpath`~ test -d \$dldir || mkdir -p \$dldir~ $install_prog $dir/$dlname \$dldir/$dlname~ chmod a+x \$dldir/$dlname~ if test -n '\''$stripme'\'' && test -n '\''$striplib'\''; then eval '\''$striplib \$dldir/$dlname'\'' || exit \$?; fi' postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~ dlpath=$dir/\$dldll~ $RM \$dlpath' shlibpath_overrides_runpath=yes case $host_os in cygwin*) # Cygwin DLLs use 'cyg' prefix rather than 'lib' soname_spec='`echo $libname | $SED -e 's/^lib/cyg/'``echo $release | $SED -e 's/[[.]]/-/g'`$versuffix$shared_ext' m4_if([$1], [],[ sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/lib/w32api"]) ;; mingw* | cegcc*) # MinGW DLLs use traditional 'lib' prefix soname_spec='$libname`echo $release | $SED -e 's/[[.]]/-/g'`$versuffix$shared_ext' ;; pw32*) # pw32 DLLs use 'pw' prefix rather than 'lib' library_names_spec='`echo $libname | $SED -e 's/^lib/pw/'``echo $release | $SED -e 's/[[.]]/-/g'`$versuffix$shared_ext' ;; esac dynamic_linker='Win32 ld.exe' ;; *,cl* | *,icl*) # Native MSVC or ICC libname_spec='$name' soname_spec='$libname`echo $release | $SED -e 's/[[.]]/-/g'`$versuffix$shared_ext' library_names_spec='$libname.dll.lib' case $build_os in mingw*) sys_lib_search_path_spec= lt_save_ifs=$IFS IFS=';' for lt_path in $LIB do IFS=$lt_save_ifs # Let DOS variable expansion print the short 8.3 style file name. lt_path=`cd "$lt_path" 2>/dev/null && cmd //C "for %i in (".") do @echo %~si"` sys_lib_search_path_spec="$sys_lib_search_path_spec $lt_path" done IFS=$lt_save_ifs # Convert to MSYS style. sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's|\\\\|/|g' -e 's| \\([[a-zA-Z]]\\):| /\\1|g' -e 's|^ ||'` ;; cygwin*) # Convert to unix form, then to dos form, then back to unix form # but this time dos style (no spaces!) so that the unix form looks # like /cygdrive/c/PROGRA~1:/cygdr... sys_lib_search_path_spec=`cygpath --path --unix "$LIB"` sys_lib_search_path_spec=`cygpath --path --dos "$sys_lib_search_path_spec" 2>/dev/null` sys_lib_search_path_spec=`cygpath --path --unix "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` ;; *) sys_lib_search_path_spec=$LIB if $ECHO "$sys_lib_search_path_spec" | [$GREP ';[c-zC-Z]:/' >/dev/null]; then # It is most probably a Windows format PATH. sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` else sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` fi # FIXME: find the short name or the path components, as spaces are # common. (e.g. "Program Files" -> "PROGRA~1") ;; esac # DLL is installed to $(libdir)/../bin by postinstall_cmds postinstall_cmds='base_file=`basename \$file`~ dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\$base_file'\''i; echo \$dlname'\''`~ dldir=$destdir/`dirname \$dlpath`~ test -d \$dldir || mkdir -p \$dldir~ $install_prog $dir/$dlname \$dldir/$dlname' postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~ dlpath=$dir/\$dldll~ $RM \$dlpath' shlibpath_overrides_runpath=yes dynamic_linker='Win32 link.exe' ;; *) # Assume MSVC and ICC wrapper library_names_spec='$libname`echo $release | $SED -e 's/[[.]]/-/g'`$versuffix$shared_ext $libname.lib' dynamic_linker='Win32 ld.exe' ;; esac # FIXME: first we should search . and the directory the executable is in shlibpath_var=PATH ;; darwin* | rhapsody*) dynamic_linker="$host_os dyld" version_type=darwin need_lib_prefix=no need_version=no library_names_spec='$libname$release$major$shared_ext $libname$shared_ext' soname_spec='$libname$release$major$shared_ext' shlibpath_overrides_runpath=yes shlibpath_var=DYLD_LIBRARY_PATH shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`' m4_if([$1], [],[ sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/local/lib"]) sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib' ;; dgux*) version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext' soname_spec='$libname$release$shared_ext$major' shlibpath_var=LD_LIBRARY_PATH ;; freebsd* | dragonfly* | midnightbsd*) # DragonFly does not have aout. When/if they implement a new # versioning mechanism, adjust this. if test -x /usr/bin/objformat; then objformat=`/usr/bin/objformat` else case $host_os in freebsd[[23]].*) objformat=aout ;; *) objformat=elf ;; esac fi version_type=freebsd-$objformat case $version_type in freebsd-elf*) library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext' soname_spec='$libname$release$shared_ext$major' need_version=no need_lib_prefix=no ;; freebsd-*) library_names_spec='$libname$release$shared_ext$versuffix $libname$shared_ext$versuffix' need_version=yes ;; esac shlibpath_var=LD_LIBRARY_PATH case $host_os in freebsd2.*) shlibpath_overrides_runpath=yes ;; freebsd3.[[01]]* | freebsdelf3.[[01]]*) shlibpath_overrides_runpath=yes hardcode_into_libs=yes ;; freebsd3.[[2-9]]* | freebsdelf3.[[2-9]]* | \ freebsd4.[[0-5]] | freebsdelf4.[[0-5]] | freebsd4.1.1 | freebsdelf4.1.1) shlibpath_overrides_runpath=no hardcode_into_libs=yes ;; *) # from 4.6 on, and DragonFly shlibpath_overrides_runpath=yes hardcode_into_libs=yes ;; esac ;; haiku*) version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no dynamic_linker="$host_os runtime_loader" library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext' soname_spec='$libname$release$shared_ext$major' shlibpath_var=LIBRARY_PATH shlibpath_overrides_runpath=no sys_lib_dlsearch_path_spec='/boot/home/config/lib /boot/common/lib /boot/system/lib' hardcode_into_libs=yes ;; hpux9* | hpux10* | hpux11*) # Give a soname corresponding to the major version so that dld.sl refuses to # link against other versions. version_type=sunos need_lib_prefix=no need_version=no case $host_cpu in ia64*) shrext_cmds='.so' hardcode_into_libs=yes dynamic_linker="$host_os dld.so" shlibpath_var=LD_LIBRARY_PATH shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext' soname_spec='$libname$release$shared_ext$major' if test 32 = "$HPUX_IA64_MODE"; then sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib" sys_lib_dlsearch_path_spec=/usr/lib/hpux32 else sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64" sys_lib_dlsearch_path_spec=/usr/lib/hpux64 fi ;; hppa*64*) shrext_cmds='.sl' hardcode_into_libs=yes dynamic_linker="$host_os dld.sl" shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH shlibpath_overrides_runpath=yes # Unless +noenvvar is specified. library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext' soname_spec='$libname$release$shared_ext$major' sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64" sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec ;; *) shrext_cmds='.sl' dynamic_linker="$host_os dld.sl" shlibpath_var=SHLIB_PATH shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext' soname_spec='$libname$release$shared_ext$major' ;; esac # HP-UX runs *really* slowly unless shared libraries are mode 555, ... postinstall_cmds='chmod 555 $lib' # or fails outright, so override atomically: install_override_mode=555 ;; interix[[3-9]]*) version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext' soname_spec='$libname$release$shared_ext$major' dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)' shlibpath_var=LD_LIBRARY_PATH shlibpath_overrides_runpath=no hardcode_into_libs=yes ;; irix5* | irix6* | nonstopux*) case $host_os in nonstopux*) version_type=nonstopux ;; *) if test yes = "$lt_cv_prog_gnu_ld"; then version_type=linux # correct to gnu/linux during the next big refactor else version_type=irix fi ;; esac need_lib_prefix=no need_version=no soname_spec='$libname$release$shared_ext$major' library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$release$shared_ext $libname$shared_ext' case $host_os in irix5* | nonstopux*) libsuff= shlibsuff= ;; *) case $LD in # libtool.m4 will add one of these switches to LD *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ") libsuff= shlibsuff= libmagic=32-bit;; *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ") libsuff=32 shlibsuff=N32 libmagic=N32;; *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ") libsuff=64 shlibsuff=64 libmagic=64-bit;; *) libsuff= shlibsuff= libmagic=never-match;; esac ;; esac shlibpath_var=LD_LIBRARY${shlibsuff}_PATH shlibpath_overrides_runpath=no sys_lib_search_path_spec="/usr/lib$libsuff /lib$libsuff /usr/local/lib$libsuff" sys_lib_dlsearch_path_spec="/usr/lib$libsuff /lib$libsuff" hardcode_into_libs=yes ;; # No shared lib support for Linux oldld, aout, or coff. linux*oldld* | linux*aout* | linux*coff*) dynamic_linker=no ;; linux*android*) version_type=none # Android doesn't support versioned libraries. need_lib_prefix=no need_version=no library_names_spec='$libname$release$shared_ext' soname_spec='$libname$release$shared_ext' finish_cmds= shlibpath_var=LD_LIBRARY_PATH shlibpath_overrides_runpath=yes # This implies no fast_install, which is unacceptable. # Some rework will be needed to allow for fast_install # before this can be enabled. hardcode_into_libs=yes dynamic_linker='Android linker' # Don't embed -rpath directories since the linker doesn't support them. _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' ;; # This must be glibc/ELF. linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext' soname_spec='$libname$release$shared_ext$major' finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir' shlibpath_var=LD_LIBRARY_PATH shlibpath_overrides_runpath=no # Some binutils ld are patched to set DT_RUNPATH AC_CACHE_VAL([lt_cv_shlibpath_overrides_runpath], [lt_cv_shlibpath_overrides_runpath=no save_LDFLAGS=$LDFLAGS save_libdir=$libdir eval "libdir=/foo; wl=\"$_LT_TAGVAR(lt_prog_compiler_wl, $1)\"; \ LDFLAGS=\"\$LDFLAGS $_LT_TAGVAR(hardcode_libdir_flag_spec, $1)\"" AC_LINK_IFELSE([AC_LANG_PROGRAM([],[])], [AS_IF([ ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null], [lt_cv_shlibpath_overrides_runpath=yes])]) LDFLAGS=$save_LDFLAGS libdir=$save_libdir ]) shlibpath_overrides_runpath=$lt_cv_shlibpath_overrides_runpath # This implies no fast_install, which is unacceptable. # Some rework will be needed to allow for fast_install # before this can be enabled. hardcode_into_libs=yes # Ideally, we could use ldconfig to report *all* directores which are # searched for libraries, however this is still not possible. Aside from not # being certain /sbin/ldconfig is available, command # 'ldconfig -N -X -v | grep ^/' on 64bit Fedora does not report /usr/lib64, # even though it is searched at run-time. Try to do the best guess by # appending ld.so.conf contents (and includes) to the search path. if test -f /etc/ld.so.conf; then lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \[$]2)); skip = 1; } { if (!skip) print \[$]0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '` sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra" fi # We used to test for /lib/ld.so.1 and disable shared libraries on # powerpc, because MkLinux only supported shared libraries with the # GNU dynamic linker. Since this was broken with cross compilers, # most powerpc-linux boxes support dynamic linking these days and # people can always --disable-shared, the test was removed, and we # assume the GNU/Linux dynamic linker is in use. dynamic_linker='GNU/Linux ld.so' ;; netbsdelf*-gnu) version_type=linux need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' soname_spec='${libname}${release}${shared_ext}$major' shlibpath_var=LD_LIBRARY_PATH shlibpath_overrides_runpath=no hardcode_into_libs=yes dynamic_linker='NetBSD ld.elf_so' ;; netbsd*) version_type=sunos need_lib_prefix=no need_version=no if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then library_names_spec='$libname$release$shared_ext$versuffix $libname$shared_ext$versuffix' finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' dynamic_linker='NetBSD (a.out) ld.so' else library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext' soname_spec='$libname$release$shared_ext$major' dynamic_linker='NetBSD ld.elf_so' fi shlibpath_var=LD_LIBRARY_PATH shlibpath_overrides_runpath=yes hardcode_into_libs=yes ;; newsos6) version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext' shlibpath_var=LD_LIBRARY_PATH shlibpath_overrides_runpath=yes ;; *nto* | *qnx*) version_type=qnx need_lib_prefix=no need_version=no library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext' soname_spec='$libname$release$shared_ext$major' shlibpath_var=LD_LIBRARY_PATH shlibpath_overrides_runpath=no hardcode_into_libs=yes dynamic_linker='ldqnx.so' ;; openbsd* | bitrig*) version_type=sunos sys_lib_dlsearch_path_spec=/usr/lib need_lib_prefix=no if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`"; then need_version=no else need_version=yes fi library_names_spec='$libname$release$shared_ext$versuffix $libname$shared_ext$versuffix' finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir' shlibpath_var=LD_LIBRARY_PATH shlibpath_overrides_runpath=yes ;; os2*) libname_spec='$name' version_type=windows shrext_cmds=.dll need_version=no need_lib_prefix=no # OS/2 can only load a DLL with a base name of 8 characters or less. soname_spec='`test -n "$os2dllname" && libname="$os2dllname"; v=$($ECHO $release$versuffix | tr -d .-); n=$($ECHO $libname | cut -b -$((8 - ${#v})) | tr . _); $ECHO $n$v`$shared_ext' library_names_spec='${libname}_dll.$libext' dynamic_linker='OS/2 ld.exe' shlibpath_var=BEGINLIBPATH sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib" sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec postinstall_cmds='base_file=`basename \$file`~ dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\$base_file'\''i; $ECHO \$dlname'\''`~ dldir=$destdir/`dirname \$dlpath`~ test -d \$dldir || mkdir -p \$dldir~ $install_prog $dir/$dlname \$dldir/$dlname~ chmod a+x \$dldir/$dlname~ if test -n '\''$stripme'\'' && test -n '\''$striplib'\''; then eval '\''$striplib \$dldir/$dlname'\'' || exit \$?; fi' postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; $ECHO \$dlname'\''`~ dlpath=$dir/\$dldll~ $RM \$dlpath' ;; osf3* | osf4* | osf5*) version_type=osf need_lib_prefix=no need_version=no soname_spec='$libname$release$shared_ext$major' library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext' shlibpath_var=LD_LIBRARY_PATH sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib" sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec ;; rdos*) dynamic_linker=no ;; solaris*) version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext' soname_spec='$libname$release$shared_ext$major' shlibpath_var=LD_LIBRARY_PATH shlibpath_overrides_runpath=yes hardcode_into_libs=yes # ldd complains unless libraries are executable postinstall_cmds='chmod +x $lib' ;; sunos4*) version_type=sunos library_names_spec='$libname$release$shared_ext$versuffix $libname$shared_ext$versuffix' finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir' shlibpath_var=LD_LIBRARY_PATH shlibpath_overrides_runpath=yes if test yes = "$with_gnu_ld"; then need_lib_prefix=no fi need_version=yes ;; sysv4 | sysv4.3*) version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext' soname_spec='$libname$release$shared_ext$major' shlibpath_var=LD_LIBRARY_PATH case $host_vendor in sni) shlibpath_overrides_runpath=no need_lib_prefix=no runpath_var=LD_RUN_PATH ;; siemens) need_lib_prefix=no ;; motorola) need_lib_prefix=no need_version=no shlibpath_overrides_runpath=no sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib' ;; esac ;; sysv4*MP*) if test -d /usr/nec; then version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='$libname$shared_ext.$versuffix $libname$shared_ext.$major $libname$shared_ext' soname_spec='$libname$shared_ext.$major' shlibpath_var=LD_LIBRARY_PATH fi ;; sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) version_type=sco need_lib_prefix=no need_version=no library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext $libname$shared_ext' soname_spec='$libname$release$shared_ext$major' shlibpath_var=LD_LIBRARY_PATH shlibpath_overrides_runpath=yes hardcode_into_libs=yes if test yes = "$with_gnu_ld"; then sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib' else sys_lib_search_path_spec='/usr/ccs/lib /usr/lib' case $host_os in sco3.2v5*) sys_lib_search_path_spec="$sys_lib_search_path_spec /lib" ;; esac fi sys_lib_dlsearch_path_spec='/usr/lib' ;; tpf*) # TPF is a cross-target only. Preferred cross-host = GNU/Linux. version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext' shlibpath_var=LD_LIBRARY_PATH shlibpath_overrides_runpath=no hardcode_into_libs=yes ;; uts4*) version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='$libname$release$shared_ext$versuffix $libname$release$shared_ext$major $libname$shared_ext' soname_spec='$libname$release$shared_ext$major' shlibpath_var=LD_LIBRARY_PATH ;; *) dynamic_linker=no ;; esac AC_MSG_RESULT([$dynamic_linker]) test no = "$dynamic_linker" && can_build_shared=no variables_saved_for_relink="PATH $shlibpath_var $runpath_var" if test yes = "$GCC"; then variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH" fi if test set = "${lt_cv_sys_lib_search_path_spec+set}"; then sys_lib_search_path_spec=$lt_cv_sys_lib_search_path_spec fi if test set = "${lt_cv_sys_lib_dlsearch_path_spec+set}"; then sys_lib_dlsearch_path_spec=$lt_cv_sys_lib_dlsearch_path_spec fi # remember unaugmented sys_lib_dlsearch_path content for libtool script decls... configure_time_dlsearch_path=$sys_lib_dlsearch_path_spec # ... but it needs LT_SYS_LIBRARY_PATH munging for other configure-time code func_munge_path_list sys_lib_dlsearch_path_spec "$LT_SYS_LIBRARY_PATH" # to be used as default LT_SYS_LIBRARY_PATH value in generated libtool configure_time_lt_sys_library_path=$LT_SYS_LIBRARY_PATH _LT_DECL([], [variables_saved_for_relink], [1], [Variables whose values should be saved in libtool wrapper scripts and restored at link time]) _LT_DECL([], [need_lib_prefix], [0], [Do we need the "lib" prefix for modules?]) _LT_DECL([], [need_version], [0], [Do we need a version for libraries?]) _LT_DECL([], [version_type], [0], [Library versioning type]) _LT_DECL([], [runpath_var], [0], [Shared library runtime path variable]) _LT_DECL([], [shlibpath_var], [0],[Shared library path variable]) _LT_DECL([], [shlibpath_overrides_runpath], [0], [Is shlibpath searched before the hard-coded library search path?]) _LT_DECL([], [libname_spec], [1], [Format of library name prefix]) _LT_DECL([], [library_names_spec], [1], [[List of archive names. First name is the real one, the rest are links. The last name is the one that the linker finds with -lNAME]]) _LT_DECL([], [soname_spec], [1], [[The coded name of the library, if different from the real name]]) _LT_DECL([], [install_override_mode], [1], [Permission mode override for installation of shared libraries]) _LT_DECL([], [postinstall_cmds], [2], [Command to use after installation of a shared archive]) _LT_DECL([], [postuninstall_cmds], [2], [Command to use after uninstallation of a shared archive]) _LT_DECL([], [finish_cmds], [2], [Commands used to finish a libtool library installation in a directory]) _LT_DECL([], [finish_eval], [1], [[As "finish_cmds", except a single script fragment to be evaled but not shown]]) _LT_DECL([], [hardcode_into_libs], [0], [Whether we should hardcode library paths into libraries]) _LT_DECL([], [sys_lib_search_path_spec], [2], [Compile-time system search path for libraries]) _LT_DECL([sys_lib_dlsearch_path_spec], [configure_time_dlsearch_path], [2], [Detected run-time system search path for libraries]) _LT_DECL([], [configure_time_lt_sys_library_path], [2], [Explicit LT_SYS_LIBRARY_PATH set during ./configure time]) ])# _LT_SYS_DYNAMIC_LINKER # _LT_PATH_TOOL_PREFIX(TOOL) # -------------------------- # find a file program that can recognize shared library AC_DEFUN([_LT_PATH_TOOL_PREFIX], [m4_require([_LT_DECL_EGREP])dnl AC_MSG_CHECKING([for $1]) AC_CACHE_VAL(lt_cv_path_MAGIC_CMD, [case $MAGIC_CMD in [[\\/*] | ?:[\\/]*]) lt_cv_path_MAGIC_CMD=$MAGIC_CMD # Let the user override the test with a path. ;; *) lt_save_MAGIC_CMD=$MAGIC_CMD lt_save_ifs=$IFS; IFS=$PATH_SEPARATOR dnl $ac_dummy forces splitting on constant user-supplied paths. dnl POSIX.2 word splitting is done only on the output of word expansions, dnl not every word. This closes a longstanding sh security hole. ac_dummy="m4_if([$2], , $PATH, [$2])" for ac_dir in $ac_dummy; do IFS=$lt_save_ifs test -z "$ac_dir" && ac_dir=. if test -f "$ac_dir/$1"; then lt_cv_path_MAGIC_CMD=$ac_dir/"$1" if test -n "$file_magic_test_file"; then case $deplibs_check_method in "file_magic "*) file_magic_regex=`expr "$deplibs_check_method" : "file_magic \(.*\)"` MAGIC_CMD=$lt_cv_path_MAGIC_CMD if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null | $EGREP "$file_magic_regex" > /dev/null; then : else cat <<_LT_EOF 1>&2 *** Warning: the command libtool uses to detect shared libraries, *** $file_magic_cmd, produces output that libtool cannot recognize. *** The result is that libtool may fail to recognize shared libraries *** as such. This will affect the creation of libtool libraries that *** depend on shared libraries, but programs linked with such libtool *** libraries will work regardless of this problem. Nevertheless, you *** may want to report the problem to your system manager and/or to *** bug-libtool@gnu.org _LT_EOF fi ;; esac fi break fi done IFS=$lt_save_ifs MAGIC_CMD=$lt_save_MAGIC_CMD ;; esac]) MAGIC_CMD=$lt_cv_path_MAGIC_CMD if test -n "$MAGIC_CMD"; then AC_MSG_RESULT($MAGIC_CMD) else AC_MSG_RESULT(no) fi _LT_DECL([], [MAGIC_CMD], [0], [Used to examine libraries when file_magic_cmd begins with "file"])dnl ])# _LT_PATH_TOOL_PREFIX # Old name: AU_ALIAS([AC_PATH_TOOL_PREFIX], [_LT_PATH_TOOL_PREFIX]) dnl aclocal-1.4 backwards compatibility: dnl AC_DEFUN([AC_PATH_TOOL_PREFIX], []) # _LT_PATH_MAGIC # -------------- # find a file program that can recognize a shared library m4_defun([_LT_PATH_MAGIC], [_LT_PATH_TOOL_PREFIX(${ac_tool_prefix}file, /usr/bin$PATH_SEPARATOR$PATH) if test -z "$lt_cv_path_MAGIC_CMD"; then if test -n "$ac_tool_prefix"; then _LT_PATH_TOOL_PREFIX(file, /usr/bin$PATH_SEPARATOR$PATH) else MAGIC_CMD=: fi fi ])# _LT_PATH_MAGIC # LT_PATH_LD # ---------- # find the pathname to the GNU or non-GNU linker AC_DEFUN([LT_PATH_LD], [AC_REQUIRE([AC_PROG_CC])dnl AC_REQUIRE([AC_CANONICAL_HOST])dnl AC_REQUIRE([AC_CANONICAL_BUILD])dnl m4_require([_LT_DECL_SED])dnl m4_require([_LT_DECL_EGREP])dnl m4_require([_LT_PROG_ECHO_BACKSLASH])dnl AC_ARG_WITH([gnu-ld], [AS_HELP_STRING([--with-gnu-ld], [assume the C compiler uses GNU ld @<:@default=no@:>@])], [test no = "$withval" || with_gnu_ld=yes], [with_gnu_ld=no])dnl ac_prog=ld if test yes = "$GCC"; then # Check if gcc -print-prog-name=ld gives a path. AC_MSG_CHECKING([for ld used by $CC]) case $host in *-*-mingw*) # gcc leaves a trailing carriage return, which upsets mingw ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;; *) ac_prog=`($CC -print-prog-name=ld) 2>&5` ;; esac case $ac_prog in # Accept absolute paths. [[\\/]]* | ?:[[\\/]]*) re_direlt='/[[^/]][[^/]]*/\.\./' # Canonicalize the pathname of ld ac_prog=`$ECHO "$ac_prog"| $SED 's%\\\\%/%g'` while $ECHO "$ac_prog" | $GREP "$re_direlt" > /dev/null 2>&1; do ac_prog=`$ECHO $ac_prog| $SED "s%$re_direlt%/%"` done test -z "$LD" && LD=$ac_prog ;; "") # If it fails, then pretend we aren't using GCC. ac_prog=ld ;; *) # If it is relative, then search for the first ld in PATH. with_gnu_ld=unknown ;; esac elif test yes = "$with_gnu_ld"; then AC_MSG_CHECKING([for GNU ld]) else AC_MSG_CHECKING([for non-GNU ld]) fi AC_CACHE_VAL(lt_cv_path_LD, [if test -z "$LD"; then lt_save_ifs=$IFS; IFS=$PATH_SEPARATOR for ac_dir in $PATH; do IFS=$lt_save_ifs test -z "$ac_dir" && ac_dir=. if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then lt_cv_path_LD=$ac_dir/$ac_prog # Check to see if the program is GNU ld. I'd rather use --version, # but apparently some variants of GNU ld only accept -v. # Break only if it was the GNU/non-GNU ld that we prefer. case `"$lt_cv_path_LD" -v 2>&1 &1 conftest.i cat conftest.i conftest.i >conftest2.i : ${lt_DD:=$DD} AC_PATH_PROGS_FEATURE_CHECK([lt_DD], [dd], [if "$ac_path_lt_DD" bs=32 count=1 conftest.out 2>/dev/null; then cmp -s conftest.i conftest.out \ && ac_cv_path_lt_DD="$ac_path_lt_DD" ac_path_lt_DD_found=: fi]) rm -f conftest.i conftest2.i conftest.out]) ])# _LT_PATH_DD # _LT_CMD_TRUNCATE # ---------------- # find command to truncate a binary pipe m4_defun([_LT_CMD_TRUNCATE], [m4_require([_LT_PATH_DD]) AC_CACHE_CHECK([how to truncate binary pipes], [lt_cv_truncate_bin], [printf 0123456789abcdef0123456789abcdef >conftest.i cat conftest.i conftest.i >conftest2.i lt_cv_truncate_bin= if "$ac_cv_path_lt_DD" bs=32 count=1 conftest.out 2>/dev/null; then cmp -s conftest.i conftest.out \ && lt_cv_truncate_bin="$ac_cv_path_lt_DD bs=4096 count=1" fi rm -f conftest.i conftest2.i conftest.out test -z "$lt_cv_truncate_bin" && lt_cv_truncate_bin="$SED -e 4q"]) _LT_DECL([lt_truncate_bin], [lt_cv_truncate_bin], [1], [Command to truncate a binary pipe]) ])# _LT_CMD_TRUNCATE # _LT_CHECK_MAGIC_METHOD # ---------------------- # how to check for library dependencies # -- PORTME fill in with the dynamic library characteristics m4_defun([_LT_CHECK_MAGIC_METHOD], [m4_require([_LT_DECL_EGREP]) m4_require([_LT_DECL_OBJDUMP]) AC_CACHE_CHECK([how to recognize dependent libraries], lt_cv_deplibs_check_method, [lt_cv_file_magic_cmd='$MAGIC_CMD' lt_cv_file_magic_test_file= lt_cv_deplibs_check_method='unknown' # Need to set the preceding variable on all platforms that support # interlibrary dependencies. # 'none' -- dependencies not supported. # 'unknown' -- same as none, but documents that we really don't know. # 'pass_all' -- all dependencies passed with no checks. # 'test_compile' -- check by making test program. # 'file_magic [[regex]]' -- check by looking for files in library path # that responds to the $file_magic_cmd with a given extended regex. # If you have 'file' or equivalent on your system and you're not sure # whether 'pass_all' will *always* work, you probably want this one. case $host_os in aix[[4-9]]*) lt_cv_deplibs_check_method=pass_all ;; beos*) lt_cv_deplibs_check_method=pass_all ;; bsdi[[45]]*) lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (shared object|dynamic lib)' lt_cv_file_magic_cmd='$FILECMD -L' lt_cv_file_magic_test_file=/shlib/libc.so ;; cygwin*) # func_win32_libid is a shell function defined in ltmain.sh lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL' lt_cv_file_magic_cmd='func_win32_libid' ;; mingw* | pw32*) # Base MSYS/MinGW do not provide the 'file' command needed by # func_win32_libid shell function, so use a weaker test based on 'objdump', # unless we find 'file', for example because we are cross-compiling. if ( file / ) >/dev/null 2>&1; then lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL' lt_cv_file_magic_cmd='func_win32_libid' else # Keep this pattern in sync with the one in func_win32_libid. lt_cv_deplibs_check_method='file_magic file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)' lt_cv_file_magic_cmd='$OBJDUMP -f' fi ;; cegcc*) # use the weaker test based on 'objdump'. See mingw*. lt_cv_deplibs_check_method='file_magic file format pe-arm-.*little(.*architecture: arm)?' lt_cv_file_magic_cmd='$OBJDUMP -f' ;; darwin* | rhapsody*) lt_cv_deplibs_check_method=pass_all ;; freebsd* | dragonfly* | midnightbsd*) if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then case $host_cpu in i*86 ) # Not sure whether the presence of OpenBSD here was a mistake. # Let's accept both of them until this is cleared up. lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[[3-9]]86 (compact )?demand paged shared library' lt_cv_file_magic_cmd=$FILECMD lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*` ;; esac else lt_cv_deplibs_check_method=pass_all fi ;; haiku*) lt_cv_deplibs_check_method=pass_all ;; hpux10.20* | hpux11*) lt_cv_file_magic_cmd=$FILECMD case $host_cpu in ia64*) lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|ELF-[[0-9]][[0-9]]) shared object file - IA64' lt_cv_file_magic_test_file=/usr/lib/hpux32/libc.so ;; hppa*64*) [lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF[ -][0-9][0-9])(-bit)?( [LM]SB)? shared object( file)?[, -]* PA-RISC [0-9]\.[0-9]'] lt_cv_file_magic_test_file=/usr/lib/pa20_64/libc.sl ;; *) lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|PA-RISC[[0-9]]\.[[0-9]]) shared library' lt_cv_file_magic_test_file=/usr/lib/libc.sl ;; esac ;; interix[[3-9]]*) # PIC code is broken on Interix 3.x, that's why |\.a not |_pic\.a here lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so|\.a)$' ;; irix5* | irix6* | nonstopux*) case $LD in *-32|*"-32 ") libmagic=32-bit;; *-n32|*"-n32 ") libmagic=N32;; *-64|*"-64 ") libmagic=64-bit;; *) libmagic=never-match;; esac lt_cv_deplibs_check_method=pass_all ;; # This must be glibc/ELF. linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) lt_cv_deplibs_check_method=pass_all ;; netbsd* | netbsdelf*-gnu) if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$' else lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so|_pic\.a)$' fi ;; newos6*) lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (executable|dynamic lib)' lt_cv_file_magic_cmd=$FILECMD lt_cv_file_magic_test_file=/usr/lib/libnls.so ;; *nto* | *qnx*) lt_cv_deplibs_check_method=pass_all ;; openbsd* | bitrig*) if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`"; then lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|\.so|_pic\.a)$' else lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$' fi ;; osf3* | osf4* | osf5*) lt_cv_deplibs_check_method=pass_all ;; rdos*) lt_cv_deplibs_check_method=pass_all ;; solaris*) lt_cv_deplibs_check_method=pass_all ;; sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) lt_cv_deplibs_check_method=pass_all ;; sysv4 | sysv4.3*) case $host_vendor in motorola) lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (shared object|dynamic lib) M[[0-9]][[0-9]]* Version [[0-9]]' lt_cv_file_magic_test_file=`echo /usr/lib/libc.so*` ;; ncr) lt_cv_deplibs_check_method=pass_all ;; sequent) lt_cv_file_magic_cmd='/bin/file' lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[LM]]SB (shared object|dynamic lib )' ;; sni) lt_cv_file_magic_cmd='/bin/file' lt_cv_deplibs_check_method="file_magic ELF [[0-9]][[0-9]]*-bit [[LM]]SB dynamic lib" lt_cv_file_magic_test_file=/lib/libc.so ;; siemens) lt_cv_deplibs_check_method=pass_all ;; pc) lt_cv_deplibs_check_method=pass_all ;; esac ;; tpf*) lt_cv_deplibs_check_method=pass_all ;; os2*) lt_cv_deplibs_check_method=pass_all ;; esac ]) file_magic_glob= want_nocaseglob=no if test "$build" = "$host"; then case $host_os in mingw* | pw32*) if ( shopt | grep nocaseglob ) >/dev/null 2>&1; then want_nocaseglob=yes else file_magic_glob=`echo aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyYzZ | $SED -e "s/\(..\)/s\/[[\1]]\/[[\1]]\/g;/g"` fi ;; esac fi file_magic_cmd=$lt_cv_file_magic_cmd deplibs_check_method=$lt_cv_deplibs_check_method test -z "$deplibs_check_method" && deplibs_check_method=unknown _LT_DECL([], [deplibs_check_method], [1], [Method to check whether dependent libraries are shared objects]) _LT_DECL([], [file_magic_cmd], [1], [Command to use when deplibs_check_method = "file_magic"]) _LT_DECL([], [file_magic_glob], [1], [How to find potential files when deplibs_check_method = "file_magic"]) _LT_DECL([], [want_nocaseglob], [1], [Find potential files using nocaseglob when deplibs_check_method = "file_magic"]) ])# _LT_CHECK_MAGIC_METHOD # LT_PATH_NM # ---------- # find the pathname to a BSD- or MS-compatible name lister AC_DEFUN([LT_PATH_NM], [AC_REQUIRE([AC_PROG_CC])dnl AC_CACHE_CHECK([for BSD- or MS-compatible name lister (nm)], lt_cv_path_NM, [if test -n "$NM"; then # Let the user override the test. lt_cv_path_NM=$NM else lt_nm_to_check=${ac_tool_prefix}nm if test -n "$ac_tool_prefix" && test "$build" = "$host"; then lt_nm_to_check="$lt_nm_to_check nm" fi for lt_tmp_nm in $lt_nm_to_check; do lt_save_ifs=$IFS; IFS=$PATH_SEPARATOR for ac_dir in $PATH /usr/ccs/bin/elf /usr/ccs/bin /usr/ucb /bin; do IFS=$lt_save_ifs test -z "$ac_dir" && ac_dir=. tmp_nm=$ac_dir/$lt_tmp_nm if test -f "$tmp_nm" || test -f "$tmp_nm$ac_exeext"; then # Check to see if the nm accepts a BSD-compat flag. # Adding the 'sed 1q' prevents false positives on HP-UX, which says: # nm: unknown option "B" ignored # Tru64's nm complains that /dev/null is an invalid object file # MSYS converts /dev/null to NUL, MinGW nm treats NUL as empty case $build_os in mingw*) lt_bad_file=conftest.nm/nofile ;; *) lt_bad_file=/dev/null ;; esac case `"$tmp_nm" -B $lt_bad_file 2>&1 | $SED '1q'` in *$lt_bad_file* | *'Invalid file or object type'*) lt_cv_path_NM="$tmp_nm -B" break 2 ;; *) case `"$tmp_nm" -p /dev/null 2>&1 | $SED '1q'` in */dev/null*) lt_cv_path_NM="$tmp_nm -p" break 2 ;; *) lt_cv_path_NM=${lt_cv_path_NM="$tmp_nm"} # keep the first match, but continue # so that we can try to find one that supports BSD flags ;; esac ;; esac fi done IFS=$lt_save_ifs done : ${lt_cv_path_NM=no} fi]) if test no != "$lt_cv_path_NM"; then NM=$lt_cv_path_NM else # Didn't find any BSD compatible name lister, look for dumpbin. if test -n "$DUMPBIN"; then : # Let the user override the test. else AC_CHECK_TOOLS(DUMPBIN, [dumpbin "link -dump"], :) case `$DUMPBIN -symbols -headers /dev/null 2>&1 | $SED '1q'` in *COFF*) DUMPBIN="$DUMPBIN -symbols -headers" ;; *) DUMPBIN=: ;; esac fi AC_SUBST([DUMPBIN]) if test : != "$DUMPBIN"; then NM=$DUMPBIN fi fi test -z "$NM" && NM=nm AC_SUBST([NM]) _LT_DECL([], [NM], [1], [A BSD- or MS-compatible name lister])dnl AC_CACHE_CHECK([the name lister ($NM) interface], [lt_cv_nm_interface], [lt_cv_nm_interface="BSD nm" echo "int some_variable = 0;" > conftest.$ac_ext (eval echo "\"\$as_me:$LINENO: $ac_compile\"" >&AS_MESSAGE_LOG_FD) (eval "$ac_compile" 2>conftest.err) cat conftest.err >&AS_MESSAGE_LOG_FD (eval echo "\"\$as_me:$LINENO: $NM \\\"conftest.$ac_objext\\\"\"" >&AS_MESSAGE_LOG_FD) (eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out) cat conftest.err >&AS_MESSAGE_LOG_FD (eval echo "\"\$as_me:$LINENO: output\"" >&AS_MESSAGE_LOG_FD) cat conftest.out >&AS_MESSAGE_LOG_FD if $GREP 'External.*some_variable' conftest.out > /dev/null; then lt_cv_nm_interface="MS dumpbin" fi rm -f conftest*]) ])# LT_PATH_NM # Old names: AU_ALIAS([AM_PROG_NM], [LT_PATH_NM]) AU_ALIAS([AC_PROG_NM], [LT_PATH_NM]) dnl aclocal-1.4 backwards compatibility: dnl AC_DEFUN([AM_PROG_NM], []) dnl AC_DEFUN([AC_PROG_NM], []) # _LT_CHECK_SHAREDLIB_FROM_LINKLIB # -------------------------------- # how to determine the name of the shared library # associated with a specific link library. # -- PORTME fill in with the dynamic library characteristics m4_defun([_LT_CHECK_SHAREDLIB_FROM_LINKLIB], [m4_require([_LT_DECL_EGREP]) m4_require([_LT_DECL_OBJDUMP]) m4_require([_LT_DECL_DLLTOOL]) AC_CACHE_CHECK([how to associate runtime and link libraries], lt_cv_sharedlib_from_linklib_cmd, [lt_cv_sharedlib_from_linklib_cmd='unknown' case $host_os in cygwin* | mingw* | pw32* | cegcc*) # two different shell functions defined in ltmain.sh; # decide which one to use based on capabilities of $DLLTOOL case `$DLLTOOL --help 2>&1` in *--identify-strict*) lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib ;; *) lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib_fallback ;; esac ;; *) # fallback: assume linklib IS sharedlib lt_cv_sharedlib_from_linklib_cmd=$ECHO ;; esac ]) sharedlib_from_linklib_cmd=$lt_cv_sharedlib_from_linklib_cmd test -z "$sharedlib_from_linklib_cmd" && sharedlib_from_linklib_cmd=$ECHO _LT_DECL([], [sharedlib_from_linklib_cmd], [1], [Command to associate shared and link libraries]) ])# _LT_CHECK_SHAREDLIB_FROM_LINKLIB # _LT_PATH_MANIFEST_TOOL # ---------------------- # locate the manifest tool m4_defun([_LT_PATH_MANIFEST_TOOL], [AC_CHECK_TOOL(MANIFEST_TOOL, mt, :) test -z "$MANIFEST_TOOL" && MANIFEST_TOOL=mt AC_CACHE_CHECK([if $MANIFEST_TOOL is a manifest tool], [lt_cv_path_mainfest_tool], [lt_cv_path_mainfest_tool=no echo "$as_me:$LINENO: $MANIFEST_TOOL '-?'" >&AS_MESSAGE_LOG_FD $MANIFEST_TOOL '-?' 2>conftest.err > conftest.out cat conftest.err >&AS_MESSAGE_LOG_FD if $GREP 'Manifest Tool' conftest.out > /dev/null; then lt_cv_path_mainfest_tool=yes fi rm -f conftest*]) if test yes != "$lt_cv_path_mainfest_tool"; then MANIFEST_TOOL=: fi _LT_DECL([], [MANIFEST_TOOL], [1], [Manifest tool])dnl ])# _LT_PATH_MANIFEST_TOOL # _LT_DLL_DEF_P([FILE]) # --------------------- # True iff FILE is a Windows DLL '.def' file. # Keep in sync with func_dll_def_p in the libtool script AC_DEFUN([_LT_DLL_DEF_P], [dnl test DEF = "`$SED -n dnl -e '\''s/^[[ ]]*//'\'' dnl Strip leading whitespace -e '\''/^\(;.*\)*$/d'\'' dnl Delete empty lines and comments -e '\''s/^\(EXPORTS\|LIBRARY\)\([[ ]].*\)*$/DEF/p'\'' dnl -e q dnl Only consider the first "real" line $1`" dnl ])# _LT_DLL_DEF_P # LT_LIB_M # -------- # check for math library AC_DEFUN([LT_LIB_M], [AC_REQUIRE([AC_CANONICAL_HOST])dnl LIBM= case $host in *-*-beos* | *-*-cegcc* | *-*-cygwin* | *-*-haiku* | *-*-pw32* | *-*-darwin*) # These system don't have libm, or don't need it ;; *-ncr-sysv4.3*) AC_CHECK_LIB(mw, _mwvalidcheckl, LIBM=-lmw) AC_CHECK_LIB(m, cos, LIBM="$LIBM -lm") ;; *) AC_CHECK_LIB(m, cos, LIBM=-lm) ;; esac AC_SUBST([LIBM]) ])# LT_LIB_M # Old name: AU_ALIAS([AC_CHECK_LIBM], [LT_LIB_M]) dnl aclocal-1.4 backwards compatibility: dnl AC_DEFUN([AC_CHECK_LIBM], []) # _LT_COMPILER_NO_RTTI([TAGNAME]) # ------------------------------- m4_defun([_LT_COMPILER_NO_RTTI], [m4_require([_LT_TAG_COMPILER])dnl _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)= if test yes = "$GCC"; then case $cc_basename in nvcc*) _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -Xcompiler -fno-builtin' ;; *) _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin' ;; esac _LT_COMPILER_OPTION([if $compiler supports -fno-rtti -fno-exceptions], lt_cv_prog_compiler_rtti_exceptions, [-fno-rtti -fno-exceptions], [], [_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)="$_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1) -fno-rtti -fno-exceptions"]) fi _LT_TAGDECL([no_builtin_flag], [lt_prog_compiler_no_builtin_flag], [1], [Compiler flag to turn off builtin functions]) ])# _LT_COMPILER_NO_RTTI # _LT_CMD_GLOBAL_SYMBOLS # ---------------------- m4_defun([_LT_CMD_GLOBAL_SYMBOLS], [AC_REQUIRE([AC_CANONICAL_HOST])dnl AC_REQUIRE([AC_PROG_CC])dnl AC_REQUIRE([AC_PROG_AWK])dnl AC_REQUIRE([LT_PATH_NM])dnl AC_REQUIRE([LT_PATH_LD])dnl m4_require([_LT_DECL_SED])dnl m4_require([_LT_DECL_EGREP])dnl m4_require([_LT_TAG_COMPILER])dnl # Check for command to grab the raw symbol name followed by C symbol from nm. AC_MSG_CHECKING([command to parse $NM output from $compiler object]) AC_CACHE_VAL([lt_cv_sys_global_symbol_pipe], [ # These are sane defaults that work on at least a few old systems. # [They come from Ultrix. What could be older than Ultrix?!! ;)] # Character class describing NM global symbol codes. symcode='[[BCDEGRST]]' # Regexp to match symbols that can be accessed directly from C. sympat='\([[_A-Za-z]][[_A-Za-z0-9]]*\)' # Define system-specific variables. case $host_os in aix*) symcode='[[BCDT]]' ;; cygwin* | mingw* | pw32* | cegcc*) symcode='[[ABCDGISTW]]' ;; hpux*) if test ia64 = "$host_cpu"; then symcode='[[ABCDEGRST]]' fi ;; irix* | nonstopux*) symcode='[[BCDEGRST]]' ;; osf*) symcode='[[BCDEGQRST]]' ;; solaris*) symcode='[[BDRT]]' ;; sco3.2v5*) symcode='[[DT]]' ;; sysv4.2uw2*) symcode='[[DT]]' ;; sysv5* | sco5v6* | unixware* | OpenUNIX*) symcode='[[ABDT]]' ;; sysv4) symcode='[[DFNSTU]]' ;; esac # If we're using GNU nm, then use its standard symbol codes. case `$NM -V 2>&1` in *GNU* | *'with BFD'*) symcode='[[ABCDGIRSTW]]' ;; esac if test "$lt_cv_nm_interface" = "MS dumpbin"; then # Gets list of data symbols to import. lt_cv_sys_global_symbol_to_import="$SED -n -e 's/^I .* \(.*\)$/\1/p'" # Adjust the below global symbol transforms to fixup imported variables. lt_cdecl_hook=" -e 's/^I .* \(.*\)$/extern __declspec(dllimport) char \1;/p'" lt_c_name_hook=" -e 's/^I .* \(.*\)$/ {\"\1\", (void *) 0},/p'" lt_c_name_lib_hook="\ -e 's/^I .* \(lib.*\)$/ {\"\1\", (void *) 0},/p'\ -e 's/^I .* \(.*\)$/ {\"lib\1\", (void *) 0},/p'" else # Disable hooks by default. lt_cv_sys_global_symbol_to_import= lt_cdecl_hook= lt_c_name_hook= lt_c_name_lib_hook= fi # Transform an extracted symbol line into a proper C declaration. # Some systems (esp. on ia64) link data and code symbols differently, # so use this general approach. lt_cv_sys_global_symbol_to_cdecl="$SED -n"\ $lt_cdecl_hook\ " -e 's/^T .* \(.*\)$/extern int \1();/p'"\ " -e 's/^$symcode$symcode* .* \(.*\)$/extern char \1;/p'" # Transform an extracted symbol line into symbol name and symbol address lt_cv_sys_global_symbol_to_c_name_address="$SED -n"\ $lt_c_name_hook\ " -e 's/^: \(.*\) .*$/ {\"\1\", (void *) 0},/p'"\ " -e 's/^$symcode$symcode* .* \(.*\)$/ {\"\1\", (void *) \&\1},/p'" # Transform an extracted symbol line into symbol name with lib prefix and # symbol address. lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="$SED -n"\ $lt_c_name_lib_hook\ " -e 's/^: \(.*\) .*$/ {\"\1\", (void *) 0},/p'"\ " -e 's/^$symcode$symcode* .* \(lib.*\)$/ {\"\1\", (void *) \&\1},/p'"\ " -e 's/^$symcode$symcode* .* \(.*\)$/ {\"lib\1\", (void *) \&\1},/p'" # Handle CRLF in mingw tool chain opt_cr= case $build_os in mingw*) opt_cr=`$ECHO 'x\{0,1\}' | tr x '\015'` # option cr in regexp ;; esac # Try without a prefix underscore, then with it. for ac_symprfx in "" "_"; do # Transform symcode, sympat, and symprfx into a raw symbol and a C symbol. symxfrm="\\1 $ac_symprfx\\2 \\2" # Write the raw and C identifiers. if test "$lt_cv_nm_interface" = "MS dumpbin"; then # Fake it for dumpbin and say T for any non-static function, # D for any global variable and I for any imported variable. # Also find C++ and __fastcall symbols from MSVC++ or ICC, # which start with @ or ?. lt_cv_sys_global_symbol_pipe="$AWK ['"\ " {last_section=section; section=\$ 3};"\ " /^COFF SYMBOL TABLE/{for(i in hide) delete hide[i]};"\ " /Section length .*#relocs.*(pick any)/{hide[last_section]=1};"\ " /^ *Symbol name *: /{split(\$ 0,sn,\":\"); si=substr(sn[2],2)};"\ " /^ *Type *: code/{print \"T\",si,substr(si,length(prfx))};"\ " /^ *Type *: data/{print \"I\",si,substr(si,length(prfx))};"\ " \$ 0!~/External *\|/{next};"\ " / 0+ UNDEF /{next}; / UNDEF \([^|]\)*()/{next};"\ " {if(hide[section]) next};"\ " {f=\"D\"}; \$ 0~/\(\).*\|/{f=\"T\"};"\ " {split(\$ 0,a,/\||\r/); split(a[2],s)};"\ " s[1]~/^[@?]/{print f,s[1],s[1]; next};"\ " s[1]~prfx {split(s[1],t,\"@\"); print f,t[1],substr(t[1],length(prfx))}"\ " ' prfx=^$ac_symprfx]" else lt_cv_sys_global_symbol_pipe="$SED -n -e 's/^.*[[ ]]\($symcode$symcode*\)[[ ]][[ ]]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'" fi lt_cv_sys_global_symbol_pipe="$lt_cv_sys_global_symbol_pipe | $SED '/ __gnu_lto/d'" # Check to see that the pipe works correctly. pipe_works=no rm -f conftest* cat > conftest.$ac_ext <<_LT_EOF #ifdef __cplusplus extern "C" { #endif char nm_test_var; void nm_test_func(void); void nm_test_func(void){} #ifdef __cplusplus } #endif int main(){nm_test_var='a';nm_test_func();return(0);} _LT_EOF if AC_TRY_EVAL(ac_compile); then # Now try to grab the symbols. nlist=conftest.nm $ECHO "$as_me:$LINENO: $NM conftest.$ac_objext | $lt_cv_sys_global_symbol_pipe > $nlist" >&AS_MESSAGE_LOG_FD if eval "$NM" conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist 2>&AS_MESSAGE_LOG_FD && test -s "$nlist"; then # Try sorting and uniquifying the output. if sort "$nlist" | uniq > "$nlist"T; then mv -f "$nlist"T "$nlist" else rm -f "$nlist"T fi # Make sure that we snagged all the symbols we need. if $GREP ' nm_test_var$' "$nlist" >/dev/null; then if $GREP ' nm_test_func$' "$nlist" >/dev/null; then cat <<_LT_EOF > conftest.$ac_ext /* Keep this code in sync between libtool.m4, ltmain, lt_system.h, and tests. */ #if defined _WIN32 || defined __CYGWIN__ || defined _WIN32_WCE /* DATA imports from DLLs on WIN32 can't be const, because runtime relocations are performed -- see ld's documentation on pseudo-relocs. */ # define LT@&t@_DLSYM_CONST #elif defined __osf__ /* This system does not cope well with relocations in const data. */ # define LT@&t@_DLSYM_CONST #else # define LT@&t@_DLSYM_CONST const #endif #ifdef __cplusplus extern "C" { #endif _LT_EOF # Now generate the symbol file. eval "$lt_cv_sys_global_symbol_to_cdecl"' < "$nlist" | $GREP -v main >> conftest.$ac_ext' cat <<_LT_EOF >> conftest.$ac_ext /* The mapping between symbol names and symbols. */ LT@&t@_DLSYM_CONST struct { const char *name; void *address; } lt__PROGRAM__LTX_preloaded_symbols[[]] = { { "@PROGRAM@", (void *) 0 }, _LT_EOF $SED "s/^$symcode$symcode* .* \(.*\)$/ {\"\1\", (void *) \&\1},/" < "$nlist" | $GREP -v main >> conftest.$ac_ext cat <<\_LT_EOF >> conftest.$ac_ext {0, (void *) 0} }; /* This works around a problem in FreeBSD linker */ #ifdef FREEBSD_WORKAROUND static const void *lt_preloaded_setup() { return lt__PROGRAM__LTX_preloaded_symbols; } #endif #ifdef __cplusplus } #endif _LT_EOF # Now try linking the two files. mv conftest.$ac_objext conftstm.$ac_objext lt_globsym_save_LIBS=$LIBS lt_globsym_save_CFLAGS=$CFLAGS LIBS=conftstm.$ac_objext CFLAGS="$CFLAGS$_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)" if AC_TRY_EVAL(ac_link) && test -s conftest$ac_exeext; then pipe_works=yes fi LIBS=$lt_globsym_save_LIBS CFLAGS=$lt_globsym_save_CFLAGS else echo "cannot find nm_test_func in $nlist" >&AS_MESSAGE_LOG_FD fi else echo "cannot find nm_test_var in $nlist" >&AS_MESSAGE_LOG_FD fi else echo "cannot run $lt_cv_sys_global_symbol_pipe" >&AS_MESSAGE_LOG_FD fi else echo "$progname: failed program was:" >&AS_MESSAGE_LOG_FD cat conftest.$ac_ext >&5 fi rm -rf conftest* conftst* # Do not use the global_symbol_pipe unless it works. if test yes = "$pipe_works"; then break else lt_cv_sys_global_symbol_pipe= fi done ]) if test -z "$lt_cv_sys_global_symbol_pipe"; then lt_cv_sys_global_symbol_to_cdecl= fi if test -z "$lt_cv_sys_global_symbol_pipe$lt_cv_sys_global_symbol_to_cdecl"; then AC_MSG_RESULT(failed) else AC_MSG_RESULT(ok) fi # Response file support. if test "$lt_cv_nm_interface" = "MS dumpbin"; then nm_file_list_spec='@' elif $NM --help 2>/dev/null | grep '[[@]]FILE' >/dev/null; then nm_file_list_spec='@' fi _LT_DECL([global_symbol_pipe], [lt_cv_sys_global_symbol_pipe], [1], [Take the output of nm and produce a listing of raw symbols and C names]) _LT_DECL([global_symbol_to_cdecl], [lt_cv_sys_global_symbol_to_cdecl], [1], [Transform the output of nm in a proper C declaration]) _LT_DECL([global_symbol_to_import], [lt_cv_sys_global_symbol_to_import], [1], [Transform the output of nm into a list of symbols to manually relocate]) _LT_DECL([global_symbol_to_c_name_address], [lt_cv_sys_global_symbol_to_c_name_address], [1], [Transform the output of nm in a C name address pair]) _LT_DECL([global_symbol_to_c_name_address_lib_prefix], [lt_cv_sys_global_symbol_to_c_name_address_lib_prefix], [1], [Transform the output of nm in a C name address pair when lib prefix is needed]) _LT_DECL([nm_interface], [lt_cv_nm_interface], [1], [The name lister interface]) _LT_DECL([], [nm_file_list_spec], [1], [Specify filename containing input files for $NM]) ]) # _LT_CMD_GLOBAL_SYMBOLS # _LT_COMPILER_PIC([TAGNAME]) # --------------------------- m4_defun([_LT_COMPILER_PIC], [m4_require([_LT_TAG_COMPILER])dnl _LT_TAGVAR(lt_prog_compiler_wl, $1)= _LT_TAGVAR(lt_prog_compiler_pic, $1)= _LT_TAGVAR(lt_prog_compiler_static, $1)= m4_if([$1], [CXX], [ # C++ specific cases for pic, static, wl, etc. if test yes = "$GXX"; then _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' case $host_os in aix*) # All AIX code is PIC. if test ia64 = "$host_cpu"; then # AIX 5 now supports IA64 processor _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' fi _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' ;; amigaos*) case $host_cpu in powerpc) # see comment about AmigaOS4 .so support _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' ;; m68k) # FIXME: we need at least 68020 code to build shared libraries, but # adding the '-m68020' flag to GCC prevents building anything better, # like '-m68040'. _LT_TAGVAR(lt_prog_compiler_pic, $1)='-m68020 -resident32 -malways-restore-a4' ;; esac ;; beos* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*) # PIC is the default for these OSes. ;; mingw* | cygwin* | os2* | pw32* | cegcc*) # This hack is so that the source file can tell whether it is being # built for inclusion in a dll (and should export symbols for example). # Although the cygwin gcc ignores -fPIC, still need this for old-style # (--disable-auto-import) libraries m4_if([$1], [GCJ], [], [_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT']) case $host_os in os2*) _LT_TAGVAR(lt_prog_compiler_static, $1)='$wl-static' ;; esac ;; darwin* | rhapsody*) # PIC is the default on this platform # Common symbols not allowed in MH_DYLIB files _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common' ;; *djgpp*) # DJGPP does not support shared libraries at all _LT_TAGVAR(lt_prog_compiler_pic, $1)= ;; haiku*) # PIC is the default for Haiku. # The "-static" flag exists, but is broken. _LT_TAGVAR(lt_prog_compiler_static, $1)= ;; interix[[3-9]]*) # Interix 3.x gcc -fpic/-fPIC options generate broken code. # Instead, we relocate shared libraries at runtime. ;; sysv4*MP*) if test -d /usr/nec; then _LT_TAGVAR(lt_prog_compiler_pic, $1)=-Kconform_pic fi ;; hpux*) # PIC is the default for 64-bit PA HP-UX, but not for 32-bit # PA HP-UX. On IA64 HP-UX, PIC is the default but the pic flag # sets the default TLS model and affects inlining. case $host_cpu in hppa*64*) ;; *) _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' ;; esac ;; *qnx* | *nto*) # QNX uses GNU C++, but need to define -shared option too, otherwise # it will coredump. _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared' ;; *) _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' ;; esac else case $host_os in aix[[4-9]]*) # All AIX code is PIC. if test ia64 = "$host_cpu"; then # AIX 5 now supports IA64 processor _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' else _LT_TAGVAR(lt_prog_compiler_static, $1)='-bnso -bI:/lib/syscalls.exp' fi ;; chorus*) case $cc_basename in cxch68*) # Green Hills C++ Compiler # _LT_TAGVAR(lt_prog_compiler_static, $1)="--no_auto_instantiation -u __main -u __premain -u _abort -r $COOL_DIR/lib/libOrb.a $MVME_DIR/lib/CC/libC.a $MVME_DIR/lib/classix/libcx.s.a" ;; esac ;; mingw* | cygwin* | os2* | pw32* | cegcc*) # This hack is so that the source file can tell whether it is being # built for inclusion in a dll (and should export symbols for example). m4_if([$1], [GCJ], [], [_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT']) ;; dgux*) case $cc_basename in ec++*) _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' ;; ghcx*) # Green Hills C++ Compiler _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic' ;; *) ;; esac ;; freebsd* | dragonfly* | midnightbsd*) # FreeBSD uses GNU C++ ;; hpux9* | hpux10* | hpux11*) case $cc_basename in CC*) _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' _LT_TAGVAR(lt_prog_compiler_static, $1)='$wl-a ${wl}archive' if test ia64 != "$host_cpu"; then _LT_TAGVAR(lt_prog_compiler_pic, $1)='+Z' fi ;; aCC*) _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' _LT_TAGVAR(lt_prog_compiler_static, $1)='$wl-a ${wl}archive' case $host_cpu in hppa*64*|ia64*) # +Z the default ;; *) _LT_TAGVAR(lt_prog_compiler_pic, $1)='+Z' ;; esac ;; *) ;; esac ;; interix*) # This is c89, which is MS Visual C++ (no shared libs) # Anyone wants to do a port? ;; irix5* | irix6* | nonstopux*) case $cc_basename in CC*) _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' # CC pic flag -KPIC is the default. ;; *) ;; esac ;; linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) case $cc_basename in KCC*) # KAI C++ Compiler _LT_TAGVAR(lt_prog_compiler_wl, $1)='--backend -Wl,' _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' ;; ecpc* ) # old Intel C++ for x86_64, which still supported -KPIC. _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' ;; icpc* ) # Intel C++, used to be incompatible with GCC. # ICC 10 doesn't accept -KPIC any more. _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' ;; pgCC* | pgcpp*) # Portland Group C++ compiler _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fpic' _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' ;; cxx*) # Compaq C++ # Make sure the PIC flag is empty. It appears that all Alpha # Linux and Compaq Tru64 Unix objects are PIC. _LT_TAGVAR(lt_prog_compiler_pic, $1)= _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' ;; xlc* | xlC* | bgxl[[cC]]* | mpixl[[cC]]*) # IBM XL 8.0, 9.0 on PPC and BlueGene _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' _LT_TAGVAR(lt_prog_compiler_pic, $1)='-qpic' _LT_TAGVAR(lt_prog_compiler_static, $1)='-qstaticlink' ;; *) case `$CC -V 2>&1 | $SED 5q` in *Sun\ C*) # Sun C++ 5.9 _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ' ;; esac ;; esac ;; lynxos*) ;; m88k*) ;; mvs*) case $cc_basename in cxx*) _LT_TAGVAR(lt_prog_compiler_pic, $1)='-W c,exportall' ;; *) ;; esac ;; netbsd* | netbsdelf*-gnu) ;; *qnx* | *nto*) # QNX uses GNU C++, but need to define -shared option too, otherwise # it will coredump. _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared' ;; osf3* | osf4* | osf5*) case $cc_basename in KCC*) _LT_TAGVAR(lt_prog_compiler_wl, $1)='--backend -Wl,' ;; RCC*) # Rational C++ 2.4.1 _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic' ;; cxx*) # Digital/Compaq C++ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' # Make sure the PIC flag is empty. It appears that all Alpha # Linux and Compaq Tru64 Unix objects are PIC. _LT_TAGVAR(lt_prog_compiler_pic, $1)= _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' ;; *) ;; esac ;; psos*) ;; solaris*) case $cc_basename in CC* | sunCC*) # Sun C++ 4.2, 5.x and Centerline C++ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ' ;; gcx*) # Green Hills C++ Compiler _LT_TAGVAR(lt_prog_compiler_pic, $1)='-PIC' ;; *) ;; esac ;; sunos4*) case $cc_basename in CC*) # Sun C++ 4.x _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic' _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' ;; lcc*) # Lucid _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic' ;; *) ;; esac ;; sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*) case $cc_basename in CC*) _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' ;; esac ;; tandem*) case $cc_basename in NCC*) # NonStop-UX NCC 3.20 _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' ;; *) ;; esac ;; vxworks*) ;; *) _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no ;; esac fi ], [ if test yes = "$GCC"; then _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' case $host_os in aix*) # All AIX code is PIC. if test ia64 = "$host_cpu"; then # AIX 5 now supports IA64 processor _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' fi _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' ;; amigaos*) case $host_cpu in powerpc) # see comment about AmigaOS4 .so support _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' ;; m68k) # FIXME: we need at least 68020 code to build shared libraries, but # adding the '-m68020' flag to GCC prevents building anything better, # like '-m68040'. _LT_TAGVAR(lt_prog_compiler_pic, $1)='-m68020 -resident32 -malways-restore-a4' ;; esac ;; beos* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*) # PIC is the default for these OSes. ;; mingw* | cygwin* | pw32* | os2* | cegcc*) # This hack is so that the source file can tell whether it is being # built for inclusion in a dll (and should export symbols for example). # Although the cygwin gcc ignores -fPIC, still need this for old-style # (--disable-auto-import) libraries m4_if([$1], [GCJ], [], [_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT']) case $host_os in os2*) _LT_TAGVAR(lt_prog_compiler_static, $1)='$wl-static' ;; esac ;; darwin* | rhapsody*) # PIC is the default on this platform # Common symbols not allowed in MH_DYLIB files _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common' ;; haiku*) # PIC is the default for Haiku. # The "-static" flag exists, but is broken. _LT_TAGVAR(lt_prog_compiler_static, $1)= ;; hpux*) # PIC is the default for 64-bit PA HP-UX, but not for 32-bit # PA HP-UX. On IA64 HP-UX, PIC is the default but the pic flag # sets the default TLS model and affects inlining. case $host_cpu in hppa*64*) # +Z the default ;; *) _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' ;; esac ;; interix[[3-9]]*) # Interix 3.x gcc -fpic/-fPIC options generate broken code. # Instead, we relocate shared libraries at runtime. ;; msdosdjgpp*) # Just because we use GCC doesn't mean we suddenly get shared libraries # on systems that don't support them. _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no enable_shared=no ;; *nto* | *qnx*) # QNX uses GNU C++, but need to define -shared option too, otherwise # it will coredump. _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared' ;; sysv4*MP*) if test -d /usr/nec; then _LT_TAGVAR(lt_prog_compiler_pic, $1)=-Kconform_pic fi ;; *) _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' ;; esac case $cc_basename in nvcc*) # Cuda Compiler Driver 2.2 _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Xlinker ' if test -n "$_LT_TAGVAR(lt_prog_compiler_pic, $1)"; then _LT_TAGVAR(lt_prog_compiler_pic, $1)="-Xcompiler $_LT_TAGVAR(lt_prog_compiler_pic, $1)" fi ;; esac else # PORTME Check for flag to pass linker flags through the system compiler. case $host_os in aix*) _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' if test ia64 = "$host_cpu"; then # AIX 5 now supports IA64 processor _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' else _LT_TAGVAR(lt_prog_compiler_static, $1)='-bnso -bI:/lib/syscalls.exp' fi ;; darwin* | rhapsody*) # PIC is the default on this platform # Common symbols not allowed in MH_DYLIB files _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common' case $cc_basename in nagfor*) # NAG Fortran compiler _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,-Wl,,' _LT_TAGVAR(lt_prog_compiler_pic, $1)='-PIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' ;; esac ;; mingw* | cygwin* | pw32* | os2* | cegcc*) # This hack is so that the source file can tell whether it is being # built for inclusion in a dll (and should export symbols for example). m4_if([$1], [GCJ], [], [_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT']) case $host_os in os2*) _LT_TAGVAR(lt_prog_compiler_static, $1)='$wl-static' ;; esac ;; hpux9* | hpux10* | hpux11*) _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but # not for PA HP-UX. case $host_cpu in hppa*64*|ia64*) # +Z the default ;; *) _LT_TAGVAR(lt_prog_compiler_pic, $1)='+Z' ;; esac # Is there a better lt_prog_compiler_static that works with the bundled CC? _LT_TAGVAR(lt_prog_compiler_static, $1)='$wl-a ${wl}archive' ;; irix5* | irix6* | nonstopux*) _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' # PIC (with -KPIC) is the default. _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' ;; linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) case $cc_basename in # old Intel for x86_64, which still supported -KPIC. ecc*) _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' ;; # flang / f18. f95 an alias for gfortran or flang on Debian flang* | f18* | f95*) _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' ;; # icc used to be incompatible with GCC. # ICC 10 doesn't accept -KPIC any more. icc* | ifort*) _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' ;; # Lahey Fortran 8.1. lf95*) _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' _LT_TAGVAR(lt_prog_compiler_pic, $1)='--shared' _LT_TAGVAR(lt_prog_compiler_static, $1)='--static' ;; nagfor*) # NAG Fortran compiler _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,-Wl,,' _LT_TAGVAR(lt_prog_compiler_pic, $1)='-PIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' ;; tcc*) # Fabrice Bellard et al's Tiny C Compiler _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' ;; pgcc* | pgf77* | pgf90* | pgf95* | pgfortran*) # Portland Group compilers (*not* the Pentium gcc compiler, # which looks to be a dead project) _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fpic' _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' ;; ccc*) _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' # All Alpha code is PIC. _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' ;; xl* | bgxl* | bgf* | mpixl*) # IBM XL C 8.0/Fortran 10.1, 11.1 on PPC and BlueGene _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' _LT_TAGVAR(lt_prog_compiler_pic, $1)='-qpic' _LT_TAGVAR(lt_prog_compiler_static, $1)='-qstaticlink' ;; *) case `$CC -V 2>&1 | $SED 5q` in *Sun\ Ceres\ Fortran* | *Sun*Fortran*\ [[1-7]].* | *Sun*Fortran*\ 8.[[0-3]]*) # Sun Fortran 8.3 passes all unrecognized flags to the linker _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' _LT_TAGVAR(lt_prog_compiler_wl, $1)='' ;; *Sun\ F* | *Sun*Fortran*) _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ' ;; *Sun\ C*) # Sun C 5.9 _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' ;; *Intel*\ [[CF]]*Compiler*) _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' ;; *Portland\ Group*) _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fpic' _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' ;; esac ;; esac ;; newsos6) _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' ;; *nto* | *qnx*) # QNX uses GNU C++, but need to define -shared option too, otherwise # it will coredump. _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared' ;; osf3* | osf4* | osf5*) _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' # All OSF/1 code is PIC. _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' ;; rdos*) _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' ;; solaris*) _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' case $cc_basename in f77* | f90* | f95* | sunf77* | sunf90* | sunf95*) _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ';; *) _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,';; esac ;; sunos4*) _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ' _LT_TAGVAR(lt_prog_compiler_pic, $1)='-PIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' ;; sysv4 | sysv4.2uw2* | sysv4.3*) _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' ;; sysv4*MP*) if test -d /usr/nec; then _LT_TAGVAR(lt_prog_compiler_pic, $1)='-Kconform_pic' _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' fi ;; sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*) _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' ;; unicos*) _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no ;; uts4*) _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic' _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' ;; *) _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no ;; esac fi ]) case $host_os in # For platforms that do not support PIC, -DPIC is meaningless: *djgpp*) _LT_TAGVAR(lt_prog_compiler_pic, $1)= ;; *) _LT_TAGVAR(lt_prog_compiler_pic, $1)="$_LT_TAGVAR(lt_prog_compiler_pic, $1)@&t@m4_if([$1],[],[ -DPIC],[m4_if([$1],[CXX],[ -DPIC],[])])" ;; esac AC_CACHE_CHECK([for $compiler option to produce PIC], [_LT_TAGVAR(lt_cv_prog_compiler_pic, $1)], [_LT_TAGVAR(lt_cv_prog_compiler_pic, $1)=$_LT_TAGVAR(lt_prog_compiler_pic, $1)]) _LT_TAGVAR(lt_prog_compiler_pic, $1)=$_LT_TAGVAR(lt_cv_prog_compiler_pic, $1) # # Check to make sure the PIC flag actually works. # if test -n "$_LT_TAGVAR(lt_prog_compiler_pic, $1)"; then _LT_COMPILER_OPTION([if $compiler PIC flag $_LT_TAGVAR(lt_prog_compiler_pic, $1) works], [_LT_TAGVAR(lt_cv_prog_compiler_pic_works, $1)], [$_LT_TAGVAR(lt_prog_compiler_pic, $1)@&t@m4_if([$1],[],[ -DPIC],[m4_if([$1],[CXX],[ -DPIC],[])])], [], [case $_LT_TAGVAR(lt_prog_compiler_pic, $1) in "" | " "*) ;; *) _LT_TAGVAR(lt_prog_compiler_pic, $1)=" $_LT_TAGVAR(lt_prog_compiler_pic, $1)" ;; esac], [_LT_TAGVAR(lt_prog_compiler_pic, $1)= _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no]) fi _LT_TAGDECL([pic_flag], [lt_prog_compiler_pic], [1], [Additional compiler flags for building library objects]) _LT_TAGDECL([wl], [lt_prog_compiler_wl], [1], [How to pass a linker flag through the compiler]) # # Check to make sure the static flag actually works. # wl=$_LT_TAGVAR(lt_prog_compiler_wl, $1) eval lt_tmp_static_flag=\"$_LT_TAGVAR(lt_prog_compiler_static, $1)\" _LT_LINKER_OPTION([if $compiler static flag $lt_tmp_static_flag works], _LT_TAGVAR(lt_cv_prog_compiler_static_works, $1), $lt_tmp_static_flag, [], [_LT_TAGVAR(lt_prog_compiler_static, $1)=]) _LT_TAGDECL([link_static_flag], [lt_prog_compiler_static], [1], [Compiler flag to prevent dynamic linking]) ])# _LT_COMPILER_PIC # _LT_LINKER_SHLIBS([TAGNAME]) # ---------------------------- # See if the linker supports building shared libraries. m4_defun([_LT_LINKER_SHLIBS], [AC_REQUIRE([LT_PATH_LD])dnl AC_REQUIRE([LT_PATH_NM])dnl m4_require([_LT_PATH_MANIFEST_TOOL])dnl m4_require([_LT_FILEUTILS_DEFAULTS])dnl m4_require([_LT_DECL_EGREP])dnl m4_require([_LT_DECL_SED])dnl m4_require([_LT_CMD_GLOBAL_SYMBOLS])dnl m4_require([_LT_TAG_COMPILER])dnl AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries]) m4_if([$1], [CXX], [ _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' _LT_TAGVAR(exclude_expsyms, $1)=['_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*'] case $host_os in aix[[4-9]]*) # If we're using GNU nm, then we don't want the "-C" option. # -C means demangle to GNU nm, but means don't demangle to AIX nm. # Without the "-l" option, or with the "-B" option, AIX nm treats # weak defined symbols like other global defined symbols, whereas # GNU nm marks them as "W". # While the 'weak' keyword is ignored in the Export File, we need # it in the Import File for the 'aix-soname' feature, so we have # to replace the "-B" option with "-P" for AIX nm. if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then _LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && ([substr](\$ 3,1,1) != ".")) { if (\$ 2 == "W") { print \$ 3 " weak" } else { print \$ 3 } } }'\'' | sort -u > $export_symbols' else _LT_TAGVAR(export_symbols_cmds, $1)='`func_echo_all $NM | $SED -e '\''s/B\([[^B]]*\)$/P\1/'\''` -PCpgl $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "L") || (\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) && ([substr](\$ 1,1,1) != ".")) { if ((\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) { print \$ 1 " weak" } else { print \$ 1 } } }'\'' | sort -u > $export_symbols' fi ;; pw32*) _LT_TAGVAR(export_symbols_cmds, $1)=$ltdll_cmds ;; cygwin* | mingw* | cegcc*) case $cc_basename in cl* | icl*) _LT_TAGVAR(exclude_expsyms, $1)='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*' ;; *) _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/;s/^.*[[ ]]__nm__\([[^ ]]*\)[[ ]][[^ ]]*/\1 DATA/;/^I[[ ]]/d;/^[[AITW]][[ ]]/s/.* //'\'' | sort | uniq > $export_symbols' _LT_TAGVAR(exclude_expsyms, $1)=['[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname'] ;; esac ;; linux* | k*bsd*-gnu | gnu*) _LT_TAGVAR(link_all_deplibs, $1)=no ;; *) _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' ;; esac ], [ runpath_var= _LT_TAGVAR(allow_undefined_flag, $1)= _LT_TAGVAR(always_export_symbols, $1)=no _LT_TAGVAR(archive_cmds, $1)= _LT_TAGVAR(archive_expsym_cmds, $1)= _LT_TAGVAR(compiler_needs_object, $1)=no _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no _LT_TAGVAR(export_dynamic_flag_spec, $1)= _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' _LT_TAGVAR(hardcode_automatic, $1)=no _LT_TAGVAR(hardcode_direct, $1)=no _LT_TAGVAR(hardcode_direct_absolute, $1)=no _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= _LT_TAGVAR(hardcode_libdir_separator, $1)= _LT_TAGVAR(hardcode_minus_L, $1)=no _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported _LT_TAGVAR(inherit_rpath, $1)=no _LT_TAGVAR(link_all_deplibs, $1)=unknown _LT_TAGVAR(module_cmds, $1)= _LT_TAGVAR(module_expsym_cmds, $1)= _LT_TAGVAR(old_archive_from_new_cmds, $1)= _LT_TAGVAR(old_archive_from_expsyms_cmds, $1)= _LT_TAGVAR(thread_safe_flag_spec, $1)= _LT_TAGVAR(whole_archive_flag_spec, $1)= # include_expsyms should be a list of space-separated symbols to be *always* # included in the symbol list _LT_TAGVAR(include_expsyms, $1)= # exclude_expsyms can be an extended regexp of symbols to exclude # it will be wrapped by ' (' and ')$', so one must not match beginning or # end of line. Example: 'a|bc|.*d.*' will exclude the symbols 'a' and 'bc', # as well as any symbol that contains 'd'. _LT_TAGVAR(exclude_expsyms, $1)=['_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*'] # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out # platforms (ab)use it in PIC code, but their linkers get confused if # the symbol is explicitly referenced. Since portable code cannot # rely on this symbol name, it's probably fine to never include it in # preloaded symbol tables. # Exclude shared library initialization/finalization symbols. dnl Note also adjust exclude_expsyms for C++ above. extract_expsyms_cmds= case $host_os in cygwin* | mingw* | pw32* | cegcc*) # FIXME: the MSVC++ and ICC port hasn't been tested in a loooong time # When not using gcc, we currently assume that we are using # Microsoft Visual C++ or Intel C++ Compiler. if test yes != "$GCC"; then with_gnu_ld=no fi ;; interix*) # we just hope/assume this is gcc and not c89 (= MSVC++ or ICC) with_gnu_ld=yes ;; openbsd* | bitrig*) with_gnu_ld=no ;; linux* | k*bsd*-gnu | gnu*) _LT_TAGVAR(link_all_deplibs, $1)=no ;; esac _LT_TAGVAR(ld_shlibs, $1)=yes # On some targets, GNU ld is compatible enough with the native linker # that we're better off using the native interface for both. lt_use_gnu_ld_interface=no if test yes = "$with_gnu_ld"; then case $host_os in aix*) # The AIX port of GNU ld has always aspired to compatibility # with the native linker. However, as the warning in the GNU ld # block says, versions before 2.19.5* couldn't really create working # shared libraries, regardless of the interface used. case `$LD -v 2>&1` in *\ \(GNU\ Binutils\)\ 2.19.5*) ;; *\ \(GNU\ Binutils\)\ 2.[[2-9]]*) ;; *\ \(GNU\ Binutils\)\ [[3-9]]*) ;; *) lt_use_gnu_ld_interface=yes ;; esac ;; *) lt_use_gnu_ld_interface=yes ;; esac fi if test yes = "$lt_use_gnu_ld_interface"; then # If archive_cmds runs LD, not CC, wlarc should be empty wlarc='$wl' # Set some defaults for GNU ld with shared library support. These # are reset later if shared libraries are not supported. Putting them # here allows them to be overridden if necessary. runpath_var=LD_RUN_PATH _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir' _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl--export-dynamic' # ancient GNU ld didn't support --whole-archive et. al. if $LD --help 2>&1 | $GREP 'no-whole-archive' > /dev/null; then _LT_TAGVAR(whole_archive_flag_spec, $1)=$wlarc'--whole-archive$convenience '$wlarc'--no-whole-archive' else _LT_TAGVAR(whole_archive_flag_spec, $1)= fi supports_anon_versioning=no case `$LD -v | $SED -e 's/([[^)]]\+)\s\+//' 2>&1` in *GNU\ gold*) supports_anon_versioning=yes ;; *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.10.*) ;; # catch versions < 2.11 *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ... *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ... *\ 2.11.*) ;; # other 2.11 versions *) supports_anon_versioning=yes ;; esac # See if GNU ld supports shared libraries. case $host_os in aix[[3-9]]*) # On AIX/PPC, the GNU linker is very broken if test ia64 != "$host_cpu"; then _LT_TAGVAR(ld_shlibs, $1)=no cat <<_LT_EOF 1>&2 *** Warning: the GNU linker, at least up to release 2.19, is reported *** to be unable to reliably create shared libraries on AIX. *** Therefore, libtool is disabling shared libraries support. If you *** really care for shared libraries, you may want to install binutils *** 2.20 or above, or modify your PATH so that a non-GNU linker is found. *** You will then need to restart the configuration process. _LT_EOF fi ;; amigaos*) case $host_cpu in powerpc) # see comment about AmigaOS4 .so support _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib' _LT_TAGVAR(archive_expsym_cmds, $1)='' ;; m68k) _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' _LT_TAGVAR(hardcode_minus_L, $1)=yes ;; esac ;; beos*) if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then _LT_TAGVAR(allow_undefined_flag, $1)=unsupported # Joseph Beckenbach says some releases of gcc # support --undefined. This deserves some investigation. FIXME _LT_TAGVAR(archive_cmds, $1)='$CC -nostart $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib' else _LT_TAGVAR(ld_shlibs, $1)=no fi ;; cygwin* | mingw* | pw32* | cegcc*) # _LT_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless, # as there is no search path for DLLs. _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl--export-all-symbols' _LT_TAGVAR(allow_undefined_flag, $1)=unsupported _LT_TAGVAR(always_export_symbols, $1)=no _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/;s/^.*[[ ]]__nm__\([[^ ]]*\)[[ ]][[^ ]]*/\1 DATA/;/^I[[ ]]/d;/^[[AITW]][[ ]]/s/.* //'\'' | sort | uniq > $export_symbols' _LT_TAGVAR(exclude_expsyms, $1)=['[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname'] if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname $wl--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' # If the export-symbols file already is a .def file, use it as # is; otherwise, prepend EXPORTS... _LT_TAGVAR(archive_expsym_cmds, $1)='if _LT_DLL_DEF_P([$export_symbols]); then cp $export_symbols $output_objdir/$soname.def; else echo EXPORTS > $output_objdir/$soname.def; cat $export_symbols >> $output_objdir/$soname.def; fi~ $CC -shared $output_objdir/$soname.def $libobjs $deplibs $compiler_flags -o $output_objdir/$soname $wl--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' else _LT_TAGVAR(ld_shlibs, $1)=no fi ;; haiku*) _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib' _LT_TAGVAR(link_all_deplibs, $1)=yes ;; os2*) _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' _LT_TAGVAR(hardcode_minus_L, $1)=yes _LT_TAGVAR(allow_undefined_flag, $1)=unsupported shrext_cmds=.dll _LT_TAGVAR(archive_cmds, $1)='$ECHO "LIBRARY ${soname%$shared_ext} INITINSTANCE TERMINSTANCE" > $output_objdir/$libname.def~ $ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~ $ECHO "DATA MULTIPLE NONSHARED" >> $output_objdir/$libname.def~ $ECHO EXPORTS >> $output_objdir/$libname.def~ emxexp $libobjs | $SED /"_DLL_InitTerm"/d >> $output_objdir/$libname.def~ $CC -Zdll -Zcrtdll -o $output_objdir/$soname $libobjs $deplibs $compiler_flags $output_objdir/$libname.def~ emximp -o $lib $output_objdir/$libname.def' _LT_TAGVAR(archive_expsym_cmds, $1)='$ECHO "LIBRARY ${soname%$shared_ext} INITINSTANCE TERMINSTANCE" > $output_objdir/$libname.def~ $ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~ $ECHO "DATA MULTIPLE NONSHARED" >> $output_objdir/$libname.def~ $ECHO EXPORTS >> $output_objdir/$libname.def~ prefix_cmds="$SED"~ if test EXPORTS = "`$SED 1q $export_symbols`"; then prefix_cmds="$prefix_cmds -e 1d"; fi~ prefix_cmds="$prefix_cmds -e \"s/^\(.*\)$/_\1/g\""~ cat $export_symbols | $prefix_cmds >> $output_objdir/$libname.def~ $CC -Zdll -Zcrtdll -o $output_objdir/$soname $libobjs $deplibs $compiler_flags $output_objdir/$libname.def~ emximp -o $lib $output_objdir/$libname.def' _LT_TAGVAR(old_archive_From_new_cmds, $1)='emximp -o $output_objdir/${libname}_dll.a $output_objdir/$libname.def' _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes _LT_TAGVAR(file_list_spec, $1)='@' ;; interix[[3-9]]*) _LT_TAGVAR(hardcode_direct, $1)=no _LT_TAGVAR(hardcode_shlibpath_var, $1)=no _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath,$libdir' _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-E' # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc. # Instead, shared libraries are loaded at an image base (0x10000000 by # default) and relocated if they conflict, which is a slow very memory # consuming and fragmenting process. To avoid this, we pick a random, # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link # time. Moving up from 0x10000000 also allows more sbrk(2) space. _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' _LT_TAGVAR(archive_expsym_cmds, $1)='$SED "s|^|_|" $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--retain-symbols-file,$output_objdir/$soname.expsym $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' ;; gnu* | linux* | tpf* | k*bsd*-gnu | kopensolaris*-gnu) tmp_diet=no if test linux-dietlibc = "$host_os"; then case $cc_basename in diet\ *) tmp_diet=yes;; # linux-dietlibc with static linking (!diet-dyn) esac fi if $LD --help 2>&1 | $EGREP ': supported targets:.* elf' > /dev/null \ && test no = "$tmp_diet" then tmp_addflag=' $pic_flag' tmp_sharedflag='-shared' case $cc_basename,$host_cpu in pgcc*) # Portland Group C compiler _LT_TAGVAR(whole_archive_flag_spec, $1)='$wl--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` $wl--no-whole-archive' tmp_addflag=' $pic_flag' ;; pgf77* | pgf90* | pgf95* | pgfortran*) # Portland Group f77 and f90 compilers _LT_TAGVAR(whole_archive_flag_spec, $1)='$wl--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` $wl--no-whole-archive' tmp_addflag=' $pic_flag -Mnomain' ;; ecc*,ia64* | icc*,ia64*) # Intel C compiler on ia64 tmp_addflag=' -i_dynamic' ;; efc*,ia64* | ifort*,ia64*) # Intel Fortran compiler on ia64 tmp_addflag=' -i_dynamic -nofor_main' ;; ifc* | ifort*) # Intel Fortran compiler tmp_addflag=' -nofor_main' ;; lf95*) # Lahey Fortran 8.1 _LT_TAGVAR(whole_archive_flag_spec, $1)= tmp_sharedflag='--shared' ;; nagfor*) # NAGFOR 5.3 tmp_sharedflag='-Wl,-shared' ;; xl[[cC]]* | bgxl[[cC]]* | mpixl[[cC]]*) # IBM XL C 8.0 on PPC (deal with xlf below) tmp_sharedflag='-qmkshrobj' tmp_addflag= ;; nvcc*) # Cuda Compiler Driver 2.2 _LT_TAGVAR(whole_archive_flag_spec, $1)='$wl--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` $wl--no-whole-archive' _LT_TAGVAR(compiler_needs_object, $1)=yes ;; esac case `$CC -V 2>&1 | $SED 5q` in *Sun\ C*) # Sun C 5.9 _LT_TAGVAR(whole_archive_flag_spec, $1)='$wl--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` $wl--no-whole-archive' _LT_TAGVAR(compiler_needs_object, $1)=yes tmp_sharedflag='-G' ;; *Sun\ F*) # Sun Fortran 8.3 tmp_sharedflag='-G' ;; esac _LT_TAGVAR(archive_cmds, $1)='$CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib' if test yes = "$supports_anon_versioning"; then _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~ cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ echo "local: *; };" >> $output_objdir/$libname.ver~ $CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-version-script $wl$output_objdir/$libname.ver -o $lib' fi case $cc_basename in tcc*) _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir' _LT_TAGVAR(export_dynamic_flag_spec, $1)='-rdynamic' ;; xlf* | bgf* | bgxlf* | mpixlf*) # IBM XL Fortran 10.1 on PPC cannot create shared libs itself _LT_TAGVAR(whole_archive_flag_spec, $1)='--whole-archive$convenience --no-whole-archive' _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir' _LT_TAGVAR(archive_cmds, $1)='$LD -shared $libobjs $deplibs $linker_flags -soname $soname -o $lib' if test yes = "$supports_anon_versioning"; then _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~ cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ echo "local: *; };" >> $output_objdir/$libname.ver~ $LD -shared $libobjs $deplibs $linker_flags -soname $soname -version-script $output_objdir/$libname.ver -o $lib' fi ;; esac else _LT_TAGVAR(ld_shlibs, $1)=no fi ;; netbsd* | netbsdelf*-gnu) if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib' wlarc= else _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib' _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-retain-symbols-file $wl$export_symbols -o $lib' fi ;; solaris*) if $LD -v 2>&1 | $GREP 'BFD 2\.8' > /dev/null; then _LT_TAGVAR(ld_shlibs, $1)=no cat <<_LT_EOF 1>&2 *** Warning: The releases 2.8.* of the GNU linker cannot reliably *** create shared libraries on Solaris systems. Therefore, libtool *** is disabling shared libraries support. We urge you to upgrade GNU *** binutils to release 2.9.1 or newer. Another option is to modify *** your PATH or compiler configuration so that the native linker is *** used, and then restart. _LT_EOF elif $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib' _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-retain-symbols-file $wl$export_symbols -o $lib' else _LT_TAGVAR(ld_shlibs, $1)=no fi ;; sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*) case `$LD -v 2>&1` in *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.1[[0-5]].*) _LT_TAGVAR(ld_shlibs, $1)=no cat <<_LT_EOF 1>&2 *** Warning: Releases of the GNU linker prior to 2.16.91.0.3 cannot *** reliably create shared libraries on SCO systems. Therefore, libtool *** is disabling shared libraries support. We urge you to upgrade GNU *** binutils to release 2.16.91.0.3 or newer. Another option is to modify *** your PATH or compiler configuration so that the native linker is *** used, and then restart. _LT_EOF ;; *) # For security reasons, it is highly recommended that you always # use absolute paths for naming shared libraries, and exclude the # DT_RUNPATH tag from executables and libraries. But doing so # requires that you compile everything twice, which is a pain. if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir' _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib' _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-retain-symbols-file $wl$export_symbols -o $lib' else _LT_TAGVAR(ld_shlibs, $1)=no fi ;; esac ;; sunos4*) _LT_TAGVAR(archive_cmds, $1)='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linker_flags' wlarc= _LT_TAGVAR(hardcode_direct, $1)=yes _LT_TAGVAR(hardcode_shlibpath_var, $1)=no ;; *) if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib' _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-retain-symbols-file $wl$export_symbols -o $lib' else _LT_TAGVAR(ld_shlibs, $1)=no fi ;; esac if test no = "$_LT_TAGVAR(ld_shlibs, $1)"; then runpath_var= _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= _LT_TAGVAR(export_dynamic_flag_spec, $1)= _LT_TAGVAR(whole_archive_flag_spec, $1)= fi else # PORTME fill in a description of your system's linker (not GNU ld) case $host_os in aix3*) _LT_TAGVAR(allow_undefined_flag, $1)=unsupported _LT_TAGVAR(always_export_symbols, $1)=yes _LT_TAGVAR(archive_expsym_cmds, $1)='$LD -o $output_objdir/$soname $libobjs $deplibs $linker_flags -bE:$export_symbols -T512 -H512 -bM:SRE~$AR $AR_FLAGS $lib $output_objdir/$soname' # Note: this linker hardcodes the directories in LIBPATH if there # are no directories specified by -L. _LT_TAGVAR(hardcode_minus_L, $1)=yes if test yes = "$GCC" && test -z "$lt_prog_compiler_static"; then # Neither direct hardcoding nor static linking is supported with a # broken collect2. _LT_TAGVAR(hardcode_direct, $1)=unsupported fi ;; aix[[4-9]]*) if test ia64 = "$host_cpu"; then # On IA64, the linker does run time linking by default, so we don't # have to do anything special. aix_use_runtimelinking=no exp_sym_flag='-Bexport' no_entry_flag= else # If we're using GNU nm, then we don't want the "-C" option. # -C means demangle to GNU nm, but means don't demangle to AIX nm. # Without the "-l" option, or with the "-B" option, AIX nm treats # weak defined symbols like other global defined symbols, whereas # GNU nm marks them as "W". # While the 'weak' keyword is ignored in the Export File, we need # it in the Import File for the 'aix-soname' feature, so we have # to replace the "-B" option with "-P" for AIX nm. if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then _LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && ([substr](\$ 3,1,1) != ".")) { if (\$ 2 == "W") { print \$ 3 " weak" } else { print \$ 3 } } }'\'' | sort -u > $export_symbols' else _LT_TAGVAR(export_symbols_cmds, $1)='`func_echo_all $NM | $SED -e '\''s/B\([[^B]]*\)$/P\1/'\''` -PCpgl $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "L") || (\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) && ([substr](\$ 1,1,1) != ".")) { if ((\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) { print \$ 1 " weak" } else { print \$ 1 } } }'\'' | sort -u > $export_symbols' fi aix_use_runtimelinking=no # Test if we are trying to use run time linking or normal # AIX style linking. If -brtl is somewhere in LDFLAGS, we # have runtime linking enabled, and use it for executables. # For shared libraries, we enable/disable runtime linking # depending on the kind of the shared library created - # when "with_aix_soname,aix_use_runtimelinking" is: # "aix,no" lib.a(lib.so.V) shared, rtl:no, for executables # "aix,yes" lib.so shared, rtl:yes, for executables # lib.a static archive # "both,no" lib.so.V(shr.o) shared, rtl:yes # lib.a(lib.so.V) shared, rtl:no, for executables # "both,yes" lib.so.V(shr.o) shared, rtl:yes, for executables # lib.a(lib.so.V) shared, rtl:no # "svr4,*" lib.so.V(shr.o) shared, rtl:yes, for executables # lib.a static archive case $host_os in aix4.[[23]]|aix4.[[23]].*|aix[[5-9]]*) for ld_flag in $LDFLAGS; do if (test x-brtl = "x$ld_flag" || test x-Wl,-brtl = "x$ld_flag"); then aix_use_runtimelinking=yes break fi done if test svr4,no = "$with_aix_soname,$aix_use_runtimelinking"; then # With aix-soname=svr4, we create the lib.so.V shared archives only, # so we don't have lib.a shared libs to link our executables. # We have to force runtime linking in this case. aix_use_runtimelinking=yes LDFLAGS="$LDFLAGS -Wl,-brtl" fi ;; esac exp_sym_flag='-bexport' no_entry_flag='-bnoentry' fi # When large executables or shared objects are built, AIX ld can # have problems creating the table of contents. If linking a library # or program results in "error TOC overflow" add -mminimal-toc to # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS. _LT_TAGVAR(archive_cmds, $1)='' _LT_TAGVAR(hardcode_direct, $1)=yes _LT_TAGVAR(hardcode_direct_absolute, $1)=yes _LT_TAGVAR(hardcode_libdir_separator, $1)=':' _LT_TAGVAR(link_all_deplibs, $1)=yes _LT_TAGVAR(file_list_spec, $1)='$wl-f,' case $with_aix_soname,$aix_use_runtimelinking in aix,*) ;; # traditional, no import file svr4,* | *,yes) # use import file # The Import File defines what to hardcode. _LT_TAGVAR(hardcode_direct, $1)=no _LT_TAGVAR(hardcode_direct_absolute, $1)=no ;; esac if test yes = "$GCC"; then case $host_os in aix4.[[012]]|aix4.[[012]].*) # We only want to do this on AIX 4.2 and lower, the check # below for broken collect2 doesn't work under 4.3+ collect2name=`$CC -print-prog-name=collect2` if test -f "$collect2name" && strings "$collect2name" | $GREP resolve_lib_name >/dev/null then # We have reworked collect2 : else # We have old collect2 _LT_TAGVAR(hardcode_direct, $1)=unsupported # It fails to find uninstalled libraries when the uninstalled # path is not listed in the libpath. Setting hardcode_minus_L # to unsupported forces relinking _LT_TAGVAR(hardcode_minus_L, $1)=yes _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' _LT_TAGVAR(hardcode_libdir_separator, $1)= fi ;; esac shared_flag='-shared' if test yes = "$aix_use_runtimelinking"; then shared_flag="$shared_flag "'$wl-G' fi # Need to ensure runtime linking is disabled for the traditional # shared library, or the linker may eventually find shared libraries # /with/ Import File - we do not want to mix them. shared_flag_aix='-shared' shared_flag_svr4='-shared $wl-G' else # not using gcc if test ia64 = "$host_cpu"; then # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release # chokes on -Wl,-G. The following line is correct: shared_flag='-G' else if test yes = "$aix_use_runtimelinking"; then shared_flag='$wl-G' else shared_flag='$wl-bM:SRE' fi shared_flag_aix='$wl-bM:SRE' shared_flag_svr4='$wl-G' fi fi _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-bexpall' # It seems that -bexpall does not export symbols beginning with # underscore (_), so it is better to generate a list of symbols to export. _LT_TAGVAR(always_export_symbols, $1)=yes if test aix,yes = "$with_aix_soname,$aix_use_runtimelinking"; then # Warning - without using the other runtime loading flags (-brtl), # -berok will link without error, but may produce a broken library. _LT_TAGVAR(allow_undefined_flag, $1)='-berok' # Determine the default libpath from the value encoded in an # empty executable. _LT_SYS_MODULE_PATH_AIX([$1]) _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-blibpath:$libdir:'"$aix_libpath" _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $deplibs $wl'$no_entry_flag' $compiler_flags `if test -n "$allow_undefined_flag"; then func_echo_all "$wl$allow_undefined_flag"; else :; fi` $wl'$exp_sym_flag:\$export_symbols' '$shared_flag else if test ia64 = "$host_cpu"; then _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-R $libdir:/usr/lib:/lib' _LT_TAGVAR(allow_undefined_flag, $1)="-z nodefs" _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\$wl$no_entry_flag"' $compiler_flags $wl$allow_undefined_flag '"\$wl$exp_sym_flag:\$export_symbols" else # Determine the default libpath from the value encoded in an # empty executable. _LT_SYS_MODULE_PATH_AIX([$1]) _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-blibpath:$libdir:'"$aix_libpath" # Warning - without using the other run time loading flags, # -berok will link without error, but may produce a broken library. _LT_TAGVAR(no_undefined_flag, $1)=' $wl-bernotok' _LT_TAGVAR(allow_undefined_flag, $1)=' $wl-berok' if test yes = "$with_gnu_ld"; then # We only use this code for GNU lds that support --whole-archive. _LT_TAGVAR(whole_archive_flag_spec, $1)='$wl--whole-archive$convenience $wl--no-whole-archive' else # Exported symbols can be pulled into shared objects from archives _LT_TAGVAR(whole_archive_flag_spec, $1)='$convenience' fi _LT_TAGVAR(archive_cmds_need_lc, $1)=yes _LT_TAGVAR(archive_expsym_cmds, $1)='$RM -r $output_objdir/$realname.d~$MKDIR $output_objdir/$realname.d' # -brtl affects multiple linker settings, -berok does not and is overridden later compiler_flags_filtered='`func_echo_all "$compiler_flags " | $SED -e "s%-brtl\\([[, ]]\\)%-berok\\1%g"`' if test svr4 != "$with_aix_soname"; then # This is similar to how AIX traditionally builds its shared libraries. _LT_TAGVAR(archive_expsym_cmds, $1)="$_LT_TAGVAR(archive_expsym_cmds, $1)"'~$CC '$shared_flag_aix' -o $output_objdir/$realname.d/$soname $libobjs $deplibs $wl-bnoentry '$compiler_flags_filtered'$wl-bE:$export_symbols$allow_undefined_flag~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$realname.d/$soname' fi if test aix != "$with_aix_soname"; then _LT_TAGVAR(archive_expsym_cmds, $1)="$_LT_TAGVAR(archive_expsym_cmds, $1)"'~$CC '$shared_flag_svr4' -o $output_objdir/$realname.d/$shared_archive_member_spec.o $libobjs $deplibs $wl-bnoentry '$compiler_flags_filtered'$wl-bE:$export_symbols$allow_undefined_flag~$STRIP -e $output_objdir/$realname.d/$shared_archive_member_spec.o~( func_echo_all "#! $soname($shared_archive_member_spec.o)"; if test shr_64 = "$shared_archive_member_spec"; then func_echo_all "# 64"; else func_echo_all "# 32"; fi; cat $export_symbols ) > $output_objdir/$realname.d/$shared_archive_member_spec.imp~$AR $AR_FLAGS $output_objdir/$soname $output_objdir/$realname.d/$shared_archive_member_spec.o $output_objdir/$realname.d/$shared_archive_member_spec.imp' else # used by -dlpreopen to get the symbols _LT_TAGVAR(archive_expsym_cmds, $1)="$_LT_TAGVAR(archive_expsym_cmds, $1)"'~$MV $output_objdir/$realname.d/$soname $output_objdir' fi _LT_TAGVAR(archive_expsym_cmds, $1)="$_LT_TAGVAR(archive_expsym_cmds, $1)"'~$RM -r $output_objdir/$realname.d' fi fi ;; amigaos*) case $host_cpu in powerpc) # see comment about AmigaOS4 .so support _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib' _LT_TAGVAR(archive_expsym_cmds, $1)='' ;; m68k) _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)' _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' _LT_TAGVAR(hardcode_minus_L, $1)=yes ;; esac ;; bsdi[[45]]*) _LT_TAGVAR(export_dynamic_flag_spec, $1)=-rdynamic ;; cygwin* | mingw* | pw32* | cegcc*) # When not using gcc, we currently assume that we are using # Microsoft Visual C++ or Intel C++ Compiler. # hardcode_libdir_flag_spec is actually meaningless, as there is # no search path for DLLs. case $cc_basename in cl* | icl*) # Native MSVC or ICC _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' ' _LT_TAGVAR(allow_undefined_flag, $1)=unsupported _LT_TAGVAR(always_export_symbols, $1)=yes _LT_TAGVAR(file_list_spec, $1)='@' # Tell ltmain to make .lib files, not .a files. libext=lib # Tell ltmain to make .dll files, not .so files. shrext_cmds=.dll # FIXME: Setting linknames here is a bad hack. _LT_TAGVAR(archive_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $compiler_flags $deplibs -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~linknames=' _LT_TAGVAR(archive_expsym_cmds, $1)='if _LT_DLL_DEF_P([$export_symbols]); then cp "$export_symbols" "$output_objdir/$soname.def"; echo "$tool_output_objdir$soname.def" > "$output_objdir/$soname.exp"; else $SED -e '\''s/^/-link -EXPORT:/'\'' < $export_symbols > $output_objdir/$soname.exp; fi~ $CC -o $tool_output_objdir$soname $libobjs $compiler_flags $deplibs "@$tool_output_objdir$soname.exp" -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~ linknames=' # The linker will not automatically build a static lib if we build a DLL. # _LT_TAGVAR(old_archive_from_new_cmds, $1)='true' _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes _LT_TAGVAR(exclude_expsyms, $1)='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*' _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1,DATA/'\'' | $SED -e '\''/^[[AITW]][[ ]]/s/.*[[ ]]//'\'' | sort | uniq > $export_symbols' # Don't use ranlib _LT_TAGVAR(old_postinstall_cmds, $1)='chmod 644 $oldlib' _LT_TAGVAR(postlink_cmds, $1)='lt_outputfile="@OUTPUT@"~ lt_tool_outputfile="@TOOL_OUTPUT@"~ case $lt_outputfile in *.exe|*.EXE) ;; *) lt_outputfile=$lt_outputfile.exe lt_tool_outputfile=$lt_tool_outputfile.exe ;; esac~ if test : != "$MANIFEST_TOOL" && test -f "$lt_outputfile.manifest"; then $MANIFEST_TOOL -manifest "$lt_tool_outputfile.manifest" -outputresource:"$lt_tool_outputfile" || exit 1; $RM "$lt_outputfile.manifest"; fi' ;; *) # Assume MSVC and ICC wrapper _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' ' _LT_TAGVAR(allow_undefined_flag, $1)=unsupported # Tell ltmain to make .lib files, not .a files. libext=lib # Tell ltmain to make .dll files, not .so files. shrext_cmds=.dll # FIXME: Setting linknames here is a bad hack. _LT_TAGVAR(archive_cmds, $1)='$CC -o $lib $libobjs $compiler_flags `func_echo_all "$deplibs" | $SED '\''s/ -lc$//'\''` -link -dll~linknames=' # The linker will automatically build a .lib file if we build a DLL. _LT_TAGVAR(old_archive_from_new_cmds, $1)='true' # FIXME: Should let the user specify the lib program. _LT_TAGVAR(old_archive_cmds, $1)='lib -OUT:$oldlib$oldobjs$old_deplibs' _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes ;; esac ;; darwin* | rhapsody*) _LT_DARWIN_LINKER_FEATURES($1) ;; dgux*) _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' _LT_TAGVAR(hardcode_shlibpath_var, $1)=no ;; # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor # support. Future versions do this automatically, but an explicit c++rt0.o # does not break anything, and helps significantly (at the cost of a little # extra space). freebsd2.2*) _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o' _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' _LT_TAGVAR(hardcode_direct, $1)=yes _LT_TAGVAR(hardcode_shlibpath_var, $1)=no ;; # Unfortunately, older versions of FreeBSD 2 do not have this feature. freebsd2.*) _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' _LT_TAGVAR(hardcode_direct, $1)=yes _LT_TAGVAR(hardcode_minus_L, $1)=yes _LT_TAGVAR(hardcode_shlibpath_var, $1)=no ;; # FreeBSD 3 and greater uses gcc -shared to do shared libraries. freebsd* | dragonfly* | midnightbsd*) _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' _LT_TAGVAR(hardcode_direct, $1)=yes _LT_TAGVAR(hardcode_shlibpath_var, $1)=no ;; hpux9*) if test yes = "$GCC"; then _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -shared $pic_flag $wl+b $wl$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test "x$output_objdir/$soname" = "x$lib" || mv $output_objdir/$soname $lib' else _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test "x$output_objdir/$soname" = "x$lib" || mv $output_objdir/$soname $lib' fi _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl+b $wl$libdir' _LT_TAGVAR(hardcode_libdir_separator, $1)=: _LT_TAGVAR(hardcode_direct, $1)=yes # hardcode_minus_L: Not really in the search PATH, # but as the default location of the library. _LT_TAGVAR(hardcode_minus_L, $1)=yes _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-E' ;; hpux10*) if test yes,no = "$GCC,$with_gnu_ld"; then _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $wl+h $wl$soname $wl+b $wl$install_libdir -o $lib $libobjs $deplibs $compiler_flags' else _LT_TAGVAR(archive_cmds, $1)='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags' fi if test no = "$with_gnu_ld"; then _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl+b $wl$libdir' _LT_TAGVAR(hardcode_libdir_separator, $1)=: _LT_TAGVAR(hardcode_direct, $1)=yes _LT_TAGVAR(hardcode_direct_absolute, $1)=yes _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-E' # hardcode_minus_L: Not really in the search PATH, # but as the default location of the library. _LT_TAGVAR(hardcode_minus_L, $1)=yes fi ;; hpux11*) if test yes,no = "$GCC,$with_gnu_ld"; then case $host_cpu in hppa*64*) _LT_TAGVAR(archive_cmds, $1)='$CC -shared $wl+h $wl$soname -o $lib $libobjs $deplibs $compiler_flags' ;; ia64*) _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $wl+h $wl$soname $wl+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' ;; *) _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $wl+h $wl$soname $wl+b $wl$install_libdir -o $lib $libobjs $deplibs $compiler_flags' ;; esac else case $host_cpu in hppa*64*) _LT_TAGVAR(archive_cmds, $1)='$CC -b $wl+h $wl$soname -o $lib $libobjs $deplibs $compiler_flags' ;; ia64*) _LT_TAGVAR(archive_cmds, $1)='$CC -b $wl+h $wl$soname $wl+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' ;; *) m4_if($1, [], [ # Older versions of the 11.00 compiler do not understand -b yet # (HP92453-01 A.11.01.20 doesn't, HP92453-01 B.11.X.35175-35176.GP does) _LT_LINKER_OPTION([if $CC understands -b], _LT_TAGVAR(lt_cv_prog_compiler__b, $1), [-b], [_LT_TAGVAR(archive_cmds, $1)='$CC -b $wl+h $wl$soname $wl+b $wl$install_libdir -o $lib $libobjs $deplibs $compiler_flags'], [_LT_TAGVAR(archive_cmds, $1)='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'])], [_LT_TAGVAR(archive_cmds, $1)='$CC -b $wl+h $wl$soname $wl+b $wl$install_libdir -o $lib $libobjs $deplibs $compiler_flags']) ;; esac fi if test no = "$with_gnu_ld"; then _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl+b $wl$libdir' _LT_TAGVAR(hardcode_libdir_separator, $1)=: case $host_cpu in hppa*64*|ia64*) _LT_TAGVAR(hardcode_direct, $1)=no _LT_TAGVAR(hardcode_shlibpath_var, $1)=no ;; *) _LT_TAGVAR(hardcode_direct, $1)=yes _LT_TAGVAR(hardcode_direct_absolute, $1)=yes _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-E' # hardcode_minus_L: Not really in the search PATH, # but as the default location of the library. _LT_TAGVAR(hardcode_minus_L, $1)=yes ;; esac fi ;; irix5* | irix6* | nonstopux*) if test yes = "$GCC"; then _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` $wl-update_registry $wl$output_objdir/so_locations -o $lib' # Try to use the -exported_symbol ld option, if it does not # work, assume that -exports_file does not work either and # implicitly export all symbols. # This should be the same for all languages, so no per-tag cache variable. AC_CACHE_CHECK([whether the $host_os linker accepts -exported_symbol], [lt_cv_irix_exported_symbol], [save_LDFLAGS=$LDFLAGS LDFLAGS="$LDFLAGS -shared $wl-exported_symbol ${wl}foo $wl-update_registry $wl/dev/null" AC_LINK_IFELSE( [AC_LANG_SOURCE( [AC_LANG_CASE([C], [[int foo (void) { return 0; }]], [C++], [[int foo (void) { return 0; }]], [Fortran 77], [[ subroutine foo end]], [Fortran], [[ subroutine foo end]])])], [lt_cv_irix_exported_symbol=yes], [lt_cv_irix_exported_symbol=no]) LDFLAGS=$save_LDFLAGS]) if test yes = "$lt_cv_irix_exported_symbol"; then _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` $wl-update_registry $wl$output_objdir/so_locations $wl-exports_file $wl$export_symbols -o $lib' fi _LT_TAGVAR(link_all_deplibs, $1)=no else _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib' _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -exports_file $export_symbols -o $lib' fi _LT_TAGVAR(archive_cmds_need_lc, $1)='no' _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir' _LT_TAGVAR(hardcode_libdir_separator, $1)=: _LT_TAGVAR(inherit_rpath, $1)=yes _LT_TAGVAR(link_all_deplibs, $1)=yes ;; linux*) case $cc_basename in tcc*) # Fabrice Bellard et al's Tiny C Compiler _LT_TAGVAR(ld_shlibs, $1)=yes _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir' ;; esac ;; netbsd* | netbsdelf*-gnu) if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out else _LT_TAGVAR(archive_cmds, $1)='$LD -shared -o $lib $libobjs $deplibs $linker_flags' # ELF fi _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' _LT_TAGVAR(hardcode_direct, $1)=yes _LT_TAGVAR(hardcode_shlibpath_var, $1)=no ;; newsos6) _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' _LT_TAGVAR(hardcode_direct, $1)=yes _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir' _LT_TAGVAR(hardcode_libdir_separator, $1)=: _LT_TAGVAR(hardcode_shlibpath_var, $1)=no ;; *nto* | *qnx*) ;; openbsd* | bitrig*) if test -f /usr/libexec/ld.so; then _LT_TAGVAR(hardcode_direct, $1)=yes _LT_TAGVAR(hardcode_shlibpath_var, $1)=no _LT_TAGVAR(hardcode_direct_absolute, $1)=yes if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`"; then _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags $wl-retain-symbols-file,$export_symbols' _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath,$libdir' _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-E' else _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath,$libdir' fi else _LT_TAGVAR(ld_shlibs, $1)=no fi ;; os2*) _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' _LT_TAGVAR(hardcode_minus_L, $1)=yes _LT_TAGVAR(allow_undefined_flag, $1)=unsupported shrext_cmds=.dll _LT_TAGVAR(archive_cmds, $1)='$ECHO "LIBRARY ${soname%$shared_ext} INITINSTANCE TERMINSTANCE" > $output_objdir/$libname.def~ $ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~ $ECHO "DATA MULTIPLE NONSHARED" >> $output_objdir/$libname.def~ $ECHO EXPORTS >> $output_objdir/$libname.def~ emxexp $libobjs | $SED /"_DLL_InitTerm"/d >> $output_objdir/$libname.def~ $CC -Zdll -Zcrtdll -o $output_objdir/$soname $libobjs $deplibs $compiler_flags $output_objdir/$libname.def~ emximp -o $lib $output_objdir/$libname.def' _LT_TAGVAR(archive_expsym_cmds, $1)='$ECHO "LIBRARY ${soname%$shared_ext} INITINSTANCE TERMINSTANCE" > $output_objdir/$libname.def~ $ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~ $ECHO "DATA MULTIPLE NONSHARED" >> $output_objdir/$libname.def~ $ECHO EXPORTS >> $output_objdir/$libname.def~ prefix_cmds="$SED"~ if test EXPORTS = "`$SED 1q $export_symbols`"; then prefix_cmds="$prefix_cmds -e 1d"; fi~ prefix_cmds="$prefix_cmds -e \"s/^\(.*\)$/_\1/g\""~ cat $export_symbols | $prefix_cmds >> $output_objdir/$libname.def~ $CC -Zdll -Zcrtdll -o $output_objdir/$soname $libobjs $deplibs $compiler_flags $output_objdir/$libname.def~ emximp -o $lib $output_objdir/$libname.def' _LT_TAGVAR(old_archive_From_new_cmds, $1)='emximp -o $output_objdir/${libname}_dll.a $output_objdir/$libname.def' _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes _LT_TAGVAR(file_list_spec, $1)='@' ;; osf3*) if test yes = "$GCC"; then _LT_TAGVAR(allow_undefined_flag, $1)=' $wl-expect_unresolved $wl\*' _LT_TAGVAR(archive_cmds, $1)='$CC -shared$allow_undefined_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` $wl-update_registry $wl$output_objdir/so_locations -o $lib' else _LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*' _LT_TAGVAR(archive_cmds, $1)='$CC -shared$allow_undefined_flag $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib' fi _LT_TAGVAR(archive_cmds_need_lc, $1)='no' _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir' _LT_TAGVAR(hardcode_libdir_separator, $1)=: ;; osf4* | osf5*) # as osf3* with the addition of -msym flag if test yes = "$GCC"; then _LT_TAGVAR(allow_undefined_flag, $1)=' $wl-expect_unresolved $wl\*' _LT_TAGVAR(archive_cmds, $1)='$CC -shared$allow_undefined_flag $pic_flag $libobjs $deplibs $compiler_flags $wl-msym $wl-soname $wl$soname `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` $wl-update_registry $wl$output_objdir/so_locations -o $lib' _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir' else _LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*' _LT_TAGVAR(archive_cmds, $1)='$CC -shared$allow_undefined_flag $libobjs $deplibs $compiler_flags -msym -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib' _LT_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; printf "%s\\n" "-hidden">> $lib.exp~ $CC -shared$allow_undefined_flag $wl-input $wl$lib.exp $compiler_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && $ECHO "-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib~$RM $lib.exp' # Both c and cxx compiler support -rpath directly _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir' fi _LT_TAGVAR(archive_cmds_need_lc, $1)='no' _LT_TAGVAR(hardcode_libdir_separator, $1)=: ;; solaris*) _LT_TAGVAR(no_undefined_flag, $1)=' -z defs' if test yes = "$GCC"; then wlarc='$wl' _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $wl-z ${wl}text $wl-h $wl$soname -o $lib $libobjs $deplibs $compiler_flags' _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ $CC -shared $pic_flag $wl-z ${wl}text $wl-M $wl$lib.exp $wl-h $wl$soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp' else case `$CC -V 2>&1` in *"Compilers 5.0"*) wlarc='' _LT_TAGVAR(archive_cmds, $1)='$LD -G$allow_undefined_flag -h $soname -o $lib $libobjs $deplibs $linker_flags' _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ $LD -G$allow_undefined_flag -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$RM $lib.exp' ;; *) wlarc='$wl' _LT_TAGVAR(archive_cmds, $1)='$CC -G$allow_undefined_flag -h $soname -o $lib $libobjs $deplibs $compiler_flags' _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ $CC -G$allow_undefined_flag -M $lib.exp -h $soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp' ;; esac fi _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' _LT_TAGVAR(hardcode_shlibpath_var, $1)=no case $host_os in solaris2.[[0-5]] | solaris2.[[0-5]].*) ;; *) # The compiler driver will combine and reorder linker options, # but understands '-z linker_flag'. GCC discards it without '$wl', # but is careful enough not to reorder. # Supported since Solaris 2.6 (maybe 2.5.1?) if test yes = "$GCC"; then _LT_TAGVAR(whole_archive_flag_spec, $1)='$wl-z ${wl}allextract$convenience $wl-z ${wl}defaultextract' else _LT_TAGVAR(whole_archive_flag_spec, $1)='-z allextract$convenience -z defaultextract' fi ;; esac _LT_TAGVAR(link_all_deplibs, $1)=yes ;; sunos4*) if test sequent = "$host_vendor"; then # Use $CC to link under sequent, because it throws in some extra .o # files that make .init and .fini sections work. _LT_TAGVAR(archive_cmds, $1)='$CC -G $wl-h $soname -o $lib $libobjs $deplibs $compiler_flags' else _LT_TAGVAR(archive_cmds, $1)='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linker_flags' fi _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' _LT_TAGVAR(hardcode_direct, $1)=yes _LT_TAGVAR(hardcode_minus_L, $1)=yes _LT_TAGVAR(hardcode_shlibpath_var, $1)=no ;; sysv4) case $host_vendor in sni) _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' _LT_TAGVAR(hardcode_direct, $1)=yes # is this really true??? ;; siemens) ## LD is ld it makes a PLAMLIB ## CC just makes a GrossModule. _LT_TAGVAR(archive_cmds, $1)='$LD -G -o $lib $libobjs $deplibs $linker_flags' _LT_TAGVAR(reload_cmds, $1)='$CC -r -o $output$reload_objs' _LT_TAGVAR(hardcode_direct, $1)=no ;; motorola) _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' _LT_TAGVAR(hardcode_direct, $1)=no #Motorola manual says yes, but my tests say they lie ;; esac runpath_var='LD_RUN_PATH' _LT_TAGVAR(hardcode_shlibpath_var, $1)=no ;; sysv4.3*) _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' _LT_TAGVAR(hardcode_shlibpath_var, $1)=no _LT_TAGVAR(export_dynamic_flag_spec, $1)='-Bexport' ;; sysv4*MP*) if test -d /usr/nec; then _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' _LT_TAGVAR(hardcode_shlibpath_var, $1)=no runpath_var=LD_RUN_PATH hardcode_runpath_var=yes _LT_TAGVAR(ld_shlibs, $1)=yes fi ;; sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[[01]].[[10]]* | unixware7* | sco3.2v5.0.[[024]]*) _LT_TAGVAR(no_undefined_flag, $1)='$wl-z,text' _LT_TAGVAR(archive_cmds_need_lc, $1)=no _LT_TAGVAR(hardcode_shlibpath_var, $1)=no runpath_var='LD_RUN_PATH' if test yes = "$GCC"; then _LT_TAGVAR(archive_cmds, $1)='$CC -shared $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags' _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $wl-Bexport:$export_symbols $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags' else _LT_TAGVAR(archive_cmds, $1)='$CC -G $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags' _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G $wl-Bexport:$export_symbols $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags' fi ;; sysv5* | sco3.2v5* | sco5v6*) # Note: We CANNOT use -z defs as we might desire, because we do not # link with -lc, and that would cause any symbols used from libc to # always be unresolved, which means just about no library would # ever link correctly. If we're not using GNU ld we use -z text # though, which does catch some bad symbols but isn't as heavy-handed # as -z defs. _LT_TAGVAR(no_undefined_flag, $1)='$wl-z,text' _LT_TAGVAR(allow_undefined_flag, $1)='$wl-z,nodefs' _LT_TAGVAR(archive_cmds_need_lc, $1)=no _LT_TAGVAR(hardcode_shlibpath_var, $1)=no _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-R,$libdir' _LT_TAGVAR(hardcode_libdir_separator, $1)=':' _LT_TAGVAR(link_all_deplibs, $1)=yes _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-Bexport' runpath_var='LD_RUN_PATH' if test yes = "$GCC"; then _LT_TAGVAR(archive_cmds, $1)='$CC -shared $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags' _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $wl-Bexport:$export_symbols $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags' else _LT_TAGVAR(archive_cmds, $1)='$CC -G $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags' _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G $wl-Bexport:$export_symbols $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags' fi ;; uts4*) _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags' _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' _LT_TAGVAR(hardcode_shlibpath_var, $1)=no ;; *) _LT_TAGVAR(ld_shlibs, $1)=no ;; esac if test sni = "$host_vendor"; then case $host in sysv4 | sysv4.2uw2* | sysv4.3* | sysv5*) _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-Blargedynsym' ;; esac fi fi ]) AC_MSG_RESULT([$_LT_TAGVAR(ld_shlibs, $1)]) test no = "$_LT_TAGVAR(ld_shlibs, $1)" && can_build_shared=no _LT_TAGVAR(with_gnu_ld, $1)=$with_gnu_ld _LT_DECL([], [libext], [0], [Old archive suffix (normally "a")])dnl _LT_DECL([], [shrext_cmds], [1], [Shared library suffix (normally ".so")])dnl _LT_DECL([], [extract_expsyms_cmds], [2], [The commands to extract the exported symbol list from a shared archive]) # # Do we need to explicitly link libc? # case "x$_LT_TAGVAR(archive_cmds_need_lc, $1)" in x|xyes) # Assume -lc should be added _LT_TAGVAR(archive_cmds_need_lc, $1)=yes if test yes,yes = "$GCC,$enable_shared"; then case $_LT_TAGVAR(archive_cmds, $1) in *'~'*) # FIXME: we may have to deal with multi-command sequences. ;; '$CC '*) # Test whether the compiler implicitly links with -lc since on some # systems, -lgcc has to come before -lc. If gcc already passes -lc # to ld, don't add -lc before -lgcc. AC_CACHE_CHECK([whether -lc should be explicitly linked in], [lt_cv_]_LT_TAGVAR(archive_cmds_need_lc, $1), [$RM conftest* echo "$lt_simple_compile_test_code" > conftest.$ac_ext if AC_TRY_EVAL(ac_compile) 2>conftest.err; then soname=conftest lib=conftest libobjs=conftest.$ac_objext deplibs= wl=$_LT_TAGVAR(lt_prog_compiler_wl, $1) pic_flag=$_LT_TAGVAR(lt_prog_compiler_pic, $1) compiler_flags=-v linker_flags=-v verstring= output_objdir=. libname=conftest lt_save_allow_undefined_flag=$_LT_TAGVAR(allow_undefined_flag, $1) _LT_TAGVAR(allow_undefined_flag, $1)= if AC_TRY_EVAL(_LT_TAGVAR(archive_cmds, $1) 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1) then lt_cv_[]_LT_TAGVAR(archive_cmds_need_lc, $1)=no else lt_cv_[]_LT_TAGVAR(archive_cmds_need_lc, $1)=yes fi _LT_TAGVAR(allow_undefined_flag, $1)=$lt_save_allow_undefined_flag else cat conftest.err 1>&5 fi $RM conftest* ]) _LT_TAGVAR(archive_cmds_need_lc, $1)=$lt_cv_[]_LT_TAGVAR(archive_cmds_need_lc, $1) ;; esac fi ;; esac _LT_TAGDECL([build_libtool_need_lc], [archive_cmds_need_lc], [0], [Whether or not to add -lc for building shared libraries]) _LT_TAGDECL([allow_libtool_libs_with_static_runtimes], [enable_shared_with_static_runtimes], [0], [Whether or not to disallow shared libs when runtime libs are static]) _LT_TAGDECL([], [export_dynamic_flag_spec], [1], [Compiler flag to allow reflexive dlopens]) _LT_TAGDECL([], [whole_archive_flag_spec], [1], [Compiler flag to generate shared objects directly from archives]) _LT_TAGDECL([], [compiler_needs_object], [1], [Whether the compiler copes with passing no objects directly]) _LT_TAGDECL([], [old_archive_from_new_cmds], [2], [Create an old-style archive from a shared archive]) _LT_TAGDECL([], [old_archive_from_expsyms_cmds], [2], [Create a temporary old-style archive to link instead of a shared archive]) _LT_TAGDECL([], [archive_cmds], [2], [Commands used to build a shared archive]) _LT_TAGDECL([], [archive_expsym_cmds], [2]) _LT_TAGDECL([], [module_cmds], [2], [Commands used to build a loadable module if different from building a shared archive.]) _LT_TAGDECL([], [module_expsym_cmds], [2]) _LT_TAGDECL([], [with_gnu_ld], [1], [Whether we are building with GNU ld or not]) _LT_TAGDECL([], [allow_undefined_flag], [1], [Flag that allows shared libraries with undefined symbols to be built]) _LT_TAGDECL([], [no_undefined_flag], [1], [Flag that enforces no undefined symbols]) _LT_TAGDECL([], [hardcode_libdir_flag_spec], [1], [Flag to hardcode $libdir into a binary during linking. This must work even if $libdir does not exist]) _LT_TAGDECL([], [hardcode_libdir_separator], [1], [Whether we need a single "-rpath" flag with a separated argument]) _LT_TAGDECL([], [hardcode_direct], [0], [Set to "yes" if using DIR/libNAME$shared_ext during linking hardcodes DIR into the resulting binary]) _LT_TAGDECL([], [hardcode_direct_absolute], [0], [Set to "yes" if using DIR/libNAME$shared_ext during linking hardcodes DIR into the resulting binary and the resulting library dependency is "absolute", i.e impossible to change by setting $shlibpath_var if the library is relocated]) _LT_TAGDECL([], [hardcode_minus_L], [0], [Set to "yes" if using the -LDIR flag during linking hardcodes DIR into the resulting binary]) _LT_TAGDECL([], [hardcode_shlibpath_var], [0], [Set to "yes" if using SHLIBPATH_VAR=DIR during linking hardcodes DIR into the resulting binary]) _LT_TAGDECL([], [hardcode_automatic], [0], [Set to "yes" if building a shared library automatically hardcodes DIR into the library and all subsequent libraries and executables linked against it]) _LT_TAGDECL([], [inherit_rpath], [0], [Set to yes if linker adds runtime paths of dependent libraries to runtime path list]) _LT_TAGDECL([], [link_all_deplibs], [0], [Whether libtool must link a program against all its dependency libraries]) _LT_TAGDECL([], [always_export_symbols], [0], [Set to "yes" if exported symbols are required]) _LT_TAGDECL([], [export_symbols_cmds], [2], [The commands to list exported symbols]) _LT_TAGDECL([], [exclude_expsyms], [1], [Symbols that should not be listed in the preloaded symbols]) _LT_TAGDECL([], [include_expsyms], [1], [Symbols that must always be exported]) _LT_TAGDECL([], [prelink_cmds], [2], [Commands necessary for linking programs (against libraries) with templates]) _LT_TAGDECL([], [postlink_cmds], [2], [Commands necessary for finishing linking programs]) _LT_TAGDECL([], [file_list_spec], [1], [Specify filename containing input files]) dnl FIXME: Not yet implemented dnl _LT_TAGDECL([], [thread_safe_flag_spec], [1], dnl [Compiler flag to generate thread safe objects]) ])# _LT_LINKER_SHLIBS # _LT_LANG_C_CONFIG([TAG]) # ------------------------ # Ensure that the configuration variables for a C compiler are suitably # defined. These variables are subsequently used by _LT_CONFIG to write # the compiler configuration to 'libtool'. m4_defun([_LT_LANG_C_CONFIG], [m4_require([_LT_DECL_EGREP])dnl lt_save_CC=$CC AC_LANG_PUSH(C) # Source file extension for C test sources. ac_ext=c # Object file extension for compiled C test sources. objext=o _LT_TAGVAR(objext, $1)=$objext # Code to be used in simple compile tests lt_simple_compile_test_code="int some_variable = 0;" # Code to be used in simple link tests lt_simple_link_test_code='int main(){return(0);}' _LT_TAG_COMPILER # Save the default compiler, since it gets overwritten when the other # tags are being tested, and _LT_TAGVAR(compiler, []) is a NOP. compiler_DEFAULT=$CC # save warnings/boilerplate of simple test code _LT_COMPILER_BOILERPLATE _LT_LINKER_BOILERPLATE ## CAVEAT EMPTOR: ## There is no encapsulation within the following macros, do not change ## the running order or otherwise move them around unless you know exactly ## what you are doing... if test -n "$compiler"; then _LT_COMPILER_NO_RTTI($1) _LT_COMPILER_PIC($1) _LT_COMPILER_C_O($1) _LT_COMPILER_FILE_LOCKS($1) _LT_LINKER_SHLIBS($1) _LT_SYS_DYNAMIC_LINKER($1) _LT_LINKER_HARDCODE_LIBPATH($1) LT_SYS_DLOPEN_SELF _LT_CMD_STRIPLIB # Report what library types will actually be built AC_MSG_CHECKING([if libtool supports shared libraries]) AC_MSG_RESULT([$can_build_shared]) AC_MSG_CHECKING([whether to build shared libraries]) test no = "$can_build_shared" && enable_shared=no # On AIX, shared libraries and static libraries use the same namespace, and # are all built from PIC. case $host_os in aix3*) test yes = "$enable_shared" && enable_static=no if test -n "$RANLIB"; then archive_cmds="$archive_cmds~\$RANLIB \$lib" postinstall_cmds='$RANLIB $lib' fi ;; aix[[4-9]]*) if test ia64 != "$host_cpu"; then case $enable_shared,$with_aix_soname,$aix_use_runtimelinking in yes,aix,yes) ;; # shared object as lib.so file only yes,svr4,*) ;; # shared object as lib.so archive member only yes,*) enable_static=no ;; # shared object in lib.a archive as well esac fi ;; esac AC_MSG_RESULT([$enable_shared]) AC_MSG_CHECKING([whether to build static libraries]) # Make sure either enable_shared or enable_static is yes. test yes = "$enable_shared" || enable_static=yes AC_MSG_RESULT([$enable_static]) _LT_CONFIG($1) fi AC_LANG_POP CC=$lt_save_CC ])# _LT_LANG_C_CONFIG # _LT_LANG_CXX_CONFIG([TAG]) # -------------------------- # Ensure that the configuration variables for a C++ compiler are suitably # defined. These variables are subsequently used by _LT_CONFIG to write # the compiler configuration to 'libtool'. m4_defun([_LT_LANG_CXX_CONFIG], [m4_require([_LT_FILEUTILS_DEFAULTS])dnl m4_require([_LT_DECL_EGREP])dnl m4_require([_LT_PATH_MANIFEST_TOOL])dnl if test -n "$CXX" && ( test no != "$CXX" && ( (test g++ = "$CXX" && `g++ -v >/dev/null 2>&1` ) || (test g++ != "$CXX"))); then AC_PROG_CXXCPP else _lt_caught_CXX_error=yes fi AC_LANG_PUSH(C++) _LT_TAGVAR(archive_cmds_need_lc, $1)=no _LT_TAGVAR(allow_undefined_flag, $1)= _LT_TAGVAR(always_export_symbols, $1)=no _LT_TAGVAR(archive_expsym_cmds, $1)= _LT_TAGVAR(compiler_needs_object, $1)=no _LT_TAGVAR(export_dynamic_flag_spec, $1)= _LT_TAGVAR(hardcode_direct, $1)=no _LT_TAGVAR(hardcode_direct_absolute, $1)=no _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= _LT_TAGVAR(hardcode_libdir_separator, $1)= _LT_TAGVAR(hardcode_minus_L, $1)=no _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported _LT_TAGVAR(hardcode_automatic, $1)=no _LT_TAGVAR(inherit_rpath, $1)=no _LT_TAGVAR(module_cmds, $1)= _LT_TAGVAR(module_expsym_cmds, $1)= _LT_TAGVAR(link_all_deplibs, $1)=unknown _LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds _LT_TAGVAR(reload_flag, $1)=$reload_flag _LT_TAGVAR(reload_cmds, $1)=$reload_cmds _LT_TAGVAR(no_undefined_flag, $1)= _LT_TAGVAR(whole_archive_flag_spec, $1)= _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no # Source file extension for C++ test sources. ac_ext=cpp # Object file extension for compiled C++ test sources. objext=o _LT_TAGVAR(objext, $1)=$objext # No sense in running all these tests if we already determined that # the CXX compiler isn't working. Some variables (like enable_shared) # are currently assumed to apply to all compilers on this platform, # and will be corrupted by setting them based on a non-working compiler. if test yes != "$_lt_caught_CXX_error"; then # Code to be used in simple compile tests lt_simple_compile_test_code="int some_variable = 0;" # Code to be used in simple link tests lt_simple_link_test_code='int main(int, char *[[]]) { return(0); }' # ltmain only uses $CC for tagged configurations so make sure $CC is set. _LT_TAG_COMPILER # save warnings/boilerplate of simple test code _LT_COMPILER_BOILERPLATE _LT_LINKER_BOILERPLATE # Allow CC to be a program name with arguments. lt_save_CC=$CC lt_save_CFLAGS=$CFLAGS lt_save_LD=$LD lt_save_GCC=$GCC GCC=$GXX lt_save_with_gnu_ld=$with_gnu_ld lt_save_path_LD=$lt_cv_path_LD if test -n "${lt_cv_prog_gnu_ldcxx+set}"; then lt_cv_prog_gnu_ld=$lt_cv_prog_gnu_ldcxx else $as_unset lt_cv_prog_gnu_ld fi if test -n "${lt_cv_path_LDCXX+set}"; then lt_cv_path_LD=$lt_cv_path_LDCXX else $as_unset lt_cv_path_LD fi test -z "${LDCXX+set}" || LD=$LDCXX CC=${CXX-"c++"} CFLAGS=$CXXFLAGS compiler=$CC _LT_TAGVAR(compiler, $1)=$CC _LT_CC_BASENAME([$compiler]) if test -n "$compiler"; then # We don't want -fno-exception when compiling C++ code, so set the # no_builtin_flag separately if test yes = "$GXX"; then _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin' else _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)= fi if test yes = "$GXX"; then # Set up default GNU C++ configuration LT_PATH_LD # Check if GNU C++ uses GNU ld as the underlying linker, since the # archiving commands below assume that GNU ld is being used. if test yes = "$with_gnu_ld"; then _LT_TAGVAR(archive_cmds, $1)='$CC $pic_flag -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-soname $wl$soname -o $lib' _LT_TAGVAR(archive_expsym_cmds, $1)='$CC $pic_flag -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-soname $wl$soname $wl-retain-symbols-file $wl$export_symbols -o $lib' _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir' _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl--export-dynamic' # If archive_cmds runs LD, not CC, wlarc should be empty # XXX I think wlarc can be eliminated in ltcf-cxx, but I need to # investigate it a little bit more. (MM) wlarc='$wl' # ancient GNU ld didn't support --whole-archive et. al. if eval "`$CC -print-prog-name=ld` --help 2>&1" | $GREP 'no-whole-archive' > /dev/null; then _LT_TAGVAR(whole_archive_flag_spec, $1)=$wlarc'--whole-archive$convenience '$wlarc'--no-whole-archive' else _LT_TAGVAR(whole_archive_flag_spec, $1)= fi else with_gnu_ld=no wlarc= # A generic and very simple default shared library creation # command for GNU C++ for the case where it uses the native # linker, instead of GNU ld. If possible, this setting should # overridden to take advantage of the native linker features on # the platform it is being used on. _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib' fi # Commands to make compiler produce verbose output that lists # what "hidden" libraries, object files and flags are used when # linking a shared library. output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP " \-L"' else GXX=no with_gnu_ld=no wlarc= fi # PORTME: fill in a description of your system's C++ link characteristics AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries]) _LT_TAGVAR(ld_shlibs, $1)=yes case $host_os in aix3*) # FIXME: insert proper C++ library support _LT_TAGVAR(ld_shlibs, $1)=no ;; aix[[4-9]]*) if test ia64 = "$host_cpu"; then # On IA64, the linker does run time linking by default, so we don't # have to do anything special. aix_use_runtimelinking=no exp_sym_flag='-Bexport' no_entry_flag= else aix_use_runtimelinking=no # Test if we are trying to use run time linking or normal # AIX style linking. If -brtl is somewhere in LDFLAGS, we # have runtime linking enabled, and use it for executables. # For shared libraries, we enable/disable runtime linking # depending on the kind of the shared library created - # when "with_aix_soname,aix_use_runtimelinking" is: # "aix,no" lib.a(lib.so.V) shared, rtl:no, for executables # "aix,yes" lib.so shared, rtl:yes, for executables # lib.a static archive # "both,no" lib.so.V(shr.o) shared, rtl:yes # lib.a(lib.so.V) shared, rtl:no, for executables # "both,yes" lib.so.V(shr.o) shared, rtl:yes, for executables # lib.a(lib.so.V) shared, rtl:no # "svr4,*" lib.so.V(shr.o) shared, rtl:yes, for executables # lib.a static archive case $host_os in aix4.[[23]]|aix4.[[23]].*|aix[[5-9]]*) for ld_flag in $LDFLAGS; do case $ld_flag in *-brtl*) aix_use_runtimelinking=yes break ;; esac done if test svr4,no = "$with_aix_soname,$aix_use_runtimelinking"; then # With aix-soname=svr4, we create the lib.so.V shared archives only, # so we don't have lib.a shared libs to link our executables. # We have to force runtime linking in this case. aix_use_runtimelinking=yes LDFLAGS="$LDFLAGS -Wl,-brtl" fi ;; esac exp_sym_flag='-bexport' no_entry_flag='-bnoentry' fi # When large executables or shared objects are built, AIX ld can # have problems creating the table of contents. If linking a library # or program results in "error TOC overflow" add -mminimal-toc to # CXXFLAGS/CFLAGS for g++/gcc. In the cases where that is not # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS. _LT_TAGVAR(archive_cmds, $1)='' _LT_TAGVAR(hardcode_direct, $1)=yes _LT_TAGVAR(hardcode_direct_absolute, $1)=yes _LT_TAGVAR(hardcode_libdir_separator, $1)=':' _LT_TAGVAR(link_all_deplibs, $1)=yes _LT_TAGVAR(file_list_spec, $1)='$wl-f,' case $with_aix_soname,$aix_use_runtimelinking in aix,*) ;; # no import file svr4,* | *,yes) # use import file # The Import File defines what to hardcode. _LT_TAGVAR(hardcode_direct, $1)=no _LT_TAGVAR(hardcode_direct_absolute, $1)=no ;; esac if test yes = "$GXX"; then case $host_os in aix4.[[012]]|aix4.[[012]].*) # We only want to do this on AIX 4.2 and lower, the check # below for broken collect2 doesn't work under 4.3+ collect2name=`$CC -print-prog-name=collect2` if test -f "$collect2name" && strings "$collect2name" | $GREP resolve_lib_name >/dev/null then # We have reworked collect2 : else # We have old collect2 _LT_TAGVAR(hardcode_direct, $1)=unsupported # It fails to find uninstalled libraries when the uninstalled # path is not listed in the libpath. Setting hardcode_minus_L # to unsupported forces relinking _LT_TAGVAR(hardcode_minus_L, $1)=yes _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' _LT_TAGVAR(hardcode_libdir_separator, $1)= fi esac shared_flag='-shared' if test yes = "$aix_use_runtimelinking"; then shared_flag=$shared_flag' $wl-G' fi # Need to ensure runtime linking is disabled for the traditional # shared library, or the linker may eventually find shared libraries # /with/ Import File - we do not want to mix them. shared_flag_aix='-shared' shared_flag_svr4='-shared $wl-G' else # not using gcc if test ia64 = "$host_cpu"; then # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release # chokes on -Wl,-G. The following line is correct: shared_flag='-G' else if test yes = "$aix_use_runtimelinking"; then shared_flag='$wl-G' else shared_flag='$wl-bM:SRE' fi shared_flag_aix='$wl-bM:SRE' shared_flag_svr4='$wl-G' fi fi _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-bexpall' # It seems that -bexpall does not export symbols beginning with # underscore (_), so it is better to generate a list of symbols to # export. _LT_TAGVAR(always_export_symbols, $1)=yes if test aix,yes = "$with_aix_soname,$aix_use_runtimelinking"; then # Warning - without using the other runtime loading flags (-brtl), # -berok will link without error, but may produce a broken library. # The "-G" linker flag allows undefined symbols. _LT_TAGVAR(no_undefined_flag, $1)='-bernotok' # Determine the default libpath from the value encoded in an empty # executable. _LT_SYS_MODULE_PATH_AIX([$1]) _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-blibpath:$libdir:'"$aix_libpath" _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $deplibs $wl'$no_entry_flag' $compiler_flags `if test -n "$allow_undefined_flag"; then func_echo_all "$wl$allow_undefined_flag"; else :; fi` $wl'$exp_sym_flag:\$export_symbols' '$shared_flag else if test ia64 = "$host_cpu"; then _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-R $libdir:/usr/lib:/lib' _LT_TAGVAR(allow_undefined_flag, $1)="-z nodefs" _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\$wl$no_entry_flag"' $compiler_flags $wl$allow_undefined_flag '"\$wl$exp_sym_flag:\$export_symbols" else # Determine the default libpath from the value encoded in an # empty executable. _LT_SYS_MODULE_PATH_AIX([$1]) _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-blibpath:$libdir:'"$aix_libpath" # Warning - without using the other run time loading flags, # -berok will link without error, but may produce a broken library. _LT_TAGVAR(no_undefined_flag, $1)=' $wl-bernotok' _LT_TAGVAR(allow_undefined_flag, $1)=' $wl-berok' if test yes = "$with_gnu_ld"; then # We only use this code for GNU lds that support --whole-archive. _LT_TAGVAR(whole_archive_flag_spec, $1)='$wl--whole-archive$convenience $wl--no-whole-archive' else # Exported symbols can be pulled into shared objects from archives _LT_TAGVAR(whole_archive_flag_spec, $1)='$convenience' fi _LT_TAGVAR(archive_cmds_need_lc, $1)=yes _LT_TAGVAR(archive_expsym_cmds, $1)='$RM -r $output_objdir/$realname.d~$MKDIR $output_objdir/$realname.d' # -brtl affects multiple linker settings, -berok does not and is overridden later compiler_flags_filtered='`func_echo_all "$compiler_flags " | $SED -e "s%-brtl\\([[, ]]\\)%-berok\\1%g"`' if test svr4 != "$with_aix_soname"; then # This is similar to how AIX traditionally builds its shared # libraries. Need -bnortl late, we may have -brtl in LDFLAGS. _LT_TAGVAR(archive_expsym_cmds, $1)="$_LT_TAGVAR(archive_expsym_cmds, $1)"'~$CC '$shared_flag_aix' -o $output_objdir/$realname.d/$soname $libobjs $deplibs $wl-bnoentry '$compiler_flags_filtered'$wl-bE:$export_symbols$allow_undefined_flag~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$realname.d/$soname' fi if test aix != "$with_aix_soname"; then _LT_TAGVAR(archive_expsym_cmds, $1)="$_LT_TAGVAR(archive_expsym_cmds, $1)"'~$CC '$shared_flag_svr4' -o $output_objdir/$realname.d/$shared_archive_member_spec.o $libobjs $deplibs $wl-bnoentry '$compiler_flags_filtered'$wl-bE:$export_symbols$allow_undefined_flag~$STRIP -e $output_objdir/$realname.d/$shared_archive_member_spec.o~( func_echo_all "#! $soname($shared_archive_member_spec.o)"; if test shr_64 = "$shared_archive_member_spec"; then func_echo_all "# 64"; else func_echo_all "# 32"; fi; cat $export_symbols ) > $output_objdir/$realname.d/$shared_archive_member_spec.imp~$AR $AR_FLAGS $output_objdir/$soname $output_objdir/$realname.d/$shared_archive_member_spec.o $output_objdir/$realname.d/$shared_archive_member_spec.imp' else # used by -dlpreopen to get the symbols _LT_TAGVAR(archive_expsym_cmds, $1)="$_LT_TAGVAR(archive_expsym_cmds, $1)"'~$MV $output_objdir/$realname.d/$soname $output_objdir' fi _LT_TAGVAR(archive_expsym_cmds, $1)="$_LT_TAGVAR(archive_expsym_cmds, $1)"'~$RM -r $output_objdir/$realname.d' fi fi ;; beos*) if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then _LT_TAGVAR(allow_undefined_flag, $1)=unsupported # Joseph Beckenbach says some releases of gcc # support --undefined. This deserves some investigation. FIXME _LT_TAGVAR(archive_cmds, $1)='$CC -nostart $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib' else _LT_TAGVAR(ld_shlibs, $1)=no fi ;; chorus*) case $cc_basename in *) # FIXME: insert proper C++ library support _LT_TAGVAR(ld_shlibs, $1)=no ;; esac ;; cygwin* | mingw* | pw32* | cegcc*) case $GXX,$cc_basename in ,cl* | no,cl* | ,icl* | no,icl*) # Native MSVC or ICC # hardcode_libdir_flag_spec is actually meaningless, as there is # no search path for DLLs. _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' ' _LT_TAGVAR(allow_undefined_flag, $1)=unsupported _LT_TAGVAR(always_export_symbols, $1)=yes _LT_TAGVAR(file_list_spec, $1)='@' # Tell ltmain to make .lib files, not .a files. libext=lib # Tell ltmain to make .dll files, not .so files. shrext_cmds=.dll # FIXME: Setting linknames here is a bad hack. _LT_TAGVAR(archive_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $compiler_flags $deplibs -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~linknames=' _LT_TAGVAR(archive_expsym_cmds, $1)='if _LT_DLL_DEF_P([$export_symbols]); then cp "$export_symbols" "$output_objdir/$soname.def"; echo "$tool_output_objdir$soname.def" > "$output_objdir/$soname.exp"; else $SED -e '\''s/^/-link -EXPORT:/'\'' < $export_symbols > $output_objdir/$soname.exp; fi~ $CC -o $tool_output_objdir$soname $libobjs $compiler_flags $deplibs "@$tool_output_objdir$soname.exp" -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~ linknames=' # The linker will not automatically build a static lib if we build a DLL. # _LT_TAGVAR(old_archive_from_new_cmds, $1)='true' _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes # Don't use ranlib _LT_TAGVAR(old_postinstall_cmds, $1)='chmod 644 $oldlib' _LT_TAGVAR(postlink_cmds, $1)='lt_outputfile="@OUTPUT@"~ lt_tool_outputfile="@TOOL_OUTPUT@"~ case $lt_outputfile in *.exe|*.EXE) ;; *) lt_outputfile=$lt_outputfile.exe lt_tool_outputfile=$lt_tool_outputfile.exe ;; esac~ func_to_tool_file "$lt_outputfile"~ if test : != "$MANIFEST_TOOL" && test -f "$lt_outputfile.manifest"; then $MANIFEST_TOOL -manifest "$lt_tool_outputfile.manifest" -outputresource:"$lt_tool_outputfile" || exit 1; $RM "$lt_outputfile.manifest"; fi' ;; *) # g++ # _LT_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless, # as there is no search path for DLLs. _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl--export-all-symbols' _LT_TAGVAR(allow_undefined_flag, $1)=unsupported _LT_TAGVAR(always_export_symbols, $1)=no _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname $wl--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' # If the export-symbols file already is a .def file, use it as # is; otherwise, prepend EXPORTS... _LT_TAGVAR(archive_expsym_cmds, $1)='if _LT_DLL_DEF_P([$export_symbols]); then cp $export_symbols $output_objdir/$soname.def; else echo EXPORTS > $output_objdir/$soname.def; cat $export_symbols >> $output_objdir/$soname.def; fi~ $CC -shared -nostdlib $output_objdir/$soname.def $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname $wl--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' else _LT_TAGVAR(ld_shlibs, $1)=no fi ;; esac ;; darwin* | rhapsody*) _LT_DARWIN_LINKER_FEATURES($1) ;; os2*) _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' _LT_TAGVAR(hardcode_minus_L, $1)=yes _LT_TAGVAR(allow_undefined_flag, $1)=unsupported shrext_cmds=.dll _LT_TAGVAR(archive_cmds, $1)='$ECHO "LIBRARY ${soname%$shared_ext} INITINSTANCE TERMINSTANCE" > $output_objdir/$libname.def~ $ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~ $ECHO "DATA MULTIPLE NONSHARED" >> $output_objdir/$libname.def~ $ECHO EXPORTS >> $output_objdir/$libname.def~ emxexp $libobjs | $SED /"_DLL_InitTerm"/d >> $output_objdir/$libname.def~ $CC -Zdll -Zcrtdll -o $output_objdir/$soname $libobjs $deplibs $compiler_flags $output_objdir/$libname.def~ emximp -o $lib $output_objdir/$libname.def' _LT_TAGVAR(archive_expsym_cmds, $1)='$ECHO "LIBRARY ${soname%$shared_ext} INITINSTANCE TERMINSTANCE" > $output_objdir/$libname.def~ $ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~ $ECHO "DATA MULTIPLE NONSHARED" >> $output_objdir/$libname.def~ $ECHO EXPORTS >> $output_objdir/$libname.def~ prefix_cmds="$SED"~ if test EXPORTS = "`$SED 1q $export_symbols`"; then prefix_cmds="$prefix_cmds -e 1d"; fi~ prefix_cmds="$prefix_cmds -e \"s/^\(.*\)$/_\1/g\""~ cat $export_symbols | $prefix_cmds >> $output_objdir/$libname.def~ $CC -Zdll -Zcrtdll -o $output_objdir/$soname $libobjs $deplibs $compiler_flags $output_objdir/$libname.def~ emximp -o $lib $output_objdir/$libname.def' _LT_TAGVAR(old_archive_From_new_cmds, $1)='emximp -o $output_objdir/${libname}_dll.a $output_objdir/$libname.def' _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes _LT_TAGVAR(file_list_spec, $1)='@' ;; dgux*) case $cc_basename in ec++*) # FIXME: insert proper C++ library support _LT_TAGVAR(ld_shlibs, $1)=no ;; ghcx*) # Green Hills C++ Compiler # FIXME: insert proper C++ library support _LT_TAGVAR(ld_shlibs, $1)=no ;; *) # FIXME: insert proper C++ library support _LT_TAGVAR(ld_shlibs, $1)=no ;; esac ;; freebsd2.*) # C++ shared libraries reported to be fairly broken before # switch to ELF _LT_TAGVAR(ld_shlibs, $1)=no ;; freebsd-elf*) _LT_TAGVAR(archive_cmds_need_lc, $1)=no ;; freebsd* | dragonfly* | midnightbsd*) # FreeBSD 3 and later use GNU C++ and GNU ld with standard ELF # conventions _LT_TAGVAR(ld_shlibs, $1)=yes ;; haiku*) _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib' _LT_TAGVAR(link_all_deplibs, $1)=yes ;; hpux9*) _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl+b $wl$libdir' _LT_TAGVAR(hardcode_libdir_separator, $1)=: _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-E' _LT_TAGVAR(hardcode_direct, $1)=yes _LT_TAGVAR(hardcode_minus_L, $1)=yes # Not in the search PATH, # but as the default # location of the library. case $cc_basename in CC*) # FIXME: insert proper C++ library support _LT_TAGVAR(ld_shlibs, $1)=no ;; aCC*) _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -b $wl+b $wl$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test "x$output_objdir/$soname" = "x$lib" || mv $output_objdir/$soname $lib' # Commands to make compiler produce verbose output that lists # what "hidden" libraries, object files and flags are used when # linking a shared library. # # There doesn't appear to be a way to prevent this compiler from # explicitly linking system object files so we need to strip them # from the output so that they don't get included in the library # dependencies. output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $EGREP " \-L"`; list= ; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' ;; *) if test yes = "$GXX"; then _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -shared -nostdlib $pic_flag $wl+b $wl$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test "x$output_objdir/$soname" = "x$lib" || mv $output_objdir/$soname $lib' else # FIXME: insert proper C++ library support _LT_TAGVAR(ld_shlibs, $1)=no fi ;; esac ;; hpux10*|hpux11*) if test no = "$with_gnu_ld"; then _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl+b $wl$libdir' _LT_TAGVAR(hardcode_libdir_separator, $1)=: case $host_cpu in hppa*64*|ia64*) ;; *) _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-E' ;; esac fi case $host_cpu in hppa*64*|ia64*) _LT_TAGVAR(hardcode_direct, $1)=no _LT_TAGVAR(hardcode_shlibpath_var, $1)=no ;; *) _LT_TAGVAR(hardcode_direct, $1)=yes _LT_TAGVAR(hardcode_direct_absolute, $1)=yes _LT_TAGVAR(hardcode_minus_L, $1)=yes # Not in the search PATH, # but as the default # location of the library. ;; esac case $cc_basename in CC*) # FIXME: insert proper C++ library support _LT_TAGVAR(ld_shlibs, $1)=no ;; aCC*) case $host_cpu in hppa*64*) _LT_TAGVAR(archive_cmds, $1)='$CC -b $wl+h $wl$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' ;; ia64*) _LT_TAGVAR(archive_cmds, $1)='$CC -b $wl+h $wl$soname $wl+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' ;; *) _LT_TAGVAR(archive_cmds, $1)='$CC -b $wl+h $wl$soname $wl+b $wl$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' ;; esac # Commands to make compiler produce verbose output that lists # what "hidden" libraries, object files and flags are used when # linking a shared library. # # There doesn't appear to be a way to prevent this compiler from # explicitly linking system object files so we need to strip them # from the output so that they don't get included in the library # dependencies. output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $GREP " \-L"`; list= ; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' ;; *) if test yes = "$GXX"; then if test no = "$with_gnu_ld"; then case $host_cpu in hppa*64*) _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC $wl+h $wl$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' ;; ia64*) _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $pic_flag $wl+h $wl$soname $wl+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' ;; *) _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $pic_flag $wl+h $wl$soname $wl+b $wl$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' ;; esac fi else # FIXME: insert proper C++ library support _LT_TAGVAR(ld_shlibs, $1)=no fi ;; esac ;; interix[[3-9]]*) _LT_TAGVAR(hardcode_direct, $1)=no _LT_TAGVAR(hardcode_shlibpath_var, $1)=no _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath,$libdir' _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-E' # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc. # Instead, shared libraries are loaded at an image base (0x10000000 by # default) and relocated if they conflict, which is a slow very memory # consuming and fragmenting process. To avoid this, we pick a random, # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link # time. Moving up from 0x10000000 also allows more sbrk(2) space. _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' _LT_TAGVAR(archive_expsym_cmds, $1)='$SED "s|^|_|" $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--retain-symbols-file,$output_objdir/$soname.expsym $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' ;; irix5* | irix6*) case $cc_basename in CC*) # SGI C++ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -all -multigot $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib' # Archives containing C++ object files must be created using # "CC -ar", where "CC" is the IRIX C++ compiler. This is # necessary to make sure instantiated templates are included # in the archive. _LT_TAGVAR(old_archive_cmds, $1)='$CC -ar -WR,-u -o $oldlib $oldobjs' ;; *) if test yes = "$GXX"; then if test no = "$with_gnu_ld"; then _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-soname $wl$soname `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` $wl-update_registry $wl$output_objdir/so_locations -o $lib' else _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-soname $wl$soname `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` -o $lib' fi fi _LT_TAGVAR(link_all_deplibs, $1)=yes ;; esac _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir' _LT_TAGVAR(hardcode_libdir_separator, $1)=: _LT_TAGVAR(inherit_rpath, $1)=yes ;; linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) case $cc_basename in KCC*) # Kuck and Associates, Inc. (KAI) C++ Compiler # KCC will only create a shared library if the output file # ends with ".so" (or ".sl" for HP-UX), so rename the library # to its proper name (with version) after linking. _LT_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\$tempext\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib' _LT_TAGVAR(archive_expsym_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\$tempext\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib $wl-retain-symbols-file,$export_symbols; mv \$templib $lib' # Commands to make compiler produce verbose output that lists # what "hidden" libraries, object files and flags are used when # linking a shared library. # # There doesn't appear to be a way to prevent this compiler from # explicitly linking system object files so we need to strip them # from the output so that they don't get included in the library # dependencies. output_verbose_link_cmd='templist=`$CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1 | $GREP "ld"`; rm -f libconftest$shared_ext; list= ; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath,$libdir' _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl--export-dynamic' # Archives containing C++ object files must be created using # "CC -Bstatic", where "CC" is the KAI C++ compiler. _LT_TAGVAR(old_archive_cmds, $1)='$CC -Bstatic -o $oldlib $oldobjs' ;; icpc* | ecpc* ) # Intel C++ with_gnu_ld=yes # version 8.0 and above of icpc choke on multiply defined symbols # if we add $predep_objects and $postdep_objects, however 7.1 and # earlier do not add the objects themselves. case `$CC -V 2>&1` in *"Version 7."*) _LT_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-soname $wl$soname -o $lib' _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-soname $wl$soname $wl-retain-symbols-file $wl$export_symbols -o $lib' ;; *) # Version 8.0 or newer tmp_idyn= case $host_cpu in ia64*) tmp_idyn=' -i_dynamic';; esac _LT_TAGVAR(archive_cmds, $1)='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib' _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-retain-symbols-file $wl$export_symbols -o $lib' ;; esac _LT_TAGVAR(archive_cmds_need_lc, $1)=no _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath,$libdir' _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl--export-dynamic' _LT_TAGVAR(whole_archive_flag_spec, $1)='$wl--whole-archive$convenience $wl--no-whole-archive' ;; pgCC* | pgcpp*) # Portland Group C++ compiler case `$CC -V` in *pgCC\ [[1-5]].* | *pgcpp\ [[1-5]].*) _LT_TAGVAR(prelink_cmds, $1)='tpldir=Template.dir~ rm -rf $tpldir~ $CC --prelink_objects --instantiation_dir $tpldir $objs $libobjs $compile_deplibs~ compile_command="$compile_command `find $tpldir -name \*.o | sort | $NL2SP`"' _LT_TAGVAR(old_archive_cmds, $1)='tpldir=Template.dir~ rm -rf $tpldir~ $CC --prelink_objects --instantiation_dir $tpldir $oldobjs$old_deplibs~ $AR $AR_FLAGS $oldlib$oldobjs$old_deplibs `find $tpldir -name \*.o | sort | $NL2SP`~ $RANLIB $oldlib' _LT_TAGVAR(archive_cmds, $1)='tpldir=Template.dir~ rm -rf $tpldir~ $CC --prelink_objects --instantiation_dir $tpldir $predep_objects $libobjs $deplibs $convenience $postdep_objects~ $CC -shared $pic_flag $predep_objects $libobjs $deplibs `find $tpldir -name \*.o | sort | $NL2SP` $postdep_objects $compiler_flags $wl-soname $wl$soname -o $lib' _LT_TAGVAR(archive_expsym_cmds, $1)='tpldir=Template.dir~ rm -rf $tpldir~ $CC --prelink_objects --instantiation_dir $tpldir $predep_objects $libobjs $deplibs $convenience $postdep_objects~ $CC -shared $pic_flag $predep_objects $libobjs $deplibs `find $tpldir -name \*.o | sort | $NL2SP` $postdep_objects $compiler_flags $wl-soname $wl$soname $wl-retain-symbols-file $wl$export_symbols -o $lib' ;; *) # Version 6 and above use weak symbols _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-soname $wl$soname -o $lib' _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-soname $wl$soname $wl-retain-symbols-file $wl$export_symbols -o $lib' ;; esac _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl--rpath $wl$libdir' _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl--export-dynamic' _LT_TAGVAR(whole_archive_flag_spec, $1)='$wl--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` $wl--no-whole-archive' ;; cxx*) # Compaq C++ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-soname $wl$soname -o $lib' _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-soname $wl$soname -o $lib $wl-retain-symbols-file $wl$export_symbols' runpath_var=LD_RUN_PATH _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir' _LT_TAGVAR(hardcode_libdir_separator, $1)=: # Commands to make compiler produce verbose output that lists # what "hidden" libraries, object files and flags are used when # linking a shared library. # # There doesn't appear to be a way to prevent this compiler from # explicitly linking system object files so we need to strip them # from the output so that they don't get included in the library # dependencies. output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "ld"`; templist=`func_echo_all "$templist" | $SED "s/\(^.*ld.*\)\( .*ld .*$\)/\1/"`; list= ; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "X$list" | $Xsed' ;; xl* | mpixl* | bgxl*) # IBM XL 8.0 on PPC, with GNU ld _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir' _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl--export-dynamic' _LT_TAGVAR(archive_cmds, $1)='$CC -qmkshrobj $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib' if test yes = "$supports_anon_versioning"; then _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~ cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ echo "local: *; };" >> $output_objdir/$libname.ver~ $CC -qmkshrobj $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-version-script $wl$output_objdir/$libname.ver -o $lib' fi ;; *) case `$CC -V 2>&1 | $SED 5q` in *Sun\ C*) # Sun C++ 5.9 _LT_TAGVAR(no_undefined_flag, $1)=' -zdefs' _LT_TAGVAR(archive_cmds, $1)='$CC -G$allow_undefined_flag -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G$allow_undefined_flag -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-retain-symbols-file $wl$export_symbols' _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' _LT_TAGVAR(whole_archive_flag_spec, $1)='$wl--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` $wl--no-whole-archive' _LT_TAGVAR(compiler_needs_object, $1)=yes # Not sure whether something based on # $CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1 # would be better. output_verbose_link_cmd='func_echo_all' # Archives containing C++ object files must be created using # "CC -xar", where "CC" is the Sun C++ compiler. This is # necessary to make sure instantiated templates are included # in the archive. _LT_TAGVAR(old_archive_cmds, $1)='$CC -xar -o $oldlib $oldobjs' ;; esac ;; esac ;; lynxos*) # FIXME: insert proper C++ library support _LT_TAGVAR(ld_shlibs, $1)=no ;; m88k*) # FIXME: insert proper C++ library support _LT_TAGVAR(ld_shlibs, $1)=no ;; mvs*) case $cc_basename in cxx*) # FIXME: insert proper C++ library support _LT_TAGVAR(ld_shlibs, $1)=no ;; *) # FIXME: insert proper C++ library support _LT_TAGVAR(ld_shlibs, $1)=no ;; esac ;; netbsd*) if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $predep_objects $libobjs $deplibs $postdep_objects $linker_flags' wlarc= _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' _LT_TAGVAR(hardcode_direct, $1)=yes _LT_TAGVAR(hardcode_shlibpath_var, $1)=no fi # Workaround some broken pre-1.5 toolchains output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP conftest.$objext | $SED -e "s:-lgcc -lc -lgcc::"' ;; *nto* | *qnx*) _LT_TAGVAR(ld_shlibs, $1)=yes ;; openbsd* | bitrig*) if test -f /usr/libexec/ld.so; then _LT_TAGVAR(hardcode_direct, $1)=yes _LT_TAGVAR(hardcode_shlibpath_var, $1)=no _LT_TAGVAR(hardcode_direct_absolute, $1)=yes _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib' _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath,$libdir' if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`"; then _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-retain-symbols-file,$export_symbols -o $lib' _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-E' _LT_TAGVAR(whole_archive_flag_spec, $1)=$wlarc'--whole-archive$convenience '$wlarc'--no-whole-archive' fi output_verbose_link_cmd=func_echo_all else _LT_TAGVAR(ld_shlibs, $1)=no fi ;; osf3* | osf4* | osf5*) case $cc_basename in KCC*) # Kuck and Associates, Inc. (KAI) C++ Compiler # KCC will only create a shared library if the output file # ends with ".so" (or ".sl" for HP-UX), so rename the library # to its proper name (with version) after linking. _LT_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo "$lib" | $SED -e "s/\$tempext\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib' _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath,$libdir' _LT_TAGVAR(hardcode_libdir_separator, $1)=: # Archives containing C++ object files must be created using # the KAI C++ compiler. case $host in osf3*) _LT_TAGVAR(old_archive_cmds, $1)='$CC -Bstatic -o $oldlib $oldobjs' ;; *) _LT_TAGVAR(old_archive_cmds, $1)='$CC -o $oldlib $oldobjs' ;; esac ;; RCC*) # Rational C++ 2.4.1 # FIXME: insert proper C++ library support _LT_TAGVAR(ld_shlibs, $1)=no ;; cxx*) case $host in osf3*) _LT_TAGVAR(allow_undefined_flag, $1)=' $wl-expect_unresolved $wl\*' _LT_TAGVAR(archive_cmds, $1)='$CC -shared$allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-soname $soname `test -n "$verstring" && func_echo_all "$wl-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib' _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir' ;; *) _LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*' _LT_TAGVAR(archive_cmds, $1)='$CC -shared$allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib' _LT_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done~ echo "-hidden">> $lib.exp~ $CC -shared$allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname $wl-input $wl$lib.exp `test -n "$verstring" && $ECHO "-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib~ $RM $lib.exp' _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir' ;; esac _LT_TAGVAR(hardcode_libdir_separator, $1)=: # Commands to make compiler produce verbose output that lists # what "hidden" libraries, object files and flags are used when # linking a shared library. # # There doesn't appear to be a way to prevent this compiler from # explicitly linking system object files so we need to strip them # from the output so that they don't get included in the library # dependencies. output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "ld" | $GREP -v "ld:"`; templist=`func_echo_all "$templist" | $SED "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list= ; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' ;; *) if test yes,no = "$GXX,$with_gnu_ld"; then _LT_TAGVAR(allow_undefined_flag, $1)=' $wl-expect_unresolved $wl\*' case $host in osf3*) _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-soname $wl$soname `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` $wl-update_registry $wl$output_objdir/so_locations -o $lib' ;; *) _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib $allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-msym $wl-soname $wl$soname `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` $wl-update_registry $wl$output_objdir/so_locations -o $lib' ;; esac _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-rpath $wl$libdir' _LT_TAGVAR(hardcode_libdir_separator, $1)=: # Commands to make compiler produce verbose output that lists # what "hidden" libraries, object files and flags are used when # linking a shared library. output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP " \-L"' else # FIXME: insert proper C++ library support _LT_TAGVAR(ld_shlibs, $1)=no fi ;; esac ;; psos*) # FIXME: insert proper C++ library support _LT_TAGVAR(ld_shlibs, $1)=no ;; sunos4*) case $cc_basename in CC*) # Sun C++ 4.x # FIXME: insert proper C++ library support _LT_TAGVAR(ld_shlibs, $1)=no ;; lcc*) # Lucid # FIXME: insert proper C++ library support _LT_TAGVAR(ld_shlibs, $1)=no ;; *) # FIXME: insert proper C++ library support _LT_TAGVAR(ld_shlibs, $1)=no ;; esac ;; solaris*) case $cc_basename in CC* | sunCC*) # Sun C++ 4.2, 5.x and Centerline C++ _LT_TAGVAR(archive_cmds_need_lc,$1)=yes _LT_TAGVAR(no_undefined_flag, $1)=' -zdefs' _LT_TAGVAR(archive_cmds, $1)='$CC -G$allow_undefined_flag -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ $CC -G$allow_undefined_flag $wl-M $wl$lib.exp -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp' _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' _LT_TAGVAR(hardcode_shlibpath_var, $1)=no case $host_os in solaris2.[[0-5]] | solaris2.[[0-5]].*) ;; *) # The compiler driver will combine and reorder linker options, # but understands '-z linker_flag'. # Supported since Solaris 2.6 (maybe 2.5.1?) _LT_TAGVAR(whole_archive_flag_spec, $1)='-z allextract$convenience -z defaultextract' ;; esac _LT_TAGVAR(link_all_deplibs, $1)=yes output_verbose_link_cmd='func_echo_all' # Archives containing C++ object files must be created using # "CC -xar", where "CC" is the Sun C++ compiler. This is # necessary to make sure instantiated templates are included # in the archive. _LT_TAGVAR(old_archive_cmds, $1)='$CC -xar -o $oldlib $oldobjs' ;; gcx*) # Green Hills C++ Compiler _LT_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-h $wl$soname -o $lib' # The C++ compiler must be used to create the archive. _LT_TAGVAR(old_archive_cmds, $1)='$CC $LDFLAGS -archive -o $oldlib $oldobjs' ;; *) # GNU C++ compiler with Solaris linker if test yes,no = "$GXX,$with_gnu_ld"; then _LT_TAGVAR(no_undefined_flag, $1)=' $wl-z ${wl}defs' if $CC --version | $GREP -v '^2\.7' > /dev/null; then _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-h $wl$soname -o $lib' _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ $CC -shared $pic_flag -nostdlib $wl-M $wl$lib.exp $wl-h $wl$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp' # Commands to make compiler produce verbose output that lists # what "hidden" libraries, object files and flags are used when # linking a shared library. output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP " \-L"' else # g++ 2.7 appears to require '-G' NOT '-shared' on this # platform. _LT_TAGVAR(archive_cmds, $1)='$CC -G -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags $wl-h $wl$soname -o $lib' _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ $CC -G -nostdlib $wl-M $wl$lib.exp $wl-h $wl$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp' # Commands to make compiler produce verbose output that lists # what "hidden" libraries, object files and flags are used when # linking a shared library. output_verbose_link_cmd='$CC -G $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP " \-L"' fi _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-R $wl$libdir' case $host_os in solaris2.[[0-5]] | solaris2.[[0-5]].*) ;; *) _LT_TAGVAR(whole_archive_flag_spec, $1)='$wl-z ${wl}allextract$convenience $wl-z ${wl}defaultextract' ;; esac fi ;; esac ;; sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[[01]].[[10]]* | unixware7* | sco3.2v5.0.[[024]]*) _LT_TAGVAR(no_undefined_flag, $1)='$wl-z,text' _LT_TAGVAR(archive_cmds_need_lc, $1)=no _LT_TAGVAR(hardcode_shlibpath_var, $1)=no runpath_var='LD_RUN_PATH' case $cc_basename in CC*) _LT_TAGVAR(archive_cmds, $1)='$CC -G $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags' _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G $wl-Bexport:$export_symbols $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags' ;; *) _LT_TAGVAR(archive_cmds, $1)='$CC -shared $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags' _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $wl-Bexport:$export_symbols $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags' ;; esac ;; sysv5* | sco3.2v5* | sco5v6*) # Note: We CANNOT use -z defs as we might desire, because we do not # link with -lc, and that would cause any symbols used from libc to # always be unresolved, which means just about no library would # ever link correctly. If we're not using GNU ld we use -z text # though, which does catch some bad symbols but isn't as heavy-handed # as -z defs. _LT_TAGVAR(no_undefined_flag, $1)='$wl-z,text' _LT_TAGVAR(allow_undefined_flag, $1)='$wl-z,nodefs' _LT_TAGVAR(archive_cmds_need_lc, $1)=no _LT_TAGVAR(hardcode_shlibpath_var, $1)=no _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-R,$libdir' _LT_TAGVAR(hardcode_libdir_separator, $1)=':' _LT_TAGVAR(link_all_deplibs, $1)=yes _LT_TAGVAR(export_dynamic_flag_spec, $1)='$wl-Bexport' runpath_var='LD_RUN_PATH' case $cc_basename in CC*) _LT_TAGVAR(archive_cmds, $1)='$CC -G $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags' _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G $wl-Bexport:$export_symbols $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags' _LT_TAGVAR(old_archive_cmds, $1)='$CC -Tprelink_objects $oldobjs~ '"$_LT_TAGVAR(old_archive_cmds, $1)" _LT_TAGVAR(reload_cmds, $1)='$CC -Tprelink_objects $reload_objs~ '"$_LT_TAGVAR(reload_cmds, $1)" ;; *) _LT_TAGVAR(archive_cmds, $1)='$CC -shared $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags' _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $wl-Bexport:$export_symbols $wl-h,$soname -o $lib $libobjs $deplibs $compiler_flags' ;; esac ;; tandem*) case $cc_basename in NCC*) # NonStop-UX NCC 3.20 # FIXME: insert proper C++ library support _LT_TAGVAR(ld_shlibs, $1)=no ;; *) # FIXME: insert proper C++ library support _LT_TAGVAR(ld_shlibs, $1)=no ;; esac ;; vxworks*) # FIXME: insert proper C++ library support _LT_TAGVAR(ld_shlibs, $1)=no ;; *) # FIXME: insert proper C++ library support _LT_TAGVAR(ld_shlibs, $1)=no ;; esac AC_MSG_RESULT([$_LT_TAGVAR(ld_shlibs, $1)]) test no = "$_LT_TAGVAR(ld_shlibs, $1)" && can_build_shared=no _LT_TAGVAR(GCC, $1)=$GXX _LT_TAGVAR(LD, $1)=$LD ## CAVEAT EMPTOR: ## There is no encapsulation within the following macros, do not change ## the running order or otherwise move them around unless you know exactly ## what you are doing... _LT_SYS_HIDDEN_LIBDEPS($1) _LT_COMPILER_PIC($1) _LT_COMPILER_C_O($1) _LT_COMPILER_FILE_LOCKS($1) _LT_LINKER_SHLIBS($1) _LT_SYS_DYNAMIC_LINKER($1) _LT_LINKER_HARDCODE_LIBPATH($1) _LT_CONFIG($1) fi # test -n "$compiler" CC=$lt_save_CC CFLAGS=$lt_save_CFLAGS LDCXX=$LD LD=$lt_save_LD GCC=$lt_save_GCC with_gnu_ld=$lt_save_with_gnu_ld lt_cv_path_LDCXX=$lt_cv_path_LD lt_cv_path_LD=$lt_save_path_LD lt_cv_prog_gnu_ldcxx=$lt_cv_prog_gnu_ld lt_cv_prog_gnu_ld=$lt_save_with_gnu_ld fi # test yes != "$_lt_caught_CXX_error" AC_LANG_POP ])# _LT_LANG_CXX_CONFIG # _LT_FUNC_STRIPNAME_CNF # ---------------------- # func_stripname_cnf prefix suffix name # strip PREFIX and SUFFIX off of NAME. # PREFIX and SUFFIX must not contain globbing or regex special # characters, hashes, percent signs, but SUFFIX may contain a leading # dot (in which case that matches only a dot). # # This function is identical to the (non-XSI) version of func_stripname, # except this one can be used by m4 code that may be executed by configure, # rather than the libtool script. m4_defun([_LT_FUNC_STRIPNAME_CNF],[dnl AC_REQUIRE([_LT_DECL_SED]) AC_REQUIRE([_LT_PROG_ECHO_BACKSLASH]) func_stripname_cnf () { case @S|@2 in .*) func_stripname_result=`$ECHO "@S|@3" | $SED "s%^@S|@1%%; s%\\\\@S|@2\$%%"`;; *) func_stripname_result=`$ECHO "@S|@3" | $SED "s%^@S|@1%%; s%@S|@2\$%%"`;; esac } # func_stripname_cnf ])# _LT_FUNC_STRIPNAME_CNF # _LT_SYS_HIDDEN_LIBDEPS([TAGNAME]) # --------------------------------- # Figure out "hidden" library dependencies from verbose # compiler output when linking a shared library. # Parse the compiler output and extract the necessary # objects, libraries and library flags. m4_defun([_LT_SYS_HIDDEN_LIBDEPS], [m4_require([_LT_FILEUTILS_DEFAULTS])dnl AC_REQUIRE([_LT_FUNC_STRIPNAME_CNF])dnl # Dependencies to place before and after the object being linked: _LT_TAGVAR(predep_objects, $1)= _LT_TAGVAR(postdep_objects, $1)= _LT_TAGVAR(predeps, $1)= _LT_TAGVAR(postdeps, $1)= _LT_TAGVAR(compiler_lib_search_path, $1)= dnl we can't use the lt_simple_compile_test_code here, dnl because it contains code intended for an executable, dnl not a library. It's possible we should let each dnl tag define a new lt_????_link_test_code variable, dnl but it's only used here... m4_if([$1], [], [cat > conftest.$ac_ext <<_LT_EOF int a; void foo (void) { a = 0; } _LT_EOF ], [$1], [CXX], [cat > conftest.$ac_ext <<_LT_EOF class Foo { public: Foo (void) { a = 0; } private: int a; }; _LT_EOF ], [$1], [F77], [cat > conftest.$ac_ext <<_LT_EOF subroutine foo implicit none integer*4 a a=0 return end _LT_EOF ], [$1], [FC], [cat > conftest.$ac_ext <<_LT_EOF subroutine foo implicit none integer a a=0 return end _LT_EOF ], [$1], [GCJ], [cat > conftest.$ac_ext <<_LT_EOF public class foo { private int a; public void bar (void) { a = 0; } }; _LT_EOF ], [$1], [GO], [cat > conftest.$ac_ext <<_LT_EOF package foo func foo() { } _LT_EOF ]) _lt_libdeps_save_CFLAGS=$CFLAGS case "$CC $CFLAGS " in #( *\ -flto*\ *) CFLAGS="$CFLAGS -fno-lto" ;; *\ -fwhopr*\ *) CFLAGS="$CFLAGS -fno-whopr" ;; *\ -fuse-linker-plugin*\ *) CFLAGS="$CFLAGS -fno-use-linker-plugin" ;; esac dnl Parse the compiler output and extract the necessary dnl objects, libraries and library flags. if AC_TRY_EVAL(ac_compile); then # Parse the compiler output and extract the necessary # objects, libraries and library flags. # Sentinel used to keep track of whether or not we are before # the conftest object file. pre_test_object_deps_done=no for p in `eval "$output_verbose_link_cmd"`; do case $prev$p in -L* | -R* | -l*) # Some compilers place space between "-{L,R}" and the path. # Remove the space. if test x-L = "$p" || test x-R = "$p"; then prev=$p continue fi # Expand the sysroot to ease extracting the directories later. if test -z "$prev"; then case $p in -L*) func_stripname_cnf '-L' '' "$p"; prev=-L; p=$func_stripname_result ;; -R*) func_stripname_cnf '-R' '' "$p"; prev=-R; p=$func_stripname_result ;; -l*) func_stripname_cnf '-l' '' "$p"; prev=-l; p=$func_stripname_result ;; esac fi case $p in =*) func_stripname_cnf '=' '' "$p"; p=$lt_sysroot$func_stripname_result ;; esac if test no = "$pre_test_object_deps_done"; then case $prev in -L | -R) # Internal compiler library paths should come after those # provided the user. The postdeps already come after the # user supplied libs so there is no need to process them. if test -z "$_LT_TAGVAR(compiler_lib_search_path, $1)"; then _LT_TAGVAR(compiler_lib_search_path, $1)=$prev$p else _LT_TAGVAR(compiler_lib_search_path, $1)="${_LT_TAGVAR(compiler_lib_search_path, $1)} $prev$p" fi ;; # The "-l" case would never come before the object being # linked, so don't bother handling this case. esac else if test -z "$_LT_TAGVAR(postdeps, $1)"; then _LT_TAGVAR(postdeps, $1)=$prev$p else _LT_TAGVAR(postdeps, $1)="${_LT_TAGVAR(postdeps, $1)} $prev$p" fi fi prev= ;; *.lto.$objext) ;; # Ignore GCC LTO objects *.$objext) # This assumes that the test object file only shows up # once in the compiler output. if test "$p" = "conftest.$objext"; then pre_test_object_deps_done=yes continue fi if test no = "$pre_test_object_deps_done"; then if test -z "$_LT_TAGVAR(predep_objects, $1)"; then _LT_TAGVAR(predep_objects, $1)=$p else _LT_TAGVAR(predep_objects, $1)="$_LT_TAGVAR(predep_objects, $1) $p" fi else if test -z "$_LT_TAGVAR(postdep_objects, $1)"; then _LT_TAGVAR(postdep_objects, $1)=$p else _LT_TAGVAR(postdep_objects, $1)="$_LT_TAGVAR(postdep_objects, $1) $p" fi fi ;; *) ;; # Ignore the rest. esac done # Clean up. rm -f a.out a.exe else echo "libtool.m4: error: problem compiling $1 test program" fi $RM -f confest.$objext CFLAGS=$_lt_libdeps_save_CFLAGS # PORTME: override above test on systems where it is broken m4_if([$1], [CXX], [case $host_os in interix[[3-9]]*) # Interix 3.5 installs completely hosed .la files for C++, so rather than # hack all around it, let's just trust "g++" to DTRT. _LT_TAGVAR(predep_objects,$1)= _LT_TAGVAR(postdep_objects,$1)= _LT_TAGVAR(postdeps,$1)= ;; esac ]) case " $_LT_TAGVAR(postdeps, $1) " in *" -lc "*) _LT_TAGVAR(archive_cmds_need_lc, $1)=no ;; esac _LT_TAGVAR(compiler_lib_search_dirs, $1)= if test -n "${_LT_TAGVAR(compiler_lib_search_path, $1)}"; then _LT_TAGVAR(compiler_lib_search_dirs, $1)=`echo " ${_LT_TAGVAR(compiler_lib_search_path, $1)}" | $SED -e 's! -L! !g' -e 's!^ !!'` fi _LT_TAGDECL([], [compiler_lib_search_dirs], [1], [The directories searched by this compiler when creating a shared library]) _LT_TAGDECL([], [predep_objects], [1], [Dependencies to place before and after the objects being linked to create a shared library]) _LT_TAGDECL([], [postdep_objects], [1]) _LT_TAGDECL([], [predeps], [1]) _LT_TAGDECL([], [postdeps], [1]) _LT_TAGDECL([], [compiler_lib_search_path], [1], [The library search path used internally by the compiler when linking a shared library]) ])# _LT_SYS_HIDDEN_LIBDEPS # _LT_LANG_F77_CONFIG([TAG]) # -------------------------- # Ensure that the configuration variables for a Fortran 77 compiler are # suitably defined. These variables are subsequently used by _LT_CONFIG # to write the compiler configuration to 'libtool'. m4_defun([_LT_LANG_F77_CONFIG], [AC_LANG_PUSH(Fortran 77) if test -z "$F77" || test no = "$F77"; then _lt_disable_F77=yes fi _LT_TAGVAR(archive_cmds_need_lc, $1)=no _LT_TAGVAR(allow_undefined_flag, $1)= _LT_TAGVAR(always_export_symbols, $1)=no _LT_TAGVAR(archive_expsym_cmds, $1)= _LT_TAGVAR(export_dynamic_flag_spec, $1)= _LT_TAGVAR(hardcode_direct, $1)=no _LT_TAGVAR(hardcode_direct_absolute, $1)=no _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= _LT_TAGVAR(hardcode_libdir_separator, $1)= _LT_TAGVAR(hardcode_minus_L, $1)=no _LT_TAGVAR(hardcode_automatic, $1)=no _LT_TAGVAR(inherit_rpath, $1)=no _LT_TAGVAR(module_cmds, $1)= _LT_TAGVAR(module_expsym_cmds, $1)= _LT_TAGVAR(link_all_deplibs, $1)=unknown _LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds _LT_TAGVAR(reload_flag, $1)=$reload_flag _LT_TAGVAR(reload_cmds, $1)=$reload_cmds _LT_TAGVAR(no_undefined_flag, $1)= _LT_TAGVAR(whole_archive_flag_spec, $1)= _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no # Source file extension for f77 test sources. ac_ext=f # Object file extension for compiled f77 test sources. objext=o _LT_TAGVAR(objext, $1)=$objext # No sense in running all these tests if we already determined that # the F77 compiler isn't working. Some variables (like enable_shared) # are currently assumed to apply to all compilers on this platform, # and will be corrupted by setting them based on a non-working compiler. if test yes != "$_lt_disable_F77"; then # Code to be used in simple compile tests lt_simple_compile_test_code="\ subroutine t return end " # Code to be used in simple link tests lt_simple_link_test_code="\ program t end " # ltmain only uses $CC for tagged configurations so make sure $CC is set. _LT_TAG_COMPILER # save warnings/boilerplate of simple test code _LT_COMPILER_BOILERPLATE _LT_LINKER_BOILERPLATE # Allow CC to be a program name with arguments. lt_save_CC=$CC lt_save_GCC=$GCC lt_save_CFLAGS=$CFLAGS CC=${F77-"f77"} CFLAGS=$FFLAGS compiler=$CC _LT_TAGVAR(compiler, $1)=$CC _LT_CC_BASENAME([$compiler]) GCC=$G77 if test -n "$compiler"; then AC_MSG_CHECKING([if libtool supports shared libraries]) AC_MSG_RESULT([$can_build_shared]) AC_MSG_CHECKING([whether to build shared libraries]) test no = "$can_build_shared" && enable_shared=no # On AIX, shared libraries and static libraries use the same namespace, and # are all built from PIC. case $host_os in aix3*) test yes = "$enable_shared" && enable_static=no if test -n "$RANLIB"; then archive_cmds="$archive_cmds~\$RANLIB \$lib" postinstall_cmds='$RANLIB $lib' fi ;; aix[[4-9]]*) if test ia64 != "$host_cpu"; then case $enable_shared,$with_aix_soname,$aix_use_runtimelinking in yes,aix,yes) ;; # shared object as lib.so file only yes,svr4,*) ;; # shared object as lib.so archive member only yes,*) enable_static=no ;; # shared object in lib.a archive as well esac fi ;; esac AC_MSG_RESULT([$enable_shared]) AC_MSG_CHECKING([whether to build static libraries]) # Make sure either enable_shared or enable_static is yes. test yes = "$enable_shared" || enable_static=yes AC_MSG_RESULT([$enable_static]) _LT_TAGVAR(GCC, $1)=$G77 _LT_TAGVAR(LD, $1)=$LD ## CAVEAT EMPTOR: ## There is no encapsulation within the following macros, do not change ## the running order or otherwise move them around unless you know exactly ## what you are doing... _LT_COMPILER_PIC($1) _LT_COMPILER_C_O($1) _LT_COMPILER_FILE_LOCKS($1) _LT_LINKER_SHLIBS($1) _LT_SYS_DYNAMIC_LINKER($1) _LT_LINKER_HARDCODE_LIBPATH($1) _LT_CONFIG($1) fi # test -n "$compiler" GCC=$lt_save_GCC CC=$lt_save_CC CFLAGS=$lt_save_CFLAGS fi # test yes != "$_lt_disable_F77" AC_LANG_POP ])# _LT_LANG_F77_CONFIG # _LT_LANG_FC_CONFIG([TAG]) # ------------------------- # Ensure that the configuration variables for a Fortran compiler are # suitably defined. These variables are subsequently used by _LT_CONFIG # to write the compiler configuration to 'libtool'. m4_defun([_LT_LANG_FC_CONFIG], [AC_LANG_PUSH(Fortran) if test -z "$FC" || test no = "$FC"; then _lt_disable_FC=yes fi _LT_TAGVAR(archive_cmds_need_lc, $1)=no _LT_TAGVAR(allow_undefined_flag, $1)= _LT_TAGVAR(always_export_symbols, $1)=no _LT_TAGVAR(archive_expsym_cmds, $1)= _LT_TAGVAR(export_dynamic_flag_spec, $1)= _LT_TAGVAR(hardcode_direct, $1)=no _LT_TAGVAR(hardcode_direct_absolute, $1)=no _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= _LT_TAGVAR(hardcode_libdir_separator, $1)= _LT_TAGVAR(hardcode_minus_L, $1)=no _LT_TAGVAR(hardcode_automatic, $1)=no _LT_TAGVAR(inherit_rpath, $1)=no _LT_TAGVAR(module_cmds, $1)= _LT_TAGVAR(module_expsym_cmds, $1)= _LT_TAGVAR(link_all_deplibs, $1)=unknown _LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds _LT_TAGVAR(reload_flag, $1)=$reload_flag _LT_TAGVAR(reload_cmds, $1)=$reload_cmds _LT_TAGVAR(no_undefined_flag, $1)= _LT_TAGVAR(whole_archive_flag_spec, $1)= _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no # Source file extension for fc test sources. ac_ext=${ac_fc_srcext-f} # Object file extension for compiled fc test sources. objext=o _LT_TAGVAR(objext, $1)=$objext # No sense in running all these tests if we already determined that # the FC compiler isn't working. Some variables (like enable_shared) # are currently assumed to apply to all compilers on this platform, # and will be corrupted by setting them based on a non-working compiler. if test yes != "$_lt_disable_FC"; then # Code to be used in simple compile tests lt_simple_compile_test_code="\ subroutine t return end " # Code to be used in simple link tests lt_simple_link_test_code="\ program t end " # ltmain only uses $CC for tagged configurations so make sure $CC is set. _LT_TAG_COMPILER # save warnings/boilerplate of simple test code _LT_COMPILER_BOILERPLATE _LT_LINKER_BOILERPLATE # Allow CC to be a program name with arguments. lt_save_CC=$CC lt_save_GCC=$GCC lt_save_CFLAGS=$CFLAGS CC=${FC-"f95"} CFLAGS=$FCFLAGS compiler=$CC GCC=$ac_cv_fc_compiler_gnu _LT_TAGVAR(compiler, $1)=$CC _LT_CC_BASENAME([$compiler]) if test -n "$compiler"; then AC_MSG_CHECKING([if libtool supports shared libraries]) AC_MSG_RESULT([$can_build_shared]) AC_MSG_CHECKING([whether to build shared libraries]) test no = "$can_build_shared" && enable_shared=no # On AIX, shared libraries and static libraries use the same namespace, and # are all built from PIC. case $host_os in aix3*) test yes = "$enable_shared" && enable_static=no if test -n "$RANLIB"; then archive_cmds="$archive_cmds~\$RANLIB \$lib" postinstall_cmds='$RANLIB $lib' fi ;; aix[[4-9]]*) if test ia64 != "$host_cpu"; then case $enable_shared,$with_aix_soname,$aix_use_runtimelinking in yes,aix,yes) ;; # shared object as lib.so file only yes,svr4,*) ;; # shared object as lib.so archive member only yes,*) enable_static=no ;; # shared object in lib.a archive as well esac fi ;; esac AC_MSG_RESULT([$enable_shared]) AC_MSG_CHECKING([whether to build static libraries]) # Make sure either enable_shared or enable_static is yes. test yes = "$enable_shared" || enable_static=yes AC_MSG_RESULT([$enable_static]) _LT_TAGVAR(GCC, $1)=$ac_cv_fc_compiler_gnu _LT_TAGVAR(LD, $1)=$LD ## CAVEAT EMPTOR: ## There is no encapsulation within the following macros, do not change ## the running order or otherwise move them around unless you know exactly ## what you are doing... _LT_SYS_HIDDEN_LIBDEPS($1) _LT_COMPILER_PIC($1) _LT_COMPILER_C_O($1) _LT_COMPILER_FILE_LOCKS($1) _LT_LINKER_SHLIBS($1) _LT_SYS_DYNAMIC_LINKER($1) _LT_LINKER_HARDCODE_LIBPATH($1) _LT_CONFIG($1) fi # test -n "$compiler" GCC=$lt_save_GCC CC=$lt_save_CC CFLAGS=$lt_save_CFLAGS fi # test yes != "$_lt_disable_FC" AC_LANG_POP ])# _LT_LANG_FC_CONFIG # _LT_LANG_GCJ_CONFIG([TAG]) # -------------------------- # Ensure that the configuration variables for the GNU Java Compiler compiler # are suitably defined. These variables are subsequently used by _LT_CONFIG # to write the compiler configuration to 'libtool'. m4_defun([_LT_LANG_GCJ_CONFIG], [AC_REQUIRE([LT_PROG_GCJ])dnl AC_LANG_SAVE # Source file extension for Java test sources. ac_ext=java # Object file extension for compiled Java test sources. objext=o _LT_TAGVAR(objext, $1)=$objext # Code to be used in simple compile tests lt_simple_compile_test_code="class foo {}" # Code to be used in simple link tests lt_simple_link_test_code='public class conftest { public static void main(String[[]] argv) {}; }' # ltmain only uses $CC for tagged configurations so make sure $CC is set. _LT_TAG_COMPILER # save warnings/boilerplate of simple test code _LT_COMPILER_BOILERPLATE _LT_LINKER_BOILERPLATE # Allow CC to be a program name with arguments. lt_save_CC=$CC lt_save_CFLAGS=$CFLAGS lt_save_GCC=$GCC GCC=yes CC=${GCJ-"gcj"} CFLAGS=$GCJFLAGS compiler=$CC _LT_TAGVAR(compiler, $1)=$CC _LT_TAGVAR(LD, $1)=$LD _LT_CC_BASENAME([$compiler]) # GCJ did not exist at the time GCC didn't implicitly link libc in. _LT_TAGVAR(archive_cmds_need_lc, $1)=no _LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds _LT_TAGVAR(reload_flag, $1)=$reload_flag _LT_TAGVAR(reload_cmds, $1)=$reload_cmds ## CAVEAT EMPTOR: ## There is no encapsulation within the following macros, do not change ## the running order or otherwise move them around unless you know exactly ## what you are doing... if test -n "$compiler"; then _LT_COMPILER_NO_RTTI($1) _LT_COMPILER_PIC($1) _LT_COMPILER_C_O($1) _LT_COMPILER_FILE_LOCKS($1) _LT_LINKER_SHLIBS($1) _LT_LINKER_HARDCODE_LIBPATH($1) _LT_CONFIG($1) fi AC_LANG_RESTORE GCC=$lt_save_GCC CC=$lt_save_CC CFLAGS=$lt_save_CFLAGS ])# _LT_LANG_GCJ_CONFIG # _LT_LANG_GO_CONFIG([TAG]) # -------------------------- # Ensure that the configuration variables for the GNU Go compiler # are suitably defined. These variables are subsequently used by _LT_CONFIG # to write the compiler configuration to 'libtool'. m4_defun([_LT_LANG_GO_CONFIG], [AC_REQUIRE([LT_PROG_GO])dnl AC_LANG_SAVE # Source file extension for Go test sources. ac_ext=go # Object file extension for compiled Go test sources. objext=o _LT_TAGVAR(objext, $1)=$objext # Code to be used in simple compile tests lt_simple_compile_test_code="package main; func main() { }" # Code to be used in simple link tests lt_simple_link_test_code='package main; func main() { }' # ltmain only uses $CC for tagged configurations so make sure $CC is set. _LT_TAG_COMPILER # save warnings/boilerplate of simple test code _LT_COMPILER_BOILERPLATE _LT_LINKER_BOILERPLATE # Allow CC to be a program name with arguments. lt_save_CC=$CC lt_save_CFLAGS=$CFLAGS lt_save_GCC=$GCC GCC=yes CC=${GOC-"gccgo"} CFLAGS=$GOFLAGS compiler=$CC _LT_TAGVAR(compiler, $1)=$CC _LT_TAGVAR(LD, $1)=$LD _LT_CC_BASENAME([$compiler]) # Go did not exist at the time GCC didn't implicitly link libc in. _LT_TAGVAR(archive_cmds_need_lc, $1)=no _LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds _LT_TAGVAR(reload_flag, $1)=$reload_flag _LT_TAGVAR(reload_cmds, $1)=$reload_cmds ## CAVEAT EMPTOR: ## There is no encapsulation within the following macros, do not change ## the running order or otherwise move them around unless you know exactly ## what you are doing... if test -n "$compiler"; then _LT_COMPILER_NO_RTTI($1) _LT_COMPILER_PIC($1) _LT_COMPILER_C_O($1) _LT_COMPILER_FILE_LOCKS($1) _LT_LINKER_SHLIBS($1) _LT_LINKER_HARDCODE_LIBPATH($1) _LT_CONFIG($1) fi AC_LANG_RESTORE GCC=$lt_save_GCC CC=$lt_save_CC CFLAGS=$lt_save_CFLAGS ])# _LT_LANG_GO_CONFIG # _LT_LANG_RC_CONFIG([TAG]) # ------------------------- # Ensure that the configuration variables for the Windows resource compiler # are suitably defined. These variables are subsequently used by _LT_CONFIG # to write the compiler configuration to 'libtool'. m4_defun([_LT_LANG_RC_CONFIG], [AC_REQUIRE([LT_PROG_RC])dnl AC_LANG_SAVE # Source file extension for RC test sources. ac_ext=rc # Object file extension for compiled RC test sources. objext=o _LT_TAGVAR(objext, $1)=$objext # Code to be used in simple compile tests lt_simple_compile_test_code='sample MENU { MENUITEM "&Soup", 100, CHECKED }' # Code to be used in simple link tests lt_simple_link_test_code=$lt_simple_compile_test_code # ltmain only uses $CC for tagged configurations so make sure $CC is set. _LT_TAG_COMPILER # save warnings/boilerplate of simple test code _LT_COMPILER_BOILERPLATE _LT_LINKER_BOILERPLATE # Allow CC to be a program name with arguments. lt_save_CC=$CC lt_save_CFLAGS=$CFLAGS lt_save_GCC=$GCC GCC= CC=${RC-"windres"} CFLAGS= compiler=$CC _LT_TAGVAR(compiler, $1)=$CC _LT_CC_BASENAME([$compiler]) _LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)=yes if test -n "$compiler"; then : _LT_CONFIG($1) fi GCC=$lt_save_GCC AC_LANG_RESTORE CC=$lt_save_CC CFLAGS=$lt_save_CFLAGS ])# _LT_LANG_RC_CONFIG # LT_PROG_GCJ # ----------- AC_DEFUN([LT_PROG_GCJ], [m4_ifdef([AC_PROG_GCJ], [AC_PROG_GCJ], [m4_ifdef([A][M_PROG_GCJ], [A][M_PROG_GCJ], [AC_CHECK_TOOL(GCJ, gcj,) test set = "${GCJFLAGS+set}" || GCJFLAGS="-g -O2" AC_SUBST(GCJFLAGS)])])[]dnl ]) # Old name: AU_ALIAS([LT_AC_PROG_GCJ], [LT_PROG_GCJ]) dnl aclocal-1.4 backwards compatibility: dnl AC_DEFUN([LT_AC_PROG_GCJ], []) # LT_PROG_GO # ---------- AC_DEFUN([LT_PROG_GO], [AC_CHECK_TOOL(GOC, gccgo,) ]) # LT_PROG_RC # ---------- AC_DEFUN([LT_PROG_RC], [AC_CHECK_TOOL(RC, windres,) ]) # Old name: AU_ALIAS([LT_AC_PROG_RC], [LT_PROG_RC]) dnl aclocal-1.4 backwards compatibility: dnl AC_DEFUN([LT_AC_PROG_RC], []) # _LT_DECL_EGREP # -------------- # If we don't have a new enough Autoconf to choose the best grep # available, choose the one first in the user's PATH. m4_defun([_LT_DECL_EGREP], [AC_REQUIRE([AC_PROG_EGREP])dnl AC_REQUIRE([AC_PROG_FGREP])dnl test -z "$GREP" && GREP=grep _LT_DECL([], [GREP], [1], [A grep program that handles long lines]) _LT_DECL([], [EGREP], [1], [An ERE matcher]) _LT_DECL([], [FGREP], [1], [A literal string matcher]) dnl Non-bleeding-edge autoconf doesn't subst GREP, so do it here too AC_SUBST([GREP]) ]) # _LT_DECL_OBJDUMP # -------------- # If we don't have a new enough Autoconf to choose the best objdump # available, choose the one first in the user's PATH. m4_defun([_LT_DECL_OBJDUMP], [AC_CHECK_TOOL(OBJDUMP, objdump, false) test -z "$OBJDUMP" && OBJDUMP=objdump _LT_DECL([], [OBJDUMP], [1], [An object symbol dumper]) AC_SUBST([OBJDUMP]) ]) # _LT_DECL_DLLTOOL # ---------------- # Ensure DLLTOOL variable is set. m4_defun([_LT_DECL_DLLTOOL], [AC_CHECK_TOOL(DLLTOOL, dlltool, false) test -z "$DLLTOOL" && DLLTOOL=dlltool _LT_DECL([], [DLLTOOL], [1], [DLL creation program]) AC_SUBST([DLLTOOL]) ]) # _LT_DECL_FILECMD # ---------------- # Check for a file(cmd) program that can be used to detect file type and magic m4_defun([_LT_DECL_FILECMD], [AC_CHECK_TOOL([FILECMD], [file], [:]) _LT_DECL([], [FILECMD], [1], [A file(cmd) program that detects file types]) ])# _LD_DECL_FILECMD # _LT_DECL_SED # ------------ # Check for a fully-functional sed program, that truncates # as few characters as possible. Prefer GNU sed if found. m4_defun([_LT_DECL_SED], [AC_PROG_SED test -z "$SED" && SED=sed Xsed="$SED -e 1s/^X//" _LT_DECL([], [SED], [1], [A sed program that does not truncate output]) _LT_DECL([], [Xsed], ["\$SED -e 1s/^X//"], [Sed that helps us avoid accidentally triggering echo(1) options like -n]) ])# _LT_DECL_SED m4_ifndef([AC_PROG_SED], [ ############################################################ # NOTE: This macro has been submitted for inclusion into # # GNU Autoconf as AC_PROG_SED. When it is available in # # a released version of Autoconf we should remove this # # macro and use it instead. # ############################################################ m4_defun([AC_PROG_SED], [AC_MSG_CHECKING([for a sed that does not truncate output]) AC_CACHE_VAL(lt_cv_path_SED, [# Loop through the user's path and test for sed and gsed. # Then use that list of sed's as ones to test for truncation. as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for lt_ac_prog in sed gsed; do for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$lt_ac_prog$ac_exec_ext"; then lt_ac_sed_list="$lt_ac_sed_list $as_dir/$lt_ac_prog$ac_exec_ext" fi done done done IFS=$as_save_IFS lt_ac_max=0 lt_ac_count=0 # Add /usr/xpg4/bin/sed as it is typically found on Solaris # along with /bin/sed that truncates output. for lt_ac_sed in $lt_ac_sed_list /usr/xpg4/bin/sed; do test ! -f "$lt_ac_sed" && continue cat /dev/null > conftest.in lt_ac_count=0 echo $ECHO_N "0123456789$ECHO_C" >conftest.in # Check for GNU sed and select it if it is found. if "$lt_ac_sed" --version 2>&1 < /dev/null | grep 'GNU' > /dev/null; then lt_cv_path_SED=$lt_ac_sed break fi while true; do cat conftest.in conftest.in >conftest.tmp mv conftest.tmp conftest.in cp conftest.in conftest.nl echo >>conftest.nl $lt_ac_sed -e 's/a$//' < conftest.nl >conftest.out || break cmp -s conftest.out conftest.nl || break # 10000 chars as input seems more than enough test 10 -lt "$lt_ac_count" && break lt_ac_count=`expr $lt_ac_count + 1` if test "$lt_ac_count" -gt "$lt_ac_max"; then lt_ac_max=$lt_ac_count lt_cv_path_SED=$lt_ac_sed fi done done ]) SED=$lt_cv_path_SED AC_SUBST([SED]) AC_MSG_RESULT([$SED]) ])#AC_PROG_SED ])#m4_ifndef # Old name: AU_ALIAS([LT_AC_PROG_SED], [AC_PROG_SED]) dnl aclocal-1.4 backwards compatibility: dnl AC_DEFUN([LT_AC_PROG_SED], []) # _LT_CHECK_SHELL_FEATURES # ------------------------ # Find out whether the shell is Bourne or XSI compatible, # or has some other useful features. m4_defun([_LT_CHECK_SHELL_FEATURES], [if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then lt_unset=unset else lt_unset=false fi _LT_DECL([], [lt_unset], [0], [whether the shell understands "unset"])dnl # test EBCDIC or ASCII case `echo X|tr X '\101'` in A) # ASCII based system # \n is not interpreted correctly by Solaris 8 /usr/ucb/tr lt_SP2NL='tr \040 \012' lt_NL2SP='tr \015\012 \040\040' ;; *) # EBCDIC based system lt_SP2NL='tr \100 \n' lt_NL2SP='tr \r\n \100\100' ;; esac _LT_DECL([SP2NL], [lt_SP2NL], [1], [turn spaces into newlines])dnl _LT_DECL([NL2SP], [lt_NL2SP], [1], [turn newlines into spaces])dnl ])# _LT_CHECK_SHELL_FEATURES # _LT_PATH_CONVERSION_FUNCTIONS # ----------------------------- # Determine what file name conversion functions should be used by # func_to_host_file (and, implicitly, by func_to_host_path). These are needed # for certain cross-compile configurations and native mingw. m4_defun([_LT_PATH_CONVERSION_FUNCTIONS], [AC_REQUIRE([AC_CANONICAL_HOST])dnl AC_REQUIRE([AC_CANONICAL_BUILD])dnl AC_MSG_CHECKING([how to convert $build file names to $host format]) AC_CACHE_VAL(lt_cv_to_host_file_cmd, [case $host in *-*-mingw* ) case $build in *-*-mingw* ) # actually msys lt_cv_to_host_file_cmd=func_convert_file_msys_to_w32 ;; *-*-cygwin* ) lt_cv_to_host_file_cmd=func_convert_file_cygwin_to_w32 ;; * ) # otherwise, assume *nix lt_cv_to_host_file_cmd=func_convert_file_nix_to_w32 ;; esac ;; *-*-cygwin* ) case $build in *-*-mingw* ) # actually msys lt_cv_to_host_file_cmd=func_convert_file_msys_to_cygwin ;; *-*-cygwin* ) lt_cv_to_host_file_cmd=func_convert_file_noop ;; * ) # otherwise, assume *nix lt_cv_to_host_file_cmd=func_convert_file_nix_to_cygwin ;; esac ;; * ) # unhandled hosts (and "normal" native builds) lt_cv_to_host_file_cmd=func_convert_file_noop ;; esac ]) to_host_file_cmd=$lt_cv_to_host_file_cmd AC_MSG_RESULT([$lt_cv_to_host_file_cmd]) _LT_DECL([to_host_file_cmd], [lt_cv_to_host_file_cmd], [0], [convert $build file names to $host format])dnl AC_MSG_CHECKING([how to convert $build file names to toolchain format]) AC_CACHE_VAL(lt_cv_to_tool_file_cmd, [#assume ordinary cross tools, or native build. lt_cv_to_tool_file_cmd=func_convert_file_noop case $host in *-*-mingw* ) case $build in *-*-mingw* ) # actually msys lt_cv_to_tool_file_cmd=func_convert_file_msys_to_w32 ;; esac ;; esac ]) to_tool_file_cmd=$lt_cv_to_tool_file_cmd AC_MSG_RESULT([$lt_cv_to_tool_file_cmd]) _LT_DECL([to_tool_file_cmd], [lt_cv_to_tool_file_cmd], [0], [convert $build files to toolchain format])dnl ])# _LT_PATH_CONVERSION_FUNCTIONS ldns-1.9.0/configure.ac0000664000175000017500000011514415114326257014331 0ustar willemwillem# -*- Autoconf -*- # Process this file with autoconf to produce a configure script. AC_PREREQ([2.71]) sinclude(acx_nlnetlabs.m4) # must be numbers. ac_defun because of later processing. m4_define([VERSION_MAJOR],[1]) m4_define([VERSION_MINOR],[9]) m4_define([VERSION_MICRO],[0]) AC_INIT([ldns],m4_defn([VERSION_MAJOR]).m4_defn([VERSION_MINOR]).m4_defn([VERSION_MICRO]),[dns-team@nlnetlabs.nl],[libdns]) AC_CONFIG_SRCDIR([packet.c]) # needed to build correct soname AC_SUBST(LDNS_VERSION_MAJOR, [VERSION_MAJOR]) AC_SUBST(LDNS_VERSION_MINOR, [VERSION_MINOR]) AC_SUBST(LDNS_VERSION_MICRO, [VERSION_MICRO]) # Library version # --------------- # current:revision:age # (binary-api-number):(which-binary-api-version):(how-many-nrs-backwardscompat) # if source code changes increment revision # if any interfaces have been added/removed/changed since last update then # increment current and set revision to 0 # if any interfaces have been added since the last public release then increment age # if any interfaces have been removed or changed since the last public release then # set age to 0 # # ldns-1.6.17 and before had a .so with version same as VERSION_INFO # ldns-1.7.0 had libversion 2:0:0 # ldns-1.7.1 had libversion 3:0:0 (though it should have had 3:0:1) # ldns-1.8.0 had libversion 4:0:2 (though it should have had 4:0:1) # ldns-1.8.1 had libversion 5:0:2 # ldns-1.8.1 had libversion 6:0:3 # ldns-1.8.2 had libversion 7:0:4 # ldns-1.8.3 has libversion 8:0:5 # ldns-1.9.0 will have libversion 9:0:6 (new behaviour for dnssec_rrs_add_rr) # AC_SUBST(VERSION_INFO, [9:0:6]) AC_USE_SYSTEM_EXTENSIONS if test "$ac_cv_header_minix_config_h" = "yes"; then AC_DEFINE(_NETBSD_SOURCE,1, [Enable for compile on Minix]) fi LT_INIT AC_CONFIG_MACRO_DIR([m4]) OURCPPFLAGS='' CPPFLAGS=${CPPFLAGS:-${OURCPPFLAGS}} CFLAGS="$CFLAGS" # Checks for programs. AC_PROG_CC ACX_DEPFLAG AC_PROG_MAKE_SET # Extra (sp)lint flags for NetBSD AC_CANONICAL_HOST case "$host_os" in netbsd*) LINTFLAGS="'-D__RENAME(x)=' -D_NETINET_IN_H_ $LINTFLAGS" ;; *) LINTFLAGS="$LINTFLAGS" ;; esac AC_SUBST(LINTFLAGS) AC_DEFINE(WINVER, 0x0502, [the version of the windows API enabled]) ACX_CHECK_COMPILER_FLAG(std=c99, [C99FLAG="-std=c99"]) ACX_CHECK_COMPILER_FLAG(xc99, [C99FLAG="-xc99"]) # routine to copy files # argument 1 is a list of files (relative to the source dir) # argument 2 is a destination directory (relative to the current # working directory AC_DEFUN([COPY_FILES], [ for file in $1; do sh $srcdir/install-sh -m 644 $file $2 done ]) # copy all .h files in the dir at argument 1 # (relative to source) to the dir at argument 2 # (relative to current dir) AC_DEFUN([COPY_HEADER_FILES], [ echo "copying header files" COPY_FILES($srcdir/$1/*.h, $2) ]) # Checks for typedefs, structures, and compiler characteristics. AC_C_CONST AC_LANG([C]) if test "x$CFLAGS" = "x" ; then ACX_CHECK_COMPILER_FLAG(g, [CFLAGS="-g"]) ACX_CHECK_COMPILER_FLAG(O2, [CFLAGS="-O2 $CFLAGS"]) fi ACX_CHECK_COMPILER_FLAG(Wall, [CFLAGS="-Wall $CFLAGS"]) ACX_CHECK_COMPILER_FLAG(W, [CFLAGS="-W $CFLAGS"]) ACX_CHECK_COMPILER_FLAG(Wwrite-strings, [CFLAGS="-Wwrite-strings $CFLAGS"]) ACX_CHECK_COMPILER_FLAG(Wstrict-prototypes, [CFLAGS="-Wstrict-prototypes $CFLAGS"]) #ACX_CHECK_COMPILER_FLAG(Wshadow, [CFLAGS="-Wshadow $CFLAGS"]) ACX_CHECK_COMPILER_FLAG(Wunused-function, [CFLAGS="-Wunused-function $CFLAGS"]) ACX_CHECK_COMPILER_FLAG(Wmissing-prototypes, [CFLAGS="-Wmissing-prototypes $CFLAGS"]) ACX_CHECK_COMPILER_FLAG(fno-strict-aliasing, [CFLAGS="-fno-strict-aliasing $CFLAGS"]) AC_CHECK_HEADERS([getopt.h time.h],,, [AC_INCLUDES_DEFAULT]) # MinGW32 tests AC_CHECK_HEADERS([winsock2.h ws2tcpip.h],,, [AC_INCLUDES_DEFAULT]) # end mingw32 tests # Check for Apple header. This uncovers TARGET_OS_IPHONE, TARGET_OS_TV or TARGET_OS_WATCH AC_CHECK_HEADERS([TargetConditionals.h]) ACX_DETERMINE_EXT_FLAGS_UNBOUND AC_C_INLINE AC_CHECK_TYPE(int8_t, char) AC_CHECK_TYPE(int16_t, short) AC_CHECK_TYPE(int32_t, int) AC_CHECK_TYPE(int64_t, long long) AC_CHECK_TYPE(uint8_t, unsigned char) AC_CHECK_TYPE(uint16_t, unsigned short) AC_CHECK_TYPE(uint32_t, unsigned int) AC_CHECK_TYPE(uint64_t, unsigned long long) # my own checks AC_CHECK_PROG(doxygen, doxygen, doxygen) # check to see if libraries are needed for these functions. AC_CHECK_FUNC([socket], [], [AC_SEARCH_LIBS([socket], [socket]) ]) # modern Linux provides inet_ntop in -lsocket. # modern OS X provides inet_ntop in -lc. # modern Solaris provides inet_ntop in -lsocket -lnsl. # older Solaris provides inet_ntop in -lresolv. # Windows provides inet_ntop in -lws2_32. AC_CHECK_FUNC([inet_ntop], [], [AC_SEARCH_LIBS([inet_ntop], [socket c nsl resolv ws2_32], [ac_cv_func_inet_ntop=yes]) ]) # modern Linux provides inet_pton in -lsocket. # modern OS X provides inet_pton in -lc. # modern Solaris provides inet_pton in -lsocket -lnsl. # older Solaris provides inet_pton in -lresolv. # Windows provides inet_pton in -lws2_32. AC_CHECK_FUNC([inet_pton], [], [AC_SEARCH_LIBS([inet_pton], [socket c nsl resolv ws2_32], [ac_cv_func_inet_pton=yes]) ]) AC_ARG_WITH(drill, AS_HELP_STRING([--with-drill],[Also build drill.]), [],[with_drill="no"]) if test x_$with_drill != x_no ; then AC_SUBST(DRILL,[drill]) AC_SUBST(INSTALL_DRILL,[install-drill]) AC_SUBST(UNINSTALL_DRILL,[uninstall-drill]) AC_SUBST(CLEAN_DRILL,[clean-drill]) AC_SUBST(LINT_DRILL,[lint-drill]) if test -e $srcdir/drill/config.h -o -e drill/config.h ; then AC_MSG_ERROR([ A config.h was detected in the drill subdirectory. This does not work with the --with-drill option. Please remove the config.h from the drill subdirectory or do not use the --with-drill option.]) fi else AC_SUBST(DRILL,[""]) AC_SUBST(INSTALL_DRILL,[""]) AC_SUBST(UNINSTALL_DRILL,[""]) AC_SUBST(CLEAN_DRILL,[""]) AC_SUBST(LINT_DRILL,[""]) fi AC_ARG_WITH(examples, AS_HELP_STRING([--with-examples],[Also build examples.]), [],[with_examples="no"]) if test x_$with_examples != x_no ; then AC_SUBST(EXAMPLES,[examples]) AC_SUBST(INSTALL_EXAMPLES,[install-examples]) AC_SUBST(UNINSTALL_EXAMPLES,[uninstall-examples]) AC_SUBST(CLEAN_EXAMPLES,[clean-examples]) AC_SUBST(LINT_EXAMPLES,[lint-examples]) if test -e $srcdir/examples/config.h -o -e examples/config.h ; then AC_MSG_ERROR([ A config.h was detected in the examples subdirectory. This does not work with the --with-examples option. Please remove the config.h from the examples subdirectory or do not use the --with-examples option.]) fi else AC_SUBST(EXAMPLES,[""]) AC_SUBST(INSTALL_EXAMPLES,[""]) AC_SUBST(UNINSTALL_EXAMPLES,[""]) AC_SUBST(CLEAN_EXAMPLES,[""]) AC_SUBST(LINT_EXAMPLES,[""]) fi # add option to disable installation of ldns-config script AC_ARG_ENABLE(ldns-config, AS_HELP_STRING([--disable-ldns-config],[disable installation of ldns-config (default=enabled)]), enable_ldns_config=$enableval, enable_ldns_config=yes) if test "x$enable_ldns_config" = xyes; then AC_SUBST(INSTALL_CONFIG, [install-config]) AC_SUBST(INSTALL_CONFIG_MANPAGE, [install-config-manpage]) AC_SUBST(UNINSTALL_CONFIG, [uninstall-config]) AC_SUBST(UNINSTALL_CONFIG_MANPAGE, [uninstall-config-manpage]) else AC_SUBST(INSTALL_CONFIG, [""]) AC_SUBST(INSTALL_CONFIG_MANPAGE, [""]) AC_SUBST(UNINSTALL_CONFIG, [""]) AC_SUBST(UNINSTALL_CONFIG_MANPAGE, [""]) fi # add option to disable library printing to stderr AC_ARG_ENABLE(stderr-msgs, AS_HELP_STRING([--enable-stderr-msgs],[Enable printing to stderr (default=disabled)]), enable_stderr_msgs=$enableval, enable_stderr_msgs=no) case "$enable_stderr_msgs" in no) dnl default ;; *) AC_DEFINE_UNQUOTED([STDERR_MSGS], [1], [Define this to enable messages to stderr.]) ;; esac AX_HAVE_POLL( [AX_CONFIG_FEATURE_ENABLE(poll)], [AX_CONFIG_FEATURE_DISABLE(poll)]) AX_CONFIG_FEATURE( [poll], [This platform supports poll(7)], [HAVE_POLL], [This platform supports poll(7).]) # check for python PYTHON_X_CFLAGS="" ldns_with_pyldns=no ldns_with_pyldnsx=no AC_ARG_WITH(pyldns, AS_HELP_STRING([--with-pyldns],[generate python library, or --without-pyldns to disable Python support.]), [],[ withval="no" ]) ldns_have_python=no if test x_$withval != x_no; then sinclude(ax_python_devel.m4) ac_save_LIBS="$LIBS" dnl otherwise AC_PYTHON_DEVEL thrashes $LIBS AX_PYTHON_DEVEL([>= '2.4.0']) if test ! -z "$ac_python_version"; then ldns_have_python=yes fi # pass additional Python 3 option to SWIG if test `$PYTHON -c "import sys; \ ver = sys.version.split()[[0]]; \ print(ver >= '3')"` = "True"; then AC_SUBST(SWIGPY3, ["-py3 -DPY3"]) fi # check for SWIG if test x_$ldns_have_python != x_no; then sinclude(ax_pkg_swig.m4) # check for >=SWIG-2.0.4 if Python 3.2 used if test `$PYTHON -c "import sys; \ ver = sys.version.split()[[0]]; \ print(ver >= '3.2')"` = "True"; then AX_PKG_SWIG(2.0.4, [], [AC_MSG_ERROR([SWIG-2.0.4 is required to build pyldns for Python 3.2 and greater.])]) else AX_PKG_SWIG fi if test ! -x "$SWIG"; then AC_MSG_ERROR([failed to find SWIG tool, install it, or do not build pyldns]) else AC_DEFINE(HAVE_SWIG,1,[Define if you have SWIG libraries and header files.]) AC_SUBST(PYLDNS, "pyldns") AC_SUBST(swig, "$SWIG") ldns_with_pyldns=yes fi else AC_MSG_RESULT([*** don't have Python, skipping SWIG, no pyldns ***]) # ' fi # xtra cflags for pyldns if test x_$ldns_have_python != x_no; then ACX_CHECK_COMPILER_FLAG(fno-strict-aliasing, [PYTHON_X_CFLAGS="-fno-strict-aliasing"]) ACX_CHECK_COMPILER_FLAG(Wno-missing-field-initializers, [PYTHON_X_CFLAGS="-Wno-missing-field-initializers $PYTHON_X_CFLAGS"]) ACX_CHECK_COMPILER_FLAG(Wno-unused-parameter, [PYTHON_X_CFLAGS="-Wno-unused-parameter $PYTHON_X_CFLAGS"]) ACX_CHECK_COMPILER_FLAG(Wno-unused-variable, [PYTHON_X_CFLAGS="-Wno-unused-variable $PYTHON_X_CFLAGS"]) fi fi AC_SUBST(PYTHON_X_CFLAGS) # Check for pyldnsx AC_ARG_WITH(pyldnsx, AS_HELP_STRING([--without-pyldnsx],[Do not install the ldnsx python module, or --with-pyldnsx to install it.]), [],[ withval="with_pyldns" ]) if test x_$withval != x_no; then if test x_$ldns_with_pyldns != x_no; then AC_SUBST(PYLDNSX, "pyldnsx") ldns_with_pyldnsx=yes else if test x_$withval != x_with_pyldns; then AC_MSG_ERROR([--with-pyldns is needed for the ldnsx python module]) fi fi fi if test x_$ldns_with_pyldns != x_no; then AC_SUBST(PYLDNSINST, "install-pyldns")dnl AC_SUBST(PYLDNSUNINST, "uninstall-pyldns") else AC_SUBST(PYLDNSINST, "")dnl AC_SUBST(PYLDNSUNINST, "") fi if test x_$ldns_with_pyldnsx != x_no; then AC_SUBST(PYLDNSXINST, "install-pyldnsx")dnl AC_SUBST(PYLDNSXUNINST, "uninstall-pyldnsx") else AC_SUBST(PYLDNSXINST, "")dnl AC_SUBST(PYLDNSXUNINST, "") fi # check for perl ldns_with_p5_dns_ldns=no AC_ARG_WITH(p5-dns-ldns, AS_HELP_STRING([--with-p5-dns-ldns],[generate DNS::LDNS perl bindings]), [],[ withval="no" ]) ldns_have_perl=no if test x_$withval != x_no; then AC_PATH_PROG([PERL], [perl]) if test -z "$PERL"; then AC_MSG_ERROR([Cannot find perl in your system path]) fi AC_SUBST(P5_DNS_LDNS, "p5-dns-ldns")dnl AC_SUBST(TEST_P5_DNS_LDNS, "test-p5-dns-ldns")dnl AC_SUBST(INSTALL_P5_DNS_LDNS, "install-p5-dns-ldns")dnl AC_SUBST(UNINSTALL_P5_DNS_LDNS, "uninstall-p5-dns-ldns")dnl AC_SUBST(CLEAN_P5_DNS_LDNS, "clean-p5-dns-ldns") else AC_SUBST(P5_DNS_LDNS, "")dnl AC_SUBST(TEST_P5_DNS_LDNS, "")dnl AC_SUBST(INSTALL_P5_DNS_LDNS, "")dnl AC_SUBST(UNINSTALL_P5_DNS_LDNS, "")dnl AC_SUBST(CLEAN_P5_DNS_LDNS, "") fi # Use libtool ACX_LIBTOOL_C_ONLY tmp_CPPFLAGS=$CPPFLAGS tmp_LDFLAGS=$LDFLAGS tmp_LIBS=$LIBS ACX_WITH_SSL_OPTIONAL AC_MSG_CHECKING([for LibreSSL]) if grep VERSION_TEXT $ssldir/include/openssl/opensslv.h | grep "LibreSSL" >/dev/null; then AC_MSG_RESULT([yes]) AC_DEFINE([HAVE_LIBRESSL], [1], [Define if we have LibreSSL]) else AC_MSG_RESULT([no]) fi AC_CHECK_HEADERS([openssl/ssl.h openssl/evp.h openssl/engine.h openssl/conf.h]) AC_CHECK_FUNCS([EVP_sha256 EVP_sha384 EVP_sha512 EVP_PKEY_keygen ECDSA_SIG_get0 EVP_MD_CTX_new DSA_SIG_set0 DSA_SIG_get0 EVP_dss1 DSA_get0_pqg DSA_get0_key EVP_cleanup ENGINE_cleanup ENGINE_free CRYPTO_cleanup_all_ex_data ERR_free_strings CONF_modules_unload OPENSSL_init_ssl OPENSSL_init_crypto ERR_load_crypto_strings CRYPTO_memcmp EVP_PKEY_get_base_id]) AC_CHECK_DECLS([EVP_PKEY_base_id], [ AC_DEFINE_UNQUOTED([HAVE_EVP_PKEY_BASE_ID], [1], [Define to 1 if you have the EVP_PKEY_base_id function or macro.]) ], [], [AC_INCLUDES_DEFAULT #include ]) AC_MSG_CHECKING([Checking for OpenSSL >= 3.0.0]) AC_COMPILE_IFELSE([AC_LANG_PROGRAM([ #include #if OPENSSL_VERSION_MAJOR >= 3 #define SOMETHING #else This fails compiling. So either no OpenSSL at all (the include already failed), or the version < 3.0.0 #endif ], [ ])], [ AC_MSG_RESULT(yes) CFLAGS="-DOPENSSL_API_COMPAT=10100 $CFLAGS" ], [ AC_MSG_RESULT(no) ]) # for macosx, see if glibtool exists and use that # BSD's need to know the version... #AC_CHECK_PROG(glibtool, glibtool, [glibtool], ) #AC_CHECK_PROGS(libtool, [libtool15 libtool], [./libtool]) AC_ARG_ENABLE(sha2, AS_HELP_STRING([--disable-sha2],[Disable SHA256 and SHA512 RRSIG support])) case "$enable_sha2" in no) ;; yes|*) if test "x$HAVE_SSL" != "xyes"; then AC_MSG_ERROR([SHA2 enabled, but no SSL support]) fi AC_MSG_CHECKING(for SHA256 and SHA512) AC_CHECK_FUNC(SHA256_Init, [], [ AC_MSG_ERROR([No SHA2 functions found in OpenSSL: please upgrade OpenSSL or rerun with --disable-sha2]) ]) AC_DEFINE_UNQUOTED([USE_SHA2], [1], [Define this to enable SHA256 and SHA512 support.]) ;; esac # check whether gost also works AC_DEFUN([AC_CHECK_GOST_WORKS], [AC_REQUIRE([AC_PROG_CC]) AC_MSG_CHECKING([if GOST works]) if test c${cross_compiling} = cno; then BAKCFLAGS="$CFLAGS" if test -n "$ssldir"; then if test ! -d "$ssldir/lib" -a -d "$ssldir/lib64"; then CFLAGS="$CFLAGS -Wl,-rpath,$ssldir/lib64" else CFLAGS="$CFLAGS -Wl,-rpath,$ssldir/lib" fi fi AC_RUN_IFELSE([AC_LANG_SOURCE([[ #include #ifdef HAVE_OPENSSL_SSL_H #include #endif #ifdef HAVE_OPENSSL_EVP_H #include #endif #ifdef HAVE_OPENSSL_ENGINE_H #include #endif #ifdef HAVE_OPENSSL_CONF_H #include #endif /* routine to load gost (from sldns) */ int load_gost_id(void) { static int gost_id = 0; const EVP_PKEY_ASN1_METHOD* meth; ENGINE* e; if(gost_id) return gost_id; /* see if configuration loaded gost implementation from other engine*/ meth = EVP_PKEY_asn1_find_str(NULL, "gost2001", -1); if(meth) { EVP_PKEY_asn1_get0_info(&gost_id, NULL, NULL, NULL, NULL, meth); return gost_id; } /* see if engine can be loaded already */ e = ENGINE_by_id("gost"); if(!e) { /* load it ourself, in case statically linked */ ENGINE_load_builtin_engines(); ENGINE_load_dynamic(); e = ENGINE_by_id("gost"); } if(!e) { /* no gost engine in openssl */ return 0; } if(!ENGINE_set_default(e, ENGINE_METHOD_ALL)) { ENGINE_finish(e); ENGINE_free(e); return 0; } meth = EVP_PKEY_asn1_find_str(&e, "gost2001", -1); if(!meth) { /* algo not found */ ENGINE_finish(e); ENGINE_free(e); return 0; } EVP_PKEY_asn1_get0_info(&gost_id, NULL, NULL, NULL, NULL, meth); return gost_id; } int main(void) { EVP_MD_CTX* ctx; const EVP_MD* md; unsigned char digest[64]; /* its a 256-bit digest, so uses 32 bytes */ const char* str = "Hello world"; const unsigned char check[] = { 0x40 , 0xed , 0xf8 , 0x56 , 0x5a , 0xc5 , 0x36 , 0xe1 , 0x33 , 0x7c , 0x7e , 0x87 , 0x62 , 0x1c , 0x42 , 0xe0 , 0x17 , 0x1b , 0x5e , 0xce , 0xa8 , 0x46 , 0x65 , 0x4d , 0x8d , 0x3e , 0x22 , 0x9b , 0xe1 , 0x30 , 0x19 , 0x9d }; OPENSSL_config(NULL); (void)load_gost_id(); md = EVP_get_digestbyname("md_gost94"); if(!md) return 1; memset(digest, 0, sizeof(digest)); ctx = EVP_MD_CTX_create(); if(!ctx) return 2; if(!EVP_DigestInit_ex(ctx, md, NULL)) return 3; if(!EVP_DigestUpdate(ctx, str, 10)) return 4; if(!EVP_DigestFinal_ex(ctx, digest, NULL)) return 5; /* uncomment to see the hash calculated. {int i; for(i=0; i<32; i++) printf(" %2.2x", (int)digest[i]); printf("\n");} */ if(memcmp(digest, check, sizeof(check)) != 0) return 6; return 0; } ]])] , [eval "ac_cv_c_gost_works=yes"], [eval "ac_cv_c_gost_works=no"]) CFLAGS="$BAKCFLAGS" else eval "ac_cv_c_gost_works=maybe" fi ])dnl AC_ARG_ENABLE(gost, AS_HELP_STRING([--disable-gost],[Disable GOST support])) case "$enable_gost" in no) ;; *) dnl default if test "x$HAVE_SSL" != "xyes"; then AC_MSG_ERROR([GOST enabled, but no SSL support]) fi AC_MSG_CHECKING(for GOST) AC_CHECK_FUNC(EVP_PKEY_set_type_str, [],[AC_MSG_ERROR([OpenSSL >= 1.0.0 is needed for GOST support or rerun with --disable-gost])]) AC_CHECK_FUNC(EC_KEY_new, [], [AC_MSG_ERROR([No ECC functions found in OpenSSL: please upgrade OpenSSL or rerun with --disable-gost])]) AC_CHECK_GOST_WORKS AC_ARG_ENABLE(gost-anyway, AS_HELP_STRING([--enable-gost-anyway],[Enable GOST even without a GOST engine installed])) if test "$ac_cv_c_gost_works" != "no" -o "$enable_gost_anyway" = "yes"; then if test "$ac_cv_c_gost_works" = "no"; then AC_MSG_RESULT([no, but compiling with GOST support anyway]) else AC_MSG_RESULT([yes]) fi use_gost="yes" AC_DEFINE([USE_GOST], [1], [Define this to enable GOST support.]) else AC_MSG_RESULT([no]) AC_MSG_WARN([Gost support does not work because the engine is missing.]) AC_MSG_WARN([Install gost-engine first or use the --enable-gost-anyway to compile with GOST support anyway]) AC_MSG_WARN([See also https://github.com/gost-engine/engine/wiki for information about gost-engine]) fi ;; esac AC_ARG_ENABLE(ecdsa, AS_HELP_STRING([--disable-ecdsa],[Disable ECDSA support])) case "$enable_ecdsa" in no) ;; *) dnl default if test "x$HAVE_SSL" != "xyes"; then AC_MSG_ERROR([ECDSA enabled, but no SSL support]) fi AC_CHECK_FUNC(ECDSA_sign, [], [AC_MSG_ERROR([OpenSSL does not support ECDSA: please upgrade OpenSSL or rerun with --disable-ecdsa])]) AC_CHECK_FUNC(SHA384_Init, [], [AC_MSG_ERROR([OpenSSL does not support SHA384: please upgrade OpenSSL or rerun with --disable-ecdsa])]) AC_CHECK_DECLS([NID_X9_62_prime256v1, NID_secp384r1], [], [AC_MSG_ERROR([OpenSSL does not support the ECDSA curves: please upgrade OpenSSL or rerun with --disable-ecdsa])], [AC_INCLUDES_DEFAULT #include ]) # we now know we have ECDSA and the required curves. AC_DEFINE_UNQUOTED([USE_ECDSA], [1], [Define this to enable ECDSA support.]) ;; esac AC_ARG_ENABLE(dsa, AS_HELP_STRING([--disable-dsa],[Disable DSA support])) case "$enable_dsa" in no) AC_SUBST(ldns_build_config_use_dsa, 0) ;; *) dnl default # detect if DSA is supported, and turn it off if not. AC_CHECK_FUNC(DSA_SIG_new, [ AC_DEFINE_UNQUOTED([USE_DSA], [1], [Define this to enable DSA support.]) AC_SUBST(ldns_build_config_use_dsa, 1) ], [if test "x$enable_dsa" = "xyes"; then AC_MSG_ERROR([OpenSSL does not support DSA and you used --enable-dsa.]) fi AC_SUBST(ldns_build_config_use_dsa, 0)]) ;; esac AC_ARG_ENABLE(ed25519, AS_HELP_STRING([--disable-ed25519],[Disable (experimental) ED25519 support. Default is detect])) case "$enable_ed25519" in no) AC_SUBST(ldns_build_config_use_ed25519, 0) ;; *) dnl default AC_CHECK_DECLS([NID_ED25519], [ AC_DEFINE_UNQUOTED([USE_ED25519], [1], [Define this to enable ED25519 support.]) AC_SUBST(ldns_build_config_use_ed25519, 1) ], [if test "x$enable_ed25519" = "xyes"; then AC_MSG_ERROR([OpenSSL does not support ED25519 and you used --enable-ed25519.]) fi AC_SUBST(ldns_build_config_use_ed25519, 0)], [AC_INCLUDES_DEFAULT #include ]) ;; esac AC_ARG_ENABLE(ed448, AS_HELP_STRING([--disable-ed448],[Disable (experimental) ED448 support. Default is detect])) case "$enable_ed448" in no) AC_SUBST(ldns_build_config_use_ed448, 0) ;; *) dnl default AC_CHECK_DECLS([NID_ED448], [ AC_DEFINE_UNQUOTED([USE_ED448], [1], [Define this to enable ED448 support.]) AC_SUBST(ldns_build_config_use_ed448, 1) ], [if test "x$enable_ed448" = "xyes"; then AC_MSG_ERROR([OpenSSL does not support ED448 and you used --enable-ed448.]) fi AC_SUBST(ldns_build_config_use_ed448, 0)], [AC_INCLUDES_DEFAULT #include ]) ;; esac AC_ARG_ENABLE(dane, AS_HELP_STRING([--disable-dane],[Disable DANE support])) AC_ARG_ENABLE(dane-verify, AS_HELP_STRING([--disable-dane-verify],[Disable DANE verify support])) AC_ARG_ENABLE(dane-ta-usage, AS_HELP_STRING([--disable-dane-ta-usage],[Disable DANE-TA usage type support])) AC_ARG_ENABLE(full-dane,, [ enable_dane_ta_usage=yes enable_dane_verify=yes enable_dane=yes ]) AC_ARG_ENABLE(no-dane-ta-usage,, [ enable_dane_ta_usage=no enable_dane_verify=yes enable_dane=yes ]) AC_ARG_ENABLE(no-dane-verify,, [ enable_dane_ta_usage=no enable_dane_verify=no enable_dane=yes ]) case "$enable_dane" in no) AC_SUBST(ldns_build_config_use_dane, 0) AC_SUBST(ldns_build_config_use_dane_verify, 0) AC_SUBST(ldns_build_config_use_dane_ta_usage, 0) ;; *) dnl default if test "x$HAVE_SSL" != "xyes"; then AC_MSG_ERROR([DANE enabled, but no SSL support]) fi AC_CHECK_FUNC(X509_check_ca, [], [AC_MSG_ERROR([OpenSSL does not support DANE: please upgrade OpenSSL or rerun with --disable-dane])]) AC_SUBST(ldns_build_config_use_dane, 1) AC_DEFINE_UNQUOTED([USE_DANE], [1], [Define this to enable DANE support.]) case "$enable_dane_verify" in no) AC_SUBST(ldns_build_config_use_dane_verify, 0) AC_SUBST(ldns_build_config_use_dane_ta_usage, 0) ;; *) AC_SUBST(ldns_build_config_use_dane_verify, 1) AC_DEFINE_UNQUOTED([USE_DANE_VERIFY], [1], [Define this to enable DANE verify support.]) case "$enable_dane_ta_usage" in no) AC_SUBST(ldns_build_config_use_dane_ta_usage, 0) ;; *) dnl default danetmpLIBS="$LIBS" LIBS="-lssl -lcrypto $LIBS" AC_CHECK_FUNC(SSL_get0_dane, [], [AC_MSG_ERROR([OpenSSL does not support offline DANE verification (Needed for the DANE-TA usage type). Please upgrade OpenSSL to version >= 1.1.0 or rerun with --disable-dane-verify or --disable-dane-ta-usage])]) LIBSSL_LIBS="-lssl $LIBSSL_LIBS" LIBS="$danetmpLIBS" AC_SUBST(ldns_build_config_use_dane_ta_usage, 1) AC_DEFINE_UNQUOTED([USE_DANE_TA_USAGE], [1], [Define this to enable DANE-TA usage type support.]) ;; esac esac ;; esac AC_ARG_ENABLE(draft-rrtypes, AS_HELP_STRING([--enable-draft-rrtypes],[Enable all draft RR types.])) AC_ARG_ENABLE(rrtype-ninfo, AS_HELP_STRING([--enable-rrtype-ninfo],[Enable draft RR type ninfo.])) if test "x$enable_draft_rrtypes" = "xyes"; then enable_rrtype_ninfo="yes"; fi case "$enable_rrtype_ninfo" in yes) AC_DEFINE_UNQUOTED([RRTYPE_NINFO], [], [Define this to enable RR type NINFO.]) ;; no|*) ;; esac AC_ARG_ENABLE(rrtype-rkey, AS_HELP_STRING([--enable-rrtype-rkey],[Enable draft RR type rkey.])) if test "x$enable_draft_rrtypes" = "xyes"; then enable_rrtype_rkey="yes"; fi case "$enable_rrtype_rkey" in yes) AC_DEFINE_UNQUOTED([RRTYPE_RKEY], [], [Define this to enable RR type RKEY.]) ;; no|*) ;; esac AC_ARG_ENABLE(rrtype-openpgpkey, AS_HELP_STRING([--disable-rrtype-openpgpkey],[Disable openpgpkey RR type.])) case "$enable_rrtype_openpgpkey" in no) ;; yes|*) AC_DEFINE_UNQUOTED([RRTYPE_OPENPGPKEY], [], [Define this to enable RR type OPENPGPKEY.]) ;; esac AC_ARG_ENABLE(rrtype-ta, AS_HELP_STRING([--enable-rrtype-ta],[Enable draft RR type ta.])) if test "x$enable_draft_rrtypes" = "xyes"; then enable_rrtype_ta="yes"; fi case "$enable_rrtype_ta" in yes) AC_DEFINE_UNQUOTED([RRTYPE_TA], [], [Define this to enable RR type TA.]) ;; no|*) ;; esac AC_ARG_ENABLE(rrtype-avc, AS_HELP_STRING([--enable-rrtype-avc],[Enable draft RR type avc.])) if test "x$enable_draft_rrtypes" = "xyes"; then enable_rrtype_avc="yes"; fi case "$enable_rrtype_avc" in yes) AC_DEFINE_UNQUOTED([RRTYPE_AVC], [], [Define this to enable RR type AVC.]) ;; no|*) ;; esac AC_ARG_ENABLE(rrtype-doa, AS_HELP_STRING([--enable-rrtype-doa],[Enable draft RR type DOA.])) if test "x$enable_draft_rrtypes" = "xyes"; then enable_rrtype_doa="yes"; fi case "$enable_rrtype_doa" in yes) AC_DEFINE_UNQUOTED([RRTYPE_DOA], [], [Define this to enable RR type DOA.]) ;; no|*) ;; esac AC_ARG_ENABLE(rrtype-amtrelay, AS_HELP_STRING([--disable-rrtype-amtrelay],[Disable RR type AMTRELAY.])) case "$enable_rrtype_amtrelay" in no) ;; yes|*) AC_DEFINE_UNQUOTED([RRTYPE_AMTRELAY], [], [Define this to enable RR type AMTRELAY.]) ;; esac AC_ARG_ENABLE(rrtype-svcb-https, AS_HELP_STRING([--disable-rrtype-svcb-https],[Disable RR types SVCB and HTTPS.])) case "$enable_rrtype_svcb_https" in no) ;; yes|*) AC_DEFINE_UNQUOTED([RRTYPE_SVCB_HTTPS], [], [Define this to enable RR types SVCB and HTTPS.]) ;; esac AC_ARG_ENABLE(rrtype-resinfo, AS_HELP_STRING([--disable-rrtype-resinfo],[Disable RR type RESINFO.])) case "$enable_rrtype_resinfo" in no) ;; yes|*) AC_DEFINE_UNQUOTED([RRTYPE_RESINFO], [], [Define this to enable RR type RESINFO.]) ;; esac AC_ARG_ENABLE(rrtype-dsync, AS_HELP_STRING([--disable-rrtype-dsync],[Disable RR type DSYNC.])) case "$enable_rrtype_dsync" in no) ;; yes|*) AC_DEFINE_UNQUOTED([RRTYPE_DSYNC], [], [Define this to enable RR type DSYNC.]) ;; esac AC_ARG_ENABLE(rrtypes-cla-ipn, AS_HELP_STRING([--enable-rrtypes-cla-ipn],[Enable draft RR types CLA and IPN.])) if test "x$enable_draft_rrtypes" = "xyes"; then enable_rrtypes_cla_ipn="yes"; fi case "$enable_rrtypes_cla_ipn" in yes) AC_DEFINE_UNQUOTED([RRTYPE_CLA_IPN], [], [Define this to enable RR types CLA and IPN.]) ;; no|*) ;; esac AC_ARG_ENABLE(rrtypes-hhit-brid, AS_HELP_STRING([--enable-rrtypes-hhit-brid],[Enable draft RR types HHIT and BRID.])) if test "x$enable_draft_rrtypes" = "xyes"; then enable_rrtypes_hhit_brid="yes"; fi case "$enable_rrtypes_hhit_brid" in yes) AC_DEFINE_UNQUOTED([RRTYPE_HHIT_BRID], [], [Define this to enable RR types HHIT and BRID.]) ;; no|*) ;; esac if echo "$tmp_LIBS" | grep "ws2_32" >/dev/null; then if echo "$LIBSSL_LIBS" | grep "ws2_32" >/dev/null; then # only need it once. LIBSSL_LIBS=`echo "$LIBSSL_LIBS" | sed -e 's/ -lws2_32//' -e 's/^-lws2_32//'` fi fi AC_SUBST(LIBSSL_CPPFLAGS) AC_SUBST(LIBSSL_LDFLAGS) AC_SUBST(LIBSSL_LIBS) if test "x$HAVE_SSL" = "xyes"; then if echo "$LIBSSL_LIBS" | grep -- "-lssl" >/dev/null 2>&1; then LIBSSL_SSL_LIBS="$LIBSSL_LIBS" else LIBSSL_SSL_LIBS="-lssl $LIBSSL_LIBS" fi AC_SUBST(LIBSSL_SSL_LIBS, "$LIBSSL_SSL_LIBS") fi CPPFLAGS=$tmp_CPPFLAGS LDFLAGS=$tmp_LDFLAGS LIBS=$tmp_LIBS # add option to disable the evil rpath ACX_ARG_RPATH #AC_RUN_IFELSE([AC_LANG_SOURCE( #[ #int main() #{ #short one = 1; #char *cp = (char*)&one; #if ( *cp == 0 ) #return(0); #else #return(1); #} #])], [],[ #AC_DEFINE(CONFCHECK_LITTLE_ENDIAN, 1, [system appears to be little-endian]) #],[]) # should define WORDS_BIGENDIAN if the system is big-endian AC_C_BIGENDIAN # Checks for header files. m4_warn([obsolete], [The preprocessor macro `STDC_HEADERS' is obsolete. Except in unusual embedded environments, you can safely include all ISO C90 headers unconditionally.])dnl # Autoupdate added the next two lines to ensure that your configure # script's behavior did not change. They are probably safe to remove. AC_CHECK_INCLUDES_DEFAULT AC_PROG_EGREP AC_HEADER_STDBOOL #AC_HEADER_SYS_WAIT #AC_CHECK_HEADERS([getopt.h fcntl.h stdlib.h string.h strings.h unistd.h]) # do the very minimum - we can always extend this AC_CHECK_HEADERS([getopt.h stdarg.h openssl/ssl.h netinet/in.h time.h arpa/inet.h netdb.h],,, [AC_INCLUDES_DEFAULT]) AC_CHECK_HEADERS(sys/param.h sys/mount.h,,, [AC_INCLUDES_DEFAULT [ #if HAVE_SYS_PARAM_H # include #endif ] ]) AC_CHECK_HEADER(sys/socket.h, [ include_sys_socket_h='#include ' AC_DEFINE(HAVE_SYS_SOCKET_H, 1, [define if you have sys/socket.h]) ],[ include_sys_socket_h='' ],[AC_INCLUDES_DEFAULT [ #if HAVE_SYS_PARAM_H # include #endif ] ]) AC_SUBST(include_sys_socket_h) AC_CHECK_HEADER(inttypes.h, [ include_inttypes_h='#include ' AC_DEFINE(HAVE_INTTYPES_H, 1, [define if you have inttypes.h]) AC_SUBST(ldns_build_config_have_inttypes_h, 1) ],[ include_inttypes_h='' AC_SUBST(ldns_build_config_have_inttypes_h, 0) ],[AC_INCLUDES_DEFAULT ]) AC_SUBST(include_inttypes_h) AC_CHECK_HEADER(sys/types.h, [ include_systypes_h='#include ' AC_DEFINE(HAVE_SYS_TYPES_H, 1, [define if you have sys/types.h]) ],[ include_systypes_h='' ],[AC_INCLUDES_DEFAULT ]) AC_SUBST(include_systypes_h) AC_CHECK_HEADER(unistd.h, [ include_unistd_h='#include ' AC_DEFINE(HAVE_UNISTD_H, 1, [define if you have unistd.h]) ],[ include_unistd_h='' ],[AC_INCLUDES_DEFAULT ]) AC_SUBST(include_unistd_h) AC_CHECK_SIZEOF(time_t,,[ AC_INCLUDES_DEFAULT #ifdef TIME_WITH_SYS_TIME # include # include #else # ifdef HAVE_SYS_TIME_H # include # else # include # endif #endif ]) if test x_$with_examples != x_no; then AC_CHECK_HEADERS([pcap.h],,, [AC_INCLUDES_DEFAULT]) AC_CHECK_LIB(pcap, pcap_open_offline, [ AC_DEFINE([HAVE_LIBPCAP], [1], [Define to 1 if you have the `pcap' library (-lpcap).])dnl` AC_SUBST([LIBPCAP_LIBS], [-lpcap]) ], [ AC_MSG_WARN([Can't find pcap library (needed for ldns-dpa, will not build dpa now.)])dnl' AC_SUBST([LIBPCAP_LIBS], []) ] ) AC_CHECK_HEADERS([netinet/in_systm.h net/if.h netinet/ip.h netinet/udp.h netinet/igmp.h netinet/if_ether.h netinet/ip6.h net/ethernet.h netinet/ip_compat.h],,, [ AC_INCLUDES_DEFAULT #ifdef HAVE_NETINET_IN_SYSTM_H #include #endif #ifdef HAVE_NETINET_IN_H #include #endif #ifdef HAVE_SYS_SOCKET_H #include #endif #ifdef HAVE_NET_IF_H #include #endif]) fi ACX_TYPE_SOCKLEN_T if test "x$ac_cv_type_socklen_t" = xyes; then AC_SUBST(ldns_build_config_have_socklen_t, 1) else AC_SUBST(ldns_build_config_have_socklen_t, 0) fi AC_TYPE_SIZE_T AC_CHECK_TYPE(ssize_t, int) dnl AC_TYPE_INTPTR_T does not work on all platforms (autoconf) AC_CHECK_TYPE(intptr_t, size_t) AC_CHECK_TYPE(in_addr_t, [], [AC_DEFINE([in_addr_t], [uint32_t], [in_addr_t])], [ #if HAVE_SYS_TYPES_H # include #endif #if HAVE_NETINET_IN_H # include #endif]) AC_CHECK_TYPE(in_port_t, [], [AC_DEFINE([in_port_t], [uint16_t], [in_port_t])], [ #if HAVE_SYS_TYPES_H # include #endif #if HAVE_NETINET_IN_H # include #endif]) ACX_CHECK_SS_FAMILY AC_CHECK_DECLS([inet_pton,inet_ntop], [], [], [ AC_INCLUDES_DEFAULT #ifdef HAVE_NETINET_IN_H #include #endif #ifdef HAVE_NETINET_TCP_H #include #endif #ifdef HAVE_ARPA_INET_H #include #endif #ifdef HAVE_WINSOCK2_H #include #endif #ifdef HAVE_WS2TCPIP_H #include #endif ]) # AC_FUNC_MALLOC suffers false failures and causes Asan failures. # AC_FUNC_MALLOC # AC_FUNC_REALLOC AC_REPLACE_FUNCS(b64_pton) AC_REPLACE_FUNCS(b64_ntop) AC_REPLACE_FUNCS(calloc) AC_REPLACE_FUNCS(timegm) AC_REPLACE_FUNCS(gmtime_r) AC_REPLACE_FUNCS(asctime_r) AC_REPLACE_FUNCS(ctime_r) AC_REPLACE_FUNCS(localtime_r) AC_REPLACE_FUNCS(isblank) AC_REPLACE_FUNCS(isascii) AC_REPLACE_FUNCS(inet_aton) AC_REPLACE_FUNCS(inet_pton) AC_REPLACE_FUNCS(inet_ntop) AC_REPLACE_FUNCS(snprintf) AC_REPLACE_FUNCS(strlcpy) AC_REPLACE_FUNCS(memmove) AC_FUNC_FORK AC_MSG_CHECKING([compile of fork]) AC_COMPILE_IFELSE([AC_LANG_PROGRAM([ #include ], [ (void)fork(); ])], [ AC_MSG_RESULT(yes) AC_DEFINE([HAVE_FORK_AVAILABLE], 1, [if fork is available for compile]) ], [ AC_MSG_RESULT(no) ]) AC_CHECK_FUNCS([endprotoent endservent sleep random fcntl strtoul bzero memset b32_ntop b32_pton symlink]) if test "x$HAVE_B32_NTOP" = "xyes"; then AC_SUBST(ldns_build_config_have_b32_ntop, 1) else AC_SUBST(ldns_build_config_have_b32_ntop, 0) fi if test "x$HAVE_B32_PTON" = "xyes"; then AC_SUBST(ldns_build_config_have_b32_pton, 1) else AC_SUBST(ldns_build_config_have_b32_pton, 0) fi ACX_CHECK_GETADDRINFO_WITH_INCLUDES if test $ac_cv_func_getaddrinfo = no; then AC_LIBOBJ([fake-rfc2553]) fi if test "$USE_WINSOCK" = 1; then AC_CHECK_TOOL(WINDRES, windres) fi ACX_FUNC_IOCTLSOCKET #AC_SEARCH_LIBS(RSA_new, [crypto]) ACX_CHECK_FORMAT_ATTRIBUTE ACX_CHECK_UNUSED_ATTRIBUTE AC_ARG_WITH(xcode-sdk, AS_HELP_STRING([--with-xcode-sdk],[Set xcode SDK version. Default is autodetect]), [],[with_xcode_sdk="yes"]) if test "x_$with_xcode_sdk" != "x_no" ; then # check OSX deployment target, if needed if echo $target_os | grep darwin > /dev/null; then sdk_p=`xcode-select -print-path`; if test "x_$with_xcode_sdk" = "x_yes" ; then sdk_v="$( /usr/bin/xcrun --show-sdk-version 2>/dev/null )" else sdk_v="$with_xcode_sdk" fi # xcrun only got that option in 10.7 if test -z "$sdk_v" ; then sdk_c="10.6" sdk_v="10.6" fi SYSROOT="$( find ${sdk_p} -name MacOSX${sdk_v}.sdk )" case $sdk_v in 10.9|10.8) sdk_c="10.7";; 10.11|10.10|*) sdk_c="10.10";; esac export MACOSX_DEPLOYMENT_TARGET="${sdk_c}"; export CFLAGS="$CFLAGS -mmacosx-version-min=${sdk_c} -isysroot ${SYSROOT}" fi fi AC_DEFINE([SYSCONFDIR], [sysconfdir], [System configuration dir]) AC_ARG_WITH(trust-anchor, AS_HELP_STRING([--with-trust-anchor=KEYFILE],[Default location of the trust anchor file for drill and ldns-dane. [default=SYSCONFDIR/unbound/root.key]]), [ AC_SUBST([LDNS_TRUST_ANCHOR_FILE], ["$withval"]) AC_MSG_NOTICE([Default trust anchor: $withval]) ],[ AC_SUBST([LDNS_TRUST_ANCHOR_FILE], ["\$(sysconfdir)/unbound/root.key"]) ]) AC_ARG_WITH(ca-file, AS_HELP_STRING([--with-ca-file=CAFILE],[File containing CA certificates for ldns-dane]), [ AC_DEFINE([HAVE_DANE_CA_FILE], [1], [Is a CAFILE given at configure time]) AC_DEFINE_UNQUOTED([LDNS_DANE_CA_FILE], ["$withval"], [Is a CAFILE given at configure time]) AC_MSG_NOTICE([Using CAfile: $withval]) AC_SUBST(DEFAULT_CAFILE, ["Default is $withval"]) ],[ AC_DEFINE([HAVE_DANE_CA_FILE], [0], [Is a CAFILE given at configure time]) AC_SUBST(DEFAULT_CAFILE, []) ]) AC_ARG_WITH(ca-path, AS_HELP_STRING([--with-ca-path=CAPATH],[Directory containing CA certificate files for ldns-dane]), [ AC_DEFINE([HAVE_DANE_CA_PATH], [1], [Is a CAPATH given at configure time]) AC_DEFINE_UNQUOTED([LDNS_DANE_CA_PATH], ["$withval"], [Is a CAPATH given at configure time]) AC_MSG_NOTICE([Using CApath: $withval]) AC_SUBST(DEFAULT_CAPATH, ["Default is $withval"]) ],[ AC_DEFINE([HAVE_DANE_CA_PATH], [0], [Is a CAPATH given at configure time]) AC_SUBST(DEFAULT_CAPATH, []) ]) AH_BOTTOM([ #include #include #include #include #ifndef LITTLE_ENDIAN #define LITTLE_ENDIAN 1234 #endif #ifndef BIG_ENDIAN #define BIG_ENDIAN 4321 #endif #ifndef BYTE_ORDER #ifdef WORDS_BIGENDIAN #define BYTE_ORDER BIG_ENDIAN #else #define BYTE_ORDER LITTLE_ENDIAN #endif /* WORDS_BIGENDIAN */ #endif /* BYTE_ORDER */ #if STDC_HEADERS #include #include #endif #ifdef HAVE_STDINT_H #include #endif #ifdef HAVE_SYS_SOCKET_H #include #endif #ifdef HAVE_NETINET_IN_H #include #endif #ifdef HAVE_ARPA_INET_H #include #endif #ifdef HAVE_WINSOCK2_H #include #endif #ifdef HAVE_WS2TCPIP_H #include #endif ] AHX_CONFIG_W32_FD_SET_T ) AH_BOTTOM([ #ifdef __cplusplus extern "C" { #endif int ldns_b64_ntop(uint8_t const *src, size_t srclength, char *target, size_t targsize); /** * calculates the size needed to store the result of b64_ntop */ /*@unused@*/ static inline size_t ldns_b64_ntop_calculate_size(size_t srcsize) { return ((((srcsize + 2) / 3) * 4) + 1); } int ldns_b64_pton(char const *src, uint8_t *target, size_t targsize); /** * calculates the size needed to store the result of ldns_b64_pton */ /*@unused@*/ static inline size_t ldns_b64_pton_calculate_size(size_t srcsize) { return (((((srcsize + 3) / 4) * 3)) + 1); } /** * Given in dnssec_zone.c, also used in dnssec_sign.c:w */ int ldns_dname_compare_v(const void *a, const void *b); #ifndef HAVE_SLEEP /* use windows sleep, in millisecs, instead */ #define sleep(x) Sleep((x)*1000) #endif #ifndef HAVE_RANDOM #define srandom(x) srand(x) #define random(x) rand(x) #endif #ifndef HAVE_TIMEGM #include time_t timegm (struct tm *tm); #endif /* !TIMEGM */ #ifndef HAVE_GMTIME_R struct tm *gmtime_r(const time_t *timep, struct tm *result); #endif #ifndef HAVE_ASCTIME_R char *asctime_r(const struct tm *tm, char *buf); #endif #ifndef HAVE_LOCALTIME_R struct tm *localtime_r(const time_t *timep, struct tm *result); #endif #ifndef HAVE_ISBLANK int isblank(int c); #endif /* !HAVE_ISBLANK */ #ifndef HAVE_ISASCII int isascii(int c); #endif /* !HAVE_ISASCII */ #ifndef HAVE_SNPRINTF #include int snprintf (char *str, size_t count, const char *fmt, ...); int vsnprintf (char *str, size_t count, const char *fmt, va_list arg); #endif /* HAVE_SNPRINTF */ #if !defined(HAVE_INET_PTON) && !HAVE_DECL_INET_PTON int inet_pton(int af, const char* src, void* dst); #endif /* HAVE_INET_PTON */ #if !defined(HAVE_INET_NTOP) && !HAVE_DECL_INET_NTOP const char *inet_ntop(int af, const void *src, char *dst, size_t size); #endif #ifndef HAVE_INET_ATON int inet_aton(const char *cp, struct in_addr *addr); #endif #ifndef HAVE_MEMMOVE void *memmove(void *dest, const void *src, size_t n); #endif #ifndef HAVE_STRLCPY size_t strlcpy(char *dst, const char *src, size_t siz); #endif #ifdef USE_WINSOCK #define SOCK_INVALID ((INT_PTR)INVALID_SOCKET) #define close_socket(_s) do { if (_s != SOCK_INVALID) {closesocket(_s); _s = -1;} } while(0) #else #define SOCK_INVALID -1 #define close_socket(_s) do { if (_s != SOCK_INVALID) {close(_s >= -1 ? _s : -1); _s = -1;} } while(0) #endif #ifdef __cplusplus } #endif #ifndef HAVE_GETADDRINFO #include "compat/fake-rfc2553.h" #endif #ifndef HAVE_STRTOUL #define strtoul (unsigned long)strtol #endif ]) if test "x$HAVE_SSL" = "xyes"; then AC_SUBST(ldns_build_config_have_ssl, 1) else AC_SUBST(ldns_build_config_have_ssl, 0) fi if test "x$ac_cv_c_format_attribute" = "xyes"; then AC_SUBST(ldns_build_config_have_attr_format, 1) else AC_SUBST(ldns_build_config_have_attr_format, 0) fi if test "x$ac_cv_c_unused_attribute" = "xyes"; then AC_SUBST(ldns_build_config_have_attr_unused, 1) else AC_SUBST(ldns_build_config_have_attr_unused, 0) fi CONFIG_FILES="Makefile libdns.doxygen ldns/common.h ldns/net.h ldns/util.h packaging/libldns.pc packaging/ldns-config" AC_SUBST(CONFIG_FILES) AC_CONFIG_FILES([$CONFIG_FILES]) AC_CONFIG_HEADERS([ldns/config.h]) AC_OUTPUT COPY_HEADER_FILES(ldns/, ldns/) dnl AC_CONFIG_SUBDIRS([drill]) ldns-1.9.0/zone.c0000664000175000017500000002026515114326257013161 0ustar willemwillem/* zone.c * * Functions for ldns_zone structure * a Net::DNS like library for C * * (c) NLnet Labs, 2005-2006 * See the file LICENSE for the license */ #include #include #include #include ldns_rr * ldns_zone_soa(const ldns_zone *z) { return z->_soa; } size_t ldns_zone_rr_count(const ldns_zone *z) { return ldns_rr_list_rr_count(z->_rrs); } void ldns_zone_set_soa(ldns_zone *z, ldns_rr *soa) { z->_soa = soa; } ldns_rr_list * ldns_zone_rrs(const ldns_zone *z) { return z->_rrs; } void ldns_zone_set_rrs(ldns_zone *z, ldns_rr_list *rrlist) { z->_rrs = rrlist; } bool ldns_zone_push_rr_list(ldns_zone *z, const ldns_rr_list *list) { return ldns_rr_list_cat(ldns_zone_rrs(z), list); } bool ldns_zone_push_rr(ldns_zone *z, ldns_rr *rr) { return ldns_rr_list_push_rr(ldns_zone_rrs(z), rr); } /* * Get the list of glue records in a zone * XXX: there should be a way for this to return error, other than NULL, * since NULL is a valid return */ ldns_rr_list * ldns_zone_glue_rr_list(const ldns_zone *z) { /* when do we find glue? It means we find an IP address * (AAAA/A) for a nameserver listed in the zone * * Alg used here: * first find all the zonecuts (NS records) * find all the AAAA or A records (can be done it the * above loop). * * Check if the aaaa/a list are subdomains under the * NS domains. * If yes -> glue, if no -> not glue */ ldns_rr_list *zone_cuts; ldns_rr_list *addr; ldns_rr_list *glue; ldns_rr *r, *ns, *a; ldns_rdf *dname_a, *ns_owner; size_t i,j; zone_cuts = NULL; addr = NULL; glue = NULL; /* we cannot determine glue in a 'zone' without a SOA */ if (!ldns_zone_soa(z)) { return NULL; } zone_cuts = ldns_rr_list_new(); if (!zone_cuts) goto memory_error; addr = ldns_rr_list_new(); if (!addr) goto memory_error; glue = ldns_rr_list_new(); if (!glue) goto memory_error; for(i = 0; i < ldns_zone_rr_count(z); i++) { r = ldns_rr_list_rr(ldns_zone_rrs(z), i); if (ldns_rr_get_type(r) == LDNS_RR_TYPE_A || ldns_rr_get_type(r) == LDNS_RR_TYPE_AAAA) { /* possibly glue */ if (!ldns_rr_list_push_rr(addr, r)) goto memory_error; continue; } if (ldns_rr_get_type(r) == LDNS_RR_TYPE_NS) { /* multiple zones will end up here - * for now; not a problem */ /* don't add NS records for the current zone itself */ if (ldns_rdf_compare(ldns_rr_owner(r), ldns_rr_owner(ldns_zone_soa(z))) != 0) { if (!ldns_rr_list_push_rr(zone_cuts, r)) goto memory_error; } continue; } } /* will sorting make it quicker ?? */ for(i = 0; i < ldns_rr_list_rr_count(zone_cuts); i++) { ns = ldns_rr_list_rr(zone_cuts, i); ns_owner = ldns_rr_owner(ns); for(j = 0; j < ldns_rr_list_rr_count(addr); j++) { a = ldns_rr_list_rr(addr, j); dname_a = ldns_rr_owner(a); if (ldns_dname_is_subdomain(dname_a, ns_owner) || ldns_dname_compare(dname_a, ns_owner) == 0) { /* GLUE! */ if (!ldns_rr_list_push_rr(glue, a)) goto memory_error; } } } ldns_rr_list_free(addr); ldns_rr_list_free(zone_cuts); if (ldns_rr_list_rr_count(glue) == 0) { ldns_rr_list_free(glue); return NULL; } else { return glue; } memory_error: if (zone_cuts) { LDNS_FREE(zone_cuts); } if (addr) { ldns_rr_list_free(addr); } if (glue) { ldns_rr_list_free(glue); } return NULL; } ldns_zone * ldns_zone_new(void) { ldns_zone *z; z = LDNS_MALLOC(ldns_zone); if (!z) { return NULL; } z->_rrs = ldns_rr_list_new(); if (!z->_rrs) { LDNS_FREE(z); return NULL; } ldns_zone_set_soa(z, NULL); return z; } /* we recognize: * $TTL, $ORIGIN */ ldns_status ldns_zone_new_frm_fp(ldns_zone **z, FILE *fp, const ldns_rdf *origin, uint32_t ttl, ldns_rr_class c) { return ldns_zone_new_frm_fp_l(z, fp, origin, ttl, c, NULL); } ldns_status _ldns_rr_new_frm_fp_l_internal(ldns_rr **newrr, FILE *fp, uint32_t *default_ttl, ldns_rdf **origin, ldns_rdf **prev, int *line_nr, bool *explicit_ttl); /* XXX: class is never used */ ldns_status ldns_zone_new_frm_fp_l(ldns_zone **z, FILE *fp, const ldns_rdf *origin, uint32_t default_ttl, ldns_rr_class ATTR_UNUSED(c), int *line_nr) { ldns_zone *newzone; ldns_rr *rr, *prev_rr = NULL; uint32_t my_ttl; ldns_rdf *my_origin; ldns_rdf *my_prev; bool soa_seen = false; /* 2 soa are an error */ ldns_status s; ldns_status ret; /* RFC 1035 Section 5.1, says 'Omitted class and TTL values are default * to the last explicitly stated values.' */ bool ttl_from_TTL = false; bool explicit_ttl = false; /* most cases of error are memory problems */ ret = LDNS_STATUS_MEM_ERR; newzone = NULL; my_origin = NULL; my_prev = NULL; my_ttl = default_ttl; if (origin) { my_origin = ldns_rdf_clone(origin); if (!my_origin) goto error; /* also set the prev */ my_prev = ldns_rdf_clone(origin); if (!my_prev) goto error; } newzone = ldns_zone_new(); if (!newzone) goto error; while(!feof(fp)) { /* If ttl came from $TTL line, then it should be the default. * (RFC 2308 Section 4) * Otherwise it "defaults to the last explicitly stated value" * (RFC 1035 Section 5.1) */ if (ttl_from_TTL) my_ttl = default_ttl; s = _ldns_rr_new_frm_fp_l_internal(&rr, fp, &my_ttl, &my_origin, &my_prev, line_nr, &explicit_ttl); switch (s) { case LDNS_STATUS_OK: if (explicit_ttl) { if (!ttl_from_TTL) { /* No $TTL, so ttl "defaults to the * last explicitly stated value" * (RFC 1035 Section 5.1) */ my_ttl = ldns_rr_ttl(rr); } /* When ttl is implicit, try to adhere to the rules as * much as possible. (also for compatibility with bind) * This was changed when fixing an issue with ZONEMD * which hashes the TTL too. */ } else if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_SIG || ldns_rr_get_type(rr) == LDNS_RR_TYPE_RRSIG) { if (ldns_rr_rd_count(rr) >= 4 && ldns_rdf_get_type(ldns_rr_rdf(rr, 3)) == LDNS_RDF_TYPE_INT32) /* SIG without explicit ttl get ttl * from the original_ttl field * (RFC 2535 Section 7.2) * * Similarly for RRSIG, but stated less * specifically in the spec. * (RFC 4034 Section 3) */ ldns_rr_set_ttl(rr, ldns_rdf2native_int32( ldns_rr_rdf(rr, 3))); } else if (prev_rr && ldns_rr_get_type(prev_rr) == ldns_rr_get_type(rr) && ldns_dname_compare( ldns_rr_owner(prev_rr) , ldns_rr_owner(rr)) == 0) /* "TTLs of all RRs in an RRSet must be the same" * (RFC 2881 Section 5.2) */ ldns_rr_set_ttl(rr, ldns_rr_ttl(prev_rr)); prev_rr = rr; if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_SOA) { if (soa_seen) { /* second SOA * just skip, maybe we want to say * something??? */ ldns_rr_free(rr); continue; } soa_seen = true; ldns_zone_set_soa(newzone, rr); /* set origin to soa if not specified */ if (!my_origin) { my_origin = ldns_rdf_clone(ldns_rr_owner(rr)); } continue; } /* a normal RR - as sofar the DNS is normal */ if (!ldns_zone_push_rr(newzone, rr)) { ldns_rr_free(rr); goto error; } break; case LDNS_STATUS_SYNTAX_EMPTY: /* empty line was seen */ case LDNS_STATUS_SYNTAX_TTL: /* the function set the ttl */ default_ttl = my_ttl; ttl_from_TTL = true; break; case LDNS_STATUS_SYNTAX_ORIGIN: /* the function set the origin */ break; case LDNS_STATUS_SYNTAX_INCLUDE: ret = LDNS_STATUS_SYNTAX_INCLUDE_ERR_NOTIMPL; goto error; default: ret = s; goto error; } } if (my_origin) { ldns_rdf_deep_free(my_origin); } if (my_prev) { ldns_rdf_deep_free(my_prev); } if (z) { *z = newzone; } else { ldns_zone_free(newzone); } return LDNS_STATUS_OK; error: if (my_origin) { ldns_rdf_deep_free(my_origin); } if (my_prev) { ldns_rdf_deep_free(my_prev); } if (newzone) { ldns_zone_deep_free(newzone); } return ret; } void ldns_zone_sort(ldns_zone *zone) { ldns_rr_list *zrr; assert(zone != NULL); zrr = ldns_zone_rrs(zone); ldns_rr_list_sort(zrr); } void ldns_zone_free(ldns_zone *zone) { ldns_rr_list_free(zone->_rrs); LDNS_FREE(zone); } void ldns_zone_deep_free(ldns_zone *zone) { ldns_rr_free(zone->_soa); ldns_rr_list_deep_free(zone->_rrs); LDNS_FREE(zone); } ldns-1.9.0/Makefile.in0000664000175000017500000024165715114326257014121 0ustar willemwillem# Standard installation pathnames # See the file LICENSE for the license SHELL = @SHELL@ VERSION = @PACKAGE_VERSION@ version_info = @VERSION_INFO@ srcdir = @srcdir@ prefix = @prefix@ exec_prefix = @exec_prefix@ bindir = @bindir@ mandir = @mandir@ datarootdir = @datarootdir@ datadir = @datadir@ libdir = @libdir@ includedir = @includedir@ sysconfdir = @sysconfdir@ doxygen = @doxygen@ pywrapdir = $(srcdir)/contrib/python pyldnsxwrapdir = $(srcdir)/contrib/ldnsx p5_dns_ldns_dir = $(srcdir)/contrib/DNS-LDNS PERL = @PERL@ swig = @swig@ swigpy_flags = -python @SWIGPY3@ python_site = @PYTHON_PLATFORM_SITE_PKG@ pyldns_inst = @PYLDNSINST@ pyldns_uninst = @PYLDNSUNINST@ pyldnsx_inst = @PYLDNSXINST@ pyldnsx_uninst = @PYLDNSXUNINST@ libtool = @libtool@ CONFIG_FILES = @CONFIG_FILES@ top_builddir = @top_builddir@ LDNS_TRUST_ANCHOR_FILE = @LDNS_TRUST_ANCHOR_FILE@ DEFAULT_CAFILE = @DEFAULT_CAFILE@ DEFAULT_CAPATH = @DEFAULT_CAPATH@ edit = sed \ -e 's|@LDNS_TRUST_ANCHOR_FILE[@]|$(LDNS_TRUST_ANCHOR_FILE)|g' \ -e 's|@DEFAULT_CAFILE[@]|$(DEFAULT_CAFILE)|g' \ -e 's|@DEFAULT_CAPATH[@]|$(DEFAULT_CAPATH)|g' # override $U variable which is used by autotools for deansification (for # K&R C compilers), but causes problems if $U is defined in the env). U= # set all of the tools due to cross-compiles. libtool uses most of them. # https://www.gnu.org/software/make/manual/html_node/Implicit-Variables.html CC = @CC@ CXX = @CXX@ CPP = @CPP@ LD = @LD@ AS = @AS@ AR = @AR@ RANLIB = @RANLIB@ STRIP = @STRIP@ # Unbound project specific flags CFLAGS = @CFLAGS@ CPPFLAGS = -I. -I$(srcdir) @CPPFLAGS@ @DEFS@ -DLDNS_TRUST_ANCHOR_FILE="\"$(LDNS_TRUST_ANCHOR_FILE)\"" ARFLAGS = @ARFLAGS@ LDFLAGS = @LDFLAGS@ LIBS = @LIBS@ LIBOBJDIR = compat/ LIBOBJS = @LIBOBJS@ PYTHON_CPPFLAGS = @PYTHON_CPPFLAGS@ PYTHON_LIBS = @PYTHON_LIBS@ PYTHON_X_CFLAGS = @PYTHON_X_CFLAGS@ LIBSSL_CPPFLAGS = @LIBSSL_CPPFLAGS@ LIBSSL_LDFLAGS = @LIBSSL_LDFLAGS@ LIBSSL_LIBS = @LIBSSL_LIBS@ LIBSSL_SSL_LIBS = @LIBSSL_SSL_LIBS@ LIBPCAP_LIBS = @LIBPCAP_LIBS@ RUNTIME_PATH = @RUNTIME_PATH@ LIBTOOL = $(libtool) --tag=CC --quiet LINT = splint LINTFLAGS = +quiet -weak -warnposix -unrecog -Din_addr_t=uint32_t -Du_int=unsigned -Du_char=uint8_t -preproc -Drlimit=rlimit64 -D__gnuc_va_list=va_list # Extra flags from configure LINTFLAGS += @LINTFLAGS@ LINTFLAGS += "-DBN_ULONG=unsigned long" -Dkrb5_int32=int "-Dkrb5_ui_4=unsigned int" -DPQ_64BIT=uint64_t -DRC4_INT=unsigned -fixedformalarray -D"ENGINE=unsigned" -D"RSA=unsigned" -D"DSA=unsigned" -D"EVP_PKEY=unsigned" -D"EVP_MD=unsigned" -D"SSL=unsigned" -D"SSL_CTX=unsigned" -D"X509=unsigned" -D"RC4_KEY=unsigned" -D"EVP_MD_CTX=unsigned" -D"EC_KEY=unsigned" -D"EC_POINT=unsigned" -D"EC_GROUP=unsigned" -D"EVP_PKEY_ASN1_METHOD=struct evp_pkey_asn1_method_st" -D"EVP_PKEY_CTX=struct evp_pkey_ctx_st" # compat with OpenBSD LINTFLAGS += "-Dsigset_t=long" # FreeBSD8 LINTFLAGS += "-D__uint16_t=uint16_t" -D"__pure2=" -D"__wchar_t=wchar_t" -D"__packed=" -D"__aligned(x)=" # Ubuntu oneiric" LINTFLAGS += -D"__BEGIN_DECLS=" -D"__ssize_t=ssize_t" -D"__intptr_t=intptr_t" -D"__nonnull(x)=" -D"__THROW=" -D"__wur=" -D"__off_t=unsigned" -D"__off64_t=unsigned" -D"__useconds_t=unsigned" -D"__uid_t=unsigned" -D"__gid_t=unsigned" -D"__attribute_deprecated__=" -D"__pid_t=unsigned" -D"__restrict=" -D"__END_DECLS=" -D"__BEGIN_NAMESPACE_STD=" -D"__END_NAMESPACE_STD=" -D"__BEGIN_NAMESPACE_C99=" -D"__END_NAMESPACE_C99=" -D"__socklen_t=unsigned" -D"sa_family_t=unsigned " -D"__mode_t=unsigned" -D"u_int16_t=uint16_t" -D"u_int32_t=uint32_t" -D"u_int8_t=uint8_t" -D"u_short=unsigned short" -D"__u16=uint16_t" -D"__u32=uint32_t" -D"__u64=uint64_t" # FreeBSD 9 LINTFLAGS += -D"_RuneLocale=int" DEPFLAG = @DEPFLAG@ EXEEXT=@EXEEXT@ INSTALL = $(srcdir)/install-sh LIBLOBJS = $(LIBOBJS:.o=.lo) LDNS_LOBJS = buffer.lo dane.lo dname.lo dnssec.lo dnssec_sign.lo dnssec_verify.lo dnssec_zone.lo duration.lo error.lo higher.lo host2str.lo host2wire.lo keys.lo net.lo packet.lo parse.lo radix.lo rbtree.lo rdata.lo resolver.lo rr.lo rr_functions.lo sha1.lo sha2.lo str2host.lo tsig.lo update.lo util.lo wire2host.lo zone.lo edns.lo LDNS_LOBJS_EX = ^linktest\.c$$ LDNS_ALL_LOBJS = $(LDNS_LOBJS) $(LIBLOBJS) LIB = libldns.la LDNS_HEADERS = buffer.h dane.h dname.h dnssec.h dnssec_sign.h dnssec_verify.h dnssec_zone.h duration.h error.h higher.h host2str.h host2wire.h keys.h ldns.h packet.h parse.h radix.h rbtree.h rdata.h resolver.h rr_functions.h rr.h sha1.h sha2.h str2host.h tsig.h update.h wire2host.h zone.h edns.h LDNS_HEADERS_EX = ^config\.h|common\.h|util\.h|net\.h$$ LDNS_HEADERS_GEN= common.h util.h net.h PYLDNS_I_FILES = $(pywrapdir)/file_py3.i $(pywrapdir)/ldns_buffer.i $(pywrapdir)/ldns_dname.i $(pywrapdir)/ldns_dnssec.i $(pywrapdir)/ldns.i $(pywrapdir)/ldns_key.i $(pywrapdir)/ldns_packet.i $(pywrapdir)/ldns_rdf.i $(pywrapdir)/ldns_resolver.i $(pywrapdir)/ldns_rr.i $(pywrapdir)/ldns_zone.i DRILL_LOBJS = drill/chasetrace.lo drill/dnssec.lo drill/drill.lo drill/drill_util.lo drill/error.lo drill/root.lo drill/securetrace.lo drill/work.lo EXAMPLE_LOBJS = examples/ldns-chaos.lo examples/ldns-compare-zones.lo examples/ldns-dane.lo examples/ldnsd.lo examples/ldns-dpa.lo examples/ldns-gen-zone.lo examples/ldns-key2ds.lo examples/ldns-keyfetcher.lo examples/ldns-keygen.lo examples/ldns-mx.lo examples/ldns-notify.lo examples/ldns-nsec3-hash.lo examples/ldns-read-zone.lo examples/ldns-resolver.lo examples/ldns-revoke.lo examples/ldns-rrsig.lo examples/ldns-signzone.lo examples/ldns-test-edns.lo examples/ldns-testns.lo examples/ldns-testpkts.lo examples/ldns-update.lo examples/ldns-verify-zone.lo examples/ldns-version.lo examples/ldns-walk.lo examples/ldns-zcat.lo examples/ldns-zsplit.lo EXAMPLE_PROGS = examples/ldns-chaos examples/ldns-compare-zones examples/ldnsd examples/ldns-gen-zone examples/ldns-key2ds examples/ldns-keyfetcher examples/ldns-keygen examples/ldns-mx examples/ldns-notify examples/ldns-read-zone examples/ldns-resolver examples/ldns-rrsig examples/ldns-test-edns examples/ldns-update examples/ldns-version examples/ldns-walk examples/ldns-zcat examples/ldns-zsplit EX_PROGS_BASENM = ldns-chaos ldns-compare-zones ldns-dane ldnsd ldns-dpa ldns-gen-zone ldns-key2ds ldns-keyfetcher ldns-keygen ldns-mx ldns-notify ldns-nsec3-hash ldns-read-zone ldns-resolver ldns-revoke ldns-rrsig ldns-signzone ldns-test-edns ldns-testns ldns-testpkts ldns-update ldns-verify-zone ldns-version ldns-walk ldns-zcat ldns-zsplit EXAMPLE_PROGS_EX= ^examples/ldns-testpkts\.c|examples/ldns-testns\.c|examples/ldns-dane\.c|examples/ldns-dpa\.c|examples/ldns-nsec3-hash\.c|examples/ldns-revoke\.c|examples/ldns-signzone\.c|examples/ldns-verify-zone\.c$$ TESTNS = examples/ldns-testns TESTNS_LOBJS = examples/ldns-testns.lo examples/ldns-testpkts.lo LDNS_DPA = examples/ldns-dpa LDNS_DPA_LOBJS = examples/ldns-dpa.lo LDNS_DANE = examples/ldns-dane LDNS_DANE_LOBJS = examples/ldns-dane.lo EX_SSL_PROGS = examples/ldns-nsec3-hash examples/ldns-revoke examples/ldns-signzone examples/ldns-verify-zone EX_SSL_LOBJS = examples/ldns-nsec3-hash.lo examples/ldns-revoke.lo examples/ldns-signzone.lo examples/ldns-verify-zone.lo COMPILE = $(CC) $(CPPFLAGS) $(CFLAGS) COMP_LIB = $(LIBTOOL) --mode=compile $(CC) $(CPPFLAGS) $(CFLAGS) LINK = $(CC) $(CFLAGS) $(LDFLAGS) $(LIBS) LINK_LIB = $(LIBTOOL) --mode=link $(CC) $(CFLAGS) $(LDFLAGS) $(LIBS) -version-info $(version_info) -no-undefined LINK_EXE = $(LIBTOOL) --mode=link $(CC) $(CFLAGS) $(LDFLAGS) $(LIBSSL_LDFLAGS) .PHONY: clean realclean docclean manpages doc lint all lib pyldns test .PHONY: install uninstall install-doc uninstall-doc uninstall-pyldns .PHONY: install-h uninstall-h install-lib uninstall-lib install-pyldns all: setup-builddir lib linktest manpages @P5_DNS_LDNS@ @PYLDNS@ @DRILL@ @EXAMPLES@ .SUFFIXES: .c .o .a .lo .h .i .c.lo: $(COMP_LIB) $(LIBSSL_CPPFLAGS) -c $(srcdir)/$< -o $@ # Need libtool compile .c.o: $(COMP_LIB) $(LIBSSL_CPPFLAGS) -c $(srcdir)/$< -o $@ $(LDNS_LOBJS) $(LIBLOBJS) $(DRILL_LOBJS) $(EXAMPLE_LOBJS): $(COMP_LIB) $(LIBSSL_CPPFLAGS) -c $(srcdir)/$(@:.lo=.c) -o $@ setup-builddir: @if test ! -d compat ; then mkdir compat ; fi @if test ! -d drill ; then mkdir drill ; fi @if test ! -d examples ; then mkdir examples ; fi @if test ! -h config.h ; then ln -s ldns/config.h . ; fi @if test ! -h lib ; then ln -s .libs lib ; fi ; @if test ! -d include ; then $(INSTALL) -d include; fi @if test ! -h include/ldns ; then ln -s ../ldns include/ldns || echo "include/ldns exists"; fi # builddir/ is used by 60-compile-builddir putdown-builddir: rm -rf include/ldns rm -f lib config.h test ! -d include || rmdir include || : if test -d examples -a ! -f examples/README; then rmdir examples || : ; fi if test -d drill -a ! -f drill/README ; then rmdir drill || : ; fi if test -d compat -a ! -f compat/malloc.c; then rmdir compat || : ; fi rm -rf builddir/ drill: setup-builddir no-drill-config-h drill/drill drill/drill.1 no-drill-config-h: @if test -e $(srcdir)/drill/config.h -o -e drill/config.h ; \ then echo "A config.h was detected in the drill subdirectory." ; \ echo "This does not work when building drill from here." ; \ echo "Either remove the config.h from the subdirectory" ; \ echo "or build drill there." ; \ exit -1 ; \ fi drill/drill: $(DRILL_LOBJS) $(LIB) $(LIBLOBJS) $(LINK_EXE) $(DRILL_LOBJS) $(LIBLOBJS) $(LIB) $(LIBSSL_LIBS) $(LIBS) -o drill/drill $(top_builddir)/libldns.la drill/drill.1: $(srcdir)/drill/drill.1.in $(edit) $(srcdir)/drill/drill.1.in > drill/drill.1 install-drill: drill/drill drill/drill.1 $(INSTALL) -m 755 -d $(DESTDIR)$(bindir) $(INSTALL) -m 755 -d $(DESTDIR)$(mandir) $(INSTALL) -m 755 -d $(DESTDIR)$(mandir)/man1 $(LIBTOOL) --mode=install cp drill/drill$(EXEEXT) $(DESTDIR)$(bindir) $(INSTALL) -m 644 drill/drill.1 $(DESTDIR)$(mandir)/man1/drill.1 uninstall-drill: rm -f $(DESTDIR)$(bindir)/drill$(EXEEXT) $(DESTDIR)$(mandir)/man1/drill.1 test ! -d $(DESTDIR)$(mandir) || rmdir -p $(DESTDIR)$(mandir)/man1 || :; test ! -d $(DESTDIR)$(bindir) || rmdir -p $(DESTDIR)$(bindir) || : ; clean-drill: $(LIBTOOL) --mode clean rm -f $(DRILL_LOBJS) drill/drill$(EXEEXT) drill/drill.1 examples: setup-builddir no-examples-config-h $(LIB) $(EXAMPLE_PROGS) $(TESTNS) $(LDNS_DPA) $(LDNS_DANE) $(EX_SSL_PROGS) examples/ldns-dane.1 examples/ldns-verify-zone.1 no-examples-config-h: @if test -e $(srcdir)/examples/config.h -o -e examples/config.h ; \ then echo "A config.h was detected in the examples subdirectory." ; \ echo "This does not work when building examples from here." ; \ echo "Either remove the config.h from the subdirectory" ; \ echo "or build examples there." ; \ exit -1 ; \ fi # Need LIBSSL_LIBS $(EXAMPLE_PROGS): $(LINK_EXE) $@.lo $(LIBLOBJS) $(LIB) $(LIBSSL_LIBS) $(LIBS) -o $@ $(top_builddir)/libldns.la # Need LIBSSL_LIBS $(TESTNS): $(LINK_EXE) $(TESTNS_LOBJS) $(LIBLOBJS) $(LIB) $(LIBSSL_LIBS) $(LIBS) -o $(TESTNS) $(top_builddir)/libldns.la # Need LIBSSL_LIBS $(LDNS_DPA): $(LINK_EXE) $(LDNS_DPA_LOBJS) $(LIBLOBJS) $(LIB) $(LIBPCAP_LIBS) $(LIBSSL_LIBS) $(LIBS) \ -o $(LDNS_DPA) $(top_builddir)/libldns.la $(LDNS_DANE): $(LINK_EXE) $(LDNS_DANE_LOBJS) $(LIBLOBJS) $(LIB) $(LIBSSL_SSL_LIBS) $(LIBS) \ -o $(LDNS_DANE) $(top_builddir)/libldns.la $(EX_SSL_PROGS): $(LINK_EXE) $@.lo $(LIBLOBJS) $(LIB) $(LIBSSL_LIBS) $(LIBS) -o $@ $(top_builddir)/libldns.la examples/ldns-dane.1: $(srcdir)/examples/ldns-dane.1.in $(edit) $(srcdir)/examples/ldns-dane.1.in > examples/ldns-dane.1 examples/ldns-verify-zone.1: $(srcdir)/examples/ldns-verify-zone.1.in $(edit) $(srcdir)/examples/ldns-verify-zone.1.in > examples/ldns-verify-zone.1 install-examples: $(EXAMPLE_PROGS) $(TESTNS) $(LDNS_DPA) $(LDNS_DANE) $(EX_SSL_PROGS) examples/ldns-dane.1 examples/ldns-verify-zone.1 $(INSTALL) -m 755 -d $(DESTDIR)$(bindir) $(INSTALL) -m 755 -d $(DESTDIR)$(mandir) $(INSTALL) -m 755 -d $(DESTDIR)$(mandir)/man1 for p in $(EXAMPLE_PROGS) $(TESTNS) $(LDNS_DPA) $(LDNS_DANE) $(EX_SSL_PROGS) ; do \ $(LIBTOOL) --mode=install cp $$p$(EXEEXT) $(DESTDIR)$(bindir) ; \ if test -f $$p.1 ; \ then $(INSTALL) -m 644 $$p.1 $(DESTDIR)$(mandir)/man1 ; \ else $(INSTALL) -m 644 $(srcdir)/$$p.1 $(DESTDIR)$(mandir)/man1 ; \ fi ; \ done uninstall-examples: for p in $(EX_PROGS_BASENM) ; do \ rm -f $(DESTDIR)$(bindir)/$$p$(EXEEXT) $(DESTDIR)$(mandir)/man1/$$p.1 ;\ done test ! -d $(DESTDIR)$(mandir) || rmdir -p $(DESTDIR)$(mandir)/man1 || :; test ! -d $(DESTDIR)$(bindir) || rmdir -p $(DESTDIR)$(bindir) || : ; clean-examples: for p in $(EX_PROGS_BASENM) ; do \ $(LIBTOOL) --mode clean rm -f $$p$(EXEEXT) ;\ done $(LIBTOOL) --mode clean rm -f $(TESTNS) $(LDNS_DPA) $(LDNS_DANE) $(EX_SSL_PROGS) $(LIBTOOL) --mode clean rm -f $(EXAMPLE_LOBJS) $(LIBTOOL) --mode clean rm -f examples/ldns-dane.1 examples/ldns-verify-zone.1 linktest: $(srcdir)/linktest.c libldns.la $(COMP_LIB) $(LIBSSL_CPPFLAGS) -c $(srcdir)/linktest.c -o linktest.lo $(LINK_EXE) linktest.lo $(LIB) $(LIBSSL_LIBS) $(LIBS) -o linktest $(top_builddir)/libldns.la lib: libldns.la lib-export-all: libldns.la-export-all libldns.la: $(LDNS_ALL_LOBJS) $(LINK_LIB) $(LIBSSL_LDFLAGS) $(LIBSSL_LIBS) -export-symbols-regex '^(ldns_|b32_[pn]to[pn]|mktime_from_utc|qsort_rr_compare_nsec3)' -o libldns.la $(LDNS_ALL_LOBJS) -rpath $(libdir) $(RUNTIME_PATH) libldns.la-export-all: $(LDNS_ALL_LOBJS) $(LINK_LIB) -o libldns.la $(LDNS_ALL_LOBJS) -rpath $(libdir) $(RUNTIME_PATH) mancheck: sh -c 'find . -name \*.\[13\] -exec troff -z {} \;' 2>&1 | sed "s/^\.\///" | sed "s/\(:[0\-9]\+:\)/\1 warning:/g" doxygen: @if test ! -e doc/header.html ; then \ $(INSTALL) -c -m 644 $(srcdir)/doc/header.html doc/ ; \ fi ; $(doxygen) libdns.doxygen doc: manpages $(doxygen) @$(INSTALL) -d doc manpages: $(srcdir)/doc/function_manpages @$(INSTALL) -d doc/man/man3 @if [ -f $(srcdir)/doc/man/man3/ldns_rr.3 ] ; \ then \ if test -d ldns ; then \ echo "is builddir srcdir" > ldns/YES ; \ if [ ! -f $(srcdir)/ldns/YES ]; then \ echo "Copying manpages..."; \ for m in $(srcdir)/doc/man/man3/*.3 ; \ do \ $(INSTALL) -c -C -m 444 $${m} doc/man/man3/ ; \ done; \ fi ;\ rm -f ldns/YES; \ fi; \ else \ echo "Generating manpages..."; \ cat $(srcdir)/ldns/*.h \ | $(srcdir)/doc/doxyparse.pl -m $(srcdir)/doc/function_manpages \ | grep -v ^doxygen | grep -v ^cat > doc/ldns_manpages; \ fi manpage-create-errors: $(srcdir)/doc/function_manpages @$(INSTALL) -d doc @cat $(srcdir)/ldns/*.h \ | $(srcdir)/doc/doxyparse.pl -e \ -m $(srcdir)/doc/function_manpages >/dev/null manpage-errors: @man --version >/dev/null 2>&1 && \ for m in `cat $(srcdir)/ldns/*.h | $(srcdir)/doc/doxyparse.pl -m $(srcdir)/doc/function_manpages 2>&1 | grep -v ^doxygen | grep -v ^cat` ; do\ LC_ALL=en_US.UTF-8 MANROFFSEQ='' MANWIDTH=80 \ man --warnings -E UTF-8 -l -Tutf8 -Z doc/man/man3/$${m}.3 2>&1 >/dev/null \ | awk "-vpage=$${m}.3" '{printf("%s: ", page);print}'; \ if ! lexgrog doc/man/man3/$${m}.3 >/dev/null 2>&1 ; \ then \ echo doc/man/man3/$${m}.3: manpage-has-bad-whatis-entry; \ fi; \ done || echo "WARNING!: Cannot detect manpage errors on `uname`" pyldns: _ldns.la $(pywrapdir)/ldns_wrapper.c: $(PYLDNS_I_FILES) ldns/config.h $(swig) $(swigpy_flags) -o $@ $(PYTHON_CPPFLAGS) $(pywrapdir)/ldns.i ldns_wrapper.lo: $(pywrapdir)/ldns_wrapper.c ldns/config.h $(COMP_LIB) -I./include/ldns $(LIBSSL_CPPFLAGS) $(PYTHON_CPPFLAGS) $(PYTHON_X_CFLAGS) -c $(pywrapdir)/ldns_wrapper.c -o $@ _ldns.la: ldns_wrapper.lo libldns.la $(LIBTOOL) --tag=CC --mode=link $(CC) $(CFLAGS) $(PYTHON_CFLAGS) $(LDFLAGS) -module -version-info $(version_info) -no-undefined -o $@ ldns_wrapper.lo -rpath $(python_site) -L. -L.libs $(LIB) $(PYTHON_LIBS) $(LIBS) $(p5_dns_ldns_dir)/Makefile: $(p5_dns_ldns_dir)/Makefile.PL BUILDDIR=`pwd`; cd $(p5_dns_ldns_dir); LD_LIBRARY_PATH="$$BUILDDIR/.libs:$$LD_LIBRARY_PATH" DYLD_LIBRARY_PATH="$$BUILDDIR/.libs:$$DYLD_LIBRARY_PATH" $(PERL) Makefile.PL LIBS="-L$$BUILDDIR/.libs -lldns" INC="-I$$BUILDDIR" $(p5_dns_ldns_dir)/blib/arch/auto/DNS/LDNS/LDNS.so: $(p5_dns_ldns_dir)/Makefile cd $(p5_dns_ldns_dir); $(MAKE) p5-dns-ldns: $(p5_dns_ldns_dir)/blib/arch/auto/DNS/LDNS/LDNS.so install-p5-dns-ldns: $(p5_dns_ldns_dir)/Makefile cd $(p5_dns_ldns_dir); $(MAKE) install uninstall-p5-dns-ldns: $(p5_dns_ldns_dir)/Makefile cd $(p5_dns_ldns_dir); $(MAKE) uninstall clean-p5-dns-ldns: $(p5_dns_ldns_dir)/Makefile cd $(p5_dns_ldns_dir); $(MAKE) clean test-p5-dns-ldns: $(p5_dns_ldns_dir)/Makefile cd $(p5_dns_ldns_dir); $(MAKE) test install: install-h install-lib install-pc @INSTALL_CONFIG@ install-manpages $(pyldns_inst) $(pyldnsx_inst) @INSTALL_P5_DNS_LDNS@ @INSTALL_DRILL@ @INSTALL_EXAMPLES@ uninstall: uninstall-manpages @UNINSTALL_CONFIG@ uninstall-h uninstall-lib uninstall-pc $(pyldns_uninst) $(pyldnsx_uninst) @UNINSTALL_P5_DNS_LDNS@ @UNINSTALL_DRILL@ @UNINSTALL_EXAMPLES@ destclean: uninstall install-config: $(INSTALL) -d $(DESTDIR)$(bindir) $(INSTALL) -c -m 755 packaging/ldns-config $(DESTDIR)$(bindir) uninstall-config: rm -f $(DESTDIR)$(bindir)/ldns-config test ! -d $(DESTDIR)$(bindir) || rmdir -p $(DESTDIR)$(bindir) || echo "ok, dir already gone" install-config-manpage: ${INSTALL} -d $(DESTDIR)$(mandir)/man1 ${INSTALL} -c -m 444 $(srcdir)/packaging/ldns-config.1 $(DESTDIR)$(mandir)/man1/ uninstall-config-manpage: rm -f $(DESTDIR)$(mandir)/man1/ldns-config.1 test ! -d $(DESTDIR)$(mandir)/man1 || rmdir -p $(DESTDIR)$(mandir)/man1 || echo "ok, dir already gone" install-manpages: manpages @INSTALL_CONFIG_MANPAGE@ ${INSTALL} -d $(DESTDIR)$(mandir)/man3 for f in doc/man/man3/*; do \ ${INSTALL} -c -m 444 $$f $(DESTDIR)$(mandir)/man3/; \ done uninstall-manpages: @UNINSTALL_CONFIG_MANPAGE@ for m in `cat $(srcdir)/ldns/*.h | perl $(srcdir)/doc/doxyparse.pl -m $(srcdir)/doc/function_manpages 2>&1 | grep -v ^doxygen | grep -v ^cat` ; do \ rm -f $(DESTDIR)$(mandir)/man3/$$m.3 ; done test ! -d $(DESTDIR)$(mandir)/man3 || rmdir -p $(DESTDIR)$(mandir)/man3 || echo "ok, dir already gone" install-h: lib $(INSTALL) -m 755 -d $(DESTDIR)$(includedir)/ldns for i in $(LDNS_HEADERS); do \ $(INSTALL) -c -m 644 $(srcdir)/ldns/$$i $(DESTDIR)$(includedir)/ldns/; done for i in $(LDNS_HEADERS_GEN); do \ $(INSTALL) -c -m 644 ldns/$$i $(DESTDIR)$(includedir)/ldns/; done uninstall-h: for i in $(LDNS_HEADERS) $(LDNS_HEADERS_GEN); do \ rm -f $(DESTDIR)$(includedir)/ldns/$$i; done test ! -d $(DESTDIR)$(includedir)/ldns || rmdir -p $(DESTDIR)$(includedir)/ldns || echo "ok, dir already gone" exit 0 packaging/libldns.pc: $(srcdir)/packaging/libldns.pc.in ./config.status --file=$@ install-pc: packaging/libldns.pc $(INSTALL) -m 644 packaging/libldns.pc $(DESTDIR)$(libdir)/pkgconfig/ldns.pc uninstall-pc: $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/pkgconfig/ldns.pc test ! -d $(DESTDIR)$(libdir)/pkgconfig || rmdir -p $(DESTDIR)$(libdir)/pkgconfig || echo "ok, dir already gone" install-lib: lib $(INSTALL) -m 755 -d $(DESTDIR)$(libdir) $(LIBTOOL) --mode=install cp libldns.la $(DESTDIR)$(libdir) $(LIBTOOL) --mode=finish $(DESTDIR)$(libdir) uninstall-lib: $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/libldns.la test ! -d $(DESTDIR)$(libdir) || rmdir -p $(DESTDIR)$(libdir) || echo "ok, dir already gone" install-pyldns: @PYLDNS@ $(INSTALL) -m 755 -d $(DESTDIR)$(python_site)/ldns $(INSTALL) -c -m 644 $(pywrapdir)/ldns.py $(DESTDIR)$(python_site)/ldns.py $(LIBTOOL) --mode=install cp _ldns.la $(DESTDIR)$(python_site) $(LIBTOOL) --mode=finish $(DESTDIR)$(python_site) uninstall-pyldns: rm -f $(DESTDIR)$(python_site)/ldns/* test ! -d $(DESTDIR)$(python_site)/ldns || rmdir $(DESTDIR)$(python_site)/ldns || echo "ok, dir already gone" install-pyldnsx: $(INSTALL) -c -m 644 $(pyldnsxwrapdir)/ldnsx.py $(DESTDIR)$(python_site)/ldnsx.py uninstall-pyldnsx: rm -f $(DESTDIR)$(python_site)/ldnsx.py clean-manpages: for m in `cat $(srcdir)/ldns/*.h | $(srcdir)/doc/doxyparse.pl -m $(srcdir)/doc/function_manpages 2>&1 | grep -v ^doxygen | grep -v ^cat` ; do\ rm -f doc/man/man3/$${m}.3 ; done rm -f doc/ldns_manpages test ! -d doc/man/man3 || rmdir -p doc/man/man3 || : clean-lib: $(LIBTOOL) --mode clean rm -f $(LDNS_LOBJS) $(LIBLOBJS) $(LIBTOOL) --mode clean rm -f linktest libldns.la $(LIBTOOL) --mode clean rm -f $(pywrapdir)/ldns_wrapper.c $(LIBTOOL) --mode clean rm -f $(pywrapdir)/ldns.py clean: @CLEAN_DRILL@ @CLEAN_EXAMPLES@ @CLEAN_P5_DNS_LDNS@ clean-manpages clean-lib putdown-builddir realclean: clean docclean rm -f config.status rm -f config.log rm -f $(CONFIG_FILES) rm -f ldns/config.h if test -d packaging -a ! -f packaging/ldns-config.in ; then \ rmdir packaging || : ; fi rm -f libtool if test -d ldns ; then \ echo "is builddir srcdir" > ldns/YES ; \ if test -f $(srcdir)/ldns/YES ; then \ echo Leaving headers files because srcdir == builddir;\ rm -f ldns/YES; \ else \ echo Removing header files in builddir;\ for f in `(cd $(srcdir); echo ldns/*.h)`; do \ rm -f $$f ; done ; \ rm -f ldns/YES; \ test ! -d ldns || rmdir ldns || : ; \ fi ;\ fi docclean: rm -rf doc/html/ rm -rf doc/man/ rm -rf doc/latex/ rm -f doc/*.txt rm -f doc/*.tex rm -f doc/ldns_manpages distclean: realclean rm -fr autom4te.cache rm -f config.guess config.sub configure ltmain.sh ldns/config.h.in ## No need for changes here lint: lint-lib @LINT_DRILL@ @LINT_EXAMPLES@ lint-lib: for i in $(srcdir)/*.c; do \ $(LINT) $(LINTFLAGS) -I. -I$(srcdir) $(srcdir)/$$i ; \ if test $$? -ne 0 ; then exit 1 ; fi ; \ done lint-drill: for i in $(srcdir)/drill/*.c; do \ $(LINT) $(LINTFLAGS) -I. -I$(srcdir) $(srcdir)/$$i ; \ if test $$? -ne 0 ; then exit 1 ; fi ; \ done lint-examples: for i in $(srcdir)/examples/*.c; do \ $(LINT) $(LINTFLAGS) -I. -I$(srcdir) $(srcdir)/$$i ; \ if test $$? -ne 0 ; then exit 1 ; fi ; \ done tags: $(srcdir)/*.c ldns/*.[ch] ctags -f $(srcdir)/tags $(srcdir)/*.[ch] ldns/*.[ch] allclean: test-clean clean test-clean: tpkg -b test clean test: examples drill @TEST_P5_DNS_LDNS@ ./test/test_all.sh # Recreate symbols file, only needed when API changes # make clean first (and after this make clean; make again) symbols: lib-export-all nm -g lib/libldns.so | cut -d " " -f 3 | grep ldns | sort > $(srcdir)/ldns_symbols.def TMP_FILE=temporary.tmp sources: for mf in $(srcdir)/Makefile.in Makefile ; do \ if test -e $$mf ; then \ cp $$mf $$mf.bak ;\ sed -e 's/^LDNS_LOBJS[ ]*=.*$$/LDNS_LOBJS = '"`(cd $(srcdir); ls -1 *.c | egrep -v '$(LDNS_LOBJS_EX)' | sed 's/\.c/\.lo/g' | tr '\n' ' ')`"'/g' \ -e 's/^LDNS_HEADERS[ ]*=.*$$/LDNS_HEADERS = '"`(cd $(srcdir)/ldns; ls -1 *.h | egrep -v '$(LDNS_HEADERS_EX)' | tr '\n' ' ')`"'/g' \ -e 's?^PYLDNS_I_FILES[ ]*=.*$$?PYLDNS_I_FILES = '"`(cd $(srcdir)/contrib; echo python/*.i | sed 's/python/\$$(pywrapdir)/g')`"'?g' \ -e 's?^DRILL_LOBJS[ ]*=.*$$?DRILL_LOBJS = '"`(cd $(srcdir); echo drill/*.c | sed 's/\.c/\.lo/g')`"'?g' \ -e 's?^EXAMPLE_LOBJS[ ]*=.*$$?EXAMPLE_LOBJS = '"`(cd $(srcdir); echo examples/*.c | sed 's/\.c/\.lo/g')`"'?g' \ -e 's?^EXAMPLE_PROGS[ ]*=.*$$?EXAMPLE_PROGS = '"`(cd $(srcdir); ls -1 examples/*.c | egrep -v '$(EXAMPLE_PROGS_EX)' | sed 's/\.c//g' | tr '\n' ' ')`"'?g' \ -e 's?^EX_PROGS_BASENM[ ]*=.*$$?EX_PROGS_BASENM = '"`(cd $(srcdir); ls -1 examples/*.c | sed -e 's/\.c//g' -e 's?examples/??g' | tr '\n' ' ')`"'?g' \ $$mf > $(TMP_FILE) ;\ mv $(TMP_FILE) $$mf ;\ fi;\ done # dependency generation DEPEND_TMP=depend1073.tmp DEPEND_TMP2=depend1074.tmp DEPEND_TARGET=Makefile DEPEND_TARGET2=$(srcdir)/Makefile.in # actions: generate deplines from gcc, # then, filter out home/xx, /usr/xx and /opt/xx lines (some cc already do this) # then, remove empty " \" lines # then, add srcdir before .c and .h in deps. # then, remove srcdir from the (generated) parser and lexer. # and mention the .lo depend: if test ! -e config.h ; then ln -s ldns/config.h . ; fi echo "" > $(DEPEND_TMP) for builddir in `pwd` ; do \ for subdir in . compat examples drill; do \ (cd $(srcdir) ; $(CC) $(DEPFLAG) $(CPPFLAGS) $(CFLAGS) -I$$builddir -I$$subdir $$subdir/*.c) | \ sed -e 's!'$$HOME'[^ ]* !!g' -e 's!'$$HOME'[^ ]*$$!!g' \ -e 's!/usr[^ ]* !!g' -e 's!/usr[^ ]*$$!!g' \ -e 's!/opt[^ ]* !!g' -e 's!/opt[^ ]*$$!!g' | \ sed -e '/^ \\$$/d' | \ sed -e 's? *\([^ ]*\.[ch]\)? $$(srcdir)/\1?g' | \ sed -e 's? *\([^ ]*\.inc\)? $$(srcdir)/\1?g' | \ sed -e 's?$$(srcdir)/ldns/config.h?ldns/config.h?g' \ -e 's?$$(srcdir)/config.h?ldns/config.h?g' \ -e 's?$$(srcdir)/ldns/common.h?ldns/common.h?g' \ -e 's?$$(srcdir)/ldns/util.h?ldns/util.h?g' \ -e 's?$$(srcdir)/ldns/net.h?ldns/net.h?g' \ -e 's!\(.*\)\.o[ :]*!'"$$subdir/"'\1.lo '"$$subdir/"'\1.o: !g' \ -e 's?^\.\/??g' -e 's? \.\/? ?g' \ >> $(DEPEND_TMP) ;\ done; \ done for p in $(EXAMPLE_PROGS) $(LDNS_DPA) $(LDNS_DANE) $(EX_SSL_PROGS); do \ echo "$$p: $$p.lo \$$(LIB)" >> $(DEPEND_TMP) ; done echo "$(TESTNS): `for o in $(TESTNS_LOBJS) ; do \ echo -n "$$o " ; done`\$$(LIB)" \ >> $(DEPEND_TMP) cp $(DEPEND_TARGET) $(DEPEND_TMP2) head -`egrep -n "# Dependencies" $(DEPEND_TARGET) | tail -1 | sed -e 's/:.*$$//'` $(DEPEND_TMP2) > $(DEPEND_TARGET) cat $(DEPEND_TMP) >> $(DEPEND_TARGET) @if diff $(DEPEND_TARGET) $(DEPEND_TMP2); then echo " $(DEPEND_TARGET) unchanged"; else echo " Updated $(DEPEND_TARGET))"; fi @if test -f $(DEPEND_TARGET2); then \ cp $(DEPEND_TARGET2) $(DEPEND_TMP2); \ head -`egrep -n "# Dependencies" $(DEPEND_TARGET2) | tail -1 | sed -e 's/:.*$$//'` $(DEPEND_TMP2) > $(DEPEND_TARGET2); \ cat $(DEPEND_TMP) >> $(DEPEND_TARGET2); \ if diff $(DEPEND_TARGET2) $(DEPEND_TMP2); then echo " $(DEPEND_TARGET2) unchanged"; else echo " Updated $(DEPEND_TARGET2))"; fi; \ fi rm -f $(DEPEND_TMP) $(DEPEND_TMP2) # Dependencies buffer.lo buffer.o: $(srcdir)/buffer.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h \ $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \ $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h dane.lo dane.o: $(srcdir)/dane.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h \ $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \ $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h dname.lo dname.o: $(srcdir)/dname.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h \ $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \ $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h dnssec.lo dnssec.o: $(srcdir)/dnssec.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h \ $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \ $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h dnssec_sign.lo dnssec_sign.o: $(srcdir)/dnssec_sign.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h dnssec_verify.lo dnssec_verify.o: $(srcdir)/dnssec_verify.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h dnssec_zone.lo dnssec_zone.o: $(srcdir)/dnssec_zone.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h duration.lo duration.o: $(srcdir)/duration.c ldns/config.h $(srcdir)/ldns/duration.h edns.lo edns.o: $(srcdir)/edns.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h \ $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \ $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h error.lo error.o: $(srcdir)/error.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h \ $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \ $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h higher.lo higher.o: $(srcdir)/higher.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h \ $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \ $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h host2str.lo host2str.o: $(srcdir)/host2str.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h host2wire.lo host2wire.o: $(srcdir)/host2wire.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h keys.lo keys.o: $(srcdir)/keys.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h \ $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \ $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h linktest.lo linktest.o: $(srcdir)/linktest.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h net.lo net.o: $(srcdir)/net.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h \ $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \ $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h packet.lo packet.o: $(srcdir)/packet.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h \ $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \ $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h parse.lo parse.o: $(srcdir)/parse.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h \ $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \ $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h radix.lo radix.o: $(srcdir)/radix.c ldns/config.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/error.h ldns/util.h \ ldns/common.h rbtree.lo rbtree.o: $(srcdir)/rbtree.c ldns/config.h $(srcdir)/ldns/rbtree.h ldns/util.h ldns/common.h rdata.lo rdata.o: $(srcdir)/rdata.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h \ $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \ $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h resolver.lo resolver.o: $(srcdir)/resolver.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h rr.lo rr.o: $(srcdir)/rr.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h \ $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \ $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h rr_functions.lo rr_functions.o: $(srcdir)/rr_functions.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h sha1.lo sha1.o: $(srcdir)/sha1.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h \ $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \ $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h sha2.lo sha2.o: $(srcdir)/sha2.c ldns/config.h $(srcdir)/ldns/sha2.h str2host.lo str2host.o: $(srcdir)/str2host.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h tsig.lo tsig.o: $(srcdir)/tsig.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h \ $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \ $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h update.lo update.o: $(srcdir)/update.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h \ $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \ $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h util.lo util.o: $(srcdir)/util.c ldns/config.h $(srcdir)/ldns/rdata.h ldns/common.h $(srcdir)/ldns/error.h \ ldns/util.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/buffer.h wire2host.lo wire2host.o: $(srcdir)/wire2host.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h zone.lo zone.o: $(srcdir)/zone.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h \ $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \ $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h compat/asctime_r.lo compat/asctime_r.o: $(srcdir)/compat/asctime_r.c ldns/config.h compat/b64_ntop.lo compat/b64_ntop.o: $(srcdir)/compat/b64_ntop.c ldns/config.h compat/b64_pton.lo compat/b64_pton.o: $(srcdir)/compat/b64_pton.c ldns/config.h compat/calloc.lo compat/calloc.o: $(srcdir)/compat/calloc.c ldns/config.h compat/ctime_r.lo compat/ctime_r.o: $(srcdir)/compat/ctime_r.c ldns/config.h compat/fake-rfc2553.lo compat/fake-rfc2553.o: $(srcdir)/compat/fake-rfc2553.c ldns/config.h ldns/common.h \ $(srcdir)/compat/fake-rfc2553.h compat/gmtime_r.lo compat/gmtime_r.o: $(srcdir)/compat/gmtime_r.c ldns/config.h compat/inet_aton.lo compat/inet_aton.o: $(srcdir)/compat/inet_aton.c ldns/config.h compat/inet_ntop.lo compat/inet_ntop.o: $(srcdir)/compat/inet_ntop.c ldns/config.h compat/inet_pton.lo compat/inet_pton.o: $(srcdir)/compat/inet_pton.c ldns/config.h compat/isascii.lo compat/isascii.o: $(srcdir)/compat/isascii.c ldns/config.h compat/isblank.lo compat/isblank.o: $(srcdir)/compat/isblank.c ldns/config.h compat/localtime_r.lo compat/localtime_r.o: $(srcdir)/compat/localtime_r.c ldns/config.h compat/malloc.lo compat/malloc.o: $(srcdir)/compat/malloc.c ldns/config.h compat/memmove.lo compat/memmove.o: $(srcdir)/compat/memmove.c ldns/config.h compat/realloc.lo compat/realloc.o: $(srcdir)/compat/realloc.c ldns/config.h compat/snprintf.lo compat/snprintf.o: $(srcdir)/compat/snprintf.c ldns/config.h compat/strlcpy.lo compat/strlcpy.o: $(srcdir)/compat/strlcpy.c ldns/config.h compat/timegm.lo compat/timegm.o: $(srcdir)/compat/timegm.c ldns/config.h examples/ldns-chaos.lo examples/ldns-chaos.o: $(srcdir)/examples/ldns-chaos.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h examples/ldns-compare-zones.lo examples/ldns-compare-zones.o: $(srcdir)/examples/ldns-compare-zones.c ldns/config.h $(srcdir)/ldns/ldns.h \ ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h \ $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h \ $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h \ $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h \ $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h \ $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h examples/ldns-dane.lo examples/ldns-dane.o: $(srcdir)/examples/ldns-dane.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h examples/ldnsd.lo examples/ldnsd.o: $(srcdir)/examples/ldnsd.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h \ $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h \ $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h \ $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \ $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h examples/ldns-dpa.lo examples/ldns-dpa.o: $(srcdir)/examples/ldns-dpa.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h examples/ldns-gen-zone.lo examples/ldns-gen-zone.o: $(srcdir)/examples/ldns-gen-zone.c ldns/config.h $(srcdir)/ldns/ldns.h \ ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h \ $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h \ $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h \ $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h \ $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h \ $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h examples/ldns-key2ds.lo examples/ldns-key2ds.o: $(srcdir)/examples/ldns-key2ds.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h examples/ldns-keyfetcher.lo examples/ldns-keyfetcher.o: $(srcdir)/examples/ldns-keyfetcher.c ldns/config.h $(srcdir)/ldns/ldns.h \ ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h \ $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h \ $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h \ $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h \ $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h \ $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h examples/ldns-keygen.lo examples/ldns-keygen.o: $(srcdir)/examples/ldns-keygen.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h examples/ldns-mx.lo examples/ldns-mx.o: $(srcdir)/examples/ldns-mx.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h examples/ldns-notify.lo examples/ldns-notify.o: $(srcdir)/examples/ldns-notify.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h examples/ldns-nsec3-hash.lo examples/ldns-nsec3-hash.o: $(srcdir)/examples/ldns-nsec3-hash.c ldns/config.h $(srcdir)/ldns/ldns.h \ ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h \ $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h \ $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h \ $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h \ $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h \ $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h examples/ldns-read-zone.lo examples/ldns-read-zone.o: $(srcdir)/examples/ldns-read-zone.c ldns/config.h $(srcdir)/ldns/ldns.h \ ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h \ $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h \ $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h \ $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h \ $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h \ $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h examples/ldns-resolver.lo examples/ldns-resolver.o: $(srcdir)/examples/ldns-resolver.c ldns/config.h $(srcdir)/ldns/ldns.h \ ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h \ $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h \ $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h \ $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h \ $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h \ $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h examples/ldns-revoke.lo examples/ldns-revoke.o: $(srcdir)/examples/ldns-revoke.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h examples/ldns-rrsig.lo examples/ldns-rrsig.o: $(srcdir)/examples/ldns-rrsig.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h examples/ldns-signzone.lo examples/ldns-signzone.o: $(srcdir)/examples/ldns-signzone.c ldns/config.h $(srcdir)/ldns/ldns.h \ ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h \ $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h \ $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h \ $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h \ $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h \ $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h examples/ldns-test-edns.lo examples/ldns-test-edns.o: $(srcdir)/examples/ldns-test-edns.c ldns/config.h $(srcdir)/ldns/ldns.h \ ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h \ $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h \ $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h \ $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h \ $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h \ $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h examples/ldns-testns.lo examples/ldns-testns.o: $(srcdir)/examples/ldns-testns.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h \ $(srcdir)/examples/ldns-testpkts.h examples/ldns-testpkts.lo examples/ldns-testpkts.o: $(srcdir)/examples/ldns-testpkts.c ldns/config.h $(srcdir)/ldns/ldns.h \ ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h \ $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h \ $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h \ $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h \ $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h \ $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h \ $(srcdir)/examples/ldns-testpkts.h examples/ldns-update.lo examples/ldns-update.o: $(srcdir)/examples/ldns-update.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h examples/ldns-verify-zone.lo examples/ldns-verify-zone.o: $(srcdir)/examples/ldns-verify-zone.c ldns/config.h $(srcdir)/ldns/ldns.h \ ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h \ $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h \ $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h \ $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h \ $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h \ ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h \ $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h examples/ldns-version.lo examples/ldns-version.o: $(srcdir)/examples/ldns-version.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h examples/ldns-walk.lo examples/ldns-walk.o: $(srcdir)/examples/ldns-walk.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h examples/ldns-zcat.lo examples/ldns-zcat.o: $(srcdir)/examples/ldns-zcat.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h examples/ldns-zsplit.lo examples/ldns-zsplit.o: $(srcdir)/examples/ldns-zsplit.c ldns/config.h $(srcdir)/ldns/ldns.h ldns/util.h \ ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h \ $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h \ $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h \ $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h \ $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h \ $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h \ $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h drill/chasetrace.lo drill/chasetrace.o: $(srcdir)/drill/chasetrace.c $(srcdir)/drill/drill.h ldns/config.h \ $(srcdir)/drill/drill_util.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h \ $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h \ $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h \ $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \ $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h drill/dnssec.lo drill/dnssec.o: $(srcdir)/drill/dnssec.c $(srcdir)/drill/drill.h ldns/config.h $(srcdir)/drill/drill_util.h \ $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h \ $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h \ $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h \ $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h \ $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \ $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h drill/drill.lo drill/drill.o: $(srcdir)/drill/drill.c $(srcdir)/drill/drill.h ldns/config.h $(srcdir)/drill/drill_util.h \ $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h \ $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h \ $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h \ $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h \ $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \ $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h drill/drill_util.lo drill/drill_util.o: $(srcdir)/drill/drill_util.c $(srcdir)/drill/drill.h ldns/config.h \ $(srcdir)/drill/drill_util.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h \ $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h \ $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h \ $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \ $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h drill/error.lo drill/error.o: $(srcdir)/drill/error.c $(srcdir)/drill/drill.h ldns/config.h $(srcdir)/drill/drill_util.h \ $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h \ $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h \ $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h \ $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h \ $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \ $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h drill/root.lo drill/root.o: $(srcdir)/drill/root.c $(srcdir)/drill/drill.h ldns/config.h $(srcdir)/drill/drill_util.h \ $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h \ $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h \ $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h \ $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h \ $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \ $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h drill/securetrace.lo drill/securetrace.o: $(srcdir)/drill/securetrace.c $(srcdir)/drill/drill.h ldns/config.h \ $(srcdir)/drill/drill_util.h $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h \ $(srcdir)/ldns/error.h $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h \ $(srcdir)/ldns/dnssec.h $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h \ $(srcdir)/ldns/resolver.h $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h \ $(srcdir)/ldns/host2str.h $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h \ $(srcdir)/ldns/higher.h $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \ $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h drill/work.lo drill/work.o: $(srcdir)/drill/work.c $(srcdir)/drill/drill.h ldns/config.h $(srcdir)/drill/drill_util.h \ $(srcdir)/ldns/ldns.h ldns/util.h ldns/common.h $(srcdir)/ldns/buffer.h $(srcdir)/ldns/error.h \ $(srcdir)/ldns/dane.h $(srcdir)/ldns/rdata.h $(srcdir)/ldns/rr.h $(srcdir)/ldns/dname.h $(srcdir)/ldns/dnssec.h \ $(srcdir)/ldns/packet.h $(srcdir)/ldns/edns.h $(srcdir)/ldns/keys.h $(srcdir)/ldns/zone.h $(srcdir)/ldns/resolver.h \ $(srcdir)/ldns/tsig.h $(srcdir)/ldns/dnssec_zone.h $(srcdir)/ldns/rbtree.h $(srcdir)/ldns/host2str.h \ $(srcdir)/ldns/dnssec_verify.h $(srcdir)/ldns/dnssec_sign.h $(srcdir)/ldns/duration.h $(srcdir)/ldns/higher.h \ $(srcdir)/ldns/host2wire.h ldns/net.h $(srcdir)/ldns/str2host.h $(srcdir)/ldns/update.h \ $(srcdir)/ldns/wire2host.h $(srcdir)/ldns/rr_functions.h $(srcdir)/ldns/parse.h $(srcdir)/ldns/radix.h \ $(srcdir)/ldns/sha1.h $(srcdir)/ldns/sha2.h examples/ldns-chaos: examples/ldns-chaos.lo $(LIB) examples/ldns-compare-zones: examples/ldns-compare-zones.lo $(LIB) examples/ldnsd: examples/ldnsd.lo $(LIB) examples/ldns-gen-zone: examples/ldns-gen-zone.lo $(LIB) examples/ldns-key2ds: examples/ldns-key2ds.lo $(LIB) examples/ldns-keyfetcher: examples/ldns-keyfetcher.lo $(LIB) examples/ldns-keygen: examples/ldns-keygen.lo $(LIB) examples/ldns-mx: examples/ldns-mx.lo $(LIB) examples/ldns-notify: examples/ldns-notify.lo $(LIB) examples/ldns-read-zone: examples/ldns-read-zone.lo $(LIB) examples/ldns-resolver: examples/ldns-resolver.lo $(LIB) examples/ldns-rrsig: examples/ldns-rrsig.lo $(LIB) examples/ldns-test-edns: examples/ldns-test-edns.lo $(LIB) examples/ldns-update: examples/ldns-update.lo $(LIB) examples/ldns-version: examples/ldns-version.lo $(LIB) examples/ldns-walk: examples/ldns-walk.lo $(LIB) examples/ldns-zcat: examples/ldns-zcat.lo $(LIB) examples/ldns-zsplit: examples/ldns-zsplit.lo $(LIB) examples/ldns-dpa: examples/ldns-dpa.lo $(LIB) examples/ldns-dane: examples/ldns-dane.lo $(LIB) examples/ldns-nsec3-hash: examples/ldns-nsec3-hash.lo $(LIB) examples/ldns-revoke: examples/ldns-revoke.lo $(LIB) examples/ldns-signzone: examples/ldns-signzone.lo $(LIB) examples/ldns-verify-zone: examples/ldns-verify-zone.lo $(LIB) examples/ldns-testns: examples/ldns-testns.lo examples/ldns-testpkts.lo $(LIB) ldns-1.9.0/host2str.c0000664000175000017500000027466515114326257014015 0ustar willemwillem/* * host2str.c * * conversion routines from the host format * to the presentation format (strings) * * a Net::DNS like library for C * * (c) NLnet Labs, 2004-2006 * * See the file LICENSE for the license */ #include #include #include #ifdef HAVE_SYS_SOCKET_H #include #endif #ifdef HAVE_ARPA_INET_H #include #endif #ifdef HAVE_NETDB_H #include #endif #include #include #ifdef HAVE_SSL #include #include #ifdef USE_DSA #include #endif #endif #ifndef INET_ADDRSTRLEN #define INET_ADDRSTRLEN 16 #endif #ifndef INET6_ADDRSTRLEN #define INET6_ADDRSTRLEN 46 #endif /* Internal helper function */ ldns_edns_option_list* pkt_edns_data2edns_option_list(const ldns_rdf *edns_data); /* lookup tables for standard DNS stuff */ /* Taken from RFC 2535, section 7. */ ldns_lookup_table ldns_algorithms[] = { { LDNS_RSAMD5, "RSAMD5" }, { LDNS_DH, "DH" }, { LDNS_DSA, "DSA" }, { LDNS_ECC, "ECC" }, { LDNS_RSASHA1, "RSASHA1" }, { LDNS_DSA_NSEC3, "DSA-NSEC3-SHA1" }, { LDNS_RSASHA1_NSEC3, "RSASHA1-NSEC3-SHA1" }, { LDNS_RSASHA256, "RSASHA256"}, { LDNS_RSASHA512, "RSASHA512"}, { LDNS_ECC_GOST, "ECC-GOST"}, { LDNS_ECDSAP256SHA256, "ECDSAP256SHA256"}, { LDNS_ECDSAP384SHA384, "ECDSAP384SHA384"}, { LDNS_ED25519, "ED25519"}, { LDNS_ED448, "ED448"}, { LDNS_INDIRECT, "INDIRECT" }, { LDNS_PRIVATEDNS, "PRIVATEDNS" }, { LDNS_PRIVATEOID, "PRIVATEOID" }, { 0, NULL } }; /* Hashing algorithms used in the DS record */ ldns_lookup_table ldns_hashes[] = { {LDNS_SHA1 , "SHA1" }, /* RFC 4034 */ {LDNS_SHA256 , "SHA256" }, /* RFC 4509 */ {LDNS_HASH_GOST, "HASH-GOST" }, /* RFC 5933 */ {LDNS_SHA384 , "SHA384" }, /* RFC 6605 */ { 0, NULL } }; /* Taken from RFC 4398 */ ldns_lookup_table ldns_cert_algorithms[] = { { LDNS_CERT_PKIX, "PKIX" }, { LDNS_CERT_SPKI, "SPKI" }, { LDNS_CERT_PGP, "PGP" }, { LDNS_CERT_IPKIX, "IPKIX" }, { LDNS_CERT_ISPKI, "ISPKI" }, { LDNS_CERT_IPGP, "IPGP" }, { LDNS_CERT_ACPKIX, "ACPKIX" }, { LDNS_CERT_IACPKIX, "IACPKIX" }, { LDNS_CERT_URI, "URI" }, { LDNS_CERT_OID, "OID" }, { 0, NULL } }; /* classes */ ldns_lookup_table ldns_rr_classes[] = { { LDNS_RR_CLASS_IN, "IN" }, { LDNS_RR_CLASS_CH, "CH" }, { LDNS_RR_CLASS_HS, "HS" }, { LDNS_RR_CLASS_NONE, "NONE" }, { LDNS_RR_CLASS_ANY, "ANY" }, { 0, NULL } }; /* if these are used elsewhere */ ldns_lookup_table ldns_rcodes[] = { { LDNS_RCODE_NOERROR, "NOERROR" }, { LDNS_RCODE_FORMERR, "FORMERR" }, { LDNS_RCODE_SERVFAIL, "SERVFAIL" }, { LDNS_RCODE_NXDOMAIN, "NXDOMAIN" }, { LDNS_RCODE_NOTIMPL, "NOTIMPL" }, { LDNS_RCODE_REFUSED, "REFUSED" }, { LDNS_RCODE_YXDOMAIN, "YXDOMAIN" }, { LDNS_RCODE_YXRRSET, "YXRRSET" }, { LDNS_RCODE_NXRRSET, "NXRRSET" }, { LDNS_RCODE_NOTAUTH, "NOTAUTH" }, { LDNS_RCODE_NOTZONE, "NOTZONE" }, { 0, NULL } }; ldns_lookup_table ldns_opcodes[] = { { LDNS_PACKET_QUERY, "QUERY" }, { LDNS_PACKET_IQUERY, "IQUERY" }, { LDNS_PACKET_STATUS, "STATUS" }, { LDNS_PACKET_NOTIFY, "NOTIFY" }, { LDNS_PACKET_UPDATE, "UPDATE" }, { 0, NULL } }; const ldns_output_format ldns_output_format_nocomments_record = { 0, NULL }; const ldns_output_format *ldns_output_format_nocomments = &ldns_output_format_nocomments_record; const ldns_output_format ldns_output_format_onlykeyids_record = { LDNS_COMMENT_KEY, NULL }; const ldns_output_format *ldns_output_format_onlykeyids = &ldns_output_format_onlykeyids_record; const ldns_output_format *ldns_output_format_default = &ldns_output_format_onlykeyids_record; const ldns_output_format ldns_output_format_bubblebabble_record = { LDNS_COMMENT_KEY | LDNS_COMMENT_BUBBLEBABBLE | LDNS_COMMENT_FLAGS, NULL }; const ldns_output_format *ldns_output_format_bubblebabble = &ldns_output_format_bubblebabble_record; static bool ldns_output_format_covers_type(const ldns_output_format* fmt, ldns_rr_type t) { return fmt && (fmt->flags & LDNS_FMT_RFC3597) && ((ldns_output_format_storage*)fmt)->bitmap && ldns_nsec_bitmap_covers_type( ((ldns_output_format_storage*)fmt)->bitmap, t); } ldns_status ldns_output_format_set_type(ldns_output_format* fmt, ldns_rr_type t) { ldns_output_format_storage* fmt_st = (ldns_output_format_storage*)fmt; ldns_status s; assert(fmt != NULL); if (!(fmt_st->flags & LDNS_FMT_RFC3597)) { ldns_output_format_set(fmt, LDNS_FMT_RFC3597); } if (! fmt_st->bitmap) { s = ldns_rdf_bitmap_known_rr_types_space(&fmt_st->bitmap); if (s != LDNS_STATUS_OK) { return s; } } return ldns_nsec_bitmap_set_type(fmt_st->bitmap, t); } ldns_status ldns_output_format_clear_type(ldns_output_format* fmt, ldns_rr_type t) { ldns_output_format_storage* fmt_st = (ldns_output_format_storage*)fmt; ldns_status s; assert(fmt != NULL); if (!(fmt_st->flags & LDNS_FMT_RFC3597)) { ldns_output_format_set(fmt, LDNS_FMT_RFC3597); } if (! fmt_st->bitmap) { s = ldns_rdf_bitmap_known_rr_types(&fmt_st->bitmap); if (s != LDNS_STATUS_OK) { return s; } } return ldns_nsec_bitmap_clear_type(fmt_st->bitmap, t); } ldns_status ldns_pkt_opcode2buffer_str(ldns_buffer *output, ldns_pkt_opcode opcode) { ldns_lookup_table *lt = ldns_lookup_by_id(ldns_opcodes, opcode); if (lt && lt->name) { ldns_buffer_printf(output, "%s", lt->name); } else { ldns_buffer_printf(output, "OPCODE%u", opcode); } return ldns_buffer_status(output); } ldns_status ldns_pkt_rcode2buffer_str(ldns_buffer *output, ldns_pkt_rcode rcode) { ldns_lookup_table *lt = ldns_lookup_by_id(ldns_rcodes, rcode); if (lt && lt->name) { ldns_buffer_printf(output, "%s", lt->name); } else { ldns_buffer_printf(output, "RCODE%u", rcode); } return ldns_buffer_status(output); } ldns_status ldns_algorithm2buffer_str(ldns_buffer *output, ldns_algorithm algorithm) { ldns_lookup_table *lt = ldns_lookup_by_id(ldns_algorithms, algorithm); if (lt && lt->name) { ldns_buffer_printf(output, "%s", lt->name); } else { ldns_buffer_printf(output, "ALG%u", algorithm); } return ldns_buffer_status(output); } ldns_status ldns_cert_algorithm2buffer_str(ldns_buffer *output, ldns_cert_algorithm cert_algorithm) { ldns_lookup_table *lt = ldns_lookup_by_id(ldns_cert_algorithms, cert_algorithm); if (lt && lt->name) { ldns_buffer_printf(output, "%s", lt->name); } else { ldns_buffer_printf(output, "CERT_ALG%u", cert_algorithm); } return ldns_buffer_status(output); } char * ldns_pkt_opcode2str(ldns_pkt_opcode opcode) { char *str; ldns_buffer *buf; buf = ldns_buffer_new(12); if (!buf) { return NULL; } str = NULL; if (ldns_pkt_opcode2buffer_str(buf, opcode) == LDNS_STATUS_OK) { str = ldns_buffer_export2str(buf); } ldns_buffer_free(buf); return str; } char * ldns_pkt_rcode2str(ldns_pkt_rcode rcode) { char *str; ldns_buffer *buf; buf = ldns_buffer_new(10); if (!buf) { return NULL; } str = NULL; if (ldns_pkt_rcode2buffer_str(buf, rcode) == LDNS_STATUS_OK) { str = ldns_buffer_export2str(buf); } ldns_buffer_free(buf); return str; } char * ldns_pkt_algorithm2str(ldns_algorithm algorithm) { char *str; ldns_buffer *buf; buf = ldns_buffer_new(10); if (!buf) { return NULL; } str = NULL; if (ldns_algorithm2buffer_str(buf, algorithm) == LDNS_STATUS_OK) { str = ldns_buffer_export2str(buf); } ldns_buffer_free(buf); return str; } char * ldns_pkt_cert_algorithm2str(ldns_cert_algorithm cert_algorithm) { char *str; ldns_buffer *buf; buf = ldns_buffer_new(10); if (!buf) { return NULL; } str = NULL; if (ldns_cert_algorithm2buffer_str(buf, cert_algorithm) == LDNS_STATUS_OK) { str = ldns_buffer_export2str(buf); } ldns_buffer_free(buf); return str; } /* do NOT pass compressed data here :p */ ldns_status ldns_rdf2buffer_str_dname(ldns_buffer *output, const ldns_rdf *dname) { /* can we do with 1 pos var? or without at all? */ uint8_t src_pos = 0; uint8_t len; uint8_t *data; uint8_t i; unsigned char c; data = (uint8_t*)ldns_rdf_data(dname); len = data[src_pos]; if (ldns_rdf_size(dname) > LDNS_MAX_DOMAINLEN) { /* too large, return */ return LDNS_STATUS_DOMAINNAME_OVERFLOW; } /* special case: root label */ if (1 == ldns_rdf_size(dname)) { ldns_buffer_printf(output, "."); } else { while ((len > 0) && src_pos < ldns_rdf_size(dname)) { src_pos++; for(i = 0; i < len; i++) { /* paranoia check for various 'strange' characters in dnames */ c = (unsigned char) data[src_pos]; if(c == '.' || c == ';' || c == '(' || c == ')' || c == '\\') { ldns_buffer_printf(output, "\\%c", data[src_pos]); } else if (!(isascii(c) && isgraph(c))) { ldns_buffer_printf(output, "\\%03u", data[src_pos]); } else { ldns_buffer_printf(output, "%c", data[src_pos]); } src_pos++; } if (src_pos < ldns_rdf_size(dname)) { ldns_buffer_printf(output, "."); } len = data[src_pos]; } } return ldns_buffer_status(output); } ldns_status ldns_rdf2buffer_str_int8(ldns_buffer *output, const ldns_rdf *rdf) { uint8_t data = ldns_rdf_data(rdf)[0]; ldns_buffer_printf(output, "%lu", (unsigned long) data); return ldns_buffer_status(output); } ldns_status ldns_rdf2buffer_str_int16(ldns_buffer *output, const ldns_rdf *rdf) { uint16_t data = ldns_read_uint16(ldns_rdf_data(rdf)); ldns_buffer_printf(output, "%lu", (unsigned long) data); return ldns_buffer_status(output); } ldns_status ldns_rdf2buffer_str_int32(ldns_buffer *output, const ldns_rdf *rdf) { uint32_t data = ldns_read_uint32(ldns_rdf_data(rdf)); ldns_buffer_printf(output, "%lu", (unsigned long) data); return ldns_buffer_status(output); } ldns_status ldns_rdf2buffer_str_int64(ldns_buffer *output, const ldns_rdf *rdf) { uint64_t data = ldns_read_uint64(ldns_rdf_data(rdf)); ldns_buffer_printf(output, "%llu", (unsigned long long) data); return ldns_buffer_status(output); } ldns_status ldns_rdf2buffer_str_time(ldns_buffer *output, const ldns_rdf *rdf) { /* create a YYYYMMDDHHMMSS string if possible */ struct tm tm; char date_buf[16]; memset(&tm, 0, sizeof(tm)); if (ldns_serial_arithmetics_gmtime_r(ldns_rdf2native_int32(rdf), time(NULL), &tm) && strftime(date_buf, 15, "%Y%m%d%H%M%S", &tm)) { ldns_buffer_printf(output, "%s", date_buf); } return ldns_buffer_status(output); } ldns_status ldns_rdf2buffer_str_a(ldns_buffer *output, const ldns_rdf *rdf) { char str[INET_ADDRSTRLEN]; if (inet_ntop(AF_INET, ldns_rdf_data(rdf), str, INET_ADDRSTRLEN)) { ldns_buffer_printf(output, "%s", str); } return ldns_buffer_status(output); } ldns_status ldns_rdf2buffer_str_aaaa(ldns_buffer *output, const ldns_rdf *rdf) { char str[INET6_ADDRSTRLEN]; if (inet_ntop(AF_INET6, ldns_rdf_data(rdf), str, INET6_ADDRSTRLEN)) { ldns_buffer_printf(output, "%s", str); } return ldns_buffer_status(output); } static void ldns_characters2buffer_str(ldns_buffer* output, size_t amount, const uint8_t* characters) { uint8_t ch; while (amount > 0) { ch = *characters++; if (isprint((int)ch) || ch == '\t') { if (ch == '\"' || ch == '\\') ldns_buffer_printf(output, "\\%c", ch); else ldns_buffer_printf(output, "%c", ch); } else { ldns_buffer_printf(output, "\\%03u", (unsigned)(uint8_t) ch); } amount--; } } ldns_status ldns_rdf2buffer_str_str(ldns_buffer *output, const ldns_rdf *rdf) { if(ldns_rdf_size(rdf) < 1) { return LDNS_STATUS_WIRE_RDATA_ERR; } if((int)ldns_rdf_size(rdf) < (int)ldns_rdf_data(rdf)[0] + 1) { return LDNS_STATUS_WIRE_RDATA_ERR; } ldns_buffer_printf(output, "\""); ldns_characters2buffer_str(output, ldns_rdf_data(rdf)[0], ldns_rdf_data(rdf) + 1); ldns_buffer_printf(output, "\""); return ldns_buffer_status(output); } ldns_status ldns_rdf2buffer_str_b64(ldns_buffer *output, const ldns_rdf *rdf) { size_t size; char *b64; if (ldns_rdf_size(rdf) == 0) { ldns_buffer_printf(output, "0"); return ldns_buffer_status(output); } else size = ldns_b64_ntop_calculate_size(ldns_rdf_size(rdf)); if (!(b64 = LDNS_XMALLOC(char, size))) return LDNS_STATUS_MEM_ERR; if (ldns_b64_ntop(ldns_rdf_data(rdf), ldns_rdf_size(rdf), b64, size)) { ldns_buffer_printf(output, "%s", b64); } LDNS_FREE(b64); return ldns_buffer_status(output); } ldns_status ldns_rdf2buffer_str_b32_ext(ldns_buffer *output, const ldns_rdf *rdf) { size_t size; char *b32; if(ldns_rdf_size(rdf) == 0) return LDNS_STATUS_OK; /* remove -1 for the b32-hash-len octet */ size = ldns_b32_ntop_calculate_size(ldns_rdf_size(rdf) - 1); /* add one for the end nul for the string */ b32 = LDNS_XMALLOC(char, size + 1); if(!b32) return LDNS_STATUS_MEM_ERR; size = (size_t) ldns_b32_ntop_extended_hex(ldns_rdf_data(rdf) + 1, ldns_rdf_size(rdf) - 1, b32, size+1); if (size > 0) { ldns_buffer_printf(output, "%s", b32); } LDNS_FREE(b32); return ldns_buffer_status(output); } ldns_status ldns_rdf2buffer_str_hex(ldns_buffer *output, const ldns_rdf *rdf) { size_t i; for (i = 0; i < ldns_rdf_size(rdf); i++) { ldns_buffer_printf(output, "%02x", ldns_rdf_data(rdf)[i]); } return ldns_buffer_status(output); } static ldns_status ldns_rdf2buffer_str_type_fmt(ldns_buffer *output, const ldns_output_format* fmt, const ldns_rdf *rdf) { uint16_t data = ldns_read_uint16(ldns_rdf_data(rdf)); if (! ldns_output_format_covers_type(fmt, data) && ldns_rr_descript(data) && ldns_rr_descript(data)->_name) { ldns_buffer_printf(output, "%s",ldns_rr_descript(data)->_name); } else { ldns_buffer_printf(output, "TYPE%u", data); } return ldns_buffer_status(output); } ldns_status ldns_rdf2buffer_str_type(ldns_buffer *output, const ldns_rdf *rdf) { return ldns_rdf2buffer_str_type_fmt(output, ldns_output_format_default, rdf); } ldns_status ldns_rdf2buffer_str_class(ldns_buffer *output, const ldns_rdf *rdf) { uint16_t data = ldns_read_uint16(ldns_rdf_data(rdf)); ldns_lookup_table *lt; lt = ldns_lookup_by_id(ldns_rr_classes, (int) data); if (lt) { ldns_buffer_printf(output, "\t%s", lt->name); } else { ldns_buffer_printf(output, "\tCLASS%d", data); } return ldns_buffer_status(output); } ldns_status ldns_rdf2buffer_str_cert_alg(ldns_buffer *output, const ldns_rdf *rdf) { uint16_t data = ldns_read_uint16(ldns_rdf_data(rdf)); ldns_lookup_table *lt; lt = ldns_lookup_by_id(ldns_cert_algorithms, (int) data); if (lt) { ldns_buffer_printf(output, "%s", lt->name); } else { ldns_buffer_printf(output, "%d", data); } return ldns_buffer_status(output); } ldns_status ldns_rdf2buffer_str_alg(ldns_buffer *output, const ldns_rdf *rdf) { return ldns_rdf2buffer_str_int8(output, rdf); } static void loc_cm_print(ldns_buffer *output, uint8_t mantissa, uint8_t exponent) { uint8_t i; /* is it 0. ? */ if(exponent < 2) { if(exponent == 1) mantissa *= 10; ldns_buffer_printf(output, "0.%02ld", (long)mantissa); return; } /* always */ ldns_buffer_printf(output, "%d", (int)mantissa); for(i=0; i_name) { ldns_buffer_printf(output, "%s", descriptor->_name); } else { ldns_buffer_printf(output, "TYPE%u", type); } } return ldns_buffer_status(output); } char * ldns_rr_type2str(const ldns_rr_type type) { char *str; ldns_buffer *buf; buf = ldns_buffer_new(10); if (!buf) { return NULL; } str = NULL; if (ldns_rr_type2buffer_str(buf, type) == LDNS_STATUS_OK) { str = ldns_buffer_export2str(buf); } ldns_buffer_free(buf); return str; } ldns_status ldns_rr_class2buffer_str(ldns_buffer *output, const ldns_rr_class klass) { ldns_lookup_table *lt; lt = ldns_lookup_by_id(ldns_rr_classes, klass); if (lt) { ldns_buffer_printf(output, "%s", lt->name); } else { ldns_buffer_printf(output, "CLASS%d", klass); } return ldns_buffer_status(output); } char * ldns_rr_class2str(const ldns_rr_class klass) { ldns_buffer *buf; char *str; buf = ldns_buffer_new(10); if (!buf) { return NULL; } str = NULL; if (ldns_rr_class2buffer_str(buf, klass) == LDNS_STATUS_OK) { str = ldns_buffer_export2str(buf); } ldns_buffer_free(buf); return str; } ldns_status ldns_rdf2buffer_str_loc(ldns_buffer *output, const ldns_rdf *rdf) { /* we could do checking (ie degrees < 90 etc)? */ uint8_t version; uint8_t size; uint8_t horizontal_precision; uint8_t vertical_precision; uint32_t longitude; uint32_t latitude; uint32_t altitude; char latitude_hemisphere; char longitude_hemisphere; uint32_t h; uint32_t m; double s; uint32_t equator = (uint32_t) ldns_power(2, 31); if(ldns_rdf_size(rdf) < 1) { return LDNS_STATUS_WIRE_RDATA_ERR; } version = ldns_rdf_data(rdf)[0]; if (version == 0) { if(ldns_rdf_size(rdf) < 16) { return LDNS_STATUS_WIRE_RDATA_ERR; } size = ldns_rdf_data(rdf)[1]; horizontal_precision = ldns_rdf_data(rdf)[2]; vertical_precision = ldns_rdf_data(rdf)[3]; latitude = ldns_read_uint32(&ldns_rdf_data(rdf)[4]); longitude = ldns_read_uint32(&ldns_rdf_data(rdf)[8]); altitude = ldns_read_uint32(&ldns_rdf_data(rdf)[12]); if (latitude > equator) { latitude_hemisphere = 'N'; latitude = latitude - equator; } else { latitude_hemisphere = 'S'; latitude = equator - latitude; } h = latitude / (1000 * 60 * 60); latitude = latitude % (1000 * 60 * 60); m = latitude / (1000 * 60); latitude = latitude % (1000 * 60); s = (double) latitude / 1000.0; ldns_buffer_printf(output, "%02u %02u %0.3f %c ", h, m, s, latitude_hemisphere); if (longitude > equator) { longitude_hemisphere = 'E'; longitude = longitude - equator; } else { longitude_hemisphere = 'W'; longitude = equator - longitude; } h = longitude / (1000 * 60 * 60); longitude = longitude % (1000 * 60 * 60); m = longitude / (1000 * 60); longitude = longitude % (1000 * 60); s = (double) longitude / (1000.0); ldns_buffer_printf(output, "%02u %02u %0.3f %c ", h, m, s, longitude_hemisphere); s = ((double) altitude) / 100; s -= 100000; if(altitude%100 != 0) ldns_buffer_printf(output, "%.2f", s); else ldns_buffer_printf(output, "%.0f", s); ldns_buffer_printf(output, "m "); loc_cm_print(output, (size & 0xf0) >> 4, size & 0x0f); ldns_buffer_printf(output, "m "); loc_cm_print(output, (horizontal_precision & 0xf0) >> 4, horizontal_precision & 0x0f); ldns_buffer_printf(output, "m "); loc_cm_print(output, (vertical_precision & 0xf0) >> 4, vertical_precision & 0x0f); ldns_buffer_printf(output, "m"); return ldns_buffer_status(output); } else { return ldns_rdf2buffer_str_hex(output, rdf); } } ldns_status ldns_rdf2buffer_str_unknown(ldns_buffer *output, const ldns_rdf *rdf) { ldns_buffer_printf(output, "\\# %u ", ldns_rdf_size(rdf)); return ldns_rdf2buffer_str_hex(output, rdf); } ldns_status ldns_rdf2buffer_str_nsap(ldns_buffer *output, const ldns_rdf *rdf) { ldns_buffer_printf(output, "0x"); return ldns_rdf2buffer_str_hex(output, rdf); } ldns_status ldns_rdf2buffer_str_atma(ldns_buffer *output, const ldns_rdf *rdf) { return ldns_rdf2buffer_str_hex(output, rdf); } ldns_status ldns_rdf2buffer_str_wks(ldns_buffer *output, const ldns_rdf *rdf) { /* protocol, followed by bitmap of services */ struct protoent *protocol; char *proto_name = NULL; uint8_t protocol_nr; struct servent *service; uint16_t current_service; if(ldns_rdf_size(rdf) < 1) { return LDNS_STATUS_WIRE_RDATA_ERR; } protocol_nr = ldns_rdf_data(rdf)[0]; protocol = getprotobynumber((int) protocol_nr); if (protocol && (protocol->p_name != NULL)) { proto_name = protocol->p_name; ldns_buffer_printf(output, "%s ", protocol->p_name); } else { ldns_buffer_printf(output, "%u ", protocol_nr); } for (current_service = 0; current_service < (ldns_rdf_size(rdf)-1)*8; current_service++) { if (ldns_get_bit(&(ldns_rdf_data(rdf)[1]), current_service)) { service = getservbyport((int) htons(current_service), proto_name); if (service && service->s_name) { ldns_buffer_printf(output, "%s ", service->s_name); } else { ldns_buffer_printf(output, "%u ", current_service); } #ifdef HAVE_ENDSERVENT endservent(); #endif } /* exit from loop before integer overflow */ if(current_service == 65535) { break; } } #ifdef HAVE_ENDPROTOENT endprotoent(); #endif return ldns_buffer_status(output); } static ldns_status ldns_rdf2buffer_str_nsec_fmt(ldns_buffer *output, const ldns_output_format* fmt, const ldns_rdf *rdf) { /* Note: this code is duplicated in higher.c in * ldns_nsec_type_check() function */ uint8_t window_block_nr; uint8_t bitmap_length; uint16_t type; uint16_t pos = 0; uint16_t bit_pos; uint8_t *data = ldns_rdf_data(rdf); while((size_t)(pos + 2) < ldns_rdf_size(rdf)) { window_block_nr = data[pos]; bitmap_length = data[pos + 1]; pos += 2; if (ldns_rdf_size(rdf) < pos + bitmap_length) { return LDNS_STATUS_WIRE_RDATA_ERR; } for (bit_pos = 0; bit_pos < (bitmap_length) * 8; bit_pos++) { if (! ldns_get_bit(&data[pos], bit_pos)) { continue; } type = 256 * (uint16_t) window_block_nr + bit_pos; if (! ldns_output_format_covers_type(fmt, type) && ldns_rr_descript(type) && ldns_rr_descript(type)->_name){ ldns_buffer_printf(output, "%s ", ldns_rr_descript(type)->_name); } else { ldns_buffer_printf(output, "TYPE%u ", type); } } pos += (uint16_t) bitmap_length; } return ldns_buffer_status(output); } ldns_status ldns_rdf2buffer_str_nsec(ldns_buffer *output, const ldns_rdf *rdf) { return ldns_rdf2buffer_str_nsec_fmt(output, ldns_output_format_default, rdf); } ldns_status ldns_rdf2buffer_str_nsec3_salt(ldns_buffer *output, const ldns_rdf *rdf) { uint8_t salt_length; uint8_t salt_pos; uint8_t *data = ldns_rdf_data(rdf); if(ldns_rdf_size(rdf) < 1) { return LDNS_STATUS_WIRE_RDATA_ERR; } salt_length = data[0]; /* from now there are variable length entries so remember pos */ if (salt_length == 0 || ((size_t)salt_length)+1 > ldns_rdf_size(rdf)) { ldns_buffer_printf(output, "- "); } else { for (salt_pos = 0; salt_pos < salt_length; salt_pos++) { ldns_buffer_printf(output, "%02x", data[1 + salt_pos]); } ldns_buffer_printf(output, " "); } return ldns_buffer_status(output); } ldns_status ldns_rdf2buffer_str_period(ldns_buffer *output, const ldns_rdf *rdf) { /* period is the number of seconds */ if (ldns_rdf_size(rdf) != 4) { return LDNS_STATUS_WIRE_RDATA_ERR; } ldns_buffer_printf(output, "%u", ldns_read_uint32(ldns_rdf_data(rdf))); return ldns_buffer_status(output); } ldns_status ldns_rdf2buffer_str_tsigtime(ldns_buffer *output,const ldns_rdf *rdf) { /* tsigtime is 48 bits network order unsigned integer */ uint64_t tsigtime = 0; uint8_t *data = ldns_rdf_data(rdf); uint64_t d0, d1, d2, d3, d4, d5; if (ldns_rdf_size(rdf) < 6) { return LDNS_STATUS_WIRE_RDATA_ERR; } d0 = data[0]; /* cast to uint64 for shift operations */ d1 = data[1]; d2 = data[2]; d3 = data[3]; d4 = data[4]; d5 = data[5]; tsigtime = (d0<<40) | (d1<<32) | (d2<<24) | (d3<<16) | (d4<<8) | d5; ldns_buffer_printf(output, "%llu ", (long long)tsigtime); return ldns_buffer_status(output); } ldns_status ldns_rdf2buffer_str_apl(ldns_buffer *output, const ldns_rdf *rdf) { uint8_t *data = ldns_rdf_data(rdf); uint16_t address_family; uint8_t prefix; bool negation; uint8_t adf_length; size_t i; size_t pos = 0; while (pos < (unsigned int) ldns_rdf_size(rdf)) { if(pos + 3 >= (unsigned)ldns_rdf_size(rdf)) return LDNS_STATUS_WIRE_RDATA_ERR; address_family = ldns_read_uint16(&data[pos]); prefix = data[pos + 2]; negation = data[pos + 3] & LDNS_APL_NEGATION; adf_length = data[pos + 3] & LDNS_APL_MASK; if (address_family == LDNS_APL_IP4) { /* check if prefix < 32? */ if (negation) { ldns_buffer_printf(output, "!"); } ldns_buffer_printf(output, "%u:", address_family); /* address is variable length 0 - 4 */ for (i = 0; i < 4; i++) { if (i > 0) { ldns_buffer_printf(output, "."); } if (i < (unsigned short) adf_length) { if(pos+i+4 >= ldns_rdf_size(rdf)) return LDNS_STATUS_WIRE_RDATA_ERR; ldns_buffer_printf(output, "%d", data[pos + i + 4]); } else { ldns_buffer_printf(output, "0"); } } ldns_buffer_printf(output, "/%u ", prefix); } else if (address_family == LDNS_APL_IP6) { /* check if prefix < 128? */ if (negation) { ldns_buffer_printf(output, "!"); } ldns_buffer_printf(output, "%u:", address_family); /* address is variable length 0 - 16 */ for (i = 0; i < 16; i++) { if (i % 2 == 0 && i > 0) { ldns_buffer_printf(output, ":"); } if (i < (unsigned short) adf_length) { if(pos+i+4 >= ldns_rdf_size(rdf)) return LDNS_STATUS_WIRE_RDATA_ERR; ldns_buffer_printf(output, "%02x", data[pos + i + 4]); } else { ldns_buffer_printf(output, "00"); } } ldns_buffer_printf(output, "/%u ", prefix); } else { /* unknown address family */ ldns_buffer_printf(output, "Unknown address family: %u data: ", address_family); for (i = 1; i < (unsigned short) (4 + adf_length); i++) { if(pos+i >= ldns_rdf_size(rdf)) return LDNS_STATUS_WIRE_RDATA_ERR; ldns_buffer_printf(output, "%02x", data[i]); } } pos += 4 + adf_length; } return ldns_buffer_status(output); } ldns_status ldns_rdf2buffer_str_int16_data(ldns_buffer *output, const ldns_rdf *rdf) { size_t size; char *b64; if (ldns_rdf_size(rdf) < 2) { return LDNS_STATUS_WIRE_RDATA_ERR; } /* Subtract the size (2) of the number that specifies the length */ size = ldns_b64_ntop_calculate_size(ldns_rdf_size(rdf) - 2); ldns_buffer_printf(output, "%u ", ldns_rdf_size(rdf) - 2); if (ldns_rdf_size(rdf) > 2) { b64 = LDNS_XMALLOC(char, size); if(!b64) return LDNS_STATUS_MEM_ERR; if (ldns_rdf_size(rdf) > 2 && ldns_b64_ntop(ldns_rdf_data(rdf) + 2, ldns_rdf_size(rdf) - 2, b64, size)) { ldns_buffer_printf(output, "%s", b64); } LDNS_FREE(b64); } return ldns_buffer_status(output); } ldns_status ldns_rdf2buffer_str_ipseckey(ldns_buffer *output, const ldns_rdf *rdf) { /* wire format from http://www.ietf.org/internet-drafts/draft-ietf-ipseckey-rr-12.txt */ uint8_t *data = ldns_rdf_data(rdf); uint8_t precedence; uint8_t gateway_type; uint8_t algorithm; ldns_rdf *gateway = NULL; uint8_t *gateway_data; size_t public_key_size; uint8_t *public_key_data; ldns_rdf *public_key; size_t offset = 0; ldns_status status; if (ldns_rdf_size(rdf) < 3) { return LDNS_STATUS_WIRE_RDATA_ERR; } precedence = data[0]; gateway_type = data[1]; algorithm = data[2]; offset = 3; switch (gateway_type) { case 0: /* no gateway */ break; case 1: if (ldns_rdf_size(rdf) < offset + LDNS_IP4ADDRLEN) { return LDNS_STATUS_ERR; } gateway_data = LDNS_XMALLOC(uint8_t, LDNS_IP4ADDRLEN); if(!gateway_data) return LDNS_STATUS_MEM_ERR; memcpy(gateway_data, &data[offset], LDNS_IP4ADDRLEN); gateway = ldns_rdf_new(LDNS_RDF_TYPE_A, LDNS_IP4ADDRLEN , gateway_data); offset += LDNS_IP4ADDRLEN; if(!gateway) { LDNS_FREE(gateway_data); return LDNS_STATUS_MEM_ERR; } break; case 2: if (ldns_rdf_size(rdf) < offset + LDNS_IP6ADDRLEN) { return LDNS_STATUS_ERR; } gateway_data = LDNS_XMALLOC(uint8_t, LDNS_IP6ADDRLEN); if(!gateway_data) return LDNS_STATUS_MEM_ERR; memcpy(gateway_data, &data[offset], LDNS_IP6ADDRLEN); offset += LDNS_IP6ADDRLEN; gateway = ldns_rdf_new(LDNS_RDF_TYPE_AAAA, LDNS_IP6ADDRLEN, gateway_data); if(!gateway) { LDNS_FREE(gateway_data); return LDNS_STATUS_MEM_ERR; } break; case 3: status = ldns_wire2dname(&gateway, data, ldns_rdf_size(rdf), &offset); if(status != LDNS_STATUS_OK) return status; break; default: /* error? */ break; } if (ldns_rdf_size(rdf) <= offset) { ldns_rdf_deep_free(gateway); return LDNS_STATUS_ERR; } public_key_size = ldns_rdf_size(rdf) - offset; public_key_data = LDNS_XMALLOC(uint8_t, public_key_size); if(!public_key_data) { ldns_rdf_deep_free(gateway); return LDNS_STATUS_MEM_ERR; } memcpy(public_key_data, &data[offset], public_key_size); public_key = ldns_rdf_new(LDNS_RDF_TYPE_B64, public_key_size, public_key_data); if(!public_key) { LDNS_FREE(public_key_data); ldns_rdf_deep_free(gateway); return LDNS_STATUS_MEM_ERR; } ldns_buffer_printf(output, "%u %u %u ", precedence, gateway_type, algorithm); if (gateway) (void) ldns_rdf2buffer_str(output, gateway); else ldns_buffer_printf(output, "."); ldns_buffer_printf(output, " "); (void) ldns_rdf2buffer_str(output, public_key); ldns_rdf_deep_free(gateway); ldns_rdf_deep_free(public_key); return ldns_buffer_status(output); } ldns_status ldns_rdf2buffer_str_ilnp64(ldns_buffer *output, const ldns_rdf *rdf) { if (ldns_rdf_size(rdf) != 8) { return LDNS_STATUS_WIRE_RDATA_ERR; } ldns_buffer_printf(output,"%.4x:%.4x:%.4x:%.4x", ldns_read_uint16(ldns_rdf_data(rdf)), ldns_read_uint16(ldns_rdf_data(rdf)+2), ldns_read_uint16(ldns_rdf_data(rdf)+4), ldns_read_uint16(ldns_rdf_data(rdf)+6)); return ldns_buffer_status(output); } ldns_status ldns_rdf2buffer_str_eui48(ldns_buffer *output, const ldns_rdf *rdf) { if (ldns_rdf_size(rdf) != 6) { return LDNS_STATUS_WIRE_RDATA_ERR; } ldns_buffer_printf(output,"%.2x-%.2x-%.2x-%.2x-%.2x-%.2x", ldns_rdf_data(rdf)[0], ldns_rdf_data(rdf)[1], ldns_rdf_data(rdf)[2], ldns_rdf_data(rdf)[3], ldns_rdf_data(rdf)[4], ldns_rdf_data(rdf)[5]); return ldns_buffer_status(output); } ldns_status ldns_rdf2buffer_str_eui64(ldns_buffer *output, const ldns_rdf *rdf) { if (ldns_rdf_size(rdf) != 8) { return LDNS_STATUS_WIRE_RDATA_ERR; } ldns_buffer_printf(output,"%.2x-%.2x-%.2x-%.2x-%.2x-%.2x-%.2x-%.2x", ldns_rdf_data(rdf)[0], ldns_rdf_data(rdf)[1], ldns_rdf_data(rdf)[2], ldns_rdf_data(rdf)[3], ldns_rdf_data(rdf)[4], ldns_rdf_data(rdf)[5], ldns_rdf_data(rdf)[6], ldns_rdf_data(rdf)[7]); return ldns_buffer_status(output); } ldns_status ldns_rdf2buffer_str_unquoted(ldns_buffer *output, const ldns_rdf *rdf) { size_t amount, i; uint8_t ch; if(ldns_rdf_size(rdf) < 1) { return LDNS_STATUS_WIRE_RDATA_ERR; } if((int)ldns_rdf_size(rdf) < (int)ldns_rdf_data(rdf)[0] + 1) { return LDNS_STATUS_WIRE_RDATA_ERR; } amount = ldns_rdf_data(rdf)[0]; for(i=0; i= ldns_rdf_size(rdf) || /* should be rdf_size - 1 */ nchars < 1) { return LDNS_STATUS_WIRE_RDATA_ERR; } chars = ldns_rdf_data(rdf) + 1; while (nchars > 0) { ch = (char)*chars++; if (! isalnum((unsigned char)ch)) { return LDNS_STATUS_WIRE_RDATA_ERR; } ldns_buffer_printf(output, "%c", ch); nchars--; } return ldns_buffer_status(output); } ldns_status ldns_rdf2buffer_str_long_str(ldns_buffer *output, const ldns_rdf *rdf) { ldns_buffer_printf(output, "\""); ldns_characters2buffer_str(output, ldns_rdf_size(rdf), ldns_rdf_data(rdf)); ldns_buffer_printf(output, "\""); return ldns_buffer_status(output); } ldns_status ldns_rdf2buffer_str_hip(ldns_buffer *output, const ldns_rdf *rdf) { uint8_t *data = ldns_rdf_data(rdf); size_t rdf_size = ldns_rdf_size(rdf); uint8_t hit_size; uint16_t pk_size; int written; if (rdf_size < 6) { return LDNS_STATUS_WIRE_RDATA_ERR; } if ((hit_size = data[0]) == 0 || (pk_size = ldns_read_uint16(data + 2)) == 0 || rdf_size < (size_t) hit_size + pk_size + 4) { return LDNS_STATUS_WIRE_RDATA_ERR; } ldns_buffer_printf(output, "%d ", (int) data[1]); for (data += 4; hit_size > 0; hit_size--, data++) { ldns_buffer_printf(output, "%02x", (int) *data); } ldns_buffer_write_char(output, (uint8_t) ' '); if (ldns_buffer_reserve(output, ldns_b64_ntop_calculate_size(pk_size))) { written = ldns_b64_ntop(data, pk_size, (char *) ldns_buffer_current(output), ldns_buffer_remaining(output)); if (written > 0 && written < (int) ldns_buffer_remaining(output)) { output->_position += written; } } return ldns_buffer_status(output); } /* implementation mimicked from ldns_rdf2buffer_str_ipseckey */ ldns_status ldns_rdf2buffer_str_amtrelay(ldns_buffer *output, const ldns_rdf *rdf) { /* wire format from * draft-ietf-mboned-driad-amt-discovery Section 4.2 */ uint8_t *data = ldns_rdf_data(rdf); uint8_t precedence; uint8_t discovery_optional; uint8_t relay_type; ldns_rdf *relay = NULL; uint8_t *relay_data; size_t offset = 0; ldns_status status; if (ldns_rdf_size(rdf) < 2) { return LDNS_STATUS_WIRE_RDATA_ERR; } precedence = data[0]; discovery_optional = ((data[1] & 0x80) >> 7); relay_type = data[1] & 0x7F; offset = 2; switch (relay_type) { case 0: /* no relay */ break; case 1: if (ldns_rdf_size(rdf) < offset + LDNS_IP4ADDRLEN) { return LDNS_STATUS_ERR; } relay_data = LDNS_XMALLOC(uint8_t, LDNS_IP4ADDRLEN); if(!relay_data) return LDNS_STATUS_MEM_ERR; memcpy(relay_data, &data[offset], LDNS_IP4ADDRLEN); relay = ldns_rdf_new(LDNS_RDF_TYPE_A, LDNS_IP4ADDRLEN , relay_data); offset += LDNS_IP4ADDRLEN; if(!relay) { LDNS_FREE(relay_data); return LDNS_STATUS_MEM_ERR; } break; case 2: if (ldns_rdf_size(rdf) < offset + LDNS_IP6ADDRLEN) { return LDNS_STATUS_ERR; } relay_data = LDNS_XMALLOC(uint8_t, LDNS_IP6ADDRLEN); if(!relay_data) return LDNS_STATUS_MEM_ERR; memcpy(relay_data, &data[offset], LDNS_IP6ADDRLEN); offset += LDNS_IP6ADDRLEN; relay = ldns_rdf_new(LDNS_RDF_TYPE_AAAA, LDNS_IP6ADDRLEN, relay_data); if(!relay) { LDNS_FREE(relay_data); return LDNS_STATUS_MEM_ERR; } break; case 3: status = ldns_wire2dname(&relay, data, ldns_rdf_size(rdf), &offset); if(status != LDNS_STATUS_OK) return status; break; default: /* error? */ break; } if (ldns_rdf_size(rdf) != offset) { ldns_rdf_deep_free(relay); return LDNS_STATUS_ERR; } ldns_buffer_printf(output, "%u %u %u ", precedence, discovery_optional, relay_type); if (relay) (void) ldns_rdf2buffer_str(output, relay); else ldns_buffer_printf(output, "."); ldns_rdf_deep_free(relay); return ldns_buffer_status(output); } #ifdef RRTYPE_SVCB_HTTPS ldns_status svcparam_key2buffer_str(ldns_buffer *output, uint16_t key); static ldns_status svcparam_mandatory2buffer_str(ldns_buffer *output, size_t sz, uint8_t *data) { if (sz % 2) return LDNS_STATUS_INVALID_SVCPARAM_VALUE; svcparam_key2buffer_str(output, ldns_read_uint16(data)); for (data += 2, sz -= 2; sz; data += 2, sz -= 2) { ldns_buffer_write_char(output, ','); svcparam_key2buffer_str(output, ldns_read_uint16(data)); } return ldns_buffer_status(output); } static ldns_status svcparam_alpn2buffer_str(ldns_buffer *output, size_t sz, uint8_t *data) { uint8_t *eod = data + sz, *dp; bool quote = false; size_t i; for (dp = data; dp < eod && !quote; dp += 1 + *dp) { if (dp + 1 + *dp > eod) return LDNS_STATUS_INVALID_SVCPARAM_VALUE; for (i = 0; i < *dp; i++) if (isspace(dp[i + 1])) break; quote = i < *dp; } if (quote) ldns_buffer_write_char(output, '"'); while (data < eod) { uint8_t *eot = data + 1 + *data; if (eot > eod) return LDNS_STATUS_INVALID_SVCPARAM_VALUE; if (eod - data < (int)sz) ldns_buffer_write_char(output, ','); for (data += 1; data < eot; data += 1) { uint8_t ch = *data; if (isprint(ch) || ch == '\t') { if (ch == '"' || ch == ',' || ch == '\\') ldns_buffer_write_char(output, '\\'); ldns_buffer_write_char(output, ch); } else ldns_buffer_printf(output, "\\%03u" , (unsigned)ch); } } if (quote) ldns_buffer_write_char(output, '"'); return ldns_buffer_status(output); } static ldns_status svcparam_port2buffer_str(ldns_buffer *output, size_t sz, uint8_t *data) { if (sz != 2) return LDNS_STATUS_INVALID_SVCPARAM_VALUE; ldns_buffer_printf(output, "%d", (int)ldns_read_uint16(data)); return ldns_buffer_status(output); } static ldns_status svcparam_ipv4hint2buffer_str(ldns_buffer *output, size_t sz, uint8_t *data) { char str[INET_ADDRSTRLEN]; if (sz % 4 || !inet_ntop(AF_INET, data, str, INET_ADDRSTRLEN)) return LDNS_STATUS_INVALID_SVCPARAM_VALUE; ldns_buffer_write_chars(output, str); for (data += 4, sz -= 4; sz ; data += 4, sz -= 4 ) { ldns_buffer_write_char(output, ','); if (!inet_ntop(AF_INET, data, str, INET_ADDRSTRLEN)) return LDNS_STATUS_INVALID_SVCPARAM_VALUE; ldns_buffer_write_chars(output, str); } return ldns_buffer_status(output); } static ldns_status svcparam_ech2buffer_str(ldns_buffer *output, size_t sz, uint8_t *data) { size_t str_sz = ldns_b64_ntop_calculate_size(sz); int written; if (!ldns_buffer_reserve(output, str_sz)) return LDNS_STATUS_MEM_ERR; written = ldns_b64_ntop( data, sz , (char *)ldns_buffer_current(output), str_sz); if (written > 0) ldns_buffer_skip(output, written); else return LDNS_STATUS_INVALID_SVCPARAM_VALUE; return ldns_buffer_status(output); } static ldns_status svcparam_ipv6hint2buffer_str(ldns_buffer *output, size_t sz, uint8_t *data) { char str[INET6_ADDRSTRLEN]; if (sz % 16 || !inet_ntop(AF_INET6, data, str, INET6_ADDRSTRLEN)) return LDNS_STATUS_INVALID_SVCPARAM_VALUE; ldns_buffer_write_chars(output, str); for (data += 16, sz -= 16; sz ; data += 16, sz -= 16) { ldns_buffer_write_char(output, ','); if (!inet_ntop(AF_INET6, data, str, INET6_ADDRSTRLEN)) return LDNS_STATUS_INVALID_SVCPARAM_VALUE; ldns_buffer_write_chars(output, str); } return ldns_buffer_status(output); } static ldns_status svcparam_value2buffer_str(ldns_buffer *output, size_t sz, uint8_t *data) { uint8_t *eod = data + sz, *dp; bool quote = false; for (dp = data; dp < eod && !isspace(*dp); dp++) ; /* pass */ if ((quote = dp < eod)) ldns_buffer_write_char(output, '"'); for (dp = data; dp < eod; dp++) { uint8_t ch = *dp; if (isprint(ch) || ch == '\t') { if (ch == '"' || ch == '\\') ldns_buffer_write_char(output, '\\'); ldns_buffer_write_char(output, ch); } else ldns_buffer_printf(output, "\\%03u", (unsigned)ch); } if (quote) ldns_buffer_write_char(output, '"'); return ldns_buffer_status(output); } ldns_status ldns_rdf2buffer_str_svcparams(ldns_buffer *output, const ldns_rdf *rdf) { uint8_t *data, *dp, *next_dp = NULL; size_t sz; ldns_status st; if (!output) return LDNS_STATUS_NULL; if (!rdf || !(data = ldns_rdf_data(rdf)) || !(sz = ldns_rdf_size(rdf))) /* No svcparams is just fine. Just nothing to print. */ return LDNS_STATUS_OK; for (dp = data; dp + 4 <= data + sz; dp = next_dp) { ldns_svcparam_key key = ldns_read_uint16(dp); uint16_t val_sz = ldns_read_uint16(dp + 2); if ((next_dp = dp + 4 + val_sz) > data + sz) return LDNS_STATUS_RDATA_OVERFLOW; if (dp > data) ldns_buffer_write_char(output, ' '); if ((st = svcparam_key2buffer_str(output, key))) return st; if (val_sz == 0) continue; dp += 4; ldns_buffer_write_char(output, '='); switch (key) { case LDNS_SVCPARAM_KEY_MANDATORY: st = svcparam_mandatory2buffer_str(output, val_sz, dp); break; case LDNS_SVCPARAM_KEY_ALPN: st = svcparam_alpn2buffer_str(output, val_sz, dp); break; case LDNS_SVCPARAM_KEY_NO_DEFAULT_ALPN: return LDNS_STATUS_NO_SVCPARAM_VALUE_EXPECTED; case LDNS_SVCPARAM_KEY_PORT: st = svcparam_port2buffer_str(output, val_sz, dp); break; case LDNS_SVCPARAM_KEY_IPV4HINT: st = svcparam_ipv4hint2buffer_str(output, val_sz, dp); break; case LDNS_SVCPARAM_KEY_ECH: st = svcparam_ech2buffer_str(output, val_sz, dp); break; case LDNS_SVCPARAM_KEY_IPV6HINT: st = svcparam_ipv6hint2buffer_str(output, val_sz, dp); break; default: st = svcparam_value2buffer_str(output, val_sz, dp); break; } if (st) return st; } return ldns_buffer_status(output); } #else /* #ifdef RRTYPE_SVCB_HTTPS */ ldns_status ldns_rdf2buffer_str_svcparams(ldns_buffer *output, const ldns_rdf *rdf) { (void)output; (void)rdf; return LDNS_STATUS_NOT_IMPL; } #endif /* #ifdef RRTYPE_SVCB_HTTPS */ static ldns_status ldns_rdf2buffer_str_fmt(ldns_buffer *buffer, const ldns_output_format* fmt, const ldns_rdf *rdf) { ldns_status res = LDNS_STATUS_OK; /*ldns_buffer_printf(buffer, "%u:", ldns_rdf_get_type(rdf));*/ if (rdf) { switch(ldns_rdf_get_type(rdf)) { case LDNS_RDF_TYPE_NONE: break; case LDNS_RDF_TYPE_DNAME: res = ldns_rdf2buffer_str_dname(buffer, rdf); break; case LDNS_RDF_TYPE_INT8: /* Don't output mnemonics for these */ case LDNS_RDF_TYPE_ALG: case LDNS_RDF_TYPE_CERTIFICATE_USAGE: case LDNS_RDF_TYPE_SELECTOR: case LDNS_RDF_TYPE_MATCHING_TYPE: res = ldns_rdf2buffer_str_int8(buffer, rdf); break; case LDNS_RDF_TYPE_INT16: res = ldns_rdf2buffer_str_int16(buffer, rdf); break; case LDNS_RDF_TYPE_INT32: res = ldns_rdf2buffer_str_int32(buffer, rdf); break; case LDNS_RDF_TYPE_INT64: case LDNS_RDF_TYPE_IPN: res = ldns_rdf2buffer_str_int64(buffer, rdf); break; case LDNS_RDF_TYPE_PERIOD: res = ldns_rdf2buffer_str_period(buffer, rdf); break; case LDNS_RDF_TYPE_TSIGTIME: res = ldns_rdf2buffer_str_tsigtime(buffer, rdf); break; case LDNS_RDF_TYPE_A: res = ldns_rdf2buffer_str_a(buffer, rdf); break; case LDNS_RDF_TYPE_AAAA: res = ldns_rdf2buffer_str_aaaa(buffer, rdf); break; case LDNS_RDF_TYPE_STR: res = ldns_rdf2buffer_str_str(buffer, rdf); break; case LDNS_RDF_TYPE_APL: res = ldns_rdf2buffer_str_apl(buffer, rdf); break; case LDNS_RDF_TYPE_B32_EXT: res = ldns_rdf2buffer_str_b32_ext(buffer, rdf); break; case LDNS_RDF_TYPE_B64: res = ldns_rdf2buffer_str_b64(buffer, rdf); break; case LDNS_RDF_TYPE_HEX: res = ldns_rdf2buffer_str_hex(buffer, rdf); break; case LDNS_RDF_TYPE_NSEC: res = ldns_rdf2buffer_str_nsec_fmt(buffer, fmt, rdf); break; case LDNS_RDF_TYPE_NSEC3_SALT: res = ldns_rdf2buffer_str_nsec3_salt(buffer, rdf); break; case LDNS_RDF_TYPE_TYPE: res = ldns_rdf2buffer_str_type_fmt(buffer, fmt, rdf); break; case LDNS_RDF_TYPE_CLASS: res = ldns_rdf2buffer_str_class(buffer, rdf); break; case LDNS_RDF_TYPE_CERT_ALG: res = ldns_rdf2buffer_str_cert_alg(buffer, rdf); break; case LDNS_RDF_TYPE_UNKNOWN: res = ldns_rdf2buffer_str_unknown(buffer, rdf); break; case LDNS_RDF_TYPE_TIME: res = ldns_rdf2buffer_str_time(buffer, rdf); break; case LDNS_RDF_TYPE_HIP: res = ldns_rdf2buffer_str_hip(buffer, rdf); break; case LDNS_RDF_TYPE_LOC: res = ldns_rdf2buffer_str_loc(buffer, rdf); break; case LDNS_RDF_TYPE_WKS: case LDNS_RDF_TYPE_SERVICE: res = ldns_rdf2buffer_str_wks(buffer, rdf); break; case LDNS_RDF_TYPE_NSAP: res = ldns_rdf2buffer_str_nsap(buffer, rdf); break; case LDNS_RDF_TYPE_ATMA: res = ldns_rdf2buffer_str_atma(buffer, rdf); break; case LDNS_RDF_TYPE_IPSECKEY: res = ldns_rdf2buffer_str_ipseckey(buffer, rdf); break; case LDNS_RDF_TYPE_INT16_DATA: res = ldns_rdf2buffer_str_int16_data(buffer, rdf); break; case LDNS_RDF_TYPE_NSEC3_NEXT_OWNER: res = ldns_rdf2buffer_str_b32_ext(buffer, rdf); break; case LDNS_RDF_TYPE_ILNP64: res = ldns_rdf2buffer_str_ilnp64(buffer, rdf); break; case LDNS_RDF_TYPE_EUI48: res = ldns_rdf2buffer_str_eui48(buffer, rdf); break; case LDNS_RDF_TYPE_EUI64: res = ldns_rdf2buffer_str_eui64(buffer, rdf); break; case LDNS_RDF_TYPE_UNQUOTED: res = ldns_rdf2buffer_str_unquoted(buffer, rdf); break; case LDNS_RDF_TYPE_TAG: res = ldns_rdf2buffer_str_tag(buffer, rdf); break; case LDNS_RDF_TYPE_LONG_STR: res = ldns_rdf2buffer_str_long_str(buffer, rdf); break; case LDNS_RDF_TYPE_AMTRELAY: res = ldns_rdf2buffer_str_amtrelay(buffer, rdf); break; case LDNS_RDF_TYPE_SVCPARAMS: res = ldns_rdf2buffer_str_svcparams(buffer, rdf); break; } } else { /** This will write mangled RRs */ ldns_buffer_printf(buffer, "(null) "); res = LDNS_STATUS_ERR; } return res; } ldns_status ldns_rdf2buffer_str(ldns_buffer *buffer, const ldns_rdf *rdf) { return ldns_rdf2buffer_str_fmt(buffer,ldns_output_format_default,rdf); } static ldns_rdf * ldns_b32_ext2dname(const ldns_rdf *rdf) { size_t size; char *b32; ldns_rdf *out; if(ldns_rdf_size(rdf) == 0) return NULL; /* remove -1 for the b32-hash-len octet */ size = ldns_b32_ntop_calculate_size(ldns_rdf_size(rdf) - 1); /* add one for the end nul for the string */ b32 = LDNS_XMALLOC(char, size + 2); if (b32) { if (ldns_b32_ntop_extended_hex(ldns_rdf_data(rdf) + 1, ldns_rdf_size(rdf) - 1, b32, size+1) > 0) { b32[size] = '.'; b32[size+1] = '\0'; if (ldns_str2rdf_dname(&out, b32) == LDNS_STATUS_OK) { LDNS_FREE(b32); return out; } } LDNS_FREE(b32); } return NULL; } static ldns_status ldns_rr2buffer_str_rfc3597(ldns_buffer *output, const ldns_rr *rr) { size_t total_rdfsize = 0; size_t i, j; ldns_buffer_printf(output, "TYPE%u\t", ldns_rr_get_type(rr)); for (i = 0; i < ldns_rr_rd_count(rr); i++) { total_rdfsize += ldns_rdf_size(ldns_rr_rdf(rr, i)); } if (total_rdfsize == 0) { ldns_buffer_printf(output, "\\# 0\n"); return ldns_buffer_status(output); } ldns_buffer_printf(output, "\\# %d ", total_rdfsize); for (i = 0; i < ldns_rr_rd_count(rr); i++) { for (j = 0; j < ldns_rdf_size(ldns_rr_rdf(rr, i)); j++) { ldns_buffer_printf(output, "%.2x", ldns_rdf_data(ldns_rr_rdf(rr, i))[j]); } } ldns_buffer_printf(output, "\n"); return ldns_buffer_status(output); } ldns_status ldns_rr2buffer_str_fmt(ldns_buffer *output, const ldns_output_format *fmt, const ldns_rr *rr) { uint16_t i, flags; ldns_status status = LDNS_STATUS_OK; ldns_output_format_storage* fmt_st = (ldns_output_format_storage*)fmt; if (fmt_st == NULL) { fmt_st = (ldns_output_format_storage*) ldns_output_format_default; } if (!(fmt_st->flags & LDNS_FMT_SHORT)) { if (!rr) { if (LDNS_COMMENT_NULLS & fmt_st->flags) { ldns_buffer_printf(output, "; (null)\n"); } return ldns_buffer_status(output); } if (ldns_rr_owner(rr)) { status = ldns_rdf2buffer_str_dname(output, ldns_rr_owner(rr)); } if (status != LDNS_STATUS_OK) { return status; } /* TTL should NOT be printed if it is a question */ if (!ldns_rr_is_question(rr)) { ldns_buffer_printf(output, "\t%u", (unsigned)ldns_rr_ttl(rr)); } ldns_buffer_printf(output, "\t"); status = ldns_rr_class2buffer_str(output, ldns_rr_get_class(rr)); if (status != LDNS_STATUS_OK) { return status; } ldns_buffer_printf(output, "\t"); if (ldns_output_format_covers_type(fmt, ldns_rr_get_type(rr))) { return ldns_rr2buffer_str_rfc3597(output, rr); } status = ldns_rr_type2buffer_str(output, ldns_rr_get_type(rr)); if (status != LDNS_STATUS_OK) { return status; } if (ldns_rr_rd_count(rr) > 0) { ldns_buffer_printf(output, "\t"); } else if (!ldns_rr_is_question(rr)) { ldns_buffer_printf(output, "\t\\# 0"); } } else if (ldns_rr_rd_count(rr) == 0) { /* assert(fmt_st->flags & LDNS_FMT_SHORT); */ ldns_buffer_printf(output, "# 0"); } for (i = 0; i < ldns_rr_rd_count(rr); i++) { /* ldns_rdf2buffer_str handles NULL input fine! */ if ((fmt_st->flags & LDNS_FMT_ZEROIZE_RRSIGS) && (ldns_rr_get_type(rr) == LDNS_RR_TYPE_RRSIG) && ((/* inception */ i == 4 && ldns_rdf_get_type(ldns_rr_rdf(rr, 4)) == LDNS_RDF_TYPE_TIME) || (/* expiration */ i == 5 && ldns_rdf_get_type(ldns_rr_rdf(rr, 5)) == LDNS_RDF_TYPE_TIME) || (/* signature */ i == 8 && ldns_rdf_get_type(ldns_rr_rdf(rr, 8)) == LDNS_RDF_TYPE_B64))) { ldns_buffer_printf(output, "(null)"); status = ldns_buffer_status(output); } else if ((fmt_st->flags & LDNS_FMT_PAD_SOA_SERIAL) && (ldns_rr_get_type(rr) == LDNS_RR_TYPE_SOA) && /* serial */ i == 2 && ldns_rdf_get_type(ldns_rr_rdf(rr, 2)) == LDNS_RDF_TYPE_INT32) { ldns_buffer_printf(output, "%10lu", (unsigned long) ldns_read_uint32( ldns_rdf_data(ldns_rr_rdf(rr, 2)))); status = ldns_buffer_status(output); } else { status = ldns_rdf2buffer_str_fmt(output, fmt, ldns_rr_rdf(rr, i)); } if(status != LDNS_STATUS_OK) return status; if (i < ldns_rr_rd_count(rr) - 1) { ldns_buffer_printf(output, " "); } } /* per RR special comments - handy for DNSSEC types */ /* check to prevent question sec. rr from * getting here */ if (ldns_rr_rd_count(rr) > 0) { switch (ldns_rr_get_type(rr)) { case LDNS_RR_TYPE_DNSKEY: /* if ldns_rr_rd_count(rr) > 0 then ldns_rr_rdf(rr, 0) exists! */ if (! (fmt_st->flags & LDNS_COMMENT_KEY)) { break; } flags = ldns_rdf2native_int16(ldns_rr_rdf(rr, 0)); ldns_buffer_printf(output, " ;{"); if (fmt_st->flags & LDNS_COMMENT_KEY_ID) { ldns_buffer_printf(output, "id = %u", (unsigned int) ldns_calc_keytag(rr)); } if ((fmt_st->flags & LDNS_COMMENT_KEY_TYPE) && (flags & LDNS_KEY_ZONE_KEY)){ if (flags & LDNS_KEY_SEP_KEY) { ldns_buffer_printf(output, " (ksk)"); } else { ldns_buffer_printf(output, " (zsk)"); } if (fmt_st->flags & LDNS_COMMENT_KEY_SIZE){ ldns_buffer_printf(output, ", "); } } else if (fmt_st->flags & (LDNS_COMMENT_KEY_ID |LDNS_COMMENT_KEY_SIZE)) { ldns_buffer_printf( output, ", "); } if (fmt_st->flags & LDNS_COMMENT_KEY_SIZE) { ldns_buffer_printf(output, "size = %db", ldns_rr_dnskey_key_size(rr)); } ldns_buffer_printf(output, "}"); break; case LDNS_RR_TYPE_RRSIG: if ((fmt_st->flags & LDNS_COMMENT_KEY) && (fmt_st->flags& LDNS_COMMENT_RRSIGS) && ldns_rr_rdf(rr, 6) != NULL) { ldns_buffer_printf(output, " ;{id = %d}", ldns_rdf2native_int16( ldns_rr_rdf(rr, 6))); } break; case LDNS_RR_TYPE_DS: if ((fmt_st->flags & LDNS_COMMENT_BUBBLEBABBLE) && ldns_rr_rdf(rr, 3) != NULL) { uint8_t *data = ldns_rdf_data( ldns_rr_rdf(rr, 3)); size_t len = ldns_rdf_size(ldns_rr_rdf(rr, 3)); char *babble = ldns_bubblebabble(data, len); if(babble) { ldns_buffer_printf(output, " ;{%s}", babble); } LDNS_FREE(babble); } break; case LDNS_RR_TYPE_NSEC3: if (! (fmt_st->flags & LDNS_COMMENT_FLAGS) && ! (fmt_st->flags & LDNS_COMMENT_NSEC3_CHAIN)) { break; } ldns_buffer_printf(output, " ;{"); if ((fmt_st->flags & LDNS_COMMENT_FLAGS)) { if (ldns_nsec3_optout(rr)) { ldns_buffer_printf(output, " flags: optout"); } else { ldns_buffer_printf(output," flags: -"); } if (fmt_st->flags & LDNS_COMMENT_NSEC3_CHAIN && fmt_st->hashmap != NULL) { ldns_buffer_printf(output, ", "); } } if (fmt_st->flags & LDNS_COMMENT_NSEC3_CHAIN && fmt_st->hashmap != NULL) { ldns_rbnode_t *node; ldns_rdf *key = ldns_dname_label( ldns_rr_owner(rr), 0); if (key) { node = ldns_rbtree_search( fmt_st->hashmap, (void *) key); if (node->data) { ldns_buffer_printf(output, "from: "); (void) ldns_rdf2buffer_str( output, ldns_dnssec_name_name( (ldns_dnssec_name*) node->data )); } ldns_rdf_deep_free(key); } key = ldns_b32_ext2dname( ldns_nsec3_next_owner(rr)); if (key) { node = ldns_rbtree_search( fmt_st->hashmap, (void *) key); if (node->data) { ldns_buffer_printf(output, " to: "); (void) ldns_rdf2buffer_str( output, ldns_dnssec_name_name( (ldns_dnssec_name*) node->data )); } ldns_rdf_deep_free(key); } } ldns_buffer_printf(output, "}"); break; default: break; } } /* last */ ldns_buffer_printf(output, "\n"); return ldns_buffer_status(output); } ldns_status ldns_rr2buffer_str(ldns_buffer *output, const ldns_rr *rr) { return ldns_rr2buffer_str_fmt(output, ldns_output_format_default, rr); } ldns_status ldns_rr_list2buffer_str_fmt(ldns_buffer *output, const ldns_output_format *fmt, const ldns_rr_list *list) { uint16_t i; for(i = 0; i < ldns_rr_list_rr_count(list); i++) { (void) ldns_rr2buffer_str_fmt(output, fmt, ldns_rr_list_rr(list, i)); } return ldns_buffer_status(output); } ldns_status ldns_rr_list2buffer_str(ldns_buffer *output, const ldns_rr_list *list) { return ldns_rr_list2buffer_str_fmt( output, ldns_output_format_default, list); } ldns_status ldns_pktheader2buffer_str(ldns_buffer *output, const ldns_pkt *pkt) { ldns_lookup_table *opcode = ldns_lookup_by_id(ldns_opcodes, (int) ldns_pkt_get_opcode(pkt)); ldns_lookup_table *rcode = ldns_lookup_by_id(ldns_rcodes, (int) ldns_pkt_get_rcode(pkt)); ldns_buffer_printf(output, ";; ->>HEADER<<- "); if (opcode) { ldns_buffer_printf(output, "opcode: %s, ", opcode->name); } else { ldns_buffer_printf(output, "opcode: ?? (%u), ", ldns_pkt_get_opcode(pkt)); } if (rcode) { ldns_buffer_printf(output, "rcode: %s, ", rcode->name); } else { ldns_buffer_printf(output, "rcode: ?? (%u), ", ldns_pkt_get_rcode(pkt)); } ldns_buffer_printf(output, "id: %d\n", ldns_pkt_id(pkt)); ldns_buffer_printf(output, ";; flags: "); if (ldns_pkt_qr(pkt)) { ldns_buffer_printf(output, "qr "); } if (ldns_pkt_aa(pkt)) { ldns_buffer_printf(output, "aa "); } if (ldns_pkt_tc(pkt)) { ldns_buffer_printf(output, "tc "); } if (ldns_pkt_rd(pkt)) { ldns_buffer_printf(output, "rd "); } if (ldns_pkt_cd(pkt)) { ldns_buffer_printf(output, "cd "); } if (ldns_pkt_ra(pkt)) { ldns_buffer_printf(output, "ra "); } if (ldns_pkt_ad(pkt)) { ldns_buffer_printf(output, "ad "); } ldns_buffer_printf(output, "; "); ldns_buffer_printf(output, "QUERY: %u, ", ldns_pkt_qdcount(pkt)); ldns_buffer_printf(output, "ANSWER: %u, ", ldns_pkt_ancount(pkt)); ldns_buffer_printf(output, "AUTHORITY: %u, ", ldns_pkt_nscount(pkt)); ldns_buffer_printf(output, "ADDITIONAL: %u ", ldns_pkt_arcount(pkt)); return ldns_buffer_status(output); } /* print EDNS option data in the Dig format: 76 61 6c 69 ... */ static void ldns_edns_hex_data2buffer_str(ldns_buffer* output, uint8_t* data, size_t len) { size_t j; for (j = 0; j < len; j++) { ldns_buffer_printf(output, " %02x", data[j]); } } static ldns_status ldns_edns_llq2buffer_str(ldns_buffer* output, uint8_t* data, size_t len) { /* LLQ constants */ const char* llq_errors[] = {"NO-ERROR", "SERV-FULL", "STATIC", "FORMAT-ERR", "NO-SUCH-LLQ", "BAD-VERS", "UNKNOWN_ERR"}; const unsigned int llq_errors_num = 7; const char* llq_opcodes[] = {"LLQ-SETUP", "LLQ-REFRESH", "LLQ-EVENT"}; const unsigned int llq_opcodes_num = 3; uint16_t version, llq_opcode, error_code; uint64_t llq_id; uint32_t lease_life; /* Requested or granted life of LLQ, in seconds */ ldns_buffer_printf(output, "; Long-Lived Query:"); /* read the record */ if(len != 18) { ldns_buffer_printf(output, " malformed LLQ "); ldns_edns_hex_data2buffer_str(output, data, len); return ldns_buffer_status(output); } version = ldns_read_uint16(data); llq_opcode = ldns_read_uint16(data+2); error_code = ldns_read_uint16(data+4); memmove(&llq_id, data+6, sizeof(uint64_t)); lease_life = ldns_read_uint32(data+14); /* print option field entires */ ldns_buffer_printf(output, "v%d ", (int)version); if(llq_opcode < llq_opcodes_num) { ldns_buffer_printf(output, "%s", llq_opcodes[llq_opcode]); } else { ldns_buffer_printf(output, "opcode %d", (int)llq_opcode); } if(error_code < llq_errors_num) ldns_buffer_printf(output, " %s", llq_errors[error_code]); else { ldns_buffer_printf(output, " error %d", (int)error_code); } #ifndef USE_WINSOCK ldns_buffer_printf(output, " id %llx lease-life %lu", (unsigned long long)llq_id, (unsigned long)lease_life); #else ldns_buffer_printf(output, " id %I64x lease-life %lu", (unsigned long long)llq_id, (unsigned long)lease_life); #endif return ldns_buffer_status(output); } static ldns_status ldns_edns_ul2buffer_str(ldns_buffer* output, uint8_t* data, size_t len) { uint32_t lease; ldns_buffer_printf(output, "; Update Lease:"); if(len != 4) { ldns_buffer_printf(output, " malformed UL "); ldns_edns_hex_data2buffer_str(output, data, len); return ldns_buffer_status(output); } lease = ldns_read_uint32(data); ldns_buffer_printf(output, "lease %lu", (unsigned long)lease); return ldns_buffer_status(output); } static ldns_status ldns_edns_nsid2buffer_str(ldns_buffer* output, uint8_t* data, size_t len) { size_t i, printed=0; ldns_buffer_printf(output, "; NSID:"); ldns_edns_hex_data2buffer_str(output, data, len); /* print the human-readable text string */ for(i = 0; i < len; i++) { if(isprint((unsigned char)data[i]) || data[i] == '\t') { if(!printed) { ldns_buffer_printf(output, " ("); printed = 1; } ldns_buffer_printf(output, "%c", (char)data[i]); } } if(printed) ldns_buffer_printf(output, ")"); return ldns_buffer_status(output); } static ldns_status ldns_edns_dau2buffer_str(ldns_buffer* output, uint8_t* data, size_t len) { size_t i; ldns_lookup_table *lt; ldns_buffer_printf(output, "; DNSSEC Algorithm Understood (DAU):"); for(i = 0; i name) { ldns_buffer_printf(output, " %s", lt->name); } else { ldns_buffer_printf(output, " ALG%u", data[i]); } } return ldns_buffer_status(output); } static ldns_status ldns_edns_dhu2buffer_str(ldns_buffer* output, uint8_t* data, size_t len) { size_t i; ldns_lookup_table *lt; ldns_buffer_printf(output, "; DS Hash Understood (DHU):"); for(i = 0; i < len; i++) { lt = ldns_lookup_by_id(ldns_hashes, data[i]); if (lt && lt->name) { ldns_buffer_printf(output, " %s", lt->name); } else { ldns_buffer_printf(output, " ALG%u", data[i]); } } return ldns_buffer_status(output); } static ldns_status ldns_edns_d3u2buffer_str(ldns_buffer* output, uint8_t* data, size_t len) { size_t i; ldns_buffer_printf(output, "; NSEC3 Hash Understood (N3U):"); for(i=0; i 4) { ldns_buffer_printf(output, "trailingdata:"); ldns_edns_hex_data2buffer_str(output, data+4+4, len-4-4); ldns_buffer_printf(output, " "); len = 4+4; } memmove(ip4, data+4, len-4); if(!inet_ntop(AF_INET, ip4, buf, (socklen_t) sizeof(buf))) { ldns_buffer_printf(output, "ip4ntoperror "); ldns_edns_hex_data2buffer_str(output, data+4+4, len-4-4); } else { ldns_buffer_printf(output, "%s", buf); } } else if(family == 2) { /* IPv6 */ char buf[64]; uint8_t ip6[16]; memset(ip6, 0, sizeof(ip6)); if(len-4 > 16) { ldns_buffer_printf(output, "trailingdata:"); ldns_edns_hex_data2buffer_str(output, data+4+16, len-4-16); ldns_buffer_printf(output, " "); len = 4+16; } memmove(ip6, data+4, len-4); #ifdef AF_INET6 if(!inet_ntop(AF_INET6, ip6, buf, (socklen_t) sizeof(buf))) { ldns_buffer_printf(output, "ip6ntoperror "); ldns_edns_hex_data2buffer_str(output, data+4+4, len-4-4); } else { ldns_buffer_printf(output, "%s", buf); } #else ldns_edns_hex_data2buffer_str(output, data+4+4, len-4-4); #endif } else { /* unknown */ ldns_buffer_printf(output, "family %d ", (int)family); ldns_edns_hex_data2buffer_str(output, data, len); } ldns_buffer_printf(output, "/%d scope /%d", (int)source, (int)scope); return ldns_buffer_status(output); } static ldns_status ldns_edns_expire2buffer_str(ldns_buffer* output, uint8_t* data, size_t len) { ldns_buffer_printf(output, "; EXPIRE:"); if (!(len == 0) || len == 4) { ldns_buffer_printf(output, "malformed expire "); ldns_edns_hex_data2buffer_str(output, data, len); return ldns_buffer_status(output); } // TODO can this output be more accurate? ldns_edns_hex_data2buffer_str(output, data, len); return ldns_buffer_status(output); } static ldns_status ldns_edns_cookie2buffer_str(ldns_buffer* output, uint8_t* data, size_t len) { ldns_buffer_printf(output, "; COOKIE:"); /* the size of an EDNS cookie is restricted by RFC 7873 */ if (!(len == 8 || (len >= 16 && len < 40))) { ldns_buffer_printf(output, "malformed cookie "); ldns_edns_hex_data2buffer_str(output, data, len); } ldns_edns_hex_data2buffer_str(output, data, len); return ldns_buffer_status(output); } static ldns_status ldns_edns_keepalive2buffer_str(ldns_buffer* output, uint8_t* data, size_t len) { uint16_t timeout; ldns_buffer_printf(output, "; KEEPALIVE:"); if(!(len == 0 || len == 2)) { ldns_buffer_printf(output, "malformed keepalive "); ldns_edns_hex_data2buffer_str(output, data, len); return ldns_buffer_status(output); } if(len == 0) { ldns_buffer_printf(output, "no timeout value (only valid for client option)"); } else { timeout = ldns_read_uint16(data); ldns_buffer_printf(output, "timeout value in units of 100ms %u", (int)timeout); } return ldns_buffer_status(output); } static ldns_status ldns_edns_padding2buffer_str(ldns_buffer* output, uint8_t* data, size_t len) { ldns_buffer_printf(output, "; PADDING: "); ldns_edns_hex_data2buffer_str(output, data, len); return ldns_buffer_status(output); } static ldns_status ldns_edns_chain2buffer_str(ldns_buffer* output, uint8_t* data, size_t len) { ldns_rdf* temp = NULL; ldns_buffer_printf(output, "; CHAIN: "); if (ldns_str2rdf_dname(&temp, (char*) data) != LDNS_STATUS_OK) { ldns_buffer_printf(output, "malformed chain "); ldns_edns_hex_data2buffer_str(output, data, len); return ldns_buffer_status(output); } ldns_characters2buffer_str(output, len, data); return ldns_buffer_status(output); } static ldns_status ldns_edns_key_tag2buffer_str(ldns_buffer* output, uint8_t* data, size_t len) { size_t i; ldns_buffer_printf(output, "; KEY TAG: "); if(len < 2 || len % 2 != 0) { ldns_buffer_printf(output, "malformed key tag "); ldns_edns_hex_data2buffer_str(output, data, len); return ldns_buffer_status(output); } for (i = 0; i < len; i += 2) { uint16_t tag = ldns_read_uint16(data); ldns_buffer_printf(output, " %hu", tag); } return ldns_buffer_status(output); } static ldns_status ldns_edns_ede2buffer_str(ldns_buffer* output, uint8_t* data, size_t len) { size_t i; uint16_t ede; ldns_buffer_printf(output, "; EDE:"); if(len < 2) { ldns_buffer_printf(output, "malformed ede "); ldns_edns_hex_data2buffer_str(output, data, len); return ldns_buffer_status(output); } ede = ldns_read_uint16(data); switch (ede) { case LDNS_EDE_OTHER: ldns_buffer_printf(output, " 0 (Other): "); break; case LDNS_EDE_UNSUPPORTED_DNSKEY_ALG: ldns_buffer_printf(output, " 1 (Unsupported DNSKEY Algorithm)"); break; case LDNS_EDE_UNSUPPORTED_DS_DIGEST: ldns_buffer_printf(output, " 2 (Unsupported DS Digest type)"); break; case LDNS_EDE_STALE_ANSWER: ldns_buffer_printf(output, " 3 (Stale Answer)"); break; case LDNS_EDE_FORGED_ANSWER: ldns_buffer_printf(output, " 4 (Forged Answer)"); break; case LDNS_EDE_DNSSEC_INDETERMINATE: ldns_buffer_printf(output, " 5 (DNSSEC Indeterminate)"); break; case LDNS_EDE_DNSSEC_BOGUS: ldns_buffer_printf(output, " 6 (DNSSEC Bogus)"); break; case LDNS_EDE_SIGNATURE_EXPIRED: ldns_buffer_printf(output, " 7 (Signature Expired)"); break; case LDNS_EDE_SIGNATURE_NOT_YET_VALID: ldns_buffer_printf(output, " 8 (Signature Not Yet Valid)"); break; case LDNS_EDE_DNSKEY_MISSING: ldns_buffer_printf(output, " 9 (DNSKEY Missing)"); break; case LDNS_EDE_RRSIGS_MISSING: ldns_buffer_printf(output, " 10 (RRSIGs Missing)"); break; case LDNS_EDE_NO_ZONE_KEY_BIT_SET: ldns_buffer_printf(output, " 11 (No Zone Key Bit Set)"); break; case LDNS_EDE_NSEC_MISSING: ldns_buffer_printf(output, " 12 (NSEC Missing)"); break; case LDNS_EDE_CACHED_ERROR: ldns_buffer_printf(output, " 13 (Cached Error)"); break; case LDNS_EDE_NOT_READY: ldns_buffer_printf(output, " 14 (Not Ready)"); break; case LDNS_EDE_BLOCKED: ldns_buffer_printf(output, " 15 (Blocked)"); break; case LDNS_EDE_CENSORED: ldns_buffer_printf(output, " 16 (Censored)"); break; case LDNS_EDE_FILTERED: ldns_buffer_printf(output, " 17 (Filtered)"); break; case LDNS_EDE_PROHIBITED: ldns_buffer_printf(output, " 18 (Prohibited)"); break; case LDNS_EDE_STALE_NXDOMAIN_ANSWER: ldns_buffer_printf(output, " 19 (NXDOMAIN Answer)"); break; case LDNS_EDE_NOT_AUTHORITATIVE: ldns_buffer_printf(output, " 20 (Not Authoritative)"); break; case LDNS_EDE_NOT_SUPPORTED: ldns_buffer_printf(output, " 21 (Not Supported)"); break; case LDNS_EDE_NO_REACHABLE_AUTHORITY: ldns_buffer_printf(output, " 22 (No Reachable Authority)"); break; case LDNS_EDE_NETWORK_ERROR: ldns_buffer_printf(output, " 23 (Network Error)"); break; case LDNS_EDE_INVALID_DATA: ldns_buffer_printf(output, " 24 (Invalid Data)"); break; case LDNS_EDE_SIGNATURE_EXPIRED_BEFORE_VALID: ldns_buffer_printf(output, " 25 (Signature Expired Before Valid)"); break; case LDNS_EDE_TOO_EARLY: ldns_buffer_printf(output, " 26 (Too Early)"); break; case LDNS_EDE_UNSUPPORTED_NSEC3_ITERATIONS_VALUE: ldns_buffer_printf(output, " 27 (Unsupported NSEC3 Iterations Value)"); break; case LDNS_EDE_UNABLE_TO_CONFORM_TO_POLICY: ldns_buffer_printf(output, " 28 (Unable to conform to policy)"); break; case LDNS_EDE_SYNTHESIZED: ldns_buffer_printf(output, " 29 (Synthesized)"); break; case LDNS_EDE_INVALID_QUERY_TYPE: ldns_buffer_printf(output, " 30 (Invalid Query Type)"); break; default: ldns_buffer_printf(output, " %02x", data[0]); ldns_buffer_printf(output, " %02x", data[1]); break; } /* skip the EDE code in the output */ data += 2; len -= 2; if (len > 2) { /* format the hex bytes */ ldns_buffer_printf(output, ":"); for (i = 0; i < len; i++) { ldns_buffer_printf(output, " %02x", data[i]); } /* format the human-readable string */ ldns_buffer_printf(output, " ("); ldns_characters2buffer_str(output, len, data); ldns_buffer_printf(output, ")"); } return ldns_buffer_status(output); } static ldns_status ldns_edns_client_tag2buffer_str(ldns_buffer* output, uint8_t* data, size_t len) { ldns_buffer_printf(output, "; CLIENT-TAG:"); if (len > 2) { ldns_buffer_printf(output, "malformed client-tag "); ldns_edns_hex_data2buffer_str(output, data, len); return ldns_buffer_status(output); } ldns_edns_hex_data2buffer_str(output, data, len); return ldns_buffer_status(output); } static ldns_status ldns_edns_server_tag2buffer_str(ldns_buffer* output, uint8_t* data, size_t len) { ldns_buffer_printf(output, "; SERVER-TAG:"); if (len > 2) { ldns_buffer_printf(output, "malformed server-tag "); ldns_edns_hex_data2buffer_str(output, data, len); return ldns_buffer_status(output); } ldns_edns_hex_data2buffer_str(output, data, len); return ldns_buffer_status(output); } ldns_status ldns_edns_option_list2buffer_str(ldns_buffer *output, ldns_edns_option_list* edns_list) { size_t count = ldns_edns_option_list_get_count(edns_list); size_t i, size; uint8_t* data; for (i = 0; i < count; i++) { ldns_edns_option_code code; ldns_edns_option* edns = ldns_edns_option_list_get_option(edns_list, i); if (!edns) { break; } code = ldns_edns_get_code(edns); size = ldns_edns_get_size(edns); data = ldns_edns_get_data(edns); switch(code) { case LDNS_EDNS_LLQ: ldns_edns_llq2buffer_str(output, data, size); break; case LDNS_EDNS_UL: ldns_edns_ul2buffer_str(output, data, size); break; case LDNS_EDNS_NSID: ldns_edns_nsid2buffer_str(output, data, size); break; case LDNS_EDNS_DAU: ldns_edns_dau2buffer_str(output, data, size); break; case LDNS_EDNS_DHU: ldns_edns_dhu2buffer_str(output, data, size); break; case LDNS_EDNS_N3U: ldns_edns_d3u2buffer_str(output, data, size); break; case LDNS_EDNS_CLIENT_SUBNET: ldns_edns_subnet2buffer_str(output, data, size); break; case LDNS_EDNS_EXPIRE: ldns_edns_expire2buffer_str(output, data, size); break; case LDNS_EDNS_COOKIE: ldns_edns_cookie2buffer_str(output, data, size); break; case LDNS_EDNS_KEEPALIVE: ldns_edns_keepalive2buffer_str(output, data, size); break; case LDNS_EDNS_PADDING: ldns_edns_padding2buffer_str(output, data, size); break; case LDNS_EDNS_CHAIN: ldns_edns_chain2buffer_str(output, data, size); break; case LDNS_EDNS_KEY_TAG: ldns_edns_key_tag2buffer_str(output, data, size); break; case LDNS_EDNS_EDE: ldns_edns_ede2buffer_str(output, data, size); break; case LDNS_EDNS_CLIENT_TAG: ldns_edns_client_tag2buffer_str(output, data, size); break; case LDNS_EDNS_SERVER_TAG: ldns_edns_server_tag2buffer_str(output, data, size); break; default: ldns_buffer_printf(output, "; OPT=%d:", code); ldns_edns_hex_data2buffer_str(output, data, size); break; } ldns_buffer_printf(output, "\n"); } return ldns_buffer_status(output); } ldns_status ldns_pkt2buffer_str_fmt(ldns_buffer *output, const ldns_output_format *fmt, const ldns_pkt *pkt) { uint16_t i; ldns_status status = LDNS_STATUS_OK; char *tmp; struct timeval time; time_t time_tt; int short_fmt = fmt && (fmt->flags & LDNS_FMT_SHORT); if (!pkt) { ldns_buffer_printf(output, "null"); return LDNS_STATUS_OK; } if (!ldns_buffer_status_ok(output)) { return ldns_buffer_status(output); } if (!short_fmt) { status = ldns_pktheader2buffer_str(output, pkt); if (status != LDNS_STATUS_OK) { return status; } ldns_buffer_printf(output, "\n"); ldns_buffer_printf(output, ";; QUESTION SECTION:\n;; "); for (i = 0; i < ldns_pkt_qdcount(pkt); i++) { status = ldns_rr2buffer_str_fmt(output, fmt, ldns_rr_list_rr( ldns_pkt_question(pkt), i)); if (status != LDNS_STATUS_OK) { return status; } } ldns_buffer_printf(output, "\n"); ldns_buffer_printf(output, ";; ANSWER SECTION:\n"); } for (i = 0; i < ldns_pkt_ancount(pkt); i++) { status = ldns_rr2buffer_str_fmt(output, fmt, ldns_rr_list_rr( ldns_pkt_answer(pkt), i)); if (status != LDNS_STATUS_OK) { return status; } } if (!short_fmt) { ldns_buffer_printf(output, "\n"); ldns_buffer_printf(output, ";; AUTHORITY SECTION:\n"); for (i = 0; i < ldns_pkt_nscount(pkt); i++) { status = ldns_rr2buffer_str_fmt(output, fmt, ldns_rr_list_rr( ldns_pkt_authority(pkt), i)); if (status != LDNS_STATUS_OK) { return status; } } ldns_buffer_printf(output, "\n"); ldns_buffer_printf(output, ";; ADDITIONAL SECTION:\n"); for (i = 0; i < ldns_pkt_arcount(pkt); i++) { status = ldns_rr2buffer_str_fmt(output, fmt, ldns_rr_list_rr( ldns_pkt_additional(pkt), i)); if (status != LDNS_STATUS_OK) { return status; } } ldns_buffer_printf(output, "\n"); /* add some further fields */ ldns_buffer_printf(output, ";; Query time: %d msec\n", ldns_pkt_querytime(pkt)); if (ldns_pkt_edns(pkt)) { ldns_buffer_printf(output, ";; EDNS: version %u; flags:", ldns_pkt_edns_version(pkt)); if (ldns_pkt_edns_do(pkt)) { ldns_buffer_printf(output, " do"); } if (ldns_pkt_edns_co(pkt)) { ldns_buffer_printf(output, " co"); } /* the extended rcode is the value set, shifted four bits, * and or'd with the original rcode */ if (ldns_pkt_edns_extended_rcode(pkt)) { ldns_buffer_printf(output, " ; ext-rcode: %d", (ldns_pkt_edns_extended_rcode(pkt) << 4 | ldns_pkt_get_rcode(pkt))); } ldns_buffer_printf(output, " ; udp: %u\n", ldns_pkt_edns_udp_size(pkt)); if (pkt->_edns_list) ldns_edns_option_list2buffer_str(output, pkt->_edns_list); else if (ldns_pkt_edns_data(pkt)) { ldns_edns_option_list* edns_list; /* parse the EDNS data into separate EDNS options * and add them to the list */ if ((edns_list = pkt_edns_data2edns_option_list(ldns_pkt_edns_data(pkt)))) { ldns_edns_option_list2buffer_str(output, edns_list); ldns_edns_option_list_deep_free(edns_list); } else { ldns_buffer_printf(output, ";; Data: "); (void)ldns_rdf2buffer_str(output, ldns_pkt_edns_data(pkt)); ldns_buffer_printf(output, "\n"); } } } if (ldns_pkt_tsig(pkt)) { ldns_buffer_printf(output, ";; TSIG:\n;; "); (void) ldns_rr2buffer_str_fmt( output, fmt, ldns_pkt_tsig(pkt)); ldns_buffer_printf(output, "\n"); } if (ldns_pkt_answerfrom(pkt)) { tmp = ldns_rdf2str(ldns_pkt_answerfrom(pkt)); ldns_buffer_printf(output, ";; SERVER: %s\n", tmp); LDNS_FREE(tmp); } time = ldns_pkt_timestamp(pkt); time_tt = (time_t)time.tv_sec; ldns_buffer_printf(output, ";; WHEN: %s", (char*)ctime(&time_tt)); ldns_buffer_printf(output, ";; MSG SIZE rcvd: %d\n", (int)ldns_pkt_size(pkt)); } return status; } ldns_status ldns_pkt2buffer_str(ldns_buffer *output, const ldns_pkt *pkt) { return ldns_pkt2buffer_str_fmt(output, ldns_output_format_default, pkt); } #ifdef HAVE_SSL static ldns_status ldns_hmac_key2buffer_str(ldns_buffer *output, const ldns_key *k) { ldns_status status; size_t i; ldns_rdf *b64_bignum; ldns_buffer_printf(output, "Key: "); i = ldns_key_hmac_size(k); b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, i, ldns_key_hmac_key(k)); status = ldns_rdf2buffer_str(output, b64_bignum); ldns_rdf_deep_free(b64_bignum); ldns_buffer_printf(output, "\n"); return status; } #endif #if defined(HAVE_SSL) && defined(USE_GOST) static ldns_status ldns_gost_key2buffer_str(ldns_buffer *output, EVP_PKEY *p) { unsigned char* pp = NULL; int ret; ldns_rdf *b64_bignum; ldns_status status; ldns_buffer_printf(output, "GostAsn1: "); ret = i2d_PrivateKey(p, &pp); b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, (size_t)ret, pp); status = ldns_rdf2buffer_str(output, b64_bignum); ldns_rdf_deep_free(b64_bignum); OPENSSL_free(pp); ldns_buffer_printf(output, "\n"); return status; } #endif #if defined(HAVE_SSL) && defined(USE_ED25519) static ldns_status ldns_ed25519_key2buffer_str(ldns_buffer *output, EVP_PKEY *p) { unsigned char* pp = NULL; int ret; ldns_rdf *b64_bignum; ldns_status status; ldns_buffer_printf(output, "PrivateKey: "); ret = i2d_PrivateKey(p, &pp); /* 16 byte asn (302e020100300506032b657004220420) + 32byte key */ if(ret != 16 + 32) { OPENSSL_free(pp); return LDNS_STATUS_ERR; } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, (size_t)ret-16, pp+16); status = ldns_rdf2buffer_str(output, b64_bignum); ldns_rdf_deep_free(b64_bignum); OPENSSL_free(pp); ldns_buffer_printf(output, "\n"); return status; } #endif #if defined(HAVE_SSL) && defined(USE_ED448) static ldns_status ldns_ed448_key2buffer_str(ldns_buffer *output, EVP_PKEY *p) { unsigned char* pp = NULL; int ret; ldns_rdf *b64_bignum; ldns_status status; ldns_buffer_printf(output, "PrivateKey: "); ret = i2d_PrivateKey(p, &pp); /* some-ASN + 57byte key */ if(ret != 16 + 57) { OPENSSL_free(pp); return LDNS_STATUS_ERR; } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, (size_t)ret-16, pp+16); status = ldns_rdf2buffer_str(output, b64_bignum); ldns_rdf_deep_free(b64_bignum); OPENSSL_free(pp); ldns_buffer_printf(output, "\n"); return status; } #endif #if defined(HAVE_SSL) /** print one b64 encoded bignum to a line in the keybuffer */ static int ldns_print_bignum_b64_line(ldns_buffer* output, const char* label, const BIGNUM* num) { unsigned char *bignumbuf = LDNS_XMALLOC(unsigned char, LDNS_MAX_KEYLEN); if(!bignumbuf) return 0; ldns_buffer_printf(output, "%s: ", label); if(num) { ldns_rdf *b64_bignum = NULL; int i = BN_bn2bin(num, bignumbuf); if (i > LDNS_MAX_KEYLEN) { LDNS_FREE(bignumbuf); return 0; } b64_bignum = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, (size_t)i, bignumbuf); if (ldns_rdf2buffer_str(output, b64_bignum) != LDNS_STATUS_OK) { ldns_rdf_deep_free(b64_bignum); LDNS_FREE(bignumbuf); return 0; } ldns_rdf_deep_free(b64_bignum); ldns_buffer_printf(output, "\n"); } else { ldns_buffer_printf(output, "(Not available)\n"); } LDNS_FREE(bignumbuf); return 1; } #endif ldns_status ldns_key2buffer_str(ldns_buffer *output, const ldns_key *k) { ldns_status status = LDNS_STATUS_OK; unsigned char *bignum; #ifdef HAVE_SSL RSA *rsa; #ifdef USE_DSA DSA *dsa; #endif /* USE_DSA */ #endif /* HAVE_SSL */ if (!k) { return LDNS_STATUS_ERR; } bignum = LDNS_XMALLOC(unsigned char, LDNS_MAX_KEYLEN); if (!bignum) { return LDNS_STATUS_ERR; } if (ldns_buffer_status_ok(output)) { #ifdef HAVE_SSL switch(ldns_key_algorithm(k)) { case LDNS_SIGN_RSASHA1: case LDNS_SIGN_RSASHA1_NSEC3: case LDNS_SIGN_RSASHA256: case LDNS_SIGN_RSASHA512: case LDNS_SIGN_RSAMD5: /* copied by looking at dnssec-keygen output */ /* header */ rsa = ldns_key_rsa_key(k); ldns_buffer_printf(output,"Private-key-format: v1.2\n"); switch(ldns_key_algorithm(k)) { case LDNS_SIGN_RSAMD5: ldns_buffer_printf(output, "Algorithm: %u (RSA)\n", LDNS_RSAMD5); break; case LDNS_SIGN_RSASHA1: ldns_buffer_printf(output, "Algorithm: %u (RSASHA1)\n", LDNS_RSASHA1); break; case LDNS_SIGN_RSASHA1_NSEC3: ldns_buffer_printf(output, "Algorithm: %u (RSASHA1_NSEC3)\n", LDNS_RSASHA1_NSEC3); break; #ifdef USE_SHA2 case LDNS_SIGN_RSASHA256: ldns_buffer_printf(output, "Algorithm: %u (RSASHA256)\n", LDNS_RSASHA256); break; case LDNS_SIGN_RSASHA512: ldns_buffer_printf(output, "Algorithm: %u (RSASHA512)\n", LDNS_RSASHA512); break; #endif default: #ifdef STDERR_MSGS fprintf(stderr, "Warning: unknown signature "); fprintf(stderr, "algorithm type %u\n", ldns_key_algorithm(k)); #endif ldns_buffer_printf(output, "Algorithm: %u (Unknown)\n", ldns_key_algorithm(k)); break; } /* print to buf, convert to bin, convert to b64, * print to buf */ #ifndef S_SPLINT_S if(1) { const BIGNUM *n=NULL, *e=NULL, *d=NULL, *p=NULL, *q=NULL, *dmp1=NULL, *dmq1=NULL, *iqmp=NULL; #if OPENSSL_VERSION_NUMBER < 0x10100000 || (defined(HAVE_LIBRESSL) && LIBRESSL_VERSION_NUMBER < 0x20700000) n = rsa->n; e = rsa->e; d = rsa->d; p = rsa->p; q = rsa->q; dmp1 = rsa->dmp1; dmq1 = rsa->dmq1; iqmp = rsa->iqmp; #else RSA_get0_key(rsa, &n, &e, &d); RSA_get0_factors(rsa, &p, &q); RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp); #endif if(!ldns_print_bignum_b64_line(output, "Modulus", n)) goto error; if(!ldns_print_bignum_b64_line(output, "PublicExponent", e)) goto error; if(!ldns_print_bignum_b64_line(output, "PrivateExponent", d)) goto error; if(!ldns_print_bignum_b64_line(output, "Prime1", p)) goto error; if(!ldns_print_bignum_b64_line(output, "Prime2", q)) goto error; if(!ldns_print_bignum_b64_line(output, "Exponent1", dmp1)) goto error; if(!ldns_print_bignum_b64_line(output, "Exponent2", dmq1)) goto error; if(!ldns_print_bignum_b64_line(output, "Coefficient", iqmp)) goto error; } #endif /* splint */ RSA_free(rsa); break; #ifdef USE_DSA case LDNS_SIGN_DSA: case LDNS_SIGN_DSA_NSEC3: dsa = ldns_key_dsa_key(k); ldns_buffer_printf(output,"Private-key-format: v1.2\n"); if (ldns_key_algorithm(k) == LDNS_SIGN_DSA) { ldns_buffer_printf(output,"Algorithm: 3 (DSA)\n"); } else if (ldns_key_algorithm(k) == LDNS_SIGN_DSA_NSEC3) { ldns_buffer_printf(output,"Algorithm: 6 (DSA_NSEC3)\n"); } /* print to buf, convert to bin, convert to b64, * print to buf */ if(1) { const BIGNUM *p=NULL, *q=NULL, *g=NULL, *priv_key=NULL, *pub_key=NULL; #if OPENSSL_VERSION_NUMBER < 0x10100000 || (defined(HAVE_LIBRESSL) && LIBRESSL_VERSION_NUMBER < 0x20700000) #ifndef S_SPLINT_S p = dsa->p; q = dsa->q; g = dsa->g; priv_key = dsa->priv_key; pub_key = dsa->pub_key; #endif /* splint */ #else DSA_get0_pqg(dsa, &p, &q, &g); DSA_get0_key(dsa, &pub_key, &priv_key); #endif if(!ldns_print_bignum_b64_line(output, "Prime(p)", p)) goto error; if(!ldns_print_bignum_b64_line(output, "Subprime(q)", q)) goto error; if(!ldns_print_bignum_b64_line(output, "Base(g)", g)) goto error; if(!ldns_print_bignum_b64_line(output, "Private_value(x)", priv_key)) goto error; if(!ldns_print_bignum_b64_line(output, "Public_value(y)", pub_key)) goto error; } break; #endif /* USE_DSA */ case LDNS_SIGN_ECC_GOST: /* no format defined, use blob */ #if defined(HAVE_SSL) && defined(USE_GOST) ldns_buffer_printf(output, "Private-key-format: v1.2\n"); ldns_buffer_printf(output, "Algorithm: %d (ECC-GOST)\n", LDNS_SIGN_ECC_GOST); status = ldns_gost_key2buffer_str(output, #ifndef S_SPLINT_S k->_key.key #else NULL #endif ); #else goto error; #endif /* GOST */ break; case LDNS_SIGN_ECDSAP256SHA256: case LDNS_SIGN_ECDSAP384SHA384: #ifdef USE_ECDSA ldns_buffer_printf(output, "Private-key-format: v1.2\n"); ldns_buffer_printf(output, "Algorithm: %d (", ldns_key_algorithm(k)); status=ldns_algorithm2buffer_str(output, (ldns_algorithm)ldns_key_algorithm(k)); #ifndef S_SPLINT_S ldns_buffer_printf(output, ")\n"); if(k->_key.key) { EC_KEY* ec = EVP_PKEY_get1_EC_KEY(k->_key.key); const BIGNUM* b = EC_KEY_get0_private_key(ec); if(!ldns_print_bignum_b64_line(output, "PrivateKey", b)) goto error; /* down reference count in EC_KEY * its still assigned to the PKEY */ EC_KEY_free(ec); } #endif /* splint */ #else goto error; #endif /* ECDSA */ break; #ifdef USE_ED25519 case LDNS_SIGN_ED25519: ldns_buffer_printf(output, "Private-key-format: v1.2\n"); ldns_buffer_printf(output, "Algorithm: %d (", ldns_key_algorithm(k)); status=ldns_algorithm2buffer_str(output, (ldns_algorithm)ldns_key_algorithm(k)); ldns_buffer_printf(output, ")\n"); if (status) break; status = ldns_ed25519_key2buffer_str(output, k->_key.key); break; #endif /* USE_ED25519 */ #ifdef USE_ED448 case LDNS_SIGN_ED448: ldns_buffer_printf(output, "Private-key-format: v1.2\n"); ldns_buffer_printf(output, "Algorithm: %d (", ldns_key_algorithm(k)); status=ldns_algorithm2buffer_str(output, (ldns_algorithm)ldns_key_algorithm(k)); ldns_buffer_printf(output, ")\n"); if (status) break; status = ldns_ed448_key2buffer_str(output, k->_key.key); break; #endif /* USE_ED448 */ case LDNS_SIGN_HMACMD5: /* there's not much of a format defined for TSIG */ /* It's just a binary blob, Same for all algorithms */ ldns_buffer_printf(output, "Private-key-format: v1.2\n"); ldns_buffer_printf(output, "Algorithm: 157 (HMAC_MD5)\n"); status = ldns_hmac_key2buffer_str(output, k); break; case LDNS_SIGN_HMACSHA1: ldns_buffer_printf(output, "Private-key-format: v1.2\n"); ldns_buffer_printf(output, "Algorithm: 158 (HMAC_SHA1)\n"); status = ldns_hmac_key2buffer_str(output, k); break; case LDNS_SIGN_HMACSHA224: ldns_buffer_printf(output, "Private-key-format: v1.2\n"); ldns_buffer_printf(output, "Algorithm: 162 (HMAC_SHA224)\n"); status = ldns_hmac_key2buffer_str(output, k); break; case LDNS_SIGN_HMACSHA256: ldns_buffer_printf(output, "Private-key-format: v1.2\n"); ldns_buffer_printf(output, "Algorithm: 159 (HMAC_SHA256)\n"); status = ldns_hmac_key2buffer_str(output, k); break; case LDNS_SIGN_HMACSHA384: ldns_buffer_printf(output, "Private-key-format: v1.2\n"); ldns_buffer_printf(output, "Algorithm: 164 (HMAC_SHA384)\n"); status = ldns_hmac_key2buffer_str(output, k); break; case LDNS_SIGN_HMACSHA512: ldns_buffer_printf(output, "Private-key-format: v1.2\n"); ldns_buffer_printf(output, "Algorithm: 165 (HMAC_SHA512)\n"); status = ldns_hmac_key2buffer_str(output, k); break; } #endif /* HAVE_SSL */ } else { LDNS_FREE(bignum); return ldns_buffer_status(output); } LDNS_FREE(bignum); return status; #ifdef HAVE_SSL /* compiles warn the label isn't used */ error: LDNS_FREE(bignum); return LDNS_STATUS_ERR; #endif /* HAVE_SSL */ } /* * Zero terminate the buffer and copy data. */ char * ldns_buffer2str(ldns_buffer *buffer) { char *str; /* check if buffer ends with \0, if not, and if there is space, add it */ if (*(ldns_buffer_at(buffer, ldns_buffer_position(buffer))) != 0) { if (!ldns_buffer_reserve(buffer, 1)) { return NULL; } ldns_buffer_write_char(buffer, (uint8_t) '\0'); if (!ldns_buffer_set_capacity(buffer, ldns_buffer_position(buffer))) { return NULL; } } str = strdup((const char *)ldns_buffer_begin(buffer)); if(!str) { return NULL; } return str; } /* * Zero terminate the buffer and export data. */ char * ldns_buffer_export2str(ldns_buffer *buffer) { /* Append '\0' as string terminator */ if (! ldns_buffer_reserve(buffer, 1)) { return NULL; } ldns_buffer_write_char(buffer, 0); /* reallocate memory to the size of the string and export */ ldns_buffer_set_capacity(buffer, ldns_buffer_position(buffer)); return ldns_buffer_export(buffer); } char * ldns_rdf2str(const ldns_rdf *rdf) { char *result = NULL; ldns_buffer *tmp_buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN); if (!tmp_buffer) { return NULL; } if (ldns_rdf2buffer_str(tmp_buffer, rdf) == LDNS_STATUS_OK) { /* export and return string, destroy rest */ result = ldns_buffer_export2str(tmp_buffer); } ldns_buffer_free(tmp_buffer); return result; } char * ldns_rr2str_fmt(const ldns_output_format *fmt, const ldns_rr *rr) { char *result = NULL; ldns_buffer *tmp_buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN); if (!tmp_buffer) { return NULL; } if (ldns_rr2buffer_str_fmt(tmp_buffer, fmt, rr) == LDNS_STATUS_OK) { /* export and return string, destroy rest */ result = ldns_buffer_export2str(tmp_buffer); } ldns_buffer_free(tmp_buffer); return result; } char * ldns_rr2str(const ldns_rr *rr) { return ldns_rr2str_fmt(ldns_output_format_default, rr); } char * ldns_pkt2str_fmt(const ldns_output_format *fmt, const ldns_pkt *pkt) { char *result = NULL; ldns_buffer *tmp_buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN); if (!tmp_buffer) { return NULL; } if (ldns_pkt2buffer_str_fmt(tmp_buffer, fmt, pkt) == LDNS_STATUS_OK) { /* export and return string, destroy rest */ result = ldns_buffer_export2str(tmp_buffer); } ldns_buffer_free(tmp_buffer); return result; } char * ldns_pkt2str(const ldns_pkt *pkt) { return ldns_pkt2str_fmt(ldns_output_format_default, pkt); } char * ldns_key2str(const ldns_key *k) { char *result = NULL; ldns_buffer *tmp_buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN); if (!tmp_buffer) { return NULL; } if (ldns_key2buffer_str(tmp_buffer, k) == LDNS_STATUS_OK) { /* export and return string, destroy rest */ result = ldns_buffer_export2str(tmp_buffer); } ldns_buffer_free(tmp_buffer); return result; } char * ldns_rr_list2str_fmt(const ldns_output_format *fmt, const ldns_rr_list *list) { char *result = NULL; ldns_buffer *tmp_buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN); if (!tmp_buffer) { return NULL; } if (list) { if (ldns_rr_list2buffer_str_fmt( tmp_buffer, fmt, list) == LDNS_STATUS_OK) { } } else { if (fmt == NULL) { fmt = ldns_output_format_default; } if (fmt->flags & LDNS_COMMENT_NULLS) { ldns_buffer_printf(tmp_buffer, "; (null)\n"); } } /* export and return string, destroy rest */ result = ldns_buffer_export2str(tmp_buffer); ldns_buffer_free(tmp_buffer); return result; } char * ldns_rr_list2str(const ldns_rr_list *list) { return ldns_rr_list2str_fmt(ldns_output_format_default, list); } void ldns_rdf_print(FILE *output, const ldns_rdf *rdf) { char *str = ldns_rdf2str(rdf); if (str) { fprintf(output, "%s", str); } else { fprintf(output, ";Unable to convert rdf to string\n"); } LDNS_FREE(str); } void ldns_rr_print_fmt(FILE *output, const ldns_output_format *fmt, const ldns_rr *rr) { char *str = ldns_rr2str_fmt(fmt, rr); if (str) { fprintf(output, "%s", str); } else { fprintf(output, ";Unable to convert rr to string\n"); } LDNS_FREE(str); } void ldns_rr_print(FILE *output, const ldns_rr *rr) { ldns_rr_print_fmt(output, ldns_output_format_default, rr); } void ldns_pkt_print_fmt(FILE *output, const ldns_output_format *fmt, const ldns_pkt *pkt) { char *str = ldns_pkt2str_fmt(fmt, pkt); if (str) { fprintf(output, "%s", str); } else { fprintf(output, ";Unable to convert packet to string\n"); } LDNS_FREE(str); } void ldns_pkt_print(FILE *output, const ldns_pkt *pkt) { ldns_pkt_print_fmt(output, ldns_output_format_default, pkt); } void ldns_rr_list_print_fmt(FILE *output, const ldns_output_format *fmt, const ldns_rr_list *lst) { size_t i; for (i = 0; i < ldns_rr_list_rr_count(lst); i++) { ldns_rr_print_fmt(output, fmt, ldns_rr_list_rr(lst, i)); } } void ldns_rr_list_print(FILE *output, const ldns_rr_list *lst) { ldns_rr_list_print_fmt(output, ldns_output_format_default, lst); } void ldns_resolver_print_fmt(FILE *output, const ldns_output_format *fmt, const ldns_resolver *r) { uint16_t i; ldns_rdf **n; ldns_rdf **s; size_t *rtt; if (!r) { return; } n = ldns_resolver_nameservers(r); s = ldns_resolver_searchlist(r); rtt = ldns_resolver_rtt(r); fprintf(output, "port: %d\n", (int)ldns_resolver_port(r)); fprintf(output, "edns0 size: %d\n", (int)ldns_resolver_edns_udp_size(r)); fprintf(output, "use ip6: %d\n", (int)ldns_resolver_ip6(r)); fprintf(output, "recursive: %d\n", ldns_resolver_recursive(r)); fprintf(output, "usevc: %d\n", ldns_resolver_usevc(r)); fprintf(output, "igntc: %d\n", ldns_resolver_igntc(r)); fprintf(output, "fail: %d\n", ldns_resolver_fail(r)); fprintf(output, "retry: %d\n", (int)ldns_resolver_retry(r)); fprintf(output, "retrans: %d\n", (int)ldns_resolver_retrans(r)); fprintf(output, "fallback: %d\n", ldns_resolver_fallback(r)); fprintf(output, "random: %d\n", ldns_resolver_random(r)); fprintf(output, "timeout: %d\n", (int)ldns_resolver_timeout(r).tv_sec); fprintf(output, "dnssec: %d\n", ldns_resolver_dnssec(r)); fprintf(output, "dnssec cd: %d\n", ldns_resolver_dnssec_cd(r)); fprintf(output, "trust anchors (%d listed):\n", (int)ldns_rr_list_rr_count(ldns_resolver_dnssec_anchors(r))); ldns_rr_list_print_fmt(output, fmt, ldns_resolver_dnssec_anchors(r)); fprintf(output, "tsig: %s %s\n", ldns_resolver_tsig_keyname(r)?ldns_resolver_tsig_keyname(r):"-", ldns_resolver_tsig_algorithm(r)?ldns_resolver_tsig_algorithm(r):"-"); fprintf(output, "debug: %d\n", ldns_resolver_debug(r)); fprintf(output, "default domain: "); ldns_rdf_print(output, ldns_resolver_domain(r)); fprintf(output, "\n"); fprintf(output, "apply default domain: %d\n", ldns_resolver_defnames(r)); fprintf(output, "searchlist (%d listed):\n", (int)ldns_resolver_searchlist_count(r)); for (i = 0; i < ldns_resolver_searchlist_count(r); i++) { fprintf(output, "\t"); ldns_rdf_print(output, s[i]); fprintf(output, "\n"); } fprintf(output, "apply search list: %d\n", ldns_resolver_dnsrch(r)); fprintf(output, "nameservers (%d listed):\n", (int)ldns_resolver_nameserver_count(r)); for (i = 0; i < ldns_resolver_nameserver_count(r); i++) { fprintf(output, "\t"); ldns_rdf_print(output, n[i]); switch ((int)rtt[i]) { case LDNS_RESOLV_RTT_MIN: fprintf(output, " - reachable\n"); break; case LDNS_RESOLV_RTT_INF: fprintf(output, " - unreachable\n"); break; } } } void ldns_resolver_print(FILE *output, const ldns_resolver *r) { ldns_resolver_print_fmt(output, ldns_output_format_default, r); } void ldns_zone_print_fmt(FILE *output, const ldns_output_format *fmt, const ldns_zone *z) { if(ldns_zone_soa(z)) ldns_rr_print_fmt(output, fmt, ldns_zone_soa(z)); ldns_rr_list_print_fmt(output, fmt, ldns_zone_rrs(z)); } void ldns_zone_print(FILE *output, const ldns_zone *z) { ldns_zone_print_fmt(output, ldns_output_format_default, z); } ldns-1.9.0/makewin.sh0000775000175000017500000002442315114326257014034 0ustar willemwillem#!/usr/bin/env bash # compile ldns for windows cdir="$(echo ldns.win.$$)" tmpdir=$(pwd) mkdir "$cdir" cd "$cdir" #configure="mingw32-configure" #strip="i686-w64-mingw32-strip" #warch="i686" configure="mingw64-configure" strip="x86_64-w64-mingw32-strip" warch="x86_64" WINSSL="$HOME/Downloads/openssl-1.1.0h.tar.gz" cross_flag="" cross_flag_nonstatic="" RC="no" SNAPSHOT="no" CHECKOUT="" GITREPO="" # the destination is a zipfile in the start directory ldns-a.b.c.zip # the start directory is a git repository, and it is copied to build from. info () { echo "info: $1" } error_cleanup () { echo "$1" cd "$tmpdir" rm -rf "$cdir" exit 1 } replace_text () { (cp "$1" "$1".orig && \ sed -e "s/$2/$3/g" < "$1".orig > "$1" && \ rm "$1".orig) || error_cleanup "Replacement for $1 failed." } # Parse command line arguments while [ "$1" ]; do case "$1" in "-h") echo "Compile a zip file with static executables, and" echo "dynamic library, static library, include dir and" echo "manual pages." echo "" echo " -h This usage information." echo " -s snapshot, current date appended to version" echo " -rc release candidate, the number is added to version" echo " ldns-rc." echo " -u git_url Retrieve the source from the specified repository url." echo " Detected from the working copy if not specified." echo " -c Checkout this tag or branch, (defaults to current" echo " branch)." echo " -wssl Pass openssl.tar.gz file, use absolute path." echo "" exit 1 ;; "-c") CHECKOUT="$2" shift ;; "-s") SNAPSHOT="yes" ;; "-rc") RC="$2" shift ;; "-u") GITREPO="$2" shift ;; "-wssl") WINSSL="$2" shift ;; *) error_cleanup "Unrecognized argument -- $1" ;; esac shift done if [ -z "$CHECKOUT" ] then if [ "$RC" = "no" ] then CHECKOUT=$( (git status | head -n 1 | awk '{print$3}') || echo master) else CHECKOUT=$( (git status | head -n 1 | awk '{print$3}') || echo develop) fi fi if [ -z "$GITREPO" ] then GITREPO=`git config remote.origin.url` fi # this script creates a temp directory $cdir. # this directory contains subdirectories: # ldns/ : ldns source compiled # openssl-a.b.c/ : the openSSL source compiled # ldnsinstall/ : install of ldns here. # sslinstall/ : install of ssl here. # file/ : directory to gather the components of the zipfile distribution # ldns-nonstatic/ : ldns source compiled nonstatic # ldnsinstall-nonstatic/ : install of ldns nonstatic compile # openssl-nonstatic/ : nonstatic openssl source compiled # sslinstall-nonstatic/ : install of nonstatic openssl compile info "exporting source into $cdir/ldns" git clone "$GITREPO" ldns || error_cleanup "git command failed" (cd ldns; git checkout "$CHECKOUT") || error_cleanup "Could not checkout $CHECKOUT" #svn export . $cdir/ldns info "exporting source into $cdir/ldns-nonstatic" git clone "$GITREPO" ldns-nonstatic || error_cleanup "git command failed" (cd ldns-nonstatic; git checkout "$CHECKOUT") || error_cleanup "Could not checkout $CHECKOUT" #svn export . $cdir/ldns-nonstatic # Fix up the version number if necessary (cd ldns; if test ! -f install-sh -a -f ../../install-sh; then cp ../../install-sh . ; fi; libtoolize -ci; autoreconf -fi) version=$(./ldns/configure --version | head -1 | awk '{ print $3 }') || \ error_cleanup "Cannot determine version number." info "LDNS version: $version" if [ "$RC" != "no" ]; then info "Building LDNS release candidate $RC." version2="${version}-rc$RC" info "Version number: $version2" replace_text "ldns/configure.ac" "AC_INIT(ldns, $version" "AC_INIT(ldns, $version2" replace_text "ldns-nonstatic/configure.ac" "AC_INIT(ldns, $version" "AC_INIT(ldns, $version2" version="$version2" fi if [ "$SNAPSHOT" = "yes" ]; then info "Building LDNS snapshot." version2="${version}_$(date +%Y%m%d)" info "Snapshot version number: $version2" replace_text "ldns/configure.ac" "AC_INIT(ldns, $version" "AC_INIT(ldns, $version2" replace_text "ldns-nonstatic/configure.ac" "AC_INIT(ldns, $version" "AC_INIT(ldns, $version2" version="$version2" fi # Build OpenSSL gzip -cd "$WINSSL" | tar xf - || error_cleanup "tar unpack of $WINSSL failed" sslinstall="$(pwd)/sslinstall" cd openssl-* || error_cleanup "no openssl-X dir in tarball" if test $configure = "mingw64-configure"; then sslflags="no-shared no-asm -DOPENSSL_NO_CAPIENG mingw64" else sslflags="no-shared no-asm -DOPENSSL_NO_CAPIENG mingw" fi info "winssl: Configure $sslflags" if test -f "/usr/${warch}-w64-mingw32/sys-root/mingw/bin/libssp-0.dll" ; then export __CNF_LDLIBS="-l:libssp.a" fi CC="${warch}-w64-mingw32-gcc" AR="${warch}-w64-mingw32-ar" RANLIB="${warch}-w64-mingw32-ranlib" WINDRES="${warch}-w64-mingw32-windres" ./Configure --prefix="$sslinstall" $sslflags || error_cleanup "OpenSSL Configure failed" info "winssl: make" make || error_cleanup "make failed for $WINSSL" info "winssl: make install_sw" make install_sw || error_cleanup "OpenSSL install failed" cross_flag="$cross_flag --with-ssl=$sslinstall" cd .. # Build ldns ldnsinstall="$(pwd)/ldnsinstall" cd ldns info "ldns: autoconf" # cp install-sh because one at ../.. means libtoolize won't install it for us. if test ! -f install-sh -a -f ../../install-sh; then cp ../../install-sh . ; fi libtoolize -ci autoreconf -fi ldns_flag="--with-examples --with-drill" if test -f "/usr/${warch}-w64-mingw32/sys-root/mingw/bin/libssp-0.dll" ; then info "ldns: Configure $cross_flag $ldns_flag LDFLAGS=\"-fstack-protector\" LIBS=\"-l:libssp.a\"" $configure $cross_flag $ldns_flag LDFLAGS="-fstack-protector" LIBS="-l:libssp.a" || error_cleanup "ldns configure failed" else info "ldns: Configure $cross_flag $ldns_flag" $configure $cross_flag $ldns_flag || error_cleanup "ldns configure failed" fi info "ldns: make" make || error_cleanup "ldns make failed" # do not strip debug symbols, could be useful for stack traces # $strip lib/*.dll || error_cleanup "cannot strip ldns dll" make doc || error_cleanup "ldns make doc failed" DESTDIR=$ldnsinstall make install || error_cleanup "ldns make install failed" cd .. # Build OpenSSL nonstatic sslinstallnonstatic="$(pwd)/sslinstallnonstatic" mkdir openssl-nonstatic cd openssl-nonstatic # remove openssl-a.b.c/ and put in openssl-nonstatic directory gzip -cd "$WINSSL" | tar xf - --strip-components=1 || error_cleanup "tar unpack of $WINSSL failed" if test "$configure" = "mingw64-configure"; then sslflags_nonstatic="shared no-asm -DOPENSSL_NO_CAPIENG mingw64" else sslflags_nonstatic="shared no-asm -DOPENSSL_NO_CAPIENG mingw" fi info "winsslnonstatic: Configure $sslflags_nonstatic" CC="${warch}-w64-mingw32-gcc" AR="${warch}-w64-mingw32-ar" RANLIB="${warch}-w64-mingw32-ranlib" WINDRES="${warch}-w64-mingw32-windres" ./Configure --prefix="$sslinstallnonstatic" $sslflags_nonstatic || error_cleanup "OpenSSL Configure failed" info "winsslnonstatic: make" make || error_cleanup "make failed for $WINSSL" info "winsslnonstatic: make install_sw" make install_sw || error_cleanup "OpenSSL install failed" cross_flag_nonstatic="$cross_flag_nonstatic --with-ssl=$sslinstallnonstatic" cd .. # Build ldns nonstatic ldnsinstallnonstatic="$(pwd)/ldnsinstall-nonstatic" cd ldns-nonstatic info "ldnsnonstatic: autoconf" # cp install-sh because one at ../.. means libtoolize won't install it for us. if test ! -f install-sh -a -f ../../install-sh; then cp ../../install-sh . ; fi libtoolize -ci autoreconf -fi ldns_flag_nonstatic="--with-examples --with-drill" if test -f "/usr/${warch}-w64-mingw32/sys-root/mingw/bin/libssp-0.dll" ; then info "ldnsnonstatic: Configure $cross_flag_nonstatic $ldns_flag_nonstatic LDFLAGS=\"-fstack-protector\" LIBS=\"-lssp\"" $configure $cross_flag_nonstatic $ldns_flag_nonstatic LDFLAGS="-fstack-protector" LIBS="-lssp" || error_cleanup "ldns configure failed" else info "ldnsnonstatic: Configure $cross_flag_nonstatic $ldns_flag_nonstatic" $configure $cross_flag_nonstatic $ldns_flag_nonstatic || error_cleanup "ldns configure failed" fi info "ldnsnonstatic: make" make || error_cleanup "ldns make failed" # do not strip debug symbols, could be useful for stack traces # $strip lib/*.dll || error_cleanup "cannot strip ldns dll" make doc || error_cleanup "ldns make doc failed" DESTDIR=$ldnsinstallnonstatic make install || error_cleanup "ldns make install failed" cd .. # create zipfile file="ldns-$version.zip" rm -f "$file" info "Creating $file" mkdir file cd file installplace="$ldnsinstall/usr/$warch-w64-mingw32/sys-root/mingw" installplacenonstatic="$ldnsinstallnonstatic/usr/$warch-w64-mingw32/sys-root/mingw" cp "$installplace"/lib/libldns.a . cp "$installplacenonstatic"/lib/libldns.dll.a . cp "$installplacenonstatic"/bin/*.dll . if test -d "$sslinstallnonstatic"/lib64; then cp "$sslinstallnonstatic"/lib64/*.dll.a . else cp "$sslinstallnonstatic"/lib/*.dll.a . fi cp "$sslinstallnonstatic"/bin/*.dll . if test -d "$sslinstallnonstatic"/lib64; then cp "$sslinstallnonstatic"/lib64/engines-*/*.dll . else cp "$sslinstallnonstatic"/lib/engines-*/*.dll . fi if test -f "/usr/${warch}-w64-mingw32/sys-root/mingw/bin/libssp-0.dll" ; then cp "/usr/${warch}-w64-mingw32/sys-root/mingw/bin/libssp-0.dll" . fi cp ../ldns/LICENSE . cp ../ldns/README . cp ../ldns/Changelog . info "copy static exe" for x in "$installplace"/bin/* ; do cp "$x" . done # but the shell script stays a script file if test -f ldns-config.exe; then mv ldns-config.exe ldns-config fi info "copy include" mkdir include mkdir include/ldns cp "$installplace"/include/ldns/*.h include/ldns/. info "copy man1" mkdir man1 cp "$installplace"/share/man/man1/* man1/. info "copy man3" mkdir man3 cp "$installplace"/share/man/man3/* man3/. info "create cat1" mkdir cat1 for x in man1/*.1; do groff -man -Tascii -Z "$x" | grotty -cbu > cat1/"$(basename "$x" .1).txt"; done info "create cat3" mkdir cat3 for x in man3/*.3; do groff -man -Tascii -Z "$x" | grotty -cbu > cat3/"$(basename "$x" .3).txt"; done add_files="" if test -f ldns-config; then add_files="$add_files ldns-config"; fi rm -f "../../$file" info "$file contents" # show contents of directory we are zipping up. du -s ./* # zip it info "zip $file" zip -r ../../"$file" LICENSE README libldns.a *.dll *.dll.a Changelog *.exe $add_files include man1 man3 cat1 cat3 info "Testing $file" (cd ../.. ; zip -T "$file" ) || error_cleanup "errors in zipfile $file" cd .. # cleanup before exit cd "$tmpdir" rm -rf "$cdir" echo "done" # display ls -lG "$file" ldns-1.9.0/config.sub0000755000175000017500000011600715114326262014017 0ustar willemwillem#! /bin/sh # Configuration validation subroutine script. # Copyright 1992-2025 Free Software Foundation, Inc. # shellcheck disable=SC2006,SC2268,SC2162 # see below for rationale timestamp='2025-07-10' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, see . # # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that # program. This Exception is an additional permission under section 7 # of the GNU General Public License, version 3 ("GPLv3"). # Please send patches to . # # Configuration subroutine to validate and canonicalize a configuration type. # Supply the specified configuration type as an argument. # If it is invalid, we print an error message on stderr and exit with code 1. # Otherwise, we print the canonical config type on stdout and succeed. # You can get the latest version of this script from: # https://git.savannah.gnu.org/cgit/config.git/plain/config.sub # This file is supposed to be the same for all GNU packages # and recognize all the CPU types, system types and aliases # that are meaningful with *any* GNU software. # Each package is responsible for reporting which valid configurations # it does not support. The user should be able to distinguish # a failure to support a valid configuration from a meaningless # configuration. # The goal of this file is to map all the various variations of a given # machine specification into a single specification in the form: # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM # or in some cases, the newer four-part form: # CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM # It is wrong to echo any other type of specification. # The "shellcheck disable" line above the timestamp inhibits complaints # about features and limitations of the classic Bourne shell that were # superseded or lifted in POSIX. However, this script identifies a wide # variety of pre-POSIX systems that do not have POSIX shells at all, and # even some reasonably current systems (Solaris 10 as case-in-point) still # have a pre-POSIX /bin/sh. me=`echo "$0" | sed -e 's,.*/,,'` usage="\ Usage: $0 [OPTION] CPU-MFR-OPSYS or ALIAS Canonicalize a configuration name. Options: -h, --help print this help, then exit -t, --time-stamp print date of last modification, then exit -v, --version print version number, then exit Report bugs and patches to ." version="\ GNU config.sub ($timestamp) Copyright 1992-2025 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." help=" Try '$me --help' for more information." # Parse command line while test $# -gt 0 ; do case $1 in --time-stamp | --time* | -t ) echo "$timestamp" ; exit ;; --version | -v ) echo "$version" ; exit ;; --help | --h* | -h ) echo "$usage"; exit ;; -- ) # Stop option processing shift; break ;; - ) # Use stdin as input. break ;; -* ) echo "$me: invalid option $1$help" >&2 exit 1 ;; *local*) # First pass through any local machine types. echo "$1" exit ;; * ) break ;; esac done case $# in 0) echo "$me: missing argument$help" >&2 exit 1;; 1) ;; *) echo "$me: too many arguments$help" >&2 exit 1;; esac # Split fields of configuration type saved_IFS=$IFS IFS="-" read field1 field2 field3 field4 <&2 exit 1 ;; *-*-*-*) basic_machine=$field1-$field2 basic_os=$field3-$field4 ;; *-*-*) # Ambiguous whether COMPANY is present, or skipped and KERNEL-OS is two # parts maybe_os=$field2-$field3 case $maybe_os in cloudabi*-eabi* \ | kfreebsd*-gnu* \ | knetbsd*-gnu* \ | kopensolaris*-gnu* \ | ironclad-* \ | linux-* \ | managarm-* \ | netbsd*-eabi* \ | netbsd*-gnu* \ | nto-qnx* \ | os2-emx* \ | rtmk-nova* \ | storm-chaos* \ | uclinux-gnu* \ | uclinux-uclibc* \ | windows-* ) basic_machine=$field1 basic_os=$maybe_os ;; android-linux) basic_machine=$field1-unknown basic_os=linux-android ;; *) basic_machine=$field1-$field2 basic_os=$field3 ;; esac ;; *-*) case $field1-$field2 in # Shorthands that happen to contain a single dash convex-c[12] | convex-c3[248]) basic_machine=$field2-convex basic_os= ;; decstation-3100) basic_machine=mips-dec basic_os= ;; *-*) # Second component is usually, but not always the OS case $field2 in # Do not treat sunos as a manufacturer sun*os*) basic_machine=$field1 basic_os=$field2 ;; # Manufacturers 3100* \ | 32* \ | 3300* \ | 3600* \ | 7300* \ | acorn \ | altos* \ | apollo \ | apple \ | atari \ | att* \ | axis \ | be \ | bull \ | cbm \ | ccur \ | cisco \ | commodore \ | convergent* \ | convex* \ | cray \ | crds \ | dec* \ | delta* \ | dg \ | digital \ | dolphin \ | encore* \ | gould \ | harris \ | highlevel \ | hitachi* \ | hp \ | ibm* \ | intergraph \ | isi* \ | knuth \ | masscomp \ | microblaze* \ | mips* \ | motorola* \ | ncr* \ | news \ | next \ | ns \ | oki \ | omron* \ | pc533* \ | rebel \ | rom68k \ | rombug \ | semi \ | sequent* \ | sgi* \ | siemens \ | sim \ | sni \ | sony* \ | stratus \ | sun \ | sun[234]* \ | tektronix \ | tti* \ | ultra \ | unicom* \ | wec \ | winbond \ | wrs) basic_machine=$field1-$field2 basic_os= ;; tock* | zephyr*) basic_machine=$field1-unknown basic_os=$field2 ;; *) basic_machine=$field1 basic_os=$field2 ;; esac ;; esac ;; *) # Convert single-component short-hands not valid as part of # multi-component configurations. case $field1 in 386bsd) basic_machine=i386-pc basic_os=bsd ;; a29khif) basic_machine=a29k-amd basic_os=udi ;; adobe68k) basic_machine=m68010-adobe basic_os=scout ;; alliant) basic_machine=fx80-alliant basic_os= ;; altos | altos3068) basic_machine=m68k-altos basic_os= ;; am29k) basic_machine=a29k-none basic_os=bsd ;; amdahl) basic_machine=580-amdahl basic_os=sysv ;; amiga) basic_machine=m68k-unknown basic_os= ;; amigaos | amigados) basic_machine=m68k-unknown basic_os=amigaos ;; amigaunix | amix) basic_machine=m68k-unknown basic_os=sysv4 ;; apollo68) basic_machine=m68k-apollo basic_os=sysv ;; apollo68bsd) basic_machine=m68k-apollo basic_os=bsd ;; aros) basic_machine=i386-pc basic_os=aros ;; aux) basic_machine=m68k-apple basic_os=aux ;; balance) basic_machine=ns32k-sequent basic_os=dynix ;; blackfin) basic_machine=bfin-unknown basic_os=linux ;; cegcc) basic_machine=arm-unknown basic_os=cegcc ;; cray) basic_machine=j90-cray basic_os=unicos ;; crds | unos) basic_machine=m68k-crds basic_os= ;; da30) basic_machine=m68k-da30 basic_os= ;; decstation | pmax | pmin | dec3100 | decstatn) basic_machine=mips-dec basic_os= ;; delta88) basic_machine=m88k-motorola basic_os=sysv3 ;; dicos) basic_machine=i686-pc basic_os=dicos ;; djgpp) basic_machine=i586-pc basic_os=msdosdjgpp ;; ebmon29k) basic_machine=a29k-amd basic_os=ebmon ;; es1800 | OSE68k | ose68k | ose | OSE) basic_machine=m68k-ericsson basic_os=ose ;; gmicro) basic_machine=tron-gmicro basic_os=sysv ;; go32) basic_machine=i386-pc basic_os=go32 ;; h8300hms) basic_machine=h8300-hitachi basic_os=hms ;; h8300xray) basic_machine=h8300-hitachi basic_os=xray ;; h8500hms) basic_machine=h8500-hitachi basic_os=hms ;; harris) basic_machine=m88k-harris basic_os=sysv3 ;; hp300 | hp300hpux) basic_machine=m68k-hp basic_os=hpux ;; hp300bsd) basic_machine=m68k-hp basic_os=bsd ;; hppaosf) basic_machine=hppa1.1-hp basic_os=osf ;; hppro) basic_machine=hppa1.1-hp basic_os=proelf ;; i386mach) basic_machine=i386-mach basic_os=mach ;; isi68 | isi) basic_machine=m68k-isi basic_os=sysv ;; m68knommu) basic_machine=m68k-unknown basic_os=linux ;; magnum | m3230) basic_machine=mips-mips basic_os=sysv ;; merlin) basic_machine=ns32k-utek basic_os=sysv ;; mingw64) basic_machine=x86_64-pc basic_os=mingw64 ;; mingw32) basic_machine=i686-pc basic_os=mingw32 ;; mingw32ce) basic_machine=arm-unknown basic_os=mingw32ce ;; monitor) basic_machine=m68k-rom68k basic_os=coff ;; morphos) basic_machine=powerpc-unknown basic_os=morphos ;; moxiebox) basic_machine=moxie-unknown basic_os=moxiebox ;; msdos) basic_machine=i386-pc basic_os=msdos ;; msys) basic_machine=i686-pc basic_os=msys ;; mvs) basic_machine=i370-ibm basic_os=mvs ;; nacl) basic_machine=le32-unknown basic_os=nacl ;; ncr3000) basic_machine=i486-ncr basic_os=sysv4 ;; netbsd386) basic_machine=i386-pc basic_os=netbsd ;; netwinder) basic_machine=armv4l-rebel basic_os=linux ;; news | news700 | news800 | news900) basic_machine=m68k-sony basic_os=newsos ;; news1000) basic_machine=m68030-sony basic_os=newsos ;; necv70) basic_machine=v70-nec basic_os=sysv ;; nh3000) basic_machine=m68k-harris basic_os=cxux ;; nh[45]000) basic_machine=m88k-harris basic_os=cxux ;; nindy960) basic_machine=i960-intel basic_os=nindy ;; mon960) basic_machine=i960-intel basic_os=mon960 ;; nonstopux) basic_machine=mips-compaq basic_os=nonstopux ;; os400) basic_machine=powerpc-ibm basic_os=os400 ;; OSE68000 | ose68000) basic_machine=m68000-ericsson basic_os=ose ;; os68k) basic_machine=m68k-none basic_os=os68k ;; paragon) basic_machine=i860-intel basic_os=osf ;; parisc) basic_machine=hppa-unknown basic_os=linux ;; psp) basic_machine=mipsallegrexel-sony basic_os=psp ;; pw32) basic_machine=i586-unknown basic_os=pw32 ;; rdos | rdos64) basic_machine=x86_64-pc basic_os=rdos ;; rdos32) basic_machine=i386-pc basic_os=rdos ;; rom68k) basic_machine=m68k-rom68k basic_os=coff ;; sa29200) basic_machine=a29k-amd basic_os=udi ;; sei) basic_machine=mips-sei basic_os=seiux ;; sequent) basic_machine=i386-sequent basic_os= ;; sps7) basic_machine=m68k-bull basic_os=sysv2 ;; st2000) basic_machine=m68k-tandem basic_os= ;; stratus) basic_machine=i860-stratus basic_os=sysv4 ;; sun2) basic_machine=m68000-sun basic_os= ;; sun2os3) basic_machine=m68000-sun basic_os=sunos3 ;; sun2os4) basic_machine=m68000-sun basic_os=sunos4 ;; sun3) basic_machine=m68k-sun basic_os= ;; sun3os3) basic_machine=m68k-sun basic_os=sunos3 ;; sun3os4) basic_machine=m68k-sun basic_os=sunos4 ;; sun4) basic_machine=sparc-sun basic_os= ;; sun4os3) basic_machine=sparc-sun basic_os=sunos3 ;; sun4os4) basic_machine=sparc-sun basic_os=sunos4 ;; sun4sol2) basic_machine=sparc-sun basic_os=solaris2 ;; sun386 | sun386i | roadrunner) basic_machine=i386-sun basic_os= ;; sv1) basic_machine=sv1-cray basic_os=unicos ;; symmetry) basic_machine=i386-sequent basic_os=dynix ;; t3e) basic_machine=alphaev5-cray basic_os=unicos ;; t90) basic_machine=t90-cray basic_os=unicos ;; toad1) basic_machine=pdp10-xkl basic_os=tops20 ;; tpf) basic_machine=s390x-ibm basic_os=tpf ;; udi29k) basic_machine=a29k-amd basic_os=udi ;; ultra3) basic_machine=a29k-nyu basic_os=sym1 ;; v810 | necv810) basic_machine=v810-nec basic_os=none ;; vaxv) basic_machine=vax-dec basic_os=sysv ;; vms) basic_machine=vax-dec basic_os=vms ;; vsta) basic_machine=i386-pc basic_os=vsta ;; vxworks960) basic_machine=i960-wrs basic_os=vxworks ;; vxworks68) basic_machine=m68k-wrs basic_os=vxworks ;; vxworks29k) basic_machine=a29k-wrs basic_os=vxworks ;; xbox) basic_machine=i686-pc basic_os=mingw32 ;; ymp) basic_machine=ymp-cray basic_os=unicos ;; *) basic_machine=$1 basic_os= ;; esac ;; esac # Decode 1-component or ad-hoc basic machines case $basic_machine in # Here we handle the default manufacturer of certain CPU types. It is in # some cases the only manufacturer, in others, it is the most popular. w89k) cpu=hppa1.1 vendor=winbond ;; op50n) cpu=hppa1.1 vendor=oki ;; op60c) cpu=hppa1.1 vendor=oki ;; ibm*) cpu=i370 vendor=ibm ;; orion105) cpu=clipper vendor=highlevel ;; mac | mpw | mac-mpw) cpu=m68k vendor=apple ;; pmac | pmac-mpw) cpu=powerpc vendor=apple ;; # Recognize the various machine names and aliases which stand # for a CPU type and a company and sometimes even an OS. 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc) cpu=m68000 vendor=att ;; 3b*) cpu=we32k vendor=att ;; bluegene*) cpu=powerpc vendor=ibm basic_os=cnk ;; decsystem10* | dec10*) cpu=pdp10 vendor=dec basic_os=tops10 ;; decsystem20* | dec20*) cpu=pdp10 vendor=dec basic_os=tops20 ;; delta | 3300 | delta-motorola | 3300-motorola | motorola-delta | motorola-3300) cpu=m68k vendor=motorola ;; # This used to be dpx2*, but that gets the RS6000-based # DPX/20 and the x86-based DPX/2-100 wrong. See # https://oldskool.silicium.org/stations/bull_dpx20.htm # https://www.feb-patrimoine.com/english/bull_dpx2.htm # https://www.feb-patrimoine.com/english/unix_and_bull.htm dpx2 | dpx2[23]00 | dpx2[23]xx) cpu=m68k vendor=bull ;; dpx2100 | dpx21xx) cpu=i386 vendor=bull ;; dpx20) cpu=rs6000 vendor=bull ;; encore | umax | mmax) cpu=ns32k vendor=encore ;; elxsi) cpu=elxsi vendor=elxsi basic_os=${basic_os:-bsd} ;; fx2800) cpu=i860 vendor=alliant ;; genix) cpu=ns32k vendor=ns ;; h3050r* | hiux*) cpu=hppa1.1 vendor=hitachi basic_os=hiuxwe2 ;; hp3k9[0-9][0-9] | hp9[0-9][0-9]) cpu=hppa1.0 vendor=hp ;; hp9k2[0-9][0-9] | hp9k31[0-9]) cpu=m68000 vendor=hp ;; hp9k3[2-9][0-9]) cpu=m68k vendor=hp ;; hp9k6[0-9][0-9] | hp6[0-9][0-9]) cpu=hppa1.0 vendor=hp ;; hp9k7[0-79][0-9] | hp7[0-79][0-9]) cpu=hppa1.1 vendor=hp ;; hp9k78[0-9] | hp78[0-9]) # FIXME: really hppa2.0-hp cpu=hppa1.1 vendor=hp ;; hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893) # FIXME: really hppa2.0-hp cpu=hppa1.1 vendor=hp ;; hp9k8[0-9][13679] | hp8[0-9][13679]) cpu=hppa1.1 vendor=hp ;; hp9k8[0-9][0-9] | hp8[0-9][0-9]) cpu=hppa1.0 vendor=hp ;; i*86v32) cpu=`echo "$1" | sed -e 's/86.*/86/'` vendor=pc basic_os=sysv32 ;; i*86v4*) cpu=`echo "$1" | sed -e 's/86.*/86/'` vendor=pc basic_os=sysv4 ;; i*86v) cpu=`echo "$1" | sed -e 's/86.*/86/'` vendor=pc basic_os=sysv ;; i*86sol2) cpu=`echo "$1" | sed -e 's/86.*/86/'` vendor=pc basic_os=solaris2 ;; j90 | j90-cray) cpu=j90 vendor=cray basic_os=${basic_os:-unicos} ;; iris | iris4d) cpu=mips vendor=sgi case $basic_os in irix*) ;; *) basic_os=irix4 ;; esac ;; miniframe) cpu=m68000 vendor=convergent ;; *mint | mint[0-9]* | *MiNT | *MiNT[0-9]*) cpu=m68k vendor=atari basic_os=mint ;; news-3600 | risc-news) cpu=mips vendor=sony basic_os=newsos ;; next | m*-next) cpu=m68k vendor=next ;; np1) cpu=np1 vendor=gould ;; op50n-* | op60c-*) cpu=hppa1.1 vendor=oki basic_os=proelf ;; pa-hitachi) cpu=hppa1.1 vendor=hitachi basic_os=hiuxwe2 ;; pbd) cpu=sparc vendor=tti ;; pbb) cpu=m68k vendor=tti ;; pc532) cpu=ns32k vendor=pc532 ;; pn) cpu=pn vendor=gould ;; power) cpu=power vendor=ibm ;; ps2) cpu=i386 vendor=ibm ;; rm[46]00) cpu=mips vendor=siemens ;; rtpc | rtpc-*) cpu=romp vendor=ibm ;; sde) cpu=mipsisa32 vendor=sde basic_os=${basic_os:-elf} ;; simso-wrs) cpu=sparclite vendor=wrs basic_os=vxworks ;; tower | tower-32) cpu=m68k vendor=ncr ;; vpp*|vx|vx-*) cpu=f301 vendor=fujitsu ;; w65) cpu=w65 vendor=wdc ;; w89k-*) cpu=hppa1.1 vendor=winbond basic_os=proelf ;; none) cpu=none vendor=none ;; leon|leon[3-9]) cpu=sparc vendor=$basic_machine ;; leon-*|leon[3-9]-*) cpu=sparc vendor=`echo "$basic_machine" | sed 's/-.*//'` ;; *-*) saved_IFS=$IFS IFS="-" read cpu vendor <&2 exit 1 ;; esac ;; esac # Here we canonicalize certain aliases for manufacturers. case $vendor in digital*) vendor=dec ;; commodore*) vendor=cbm ;; *) ;; esac # Decode manufacturer-specific aliases for certain operating systems. if test x"$basic_os" != x then # First recognize some ad-hoc cases, or perhaps split kernel-os, or else just # set os. obj= case $basic_os in gnu/linux*) kernel=linux os=`echo "$basic_os" | sed -e 's|gnu/linux|gnu|'` ;; os2-emx) kernel=os2 os=`echo "$basic_os" | sed -e 's|os2-emx|emx|'` ;; nto-qnx*) kernel=nto os=`echo "$basic_os" | sed -e 's|nto-qnx|qnx|'` ;; *-*) saved_IFS=$IFS IFS="-" read kernel os <&2 fi ;; *) echo "Invalid configuration '$1': OS '$os' not recognized" 1>&2 exit 1 ;; esac case $obj in aout* | coff* | elf* | pe*) ;; '') # empty is fine ;; *) echo "Invalid configuration '$1': Machine code format '$obj' not recognized" 1>&2 exit 1 ;; esac # Here we handle the constraint that a (synthetic) cpu and os are # valid only in combination with each other and nowhere else. case $cpu-$os in # The "javascript-unknown-ghcjs" triple is used by GHC; we # accept it here in order to tolerate that, but reject any # variations. javascript-ghcjs) ;; javascript-* | *-ghcjs) echo "Invalid configuration '$1': cpu '$cpu' is not valid with os '$os$obj'" 1>&2 exit 1 ;; esac # As a final step for OS-related things, validate the OS-kernel combination # (given a valid OS), if there is a kernel. case $kernel-$os-$obj in linux-gnu*- | linux-android*- | linux-dietlibc*- | linux-llvm*- \ | linux-mlibc*- | linux-musl*- | linux-newlib*- \ | linux-relibc*- | linux-uclibc*- | linux-ohos*- ) ;; uclinux-uclibc*- | uclinux-gnu*- ) ;; ironclad-mlibc*-) ;; managarm-mlibc*- | managarm-kernel*- ) ;; windows*-msvc*-) ;; -dietlibc*- | -llvm*- | -mlibc*- | -musl*- | -newlib*- | -relibc*- \ | -uclibc*- ) # These are just libc implementations, not actual OSes, and thus # require a kernel. echo "Invalid configuration '$1': libc '$os' needs explicit kernel." 1>&2 exit 1 ;; -kernel*- ) echo "Invalid configuration '$1': '$os' needs explicit kernel." 1>&2 exit 1 ;; *-kernel*- ) echo "Invalid configuration '$1': '$kernel' does not support '$os'." 1>&2 exit 1 ;; *-msvc*- ) echo "Invalid configuration '$1': '$os' needs 'windows'." 1>&2 exit 1 ;; kfreebsd*-gnu*- | knetbsd*-gnu*- | netbsd*-gnu*- | kopensolaris*-gnu*-) ;; vxworks-simlinux- | vxworks-simwindows- | vxworks-spe-) ;; nto-qnx*-) ;; os2-emx-) ;; rtmk-nova-) ;; *-eabi*- | *-gnueabi*-) ;; ios*-simulator- | tvos*-simulator- | watchos*-simulator- ) ;; none--*) # None (no kernel, i.e. freestanding / bare metal), # can be paired with an machine code file format ;; -*-) # Blank kernel with real OS is always fine. ;; --*) # Blank kernel and OS with real machine code file format is always fine. ;; *-*-*) echo "Invalid configuration '$1': Kernel '$kernel' not known to work with OS '$os'." 1>&2 exit 1 ;; esac # Here we handle the case where we know the os, and the CPU type, but not the # manufacturer. We pick the logical manufacturer. case $vendor in unknown) case $cpu-$os in *-riscix*) vendor=acorn ;; *-sunos* | *-solaris*) vendor=sun ;; *-cnk* | *-aix*) vendor=ibm ;; *-beos*) vendor=be ;; *-hpux*) vendor=hp ;; *-mpeix*) vendor=hp ;; *-hiux*) vendor=hitachi ;; *-unos*) vendor=crds ;; *-dgux*) vendor=dg ;; *-luna*) vendor=omron ;; *-genix*) vendor=ns ;; *-clix*) vendor=intergraph ;; *-mvs* | *-opened*) vendor=ibm ;; *-os400*) vendor=ibm ;; s390-* | s390x-*) vendor=ibm ;; *-ptx*) vendor=sequent ;; *-tpf*) vendor=ibm ;; *-vxsim* | *-vxworks* | *-windiss*) vendor=wrs ;; *-aux*) vendor=apple ;; *-hms*) vendor=hitachi ;; *-mpw* | *-macos*) vendor=apple ;; *-*mint | *-mint[0-9]* | *-*MiNT | *-MiNT[0-9]*) vendor=atari ;; *-vos*) vendor=stratus ;; esac ;; esac echo "$cpu-$vendor${kernel:+-$kernel}${os:+-$os}${obj:+-$obj}" exit # Local variables: # eval: (add-hook 'before-save-hook 'time-stamp nil t) # time-stamp-start: "timestamp='" # time-stamp-format: "%Y-%02m-%02d" # time-stamp-end: "'" # End: ldns-1.9.0/ax_python_devel.m40000664000175000017500000003361515114326257015477 0ustar willemwillem# =========================================================================== # https://www.gnu.org/software/autoconf-archive/ax_python_devel.html # =========================================================================== # # SYNOPSIS # # AX_PYTHON_DEVEL([version]) # # DESCRIPTION # # Note: Defines as a precious variable "PYTHON_VERSION". Don't override it # in your configure.ac. # # This macro checks for Python and tries to get the include path to # 'Python.h'. It provides the $(PYTHON_CPPFLAGS) and $(PYTHON_LIBS) output # variables. It also exports $(PYTHON_EXTRA_LIBS) and # $(PYTHON_EXTRA_LDFLAGS) for embedding Python in your code. # # You can search for some particular version of Python by passing a # parameter to this macro, for example ">= '2.3.1'", or "== '2.4'". Please # note that you *have* to pass also an operator along with the version to # match, and pay special attention to the single quotes surrounding the # version number. Don't use "PYTHON_VERSION" for this: that environment # variable is declared as precious and thus reserved for the end-user. # # This macro should work for all versions of Python >= 2.1.0. As an end # user, you can disable the check for the python version by setting the # PYTHON_NOVERSIONCHECK environment variable to something else than the # empty string. # # If you need to use this macro for an older Python version, please # contact the authors. We're always open for feedback. # # LICENSE # # Copyright (c) 2009 Sebastian Huber # Copyright (c) 2009 Alan W. Irwin # Copyright (c) 2009 Rafael Laboissiere # Copyright (c) 2009 Andrew Collier # Copyright (c) 2009 Matteo Settenvini # Copyright (c) 2009 Horst Knorr # Copyright (c) 2013 Daniel Mullner # # This program is free software: you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by the # Free Software Foundation, either version 3 of the License, or (at your # option) any later version. # # This program is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General # Public License for more details. # # You should have received a copy of the GNU General Public License along # with this program. If not, see . # # As a special exception, the respective Autoconf Macro's copyright owner # gives unlimited permission to copy, distribute and modify the configure # scripts that are the output of Autoconf when processing the Macro. You # need not follow the terms of the GNU General Public License when using # or distributing such scripts, even though portions of the text of the # Macro appear in them. The GNU General Public License (GPL) does govern # all other use of the material that constitutes the Autoconf Macro. # # This special exception to the GPL applies to versions of the Autoconf # Macro released by the Autoconf Archive. When you make and distribute a # modified version of the Autoconf Macro, you may extend this special # exception to the GPL to apply to your modified version as well. #serial 32 AU_ALIAS([AC_PYTHON_DEVEL], [AX_PYTHON_DEVEL]) AC_DEFUN([AX_PYTHON_DEVEL],[ # # Allow the use of a (user set) custom python version # AC_ARG_VAR([PYTHON_VERSION],[The installed Python version to use, for example '2.3'. This string will be appended to the Python interpreter canonical name.]) AC_PATH_PROG([PYTHON],[python[$PYTHON_VERSION]]) if test -z "$PYTHON"; then AC_MSG_ERROR([Cannot find python$PYTHON_VERSION in your system path]) PYTHON_VERSION="" fi # # Check for a version of Python >= 2.1.0 # AC_MSG_CHECKING([for a version of Python >= '2.1.0']) ac_supports_python_ver=`$PYTHON -c "import sys; \ ver = sys.version.split ()[[0]]; \ print (ver >= '2.1.0')"` if test "$ac_supports_python_ver" != "True"; then if test -z "$PYTHON_NOVERSIONCHECK"; then AC_MSG_RESULT([no]) AC_MSG_FAILURE([ This version of the AC@&t@_PYTHON_DEVEL macro doesn't work properly with versions of Python before 2.1.0. You may need to re-run configure, setting the variables PYTHON_CPPFLAGS, PYTHON_LIBS, PYTHON_SITE_PKG, PYTHON_EXTRA_LIBS and PYTHON_EXTRA_LDFLAGS by hand. Moreover, to disable this check, set PYTHON_NOVERSIONCHECK to something else than an empty string. ]) else AC_MSG_RESULT([skip at user request]) fi else AC_MSG_RESULT([yes]) fi # # If the macro parameter ``version'' is set, honour it. # A Python shim class, VPy, is used to implement correct version comparisons via # string expressions, since e.g. a naive textual ">= 2.7.3" won't work for # Python 2.7.10 (the ".1" being evaluated as less than ".3"). # if test -n "$1"; then AC_MSG_CHECKING([for a version of Python $1]) cat << EOF > ax_python_devel_vpy.py class VPy: def vtup(self, s): return tuple(map(int, s.strip().replace("rc", ".").split("."))) def __init__(self): import sys self.vpy = tuple(sys.version_info) def __eq__(self, s): return self.vpy == self.vtup(s) def __ne__(self, s): return self.vpy != self.vtup(s) def __lt__(self, s): return self.vpy < self.vtup(s) def __gt__(self, s): return self.vpy > self.vtup(s) def __le__(self, s): return self.vpy <= self.vtup(s) def __ge__(self, s): return self.vpy >= self.vtup(s) EOF ac_supports_python_ver=`$PYTHON -c "import ax_python_devel_vpy; \ ver = ax_python_devel_vpy.VPy(); \ print (ver $1)"` rm -rf ax_python_devel_vpy*.py* __pycache__/ax_python_devel_vpy*.py* if test "$ac_supports_python_ver" = "True"; then AC_MSG_RESULT([yes]) else AC_MSG_RESULT([no]) AC_MSG_ERROR([this package requires Python $1. If you have it installed, but it isn't the default Python interpreter in your system path, please pass the PYTHON_VERSION variable to configure. See ``configure --help'' for reference. ]) PYTHON_VERSION="" fi fi # # Check if you have distutils, else fail # AC_MSG_CHECKING([for the sysconfig Python package]) ac_sysconfig_result=`$PYTHON -c "import sysconfig" 2>&1` if test $? -eq 0; then AC_MSG_RESULT([yes]) IMPORT_SYSCONFIG="import sysconfig" else AC_MSG_RESULT([no]) AC_MSG_CHECKING([for the distutils Python package]) ac_sysconfig_result=`$PYTHON -c "from distutils import sysconfig" 2>&1` if test $? -eq 0; then AC_MSG_RESULT([yes]) IMPORT_SYSCONFIG="from distutils import sysconfig" else AC_MSG_ERROR([cannot import Python module "distutils". Please check your Python installation. The error was: $ac_sysconfig_result]) PYTHON_VERSION="" fi fi # # Check for Python include path # AC_MSG_CHECKING([for Python include path]) if test -z "$PYTHON_CPPFLAGS"; then if test "$IMPORT_SYSCONFIG" = "import sysconfig"; then # sysconfig module has different functions python_path=`$PYTHON -c "$IMPORT_SYSCONFIG; \ print (sysconfig.get_path ('include'));"` plat_python_path=`$PYTHON -c "$IMPORT_SYSCONFIG; \ print (sysconfig.get_path ('platinclude'));"` else # old distutils way python_path=`$PYTHON -c "$IMPORT_SYSCONFIG; \ print (sysconfig.get_python_inc ());"` plat_python_path=`$PYTHON -c "$IMPORT_SYSCONFIG; \ print (sysconfig.get_python_inc (plat_specific=1));"` fi if test -n "${python_path}"; then if test "${plat_python_path}" != "${python_path}"; then python_path="-I$python_path -I$plat_python_path" else python_path="-I$python_path" fi fi PYTHON_CPPFLAGS=$python_path fi AC_MSG_RESULT([$PYTHON_CPPFLAGS]) AC_SUBST([PYTHON_CPPFLAGS]) # # Check for Python library path # AC_MSG_CHECKING([for Python library path]) if test -z "$PYTHON_LIBS"; then # (makes two attempts to ensure we've got a version number # from the interpreter) ac_python_version=`cat<]], [[Py_Initialize();]]) ],[pythonexists=yes],[pythonexists=no]) AC_LANG_POP([C]) # turn back to default flags CPPFLAGS="$ac_save_CPPFLAGS" LIBS="$ac_save_LIBS" LDFLAGS="$ac_save_LDFLAGS" AC_MSG_RESULT([$pythonexists]) if test ! "x$pythonexists" = "xyes"; then AC_MSG_FAILURE([ Could not link test program to Python. Maybe the main Python library has been installed in some non-standard library path. If so, pass it to configure, via the LIBS environment variable. Example: ./configure LIBS="-L/usr/non-standard-path/python/lib" ============================================================================ ERROR! You probably have to install the development version of the Python package for your distribution. The exact name of this package varies among them. ============================================================================ ]) PYTHON_VERSION="" fi # # all done! # ]) ldns-1.9.0/rr_functions.c0000664000175000017500000002125015114326257014714 0ustar willemwillem/* * rr_function.c * * function that operate on specific rr types * * (c) NLnet Labs, 2004-2006 * See the file LICENSE for the license */ /* * These come strait from perldoc Net::DNS::RR::xxx * first the read variant, then the write. This is * not complete. */ #include #include #include #include /** * return a specific rdf * \param[in] type type of RR * \param[in] rr the rr itself * \param[in] pos at which position to get it * \return the rdf sought */ static ldns_rdf * ldns_rr_function(ldns_rr_type type, const ldns_rr *rr, size_t pos) { if (!rr || ldns_rr_get_type(rr) != type) { return NULL; } return ldns_rr_rdf(rr, pos); } /** * set a specific rdf * \param[in] type type of RR * \param[in] rr the rr itself * \param[in] rdf the rdf to set * \param[in] pos at which position to set it * \return true or false */ static bool ldns_rr_set_function(ldns_rr_type type, ldns_rr *rr, ldns_rdf *rdf, size_t pos) { ldns_rdf *pop; if (!rr || ldns_rr_get_type(rr) != type) { return false; } pop = ldns_rr_set_rdf(rr, rdf, pos); ldns_rdf_deep_free(pop); return true; } /* A/AAAA records */ ldns_rdf * ldns_rr_a_address(const ldns_rr *r) { /* 2 types to check, cannot use the macro */ if (!r || (ldns_rr_get_type(r) != LDNS_RR_TYPE_A && ldns_rr_get_type(r) != LDNS_RR_TYPE_AAAA)) { return NULL; } return ldns_rr_rdf(r, 0); } bool ldns_rr_a_set_address(ldns_rr *r, ldns_rdf *f) { /* 2 types to check, cannot use the macro... */ ldns_rdf *pop; if (!r || (ldns_rr_get_type(r) != LDNS_RR_TYPE_A && ldns_rr_get_type(r) != LDNS_RR_TYPE_AAAA)) { return false; } pop = ldns_rr_set_rdf(r, f, 0); if (pop) { LDNS_FREE(pop); return true; } else { return false; } } /* NS record */ ldns_rdf * ldns_rr_ns_nsdname(const ldns_rr *r) { return ldns_rr_function(LDNS_RR_TYPE_NS, r, 0); } /* MX record */ ldns_rdf * ldns_rr_mx_preference(const ldns_rr *r) { return ldns_rr_function(LDNS_RR_TYPE_MX, r, 0); } ldns_rdf * ldns_rr_mx_exchange(const ldns_rr *r) { return ldns_rr_function(LDNS_RR_TYPE_MX, r, 1); } /* RRSIG record */ ldns_rdf * ldns_rr_rrsig_typecovered(const ldns_rr *r) { return ldns_rr_function(LDNS_RR_TYPE_RRSIG, r, 0); } bool ldns_rr_rrsig_set_typecovered(ldns_rr *r, ldns_rdf *f) { return ldns_rr_set_function(LDNS_RR_TYPE_RRSIG, r, f, 0); } ldns_rdf * ldns_rr_rrsig_algorithm(const ldns_rr *r) { return ldns_rr_function(LDNS_RR_TYPE_RRSIG, r, 1); } bool ldns_rr_rrsig_set_algorithm(ldns_rr *r, ldns_rdf *f) { return ldns_rr_set_function(LDNS_RR_TYPE_RRSIG, r, f, 1); } ldns_rdf * ldns_rr_rrsig_labels(const ldns_rr *r) { return ldns_rr_function(LDNS_RR_TYPE_RRSIG, r, 2); } bool ldns_rr_rrsig_set_labels(ldns_rr *r, ldns_rdf *f) { return ldns_rr_set_function(LDNS_RR_TYPE_RRSIG, r, f, 2); } ldns_rdf * ldns_rr_rrsig_origttl(const ldns_rr *r) { return ldns_rr_function(LDNS_RR_TYPE_RRSIG, r, 3); } bool ldns_rr_rrsig_set_origttl(ldns_rr *r, ldns_rdf *f) { return ldns_rr_set_function(LDNS_RR_TYPE_RRSIG, r, f, 3); } ldns_rdf * ldns_rr_rrsig_expiration(const ldns_rr *r) { return ldns_rr_function(LDNS_RR_TYPE_RRSIG, r, 4); } bool ldns_rr_rrsig_set_expiration(ldns_rr *r, ldns_rdf *f) { return ldns_rr_set_function(LDNS_RR_TYPE_RRSIG, r, f, 4); } ldns_rdf * ldns_rr_rrsig_inception(const ldns_rr *r) { return ldns_rr_function(LDNS_RR_TYPE_RRSIG, r, 5); } bool ldns_rr_rrsig_set_inception(ldns_rr *r, ldns_rdf *f) { return ldns_rr_set_function(LDNS_RR_TYPE_RRSIG, r, f, 5); } ldns_rdf * ldns_rr_rrsig_keytag(const ldns_rr *r) { return ldns_rr_function(LDNS_RR_TYPE_RRSIG, r, 6); } bool ldns_rr_rrsig_set_keytag(ldns_rr *r, ldns_rdf *f) { return ldns_rr_set_function(LDNS_RR_TYPE_RRSIG, r, f, 6); } ldns_rdf * ldns_rr_rrsig_signame(const ldns_rr *r) { return ldns_rr_function(LDNS_RR_TYPE_RRSIG, r, 7); } bool ldns_rr_rrsig_set_signame(ldns_rr *r, ldns_rdf *f) { return ldns_rr_set_function(LDNS_RR_TYPE_RRSIG, r, f, 7); } ldns_rdf * ldns_rr_rrsig_sig(const ldns_rr *r) { return ldns_rr_function(LDNS_RR_TYPE_RRSIG, r, 8); } bool ldns_rr_rrsig_set_sig(ldns_rr *r, ldns_rdf *f) { return ldns_rr_set_function(LDNS_RR_TYPE_RRSIG, r, f, 8); } /* DNSKEY record */ ldns_rdf * ldns_rr_dnskey_flags(const ldns_rr *r) { return ldns_rr_function(LDNS_RR_TYPE_DNSKEY, r, 0); } bool ldns_rr_dnskey_set_flags(ldns_rr *r, ldns_rdf *f) { return ldns_rr_set_function(LDNS_RR_TYPE_DNSKEY, r, f, 0); } ldns_rdf * ldns_rr_dnskey_protocol(const ldns_rr *r) { return ldns_rr_function(LDNS_RR_TYPE_DNSKEY, r, 1); } bool ldns_rr_dnskey_set_protocol(ldns_rr *r, ldns_rdf *f) { return ldns_rr_set_function(LDNS_RR_TYPE_DNSKEY, r, f, 1); } ldns_rdf * ldns_rr_dnskey_algorithm(const ldns_rr *r) { return ldns_rr_function(LDNS_RR_TYPE_DNSKEY, r, 2); } bool ldns_rr_dnskey_set_algorithm(ldns_rr *r, ldns_rdf *f) { return ldns_rr_set_function(LDNS_RR_TYPE_DNSKEY, r, f, 2); } ldns_rdf * ldns_rr_dnskey_key(const ldns_rr *r) { return ldns_rr_function(LDNS_RR_TYPE_DNSKEY, r, 3); } bool ldns_rr_dnskey_set_key(ldns_rr *r, ldns_rdf *f) { return ldns_rr_set_function(LDNS_RR_TYPE_DNSKEY, r, f, 3); } size_t ldns_rr_dnskey_key_size_raw(const unsigned char* keydata, const size_t len, const ldns_algorithm alg) { #ifdef USE_DSA /* for DSA keys */ uint8_t t; #endif /* USE_DSA */ /* for RSA keys */ uint16_t exp; uint16_t int16; switch ((ldns_signing_algorithm)alg) { #ifdef USE_DSA case LDNS_SIGN_DSA: case LDNS_SIGN_DSA_NSEC3: if (len > 0) { t = keydata[0]; return (64 + t*8)*8; } else { return 0; } break; #endif /* USE_DSA */ case LDNS_SIGN_RSAMD5: case LDNS_SIGN_RSASHA1: case LDNS_SIGN_RSASHA1_NSEC3: #ifdef USE_SHA2 case LDNS_SIGN_RSASHA256: case LDNS_SIGN_RSASHA512: #endif if (len > 0) { if (keydata[0] == 0) { /* big exponent */ if (len > 3) { memmove(&int16, keydata + 1, 2); exp = ntohs(int16); return (len - exp - 3)*8; } else { return 0; } } else { exp = keydata[0]; return (len-exp-1)*8; } } else { return 0; } break; #ifdef USE_GOST case LDNS_SIGN_ECC_GOST: return 512; #endif #ifdef USE_ECDSA case LDNS_SIGN_ECDSAP256SHA256: return 256; case LDNS_SIGN_ECDSAP384SHA384: return 384; #endif #ifdef USE_ED25519 case LDNS_SIGN_ED25519: return 256; #endif #ifdef USE_ED448 case LDNS_SIGN_ED448: return 456; #endif case LDNS_SIGN_HMACMD5: return len; default: return 0; } } size_t ldns_rr_dnskey_key_size(const ldns_rr *key) { if (!key || !ldns_rr_dnskey_key(key) || !ldns_rr_dnskey_algorithm(key)) { return 0; } return ldns_rr_dnskey_key_size_raw((unsigned char*)ldns_rdf_data(ldns_rr_dnskey_key(key)), ldns_rdf_size(ldns_rr_dnskey_key(key)), ldns_rdf2native_int8(ldns_rr_dnskey_algorithm(key)) ); } uint32_t ldns_soa_serial_identity(uint32_t ATTR_UNUSED(unused), void *data) { return (uint32_t) (intptr_t) data; } uint32_t ldns_soa_serial_increment(uint32_t s, void *ATTR_UNUSED(unused)) { return ldns_soa_serial_increment_by(s, (void *)1); } uint32_t ldns_soa_serial_increment_by(uint32_t s, void *data) { return s + (intptr_t) data; } uint32_t ldns_soa_serial_datecounter(uint32_t s, void *data) { struct tm tm; char s_str[11]; int32_t new_s; time_t t = data ? (time_t) (intptr_t) data : ldns_time(NULL); (void) strftime(s_str, 11, "%Y%m%d00", localtime_r(&t, &tm)); new_s = (int32_t) atoi(s_str); return new_s - ((int32_t) s) <= 0 ? s+1 : ((uint32_t) new_s); } uint32_t ldns_soa_serial_unixtime(uint32_t s, void *data) { int32_t new_s = data ? (int32_t) (intptr_t) data : (int32_t) ldns_time(NULL); return new_s - ((int32_t) s) <= 0 ? s+1 : ((uint32_t) new_s); } void ldns_rr_soa_increment(ldns_rr *soa) { ldns_rr_soa_increment_func_data(soa, ldns_soa_serial_increment, NULL); } void ldns_rr_soa_increment_func(ldns_rr *soa, ldns_soa_serial_increment_func_t f) { ldns_rr_soa_increment_func_data(soa, f, NULL); } void ldns_rr_soa_increment_func_data(ldns_rr *soa, ldns_soa_serial_increment_func_t f, void *data) { ldns_rdf *prev_soa_serial_rdf; if ( !soa || !f || ldns_rr_get_type(soa) != LDNS_RR_TYPE_SOA || !ldns_rr_rdf(soa, 2)) { return; } prev_soa_serial_rdf = ldns_rr_set_rdf( soa , ldns_native2rdf_int32( LDNS_RDF_TYPE_INT32 , (*f)( ldns_rdf2native_int32( ldns_rr_rdf(soa, 2)) , data ) ) , 2 ); LDNS_FREE(prev_soa_serial_rdf); } void ldns_rr_soa_increment_func_int(ldns_rr *soa, ldns_soa_serial_increment_func_t f, int data) { ldns_rr_soa_increment_func_data(soa, f, (void *) (intptr_t) data); } ldns-1.9.0/acx_nlnetlabs.m40000664000175000017500000013216315114326257015122 0ustar willemwillem# acx_nlnetlabs.m4 - common macros for configure checks # Copyright 2009, Wouter Wijngaards, NLnet Labs. # BSD licensed. # # Version 48 # 2024-01-16 fix to add -l:libssp.a to -lcrypto link check. # and check for getaddrinfo with only header. # 2024-01-15 fix to add crypt32 to -lcrypto link check when checking for gdi32. # 2023-05-04 fix to remove unused whitespace. # 2023-01-26 fix -Wstrict-prototypes. # 2022-09-01 fix checking if nonblocking sockets work on OpenBSD. # 2021-08-17 fix sed script in ssldir split handling. # 2021-08-17 fix for openssl to detect split version, with ssldir_include # and ssldir_lib output directories. # 2021-07-30 fix for openssl use of lib64 directory. # 2021-06-14 fix nonblocking test to use host instead of target for mingw test. # 2021-05-17 fix nonblocking socket test from grep on mingw32 to mingw for # 64bit compatibility. # 2021-03-24 fix ACX_FUNC_DEPRECATED to use CPPFLAGS and CFLAGS. # 2021-01-05 fix defun for aclocal # 2021-01-05 autoconf 2.70 autoupdate and fixes, no AC_TRY_COMPILE # 2020-08-24 Use EVP_sha256 instead of HMAC_Update (for openssl-3.0.0). # 2016-03-21 Check -ldl -pthread for libcrypto for ldns and openssl 1.1.0. # 2016-03-21 Use HMAC_Update instead of HMAC_CTX_Init (for openssl-1.1.0). # 2016-01-04 -D_DEFAULT_SOURCE defined with -D_BSD_SOURCE for Linux glibc 2.20 # 2015-12-11 FLTO check for new OSX, clang. # 2015-11-18 spelling check fix. # 2015-11-05 ACX_SSL_CHECKS no longer adds -ldl needlessly. # 2015-08-28 ACX_CHECK_PIE and ACX_CHECK_RELRO_NOW added. # 2015-03-17 AHX_CONFIG_REALLOCARRAY added # 2013-09-19 FLTO help text improved. # 2013-07-18 Enable ACX_CHECK_COMPILER_FLAG to test for -Wstrict-prototypes # 2013-06-25 FLTO has --disable-flto option. # 2013-05-03 Update W32_SLEEP for newer mingw that links but not defines it. # 2013-03-22 Fix ACX_RSRC_VERSION for long version numbers. # 2012-02-09 Fix AHX_MEMCMP_BROKEN with undef in compat/memcmp.h. # 2012-01-20 Fix COMPILER_FLAGS_UNBOUND for gcc 4.6.2 assigned-not-used-warns. # 2011-12-05 Fix getaddrinfowithincludes on windows with fedora16 mingw32-gcc. # Fix ACX_MALLOC for redefined malloc error. # Fix GETADDRINFO_WITH_INCLUDES to add -lws2_32 # 2011-11-10 Fix FLTO test to not drop a.out in current directory. # 2011-11-01 Fix FLTO test for llvm on Lion. # 2011-08-01 Fix nonblock test (broken at v13). # 2011-08-01 Fix autoconf 2.68 warnings # 2011-06-23 Add ACX_CHECK_FLTO to check -flto. # 2010-08-16 Fix FLAG_OMITTED for AS_TR_CPP changes in autoconf-2.66. # 2010-07-02 Add check for ss_family (for minix). # 2010-04-26 Fix to use CPPFLAGS for CHECK_COMPILER_FLAGS. # 2010-03-01 Fix RPATH using CONFIG_COMMANDS to run at the very end. # 2010-02-18 WITH_SSL outputs the LIBSSL_LDFLAGS, LIBS, CPPFLAGS separate, -ldl # 2010-02-01 added ACX_CHECK_MEMCMP_SIGNED, AHX_MEMCMP_BROKEN # 2010-01-20 added AHX_COONFIG_STRLCAT # 2009-07-14 U_CHAR detection improved for windows crosscompile. # added ACX_FUNC_MALLOC # fixup some #if to #ifdef # NONBLOCKING test for mingw crosscompile. # 2009-07-13 added ACX_WITH_SSL_OPTIONAL # 2009-07-03 fixup LDFLAGS for empty ssl dir. # # Automates some of the checking constructs. Aims at portability for POSIX. # Documentation for functions is below. # # the following macro's are provided in this file: # (see below for details on each macro). # # ACX_ESCAPE_BACKSLASH - escape backslashes in var for C-preproc. # ACX_RSRC_VERSION - create windows resource version number. # ACX_CHECK_COMPILER_FLAG - see if cc supports a flag. # ACX_CHECK_ERROR_FLAGS - see which flag is -werror (used below). # ACX_CHECK_COMPILER_FLAG_NEEDED - see if flags make the code compile cleanly. # ACX_DEPFLAG - find cc dependency flags. # ACX_DETERMINE_EXT_FLAGS_UNBOUND - find out which flags enable BSD and POSIX. # ACX_CHECK_FORMAT_ATTRIBUTE - find cc printf format syntax. # ACX_CHECK_UNUSED_ATTRIBUTE - find cc variable unused syntax. # ACX_CHECK_FLTO - see if cc supports -flto and use it if so. # ACX_LIBTOOL_C_ONLY - create libtool for C only, improved. # ACX_TYPE_U_CHAR - u_char type. # ACX_TYPE_RLIM_T - rlim_t type. # ACX_TYPE_SOCKLEN_T - socklen_t type. # ACX_TYPE_IN_ADDR_T - in_addr_t type. # ACX_TYPE_IN_PORT_T - in_port_t type. # ACX_ARG_RPATH - add --disable-rpath option. # ACX_WITH_SSL - add --with-ssl option, link -lcrypto. # ACX_WITH_SSL_OPTIONAL - add --with-ssl option, link -lcrypto, # where --without-ssl is also accepted # ACX_LIB_SSL - setup to link -lssl. # ACX_SYS_LARGEFILE - improved sys_largefile, fseeko, >2G files. # ACX_CHECK_GETADDRINFO_WITH_INCLUDES - find getaddrinfo, portably. # ACX_FUNC_DEPRECATED - see if func is deprecated. # ACX_CHECK_NONBLOCKING_BROKEN - see if nonblocking sockets really work. # ACX_MKDIR_ONE_ARG - determine mkdir(2) number of arguments. # ACX_FUNC_IOCTLSOCKET - find ioctlsocket, portably. # ACX_FUNC_MALLOC - check malloc, define replacement . # AHX_CONFIG_FORMAT_ATTRIBUTE - config.h text for format. # AHX_CONFIG_UNUSED_ATTRIBUTE - config.h text for unused. # AHX_CONFIG_FSEEKO - define fseeko, ftello fallback. # AHX_CONFIG_RAND_MAX - define RAND_MAX if needed. # AHX_CONFIG_MAXHOSTNAMELEN - define MAXHOSTNAMELEN if needed. # AHX_CONFIG_IPV6_MIN_MTU - define IPV6_MIN_MTU if needed. # AHX_CONFIG_SNPRINTF - snprintf compat prototype # AHX_CONFIG_INET_PTON - inet_pton compat prototype # AHX_CONFIG_INET_NTOP - inet_ntop compat prototype # AHX_CONFIG_INET_ATON - inet_aton compat prototype # AHX_CONFIG_MEMMOVE - memmove compat prototype # AHX_CONFIG_STRLCAT - strlcat compat prototype # AHX_CONFIG_STRLCPY - strlcpy compat prototype # AHX_CONFIG_GMTIME_R - gmtime_r compat prototype # AHX_CONFIG_W32_SLEEP - w32 compat for sleep # AHX_CONFIG_W32_USLEEP - w32 compat for usleep # AHX_CONFIG_W32_RANDOM - w32 compat for random # AHX_CONFIG_W32_SRANDOM - w32 compat for srandom # AHX_CONFIG_W32_FD_SET_T - w32 detection of FD_SET_T. # ACX_CFLAGS_STRIP - strip one flag from CFLAGS # ACX_STRIP_EXT_FLAGS - strip extension flags from CFLAGS # AHX_CONFIG_FLAG_OMITTED - define omitted flag # AHX_CONFIG_FLAG_EXT - define omitted extension flag # AHX_CONFIG_EXT_FLAGS - define the stripped extension flags # ACX_CHECK_MEMCMP_SIGNED - check if memcmp uses signed characters. # AHX_MEMCMP_BROKEN - replace memcmp func for CHECK_MEMCMP_SIGNED. # ACX_CHECK_SS_FAMILY - check for sockaddr_storage.ss_family # ACX_CHECK_PIE - add --enable-pie option and check if works # ACX_CHECK_RELRO_NOW - add --enable-relro-now option and check it # dnl Escape backslashes as \\, for C:\ paths, for the C preprocessor defines. dnl for example, ACX_ESCAPE_BACKSLASH($from_var, to_var) dnl $1: the text to change. dnl $2: the result. AC_DEFUN([ACX_ESCAPE_BACKSLASH], [$2="`echo $1 | sed -e 's/\\\\/\\\\\\\\/g'`" ]) dnl Calculate comma separated windows-resource numbers from package version. dnl Picks the first three(,0) or four numbers out of the name. dnl $1: variable for the result AC_DEFUN([ACX_RSRC_VERSION], [$1=[`echo $PACKAGE_VERSION | sed -e 's/^[^0-9]*\([0-9][0-9]*\)[^0-9][^0-9]*\([0-9][0-9]*\)[^0-9][^0-9]*\([0-9][0-9]*\)[^0-9][^0-9]*\([0-9][0-9]*\).*$/\1,\2,\3,\4/' -e 's/^[^0-9]*\([0-9][0-9]*\)[^0-9][^0-9]*\([0-9][0-9]*\)[^0-9][^0-9]*\([0-9][0-9]*\)[^0-9]*$/\1,\2,\3,0/' `] ]) dnl Routine to help check for compiler flags. dnl Checks if the compiler will accept the flag. dnl $1: the flag without a - in front, so g to check -g. dnl $2: executed if yes dnl $3: executed if no AC_DEFUN([ACX_CHECK_COMPILER_FLAG], [ AC_REQUIRE([AC_PROG_CC]) AC_MSG_CHECKING(whether $CC supports -$1) cache=`echo $1 | sed 'y%.=/+-%___p_%'` AC_CACHE_VAL(cv_prog_cc_flag_$cache, [ echo 'void f(void){}' >conftest.c if test -z "`$CC $CPPFLAGS $CFLAGS -$1 -c conftest.c 2>&1`"; then eval "cv_prog_cc_flag_$cache=yes" else eval "cv_prog_cc_flag_$cache=no" fi rm -f conftest conftest.o conftest.c ]) if eval "test \"`echo '$cv_prog_cc_flag_'$cache`\" = yes"; then AC_MSG_RESULT(yes) : $2 else AC_MSG_RESULT(no) : $3 fi ]) dnl setup flags for ACX_CHECK_COMPILER_FLAG_NEEDED dnl ERRFLAG: result, compiler flag to turn warnings into errors AC_DEFUN([ACX_CHECK_ERROR_FLAGS], [ ACX_CHECK_COMPILER_FLAG(Werror, [ERRFLAG="-Werror"], [ERRFLAG="-errwarn"]) ACX_CHECK_COMPILER_FLAG(Wall, [ERRFLAG="$ERRFLAG -Wall"], [ERRFLAG="$ERRFLAG -errfmt"]) ]) dnl Routine to help check for needed compiler flags. dnl $1: flags for CC dnl $2: the includes and code dnl $3: if the given code only compiles with the flag, execute argument 3 dnl $4: if the given code compiles without the flag, execute argument 4 dnl $5: with and without flag the compile fails, execute argument 5. AC_DEFUN([ACX_CHECK_COMPILER_FLAG_NEEDED], [ AC_REQUIRE([AC_PROG_CC]) AC_REQUIRE([ACX_CHECK_ERROR_FLAGS]) AC_MSG_CHECKING(whether we need $1 as a flag for $CC) cache=AS_TR_SH($1) dnl cache=`echo $1 | sed 'y%.=/+- %___p__%'` AC_CACHE_VAL(cv_prog_cc_flag_needed_$cache, [ echo '$2' > conftest.c echo 'void f(void){}' >>conftest.c if test -z "`$CC $CPPFLAGS $CFLAGS $ERRFLAG -c conftest.c 2>&1`"; then eval "cv_prog_cc_flag_needed_$cache=no" else [ if test -z "`$CC $CPPFLAGS $CFLAGS $1 $ERRFLAG -c conftest.c 2>&1`"; then eval "cv_prog_cc_flag_needed_$cache=yes" else eval "cv_prog_cc_flag_needed_$cache=fail" #echo 'Test with flag fails too!' #cat conftest.c #echo "$CC $CPPFLAGS $CFLAGS $1 $ERRFLAG -c conftest.c 2>&1" #echo `$CC $CPPFLAGS $CFLAGS $1 $ERRFLAG -c conftest.c 2>&1` #exit 1 fi ] fi rm -f conftest conftest.c conftest.o ]) if eval "test \"`echo '$cv_prog_cc_flag_needed_'$cache`\" = yes"; then AC_MSG_RESULT(yes) : $3 else if eval "test \"`echo '$cv_prog_cc_flag_needed_'$cache`\" = no"; then AC_MSG_RESULT(no) #echo 'Test with flag is no!' #cat conftest.c #echo "$CC $CPPFLAGS $CFLAGS $1 $ERRFLAG -c conftest.c 2>&1" #echo `$CC $CPPFLAGS $CFLAGS $1 $ERRFLAG -c conftest.c 2>&1` #exit 1 : $4 else AC_MSG_RESULT(failed) : $5 fi fi ]) dnl Check for CC dependency flag dnl DEPFLAG: set to flag that generates dependencies. AC_DEFUN([ACX_DEPFLAG], [ AC_MSG_CHECKING([$CC dependency flag]) echo 'void f(void){}' >conftest.c if test "`$CC -MM conftest.c 2>&1`" = "conftest.o: conftest.c"; then DEPFLAG="-MM" else if test "`$CC -xM1 conftest.c 2>&1`" = "conftest.o: conftest.c"; then DEPFLAG="-xM1" else DEPFLAG="-MM" # dunno do something fi fi AC_MSG_RESULT($DEPFLAG) rm -f conftest.c AC_SUBST(DEPFLAG) ]) dnl Determine flags that gives POSIX and BSD functionality. dnl CFLAGS is modified for the result. AC_DEFUN([ACX_DETERMINE_EXT_FLAGS_UNBOUND], [ ACX_CHECK_COMPILER_FLAG(std=c99, [C99FLAG="-std=c99"]) ACX_CHECK_COMPILER_FLAG(xc99, [C99FLAG="-xc99"]) AC_CHECK_HEADERS([getopt.h time.h],,, [AC_INCLUDES_DEFAULT]) ACX_CHECK_COMPILER_FLAG_NEEDED($C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_DEFAULT_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 -D_XOPEN_SOURCE_EXTENDED=1 -D_ALL_SOURCE, [ #include "confdefs.h" #include #include #include #ifdef HAVE_TIME_H #include #endif #include #include #ifdef HAVE_GETOPT_H #include #endif int test(void) { int a; char **opts = NULL; struct timeval tv; char *t; time_t time = 0; char *buf = NULL; const char* str = NULL; struct msghdr msg; msg.msg_control = 0; t = ctime_r(&time, buf); tv.tv_usec = 10; srandom(32); a = getopt(2, opts, "a"); a = isascii(32); str = gai_strerror(0); if(str && t && tv.tv_usec && msg.msg_control) a = 0; return a; } ], [CFLAGS="$CFLAGS $C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_DEFAULT_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 -D_XOPEN_SOURCE_EXTENDED=1 -D_ALL_SOURCE"]) ACX_CHECK_COMPILER_FLAG_NEEDED($C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_DEFAULT_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 -D_ALL_SOURCE, [ #include "confdefs.h" #include #include #include #ifdef HAVE_TIME_H #include #endif #include #include #ifdef HAVE_GETOPT_H #include #endif int test(void) { int a; char **opts = NULL; struct timeval tv; char *t; time_t time = 0; char *buf = NULL; const char* str = NULL; struct msghdr msg; msg.msg_control = 0; t = ctime_r(&time, buf); tv.tv_usec = 10; srandom(32); a = getopt(2, opts, "a"); a = isascii(32); str = gai_strerror(0); if(str && t && tv.tv_usec && msg.msg_control) a = 0; return a; } ], [CFLAGS="$CFLAGS $C99FLAG -D__EXTENSIONS__ -D_BSD_SOURCE -D_DEFAULT_SOURCE -D_POSIX_C_SOURCE=200112 -D_XOPEN_SOURCE=600 -D_ALL_SOURCE"]) ACX_CHECK_COMPILER_FLAG_NEEDED($C99FLAG, [ #include #include int test(void) { int a = 0; return a; } ], [CFLAGS="$CFLAGS $C99FLAG"]) ACX_CHECK_COMPILER_FLAG_NEEDED(-D_BSD_SOURCE -D_DEFAULT_SOURCE, [ #include int test(void) { int a; a = isascii(32); return a; } ], [CFLAGS="$CFLAGS -D_BSD_SOURCE -D_DEFAULT_SOURCE"]) ACX_CHECK_COMPILER_FLAG_NEEDED(-D_GNU_SOURCE, [ #include int test(void) { struct in6_pktinfo inf; int a = (int)sizeof(inf); return a; } ], [CFLAGS="$CFLAGS -D_GNU_SOURCE"]) # check again for GNU_SOURCE for setresgid. May fail if setresgid # is not available at all. -D_FRSRESGID is to make this check unique. # otherwise we would get the previous cached result. ACX_CHECK_COMPILER_FLAG_NEEDED(-D_GNU_SOURCE -D_FRSRESGID, [ #include int test(void) { int a = setresgid(0,0,0); a = setresuid(0,0,0); return a; } ], [CFLAGS="$CFLAGS -D_GNU_SOURCE"]) ACX_CHECK_COMPILER_FLAG_NEEDED(-D_POSIX_C_SOURCE=200112, [ #include "confdefs.h" #ifdef HAVE_TIME_H #include #endif #include int test(void) { int a = 0; char *t; time_t time = 0; char *buf = NULL; const char* str = NULL; t = ctime_r(&time, buf); str = gai_strerror(0); if(t && str) a = 0; return a; } ], [CFLAGS="$CFLAGS -D_POSIX_C_SOURCE=200112"]) ACX_CHECK_COMPILER_FLAG_NEEDED(-D__EXTENSIONS__, [ #include "confdefs.h" #include #include #include #ifdef HAVE_TIME_H #include #endif #include #ifdef HAVE_GETOPT_H #include #endif int test(void) { int a; char **opts = NULL; struct timeval tv; tv.tv_usec = 10; srandom(32); a = getopt(2, opts, "a"); a = isascii(32); if(tv.tv_usec) a = 0; return a; } ], [CFLAGS="$CFLAGS -D__EXTENSIONS__"]) ])dnl End of ACX_DETERMINE_EXT_FLAGS_UNBOUND dnl Check if CC supports -flto. dnl in a way that supports clang and suncc (that flag does something else, dnl but fails to link). It sets it in CFLAGS if it works. AC_DEFUN([ACX_CHECK_FLTO], [ AC_ARG_ENABLE([flto], AS_HELP_STRING([--disable-flto], [Disable link-time optimization (gcc specific option)])) AS_IF([test "x$enable_flto" != "xno"], [ AC_MSG_CHECKING([if $CC supports -flto]) BAKCFLAGS="$CFLAGS" CFLAGS="$CFLAGS -flto" AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])], [ if $CC $CFLAGS -o conftest conftest.c 2>&1 | $GREP -e "warning: no debug symbols in executable" -e "warning: object" >/dev/null; then CFLAGS="$BAKCFLAGS" AC_MSG_RESULT(no) else AC_MSG_RESULT(yes) fi rm -f conftest conftest.c conftest.o ], [CFLAGS="$BAKCFLAGS" ; AC_MSG_RESULT(no)]) ]) ]) dnl Check the printf-format attribute (if any) dnl result in HAVE_ATTR_FORMAT. dnl Make sure you also include the AHX_CONFIG_FORMAT_ATTRIBUTE. AC_DEFUN([ACX_CHECK_FORMAT_ATTRIBUTE], [AC_REQUIRE([AC_PROG_CC]) AC_MSG_CHECKING(whether the C compiler (${CC-cc}) accepts the "format" attribute) AC_CACHE_VAL(ac_cv_c_format_attribute, [ac_cv_c_format_attribute=no AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include void f (char *format, ...) __attribute__ ((format (printf, 1, 2))); void (*pf) (char *format, ...) __attribute__ ((format (printf, 1, 2))); ]], [[ f ("%s", "str"); ]])],[ac_cv_c_format_attribute="yes"],[ac_cv_c_format_attribute="no"]) ]) AC_MSG_RESULT($ac_cv_c_format_attribute) if test $ac_cv_c_format_attribute = yes; then AC_DEFINE(HAVE_ATTR_FORMAT, 1, [Whether the C compiler accepts the "format" attribute]) fi ])dnl End of ACX_CHECK_FORMAT_ATTRIBUTE dnl Setup ATTR_FORMAT config.h parts. dnl make sure you call ACX_CHECK_FORMAT_ATTRIBUTE also. AC_DEFUN([AHX_CONFIG_FORMAT_ATTRIBUTE], [ #ifdef HAVE_ATTR_FORMAT # define ATTR_FORMAT(archetype, string_index, first_to_check) \ __attribute__ ((format (archetype, string_index, first_to_check))) #else /* !HAVE_ATTR_FORMAT */ # define ATTR_FORMAT(archetype, string_index, first_to_check) /* empty */ #endif /* !HAVE_ATTR_FORMAT */ ]) dnl Check how to mark function arguments as unused. dnl result in HAVE_ATTR_UNUSED. dnl Make sure you include AHX_CONFIG_UNUSED_ATTRIBUTE also. AC_DEFUN([ACX_CHECK_UNUSED_ATTRIBUTE], [AC_REQUIRE([AC_PROG_CC]) AC_MSG_CHECKING(whether the C compiler (${CC-cc}) accepts the "unused" attribute) AC_CACHE_VAL(ac_cv_c_unused_attribute, [ac_cv_c_unused_attribute=no AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include void f (char *u __attribute__((unused))); ]], [[ f ("x"); ]])],[ac_cv_c_unused_attribute="yes"],[ac_cv_c_unused_attribute="no"]) ]) dnl Setup ATTR_UNUSED config.h parts. dnl make sure you call ACX_CHECK_UNUSED_ATTRIBUTE also. AC_DEFUN([AHX_CONFIG_UNUSED_ATTRIBUTE], [ #if defined(DOXYGEN) # define ATTR_UNUSED(x) x #elif defined(__cplusplus) # define ATTR_UNUSED(x) #elif defined(HAVE_ATTR_UNUSED) # define ATTR_UNUSED(x) x __attribute__((unused)) #else /* !HAVE_ATTR_UNUSED */ # define ATTR_UNUSED(x) x #endif /* !HAVE_ATTR_UNUSED */ ]) AC_MSG_RESULT($ac_cv_c_unused_attribute) if test $ac_cv_c_unused_attribute = yes; then AC_DEFINE(HAVE_ATTR_UNUSED, 1, [Whether the C compiler accepts the "unused" attribute]) fi ])dnl dnl Pre-fun for ACX_LIBTOOL_C_ONLY AC_DEFUN([ACX_LIBTOOL_C_PRE], [ # skip these tests, we do not need them. AC_DEFUN([AC_PROG_F77], [:]) AC_DEFUN([AC_PROG_FC], [:]) AC_DEFUN([AC_PROG_CXX], [:]) AC_DEFUN([AC_PROG_CXXCPP], [:]) AC_DEFUN([AC_PROG_OBJC], [:]) AC_DEFUN([AC_PROG_OBJCCPP], [:]) AC_DEFUN([AC_LIBTOOL_CXX], [:]) AC_DEFUN([AC_LIBTOOL_F77], [:]) # always use ./libtool unless override from commandline (libtool=mylibtool) if test -z "$libtool"; then libtool="./libtool" fi AC_SUBST(libtool) # avoid libtool max commandline length test on systems that fork slowly. AC_CANONICAL_HOST if echo "$host_os" | grep "sunos4" >/dev/null; then lt_cv_sys_max_cmd_len=32750; fi AC_PATH_TOOL(AR, ar, [false]) if test $AR = false; then AC_MSG_ERROR([Cannot find 'ar', please extend PATH to include it]) fi ]) dnl Perform libtool check, portably, only for C AC_DEFUN([ACX_LIBTOOL_C_ONLY], [ dnl as a requirement so that is gets called before LIBTOOL dnl because libtools 'AC_REQUIRE' names are right after this one, before dnl this function contents. AC_REQUIRE([ACX_LIBTOOL_C_PRE]) LT_INIT ]) dnl Detect if u_char type is defined, otherwise define it. AC_DEFUN([ACX_TYPE_U_CHAR], [AC_CHECK_TYPE([u_char], , [AC_DEFINE([u_char], [unsigned char], [Define to 'unsigned char if not defined])], [ AC_INCLUDES_DEFAULT #ifdef HAVE_WINSOCK2_H # include #endif ]) ]) dnl Detect if rlim_t type is defined, otherwise define it. AC_DEFUN([ACX_TYPE_RLIM_T], [AC_CHECK_TYPE(rlim_t, , [AC_DEFINE([rlim_t], [unsigned long], [Define to 'int' if not defined])], [ AC_INCLUDES_DEFAULT #ifdef HAVE_SYS_RESOURCE_H # include #endif ]) ]) dnl Detect if socklen_t type is defined, otherwise define it. AC_DEFUN([ACX_TYPE_SOCKLEN_T], [ AC_CHECK_TYPE(socklen_t, , [AC_DEFINE([socklen_t], [int], [Define to 'int' if not defined])], [ AC_INCLUDES_DEFAULT #ifdef HAVE_SYS_SOCKET_H # include #endif #ifdef HAVE_WS2TCPIP_H # include #endif ]) ]) dnl Detect if in_addr_t type is defined, otherwise define it. AC_DEFUN([ACX_TYPE_IN_ADDR_T], [ AC_CHECK_TYPE(in_addr_t, [], [AC_DEFINE([in_addr_t], [uint32_t], [in_addr_t])], [ AC_INCLUDES_DEFAULT #ifdef HAVE_SYS_TYPES_H # include #endif #ifdef HAVE_NETINET_IN_H # include #endif ]) ]) dnl Detect if in_port_t type is defined, otherwise define it. AC_DEFUN([ACX_TYPE_IN_PORT_T], [ AC_CHECK_TYPE(in_port_t, [], [AC_DEFINE([in_port_t], [uint16_t], [in_port_t])], [ AC_INCLUDES_DEFAULT #ifdef HAVE_SYS_TYPES_H # include #endif #ifdef HAVE_NETINET_IN_H # include #endif ]) ]) dnl Add option to disable the evil rpath. Check whether to use rpath or not. dnl Adds the --disable-rpath option. Uses trick to edit the ./libtool. AC_DEFUN([ACX_ARG_RPATH], [ AC_ARG_ENABLE(rpath, [ --disable-rpath disable hardcoded rpath (default=enabled)], enable_rpath=$enableval, enable_rpath=yes) if test "x$enable_rpath" = xno; then dnl AC_MSG_RESULT([Fixing libtool for -rpath problems.]) AC_CONFIG_COMMANDS([disable-rpath], [ sed < libtool > libtool-2 \ 's/^hardcode_libdir_flag_spec.*$'/'hardcode_libdir_flag_spec=" -D__LIBTOOL_RPATH_SED__ "/' mv libtool-2 libtool chmod 755 libtool libtool="./libtool" ]) fi ]) dnl Add a -R to the RUNTIME_PATH. Only if rpath is enabled and it is dnl an absolute path. dnl $1: the pathname to add. AC_DEFUN([ACX_RUNTIME_PATH_ADD], [ if test "x$enable_rpath" = xyes; then if echo "$1" | grep "^/" >/dev/null; then RUNTIME_PATH="$RUNTIME_PATH -R$1" fi fi ]) dnl Common code for both ACX_WITH_SSL and ACX_WITH_SSL_OPTIONAL dnl Takes one argument; the withval checked in those 2 functions dnl sets up the environment for the given openssl path AC_DEFUN([ACX_SSL_CHECKS], [ withval=$1 if test x_$withval != x_no; then AC_MSG_CHECKING(for SSL) if test -n "$withval"; then dnl look for openssl install with different version, eg. dnl in /usr/include/openssl11/openssl/ssl.h dnl and /usr/lib64/openssl11/libssl.so dnl with the --with-ssl=/usr/include/openssl11 if test ! -f "$withval/include/openssl/ssl.h" -a -f "$withval/openssl/ssl.h"; then ssldir="$withval" found_ssl="yes" withval="" ssldir_include="$ssldir" dnl find the libdir ssldir_lib=`echo $ssldir | sed -e 's/include/lib/'` if test -f "$ssldir_lib/libssl.a" -o -f "$ssldir_lib/libssl.so"; then : # found here else ssldir_lib=`echo $ssldir | sed -e 's/include/lib64/'` if test -f "$ssldir_lib/libssl.a" -o -f "$ssldir_lib/libssl.so"; then : # found here else AC_MSG_ERROR([Could not find openssl lib file, $ssldir_lib/libssl.[so,a], pass like "/usr/local" or "/usr/include/openssl11"]) fi fi fi fi if test x_$withval = x_ -o x_$withval = x_yes; then withval="/usr/local/ssl /usr/lib/ssl /usr/ssl /usr/pkg /usr/local /opt/local /usr/sfw /usr" fi for dir in $withval; do ssldir="$dir" if test -f "$dir/include/openssl/ssl.h"; then found_ssl="yes" ssldir_include="$ssldir/include" if test ! -d "$ssldir/lib" -a -d "$ssldir/lib64"; then ssldir_lib="$ssldir/lib64" else ssldir_lib="$ssldir/lib" fi break; fi done if test x_$found_ssl != x_yes; then AC_MSG_ERROR(Cannot find the SSL libraries in $withval) else AC_MSG_RESULT(found in $ssldir) AC_DEFINE_UNQUOTED([HAVE_SSL], [], [Define if you have the SSL libraries installed.]) HAVE_SSL=yes dnl assume /usr is already in the include, lib and dynlib paths. if test "$ssldir" != "/usr"; then CPPFLAGS="$CPPFLAGS -I$ssldir_include" LIBSSL_CPPFLAGS="$LIBSSL_CPPFLAGS -I$ssldir_include" LDFLAGS="$LDFLAGS -L$ssldir_lib" LIBSSL_LDFLAGS="$LIBSSL_LDFLAGS -L$ssldir_lib" ACX_RUNTIME_PATH_ADD([$ssldir_lib]) fi AC_MSG_CHECKING([for EVP_sha256 in -lcrypto]) LIBS="$LIBS -lcrypto" LIBSSL_LIBS="$LIBSSL_LIBS -lcrypto" AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[ int EVP_sha256(void); (void)EVP_sha256(); ]])],[ AC_MSG_RESULT(yes) AC_DEFINE([HAVE_EVP_SHA256], 1, [If you have EVP_sha256]) ],[ AC_MSG_RESULT(no) # check if -lwsock32 or -lgdi32 are needed. BAKLIBS="$LIBS" BAKSSLLIBS="$LIBSSL_LIBS" LIBS="$LIBS -lgdi32 -lws2_32" LIBSSL_LIBS="$LIBSSL_LIBS -lgdi32 -lws2_32" AC_MSG_CHECKING([if -lcrypto needs -lgdi32]) AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[ int EVP_sha256(void); (void)EVP_sha256(); ]])],[ AC_DEFINE([HAVE_EVP_SHA256], 1, [If you have EVP_sha256]) AC_MSG_RESULT(yes) ],[ AC_MSG_RESULT(no) LIBS="$BAKLIBS" LIBSSL_LIBS="$BAKSSLLIBS" LIBS="$LIBS -lgdi32 -lws2_32 -lcrypt32" LIBSSL_LIBS="$LIBSSL_LIBS -lgdi32 -lws2_32 -lcrypt32" AC_MSG_CHECKING([if -lcrypto needs -lgdi32 -lws2_32 -lcrypt32]) AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[ int EVP_sha256(void); (void)EVP_sha256(); ]])],[ AC_DEFINE([HAVE_EVP_SHA256], 1, [If you have EVP_sha256]) AC_MSG_RESULT(yes) ],[ AC_MSG_RESULT(no) LIBS="$BAKLIBS" LIBSSL_LIBS="$BAKSSLLIBS" LIBS="$LIBS -lgdi32 -lws2_32 -lcrypt32 -l:libssp.a" LIBSSL_LIBS="$LIBSSL_LIBS -lgdi32 -lws2_32 -lcrypt32 -l:libssp.a" AC_MSG_CHECKING([if -lcrypto needs -lgdi32 -lws2_32 -lcrypt32 -l:libssp.a]) AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[ int EVP_sha256(void); (void)EVP_sha256(); ]])],[ AC_DEFINE([HAVE_EVP_SHA256], 1, [If you have EVP_sha256]) AC_MSG_RESULT(yes) ],[ AC_MSG_RESULT(no) LIBS="$BAKLIBS" LIBSSL_LIBS="$BAKSSLLIBS" LIBS="$LIBS -ldl" LIBSSL_LIBS="$LIBSSL_LIBS -ldl" AC_MSG_CHECKING([if -lcrypto needs -ldl]) AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[ int EVP_sha256(void); (void)EVP_sha256(); ]])],[ AC_DEFINE([HAVE_EVP_SHA256], 1, [If you have EVP_sha256]) AC_MSG_RESULT(yes) ],[ AC_MSG_RESULT(no) LIBS="$BAKLIBS" LIBSSL_LIBS="$BAKSSLLIBS" LIBS="$LIBS -ldl -pthread" LIBSSL_LIBS="$LIBSSL_LIBS -ldl -pthread" AC_MSG_CHECKING([if -lcrypto needs -ldl -pthread]) AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[ int EVP_sha256(void); (void)EVP_sha256(); ]])],[ AC_DEFINE([HAVE_EVP_SHA256], 1, [If you have EVP_sha256]) AC_MSG_RESULT(yes) ],[ AC_MSG_RESULT(no) AC_MSG_ERROR([OpenSSL found in $ssldir, but version 0.9.7 or higher is required]) ]) ]) ]) ]) ]) ]) fi AC_SUBST(HAVE_SSL) AC_SUBST(RUNTIME_PATH) fi AC_CHECK_HEADERS([openssl/ssl.h],,, [AC_INCLUDES_DEFAULT]) AC_CHECK_HEADERS([openssl/err.h],,, [AC_INCLUDES_DEFAULT]) AC_CHECK_HEADERS([openssl/rand.h],,, [AC_INCLUDES_DEFAULT]) ])dnl End of ACX_SSL_CHECKS dnl Check for SSL, where SSL is mandatory dnl Adds --with-ssl option, searches for openssl and defines HAVE_SSL if found dnl Setup of CPPFLAGS, CFLAGS. Adds -lcrypto to LIBS. dnl Checks main header files of SSL. dnl AC_DEFUN([ACX_WITH_SSL], [ AC_ARG_WITH(ssl, AS_HELP_STRING([--with-ssl=pathname],[enable SSL (will check /usr/local/ssl /usr/lib/ssl /usr/ssl /usr/pkg /usr/local /opt/local /usr/sfw /usr or specify like /usr/include/openssl11)]),[ ],[ withval="yes" ]) if test x_$withval = x_no; then AC_MSG_ERROR([Need SSL library to do digital signature cryptography]) fi ACX_SSL_CHECKS($withval) ])dnl End of ACX_WITH_SSL dnl Check for SSL, where ssl is optional (--without-ssl is allowed) dnl Adds --with-ssl option, searches for openssl and defines HAVE_SSL if found dnl Setup of CPPFLAGS, CFLAGS. Adds -lcrypto to LIBS. dnl Checks main header files of SSL. dnl AC_DEFUN([ACX_WITH_SSL_OPTIONAL], [ AC_ARG_WITH(ssl, AS_HELP_STRING([--with-ssl=pathname],[enable SSL (will check /usr/local/ssl /usr/lib/ssl /usr/ssl /usr/pkg /usr/local /opt/local /usr/sfw /usr or specify like /usr/include/openssl11)]),[ ],[ withval="yes" ]) ACX_SSL_CHECKS($withval) ])dnl End of ACX_WITH_SSL_OPTIONAL dnl Setup to use -lssl dnl To use -lcrypto, use the ACX_WITH_SSL setup (before this one). AC_DEFUN([ACX_LIB_SSL], [ # check if libssl needs libdl BAKLIBS="$LIBS" LIBS="-lssl $LIBS" AC_MSG_CHECKING([if libssl needs libdl]) AC_TRY_LINK_FUNC([SSL_CTX_new], [ AC_MSG_RESULT([no]) LIBS="$BAKLIBS" ] , [ AC_MSG_RESULT([yes]) LIBS="$BAKLIBS" AC_SEARCH_LIBS([dlopen], [dl]) ]) ])dnl End of ACX_LIB_SSL dnl Setup to use very large files (>2Gb). dnl setups fseeko and its own AC_DEFUN([ACX_SYS_LARGEFILE], [ AC_SYS_LARGEFILE dnl try to see if an additional _LARGEFILE_SOURCE 1 is needed to get fseeko ACX_CHECK_COMPILER_FLAG_NEEDED(-D_LARGEFILE_SOURCE=1, [ #include int test(void) { int a = fseeko(stdin, 0, 0); return a; } ], [CFLAGS="$CFLAGS -D_LARGEFILE_SOURCE=1"]) ]) dnl Check getaddrinfo. dnl Works on linux, solaris, bsd and windows(links winsock). dnl defines HAVE_GETADDRINFO, USE_WINSOCK. AC_DEFUN([ACX_CHECK_GETADDRINFO_WITH_INCLUDES], [AC_REQUIRE([AC_PROG_CC]) AC_MSG_CHECKING(for getaddrinfo) ac_cv_func_getaddrinfo=no AC_LINK_IFELSE( [AC_LANG_SOURCE([[ #ifdef __cplusplus extern "C" { #endif char* getaddrinfo(); char* (*f) () = getaddrinfo; #ifdef __cplusplus } #endif int main(void) { ; return 0; } ]])], dnl this case on linux, solaris, bsd [ac_cv_func_getaddrinfo="yes" dnl see if on windows if test "$ac_cv_header_windows_h" = "yes"; then AC_DEFINE(USE_WINSOCK, 1, [Whether the windows socket API is used]) USE_WINSOCK="1" if echo "$LIBS" | grep 'lws2_32' >/dev/null; then : else LIBS="$LIBS -lws2_32" fi fi ], dnl no quick getaddrinfo, try mingw32 and winsock2 library. dnl perhaps getaddrinfo needs only the include AC_LINK_IFELSE( [AC_LANG_PROGRAM( [ #ifdef HAVE_WS2TCPIP_H #include #endif ], [ (void)getaddrinfo(NULL, NULL, NULL, NULL); ] )], [ ac_cv_func_getaddrinfo="yes" AC_DEFINE(USE_WINSOCK, 1, [Whether the windows socket API is used]) USE_WINSOCK="1" ], ORIGLIBS="$LIBS" LIBS="$LIBS -lws2_32" AC_LINK_IFELSE( [AC_LANG_PROGRAM( [ #ifdef HAVE_WS2TCPIP_H #include #endif ], [ (void)getaddrinfo(NULL, NULL, NULL, NULL); ] )], [ ac_cv_func_getaddrinfo="yes" dnl already: LIBS="$LIBS -lws2_32" AC_DEFINE(USE_WINSOCK, 1, [Whether the windows socket API is used]) USE_WINSOCK="1" ], [ ac_cv_func_getaddrinfo="no" LIBS="$ORIGLIBS" ]) ) ) AC_MSG_RESULT($ac_cv_func_getaddrinfo) if test $ac_cv_func_getaddrinfo = yes; then AC_DEFINE(HAVE_GETADDRINFO, 1, [Whether getaddrinfo is available]) fi ])dnl Endof AC_CHECK_GETADDRINFO_WITH_INCLUDES dnl check if a function is deprecated. defines DEPRECATED_func in config.h. dnl $1: function name dnl $2: C-statement that calls the function. dnl $3: includes for the program. dnl $4: executes if yes dnl $5: executes if no AC_DEFUN([ACX_FUNC_DEPRECATED], [ AC_REQUIRE([AC_PROG_CC]) AC_MSG_CHECKING(if $1 is deprecated) cache=`echo $1 | sed 'y%.=/+-%___p_%'` AC_CACHE_VAL(cv_cc_deprecated_$cache, [ echo '$3' >conftest.c echo 'void f(void){ $2 }' >>conftest.c if test -z "`$CC $CPPFLAGS $CFLAGS -c conftest.c 2>&1 | grep -e deprecated -e unavailable`"; then eval "cv_cc_deprecated_$cache=no" else eval "cv_cc_deprecated_$cache=yes" fi rm -f conftest conftest.o conftest.c ]) if eval "test \"`echo '$cv_cc_deprecated_'$cache`\" = yes"; then AC_MSG_RESULT(yes) AC_DEFINE_UNQUOTED(AS_TR_CPP([DEPRECATED_$1]), 1, [Whether $1 is deprecated]) : $4 else AC_MSG_RESULT(no) : $5 fi ])dnl end of ACX_FUNC_DEPRECATED dnl check if select and nonblocking sockets actually work. dnl Needs fork(2) and select(2). dnl defines NONBLOCKING_IS_BROKEN, and if that is true multiple reads from dnl a nonblocking socket do not work, a new call to select is necessary. AC_DEFUN([ACX_CHECK_NONBLOCKING_BROKEN], [ AC_MSG_CHECKING([if nonblocking sockets work]) if echo $host | grep mingw >/dev/null; then AC_MSG_RESULT([no (windows)]) AC_DEFINE([NONBLOCKING_IS_BROKEN], 1, [Define if the network stack does not fully support nonblocking io (causes lower performance).]) else AC_RUN_IFELSE([ AC_LANG_SOURCE([[ #include #include #include #include #include #ifdef HAVE_SYS_TYPES_H #include #endif #ifdef HAVE_SYS_SELECT_H #include #endif #ifdef HAVE_SYS_SOCKET_H #include #endif #ifdef HAVE_NETINET_IN_H #include #endif #ifdef HAVE_ARPA_INET_H #include #endif #ifdef HAVE_UNISTD_H #include #endif #ifdef HAVE_TIME_H #include #endif int main(void) { int port; int sfd, cfd; int num = 10; int i, p; struct sockaddr_in a; /* test if select and nonblocking reads work well together */ /* open port. fork child to send 10 messages. select to read. then try to nonblocking read the 10 messages then, nonblocking read must give EAGAIN */ port = 12345 + (time(0)%32); sfd = socket(PF_INET, SOCK_DGRAM, 0); if(sfd == -1) { perror("socket"); return 1; } memset(&a, 0, sizeof(a)); a.sin_family = AF_INET; a.sin_port = htons(port); a.sin_addr.s_addr = inet_addr("127.0.0.1"); if(bind(sfd, (struct sockaddr*)&a, sizeof(a)) < 0) { perror("bind"); return 1; } if(fcntl(sfd, F_SETFL, O_NONBLOCK) == -1) { perror("fcntl"); return 1; } cfd = socket(PF_INET, SOCK_DGRAM, 0); if(cfd == -1) { perror("client socket"); return 1; } a.sin_port = 0; if(bind(cfd, (struct sockaddr*)&a, sizeof(a)) < 0) { perror("client bind"); return 1; } a.sin_port = htons(port); /* no handler, causes exit in 10 seconds */ alarm(10); /* send and receive on the socket */ if((p=fork()) == 0) { for(i=0; i #include #ifdef HAVE_WINSOCK2_H #include #endif #ifdef HAVE_SYS_STAT_H #include #endif ]], [[ (void)mkdir("directory"); ]])],[AC_MSG_RESULT(yes) AC_DEFINE(MKDIR_HAS_ONE_ARG, 1, [Define if mkdir has one argument.]) ],[AC_MSG_RESULT(no) ]) ])dnl end of ACX_MKDIR_ONE_ARG dnl Check for ioctlsocket function. works on mingw32 too. AC_DEFUN([ACX_FUNC_IOCTLSOCKET], [ # check ioctlsocket AC_MSG_CHECKING(for ioctlsocket) AC_LINK_IFELSE([AC_LANG_PROGRAM([ #ifdef HAVE_WINSOCK2_H #include #endif ], [ (void)ioctlsocket(0, 0, NULL); ])], [ AC_MSG_RESULT(yes) AC_DEFINE(HAVE_IOCTLSOCKET, 1, [if the function 'ioctlsocket' is available]) ],[AC_MSG_RESULT(no)]) ])dnl end of ACX_FUNC_IOCTLSOCKET dnl detect malloc and provide malloc compat prototype. dnl $1: unique name for compat code AC_DEFUN([ACX_FUNC_MALLOC], [ AC_MSG_CHECKING([for GNU libc compatible malloc]) AC_RUN_IFELSE([AC_LANG_PROGRAM( [[#if defined STDC_HEADERS || defined HAVE_STDLIB_H #include #else char *malloc (); #endif ]], [ if(malloc(0) != 0) return 1;]) ], [AC_MSG_RESULT([no]) AC_LIBOBJ(malloc) AC_DEFINE_UNQUOTED([malloc], [rpl_malloc_$1], [Define if replacement function should be used.])] , [AC_MSG_RESULT([yes]) AC_DEFINE([HAVE_MALLOC], 1, [If have GNU libc compatible malloc])], [AC_MSG_RESULT([no (crosscompile)]) AC_LIBOBJ(malloc) AC_DEFINE_UNQUOTED([malloc], [rpl_malloc_$1], [Define if replacement function should be used.])] ) ]) dnl Define fallback for fseeko and ftello if needed. AC_DEFUN([AHX_CONFIG_FSEEKO], [ #ifndef HAVE_FSEEKO #define fseeko fseek #define ftello ftell #endif /* HAVE_FSEEKO */ ]) dnl Define RAND_MAX if not defined AC_DEFUN([AHX_CONFIG_RAND_MAX], [ #ifndef RAND_MAX #define RAND_MAX 2147483647 #endif ]) dnl Define MAXHOSTNAMELEN if not defined AC_DEFUN([AHX_CONFIG_MAXHOSTNAMELEN], [ #ifndef MAXHOSTNAMELEN #define MAXHOSTNAMELEN 256 #endif ]) dnl Define IPV6_MIN_MTU if not defined AC_DEFUN([AHX_CONFIG_IPV6_MIN_MTU], [ #ifndef IPV6_MIN_MTU #define IPV6_MIN_MTU 1280 #endif /* IPV6_MIN_MTU */ ]) dnl provide snprintf, vsnprintf compat prototype dnl $1: unique name for compat code AC_DEFUN([AHX_CONFIG_SNPRINTF], [ #ifndef HAVE_SNPRINTF #define snprintf snprintf_$1 #define vsnprintf vsnprintf_$1 #include int snprintf (char *str, size_t count, const char *fmt, ...); int vsnprintf (char *str, size_t count, const char *fmt, va_list arg); #endif /* HAVE_SNPRINTF */ ]) dnl provide inet_pton compat prototype. dnl $1: unique name for compat code AC_DEFUN([AHX_CONFIG_INET_PTON], [ #ifndef HAVE_INET_PTON #define inet_pton inet_pton_$1 int inet_pton(int af, const char* src, void* dst); #endif /* HAVE_INET_PTON */ ]) dnl provide inet_ntop compat prototype. dnl $1: unique name for compat code AC_DEFUN([AHX_CONFIG_INET_NTOP], [ #ifndef HAVE_INET_NTOP #define inet_ntop inet_ntop_$1 const char *inet_ntop(int af, const void *src, char *dst, size_t size); #endif ]) dnl provide inet_aton compat prototype. dnl $1: unique name for compat code AC_DEFUN([AHX_CONFIG_INET_ATON], [ #ifndef HAVE_INET_ATON #define inet_aton inet_aton_$1 int inet_aton(const char *cp, struct in_addr *addr); #endif ]) dnl provide memmove compat prototype. dnl $1: unique name for compat code AC_DEFUN([AHX_CONFIG_MEMMOVE], [ #ifndef HAVE_MEMMOVE #define memmove memmove_$1 void *memmove(void *dest, const void *src, size_t n); #endif ]) dnl provide strlcat compat prototype. dnl $1: unique name for compat code AC_DEFUN([AHX_CONFIG_STRLCAT], [ #ifndef HAVE_STRLCAT #define strlcat strlcat_$1 size_t strlcat(char *dst, const char *src, size_t siz); #endif ]) dnl provide strlcpy compat prototype. dnl $1: unique name for compat code AC_DEFUN([AHX_CONFIG_STRLCPY], [ #ifndef HAVE_STRLCPY #define strlcpy strlcpy_$1 size_t strlcpy(char *dst, const char *src, size_t siz); #endif ]) dnl provide gmtime_r compat prototype. dnl $1: unique name for compat code AC_DEFUN([AHX_CONFIG_GMTIME_R], [ #ifndef HAVE_GMTIME_R #define gmtime_r gmtime_r_$1 struct tm *gmtime_r(const time_t *timep, struct tm *result); #endif ]) dnl provide reallocarray compat prototype. dnl $1: unique name for compat code AC_DEFUN([AHX_CONFIG_REALLOCARRAY], [ #ifndef HAVE_REALLOCARRAY #define reallocarray reallocarray$1 void* reallocarray(void *ptr, size_t nmemb, size_t size); #endif ]) dnl provide w32 compat definition for sleep AC_DEFUN([AHX_CONFIG_W32_SLEEP], [ #if !defined(HAVE_SLEEP) || defined(HAVE_WINDOWS_H) #define sleep(x) Sleep((x)*1000) /* on win32 */ #endif /* HAVE_SLEEP */ ]) dnl provide w32 compat definition for usleep AC_DEFUN([AHX_CONFIG_W32_USLEEP], [ #ifndef HAVE_USLEEP #define usleep(x) Sleep((x)/1000 + 1) /* on win32 */ #endif /* HAVE_USLEEP */ ]) dnl provide w32 compat definition for random AC_DEFUN([AHX_CONFIG_W32_RANDOM], [ #ifndef HAVE_RANDOM #define random rand /* on win32, for tests only (bad random) */ #endif /* HAVE_RANDOM */ ]) dnl provide w32 compat definition for srandom AC_DEFUN([AHX_CONFIG_W32_SRANDOM], [ #ifndef HAVE_SRANDOM #define srandom(x) srand(x) /* on win32, for tests only (bad random) */ #endif /* HAVE_SRANDOM */ ]) dnl provide w32 compat definition for FD_SET_T AC_DEFUN([AHX_CONFIG_W32_FD_SET_T], [ /* detect if we need to cast to unsigned int for FD_SET to avoid warnings */ #ifdef HAVE_WINSOCK2_H #define FD_SET_T (u_int) #else #define FD_SET_T #endif ]) dnl Remove an extension flag from CFLAGS, define replacement to be made. dnl Used by ACX_STRIP_EXT_FLAGS. dnl $1: the name of the flag, for example -D_GNU_SOURCE. AC_DEFUN([ACX_CFLAGS_STRIP], [ if echo $CFLAGS | grep " $1" >/dev/null 2>&1; then CFLAGS="`echo $CFLAGS | sed -e 's/ $1//g'`" AC_DEFINE(m4_bpatsubst(OMITTED_$1,[[-=]],_), 1, Put $1 define in config.h) fi ]) dnl Remove EXT flags from the CFLAGS and set them to be defined in config.h dnl use with ACX_DETERMINE_EXT_FLAGS. AC_DEFUN([ACX_STRIP_EXT_FLAGS], [ AC_MSG_NOTICE([Stripping extension flags...]) ACX_CFLAGS_STRIP(-D_GNU_SOURCE) ACX_CFLAGS_STRIP(-D_BSD_SOURCE) ACX_CFLAGS_STRIP(-D_DEFAULT_SOURCE) ACX_CFLAGS_STRIP(-D__EXTENSIONS__) ACX_CFLAGS_STRIP(-D_POSIX_C_SOURCE=200112) ACX_CFLAGS_STRIP(-D_XOPEN_SOURCE=600) ACX_CFLAGS_STRIP(-D_XOPEN_SOURCE_EXTENDED=1) ACX_CFLAGS_STRIP(-D_ALL_SOURCE) ACX_CFLAGS_STRIP(-D_LARGEFILE_SOURCE=1) ]) dnl End of ACX_STRIP_EXT_FLAGS dnl define one omitted flag for config.h dnl $1: flag name. -D_GNU_SOURCE dnl $2: replacement define. _GNU_SOURCE dnl $3: define value, 1 AC_DEFUN([AHX_CONFIG_FLAG_OMITTED], [#if defined($1) && !defined($2) #define $2 $3 [#]endif]) dnl Wrapper for AHX_CONFIG_FLAG_OMITTED for -D style flags dnl $1: the -DNAME or -DNAME=value string. AC_DEFUN([AHX_CONFIG_FLAG_EXT], [AHX_CONFIG_FLAG_OMITTED(m4_bpatsubst(OMITTED_$1,[[-=]],_),m4_bpatsubst(m4_bpatsubst($1,-D,),=.*$,),m4_if(m4_bregexp($1,=),-1,1,m4_bpatsubst($1,^.*=,))) ]) dnl config.h part to define omitted cflags, use with ACX_STRIP_EXT_FLAGS. AC_DEFUN([AHX_CONFIG_EXT_FLAGS], [AHX_CONFIG_FLAG_EXT(-D_GNU_SOURCE) AHX_CONFIG_FLAG_EXT(-D_BSD_SOURCE) AHX_CONFIG_FLAG_EXT(-D_DEFAULT_SOURCE) AHX_CONFIG_FLAG_EXT(-D__EXTENSIONS__) AHX_CONFIG_FLAG_EXT(-D_POSIX_C_SOURCE=200112) AHX_CONFIG_FLAG_EXT(-D_XOPEN_SOURCE=600) AHX_CONFIG_FLAG_EXT(-D_XOPEN_SOURCE_EXTENDED=1) AHX_CONFIG_FLAG_EXT(-D_ALL_SOURCE) AHX_CONFIG_FLAG_EXT(-D_LARGEFILE_SOURCE=1) ]) dnl check if memcmp is using signed characters and replace if so. AC_DEFUN([ACX_CHECK_MEMCMP_SIGNED], [AC_MSG_CHECKING([if memcmp compares unsigned]) AC_RUN_IFELSE([AC_LANG_SOURCE([[ #include #include #include int main(void) { char a = 255, b = 0; if(memcmp(&a, &b, 1) < 0) return 1; return 0; } ]])], [AC_MSG_RESULT([yes]) ], [ AC_MSG_RESULT([no]) AC_DEFINE([MEMCMP_IS_BROKEN], [1], [Define if memcmp() does not compare unsigned bytes]) AC_LIBOBJ([memcmp]) ], [ AC_MSG_RESULT([cross-compile no]) AC_DEFINE([MEMCMP_IS_BROKEN], [1], [Define if memcmp() does not compare unsigned bytes]) AC_LIBOBJ([memcmp]) ]) ]) dnl define memcmp to its replacement, pass unique id for program as arg AC_DEFUN([AHX_MEMCMP_BROKEN], [ #ifdef MEMCMP_IS_BROKEN #include "compat/memcmp.h" #define memcmp memcmp_$1 int memcmp(const void *x, const void *y, size_t n); #endif ]) dnl ACX_CHECK_SS_FAMILY - check for sockaddr_storage.ss_family AC_DEFUN([ACX_CHECK_SS_FAMILY], [AC_CHECK_MEMBER([struct sockaddr_storage.ss_family], [], [ AC_CHECK_MEMBER([struct sockaddr_storage.__ss_family], [ AC_DEFINE([ss_family], [__ss_family], [Fallback member name for socket family in struct sockaddr_storage]) ],, [AC_INCLUDES_DEFAULT #ifdef HAVE_NETINET_IN_H #include #endif #ifdef HAVE_SYS_SOCKET_H #include #endif #ifdef HAVE_NETDB_H #include #endif #ifdef HAVE_ARPA_INET_H #include #endif ]) ], [AC_INCLUDES_DEFAULT #ifdef HAVE_NETINET_IN_H #include #endif #ifdef HAVE_SYS_SOCKET_H #include #endif #ifdef HAVE_NETDB_H #include #endif #ifdef HAVE_ARPA_INET_H #include #endif ]) ]) dnl Check if CC and linker support -fPIE and -pie. dnl If so, sets them in CFLAGS / LDFLAGS. AC_DEFUN([ACX_CHECK_PIE], [ AC_ARG_ENABLE([pie], AS_HELP_STRING([--enable-pie], [Enable Position-Independent Executable (eg. to fully benefit from ASLR, small performance penalty)])) AS_IF([test "x$enable_pie" = "xyes"], [ AC_MSG_CHECKING([if $CC supports PIE]) BAKLDFLAGS="$LDFLAGS" BAKCFLAGS="$CFLAGS" LDFLAGS="$LDFLAGS -pie" CFLAGS="$CFLAGS -fPIE" AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])], [ if $CC $CFLAGS $LDFLAGS -o conftest conftest.c 2>&1 | grep "warning: no debug symbols in executable" >/dev/null; then LDFLAGS="$BAKLDFLAGS" AC_MSG_RESULT(no) else AC_MSG_RESULT(yes) fi rm -f conftest conftest.c conftest.o ], [LDFLAGS="$BAKLDFLAGS" ; CFLAGS="$BAKCFLAGS" ; AC_MSG_RESULT(no)]) ]) ]) dnl Check if linker supports -Wl,-z,relro,-z,now. dnl If so, adds it to LDFLAGS. AC_DEFUN([ACX_CHECK_RELRO_NOW], [ AC_ARG_ENABLE([relro_now], AS_HELP_STRING([--enable-relro-now], [Enable full relocation binding at load-time (RELRO NOW, to protect GOT and .dtor areas)])) AS_IF([test "x$enable_relro_now" = "xyes"], [ AC_MSG_CHECKING([if $CC supports -Wl,-z,relro,-z,now]) BAKLDFLAGS="$LDFLAGS" LDFLAGS="$LDFLAGS -Wl,-z,relro,-z,now" AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])], [ if $CC $CFLAGS $LDFLAGS -o conftest conftest.c 2>&1 | grep "warning: no debug symbols in executable" >/dev/null; then LDFLAGS="$BAKLDFLAGS" AC_MSG_RESULT(no) else AC_MSG_RESULT(yes) fi rm -f conftest conftest.c conftest.o ], [LDFLAGS="$BAKLDFLAGS" ; AC_MSG_RESULT(no)]) ]) ]) dnl End of file ldns-1.9.0/linktest.c0000664000175000017500000000021015114326257014027 0ustar willemwillem #include "ldns/config.h" #include int main(void) { ldns_rr *rr = ldns_rr_new(); ldns_rr_free(rr); return 0; } ldns-1.9.0/packet.c0000664000175000017500000006644615114326257013470 0ustar willemwillem/* * packet.c * * dns packet implementation * * a Net::DNS like library for C * * (c) NLnet Labs, 2004-2006 * * See the file LICENSE for the license */ #include #include #include #include #ifdef HAVE_SSL #include #endif /* Access functions * do this as functions to get type checking */ #define LDNS_EDNS_MASK_DO_BIT 0x8000 #define LDNS_EDNS_MASK_CO_BIT 0x4000 #define LDNS_EDNS_MASK_UNASSIGNED (0xFFFF & ~( LDNS_EDNS_MASK_DO_BIT \ | LDNS_EDNS_MASK_CO_BIT )) /* TODO defines for 3600 */ /* convert to and from numerical flag values */ ldns_lookup_table ldns_edns_flags[] = { { 3600, "do"}, { 0, NULL} }; /* read */ uint16_t ldns_pkt_id(const ldns_pkt *packet) { return packet->_header->_id; } bool ldns_pkt_qr(const ldns_pkt *packet) { return packet->_header->_qr; } bool ldns_pkt_aa(const ldns_pkt *packet) { return packet->_header->_aa; } bool ldns_pkt_tc(const ldns_pkt *packet) { return packet->_header->_tc; } bool ldns_pkt_rd(const ldns_pkt *packet) { return packet->_header->_rd; } bool ldns_pkt_cd(const ldns_pkt *packet) { return packet->_header->_cd; } bool ldns_pkt_ra(const ldns_pkt *packet) { return packet->_header->_ra; } bool ldns_pkt_ad(const ldns_pkt *packet) { return packet->_header->_ad; } ldns_pkt_opcode ldns_pkt_get_opcode(const ldns_pkt *packet) { return packet->_header->_opcode; } ldns_pkt_rcode ldns_pkt_get_rcode(const ldns_pkt *packet) { return packet->_header->_rcode; } uint16_t ldns_pkt_qdcount(const ldns_pkt *packet) { return packet->_header->_qdcount; } uint16_t ldns_pkt_ancount(const ldns_pkt *packet) { return packet->_header->_ancount; } uint16_t ldns_pkt_nscount(const ldns_pkt *packet) { return packet->_header->_nscount; } uint16_t ldns_pkt_arcount(const ldns_pkt *packet) { return packet->_header->_arcount; } ldns_rr_list * ldns_pkt_question(const ldns_pkt *packet) { return packet->_question; } ldns_rr_list * ldns_pkt_answer(const ldns_pkt *packet) { return packet->_answer; } ldns_rr_list * ldns_pkt_authority(const ldns_pkt *packet) { return packet->_authority; } ldns_rr_list * ldns_pkt_additional(const ldns_pkt *packet) { return packet->_additional; } /* return ALL section concatenated */ ldns_rr_list * ldns_pkt_all(const ldns_pkt *packet) { ldns_rr_list *all, *prev_all; all = ldns_rr_list_cat_clone( ldns_pkt_question(packet), ldns_pkt_answer(packet)); prev_all = all; all = ldns_rr_list_cat_clone(all, ldns_pkt_authority(packet)); ldns_rr_list_deep_free(prev_all); prev_all = all; all = ldns_rr_list_cat_clone(all, ldns_pkt_additional(packet)); ldns_rr_list_deep_free(prev_all); return all; } ldns_rr_list * ldns_pkt_all_noquestion(const ldns_pkt *packet) { ldns_rr_list *all, *all2; all = ldns_rr_list_cat_clone( ldns_pkt_answer(packet), ldns_pkt_authority(packet)); all2 = ldns_rr_list_cat_clone(all, ldns_pkt_additional(packet)); ldns_rr_list_deep_free(all); return all2; } size_t ldns_pkt_size(const ldns_pkt *packet) { return packet->_size; } uint32_t ldns_pkt_querytime(const ldns_pkt *packet) { return packet->_querytime; } ldns_rdf * ldns_pkt_answerfrom(const ldns_pkt *packet) { return packet->_answerfrom; } struct timeval ldns_pkt_timestamp(const ldns_pkt *packet) { return packet->timestamp; } uint16_t ldns_pkt_edns_udp_size(const ldns_pkt *packet) { return packet->_edns_udp_size; } uint8_t ldns_pkt_edns_extended_rcode(const ldns_pkt *packet) { return packet->_edns_extended_rcode; } uint8_t ldns_pkt_edns_version(const ldns_pkt *packet) { return packet->_edns_version; } uint16_t ldns_pkt_edns_z(const ldns_pkt *packet) { return packet->_edns_z; } bool ldns_pkt_edns_do(const ldns_pkt *packet) { return (packet->_edns_z & LDNS_EDNS_MASK_DO_BIT); } void ldns_pkt_set_edns_do(ldns_pkt *packet, bool value) { if (value) { packet->_edns_z = packet->_edns_z | LDNS_EDNS_MASK_DO_BIT; } else { packet->_edns_z = packet->_edns_z & ~LDNS_EDNS_MASK_DO_BIT; } } bool ldns_pkt_edns_co(const ldns_pkt *packet) { return (packet->_edns_z & LDNS_EDNS_MASK_CO_BIT); } void ldns_pkt_set_edns_co(ldns_pkt *packet, bool value) { if (value) { packet->_edns_z = packet->_edns_z | LDNS_EDNS_MASK_CO_BIT; } else { packet->_edns_z = packet->_edns_z & ~LDNS_EDNS_MASK_CO_BIT; } } uint16_t ldns_pkt_edns_unassigned(const ldns_pkt *packet) { return (packet->_edns_z & LDNS_EDNS_MASK_UNASSIGNED); } void ldns_pkt_set_edns_unassigned(ldns_pkt *packet, uint16_t value) { packet->_edns_z = (packet->_edns_z & ~LDNS_EDNS_MASK_UNASSIGNED) | (value & LDNS_EDNS_MASK_UNASSIGNED); } ldns_rdf * ldns_pkt_edns_data(const ldns_pkt *packet) { return packet->_edns_data; } /* return only those rr that share the ownername */ ldns_rr_list * ldns_pkt_rr_list_by_name(const ldns_pkt *packet, const ldns_rdf *ownername, ldns_pkt_section sec) { ldns_rr_list *rrs; ldns_rr_list *ret; uint16_t i; if (!packet) { return NULL; } rrs = ldns_pkt_get_section_clone(packet, sec); ret = NULL; for(i = 0; i < ldns_rr_list_rr_count(rrs); i++) { if (ldns_dname_compare(ldns_rr_owner( ldns_rr_list_rr(rrs, i)), ownername) == 0) { /* owner names match */ if (ret == NULL) { ret = ldns_rr_list_new(); } ldns_rr_list_push_rr(ret, ldns_rr_clone( ldns_rr_list_rr(rrs, i)) ); } } ldns_rr_list_deep_free(rrs); return ret; } /* return only those rr that share a type */ ldns_rr_list * ldns_pkt_rr_list_by_type(const ldns_pkt *packet, ldns_rr_type type, ldns_pkt_section sec) { ldns_rr_list *rrs; ldns_rr_list *new; uint16_t i; if(!packet) { return NULL; } rrs = ldns_pkt_get_section_clone(packet, sec); new = ldns_rr_list_new(); for(i = 0; i < ldns_rr_list_rr_count(rrs); i++) { if (type == ldns_rr_get_type(ldns_rr_list_rr(rrs, i))) { /* types match */ ldns_rr_list_push_rr(new, ldns_rr_clone( ldns_rr_list_rr(rrs, i)) ); } } ldns_rr_list_deep_free(rrs); if (ldns_rr_list_rr_count(new) == 0) { ldns_rr_list_free(new); return NULL; } else { return new; } } /* return only those rrs that share name and type */ ldns_rr_list * ldns_pkt_rr_list_by_name_and_type(const ldns_pkt *packet, const ldns_rdf *ownername, ldns_rr_type type, ldns_pkt_section sec) { ldns_rr_list *rrs; ldns_rr_list *new; ldns_rr_list *ret; uint16_t i; if(!packet) { return NULL; } rrs = ldns_pkt_get_section_clone(packet, sec); new = ldns_rr_list_new(); ret = NULL; for(i = 0; i < ldns_rr_list_rr_count(rrs); i++) { if (type == ldns_rr_get_type(ldns_rr_list_rr(rrs, i)) && ldns_dname_compare(ldns_rr_owner(ldns_rr_list_rr(rrs, i)), ownername ) == 0 ) { /* types match */ ldns_rr_list_push_rr(new, ldns_rr_clone(ldns_rr_list_rr(rrs, i))); ret = new; } } ldns_rr_list_deep_free(rrs); if (!ret) { ldns_rr_list_free(new); } return ret; } bool ldns_pkt_rr(const ldns_pkt *pkt, ldns_pkt_section sec, const ldns_rr *rr) { bool result = false; switch (sec) { case LDNS_SECTION_QUESTION: return ldns_rr_list_contains_rr(ldns_pkt_question(pkt), rr); case LDNS_SECTION_ANSWER: return ldns_rr_list_contains_rr(ldns_pkt_answer(pkt), rr); case LDNS_SECTION_AUTHORITY: return ldns_rr_list_contains_rr(ldns_pkt_authority(pkt), rr); case LDNS_SECTION_ADDITIONAL: return ldns_rr_list_contains_rr(ldns_pkt_additional(pkt), rr); case LDNS_SECTION_ANY: result = ldns_rr_list_contains_rr(ldns_pkt_question(pkt), rr); /* fallthrough */ case LDNS_SECTION_ANY_NOQUESTION: result = result || ldns_rr_list_contains_rr(ldns_pkt_answer(pkt), rr) || ldns_rr_list_contains_rr(ldns_pkt_authority(pkt), rr) || ldns_rr_list_contains_rr(ldns_pkt_additional(pkt), rr); } return result; } uint16_t ldns_pkt_section_count(const ldns_pkt *packet, ldns_pkt_section s) { switch(s) { case LDNS_SECTION_QUESTION: return ldns_pkt_qdcount(packet); case LDNS_SECTION_ANSWER: return ldns_pkt_ancount(packet); case LDNS_SECTION_AUTHORITY: return ldns_pkt_nscount(packet); case LDNS_SECTION_ADDITIONAL: return ldns_pkt_arcount(packet); case LDNS_SECTION_ANY: return ldns_pkt_qdcount(packet) + ldns_pkt_ancount(packet) + ldns_pkt_nscount(packet) + ldns_pkt_arcount(packet); case LDNS_SECTION_ANY_NOQUESTION: return ldns_pkt_ancount(packet) + ldns_pkt_nscount(packet) + ldns_pkt_arcount(packet); default: return 0; } } bool ldns_pkt_empty(ldns_pkt *p) { if (!p) { return true; /* NULL is empty? */ } if (ldns_pkt_section_count(p, LDNS_SECTION_ANY) > 0) { return false; } else { return true; } } ldns_rr_list * ldns_pkt_get_section_clone(const ldns_pkt *packet, ldns_pkt_section s) { switch(s) { case LDNS_SECTION_QUESTION: return ldns_rr_list_clone(ldns_pkt_question(packet)); case LDNS_SECTION_ANSWER: return ldns_rr_list_clone(ldns_pkt_answer(packet)); case LDNS_SECTION_AUTHORITY: return ldns_rr_list_clone(ldns_pkt_authority(packet)); case LDNS_SECTION_ADDITIONAL: return ldns_rr_list_clone(ldns_pkt_additional(packet)); case LDNS_SECTION_ANY: /* these are already clones */ return ldns_pkt_all(packet); case LDNS_SECTION_ANY_NOQUESTION: return ldns_pkt_all_noquestion(packet); default: return NULL; } } ldns_rr *ldns_pkt_tsig(const ldns_pkt *pkt) { return pkt->_tsig_rr; } /* write */ void ldns_pkt_set_id(ldns_pkt *packet, uint16_t id) { packet->_header->_id = id; } void ldns_pkt_set_random_id(ldns_pkt *packet) { uint16_t rid = ldns_get_random(); ldns_pkt_set_id(packet, rid); } void ldns_pkt_set_qr(ldns_pkt *packet, bool qr) { packet->_header->_qr = qr; } void ldns_pkt_set_aa(ldns_pkt *packet, bool aa) { packet->_header->_aa = aa; } void ldns_pkt_set_tc(ldns_pkt *packet, bool tc) { packet->_header->_tc = tc; } void ldns_pkt_set_rd(ldns_pkt *packet, bool rd) { packet->_header->_rd = rd; } void ldns_pkt_set_additional(ldns_pkt *p, ldns_rr_list *rr) { p->_additional = rr; } void ldns_pkt_set_question(ldns_pkt *p, ldns_rr_list *rr) { p->_question = rr; } void ldns_pkt_set_answer(ldns_pkt *p, ldns_rr_list *rr) { p->_answer = rr; } void ldns_pkt_set_authority(ldns_pkt *p, ldns_rr_list *rr) { p->_authority = rr; } void ldns_pkt_set_cd(ldns_pkt *packet, bool cd) { packet->_header->_cd = cd; } void ldns_pkt_set_ra(ldns_pkt *packet, bool ra) { packet->_header->_ra = ra; } void ldns_pkt_set_ad(ldns_pkt *packet, bool ad) { packet->_header->_ad = ad; } void ldns_pkt_set_opcode(ldns_pkt *packet, ldns_pkt_opcode opcode) { packet->_header->_opcode = opcode; } void ldns_pkt_set_rcode(ldns_pkt *packet, uint8_t rcode) { packet->_header->_rcode = rcode; } void ldns_pkt_set_qdcount(ldns_pkt *packet, uint16_t qdcount) { packet->_header->_qdcount = qdcount; } void ldns_pkt_set_ancount(ldns_pkt *packet, uint16_t ancount) { packet->_header->_ancount = ancount; } void ldns_pkt_set_nscount(ldns_pkt *packet, uint16_t nscount) { packet->_header->_nscount = nscount; } void ldns_pkt_set_arcount(ldns_pkt *packet, uint16_t arcount) { packet->_header->_arcount = arcount; } void ldns_pkt_set_querytime(ldns_pkt *packet, uint32_t time) { packet->_querytime = time; } void ldns_pkt_set_answerfrom(ldns_pkt *packet, ldns_rdf *answerfrom) { packet->_answerfrom = answerfrom; } void ldns_pkt_set_timestamp(ldns_pkt *packet, struct timeval timeval) { packet->timestamp.tv_sec = timeval.tv_sec; packet->timestamp.tv_usec = timeval.tv_usec; } void ldns_pkt_set_size(ldns_pkt *packet, size_t s) { packet->_size = s; } void ldns_pkt_set_edns_udp_size(ldns_pkt *packet, uint16_t s) { packet->_edns_udp_size = s; } void ldns_pkt_set_edns_extended_rcode(ldns_pkt *packet, uint8_t c) { packet->_edns_extended_rcode = c; } void ldns_pkt_set_edns_version(ldns_pkt *packet, uint8_t v) { packet->_edns_version = v; } void ldns_pkt_set_edns_z(ldns_pkt *packet, uint16_t z) { packet->_edns_z = z; } void ldns_pkt_set_edns_data(ldns_pkt *packet, ldns_rdf *data) { packet->_edns_data = data; } void ldns_pkt_set_edns_option_list(ldns_pkt *packet, ldns_edns_option_list *list) { if (packet->_edns_list) ldns_edns_option_list_deep_free(packet->_edns_list); packet->_edns_list = list; } void ldns_pkt_set_section_count(ldns_pkt *packet, ldns_pkt_section s, uint16_t count) { switch(s) { case LDNS_SECTION_QUESTION: ldns_pkt_set_qdcount(packet, count); break; case LDNS_SECTION_ANSWER: ldns_pkt_set_ancount(packet, count); break; case LDNS_SECTION_AUTHORITY: ldns_pkt_set_nscount(packet, count); break; case LDNS_SECTION_ADDITIONAL: ldns_pkt_set_arcount(packet, count); break; case LDNS_SECTION_ANY: case LDNS_SECTION_ANY_NOQUESTION: break; } } void ldns_pkt_set_tsig(ldns_pkt *pkt, ldns_rr *rr) { pkt->_tsig_rr = rr; } bool ldns_pkt_push_rr(ldns_pkt *packet, ldns_pkt_section section, ldns_rr *rr) { switch(section) { case LDNS_SECTION_QUESTION: if (!ldns_rr_list_push_rr(ldns_pkt_question(packet), rr)) { return false; } ldns_pkt_set_qdcount(packet, ldns_pkt_qdcount(packet) + 1); break; case LDNS_SECTION_ANSWER: if (!ldns_rr_list_push_rr(ldns_pkt_answer(packet), rr)) { return false; } ldns_pkt_set_ancount(packet, ldns_pkt_ancount(packet) + 1); break; case LDNS_SECTION_AUTHORITY: if (!ldns_rr_list_push_rr(ldns_pkt_authority(packet), rr)) { return false; } ldns_pkt_set_nscount(packet, ldns_pkt_nscount(packet) + 1); break; case LDNS_SECTION_ADDITIONAL: if (!ldns_rr_list_push_rr(ldns_pkt_additional(packet), rr)) { return false; } ldns_pkt_set_arcount(packet, ldns_pkt_arcount(packet) + 1); break; case LDNS_SECTION_ANY: case LDNS_SECTION_ANY_NOQUESTION: /* shouldn't this error? */ break; } return true; } bool ldns_pkt_safe_push_rr(ldns_pkt *pkt, ldns_pkt_section sec, ldns_rr *rr) { /* check to see if its there */ if (ldns_pkt_rr(pkt, sec, rr)) { /* already there */ return false; } return ldns_pkt_push_rr(pkt, sec, rr); } bool ldns_pkt_push_rr_list(ldns_pkt *p, ldns_pkt_section s, ldns_rr_list *list) { size_t i; for(i = 0; i < ldns_rr_list_rr_count(list); i++) { if (!ldns_pkt_push_rr(p, s, ldns_rr_list_rr(list, i))) { return false; } } return true; } bool ldns_pkt_safe_push_rr_list(ldns_pkt *p, ldns_pkt_section s, ldns_rr_list *list) { size_t i; for(i = 0; i < ldns_rr_list_rr_count(list); i++) { if (!ldns_pkt_safe_push_rr(p, s, ldns_rr_list_rr(list, i))) { return false; } } return true; } bool ldns_pkt_edns(const ldns_pkt *pkt) { return (ldns_pkt_edns_udp_size(pkt) > 0 || ldns_pkt_edns_extended_rcode(pkt) > 0 || ldns_pkt_edns_data(pkt) || ldns_pkt_edns_do(pkt) || ldns_pkt_edns_co(pkt) || pkt->_edns_list || pkt->_edns_present ); } ldns_edns_option_list* pkt_edns_data2edns_option_list(const ldns_rdf *edns_data); ldns_edns_option_list* pkt_edns_data2edns_option_list(const ldns_rdf *edns_data) { size_t pos = 0; ldns_edns_option_list* edns_list; size_t max; const uint8_t* wire; if (!edns_data) return NULL; max = ldns_rdf_size(edns_data); wire = ldns_rdf_data(edns_data); if (!max) return NULL; if (!(edns_list = ldns_edns_option_list_new())) return NULL; while (pos < max) { ldns_edns_option* edns; uint8_t *data; if (pos + 4 > max) { /* make sure the header fits */ ldns_edns_option_list_deep_free(edns_list); return NULL; } ldns_edns_option_code code = ldns_read_uint16(&wire[pos]); size_t size = ldns_read_uint16(&wire[pos+2]); pos += 4; if (pos + size > max) { /* make sure the size fits the data */ ldns_edns_option_list_deep_free(edns_list); return NULL; } data = LDNS_XMALLOC(uint8_t, size); if (!data) { ldns_edns_option_list_deep_free(edns_list); return NULL; } memcpy(data, &wire[pos], size); pos += size; edns = ldns_edns_new(code, size, data); if (!edns) { ldns_edns_option_list_deep_free(edns_list); return NULL; } if (!ldns_edns_option_list_push(edns_list, edns)) { ldns_edns_option_list_deep_free(edns_list); return NULL; } } return edns_list; } ldns_edns_option_list* ldns_pkt_edns_get_option_list(ldns_pkt *packet) { /* return the list if it already exists */ if (packet->_edns_list != NULL) return packet->_edns_list; /* if the list doesn't exists, we create it by parsing the * packet->_edns_data */ if (!ldns_pkt_edns_data(packet)) return NULL; return ( packet->_edns_list = pkt_edns_data2edns_option_list(ldns_pkt_edns_data(packet))); } /* Create/destroy/convert functions */ ldns_pkt * ldns_pkt_new(void) { ldns_pkt *packet; packet = LDNS_MALLOC(ldns_pkt); if (!packet) { return NULL; } packet->_header = LDNS_MALLOC(ldns_hdr); if (!packet->_header) { LDNS_FREE(packet); return NULL; } packet->_question = ldns_rr_list_new(); packet->_answer = ldns_rr_list_new(); packet->_authority = ldns_rr_list_new(); packet->_additional = ldns_rr_list_new(); /* default everything to false */ ldns_pkt_set_qr(packet, false); ldns_pkt_set_aa(packet, false); ldns_pkt_set_tc(packet, false); ldns_pkt_set_rd(packet, false); ldns_pkt_set_ra(packet, false); ldns_pkt_set_ad(packet, false); ldns_pkt_set_cd(packet, false); ldns_pkt_set_opcode(packet, LDNS_PACKET_QUERY); ldns_pkt_set_rcode(packet, 0); ldns_pkt_set_id(packet, 0); ldns_pkt_set_size(packet, 0); ldns_pkt_set_querytime(packet, 0); memset(&packet->timestamp, 0, sizeof(packet->timestamp)); ldns_pkt_set_answerfrom(packet, NULL); ldns_pkt_set_section_count(packet, LDNS_SECTION_QUESTION, 0); ldns_pkt_set_section_count(packet, LDNS_SECTION_ANSWER, 0); ldns_pkt_set_section_count(packet, LDNS_SECTION_AUTHORITY, 0); ldns_pkt_set_section_count(packet, LDNS_SECTION_ADDITIONAL, 0); ldns_pkt_set_edns_udp_size(packet, 0); ldns_pkt_set_edns_extended_rcode(packet, 0); ldns_pkt_set_edns_version(packet, 0); ldns_pkt_set_edns_z(packet, 0); ldns_pkt_set_edns_data(packet, NULL); packet->_edns_list = NULL; packet->_edns_present = false; ldns_pkt_set_tsig(packet, NULL); return packet; } void ldns_pkt_free(ldns_pkt *packet) { if (packet) { LDNS_FREE(packet->_header); ldns_rr_list_deep_free(packet->_question); ldns_rr_list_deep_free(packet->_answer); ldns_rr_list_deep_free(packet->_authority); ldns_rr_list_deep_free(packet->_additional); ldns_rr_free(packet->_tsig_rr); ldns_rdf_deep_free(packet->_edns_data); ldns_edns_option_list_deep_free(packet->_edns_list); ldns_rdf_deep_free(packet->_answerfrom); LDNS_FREE(packet); } } bool ldns_pkt_set_flags(ldns_pkt *packet, uint16_t flags) { if (!packet) { return false; } if ((flags & LDNS_QR) == LDNS_QR) { ldns_pkt_set_qr(packet, true); } if ((flags & LDNS_AA) == LDNS_AA) { ldns_pkt_set_aa(packet, true); } if ((flags & LDNS_RD) == LDNS_RD) { ldns_pkt_set_rd(packet, true); } if ((flags & LDNS_TC) == LDNS_TC) { ldns_pkt_set_tc(packet, true); } if ((flags & LDNS_CD) == LDNS_CD) { ldns_pkt_set_cd(packet, true); } if ((flags & LDNS_RA) == LDNS_RA) { ldns_pkt_set_ra(packet, true); } if ((flags & LDNS_AD) == LDNS_AD) { ldns_pkt_set_ad(packet, true); } return true; } static ldns_rr* ldns_pkt_authsoa(const ldns_rdf* rr_name, ldns_rr_class rr_class) { ldns_rr* soa_rr = ldns_rr_new(); ldns_rdf *owner_rdf; ldns_rdf *mname_rdf; ldns_rdf *rname_rdf; ldns_rdf *serial_rdf; ldns_rdf *refresh_rdf; ldns_rdf *retry_rdf; ldns_rdf *expire_rdf; ldns_rdf *minimum_rdf; if (!soa_rr) { return NULL; } owner_rdf = ldns_rdf_clone(rr_name); if (!owner_rdf) { ldns_rr_free(soa_rr); return NULL; } ldns_rr_set_owner(soa_rr, owner_rdf); ldns_rr_set_type(soa_rr, LDNS_RR_TYPE_SOA); ldns_rr_set_class(soa_rr, rr_class); ldns_rr_set_question(soa_rr, false); if (ldns_str2rdf_dname(&mname_rdf, ".") != LDNS_STATUS_OK) { ldns_rr_free(soa_rr); return NULL; } else { ldns_rr_push_rdf(soa_rr, mname_rdf); } if (ldns_str2rdf_dname(&rname_rdf, ".") != LDNS_STATUS_OK) { ldns_rr_free(soa_rr); return NULL; } else { ldns_rr_push_rdf(soa_rr, rname_rdf); } serial_rdf = ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, 0); if (!serial_rdf) { ldns_rr_free(soa_rr); return NULL; } else { ldns_rr_push_rdf(soa_rr, serial_rdf); } refresh_rdf = ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, 0); if (!refresh_rdf) { ldns_rr_free(soa_rr); return NULL; } else { ldns_rr_push_rdf(soa_rr, refresh_rdf); } retry_rdf = ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, 0); if (!retry_rdf) { ldns_rr_free(soa_rr); return NULL; } else { ldns_rr_push_rdf(soa_rr, retry_rdf); } expire_rdf = ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, 0); if (!expire_rdf) { ldns_rr_free(soa_rr); return NULL; } else { ldns_rr_push_rdf(soa_rr, expire_rdf); } minimum_rdf = ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, 0); if (!minimum_rdf) { ldns_rr_free(soa_rr); return NULL; } else { ldns_rr_push_rdf(soa_rr, minimum_rdf); } return soa_rr; } static ldns_status ldns_pkt_query_new_frm_str_internal(ldns_pkt **p, const char *name, ldns_rr_type rr_type, ldns_rr_class rr_class, uint16_t flags, ldns_rr* authsoa_rr) { ldns_pkt *packet; ldns_rr *question_rr; ldns_rdf *name_rdf; packet = ldns_pkt_new(); if (!packet) { return LDNS_STATUS_MEM_ERR; } if (!ldns_pkt_set_flags(packet, flags)) { ldns_pkt_free(packet); return LDNS_STATUS_ERR; } question_rr = ldns_rr_new(); if (!question_rr) { ldns_pkt_free(packet); return LDNS_STATUS_MEM_ERR; } if (rr_type == 0) { rr_type = LDNS_RR_TYPE_A; } if (rr_class == 0) { rr_class = LDNS_RR_CLASS_IN; } if (ldns_str2rdf_dname(&name_rdf, name) == LDNS_STATUS_OK) { ldns_rr_set_owner(question_rr, name_rdf); ldns_rr_set_type(question_rr, rr_type); ldns_rr_set_class(question_rr, rr_class); ldns_rr_set_question(question_rr, true); ldns_pkt_push_rr(packet, LDNS_SECTION_QUESTION, question_rr); } else { ldns_rr_free(question_rr); ldns_pkt_free(packet); return LDNS_STATUS_ERR; } if (authsoa_rr) { ldns_pkt_push_rr(packet, LDNS_SECTION_AUTHORITY, authsoa_rr); } packet->_tsig_rr = NULL; ldns_pkt_set_answerfrom(packet, NULL); if (p) { *p = packet; return LDNS_STATUS_OK; } else { ldns_pkt_free(packet); return LDNS_STATUS_NULL; } } ldns_status ldns_pkt_query_new_frm_str(ldns_pkt **p, const char *name, ldns_rr_type rr_type, ldns_rr_class rr_class, uint16_t flags) { return ldns_pkt_query_new_frm_str_internal(p, name, rr_type, rr_class, flags, NULL); } ldns_status ldns_pkt_ixfr_request_new_frm_str(ldns_pkt **p, const char *name, ldns_rr_class rr_class, uint16_t flags, ldns_rr *soa) { ldns_rr* authsoa_rr = soa; if (!authsoa_rr) { ldns_rdf *name_rdf; if (ldns_str2rdf_dname(&name_rdf, name) == LDNS_STATUS_OK) { authsoa_rr = ldns_pkt_authsoa(name_rdf, rr_class); } ldns_rdf_free(name_rdf); } return ldns_pkt_query_new_frm_str_internal(p, name, LDNS_RR_TYPE_IXFR, rr_class, flags, authsoa_rr); } static ldns_pkt * ldns_pkt_query_new_internal(ldns_rdf *rr_name, ldns_rr_type rr_type, ldns_rr_class rr_class, uint16_t flags, ldns_rr* authsoa_rr) { ldns_pkt *packet; ldns_rr *question_rr; packet = ldns_pkt_new(); if (!packet) { return NULL; } if (!ldns_pkt_set_flags(packet, flags)) { return NULL; } question_rr = ldns_rr_new(); if (!question_rr) { ldns_pkt_free(packet); return NULL; } if (rr_type == 0) { rr_type = LDNS_RR_TYPE_A; } if (rr_class == 0) { rr_class = LDNS_RR_CLASS_IN; } ldns_rr_set_owner(question_rr, rr_name); ldns_rr_set_type(question_rr, rr_type); ldns_rr_set_class(question_rr, rr_class); ldns_rr_set_question(question_rr, true); ldns_pkt_push_rr(packet, LDNS_SECTION_QUESTION, question_rr); if (authsoa_rr) { ldns_pkt_push_rr(packet, LDNS_SECTION_AUTHORITY, authsoa_rr); } packet->_tsig_rr = NULL; return packet; } ldns_pkt * ldns_pkt_query_new(ldns_rdf *rr_name, ldns_rr_type rr_type, ldns_rr_class rr_class, uint16_t flags) { return ldns_pkt_query_new_internal(rr_name, rr_type, rr_class, flags, NULL); } ldns_pkt * ldns_pkt_ixfr_request_new(ldns_rdf *rr_name, ldns_rr_class rr_class, uint16_t flags, ldns_rr* soa) { ldns_rr* authsoa_rr = soa; if (!authsoa_rr) { authsoa_rr = ldns_pkt_authsoa(rr_name, rr_class); } return ldns_pkt_query_new_internal(rr_name, LDNS_RR_TYPE_IXFR, rr_class, flags, authsoa_rr); } ldns_pkt_type ldns_pkt_reply_type(const ldns_pkt *p) { ldns_rr_list *tmp; if (!p) { return LDNS_PACKET_UNKNOWN; } if (ldns_pkt_get_rcode(p) == LDNS_RCODE_NXDOMAIN) { return LDNS_PACKET_NXDOMAIN; } if (ldns_pkt_ancount(p) == 0 && ldns_pkt_arcount(p) == 0 && ldns_pkt_nscount(p) == 1) { /* check for SOA */ tmp = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_SOA, LDNS_SECTION_AUTHORITY); if (tmp) { ldns_rr_list_deep_free(tmp); return LDNS_PACKET_NODATA; } else { /* I have no idea ... */ } } if (ldns_pkt_ancount(p) == 0 && ldns_pkt_nscount(p) > 0) { tmp = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_NS, LDNS_SECTION_AUTHORITY); if (tmp) { /* there are nameservers here */ ldns_rr_list_deep_free(tmp); return LDNS_PACKET_REFERRAL; } else { /* I have no idea */ } ldns_rr_list_deep_free(tmp); } /* if we cannot determine the packet type, we say it's an * answer... */ return LDNS_PACKET_ANSWER; } ldns_pkt * ldns_pkt_clone(const ldns_pkt *pkt) { ldns_pkt *new_pkt; if (!pkt) { return NULL; } new_pkt = ldns_pkt_new(); ldns_pkt_set_id(new_pkt, ldns_pkt_id(pkt)); ldns_pkt_set_qr(new_pkt, ldns_pkt_qr(pkt)); ldns_pkt_set_aa(new_pkt, ldns_pkt_aa(pkt)); ldns_pkt_set_tc(new_pkt, ldns_pkt_tc(pkt)); ldns_pkt_set_rd(new_pkt, ldns_pkt_rd(pkt)); ldns_pkt_set_cd(new_pkt, ldns_pkt_cd(pkt)); ldns_pkt_set_ra(new_pkt, ldns_pkt_ra(pkt)); ldns_pkt_set_ad(new_pkt, ldns_pkt_ad(pkt)); ldns_pkt_set_opcode(new_pkt, ldns_pkt_get_opcode(pkt)); ldns_pkt_set_rcode(new_pkt, ldns_pkt_get_rcode(pkt)); ldns_pkt_set_qdcount(new_pkt, ldns_pkt_qdcount(pkt)); ldns_pkt_set_ancount(new_pkt, ldns_pkt_ancount(pkt)); ldns_pkt_set_nscount(new_pkt, ldns_pkt_nscount(pkt)); ldns_pkt_set_arcount(new_pkt, ldns_pkt_arcount(pkt)); if (ldns_pkt_answerfrom(pkt)) ldns_pkt_set_answerfrom(new_pkt, ldns_rdf_clone(ldns_pkt_answerfrom(pkt))); ldns_pkt_set_timestamp(new_pkt, ldns_pkt_timestamp(pkt)); ldns_pkt_set_querytime(new_pkt, ldns_pkt_querytime(pkt)); ldns_pkt_set_size(new_pkt, ldns_pkt_size(pkt)); ldns_pkt_set_tsig(new_pkt, ldns_rr_clone(ldns_pkt_tsig(pkt))); ldns_pkt_set_edns_udp_size(new_pkt, ldns_pkt_edns_udp_size(pkt)); ldns_pkt_set_edns_extended_rcode(new_pkt, ldns_pkt_edns_extended_rcode(pkt)); ldns_pkt_set_edns_version(new_pkt, ldns_pkt_edns_version(pkt)); new_pkt->_edns_present = pkt->_edns_present; ldns_pkt_set_edns_z(new_pkt, ldns_pkt_edns_z(pkt)); if(ldns_pkt_edns_data(pkt)) ldns_pkt_set_edns_data(new_pkt, ldns_rdf_clone(ldns_pkt_edns_data(pkt))); ldns_pkt_set_edns_do(new_pkt, ldns_pkt_edns_do(pkt)); ldns_pkt_set_edns_co(new_pkt, ldns_pkt_edns_co(pkt)); if (pkt->_edns_list) ldns_pkt_set_edns_option_list(new_pkt, ldns_edns_option_list_clone(pkt->_edns_list)); ldns_rr_list_deep_free(new_pkt->_question); ldns_rr_list_deep_free(new_pkt->_answer); ldns_rr_list_deep_free(new_pkt->_authority); ldns_rr_list_deep_free(new_pkt->_additional); new_pkt->_question = ldns_rr_list_clone(ldns_pkt_question(pkt)); new_pkt->_answer = ldns_rr_list_clone(ldns_pkt_answer(pkt)); new_pkt->_authority = ldns_rr_list_clone(ldns_pkt_authority(pkt)); new_pkt->_additional = ldns_rr_list_clone(ldns_pkt_additional(pkt)); return new_pkt; } ldns-1.9.0/examples/0000775000175000017500000000000015114326277013655 5ustar willemwillemldns-1.9.0/examples/ldns-update.c0000664000175000017500000002323715114326257016246 0ustar willemwillem/* $Id: ldns-update.c,v 1.1 2005/09/13 09:37:05 ho Exp $ */ /* * Example of the update functionality * * See the file LICENSE for the license */ #include "config.h" #include #include /* dynamic update stuff */ static ldns_resolver * ldns_update_resolver_new(const char *fqdn, const char *zone, ldns_rr_class class, uint16_t port, ldns_tsig_credentials *tsig_cred, ldns_rdf **zone_rdf) { ldns_resolver *r1, *r2; ldns_pkt *query = NULL, *resp = NULL; ldns_rr_list *nslist, *iplist; ldns_rdf *soa_zone, *soa_mname = NULL, *ns_name; size_t i; ldns_status s; if (class == 0) { class = LDNS_RR_CLASS_IN; } if (port == 0) { port = LDNS_PORT; } /* First, get data from /etc/resolv.conf */ s = ldns_resolver_new_frm_file(&r1, NULL); if (s != LDNS_STATUS_OK) { return NULL; } r2 = ldns_resolver_new(); if (!r2) { goto bad; } ldns_resolver_set_port(r2, port); /* TSIG key data available? Copy into the resolver. */ if (tsig_cred) { ldns_resolver_set_tsig_algorithm(r2, ldns_tsig_algorithm(tsig_cred)); ldns_resolver_set_tsig_keyname(r2, ldns_tsig_keyname(tsig_cred)); ldns_resolver_set_tsig_keydata(r2, ldns_tsig_keydata(tsig_cred)); } /* Now get SOA zone, mname, NS, and construct r2. [RFC2136 4.3] */ /* Explicit 'zone' or no? */ if (zone) { soa_zone = ldns_dname_new_frm_str(zone); if (ldns_update_soa_mname(soa_zone, r1, class, &soa_mname) != LDNS_STATUS_OK) { goto bad; } } else { if (ldns_update_soa_zone_mname(fqdn, r1, class, &soa_zone, &soa_mname) != LDNS_STATUS_OK) { goto bad; } } /* Pass zone_rdf on upwards. */ *zone_rdf = ldns_rdf_clone(soa_zone); /* NS */ query = ldns_pkt_query_new(soa_zone, LDNS_RR_TYPE_NS, class, LDNS_RD); if (!query) { goto bad; } soa_zone = NULL; ldns_pkt_set_random_id(query); if (ldns_resolver_send_pkt(&resp, r1, query) != LDNS_STATUS_OK) { dprintf("%s", "NS query failed!\n"); goto bad; } ldns_pkt_free(query); if (!resp) { goto bad; } /* Match SOA MNAME to NS list, adding it first */ nslist = ldns_pkt_answer(resp); for (i = 0; i < ldns_rr_list_rr_count(nslist); i++) { ns_name = ldns_rr_rdf(ldns_rr_list_rr(nslist, i), 0); if (!ns_name) continue; if (ldns_rdf_compare(soa_mname, ns_name) == 0) { /* Match */ iplist = ldns_get_rr_list_addr_by_name(r1, ns_name, class, 0); (void) ldns_resolver_push_nameserver_rr_list(r2, iplist); ldns_rr_list_deep_free(iplist); break; } } /* Then all the other NSs. XXX Randomize? */ for (i = 0; i < ldns_rr_list_rr_count(nslist); i++) { ns_name = ldns_rr_rdf(ldns_rr_list_rr(nslist, i), 0); if (!ns_name) continue; if (ldns_rdf_compare(soa_mname, ns_name) != 0) { /* No match, add it now. */ iplist = ldns_get_rr_list_addr_by_name(r1, ns_name, class, 0); (void) ldns_resolver_push_nameserver_rr_list(r2, iplist); ldns_rr_list_deep_free(iplist); } } ldns_resolver_set_random(r2, false); ldns_pkt_free(resp); ldns_resolver_deep_free(r1); if (soa_mname) ldns_rdf_deep_free(soa_mname); return r2; bad: if (r1) ldns_resolver_deep_free(r1); if (r2) ldns_resolver_deep_free(r2); if (query) ldns_pkt_free(query); if (resp) ldns_pkt_free(resp); if (soa_mname) ldns_rdf_deep_free(soa_mname); return NULL; } static ldns_status ldns_update_send_simple_addr(const char *fqdn, const char *zone, const char *ipaddr, uint16_t p, uint32_t ttl, ldns_tsig_credentials *tsig_cred) { ldns_resolver *res; ldns_pkt *u_pkt = NULL, *r_pkt; ldns_rr_list *up_rrlist; ldns_rr *up_rr; ldns_rdf *zone_rdf = NULL; char *rrstr; uint32_t rrstrlen, status = LDNS_STATUS_OK; if (!fqdn || strlen(fqdn) == 0) return LDNS_STATUS_ERR; /* Create resolver */ res = ldns_update_resolver_new(fqdn, zone, 0, p, tsig_cred, &zone_rdf); if (!res || !zone_rdf) { goto cleanup; } /* Set up the update section. */ up_rrlist = ldns_rr_list_new(); if (!up_rrlist) { goto cleanup; } /* Create input for ldns_rr_new_frm_str() */ if (ipaddr) { /* We're adding A or AAAA */ rrstrlen = strlen(fqdn) + sizeof (" IN AAAA ") + strlen(ipaddr) + 1; rrstr = (char *)malloc(rrstrlen); if (!rrstr) { ldns_rr_list_deep_free(up_rrlist); goto cleanup; } snprintf(rrstr, rrstrlen, "%s IN %s %s", fqdn, strchr(ipaddr, ':') ? "AAAA" : "A", ipaddr); if (ldns_rr_new_frm_str(&up_rr, rrstr, ttl, NULL, NULL) != LDNS_STATUS_OK) { ldns_rr_list_deep_free(up_rrlist); free(rrstr); goto cleanup; } free(rrstr); ldns_rr_list_push_rr(up_rrlist, up_rr); } else { /* We're removing A and/or AAAA from 'fqdn'. [RFC2136 2.5.2] */ up_rr = ldns_rr_new(); ldns_rr_set_owner(up_rr, ldns_dname_new_frm_str(fqdn)); ldns_rr_set_ttl(up_rr, 0); ldns_rr_set_class(up_rr, LDNS_RR_CLASS_ANY); ldns_rr_set_type(up_rr, LDNS_RR_TYPE_A); ldns_rr_list_push_rr(up_rrlist, ldns_rr_clone(up_rr)); ldns_rr_set_type(up_rr, LDNS_RR_TYPE_AAAA); ldns_rr_list_push_rr(up_rrlist, up_rr); } /* Create update packet. */ u_pkt = ldns_update_pkt_new(zone_rdf, LDNS_RR_CLASS_IN, NULL, up_rrlist, NULL); zone_rdf = NULL; if (!u_pkt) { ldns_rr_list_deep_free(up_rrlist); goto cleanup; } ldns_pkt_set_random_id(u_pkt); /* Add TSIG */ if (tsig_cred) if (ldns_update_pkt_tsig_add(u_pkt, res) != LDNS_STATUS_OK) { goto cleanup; } if (ldns_resolver_send_pkt(&r_pkt, res, u_pkt) != LDNS_STATUS_OK) { goto cleanup; } ldns_pkt_free(u_pkt); if (!r_pkt) { goto cleanup; } if (ldns_pkt_get_rcode(r_pkt) != LDNS_RCODE_NOERROR) { ldns_lookup_table *t = ldns_lookup_by_id(ldns_rcodes, (int)ldns_pkt_get_rcode(r_pkt)); if (t) { dprintf(";; UPDATE response was %s\n", t->name); } else { dprintf(";; UPDATE response was (%d)\n", ldns_pkt_get_rcode(r_pkt)); } status = LDNS_STATUS_ERR; } ldns_pkt_free(r_pkt); ldns_resolver_deep_free(res); return status; cleanup: if (res) ldns_resolver_deep_free(res); if (u_pkt) ldns_pkt_free(u_pkt); if (zone_rdf) ldns_rdf_deep_free(zone_rdf); return LDNS_STATUS_ERR; } static void usage(FILE *fp, char *prog) { fprintf(fp, "%s domain [zone] ip tsig_name tsig_alg tsig_hmac\n", prog); fprintf(fp, " send a dynamic update packet to \n\n"); fprintf(fp, " Use 'none' instead of ip to remove any previous address\n"); fprintf(fp, " If 'zone' is not specified, try to figure it out from the zone's SOA\n"); fprintf(fp, " Example: %s my.example.org 1.2.3.4\n", prog); } int main(int argc, char **argv) { char *fqdn, *ipaddr, *zone, *prog; ldns_status ret; ldns_tsig_credentials tsig_cr, *tsig_cred; int c = 2; uint32_t defttl = 300; uint32_t port = 53; prog = strdup(argv[0]); switch (argc) { case 3: case 4: case 6: case 7: break; default: usage(stderr, prog); exit(EXIT_FAILURE); } fqdn = argv[1]; c = 2; if (argc == 4 || argc == 7) { zone = argv[c++]; } else { zone = NULL; } if (strcmp(argv[c], "none") == 0) { ipaddr = NULL; } else { ipaddr = argv[c]; } c++; if (argc == 6 || argc == 7) { tsig_cr.keyname = argv[c++]; if (strncasecmp(argv[c], "hmac-sha1", 9) == 0) { tsig_cr.algorithm = (char*)"hmac-sha1."; } else if (strncasecmp(argv[c], "hmac-md5", 8) == 0) { tsig_cr.algorithm = (char*)"hmac-md5.sig-alg.reg.int."; } else { fprintf(stderr, "Unknown algorithm, try \"hmac-md5\" " "or \"hmac-sha1\".\n"); exit(EXIT_FAILURE); } tsig_cr.keydata = argv[++c]; tsig_cred = &tsig_cr; } else { tsig_cred = NULL; } printf(";; trying UPDATE with FQDN \"%s\" and IP \"%s\"\n", fqdn, ipaddr ? ipaddr : ""); if (argc == 6 || argc == 7) { printf(";; tsig: \"%s\" \"%s\" \"%s\"\n", tsig_cr.keyname, tsig_cr.algorithm, tsig_cr.keydata); } ret = ldns_update_send_simple_addr(fqdn, zone, ipaddr, port, defttl, tsig_cred); exit(ret); } ldns-1.9.0/examples/ldns-revoke.10000664000175000017500000000124115114326257016164 0ustar willemwillem.TH ldns-revoke 1 "23 Jul 2008" .SH NAME ldns-revoke \- sets the revoke bit of a DNSKEY .SH SYNOPSIS .B ldns-revoke .IR file .SH DESCRIPTION \fBldns-revoke\fR is used to revoke a public DNSKEY RR. When run it will read \fIfile\fR with a DNSKEY RR in it, sets the revoke bit and write back the output to \fIfile\fR . .SH OPTIONS .TP \fB-n\fR Write the result to stdout instead of a file .SH AUTHOR Written by the ldns team as an example for ldns usage. .SH REPORTING BUGS Report bugs to . .SH COPYRIGHT Copyright (C) 2008 NLnet Labs. This is free software. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. ldns-1.9.0/examples/ldnsd.10000664000175000017500000000115015114326257015036 0ustar willemwillem.TH ldnsd 1 "27 Apr 2005" .SH NAME ldnsd \- simple daemon example code .SH SYNOPSIS .B ldnsd .IR port .IR zone .IR zonefile .SH DESCRIPTION \fBldnsd\fR is a simple daemon that answers queries for a zone. This is NOT a full-fledged authoritative nameserver! .SH OPTIONS \fBldnsd\fR takes a port, zone and zonefile as arguments. .SH AUTHOR Written by the ldns team as an example for ldns usage. .SH REPORTING BUGS Report bugs to . .SH COPYRIGHT Copyright (C) 2005 NLnet Labs. This is free software. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. ldns-1.9.0/examples/ldns-notify.c0000664000175000017500000002452515114326257016275 0ustar willemwillem/* * ldns-notify.c - ldns-notify(8) * * Copyright (c) 2001-2008, NLnet Labs, All right reserved * * See LICENSE for the license * * send a notify packet to a server */ #include "config.h" /* ldns */ #include #ifdef HAVE_NETDB_H #include #endif #include static int verbose = 1; static int max_num_retry = 15; /* times to try */ static void usage(void) { fprintf(stderr, "usage: ldns-notify [other options] -z zone \n"); fprintf(stderr, "Ldns notify utility\n\n"); fprintf(stderr, " Supported options:\n"); fprintf(stderr, "\t-z zone\t\tThe zone\n"); fprintf(stderr, "\t-I
\tsource address to query from\n"); fprintf(stderr, "\t-s version\tSOA version number to include\n"); fprintf(stderr, "\t-y \tspecify named base64 tsig key" ", and optional an\n\t\t\t" "algorithm (defaults to hmac-md5.sig-alg.reg.int)\n"); fprintf(stderr, "\t-p port\t\tport to use to send to\n"); fprintf(stderr, "\t-v\t\tPrint version information\n"); fprintf(stderr, "\t-d\t\tPrint verbose debug information\n"); fprintf(stderr, "\t-r num\t\tmax number of retries (%d)\n", max_num_retry); fprintf(stderr, "\t-h\t\tPrint this help information\n\n"); fprintf(stderr, "Report bugs to \n"); exit(1); } static void version(void) { fprintf(stderr, "%s version %s\n", PACKAGE_NAME, PACKAGE_VERSION); fprintf(stderr, "Written by NLnet Labs.\n\n"); fprintf(stderr, "Copyright (C) 2001-2008 NLnet Labs. This is free software.\n" "There is NO warranty; not even for MERCHANTABILITY or FITNESS\n" "FOR A PARTICULAR PURPOSE.\n"); exit(0); } static void notify_host(int s, struct addrinfo* res, uint8_t* wire, size_t wiresize, const char* addrstr) { int timeout_retry = 5; /* seconds */ int num_retry = max_num_retry; #ifndef S_SPLINT_S fd_set rfds; #endif struct timeval tv; int retval = 0; ssize_t received = 0; int got_ack = 0; socklen_t addrlen = 0; uint8_t replybuf[2048]; ldns_status status; ldns_pkt* pkt = NULL; while(!got_ack) { /* send it */ if(sendto(s, (void*)wire, wiresize, 0, res->ai_addr, res->ai_addrlen) == -1) { printf("warning: send to %s failed: %s\n", addrstr, strerror(errno)); #ifndef USE_WINSOCK close(s); #else closesocket(s); #endif return; } /* wait for ACK packet */ #ifndef S_SPLINT_S FD_ZERO(&rfds); FD_SET(s, &rfds); tv.tv_sec = timeout_retry; /* seconds */ #endif tv.tv_usec = 0; /* microseconds */ retval = select(s + 1, &rfds, NULL, NULL, &tv); if (retval == -1) { printf("error waiting for reply from %s: %s\n", addrstr, strerror(errno)); #ifndef USE_WINSOCK close(s); #else closesocket(s); #endif return; } if(retval == 0) { num_retry--; if(num_retry == 0) { printf("error: failed to send notify to %s.\n", addrstr); exit(1); } printf("timeout (%d s) expired, retry notify to %s.\n", timeout_retry, addrstr); } if (retval == 1) { got_ack = 1; } } /* got reply */ addrlen = res->ai_addrlen; received = recvfrom(s, (void*)replybuf, sizeof(replybuf), 0, res->ai_addr, &addrlen); res->ai_addrlen = addrlen; #ifndef USE_WINSOCK close(s); #else closesocket(s); #endif if (received == -1) { printf("recv %s failed: %s\n", addrstr, strerror(errno)); return; } /* check reply */ status = ldns_wire2pkt(&pkt, replybuf, (size_t)received); if(status != LDNS_STATUS_OK) { ssize_t i; printf("Could not parse reply packet: %s\n", ldns_get_errorstr_by_id(status)); if (verbose > 1) { printf("hexdump of reply: "); for(i=0; i 1) { printf("hexdump of reply: "); for(i=0; i %s\n", optarg); exit(1); } tsig_name = optarg; *tsig_sep++ = '\0'; tsig_data = tsig_sep; if ((tsig_sep = strchr(tsig_sep, ':'))) { *tsig_sep++ = '\0'; tsig_algo = tsig_sep; } else { tsig_algo = "hmac-md5.sig-alg.reg.int."; } /* With dig TSIG keys are also specified with -y, * but format with drill is: -y * and with dig: -y [hmac:]name:key * * When we detect an unknown tsig algorithm in algo, * but a known algorithm in name, we cane assume dig * order was used. * * Following if statement is to anticipate and correct * dig order */ if (strcasecmp(tsig_algo, "hmac-md5.sig-alg.reg.int")&& strcasecmp(tsig_algo, "hmac-md5") && strcasecmp(tsig_algo, "hmac-sha1") && strcasecmp(tsig_algo, "hmac-sha256") && strcasecmp(tsig_algo, "hmac-sha384") && strcasecmp(tsig_algo, "hmac-sha512") && ! (strcasecmp(tsig_name, "hmac-md5.sig-alg.reg.int") && strcasecmp(tsig_name, "hmac-md5") && strcasecmp(tsig_name, "hmac-sha1") && strcasecmp(tsig_name, "hmac-sha256") && strcasecmp(tsig_name, "hmac-sha384") && strcasecmp(tsig_name, "hmac-sha512"))) { /* Roll options */ const char *tmp_tsig_algo = tsig_name; tsig_name = tsig_data; tsig_data = tsig_algo; tsig_algo = tmp_tsig_algo; } printf("Sign with name: %s, data: %s, algorithm: %s\n" , tsig_name, tsig_data, tsig_algo); break; case 'z': zone_name = optarg; ldns_zone_name = ldns_dname_new_frm_str(zone_name); if(!ldns_zone_name) { printf("cannot parse zone name: %s\n", zone_name); exit(1); } break; case 'I': memset(&from_hints, 0, sizeof(from_hints)); from_hints.ai_family = AF_UNSPEC; from_hints.ai_socktype = SOCK_DGRAM; from_hints.ai_protocol = IPPROTO_UDP; from_hints.ai_flags = AI_NUMERICHOST; error = getaddrinfo(optarg, 0, &from_hints, &from0); if (error) { printf("bad address: %s: %s\n", optarg, gai_strerror(error)); exit(EXIT_FAILURE); } break; case 'v': version(); /* fallthrough */ case 'h': case '?': default: usage(); } } argc -= optind; argv += optind; if (argc == 0 || zone_name == NULL) { usage(); } notify = ldns_pkt_new(); question = ldns_rr_new(); if (!notify || !question) { /* bail out */ printf("error: cannot create ldns types\n"); exit(1); } /* create the rr for inside the pkt */ ldns_rr_set_class(question, LDNS_RR_CLASS_IN); ldns_rr_set_owner(question, ldns_zone_name); ldns_rr_set_type(question, LDNS_RR_TYPE_SOA); ldns_rr_set_question(question, true); ldns_pkt_set_opcode(notify, LDNS_PACKET_NOTIFY); ldns_pkt_push_rr(notify, LDNS_SECTION_QUESTION, question); ldns_pkt_set_aa(notify, true); ldns_pkt_set_random_id(notify); if(include_soa) { char buf[10240]; ldns_rr *soa_rr=NULL; ldns_rdf *prev=NULL; snprintf(buf, sizeof(buf), "%s 3600 IN SOA . . %u 0 0 0 0", zone_name, (unsigned)soa_version); /*printf("Adding soa %s\n", buf);*/ status = ldns_rr_new_frm_str(&soa_rr, buf, 3600, NULL, &prev); if(status != LDNS_STATUS_OK) { printf("Error adding SOA version: %s\n", ldns_get_errorstr_by_id(status)); } ldns_pkt_push_rr(notify, LDNS_SECTION_ANSWER, soa_rr); } if(tsig_name && tsig_data) { #ifdef HAVE_SSL status = ldns_pkt_tsig_sign(notify, tsig_name, tsig_data, 300, tsig_algo, NULL); if(status != LDNS_STATUS_OK) { printf("Error TSIG sign query: %s\n", ldns_get_errorstr_by_id(status)); } #else fprintf(stderr, "Warning: TSIG needs OpenSSL support, which has not been compiled in, TSIG skipped\n"); #endif } if(verbose) { printf("# Sending packet:\n"); ldns_pkt_print(stdout, notify); } status = ldns_pkt2wire(&wire, notify, &wiresize); if (status) { printf("Error converting notify packet to hex: %s\n", ldns_get_errorstr_by_id(status)); } else if(wiresize == 0) { printf("Error converting notify packet to hex.\n"); exit(1); } if(do_hexdump && verbose > 1) { printf("Hexdump of notify packet:\n"); for(i=0; i<(int)wiresize; i++) printf("%02x", (unsigned)wire[i]); printf("\n"); } for(i=0; iai_next) { int s; if (from0 && ai_res->ai_family != from0->ai_family) continue; s = socket(ai_res->ai_family, ai_res->ai_socktype, ai_res->ai_protocol); if(s == -1) continue; if (from0 && bind(s, from0->ai_addr, from0->ai_addrlen)) { perror("Could not bind to source IP"); exit(EXIT_FAILURE); } /* send the notify */ notify_host(s, ai_res, wire, wiresize, argv[i]); } freeaddrinfo(res0); } ldns_pkt_free(notify); free(wire); return 0; } ldns-1.9.0/examples/ldns-dpa.10000664000175000017500000000756015114326257015447 0ustar willemwillem.TH dpa 1 "1 Nov 2005" .SH NAME dpa \- DNS Packet Analyzer. Analyze DNS packets in ip trace files .SH SYNOPSIS .B dpa [ .IR OPTION ] .IR TRACEFILE .SH DESCRIPTION \fBdpa\fR is used to analyze dns packets in trace files. It has 3 main options: count, filter, and count uniques (i.e. count all different occurrences). .SH OPTIONS .TP \fB-c\fR \fIexpressionlist\fR Count occurrences of matching expressions .TP \fB-f\fR \fIexpression\fR Filter: only process packets that match the expression .TP \fB-h\fR Show usage .TP \fB-p\fR Show the total number of correct DNS packets, and percentage of \-u and \-c values (of the total of matching on the \-f filter. if no filter is given, percentages are on all correct dns packets) .TP \fB-of\fR \fIfile\fR Write all packets that match the \-f flag to file, as pcap data. .TP \fB-ofh\fR \fIfile\fR Write all packets that match the \-f flag to file, in hexadecimal format, readable by drill. .TP \fB-s\fR Show possible match names .TP \fB-s\fR \fImatchname\fR show possible match operators and values for name .TP \fB-sf\fR Only evaluate packets (in representation format) that match the \-f filter. If no \-f was given, evaluate all correct dns packets. .TP \fB-u\fR \fImatchnamelist\fR Count every occurrence of every value of the matchname (for instance, count all packetsizes, see EXAMPLES in ldns-dpa(1) ). .TP \fB-ua\fR For every matchname in \-u, show the average value of all matches. Behaviour for match types that do not have an integer value is undefined. .TP \fB-uac\fR For every matchname in \-u, show the average number of times this value was encountered. .TP \fB-um\fR \fInumber\fR Only show the results from \-u for values that occurred more than times. .TP \fB-v\fR \fIlevel\fR Set verbosity to level (1-5, 5 being the highest). Mostly used for debugging. .TP \fB-notip\fR \fIfile\fR Write packets that were not recognized as IP packets to file (as pcap data). .TP \fB-baddns\fR \fIfile\fR Write dns packets that were too mangled to parse to file (as pcap data). .TP \fB-version\fR Show version and exit .SH LIST AND MATCHES A is a comma separated list of match names (use \-s to see possible match names). A is a comma separated list of expressions. An expression has the following form: : () | & : : = equal to != not equal to > greater than < lesser than >= greater than or equal to <= lesser than or equal to ~= contains See the \-s option for possible matchnames, operators and values. .SH EXAMPLES .TP ldns-dpa \-u packetsize \-p test.tr Count all different packetsizes in test.tr and show the percentages. .TP ldns-dpa \-f "edns=1&qr=0" \-of edns.tr test.tr Filter out all edns enable queries in test.tr and put them in edns.tr .TP ldns-dpa \-f edns=1 \-c tc=1 \-u rcode test.tr For all edns packets, count the number of truncated packets and all their rcodes in test.tr. .TP ldns-dpa \-c tc=1,qr=0,qr=1,opcode=QUERY test.tr For all packets, count the number of truncated packets, the number of packets with qr=0, the number of packets with qr=1 and the number of queries in test.tr. .TP ldns-dpa \-u packetsize \-ua test.tr Show all packet sizes and the average packet size per packet. .TP ldns-dpa \-u srcaddress \-uac test.tr Show all packet source addresses and the average number of packets sent from this address. .TP sudo tcpdump \-i eth0 \-s 0 \-U \-w \- port 53 | ldns-dpa \-f qr=0 \-sf Print all query packets seen on the specified interface. .SH AUTHOR Written by Jelte Jansen for NLnetLabs. .SH REPORTING BUGS Report bugs to . .SH COPYRIGHT Copyright (C) 2005 NLnet Labs. This is free software. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. ldns-1.9.0/examples/ldns-version.c0000664000175000017500000000035215114326257016442 0ustar willemwillem/* * ldns-version shows ldns's version * * (c) NLnet Labs, 2005 - 2008 * See the file LICENSE for the license */ #include "config.h" #include int main(void) { printf("%s\n", ldns_version()); return 0; } ldns-1.9.0/examples/ldns-test-edns.c0000664000175000017500000001454515114326257016674 0ustar willemwillem/* * ldns-test-edns tries to get DNSKEY and RRSIG from an IP address. * This can be used to test if a DNS cache supports DNSSEC (caching RRSIGs), * i.e. for automatic configuration utilities or when you get a new DNS cache * from DHCP and wonder if your local validator could use that as a cache. * * (c) NLnet Labs 2010 * See the file LICENSE for the license */ #include "config.h" #include "errno.h" #include /** print error details */ static int verb = 1; static struct sockaddr_in6* cast_sockaddr_storage2sockaddr_in6( struct sockaddr_storage* s) { return (struct sockaddr_in6*)s; } static struct sockaddr_in* cast_sockaddr_storage2sockaddr_in( struct sockaddr_storage* s) { return (struct sockaddr_in*)s; } /** parse IP address */ static int convert_addr(char* str, int p, struct sockaddr_storage* addr, socklen_t* len) { #ifdef AF_INET6 if(strchr(str, ':')) { *len = (socklen_t)sizeof(struct sockaddr_in6); cast_sockaddr_storage2sockaddr_in6(addr)->sin6_family = AF_INET6; cast_sockaddr_storage2sockaddr_in6(addr)->sin6_port = htons((uint16_t)p); if(inet_pton(AF_INET6, str, &((struct sockaddr_in6*)addr)->sin6_addr) == 1) return 1; } else { #endif *len = (socklen_t)sizeof(struct sockaddr_in); #ifndef S_SPLINT_S cast_sockaddr_storage2sockaddr_in(addr)->sin_family = AF_INET; #endif cast_sockaddr_storage2sockaddr_in(addr)->sin_port = htons((uint16_t)p); if(inet_pton(AF_INET, str, &((struct sockaddr_in*)addr)->sin_addr) == 1) return 1; #ifdef AF_INET6 } #endif if(verb) printf("error: cannot parse IP address %s\n", str); return 0; } /** create a query to test */ static ldns_buffer* make_query(const char* nm, int tp) { /* with EDNS DO and CDFLAG */ ldns_buffer* b = ldns_buffer_new(512); ldns_pkt* p; ldns_status s; if(!b) { if(verb) printf("error: out of memory\n"); return NULL; } s = ldns_pkt_query_new_frm_str(&p, nm, tp, LDNS_RR_CLASS_IN, (uint16_t)(LDNS_RD|LDNS_CD)); if(s != LDNS_STATUS_OK) { if(verb) printf("error: %s\n", ldns_get_errorstr_by_id(s)); ldns_buffer_free(b); return NULL; } if(!p) { if(verb) printf("error: out of memory\n"); ldns_buffer_free(b); return NULL; } ldns_pkt_set_edns_do(p, 1); ldns_pkt_set_edns_udp_size(p, 4096); ldns_pkt_set_id(p, ldns_get_random()); if( (s=ldns_pkt2buffer_wire(b, p)) != LDNS_STATUS_OK) { if(verb) printf("error: %s\n", ldns_get_errorstr_by_id(s)); ldns_pkt_free(p); ldns_buffer_free(b); return NULL; } ldns_pkt_free(p); return b; } /** try 3 times to get an EDNS reply from the server, exponential backoff */ static int get_packet(struct sockaddr_storage* addr, socklen_t len, const char* nm, int tp, uint8_t **wire, size_t* wlen) { struct timeval t; ldns_buffer* qbin; ldns_status s; int tries = 0; memset(&t, 0, sizeof(t)); t.tv_usec = 100 * 1000; /* 100 milliseconds (then 200, 400, 800) */ qbin = make_query(nm, tp); if(!qbin) return 0; while(tries < 4) { tries ++; s = ldns_udp_send(wire, qbin, addr, len, t, wlen); if(s != LDNS_STATUS_NETWORK_ERR) { break; } t.tv_usec *= 2; if(t.tv_usec > 1000*1000) { t.tv_usec -= 1000*1000; t.tv_sec += 1; } } ldns_buffer_free(qbin); if(tries == 4) { if(verb) printf("timeout\n"); return 0; } if(s != LDNS_STATUS_OK) { if(verb) printf("error: %s\n", ldns_get_errorstr_by_id(s)); return 0; } return 1; } /** test if type is present in returned packet */ static int check_type_in_answer(ldns_pkt* p, int t) { ldns_rr_list *l = ldns_pkt_rr_list_by_type(p, t, LDNS_SECTION_ANSWER); if(!l) { char* s = ldns_rr_type2str(t); if(verb) printf("no DNSSEC %s\n", s?s:"(out of memory)"); LDNS_FREE(s); return 0; } ldns_rr_list_deep_free(l); return 1; } /** check the packet and make sure that EDNS and DO and the type and RRSIG */ static int check_packet(uint8_t* wire, size_t len, int tp) { ldns_pkt *p = NULL; ldns_status s; if( (s=ldns_wire2pkt(&p, wire, len)) != LDNS_STATUS_OK) { if(verb) printf("error: %s\n", ldns_get_errorstr_by_id(s)); goto failed; } if(!p) { if(verb) printf("error: out of memory\n"); goto failed; } /* does DNS work? */ if(ldns_pkt_get_rcode(p) != LDNS_RCODE_NOERROR) { char* r = ldns_pkt_rcode2str(ldns_pkt_get_rcode(p)); if(verb) printf("no answer, %s\n", r?r:"(out of memory)"); LDNS_FREE(r); goto failed; } /* test EDNS0 presence, of OPT record */ /* LDNS forgets during pkt parse, but we test the ARCOUNT; * 0 additional means no EDNS(on the wire), and after parsing the * same additional RRs as before means no EDNS OPT */ if(LDNS_ARCOUNT(wire) == 0 || ldns_pkt_arcount(p) == LDNS_ARCOUNT(wire)) { if(verb) printf("no EDNS\n"); goto failed; } /* test if the type, RRSIG present */ if(!check_type_in_answer(p, tp) || !check_type_in_answer(p, LDNS_RR_TYPE_RRSIG)) { goto failed; } LDNS_FREE(wire); ldns_pkt_free(p); return 1; failed: LDNS_FREE(wire); ldns_pkt_free(p); return 0; } /** check EDNS at this IP and port */ static int check_edns_ip(char* ip, int port, int info) { struct sockaddr_storage addr; socklen_t len = 0; uint8_t* wire; size_t wlen; memset(&addr, 0, sizeof(addr)); if(verb) printf("%s ", ip); if(!convert_addr(ip, port, &addr, &len)) return 2; /* try to send 3 times to the IP address, test root key */ if(!get_packet(&addr, len, ".", LDNS_RR_TYPE_DNSKEY, &wire, &wlen)) return 2; if(!check_packet(wire, wlen, LDNS_RR_TYPE_DNSKEY)) return 1; /* check support for caching type DS for chains of trust */ if(!get_packet(&addr, len, "se.", LDNS_RR_TYPE_DS, &wire, &wlen)) return 2; if(!check_packet(wire, wlen, LDNS_RR_TYPE_DS)) return 1; if(verb) printf("OK\n"); if(info) printf(" %s", ip); return 0; } int main(int argc, char **argv) { int i, r=0, info=0, ok=0; #ifdef USE_WINSOCK WSADATA wsa_data; if(WSAStartup(MAKEWORD(2,2), &wsa_data) != 0) { printf("WSAStartup failed\n"); exit(1); } #endif if (argc < 2 || strncmp(argv[1], "-h", 3) == 0) { printf("Usage: ldns-test-edns [-i] {ip address}\n"); printf("Tests if the DNS cache at IP address supports EDNS.\n"); printf("if it works, print IP address OK.\n"); printf("-i: print IPs that are OK or print 'off'.\n"); printf("exit value, last IP is 0:OK, 1:fail, 2:net error.\n"); exit(1); } if(strcmp(argv[1], "-i") == 0) { info = 1; verb = 0; } for(i=1+info; i #include #include #include #define NUM_DS 4 /* maximum of 4 DS records per delegation */ #define ALGO 8 /* Algorithm to use for fake DS records - RSASHA256 - RFC5702 */ #define DIGESTTYPE 2 /* Digest type to use for fake DS records - SHA-256 - RFC 4509 */ /** * Usage function. * */ static void usage(FILE *fp, char *prog) { fprintf(fp, "\n\nUsage: %s [-hsv] [-ap NUM] [-o ORIGIN] []\n", prog); fprintf(fp, "\tReads a zonefile and add some artificial NS RRsets and DS records.\n"); fprintf(fp, "\tIf no zonefile is given, the zone is read from stdin.\n"); fprintf(fp, "\t-a add NUM artificial delegations (NS RRSets) to output.\n"); fprintf(fp, "\t-p add NUM percent of DS RRset's to the NS RRsets (1-%d RR's per DS RRset).\n", NUM_DS); fprintf(fp, "\t-o ORIGIN sets an $ORIGIN, which can be handy if the one in the zonefile is set to @.\n"); fprintf(fp, "\t-s if input zone file is already sorted and canonicalized (ie all lowercase),\n\t use this option to speed things up while inserting DS records.\n"); fprintf(fp, "\t-h show this text.\n"); fprintf(fp, "\t-v shows the version and exits.\n"); fprintf(fp, "\nif no file is given standard input is read.\n\n"); } /** * Insert the DS records, return the amount added. * */ static int insert_ds(ldns_rdf *dsowner, uint32_t ttl) { int d, dsrand; int keytag = 0; char *dsownerstr; char digeststr[70]; /** * Average the amount of DS records per delegation a little. */ dsrand = 1+rand() % NUM_DS; for(d = 0; d < dsrand; d++) { keytag = 1+rand() % 65535; /** * Dynamic hashes method below is still too slow... 20% slower than a fixed string... * * We assume RAND_MAX is 32 bit, http://www.gnu.org/s/libc/manual/html_node/ISO-Random.html * 2147483647 or 0x7FFFFFFF */ snprintf(digeststr, 65, "%08x%08x%08x%08x%08x%08x%08x%08x", (unsigned) rand()%RAND_MAX, (unsigned) rand()%RAND_MAX, (unsigned) rand()%RAND_MAX, (unsigned) rand()%RAND_MAX, (unsigned) rand()%RAND_MAX, (unsigned) rand()%RAND_MAX, (unsigned) rand()%RAND_MAX, (unsigned) rand()%RAND_MAX); dsownerstr = ldns_rdf2str(dsowner); fprintf(stdout, "%s\t%u\tIN\tDS\t%d %d %d %s\n", dsownerstr, (unsigned) ttl, keytag, ALGO, DIGESTTYPE, digeststr); } return dsrand; } int main(int argc, char **argv) { char *filename, *rrstr, *ownerstr; const char *classtypestr1 = "IN NS ns1.example.com."; const char *classtypestr2 = "IN NS ns2.example.com."; const size_t classtypelen = strlen(classtypestr1); /* Simply because this was developed by SIDN and we don't use xn-- for .nl :-) */ const char *punystr = "xn--fake-rr"; const size_t punylen = strlen(punystr); size_t rrstrlen, ownerlen; FILE *fp; int c, nsrand; uint32_t ttl; int counta,countd,countr; ldns_zone *z; ldns_rdf *origin = NULL; int line_nr = 0; int addrrs = 0; int dsperc = 0; bool canonicalize = true; bool sort = true; bool do_ds = false; ldns_status s; size_t i; ldns_rr_list *rrset_list; ldns_rdf *owner; ldns_rr_type cur_rr_type; ldns_rr *cur_rr; ldns_status status; counta = countd = countr = 0; /** * Set some random seed. */ srand((unsigned int)time(NULL)); /** * Commandline options. */ while ((c = getopt(argc, argv, "a:p:shvo:")) != -1) { switch (c) { case 'a': addrrs = atoi(optarg); if (addrrs <= 0) { fprintf(stderr, "error\n"); exit(EXIT_FAILURE); } break; case 'o': origin = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, optarg); if (!origin) { fprintf(stderr, "error: creating origin from -o %s failed.\n", optarg); exit(EXIT_FAILURE); } break; case 'p': dsperc = atoi(optarg); if (dsperc < 0 || dsperc > 100) { fprintf(stderr, "error: percentage of signed delegations must be between [0-100].\n"); exit(EXIT_FAILURE); } do_ds = true; break; case 's': sort = false; canonicalize = false; break; case 'h': usage(stdout, argv[0]); exit(EXIT_SUCCESS); case 'v': fprintf(stdout, "ldns-gen-zone version %s (ldns version %s)\n", LDNS_VERSION, ldns_version()); exit(EXIT_SUCCESS); default: fprintf(stderr, "\nTry -h for more information.\n\n"); exit(EXIT_FAILURE); } } argc -= optind; argv += optind; /** * Read zone. */ if (argc == 0) { fp = stdin; } else { filename = argv[0]; fp = fopen(filename, "r"); if (!fp) { fprintf(stderr, "Unable to open %s: %s\n", filename, strerror (errno)); exit(EXIT_FAILURE); } } s = ldns_zone_new_frm_fp_l(&z, fp, origin, 0, LDNS_RR_CLASS_IN, &line_nr); if (s != LDNS_STATUS_OK) { fprintf(stderr, "%s at line %d\n", ldns_get_errorstr_by_id(s), line_nr); exit(EXIT_FAILURE); } if (!ldns_zone_soa(z)) { fprintf(stderr, "No zone data seen\n"); exit(EXIT_FAILURE); } ttl = ldns_rr_ttl(ldns_zone_soa(z)); if (!origin) { origin = ldns_rr_owner(ldns_zone_soa(z)); // Check for root (.) origin here TODO(MG) } ownerstr = ldns_rdf2str(origin); if (!ownerstr) { fprintf(stderr, "ldns_rdf2str(origin) failed\n"); exit(EXIT_FAILURE); } ownerlen = strlen(ownerstr); ldns_rr_print(stdout, ldns_zone_soa(z)); if (addrrs > 0) { while (addrrs > counta) { counta++; rrstrlen = punylen + ownerlen + classtypelen + 4; rrstrlen *= 2; /* estimate */ rrstr = (char*)malloc(rrstrlen); if (!rrstr) { fprintf(stderr, "malloc() failed: Out of memory\n"); exit(EXIT_FAILURE); } (void)snprintf(rrstr, rrstrlen, "%s%d.%s %u %s", punystr, counta, ownerstr, (unsigned) ttl, classtypestr1); status = ldns_rr_new_frm_str(&cur_rr, rrstr, 0, NULL, NULL); if (status == LDNS_STATUS_OK) { ldns_rr_print(stdout, cur_rr); ldns_rr_free(cur_rr); } else { fprintf(stderr, "ldns_rr_new_frm_str() failed\n"); exit(EXIT_FAILURE); } (void)snprintf(rrstr, rrstrlen, "%s%d.%s %u %s", punystr, counta, ownerstr, (unsigned) ttl, classtypestr2); status = ldns_rr_new_frm_str(&cur_rr, rrstr, 0, NULL, NULL); if (status == LDNS_STATUS_OK) { ldns_rr_print(stdout, cur_rr); } else { fprintf(stderr, "ldns_rr_new_frm_str() failed\n"); exit(EXIT_FAILURE); } free(rrstr); /* may we add a DS record as well? */ if (do_ds) { /* * Per definition this may not be the same as the origin, so no * check required same for NS check - so the only thing left is some * randomization. */ nsrand = rand() % 100; if (nsrand < dsperc) { owner = ldns_rr_owner(cur_rr); ttl = ldns_rr_ttl(cur_rr); countd += insert_ds(owner, ttl); } } ldns_rr_free(cur_rr); } } if (!do_ds) { ldns_rr_list_print(stdout, ldns_zone_rrs(z)); } else { /* * We use dns_rr_list_pop_rrset and that requires a sorted list weird things may happen * if the -s option was used on unsorted, non-canonicalized input */ if (canonicalize) { ldns_rr2canonical(ldns_zone_soa(z)); for (i = 0; i < ldns_rr_list_rr_count(ldns_zone_rrs(z)); i++) { ldns_rr2canonical(ldns_rr_list_rr(ldns_zone_rrs(z), i)); } } if (sort) { ldns_zone_sort(z); } /* Work on a per RRset basis for DS records - weird things will happen if the -s option * was used in combination with an unsorted zone file */ while((rrset_list = ldns_rr_list_pop_rrset(ldns_zone_rrs(z)))) { owner = ldns_rr_list_owner(rrset_list); cur_rr_type = ldns_rr_list_type(rrset_list); /** * Print them... */ cur_rr = ldns_rr_list_pop_rr(rrset_list); while (cur_rr) { ttl = ldns_rr_ttl(cur_rr); fprintf(stdout, "%s", ldns_rr2str(cur_rr)); cur_rr = ldns_rr_list_pop_rr(rrset_list); } /* * And all the way at the end a DS record if * we are dealing with an NS rrset */ nsrand = rand() % 100; if (nsrand == 0) { nsrand = 100; } if ((cur_rr_type == LDNS_RR_TYPE_NS) && (ldns_rdf_compare(owner, origin) != 0) && (nsrand < dsperc)) { /** * No DS records for the $ORIGIN, only for delegations, obey dsperc. */ countr++; countd += insert_ds(owner, ttl); } ldns_rr_list_free(rrset_list); ldns_rdf_free(owner); } } /** * And done... */ fclose(fp); fprintf(stdout, ";; Added %d DS records (percentage was %d) to %d NS RRset's (from input-zone: %d, from added: %d)\n;; lines in original input-zone: %d\n", countd, dsperc, counta + countr, countr, counta, line_nr); exit(EXIT_SUCCESS); } ldns-1.9.0/examples/ldns-compare-zones.c0000664000175000017500000002157315114326257017547 0ustar willemwillem/* * ldns-compare-zones compares two zone files * * Written by Ondrej Sury in 2007 * * Modified a bit by NLnet Labs. * * See the file LICENSE for the license */ #include "config.h" #include #include #include #include #include #include #define OP_INS '+' #define OP_DEL '-' #define OP_CHG '~' #define OP_EQ '=' static void usage(char *prog) { printf("Usage: %s [-v] [-i] [-d] [-c] [-u] [-s] [-Z] [-e] " " \n", prog); printf(" -i - print inserted\n"); printf(" -d - print deleted\n"); printf(" -c - print changed\n"); printf(" -u - print unchanged\n"); printf(" -U - print unchanged records in changed names\n"); printf(" -a - print all differences (-i -d -c)\n"); printf(" -s - do not exclude SOA record from comparison\n"); printf(" -Z - exclude ZONEMD records from comparison\n"); printf(" -z - do not sort zones\n"); printf(" -e - exit with status 2 on changed zones\n"); printf(" -h - show usage and exit\n"); printf(" -v - show the version and exit\n"); } int main(int argc, char **argv) { char *fn1, *fn2; FILE *fp1, *fp2; ldns_zone *z1, *z2; ldns_status s; size_t i , j; size_t k , l; size_t nc1 , nc2; ldns_rr_list *rrl1, *rrl2; int rr_cmp, rr_chg = 0; ldns_rr *rr1 = NULL, *rr2 = NULL, *rrx = NULL; int line_nr1 = 0, line_nr2 = 0; size_t rrc1 , rrc2; size_t num_ins = 0, num_del = 0, num_chg = 0, num_eq = 0; int c; bool opt_deleted = false, opt_inserted = false; bool opt_changed = false, opt_unchanged = false, opt_Unchanged = false; bool sort = true, inc_soa = false, exc_zonemd = false; bool opt_exit_status = false; char op = 0; while ((c = getopt(argc, argv, "ahvdicuUesZz")) != -1) { switch (c) { case 'h': usage(argv[0]); exit(EXIT_SUCCESS); break; case 'v': printf("%s version %s (ldns version %s)\n", argv[0], LDNS_VERSION, ldns_version()); exit(EXIT_SUCCESS); break; case 'e': opt_exit_status = true; break; case 's': inc_soa = true; break; case 'Z': exc_zonemd = true; break; case 'z': sort = false; break; case 'd': opt_deleted = true; break; case 'i': opt_inserted = true; break; case 'c': opt_changed = true; break; case 'u': opt_unchanged = true; opt_Unchanged = true; break; case 'U': opt_Unchanged = true; opt_changed = true; break; case 'a': opt_deleted = true; opt_inserted = true; opt_changed = true; break; } } argc -= optind; argv += optind; if (argc != 2) { argv -= optind; usage(argv[0]); exit(EXIT_FAILURE); } fn1 = argv[0]; fp1 = fopen(fn1, "r"); if (!fp1) { fprintf(stderr, "Unable to open %s: %s\n", fn1, strerror(errno)); exit(EXIT_FAILURE); } /* Read first zone */ s = ldns_zone_new_frm_fp_l(&z1, fp1, NULL, 0, LDNS_RR_CLASS_IN, &line_nr1); if (s != LDNS_STATUS_OK) { fclose(fp1); fprintf(stderr, "%s: %s at line %d\n", fn1, ldns_get_errorstr_by_id(s), line_nr1); exit(EXIT_FAILURE); } fclose(fp1); fn2 = argv[1]; fp2 = fopen(fn2, "r"); if (!fp2) { fprintf(stderr, "Unable to open %s: %s\n", fn2, strerror(errno)); exit(EXIT_FAILURE); } /* Read second zone */ s = ldns_zone_new_frm_fp_l(&z2, fp2, NULL, 0, LDNS_RR_CLASS_IN, &line_nr2); if (s != LDNS_STATUS_OK) { ldns_zone_deep_free(z1); fclose(fp2); fprintf(stderr, "%s: %s at line %d\n", fn2, ldns_get_errorstr_by_id(s), line_nr2); exit(EXIT_FAILURE); } fclose(fp2); rrl1 = ldns_zone_rrs(z1); rrc1 = ldns_rr_list_rr_count(rrl1); rrl2 = ldns_zone_rrs(z2); rrc2 = ldns_rr_list_rr_count(rrl2); if (sort) { /* canonicalize zone 1 */ ldns_rr2canonical(ldns_zone_soa(z1)); for (i = 0; i < ldns_rr_list_rr_count(ldns_zone_rrs(z1)); i++) { ldns_rr2canonical(ldns_rr_list_rr(ldns_zone_rrs(z1), i)); } /* sort zone 1 */ ldns_zone_sort(z1); /* canonicalize zone 2 */ ldns_rr2canonical(ldns_zone_soa(z2)); for (i = 0; i < ldns_rr_list_rr_count(ldns_zone_rrs(z2)); i++) { ldns_rr2canonical(ldns_rr_list_rr(ldns_zone_rrs(z2), i)); } /* sort zone 2 */ ldns_zone_sort(z2); } if(inc_soa) { ldns_rr_list* wsoa = ldns_rr_list_new(); ldns_rr_list_push_rr(wsoa, ldns_zone_soa(z1)); ldns_rr_list_cat(wsoa, rrl1); rrl1 = wsoa; rrc1 = ldns_rr_list_rr_count(rrl1); wsoa = ldns_rr_list_new(); ldns_rr_list_push_rr(wsoa, ldns_zone_soa(z2)); ldns_rr_list_cat(wsoa, rrl2); rrl2 = wsoa; rrc2 = ldns_rr_list_rr_count(rrl2); if(sort) { ldns_rr_list_sort(rrl1); ldns_rr_list_sort(rrl2); } } /* * Walk through both zones. The previously seen resource record is * kept (in the variable rrx) so that we can recognize when we are * handling a new owner name. If the owner name changes, we have to * set the operator again. */ for (i = 0, j = 0; i < rrc1 || j < rrc2;) { if (exc_zonemd) { if (ldns_rr_get_type(ldns_rr_list_rr(rrl1, i)) == LDNS_RR_TYPE_ZONEMD) { i += 1; continue; } if (ldns_rr_get_type(ldns_rr_list_rr(rrl2, j)) == LDNS_RR_TYPE_ZONEMD) { j += 1; continue; } } rr_cmp = 0; if (i < rrc1 && j < rrc2) { rr1 = ldns_rr_list_rr(rrl1, i); rr2 = ldns_rr_list_rr(rrl2, j); rr_cmp = ldns_rr_compare(rr1, rr2); rr_chg = ldns_dname_compare(ldns_rr_owner(rr1), ldns_rr_owner(rr2)); } else if (i >= rrc1) { /* we have reached the end of zone 1, so the current record * from zone 2 automatically sorts higher */ rr1 = NULL; rr2 = ldns_rr_list_rr(rrl2, j); rr_chg = rr_cmp = 1; } else if (j >= rrc2) { /* we have reached the end of zone 2, so the current record * from zone 1 automatically sorts lower */ rr1 = ldns_rr_list_rr(rrl1, i); rr2 = NULL; rr_chg = rr_cmp = -1; } if (rr_cmp < 0) { if ((rrx != NULL) && (ldns_dname_compare(ldns_rr_owner(rr1), ldns_rr_owner(rrx) ) != 0)) { /* The owner name is different, forget previous rr */ rrx = NULL; } if (rrx == NULL) { if (rr_chg == 0) { num_chg++; op = OP_CHG; } else { num_del++; op = OP_DEL; } rrx = rr1; } if (((op == OP_DEL) && opt_deleted) || ((op == OP_CHG) && opt_changed)) { printf("%c-", op); ldns_rr_print(stdout, rr1); } i++; } else if (rr_cmp > 0) { if ((rrx != NULL) && (ldns_dname_compare(ldns_rr_owner(rr2), ldns_rr_owner(rrx) ) != 0)) { rrx = NULL; } if (rrx == NULL) { if (rr_chg == 0) { num_chg++; op = OP_CHG; } else { num_ins++; op = OP_INS; } /* remember this rr for it's name in the next iteration */ rrx = rr2; } if (((op == OP_INS) && opt_inserted) || ((op == OP_CHG) && opt_changed)) { printf("%c+", op); ldns_rr_print(stdout, rr2); } j++; } else { if ((rrx != NULL) && (ldns_dname_compare(ldns_rr_owner(rr1), ldns_rr_owner(rrx) ) != 0)) { rrx = NULL; } if (rrx == NULL) { rrx = rr1; /* Are all rrs with this name equal? */ for ( k = i + 1 ; k < rrc1 && ldns_dname_compare(ldns_rr_owner(rr1), ldns_rr_owner(ldns_rr_list_rr(rrl1, k))) == 0 ; k++); for ( l = j + 1 ; l < rrc2 && ldns_dname_compare(ldns_rr_owner(rr2), ldns_rr_owner(ldns_rr_list_rr(rrl2, l))) == 0 ; l++); if ((k - i) != (l - j)) { op = OP_CHG; num_chg++; } else { nc1 = k - i; nc2 = l - j; for ( k = i + 1, l = j + 1 ; (k - i) < nc1 && (l - j) < nc2 && ldns_rr_compare(ldns_rr_list_rr(rrl1, k), ldns_rr_list_rr(rrl2, l)) == 0 ; k++, l++); if ((k - i) < nc1) { op = OP_CHG; num_chg++; } else { op = OP_EQ; num_eq++; } } } if (((op == OP_EQ ) && opt_unchanged) || ((op == OP_CHG) && opt_Unchanged && opt_changed)) { printf("%c=", op); ldns_rr_print(stdout, rr1); } i++; j++; } } if (opt_unchanged || opt_Unchanged) printf("\t%c%u\t%c%u\t%c%u\t%c%u\n", OP_INS, (unsigned int) num_ins, OP_DEL, (unsigned int) num_del, OP_CHG, (unsigned int) num_chg, OP_EQ, (unsigned int) num_eq); else printf("\t%c%u\t%c%u\t%c%u\n", OP_INS, (unsigned int) num_ins, OP_DEL, (unsigned int) num_del, OP_CHG, (unsigned int) num_chg); /* Free resources */ if(inc_soa) { ldns_rr_list_free(rrl1); ldns_rr_list_free(rrl2); } ldns_zone_deep_free(z2); ldns_zone_deep_free(z1); return opt_exit_status && (num_ins || num_del || num_chg) ? 2 : 0; } ldns-1.9.0/examples/ldns-zcat.c0000664000175000017500000001007115114326257015715 0ustar willemwillem/* * read a zone that is split up with ldns-zsplit and re-create * the original zone * * From: * zone1: SOA a b c d e f * zone2: SOA f g h i k l * * Go back to: * zone: SOA a b c d e f g h i j k l * * This is useful in combination with ldns-zsplit * * See the file LICENSE for the license */ #include "config.h" #include #include #define FIRST_ZONE 0 #define MIDDLE_ZONE 1 #define LAST_ZONE 2 static void usage(FILE *f, char *progname) { fprintf(f, "Usage: %s [OPTIONS] \n", progname); fprintf(f, " Concatenate signed zone snippets created with ldns-zsplit\n"); fprintf(f, " back together. The generate zone file is printed to stdout\n"); fprintf(f, " The new zone should be equal to the original zone (before splitting)\n"); fprintf(f, "OPTIONS:\n"); fprintf(f, "-o ORIGIN\tUse this as initial origin, for zones starting with @\n"); fprintf(f, "-v\t\tShow the version number and exit\n"); } int main(int argc, char **argv) { char *progname; FILE *fp; int c; ldns_rdf *origin; size_t i, j; int where; ldns_zone *z; ldns_rr_list *zrr; ldns_rr *current_rr; ldns_rr *soa; ldns_rdf *last_owner; ldns_rr *last_rr; ldns_rr *pop_rr; progname = strdup(argv[0]); origin = NULL; while ((c = getopt(argc, argv, "o:v")) != -1) { switch(c) { case 'o': origin = ldns_dname_new_frm_str(strdup(optarg)); if (!origin) { fprintf(stderr, "Cannot convert the origin %s to a domainname\n", optarg); exit(EXIT_FAILURE); } break; case 'v': printf("zone file concatenator version %s (ldns version %s)\n", LDNS_VERSION, ldns_version()); exit(EXIT_SUCCESS); break; default: fprintf(stderr, "Unrecognized option\n"); usage(stdout, progname); exit(EXIT_FAILURE); } } argc -= optind; argv += optind; if (argc < 1) { usage(stdout, progname); exit(EXIT_FAILURE); } for (i = 0; i < (size_t)argc; i++) { if (!(fp = fopen(argv[i], "r"))) { fprintf(stderr, "Error opening key file %s: %s\n", argv[i], strerror(errno)); exit(EXIT_FAILURE); } if (ldns_zone_new_frm_fp(&z, fp, origin, 0, 0) != LDNS_STATUS_OK) { fprintf(stderr, "Zone file %s could not be parsed correctly\n", argv[i]); exit(EXIT_FAILURE); } zrr = ldns_zone_rrs(z); soa = ldns_zone_soa(z); /* SOA is stored separately */ fprintf(stderr, "%s\n", argv[i]); if (0 == i) { where = FIRST_ZONE; /* remove the last equal named RRs */ last_rr = ldns_rr_list_pop_rr(zrr); last_owner = ldns_rr_owner(last_rr); /* remove until no match */ do { pop_rr = ldns_rr_list_pop_rr(zrr); } while(ldns_rdf_compare(last_owner, ldns_rr_owner(pop_rr)) == 0) ; /* we popped one to many, put it back */ ldns_rr_list_push_rr(zrr, pop_rr); } else if ((size_t)(argc - 1) == i) { where = LAST_ZONE; } else { where = MIDDLE_ZONE; /* remove the last equal named RRs */ last_rr = ldns_rr_list_pop_rr(zrr); last_owner = ldns_rr_owner(last_rr); /* remove until no match */ do { pop_rr = ldns_rr_list_pop_rr(zrr); } while(ldns_rdf_compare(last_owner, ldns_rr_owner(pop_rr)) == 0) ; /* we popped one to many, put it back */ ldns_rr_list_push_rr(zrr, pop_rr); } /* printing the RRs */ for (j = 0; j < ldns_rr_list_rr_count(zrr); j++) { current_rr = ldns_rr_list_rr(zrr, j); switch(where) { case FIRST_ZONE: if (soa) { ldns_rr_print(stdout, soa); soa = NULL; } break; case MIDDLE_ZONE: /* rm SOA */ /* SOA isn't printed by default */ /* rm SOA aux records * this also takes care of the DNSKEYs + RRSIGS */ if (ldns_rdf_compare(ldns_rr_owner(current_rr), ldns_rr_owner(soa)) == 0) { continue; } break; case LAST_ZONE: /* rm SOA */ /* SOA isn't printed by default */ /* rm SOA aux records * this also takes care of the DNSKEYs + RRSIGS */ if (ldns_rdf_compare(ldns_rr_owner(current_rr), ldns_rr_owner(soa)) == 0) { continue; } break; } ldns_rr_print(stdout, current_rr); } } exit(EXIT_SUCCESS); } ldns-1.9.0/examples/ldns-zsplit.10000664000175000017500000000144415114326257016223 0ustar willemwillem.TH ldns-zsplit 1 "15 Dec 2005" .SH NAME ldns-zsplit \- split up a zone file .SH SYNOPSIS .B ldns-zsplit [ .IR OPTIONS ] .IR zonefile .SH DESCRIPTION .SH OPTIONS .TP .B -n NUMBER Split after NUMBER RRs, \fBldns-zsplit\fR will not split in the middle of an RRs. .PP Each part is saved with a numerical suffix, starting with .000. The largest suffix is thus .999. .TP .B -o ORIGIN use ORIGIN as origin when reading the zonefile. .TP .B -z Sort the zone before splitting. .TP .B -v Show version number and exit. .SH AUTHOR Written by the ldns team as an example for ldns usage. .SH REPORTING BUGS Report bugs to . .SH COPYRIGHT Copyright (C) 2005, 2006 NLnet Labs. This is free software. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. ldns-1.9.0/examples/ldns-chaos.c0000664000175000017500000000564515114326257016064 0ustar willemwillem/* * chaos is a small programs that prints some information * about a nameserver * * (c) NLnet Labs, 2005 - 2008 * * See the file LICENSE for the license */ #include "config.h" #include static int usage(FILE *fp, char *prog) { fprintf(fp, "%s server\n", prog); fprintf(fp, " print out some information about server\n"); return 0; } int main(int argc, char *argv[]) { ldns_resolver *res; ldns_rdf *name; ldns_rdf *version, *id; ldns_pkt *p; ldns_rr_list *addr; ldns_rr_list *info; ldns_status s; ldns_rdf *pop; size_t i; if (argc != 2) { usage(stdout, argv[0]); exit(EXIT_FAILURE); } else { /* create a rdf from the command line arg */ name = ldns_dname_new_frm_str(argv[1]); if (!name) { usage(stdout, argv[0]); exit(EXIT_FAILURE); } } /* create rdf for what we are going to ask */ version = ldns_dname_new_frm_str("version.bind"); id = ldns_dname_new_frm_str("hostname.bind"); /* create a new resolver from /etc/resolv.conf */ s = ldns_resolver_new_frm_file(&res, NULL); if (s != LDNS_STATUS_OK) { ldns_rdf_deep_free(name); exit(EXIT_FAILURE); } ldns_resolver_set_retry(res, 1); /* don't want to wait too long */ /* use the resolver to send it a query for the a/aaaa of name */ addr = ldns_get_rr_list_addr_by_name(res, name, LDNS_RR_CLASS_IN, LDNS_RD); if (!addr) { fprintf(stderr, " *** could not get an address for %s\n", argv[1]); ldns_rdf_deep_free(name); ldns_resolver_deep_free(res); exit(EXIT_FAILURE); } /* remove current list of nameservers from resolver */ while((pop = ldns_resolver_pop_nameserver(res))) { ldns_rdf_deep_free(pop); } /* can be multihomed */ for(i = 0; i < ldns_rr_list_rr_count(addr); i++) { if (i > 0) { fprintf(stdout, "\n"); } if (ldns_resolver_push_nameserver_rr(res, ldns_rr_list_rr(addr, i)) != LDNS_STATUS_OK) { printf("Error adding nameserver to resolver\n"); } ldns_rr_print(stdout, ldns_rr_list_rr(addr, i)); fprintf(stdout, "\n"); p = ldns_resolver_query(res, version, LDNS_RR_TYPE_TXT, LDNS_RR_CLASS_CH, LDNS_RD); if (p) { ldns_pkt_print(stdout, p); info = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_TXT, LDNS_SECTION_ANSWER); if (info) { ldns_rr_list_print(stdout, info); ldns_rr_list_deep_free(info); } else { printf(" *** version retrieval failed\n"); } ldns_pkt_free(p); } else { printf(" *** query failed\n"); } p = ldns_resolver_query(res, id, LDNS_RR_TYPE_TXT, LDNS_RR_CLASS_CH, LDNS_RD); if (p) { info = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_TXT, LDNS_SECTION_ANSWER); if (info) { ldns_rr_list_print(stdout, info); ldns_rr_list_deep_free(info); } else { printf(" *** id retrieval failed\n"); } ldns_pkt_free(p); } else { printf(" *** query failed for\n"); } ldns_rdf_deep_free(ldns_resolver_pop_nameserver(res)); } ldns_rdf_deep_free(name); ldns_resolver_deep_free(res); exit(EXIT_SUCCESS); } ldns-1.9.0/examples/ldns-testpkts.c0000664000175000017500000007034215114326257016644 0ustar willemwillem/* * ldns-testpkts. Data file parse for test packets, and query matching. * * Data storage for specially crafted replies for testing purposes. * * (c) NLnet Labs, 2005, 2006, 2007, 2008 * See the file LICENSE for the license */ /** * \file * This is a debugging aid. It is not efficient, especially * with a long config file, but it can give any reply to any query. * This can help the developer pre-script replies for queries. * * You can specify a packet RR by RR with header flags to return. * * Missing features: * - matching content different from reply content. * - find way to adjust mangled packets? */ #include "config.h" struct sockaddr_storage; #include #include #include "ldns-testpkts.h" /** max line length */ #define MAX_LINE 10240 /** string to show in warnings and errors */ static const char* prog_name = "ldns-testpkts"; /** logging routine, provided by caller */ void verbose(int lvl, const char* msg, ...) ATTR_FORMAT(printf, 2, 3); /** print error and exit */ static void error(const char* msg, ...) __attribute__((noreturn)); static void error(const char* msg, ...) { va_list args; va_start(args, msg); fprintf(stderr, "%s error: ", prog_name); vfprintf(stderr, msg, args); fprintf(stderr, "\n"); fflush(stderr); va_end(args); exit(EXIT_FAILURE); } /** return if string is empty or comment */ static bool isendline(char c) { if(c == ';' || c == '#' || c == '\n' || c == 0) return true; return false; } /** true if the string starts with the keyword given. Moves the str ahead. * @param str: before keyword, afterwards after keyword and spaces. * @param keyword: the keyword to match * @return: true if keyword present. False otherwise, and str unchanged. */ static bool str_keyword(char** str, const char* keyword) { size_t len = strlen(keyword); assert(str && keyword); if(strncmp(*str, keyword, len) != 0) return false; *str += len; while(isspace((int)**str)) (*str)++; return true; } /** Add reply packet to entry */ static struct reply_packet* entry_add_reply(struct entry* entry) { struct reply_packet* pkt = (struct reply_packet*)malloc( sizeof(struct reply_packet)); struct reply_packet ** p = &entry->reply_list; pkt->next = NULL; pkt->packet_sleep = 0; pkt->reply = ldns_pkt_new(); pkt->reply_from_hex = NULL; pkt->raw_ednsdata = NULL; /* link at end */ while(*p) p = &((*p)->next); *p = pkt; return pkt; } /** parse MATCH line */ static void matchline(char* line, struct entry* e) { char* parse = line; while(*parse) { if(isendline(*parse)) return; if(str_keyword(&parse, "opcode")) { e->match_opcode = true; } else if(str_keyword(&parse, "qtype")) { e->match_qtype = true; } else if(str_keyword(&parse, "qname")) { e->match_qname = true; } else if(str_keyword(&parse, "subdomain")) { e->match_subdomain = true; } else if(str_keyword(&parse, "all")) { e->match_all = true; } else if(str_keyword(&parse, "ttl")) { e->match_ttl = true; } else if(str_keyword(&parse, "DO")) { e->match_do = true; } else if(str_keyword(&parse, "CO")) { e->match_co = true; } else if(str_keyword(&parse, "noedns")) { e->match_noedns = true; } else if(str_keyword(&parse, "ednsdata")) { e->match_ednsdata_raw = true; } else if(str_keyword(&parse, "UDP")) { e->match_transport = transport_udp; } else if(str_keyword(&parse, "TCP")) { e->match_transport = transport_tcp; } else if(str_keyword(&parse, "serial")) { e->match_serial = true; if(*parse != '=' && *parse != ':') error("expected = or : in MATCH: %s", line); parse++; e->ixfr_soa_serial = (uint32_t)strtol(parse, (char**)&parse, 10); while(isspace((int)*parse)) parse++; } else if(str_keyword(&parse, "udp_size")) { if(*parse != '=' && *parse != ':') error("expected = or : in MATCH: %s", line); parse++; e->match_udp_size = (uint32_t)strtol(parse, (char**)&parse, 10); while(isspace((int)*parse)) parse++; } else { error("could not parse MATCH: '%s'", parse); } } } /** parse REPLY line */ static void replyline(char* line, ldns_pkt *reply) { char* parse = line; while(*parse) { if(isendline(*parse)) return; /* opcodes */ if(str_keyword(&parse, "QUERY")) { ldns_pkt_set_opcode(reply, LDNS_PACKET_QUERY); } else if(str_keyword(&parse, "IQUERY")) { ldns_pkt_set_opcode(reply, LDNS_PACKET_IQUERY); } else if(str_keyword(&parse, "STATUS")) { ldns_pkt_set_opcode(reply, LDNS_PACKET_STATUS); } else if(str_keyword(&parse, "NOTIFY")) { ldns_pkt_set_opcode(reply, LDNS_PACKET_NOTIFY); } else if(str_keyword(&parse, "UPDATE")) { ldns_pkt_set_opcode(reply, LDNS_PACKET_UPDATE); /* rcodes */ } else if(str_keyword(&parse, "NOERROR")) { ldns_pkt_set_rcode(reply, LDNS_RCODE_NOERROR); } else if(str_keyword(&parse, "FORMERR")) { ldns_pkt_set_rcode(reply, LDNS_RCODE_FORMERR); } else if(str_keyword(&parse, "SERVFAIL")) { ldns_pkt_set_rcode(reply, LDNS_RCODE_SERVFAIL); } else if(str_keyword(&parse, "NXDOMAIN")) { ldns_pkt_set_rcode(reply, LDNS_RCODE_NXDOMAIN); } else if(str_keyword(&parse, "NOTIMPL")) { ldns_pkt_set_rcode(reply, LDNS_RCODE_NOTIMPL); } else if(str_keyword(&parse, "REFUSED")) { ldns_pkt_set_rcode(reply, LDNS_RCODE_REFUSED); } else if(str_keyword(&parse, "YXDOMAIN")) { ldns_pkt_set_rcode(reply, LDNS_RCODE_YXDOMAIN); } else if(str_keyword(&parse, "YXRRSET")) { ldns_pkt_set_rcode(reply, LDNS_RCODE_YXRRSET); } else if(str_keyword(&parse, "NXRRSET")) { ldns_pkt_set_rcode(reply, LDNS_RCODE_NXRRSET); } else if(str_keyword(&parse, "NOTAUTH")) { ldns_pkt_set_rcode(reply, LDNS_RCODE_NOTAUTH); } else if(str_keyword(&parse, "NOTZONE")) { ldns_pkt_set_rcode(reply, LDNS_RCODE_NOTZONE); /* flags */ } else if(str_keyword(&parse, "QR")) { ldns_pkt_set_qr(reply, true); } else if(str_keyword(&parse, "AA")) { ldns_pkt_set_aa(reply, true); } else if(str_keyword(&parse, "TC")) { ldns_pkt_set_tc(reply, true); } else if(str_keyword(&parse, "RD")) { ldns_pkt_set_rd(reply, true); } else if(str_keyword(&parse, "CD")) { ldns_pkt_set_cd(reply, true); } else if(str_keyword(&parse, "RA")) { ldns_pkt_set_ra(reply, true); } else if(str_keyword(&parse, "AD")) { ldns_pkt_set_ad(reply, true); } else if(str_keyword(&parse, "DO")) { ldns_pkt_set_edns_udp_size(reply, 4096); ldns_pkt_set_edns_do(reply, true); } else if(str_keyword(&parse, "CO")) { ldns_pkt_set_edns_udp_size(reply, 4096); ldns_pkt_set_edns_co(reply, true); } else { error("could not parse REPLY: '%s'", parse); } } } /** parse ADJUST line */ static void adjustline(char* line, struct entry* e, struct reply_packet* pkt) { char* parse = line; while(*parse) { if(isendline(*parse)) return; if(str_keyword(&parse, "copy_id")) { e->copy_id = true; } else if(str_keyword(&parse, "copy_query")) { e->copy_query = true; } else if(str_keyword(&parse, "sleep=")) { e->sleeptime = (unsigned int) strtol(parse, (char**)&parse, 10); while(isspace((int)*parse)) parse++; } else if(str_keyword(&parse, "packet_sleep=")) { pkt->packet_sleep = (unsigned int) strtol(parse, (char**)&parse, 10); while(isspace((int)*parse)) parse++; } else { error("could not parse ADJUST: '%s'", parse); } } } /** create new entry */ static struct entry* new_entry(void) { struct entry* e = LDNS_MALLOC(struct entry); memset(e, 0, sizeof(*e)); e->match_opcode = false; e->match_qtype = false; e->match_qname = false; e->match_subdomain = false; e->match_all = false; e->match_ttl = false; e->match_do = false; e->match_co = false; e->match_noedns = false; e->match_serial = false; e->ixfr_soa_serial = 0; e->match_transport = transport_any; e->match_udp_size = 0; e->reply_list = NULL; e->copy_id = false; e->copy_query = false; e->sleeptime = 0; e->next = NULL; return e; } /** * Converts a hex string to binary data * @param hexstr: string of hex. * @param len: is the length of the string * @param buf: is the buffer to store the result in * @param offset: is the starting position in the result buffer * @param buf_len: is the length of buf. * @return This function returns the length of the result */ static size_t hexstr2bin(char *hexstr, int len, uint8_t *buf, size_t offset, size_t buf_len) { char c; int i; uint8_t int8 = 0; int sec = 0; size_t bufpos = 0; if (len % 2 != 0) { return 0; } for (i=0; i= '0' && c <= '9') { int8 += c & 0x0f; } else if (c >= 'a' && c <= 'z') { int8 += (c & 0x0f) + 9; } else if (c >= 'A' && c <= 'Z') { int8 += (c & 0x0f) + 9; } else { return 0; } if (sec == 0) { int8 = int8 << 4; sec = 1; } else { if (bufpos + offset + 1 <= buf_len) { buf[bufpos+offset] = int8; int8 = 0; sec = 0; bufpos++; } else { fprintf(stderr, "Buffer too small in hexstr2bin"); } } } } return bufpos; } /** convert hex buffer to binary buffer */ static ldns_buffer * data_buffer2wire(ldns_buffer *data_buffer) { ldns_buffer *wire_buffer = NULL; int c; /* stat hack * 0 = normal * 1 = comment (skip to end of line) * 2 = unprintable character found, read binary data directly */ size_t data_buf_pos = 0; int state = 0; uint8_t *hexbuf; int hexbufpos = 0; size_t wirelen; uint8_t *data_wire = (uint8_t *) ldns_buffer_begin(data_buffer); uint8_t *wire = LDNS_XMALLOC(uint8_t, LDNS_MAX_PACKETLEN); hexbuf = LDNS_XMALLOC(uint8_t, LDNS_MAX_PACKETLEN); for (data_buf_pos = 0; data_buf_pos < ldns_buffer_position(data_buffer); data_buf_pos++) { c = (int) data_wire[data_buf_pos]; if (state < 2 && !isascii(c)) { /*verbose("non ascii character found in file: (%d) switching to raw mode\n", c);*/ state = 2; } switch (state) { case 0: if ( (c >= '0' && c <= '9') || (c >= 'a' && c <= 'f') || (c >= 'A' && c <= 'F') ) { if (hexbufpos >= LDNS_MAX_PACKETLEN) { error("buffer overflow"); LDNS_FREE(hexbuf); return 0; } hexbuf[hexbufpos] = (uint8_t) c; hexbufpos++; } else if (c == ';') { state = 1; } else if (c == ' ' || c == '\t' || c == '\n') { /* skip whitespace */ } break; case 1: if (c == '\n' || c == EOF) { state = 0; } break; case 2: if (hexbufpos >= LDNS_MAX_PACKETLEN) { error("buffer overflow"); LDNS_FREE(hexbuf); return 0; } hexbuf[hexbufpos] = (uint8_t) c; hexbufpos++; break; } } if (hexbufpos >= LDNS_MAX_PACKETLEN) { /*verbose("packet size reached\n");*/ } /* lenient mode: length must be multiple of 2 */ if (hexbufpos % 2 != 0) { if (hexbufpos >= LDNS_MAX_PACKETLEN) { error("buffer overflow"); LDNS_FREE(hexbuf); return 0; } hexbuf[hexbufpos] = (uint8_t) '0'; hexbufpos++; } if (state < 2) { wirelen = hexstr2bin((char *) hexbuf, hexbufpos, wire, 0, LDNS_MAX_PACKETLEN); wire_buffer = ldns_buffer_new(wirelen); ldns_buffer_new_frm_data(wire_buffer, wire, wirelen); } else { error("Incomplete hex data, not at byte boundary\n"); } LDNS_FREE(wire); LDNS_FREE(hexbuf); return wire_buffer; } /** parse ORIGIN */ static void get_origin(const char* name, int lineno, ldns_rdf** origin, char* parse) { /* snip off rest of the text so as to make the parse work in ldns */ char* end; char store; ldns_status status; ldns_rdf_free(*origin); *origin = NULL; end=parse; while(!isspace((int)*end) && !isendline(*end)) end++; store = *end; *end = 0; verbose(3, "parsing '%s'\n", parse); status = ldns_str2rdf_dname(origin, parse); *end = store; if (status != LDNS_STATUS_OK) error("%s line %d:\n\t%s: %s", name, lineno, ldns_get_errorstr_by_id(status), parse); } /* Reads one entry from file. Returns entry or NULL on error. */ struct entry* read_entry(FILE* in, const char* name, int *lineno, uint32_t* default_ttl, ldns_rdf** origin, ldns_rdf** prev_rr, int skip_whitespace) { struct entry* current = NULL; char line[MAX_LINE]; char* parse; ldns_pkt_section add_section = LDNS_SECTION_QUESTION; struct reply_packet *cur_reply = NULL; bool reading_hex = false; bool reading_hex_ednsdata = false; ldns_buffer* hex_data_buffer = NULL; ldns_buffer* hex_ednsdata_buffer = NULL; while(fgets(line, (int)sizeof(line), in) != NULL) { line[MAX_LINE-1] = 0; parse = line; (*lineno) ++; while(isspace((int)*parse)) parse++; /* test for keywords */ if(isendline(*parse)) continue; /* skip comment and empty lines */ if(str_keyword(&parse, "ENTRY_BEGIN")) { if(current) { error("%s line %d: previous entry does not ENTRY_END", name, *lineno); } current = new_entry(); current->lineno = *lineno; cur_reply = entry_add_reply(current); continue; } else if(str_keyword(&parse, "$ORIGIN")) { get_origin(name, *lineno, origin, parse); continue; } else if(str_keyword(&parse, "$TTL")) { *default_ttl = (uint32_t)atoi(parse); continue; } /* working inside an entry */ if(!current) { error("%s line %d: expected ENTRY_BEGIN but got %s", name, *lineno, line); } if(str_keyword(&parse, "MATCH")) { matchline(parse, current); } else if(str_keyword(&parse, "REPLY")) { replyline(parse, cur_reply->reply); } else if(str_keyword(&parse, "ADJUST")) { adjustline(parse, current, cur_reply); } else if(str_keyword(&parse, "EXTRA_PACKET")) { cur_reply = entry_add_reply(current); } else if(str_keyword(&parse, "SECTION")) { if(str_keyword(&parse, "QUESTION")) add_section = LDNS_SECTION_QUESTION; else if(str_keyword(&parse, "ANSWER")) add_section = LDNS_SECTION_ANSWER; else if(str_keyword(&parse, "AUTHORITY")) add_section = LDNS_SECTION_AUTHORITY; else if(str_keyword(&parse, "ADDITIONAL")) add_section = LDNS_SECTION_ADDITIONAL; else error("%s line %d: bad section %s", name, *lineno, parse); } else if(str_keyword(&parse, "HEX_ANSWER_BEGIN")) { hex_data_buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN); reading_hex = true; } else if(str_keyword(&parse, "HEX_ANSWER_END")) { if (!reading_hex) { error("%s line %d: HEX_ANSWER_END read but no HEX_ANSWER_BEGIN keyword seen", name, *lineno); } reading_hex = false; cur_reply->reply_from_hex = data_buffer2wire(hex_data_buffer); ldns_buffer_free(hex_data_buffer); hex_data_buffer = NULL; } else if(reading_hex) { ldns_buffer_printf(hex_data_buffer, line); } else if(str_keyword(&parse, "HEX_EDNSDATA_BEGIN")) { hex_ednsdata_buffer = ldns_buffer_new(LDNS_MAX_PACKETLEN); reading_hex_ednsdata = true; } else if(str_keyword(&parse, "HEX_EDNSDATA_END")) { ldns_buffer* edns = NULL; if (!reading_hex_ednsdata) { error("%s line %d: HEX_EDNSDATA_END read but no" "HEX_EDNSDATA_BEGIN keyword seen", name, *lineno); } reading_hex_ednsdata = false; edns = data_buffer2wire(hex_ednsdata_buffer); /* add read-in EDNS directly to the reply */ ldns_pkt_set_edns_data(cur_reply->reply, ldns_rdf_new_frm_data(LDNS_RDF_TYPE_UNKNOWN, ldns_buffer_limit(edns), ldns_buffer_begin(edns))); /* store raw EDNS for matching */ cur_reply->raw_ednsdata = data_buffer2wire(hex_ednsdata_buffer); ldns_buffer_free(edns); ldns_buffer_free(hex_ednsdata_buffer); hex_ednsdata_buffer = NULL; } else if(reading_hex_ednsdata) { ldns_buffer_printf(hex_ednsdata_buffer, line); } else if(str_keyword(&parse, "ENTRY_END")) { if (hex_data_buffer) ldns_buffer_free(hex_data_buffer); return current; } else { /* it must be a RR, parse and add to packet. */ ldns_rr* n = NULL; ldns_status status; char* rrstr = line; if (skip_whitespace) rrstr = parse; if(add_section == LDNS_SECTION_QUESTION) status = ldns_rr_new_question_frm_str( &n, rrstr, *origin, prev_rr); else status = ldns_rr_new_frm_str(&n, rrstr, *default_ttl, *origin, prev_rr); if(status != LDNS_STATUS_OK) error("%s line %d:\n\t%s: %s", name, *lineno, ldns_get_errorstr_by_id(status), rrstr); ldns_pkt_push_rr(cur_reply->reply, add_section, n); } } if (reading_hex) { error("%s: End of file reached while still reading hex, " "missing HEX_ANSWER_END\n", name); } if(current) { error("%s: End of file reached while reading entry. " "missing ENTRY_END\n", name); } return 0; } /* reads the canned reply file and returns a list of structs */ struct entry* read_datafile(const char* name, int skip_whitespace) { struct entry* list = NULL; struct entry* last = NULL; struct entry* current = NULL; FILE *in; int lineno = 0; uint32_t default_ttl = 0; ldns_rdf* origin = NULL; ldns_rdf* prev_rr = NULL; int entry_num = 0; if((in=fopen(name, "r")) == NULL) { error("could not open file %s: %s", name, strerror(errno)); } while((current = read_entry(in, name, &lineno, &default_ttl, &origin, &prev_rr, skip_whitespace))) { if(last) last->next = current; else list = current; last = current; entry_num ++; } verbose(1, "%s: Read %d entries\n", prog_name, entry_num); fclose(in); ldns_rdf_deep_free(origin); ldns_rdf_deep_free(prev_rr); return list; } /** get qtype from rr */ static ldns_rr_type get_qtype(ldns_pkt* p) { if(!ldns_rr_list_rr(ldns_pkt_question(p), 0)) return 0; return ldns_rr_get_type(ldns_rr_list_rr(ldns_pkt_question(p), 0)); } /** returns owner from rr */ static ldns_rdf* get_owner(ldns_pkt* p) { if(!ldns_rr_list_rr(ldns_pkt_question(p), 0)) return NULL; return ldns_rr_owner(ldns_rr_list_rr(ldns_pkt_question(p), 0)); } /** get authority section SOA serial value */ static uint32_t get_serial(ldns_pkt* p) { ldns_rr *rr = ldns_rr_list_rr(ldns_pkt_authority(p), 0); ldns_rdf *rdf; uint32_t val; if(!rr) return 0; rdf = ldns_rr_rdf(rr, 2); if(!rdf) return 0; val = ldns_rdf2native_int32(rdf); verbose(3, "found serial %u in msg. ", (int)val); return val; } /** match two rr lists */ static int match_list(ldns_rr_list* q, ldns_rr_list *p, bool mttl) { size_t i; if(ldns_rr_list_rr_count(q) != ldns_rr_list_rr_count(p)) return 0; for(i=0; i 0) { verbose(lvl, " %02x", (unsigned int)*data++); } verbose(lvl, "\n"); } /** Match q edns data to p raw edns data */ static int match_ednsdata(ldns_pkt* q, struct reply_packet* p) { size_t qdlen, pdlen; uint8_t *qd, *pd; if(!ldns_pkt_edns(q) || !ldns_pkt_edns_data(q)) { verbose(3, "No EDNS data\n"); return 0; } qdlen = ldns_rdf_size(ldns_pkt_edns_data(q)); pdlen = ldns_buffer_limit(p->raw_ednsdata); qd = ldns_rdf_data(ldns_pkt_edns_data(q)); pd = ldns_buffer_begin(p->raw_ednsdata); if( qdlen == pdlen && 0 == memcmp(qd, pd, qdlen) ) return 1; verbose(3, "EDNS data does not match.\n"); verbose_hex(3, qd, qdlen, "q:"); verbose_hex(3, pd, pdlen, "p:"); return 0; } /* finds entry in list, or returns NULL */ struct entry* find_match(struct entry* entries, ldns_pkt* query_pkt, enum transport_type transport) { struct entry* p = entries; ldns_pkt* reply = NULL; for(p=entries; p; p=p->next) { verbose(3, "comparepkt: "); reply = p->reply_list->reply; if(p->match_opcode && ldns_pkt_get_opcode(query_pkt) != ldns_pkt_get_opcode(reply)) { verbose(3, "bad opcode\n"); continue; } if(p->match_qtype && get_qtype(query_pkt) != get_qtype(reply)) { verbose(3, "bad qtype\n"); continue; } if(p->match_qname) { if (!get_owner(query_pkt) || !get_owner(reply) || ( !p->copy_query && ldns_dname_compare( get_owner(query_pkt) , get_owner(reply))) || ( p->copy_query && !ldns_dname_match_wildcard( get_owner(query_pkt) , get_owner(reply)))) { verbose(3, "bad qname\n"); continue; } } if(p->match_subdomain) { if(!get_owner(query_pkt) || !get_owner(reply) || (ldns_dname_compare(get_owner(query_pkt), get_owner(reply)) != 0 && !ldns_dname_is_subdomain( get_owner(query_pkt), get_owner(reply)))) { verbose(3, "bad subdomain\n"); continue; } } if(p->match_serial && get_serial(query_pkt) != p->ixfr_soa_serial) { verbose(3, "bad serial\n"); continue; } if(p->match_do && !ldns_pkt_edns_do(query_pkt)) { verbose(3, "no DO bit set\n"); continue; } if(p->match_co && !ldns_pkt_edns_co(query_pkt)) { verbose(3, "no CO bit set\n"); continue; } if(p->match_noedns && ldns_pkt_edns(query_pkt)) { verbose(3, "bad; EDNS OPT present\n"); continue; } if(p->match_ednsdata_raw && !match_ednsdata(query_pkt, p->reply_list)) { verbose(3, "bad EDNS data match.\n"); continue; } if(p->match_transport != transport_any && p->match_transport != transport) { verbose(3, "bad transport\n"); continue; } if(p->match_udp_size > 0 && transport == transport_udp && ( !ldns_pkt_edns(query_pkt) || ldns_pkt_edns_udp_size(query_pkt) < p->match_udp_size)) { verbose(3, "bad udp_size\n"); continue; } if(p->match_all && !match_all(query_pkt, reply, p->match_ttl)) { verbose(3, "bad allmatch\n"); continue; } verbose(3, "match!\n"); return p; } return NULL; } void adjust_packet(struct entry* match, ldns_pkt* answer_pkt, ldns_pkt* query_pkt) { /* copy & adjust packet */ if(match->copy_id) ldns_pkt_set_id(answer_pkt, ldns_pkt_id(query_pkt)); if(match->copy_query) { ldns_rr_list* list = ldns_pkt_get_section_clone(query_pkt, LDNS_SECTION_QUESTION); ldns_rr_list_deep_free(ldns_pkt_question(answer_pkt)); ldns_pkt_set_question(answer_pkt, list); } if(match->sleeptime > 0) { verbose(3, "sleeping for %d seconds\n", match->sleeptime); #ifdef HAVE_SLEEP sleep(match->sleeptime); #else Sleep(match->sleeptime * 1000); #endif } } /* * Parses data buffer to a query, finds the correct answer * and calls the given function for every packet to send. */ void handle_query(uint8_t* inbuf, ssize_t inlen, struct entry* entries, int* count, enum transport_type transport, void (*sendfunc)(uint8_t*, size_t, void*), void* userdata, FILE* verbose_out) { ldns_status status; ldns_pkt *query_pkt = NULL; ldns_pkt *answer_pkt = NULL; struct reply_packet *p; ldns_rr *query_rr = NULL; uint8_t *outbuf = NULL; size_t answer_size = 0; struct entry* entry = NULL; ldns_rdf *stop_command = ldns_dname_new_frm_str("server.stop."); status = ldns_wire2pkt(&query_pkt, inbuf, (size_t)inlen); if (status != LDNS_STATUS_OK) { verbose(1, "Got bad packet: %s\n", ldns_get_errorstr_by_id(status)); ldns_rdf_deep_free(stop_command); return; } query_rr = ldns_rr_list_rr(ldns_pkt_question(query_pkt), 0); verbose(1, "query %d: id %d: %s %d bytes: ", ++(*count), (int)ldns_pkt_id(query_pkt), (transport==transport_tcp)?"TCP":"UDP", (int)inlen); if(verbose_out) ldns_rr_print(verbose_out, query_rr); if(verbose_out) ldns_pkt_print(verbose_out, query_pkt); if (ldns_rr_get_type(query_rr) == LDNS_RR_TYPE_TXT && ldns_rr_get_class(query_rr) == LDNS_RR_CLASS_CH && ldns_dname_compare(ldns_rr_owner(query_rr), stop_command) == 0) { exit(0); } /* fill up answer packet */ entry = find_match(entries, query_pkt, transport); if(!entry || !entry->reply_list) { verbose(1, "no answer packet for this query, no reply.\n"); ldns_pkt_free(query_pkt); ldns_rdf_deep_free(stop_command); return; } for(p = entry->reply_list; p; p = p->next) { verbose(3, "Answer pkt:\n"); if (p->reply_from_hex) { /* try to parse the hex packet, if it can be * parsed, we can use adjust rules. if not, * send packet literally */ status = ldns_buffer2pkt_wire(&answer_pkt, p->reply_from_hex); if (status == LDNS_STATUS_OK) { adjust_packet(entry, answer_pkt, query_pkt); if(verbose_out) ldns_pkt_print(verbose_out, answer_pkt); status = ldns_pkt2wire(&outbuf, answer_pkt, &answer_size); verbose(2, "Answer packet size: %u bytes.\n", (unsigned int)answer_size); if (status != LDNS_STATUS_OK) { verbose(1, "Error creating answer: %s\n", ldns_get_errorstr_by_id(status)); ldns_pkt_free(query_pkt); ldns_rdf_deep_free(stop_command); return; } ldns_pkt_free(answer_pkt); answer_pkt = NULL; } else { verbose(3, "Could not parse hex data (%s), sending hex data directly.\n", ldns_get_errorstr_by_id(status)); /* still try to adjust ID */ answer_size = ldns_buffer_capacity(p->reply_from_hex); outbuf = LDNS_XMALLOC(uint8_t, answer_size); memcpy(outbuf, ldns_buffer_begin(p->reply_from_hex), answer_size); if(entry->copy_id) { ldns_write_uint16(outbuf, ldns_pkt_id(query_pkt)); } } } else { answer_pkt = ldns_pkt_clone(p->reply); adjust_packet(entry, answer_pkt, query_pkt); if(verbose_out) ldns_pkt_print(verbose_out, answer_pkt); status = ldns_pkt2wire(&outbuf, answer_pkt, &answer_size); verbose(1, "Answer packet size: %u bytes.\n", (unsigned int)answer_size); if (status != LDNS_STATUS_OK) { verbose(1, "Error creating answer: %s\n", ldns_get_errorstr_by_id(status)); ldns_pkt_free(query_pkt); ldns_rdf_deep_free(stop_command); return; } ldns_pkt_free(answer_pkt); answer_pkt = NULL; } if(p->packet_sleep) { verbose(3, "sleeping for next packet %d secs\n", p->packet_sleep); #ifdef HAVE_SLEEP sleep(p->packet_sleep); #else Sleep(p->packet_sleep * 1000); #endif verbose(3, "wakeup for next packet " "(slept %d secs)\n", p->packet_sleep); } sendfunc(outbuf, answer_size, userdata); LDNS_FREE(outbuf); outbuf = NULL; answer_size = 0; } ldns_pkt_free(query_pkt); ldns_rdf_deep_free(stop_command); } /** delete the list of reply packets */ static void delete_replylist(struct reply_packet* replist) { struct reply_packet *p=replist, *np; while(p) { np = p->next; ldns_pkt_free(p->reply); ldns_buffer_free(p->reply_from_hex); free(p); p=np; } } void delete_entry(struct entry* list) { struct entry *p=list, *np; while(p) { np = p->next; delete_replylist(p->reply_list); free(p); p = np; } } ldns-1.9.0/examples/ldns-key2ds.c0000664000175000017500000001131015114326257016152 0ustar willemwillem/* * key2ds transforms a public key into its DS * It (currently) prints out the public key * * (c) NLnet Labs, 2005 - 2008 * See the file LICENSE for the license */ #include "config.h" #include #include static void usage(FILE *fp, char *prog) { fprintf(fp, "%s [-fn] [-1|-2] keyfile\n", prog); fprintf(fp, " Generate a DS RR from the DNSKEYS in keyfile\n"); fprintf(fp, " The following file will be created: "); fprintf(fp, "K++.ds\n"); fprintf(fp, " The base name (K++ will be printed to stdout\n"); fprintf(fp, "Options:\n"); fprintf(fp, " -f: ignore SEP flag (i.e. make DS records for any key)\n"); fprintf(fp, " -n: do not write DS records to file(s) but to stdout\n"); fprintf(fp, " (default) use similar hash to the key algorithm.\n"); fprintf(fp, " -1: use SHA1 for the DS hash\n"); fprintf(fp, " -2: use SHA256 for the DS hash\n"); #ifdef USE_GOST fprintf(fp, " -g: use GOST for the DS hash\n"); #endif #ifdef USE_ECDSA fprintf(fp, " -4: use SHA384 for the DS hash\n"); #endif } static int is_suitable_dnskey(ldns_rr *rr, int sep_only) { if (!rr || ldns_rr_get_type(rr) != LDNS_RR_TYPE_DNSKEY) { return 0; } return !sep_only || (ldns_rdf2native_int16(ldns_rr_dnskey_flags(rr)) & LDNS_KEY_SEP_KEY); } static ldns_hash suitable_hash(ldns_signing_algorithm algorithm) { switch (algorithm) { case LDNS_SIGN_RSASHA256: case LDNS_SIGN_RSASHA512: return LDNS_SHA256; case LDNS_SIGN_ECC_GOST: #ifdef USE_GOST return LDNS_HASH_GOST; #else return LDNS_SHA256; #endif #ifdef USE_ECDSA case LDNS_SIGN_ECDSAP256SHA256: return LDNS_SHA256; case LDNS_SIGN_ECDSAP384SHA384: return LDNS_SHA384; #endif #ifdef USE_ED25519 case LDNS_SIGN_ED25519: return LDNS_SHA256; #endif #ifdef USE_ED448 case LDNS_SIGN_ED448: return LDNS_SHA256; #endif default: break; } return LDNS_SHA1; } int main(int argc, char *argv[]) { FILE *keyfp, *dsfp; char *keyname; char *dsname; char *owner; ldns_rr *k, *ds; ldns_signing_algorithm alg; ldns_hash h; int similar_hash=1; char *program = argv[0]; int nofile = 0; ldns_rdf *origin = NULL; ldns_status result = LDNS_STATUS_OK; int sep_only = 1; h = LDNS_SHA1; argv++, argc--; while (argc && argv[0][0] == '-') { if (strcmp(argv[0], "-1") == 0) { h = LDNS_SHA1; similar_hash = 0; } if (strcmp(argv[0], "-2") == 0) { h = LDNS_SHA256; similar_hash = 0; } #ifdef USE_GOST if (strcmp(argv[0], "-g") == 0) { if(!ldns_key_EVP_load_gost_id()) { fprintf(stderr, "error: libcrypto does not provide GOST\n"); exit(EXIT_FAILURE); } h = LDNS_HASH_GOST; similar_hash = 0; } #endif #ifdef USE_ECDSA if (strcmp(argv[0], "-4") == 0) { h = LDNS_SHA384; similar_hash = 0; } #endif if (strcmp(argv[0], "-f") == 0) { sep_only = 0; } if (strcmp(argv[0], "-n") == 0) { nofile=1; } argv++, argc--; } if (argc != 1) { usage(stderr, program); exit(EXIT_FAILURE); } keyname = strdup(argv[0]); keyfp = fopen(keyname, "r"); if (!keyfp) { fprintf(stderr, "Failed to open public key file %s: %s\n", keyname, strerror(errno)); exit(EXIT_FAILURE); } while (result == LDNS_STATUS_OK) { result = ldns_rr_new_frm_fp(&k, keyfp, 0, &origin, NULL); while (result == LDNS_STATUS_SYNTAX_ORIGIN || result == LDNS_STATUS_SYNTAX_TTL || (result == LDNS_STATUS_OK && !is_suitable_dnskey(k, sep_only)) ) { if (result == LDNS_STATUS_OK) { ldns_rr_free(k); } result = ldns_rr_new_frm_fp(&k, keyfp, 0, &origin, NULL); } if (result == LDNS_STATUS_SYNTAX_EMPTY) { /* we're done */ break; } if (result != LDNS_STATUS_OK) { fprintf(stderr, "Could not read public key from file %s: %s\n", keyname, ldns_get_errorstr_by_id(result)); exit(EXIT_FAILURE); } owner = ldns_rdf2str(ldns_rr_owner(k)); alg = ldns_rdf2native_int8(ldns_rr_dnskey_algorithm(k)); if(similar_hash) h = suitable_hash(alg); ds = ldns_key_rr2ds(k, h); if (!ds) { fprintf(stderr, "Conversion to a DS RR failed\n"); ldns_rr_free(k); free(owner); exit(EXIT_FAILURE); } /* print the public key RR to .key */ dsname = LDNS_XMALLOC(char, strlen(owner) + 16); snprintf(dsname, strlen(owner) + 15, "K%s+%03u+%05u.ds", owner, alg, (unsigned int) ldns_calc_keytag(k)); if (nofile) ldns_rr_print(stdout,ds); else { dsfp = fopen(dsname, "w"); if (!dsfp) { fprintf(stderr, "Unable to open %s: %s\n", dsname, strerror(errno)); exit(EXIT_FAILURE); } else { ldns_rr_print(dsfp, ds); fclose(dsfp); fprintf(stdout, "K%s+%03u+%05u\n", owner, alg, (unsigned int) ldns_calc_keytag(k)); } } ldns_rr_free(ds); ldns_rr_free(k); free(owner); LDNS_FREE(dsname); } fclose(keyfp); free(keyname); exit(EXIT_SUCCESS); } ldns-1.9.0/examples/ldns-testns.10000664000175000017500000000752515114326257016224 0ustar willemwillem.TH ldns-testns 1 "14 Dec 2006" .SH NAME ldns-testns \- simple fake nameserver tool .SH SYNOPSIS .B ldns-testns [ .IR OPTION ] .IR datafile .SH DESCRIPTION \fBldns-testns\fR can be used to provide answers to DNS queries for testing. The answers are premade, and can be tailored to testing needs. The answers can be wildly invalid or unparsable. This program is a debugging aid. It is not efficient, especially with a long config file, but it can give any reply to any query. This can help the developer pre-script replies for queries. It listens to IP4 UDP and TCP by default. You can specify a packet RR by RR with header flags to return. ldns-testns is not meant for production use. .SH OPTIONS .TP \fB-r\fR Listens to a random port. The port number is printed to stdout. .TP \fB-p\fR \fIport\fR Listens to the specified port. .TP \fB-f\fR \fInum\fR Forks this number of additional instances that serve the same ports and same datafile. They do not exit; printed is 'forked pid: ' and you have to kill them yourself. .TP \fB-v\fR Outputs more debug information. It is possible to give this option multiple times to increase verbosity level. .TP \fB-6\fR Bind to IP6 address instead of IP4. Use together with -p. .TP \fBdatafile\fR The data file is read on start up. It contains queries and the packets that should be sent in answer to those queries. The data file format is explained below. .SH DATA FILE FORMAT The data file format has ';' to denote comment. A number of entries are processed first to last. The first matching entry is used to answer the query with. This is a line based format. DNS resource records are entered in zone-file format. You can use $ORIGIN and $TTL directives. Zone file '(' and ')' to span multiple lines are not allowed. $ORIGIN origin $TTL default_ttl ENTRY_BEGIN ; first give MATCH lines, that say what queries are matched ; by this entry. ; 'opcode' makes the query match the opcode from the reply ; if you leave it out, any opcode matches this entry. ; 'qtype' makes the query match the qtype from the reply ; 'qname' makes the query match the qname from the reply ; 'serial=1023' makes the query match if ixfr serial is 1023. MATCH [opcode] [qtype] [qname] [serial=] MATCH [UDP|TCP] MATCH ... ; Then the REPLY header is specified. REPLY opcode, rcode or flags. (opcode) QUERY IQUERY STATUS NOTIFY UPDATE (rcode) NOERROR FORMERR SERVFAIL NXDOMAIN NOTIMPL YXDOMAIN YXRRSET NXRRSET NOTAUTH NOTZONE (flags) QR AA TC RD CD RA AD REPLY ... ; any additional actions to do. ADJUST copy_id ; 'copy_id' copies the ID from the query to the answer. ; 'sleep=10' sleeps for 10 seconds before giving the answer (TCP is open) ADJUST [sleep=] ; sleep before giving any reply ADJUST [packet_sleep=] ; sleep before this packet in sequence SECTION QUESTION ; the RRcount is determined automatically. SECTION ANSWER SECTION AUTHORITY SECTION ADDITIONAL HEX_EDNSDATA_BEGIN HEX_EDNSDATA_END EXTRA_PACKET ; follow with SECTION, REPLY for more packets. HEX_ANSWER_BEGIN ; follow with hex data ; this replaces any answer packet constructed ; with the SECTION keywords (only SECTION QUERY ; is used to match queries). If the data cannot ; be parsed, ADJUST rules for the answer packet ; are ignored HEX_ANSWER_END ENTRY_END .SH AUTHOR Written by the ldns team as an example for ldns usage, and for testing purposes. .SH REPORTING BUGS Report bugs to . .SH COPYRIGHT Copyright (C) 2006-2008 NLnet Labs. This is free software. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. ldns-1.9.0/examples/ldns-nsec3-hash.c0000664000175000017500000000625515114326257016721 0ustar willemwillem/* * ldns-signzone signs a zone file * * (c) NLnet Labs, 2005 - 2008 * See the file LICENSE for the license */ #include "config.h" #include #include #include #include #include #include #ifdef HAVE_SSL #include #endif /* HAVE_SSL */ #define MAX_FILENAME_LEN 250 int verbosity = 1; static void usage(FILE *fp, const char *prog) { fprintf(fp, "%s [OPTIONS] \n", prog); fprintf(fp, " prints the NSEC3 hash of the given domain name\n"); fprintf(fp, "-a [algorithm] hashing algorithm\n"); fprintf(fp, "-t [number] number of hash iterations\n"); fprintf(fp, "-s [string] salt\n"); } int main(int argc, char *argv[]) { ldns_rdf *dname, *hashed_dname; uint8_t nsec3_algorithm = 1; size_t nsec3_iterations_cmd = 1; uint16_t nsec3_iterations = 1; uint8_t nsec3_salt_length = 0; uint8_t *nsec3_salt = NULL; char *prog = strdup(argv[0]); int c; while ((c = getopt(argc, argv, "a:s:t:")) != -1) { switch (c) { case 'a': nsec3_algorithm = (uint8_t) atoi(optarg); break; case 's': if (strlen(optarg) % 2 != 0) { fprintf(stderr, "Salt value is not valid hex data, not a multiple of 2 characters\n"); exit(EXIT_FAILURE); } if (strlen(optarg) > 512) { fprintf(stderr, "Salt too long\n"); exit(EXIT_FAILURE); } if (nsec3_salt) LDNS_FREE(nsec3_salt); nsec3_salt_length = (uint8_t) (strlen(optarg) / 2); nsec3_salt = LDNS_XMALLOC(uint8_t, nsec3_salt_length); for (c = 0; c < (int) strlen(optarg); c += 2) { if (isxdigit((int) optarg[c]) && isxdigit((int) optarg[c+1])) { nsec3_salt[c/2] = (uint8_t) ldns_hexdigit_to_int(optarg[c]) * 16 + ldns_hexdigit_to_int(optarg[c+1]); } else { fprintf(stderr, "Salt value is not valid hex data.\n"); exit(EXIT_FAILURE); } } break; case 't': nsec3_iterations_cmd = (size_t) atol(optarg); if (nsec3_iterations_cmd > LDNS_NSEC3_MAX_ITERATIONS) { fprintf(stderr, "Iterations count can not exceed %u, quitting\n", LDNS_NSEC3_MAX_ITERATIONS); exit(EXIT_FAILURE); } nsec3_iterations = (uint16_t) nsec3_iterations_cmd; break; default: usage(stderr, prog); exit(EXIT_SUCCESS); } } argc -= optind; argv += optind; if (argc < 1) { printf("Error: not enough arguments\n"); usage(stdout, prog); exit(EXIT_FAILURE); } else { dname = ldns_dname_new_frm_str(argv[0]); if (!dname) { free(prog); if (nsec3_salt) free(nsec3_salt); fprintf(stderr, "Error: unable to parse domain name\n"); return EXIT_FAILURE; } hashed_dname = ldns_nsec3_hash_name(dname, nsec3_algorithm, nsec3_iterations, nsec3_salt_length, nsec3_salt); if (!hashed_dname) { free(prog); if (nsec3_salt) free(nsec3_salt); fprintf(stderr, "Error creating NSEC3 hash\n"); return EXIT_FAILURE; } ldns_rdf_print(stdout, hashed_dname); printf("\n"); ldns_rdf_deep_free(dname); ldns_rdf_deep_free(hashed_dname); } if (nsec3_salt) { free(nsec3_salt); } free(prog); return EXIT_SUCCESS; } ldns-1.9.0/examples/ldns-dane.1.in0000664000175000017500000001061015114326257016205 0ustar willemwillem.TH ldns-dane 1 "17 September 2012" .SH NAME ldns-dane \- verify or create TLS authentication with DANE (RFC6698) .SH SYNOPSIS .PD 0 .B ldns-dane .IR [OPTIONS] .IR verify .IR name .IR port .PP .B ldns-dane .IR [OPTIONS] .IR -t .IR tlsafile .IR verify .B ldns-dane .IR [OPTIONS] .IR create .IR name .IR port .PP [ .IR Certificate-usage [ .IR Selector [ .IR Matching-type ] ] ] .B ldns-dane .IR -h .PP .B ldns-dane .IR -v .PD 1 .SH DESCRIPTION In the first form: A TLS connection to \fIname\fR:\fIport\fR is established. The TLSA resource record(s) for \fIname\fR are used to authenticate the connection. In the second form: The TLSA record(s) are read from \fItlsafile\fR and used to authenticate the TLS service they reference. In the third form: A TLS connection to \fIname\fR:\fIport\fR is established and used to create the TLSA resource record(s) that would authenticate the connection. The parameters for TLSA rr creation are: .PD 0 .I Certificate-usage\fR: .RS .IP "0 | PKIX-TA" CA constraint .IP "1 | PKIX-EE" Service certificate constraint .IP "2 | DANE-TA" Trust anchor assertion .IP "3 | DANE-EE" Domain-issued certificate (default) .RE .I Selector\fR: .RS .IP "0 | Cert" Full certificate .IP "1 | SPKI" SubjectPublicKeyInfo (default) .RE .I Matching-type\fR: .RS .IP "0 | Full" No hash used .IP "1 | SHA2-256" SHA-256 (default) .IP "2 | SHA2-512" SHA-512 .RE .PD 1 .SH OPTIONS .IP -4 TLS connect IPv4 only .IP -6 TLS connect IPv6 only .IP "-a \fIaddress\fR" Don't try to resolve \fIname\fR, but connect to \fIaddress\fR instead. This option may be given more than once. .IP -b print "\fIname\fR\. TYPE52 \\# \fIsize\fR \fIhexdata\fR" form instead of TLSA presentation format. .IP "-c \fIcertfile\fR" Do not TLS connect to \fIname\fR:\fIport\fR, but authenticate (or make TLSA records) for the certificate (chain) in \fIcertfile\fR instead. .IP -d Assume DNSSEC validity even when the TLSA records were acquired insecure or were bogus. .IP "-f \fICAfile\fR" Use CAfile to validate. @DEFAULT_CAFILE@ .IP -h Print short usage help .IP -i Interact after connecting. .IP "-k \fIkeyfile\fR" Specify a file that contains a trusted DNSKEY or DS rr. Key(s) are used when chasing signatures (i.e. \fI-S\fR is given). This option may be given more than once. Alternatively, if \fB-k\fR is not specified, and a default trust anchor (@LDNS_TRUST_ANCHOR_FILE@) exists and contains a valid DNSKEY or DS record, it will be used as the trust anchor. .IP -n Do \fBnot\fR verify server name in certificate. .IP "-o \fIoffset\fR" When creating a "Trust anchor assertion" TLSA resource record, select the \fIoffset\fRth certificate offset from the end of the validation chain. 0 means the last certificate, 1 the one but last, 2 the second but last, etc. When \fIoffset\fR is \-1 (the default), the last certificate is used (like with 0) that MUST be self-signed. This can help to make sure that the intended (self signed) trust anchor is actually present in the server certificate chain (which is a DANE requirement). .IP "-p \fICApath\fR" Use certificates in the \fICApath\fR directory to validate. @DEFAULT_CAPATH@ .IP -s When creating TLSA resource records with the "CA Constraint" and the "Service Certificate Constraint" certificate usage, do not validate and assume PKIX is valid. For "CA Constraint" this means that verification should end with a self-signed certificate. .IP -S Chase signature(s) to a known key. Without this option, the local network is trusted to provide a DNSSEC resolver (i.e. AD bit is checked). .IP "-t \fItlsafile\fR" Read TLSA record(s) from \fItlsafile\fR. When \fIname\fR and \fIport\fR are also given, only TLSA records that match the \fIname\fR, \fIport\fR and \fItransport\fR are used. Otherwise the owner name of the TLSA record(s) will be used to determine \fIname\fR, \fIport\fR and \fItransport\fR. .IP -T Return exit status 2 for PKIX validated connections without (secure) TLSA records(s) .IP -u Use UDP transport instead of TCP. .IP -v Show version and exit. .SH "FILES" .TP @LDNS_TRUST_ANCHOR_FILE@ The file from which trusted keys are loaded for signature chasing, when no \fB-k\fR option is given. .SH "SEE ALSO" .LP unbound-anchor(8) .SH AUTHOR Written by the ldns team as an example for ldns usage. .SH REPORTING BUGS Report bugs to . .SH COPYRIGHT Copyright (C) 2012 NLnet Labs. This is free software. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. ldns-1.9.0/examples/ldns-keygen.c0000664000175000017500000002737315114326257016253 0ustar willemwillem/* * keygen is a small programs that generate a dnskey and private key * for a particular domain. * * (c) NLnet Labs, 2005 - 2008 * See the file LICENSE for the license */ #include "config.h" #include #include #include #include #include #include #ifdef HAVE_SSL static void usage(FILE *fp, char *prog) { fprintf(fp, "%s -a [-b bits] [-r /dev/random] [-s] [-f] [-v] domain\n", prog); fprintf(fp, " generate a new key pair for domain\n"); fprintf(fp, " -a \tuse the specified algorithm (-a list to"); fprintf(fp, " show a list)\n"); fprintf(fp, " -k\t\tset the flags to 257; key signing key\n"); fprintf(fp, " -b \tspecify the keylength\n"); fprintf(fp, " -r \tspecify a random device (defaults to /dev/random)\n"); fprintf(fp, "\t\tto seed the random generator with\n"); fprintf(fp, " -s\t\tcreate additional symlinks with constant names\n"); fprintf(fp, " -f\t\tforce override of existing symlinks\n"); fprintf(fp, " -v\t\tshow the version and exit\n"); fprintf(fp, " The following files will be created:\n"); fprintf(fp, " K++.key\tPublic key in RR format\n"); fprintf(fp, " K++.private\tPrivate key in key format\n"); fprintf(fp, " K++.ds\tDS in RR format (only for DNSSEC KSK keys)\n"); fprintf(fp, " The base name (K++ will be printed to stdout\n"); } static void show_algorithms(FILE *out) { ldns_lookup_table *lt = ldns_signing_algorithms; fprintf(out, "Possible algorithms:\n"); while (lt->name) { fprintf(out, "%s\n", lt->name); lt++; } } static int remove_symlink(const char *symlink_name) { int result; if ((result = unlink(symlink_name)) == -1) { if (errno == ENOENT) { /* it's OK if the link simply didn't exist */ result = 0; } else { /* error if unlink fail */ fprintf(stderr, "Can't delete symlink %s: %s\n", symlink_name, strerror(errno)); } } return result; } static int create_symlink(const char *symlink_destination, const char *symlink_name) { int result = 0; if (!symlink_name) return result; /* no arg "-s" at all */ #ifdef HAVE_SYMLINK if ((result = symlink(symlink_destination, symlink_name)) == -1) { fprintf(stderr, "Unable to create symlink %s -> %s: %s\n", symlink_name, symlink_destination, strerror(errno)); } #else fprintf(stderr, "Unable to create symlink %s -> %s: no symlink()\n", symlink_name, symlink_destination); #endif return result; } int main(int argc, char *argv[]) { int c; int fd; char *prog; /* default key size */ uint16_t def_bits = 1024; uint16_t bits = def_bits; bool had_bits = false; bool ksk; FILE *file; FILE *random; char *filename; char *owner; bool symlink_create; bool symlink_override; ldns_signing_algorithm algorithm; ldns_rdf *domain; ldns_rr *pubkey; ldns_key *key; ldns_rr *ds; prog = strdup(argv[0]); algorithm = 0; random = NULL; ksk = false; /* don't create a ksk per default */ symlink_create = false; symlink_override = false; while ((c = getopt(argc, argv, "a:kb:r:sfv")) != -1) { switch (c) { case 'a': if (algorithm != 0) { fprintf(stderr, "The -a argument can only be used once\n"); exit(1); } if (strncmp(optarg, "list", 5) == 0) { show_algorithms(stdout); exit(EXIT_SUCCESS); } algorithm = ldns_get_signing_algorithm_by_name(optarg); if (algorithm == 0) { fprintf(stderr, "Algorithm %s not found\n", optarg); show_algorithms(stderr); exit(EXIT_FAILURE); } break; case 'b': bits = (uint16_t) atoi(optarg); if (bits == 0) { fprintf(stderr, "%s: %s %d", prog, "Can not parse the -b argument, setting it to the default\n", (int) def_bits); bits = def_bits; } else had_bits = true; break; case 'k': ksk = true; break; case 'r': random = fopen(optarg, "r"); if (!random) { fprintf(stderr, "Cannot open random file %s: %s\n", optarg, strerror(errno)); exit(EXIT_FAILURE); } break; case 's': symlink_create = true; break; case 'f': symlink_override = true; break; case 'v': printf("DNSSEC key generator version %s (ldns version %s)\n", LDNS_VERSION, ldns_version()); exit(EXIT_SUCCESS); break; default: usage(stderr, prog); exit(EXIT_FAILURE); } } argc -= optind; argv += optind; if (algorithm == 0) { printf("Please use the -a argument to provide an algorithm\n"); exit(1); } if (argc != 1) { usage(stderr, prog); exit(EXIT_FAILURE); } free(prog); /* check whether key size is within RFC boundaries */ switch (algorithm) { case LDNS_SIGN_RSAMD5: case LDNS_SIGN_RSASHA1: case LDNS_SIGN_RSASHA1_NSEC3: case LDNS_SIGN_RSASHA256: case LDNS_SIGN_RSASHA512: if (bits < 512 || bits > 4096) { fprintf(stderr, "For RSA, the key size must be between "); fprintf(stderr, " 512 and 4096 bits. Aborting.\n"); exit(1); } break; #ifdef USE_DSA case LDNS_SIGN_DSA: case LDNS_SIGN_DSA_NSEC3: if (bits < 512 || bits > 1024) { fprintf(stderr, "For DSA, the key size must be between "); fprintf(stderr, " 512 and 1024 bits. Aborting.\n"); exit(1); } break; #endif /* USE_DSA */ #ifdef USE_GOST case LDNS_SIGN_ECC_GOST: if(!ldns_key_EVP_load_gost_id()) { fprintf(stderr, "error: libcrypto does not provide GOST\n"); exit(EXIT_FAILURE); } break; #endif #ifdef USE_ECDSA case LDNS_SIGN_ECDSAP256SHA256: case LDNS_SIGN_ECDSAP384SHA384: break; #endif case LDNS_SIGN_HMACMD5: if (!had_bits) { bits = 512; } else if (bits < 1 || bits > 512) { fprintf(stderr, "For hmac-md5, the key size must be "); fprintf(stderr, "between 1 and 512 bits. Aborting.\n"); exit(1); } break; case LDNS_SIGN_HMACSHA1: if (!had_bits) { bits = 160; } else if (bits < 1 || bits > 160) { fprintf(stderr, "For hmac-sha1, the key size must be "); fprintf(stderr, "between 1 and 160 bits. Aborting.\n"); exit(1); } break; case LDNS_SIGN_HMACSHA224: if (!had_bits) { bits = 224; } else if (bits < 1 || bits > 224) { fprintf(stderr, "For hmac-sha224, the key size must be "); fprintf(stderr, "between 1 and 224 bits. Aborting.\n"); exit(1); } break; case LDNS_SIGN_HMACSHA256: if (!had_bits) { bits = 256; } else if (bits < 1 || bits > 256) { fprintf(stderr, "For hmac-sha256, the key size must be "); fprintf(stderr, "between 1 and 256 bits. Aborting.\n"); exit(1); } break; case LDNS_SIGN_HMACSHA384: if (!had_bits) { bits = 384; } else if (bits < 1 || bits > 384) { fprintf(stderr, "For hmac-sha384, the key size must be "); fprintf(stderr, "between 1 and 384 bits. Aborting.\n"); exit(1); } break; case LDNS_SIGN_HMACSHA512: if (!had_bits) { bits = 512; } else if (bits < 1 || bits > 512) { fprintf(stderr, "For hmac-sha512, the key size must be "); fprintf(stderr, "between 1 and 512 bits. Aborting.\n"); exit(1); } break; default: break; } if (!random) { random = fopen("/dev/random", "r"); if (!random) { fprintf(stderr, "Cannot open random file %s: %s\n", optarg, strerror(errno)); exit(EXIT_FAILURE); } } (void)ldns_init_random(random, (unsigned int) bits/8); fclose(random); /* create an rdf from the domain name */ domain = ldns_dname_new_frm_str(argv[0]); /* generate a new key */ key = ldns_key_new_frm_algorithm(algorithm, bits); if(!key) { fprintf(stderr, "cannot generate key of algorithm %s\n", ldns_pkt_algorithm2str((ldns_algorithm)algorithm)); exit(EXIT_FAILURE); } /* set the owner name in the key - this is a /separate/ step */ ldns_key_set_pubkey_owner(key, domain); /* ksk flag */ if (ksk) { ldns_key_set_flags(key, ldns_key_flags(key) + 1); } /* create the public from the ldns_key */ pubkey = ldns_key2rr(key); if (!pubkey) { fprintf(stderr, "Could not extract the public key from the key structure..."); ldns_key_deep_free(key); exit(EXIT_FAILURE); } owner = ldns_rdf2str(ldns_rr_owner(pubkey)); /* calculate and set the keytag */ ldns_key_set_keytag(key, ldns_calc_keytag(pubkey)); /* build the DS record */ switch (algorithm) { #ifdef USE_ECDSA case LDNS_SIGN_ECDSAP384SHA384: ds = ldns_key_rr2ds(pubkey, LDNS_SHA384); break; case LDNS_SIGN_ECDSAP256SHA256: #endif #ifdef USE_ED25519 case LDNS_SIGN_ED25519: #endif #ifdef USE_ED448 case LDNS_SIGN_ED448: #endif case LDNS_SIGN_RSASHA256: case LDNS_SIGN_RSASHA512: ds = ldns_key_rr2ds(pubkey, LDNS_SHA256); break; case LDNS_SIGN_ECC_GOST: #ifdef USE_GOST ds = ldns_key_rr2ds(pubkey, LDNS_HASH_GOST); #else ds = ldns_key_rr2ds(pubkey, LDNS_SHA256); #endif break; default: ds = ldns_key_rr2ds(pubkey, LDNS_SHA1); break; } /* maybe a symlinks should be removed */ if (symlink_create && symlink_override) { if (remove_symlink(".key") != 0) { exit(EXIT_FAILURE); } if (remove_symlink(".private") != 0) { exit(EXIT_FAILURE); } if (remove_symlink(".ds") != 0) { exit(EXIT_FAILURE); } } /* print the public key RR to .key */ filename = LDNS_XMALLOC(char, strlen(owner) + 17); snprintf(filename, strlen(owner) + 16, "K%s+%03u+%05u.key", owner, algorithm, (unsigned int) ldns_key_keytag(key)); file = fopen(filename, "w"); if (!file) { fprintf(stderr, "Unable to open %s: %s\n", filename, strerror(errno)); ldns_key_deep_free(key); free(owner); ldns_rr_free(pubkey); ldns_rr_free(ds); LDNS_FREE(filename); exit(EXIT_FAILURE); } else { /* temporarily set question so that TTL is not printed */ ldns_rr_set_question(pubkey, true); ldns_rr_print(file, pubkey); ldns_rr_set_question(pubkey, false); fclose(file); if (symlink_create) { if (create_symlink(filename, ".key") != 0) { goto silentfail; } } LDNS_FREE(filename); } /* print the priv key to stderr */ filename = LDNS_XMALLOC(char, strlen(owner) + 21); snprintf(filename, strlen(owner) + 20, "K%s+%03u+%05u.private", owner, algorithm, (unsigned int) ldns_key_keytag(key)); /* use open() here to prevent creating world-readable private keys (CVE-2014-3209)*/ fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR); if (fd < 0) { goto fail; } file = fdopen(fd, "w"); if (!file) { goto fail; } ldns_key_print(file, key); fclose(file); if (symlink_create) { if (create_symlink(filename, ".private") != 0) { goto silentfail; } } LDNS_FREE(filename); /* print the DS to .ds */ if (ksk && algorithm != LDNS_SIGN_HMACMD5 && algorithm != LDNS_SIGN_HMACSHA1 && algorithm != LDNS_SIGN_HMACSHA224 && algorithm != LDNS_SIGN_HMACSHA256 && algorithm != LDNS_SIGN_HMACSHA384 && algorithm != LDNS_SIGN_HMACSHA512) { filename = LDNS_XMALLOC(char, strlen(owner) + 16); snprintf(filename, strlen(owner) + 15, "K%s+%03u+%05u.ds", owner, algorithm, (unsigned int) ldns_key_keytag(key)); file = fopen(filename, "w"); if (!file) { fprintf(stderr, "Unable to open %s: %s\n", filename, strerror(errno)); ldns_key_deep_free(key); free(owner); ldns_rr_free(pubkey); ldns_rr_free(ds); LDNS_FREE(filename); exit(EXIT_FAILURE); } else { /* temporarily set question so that TTL is not printed */ ldns_rr_set_question(ds, true); ldns_rr_print(file, ds); ldns_rr_set_question(ds, false); fclose(file); if (symlink_create) { if (create_symlink(filename, ".ds") != 0) { goto silentfail; } } LDNS_FREE(filename); } } fprintf(stdout, "K%s+%03u+%05u\n", owner, algorithm, (unsigned int) ldns_key_keytag(key)); ldns_key_deep_free(key); free(owner); ldns_rr_free(pubkey); ldns_rr_free(ds); exit(EXIT_SUCCESS); fail: fprintf(stderr, "Unable to open %s: %s\n", filename, strerror(errno)); silentfail: ldns_key_deep_free(key); free(owner); ldns_rr_free(pubkey); ldns_rr_free(ds); LDNS_FREE(filename); exit(EXIT_FAILURE); } #else int main(int argc, char **argv) { fprintf(stderr, "ldns-keygen needs OpenSSL support, which has not been compiled in\n"); return 1; } #endif /* HAVE_SSL */ ldns-1.9.0/examples/ldns-walk.c0000664000175000017500000004342415114326257015722 0ustar willemwillem/* * ldns-walk uses educated guesses and NSEC data to retrieve the * contents of a dnssec signed zone * * (c) NLnet Labs, 2005 - 2008 * See the file LICENSE for the license */ #include "config.h" #include int verbosity = 0; static int usage(FILE *fp, char *prog) { fprintf(fp, "%s [options] domain\n", prog); fprintf(fp, " print out the owner names for domain and the record types for those names\n"); fprintf(fp, "OPTIONS:\n"); fprintf(fp, "-4\t\tonly use IPv4\n"); fprintf(fp, "-6\t\tonly use IPv6\n"); fprintf(fp, "-f\t\tfull; get all rrsets instead of only a list of names and types\n"); fprintf(fp, "-s \t\tStart from this name\n"); fprintf(fp, "-v \t\tVerbosity level [1-5]\n"); fprintf(fp, "-version\tShow version and exit\n"); fprintf(fp, "@\t\tUse this nameserver\n"); return 0; } static ldns_rdf * create_dname_plus_1(ldns_rdf *dname) { uint8_t *wire; ldns_rdf *newdname; uint8_t labellen; size_t pos; ldns_status status; size_t i; ldns_dname2canonical(dname); labellen = ldns_rdf_data(dname)[0]; if (verbosity >= 3) { printf("Create +e for "); ldns_rdf_print(stdout, dname); printf("\n"); } if (labellen < 63) { wire = malloc(ldns_rdf_size(dname) + 1); if (!wire) { fprintf(stderr, "Malloc error: out of memory?\n"); exit(127); } wire[0] = labellen + 1; memcpy(&wire[1], ldns_rdf_data(dname) + 1, labellen); memcpy(&wire[labellen+1], ldns_rdf_data(dname) + labellen, ldns_rdf_size(dname) - labellen); wire[labellen+1] = (uint8_t) '\000'; pos = 0; status = ldns_wire2dname(&newdname, wire, ldns_rdf_size(dname) + 1, &pos); free(wire); } else { wire = malloc(ldns_rdf_size(dname)); if (!wire) { fprintf(stderr, "Malloc error: out of memory?\n"); exit(127); } wire[0] = labellen; memcpy(&wire[1], ldns_rdf_data(dname) + 1, labellen); memcpy(&wire[labellen], ldns_rdf_data(dname) + labellen, ldns_rdf_size(dname) - labellen); i = labellen; while (wire[i] == 255) { if (i == 0) { printf("Error, don't know how to add 1 to a label with maximum length and all values on 255\n"); exit(9); } else { i--; } } wire[i] = wire[i] + 1; pos = 0; status = ldns_wire2dname(&newdname, wire, ldns_rdf_size(dname) + 1, &pos); free(wire); } if (verbosity >= 3) { printf("result: "); ldns_rdf_print(stdout, newdname); printf("\n"); } if (status != LDNS_STATUS_OK) { printf("Error: %s\n", ldns_get_errorstr_by_id(status)); exit(10); } return newdname; } static ldns_rdf * create_plus_1_dname(ldns_rdf *dname) { ldns_rdf *label; ldns_status status; if (verbosity >= 3) { printf("Creating n+e for: "); ldns_rdf_print(stdout, dname); printf("\n"); } ldns_dname2canonical(dname); status = ldns_str2rdf_dname(&label, "\\000"); if (status != LDNS_STATUS_OK) { printf("error creating \\000 dname: %s\n\n", ldns_get_errorstr_by_id(status)); exit(2); } status = ldns_dname_cat(label, dname); if (status != LDNS_STATUS_OK) { printf("error catting \\000 dname: %s\n\n", ldns_get_errorstr_by_id(status)); exit(3); } return label; } static void query_type_bitmaps(ldns_resolver *res, uint16_t res_flags, const ldns_rdf *name, const ldns_rdf *rdf) { /* Note: this code is duplicated in higher.c in * ldns_nsec_type_check() function */ uint8_t window_block_nr; uint8_t bitmap_length; uint16_t type; uint16_t pos = 0; uint16_t bit_pos; uint8_t *data = ldns_rdf_data(rdf); ldns_pkt *answer_pkt; char *errstr; if (verbosity >= 3) { printf("Getting Resource Records covered by NSEC at "); ldns_rdf_print(stdout, name); printf("\n"); } while(pos < ldns_rdf_size(rdf)) { window_block_nr = data[pos]; bitmap_length = data[pos + 1]; pos += 2; for (bit_pos = 0; bit_pos < (bitmap_length) * 8; bit_pos++) { if (ldns_get_bit(&data[pos], bit_pos)) { type = 256 * (uint16_t) window_block_nr + bit_pos; /* skip nsec and rrsig */ if (type != LDNS_RR_TYPE_NSEC && type != LDNS_RR_TYPE_RRSIG) { if (verbosity >= 3) { printf("querying for:\n"); ldns_rdf_print(stdout, name); printf(" type %u\n", (unsigned int) type); } answer_pkt = ldns_resolver_query(res, name, type, LDNS_RR_CLASS_IN, res_flags); if (answer_pkt) { if (verbosity >= 5) { ldns_pkt_print(stdout, answer_pkt); } /* hmm, this does not give us the right records * when asking for type NS above the delegation * (or, in fact, when the delegated zone is * served by this server either) * do we need to special case NS like NSEC? * or can we fix the query or the answer reading? * ... */ ldns_rr_list_print(stdout, ldns_pkt_answer(answer_pkt)); ldns_pkt_free(answer_pkt); } else { printf("Query error, bailing out\n"); printf("Failed at "); ldns_rdf_print(stdout, name); errstr = ldns_rr_type2str(type); printf(" %s\n", errstr); free(errstr); exit(1); } } } } pos += (uint16_t) bitmap_length; } } int main(int argc, char *argv[]) { ldns_status status; ldns_resolver *res; ldns_rdf *domain = NULL; ldns_pkt *p; ldns_rr *soa; ldns_rr_list *rrlist; ldns_rr_list *rrlist2; ldns_rr_list *nsec_sigs = NULL; ldns_rdf *soa_p1; ldns_rdf *next_dname; ldns_rdf *last_dname; ldns_rdf *last_dname_p; ldns_rdf *startpoint = NULL; ldns_rr *nsec_rr = NULL; const char* arg_domain = NULL; int full = 0; char *serv = NULL; ldns_rdf *serv_rdf; ldns_resolver *cmdline_res; ldns_rr_list *cmdline_rr_list; ldns_rdf *cmdline_dname; uint8_t fam = LDNS_RESOLV_INETANY; int result = 0; int i; char *arg_end_ptr = NULL; size_t j; p = NULL; rrlist = NULL; rrlist2 = NULL; soa = NULL; domain = NULL; if (argc < 2) { usage(stdout, argv[0]); exit(EXIT_FAILURE); } else { for (i = 1; i < argc; i++) { if (strncmp(argv[i], "-4", 3) == 0) { if (fam != LDNS_RESOLV_INETANY) { fprintf(stderr, "You can only specify one of -4 or -6\n"); exit(1); } fam = LDNS_RESOLV_INET; } else if (strncmp(argv[i], "-6", 3) == 0) { if (fam != LDNS_RESOLV_INETANY) { fprintf(stderr, "You can only specify one of -4 or -6\n"); exit(1); } fam = LDNS_RESOLV_INET6; } else if (strncmp(argv[i], "-f", 3) == 0) { full = true; } else if (strncmp(argv[i], "-s", 3) == 0) { if (i + 1 < argc) { if (ldns_str2rdf_dname(&startpoint, argv[i + 1]) != LDNS_STATUS_OK) { printf("Bad start point name: %s\n", argv[i + 1]); exit(1); } } else { printf("Missing argument for -s\n"); exit(1); } i++; } else if (strncmp(argv[i], "-v", 3) == 0) { if (i + 1 < argc) { verbosity = strtol(argv[i+1], &arg_end_ptr, 10); if (*arg_end_ptr != '\0') { printf("Bad argument for -v: %s\n", argv[i+1]); exit(1); } } else { printf("Missing argument for -v\n"); exit(1); } i++; } else if (strcmp("-version", argv[i]) == 0) { printf("dns zone walker, version %s (ldns version %s)\n", LDNS_VERSION, ldns_version()); goto exit; } else { if (argv[i][0] == '@') { if (strlen(argv[i]) == 1) { if (i + 1 < argc) { serv = argv[i + 1]; i++; } else { printf("Missing argument for -s\n"); exit(1); } } else { serv = argv[i] + 1; } } else { if (i < argc) { if (!domain) { /* create a rdf from the command line arg */ arg_domain = argv[i]; domain = ldns_dname_new_frm_str(arg_domain); if (!domain) { usage(stdout, argv[0]); exit(1); } } else { printf("One domain at a time please\n"); exit(1); } } else { printf("No domain given to walk\n"); exit(1); } } } } } if (!domain) { printf("Missing argument\n"); exit(1); } /* create a new resolver from /etc/resolv.conf */ if(!serv) { if (ldns_resolver_new_frm_file(&res, NULL) != LDNS_STATUS_OK) { fprintf(stderr, "%s\n", "Could not create resolver obj."); result = EXIT_FAILURE; goto exit; } } else { res = ldns_resolver_new(); if (!res || strlen(serv) <= 0) { result = EXIT_FAILURE; goto exit; } /* add the nameserver */ serv_rdf = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_A, serv); if (!serv_rdf) { /* maybe ip6 */ serv_rdf = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_AAAA, serv); } if (!serv_rdf) { /* try to resolv the name if possible */ status = ldns_resolver_new_frm_file(&cmdline_res, NULL); if (status != LDNS_STATUS_OK) { fprintf(stderr, "%s\n", "@server ip could not be converted"); result = EXIT_FAILURE; goto exit; } cmdline_dname = ldns_dname_new_frm_str(serv); cmdline_rr_list = ldns_get_rr_list_addr_by_name( cmdline_res, cmdline_dname, LDNS_RR_CLASS_IN, 0); ldns_rdf_deep_free(cmdline_dname); ldns_resolver_deep_free(cmdline_res); if (!cmdline_rr_list) { fprintf(stderr, "%s %s\n", "Could not find any address for the name:", serv); result = EXIT_FAILURE; goto exit; } else { if (ldns_resolver_push_nameserver_rr_list( res, cmdline_rr_list ) != LDNS_STATUS_OK) { fprintf(stderr, "%s\n", "pushing nameserver"); result = EXIT_FAILURE; ldns_rr_list_deep_free(cmdline_rr_list); goto exit; } ldns_rr_list_deep_free(cmdline_rr_list); } } else { if (ldns_resolver_push_nameserver(res, serv_rdf) != LDNS_STATUS_OK) { fprintf(stderr, "%s\n", "pushing nameserver"); result = EXIT_FAILURE; goto exit; } else { ldns_rdf_deep_free(serv_rdf); } } } ldns_resolver_set_dnssec(res, true); ldns_resolver_set_dnssec_cd(res, true); ldns_resolver_set_ip6(res, fam); if (!res) { exit(2); } /* use the resolver to send it a query for the soa * records of the domain given on the command line */ if (verbosity >= 3) { printf("\nQuerying for: "); ldns_rdf_print(stdout, domain); printf("\n"); } p = ldns_resolver_query(res, domain, LDNS_RR_TYPE_SOA, LDNS_RR_CLASS_IN, LDNS_RD); soa = NULL; if (verbosity >= 5) { if (p) { ldns_pkt_print(stdout, p); } else { fprintf(stdout, "No Packet Received from ldns_resolver_query()\n"); } } if (!p) { exit(3); } else { /* retrieve the MX records from the answer section of that * packet */ rrlist = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_SOA, LDNS_SECTION_ANSWER); if (!rrlist || ldns_rr_list_rr_count(rrlist) != 1) { if (rrlist) { printf(" *** > 1 SOA: %u\n", (unsigned int) ldns_rr_list_rr_count(rrlist)); } else { printf(" *** No rrlist...\b"); } /* TODO: conversion memory */ fprintf(stderr, " *** invalid answer name after SOA query for %s\n", arg_domain); ldns_pkt_print(stdout, p); ldns_pkt_free(p); ldns_resolver_deep_free(res); exit(4); } else { soa = ldns_rr_clone(ldns_rr_list_rr(rrlist, 0)); ldns_rr_list_deep_free(rrlist); rrlist = NULL; /* check if zone contains DNSSEC data */ rrlist = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_RRSIG, LDNS_SECTION_ANSWER); if (!rrlist) { printf("No DNSSEC data received; either the zone is not secured or you should query it directly (with @nameserver)\n"); ldns_pkt_free(p); ldns_resolver_deep_free(res); exit(5); } ldns_rr_list_deep_free(rrlist); } } /* add \001 to soa */ status = ldns_str2rdf_dname(&soa_p1, "\\000"); if (status != LDNS_STATUS_OK) { printf("error: %s\n", ldns_get_errorstr_by_id(status)); } if (!soa) { printf("Error getting SOA\n"); exit(1); } if (startpoint) { last_dname = startpoint; last_dname_p = create_dname_plus_1(last_dname); } else { last_dname = ldns_rdf_clone(domain); if (ldns_dname_cat(soa_p1, last_dname) != LDNS_STATUS_OK) { printf("Error concatenating dnames\n"); exit(EXIT_FAILURE); } last_dname_p = ldns_rdf_clone(soa_p1); } if (!full) { ldns_rdf_print(stdout, ldns_rr_owner(soa)); printf("\t"); } next_dname = NULL; while (!next_dname || ldns_rdf_compare(next_dname, domain) != 0) { if (p) { ldns_pkt_free(p); p = NULL; } if (verbosity >= 4) { printf("Querying for: "); ldns_rdf_print(stdout, last_dname_p); printf("\n"); } p = ldns_resolver_query(res, last_dname_p, LDNS_RR_TYPE_DS, LDNS_RR_CLASS_IN, LDNS_RD); if (verbosity >= 5) { if (p) { ldns_pkt_print(stdout, p); } else { fprintf(stdout, "No Packet Received from ldns_resolver_query()\n"); } } if (next_dname) { ldns_rdf_deep_free(next_dname); ldns_rr_free(nsec_rr); next_dname = NULL; nsec_rr = NULL; } if (!p) { fprintf(stderr, "Error trying to resolve: "); ldns_rdf_print(stderr, last_dname_p); fprintf(stderr, "\n"); while (!p) { if (verbosity >= 3) { printf("Querying for: "); ldns_rdf_print(stdout, last_dname_p); printf("\n"); } p = ldns_resolver_query(res, last_dname_p, LDNS_RR_TYPE_DS, LDNS_RR_CLASS_IN, LDNS_RD); /* TODO: make a general option for this (something like ignore_rtt)? */ for (j = 0; j < ldns_resolver_nameserver_count(res); j++) { if (ldns_resolver_nameserver_rtt(res, j) != 0) { ldns_resolver_set_nameserver_rtt(res, j, LDNS_RESOLV_RTT_MIN); } } if (verbosity >= 5) { if (p) { ldns_pkt_print(stdout, p); } else { fprintf(stdout, "No Packet Received from ldns_resolver_query()\n"); } } } } /* if the current name is an empty non-terminal, bind returns * SERVFAIL on the plus1-query... * so requery with only the last dname */ if (ldns_pkt_get_rcode(p) == LDNS_RCODE_SERVFAIL) { ldns_pkt_free(p); p = NULL; if (verbosity >= 3) { printf("Querying for: "); ldns_rdf_print(stdout, last_dname); printf("\n"); } p = ldns_resolver_query(res, last_dname, LDNS_RR_TYPE_DS, LDNS_RR_CLASS_IN, LDNS_RD); if (verbosity >= 5) { if (p) { ldns_pkt_print(stdout, p); } else { fprintf(stdout, "No Packet Received from ldns_resolver_query()\n"); } } if (!p) { exit(51); } rrlist = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_NSEC, LDNS_SECTION_AUTHORITY); rrlist2 = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_NSEC, LDNS_SECTION_ANSWER); } else { rrlist = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_NSEC, LDNS_SECTION_AUTHORITY); rrlist2 = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_NSEC, LDNS_SECTION_ANSWER); } if (rrlist && rrlist2) { ldns_rr_list_cat(rrlist, rrlist2); } else if (rrlist2) { rrlist = rrlist2; } if (!rrlist || ldns_rr_list_rr_count(rrlist) < 1) { if (!rrlist) { fflush(stdout); fprintf(stderr, "Zone does not seem to be DNSSEC secured," " or it uses NSEC3.\n"); fflush(stderr); goto exit; } } else { /* find correct nsec */ next_dname = NULL; for (j = 0; j < ldns_rr_list_rr_count(rrlist); j++) { if (ldns_nsec_covers_name(ldns_rr_list_rr(rrlist, j), last_dname_p)) { if (verbosity >= 3) { printf("The domain name: "); ldns_rdf_print(stdout, last_dname_p); printf("\nis covered by NSEC: "); ldns_rr_print(stdout, ldns_rr_list_rr(rrlist, j)); } next_dname = ldns_rdf_clone(ldns_rr_rdf(ldns_rr_list_rr(rrlist, j), 0)); nsec_rr = ldns_rr_clone(ldns_rr_list_rr(rrlist, j)); nsec_sigs = ldns_dnssec_pkt_get_rrsigs_for_name_and_type(p, ldns_rr_owner(nsec_rr), LDNS_RR_TYPE_NSEC); } else { if (verbosity >= 4) { printf("\n"); ldns_rdf_print(stdout, last_dname_p); printf("\nNOT covered by NSEC: "); ldns_rr_print(stdout, ldns_rr_list_rr(rrlist, j)); printf("\n"); } } } if (!next_dname) { printf("Error no nsec for "); ldns_rdf_print(stdout, last_dname); printf("\n"); exit(1); } ldns_rr_list_deep_free(rrlist); } if (!next_dname) { /* apparently the zone also has prepended data (i.e. a.example and www.a.example, * The www comes after the a but before a\\000, so we need to make another name (\\000.a) */ if (last_dname_p) { ldns_rdf_deep_free(last_dname_p); } last_dname_p = create_plus_1_dname(last_dname); } else { if (last_dname) { if (ldns_rdf_compare(last_dname, next_dname) == 0) { printf("\n\nNext dname is the same as current, this would loop forever. This is a problem that usually occurs when walking through a caching forwarder. Try using the authoritative nameserver to walk (with @nameserver).\n"); exit(2); } ldns_rdf_deep_free(last_dname); } last_dname = ldns_rdf_clone(next_dname); if (last_dname_p) { ldns_rdf_deep_free(last_dname_p); } last_dname_p = create_dname_plus_1(last_dname); if (!full) { ldns_rdf_print(stdout, ldns_rr_owner(nsec_rr)); printf(" "); ldns_rdf_print(stdout, ldns_rr_rdf(nsec_rr, 1)); printf("\n"); } else { /* ok, so now we know all the types present at this name, * query for those one by one (...) */ query_type_bitmaps(res, LDNS_RD, ldns_rr_owner(nsec_rr), ldns_rr_rdf(nsec_rr, 1)); /* print this nsec and its signatures too */ ldns_rr_print(stdout, nsec_rr); if (nsec_sigs) { ldns_rr_list_print(stdout, nsec_sigs); ldns_rr_list_free(nsec_sigs); nsec_sigs = NULL; } } } } ldns_rdf_deep_free(domain); ldns_rdf_deep_free(soa_p1); ldns_rdf_deep_free(last_dname_p); ldns_rdf_deep_free(last_dname); ldns_rdf_deep_free(next_dname); ldns_rr_free(nsec_rr); ldns_pkt_free(p); ldns_rr_free(soa); printf("\n\n"); ldns_resolver_deep_free(res); exit: return result; } ldns-1.9.0/examples/README0000664000175000017500000000024515114326257014534 0ustar willemwillemThese tools are examples of ldns usage. They are not meant for production systems and will not be supported as such. Compilation: autoreconf && ./configure && make ldns-1.9.0/examples/ldns-keyfetcher.c0000664000175000017500000005307415114326257017117 0ustar willemwillem/* * ldns-keyfetcher retrieves the DNSKEYS for a certain domain * It traces the authoritative nameservers down from the root * And uses TCP, to minimize spoofing danger. * * (c) NLnet Labs, 2006 - 2008 * See the file LICENSE for the license */ #include "config.h" #include #include int verbosity = 0; /* 0=use both ip4 and ip6 (default). 1=ip4only. 2=ip6only. */ uint8_t address_family = 0; bool store_in_file = false; static void usage(FILE *fp, char *prog) { fprintf(fp, "%s domain\n", prog); fprintf(fp, " retrieve the dnskeys for a domain\n"); fprintf(fp, "Options:\n"); fprintf(fp, "-4\t\tUse IPv4 only\n"); fprintf(fp, "-6\t\tUse IPv6 only\n"); fprintf(fp, "-h\t\tShow this help\n"); fprintf(fp, "-i\t\tInsecurer mode; don't do checks, just query for the keys\n"); fprintf(fp, "-r \tUse file to read root hints from\n"); fprintf(fp, "-s\t\tDon't print the keys but store them in files\n\t\tcalled K.+.+.key\n"); fprintf(fp, "-v \tVerbosity level (0-5, not verbose-very verbose)\n"); } static ldns_rr_list * retrieve_dnskeys(ldns_resolver *local_res, ldns_rdf *name, ldns_rr_type t, ldns_rr_class c, ldns_rr_list *dns_root) { ldns_resolver *res; ldns_pkt *p; ldns_rr_list *new_nss_a; ldns_rr_list *new_nss_aaaa; ldns_rr_list *new_nss; ldns_rr_list *ns_addr; ldns_rr_list *ns_addr2; uint16_t loop_count; ldns_rdf *pop; ldns_status status; size_t i; size_t nss_i; ldns_rr_list *answer_list = NULL; ldns_rr_list *authority_list = NULL; size_t last_nameserver_count; ldns_rdf **last_nameservers; loop_count = 0; new_nss_a = NULL; new_nss_aaaa = NULL; new_nss = NULL; ns_addr = NULL; ns_addr2 = NULL; p = ldns_pkt_new(); res = ldns_resolver_new(); if (!p || !res) { fprintf(stderr, "Memory allocation failed"); return NULL; } if (verbosity >= 2) { printf("Finding dnskey data for zone: "); ldns_rdf_print(stdout, name); printf("\n\n"); } /* transfer some properties of local_res to res, * because they were given on the command line */ ldns_resolver_set_ip6(res, ldns_resolver_ip6(local_res)); ldns_resolver_set_port(res, ldns_resolver_port(local_res)); ldns_resolver_set_debug(res, ldns_resolver_debug(local_res)); ldns_resolver_set_dnssec(res, ldns_resolver_dnssec(local_res)); ldns_resolver_set_fail(res, ldns_resolver_fail(local_res)); ldns_resolver_set_usevc(res, ldns_resolver_usevc(local_res)); ldns_resolver_set_random(res, ldns_resolver_random(local_res)); ldns_resolver_set_recursive(res, false); /* setup the root nameserver in the new resolver */ status = ldns_resolver_push_nameserver_rr_list(res, dns_root); if (status != LDNS_STATUS_OK) { fprintf(stderr, "Error setting root nameservers in resolver: %s\n", ldns_get_errorstr_by_id(status)); return NULL; } ldns_pkt_free(p); status = ldns_resolver_send(&p, res, name, t, c, 0); if (status != LDNS_STATUS_OK) { fprintf(stderr, "Error querying root servers: %s\n", ldns_get_errorstr_by_id(status)); return NULL; } if (ldns_pkt_get_rcode(p) != LDNS_RCODE_NOERROR) { printf("Error in packet:\n"); ldns_pkt_print(stdout, p); return NULL; } if (verbosity >= 4) { ldns_pkt_print(stdout, p); printf("\n\n"); } /* from now on, use TCP */ ldns_resolver_set_usevc(res, true); while(status == LDNS_STATUS_OK && ldns_pkt_reply_type(p) == LDNS_PACKET_REFERRAL) { if (verbosity >= 3) { printf("This is a delegation!\n\n"); } if (address_family == 0 || address_family == 1) { new_nss_a = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_A, LDNS_SECTION_ADDITIONAL); } else { new_nss_a = ldns_rr_list_new(); } if (address_family == 0 || address_family == 2) { new_nss_aaaa = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_AAAA, LDNS_SECTION_ADDITIONAL); } else { new_nss_aaaa = ldns_rr_list_new(); } new_nss = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_NS, LDNS_SECTION_AUTHORITY); /* remove the old nameserver from the resolver */ while((pop = ldns_resolver_pop_nameserver(res))) { ldns_rdf_deep_free(pop); } /* also check for new_nss emptiness */ if (!new_nss_aaaa && !new_nss_a) { /* * no nameserver found!!! * try to resolve the names we do got */ if (verbosity >= 3) { printf("Did not get address record for nameserver, doing separate query.\n"); } ns_addr = ldns_rr_list_new(); for(i = 0; (size_t) i < ldns_rr_list_rr_count(new_nss); i++) { /* get the name of the nameserver */ pop = ldns_rr_rdf(ldns_rr_list_rr(new_nss, i), 0); if (!pop) { break; } /* retrieve it's addresses */ ns_addr2 = ldns_get_rr_list_addr_by_name(local_res, pop, c, 0); if (!ldns_rr_list_cat(ns_addr, ns_addr2)) { fprintf(stderr, "Internal error adding nameserver address.\n"); exit(EXIT_FAILURE); } ldns_rr_list_free(ns_addr2); } if (ns_addr) { if (ldns_resolver_push_nameserver_rr_list(res, ns_addr) != LDNS_STATUS_OK) { fprintf(stderr, "Error adding new nameservers"); ldns_pkt_free(p); return NULL; } ldns_rr_list_deep_free(ns_addr); } else { ldns_rr_list_print(stdout, ns_addr); fprintf(stderr, "Could not find the nameserver ip addr; abort"); ldns_pkt_free(p); return NULL; } } /* normally, the first working ns is used, but we need all now, so do it one by one * if the answer is null, take it from the next resolver * if the answer is not, compare it to that of the next resolver * error if different, continue if the same * if answer list null and no resolvers left die. */ ldns_rr_list_deep_free(answer_list); ldns_rr_list_deep_free(authority_list); answer_list = NULL; authority_list = NULL; for (nss_i = 0; nss_i < ldns_rr_list_rr_count(new_nss_aaaa); nss_i++) { while((pop = ldns_resolver_pop_nameserver(res))) { ldns_rdf_deep_free(pop); } status = ldns_resolver_push_nameserver(res, ldns_rr_rdf(ldns_rr_list_rr(new_nss_aaaa, nss_i), 0)); if (status != LDNS_STATUS_OK) { fprintf(stderr, "Error adding nameserver to resolver: %s\n", ldns_get_errorstr_by_id(status)); } if (verbosity >= 1) { fprintf(stdout, "Querying nameserver: "); ldns_rdf_print(stdout, ldns_rr_owner(ldns_rr_list_rr(new_nss_aaaa, nss_i))); fprintf(stdout, " ("); ldns_rdf_print(stdout, ldns_rr_rdf(ldns_rr_list_rr(new_nss_aaaa, nss_i), 0)); fprintf(stdout, ")\n"); } status = ldns_resolver_push_nameserver(res, ldns_rr_rdf(ldns_rr_list_rr(new_nss_aaaa, nss_i), 0)); if (status != LDNS_STATUS_OK) { fprintf(stderr, "Error adding nameserver to resolver: %s\n", ldns_get_errorstr_by_id(status)); } ldns_pkt_free(p); status = ldns_resolver_send(&p, res, name, t, c, 0); if (status == LDNS_STATUS_OK && p) { if (ldns_pkt_get_rcode(p) != LDNS_RCODE_NOERROR) { printf("Error in packet:\n"); ldns_pkt_print(stdout, p); return NULL; } if (verbosity >= 4) { ldns_pkt_print(stdout, p); printf("\n\n"); } if (answer_list) { if (verbosity >= 2) { printf("Comparing answer list of answer to previous\n\n"); } ldns_rr_list_sort(ldns_pkt_answer(p)); ldns_rr_list_sort(answer_list); if (ldns_rr_list_compare(answer_list, ldns_pkt_answer(p)) != 0) { fprintf(stderr, "ERROR: different answer answer from nameserver\n"); fprintf(stderr, "\nI had (from previous servers):\n"); ldns_rr_list_print(stderr, answer_list); fprintf(stderr, "\nI received (from nameserver at "); ldns_rdf_print(stderr, ldns_resolver_nameservers(res)[0]); fprintf(stderr, "):\n"); ldns_rr_list_print(stderr, ldns_pkt_answer(p)); exit(EXIT_FAILURE); } } else { answer_list = ldns_rr_list_clone(ldns_pkt_answer(p)); ldns_rr_list_sort(answer_list); if (verbosity >= 2) { printf("First answer list for this set, nothing to compare with\n\n"); } } if (authority_list) { if (verbosity >= 2) { printf("Comparing authority list of answer to previous\n\n"); } ldns_rr_list_sort(ldns_pkt_authority(p)); ldns_rr_list_sort(authority_list); if (ldns_rr_list_compare(authority_list, ldns_pkt_authority(p)) != 0) { fprintf(stderr, "ERROR: different authority answer from nameserver\n"); fprintf(stderr, "\nI had (from previous servers):\n"); ldns_rr_list_print(stderr, authority_list); fprintf(stderr, "\nI received (from nameserver at "); ldns_rdf_print(stderr, ldns_resolver_nameservers(res)[0]); fprintf(stderr, "):\n"); ldns_rr_list_print(stderr, ldns_pkt_authority(p)); exit(EXIT_FAILURE); } } else { authority_list = ldns_rr_list_clone(ldns_pkt_authority(p)); ldns_rr_list_sort(authority_list); if (verbosity >= 2) { printf("First authority list for this set, nothing to compare with\n\n"); } if (verbosity >= 3) { printf("NS RRset:\n"); ldns_rr_list_print(stdout, authority_list); printf("\n"); } } } } ldns_rr_list_deep_free(answer_list); ldns_rr_list_deep_free(authority_list); answer_list = NULL; authority_list = NULL; for (nss_i = 0; nss_i < ldns_rr_list_rr_count(new_nss_a); nss_i++) { while((pop = ldns_resolver_pop_nameserver(res))) {ldns_rdf_deep_free(pop); } if (verbosity >= 1) { fprintf(stdout, "Querying nameserver: "); ldns_rdf_print(stdout, ldns_rr_owner(ldns_rr_list_rr(new_nss_a, nss_i))); fprintf(stdout, " ("); ldns_rdf_print(stdout, ldns_rr_rdf(ldns_rr_list_rr(new_nss_a, nss_i), 0)); fprintf(stdout, ")\n"); } status = ldns_resolver_push_nameserver(res, ldns_rr_rdf(ldns_rr_list_rr(new_nss_a, nss_i), 0)); if (status != LDNS_STATUS_OK) { fprintf(stderr, "Error adding nameserver to resolver: %s\n", ldns_get_errorstr_by_id(status)); } ldns_pkt_free(p); status = ldns_resolver_send(&p, res, name, t, c, 0); if (status == LDNS_STATUS_OK) { if (ldns_pkt_get_rcode(p) != LDNS_RCODE_NOERROR) { printf("Error in packet:\n"); ldns_pkt_print(stdout, p); return NULL; } if (verbosity >= 4) { ldns_pkt_print(stdout, p); printf("\n\n"); } if (answer_list) { if (verbosity >= 2) { printf("Comparing answer list of answer to previous\n\n"); } ldns_rr_list_sort(ldns_pkt_answer(p)); ldns_rr_list_sort(answer_list); if (ldns_rr_list_compare(answer_list, ldns_pkt_answer(p)) != 0) { fprintf(stderr, "ERROR: different answer answer from nameserver\n"); fprintf(stderr, "\nI had (from previous servers):\n"); ldns_rr_list_print(stderr, answer_list); fprintf(stderr, "\nI received (from nameserver at "); ldns_rdf_print(stderr, ldns_resolver_nameservers(res)[0]); fprintf(stderr, "):\n"); ldns_rr_list_print(stderr, ldns_pkt_answer(p)); exit(EXIT_FAILURE); } } else { if (verbosity >= 2) { printf("First answer list for this set, nothing to compare with\n\n"); } answer_list = ldns_rr_list_clone(ldns_pkt_answer(p)); ldns_rr_list_sort(answer_list); } if (authority_list) { if (verbosity >= 2) { printf("Comparing authority list of answer to previous\n\n"); } ldns_rr_list_sort(ldns_pkt_authority(p)); ldns_rr_list_sort(authority_list); if (ldns_rr_list_compare(authority_list, ldns_pkt_authority(p)) != 0) { fprintf(stderr, "ERROR: different authority answer from nameserver\n"); fprintf(stderr, "\nI had (from previous servers):\n"); ldns_rr_list_print(stderr, authority_list); fprintf(stderr, "\nI received (from nameserver at "); ldns_rdf_print(stderr, ldns_resolver_nameservers(res)[0]); fprintf(stderr, "):\n"); ldns_rr_list_print(stderr, ldns_pkt_authority(p)); exit(EXIT_FAILURE); } } else { if (verbosity >= 2) { printf("First authority list for this set, nothing to compare with\n\n"); } authority_list = ldns_rr_list_clone(ldns_pkt_authority(p)); ldns_rr_list_sort(authority_list); if (verbosity >= 3) { printf("NS RRset:\n"); ldns_rr_list_print(stdout, authority_list); printf("\n"); } } } } ldns_rr_list_deep_free(authority_list); authority_list = NULL; if (loop_count++ > 20) { /* unlikely that we are doing something useful */ fprintf(stderr, "Looks like we are looping"); ldns_pkt_free(p); return NULL; } ldns_pkt_free(p); if (verbosity >= 3) { fprintf(stdout, "This level ok. Continuing to next.\n\n"); } status = ldns_resolver_send(&p, res, name, t, c, 0); if (status != LDNS_STATUS_OK) { fprintf(stderr, "Error querying root servers: %s\n", ldns_get_errorstr_by_id(status)); return NULL; } if (ldns_pkt_get_rcode(p) != LDNS_RCODE_NOERROR) { printf("Error in packet:\n"); ldns_pkt_print(stdout, p); return NULL; } if (verbosity >= 4) { ldns_pkt_print(stdout, p); printf("\n\n"); } ldns_rr_list_deep_free(new_nss_aaaa); ldns_rr_list_deep_free(new_nss_a); ldns_rr_list_deep_free(new_nss); new_nss_aaaa = NULL; new_nss_a = NULL; ns_addr = NULL; } ldns_rr_list_deep_free(answer_list); answer_list = NULL; /* clone the nameserver list, we are going to handle them one by one */ last_nameserver_count = 0; last_nameservers = LDNS_XMALLOC(ldns_rdf *, ldns_resolver_nameserver_count(res)); pop = NULL; while((pop = ldns_resolver_pop_nameserver(res))) { last_nameservers[last_nameserver_count] = pop; last_nameserver_count++; } for (nss_i = 0; nss_i < last_nameserver_count; nss_i++) { /* remove previous nameserver */ while((pop = ldns_resolver_pop_nameserver(res))) { ldns_rdf_deep_free(pop); } if (verbosity >= 1) { printf("Querying nameserver: "); ldns_rdf_print(stdout, last_nameservers[nss_i]); printf("\n"); } status = ldns_resolver_push_nameserver(res, last_nameservers[nss_i]); if (status != LDNS_STATUS_OK) { fprintf(stderr, "Error adding nameserver to resolver: %s\n", ldns_get_errorstr_by_id(status)); } ldns_pkt_free(p); status = ldns_resolver_send(&p, res, name, t, c, 0); if (!p) { fprintf(stderr, "no packet received\n"); LDNS_FREE(last_nameservers); return NULL; } if (status == LDNS_STATUS_RES_NO_NS) { fprintf(stderr, "Error: nameserver at "); ldns_rdf_print(stderr, last_nameservers[nss_i]); fprintf(stderr, " not responding. Unable to check RRset here, aborting.\n"); LDNS_FREE(last_nameservers); return NULL; } if (ldns_pkt_get_rcode(p) != LDNS_RCODE_NOERROR) { printf("Error in packet:\n"); ldns_pkt_print(stdout, p); LDNS_FREE(last_nameservers); return NULL; } if (answer_list) { if (verbosity >= 2) { printf("1Comparing answer rr list of answer to previous\n"); } ldns_rr_list_sort(ldns_pkt_answer(p)); ldns_rr_list_sort(answer_list); if (ldns_rr_list_compare(answer_list, ldns_pkt_answer(p)) != 0) { printf("ERROR: different answer section in response from nameserver\n"); fprintf(stderr, "\nI had:\n"); ldns_rr_list_print(stderr, answer_list); fprintf(stderr, "\nI received (from nameserver at "); ldns_rdf_print(stderr, ldns_resolver_nameservers(res)[0]); fprintf(stderr, "):\n"); ldns_rr_list_print(stderr, ldns_pkt_answer(p)); exit(EXIT_FAILURE); } } else { if (verbosity >= 2) { printf("First answer rr list for this set, nothing to compare with\n"); } answer_list = ldns_rr_list_clone(ldns_pkt_answer(p)); if (verbosity >= 3) { printf("DNSKEY RRset:\n"); ldns_rr_list_print(stdout, answer_list); } } } for (nss_i = 0; nss_i < last_nameserver_count; nss_i++) { ldns_rdf_deep_free(last_nameservers[nss_i]); } LDNS_FREE(last_nameservers); ldns_resolver_deep_free(res); ldns_pkt_free(p); return answer_list; } /* * The file with the given path should contain a list of NS RRs * for the root zone and A records for those NS RRs. * Read them, check them, and append the a records to the rr list given. */ static ldns_rr_list * read_root_hints(const char *filename) { FILE *fp = NULL; int line_nr = 0; ldns_zone *z; ldns_status status; ldns_rr_list *addresses = NULL; ldns_rr *rr; size_t i; fp = fopen(filename, "r"); if (!fp) { fprintf(stderr, "Unable to open %s for reading: %s\n", filename, strerror(errno)); return NULL; } status = ldns_zone_new_frm_fp_l(&z, fp, NULL, 0, 0, &line_nr); fclose(fp); if (status != LDNS_STATUS_OK) { fprintf(stderr, "Error reading root hints file: %s\n", ldns_get_errorstr_by_id(status)); return NULL; } else { addresses = ldns_rr_list_new(); for (i = 0; i < ldns_rr_list_rr_count(ldns_zone_rrs(z)); i++) { rr = ldns_rr_list_rr(ldns_zone_rrs(z), i); if ((address_family == 0 || address_family == 1) && ldns_rr_get_type(rr) == LDNS_RR_TYPE_A ) { ldns_rr_list_push_rr(addresses, ldns_rr_clone(rr)); } if ((address_family == 0 || address_family == 2) && ldns_rr_get_type(rr) == LDNS_RR_TYPE_AAAA) { ldns_rr_list_push_rr(addresses, ldns_rr_clone(rr)); } } ldns_zone_deep_free(z); return addresses; } } int main(int argc, char *argv[]) { ldns_resolver *res; ldns_rdf *ns; ldns_rdf *domain; ldns_rr_list *l = NULL; ldns_rr_list *dns_root = NULL; const char *root_file = "/etc/named.root"; ldns_status status; int i; char *domain_str; char *outputfile_str; ldns_buffer *outputfile_buffer; FILE *outputfile; ldns_rr *k; bool insecure = false; ldns_pkt *pkt; domain = NULL; res = NULL; if (argc < 2) { usage(stdout, argv[0]); exit(EXIT_FAILURE); } else { for (i = 1; i < argc; i++) { if (strncmp("-4", argv[i], 3) == 0) { if (address_family != 0) { fprintf(stderr, "Options -4 and -6 cannot be specified at the same time\n"); exit(EXIT_FAILURE); } address_family = 1; } else if (strncmp("-6", argv[i], 3) == 0) { if (address_family != 0) { fprintf(stderr, "Options -4 and -6 cannot be specified at the same time\n"); exit(EXIT_FAILURE); } address_family = 2; } else if (strncmp("-h", argv[i], 3) == 0) { usage(stdout, argv[0]); exit(EXIT_SUCCESS); } else if (strncmp("-i", argv[i], 2) == 0) { insecure = true; } else if (strncmp("-r", argv[i], 2) == 0) { if (strlen(argv[i]) > 2) { root_file = argv[i]+2; } else if (i+1 >= argc) { usage(stdout, argv[0]); exit(EXIT_FAILURE); } else { root_file = argv[i+1]; i++; } } else if (strncmp("-s", argv[i], 3) == 0) { store_in_file = true; } else if (strncmp("-v", argv[i], 2) == 0) { if (strlen(argv[i]) > 2) { verbosity = atoi(argv[i]+2); } else if (i+1 > argc) { usage(stdout, argv[0]); exit(EXIT_FAILURE); } else { verbosity = atoi(argv[i+1]); i++; } } else { /* create a rdf from the command line arg */ if (domain) { fprintf(stdout, "You can only specify one domain at a time\n"); exit(EXIT_FAILURE); } domain = ldns_dname_new_frm_str(argv[i]); } } if (!domain) { usage(stdout, argv[0]); exit(EXIT_FAILURE); } } dns_root = read_root_hints(root_file); if (!dns_root) { fprintf(stderr, "cannot read the root hints file\n"); exit(EXIT_FAILURE); } /* create a new resolver from /etc/resolv.conf */ status = ldns_resolver_new_frm_file(&res, NULL); if (status != LDNS_STATUS_OK) { fprintf(stderr, "Warning: Unable to create stub resolver from /etc/resolv.conf:\n"); fprintf(stderr, "%s\n", ldns_get_errorstr_by_id(status)); fprintf(stderr, "defaulting to nameserver at 127.0.0.1 for separate nameserver name lookups\n"); do { res = ldns_resolver_new(); if (res) { ns = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_A, "127.0.0.1"); if (ns) { status = ldns_resolver_push_nameserver( res, ns); if (status == LDNS_STATUS_OK) { break; } ldns_rdf_deep_free(ns); } ldns_resolver_free(res); } fprintf(stderr, "Unable to create stub resolver: %s\n", ldns_get_errorstr_by_id(status)); exit(EXIT_FAILURE); } while (false); ldns_rdf_deep_free(ns); } ldns_resolver_set_ip6(res, address_family); if (insecure) { pkt = ldns_resolver_query(res, domain, LDNS_RR_TYPE_DNSKEY, LDNS_RR_CLASS_IN, LDNS_RD); if (pkt) { l = ldns_pkt_rr_list_by_type(pkt, LDNS_RR_TYPE_DNSKEY, LDNS_SECTION_ANY_NOQUESTION); } } else { l = retrieve_dnskeys(res, domain, LDNS_RR_TYPE_DNSKEY, LDNS_RR_CLASS_IN, dns_root); } /* separator for result data and verbosity data */ if (verbosity > 0) { fprintf(stdout, "; ---------------------------\n"); fprintf(stdout, "; Got the following keys:\n"); } if (l) { if (store_in_file) { /* create filename: * K.+.+.key */ for (i = 0; (size_t) i < ldns_rr_list_rr_count(l); i++) { k = ldns_rr_list_rr(l, (size_t) i); outputfile_buffer = ldns_buffer_new(300); domain_str = ldns_rdf2str(ldns_rr_owner(k)); ldns_buffer_printf(outputfile_buffer, "K%s+%03u+%05u.key", domain_str, ldns_rdf2native_int8(ldns_rr_rdf(k, 2)), (unsigned int) ldns_calc_keytag(k)); outputfile_str = ldns_buffer_export(outputfile_buffer); if (verbosity >= 1) { fprintf(stdout, "Writing key to file %s\n", outputfile_str); } outputfile = fopen(outputfile_str, "w"); if (!outputfile) { fprintf(stderr, "Error writing key to file %s: %s\n", outputfile_str, strerror(errno)); } else { ldns_rr_print(outputfile, k); fclose(outputfile); } LDNS_FREE(domain_str); LDNS_FREE(outputfile_str); LDNS_FREE(outputfile_buffer); } } else { ldns_rr_list_print(stdout, l); } } else { fprintf(stderr, "no answer packet received, stub resolver config:\n"); ldns_resolver_print(stderr, res); } ldns_rdf_deep_free(domain); ldns_resolver_deep_free(res); ldns_rr_list_deep_free(l); ldns_rr_list_deep_free(dns_root); return EXIT_SUCCESS; } ldns-1.9.0/examples/ldns-dpa.h0000664000175000017500000000255615114326257015536 0ustar willemwillem#include #include #include #include #if STDC_HEADERS #include #include #endif #ifdef HAVE_STDINT_H #include #endif #ifdef HAVE_SYS_SOCKET_H #include #endif #ifdef HAVE_NETINET_IN_H #include #endif #ifdef HAVE_ARPA_INET_H #include #endif #ifdef HAVE_NETINET_UDP_H #include #endif #ifdef HAVE_TIME_H #include #endif #ifdef HAVE_PCAP_H #include #endif #ifdef HAVE_NETINET_IN_SYSTM_H #include #endif #ifdef HAVE_NETINET_IP_H #include #endif #ifdef HAVE_NET_IF_H #include #endif #ifdef HAVE_NETINET_IF_ETHER_H #include #endif #ifdef HAVE_WINSOCK2_H #define USE_WINSOCK 1 #include #endif #ifdef HAVE_WS2TCPIP_H #include #endif #ifndef HAVE_GETADDRINFO #include #endif #ifndef HAVE_RANDOM /* random can be replaced by rand for ldnsexamples */ #define random rand #endif #ifndef HAVE_SRANDOM /* srandom can be replaced by srand for ldnsexamples */ #define srandom srand #endif extern char *optarg; extern int optind, opterr; #ifndef EXIT_FAILURE #define EXIT_FAILURE 1 #endif #ifndef EXIT_SUCCESS #define EXIT_SUCCESS 0 #endif #ifdef S_SPLINT_S #define FD_ZERO(a) /* a */ #define FD_SET(a,b) /* a, b */ #endif ldns-1.9.0/examples/fake-rfc2553.h0000664000175000017500000001230415114326257016021 0ustar willemwillem/* From openssh 4.3p2 filename openbsd-compat/fake-rfc2553.h */ /* * Copyright (C) 2000-2003 Damien Miller. All rights reserved. * Copyright (C) 1999 WIDE Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the project nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ /* * Pseudo-implementation of RFC2553 name / address resolution functions * * But these functions are not implemented correctly. The minimum subset * is implemented for ssh use only. For example, this routine assumes * that ai_family is AF_INET. Don't use it for another purpose. */ #ifndef _FAKE_RFC2553_H #define _FAKE_RFC2553_H #include #include #include #include /* * First, socket and INET6 related definitions */ #ifndef HAVE_STRUCT_SOCKADDR_STORAGE #ifndef _SS_MAXSIZE # define _SS_MAXSIZE 128 /* Implementation specific max size */ # define _SS_PADSIZE (_SS_MAXSIZE - sizeof (struct sockaddr)) struct sockaddr_storage { struct sockaddr ss_sa; char __ss_pad2[_SS_PADSIZE]; }; # define ss_family ss_sa.sa_family #endif /* _SS_MAXSIZE */ #endif /* !HAVE_STRUCT_SOCKADDR_STORAGE */ #ifndef IN6_IS_ADDR_LOOPBACK # define IN6_IS_ADDR_LOOPBACK(a) \ (((uint32_t *)(a))[0] == 0 && ((uint32_t *)(a))[1] == 0 && \ ((uint32_t *)(a))[2] == 0 && ((uint32_t *)(a))[3] == htonl(1)) #endif /* !IN6_IS_ADDR_LOOPBACK */ #ifndef HAVE_STRUCT_IN6_ADDR struct in6_addr { uint8_t s6_addr[16]; }; #endif /* !HAVE_STRUCT_IN6_ADDR */ #ifndef HAVE_STRUCT_SOCKADDR_IN6 struct sockaddr_in6 { unsigned short sin6_family; uint16_t sin6_port; uint32_t sin6_flowinfo; struct in6_addr sin6_addr; }; #endif /* !HAVE_STRUCT_SOCKADDR_IN6 */ #ifndef AF_INET6 /* Define it to something that should never appear */ #define AF_INET6 AF_MAX #endif /* * Next, RFC2553 name / address resolution API */ #ifndef NI_NUMERICHOST # define NI_NUMERICHOST (1) #endif #ifndef NI_NAMEREQD # define NI_NAMEREQD (1<<1) #endif #ifndef NI_NUMERICSERV # define NI_NUMERICSERV (1<<2) #endif #ifndef AI_PASSIVE # define AI_PASSIVE (1) #endif #ifndef AI_CANONNAME # define AI_CANONNAME (1<<1) #endif #ifndef AI_NUMERICHOST # define AI_NUMERICHOST (1<<2) #endif #ifndef NI_MAXSERV # define NI_MAXSERV 32 #endif /* !NI_MAXSERV */ #ifndef NI_MAXHOST # define NI_MAXHOST 1025 #endif /* !NI_MAXHOST */ #ifndef INT_MAX #define INT_MAX 0xffffffff #endif #ifndef EAI_NODATA # define EAI_NODATA (INT_MAX - 1) #endif #ifndef EAI_MEMORY # define EAI_MEMORY (INT_MAX - 2) #endif #ifndef EAI_NONAME # define EAI_NONAME (INT_MAX - 3) #endif #ifndef EAI_SYSTEM # define EAI_SYSTEM (INT_MAX - 4) #endif #ifndef HAVE_STRUCT_ADDRINFO struct addrinfo { int ai_flags; /* AI_PASSIVE, AI_CANONNAME */ int ai_family; /* PF_xxx */ int ai_socktype; /* SOCK_xxx */ int ai_protocol; /* 0 or IPPROTO_xxx for IPv4 and IPv6 */ size_t ai_addrlen; /* length of ai_addr */ char *ai_canonname; /* canonical name for hostname */ struct sockaddr *ai_addr; /* binary address */ struct addrinfo *ai_next; /* next structure in linked list */ }; #endif /* !HAVE_STRUCT_ADDRINFO */ #ifndef HAVE_GETADDRINFO #ifdef getaddrinfo # undef getaddrinfo #endif #define getaddrinfo(a,b,c,d) (ssh_getaddrinfo(a,b,c,d)) int getaddrinfo(const char *, const char *, const struct addrinfo *, struct addrinfo **); #endif /* !HAVE_GETADDRINFO */ #if !defined(HAVE_GAI_STRERROR) && !defined(HAVE_CONST_GAI_STRERROR_PROTO) #define gai_strerror(a) (ssh_gai_strerror(a)) char *gai_strerror(int); #endif /* !HAVE_GAI_STRERROR */ #ifndef HAVE_FREEADDRINFO #define freeaddrinfo(a) (ssh_freeaddrinfo(a)) void freeaddrinfo(struct addrinfo *); #endif /* !HAVE_FREEADDRINFO */ #ifndef HAVE_GETNAMEINFO #define getnameinfo(a,b,c,d,e,f,g) (ssh_getnameinfo(a,b,c,d,e,f,g)) int getnameinfo(const struct sockaddr *, size_t, char *, size_t, char *, size_t, int); #endif /* !HAVE_GETNAMEINFO */ #endif /* !_FAKE_RFC2553_H */ ldns-1.9.0/examples/ldns-rrsig.c0000664000175000017500000001357515114326257016116 0ustar willemwillem/* * ldns-rrsig prints out the inception and expiration dates in a more readable * way than the normal RRSIG presentation format * * for a particularly domain * (c) NLnet Labs, 2005 - 2008 * See the file LICENSE for the license */ #include "config.h" #include static int usage(FILE *fp, char *prog) { fprintf(fp, "%s domain [type]\n", prog); fprintf(fp, " print out the inception and expiration dates\n"); fprintf(fp, " in a more human readable form\n"); fprintf(fp, " \tquery for RRSIG(), defaults to SOA\n"); return 0; } int main(int argc, char *argv[]) { ldns_resolver *res; ldns_resolver *localres; ldns_rdf *domain; ldns_pkt *p; ldns_rr_list *rrsig; ldns_rr_list *rrsig_type; ldns_rr_list *ns; ldns_rr_list *ns_ip; uint8_t i, j; ldns_rr_type t; const char * type_name; struct tm incep, expir; char incep_buf[26]; char expir_buf[26]; ldns_status s; time_t now = time(NULL); p = NULL; rrsig = NULL; rrsig_type = NULL; domain = NULL; /* option parsing */ if (argc < 2) { usage(stdout, argv[0]); exit(EXIT_FAILURE); } else { /* create a rdf from the command line arg */ domain = ldns_dname_new_frm_str(argv[1]); if (!domain) { usage(stdout, argv[0]); exit(EXIT_FAILURE); } } if (argc == 3) { /* optional type arg */ type_name = argv[2]; t = ldns_rdf2rr_type( ldns_rdf_new_frm_str(LDNS_RDF_TYPE_TYPE, type_name)); if (t == 0) { fprintf(stderr, " *** %s is not a valid RR type\n", type_name); exit(EXIT_FAILURE); } } else { t = LDNS_RR_TYPE_SOA; type_name = "SOA"; } /* create a new resolver from /etc/resolv.conf */ s = ldns_resolver_new_frm_file(&localres, NULL); if (s != LDNS_STATUS_OK) { exit(EXIT_FAILURE); } /* first get the nameserver of the domain in question */ p = ldns_resolver_query(localres, domain, LDNS_RR_TYPE_NS, LDNS_RR_CLASS_IN, LDNS_RD); if (!p) { fprintf(stderr," *** Could not find any nameserver for %s", argv[1]); ldns_resolver_deep_free(localres); exit(EXIT_FAILURE); } ns = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_NS, LDNS_SECTION_ANSWER); if (!ns) { fprintf(stderr," *** Could not find any nameserver for %s", argv[1]); ldns_pkt_free(p); ldns_resolver_deep_free(localres); exit(EXIT_FAILURE); } /* use our local resolver to resolv the names in the for usage in our * new resolver */ res = ldns_resolver_new(); if (!res) { ldns_pkt_free(p); ldns_resolver_deep_free(localres); ldns_rr_list_deep_free(ns); exit(EXIT_FAILURE); } for(i = 0; i < ldns_rr_list_rr_count(ns); i++) { ns_ip = ldns_get_rr_list_addr_by_name(localres, ldns_rr_ns_nsdname(ldns_rr_list_rr(ns, i)), LDNS_RR_CLASS_IN, LDNS_RD); /* add these to new resolver */ for(j = 0; j < ldns_rr_list_rr_count(ns_ip); j++) { if (ldns_resolver_push_nameserver(res, ldns_rr_a_address(ldns_rr_list_rr(ns_ip, j))) != LDNS_STATUS_OK) { printf("Error adding nameserver to resolver\n"); ldns_pkt_free(p); ldns_resolver_deep_free(res); ldns_resolver_deep_free(localres); ldns_rr_list_deep_free(ns); exit(EXIT_FAILURE); } } ldns_rr_list_deep_free(ns_ip); } /* enable DNSSEC */ ldns_resolver_set_dnssec(res, true); /* also set CD, we want EVERYTHING! */ ldns_resolver_set_dnssec_cd(res, true); /* use the resolver to send it a query for the soa * records of the domain given on the command line */ ldns_pkt_free(p); p = ldns_resolver_query(res, domain, LDNS_RR_TYPE_RRSIG, LDNS_RR_CLASS_IN, LDNS_RD); ldns_rdf_deep_free(domain); if (!p) { ldns_resolver_deep_free(localres); ldns_rr_list_deep_free(ns); exit(EXIT_FAILURE); } else { /* retrieve the RRSIG records from the answer section of that * packet */ rrsig = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_RRSIG, LDNS_SECTION_ANSWER); if (!rrsig) { fprintf(stderr, " *** invalid answer name %s after RRSIG query for %s\n", argv[1], argv[1]); ldns_pkt_free(p); ldns_resolver_deep_free(res); ldns_rr_list_deep_free(ns); exit(EXIT_FAILURE); } else { rrsig_type = ldns_rr_list_new(); for(i = 0; i < ldns_rr_list_rr_count(rrsig); i++) { if (ldns_rdf2rr_type( ldns_rr_rrsig_typecovered( ldns_rr_list_rr(rrsig, i))) == t) { ldns_rr_list_push_rr(rrsig_type, ldns_rr_list_rr(rrsig, i)); } } if (ldns_rr_list_rr_count(rrsig_type) == 0) { fprintf(stderr, " *** No RRSIG(%s) type found\n", type_name); ldns_resolver_deep_free(localres); ldns_resolver_deep_free(res); ldns_pkt_free(p); ldns_rr_list_deep_free(ns); ldns_rr_list_free(rrsig); ldns_rr_list_deep_free(rrsig_type); exit(EXIT_FAILURE); } for(i = 0; i < ldns_rr_list_rr_count(rrsig_type); i++) { memset(&incep, 0, sizeof(incep)); if (ldns_serial_arithmetics_gmtime_r( ldns_rdf2native_time_t( ldns_rr_rrsig_inception( ldns_rr_list_rr(rrsig_type, i))), now, &incep ) && asctime_r(&incep, incep_buf)) { incep_buf[24] = '\0'; } else { incep_buf[0] = '\0'; } memset(&expir, 0, sizeof(expir)); if (ldns_serial_arithmetics_gmtime_r( ldns_rdf2native_time_t( ldns_rr_rrsig_expiration( ldns_rr_list_rr(rrsig_type, i))), now, &expir ) && asctime_r(&expir, expir_buf)) { expir_buf[24] = '\0'; } else { expir_buf[0] = '\0'; } fprintf(stdout, "%s RRSIG(%s): %s - %s\n", argv[1], type_name, incep_buf, expir_buf); } ldns_rr_list_free(rrsig); ldns_rr_list_deep_free(rrsig_type); } } ldns_pkt_free(p); ldns_resolver_deep_free(localres); ldns_resolver_deep_free(res); ldns_rr_list_deep_free(ns); return 0; } ldns-1.9.0/examples/ldns-signzone.c0000664000175000017500000007424115114326257016621 0ustar willemwillem/* * ldns-signzone signs a zone file * * (c) NLnet Labs, 2005 - 2008 * See the file LICENSE for the license */ #include #include "config.h" #ifdef HAVE_SSL #include #include #include #include #include #include #include #if defined(HAVE_OPENSSL_ENGINE_H) && !defined(OPENSSL_NO_ENGINE) #include #else # ifndef OPENSSL_NO_ENGINE # define OPENSSL_NO_ENGINE # endif #endif #include #define MAX_FILENAME_LEN 250 char *prog; int verbosity = 1; static void usage(FILE *fp, const char *prog) { fprintf(fp, "%s [OPTIONS] zonefile key [key [key]]\n", prog); fprintf(fp, " signs the zone with the given key(s)\n"); fprintf(fp, " -b\t\tuse layout in signed zone and print comments DNSSEC records\n"); fprintf(fp, " -d\t\tused keys are not added to the zone\n"); fprintf(fp, " -e \texpiration date\n"); fprintf(fp, " -f \toutput zone to file (default .signed)\n"); fprintf(fp, " -i \tinception date\n"); fprintf(fp, " -o \torigin for the zone\n"); fprintf(fp, " -u\t\tset SOA serial to the number of seconds since 1-1-1970\n"); fprintf(fp, " -v\t\tprint version and exit\n"); fprintf(fp, " -z <[scheme:]hash>\tAdd ZONEMD resource record\n"); fprintf(fp, "\t\t should be \"simple\" (or 1)\n"); fprintf(fp, "\t\t should be \"sha384\" or \"sha512\" (or 1 or 2)\n"); fprintf(fp, "\t\tthis option can be given more than once\n"); fprintf(fp, " -Z\t\tAllow ZONEMDs to be added without signing\n"); fprintf(fp, " -A\t\tsign DNSKEY with all keys instead of minimal\n"); fprintf(fp, " -U\t\tSign with every unique algorithm in the provided keys\n"); #ifndef OPENSSL_NO_ENGINE fprintf(fp, " -E \tuse as the crypto engine for signing\n"); fprintf(fp, " \tThis can have a lot of extra options, see the manual page for more info\n"); fprintf(fp, " -k ,\tuse `key' with `algorithm' from engine as ZSK\n"); fprintf(fp, " -K ,\tuse `key' with `algorithm' from engine as KSK\n"); #endif fprintf(fp, " -n\t\tuse NSEC3 instead of NSEC.\n"); fprintf(fp, "\t\tIf you use NSEC3, you can specify the following extra options:\n"); fprintf(fp, "\t\t-a [algorithm] hashing algorithm\n"); fprintf(fp, "\t\t-t [number] number of hash iterations\n"); fprintf(fp, "\t\t-s [string] salt\n"); fprintf(fp, "\t\t-p set the opt-out flag on all nsec3 rrs\n"); fprintf(fp, "\n"); fprintf(fp, " keys must be specified by their base name (usually K++),\n"); fprintf(fp, " i.e. WITHOUT the .private extension.\n"); fprintf(fp, " If the public part of the key is not present in the zone, the DNSKEY RR\n"); fprintf(fp, " will be read from the file called .key. If that does not exist,\n"); fprintf(fp, " a default DNSKEY will be generated from the private key and added to the zone.\n"); fprintf(fp, " A date can be a timestamp (seconds since the epoch), or of\n the form \n"); #ifndef OPENSSL_NO_ENGINE fprintf(fp, " For -k or -K, the algorithm can be specified as an integer or a symbolic name:" ); #define __LIST(x) fprintf ( fp, " %3d: %-15s", LDNS_SIGN_ ## x, # x ) fprintf ( fp, "\n " ); __LIST ( RSAMD5 ); #ifdef USE_DSA __LIST ( DSA ); #endif __LIST ( RSASHA1 ); fprintf ( fp, "\n " ); #ifdef USE_DSA __LIST ( DSA_NSEC3 ); #endif __LIST ( RSASHA1_NSEC3 ); __LIST ( RSASHA256 ); fprintf ( fp, "\n " ); __LIST ( RSASHA512 ); __LIST ( ECC_GOST ); __LIST ( ECDSAP256SHA256 ); fprintf ( fp, "\n " ); __LIST ( ECDSAP384SHA384 ); #ifdef USE_ED25519 __LIST ( ED25519 ); #endif #ifdef USE_ED448 __LIST ( ED448 ); #endif fprintf ( fp, "\n" ); #undef __LIST #endif } static void check_tm(struct tm tm) { if (tm.tm_year < 70) { fprintf(stderr, "You cannot specify dates before 1970\n"); exit(EXIT_FAILURE); } if (tm.tm_mon < 0 || tm.tm_mon > 11) { fprintf(stderr, "The month must be in the range 1 to 12\n"); exit(EXIT_FAILURE); } if (tm.tm_mday < 1 || tm.tm_mday > 31) { fprintf(stderr, "The day must be in the range 1 to 31\n"); exit(EXIT_FAILURE); } if (tm.tm_hour < 0 || tm.tm_hour > 23) { fprintf(stderr, "The hour must be in the range 0-23\n"); exit(EXIT_FAILURE); } if (tm.tm_min < 0 || tm.tm_min > 59) { fprintf(stderr, "The minute must be in the range 0-59\n"); exit(EXIT_FAILURE); } if (tm.tm_sec < 0 || tm.tm_sec > 59) { fprintf(stderr, "The second must be in the range 0-59\n"); exit(EXIT_FAILURE); } } /* * if the ttls are different, make them equal * if one of the ttls equals LDNS_DEFAULT_TTL, that one is changed * otherwise, rr2 will get the ttl of rr1 * * prints a warning if a non-default TTL is changed */ static void equalize_ttls(ldns_rr *rr1, ldns_rr *rr2, uint32_t default_ttl) { uint32_t ttl1, ttl2; ttl1 = ldns_rr_ttl(rr1); ttl2 = ldns_rr_ttl(rr2); if (ttl1 != ttl2) { if (ttl1 == default_ttl) { ldns_rr_set_ttl(rr1, ttl2); } else if (ttl2 == default_ttl) { ldns_rr_set_ttl(rr2, ttl1); } else { ldns_rr_set_ttl(rr2, ttl1); fprintf(stderr, "warning: changing non-default TTL %u to %u\n", (unsigned int) ttl2, (unsigned int) ttl1); } } } static void equalize_ttls_rr_list(ldns_rr_list *rr_list, ldns_rr *rr, uint32_t default_ttl) { size_t i; ldns_rr *cur_rr; for (i = 0; i < ldns_rr_list_rr_count(rr_list); i++) { cur_rr = ldns_rr_list_rr(rr_list, i); if (ldns_rr_compare_no_rdata(cur_rr, rr) == 0) { equalize_ttls(cur_rr, rr, default_ttl); } } } static ldns_rr * find_key_in_zone(ldns_rr *pubkey_gen, ldns_zone *zone) { size_t key_i; ldns_rr *pubkey; for (key_i = 0; key_i < ldns_rr_list_rr_count(ldns_zone_rrs(zone)); key_i++) { pubkey = ldns_rr_list_rr(ldns_zone_rrs(zone), key_i); if (ldns_rr_get_type(pubkey) == LDNS_RR_TYPE_DNSKEY && (ldns_calc_keytag(pubkey) == ldns_calc_keytag(pubkey_gen) || /* KSK has gen-keytag + 1 */ ldns_calc_keytag(pubkey) == ldns_calc_keytag(pubkey_gen) + 1) ) { if (verbosity >= 2) { fprintf(stderr, "Found it in the zone!\n"); } return pubkey; } } return NULL; } static ldns_rr * find_key_in_file(const char *keyfile_name_base, ldns_key* ATTR_UNUSED(key), uint32_t zone_ttl) { char *keyfile_name; FILE *keyfile; int line_nr; uint32_t default_ttl = zone_ttl; ldns_rr *pubkey = NULL; keyfile_name = LDNS_XMALLOC(char, strlen(keyfile_name_base) + 5); snprintf(keyfile_name, strlen(keyfile_name_base) + 5, "%s.key", keyfile_name_base); if (verbosity >= 2) { fprintf(stderr, "Trying to read %s\n", keyfile_name); } keyfile = fopen(keyfile_name, "r"); line_nr = 0; if (keyfile) { if (ldns_rr_new_frm_fp_l(&pubkey, keyfile, &default_ttl, NULL, NULL, &line_nr) == LDNS_STATUS_OK) { if (verbosity >= 2) { printf("Key found in file: %s\n", keyfile_name); } } fclose(keyfile); } LDNS_FREE(keyfile_name); return pubkey; } /* this function tries to find the specified keys either in the zone that * has been read, or in a .key file. If the key is not found, * a public key is generated, and it is assumed the key is a ZSK * * if add_keys is true; the DNSKEYs are added to the zone prior to signing * if it is false, they are not added. * Even if keys are not added, the function is still needed, to check * whether keys of which we only have key data are KSKs or ZSKS */ static void find_or_create_pubkey(const char *keyfile_name_base, ldns_key *key, ldns_zone *orig_zone, bool add_keys, uint32_t default_ttl) { ldns_rr *pubkey_gen, *pubkey; int key_in_zone; if (default_ttl == LDNS_DEFAULT_TTL) { default_ttl = ldns_rr_ttl(ldns_zone_soa(orig_zone)); } if (!ldns_key_pubkey_owner(key)) { ldns_key_set_pubkey_owner(key, ldns_rdf_clone(ldns_rr_owner(ldns_zone_soa(orig_zone)))); } /* find the public key in the zone, or in a * separate file * we 'generate' one anyway, * then match that to any present in the zone, * if it matches, we drop our own. If not, * we try to see if there is a .key file present. * If not, we use our own generated one, with * some default values * * Even if -d (do-not-add-keys) is specified, * we still need to do this, because we need * to have any key flags that are set this way */ pubkey_gen = ldns_key2rr(key); ldns_rr_set_ttl(pubkey_gen, default_ttl); if (verbosity >= 2) { fprintf(stderr, "Looking for key with keytag %u or %u\n", (unsigned int) ldns_calc_keytag(pubkey_gen), (unsigned int) ldns_calc_keytag(pubkey_gen)+1 ); } pubkey = find_key_in_zone(pubkey_gen, orig_zone); key_in_zone = 1; if (!pubkey) { key_in_zone = 0; /* it was not in the zone, try to read a .key file */ pubkey = find_key_in_file(keyfile_name_base, key, default_ttl); if (!pubkey && !(ldns_key_flags(key) & LDNS_KEY_SEP_KEY)) { /* maybe it is a ksk? */ ldns_key_set_keytag(key, ldns_key_keytag(key) + 1); pubkey = find_key_in_file(keyfile_name_base, key, default_ttl); if (!pubkey) { /* ok, no file, set back to ZSK */ ldns_key_set_keytag(key, ldns_key_keytag(key) - 1); } } if(pubkey && ldns_dname_compare(ldns_rr_owner(pubkey), ldns_rr_owner(ldns_zone_soa(orig_zone))) != 0) { fprintf(stderr, "Error %s.key has wrong name: %s\n", keyfile_name_base, ldns_rdf2str(ldns_rr_owner(pubkey))); exit(EXIT_FAILURE); /* leak rdf2str, but we exit */ } } if (!pubkey) { /* okay, no public key found, just use our generated one */ pubkey = pubkey_gen; if (verbosity >= 2) { fprintf(stderr, "Not in zone, no .key file, generating ZSK DNSKEY from private key data\n"); } } else { ldns_rr_free(pubkey_gen); } ldns_key_set_flags(key, ldns_rdf2native_int16(ldns_rr_rdf(pubkey, 0))); ldns_key_set_keytag(key, ldns_calc_keytag(pubkey)); if (add_keys && !key_in_zone) { equalize_ttls_rr_list(ldns_zone_rrs(orig_zone), pubkey, default_ttl); ldns_zone_push_rr(orig_zone, pubkey); } } #ifndef OPENSSL_NO_ENGINE /* * For keys coming from the engine (-k or -K), parse algorithm specification. */ static enum ldns_enum_signing_algorithm parse_algspec ( const char * const p ) { if ( p == NULL ) return 0; if ( isdigit ( (const unsigned char)*p ) ) { const char *nptr = NULL; const long id = strtol ( p, (char **) &nptr, 10 ); return id > 0 && nptr != NULL && *nptr == ',' ? id : 0; } #define __MATCH(x) \ if ( !memcmp ( # x, p, sizeof ( # x ) - 1 ) \ && p [ sizeof ( # x ) - 1 ] == ',' ) { \ return LDNS_SIGN_ ## x; \ } __MATCH ( RSAMD5 ); __MATCH ( RSASHA1 ); #ifdef USE_DSA __MATCH ( DSA ); #endif __MATCH ( RSASHA1_NSEC3 ); __MATCH ( RSASHA256 ); __MATCH ( RSASHA512 ); #ifdef USE_DSA __MATCH ( DSA_NSEC3 ); #endif __MATCH ( ECC_GOST ); __MATCH ( ECDSAP256SHA256 ); __MATCH ( ECDSAP384SHA384 ); #ifdef USE_ED25519 __MATCH ( ED25519 ); #endif #ifdef USE_ED448 __MATCH ( ED448 ); #endif #undef __MATCH return 0; } /* * For keys coming from the engine (-k or -K), parse key specification * in the form of ,. No whitespace is allowed * between and the comma, and between the comma and * . format is specific to the engine at hand, i.e. * it can be the old OpenSC syntax or a PKCS #11 URI as defined in RFC 7512 * and (partially) supported by OpenSC (as of 20180312). */ static const char * parse_keyspec ( const char * const p, enum ldns_enum_signing_algorithm * const algorithm, const char ** const id ) { const char * const comma = strchr ( p, ',' ); if ( comma == NULL || !(*algorithm = parse_algspec ( p )) ) return NULL; return comma [ 1 ] ? *id = comma + 1 : NULL; } /* * Load a key from the engine. */ static ldns_key * load_key ( const char * const p, ENGINE * const e ) { enum ldns_enum_signing_algorithm alg = 0; const char *id = NULL; ldns_status status = LDNS_STATUS_ERR; ldns_key *key = NULL; /* Parse key specification. */ if ( parse_keyspec ( p, &alg, &id ) == NULL ) { fprintf ( stderr, "Failed to parse key specification `%s'.\n", p ); usage ( stderr, prog ); exit ( EXIT_FAILURE ); } /* Validate that the algorithm can be used for signing. */ switch ( alg ) { case LDNS_SIGN_RSAMD5: case LDNS_SIGN_RSASHA1: case LDNS_SIGN_RSASHA1_NSEC3: case LDNS_SIGN_RSASHA256: case LDNS_SIGN_RSASHA512: #ifdef USE_DSA case LDNS_SIGN_DSA: case LDNS_SIGN_DSA_NSEC3: #endif case LDNS_SIGN_ECC_GOST: #ifdef USE_ECDSA case LDNS_SIGN_ECDSAP256SHA256: case LDNS_SIGN_ECDSAP384SHA384: #endif break; default: fprintf ( stderr, "Algorithm %d cannot be used for signing.\n", alg ); usage ( stderr, prog ); exit ( EXIT_FAILURE ); } printf ( "Engine key id: %s, algo %d\n", id, alg ); /* Attempt to load the key from the engine. */ status = ldns_key_new_frm_engine ( &key, e, (char *) id, (ldns_algorithm)alg ); if ( status != LDNS_STATUS_OK ) { ERR_print_errors_fp ( stderr ); exit ( EXIT_FAILURE ); } return key; } /* * For keys coming from the engine (-k or -K), set key parameters * and determine whether the key is listed in the zone file. */ static void post_process_engine_key ( ldns_key_list * const keys, ldns_key * const key, ldns_zone * const zone, const bool add_keys, const uint32_t ttl, const uint32_t inception, const uint32_t expiration ) { if ( key == NULL ) return; if ( expiration ) ldns_key_set_expiration ( key, expiration ); if ( inception ) ldns_key_set_inception ( key, inception ); ldns_key_list_push_key ( keys, key ); find_or_create_pubkey ( "", key, zone, add_keys, ttl ); } /* * Initialize OpenSSL, for versions 1.1 and newer. */ static ENGINE * init_openssl_engine ( const char * const id ) { ENGINE *e = NULL; #ifdef HAVE_ERR_LOAD_CRYPTO_STRINGS ERR_load_crypto_strings(); #endif #if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL) || !defined(HAVE_OPENSSL_INIT_CRYPTO) OpenSSL_add_all_algorithms(); #else if ( !OPENSSL_init_crypto ( OPENSSL_INIT_LOAD_CONFIG, NULL ) ) { fprintf ( stderr, "OPENSSL_init_crypto(3) failed.\n" ); ERR_print_errors_fp ( stderr ); exit ( EXIT_FAILURE ); } #endif if ( (e = ENGINE_by_id ( id )) == NULL ) { fprintf ( stderr, "ENGINE_by_id(3) failed.\n" ); ERR_print_errors_fp ( stderr ); exit ( EXIT_FAILURE ); } if ( !ENGINE_set_default_DSA ( e ) ) { fprintf ( stderr, "ENGINE_set_default_DSA(3) failed.\n" ); ERR_print_errors_fp ( stderr ); exit ( EXIT_FAILURE ); } if ( !ENGINE_set_default_RSA ( e ) ) { fprintf ( stderr, "ENGINE_set_default_RSA(3) failed.\n" ); ERR_print_errors_fp ( stderr ); exit ( EXIT_FAILURE ); } return e; } /* * De-initialize OpenSSL, for versions 1.1 and newer. * * All of that is not strictly necessary because the process exits * anyway, however, when an engine is used, this is the only hope * of letting the engine's driver know that the program terminates * (for the fear that the driver's reference counting may go awry, etc.) * Still, there is no guarantee that this function helps... */ static void shutdown_openssl ( ENGINE * const e ) { if ( e != NULL ) { #ifdef HAVE_ENGINE_FREE ENGINE_free ( e ); #endif #ifdef HAVE_ENGINE_CLEANUP ENGINE_cleanup (); #endif } #ifdef HAVE_CONF_MODULES_UNLOAD CONF_modules_unload ( 1 ); #endif #ifdef HAVE_EVP_CLEANUP EVP_cleanup (); #endif #ifdef HAVE_CRYPTO_CLEANUP_ALL_EX_DATA CRYPTO_cleanup_all_ex_data (); #endif #ifdef HAVE_ERR_FREE_STRINGS ERR_free_strings (); #endif } #endif int str2zonemd_signflag(const char *str, const char **reason) { char *colon; static const char *reasons[] = { "Unknown , should be \"simple\"" , "Syntax error in , should be \"sha384\" or \"sha512\"" , "Unknown , should be \"sha384\" or \"sha512\"" }; if (!str) return LDNS_STATUS_NULL; if ((colon = strchr(str, ':'))) { if ((colon - str != 1 || str[0] != '1') && (colon - str != 6 || strncasecmp(str, "simple", 6))) { if (reason) *reason = reasons[0]; return 0; } if (strchr(colon + 1, ':')) { if (reason) *reason = reasons[1]; return 0; } return str2zonemd_signflag(colon + 1, reason); } if (!strcasecmp(str, "1") || !strcasecmp(str, "sha384")) return LDNS_SIGN_WITH_ZONEMD_SIMPLE_SHA384; if (!strcasecmp(str, "2") || !strcasecmp(str, "sha512")) return LDNS_SIGN_WITH_ZONEMD_SIMPLE_SHA512; if (reason) *reason = reasons[2]; return 0; } int main(int argc, char *argv[]) { const char *zonefile_name; FILE *zonefile = NULL; int line_nr = 0; int c; int argi; #ifndef OPENSSL_NO_ENGINE ENGINE *engine = NULL; #endif ldns_zone *orig_zone; ldns_rr_list *orig_rrs = NULL; ldns_rr *orig_soa = NULL; ldns_dnssec_zone *signed_zone; char *keyfile_name_base; char *keyfile_name = NULL; FILE *keyfile = NULL; ldns_key *key = NULL; #ifndef OPENSSL_NO_ENGINE ldns_key *eng_ksk = NULL; /* KSK specified with -K */ ldns_key *eng_zsk = NULL; /* ZSK specified with -k */ #endif ldns_key_list *keys; ldns_status s; size_t i; ldns_rr_list *added_rrs; char *outputfile_name = NULL; FILE *outputfile; bool use_nsec3 = false; int signflags = 0; bool unixtime_serial = false; /* Add the given keys to the zone if they are not yet present */ bool add_keys = true; uint8_t nsec3_algorithm = 1; uint8_t nsec3_flags = 0; size_t nsec3_iterations_cmd = 1; uint16_t nsec3_iterations = 1; uint8_t nsec3_salt_length = 0; uint8_t *nsec3_salt = NULL; /* we need to know the origin before reading ksk's, * so keep an array of filenames until we know it */ struct tm tm; uint32_t inception; uint32_t expiration; ldns_rdf *origin = NULL; uint32_t ttl = LDNS_DEFAULT_TTL; ldns_rr_class class = LDNS_RR_CLASS_IN; ldns_status result; ldns_output_format_storage fmt_st; ldns_output_format* fmt = ldns_output_format_init(&fmt_st); /* For parson zone digest parameters */ int flag; const char *reason = NULL; prog = strdup(argv[0]); inception = 0; expiration = 0; keys = ldns_key_list_new(); while ((c = getopt(argc, argv, "a:bde:f:i:k:no:ps:t:uvz:ZAUE:K:")) != -1) { switch (c) { case 'a': nsec3_algorithm = (uint8_t) atoi(optarg); if (nsec3_algorithm != 1) { fprintf(stderr, "Bad NSEC3 algorithm, only RSASHA1 allowed\n"); exit(EXIT_FAILURE); } break; case 'b': ldns_output_format_set(fmt, LDNS_COMMENT_FLAGS | LDNS_COMMENT_LAYOUT | LDNS_COMMENT_NSEC3_CHAIN | LDNS_COMMENT_BUBBLEBABBLE); break; case 'd': add_keys = false; break; case 'e': /* try to parse YYYYMMDD first, * if that doesn't work, it * should be a timestamp (seconds since epoch) */ memset(&tm, 0, sizeof(tm)); if (strlen(optarg) == 8 && sscanf(optarg, "%4d%2d%2d", &tm.tm_year, &tm.tm_mon, &tm.tm_mday) ) { tm.tm_year -= 1900; tm.tm_mon--; check_tm(tm); expiration = (uint32_t) ldns_mktime_from_utc(&tm); } else if (strlen(optarg) == 14 && sscanf(optarg, "%4d%2d%2d%2d%2d%2d", &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec) ) { tm.tm_year -= 1900; tm.tm_mon--; check_tm(tm); expiration = (uint32_t) ldns_mktime_from_utc(&tm); } else { expiration = (uint32_t) atol(optarg); } break; case 'f': outputfile_name = LDNS_XMALLOC(char, MAX_FILENAME_LEN + 1); strncpy(outputfile_name, optarg, MAX_FILENAME_LEN); break; case 'i': memset(&tm, 0, sizeof(tm)); if (strlen(optarg) == 8 && sscanf(optarg, "%4d%2d%2d", &tm.tm_year, &tm.tm_mon, &tm.tm_mday) ) { tm.tm_year -= 1900; tm.tm_mon--; check_tm(tm); inception = (uint32_t) ldns_mktime_from_utc(&tm); } else if (strlen(optarg) == 14 && sscanf(optarg, "%4d%2d%2d%2d%2d%2d", &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec) ) { tm.tm_year -= 1900; tm.tm_mon--; check_tm(tm); inception = (uint32_t) ldns_mktime_from_utc(&tm); } else { inception = (uint32_t) atol(optarg); } break; case 'n': use_nsec3 = true; break; case 'o': if (ldns_str2rdf_dname(&origin, optarg) != LDNS_STATUS_OK) { fprintf(stderr, "Bad origin, not a correct domain name\n"); usage(stderr, prog); exit(EXIT_FAILURE); } break; case 'p': nsec3_flags = nsec3_flags | LDNS_NSEC3_VARS_OPTOUT_MASK; break; case 'u': unixtime_serial = true; break; case 'v': printf("zone signer version %s (ldns version %s)\n", LDNS_VERSION, ldns_version()); exit(EXIT_SUCCESS); break; case 'z': flag = str2zonemd_signflag(optarg, &reason); if (flag) signflags |= flag; else { fprintf( stderr , "%s\nwith zone digest parameters:" " \"%s\"\n" , reason, optarg); exit(EXIT_FAILURE); } break; case 'Z': signflags |= LDNS_SIGN_NO_KEYS_NO_NSECS; break; case 'A': signflags |= LDNS_SIGN_DNSKEY_WITH_ZSK; break; case 'E': #ifndef OPENSSL_NO_ENGINE engine = init_openssl_engine ( optarg ); break; #else /* fallthrough */ #endif case 'k': #ifndef OPENSSL_NO_ENGINE eng_zsk = load_key ( optarg, engine ); break; #else /* fallthrough */ #endif case 'K': #ifndef OPENSSL_NO_ENGINE eng_ksk = load_key ( optarg, engine ); /* I apologize for that, there is no API. */ eng_ksk -> _extra.dnssec.flags |= LDNS_KEY_SEP_KEY; #else fprintf(stderr, "%s compiled without engine support\n" , prog); exit(EXIT_FAILURE); #endif break; case 'U': signflags |= LDNS_SIGN_WITH_ALL_ALGORITHMS; break; case 's': if (strlen(optarg) % 2 != 0) { fprintf(stderr, "Salt value is not valid hex data, not a multiple of 2 characters\n"); exit(EXIT_FAILURE); } nsec3_salt_length = (uint8_t) strlen(optarg) / 2; nsec3_salt = LDNS_XMALLOC(uint8_t, nsec3_salt_length); for (c = 0; c < (int) strlen(optarg); c += 2) { if (isxdigit((int) optarg[c]) && isxdigit((int) optarg[c+1])) { nsec3_salt[c/2] = (uint8_t) ldns_hexdigit_to_int(optarg[c]) * 16 + ldns_hexdigit_to_int(optarg[c+1]); } else { fprintf(stderr, "Salt value is not valid hex data.\n"); exit(EXIT_FAILURE); } } break; case 't': nsec3_iterations_cmd = (size_t) atol(optarg); if (nsec3_iterations_cmd > LDNS_NSEC3_MAX_ITERATIONS) { fprintf(stderr, "Iterations count can not exceed %u, quitting\n", LDNS_NSEC3_MAX_ITERATIONS); exit(EXIT_FAILURE); } nsec3_iterations = (uint16_t) nsec3_iterations_cmd; break; default: usage(stderr, prog); exit(EXIT_SUCCESS); } } argc -= optind; argv += optind; if (argc < 1) { printf("Error: not enough arguments\n"); usage(stdout, prog); exit(EXIT_FAILURE); } else { zonefile_name = argv[0]; } /* read zonefile first to find origin if not specified */ if (strncmp(zonefile_name, "-", 2) == 0) { s = ldns_zone_new_frm_fp_l(&orig_zone, stdin, origin, ttl, class, &line_nr); if (s != LDNS_STATUS_OK) { fprintf(stderr, "Zone not read, error: %s at stdin line %d\n", ldns_get_errorstr_by_id(s), line_nr); exit(EXIT_FAILURE); } else { orig_soa = ldns_zone_soa(orig_zone); if (!orig_soa) { fprintf(stderr, "Error reading zonefile: missing SOA record\n"); exit(EXIT_FAILURE); } orig_rrs = ldns_zone_rrs(orig_zone); if (!orig_rrs) { fprintf(stderr, "Error reading zonefile: no resource records\n"); exit(EXIT_FAILURE); } } } else { zonefile = fopen(zonefile_name, "r"); if (!zonefile) { fprintf(stderr, "Error: unable to read %s (%s)\n", zonefile_name, strerror(errno)); exit(EXIT_FAILURE); } else { s = ldns_zone_new_frm_fp_l(&orig_zone, zonefile, origin, ttl, class, &line_nr); if (s != LDNS_STATUS_OK) { fprintf(stderr, "Zone not read, error: %s at %s line %d\n", ldns_get_errorstr_by_id(s), zonefile_name, line_nr); exit(EXIT_FAILURE); } else { orig_soa = ldns_zone_soa(orig_zone); if (!orig_soa) { fprintf(stderr, "Error reading zonefile: missing SOA record\n"); exit(EXIT_FAILURE); } orig_rrs = ldns_zone_rrs(orig_zone); if (!orig_rrs) { fprintf(stderr, "Error reading zonefile: no resource records\n"); exit(EXIT_FAILURE); } } fclose(zonefile); } } /* read the ZSKs */ argi = 1; while (argi < argc) { keyfile_name_base = argv[argi]; keyfile_name = LDNS_XMALLOC(char, strlen(keyfile_name_base) + 9); snprintf(keyfile_name, strlen(keyfile_name_base) + 9, "%s.private", keyfile_name_base); keyfile = fopen(keyfile_name, "r"); line_nr = 0; if (!keyfile) { fprintf(stderr, "Error: unable to read %s: %s\n", keyfile_name, strerror(errno)); } else { s = ldns_key_new_frm_fp_l(&key, keyfile, &line_nr); fclose(keyfile); if (s == LDNS_STATUS_OK) { /* set times in key? they will end up in the rrsigs */ if (expiration != 0) { ldns_key_set_expiration(key, expiration); } if (inception != 0) { ldns_key_set_inception(key, inception); } LDNS_FREE(keyfile_name); ldns_key_list_push_key(keys, key); } else { fprintf(stderr, "Error reading key from %s at line %d: %s\n", argv[argi], line_nr, ldns_get_errorstr_by_id(s)); } } /* and, if not unset by -p, find or create the corresponding DNSKEY record */ if (key) { find_or_create_pubkey(keyfile_name_base, key, orig_zone, add_keys, ttl); } argi++; } #ifndef OPENSSL_NO_ENGINE /* * The user may have loaded a KSK and a ZSK from the engine. * Since these keys carry no meta-information which is * relevant to DNS (origin, TTL, etc), and because that * information becomes known only after the command line * and the zone file are parsed completely, the program * needs to post-process these keys before they become usable. */ /* The engine's KSK. */ post_process_engine_key ( keys, eng_ksk, orig_zone, add_keys, ttl, inception, expiration ); /* The engine's ZSK. */ post_process_engine_key ( keys, eng_zsk, orig_zone, add_keys, ttl, inception, expiration ); #endif if (ldns_key_list_key_count(keys) < 1 && !(signflags & LDNS_SIGN_NO_KEYS_NO_NSECS)) { fprintf(stderr, "Error: no keys to sign with. Aborting.\n\n"); usage(stderr, prog); exit(EXIT_FAILURE); } signed_zone = ldns_dnssec_zone_new(); if (unixtime_serial) { ldns_rr_soa_increment_func_int(ldns_zone_soa(orig_zone), ldns_soa_serial_unixtime, 0); } if (ldns_dnssec_zone_add_rr(signed_zone, ldns_zone_soa(orig_zone)) != LDNS_STATUS_OK) { fprintf(stderr, "Error adding SOA to dnssec zone, skipping record\n"); } for (i = 0; i < ldns_rr_list_rr_count(ldns_zone_rrs(orig_zone)); i++) { if (ldns_dnssec_zone_add_rr(signed_zone, ldns_rr_list_rr(ldns_zone_rrs(orig_zone), i)) != LDNS_STATUS_OK) { fprintf(stderr, "Error adding RR to dnssec zone"); fprintf(stderr, ", skipping record:\n"); ldns_rr_print(stderr, ldns_rr_list_rr(ldns_zone_rrs(orig_zone), i)); } } /* list to store newly created rrs, so we can free them later */ added_rrs = ldns_rr_list_new(); if (use_nsec3) { if (verbosity < 1) ; /* pass */ else if (nsec3_iterations > 500) fprintf(stderr, "Warning! NSEC3 iterations larger than " "500 may cause validating resolvers to return " "SERVFAIL!\n" "See: https://datatracker.ietf.org/doc/html/" "draft-hardaker-dnsop-nsec3-guidance-03#section-4\n"); else if (nsec3_iterations > 100) fprintf(stderr, "Warning! NSEC3 iterations larger than " "100 may cause validating resolvers to return " "insecure responses!\n" "See: https://datatracker.ietf.org/doc/html/" "draft-hardaker-dnsop-nsec3-guidance-03#section-4\n"); result = ldns_dnssec_zone_sign_nsec3_flg_mkmap(signed_zone, added_rrs, keys, ldns_dnssec_default_replace_signatures, NULL, nsec3_algorithm, nsec3_flags, nsec3_iterations, nsec3_salt_length, nsec3_salt, signflags, &fmt_st.hashmap); } else { result = ldns_dnssec_zone_sign_flg(signed_zone, added_rrs, keys, ldns_dnssec_default_replace_signatures, NULL, signflags); } if (result != LDNS_STATUS_OK) { fprintf(stderr, "Error signing zone: %s\n", ldns_get_errorstr_by_id(result)); } if (!outputfile_name) { outputfile_name = LDNS_XMALLOC(char, MAX_FILENAME_LEN); snprintf(outputfile_name, MAX_FILENAME_LEN, "%s.signed", zonefile_name); } if (signed_zone) { if (strncmp(outputfile_name, "-", 2) == 0) { ldns_dnssec_zone_print(stdout, signed_zone); } else { outputfile = fopen(outputfile_name, "w"); if (!outputfile) { fprintf(stderr, "Unable to open %s for writing: %s\n", outputfile_name, strerror(errno)); } else { ldns_dnssec_zone_print_fmt( outputfile, fmt, signed_zone); fclose(outputfile); } } } else { fprintf(stderr, "Error signing zone.\n"); #ifdef HAVE_SSL if (ERR_peek_error()) { #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(HAVE_LIBRESSL) #ifdef HAVE_ERR_LOAD_CRYPTO_STRINGS ERR_load_crypto_strings(); #endif #endif ERR_print_errors_fp(stderr); #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(HAVE_LIBRESSL) #ifdef HAVE_ERR_FREE_STRINGS ERR_free_strings (); #endif #endif } #endif exit(EXIT_FAILURE); } ldns_key_list_free(keys); /* since the ldns_rr records are pointed to in both the ldns_zone * and the ldns_dnssec_zone, we can either deep_free the * dnssec_zone and 'shallow' free the original zone and added * records, or the other way around */ ldns_dnssec_zone_free(signed_zone); ldns_zone_deep_free(orig_zone); ldns_rr_list_deep_free(added_rrs); ldns_rdf_deep_free(origin); LDNS_FREE(outputfile_name); #ifndef OPENSSL_NO_ENGINE shutdown_openssl ( engine ); #else #if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL) #ifdef HAVE_CRYPTO_CLEANUP_ALL_EX_DATA CRYPTO_cleanup_all_ex_data (); #endif #endif #endif free(prog); exit(EXIT_SUCCESS); } #else /* !HAVE_SSL */ int main(int argc __attribute__((unused)), char **argv __attribute__((unused))) { fprintf(stderr, "ldns-signzone needs OpenSSL support, which has not been compiled in\n"); return 1; } #endif /* HAVE_SSL */ ldns-1.9.0/examples/ldns-dane.c0000664000175000017500000014473015114326257015675 0ustar willemwillem/* * Verify or create TLS authentication with DANE (RFC6698) * * (c) NLnetLabs 2012 * * See the file LICENSE for the license. * * wish list: * - nicer reporting (tracing of evaluation process) * - verbosity levels * - STARTTLS support */ #include "config.h" #include #include #include #ifdef HAVE_NETINET_IN_H #include #endif #ifdef HAVE_SYS_SOCKET_H #include #endif #ifdef HAVE_NETDB_H #include #endif #ifdef HAVE_ARPA_INET_H #include #endif #include #include #include #include #ifdef USE_DANE #ifdef HAVE_SSL #include #include #include #ifndef IPPROTO_SCTP #define IPPROTO_SCTP 132 #endif #define LDNS_ERR(code, msg) do { if (code != LDNS_STATUS_OK) \ ldns_err(msg, code); } while (false) #define MEMERR(msg) do { fprintf(stderr, "memory error in %s\n", msg); \ exit(EXIT_FAILURE); } while (false) #define BUFSIZE 16384 /* Exit status on a PKIX validated connection but without TLSA records * when the -T option was given: */ #define NO_TLSAS_EXIT_STATUS 2 /* int verbosity = 3; */ static void print_usage(const char* progname) { #ifdef USE_DANE_VERIFY printf("Usage: %s [OPTIONS] verify \n", progname); printf(" or: %s [OPTIONS] -t verify\n", progname); printf("\n\tVerify the TLS connection at : or" "\n\tuse TLSA record(s) from to verify the\n" "\tTLS service they reference.\n"); printf("\n or: %s [OPTIONS] create [ " #else printf("Usage: %s [OPTIONS] create [ " #endif "[ []]]\n", progname); printf("\n\tUse the TLS connection(s) to " "to create the TLSA\n\t" "resource record(s) that would " "authenticate the connection.\n"); printf("\n\t" "\t\t0 | PKIX-TA : CA constraint\n" "\t\t\t1 | PKIX-EE : Service certificate constraint\n" "\t\t\t2 | DANE-TA : Trust anchor assertion\n" "\t\t\t3 | DANE-EE : Domain-issued certificate " "(default)\n"); printf("\n\t" "\t0 | Cert : Full certificate\n" "\t\t\t1 | SPKI : SubjectPublicKeyInfo " "(default)\n"); printf("\n\t" "\t\t0 | Full : No hash used\n" "\t\t\t1 | SHA2-256 : SHA-256 (default)\n" "\t\t\t2 | SHA2-512 : SHA-512\n"); printf("OPTIONS:\n"); printf("\t-h\t\tshow this text\n"); printf("\t-4\t\tTLS connect IPv4 only\n"); printf("\t-6\t\tTLS connect IPv6 only\n"); printf("\t-r
\t" "use resolver at
instead of local resolver\n"); printf("\t-a
\t" "don't resolve , but connect to
(es)\n"); printf("\t-b\t\t" "print \". TYPE52 \\# \" form\n" ); printf("\t-c \t" "verify or create TLSA records for the\n" "\t\t\tcertificate (chain) in \n" ); printf("\t-d\t\tassume DNSSEC validity even when insecure or bogus\n"); printf("\t-f \tuse CAfile to validate\n"); #if HAVE_DANE_CA_FILE printf("\t\t\tDefault is %s\n", LDNS_DANE_CA_FILE); #endif printf("\t-i\t\tinteract after connecting\n"); printf("\t-k \t" "use DNSKEY/DS rr(s) in to validate TLSAs\n" "\t\t\twhen signature chasing (i.e. -S)\n" ); printf("\t\t\tDefault is %s\n", LDNS_TRUST_ANCHOR_FILE); printf("\t-n\t\tdo *not* verify server name in certificate\n"); printf("\t-o \t" "select th certificate from the end of\n" "\t\t\tthe validation chain. -1 means self-signed at end\n" ); printf("\t-p \t" "use certificates in the directory to validate\n" ); #if HAVE_DANE_CA_PATH printf("\t\t\tDefaults is %s\n", LDNS_DANE_CA_PATH); #endif printf("\t-s\t\tassume PKIX validity\n"); printf("\t-S\t\tChase signature(s) to a known key\n"); printf("\t-t \tdo not use DNS, " "but read TLSA record(s) from \n" ); printf("\t-T\t\tReturn exit status 2 for PKIX validated connections\n" "\t\t\twithout (secure) TLSA records(s)\n"); printf("\t-u\t\tuse UDP transport instead of TCP\n"); printf("\t-v\t\tshow version and exit\n"); /* printf("\t-V [0-5]\tset verbosity level (default 3)\n"); */ exit(EXIT_SUCCESS); } static int dane_int_within_range(const char* arg, int max, const char* name) { char* endptr; /* utility var for strtol usage */ int val = strtol(arg, &endptr, 10); if ((val < 0 || val > max) || (errno != 0 && val == 0) /* out of range */ || endptr == arg /* no digits */ || *endptr != '\0' /* more chars */ ) { fprintf(stderr, "<%s> should be in range [0-%d]\n", name, max); exit(EXIT_FAILURE); } return val; } struct dane_param_choice_struct { const char* name; int number; }; typedef struct dane_param_choice_struct dane_param_choice; dane_param_choice dane_certificate_usage_table[] = { { "PKIX-TA" , 0 }, { "CA constraint" , 0 }, { "CA-constraint" , 0 }, { "PKIX-EE" , 1 }, { "Service certificate constraint" , 1 }, { "Service-certificate-constraint" , 1 }, { "DANE-TA" , 2 }, { "Trust anchor assertion" , 2 }, { "Trust-anchor-assertion" , 2 }, { "anchor" , 2 }, { "DANE-EE" , 3 }, { "Domain-issued certificate" , 3 }, { "Domain-issued-certificate" , 3 }, { "PrivCert" , 255 }, { NULL, -1 } }; dane_param_choice dane_selector_table[] = { { "Cert" , 0 }, { "Full certificate" , 0 }, { "Full-certificate" , 0 }, { "certificate" , 0 }, { "SPKI" , 1 }, { "SubjectPublicKeyInfo", 1 }, { "PublicKey" , 1 }, { "pubkey" , 1 }, { "key" , 1 }, { "PrivSel" , 255 }, { NULL, -1 } }; dane_param_choice dane_matching_type_table[] = { { "Full" , 0 }, { "no-hash-used" , 0 }, { "no hash used" , 0 }, { "SHA2-256" , 1 }, { "sha256" , 1 }, { "sha-256" , 1 }, { "SHA2-512" , 2 }, { "sha512" , 2 }, { "sha-512" , 2 }, { "PrivMatch" , 255 }, { NULL, -1 } }; static int dane_int_within_range_table(const char* arg, int max, const char* name, dane_param_choice table[]) { dane_param_choice* t; if (*arg) { for (t = table; t->name; t++) { if (strncasecmp(arg, t->name, strlen(arg)) == 0) { return t->number; } } } return dane_int_within_range(arg, max, name); } static void ssl_err(const char* s) { fprintf(stderr, "error: %s\n", s); ERR_print_errors_fp(stderr); exit(EXIT_FAILURE); } static void ldns_err(const char* s, ldns_status err) { if (err == LDNS_STATUS_SSL_ERR) { ssl_err(s); } else { fprintf(stderr, "%s: %s\n", s, ldns_get_errorstr_by_id(err)); exit(EXIT_FAILURE); } } static ldns_status ssl_connect_and_get_cert_chain( X509** cert, STACK_OF(X509)** extra_certs, SSL* ssl, const char* name_str, ldns_rdf* address, uint16_t port, ldns_dane_transport transport) { struct sockaddr_storage *a = NULL; size_t a_len = 0; int sock; int r; assert(cert != NULL); assert(extra_certs != NULL); a = ldns_rdf2native_sockaddr_storage(address, port, &a_len); switch (transport) { case LDNS_DANE_TRANSPORT_TCP: sock = socket((int)((struct sockaddr*)a)->sa_family, SOCK_STREAM, IPPROTO_TCP); break; case LDNS_DANE_TRANSPORT_UDP: sock = socket((int)((struct sockaddr*)a)->sa_family, SOCK_DGRAM, IPPROTO_UDP); break; case LDNS_DANE_TRANSPORT_SCTP: sock = socket((int)((struct sockaddr*)a)->sa_family, SOCK_STREAM, IPPROTO_SCTP); break; default: LDNS_FREE(a); return LDNS_STATUS_DANE_UNKNOWN_TRANSPORT; } if (sock == -1) { LDNS_FREE(a); return LDNS_STATUS_NETWORK_ERR; } if (connect(sock, (struct sockaddr*)a, (socklen_t)a_len) == -1) { LDNS_FREE(a); return LDNS_STATUS_NETWORK_ERR; } LDNS_FREE(a); if (! SSL_clear(ssl)) { close(sock); fprintf(stderr, "SSL_clear\n"); return LDNS_STATUS_SSL_ERR; } #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME (void) SSL_set_tlsext_host_name(ssl, name_str); #endif SSL_set_connect_state(ssl); (void) SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY); if (! SSL_set_fd(ssl, sock)) { close(sock); fprintf(stderr, "SSL_set_fd\n"); return LDNS_STATUS_SSL_ERR; } for (;;) { ERR_clear_error(); if ((r = SSL_do_handshake(ssl)) == 1) { break; } r = SSL_get_error(ssl, r); if (r != SSL_ERROR_WANT_READ && r != SSL_ERROR_WANT_WRITE) { fprintf(stderr, "handshaking SSL_get_error: %d\n", r); return LDNS_STATUS_SSL_ERR; } } *cert = SSL_get_peer_certificate(ssl); *extra_certs = SSL_get_peer_cert_chain(ssl); return LDNS_STATUS_OK; } #ifdef USE_DANE_VERIFY static void ssl_interact(SSL* ssl) { fd_set rfds; int maxfd; int sock; int r; char buf[BUFSIZE]; char* bufptr; int to_write; int written; sock = SSL_get_fd(ssl); if (sock == -1) { return; } maxfd = (STDIN_FILENO > sock ? STDIN_FILENO : sock) + 1; for (;;) { #ifndef S_SPLINT_S FD_ZERO(&rfds); #endif /* splint */ FD_SET(sock, &rfds); FD_SET(STDIN_FILENO, &rfds); r = select(maxfd, &rfds, NULL, NULL, NULL); if (r == -1) { perror("select"); break; } if (FD_ISSET(sock, &rfds)) { to_write = SSL_read(ssl, buf, BUFSIZE); if (to_write <= 0) { r = SSL_get_error(ssl, to_write); if (r != SSL_ERROR_ZERO_RETURN) { fprintf(stderr, "reading SSL_get_error:" " %d\n", r); } break; } bufptr = buf; while (to_write > 0) { written = (int) fwrite(bufptr, 1, (size_t) to_write, stdout); if (written == 0) { perror("fwrite"); break; } to_write -= written; bufptr += written; } } /* if (FD_ISSET(sock, &rfds)) */ if (FD_ISSET(STDIN_FILENO, &rfds)) { to_write = (int) read(STDIN_FILENO, buf, BUFSIZE - 1); if (to_write <= 0) { if (to_write == -1) { perror("read"); } break; } if (buf[to_write - 1] == '\n') { buf[to_write - 1] = '\r'; buf[to_write ] = '\n'; to_write += 1; } bufptr = buf; while (to_write > 0) { written = SSL_write(ssl, bufptr, to_write); if (written <= 0) { r = SSL_get_error(ssl, to_write); if (r != SSL_ERROR_ZERO_RETURN) { fprintf(stderr, "writing SSL_get_error" ": %d\n", r); } break; } to_write -= written; bufptr += written; } } /* if (FD_ISSET(STDIN_FILENO, &rfds)) */ } /* for (;;) */ } #endif /* USE_DANE_VERIFY */ static ldns_rr_list* rr_list_filter_rr_type(ldns_rr_list* l, ldns_rr_type t) { size_t i; ldns_rr* rr; ldns_rr_list* r = ldns_rr_list_new(); if (r == NULL) { return r; } for (i = 0; i < ldns_rr_list_rr_count(l); i++) { rr = ldns_rr_list_rr(l, i); if (ldns_rr_get_type(rr) == t) { if (! ldns_rr_list_push_rr(r, rr)) { ldns_rr_list_free(r); return NULL; } } } return r; } /* Return a copy of the list of tlsa records where the usage types * "CA constraint" are replaced with "Trust anchor assertion" and the usage * types "Service certificate constraint" are replaced with * "Domain-issued certificate". * * This to check what would happen if PKIX validation was successful always. */ static ldns_rr_list* dane_no_pkix_transform(const ldns_rr_list* tlas) { size_t i; ldns_rr* rr; ldns_rr* new_rr; ldns_rdf* rdf; ldns_rr_list* r = ldns_rr_list_new(); if (r == NULL) { return r; } for (i = 0; i < ldns_rr_list_rr_count(tlas); i++) { rr = ldns_rr_list_rr(tlas, i); if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_TLSA) { new_rr = ldns_rr_clone(rr); if (!new_rr) { ldns_rr_list_deep_free(r); return NULL; } switch(ldns_rdf2native_int8(ldns_rr_rdf(new_rr, 0))) { case LDNS_TLSA_USAGE_CA_CONSTRAINT: rdf = ldns_native2rdf_int8(LDNS_RDF_TYPE_INT8, (uint8_t) LDNS_TLSA_USAGE_TRUST_ANCHOR_ASSERTION); if (! rdf) { ldns_rr_free(new_rr); ldns_rr_list_deep_free(r); return NULL; } (void) ldns_rr_set_rdf(new_rr, rdf, 0); break; case LDNS_TLSA_USAGE_SERVICE_CERTIFICATE_CONSTRAINT: rdf = ldns_native2rdf_int8(LDNS_RDF_TYPE_INT8, (uint8_t) LDNS_TLSA_USAGE_DOMAIN_ISSUED_CERTIFICATE); if (! rdf) { ldns_rr_free(new_rr); ldns_rr_list_deep_free(r); return NULL; } (void) ldns_rr_set_rdf(new_rr, rdf, 0); break; default: break; } if (! ldns_rr_list_push_rr(r, new_rr)) { ldns_rr_free(new_rr); ldns_rr_list_deep_free(r); return NULL; } } } return r; } static void print_rr_as_TYPEXXX(FILE* out, ldns_rr* rr) { size_t i, sz; ldns_status s; ldns_buffer* buf = ldns_buffer_new(LDNS_MAX_PACKETLEN); char* str; ldns_buffer_clear(buf); s = ldns_rdf2buffer_str_dname(buf, ldns_rr_owner(rr)); LDNS_ERR(s, "could not ldns_rdf2buffer_str_dname"); ldns_buffer_printf(buf, "\t%d", ldns_rr_ttl(rr)); ldns_buffer_printf(buf, "\t"); s = ldns_rr_class2buffer_str(buf, ldns_rr_get_class(rr)); LDNS_ERR(s, "could not ldns_rr_class2buffer_str"); ldns_buffer_printf(buf, "\tTYPE%d", ldns_rr_get_type(rr)); sz = 0; for (i = 0; i < ldns_rr_rd_count(rr); i++) { sz += ldns_rdf_size(ldns_rr_rdf(rr, i)); } ldns_buffer_printf(buf, "\t\\# %d ", sz); for (i = 0; i < ldns_rr_rd_count(rr); i++) { s = ldns_rdf2buffer_str_hex(buf, ldns_rr_rdf(rr, i)); LDNS_ERR(s, "could not ldns_rdf2buffer_str_hex"); } str = ldns_buffer_export2str(buf); ldns_buffer_free(buf); fprintf(out, "%s\n", str); LDNS_FREE(str); } static void print_rr_list_as_TYPEXXX(FILE* out, ldns_rr_list* l) { size_t i; for (i = 0; i < ldns_rr_list_rr_count(l); i++) { print_rr_as_TYPEXXX(out, ldns_rr_list_rr(l, i)); } } static ldns_status read_key_file(const char *filename, ldns_rr_list *keys) { ldns_status status = LDNS_STATUS_ERR; ldns_rr *rr; FILE *fp; uint32_t my_ttl = 0; ldns_rdf *my_origin = NULL; ldns_rdf *my_prev = NULL; int line_nr; if (!(fp = fopen(filename, "r"))) { return LDNS_STATUS_FILE_ERR; } while (!feof(fp)) { status = ldns_rr_new_frm_fp_l(&rr, fp, &my_ttl, &my_origin, &my_prev, &line_nr); if (status == LDNS_STATUS_OK) { if ( ldns_rr_get_type(rr) == LDNS_RR_TYPE_DS || ldns_rr_get_type(rr) == LDNS_RR_TYPE_DNSKEY) ldns_rr_list_push_rr(keys, rr); } else if ( status == LDNS_STATUS_SYNTAX_EMPTY || status == LDNS_STATUS_SYNTAX_TTL || status == LDNS_STATUS_SYNTAX_ORIGIN || status == LDNS_STATUS_SYNTAX_INCLUDE) status = LDNS_STATUS_OK; else break; } fclose(fp); return status; } static ldns_status dane_setup_resolver(ldns_resolver** res, ldns_rdf* nameserver_addr, ldns_rr_list* keys, bool dnssec_off) { ldns_status s = LDNS_STATUS_OK; assert(res != NULL); if (nameserver_addr) { *res = ldns_resolver_new(); if (*res) { s = ldns_resolver_push_nameserver(*res, nameserver_addr); } else { s = LDNS_STATUS_MEM_ERR; } } else { s = ldns_resolver_new_frm_file(res, NULL); } if (s == LDNS_STATUS_OK) { ldns_resolver_set_dnssec(*res, ! dnssec_off); if (keys && ldns_rr_list_rr_count(keys) > 0) { /* anchors must trigger signature chasing */ ldns_resolver_set_dnssec_anchors(*res, keys); ldns_resolver_set_dnssec_cd(*res, true); } } return s; } static ldns_status dane_query(ldns_rr_list** rrs, ldns_resolver* r, ldns_rdf *name, ldns_rr_type t, ldns_rr_class c, bool insecure_is_ok) { ldns_pkt* p = NULL; ldns_rr_list* keys = NULL; ldns_rr_list* rrsigs = NULL; ldns_rdf* signame = NULL; ldns_status s; assert(rrs != NULL); p = ldns_resolver_query(r, name, t, c, LDNS_RD); if (! p) { return LDNS_STATUS_MEM_ERR; } *rrs = ldns_pkt_rr_list_by_type(p, t, LDNS_SECTION_ANSWER); if (! ldns_resolver_dnssec(r)) { /* DNSSEC explicitly disabled, anything goes */ ldns_pkt_free(p); return LDNS_STATUS_OK; } if (ldns_rr_list_rr_count(*rrs) == 0) { /* assert(*rrs == NULL) */ if (ldns_pkt_get_rcode(p) == LDNS_RCODE_SERVFAIL) { ldns_pkt_free(p); return LDNS_STATUS_DANE_BOGUS; } else { ldns_pkt_free(p); return LDNS_STATUS_OK; } } /* We have answers and we have dnssec. */ if (! ldns_pkt_cd(p)) { /* we act as stub resolver (no sigchase) */ if (! ldns_pkt_ad(p)) { /* Not secure */ goto insecure; } ldns_pkt_free(p); return LDNS_STATUS_OK; } /* sigchase */ /* TODO: handle cname reference check */ rrsigs = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_RRSIG, LDNS_SECTION_ANSWER); if (! rrsigs || ldns_rr_list_rr_count(rrsigs) == 0) { goto insecure; } signame = ldns_rr_rrsig_signame(ldns_rr_list_rr(rrsigs, 0)); if (! signame) { s = LDNS_STATUS_ERR; goto error; } /* First try with the keys we already have */ s = ldns_verify(*rrs, rrsigs, ldns_resolver_dnssec_anchors(r), NULL); if (s == LDNS_STATUS_OK) { goto cleanup; } /* Fetch the necessary keys and recheck */ keys = ldns_fetch_valid_domain_keys(r, signame, ldns_resolver_dnssec_anchors(r), &s); if (s != LDNS_STATUS_OK) { goto error; } if (ldns_rr_list_rr_count(keys) == 0) { /* An insecure island */ goto insecure; } s = ldns_verify(*rrs, rrsigs, keys, NULL); switch (s) { case LDNS_STATUS_CRYPTO_BOGUS: goto bogus; case LDNS_STATUS_OK : goto cleanup; default : break; } insecure: s = LDNS_STATUS_DANE_INSECURE; bogus: if (! insecure_is_ok) { error: ldns_rr_list_deep_free(*rrs); *rrs = ldns_rr_list_new(); } cleanup: if (keys) { ldns_rr_list_deep_free(keys); } if (rrsigs) { ldns_rr_list_deep_free(rrsigs); } ldns_pkt_free(p); return s; } static ldns_rr_list* dane_lookup_addresses(ldns_resolver* res, ldns_rdf* dname, int ai_family) { ldns_status s; ldns_rr_list *as = NULL; ldns_rr_list *aaas = NULL; ldns_rr_list *r = ldns_rr_list_new(); if (r == NULL) { MEMERR("ldns_rr_list_new"); } if (ai_family == AF_UNSPEC || ai_family == AF_INET) { s = dane_query(&as, res, dname, LDNS_RR_TYPE_A, LDNS_RR_CLASS_IN, true); if (s == LDNS_STATUS_DANE_INSECURE && ldns_rr_list_rr_count(as) > 0) { fprintf(stderr, "Warning! Insecure IPv4 addresses. " "Continuing with them...\n"); } else if (s == LDNS_STATUS_DANE_BOGUS || LDNS_STATUS_CRYPTO_BOGUS == s) { fprintf(stderr, "Warning! Bogus IPv4 addresses. " "Discarding...\n"); ldns_rr_list_deep_free(as); as = ldns_rr_list_new(); } else if (s != LDNS_STATUS_OK) { LDNS_ERR(s, "dane_query"); } if (! ldns_rr_list_push_rr_list(r, as)) { MEMERR("ldns_rr_list_push_rr_list"); } } if (ai_family == AF_UNSPEC || ai_family == AF_INET6) { s = dane_query(&aaas, res, dname, LDNS_RR_TYPE_AAAA, LDNS_RR_CLASS_IN, true); if (s == LDNS_STATUS_DANE_INSECURE && ldns_rr_list_rr_count(aaas) > 0) { fprintf(stderr, "Warning! Insecure IPv6 addresses. " "Continuing with them...\n"); } else if (s == LDNS_STATUS_DANE_BOGUS || LDNS_STATUS_CRYPTO_BOGUS == s) { fprintf(stderr, "Warning! Bogus IPv6 addresses. " "Discarding...\n"); ldns_rr_list_deep_free(aaas); aaas = ldns_rr_list_new(); } else if (s != LDNS_STATUS_OK) { LDNS_ERR(s, "dane_query"); } if (! ldns_rr_list_push_rr_list(r, aaas)) { MEMERR("ldns_rr_list_push_rr_list"); } } return r; } static ldns_status dane_read_tlsas_from_file(ldns_rr_list** tlsas, char* filename, ldns_rdf* origin) { FILE* fp = NULL; ldns_rr* rr = NULL; ldns_rdf *my_origin = NULL; ldns_rdf *my_prev = NULL; ldns_rdf *origin_lc = NULL; int line_nr; ldns_status s = LDNS_STATUS_MEM_ERR; assert(tlsas != NULL); assert(filename != NULL); if (strcmp(filename, "-") == 0) { fp = stdin; } else { fp = fopen(filename, "r"); if (!fp) { fprintf(stderr, "Unable to open %s: %s\n", filename, strerror(errno)); exit(EXIT_FAILURE); } } if (origin) { my_origin = ldns_rdf_clone(origin); if (! my_origin) { goto error; } my_prev = ldns_rdf_clone(origin); if (! my_prev) { goto error; } origin_lc = ldns_rdf_clone(origin); if (! origin_lc) { goto error; } ldns_dname2canonical(origin_lc); } *tlsas = ldns_rr_list_new(); if (! *tlsas) { goto error; } while (! feof(fp)) { s = ldns_rr_new_frm_fp_l(&rr, fp, NULL, &my_origin, &my_prev, &line_nr); if (s != LDNS_STATUS_OK) { goto error; } if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_TLSA) { ldns_dname2canonical(ldns_rr_owner(rr)); if (! origin || ldns_dname_compare(ldns_rr_owner(rr), origin_lc) == 0) { if (ldns_rr_list_push_rr(*tlsas, rr)) { continue; } else { s = LDNS_STATUS_MEM_ERR; goto error; } } } ldns_rr_free(rr); } ldns_rdf_deep_free(origin_lc); ldns_rdf_deep_free(my_prev); ldns_rdf_deep_free(my_origin); fclose(fp); return LDNS_STATUS_OK; error: if (*tlsas) { ldns_rr_list_deep_free(*tlsas); *tlsas = NULL; } if (origin_lc) { ldns_rdf_deep_free(origin_lc); } if (my_prev) { ldns_rdf_deep_free(my_prev); } if (my_origin) { ldns_rdf_deep_free(my_origin); } if (fp && fp != stdin) { fclose(fp); } return s; } static bool dane_wildcard_label_cmp(uint8_t iw, const char* w, uint8_t il, const char* l) { if (iw == 0) { /* End of match label */ if (il == 0) { /* And end in the to be matched label */ return true; } return false; } do { if (*w == '*') { if (iw == 1) { /* '*' is the last match char, remainder matches wildcard */ return true; } while (il > 0) { /* more to match? */ if (w[1] == *l) { /* Char after '*' matches. * Recursion for backtracking */ if (dane_wildcard_label_cmp( iw - 1, w + 1, il , l)) { return true; } } l += 1; il -= 1; } } /* Skip up till next wildcard (if possible) */ while (il > 0 && iw > 0 && *w != '*' && *w == *l) { w += 1; l += 1; il -= 1; iw -= 1; } } while (iw > 0 && *w == '*' && /* More to match a next wildcard? */ (il > 0 || iw == 1)); return iw == 0 && il == 0; } static bool dane_label_matches_label(ldns_rdf* w, ldns_rdf* l) { uint8_t iw; uint8_t il; iw = ldns_rdf_data(w)[0]; il = ldns_rdf_data(l)[0]; return dane_wildcard_label_cmp( iw, (const char*)ldns_rdf_data(w) + 1, il, (const char*)ldns_rdf_data(l) + 1); } static bool dane_name_matches_server_name(const char* name_str, ldns_rdf* server_name) { ldns_rdf* name; uint8_t nn, ns, i; ldns_rdf* ln; ldns_rdf* ls; name = ldns_dname_new_frm_str((const char*)name_str); if (! name) { LDNS_ERR(LDNS_STATUS_ERR, "ldns_dname_new_frm_str"); } nn = ldns_dname_label_count(name); ns = ldns_dname_label_count(server_name); if (nn != ns) { ldns_rdf_free(name); return false; } ldns_dname2canonical(name); for (i = 0; i < nn; i++) { ln = ldns_dname_label(name, i); if (! ln) { return false; } ls = ldns_dname_label(server_name, i); if (! ls) { ldns_rdf_free(ln); return false; } if (! dane_label_matches_label(ln, ls)) { ldns_rdf_free(ln); ldns_rdf_free(ls); return false; } ldns_rdf_free(ln); ldns_rdf_free(ls); } return true; } static bool dane_X509_any_subject_alt_name_matches_server_name( X509 *cert, ldns_rdf* server_name) { GENERAL_NAMES* names; GENERAL_NAME* name; unsigned char* subject_alt_name_str = NULL; int i, n; names = X509_get_ext_d2i(cert, NID_subject_alt_name, 0, 0 ); if (! names) { /* No subjectAltName extension */ return false; } n = sk_GENERAL_NAME_num(names); for (i = 0; i < n; i++) { name = sk_GENERAL_NAME_value(names, i); if (name->type == GEN_DNS) { (void) ASN1_STRING_to_UTF8(&subject_alt_name_str, name->d.dNSName); if (subject_alt_name_str) { if (dane_name_matches_server_name((char*) subject_alt_name_str, server_name)) { OPENSSL_free(subject_alt_name_str); return true; } OPENSSL_free(subject_alt_name_str); } } } /* sk_GENERAL_NAMES_pop_free(names, sk_GENERAL_NAME_free); */ return false; } static bool dane_X509_subject_name_matches_server_name(X509 *cert, ldns_rdf* server_name) { X509_NAME* subject_name; int i; X509_NAME_ENTRY* entry; ASN1_STRING* entry_data; unsigned char* subject_name_str = NULL; bool r; subject_name = X509_get_subject_name(cert); if (! subject_name ) { ssl_err("could not X509_get_subject_name"); } i = X509_NAME_get_index_by_NID(subject_name, NID_commonName, -1); entry = X509_NAME_get_entry(subject_name, i); entry_data = X509_NAME_ENTRY_get_data(entry); (void) ASN1_STRING_to_UTF8(&subject_name_str, entry_data); if (subject_name_str) { r = dane_name_matches_server_name( (char*)subject_name_str, server_name); OPENSSL_free(subject_name_str); return r; } else { return false; } } static bool dane_verify_server_name(X509* cert, ldns_rdf* server_name) { ldns_rdf* server_name_lc; bool r; server_name_lc = ldns_rdf_clone(server_name); if (! server_name_lc) { LDNS_ERR(LDNS_STATUS_MEM_ERR, "ldns_rdf_clone"); } ldns_dname2canonical(server_name_lc); r = dane_X509_any_subject_alt_name_matches_server_name( cert, server_name_lc) || dane_X509_subject_name_matches_server_name( cert, server_name_lc); ldns_rdf_free(server_name_lc); return r; } static void dane_create(ldns_rr_list* tlsas, ldns_rdf* tlsa_owner, ldns_tlsa_certificate_usage certificate_usage, int offset, ldns_tlsa_selector selector, ldns_tlsa_matching_type matching_type, X509* cert, STACK_OF(X509)* extra_certs, X509_STORE* validate_store, bool verify_server_name, ldns_rdf* name) { ldns_status s; X509* selected_cert; ldns_rr* tlsa_rr; if (verify_server_name && ! dane_verify_server_name(cert, name)) { fprintf(stderr, "The certificate does not match the " "server name\n"); exit(EXIT_FAILURE); } s = ldns_dane_select_certificate(&selected_cert, cert, extra_certs, validate_store, certificate_usage, offset); LDNS_ERR(s, "could not select certificate"); s = ldns_dane_create_tlsa_rr(&tlsa_rr, certificate_usage, selector, matching_type, selected_cert); LDNS_ERR(s, "could not create tlsa rr"); ldns_rr_set_owner(tlsa_rr, ldns_rdf_clone(tlsa_owner)); if (! ldns_rr_list_contains_rr(tlsas, tlsa_rr)) { if (! ldns_rr_list_push_rr(tlsas, tlsa_rr)) { MEMERR("ldns_rr_list_push_rr"); } } } #if defined(USE_DANE_VERIFY) && ( OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL) ) static bool dane_verify(ldns_rr_list* tlsas, ldns_rdf* address, X509* cert, STACK_OF(X509)* extra_certs, X509_STORE* validate_store, bool verify_server_name, ldns_rdf* name, bool assume_pkix_validity) { ldns_status s; char* address_str = NULL; s = ldns_dane_verify(tlsas, cert, extra_certs, validate_store); if (address) { address_str = ldns_rdf2str(address); fprintf(stdout, "%s", address_str ? address_str : "
"); free(address_str); } else { X509_NAME_print_ex_fp(stdout, X509_get_subject_name(cert), 0, 0); } if (s == LDNS_STATUS_OK) { if (verify_server_name && ! dane_verify_server_name(cert, name)) { fprintf(stdout, " did not dane-validate, because:" " the certificate name did not match" " the server name\n"); return false; } fprintf(stdout, " dane-validated successfully\n"); return true; } else if (assume_pkix_validity && s == LDNS_STATUS_DANE_PKIX_DID_NOT_VALIDATE) { fprintf(stdout, " dane-validated successfully," " because PKIX is assumed valid\n"); return true; } fprintf(stdout, " did not dane-validate, because: %s\n", ldns_get_errorstr_by_id(s)); return false; } #endif /* defined(USE_DANE_VERIFY) && OPENSSL_VERSION_NUMBER < 0x10100000 */ #if OPENSSL_VERSION_NUMBER >= 0x10100000 && ! defined(HAVE_LIBRESSL) static int _ldns_tls_verify_always_ok(int ok, X509_STORE_CTX *ctx) { (void)ok; (void)ctx; return 1; } #endif /** * Return either an A or AAAA rdf, based on the given * string. If it it not a valid ip address, return null. * * Caller receives ownership of returned rdf (if not null), * and must free it. */ static inline ldns_rdf* rdf_addr_frm_str(const char* str) { ldns_rdf *a = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_A, str); if (!a) { a = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_AAAA, str); } return a; } int main(int argc, char* const* argv) { int c; enum { UNDETERMINED, VERIFY, CREATE } mode = UNDETERMINED; ldns_status s; size_t i; #if OPENSSL_VERSION_NUMBER >= 0x10100000 && ! defined(HAVE_LIBRESSL) size_t j, usable_tlsas = 0; # ifdef USE_DANE_VERIFY X509_STORE_CTX *store_ctx = NULL; # endif /* USE_DANE_VERIFY */ #endif /* OPENSSL_VERSION_NUMBER >= 0x10100000 */ bool print_tlsa_as_type52 = false; bool assume_dnssec_validity = false; bool assume_pkix_validity = false; bool verify_server_name = true; bool interact = false; #if HAVE_DANE_CA_FILE const char* CAfile = LDNS_DANE_CA_FILE; #else const char* CAfile = NULL; #endif #if HAVE_DANE_CA_PATH const char* CApath = LDNS_DANE_CA_PATH; #else const char* CApath = NULL; #endif char* cert_file = NULL; X509* cert = NULL; STACK_OF(X509)* extra_certs = NULL; ldns_rr_list* keys = ldns_rr_list_new(); size_t nkeys = 0; bool do_sigchase = false; ldns_rr_list* addresses = ldns_rr_list_new(); ldns_rr* address_rr; ldns_rdf* address; int ai_family = AF_UNSPEC; int transport = LDNS_DANE_TRANSPORT_TCP; char* name_str = NULL; /* suppress uninitialized warning */ ldns_rdf* name; uint16_t port = 0; /* suppress uninitialized warning */ ldns_resolver* res = NULL; ldns_rdf* nameserver_rdf = NULL; ldns_rdf* tlsa_owner = NULL; char* tlsa_owner_str = NULL; ldns_rr_list* tlsas = NULL; char* tlsas_file = NULL; /* For extracting service port and transport from tla_owner. */ ldns_rdf* port_rdf = NULL; char* port_str = NULL; ldns_rdf* transport_rdf = NULL; char* transport_str = NULL; ldns_rr_list* originals = NULL; /* original tlsas (before * transform), but also used * as temporary. */ ldns_tlsa_certificate_usage certificate_usage = 666; int offset = -1; ldns_tlsa_selector selector = 666; ldns_tlsa_matching_type matching_type = 666; X509_STORE *store = NULL; SSL_CTX* ctx = NULL; SSL* ssl = NULL; int no_tlsas_exit_status = EXIT_SUCCESS; int exit_success = EXIT_SUCCESS; bool success = true; if (! keys || ! addresses) { MEMERR("ldns_rr_list_new"); } while((c = getopt(argc, argv, "46a:bc:df:hik:no:p:r:sSt:TuvV:")) != -1){ switch(c) { case 'h': print_usage("ldns-dane"); break; case '4': ai_family = AF_INET; break; case '6': ai_family = AF_INET6; break; case 'r': if (nameserver_rdf) { fprintf(stderr, "Can only specify -r once\n"); exit(EXIT_FAILURE); } nameserver_rdf = rdf_addr_frm_str(optarg); if (!nameserver_rdf) { fprintf(stderr, "Could not interpret address %s\n", optarg); exit(EXIT_FAILURE); } break; case 'a': s = ldns_str2rdf_a(&address, optarg); if (s == LDNS_STATUS_OK) { address_rr = ldns_rr_new_frm_type( LDNS_RR_TYPE_A); } else { s = ldns_str2rdf_aaaa(&address, optarg); if (s == LDNS_STATUS_OK) { address_rr = ldns_rr_new_frm_type( LDNS_RR_TYPE_AAAA); } else { fprintf(stderr, "Could not interpret address " "%s\n", optarg); exit(EXIT_FAILURE); } } (void) ldns_rr_a_set_address(address_rr, address); for (i = 0; i < ldns_rr_list_rr_count(addresses); i++){ if (ldns_rdf_compare(address, ldns_rr_a_address( ldns_rr_list_rr(addresses, i))) == 0) { break; } } if (i >= ldns_rr_list_rr_count(addresses)) { if (! ldns_rr_list_push_rr(addresses, address_rr)) { MEMERR("ldns_rr_list_push_rr"); } } break; case 'b': print_tlsa_as_type52 = true; /* TODO: do it with output formats... maybe... */ break; case 'c': cert_file = optarg; /* checking in SSL stuff below */ break; case 'd': assume_dnssec_validity = true; break; case 'f': CAfile = optarg; break; case 'i': interact = true; break; case 'k': s = read_key_file(optarg, keys); if (s == LDNS_STATUS_FILE_ERR) { fprintf(stderr, "Error opening %s: %s\n", optarg, strerror(errno)); } LDNS_ERR(s, "Could not parse key file"); if (ldns_rr_list_rr_count(keys) == nkeys) { fprintf(stderr, "No keys found in file" " %s\n", optarg); exit(EXIT_FAILURE); } nkeys = ldns_rr_list_rr_count(keys); break; case 'n': verify_server_name = false; break; case 'o': offset = atoi(optarg); /* todo check if all numeric */ break; case 'p': CApath = optarg; break; case 's': assume_pkix_validity = true; break; case 'S': do_sigchase = true; break; case 't': tlsas_file = optarg; break; case 'T': no_tlsas_exit_status = NO_TLSAS_EXIT_STATUS; break; case 'u': transport = LDNS_DANE_TRANSPORT_UDP; break; case 'v': printf("ldns-dane version %s (ldns version %s)\n", LDNS_VERSION, ldns_version()); exit(EXIT_SUCCESS); break; /* case 'V': verbosity = atoi(optarg); break; */ } } /* Filter out given IPv4 addresses when -6 was given, * and IPv6 addresses when -4 was given. */ if (ldns_rr_list_rr_count(addresses) > 0 && ai_family != AF_UNSPEC) { originals = addresses; addresses = rr_list_filter_rr_type(originals, (ai_family == AF_INET ? LDNS_RR_TYPE_A : LDNS_RR_TYPE_AAAA)); ldns_rr_list_free(originals); if (addresses == NULL) { MEMERR("rr_list_filter_rr_type"); } if (ldns_rr_list_rr_count(addresses) == 0) { fprintf(stderr, "No addresses of the specified type remain\n"); exit(EXIT_FAILURE); } } if (do_sigchase) { if (nkeys == 0) { (void) read_key_file(LDNS_TRUST_ANCHOR_FILE, keys); nkeys = ldns_rr_list_rr_count(keys); if (nkeys == 0) { fprintf(stderr, "Unable to chase " "signature without keys.\n"); exit(EXIT_FAILURE); } } } else { keys = NULL; } argc -= optind; argv += optind; if (argc == 0) { print_usage("ldns-dane"); } if (strncasecmp(*argv, "create", strlen(*argv)) == 0) { mode = CREATE; argc--; argv++; #ifdef USE_DANE_VERIFY } else if (strncasecmp(*argv, "verify", strlen(*argv)) == 0) { mode = VERIFY; argc--; argv++; } else { fprintf(stderr, "Specify create or verify mode\n"); #else } else { fprintf(stderr, "Specify create mode\n"); #endif exit(EXIT_FAILURE); } #ifndef USE_DANE_VERIFY (void)transport_str; (void)transport_rdf; (void)port_str; (void)port_rdf; (void)interact; #else if (mode == VERIFY && argc == 0) { if (! tlsas_file) { fprintf(stderr, "ERROR! Nothing given to verify\n"); exit(EXIT_FAILURE); } s = dane_read_tlsas_from_file(&tlsas, tlsas_file, NULL); LDNS_ERR(s, "could not read tlsas from file"); /* extract port, transport and hostname from TLSA owner name */ if (ldns_rr_list_rr_count(tlsas) == 0) { fprintf(stderr, "ERROR! No TLSA records to extract " "service port, transport and hostname" "\n"); exit(EXIT_FAILURE); } tlsa_owner = ldns_rr_list_owner(tlsas); if (ldns_dname_label_count(tlsa_owner) < 2) { fprintf(stderr, "ERROR! To few labels in TLSA owner\n"); exit(EXIT_FAILURE); } do { s = LDNS_STATUS_MEM_ERR; port_rdf = ldns_dname_label(tlsa_owner, 0); if (! port_rdf) { break; } port_str = ldns_rdf2str(port_rdf); if (! port_str) { break; } if (*port_str != '_') { fprintf(stderr, "ERROR! Badly formatted " "service port label in the " "TLSA owner name\n"); exit(EXIT_FAILURE); } if (port_str[strlen(port_str) - 1] == '.') { port_str[strlen(port_str) - 1] = '\000'; } port = (uint16_t) dane_int_within_range( port_str + 1, 65535, "port"); s = LDNS_STATUS_OK; } while (false); LDNS_ERR(s, "could not extract service port from TLSA owner"); do { s = LDNS_STATUS_MEM_ERR; transport_rdf = ldns_dname_label(tlsa_owner, 1); if (! transport_rdf) { break; } transport_str = ldns_rdf2str(transport_rdf); if (! transport_str) { break; } if (transport_str[strlen(transport_str) - 1] == '.') { transport_str[strlen(transport_str) - 1] = '\000'; } if (strcmp(transport_str, "_tcp") == 0) { transport = LDNS_DANE_TRANSPORT_TCP; } else if (strcmp(transport_str, "_udp") == 0) { transport = LDNS_DANE_TRANSPORT_UDP; } else if (strcmp(transport_str, "_sctp") == 0) { transport = LDNS_DANE_TRANSPORT_SCTP; } else { fprintf(stderr, "ERROR! Badly formatted " "transport label in the " "TLSA owner name\n"); exit(EXIT_FAILURE); } s = LDNS_STATUS_OK; break; } while(false); LDNS_ERR(s, "could not extract transport from TLSA owner"); tlsa_owner_str = ldns_rdf2str(tlsa_owner); if (! tlsa_owner_str) { MEMERR("ldns_rdf2str"); } name = ldns_dname_clone_from(tlsa_owner, 2); if (! name) { MEMERR("ldns_dname_clone_from"); } name_str = ldns_rdf2str(name); if (! name_str) { MEMERR("ldns_rdf2str"); } } else #endif /* USE_DANE_VERIFY */ if (argc < 2) { print_usage("ldns-dane"); } else { name_str = *argv++; argc--; s = ldns_str2rdf_dname(&name, name_str); LDNS_ERR(s, "could not ldns_str2rdf_dname"); port = (uint16_t)dane_int_within_range(*argv++, 65535, "port"); --argc; s = ldns_dane_create_tlsa_owner(&tlsa_owner, name, port, transport); LDNS_ERR(s, "could not create TLSA owner name"); tlsa_owner_str = ldns_rdf2str(tlsa_owner); if (! tlsa_owner_str) { MEMERR("ldns_rdf2str"); } } switch (mode) { case VERIFY: if (argc > 0) { print_usage("ldns-dane"); } if (tlsas_file) { s = dane_read_tlsas_from_file(&tlsas, tlsas_file, tlsa_owner); LDNS_ERR(s, "could not read tlas from file"); } else { /* lookup tlsas */ s = dane_setup_resolver(&res, nameserver_rdf, keys, assume_dnssec_validity); LDNS_ERR(s, "could not dane_setup_resolver"); s = dane_query(&tlsas, res, tlsa_owner, LDNS_RR_TYPE_TLSA, LDNS_RR_CLASS_IN, false); ldns_resolver_free(res); } if (s == LDNS_STATUS_DANE_INSECURE) { fprintf(stderr, "Warning! TLSA records for %s " "were found, but were insecure.\n" "PKIX validation without DANE will be " "performed. If you wish to perform DANE\n" "even though the RR's are insecure, " "use the -d option.\n", tlsa_owner_str); exit_success = no_tlsas_exit_status; } else if (s != LDNS_STATUS_OK) { ldns_err("dane_query", s); } else if (ldns_rr_list_rr_count(tlsas) == 0) { fprintf(stderr, "Warning! No TLSA records for %s " "were found.\n" "PKIX validation without DANE will be " "performed.\n", ldns_rdf2str(tlsa_owner)); exit_success = no_tlsas_exit_status; } else if (assume_pkix_validity) { /* number of tlsa's > 0 */ /* transform type "CA constraint" to "Trust anchor * assertion" and "Service Certificate Constraint" * to "Domain Issues Certificate" */ originals = tlsas; tlsas = dane_no_pkix_transform(originals); } break; case CREATE: if (argc > 0) { certificate_usage = dane_int_within_range_table( *argv++, 3, "certificate usage", dane_certificate_usage_table); argc--; } else { certificate_usage = LDNS_TLSA_USAGE_DANE_EE; } if (argc > 0) { selector = dane_int_within_range_table( *argv++, 1, "selector", dane_selector_table); argc--; } else { selector = LDNS_TLSA_SELECTOR_SPKI; } if (argc > 0) { matching_type = dane_int_within_range_table( *argv++, 2, "matching type", dane_matching_type_table); argc--; } else { matching_type = LDNS_TLSA_MATCHING_TYPE_SHA2_256; } if (argc > 0) { print_usage("ldns-dane"); } if ((certificate_usage == LDNS_TLSA_USAGE_CA_CONSTRAINT || certificate_usage == LDNS_TLSA_USAGE_SERVICE_CERTIFICATE_CONSTRAINT) && ! CAfile && ! CApath && ! assume_pkix_validity) { fprintf(stderr, "When using the \"CA constraint\" or " "\"Service certificate constraint\",\n" "-f and/or -p options " "must be given to perform PKIX validation.\n\n" "PKIX validation may be turned off " "with the -s option. Note that with\n" "\"CA constraint\" the verification process " "should then end with a self-signed\n" "certificate which must be present " "in the server certificate chain.\n\n"); exit(EXIT_FAILURE); } tlsas = ldns_rr_list_new(); break; default: fprintf(stderr, "Unreachable code\n"); assert(0); } #if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL) /* ssl initialize */ SSL_load_error_strings(); SSL_library_init(); #endif /* ssl load validation store */ if (! assume_pkix_validity || CAfile || CApath) { store = X509_STORE_new(); if (! store) { ssl_err("could not X509_STORE_new"); } if ((CAfile || CApath) && X509_STORE_load_locations( store, CAfile, CApath) != 1) { ssl_err("error loading CA certificates"); } } #if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL) ctx = SSL_CTX_new(SSLv23_client_method()); #else ctx = SSL_CTX_new(TLS_client_method()); if (ctx && SSL_CTX_dane_enable(ctx) <= 0) { ssl_err("could not SSL_CTX_dane_enable"); } /* Use TLSv1.0 or above for connection. */ long flags = 0; # ifdef SSL_OP_NO_SSLv2 flags |= SSL_OP_NO_SSLv2; # endif # ifdef SSL_OP_NO_SSLv3 flags |= SSL_OP_NO_SSLv3; # endif # ifdef SSL_OP_NO_COMPRESSION flags |= SSL_OP_NO_COMPRESSION; # endif SSL_CTX_set_options(ctx, flags); if (CAfile || CApath) { if (!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) ssl_err("could not set verify locations\n"); } else if (!SSL_CTX_set_default_verify_paths(ctx)) ssl_err("could not set default verify paths\n"); #endif if (! ctx) { ssl_err("could not SSL_CTX_new"); } if (cert_file && SSL_CTX_use_certificate_chain_file(ctx, cert_file) != 1) { ssl_err("error loading certificate"); } if (cert_file) { /* ssl load certificate */ ssl = SSL_new(ctx); if (! ssl) { ssl_err("could not SSL_new"); } cert = SSL_get_certificate(ssl); if (! cert) { ssl_err("could not SSL_get_certificate"); } #ifndef SSL_CTX_get_extra_chain_certs #ifndef S_SPLINT_S extra_certs = ctx->extra_certs; #endif /* splint */ #else if(!SSL_CTX_get_extra_chain_certs(ctx, &extra_certs)) { ssl_err("could not SSL_CTX_get_extra_chain_certs"); } #endif switch (mode) { case CREATE: dane_create(tlsas, tlsa_owner, certificate_usage, offset, selector, matching_type, cert, extra_certs, store, verify_server_name, name); break; #ifdef USE_DANE_VERIFY #if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL) case VERIFY: if (! dane_verify(tlsas, NULL, cert, extra_certs, store, verify_server_name, name, assume_pkix_validity)) { success = false; } break; #else /* OPENSSL_VERSION_NUMBER < 0x10100000 */ case VERIFY: usable_tlsas = 0; SSL_set_connect_state(ssl); if (SSL_dane_enable(ssl, name_str) <= 0) { ssl_err("could not SSL_dane_enable"); } if (!verify_server_name) { SSL_dane_set_flags(ssl, DANE_FLAG_NO_DANE_EE_NAMECHECKS); } for (j = 0; j < ldns_rr_list_rr_count(tlsas); j++) { int ret; ldns_rr *tlsa_rr = ldns_rr_list_rr(tlsas, j); if (ldns_rr_get_type(tlsa_rr) != LDNS_RR_TYPE_TLSA) { fprintf(stderr, "Skipping non TLSA RR: "); ldns_rr_print(stderr, tlsa_rr); fprintf(stderr, "\n"); continue; } if (ldns_rr_rd_count(tlsa_rr) != 4) { fprintf(stderr, "Skipping TLSA with wrong rdata RR: "); ldns_rr_print(stderr, tlsa_rr); fprintf(stderr, "\n"); continue; } ret = SSL_dane_tlsa_add(ssl, ldns_rdf2native_int8(ldns_rr_rdf(tlsa_rr, 0)), ldns_rdf2native_int8(ldns_rr_rdf(tlsa_rr, 1)), ldns_rdf2native_int8(ldns_rr_rdf(tlsa_rr, 2)), ldns_rdf_data(ldns_rr_rdf(tlsa_rr, 3)), ldns_rdf_size(ldns_rr_rdf(tlsa_rr, 3))); if (ret < 0) { ssl_err("could not SSL_dane_tlsa_add"); } if (ret == 0) { fprintf(stderr, "Skipping unusable TLSA RR: "); ldns_rr_print(stderr, tlsa_rr); fprintf(stderr, "\n"); continue; } usable_tlsas += 1; } if (!usable_tlsas) { fprintf(stderr, "No usable TLSA records were found.\n" "PKIX validation without DANE will be performed.\n"); exit_success = no_tlsas_exit_status; } if (!(store_ctx = X509_STORE_CTX_new())) { ssl_err("could not SSL_new"); } if (!X509_STORE_CTX_init(store_ctx, store, cert, extra_certs)) { ssl_err("could not X509_STORE_CTX_init"); } X509_STORE_CTX_set_default(store_ctx, SSL_is_server(ssl) ? "ssl_client" : "ssl_server"); X509_VERIFY_PARAM_set1(X509_STORE_CTX_get0_param(store_ctx), SSL_get0_param(ssl)); X509_STORE_CTX_set0_dane(store_ctx, SSL_get0_dane(ssl)); X509_NAME_print_ex_fp(stdout, X509_get_subject_name(cert), 0, 0); if (X509_verify_cert(store_ctx)) { fprintf(stdout, " %s-validated successfully\n", usable_tlsas ? "dane" : "PKIX"); } else { fprintf(stdout, " did not dane-validate, because: %s\n", X509_verify_cert_error_string( X509_STORE_CTX_get_error(store_ctx))); success = false; } if (store_ctx) { X509_STORE_CTX_free(store_ctx); } break; #endif /* OPENSSL_VERSION_NUMBER < 0x10100000 */ #endif /* ifdef USE_DANE_VERIFY */ default: break; /* suppress warning */ } SSL_free(ssl); } else {/* No certificate file given, creation/validation via TLS. */ /* We need addresses to connect to */ if (ldns_rr_list_rr_count(addresses) == 0) { s = dane_setup_resolver(&res, nameserver_rdf, keys, assume_dnssec_validity); LDNS_ERR(s, "could not dane_setup_resolver"); ldns_rr_list_free(addresses); addresses =dane_lookup_addresses(res, name, ai_family); ldns_resolver_free(res); } if (ldns_rr_list_rr_count(addresses) == 0) { fprintf(stderr, "No addresses for %s\n", name_str); exit(EXIT_FAILURE); } /* for all addresses, setup SSL and retrieve certificates */ for (i = 0; i < ldns_rr_list_rr_count(addresses); i++) { ssl = SSL_new(ctx); if (! ssl) { ssl_err("could not SSL_new"); } address = ldns_rr_a_address( ldns_rr_list_rr(addresses, i)); assert(address != NULL); #if OPENSSL_VERSION_NUMBER >= 0x10100000 && ! defined(HAVE_LIBRESSL) if (mode == VERIFY) { usable_tlsas = 0; if (SSL_dane_enable(ssl, name_str) <= 0) { ssl_err("could not SSL_dane_enable"); } if (!verify_server_name) { SSL_dane_set_flags(ssl, DANE_FLAG_NO_DANE_EE_NAMECHECKS); } for (j = 0; j < ldns_rr_list_rr_count(tlsas); j++) { int ret; ldns_rr *tlsa_rr = ldns_rr_list_rr(tlsas, j); if (ldns_rr_get_type(tlsa_rr) != LDNS_RR_TYPE_TLSA) { fprintf(stderr, "Skipping non TLSA RR: "); ldns_rr_print(stderr, tlsa_rr); fprintf(stderr, "\n"); continue; } if (ldns_rr_rd_count(tlsa_rr) != 4) { fprintf(stderr, "Skipping TLSA with wrong rdata RR: "); ldns_rr_print(stderr, tlsa_rr); fprintf(stderr, "\n"); continue; } ret = SSL_dane_tlsa_add(ssl, ldns_rdf2native_int8(ldns_rr_rdf(tlsa_rr, 0)) | (assume_pkix_validity ? 2 : 0), ldns_rdf2native_int8(ldns_rr_rdf(tlsa_rr, 1)), ldns_rdf2native_int8(ldns_rr_rdf(tlsa_rr, 2)), ldns_rdf_data(ldns_rr_rdf(tlsa_rr, 3)), ldns_rdf_size(ldns_rr_rdf(tlsa_rr, 3))); if (ret < 0) { ssl_err("could not SSL_dane_tlsa_add"); } if (ret == 0) { fprintf(stderr, "Skipping unusable TLSA RR: "); ldns_rr_print(stderr, tlsa_rr); fprintf(stderr, "\n"); continue; } usable_tlsas += 1; } if (!usable_tlsas) { fprintf(stderr, "No usable TLSA records were found.\n" "PKIX validation without DANE will be performed.\n"); exit_success = no_tlsas_exit_status; if (assume_pkix_validity) SSL_set_verify(ssl, SSL_VERIFY_PEER, _ldns_tls_verify_always_ok); } } #endif /* OPENSSL_VERSION_NUMBER >= 0x10100000 */ s = ssl_connect_and_get_cert_chain(&cert, &extra_certs, ssl, name_str, address,port, transport); if (s == LDNS_STATUS_NETWORK_ERR) { fprintf(stderr, "Could not connect to "); ldns_rdf_print(stderr, address); fprintf(stderr, " %d\n", (int) port); /* All addresses should succeed */ success = false; continue; } LDNS_ERR(s, "could not get cert chain from ssl"); #if OPENSSL_VERSION_NUMBER >= 0x10100000 && ! defined(HAVE_LIBRESSL) if (mode == VERIFY) { char *address_str = ldns_rdf2str(address); long verify_result = SSL_get_verify_result(ssl); fprintf(stdout, "%s", address_str ? address_str : "
"); free(address_str); if (verify_result == X509_V_OK) { fprintf(stdout, " %s-validated successfully\n", usable_tlsas ? "dane" : "PKIX"); } else { fprintf(stdout, " did not dane-validate, because: %s\n", X509_verify_cert_error_string(verify_result)); success = false; } } #endif /* OPENSSL_VERSION_NUMBER >= 0x10100000 */ switch (mode) { case CREATE: dane_create(tlsas, tlsa_owner, certificate_usage, offset, selector, matching_type, cert, extra_certs, store, verify_server_name, name); break; #ifdef USE_DANE_VERIFY case VERIFY: #if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL) if (! dane_verify(tlsas, address, cert, extra_certs, store, verify_server_name, name, assume_pkix_validity)) { success = false; } #endif /* OPENSSL_VERSION_NUMBER < 0x10100000 */ if (success && interact) { ssl_interact(ssl); } break; #endif /* USE_DANE_VERIFY */ default: break; /* suppress warning */ } (void)SSL_shutdown(ssl); SSL_free(ssl); } /* end for all addresses */ } /* end No certification file */ if (mode == CREATE) { if (print_tlsa_as_type52) { print_rr_list_as_TYPEXXX(stdout, tlsas); } else { ldns_rr_list_print(stdout, tlsas); } } ldns_rr_list_deep_free(tlsas); /* cleanup */ SSL_CTX_free(ctx); if (nameserver_rdf) { ldns_rdf_deep_free(nameserver_rdf); } if (store) { X509_STORE_free(store); } if (tlsa_owner_str) { LDNS_FREE(tlsa_owner_str); } if (tlsa_owner) { ldns_rdf_free(tlsa_owner); } if (addresses) { ldns_rr_list_deep_free(addresses); } if (success) { exit(exit_success); } else { exit(EXIT_FAILURE); } } #else /* HAVE_SSL */ int main(int argc, char **argv) { fprintf(stderr, "ldns-dane needs OpenSSL support, " "which has not been compiled in\n"); return 1; } #endif /* HAVE_SSL */ #else /* USE_DANE */ int main(int argc, char **argv) { (void)argc; (void)argv; fprintf(stderr, "dane support was disabled with this build of ldns, " "and has not been compiled in\n"); return 1; } #endif /* USE_DANE */ ldns-1.9.0/examples/ldns-mx.c0000664000175000017500000000431715114326257015406 0ustar willemwillem/* * mx is a small program that prints out the mx records * for a particular domain * (c) NLnet Labs, 2005 - 2008 * See the file LICENSE for the license */ #include "config.h" #include static int usage(FILE *fp, char *prog) { fprintf(fp, "%s domain\n", prog); fprintf(fp, " print out the mx for domain\n"); return 0; } int main(int argc, char *argv[]) { ldns_resolver *res; ldns_rdf *domain; ldns_pkt *p; ldns_rr_list *mx; ldns_status s; p = NULL; mx = NULL; domain = NULL; res = NULL; if (argc != 2) { usage(stdout, argv[0]); exit(EXIT_FAILURE); } else { /* create a rdf from the command line arg */ domain = ldns_dname_new_frm_str(argv[1]); if (!domain) { usage(stdout, argv[0]); exit(EXIT_FAILURE); } if (! ldns_dname_str_absolute(argv[1]) && ldns_dname_absolute(domain)) { /* ldns_dname_new_frm_str makes absolute dnames always! * So deabsolutify domain. * TODO: Create ldns_dname_new_frm_str_relative? Yuck! */ ldns_rdf_set_size(domain, ldns_rdf_size(domain) - 1); } } /* create a new resolver from /etc/resolv.conf */ s = ldns_resolver_new_frm_file(&res, NULL); if (s != LDNS_STATUS_OK) { exit(EXIT_FAILURE); } /* use the resolver to send a query for the mx * records of the domain given on the command line */ p = ldns_resolver_search(res, domain, LDNS_RR_TYPE_MX, LDNS_RR_CLASS_IN, LDNS_RD); ldns_rdf_deep_free(domain); if (!p) { exit(EXIT_FAILURE); } else { /* retrieve the MX records from the answer section of that * packet */ mx = ldns_pkt_rr_list_by_type(p, LDNS_RR_TYPE_MX, LDNS_SECTION_ANSWER); if (!mx) { fprintf(stderr, " *** invalid answer name %s after MX query for %s\n", argv[1], argv[1]); ldns_pkt_free(p); ldns_resolver_deep_free(res); exit(EXIT_FAILURE); } else { ldns_rr_list_sort(mx); ldns_rr_list_print(stdout, mx); ldns_rr_list_deep_free(mx); } } ldns_pkt_free(p); ldns_resolver_deep_free(res); return 0; } ldns-1.9.0/examples/ldns-read-zone.c0000664000175000017500000002137015114326257016644 0ustar willemwillem/* * read a zone file from disk and prints it, one RR per line * * (c) NLnetLabs 2005-2008 * * See the file LICENSE for the license */ #include "config.h" #include #include #include #include #include static void print_usage(const char* progname) { printf("Usage: %s [OPTIONS] \n", progname); printf("\tReads the zonefile and prints it.\n"); printf("\tThe RR count of the zone is printed to stderr.\n"); printf("\t-0 zeroize timestamps and signature in RRSIG records.\n"); printf("\t-b include Bubble Babble encoding of DS's.\n"); printf("\t-c canonicalize all rrs in the zone.\n"); printf("\t-d only show DNSSEC data from the zone\n"); printf("\t-e \n"); printf("\t\tDo not print RRs of the given .\n"); printf("\t\tThis option may be given multiple times.\n"); printf("\t\t-e is not meant to be used together with -E.\n"); printf("\t-E \n"); printf("\t\tPrint only RRs of the given .\n"); printf("\t\tThis option may be given multiple times.\n"); printf("\t\t-E is not meant to be used together with -e.\n"); printf("\t-h show this text\n"); printf("\t-n do not print the SOA record\n"); printf("\t-p prepend SOA serial with spaces so" " it takes exactly ten characters.\n"); printf("\t-s strip DNSSEC data from the zone\n"); printf("\t-S [[+|-] | YYYYMMDDxx | " " unixtime ]\n" "\t\tSet serial number to or," " when preceded by a sign,\n" "\t\toffset the existing number with " ". With YYYYMMDDxx\n" "\t\tthe serial is formatted as a datecounter" ", and with unixtime as\n" "\t\tthe number of seconds since 1-1-1970." " However, on serial\n" "\t\tnumber decrease, +1 is used in stead" ". (implies -s)\n"); printf("\t-u \n"); printf("\t\tMark for printing in unknown type format.\n"); printf("\t\tThis option may be given multiple times.\n"); printf("\t\t-u is not meant to be used together with -U.\n"); printf("\t-U \n"); printf("\t\tMark for not printing in unknown type format.\n"); printf("\t\tThis option may be given multiple times.\n"); printf( "\t\tThe first occurrence of the -U option marks all RR types for" "\n\t\tprinting in unknown type format except for the given ." "\n\t\tSubsequent -U options will clear the mark for those s" "\n\t\ttoo, so that only the given s will be printed in the" "\n\t\tpresentation format specific for those s.\n"); printf("\t\t-U is not meant to be used together with -u.\n"); printf("\t-v shows the version and exits\n"); printf("\t-z sort the zone (implies -c).\n"); printf("\nif no file is given standard input is read\n"); exit(EXIT_SUCCESS); } static void exclude_type(ldns_rdf **show_types, ldns_rr_type t) { ldns_status s; assert(show_types != NULL); if (! *show_types && LDNS_STATUS_OK != (s = ldns_rdf_bitmap_known_rr_types(show_types))) goto fail; s = ldns_nsec_bitmap_clear_type(*show_types, t); if (s == LDNS_STATUS_OK) return; fail: fprintf(stderr, "Cannot exclude rr type %s: %s\n" , ldns_rr_descript(t)->_name , ldns_get_errorstr_by_id(s)); exit(EXIT_FAILURE); } static void include_type(ldns_rdf **show_types, ldns_rr_type t) { ldns_status s; assert(show_types != NULL); if (! *show_types && LDNS_STATUS_OK != (s = ldns_rdf_bitmap_known_rr_types_space(show_types))) goto fail; s = ldns_nsec_bitmap_set_type(*show_types, t); if (s == LDNS_STATUS_OK) return; fail: fprintf(stderr, "Cannot exclude all rr types except %s: %s\n" , ldns_rr_descript(t)->_name , ldns_get_errorstr_by_id(s)); exit(EXIT_FAILURE); } int main(int argc, char **argv) { char *filename; FILE *fp; ldns_zone *z; int line_nr = 0; int c; bool canonicalize = false; bool sort = false; bool print_soa = true; ldns_status s; size_t i; ldns_rr_list *stripped_list; ldns_rr *cur_rr; ldns_output_format_storage fmt_storage; ldns_output_format* fmt = ldns_output_format_init(&fmt_storage); ldns_rdf *show_types = NULL; ldns_soa_serial_increment_func_t soa_serial_increment_func = NULL; int soa_serial_increment_func_data = 0; while ((c = getopt(argc, argv, "0bcde:E:hnpsS:u:U:vz")) != -1) { switch(c) { case '0': fmt->flags |= LDNS_FMT_ZEROIZE_RRSIGS; break; case 'b': fmt->flags |= ( LDNS_COMMENT_BUBBLEBABBLE | LDNS_COMMENT_FLAGS ); break; case 'c': canonicalize = true; break; case 'd': include_type(&show_types, LDNS_RR_TYPE_RRSIG); include_type(&show_types, LDNS_RR_TYPE_NSEC); include_type(&show_types, LDNS_RR_TYPE_NSEC3); break; case 'e': exclude_type(&show_types, ldns_get_rr_type_by_name(optarg)); break; case 'E': include_type(&show_types, ldns_get_rr_type_by_name(optarg)); break; case 'h': print_usage("ldns-read-zone"); break; case 'n': print_soa = false; break; case 'p': fmt->flags |= LDNS_FMT_PAD_SOA_SERIAL; break; case 's': case 'S': exclude_type(&show_types, LDNS_RR_TYPE_RRSIG); exclude_type(&show_types, LDNS_RR_TYPE_NSEC); exclude_type(&show_types, LDNS_RR_TYPE_NSEC3); if (c == 's') break; if (*optarg == '+' || *optarg == '-') { soa_serial_increment_func_data = atoi(optarg); soa_serial_increment_func = ldns_soa_serial_increment_by; } else if (! strtok(optarg, "0123456789")) { soa_serial_increment_func_data = atoi(optarg); soa_serial_increment_func = ldns_soa_serial_identity; } else if (!strcasecmp(optarg, "YYYYMMDDxx")){ soa_serial_increment_func = ldns_soa_serial_datecounter; } else if (!strcasecmp(optarg, "unixtime")){ soa_serial_increment_func = ldns_soa_serial_unixtime; } else { fprintf(stderr, "-S expects a number " "optionally preceded by a " "+ or - sign to indicate an " "offset, or the text YYYYMM" "DDxx or unixtime\n"); exit(EXIT_FAILURE); } break; case 'u': s = ldns_output_format_set_type(fmt, ldns_get_rr_type_by_name(optarg)); if (s != LDNS_STATUS_OK) { fprintf( stderr , "Cannot set rr type %s " "in output format to " "print as unknown type: %s\n" , ldns_rr_descript( ldns_get_rr_type_by_name(optarg) )->_name , ldns_get_errorstr_by_id(s) ); exit(EXIT_FAILURE); } break; case 'U': s = ldns_output_format_clear_type(fmt, ldns_get_rr_type_by_name(optarg)); if (s != LDNS_STATUS_OK) { fprintf( stderr , "Cannot set rr type %s " "in output format to not " "print as unknown type: %s\n" , ldns_rr_descript( ldns_get_rr_type_by_name(optarg) )->_name , ldns_get_errorstr_by_id(s) ); exit(EXIT_FAILURE); } break; case 'v': printf("read zone version %s (ldns version %s)\n", LDNS_VERSION, ldns_version()); exit(EXIT_SUCCESS); break; case 'z': canonicalize = true; sort = true; break; } } argc -= optind; argv += optind; if (argc == 0) { fp = stdin; } else { filename = argv[0]; fp = fopen(filename, "r"); if (!fp) { fprintf(stderr, "Unable to open %s: %s\n", filename, strerror(errno)); exit(EXIT_FAILURE); } } s = ldns_zone_new_frm_fp_l(&z, fp, NULL, 0, LDNS_RR_CLASS_IN, &line_nr); fclose(fp); if (s != LDNS_STATUS_OK) { fprintf(stderr, "%s at line %d\n", ldns_get_errorstr_by_id(s), line_nr); exit(EXIT_FAILURE); } if (show_types) { if (print_soa) print_soa = ldns_nsec_bitmap_covers_type(show_types, LDNS_RR_TYPE_SOA); stripped_list = ldns_rr_list_new(); while ((cur_rr = ldns_rr_list_pop_rr(ldns_zone_rrs(z)))) if (ldns_nsec_bitmap_covers_type(show_types, ldns_rr_get_type(cur_rr))) ldns_rr_list_push_rr(stripped_list, cur_rr); else ldns_rr_free(cur_rr); ldns_rr_list_free(ldns_zone_rrs(z)); ldns_zone_set_rrs(z, stripped_list); } if (canonicalize) { ldns_rr2canonical(ldns_zone_soa(z)); for (i = 0; i < ldns_rr_list_rr_count(ldns_zone_rrs(z)); i++) { ldns_rr2canonical(ldns_rr_list_rr(ldns_zone_rrs(z), i)); } } if (sort) { ldns_zone_sort(z); } if (print_soa && ldns_zone_soa(z)) { if (soa_serial_increment_func) { ldns_rr_soa_increment_func_int( ldns_zone_soa(z) , soa_serial_increment_func , soa_serial_increment_func_data ); } ldns_rr_print_fmt(stdout, fmt, ldns_zone_soa(z)); } ldns_rr_list_print_fmt(stdout, fmt, ldns_zone_rrs(z)); ldns_zone_deep_free(z); exit(EXIT_SUCCESS); } ldns-1.9.0/examples/ldns-resolver.c0000664000175000017500000000206215114326257016616 0ustar willemwillem/* * ldns-resolver tries to create a resolver structure from /dev/urandom * this is only useful to test the library for robustness with input data * * (c) NLnet Labs 2006 - 2008 * See the file LICENSE for the license */ #include "config.h" #include "errno.h" #include int main(int argc, char **argv) { ldns_resolver *r; int line = 1; FILE *rand; ldns_status s; if (argc != 2 || strncmp(argv[1], "-h", 3) == 0) { printf("Usage: ldns-resolver \n"); printf("Tries to create a stub resolver structure from the given file.\n"); exit(EXIT_FAILURE); } if (!(rand = fopen(argv[1], "r"))) { printf("Error opening %s: %s\n", argv[1], strerror(errno)); exit(EXIT_FAILURE); } printf("Trying to read from %s\n", argv[1]); s = ldns_resolver_new_frm_fp_l(&r, rand, &line); if (s != LDNS_STATUS_OK) { printf("Failed: %s at line %d\n", ldns_get_errorstr_by_id(s), line); exit(EXIT_FAILURE); } else { printf("Success\n"); ldns_resolver_print(stdout, r); ldns_resolver_deep_free(r); } fclose(rand); return EXIT_SUCCESS; } ldns-1.9.0/examples/ldns-verify-zone.1.in0000664000175000017500000000610315114326257017555 0ustar willemwillem.TH ldns-verifyzone 1 "27 May 2008" .SH NAME ldns-verify-zone \- read a DNSSEC signed zone and verify it. .SH SYNOPSIS .B ldns-verify-zone .IR ZONEFILE .SH DESCRIPTION \fBldns-verify-zone\fR reads a DNS zone file and verifies it. RRSIG resource records are checked against the DNSKEY set at the zone apex. Each name is checked for an NSEC(3), if appropriate. If ZONEMD resource records are present, one of them needs to match the zone content. .SH OPTIONS .TP \fB-h\fR Show usage and exit .TP \fB-a\fR Apex only, check only the zone apex .TP \fB-e\fR \fIperiod\fR Signatures may not expire within this period. Default no period is used. .TP \fB-i\fR \fIperiod\fR Signatures must have been valid at least this long. Default signatures should just be valid now. .TP \fB-k\fR \fIfile\fR A file that contains a trusted DNSKEY or DS rr. This option may be given more than once. Alternatively, if \fB-k\fR is not specified, and a default trust anchor (@LDNS_TRUST_ANCHOR_FILE@) exists and contains a valid DNSKEY or DS record, it will be used as the trust anchor. .TP \fB-p\fR \fI[0-100]\fR Only check this percentage of the zone. Which names to check is determined randomly. Defaults to 100. .TP \fB-s\fR Check all signature results, instead of one. Without the option one signature that validates stops error output for the RRset. With the option, all results from signature validations are printed. For spurious RRSIGs that prints output for the spurious RRSIGs if they are wrong. .TP \fB-S\fR Chase signature(s) to a known key. The network may be accessed to validate the zone's DNSKEYs. (implies \-k) .TP \fB-t\fR \fIYYYYMMDDhhmmss | [+|-]offset\fR Set the validation time either by an absolute time value or as an offset in seconds from the current time. .TP \fB-v\fR Show the version and exit .TP \fB-V\fR \fInumber\fR Set the verbosity level (default 3): 0: Be silent 1: Print result, and any errors 2: Same as 1 for now 3: Print result, any errors, and the names that are being checked 4: Same as 3 for now 5: Print the zone after it has been read, the result, any errors, and the names that are being checked .TP \fB-Z\fR Requires a valid ZONEMD RR to be present. When given once, this option will permit verifying only the ZONEMD RR of an unsigned zone. When given more than once, the zone needs to be validly DNSSEC signed as well. .TP \fB-ZZZ\fR When three times a \fB-Z\fR option is given, the ZONEMD RR to be verified is considered "detached" and does not need to have valid signatures. .LP \fIperiod\fRs are given in ISO 8601 duration format: .RS P[n]Y[n]M[n]DT[n]H[n]M[n]S .RE .LP If no file is given standard input is read. .SH "FILES" .TP @LDNS_TRUST_ANCHOR_FILE@ The file from which trusted keys are loaded for signature chasing, when no \fB-k\fR option is given. .SH "SEE ALSO" .LP unbound-anchor(8) .SH AUTHOR Written by the ldns team as an example for ldns usage. .SH REPORTING BUGS Report bugs to . .SH COPYRIGHT Copyright (C) 2008 NLnet Labs. This is free software. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. ldns-1.9.0/examples/ldns-read-zone.10000664000175000017500000000607415114326257016566 0ustar willemwillem.TH ldns-read-zone 1 "30 May 2005" .SH NAME ldns-read-zone \- read a zonefile and print it .SH SYNOPSIS .B ldns-read-zone .IR ZONEFILE .SH DESCRIPTION \fBldns-read-zone\fR reads a DNS zone file and prints it. The output has 1 resource record per line, and no pretty-printing makeup. .SH OPTIONS .TP \fB-0\fR Print a (null) for the RRSIG inception, expiry and key data. This option can be used when comparing different signing systems that use the same DNSKEYs for signing but would have a slightly different timings/jitter. .TP \fB-b\fR Include Bubble Babble encoding of DS's. .TP \fB-c\fR Canonicalize all resource records in the zone before printing .TP \fB-d\fR Only print DNSSEC data from the zone. This option skips every record that is not of type NSEC, NSEC3 or RRSIG. DNSKEY and DS records are not printed. .TP \fB-e\fR \fIRR type\fR Do not print RRs of the given \fIrr type\fR. This option may be given multiple times. \fB-e\fR is not meant to be used together with \fB-E\fR. .TP \fB-E\fR \fIRR type\fR Print only RRs of the given \fIrr type\fR. This option may be given multiple times. \fB-E\fR is not meant to be used together with \fB-e\fR. .TP \fB-h\fR Show usage and exit .TP \fB-n\fR Do not print the SOA record .TP \fB-p\fR Pad the SOA serial number with spaces so the number and the spaces together take ten characters. This is useful for in file serial number increments. .TP \fB-s\fR Strip DNSSEC data from the zone. This option skips every record that is of type NSEC, NSEC3 or RRSIG. DNSKEY and DS records are still printed. .TP \fB-S\fR \fI[[+|0]number | YYYYMMDDxx | unixtime ]\fR Set serial number to the given \fInumber\fR, or when preceded by a sign, offset the existing number with it. When giving the literal strings \fIYYYYMMDDxx\fR or \fIunixtime\fR, the serial number is tried to be reset in datecounter or in unixtime format respectively. Though is the updated serial number is smaller than the original one, the original one is simply increased by one. When updating a serial number, records of type NSEC, NSEC3, RRSIG and DNSKEY will be skipped when printing the zone. .TP \fB-u\fR \fIRR type\fR Mark \fIRR type\fR for printing in unknown type format. \fB-u\fR is not meant to be used together with \fB-U\fR. .TP \fB-U\fR \fIRR type\fR Mark \fIRR type\fR for \fBnot\fR printing in unknown type format. The first occurrence of the \fB-U\fR option marks all RR types for printing in unknown type format except for the given \fIRR type\fR. Subsequent \fB-U\fR options will clear the mark for those \fIRR type\fRs too, so that only the given \fIRR type\fRs will be printed in the presentation format specific for those \fIRR type\fRs. \fB-U\fR is not meant to be used together with \fB-u\fR. .TP \fB-v\fR Show the version and exit .TP \fB-z\fR Sort the zone before printing (this implies \-c) .SH AUTHOR Written by the ldns team as an example for ldns usage. .SH REPORTING BUGS Report bugs to . .SH COPYRIGHT Copyright (C) 2005 NLnet Labs. This is free software. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. ldns-1.9.0/examples/ldns-mx.10000664000175000017500000000102315114326257015313 0ustar willemwillem.TH ldns-mx 1 "27 Apr 2005" .SH NAME ldns-mx \- print out the mx record(s) for a domain .SH SYNOPSIS .B ldns-mx .IR DOMAIN .SH DESCRIPTION \fBldns-mx\fR is used to print out mx information of a domain. .SH OPTIONS \fBldns-mx\fR has no options. .SH AUTHOR Written by the ldns team as an example for ldns usage. .SH REPORTING BUGS Report bugs to . .SH COPYRIGHT Copyright (C) 2005 NLnet Labs. This is free software. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. ldns-1.9.0/examples/ldns-verify-zone.c0000664000175000017500000006522615114326257017245 0ustar willemwillem/* * read a zone file from disk and prints it, one RR per line * * (c) NLnetLabs 2008 * * See the file LICENSE for the license * * Missing from the checks: empty non-terminals */ #include "config.h" #include #include #include #include #include #ifdef HAVE_SSL #include static int verbosity = 3; static time_t check_time = 0; static int32_t inception_offset = 0; static int32_t expiration_offset = 0; static bool do_sigchase = false; static bool no_nomatch_msg = false; static int check_all_sigs = 0; static FILE* myout; static FILE* myerr; static void update_error(ldns_status* result, ldns_status status) { if (status != LDNS_STATUS_OK) { if (*result == LDNS_STATUS_OK || *result == LDNS_STATUS_ERR || ( *result == LDNS_STATUS_CRYPTO_NO_MATCHING_KEYTAG_DNSKEY && status != LDNS_STATUS_ERR )) { *result = status; } } } static void print_type(FILE* stream, ldns_rr_type type) { const ldns_rr_descriptor *descriptor = ldns_rr_descript(type); if (descriptor && descriptor->_name) { fprintf(stream, "%s", descriptor->_name); } else { fprintf(stream, "TYPE%u", type); } } static ldns_status read_key_file(const char *filename, ldns_rr_list *keys) { ldns_status status = LDNS_STATUS_ERR; ldns_rr *rr; FILE *fp; uint32_t my_ttl = 0; ldns_rdf *my_origin = NULL; ldns_rdf *my_prev = NULL; int line_nr; if (!(fp = fopen(filename, "r"))) { return LDNS_STATUS_FILE_ERR; } while (!feof(fp)) { status = ldns_rr_new_frm_fp_l(&rr, fp, &my_ttl, &my_origin, &my_prev, &line_nr); if (status == LDNS_STATUS_OK) { if ( ldns_rr_get_type(rr) == LDNS_RR_TYPE_DS || ldns_rr_get_type(rr) == LDNS_RR_TYPE_DNSKEY) ldns_rr_list_push_rr(keys, rr); } else if ( status == LDNS_STATUS_SYNTAX_EMPTY || status == LDNS_STATUS_SYNTAX_TTL || status == LDNS_STATUS_SYNTAX_ORIGIN || status == LDNS_STATUS_SYNTAX_INCLUDE) status = LDNS_STATUS_OK; else break; } fclose(fp); return status; } static void print_rr_error(FILE* stream, ldns_rr* rr, const char* msg) { if (verbosity > 0) { fprintf(stream, "Error: %s for ", msg); ldns_rdf_print(stream, ldns_rr_owner(rr)); fprintf(stream, "\t"); print_type(stream, ldns_rr_get_type(rr)); fprintf(stream, "\n"); } } static void print_rr_status_error(FILE* stream, ldns_rr* rr, ldns_status status) { if (status != LDNS_STATUS_OK) { print_rr_error(stream, rr, ldns_get_errorstr_by_id(status)); if (verbosity > 0 && status == LDNS_STATUS_SSL_ERR) { #if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL) ERR_load_crypto_strings(); #endif ERR_print_errors_fp(stream); } } } static void print_rrs_status_error(FILE* stream, ldns_rr_list* rrs, ldns_status status, ldns_dnssec_rrs* cur_sig) { if (status != LDNS_STATUS_OK) { if (ldns_rr_list_rr_count(rrs) > 0) { print_rr_status_error(stream, ldns_rr_list_rr(rrs, 0), status); } else if (verbosity > 0) { fprintf(stream, "Error: %s for \n", ldns_get_errorstr_by_id(status)); } if (verbosity >= 4) { fprintf(stream, "RRSet:\n"); ldns_rr_list_print(stream, rrs); fprintf(stream, "Signature:\n"); ldns_rr_print(stream, cur_sig->rr); fprintf(stream, "\n"); } } } static ldns_status rrsig_check_time_margins(ldns_rr* rrsig #if 0 /* Passing those as arguments becomes sensible when * rrsig_check_time_margins will be added to the library. */ ,time_t check_time, int32_t inception_offset, int32_t expiration_offset #endif ) { int32_t inception, expiration; inception = ldns_rdf2native_int32(ldns_rr_rrsig_inception (rrsig)); expiration = ldns_rdf2native_int32(ldns_rr_rrsig_expiration(rrsig)); if (((int32_t) (check_time - inception_offset)) - inception < 0) { return LDNS_STATUS_CRYPTO_SIG_NOT_INCEPTED_WITHIN_MARGIN; } if (expiration - ((int32_t) (check_time + expiration_offset)) < 0) { return LDNS_STATUS_CRYPTO_SIG_EXPIRED_WITHIN_MARGIN; } return LDNS_STATUS_OK; } static ldns_status verify_rrs(ldns_rr_list* rrset_rrs, ldns_dnssec_rrs* cur_sig, ldns_rr_list* keys) { ldns_status status, result = LDNS_STATUS_OK; int one_signature_verified = 0; ldns_dnssec_rrs *cur_sig_bak = cur_sig; int is_dnskey_rrset = ldns_rr_list_rr_count(rrset_rrs) > 0 && ldns_rr_get_type(ldns_rr_list_rr(rrset_rrs, 0)) == LDNS_RR_TYPE_DNSKEY; /* A single valid signature validates the RRset */ /* With check all sigs, it skips this, except for the DNSKEY RRset. */ if(!check_all_sigs || is_dnskey_rrset) { while (cur_sig) { if (ldns_verify_rrsig_keylist_time( rrset_rrs, cur_sig->rr , keys, check_time, NULL) || rrsig_check_time_margins(cur_sig->rr)) cur_sig = cur_sig->next; else return LDNS_STATUS_OK; } } /* Without any valid signature, do print all errors. */ /* When checking all sigs, keep track if one is valid. */ for (cur_sig = cur_sig_bak; cur_sig; cur_sig = cur_sig->next) { status = ldns_verify_rrsig_keylist_time(rrset_rrs, cur_sig->rr, keys, check_time, NULL); status = status ? status : rrsig_check_time_margins(cur_sig->rr); if(check_all_sigs && status == LDNS_STATUS_OK) one_signature_verified += 1; if (!status) ; /* pass */ else if (!no_nomatch_msg || status != LDNS_STATUS_CRYPTO_NO_MATCHING_KEYTAG_DNSKEY) print_rrs_status_error( myerr, rrset_rrs, status, cur_sig); update_error(&result, status); } if(check_all_sigs && one_signature_verified) return LDNS_STATUS_OK; return result; } static ldns_status verify_dnssec_rrset(ldns_rdf *zone_name, ldns_rdf *name, ldns_dnssec_rrsets *rrset, ldns_rr_list *keys) { ldns_rr_list *rrset_rrs; ldns_dnssec_rrs *cur_rr, *cur_sig; ldns_status status; if (!rrset->rrs) return LDNS_STATUS_OK; rrset_rrs = ldns_rr_list_new(); cur_rr = rrset->rrs; while(cur_rr && cur_rr->rr) { ldns_rr_list_push_rr(rrset_rrs, cur_rr->rr); cur_rr = cur_rr->next; } cur_sig = rrset->signatures; if (cur_sig) { status = verify_rrs(rrset_rrs, cur_sig, keys); } else /* delegations may be unsigned (on opt out...) */ if (rrset->type != LDNS_RR_TYPE_NS || ldns_dname_compare(name, zone_name) == 0) { print_rr_error(myerr, rrset->rrs->rr, "no signatures"); status = LDNS_STATUS_CRYPTO_NO_RRSIG; } else { status = LDNS_STATUS_OK; } ldns_rr_list_free(rrset_rrs); return status; } static ldns_status verify_single_rr(ldns_rr *rr, ldns_dnssec_rrs *signature_rrs, ldns_rr_list *keys) { ldns_rr_list *rrset_rrs; ldns_status status; rrset_rrs = ldns_rr_list_new(); ldns_rr_list_push_rr(rrset_rrs, rr); status = verify_rrs(rrset_rrs, signature_rrs, keys); ldns_rr_list_free(rrset_rrs); return status; } static ldns_status verify_next_hashed_name(ldns_dnssec_zone* zone, ldns_dnssec_name *name) { ldns_rbnode_t *next_node; ldns_dnssec_name *next_name; int cmp; char *next_owner_str; ldns_rdf *next_owner_dname; assert(name->hashed_name != NULL); next_node = ldns_rbtree_search(zone->hashed_names, name->hashed_name); assert(next_node != NULL); do { next_node = ldns_rbtree_next(next_node); if (next_node == LDNS_RBTREE_NULL) { next_node = ldns_rbtree_first(zone->hashed_names); } next_name = (ldns_dnssec_name *) next_node->data; } while (! next_name->nsec); next_owner_str = ldns_rdf2str(ldns_nsec3_next_owner(name->nsec)); next_owner_dname = ldns_dname_new_frm_str(next_owner_str); cmp = ldns_dname_compare(next_owner_dname, next_name->hashed_name); ldns_rdf_deep_free(next_owner_dname); LDNS_FREE(next_owner_str); if (cmp != 0) { if (verbosity > 0) { fprintf(myerr, "Error: The NSEC3 record for "); ldns_rdf_print(stdout, name->name); fprintf(myerr, " points to the wrong next hashed owner" " name\n\tshould point to "); ldns_rdf_print(myerr, next_name->name); fprintf(myerr, ", whose hashed name is "); ldns_rdf_print(myerr, next_name->hashed_name); fprintf(myerr, "\n"); } return LDNS_STATUS_ERR; } else { return LDNS_STATUS_OK; } } static bool zone_is_nsec3_optout(ldns_dnssec_zone* zone) { static int remember = -1; if (remember == -1) { remember = ldns_dnssec_zone_is_nsec3_optout(zone) ? 1 : 0; } return remember == 1; } static ldns_status verify_nsec(ldns_dnssec_zone* zone, ldns_rbnode_t *cur_node, ldns_rr_list *keys) { ldns_rbnode_t *next_node; ldns_dnssec_name *name, *next_name; ldns_status status, result; result = LDNS_STATUS_OK; name = (ldns_dnssec_name *) cur_node->data; if (name->nsec) { if (name->nsec_signatures) { status = verify_single_rr(name->nsec, name->nsec_signatures, keys); update_error(&result, status); } else { if (verbosity > 0) { fprintf(myerr, "Error: the NSEC(3) record of "); ldns_rdf_print(myerr, name->name); fprintf(myerr, " has no signatures\n"); } update_error(&result, LDNS_STATUS_ERR); } /* check whether the NSEC record points to the right name */ switch (ldns_rr_get_type(name->nsec)) { case LDNS_RR_TYPE_NSEC: /* simply try next name */ next_node = ldns_rbtree_next(cur_node); if (next_node == LDNS_RBTREE_NULL) { next_node = ldns_rbtree_first( zone->names); } next_node = ldns_dnssec_name_node_next_nonglue( next_node); if (!next_node) { next_node = ldns_dnssec_name_node_next_nonglue( ldns_rbtree_first(zone->names)); } next_name = (ldns_dnssec_name*)next_node->data; if (ldns_dname_compare(next_name->name, ldns_rr_rdf(name->nsec, 0)) != 0) { if (verbosity > 0) { fprintf(myerr, "Error: the " "NSEC record for "); ldns_rdf_print(myerr, name->name); fprintf(myerr, " points to " "the wrong " "next owner name\n"); } if (verbosity >= 4) { fprintf(myerr, "\t: "); ldns_rdf_print(myerr, ldns_rr_rdf( name->nsec, 0)); fprintf(myerr, " i.s.o. "); ldns_rdf_print(myerr, next_name->name); fprintf(myerr, ".\n"); } update_error(&result, LDNS_STATUS_ERR); } break; case LDNS_RR_TYPE_NSEC3: /* find the hashed next name in the tree */ /* this is expensive, do we need to add * support for this in the structs? * (ie. pointer to next hashed name?) */ status = verify_next_hashed_name(zone, name); update_error(&result, status); break; default: break; } } else { if (zone_is_nsec3_optout(zone) && (ldns_dnssec_name_is_glue(name) || ( ldns_dnssec_rrsets_contains_type(name->rrsets, LDNS_RR_TYPE_NS) && !ldns_dnssec_rrsets_contains_type(name->rrsets, LDNS_RR_TYPE_DS)))) { /* ok, no problem, but we need to remember to check * whether the chain does not actually point to this * name later */ } else { if (verbosity > 0) { fprintf(myerr, "Error: there is no NSEC(3) for "); ldns_rdf_print(myerr, name->name); fprintf(myerr, "\n"); } update_error(&result, LDNS_STATUS_ERR); } } return result; } static ldns_status verify_dnssec_name(ldns_rdf *zone_name, ldns_dnssec_zone* zone, ldns_rbnode_t *cur_node, ldns_rr_list *keys, bool detached_zonemd) { ldns_status result = LDNS_STATUS_OK; ldns_status status; ldns_dnssec_rrsets *cur_rrset; ldns_dnssec_name *name; int on_delegation_point; /* for NSEC chain checks */ name = (ldns_dnssec_name *) cur_node->data; if (verbosity >= 5) { fprintf(myout, "Checking: "); ldns_rdf_print(myout, name->name); fprintf(myout, "\n"); } if (ldns_dnssec_name_is_glue(name)) { /* glue */ cur_rrset = name->rrsets; while (cur_rrset) { if (cur_rrset->signatures) { if (verbosity > 0) { fprintf(myerr, "Error: "); ldns_rdf_print(myerr, name->name); fprintf(myerr, "\t"); print_type(myerr, cur_rrset->type); fprintf(myerr, " has signature(s)," " but is occluded" " (or glue)\n"); } result = LDNS_STATUS_ERR; } cur_rrset = cur_rrset->next; } if (name->nsec) { if (verbosity > 0) { fprintf(myerr, "Error: "); ldns_rdf_print(myerr, name->name); fprintf(myerr, " has an NSEC(3)," " but is occluded" " (or glue)\n"); } result = LDNS_STATUS_ERR; } } else { /* not glue, do real verify */ on_delegation_point = ldns_dnssec_rrsets_contains_type(name->rrsets, LDNS_RR_TYPE_NS) && !ldns_dnssec_rrsets_contains_type(name->rrsets, LDNS_RR_TYPE_SOA); cur_rrset = name->rrsets; while(cur_rrset) { /* Do not check occluded rrsets * on the delegation point */ if ((on_delegation_point && (cur_rrset->type == LDNS_RR_TYPE_NS || cur_rrset->type == LDNS_RR_TYPE_DS)) || (!on_delegation_point && cur_rrset->type != LDNS_RR_TYPE_RRSIG && cur_rrset->type != LDNS_RR_TYPE_NSEC && ( cur_rrset->type != LDNS_RR_TYPE_ZONEMD || !detached_zonemd || cur_rrset->signatures))) { status = verify_dnssec_rrset(zone_name, name->name, cur_rrset, keys); update_error(&result, status); } cur_rrset = cur_rrset->next; } status = verify_nsec(zone, cur_node, keys); update_error(&result, status); } return result; } static void add_keys_with_matching_ds(ldns_dnssec_rrsets* from_keys, ldns_rr_list *dss, ldns_rr_list *to_keys) { size_t i; ldns_rr* ds_rr; ldns_dnssec_rrs *cur_key; for (i = 0; i < ldns_rr_list_rr_count(dss); i++) { if (ldns_rr_get_type(ds_rr = ldns_rr_list_rr(dss, i)) == LDNS_RR_TYPE_DS) { for (cur_key = from_keys->rrs; cur_key; cur_key = cur_key->next ) { if (ldns_rr_compare_ds(cur_key->rr, ds_rr)) { ldns_rr_list_push_rr(to_keys, cur_key->rr); break; } } } } } static ldns_resolver *p_ldns_new_res(ldns_resolver** new_res, ldns_status *s) { assert(new_res && s); if (!(*s = ldns_resolver_new_frm_file(new_res, NULL))) { ldns_resolver_set_dnssec(*new_res, 1); ldns_resolver_set_dnssec_cd(*new_res, 1); return *new_res; } ldns_resolver_free(*new_res); return (*new_res = NULL); } static ldns_status sigchase(ldns_resolver* res, ldns_rdf *zone_name, ldns_dnssec_rrsets *zonekeys, ldns_rr_list *keys) { ldns_dnssec_rrs* cur_key; ldns_status status; ldns_resolver* new_res = NULL; ldns_rdf* parent_name = NULL; ldns_rr_list* parent_keys = NULL; ldns_rr_list* ds_keys = NULL; add_keys_with_matching_ds(zonekeys, keys, keys); /* First try to authenticate the keys offline. * When do_sigchase is given validation may continue lookup up * keys online. Reporting the failure of the offline validation * should then be suppressed. */ no_nomatch_msg = do_sigchase; status = verify_dnssec_rrset(zone_name, zone_name, zonekeys, keys); no_nomatch_msg = false; /* Continue online on validation failure when the -S option was given. */ if ( !do_sigchase || status != LDNS_STATUS_CRYPTO_NO_MATCHING_KEYTAG_DNSKEY || ldns_dname_label_count(zone_name) == 0 ) { if (verbosity > 0) { fprintf(myerr, "Cannot chase the root: %s\n" , ldns_get_errorstr_by_id(status)); } } else if (!res && !(res = p_ldns_new_res(&new_res, &status))) { if (verbosity > 0) { fprintf(myerr, "Could not create resolver: %s\n" , ldns_get_errorstr_by_id(status)); } } else if (!(parent_name = ldns_dname_left_chop(zone_name))) { status = LDNS_STATUS_MEM_ERR; /* * Use the (authenticated) keys of the parent zone ... */ } else if (!(parent_keys = ldns_fetch_valid_domain_keys(res, parent_name, keys, &status))) { if (verbosity > 0) { fprintf(myerr, "Could not get valid DNSKEY RRset to " "validate domain's DS: %s\n", ldns_get_errorstr_by_id(status) ); } /* * ... to validate the DS for the zone ... */ } else if (!(ds_keys = ldns_validate_domain_ds(res, zone_name, parent_keys))) { status = LDNS_STATUS_CRYPTO_NO_TRUSTED_DS; if (verbosity > 0) { fprintf(myerr, "Could not get valid DS RRset for domain: %s\n", ldns_get_errorstr_by_id(status) ); } } else { /* * ... to use it to add the KSK to the trusted keys ... */ add_keys_with_matching_ds(zonekeys, ds_keys, keys); /* * ... to validate all zonekeys ... */ status = verify_dnssec_rrset(zone_name, zone_name, zonekeys, keys); } /* * ... so they can all be added to our list of trusted keys. */ ldns_resolver_deep_free(new_res); ldns_rdf_deep_free(parent_name); ldns_rr_list_free(parent_keys); ldns_rr_list_free(ds_keys); if (status == LDNS_STATUS_OK) for (cur_key = zonekeys->rrs; cur_key; cur_key = cur_key->next) ldns_rr_list_push_rr(keys, cur_key->rr); return status; } static ldns_status verify_dnssec_zone(ldns_dnssec_zone *dnssec_zone, ldns_rdf *zone_name, ldns_rr_list *keys, bool apexonly, int percentage, bool detached_zonemd) { ldns_rbnode_t *cur_node; ldns_dnssec_rrsets *cur_key_rrset; ldns_dnssec_rrs *cur_key; ldns_status status; ldns_status result = LDNS_STATUS_OK; cur_key_rrset = ldns_dnssec_zone_find_rrset(dnssec_zone, zone_name, LDNS_RR_TYPE_DNSKEY); if (!cur_key_rrset || !cur_key_rrset->rrs) { if (verbosity > 0) { fprintf(myerr, "Error: No DNSKEY records at zone apex\n"); } result = LDNS_STATUS_ERR; } else { /* are keys given with -k to use for validation? */ if (ldns_rr_list_rr_count(keys) > 0) { if ((result = sigchase(NULL, zone_name, cur_key_rrset, keys))) goto error; } else for (cur_key = cur_key_rrset->rrs; cur_key; cur_key = cur_key->next) ldns_rr_list_push_rr(keys, cur_key->rr); cur_node = ldns_rbtree_first(dnssec_zone->names); if (cur_node == LDNS_RBTREE_NULL) { if (verbosity > 0) { fprintf(myerr, "Error: Empty zone?\n"); } result = LDNS_STATUS_ERR; } if (apexonly) { /* * In this case, only the first node in the treewalk * below should be checked. */ assert( cur_node->data == dnssec_zone->soa ); /* * Although the percentage option doesn't make sense * here, we set it to 100 to force the first node to * be checked. */ percentage = 100; } while (cur_node != LDNS_RBTREE_NULL) { /* should we check this one? saves calls to random. */ if (percentage == 100 || ((random() % 100) >= 100 - percentage)) { status = verify_dnssec_name(zone_name, dnssec_zone, cur_node, keys, detached_zonemd); update_error(&result, status); if (apexonly) break; } cur_node = ldns_rbtree_next(cur_node); } } error: ldns_rr_list_free(keys); return result; } static void print_usage(FILE *out, const char *progname) { fprintf(out, "Usage: %s [OPTIONS] \n", progname); fprintf(out, "\tReads the zonefile and checks for DNSSEC errors.\n"); fprintf(out, "\nIt checks whether NSEC(3)s are present, " "and verifies all signatures\n"); fprintf(out, "It also checks the NSEC(3) chain, but it " "will error on opted-out delegations\n"); fprintf(out, "It also checks whether ZONEMDs are present, and if so, " "needs one of them to match the zone's data.\n"); fprintf(out, "\nOPTIONS:\n"); fprintf(out, "\t-h\t\tshow this text\n"); fprintf(out, "\t-a\t\tapex only, check only the zone apex\n"); fprintf(out, "\t-e \tsignatures may not expire " "within this period.\n\t\t\t" "(default no period is used)\n"); fprintf(out, "\t-i \tsignatures must have been " "valid at least this long.\n\t\t\t" "(default signatures should just be valid now)\n"); fprintf(out, "\t-k \tspecify a file that contains a " "trusted DNSKEY or DS rr.\n\t\t\t" "This option may be given more than once.\n" "\t\t\tDefault is %s\n", LDNS_TRUST_ANCHOR_FILE); fprintf(out, "\t-p [0-100]\tonly checks this percentage of " "the zone.\n\t\t\tDefaults to 100\n"); fprintf(out, "\t-s\t\tcheck all signature results, instead of one.\n"); fprintf(out, "\t-S\t\tchase signature(s) to a known key. " "The network may be\n\t\t\taccessed to " "validate the zone's DNSKEYs. (implies -k)\n"); fprintf(out, "\t-t YYYYMMDDhhmmss | [+|-]offset\n\t\t\t" "set the validation time either by an " "absolute time\n\t\t\tvalue or as an " "offset in seconds from .\n\t\t\t" "For data that came from the network (while " "chasing),\n\t\t\tsystem time will be used " "for validating it regardless.\n"); fprintf(out, "\t-v\t\tshows the version and exits\n"); fprintf(out, "\t-V [0-5]\tset verbosity level (default 3)\n"); fprintf(out, "\t-Z\t\tRequires a valid ZONEMD RR to be present.\n"); fprintf(out, "\t\t\tWhen given once, this option will permit verifying" "\n\t\t\tjust the ZONEMD RR of an unsigned zone. When given " "\n\t\t\tmore than once, the zone needs to be validly DNSSEC" "\n\t\t\tsigned as well. With three times a -Z option (-ZZZ)" "\n\t\t\ta ZONEMD RR without signatures is allowed."); fprintf(out, "\ns are given in ISO 8601 duration format: " "P[n]Y[n]M[n]DT[n]H[n]M[n]S\n"); fprintf(out, "\nif no file is given standard input is read\n"); } int main(int argc, char **argv) { char *filename; FILE *fp; int line_nr = 0; int c; ldns_status s; ldns_dnssec_zone *dnssec_zone = NULL; ldns_status result = LDNS_STATUS_ERR; bool apexonly = false; int percentage = 100; struct tm tm; ldns_duration_type *duration; ldns_rr_list *keys = ldns_rr_list_new(); size_t nkeys = 0; const char *progname = argv[0]; int zonemd_required = 0; ldns_dnssec_rrsets *zonemd_rrset; check_time = ldns_time(NULL); myout = stdout; myerr = stderr; while ((c = getopt(argc, argv, "ae:hi:k:vV:p:sSt:Z")) != -1) { switch(c) { case 'a': apexonly = true; break; case 'h': print_usage(stdout, progname); ldns_rr_list_deep_free(keys); exit(EXIT_SUCCESS); break; case 'e': case 'i': duration = ldns_duration_create_from_string(optarg); if (!duration) { if (verbosity > 0) { fprintf(myerr, " should be in ISO " "8601 duration format: " "P[n]Y[n]M[n]DT[n]H[n]M[n]S\n" ); } ldns_rr_list_deep_free(keys); exit(EXIT_FAILURE); } if (c == 'e') expiration_offset = ldns_duration2time(duration); else inception_offset = ldns_duration2time(duration); break; case 'k': s = read_key_file(optarg, keys); if (s == LDNS_STATUS_FILE_ERR) { if (verbosity > 0) { fprintf(myerr, "Error opening %s: %s\n", optarg, strerror(errno)); } } if (s != LDNS_STATUS_OK) { if (verbosity > 0) { fprintf(myerr, "Could not parse key file " "%s: %s\n",optarg, ldns_get_errorstr_by_id(s)); } ldns_rr_list_deep_free(keys); exit(EXIT_FAILURE); } if (ldns_rr_list_rr_count(keys) == nkeys) { if (verbosity > 0) { fprintf(myerr, "No keys found in file %s\n", optarg); } ldns_rr_list_deep_free(keys); exit(EXIT_FAILURE); } nkeys = ldns_rr_list_rr_count(keys); break; case 'p': percentage = atoi(optarg); if (percentage < 0 || percentage > 100) { if (verbosity > 0) { fprintf(myerr, "percentage needs to fall " "between 0..100\n"); } ldns_rr_list_deep_free(keys); exit(EXIT_FAILURE); } srandom(time(NULL) ^ getpid()); break; case 's': check_all_sigs = 1; break; case 'S': do_sigchase = true; /* may chase */ break; case 't': if (strlen(optarg) == 14 && sscanf(optarg, "%4d%2d%2d%2d%2d%2d", &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour, &tm.tm_min , &tm.tm_sec ) == 6) { tm.tm_year -= 1900; tm.tm_mon--; check_time = ldns_mktime_from_utc(&tm); } else { check_time += atoi(optarg); } break; case 'v': printf("verify-zone version %s (ldns version %s)\n", LDNS_VERSION, ldns_version()); ldns_rr_list_deep_free(keys); exit(EXIT_SUCCESS); break; case 'V': verbosity = atoi(optarg); break; case 'Z': zonemd_required += 1; break; } } if (do_sigchase && nkeys == 0) { (void) read_key_file(LDNS_TRUST_ANCHOR_FILE, keys); nkeys = ldns_rr_list_rr_count(keys); if (nkeys == 0) { if (verbosity > 0) { fprintf(myerr, "Unable to chase " "signature without keys.\n"); } ldns_rr_list_deep_free(keys); exit(EXIT_FAILURE); } } argc -= optind; argv += optind; if (argc == 0) { fp = stdin; } else if (argc == 1) { filename = argv[0]; fp = fopen(filename, "r"); if (!fp) { if (verbosity > 0) { fprintf(myerr, "Unable to open %s: %s\n", filename, strerror(errno)); } ldns_rr_list_deep_free(keys); exit(EXIT_FAILURE); } } else { print_usage(stderr, progname); ldns_rr_list_deep_free(keys); exit(EXIT_FAILURE); } s = ldns_dnssec_zone_new_frm_fp_l(&dnssec_zone, fp, NULL, 0, LDNS_RR_CLASS_IN, &line_nr); if (s != LDNS_STATUS_OK) { if (verbosity > 0) { fprintf(myerr, "%s at line %d\n", ldns_get_errorstr_by_id(s), line_nr); } ldns_rr_list_deep_free(keys); exit(EXIT_FAILURE); } if (!dnssec_zone->soa) { if (verbosity > 0) { fprintf(myerr, "; Error: no SOA in the zone\n"); } ldns_rr_list_deep_free(keys); exit(EXIT_FAILURE); } result = ldns_dnssec_zone_mark_glue(dnssec_zone); if (result != LDNS_STATUS_OK) { if (verbosity > 0) { fprintf(myerr, "There were errors identifying the " "glue in the zone\n"); } } if (verbosity >= 5) { ldns_dnssec_zone_print(myout, dnssec_zone); } zonemd_rrset = ldns_dnssec_zone_find_rrset(dnssec_zone, dnssec_zone->soa->name, LDNS_RR_TYPE_ZONEMD); if (zonemd_required == 1 && !ldns_dnssec_zone_find_rrset(dnssec_zone, dnssec_zone->soa->name, LDNS_RR_TYPE_DNSKEY)) { ldns_rr_list_deep_free(keys); result = LDNS_STATUS_OK; } else result = verify_dnssec_zone(dnssec_zone, dnssec_zone->soa->name, keys, apexonly, percentage, zonemd_required > 2); if (zonemd_rrset) { ldns_status zonemd_result = ldns_dnssec_zone_verify_zonemd(dnssec_zone); if (zonemd_result) fprintf( myerr, "Could not validate zone digest: %s\n" , ldns_get_errorstr_by_id(zonemd_result)); else if (verbosity > 3) fprintf( myout , "Zone digest matched the zone content\n"); if (zonemd_result) result = zonemd_result; } else if (zonemd_required) result = LDNS_STATUS_NO_ZONEMD; if (result == LDNS_STATUS_OK) { if (verbosity >= 3) { fprintf(myout, "Zone is verified and complete\n"); } } else if (verbosity > 0) fprintf(myerr, "There were errors in the zone\n"); ldns_dnssec_zone_deep_free(dnssec_zone); fclose(fp); exit(result); } #else int main(int argc, char **argv) { fprintf(stderr, "ldns-verify-zone needs OpenSSL support, " "which has not been compiled in\n"); return 1; } #endif /* HAVE_SSL */ ldns-1.9.0/examples/ldns-testpkts.h0000664000175000017500000002206215114326257016645 0ustar willemwillem/* * ldns-testpkts. Data file parse for test packets, and query matching. * * Data storage for specially crafted replies for testing purposes. * * (c) NLnet Labs, 2005, 2006, 2007 * See the file LICENSE for the license */ #ifndef LDNS_TESTPKTS_H #define LDNS_TESTPKTS_H /** * \file * * This is a debugging aid. It is not efficient, especially * with a long config file, but it can give any reply to any query. * This can help the developer pre-script replies for queries. * * You can specify a packet RR by RR with header flags to return. * * Missing features: * - matching content different from reply content. * - find way to adjust mangled packets? * */ /* The data file format is as follows: ; comment. ; a number of entries, these are processed first to last. ; a line based format. $ORIGIN origin $TTL default_ttl ENTRY_BEGIN ; first give MATCH lines, that say what queries are matched ; by this entry. ; 'opcode' makes the query match the opcode from the reply ; if you leave it out, any opcode matches this entry. ; 'qtype' makes the query match the qtype from the reply ; 'qname' makes the query match the qname from the reply ; 'subdomain' makes the query match subdomains of qname from the reply ; 'serial=1023' makes the query match if ixfr serial is 1023. ; 'all' has to match header byte for byte and all rrs in packet. ; 'ttl' used with all, rrs in packet must also have matching TTLs. ; 'DO' will match only queries with DO bit set. ; 'noedns' matches queries without EDNS OPT records. ; 'ednsdata' matches queries to HEX_EDNS section. ; 'udp_size=1232' makes the query match if: ; udp_size in query edns0 field >= 1232, ; or the query came over TCP. MATCH [opcode] [qtype] [qname] [serial=] [all] [ttl] MATCH [UDP|TCP] DO MATCH ... ; Then the REPLY header is specified. REPLY opcode, rcode or flags. (opcode) QUERY IQUERY STATUS NOTIFY UPDATE (rcode) NOERROR FORMERR SERVFAIL NXDOMAIN NOTIMPL YXDOMAIN YXRRSET NXRRSET NOTAUTH NOTZONE (flags) QR AA TC RD CD RA AD DO REPLY ... ; any additional actions to do. ; 'copy_id' copies the ID from the query to the answer. ADJUST copy_id ; 'copy_query' copies the query name, type and class to the answer. ADJUST copy_query ; 'sleep=10' sleeps for 10 seconds before giving the answer (TCP is open) ADJUST [sleep=] ; sleep before giving any reply ADJUST [packet_sleep=] ; sleep before this packet in sequence SECTION QUESTION ; the RRcount is determined automatically. SECTION ANSWER SECTION AUTHORITY SECTION ADDITIONAL EXTRA_PACKET ; follow with SECTION, REPLY for more packets. HEX_ANSWER_BEGIN ; follow with hex data ; this replaces any answer packet constructed ; with the SECTION keywords (only SECTION QUERY ; is used to match queries). If the data cannot ; be parsed, ADJUST rules for the answer packet ; are ignored. Only copy_id is done. HEX_ANSWER_END HEX_EDNS_BEGIN ; follow with hex data. ; Raw EDNS data to match against. It must be an ; exact match (all options are matched) and will be ; evaluated only when 'MATCH ednsdata' given. HEX_EDNS_END ENTRY_END Example data file: $ORIGIN nlnetlabs.nl $TTL 3600 ENTRY_BEGIN MATCH qname REPLY NOERROR ADJUST copy_id SECTION QUESTION www.nlnetlabs.nl. IN A SECTION ANSWER www.nlnetlabs.nl. IN A 195.169.215.155 SECTION AUTHORITY nlnetlabs.nl. IN NS www.nlnetlabs.nl. ENTRY_END ENTRY_BEGIN MATCH qname REPLY NOERROR ADJUST copy_id SECTION QUESTION www2.nlnetlabs.nl. IN A HEX_ANSWER_BEGIN ; 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 ;-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- 00 bf 81 80 00 01 00 01 00 02 00 02 03 77 77 77 0b 6b 61 6e ; 1- 20 61 72 69 65 70 69 65 74 03 63 6f 6d 00 00 01 00 01 03 77 77 ; 21- 40 77 0b 6b 61 6e 61 72 69 65 70 69 65 74 03 63 6f 6d 00 00 01 ; 41- 60 00 01 00 01 50 8b 00 04 52 5e ed 32 0b 6b 61 6e 61 72 69 65 ; 61- 80 70 69 65 74 03 63 6f 6d 00 00 02 00 01 00 01 50 8b 00 11 03 ; 81- 100 6e 73 31 08 68 65 78 6f 6e 2d 69 73 02 6e 6c 00 0b 6b 61 6e ; 101- 120 61 72 69 65 70 69 65 74 03 63 6f 6d 00 00 02 00 01 00 01 50 ; 121- 140 8b 00 11 03 6e 73 32 08 68 65 78 6f 6e 2d 69 73 02 6e 6c 00 ; 141- 160 03 6e 73 31 08 68 65 78 6f 6e 2d 69 73 02 6e 6c 00 00 01 00 ; 161- 180 01 00 00 46 53 00 04 52 5e ed 02 03 6e 73 32 08 68 65 78 6f ; 181- 200 6e 2d 69 73 02 6e 6c 00 00 01 00 01 00 00 46 53 00 04 d4 cc ; 201- 220 db 5b HEX_ANSWER_END ENTRY_END note that this file will link with your void verbose(int level, char* format, ...); output function. */ #include /** Type of transport, since some entries match based on UDP or TCP of query */ enum transport_type {transport_any = 0, transport_udp, transport_tcp }; /** struct to keep a linked list of reply packets for a query */ struct reply_packet { /** next in list of reply packets, for TCP multiple pkts on wire */ struct reply_packet* next; /** the reply pkt */ ldns_pkt* reply; /** Additional EDNS data for matching queries. */ ldns_buffer* raw_ednsdata; /** or reply pkt in hex if not parsable */ ldns_buffer* reply_from_hex; /** seconds to sleep before giving packet */ unsigned int packet_sleep; }; /** data structure to keep the canned queries in. format is the 'matching query' and the 'canned answer' */ struct entry { /* match */ /* How to match an incoming query with this canned reply */ /** match query opcode with answer opcode */ bool match_opcode; /** match qtype with answer qtype */ bool match_qtype; /** match qname with answer qname */ bool match_qname; /** match qname as subdomain of answer qname */ bool match_subdomain; /** match SOA serial number, from auth section */ bool match_serial; /** match all of the packet */ bool match_all; /** match ttls in the packet */ bool match_ttl; /** match DO bit */ bool match_do; /** match CO bit */ bool match_co; /** match absence of EDNS OPT record in query */ bool match_noedns; /** match edns data field given in hex */ bool match_ednsdata_raw; /** match query serial with this value. */ uint32_t ixfr_soa_serial; /** match on UDP/TCP */ enum transport_type match_transport; /** match on edns udp size (larger or equal) */ uint16_t match_udp_size; /** pre canned reply */ struct reply_packet *reply_list; /** how to adjust the reply packet */ /** copy over the ID from the query into the answer */ bool copy_id; /** copy the query nametypeclass from query into the answer */ bool copy_query; /** in seconds */ unsigned int sleeptime; /** some number that names this entry, line number in file or so */ int lineno; /** next in list */ struct entry* next; }; /** * reads the canned reply file and returns a list of structs * does an exit on error. * @param name: name of the file to read. * @param skip_whitespace: skip leftside whitespace. */ struct entry* read_datafile(const char* name, int skip_whitespace); /** * Delete linked list of entries. */ void delete_entry(struct entry* list); /** * Read one entry from the data file. * @param in: file to read from. Filepos must be at the start of a new line. * @param name: name of the file for prettier errors. * @param lineno: line number in file, incremented as lines are read. * for prettier errors. * @param default_ttl: on first call set to default TTL for entries, * later it stores the $TTL value last seen. Try 3600 first call. * @param origin: domain name for origin appending. Can be &NULL on first call. * later it stores the $ORIGIN value last seen. Often &NULL or the zone * name on first call. * @param prev_rr: previous rr name for correcter parsing. &NULL on first call. * @param skip_whitespace: skip leftside whitespace. * @return: The entry read (malloced) or NULL if no entry could be read. */ struct entry* read_entry(FILE* in, const char* name, int *lineno, uint32_t* default_ttl, ldns_rdf** origin, ldns_rdf** prev_rr, int skip_whitespace); /** * finds entry in list, or returns NULL. */ struct entry* find_match(struct entry* entries, ldns_pkt* query_pkt, enum transport_type transport); /** * copy & adjust packet */ void adjust_packet(struct entry* match, ldns_pkt* answer_pkt, ldns_pkt* query_pkt); /** * Parses data buffer to a query, finds the correct answer * and calls the given function for every packet to send. * if verbose_out filename is given, packets are dumped there. * @param inbuf: the packet that came in * @param inlen: length of packet. * @param entries: entries read in from datafile. * @param count: is increased to count number of queries answered. * @param transport: set to UDP or TCP to match some types of entries. * @param sendfunc: called to send answer (buffer, size, userarg). * @param userdata: userarg to give to sendfunc. * @param verbose_out: if not NULL, verbose messages are printed there. */ void handle_query(uint8_t* inbuf, ssize_t inlen, struct entry* entries, int* count, enum transport_type transport, void (*sendfunc)(uint8_t*, size_t, void*), void* userdata, FILE* verbose_out); #endif /* LDNS_TESTPKTS_H */ ldns-1.9.0/examples/ldns-signzone.10000664000175000017500000001267315114326257016540 0ustar willemwillem.TH ldns-signzone 1 "13 March 2018" .SH NAME ldns-signzone \- sign a zonefile with DNSSEC data .SH SYNOPSIS .B ldns-signzone [ .IR OPTIONS ] .IR ZONEFILE .IR KEY [KEY [KEY] ... ] .SH DESCRIPTION \fBldns-signzone\fR is used to generate a DNSSEC signed zone. When run it will create a new zonefile that contains RRSIG and NSEC(3) resource records, as specified in RFC 4033, RFC 4034 and RFC 4035. Keys must be specified by their base name (i.e. without .private). If the DNSKEY that belongs to the key in the .private file is not present in the zone, it will be read from the file .key. If that file does not exist, the DNSKEY value will be generated from the private key. Multiple keys can be specified. Key Signing Keys are used as such when they are either already present in the zone, or specified in a .key file, and have the SEP bit set. .SH OPTIONS .TP \fB-b\fR Augments the zone and the RR's with extra comment texts for a more readable layout, easier to debug. DS records will have a bubblebabble version of the data in the comment text, NSEC3 records will have the unhashed owner names in the comment text. Without this option, only DNSKEY RR's will have their Key Tag annotated in the comment text. .TP \fB-d\fR Do not add DNSKEY resource records for used keys to the signed zone. .TP \fB-e\fR \fIdate\fR Set expiration date of the signatures to this date, the format can be YYYYMMDD[hhmmss], or a timestamp. .TP \fB-f\fR \fIfile\fR Use this file to store the signed zone in (default .signed) .TP \fB-i\fR \fIdate\fR Set inception date of the signatures to this date, the format can be YYYYMMDD[hhmmss], or a timestamp. .TP \fB-o\fR \fIorigin\fR Use this as the origin of the zone .TP \fB-u\fR set SOA serial to the number of seconds since 1-1-1970 .TP \fB-v\fR Print the version and exit .TP \fB-z\fR \fI[scheme:]hash\fR Calculate the zone's digest and add those as ZONEMD RRs. The (optional) `scheme' must be `simple` (or 1) and `hash' should be `sha384' (or 1) or `sha512' (or 2). This option can be given more than once. .TP \fB-Z\fR Allow ZONEMDs to be added without signing .TP \fB-A\fR Sign the DNSKEY record with all keys. By default it is signed with a minimal number of keys, to keep the response size for the DNSKEY query small, and only the SEP keys that are passed are used. If there are no SEP keys, the DNSKEY RRset is signed with the non\-SEP keys. This option turns off the default and all keys are used to sign the DNSKEY RRset. .TP \fB-U\fR Sign with every unique algorithm in the provided keys. The DNSKEY set is signed with all the SEP keys, plus all the non\-SEP keys that have an algorithm that was not present in the SEP key set. .TP \fB-E\fR \fIname\fR Use the EVP cryptographic engine with the given name for signing. This can have some extra options; see ENGINE OPTIONS for more information. .TP \fB-K\fR \fIalgorithm-id,key-id\fR Use the key `key-id' as the signing key for algorithm `algorithm-id' as a Key Signing Key (KSK). This option is used when you use an OpenSSL engine, see ENGINE OPTIONS for more information. .TP \fB-k\fR \fIalgorithm-id,key-id\fR Use the key `key-id' as the signing key for algorithm `algorithm-id' as a Zone Signing Key (ZSK). This option is used when you use an OpenSSL engine, see ENGINE OPTIONS for more information. .TP \fB-n\fR Use NSEC3 instead of NSEC. .TP If you use NSEC3, you can specify the following extra options: .TP \fB-a\fR \fIalgorithm\fR Algorithm used to create the hashed NSEC3 owner names .TP \fB-p\fR Opt-out. All NSEC3 records in the zone will have the Opt-out flag set. After signing, you can add insecure delegations to the signed zone. .TP \fB-s\fR \fIstring\fR Salt .TP \fB-t\fR \fInumber\fR Number of hash iterations .SH ENGINE OPTIONS You can modify the possible engines, if supported, by setting an OpenSSL configuration file. This is done through the environment variable OPENSSL_CONF. The key options (\-k and \-K) work as follows: you specify a DNSSEC algorithm (using its symbolic name, for instance, RSASHA256 or its numeric identifier, for instance, 8), followed by a comma and a key identifier (white space is not allowed between the algorithm and the comma and between the comma and the key identifier). The key identifier can be any of the following: : id_ slot_-id_ label_